ruhnet
/
kazoo-configs-kamailio
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 183 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1053 Commits
23 Branches
2.0 MiB
 
 
Tree: a44e160121
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a44e160121'
${ noResults }
kazoo-configs-kamailio/kamailio/trusted.cfg

123 lines
4.1 KiB
Raw Blame History

####### Permissions module ##########
loadmodule "permissions.so"
modparam("permissions", "db_url", "KAZOO_DB_URL")
modparam("permissions", "db_mode", KZ_PERMISSIONS_CACHE)
modparam("permissions", "peer_tag_avp", "$avp(trusted_x_header)")
modparam("rtimer", "timer", "name=trusted_reload;interval=5;mode=1;")
modparam("rtimer", "exec", "timer=trusted_reload;route=TRUSTED_RELOAD")
modparam("rtimer", "exec", "timer=trusted_reload;route=TRUSTED_QUERY")
modparam("pv", "shvset", "trusted_query=i:1")
#!trydef TRUSTED_AMQP_FLAGS 2048
route[TRUSTED_LOAD]
{
if (!t_newtran()) {
xlog("L_ERROR", "trusted|log|failed to create transaction to query for acl\n");
return;
}
$shv(trusted_query) = 0;
$var(amqp_payload_request) = $_s({"Event-Category" : "trusted" , "Event-Name" : "query"});
$var(amqp_routing_key) = "trusted.query";
xlog("L_DEBUG", "$ci|amqp|publishing to acl => $var(amqp_routing_key) : $var(amqp_payload_request)\n");
if(kazoo_async_query("trusted", $var(amqp_routing_key), $var(amqp_payload_request), "KZ_ACL_REPLY", "KZ_ACL_TIMEOUT", "$def(TRUSTED_AMQP_FLAGS)") != 1) {
xlog("L_WARNING", "$ci|log|failed to send trusted query\n");
$shv(trusted_query) = 1;
}
}
failure_route[KZ_ACL_TIMEOUT]
{
if($(kzR{kz.json,Event-Name}) == "message_returned" ) {
xlog("L_WARNING", "$ci|amqp|message was returned by broker $(kzR{kz.json,Error-Code}) $(kzR{kz.json,Error-Reason})\n");
} else {
xlog("L_WARNING", "$ci|end|failed $T_reply_code $T_reply_reason [$T(id_index):$T(id_label)] querying trusted\n");
}
$shv(trusted_query) = 1;
# this is needed because of async query that creates a transaction
t_drop();
}
onreply_route[KZ_ACL_REPLY]
{
xlog("L_DEBUG", "trusted|query|got reply\n");
avp_delete("$avp(TrustedKeys)/g");
if(kazoo_json_keys($kzR, "Trusted", "$avp(TrustedKeys)") != 1) {
xlog("L_WARNING", "trusted|reply|no keys for Trusted\n");
# this is needed because of async query that creates a transaction
t_drop();
return;
}
sql_query("exec", "delete from address");
$var(total) = 0;
$var(Count) = $cnt($avp(TrustedKeys));
$var(Idx) = 0;
while($var(Idx) < $var(Count)) {
$var(KeyName) = $(avp(TrustedKeys)[$var(Idx)]);
$var(Key) = $(var(KeyName){s.replace,.,%});
$var(token) = $(kzR{kz.json,Trusted.$var(Key).token});
$var(cidr_count) = $(kzR{kz.json.count, Trusted.$var(Key).cidrs});
$var(cidr_idx) = 0;
while($var(cidr_idx) < $var(cidr_count)) {
$var(cidr) = $(kzR{kz.json,Trusted.$var(Key).cidrs[$var(cidr_idx)]});
$var(ip) = $(var(cidr){s.select,0,/});
$var(mask) = $(var(cidr){s.select,1,/});
$var(sql) = $_s(insert into address(ip_addr, mask, tag) values("$var(ip)", $var(mask), "$var(token)"));
sql_query("exec", "$var(sql)");
$var(cidr_idx) = $var(cidr_idx) + 1;
$var(total) = $var(total) + 1;
}
$var(Idx) = $var(Idx) + 1;
}
xlog("L_NOTICE", "trusted|query|loaded $var(total) entries into address table\n");
$shv(trusted_reload) = 1;
# this is needed because of async query that creates a transaction
t_drop();
}
route[RELOAD_TRUSTED]
{
jsonrpc_exec('{"jsonrpc": "2.0", "method": "permissions.addressReload"}');
xlog("L_INFO", "trusted|reload|$(jsonrpl(body){kz.json,result})\n");
}
route[TRUSTED_RELOAD]
{
if($shv(trusted_reload) == 1) {
route(RELOAD_TRUSTED);
};
$shv(trusted_reload) = 0;
}
route[TRUSTED_QUERY]
{
if($shv(trusted_query) == 1) {
route(TRUSTED_LOAD);
};
}
route[TRUSTED_BINDINGS]
{
#!import_file "trusted-custom-bindings.cfg"
#!ifndef TRUSTED_CUSTOM_BINDINGS
$var(payload) = $_s({"name": "trusted-reload", "exchange": "trusted", "type": "topic", "queue": "trusted-reload-MY_HOSTNAME", "routing": "trusted.reload", "federate": 1 });
kazoo_subscribe("$var(payload)");
#!endif
}
event_route[kazoo:consumer-event-trusted-reload]
{
xlog("L_NOTICE", "received trusted reload\n");
$shv(trusted_query) = 1;
}