Asterisk - The Open Source Telephony Project GIT-master-67613d1
Data Structures | Macros | Functions | Variables
named_acl.c File Reference

Named Access Control Lists. More...

#include "asterisk.h"
#include "asterisk/config.h"
#include "asterisk/config_options.h"
#include "asterisk/utils.h"
#include "asterisk/module.h"
#include "asterisk/cli.h"
#include "asterisk/acl.h"
#include "asterisk/astobj2.h"
#include "asterisk/paths.h"
#include "asterisk/stasis.h"
#include "asterisk/json.h"
#include "asterisk/security_events.h"
Include dependency graph for named_acl.c:

Go to the source code of this file.

Data Structures

struct  named_acl
 
struct  named_acl_config
 

Macros

#define ACL_FAMILY   "acls"
 
#define AST_MODULE   "acl"
 
#define NACL_CONFIG   "acl.conf"
 

Functions

static void __reg_module (void)
 
static void __unreg_module (void)
 
static int acl_order_comparator (struct ast_category *p, struct ast_category *q)
 
static AO2_GLOBAL_OBJ_STATIC (globals)
 
struct ast_moduleAST_MODULE_SELF_SYM (void)
 
struct ast_haast_named_acl_find (const char *name, int *is_realtime, int *is_undefined)
 Retrieve a named ACL. More...
 
static void cli_display_named_acl (int fd, const char *name)
 
static void cli_display_named_acl_list (int fd)
 
 CONFIG_INFO_CORE ("named_acl", cfg_info, globals, named_acl_config_alloc,.files=ACO_FILES(&named_acl_conf),)
 
static void destroy_named_acl (void *obj)
 Destroy a named ACL object. More...
 
static char * handle_show_named_acl_cmd (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
 ACL command show <name> More...
 
static int load_module (void)
 
static void * named_acl_alloc (const char *cat)
 Create a named ACL structure. More...
 
static void * named_acl_config_alloc (void)
 allocator callback for named_acl_config. Notice it returns void * since it is used by the backend config code More...
 
static void named_acl_config_destructor (void *obj)
 destructor for named_acl_config More...
 
static void * named_acl_find (struct ao2_container *container, const char *cat)
 Find a named ACL in a container by its name. More...
 
static struct named_aclnamed_acl_find_realtime (const char *name)
 
static int publish_acl_change (const char *name)
 
static int reload_module (void)
 
 STASIS_MESSAGE_TYPE_DEFN (ast_named_acl_change_type)
 Message type for named ACL changes. More...
 
static int unload_module (void)
 

Variables

static struct ast_module_info __mod_info = { .name = "acl" , .flags = AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER , .description = "Named ACL system" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = AST_BUILDOPT_SUM, .support_level = AST_MODULE_SUPPORT_CORE, .load = load_module, .unload = unload_module, .reload = reload_module, .load_pri = AST_MODPRI_CORE, .requires = "extconfig", }
 
static const struct ast_module_infoast_module_info = &__mod_info
 
static struct ast_cli_entry cli_named_acl []
 
struct aco_file named_acl_conf
 
static struct aco_type named_acl_type
 
struct aco_typenamed_acl_types [] = ACO_TYPES(&named_acl_type)
 

Detailed Description

Named Access Control Lists.

Author
Jonathan Rose jrose.nosp@m.@dig.nosp@m.ium.c.nosp@m.om
Note
Based on a feature proposed by Olle E. Johansson oej@e.nosp@m.dvin.nosp@m.a.net

Definition in file named_acl.c.

Macro Definition Documentation

◆ ACL_FAMILY

#define ACL_FAMILY   "acls"

Definition at line 50 of file named_acl.c.

◆ AST_MODULE

#define AST_MODULE   "acl"

Definition at line 33 of file named_acl.c.

◆ NACL_CONFIG

#define NACL_CONFIG   "acl.conf"

Definition at line 49 of file named_acl.c.

Function Documentation

◆ __reg_module()

static void __reg_module ( void  )
static

Definition at line 590 of file named_acl.c.

◆ __unreg_module()

static void __unreg_module ( void  )
static

Definition at line 590 of file named_acl.c.

◆ acl_order_comparator()

static int acl_order_comparator ( struct ast_category p,
struct ast_category q 
)
static

Definition at line 201 of file named_acl.c.

202{
203 int p_value = 0, q_value = 0;
204 struct ast_variable *p_var = ast_category_first(p);
205 struct ast_variable *q_var = ast_category_first(q);
206
207 while (p_var) {
208 if (!strcasecmp(p_var->name, "rule_order")) {
209 p_value = atoi(p_var->value);
210 break;
211 }
212 p_var = p_var->next;
213 }
214
215 while (q_var) {
216 if (!strcasecmp(q_var->name, "rule_order")) {
217 q_value = atoi(q_var->value);
218 break;
219 }
220 q_var = q_var->next;
221 }
222
223 if (p_value < q_value) {
224 return -1;
225 } else if (q_value < p_value) {
226 return 1;
227 }
228
229 return 0;
230}
struct ast_variable * ast_category_first(struct ast_category *cat)
given a pointer to a category, return the root variable.
Definition: main/config.c:1246
Structure for variables, used for configurations and for channel variables.
struct ast_variable * next

References ast_category_first(), ast_variable::name, ast_variable::next, and ast_variable::value.

Referenced by named_acl_find_realtime().

◆ AO2_GLOBAL_OBJ_STATIC()

static AO2_GLOBAL_OBJ_STATIC ( globals  )
static

◆ AST_MODULE_SELF_SYM()

struct ast_module * AST_MODULE_SELF_SYM ( void  )

Definition at line 590 of file named_acl.c.

◆ ast_named_acl_find()

struct ast_ha * ast_named_acl_find ( const char *  name,
int *  is_realtime,
int *  is_undefined 
)

Retrieve a named ACL.

This function attempts to find a named ACL. If found, a copy of the requested ACL will be made which must be freed by the caller.

Parameters
nameName of the ACL sought
[out]is_realtimewill be true if the ACL being returned is from realtime
[out]is_undefinedwill be true if no ACL profile can be found for the requested name
Returns
A copy of the named ACL as an ast_ha
Return values
NULLif no ACL could be found.

Definition at line 293 of file named_acl.c.

294{
295 struct ast_ha *ha = NULL;
296
299
300 if (is_realtime) {
301 *is_realtime = 0;
302 }
303
304 if (is_undefined) {
305 *is_undefined = 0;
306 }
307
308 /* If the config or its named_acl_list hasn't been initialized, abort immediately. */
309 if ((!cfg) || (!(cfg->named_acl_list))) {
310 ast_log(LOG_ERROR, "Attempted to find named ACL '%s', but the ACL configuration isn't available.\n", name);
311 return NULL;
312 }
313
314 named_acl = named_acl_find(cfg->named_acl_list, name);
315
316 /* If a named ACL couldn't be retrieved locally, we need to try realtime storage. */
317 if (!named_acl) {
318 RAII_VAR(struct named_acl *, realtime_acl, NULL, ao2_cleanup);
319
320 /* Attempt to create from realtime */
321 if ((realtime_acl = named_acl_find_realtime(name))) {
322 if (is_realtime) {
323 *is_realtime = 1;
324 }
325 ha = ast_duplicate_ha_list(realtime_acl->ha);
326 return ha;
327 }
328
329 /* Couldn't create from realtime. Raise relevant flags and print relevant warnings. */
331 ast_log(LOG_WARNING, "ACL '%s' does not exist. The ACL will be marked as undefined and will automatically fail if applied.\n"
332 "This ACL may exist in the configured realtime backend, but that backend hasn't been registered yet. "
333 "Fix this establishing preload for the backend in 'modules.conf'.\n", name);
334 } else {
335 ast_log(LOG_WARNING, "ACL '%s' does not exist. The ACL will be marked as undefined and will automatically fail if applied.\n", name);
336 }
337
338 if (is_undefined) {
339 *is_undefined = 1;
340 }
341
342 return NULL;
343 }
344
346
347 if (!ha) {
348 ast_log(LOG_NOTICE, "ACL '%s' contains no rules. It is valid, but it will accept addresses unconditionally.\n", name);
349 }
350
351 return ha;
352}
struct ast_ha * ast_duplicate_ha_list(struct ast_ha *original)
Duplicate the contents of a list of host access rules.
Definition: acl.c:276
#define ast_log
Definition: astobj2.c:42
#define ao2_cleanup(obj)
Definition: astobj2.h:1934
#define ao2_global_obj_ref(holder)
Get a reference to the object stored in the global holder.
Definition: astobj2.h:918
static struct console_pvt globals
static const char name[]
Definition: format_mp3.c:68
int ast_realtime_is_mapping_defined(const char *family)
Determine if a mapping exists for a given family.
Definition: main/config.c:3193
int ast_check_realtime(const char *family)
Check if realtime engine is configured for family.
Definition: main/config.c:3530
#define LOG_ERROR
#define LOG_NOTICE
#define LOG_WARNING
static void * named_acl_find(struct ao2_container *container, const char *cat)
Find a named ACL in a container by its name.
Definition: named_acl.c:182
static struct named_acl * named_acl_find_realtime(const char *name)
Definition: named_acl.c:240
#define ACL_FAMILY
Definition: named_acl.c:50
#define NULL
Definition: resample.c:96
internal representation of ACL entries In principle user applications would have no need for this,...
Definition: acl.h:51
struct ast_ha * ha
Definition: named_acl.c:109
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
Definition: utils.h:941

References ACL_FAMILY, ao2_cleanup, ao2_global_obj_ref, ast_check_realtime(), ast_duplicate_ha_list(), ast_log, ast_realtime_is_mapping_defined(), globals, named_acl::ha, LOG_ERROR, LOG_NOTICE, LOG_WARNING, name, named_acl_find(), named_acl_find_realtime(), NULL, and RAII_VAR.

Referenced by ast_append_acl().

◆ cli_display_named_acl()

static void cli_display_named_acl ( int  fd,
const char *  name 
)
static

Definition at line 412 of file named_acl.c.

413{
414 int is_realtime = 0;
415
418
419 /* If the configuration or the configuration's named_acl_list is unavailable, abort. */
420 if ((!cfg) || (!cfg->named_acl_list)) {
421 ast_log(LOG_ERROR, "Attempted to show named ACL '%s', but the acl configuration isn't available.\n", name);
422 return;
423 }
424
425 named_acl = named_acl_find(cfg->named_acl_list, name);
426
427 /* If the named_acl couldn't be found with the search, also abort. */
428 if (!named_acl) {
430 ast_cli(fd, "\nCould not find ACL named '%s'\n", name);
431 return;
432 }
433
434 is_realtime = 1;
435 }
436
437 ast_cli(fd, "\nACL: %s%s\n---------------------------------------------\n", name, is_realtime ? " (realtime)" : "");
439}
void ast_ha_output(int fd, const struct ast_ha *ha, const char *prefix)
output an HA to the provided fd
Definition: acl.c:1086
void ast_cli(int fd, const char *fmt,...)
Definition: clicompat.c:6

References ao2_cleanup, ao2_global_obj_ref, ast_cli(), ast_ha_output(), ast_log, globals, named_acl::ha, LOG_ERROR, name, named_acl_find(), named_acl_find_realtime(), NULL, and RAII_VAR.

Referenced by handle_show_named_acl_cmd().

◆ cli_display_named_acl_list()

static void cli_display_named_acl_list ( int  fd)
static

Definition at line 447 of file named_acl.c.

448{
449 struct ao2_iterator i;
450 void *o;
452
453 ast_cli(fd, "\nacl\n---\n");
454
455 if (!cfg || !cfg->named_acl_list) {
456 ast_cli(fd, "ACL configuration isn't available.\n");
457 return;
458 }
459 i = ao2_iterator_init(cfg->named_acl_list, 0);
460
461 while ((o = ao2_iterator_next(&i))) {
462 struct named_acl *named_acl = o;
463 ast_cli(fd, "%s\n", named_acl->name);
464 ao2_ref(o, -1);
465 }
466
468}
#define ao2_iterator_next(iter)
Definition: astobj2.h:1911
struct ao2_iterator ao2_iterator_init(struct ao2_container *c, int flags) attribute_warn_unused_result
Create an iterator for a container.
#define ao2_ref(o, delta)
Reference/unreference an object and return the old refcount.
Definition: astobj2.h:459
void ao2_iterator_destroy(struct ao2_iterator *iter)
Destroy a container iterator.
When we need to walk through a container, we use an ao2_iterator to keep track of the current positio...
Definition: astobj2.h:1821
char name[ACL_NAME_LENGTH]
Definition: named_acl.c:110

References ao2_cleanup, ao2_global_obj_ref, ao2_iterator_destroy(), ao2_iterator_init(), ao2_iterator_next, ao2_ref, ast_cli(), globals, named_acl::name, and RAII_VAR.

Referenced by handle_show_named_acl_cmd().

◆ CONFIG_INFO_CORE()

CONFIG_INFO_CORE ( "named_acl"  ,
cfg_info  ,
globals  ,
named_acl_config_alloc  ,
files = ACO_FILES(&named_acl_conf) 
)

◆ destroy_named_acl()

static void destroy_named_acl ( void *  obj)
static

Destroy a named ACL object.

Definition at line 148 of file named_acl.c.

149{
150 struct named_acl *named_acl = obj;
152}
void ast_free_ha(struct ast_ha *ha)
Free a list of HAs.
Definition: acl.c:222

References ast_free_ha(), and named_acl::ha.

Referenced by named_acl_alloc().

◆ handle_show_named_acl_cmd()

static char * handle_show_named_acl_cmd ( struct ast_cli_entry e,
int  cmd,
struct ast_cli_args a 
)
static

ACL command show <name>

Definition at line 471 of file named_acl.c.

472{
473 struct named_acl_config *cfg;
474 int length;
475 struct ao2_iterator i;
476 struct named_acl *named_acl;
477
478 switch (cmd) {
479 case CLI_INIT:
480 e->command = "acl show";
481 e->usage =
482 "Usage: acl show [name]\n"
483 " Shows a list of named ACLs or lists all entries in a given named ACL.\n";
484 return NULL;
485 case CLI_GENERATE:
486 if (a->pos != 2) {
487 return NULL;
488 }
489
491 if (!cfg) {
492 return NULL;
493 }
494 length = strlen(a->word);
496 while ((named_acl = ao2_iterator_next(&i))) {
497 if (!strncasecmp(a->word, named_acl->name, length)) {
499 ao2_ref(named_acl, -1);
500 break;
501 }
502 }
503 ao2_ref(named_acl, -1);
504 }
506 ao2_ref(cfg, -1);
507
508 return NULL;
509 }
510
511 if (a->argc == 2) {
513 return CLI_SUCCESS;
514 }
515
516 if (a->argc == 3) {
517 cli_display_named_acl(a->fd, a->argv[2]);
518 return CLI_SUCCESS;
519 }
520
521
522 return CLI_SHOWUSAGE;
523}
#define ast_strdup(str)
A wrapper for strdup()
Definition: astmm.h:241
#define CLI_SHOWUSAGE
Definition: cli.h:45
#define CLI_SUCCESS
Definition: cli.h:44
int ast_cli_completion_add(char *value)
Add a result to a request for completion options.
Definition: main/cli.c:2758
@ CLI_INIT
Definition: cli.h:152
@ CLI_GENERATE
Definition: cli.h:153
static void cli_display_named_acl_list(int fd)
Definition: named_acl.c:447
static void cli_display_named_acl(int fd, const char *name)
Definition: named_acl.c:412
char * command
Definition: cli.h:186
const char * usage
Definition: cli.h:177
struct ao2_container * named_acl_list
Definition: named_acl.c:74
static struct test_val a

References a, ao2_global_obj_ref, ao2_iterator_destroy(), ao2_iterator_init(), ao2_iterator_next, ao2_ref, ast_cli_completion_add(), ast_strdup, cli_display_named_acl(), cli_display_named_acl_list(), CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, globals, named_acl::name, named_acl_config::named_acl_list, NULL, and ast_cli_entry::usage.

◆ load_module()

static int load_module ( void  )
static

Definition at line 564 of file named_acl.c.

565{
566 if (aco_info_init(&cfg_info)) {
568 }
569
571
572 /* Register the per level options. */
573 aco_option_register(&cfg_info, "permit", ACO_EXACT, named_acl_types, NULL, OPT_ACL_T, 1, FLDSET(struct named_acl, ha));
574 aco_option_register(&cfg_info, "deny", ACO_EXACT, named_acl_types, NULL, OPT_ACL_T, 0, FLDSET(struct named_acl, ha));
575
576 aco_process_config(&cfg_info, 0);
577
579
581}
struct stasis_message_type * ast_named_acl_change_type(void)
a stasis_message_type for changes against a named ACL or the set of all named ACLs
#define ast_cli_register_multiple(e, len)
Register multiple commands.
Definition: cli.h:265
@ ACO_EXACT
int aco_info_init(struct aco_info *info)
Initialize an aco_info structure.
#define FLDSET(type,...)
Convert a struct and list of fields to an argument list of field offsets.
#define aco_option_register(info, name, matchtype, types, default_val, opt_type, flags,...)
Register a config option.
@ OPT_ACL_T
Type for default option handler for ACLs.
enum aco_process_status aco_process_config(struct aco_info *info, int reload)
Process a config info via the options registered with an aco_info.
@ AST_MODULE_LOAD_FAILURE
Module could not be loaded properly.
Definition: module.h:102
@ AST_MODULE_LOAD_SUCCESS
Definition: module.h:70
struct aco_type * named_acl_types[]
Definition: named_acl.c:96
static struct ast_cli_entry cli_named_acl[]
Definition: named_acl.c:525
#define STASIS_MESSAGE_TYPE_INIT(name)
Boiler-plate messaging macro for initializing message types.
Definition: stasis.h:1493
#define ARRAY_LEN(a)
Definition: utils.h:666

References ACO_EXACT, aco_info_init(), aco_option_register, aco_process_config(), ARRAY_LEN, ast_cli_register_multiple, AST_MODULE_LOAD_FAILURE, AST_MODULE_LOAD_SUCCESS, ast_named_acl_change_type(), cli_named_acl, FLDSET, named_acl_types, NULL, OPT_ACL_T, and STASIS_MESSAGE_TYPE_INIT.

◆ named_acl_alloc()

static void * named_acl_alloc ( const char *  cat)
static

Create a named ACL structure.

Parameters
catname given to the ACL
Return values
NULLfailure
non-NULLsuccessfully allocated named ACL

Definition at line 161 of file named_acl.c.

162{
163 struct named_acl *named_acl;
164
166 if (!named_acl) {
167 return NULL;
168 }
169
171
172 return named_acl;
173}
#define ao2_alloc(data_size, destructor_fn)
Definition: astobj2.h:409
static void destroy_named_acl(void *obj)
Destroy a named ACL object.
Definition: named_acl.c:148
void ast_copy_string(char *dst, const char *src, size_t size)
Size-limited null-terminating string copy.
Definition: strings.h:425

References ao2_alloc, ast_copy_string(), destroy_named_acl(), named_acl::name, and NULL.

Referenced by named_acl_find_realtime().

◆ named_acl_config_alloc()

static void * named_acl_config_alloc ( void  )
static

allocator callback for named_acl_config. Notice it returns void * since it is used by the backend config code

Note
These functions are used for placing/retrieving named ACLs in their ao2_container.

Definition at line 126 of file named_acl.c.

127{
128 struct named_acl_config *cfg;
129
130 if (!(cfg = ao2_alloc(sizeof(*cfg), named_acl_config_destructor))) {
131 return NULL;
132 }
133
135 named_acl_hash_fn, NULL, named_acl_cmp_fn);
136 if (!cfg->named_acl_list) {
137 goto error;
138 }
139
140 return cfg;
141
142error:
143 ao2_ref(cfg, -1);
144 return NULL;
145}
@ AO2_ALLOC_OPT_LOCK_MUTEX
Definition: astobj2.h:363
#define ao2_container_alloc_hash(ao2_options, container_options, n_buckets, hash_fn, sort_fn, cmp_fn)
Allocate and initialize a hash container with the desired number of buckets.
Definition: astobj2.h:1303
static void named_acl_config_destructor(void *obj)
destructor for named_acl_config
Definition: named_acl.c:117
int error(const char *format,...)
Definition: utils/frame.c:999

References ao2_alloc, AO2_ALLOC_OPT_LOCK_MUTEX, ao2_container_alloc_hash, ao2_ref, error(), named_acl_config_destructor(), named_acl_config::named_acl_list, and NULL.

◆ named_acl_config_destructor()

static void named_acl_config_destructor ( void *  obj)
static

destructor for named_acl_config

Definition at line 117 of file named_acl.c.

118{
119 struct named_acl_config *cfg = obj;
121}

References ao2_cleanup, and named_acl_config::named_acl_list.

Referenced by named_acl_config_alloc().

◆ named_acl_find()

static void * named_acl_find ( struct ao2_container container,
const char *  cat 
)
static

Find a named ACL in a container by its name.

Parameters
containerao2container holding the named ACLs
catname of the ACL wanted to be found
Return values
pointerto the named ACL if available. Null if not found.

Definition at line 182 of file named_acl.c.

183{
184 struct named_acl tmp;
185 ast_copy_string(tmp.name, cat, sizeof(tmp.name));
187}
#define OBJ_POINTER
Definition: astobj2.h:1150
#define ao2_find(container, arg, flags)
Definition: astobj2.h:1736
static int tmp()
Definition: bt_open.c:389
struct ao2_container * container
Definition: res_fax.c:501

References ao2_find, ast_copy_string(), container, OBJ_POINTER, and tmp().

Referenced by ast_named_acl_find(), and cli_display_named_acl().

◆ named_acl_find_realtime()

static struct named_acl * named_acl_find_realtime ( const char *  name)
static

Definition at line 240 of file named_acl.c.

241{
242 struct ast_config *cfg;
243 char *item = NULL;
244 const char *systemname = NULL;
245 struct ast_ha *built_ha = NULL;
246 struct named_acl *acl;
247
248 /* If we have a systemname set in the global options, we only want to retrieve entries with a matching systemname field. */
249 systemname = ast_config_AST_SYSTEM_NAME;
250
251 if (ast_strlen_zero(systemname)) {
253 } else {
254 cfg = ast_load_realtime_multientry(ACL_FAMILY, "name", name, "systemname", systemname, SENTINEL);
255 }
256
257 if (!cfg) {
258 return NULL;
259 }
260
261 /* At this point, the configuration must be sorted by the order field. */
263
264 while ((item = ast_category_browse(cfg, item))) {
265 int append_ha_error = 0;
266 const char *order = ast_variable_retrieve(cfg, item, "rule_order");
267 const char *sense = ast_variable_retrieve(cfg, item, "sense");
268 const char *rule = ast_variable_retrieve(cfg, item, "rule");
269
270 built_ha = ast_append_ha(sense, rule, built_ha, &append_ha_error);
271 if (append_ha_error) {
272 /* We need to completely reject an ACL that contains any bad rules. */
273 ast_log(LOG_ERROR, "Rejecting realtime ACL due to bad ACL definition '%s': %s - %s - %s\n", name, order, sense, rule);
274 ast_free_ha(built_ha);
275 return NULL;
276 }
277 }
278
280
282 if (!acl) {
283 ast_log(LOG_ERROR, "allocation error\n");
284 ast_free_ha(built_ha);
285 return NULL;
286 }
287
288 acl->ha = built_ha;
289
290 return acl;
291}
struct ast_ha * ast_append_ha(const char *sense, const char *stuff, struct ast_ha *path, int *error)
Add a new rule to a list of HAs.
Definition: acl.c:712
integer order
Definition: analys.c:66
#define SENTINEL
Definition: compiler.h:87
char * ast_category_browse(struct ast_config *config, const char *prev_name)
Browse categories.
Definition: extconf.c:3326
void ast_config_sort_categories(struct ast_config *config, int descending, int(*comparator)(struct ast_category *p, struct ast_category *q))
Sorts categories in a config in the order of a numerical value contained within them.
Definition: main/config.c:1260
struct ast_config * ast_load_realtime_multientry(const char *family,...) attribute_sentinel
Retrieve realtime configuration.
Definition: main/config.c:3622
void ast_config_destroy(struct ast_config *cfg)
Destroys a config.
Definition: extconf.c:1289
const char * ast_variable_retrieve(struct ast_config *config, const char *category, const char *variable)
Definition: main/config.c:783
static void * named_acl_alloc(const char *cat)
Create a named ACL structure.
Definition: named_acl.c:161
static int acl_order_comparator(struct ast_category *p, struct ast_category *q)
Definition: named_acl.c:201
const char * ast_config_AST_SYSTEM_NAME
Definition: options.c:170
static force_inline int attribute_pure ast_strlen_zero(const char *s)
Definition: strings.h:65
Definition: test_acl.c:111
static struct aco_type item
Definition: test_config.c:1463

References ACL_FAMILY, acl_order_comparator(), ast_append_ha(), ast_category_browse(), ast_config_AST_SYSTEM_NAME, ast_config_destroy(), ast_config_sort_categories(), ast_free_ha(), ast_load_realtime_multientry(), ast_log, ast_strlen_zero(), ast_variable_retrieve(), item, LOG_ERROR, name, named_acl_alloc(), NULL, order, and SENTINEL.

Referenced by ast_named_acl_find(), and cli_display_named_acl().

◆ publish_acl_change()

static int publish_acl_change ( const char *  name)
static

Definition at line 371 of file named_acl.c.

372{
373 RAII_VAR(struct stasis_message *, msg, NULL, ao2_cleanup);
374 RAII_VAR(struct ast_json_payload *, json_payload, NULL, ao2_cleanup);
375 RAII_VAR(struct ast_json *, json_object, ast_json_object_create(), ast_json_unref);
376
377 if (!json_object || !ast_named_acl_change_type()) {
378 goto publish_failure;
379 }
380
381 if (ast_json_object_set(json_object, "name", ast_json_string_create(name))) {
382 goto publish_failure;
383 }
384
385 if (!(json_payload = ast_json_payload_create(json_object))) {
386 goto publish_failure;
387 }
388
390
391 if (!msg) {
392 goto publish_failure;
393 }
394
396
397 return 0;
398
399publish_failure:
400 ast_log(LOG_ERROR, "Failed to issue ACL change message for %s.\n",
401 ast_strlen_zero(name) ? "all named ACLs" : name);
402 return -1;
403}
struct ast_json * ast_json_string_create(const char *value)
Construct a JSON string from value.
Definition: json.c:278
void ast_json_unref(struct ast_json *value)
Decrease refcount on value. If refcount reaches zero, value is freed.
Definition: json.c:73
struct ast_json * ast_json_object_create(void)
Create a new JSON object.
Definition: json.c:399
struct ast_json_payload * ast_json_payload_create(struct ast_json *json)
Create an ao2 object to pass json blobs as data payloads for stasis.
Definition: json.c:756
int ast_json_object_set(struct ast_json *object, const char *key, struct ast_json *value)
Set a field in a JSON object.
Definition: json.c:414
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
struct stasis_message * stasis_message_create(struct stasis_message_type *type, void *data)
Create a new message.
void stasis_publish(struct stasis_topic *topic, struct stasis_message *message)
Publish a message to a topic's subscribers.
Definition: stasis.c:1511
Abstract JSON element (object, array, string, int, ...).

References ao2_cleanup, ast_json_object_create(), ast_json_object_set(), ast_json_payload_create(), ast_json_string_create(), ast_json_unref(), ast_log, ast_named_acl_change_type(), ast_security_topic(), ast_strlen_zero(), LOG_ERROR, name, NULL, RAII_VAR, stasis_message_create(), and stasis_publish().

Referenced by reload_module().

◆ reload_module()

static int reload_module ( void  )
static

Definition at line 529 of file named_acl.c.

530{
532
533 status = aco_process_config(&cfg_info, 1);
534
535 if (status == ACO_PROCESS_ERROR) {
536 ast_log(LOG_WARNING, "Could not reload ACL config\n");
537 return 0;
538 }
539
541 /* We don't actually log anything if the config was unchanged,
542 * but we don't need to send a config change event either.
543 */
544 return 0;
545 }
546
547 /* We need to push an ACL change event with no ACL name so that all subscribers update with all ACLs */
549
550 return 0;
551}
jack_status_t status
Definition: app_jack.c:146
aco_process_status
Return values for the aco_process functions.
@ ACO_PROCESS_UNCHANGED
The config had not been edited and no changes applied.
@ ACO_PROCESS_ERROR
Their was an error and no changes were applied.
static int publish_acl_change(const char *name)
Definition: named_acl.c:371

References aco_process_config(), ACO_PROCESS_ERROR, ACO_PROCESS_UNCHANGED, ast_log, LOG_WARNING, publish_acl_change(), and status.

◆ STASIS_MESSAGE_TYPE_DEFN()

STASIS_MESSAGE_TYPE_DEFN ( ast_named_acl_change_type  )

Message type for named ACL changes.

◆ unload_module()

static int unload_module ( void  )
static

Definition at line 553 of file named_acl.c.

554{
556
558 aco_info_destroy(&cfg_info);
560
561 return 0;
562}
#define ao2_global_obj_release(holder)
Release the ao2 object held in the global holder.
Definition: astobj2.h:859
int ast_cli_unregister_multiple(struct ast_cli_entry *e, int len)
Unregister multiple commands.
Definition: clicompat.c:30
void aco_info_destroy(struct aco_info *info)
Destroy an initialized aco_info struct.
#define STASIS_MESSAGE_TYPE_CLEANUP(name)
Boiler-plate messaging macro for cleaning up message types.
Definition: stasis.h:1515

References aco_info_destroy(), ao2_global_obj_release, ARRAY_LEN, ast_cli_unregister_multiple(), ast_named_acl_change_type(), cli_named_acl, globals, and STASIS_MESSAGE_TYPE_CLEANUP.

Variable Documentation

◆ __mod_info

struct ast_module_info __mod_info = { .name = "acl" , .flags = AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER , .description = "Named ACL system" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = AST_BUILDOPT_SUM, .support_level = AST_MODULE_SUPPORT_CORE, .load = load_module, .unload = unload_module, .reload = reload_module, .load_pri = AST_MODPRI_CORE, .requires = "extconfig", }
static

Definition at line 590 of file named_acl.c.

◆ ast_module_info

const struct ast_module_info* ast_module_info = &__mod_info
static

Definition at line 590 of file named_acl.c.

◆ cli_named_acl

struct ast_cli_entry cli_named_acl[]
static
Initial value:
= {
{ .handler = handle_show_named_acl_cmd , .summary = "Show a named ACL or list all named ACLs" ,},
}
static char * handle_show_named_acl_cmd(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
ACL command show <name>
Definition: named_acl.c:471

Definition at line 525 of file named_acl.c.

Referenced by load_module(), and unload_module().

◆ named_acl_conf

struct aco_file named_acl_conf
Initial value:
= {
.filename = "acl.conf",
}
#define ACO_TYPES(...)
A helper macro to ensure that aco_info types always have a sentinel.
static struct aco_type named_acl_type
Definition: named_acl.c:85

Definition at line 98 of file named_acl.c.

◆ named_acl_type

struct aco_type named_acl_type
static

Definition at line 85 of file named_acl.c.

◆ named_acl_types

struct aco_type* named_acl_types[] = ACO_TYPES(&named_acl_type)

Definition at line 96 of file named_acl.c.

Referenced by load_module().