permissions(k) Add RPC function calls that match functionality in old modules_s module

modules_k/permissions/README

@@ -81,6 +81,15 @@ Juha Heinanen
               5.5. trusted_dump
               5.6. allow_uri
 
+        6. RPC Commands
+
+              6.1. addressReload
+              6.2. addressDump
+              6.3. subnetDump
+              6.4. testUri basename uri contact
+              6.5. trustedReload
+              6.6. trustedDump
+
    List of Examples
 
    1.1. Set default_allow_file parameter
@@ -176,6 +185,15 @@ Chapter 1. Admin Guide
         5.5. trusted_dump
         5.6. allow_uri
 
+   6. RPC Commands
+
+        6.1. addressReload
+        6.2. addressDump
+        6.3. subnetDump
+        6.4. testUri basename uri contact
+        6.5. trustedReload
+        6.6. trustedDump
+
 1. Overview
 
    1.1. Call Routing
@@ -616,7 +634,7 @@ modparam("permissions", "peer_tag_mode", "1")
    4.10. allow_address_group(addr, port)
    4.11. allow_trusted([src_ip_pvar, proto_pvar])
 
-4.1. allow_routing()
+4.1.  allow_routing()
 
    Returns true if all pairs constructed as described in Section 1.1,
    "Call Routing" have appropriate permissions according to the
@@ -632,7 +650,7 @@ if (allow_routing()) {
 };
 ...
 
-4.2. allow_routing(basename)
+4.2.  allow_routing(basename)
 
    Returns true if all pairs constructed as described in Section 1.1,
    "Call Routing" have appropriate permissions according to the
@@ -655,7 +673,7 @@ if (allow_routing("basename")) {
 };
 ...
 
-4.3. allow_routing(allow_file,deny_file)
+4.3.  allow_routing(allow_file,deny_file)
 
    Returns true if all pairs constructed as described in Section 1.1,
    "Call Routing" have appropriate permissions according to the
@@ -680,7 +698,7 @@ if (allow_routing("rules.allow", "rules.deny")) {
 };
 ...
 
-4.4. allow_register(basename)
+4.4.  allow_register(basename)
 
    The function returns true if all pairs constructed as described in
    Section 1.2, "Registration Permissions" have appropriate permissions
@@ -708,7 +726,7 @@ if (method=="REGISTER") {
 };
 ...
 
-4.5. allow_register(allow_file, deny_file)
+4.5.  allow_register(allow_file, deny_file)
 
    The function returns true if all pairs constructed as described in
    Section 1.2, "Registration Permissions" have appropriate permissions
@@ -738,7 +756,7 @@ if (method=="REGISTER") {
 };
 ...
 
-4.6. allow_uri(basename, pvar)
+4.6.  allow_uri(basename, pvar)
 
    Returns true if the pair constructed as described in Section 1.3, "URI
    Permissions" have appropriate permissions according to the
@@ -765,7 +783,7 @@ if (allow_uri("basename", "$avp(i:705)") {  // Check URI stored in $avp(i:705)
 };
 ...
 
-4.7. allow_address(group_id, ip_addr_pvar, port_pvar)
+4.7.  allow_address(group_id, ip_addr_pvar, port_pvar)
 
    Returns true if IP address and port given as values of pvar arguments
    belonging to a group given as group_id argument matches an IP subnet
@@ -788,7 +806,7 @@ if (!allow_address("2", "$avp(i:704)", "$avp(i:705)") {
 };
 ...
 
-4.8. allow_source_address([group_id])
+4.8.  allow_source_address([group_id])
 
    Equal to allow_address(group_id, "$si", "$sp"). If 'group_id' is
    missing, the function is equal to allow_address("1", "$si", "$sp").
@@ -804,7 +822,7 @@ if (!allow_source_address("1")) {
 };
 ...
 
-4.9. allow_source_address_group()
+4.9.  allow_source_address_group()
 
    Checks if source address/port is found in cached address or subnet
    table in any group. If yes, returns that group. If not returns -1. Port
@@ -821,7 +839,7 @@ if ($var(group) != -1) {
 };
 ...
 
-4.10. allow_address_group(addr, port)
+4.10.  allow_address_group(addr, port)
 
    Checks if address/port is found in cached address or subnet table in
    any group. If yes, returns that group. If not returns -1. Port value 0
@@ -839,7 +857,7 @@ if ($var(group) != -1) {
 };
 ...
 
-4.11. allow_trusted([src_ip_pvar, proto_pvar])
+4.11.  allow_trusted([src_ip_pvar, proto_pvar])
 
    Checks based either on request's source address and transport protocol
    or source address and transport protocol given in pvar arguments, and
@@ -875,7 +893,7 @@ if (allow_trusted("$si", "$proto")) {
    5.5. trusted_dump
    5.6. allow_uri
 
-5.1. address_reload
+5.1.  address_reload
 
    Causes permissions module to re-read the contents of address database
    table into cache memory. In cache memory the entries are for
@@ -884,35 +902,79 @@ if (allow_trusted("$si", "$proto")) {
 
    Parameters: none
 
-5.2. address_dump
+5.2.  address_dump
 
    Causes permissions module to dump contents of cache memory address
    table.
 
    Parameters: none
 
-5.3. subnet_dump
+5.3.  subnet_dump
 
    Causes permissions module to dump contents of cache memory subnet
    table.
 
    Parameters: none
 
-5.4. trusted_reload
+5.4.  trusted_reload
 
    Causes permissions module to re-read the contents of trusted table into
    cache memory.
 
    Parameters: none
 
-5.5. trusted_dump
+5.5.  trusted_dump
 
    Causes permissions module to dump contents of trusted table from cache
    memory.
 
    Parameters: none
 
-5.6. allow_uri
+5.6.  allow_uri
+
+   Tests if (URI, Contact) pair is allowed according to allow/deny files.
+   The files must already have been loaded by Kamailio.
+
+   Parameters:
+     * basename - Basename from which allow and deny filenames will be
+       created by appending contents of allow_suffix and deny_suffix
+       parameters.
+     * URI - URI to be tested
+     * Contact - Contact to be tested
+
+6. RPC Commands
+
+   6.1. addressReload
+   6.2. addressDump
+   6.3. subnetDump
+   6.4. testUri basename uri contact
+   6.5. trustedReload
+   6.6. trustedDump
+
+6.1.  addressReload
+
+   Causes permissions module to re-read the contents of address database
+   table into cache memory. In cache memory the entries are for
+   performance reasons stored in two different tables: address table and
+   subnet table depending on the value of the mask field (32 or smaller).
+
+   Parameters: none
+
+6.2.  addressDump
+
+   Causes permissions module to dump contents of cache memory address
+   table. (Not the subnet table).
+
+   Parameters: none
+
+6.3.  subnetDump
+
+   Causes permissions module to dump contents of cache memory subnet
+   table.
+
+   Parameters: none
+
+6.4.  testUri basename uri contact
 
    Tests if (URI, Contact) pair is allowed according to allow/deny files.
    The files must already have been loaded by Kamailio.
@@ -923,3 +985,17 @@ if (allow_trusted("$si", "$proto")) {
        parameters.
      * URI - URI to be tested
      * Contact - Contact to be tested
+
+6.5.  trustedReload
+
+   Causes permissions module to re-read the contents of trusted table into
+   cache memory.
+
+   Parameters: none
+
+6.6.  trustedDump
+
+   Causes permissions module to dump contents of trusted table from cache
+   memory.
+
+   Parameters: none

modules_k/permissions/address.c

@@ -1,5 +1,5 @@
+
 /*
- *
  * allow_address related functions
  *
  * Copyright (C) 2006 Juha Heinanen
@@ -136,14 +136,34 @@ int reload_address_table(void)
 	for (i = 0; i < RES_ROW_N(res); i++) {
 		val = ROW_VALUES(row + i);
 		/* basic checks to db values */
-		if ((ROW_N(row + i) != 5)
-				|| (VAL_TYPE(val) != DB1_INT) || VAL_NULL(val)
-				|| (VAL_INT(val) <= 0)
-				|| (VAL_TYPE(val + 1) != DB1_STRING) || VAL_NULL(val + 1)
-				|| (VAL_TYPE(val + 2) != DB1_INT) || VAL_NULL(val + 2)
-				|| (VAL_TYPE(val + 3) != DB1_INT) || VAL_NULL(val + 3))
+		if (ROW_N(row + i) != 5)
+		{
+			LM_DBG("failure during checks of db address table: Colums %d - expected 5\n", ROW_N(row + i));
+			goto dberror;
+		}
+		if ((VAL_TYPE(val) != DB1_INT) || VAL_NULL(val) || (VAL_INT(val) <= 0))
+		{
+			LM_DBG("failure during checks of database value 1 (group) in address table\n");
+			goto dberror;
+		}
+		if ((VAL_TYPE(val + 1) != DB1_STRING) && (VAL_TYPE(val + 1) != DB1_STR))
+		{
+			LM_DBG("failure during checks of database value 2 (IP address) in address table - not a string value\n");
+			goto dberror;
+		}
+		if (VAL_NULL(val + 1))
+		{
+			LM_DBG("failure during checks of database value 2 (IP address) in address table - NULL value not permitted\n");
+			goto dberror;
+		}
+		if ((VAL_TYPE(val + 2) != DB1_INT) || VAL_NULL(val + 2))
+		{
+			LM_DBG("failure during checks of database value 3 (subnet size/CIDR) in address table\n");
+			goto dberror;
+		}
+		if ((VAL_TYPE(val + 3) != DB1_INT) || VAL_NULL(val + 3))
 		{
-			LM_DBG("failure during checks of db values\n");
+			LM_DBG("failure during checks of database value 4 (port) in address table\n");
 			goto dberror;
 		}
 		gid = VAL_UINT(val);

modules_k/permissions/doc/permissions_admin.xml

@@ -1187,6 +1187,97 @@ if (allow_trusted("$si", "$proto")) {
 	</section>
 
 	</section>
+	<section>
+	<title>RPC Commands</title>
+	<section>
+		<title>
+		<function moreinfo="none">addressReload</function>
+		</title>
+		<para>
+			Causes permissions module to re-read the contents of
+			address database table into cache
+			memory.  In cache memory the entries are
+			for performance reasons stored in two
+                        different tables:  address table and
+			subnet table depending on the value of
+			the mask field (32 or smaller).
+
+		</para>
+		<para>Parameters: <emphasis>none</emphasis></para>
+	</section>
+	
+	<section>
+		<title>
+		<function moreinfo="none">addressDump</function>
+		</title>
+		<para>
+			Causes permissions module to dump
+                   	contents of cache memory address table.
+			(Not the subnet table).
+
+		</para>
+		<para>Parameters: <emphasis>none</emphasis></para>
+	</section>
+
+	<section>
+		<title>
+		<function moreinfo="none">subnetDump</function>
+		</title>
+		<para>
+			Causes permissions module to dump
+                	contents of cache memory subnet table.
+		</para>
+		<para>Parameters: <emphasis>none</emphasis></para>
+	</section>
+	<section>
+		<title>
+		<function moreinfo="none">testUri basename uri contact</function>
+		</title>
+		<para>
+			Tests if (URI, Contact) pair is allowed according to
+			allow/deny files.  The files must already have been
+		 	loaded by &kamailio;.
+		</para>
+		<para>Parameters: </para>
+		<itemizedlist>
+			<listitem><para>
+				<emphasis>basename</emphasis> -
+				Basename from which allow and deny filenames will be created by
+				appending contents of allow_suffix and deny_suffix
+				parameters.
+			</para></listitem>
+			<listitem><para>
+				<emphasis>URI</emphasis> - URI to be tested
+			</para></listitem>
+			<listitem><para>
+				<emphasis>Contact</emphasis> - Contact to be tested
+			</para></listitem>
+		</itemizedlist>
+
+	</section>
+
+	<section>
+		<title>
+		<function moreinfo="none">trustedReload</function>
+		</title>
+		<para>
+			Causes permissions module to re-read the contents of
+			trusted table into cache memory.
+		</para>
+		<para>Parameters: <emphasis>none</emphasis></para>
+	</section>
+	<section>
+		<title>
+		<function moreinfo="none">trustedDump</function>
+		</title>
+		<para>
+			Causes permissions module to dump contents of trusted
+			table from cache memory.
+		</para>
+		<para>Parameters: <emphasis>none</emphasis></para>
+	</section>
+
+	</section> <!-- RPC commands -->
 
 </chapter>
 

modules_k/permissions/hash.c

@@ -270,8 +270,8 @@ int match_hash_table(struct trusted_list** table, struct sip_msg* msg,
 }
 
 
-/* 
- * Print trusted entries stored in hash table 
+/*! \brief
+ * MI Interface :: Print trusted entries stored in hash table 
  */
 int hash_table_mi_print(struct trusted_list** table, struct mi_node* rpl)
 {
@@ -296,6 +296,50 @@ int hash_table_mi_print(struct trusted_list** table, struct mi_node* rpl)
 	return 0;
 }
 
+/*! \brief
+ * RPC interface :: Print trusted entries stored in hash table 
+ */
+int hash_table_rpc_print(struct trusted_list** hash_table, rpc_t* rpc, void* c)
+{
+	int i;
+	struct trusted_list *np;
+	void* th;
+	void* ih;
+
+	if (rpc->add(c, "{", &th) < 0)
+	{
+		rpc->fault(c, 500, "Internal error creating rpc");
+		return -1;
+	}
+
+	for (i = 0; i < PERM_HASH_SIZE; i++) {
+		np = hash_table[i];
+		while (np) {
+			if(rpc->struct_add(th, "d{", 
+					"table", i,
+					"item", &ih) < 0)
+                        {
+                                rpc->fault(c, 500, "Internal error creating rpc ih");
+                                return -1;
+                        }
+
+			if(rpc->struct_add(ih, "s", "ip", np->src_ip.s) < 0)
+			{
+				rpc->fault(c, 500, "Internal error creating rpc data (ip)");
+				return -1;
+			}
+			if(rpc->struct_add(ih, "dss", "proto",  np->proto,
+						"pattern",  np->pattern ? np->pattern : "NULL",
+						"tag",  np->tag.len ? np->tag.s : "NULL") < 0)
+			{
+				rpc->fault(c, 500, "Internal error creating rpc data");
+				return -1;
+			}
+			np = np->next;
+		}
+	}
+	return 0;
+}
 
 /* 
  * Free contents of hash table, it doesn't destroy the
@@ -456,9 +500,8 @@ int find_group_in_addr_hash_table(struct addr_list** table,
 	return -1;
 }
 
-
-/* 
- * Print addresses stored in hash table 
+/*! \brief
+ * MI: Print addresses stored in hash table 
  */
 int addr_hash_table_mi_print(struct addr_list** table, struct mi_node* rpl)
 {
@@ -479,6 +522,53 @@ int addr_hash_table_mi_print(struct addr_list** table, struct mi_node* rpl)
 	return 0;
 }
 
+/*! \brief
+ * RPC: Print addresses stored in hash table 
+ */
+int addr_hash_table_rpc_print(struct addr_list** table, rpc_t* rpc, void* c)
+{
+	int i;
+	int count;
+	void* th;
+	void* ih;
+	struct addr_list *np;
+
+
+	if (rpc->add(c, "{", &th) < 0)
+	{
+		rpc->fault(c, 500, "Internal error creating rpc");
+		return -1;
+	}
+
+	for (i = 0; i < PERM_HASH_SIZE; i++) {
+		np = table[i];
+		while (np) {
+			if(rpc->struct_add(th, "dd{", 
+					"table", i,
+					"group", np->grp,
+					"item", &ih) < 0)
+                        {
+                                rpc->fault(c, 500, "Internal error creating rpc ih");
+                                return -1;
+                        }
+
+			if(rpc->struct_add(ih, "s", "ip", ip_addr2a(&np->addr)) < 0)
+			{
+				rpc->fault(c, 500, "Internal error creating rpc data (ip)");
+				return -1;
+			}
+			if(rpc->struct_add(ih, "ds", "port",  np->port,
+						"tag",  np->tag.len ? np->tag.s : "NULL") < 0)
+			{
+				rpc->fault(c, 500, "Internal error creating rpc data");
+				return -1;
+			}
+			np = np->next;
+		}
+	}
+	return 0;
+}
+
 
 /* 
  * Free contents of hash table, it doesn't destroy the
@@ -657,6 +747,50 @@ int subnet_table_mi_print(struct subnet* table, struct mi_node* rpl)
 	return 0;
 }
 
+/*! \brief
+ * RPC interface :: Print subnet entries stored in hash table 
+ */
+int subnet_table_rpc_print(struct subnet* table, rpc_t* rpc, void* c)
+{
+	int i;
+	int count;
+	void* th;
+	void* ih;
+
+	count = table[PERM_MAX_SUBNETS].grp;
+
+	if (rpc->add(c, "{", &th) < 0)
+	{
+		rpc->fault(c, 500, "Internal error creating rpc");
+		return -1;
+	}
+
+	for (i = 0; i < count; i++) {
+		if(rpc->struct_add(th, "dd{", 
+				"id", i,
+				"group", table[i].grp,
+				"item", &ih) < 0)
+                {
+                        rpc->fault(c, 500, "Internal error creating rpc ih");
+                        return -1;
+                }
+
+		if(rpc->struct_add(ih, "s", "ip", ip_addr2a(&table[i].subnet)) < 0)
+		{
+			rpc->fault(c, 500, "Internal error creating rpc data (subnet)");
+			return -1;
+		}
+		if(rpc->struct_add(ih, "dds", "mask", table[i].mask,
+					"port", table[i].port,
+					"tag",  (table[i].tag.s==NULL)?"":table[i].tag.s) < 0)
+		{
+			rpc->fault(c, 500, "Internal error creating rpc data");
+			return -1;
+		}
+	}
+	return 0;
+}
+
 
 /* 
  * Empty contents of subnet table

modules_k/permissions/hash.h

@@ -28,6 +28,7 @@
 #include <stdio.h>
 #include "../../parser/msg_parser.h"
 #include "../../str.h"
+#include "../../rpc.h"
 #include "../../usr_avp.h"
 #include "../../lib/kmi/mi.h"
 
@@ -96,6 +97,7 @@ int match_hash_table(struct trusted_list** table, struct sip_msg* msg,
  */
 void hash_table_print(struct trusted_list** hash_table, FILE* reply_file);
 int hash_table_mi_print(struct trusted_list **hash_table, struct mi_node* rpl);
+int hash_table_rpc_print(struct trusted_list **hash_table, rpc_t* rpc, void* c);
 
 /* 
  * Empty hash table
@@ -163,6 +165,7 @@ int find_group_in_addr_hash_table(struct addr_list** table,
 void addr_hash_table_print(struct addr_list** hash_table, FILE* reply_file);
 int addr_hash_table_mi_print(struct addr_list** hash_table,
 			     struct mi_node* rpl);
+int addr_hash_table_rpc_print(struct addr_list** table, rpc_t* rpc, void* c);
 
 
 /* 
@@ -234,6 +237,7 @@ int subnet_table_insert(struct subnet* table, unsigned int grp,
  */
 void subnet_table_print(struct subnet* table, FILE* reply_file);
 int subnet_table_mi_print(struct subnet* table, struct mi_node* rpl);
+int subnet_table_rpc_print(struct subnet* table, rpc_t* rpc, void* c);
 
 
 #endif /* _PERM_HASH_H_ */

modules_k/permissions/mi.c

@@ -1,6 +1,6 @@
 /*
  *
- * Permissions MI functions
+ * Permissions MI and RPC functions
  *
  * Copyright (C) 2006 Juha Heinanen
  *
@@ -39,18 +39,36 @@
  */
 struct mi_root* mi_trusted_reload(struct mi_root *cmd_tree, void *param)
 {
-	if (hash_table==NULL)
+	if (hash_table==NULL) {
 		return init_mi_tree( 200, MI_SSTR(MI_OK));
+	}
 
-    if (reload_trusted_table () == 1) {
-	return init_mi_tree( 200, MI_SSTR(MI_OK));
-    } else {
-	return init_mi_tree( 400, MI_SSTR("Trusted table reload failed"));
-    }
+	if (reload_trusted_table () == 1) {
+		return init_mi_tree( 200, MI_SSTR(MI_OK));
+	} else {
+		return init_mi_tree( 400, MI_SSTR("Trusted table reload failed"));
+	}
 }
 
+/*! \brief
+ * RPC function to reload trusted table
+ */
+void rpc_trusted_reload(rpc_t* rpc, void* c) {
+	if (hash_table==NULL) {
+		rpc->fault(c, 500, "Reload failed. No hash table");
+		return;
+	}
+	if (reload_trusted_table () != 1) {
+		rpc->fault(c, 500, "Reload failed.");
+		return;
+	}
 
-/*
+	rpc->printf(c, "Reload OK");
+	return;
+}
+
+
+/*! \brief
  * MI function to print trusted entries from current hash table
  */
 struct mi_root* mi_trusted_dump(struct mi_root *cmd_tree, void *param)
@@ -72,8 +90,26 @@ struct mi_root* mi_trusted_dump(struct mi_root *cmd_tree, void *param)
 	return rpl_tree;
 }
 
+/*! \brief
+ * RPC function to dump trusted table
+ */
+void rpc_trusted_dump(rpc_t* rpc, void* c) {
 
-/*
+	if (hash_table==NULL) {
+		rpc->fault(c, 500, "Reload failed. No trusted table");
+		return;
+	}
+
+	if(hash_table_rpc_print(*hash_table, rpc, c) < 0) {
+		LM_DBG("failed to print a hash_table dump\n");
+		return;
+	}
+
+	return;
+}
+
+
+/*! \brief
  * MI function to reload address table
  */
 struct mi_root* mi_address_reload(struct mi_root *cmd_tree, void *param)
@@ -85,6 +121,18 @@ struct mi_root* mi_address_reload(struct mi_root *cmd_tree, void *param)
     }
 }
 
+/*! \brief
+ * RPC function to reload address table
+ */
+void rpc_address_reload(rpc_t* rpc, void* c) {
+	if (reload_address_table () != 1) {
+		rpc->fault(c, 500, "Reload failed.");
+		return;
+	}
+
+	rpc->printf(c, "Reload OK");
+	return;
+}
 
 /*
  * MI function to print address entries from current hash table
@@ -105,6 +153,18 @@ struct mi_root* mi_address_dump(struct mi_root *cmd_tree, void *param)
     return rpl_tree;
 }
 
+/*! \brief
+ * RPC function to dump address table
+ */
+void rpc_address_dump(rpc_t* rpc, void* c) {
+
+	if(addr_hash_table_rpc_print(*addr_hash_table, rpc, c) < 0 ) {
+		LM_DBG("failed to print a subnet_table dump\n");
+	}
+	return;
+}
+
+
 
 /*
  * MI function to print subnets from current subnet table
@@ -125,9 +185,20 @@ struct mi_root* mi_subnet_dump(struct mi_root *cmd_tree, void *param)
     return rpl_tree;
 }
 
+/*! \brief
+ * RPC function to dump subnet table
+ */
+void rpc_subnet_dump(rpc_t* rpc, void* c) {
+	if(subnet_table_rpc_print(*subnet_table, rpc, c) < 0) {
+		LM_DBG("failed to print a subnet_table dump\n");
+	}
+
+	return;
+}
+
 #define MAX_FILE_LEN 128
 
-/*
+/*! \brief
  * MI function to make allow_uri query.
  */
 struct mi_root* mi_allow_uri(struct mi_root *cmd, void *param)
@@ -178,3 +249,53 @@ struct mi_root* mi_allow_uri(struct mi_root *cmd, void *param)
 	return init_mi_tree(403, MI_SSTR("Forbidden"));
     }
 }
+
+/*! \brief
+ * RPC function to make allow_uri query.
+ */
+void rpc_test_uri(rpc_t* rpc, void* c)
+{
+    	str basenamep, urip, contactp;
+	char basename[MAX_FILE_LEN + 1];
+	char uri[MAX_URI_SIZE + 1], contact[MAX_URI_SIZE + 1]; 
+	unsigned int allow_suffix_len;
+
+	if (rpc->scan(c, "S", &basenamep) != 1) {
+		rpc->fault(c, 500, "Not enough parameters (basename, URI and contact)");
+		return;
+	}
+	if (rpc->scan(c, "S", &urip) != 1) {
+		rpc->fault(c, 500, "Not enough parameters (basename, URI and contact)");
+		return;
+	}
+	if (rpc->scan(c, "S", &contactp) != 1) {
+		rpc->fault(c, 500, "Not enough parameters (basename, URI and contact)");
+		return;
+	}
+
+	/* For some reason, rtp->scan doesn't set the length properly */
+    	if (contactp.len > MAX_URI_SIZE) {
+		rpc->fault(c, 500, "Contact is too long");
+		return;
+	}
+	allow_suffix_len = strlen(allow_suffix);
+	if (basenamep.len + allow_suffix_len + 1 > MAX_FILE_LEN) {
+		rpc->fault(c, 500, "Basename is too long");
+		return;
+	}
+
+	memcpy(basename, basenamep.s, basenamep.len);
+	memcpy(basename + basenamep.len, allow_suffix, allow_suffix_len);
+	basename[basenamep.len + allow_suffix_len] = 0;
+    	memcpy(uri, urip.s, urip.len);
+	memcpy(contact, contactp.s, contactp.len);
+	contact[contactp.len] = 0;
+    	uri[urip.len] = 0;
+
+	if (allow_test(basename, uri, contact) == 1) {
+		rpc->printf(c, "Allowed");
+		return;
+	}
+	rpc->printf(c, "Denied");
+	return;
+}

modules_k/permissions/mi.h

@@ -27,6 +27,7 @@
 
 
 #include "../../lib/kmi/mi.h"
+#include "../../rpc.h"
 
 
 #define MI_TRUSTED_RELOAD "trusted_reload"
@@ -39,15 +40,21 @@
 #define MI_ALLOW_URI "allow_uri"
 
 struct mi_root* mi_trusted_reload(struct mi_root *cmd, void *param);
+void rpc_trusted_reload(rpc_t* rpc, void* c);
 
 struct mi_root* mi_trusted_dump(struct mi_root *cmd, void *param);
+void rpc_trusted_dump(rpc_t* rpc, void* c);
 
 struct mi_root* mi_address_reload(struct mi_root *cmd, void *param);
+void rpc_address_reload(rpc_t* rpc, void* c);
 
 struct mi_root* mi_address_dump(struct mi_root *cmd, void *param);
+void rpc_address_dump(rpc_t* rpc, void* c);
 
 struct mi_root* mi_subnet_dump(struct mi_root *cmd_tree, void *param);
+void rpc_subnet_dump(rpc_t* rpc, void* c);
 
 struct mi_root* mi_allow_uri(struct mi_root *cmd, void *param);
+void rpc_test_uri(rpc_t* rpc, void* c);
 
 #endif

modules_k/permissions/permissions.c

@@ -42,6 +42,8 @@
 #include "../../globals.h"
 #include "../../mod_fix.h"
 #include "../../ut.h"
+#include "../../rpc.h"
+#include "../../rpc_lookup.h"
 
 MODULE_VERSION
 
@@ -116,6 +118,8 @@ static void mod_exit(void);
 static int child_init(int rank);
 static int mi_trusted_child_init();
 static int mi_addr_child_init();
+static int permissions_init_rpc(void);
+
 
 
 /* Exported functions */
@@ -451,7 +455,7 @@ static int load_fixup(void** param, int param_no)
 		if (table[rules_num].rules) {
 			LM_DBG("file (%s) parsed\n", pathname);
 		} else {
-			LM_INFO("file (%s) not found => empty rule set\n", pathname);
+			LM_INFO("file (%s) not parsed properly => empty rule set\n", pathname);
 		}
 		*param = (void*)(long)rules_num;
 		if (param_no == 2) rules_num++;
@@ -588,6 +592,12 @@ static int mod_init(void)
 		return -1;
 	}
 
+	if(permissions_init_rpc()!=0)
+	{
+		LM_ERR("failed to register RPC commands\n");
+		return -1;
+	}
+
 	if (db_url.s)
 		db_url.len = strlen(db_url.s);
 	trusted_table.len = strlen(trusted_table.s);
@@ -973,3 +983,53 @@ static int fixup_allow_address(void** param, int param_no)
 		return fixup_igp_null(param, 1);
 	return 0;
 }
+
+static const char* rpc_trusted_reload_doc[2] = {
+	"Reload permissions trusted table",
+	0
+};
+
+static const char* rpc_address_reload_doc[2] = {
+	"Reload permissions address table",
+	0
+};
+
+static const char* rpc_trusted_dump_doc[2] = {
+	"Dump permissions trusted table",
+	0
+};
+
+static const char* rpc_address_dump_doc[2] = {
+	"Dump permissions address table",
+	0
+};
+
+static const char* rpc_subnet_dump_doc[2] = {
+	"Dump permissions subnet table",
+	0
+};
+
+static const char* rpc_test_uri_doc[2] = {
+	"Tests if (URI, Contact) pair is allowed according to allow/deny files",
+	0
+};
+
+rpc_export_t permissions_rpc[] = {
+	{"permissions.trustedReload", rpc_trusted_reload, rpc_trusted_reload_doc, 0},
+	{"permissions.addressReload", rpc_address_reload, rpc_address_reload_doc, 0},
+	{"permissions.trustedDump", rpc_trusted_dump, rpc_trusted_dump_doc, 0},
+	{"permissions.addressDump", rpc_address_dump, rpc_address_dump_doc, 0},
+	{"permissions.subnetDump", rpc_subnet_dump, rpc_subnet_dump_doc, 0},
+	{"permissions.testUri", rpc_test_uri, rpc_test_uri_doc, 0},
+	{0, 0, 0, 0}
+};
+
+static int permissions_init_rpc(void)
+{
+	if (rpc_register_array(permissions_rpc)!=0)
+	{
+		LM_ERR("failed to register RPC commands\n");
+		return -1;
+	}
+	return 0;
+}

modules_k/permissions/trusted.c

@@ -104,12 +104,15 @@ int reload_trusted_table(void)
 	for (i = 0; i < RES_ROW_N(res); i++) {
 	    val = ROW_VALUES(row + i);
 	    if ((ROW_N(row + i) == 4) &&
-		(VAL_TYPE(val) == DB1_STRING) && !VAL_NULL(val) &&
-		(VAL_TYPE(val + 1) == DB1_STRING) && !VAL_NULL(val + 1) &&
+		((VAL_TYPE(val) == DB1_STRING) || (VAL_TYPE(val) == DB1_STR) ) && 
+		!VAL_NULL(val) &&
+		((VAL_TYPE(val + 1) == DB1_STRING) || (VAL_TYPE(val + 1) == DB1_STR))
+		&& !VAL_NULL(val + 1) &&
 		(VAL_NULL(val + 2) ||
-		 ((VAL_TYPE(val + 2) == DB1_STRING) && !VAL_NULL(val + 2))) &&
-		(VAL_NULL(val + 3) ||
-		 ((VAL_TYPE(val + 3) == DB1_STRING) && !VAL_NULL(val + 3)))) {
+		 (((VAL_TYPE(val + 2) == DB1_STRING) || (VAL_TYPE(val + 2) == DB1_STR)) &&
+		!VAL_NULL(val + 2))) && (VAL_NULL(val + 3) ||
+		 (((VAL_TYPE(val + 3) == DB1_STRING) || (VAL_TYPE(val + 3) == DB1_STR) )&& 
+		!VAL_NULL(val + 3)))) {
 		if (VAL_NULL(val + 2)) {
 		    pattern = 0;
 		} else {