Changeset 1354:0dff6a604b0a in freeDiameter
- Timestamp:
- May 17, 2019, 7:59:19 PM (5 years ago)
- Branch:
- default
- Phase:
- public
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
doc/acl_wl.conf.sample
r162 r1354 4 4 # maintaining this connection ourselves (as it would be the case by declaring the 5 5 # peer in a ConnectPeer directive). 6 # 7 # This extension supports configuration reload at runtime. Send 8 # signal SIGUSR1 to the process to cause the process to reload its 9 # config. 10 # 6 11 # The format of this file is very simple. It contains a list of peer names 7 12 # separated by spaces or newlines. -
extensions/acl_wl/acl_wl.c
r741 r1354 38 38 */ 39 39 40 #include <pthread.h> 41 #include <signal.h> 42 40 43 #include "acl_wl.h" 44 45 static pthread_rwlock_t acl_wl_lock; 46 47 #define MODULE_NAME "acl_wl" 48 49 static char *acl_wl_config_file; 41 50 42 51 /* The validator function */ … … 54 63 /* Default to unknown result */ 55 64 *auth = 0; 56 65 66 if (pthread_rwlock_rdlock(&acl_wl_lock) != 0) { 67 fd_log_notice("%s: read-lock failed, skipping handler", MODULE_NAME); 68 return 0; 69 } 70 57 71 /* Now search the peer in our tree */ 58 72 CHECK_FCT( aw_tree_lookup(info->pi_diamid, &res) ); 73 74 if (pthread_rwlock_unlock(&acl_wl_lock) != 0) { 75 fd_log_notice("%s: read-unlock failed after aw_tree_lookup, exiting", MODULE_NAME); 76 exit(1); 77 } 78 59 79 if (res < 0) { 60 80 /* The peer is not whitelisted */ … … 88 108 } 89 109 110 static volatile int in_signal_handler = 0; 111 112 /* signal handler */ 113 static void sig_hdlr(void) 114 { 115 struct fd_list old_tree; 116 117 if (in_signal_handler) { 118 fd_log_error("%s: already handling a signal, ignoring new one", MODULE_NAME); 119 return; 120 } 121 in_signal_handler = 1; 122 123 if (pthread_rwlock_wrlock(&acl_wl_lock) != 0) { 124 fd_log_error("%s: locking failed, aborting config reload", MODULE_NAME); 125 return; 126 } 127 128 /* save old config in case reload goes wrong */ 129 old_tree = tree_root; 130 fd_list_init(&tree_root, NULL); 131 132 if (aw_conf_handle(acl_wl_config_file) != 0) { 133 fd_log_error("%s: error reloading configuration, restoring previous configuration", MODULE_NAME); 134 aw_tree_destroy(); 135 tree_root = old_tree; 136 } else { 137 struct fd_list new_tree; 138 new_tree = tree_root; 139 tree_root = old_tree; 140 aw_tree_destroy(); 141 tree_root = new_tree; 142 } 143 144 if (pthread_rwlock_unlock(&acl_wl_lock) != 0) { 145 fd_log_error("%s: unlocking failed after config reload, exiting", MODULE_NAME); 146 exit(1); 147 } 148 149 fd_log_notice("%s: reloaded configuration", MODULE_NAME); 150 151 in_signal_handler = 0; 152 } 153 154 90 155 /* entry point */ 91 156 static int aw_entry(char * conffile) … … 93 158 TRACE_ENTRY("%p", conffile); 94 159 CHECK_PARAMS(conffile); 95 160 161 acl_wl_config_file = conffile; 162 163 pthread_rwlock_init(&acl_wl_lock, NULL); 164 165 if (pthread_rwlock_wrlock(&acl_wl_lock) != 0) { 166 fd_log_notice("%s: write-lock failed, aborting", MODULE_NAME); 167 return EDEADLK; 168 } 169 96 170 /* Parse configuration file */ 97 171 CHECK_FCT( aw_conf_handle(conffile) ); 98 172 99 173 TRACE_DEBUG(INFO, "Extension ACL_wl initialized with configuration: '%s'", conffile); 100 174 if (TRACE_BOOL(ANNOYING)) { 101 175 aw_tree_dump(); 102 176 } 103 177 178 if (pthread_rwlock_unlock(&acl_wl_lock) != 0) { 179 fd_log_notice("%s: write-unlock failed, aborting", MODULE_NAME); 180 return EDEADLK; 181 } 182 183 /* Register reload callback */ 184 CHECK_FCT(fd_event_trig_regcb(SIGUSR1, MODULE_NAME, sig_hdlr)); 185 104 186 /* Register the validator function */ 105 187 CHECK_FCT( fd_peer_validate_register ( aw_validate ) ); … … 115 197 } 116 198 117 EXTENSION_ENTRY( "acl_wl", aw_entry);199 EXTENSION_ENTRY(MODULE_NAME, aw_entry); -
extensions/acl_wl/acl_wl.h
r741 r1354 44 44 #include <freeDiameter/extension.h> 45 45 46 extern struct fd_list tree_root; 47 46 48 /* Parse the configuration file */ 47 49 int aw_conf_handle(char * conffile); -
extensions/acl_wl/aw_conf.l
r1057 r1354 36 36 /* Lex extension's configuration parser. 37 37 * 38 * The configuration file contains a default priority, and a list of peers with optional overw ite priority.38 * The configuration file contains a default priority, and a list of peers with optional overwrite priority. 39 39 * -- see the app_test.conf.sample file for more detail. 40 40 */ -
extensions/acl_wl/aw_conf.y
r1057 r1354 58 58 /* Forward declaration */ 59 59 int yyparse(char * conffile); 60 void aw_confrestart(FILE *input_file); 60 61 61 62 static int fqdn_added = 0; … … 75 76 ret = errno; 76 77 fd_log_debug("Unable to open extension configuration file %s for reading: %s", conffile, strerror(ret)); 77 TRACE_DEBUG (INFO, " Error occurred, message logged -- configuration file.");78 TRACE_DEBUG (INFO, "acl_wl: Error occurred, message logged -- configuration file."); 78 79 return ret; 79 80 } 80 81 82 aw_confrestart(aw_confin); 81 83 ret = yyparse(conffile); 82 84 … … 84 86 85 87 if (ret != 0) { 86 TRACE_DEBUG (INFO, " Unable to parse the configuration file.");88 TRACE_DEBUG (INFO, "acl_wl: Unable to parse the configuration file."); 87 89 return EINVAL; 88 90 } else { 89 TRACE_DEBUG(FULL, " Read %d FQDN entries successfully.", fqdn_added);91 TRACE_DEBUG(FULL, "acl_wl: Read %d FQDN entries successfully.", fqdn_added); 90 92 } 91 93 … … 99 101 void yyerror (YYLTYPE *ploc, char * conffile, char const *s) 100 102 { 101 TRACE_DEBUG(INFO, " Error in configuration parsing");103 TRACE_DEBUG(INFO, "acl_wl: Error in configuration parsing"); 102 104 103 105 if (ploc->first_line != ploc->last_line) … … 131 133 { 132 134 fqdn_added++; 133 TRACE_DEBUG(FULL, " Added FQDN: %s", $2);135 TRACE_DEBUG(FULL, "acl_wl: Added FQDN: %s", $2); 134 136 } 135 137 | conffile LEX_ERROR 136 138 { 137 yyerror(&yylloc, conffile, " An error occurred while parsing the configuration file");139 yyerror(&yylloc, conffile, "acl_wl: An error occurred while parsing the configuration file"); 138 140 return EINVAL; 139 141 } -
extensions/acl_wl/aw_tree.c
r1127 r1354 70 70 71 71 /* The root of the tree */ 72 st atic struct fd_list tree_root = FD_LIST_INITIALIZER(tree_root);73 74 /* Note: we don't need to lock, since we add only when parsing the conf, and then read only*/72 struct fd_list tree_root = FD_LIST_INITIALIZER(tree_root); 73 74 /* Note: we lock accesses to the tree with acl_wl_lock because of config reload */ 75 75 76 76
Note: See TracChangeset
for help on using the changeset viewer.