Merge branch 'master' of ssh://daniel@git.sip-router.org/sip-router
[sip-router] / route.c
1 /*
2  * $Id$
3  *
4  * SIP routing engine
5  *
6  *
7  * Copyright (C) 2001-2003 FhG Fokus
8  *
9  * This file is part of ser, a free SIP server.
10  *
11  * ser is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version
15  *
16  * For a license to use the ser software under conditions
17  * other than those described here, or to purchase support for this
18  * software, please contact iptel.org by e-mail at the following addresses:
19  *    info@iptel.org
20  *
21  * ser is distributed in the hope that it will be useful,
22  * but WITHOUT ANY WARRANTY; without even the implied warranty of
23  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24  * GNU General Public License for more details.
25  *
26  * You should have received a copy of the GNU General Public License
27  * along with this program; if not, write to the Free Software
28  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
29  *
30  * History:
31  * --------
32  *  2003-01-28  scratchpad removed, src_port introduced (jiri)
33  *  2003-02-28  scratchpad compatibility abandoned (jiri)
34  *  2003-03-10  updated to the new module exports format (andrei)
35  *  2003-03-19  replaced all mallocs/frees w/ pkg_malloc/pkg_free (andrei)
36  *  2003-04-01  added dst_port, proto, af; renamed comp_port to comp_no,
37  *               inlined all the comp_* functions (andrei)
38  *  2003-04-05  s/reply_route/failure_route, onreply_route introduced (jiri)
39  *  2003-05-23  comp_ip fixed, now it will resolve its operand and compare
40  *              the ip with all the addresses (andrei)
41  *  2003-10-10  added more operators support to comp_* (<,>,<=,>=,!=) (andrei)
42  *  2004-10-19  added from_uri & to_uri (andrei)
43  *  2005-12-12  added retcode support (anrei)
44  *  2005-12-19  select framework (mma)
45  *  2006-01-30  removed rec. protection from eval_expr (andrei)
46  *  2006-02-06  added named route tables (andrei)
47  *  2008-04-14  (expr1 != expr2) is evaluated true if at least one of
48  *              the expressions does not exist (Miklos)
49  *  2008-04-23  errors are treated as false during expression evaluation
50  *              unless the operator is DIFF_OP (Miklos)
51  *  2008-12-03  fixups for rvalues in assignments (andrei)
52  *  2009-05-04  switched IF_T to rval_expr (andrei)
53  */
54
55
56 /*!
57  * \file
58  * \brief SIP-router core :: 
59  * \ingroup core
60  * Module: \ref core
61  */
62
63 #include <stdlib.h>
64 #include <sys/types.h>
65 #include <regex.h>
66 #include <netdb.h>
67 #include <string.h>
68 #include <sys/socket.h>
69 #include <netinet/in.h>
70 #include <arpa/inet.h>
71 #include <netdb.h>
72
73 #include "route.h"
74 #include "forward.h"
75 #include "dprint.h"
76 #include "proxy.h"
77 #include "action.h"
78 #include "lvalue.h"
79 #include "rvalue.h"
80 #include "sr_module.h"
81 #include "ip_addr.h"
82 #include "resolve.h"
83 #include "socket_info.h"
84 #include "parser/parse_uri.h"
85 #include "parser/parse_from.h"
86 #include "parser/parse_to.h"
87 #include "mem/mem.h"
88 #include "select.h"
89 #include "onsend.h"
90 #include "str_hash.h"
91 #include "ut.h"
92 #include "rvalue.h"
93 #include "switch.h"
94
95 #define RT_HASH_SIZE    8 /* route names hash */
96
97 /* main routing script table  */
98 struct route_list main_rt;
99 struct route_list onreply_rt;
100 struct route_list failure_rt;
101 struct route_list branch_rt;
102 struct route_list onsend_rt;
103 struct route_list event_rt;
104
105 int route_type = REQUEST_ROUTE;
106
107 /** script optimization level, useful for debugging.
108  *  0 - no optimization
109  *  1 - optimize rval expressions
110  *  2 - optimize expr elems
111  */
112 int scr_opt_lev=9;
113
114 inline static void destroy_rlist(struct route_list* rt)
115 {
116         struct str_hash_entry* e;
117         struct str_hash_entry* tmp;
118
119         if (rt->rlist){
120                 pkg_free(rt->rlist);
121                 rt->rlist=0;
122                 rt->entries=0;
123         }
124         if (rt->names.table){
125                 clist_foreach_safe(rt->names.table, e, tmp, next){
126                         pkg_free(e);
127                 }
128                 pkg_free(rt->names.table);
129                 rt->names.table=0;
130                 rt->names.size=0;
131         }
132 }
133
134
135
136 void destroy_routes()
137 {
138         destroy_rlist(&main_rt);
139         destroy_rlist(&onreply_rt);
140         destroy_rlist(&failure_rt);
141         destroy_rlist(&branch_rt);
142         destroy_rlist(&event_rt);
143 }
144
145
146
147 /* adds route name -> i mapping
148  * WARNING: it doesn't check for pre-existing routes 
149  * return -1 on error, route index on success
150  */
151 static int route_add(struct route_list* rt, char* name, int i)
152 {
153         struct str_hash_entry* e;
154         
155         e=pkg_malloc(sizeof(struct str_hash_entry));
156         if (e==0){
157                 LOG(L_CRIT, "ERROR: route_add: out of memory\n");
158                 goto error;
159         }
160         e->key.s=name;
161         e->key.len=strlen(name);
162         e->flags=0;
163         e->u.n=i;
164         str_hash_add(&rt->names, e);
165         return 0;
166 error:
167         return -1;
168 }
169
170
171
172 /* returns -1 on error, 0 on success */
173 inline  static int init_rlist(char* r_name, struct route_list* rt,
174                                                                 int n_entries, int hash_size)
175 {
176                 rt->rlist=pkg_malloc(sizeof(struct action*)*n_entries);
177                 if (rt->rlist==0){ 
178                         LOG(L_CRIT, "ERROR: failed to allocate \"%s\" route tables: " 
179                                         "out of memory\n", r_name); 
180                         goto error; 
181                 }
182                 memset(rt->rlist, 0 , sizeof(struct action*)*n_entries);
183                 rt->idx=1; /* idx=0 == default == reserved */
184                 rt->entries=n_entries;
185                 if (str_hash_alloc(&rt->names, hash_size)<0){
186                         LOG(L_CRIT, "ERROR: \"%s\" route table: failed to alloc hash\n",
187                                         r_name);
188                         goto error;
189                 }
190                 str_hash_init(&rt->names);
191                 route_add(rt, "0", 0);  /* default route */
192                 
193                 return 0;
194 error:
195                 return -1;
196 }
197
198
199
200 /* init route tables */
201 int init_routes()
202 {
203         if (init_rlist("main", &main_rt, RT_NO, RT_HASH_SIZE)<0)
204                 goto error;
205         if (init_rlist("on_reply", &onreply_rt, ONREPLY_RT_NO, RT_HASH_SIZE)<0)
206                 goto error;
207         if (init_rlist("failure", &failure_rt, FAILURE_RT_NO, RT_HASH_SIZE)<0)
208                 goto error;
209         if (init_rlist("branch", &branch_rt, BRANCH_RT_NO, RT_HASH_SIZE)<0)
210                 goto error;
211         if (init_rlist("on_send", &onsend_rt, ONSEND_RT_NO, RT_HASH_SIZE)<0)
212                 goto error;
213         if (init_rlist("event", &event_rt, EVENT_RT_NO, RT_HASH_SIZE)<0)
214                 goto error;
215         return 0;
216 error:
217         destroy_routes();
218         return -1;
219 }
220
221
222
223 static inline int route_new_list(struct route_list* rt)
224 {
225         int ret;
226         struct action** tmp;
227         
228         ret=-1;
229         if (rt->idx >= rt->entries){
230                 tmp=pkg_realloc(rt->rlist, 2*rt->entries*sizeof(struct action*));
231                 if (tmp==0){
232                         LOG(L_CRIT, "ERROR: route_new_list: out of memory\n");
233                         goto end;
234                 }
235                 /* init the newly allocated memory chunk */
236                 memset(&tmp[rt->entries], 0, rt->entries*sizeof(struct action*));
237                 rt->rlist=tmp;
238                 rt->entries*=2;
239         }
240         if (rt->idx<rt->entries){
241                 ret=rt->idx;
242                 rt->idx++;
243         }
244 end:
245         return ret;
246 }
247
248
249
250
251 /* 
252  * if the "name" route already exists, return its index, else
253  * create a new empty route
254  * return route index in rt->rlist or -1 on error
255  */
256 int route_get(struct route_list* rt, char* name)
257 {
258         int len;
259         struct str_hash_entry* e;
260         int i;
261         
262         len=strlen(name);
263         /* check if exists an non empty*/
264         e=str_hash_get(&rt->names, name, len);
265         if (e){
266                 i=e->u.n;
267         }else{
268                 i=route_new_list(rt);
269                 if (i==-1) goto error;
270                 if (route_add(rt, name, i)<0){
271                         goto error;
272                 }
273         }
274         return i;
275 error:
276         return -1;
277 }
278
279
280
281 /* 
282  * if the "name" route already exists, return its index, else
283  * return error
284  * return route index in rt->rlist or -1 on error
285  */
286 int route_lookup(struct route_list* rt, char* name)
287 {
288         int len;
289         struct str_hash_entry* e;
290         
291         len=strlen(name);
292         /* check if exists an non empty*/
293         e=str_hash_get(&rt->names, name, len);
294         if (e){
295                 return e->u.n;
296         }else{
297                 return -1;
298         }
299 }
300
301
302
303 int fix_actions(struct action* a); /*fwd declaration*/
304
305
306 /** optimize the left side of a struct expr.
307  *  @return 1 if optimized, 0 if not and -1 on error
308  */
309 static int exp_optimize_left(struct expr* exp)
310 {
311         struct rval_expr* rve;
312         struct rvalue* rval;
313         int old_ltype, old_rtype, old_op;
314         int ret;
315         
316         ret=0;
317         if (exp->type!=ELEM_T)
318                 return 0;
319         old_ltype=exp->l_type;
320         old_rtype=exp->r_type;
321         old_op=exp->op;
322         if (exp->l_type==RVEXP_O){
323                 rve=exp->l.param;
324                 /* rve should be previously fixed/optimized */
325                 /* optimize exp (rval(val)) -> exp(val) */
326                 if (rve->op==RVE_RVAL_OP){
327                         rval=&rve->left.rval;
328                         switch(rval->type){
329                                 case RV_INT:
330                                         if (exp->op==NO_OP){
331                                                 exp->l_type=NUMBER_O;
332                                                 exp->l.param=0;
333                                                 exp->r_type=NUMBER_ST;
334                                                 exp->r.numval=rval->v.l;
335                                                 rval_destroy(rval);
336                                                 pkg_free(rve);
337                                                 ret=1;
338                                         }
339                                         break;
340                                 case RV_STR:
341                                         /* string evaluated in expression context - not
342                                            supported */
343                                         break;
344                                 case RV_BEXPR:
345                                         if (exp->op==NO_OP){
346                                                 /* replace the current expr. */
347                                                 *exp=*(rval->v.bexpr);
348                                                 rval_destroy(rval);
349                                                 pkg_free(rve);
350                                                 ret=1;
351                                         };
352                                         break;
353                                 case RV_ACTION_ST:
354                                         if (exp->op==NO_OP){
355                                                 exp->l_type=ACTION_O;
356                                                 exp->l.param=0;
357                                                 exp->r_type=ACTION_ST;
358                                                 exp->r.param=rval->v.action;
359                                                 rval_destroy(rval);
360                                                 pkg_free(rve);
361                                                 ret=1;
362                                         }
363                                         break;
364                                 case RV_SEL:
365                                         exp->l.select=pkg_malloc(sizeof(*exp->l.select));
366                                         if (exp->l.select){
367                                                 exp->l_type=SELECT_O;
368                                                 *exp->l.select=rval->v.sel;
369                                                 rval_destroy(rval);
370                                                 pkg_free(rve);
371                                                 ret=1;
372                                         }else
373                                                 ret=-1;
374                                         break;
375                                 case RV_AVP:
376                                         exp->l.attr=pkg_malloc(sizeof(*exp->l.attr));
377                                         if (exp->l.attr){
378                                                 exp->l_type=AVP_O;
379                                                 *exp->l.attr=rval->v.avps;
380                                                 rval_destroy(rval);
381                                                 pkg_free(rve);
382                                                 ret=1;
383                                         }else
384                                                 ret=-1;
385                                         break;
386                                 case RV_PVAR:
387                                         exp->l.param=pkg_malloc(sizeof(pv_spec_t));
388                                         if (exp->l.param){
389                                                 exp->l_type=PVAR_O;
390                                                 *((pv_spec_t*)exp->l.param)=rval->v.pvs;
391                                                 rval_destroy(rval);
392                                                 pkg_free(rve);
393                                                 ret=1;
394                                         }else
395                                                 ret=-1;
396                                         break;
397                                 case RV_NONE:
398                                         break;
399                         }
400                 }
401         }
402         if (ret>0)
403                 DBG("left EXP optimized: op%d(_O%d_, ST%d) => op%d(_O%d_, ST%d)\n",
404                         old_op, old_ltype, old_rtype, exp->op, exp->l_type, exp->r_type);
405         return ret;
406 }
407
408
409
410 /** optimize the left side of a struct expr.
411  *  @return 1 if optimized, 0 if not and -1 on error
412  */
413 static int exp_optimize_right(struct expr* exp)
414 {
415         struct rval_expr* rve;
416         struct rvalue* rval;
417         int old_ltype, old_rtype, old_op;
418         int ret;
419         
420         ret=0;
421         if ((exp->type!=ELEM_T) ||(exp->op==NO_OP))
422                 return 0;
423         old_ltype=exp->l_type;
424         old_rtype=exp->r_type;
425         old_op=exp->op;
426         if (exp->r_type==RVE_ST){
427                 rve=exp->r.param;
428                 /* rve should be previously fixed/optimized */
429                 /* optimize exp (rval(val)) -> exp(val) */
430                 if (rve->op==RVE_RVAL_OP){
431                         rval=&rve->left.rval;
432                         switch(rval->type){
433                                 case RV_INT:
434                                         exp->r_type=NUMBER_ST;
435                                         exp->r.numval=rval->v.l;
436                                         rval_destroy(rval);
437                                         pkg_free(rve);
438                                         ret=1;
439                                         break;
440                                 case RV_STR:
441                                         exp->r.str.s=pkg_malloc(rval->v.s.len+1);
442                                         if (exp->r.str.s){
443                                                 exp->r.str.len=rval->v.s.len;
444                                                 memcpy(exp->r.str.s, rval->v.s.s, rval->v.s.len);
445                                                 exp->r.str.s[exp->r.str.len]=0;
446                                                 exp->r_type=STRING_ST;
447                                                 rval_destroy(rval);
448                                                 pkg_free(rve);
449                                                 ret=1;
450                                         }else
451                                                 ret=-1;
452                                         break;
453                                 case RV_BEXPR:
454                                         /* cannot be optimized further, is an exp_elem
455                                            which is not constant */
456                                         break;
457                                 case RV_ACTION_ST:
458                                         /* cannot be optimized further, is not constant and
459                                           eval_elem() does not support ACTION_ST for op!=NO_OP*/
460                                         break;
461                                 case RV_SEL:
462                                         exp->r.select=pkg_malloc(sizeof(*exp->l.select));
463                                         if (exp->r.select){
464                                                 exp->r_type=SELECT_ST;
465                                                 *exp->r.select=rval->v.sel;
466                                                 rval_destroy(rval);
467                                                 pkg_free(rve);
468                                                 ret=1;
469                                         }else
470                                                 ret=-1;
471                                         break;
472                                 case RV_AVP:
473                                         exp->r.attr=pkg_malloc(sizeof(*exp->l.attr));
474                                         if (exp->r.attr){
475                                                 exp->r_type=AVP_ST;
476                                                 *exp->r.attr=rval->v.avps;
477                                                 rval_destroy(rval);
478                                                 pkg_free(rve);
479                                                 ret=1;
480                                         }else
481                                                 ret=-1;
482                                         break;
483                                 case RV_PVAR:
484                                         exp->r.param=pkg_malloc(sizeof(pv_spec_t));
485                                         if (exp->r.param){
486                                                 exp->r_type=PVAR_ST;
487                                                 *((pv_spec_t*)exp->r.param)=rval->v.pvs;
488                                                 rval_destroy(rval);
489                                                 pkg_free(rve);
490                                                 ret=1;
491                                         }else
492                                                 ret=-1;
493                                         break;
494                                 case RV_NONE:
495                                         ret=-1;
496                                         break;
497                         }
498                 }
499         }
500         if (ret>0)
501                 DBG("right EXP optimized: op%d(O%d, _ST%d_) => op%d(O%d, _ST%d_)\n",
502                         old_op, old_ltype, old_rtype, exp->op, exp->l_type, exp->r_type);
503         return ret;
504 }
505
506
507
508 /* traverses an expr tree and compiles the REs where necessary)
509  * returns: 0 for ok, <0 if errors */
510 int fix_expr(struct expr* exp)
511 {
512         regex_t* re;
513         int ret;
514         int len;
515
516         ret=E_BUG;
517         if (exp==0){
518                 LOG(L_CRIT, "BUG: fix_expr: null pointer\n");
519                 return E_BUG;
520         }
521         if (exp->type==EXP_T){
522                 switch(exp->op){
523                         case LOGAND_OP:
524                         case LOGOR_OP:
525                                                 if ((ret=fix_expr(exp->l.expr))!=0)
526                                                         return ret;
527                                                 ret=fix_expr(exp->r.expr);
528                                                 break;
529                         case NOT_OP:
530                                                 ret=fix_expr(exp->l.expr);
531                                                 break;
532                         default:
533                                                 LOG(L_CRIT, "BUG: fix_expr: unknown op %d\n",
534                                                                 exp->op);
535                 }
536         }else if (exp->type==ELEM_T){
537                         /* first calculate lengths of strings  (only right side, since 
538                           left side can never be a string) */
539                         if (exp->r_type==STRING_ST) {
540                                 if (exp->r.string) len = strlen(exp->r.string);
541                                 else len = 0;
542                                 exp->r.str.s = exp->r.string;
543                                 exp->r.str.len = len;
544                         }
545                         /* then fix & optimize rve/rvals (they might be optimized
546                            to non-rvals, e.g. string, avp a.s.o and needs to be done
547                            before MATCH_OP and other fixups) */
548                         if (exp->l_type==RVEXP_O){
549                                 if ((ret=fix_rval_expr(&exp->l.param))<0){
550                                         ERR("Unable to fix left rval expression\n");
551                                         return ret;
552                                 }
553                                 if (scr_opt_lev>=2)
554                                         exp_optimize_left(exp);
555                         }
556                         if (exp->r_type==RVE_ST){
557                                 if ((ret=fix_rval_expr(&exp->r.param))<0){
558                                         ERR("Unable to fix right rval expression\n");
559                                         return ret;
560                                 }
561                                 if (scr_opt_lev>=2)
562                                         exp_optimize_right(exp);
563                         }
564                         
565                         
566                         if (exp->op==MATCH_OP){
567                                      /* right side either has to be string, in which case
568                                       * we turn it into regular expression, or it is regular
569                                       * expression already. In that case we do nothing
570                                       */
571                                 if (exp->r_type==STRING_ST){
572                                         re=(regex_t*)pkg_malloc(sizeof(regex_t));
573                                         if (re==0){
574                                                 LOG(L_CRIT, "ERROR: fix_expr: memory allocation"
575                                                                 " failure\n");
576                                                 return E_OUT_OF_MEM;
577                                         }
578                                         if (regcomp(re, (char*) exp->r.param,
579                                                                 REG_EXTENDED|REG_NOSUB|REG_ICASE) ){
580                                                 LOG(L_CRIT, "ERROR: fix_expr : bad re \"%s\"\n",
581                                                                         (char*) exp->r.param);
582                                                 pkg_free(re);
583                                                 return E_BAD_RE;
584                                         }
585                                         /* replace the string with the re */
586                                         pkg_free(exp->r.param);
587                                         exp->r.re=re;
588                                         exp->r_type=RE_ST;
589                                 }else if (exp->r_type!=RE_ST && exp->r_type != AVP_ST
590                                                 && exp->r_type != SELECT_ST && exp->r_type!= RVE_ST
591                                                 && exp->r_type != PVAR_ST){
592                                         LOG(L_CRIT, "BUG: fix_expr : invalid type for match\n");
593                                         return E_BUG;
594                                 }
595                         }
596                         if (exp->l_type==ACTION_O){
597                                 ret=fix_actions((struct action*)exp->r.param);
598                                 if (ret!=0){
599                                         LOG(L_CRIT, "ERROR: fix_expr : fix_actions error\n");
600                                         return ret;
601                                 }
602                         }
603                         if (exp->l_type==SELECT_O) {
604                                 if ((ret=resolve_select(exp->l.select)) < 0) {
605                                         BUG("Unable to resolve select\n");
606                                         print_select(exp->l.select);
607                                         return ret;
608                                 }
609                         }
610                         if ((exp->r_type==SELECT_O)||(exp->r_type==SELECT_ST)) {
611                                 if ((ret=resolve_select(exp->r.select)) < 0) {
612                                         BUG("Unable to resolve select\n");
613                                         print_select(exp->l.select);
614                                         return ret;
615                                 }
616                         }
617                         /* PVAR don't need fixing */
618                         ret=0;
619         }
620         return ret;
621 }
622
623
624
625 /* adds the proxies in the proxy list & resolves the hostnames */
626 /* returns 0 if ok, <0 on error */
627 int fix_actions(struct action* a)
628 {
629         struct action *t;
630         struct proxy_l* p;
631         char *tmp;
632         int ret;
633         int i;
634         union cmd_export_u* cmd;
635         str s;
636         struct hostent* he;
637         struct ip_addr ip;
638         struct socket_info* si;
639         struct lvalue* lval;
640         struct rval_expr* rve;
641         struct rval_expr* err_rve;
642         enum rval_type rve_type, err_type, expected_type;
643
644         
645         char buf[30]; /* tmp buffer needed for module param fixups */
646
647         if (a==0){
648                 LOG(L_CRIT,"BUG: fix_actions: null pointer\n");
649                 return E_BUG;
650         }
651         for(t=a; t!=0; t=t->next){
652                 switch(t->type){
653                         case FORWARD_T:
654                         case FORWARD_TLS_T:
655                         case FORWARD_TCP_T:
656                         case FORWARD_SCTP_T:
657                         case FORWARD_UDP_T:
658                         case SEND_T:
659                         case SEND_TCP_T:
660                                         switch(t->val[0].type){
661                                                 case IP_ST:
662                                                         tmp=strdup(ip_addr2a(
663                                                                                 (struct ip_addr*)t->val[0].u.data));
664                                                         if (tmp==0){
665                                                                 LOG(L_CRIT, "ERROR: fix_actions:"
666                                                                                 "memory allocation failure\n");
667                                                                 return E_OUT_OF_MEM;
668                                                         }
669                                                         t->val[0].type=STRING_ST;
670                                                         t->val[0].u.string=tmp;
671                                                         /* no break */
672                                                 case STRING_ST:
673                                                         s.s = t->val[0].u.string;
674                                                         s.len = strlen(s.s);
675                                                         p=add_proxy(&s, t->val[1].u.number, 0); /* FIXME proto*/
676                                                         if (p==0) return E_BAD_ADDRESS;
677                                                         t->val[0].u.data=p;
678                                                         t->val[0].type=PROXY_ST;
679                                                         break;
680                                                 case URIHOST_ST:
681                                                         break;
682                                                 default:
683                                                         LOG(L_CRIT, "BUG: fix_actions: invalid type"
684                                                                         "%d (should be string or number)\n",
685                                                                                 t->type);
686                                                         return E_BUG;
687                                         }
688                                         break;
689                         case IF_T:
690                                 if (t->val[0].type!=RVE_ST){
691                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
692                                                                 "%d for if (should be rval expr)\n",
693                                                                 t->val[0].type);
694                                         return E_BUG;
695                                 }else if( (t->val[1].type!=ACTIONS_ST) &&
696                                                         (t->val[1].type!=NOSUBTYPE) ){
697                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
698                                                                 "%d for if() {...} (should be action)\n",
699                                                                 t->val[1].type);
700                                         return E_BUG;
701                                 }else if( (t->val[2].type!=ACTIONS_ST) &&
702                                                         (t->val[2].type!=NOSUBTYPE) ){
703                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
704                                                                 "%d for if() {} else{...}(should be action)\n",
705                                                                 t->val[2].type);
706                                         return E_BUG;
707                                 }
708                                 rve=(struct rval_expr*)t->val[0].u.data;
709                                 if (rve){
710                                         err_rve=0;
711                                         if (!rve_check_type(&rve_type, rve, &err_rve,
712                                                                                         &err_type, &expected_type)){
713                                                 if (err_rve)
714                                                         LOG(L_ERR, "fix_actions: invalid expression "
715                                                                         "(%d,%d): subexpression (%d,%d) has type"
716                                                                         " %s,  but %s is expected\n",
717                                                                         rve->fpos.s_line, rve->fpos.s_col,
718                                                                         err_rve->fpos.s_line, err_rve->fpos.s_col,
719                                                                         rval_type_name(err_type),
720                                                                         rval_type_name(expected_type) );
721                                                 else
722                                                         LOG(L_ERR, "fix_actions: invalid expression "
723                                                                         "(%d,%d): type mismatch?",
724                                                                         rve->fpos.s_line, rve->fpos.s_col);
725                                                 return E_UNSPEC;
726                                         }
727                                         /* it's not an error anymore to have non-int in an if,
728                                            only a script warning (to allow backward compat. stuff
729                                            like if (@ruri) 
730                                         if (rve_type!=RV_INT && rve_type!=RV_NONE){
731                                                 LOG(L_ERR, "fix_actions: invalid expression (%d,%d):"
732                                                                 " bad type, integer expected\n",
733                                                                 rve->fpos.s_line, rve->fpos.s_col);
734                                                 return E_UNSPEC;
735                                         }
736                                         */
737                                         if ((ret=fix_rval_expr((void**)&rve))<0)
738                                                 return ret;
739                                 }
740                                 if ( (t->val[1].type==ACTIONS_ST)&&(t->val[1].u.data) ){
741                                         if ((ret=fix_actions((struct action*)t->val[1].u.data))<0)
742                                                 return ret;
743                                 }
744                                 if ( (t->val[2].type==ACTIONS_ST)&&(t->val[2].u.data) ){
745                                                 if ((ret=fix_actions((struct action*)t->val[2].u.data))
746                                                                 <0)
747                                                 return ret;
748                                 }
749                                 break;
750                         case SWITCH_T:
751                                 if (t->val[0].type!=RVE_ST){
752                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
753                                                                 "%d for switch() (should be expr)\n",
754                                                                 t->val[0].type);
755                                         return E_BUG;
756                                 }else if (t->val[1].type!=CASE_ST){
757                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
758                                                                 "%d for switch(...){...}(should be case)\n",
759                                                                 t->val[1].type);
760                                         return E_BUG;
761                                 }
762                                 if (t->val[0].u.data){
763                                         if ((ret=fix_rval_expr(&t->val[0].u.data))<0)
764                                                 return ret;
765                                 }else{
766                                         LOG(L_CRIT, "BUG: fix_actions: null switch()"
767                                                         " expression\n");
768                                         return E_BUG;
769                                 }
770                                 if ((ret=fix_switch(t))<0)
771                                         return ret;
772                                 break;
773                         case WHILE_T:
774                                 if (t->val[0].type!=RVE_ST){
775                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
776                                                                 "%d for while() (should be expr)\n",
777                                                                 t->val[0].type);
778                                         return E_BUG;
779                                 }else if (t->val[1].type!=ACTIONS_ST){
780                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
781                                                                 "%d for while(...){...}(should be action)\n",
782                                                                 t->val[1].type);
783                                         return E_BUG;
784                                 }
785                                 rve=(struct rval_expr*)t->val[0].u.data;
786                                 if (rve){
787                                         err_rve=0;
788                                         if (!rve_check_type(&rve_type, rve, &err_rve,
789                                                                                         &err_type, &expected_type)){
790                                                 if (err_rve)
791                                                         LOG(L_ERR, "fix_actions: invalid expression "
792                                                                         "(%d,%d): subexpression (%d,%d) has type"
793                                                                         " %s,  but %s is expected\n",
794                                                                         rve->fpos.s_line, rve->fpos.s_col,
795                                                                         err_rve->fpos.s_line, err_rve->fpos.s_col,
796                                                                         rval_type_name(err_type),
797                                                                         rval_type_name(expected_type) );
798                                                 else
799                                                         LOG(L_ERR, "fix_actions: invalid expression "
800                                                                         "(%d,%d): type mismatch?",
801                                                                         rve->fpos.s_line, rve->fpos.s_col);
802                                                 return E_UNSPEC;
803                                         }
804                                         if (rve_type!=RV_INT && rve_type!=RV_NONE){
805                                                 LOG(L_ERR, "fix_actions: invalid expression (%d,%d):"
806                                                                 " bad type, integer expected\n",
807                                                                 rve->fpos.s_line, rve->fpos.s_col);
808                                                 return E_UNSPEC;
809                                         }
810                                         if ((ret=fix_rval_expr((void**)&rve))<0)
811                                                 return ret;
812                                 }else{
813                                         LOG(L_CRIT, "BUG: fix_actions: null while()"
814                                                         " expression\n");
815                                         return E_BUG;
816                                 }
817                                 if ( t->val[1].u.data && 
818                                         ((ret= fix_actions((struct action*)t->val[1].u.data))<0)){
819                                         return ret;
820                                 }
821                                 break;
822                         case DROP_T:
823                                 /* only RVEs need fixing for drop/return/break */
824                                 if (t->val[0].type!=RVE_ST)
825                                         break;
826                                 rve=(struct rval_expr*)t->val[0].u.data;
827                                 if (rve){
828                                         err_rve=0;
829                                         if (!rve_check_type(&rve_type, rve, &err_rve,
830                                                                                         &err_type, &expected_type)){
831                                                 if (err_rve)
832                                                         LOG(L_ERR, "fix_actions: invalid expression "
833                                                                         "(%d,%d): subexpression (%d,%d) has type"
834                                                                         " %s,  but %s is expected\n",
835                                                                         rve->fpos.s_line, rve->fpos.s_col,
836                                                                         err_rve->fpos.s_line, err_rve->fpos.s_col,
837                                                                         rval_type_name(err_type),
838                                                                         rval_type_name(expected_type) );
839                                                 else
840                                                         LOG(L_ERR, "fix_actions: invalid expression "
841                                                                         "(%d,%d): type mismatch?",
842                                                                         rve->fpos.s_line, rve->fpos.s_col);
843                                                 return E_UNSPEC;
844                                         }
845                                         if (rve_type!=RV_INT && rve_type!=RV_NONE){
846                                                 LOG(L_ERR, "fix_actions: invalid expression (%d,%d):"
847                                                                 " bad type, integer expected\n",
848                                                                 rve->fpos.s_line, rve->fpos.s_col);
849                                                 return E_UNSPEC;
850                                         }
851                                         if ((ret=fix_rval_expr((void**)&rve))<0)
852                                                 return ret;
853                                 }else{
854                                         LOG(L_CRIT, "BUG: fix_actions: null drop/return"
855                                                         " expression\n");
856                                         return E_BUG;
857                                 }
858                                 break;
859                         case ASSIGN_T:
860                         case ADD_T:
861                                 if (t->val[0].type !=LVAL_ST) {
862                                         LOG(L_CRIT, "BUG: fix_actions: Invalid left side of"
863                                                                 " assignment\n");
864                                         return E_BUG;
865                                 }
866                                 if (t->val[1].type !=RVE_ST) {
867                                         LOG(L_CRIT, "BUG: fix_actions: Invalid right side of"
868                                                                 " assignment (%d)\n", t->val[1].type);
869                                         return E_BUG;
870                                 }
871                                 lval=t->val[0].u.data;
872                                 if (lval->type==LV_AVP){
873                                         if (lval->lv.avps.type & AVP_CLASS_DOMAIN) {
874                                                 LOG(L_ERR, "ERROR: You cannot change domain"
875                                                                         " attributes from the script, they are"
876                                                                         " read-only\n");
877                                                 return E_BUG;
878                                         } else if (lval->lv.avps.type & AVP_CLASS_GLOBAL) {
879                                                 LOG(L_ERR, "ERROR: You cannot change global"
880                                                                    " attributes from the script, they are"
881                                                                    "read-only\n");
882                                                 return E_BUG;
883                                         }
884                                 }
885                                 if ((ret=fix_rval_expr(&t->val[1].u.data))<0)
886                                         return ret;
887                                 break;
888
889                         case MODULE_T:
890                         case MODULE3_T:
891                         case MODULE4_T:
892                         case MODULE5_T:
893                         case MODULE6_T:
894                         case MODULEX_T:
895                                 cmd = t->val[0].u.data;
896                                 if (cmd && cmd->c.fixup) {
897                                         DBG("fixing %s()\n", cmd->c.name);
898                                         if (t->val[1].u.number==0) {
899                                                 ret = cmd->c.fixup(0, 0);
900                                                 if (ret < 0)
901                                                         return ret;
902                                         }
903                                         /* type cast NUMBER to STRING, old modules may expect
904                                          * all STRING params during fixup */
905                                         for (i=0; i<t->val[1].u.number; i++) {
906                                                 if (t->val[i+2].type == NUMBER_ST) {
907                                                         snprintf(buf, sizeof(buf)-1, "%ld", 
908                                                                                 t->val[i+2].u.number);
909                                                         /* fixup currently requires string pkg_malloced*/
910                                                         t->val[i+2].u.string = pkg_malloc(strlen(buf)+1);
911                                                         if (!t->val[i+2].u.string) {
912                                                                 LOG(L_CRIT, "ERROR: cannot translate NUMBER"
913                                                                                         " to STRING\n");
914                                                                 return E_OUT_OF_MEM;
915                                                         }
916                                                         strcpy(t->val[i+2].u.string, buf);
917                                                         t->val[i+2].type = STRING_ST;
918                                                 }
919                                         }
920                                         for (i=0; i<t->val[1].u.number; i++) {
921                                                 void *p;
922                                                 p = t->val[i+2].u.data;
923                                                 ret = cmd->c.fixup(&t->val[i+2].u.data, i+1);
924                                                 if (t->val[i+2].u.data != p)
925                                                         t->val[i+2].type = MODFIXUP_ST;
926                                                 if (ret < 0)
927                                                         return ret;
928                                         }
929                                 }
930                                 break;
931                         case FORCE_SEND_SOCKET_T:
932                                 if (t->val[0].type!=SOCKID_ST){
933                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
934                                                                 "%d for force_send_socket\n",
935                                                                 t->val[0].type);
936                                         return E_BUG;
937                                 }
938                                 he=resolvehost(
939                                                 ((struct socket_id*)t->val[0].u.data)->addr_lst->name
940                                                 );
941                                 if (he==0){
942                                         LOG(L_ERR, "ERROR: fix_actions: force_send_socket:"
943                                                                 " could not resolve %s\n",
944                                                 ((struct socket_id*)t->val[0].u.data)->addr_lst->name);
945                                         return E_BAD_ADDRESS;
946                                 }
947                                 hostent2ip_addr(&ip, he, 0);
948                                 si=find_si(&ip, ((struct socket_id*)t->val[0].u.data)->port,
949                                                                 ((struct socket_id*)t->val[0].u.data)->proto);
950                                 if (si==0){
951                                         LOG(L_ERR, "ERROR: fix_actions: bad force_send_socket"
952                                                         " argument: %s:%d (ser doesn't listen on it)\n",
953                                                 ((struct socket_id*)t->val[0].u.data)->addr_lst->name,
954                                                         ((struct socket_id*)t->val[0].u.data)->port);
955                                         return E_BAD_ADDRESS;
956                                 }
957                                 t->val[0].u.data=si;
958                                 t->val[0].type=SOCKETINFO_ST;
959                                 break;
960                         case UDP_MTU_TRY_PROTO_T:
961                                 if (t->val[0].type!=NUMBER_ST){
962                                         LOG(L_CRIT, "BUG: fix_actions: invalid subtype"
963                                                                 "%d for udp_mtu_try_proto\n",
964                                                                 t->val[0].type);
965                                         return E_BUG;
966                                 }
967                                 switch(t->val[0].u.number){
968                                         case PROTO_UDP:
969                                                 t->val[0].u.number=0;
970                                                 break;
971                                         case PROTO_TCP:
972                                                 t->val[0].u.number=FL_MTU_TCP_FB;
973                                                 break;
974                                         case PROTO_TLS:
975                                                 t->val[0].u.number=FL_MTU_TLS_FB;
976                                                 break;
977                                         case PROTO_SCTP:
978                                                 t->val[0].u.number=FL_MTU_SCTP_FB;
979                                                 break;
980                                         default:
981                                                 LOG(L_CRIT, "BUG: fix actions: invalid argument for"
982                                                                         " udp_mtu_try_proto (%d)\n", 
983                                                                         (unsigned int)t->val[0].u.number);
984                                 }
985                                 break;
986                         case APPEND_BRANCH_T:
987                                 if (t->val[0].type!=STRING_ST){
988                                         BUG("invalid subtype%d for append_branch_t\n",
989                                                                 t->val[0].type);
990                                         return E_BUG;
991                                 }
992                                 s.s=t->val[0].u.string;
993                                 s.len=(s.s)?strlen(s.s):0;
994                                 t->val[0].u.str=s;
995                                 t->val[0].type=STR_ST;
996                                 break;
997                         default:
998                                 /* no fixup required for the rest */
999                                 break;
1000                 }
1001         }
1002         return 0;
1003 }
1004
1005
1006 /* Compare parameters as ordinary numbers
1007  *
1008  * Left and right operands can be either numbers or
1009  * attributes. If either of the attributes if of string type then the length of
1010  * its value will be used.
1011  */
1012 inline static int comp_num(int op, long left, int rtype, union exp_op* r,
1013                                                         struct sip_msg* msg, struct run_act_ctx* h)
1014 {
1015         int_str val;
1016         pv_value_t pval;
1017         avp_t* avp;
1018         int right;
1019
1020         if (unlikely(op==NO_OP)) return !(!left);
1021         switch(rtype){
1022                 case AVP_ST:
1023                         avp = search_avp_by_index(r->attr->type, r->attr->name,
1024                                                                                 &val, r->attr->index);
1025                         if (avp && !(avp->flags & AVP_VAL_STR)) right = val.n;
1026                         else return (op == DIFF_OP);
1027                         break;
1028                 case NUMBER_ST:
1029                         right = r->numval;
1030                         break;
1031                 case RVE_ST:
1032                         if (unlikely(rval_expr_eval_int(h, msg, &right, r->param)<0))
1033                                 return (op == DIFF_OP); /* not found/invalid */
1034                         break;
1035                 case PVAR_ST:
1036                         memset(&pval, 0, sizeof(pv_value_t));
1037                         if (unlikely(pv_get_spec_value(msg, r->param, &pval)!=0)){
1038                                 return (op == DIFF_OP); /* error, not found => false */
1039                         }
1040                         if (likely(pval.flags & (PV_TYPE_INT|PV_VAL_INT))){
1041                                 right=pval.ri;
1042                                 pv_value_destroy(&pval);
1043                         }else{
1044                                 pv_value_destroy(&pval);
1045                                 return (op == DIFF_OP); /* not found or invalid type */
1046                         }
1047                         break;
1048                 default:
1049                         LOG(L_CRIT, "BUG: comp_num: Invalid right operand (%d)\n", rtype);
1050                         return E_BUG;
1051         }
1052
1053         switch (op){
1054                 case EQUAL_OP: return (long)left == (long)right;
1055                 case DIFF_OP:  return (long)left != (long)right;
1056                 case GT_OP:    return (long)left >  (long)right;
1057                 case LT_OP:    return (long)left <  (long)right;
1058                 case GTE_OP:   return (long)left >= (long)right;
1059                 case LTE_OP:   return (long)left <= (long)right;
1060                 default:
1061                         LOG(L_CRIT, "BUG: comp_num: unknown operator: %d\n", op);
1062                         return E_BUG;
1063         }
1064         return E_BUG;
1065 }
1066
1067 /*
1068  * Compare given string "left" with right side of expression
1069  */
1070 inline static int comp_str(int op, str* left, int rtype, 
1071                                                         union exp_op* r, struct sip_msg* msg,
1072                                                         struct run_act_ctx* h)
1073 {
1074         str* right;
1075         int_str val;
1076         str v;
1077         avp_t* avp;
1078         int ret;
1079         char backup;
1080         regex_t* re;
1081         unsigned int l;
1082         struct rvalue* rv;
1083         struct rval_cache rv_cache;
1084         pv_value_t pval;
1085         int destroy_pval;
1086         
1087         right=0; /* warning fix */
1088         rv=0;
1089         destroy_pval=0;
1090         if (unlikely(op==NO_OP)) return (left->s!=0);
1091         switch(rtype){
1092                 case AVP_ST:
1093                         avp = search_avp_by_index(r->attr->type, r->attr->name,
1094                                                                                 &val, r->attr->index);
1095                         if (likely(avp && (avp->flags & AVP_VAL_STR))) right = &val.s;
1096                         else return (op == DIFF_OP);
1097                         break;
1098                 case SELECT_ST:
1099                         ret = run_select(&v, r->select, msg);
1100                         if (unlikely(ret != 0)) 
1101                                 return (op == DIFF_OP); /* Not found or error */
1102                         right = &v;
1103                         break;
1104                 case RVE_ST:
1105                         rval_cache_init(&rv_cache);
1106                         rv=rval_expr_eval(h, msg, r->param);
1107                         if (unlikely (rv==0)) 
1108                                 return (op==DIFF_OP); /* not found or error*/
1109                         if (unlikely(rval_get_tmp_str(h, msg, &v, rv, 0, &rv_cache)<0)){
1110                                 goto error;
1111                         }
1112                         right = &v;
1113                         break;
1114                 case PVAR_ST:
1115                         memset(&pval, 0, sizeof(pv_value_t));
1116                         if (unlikely(pv_get_spec_value(msg, r->param, &pval)!=0)){
1117                                 return (op == DIFF_OP); /* error, not found => false */
1118                         }
1119                         destroy_pval=1;
1120                         if (likely(pval.flags & PV_VAL_STR)){
1121                                 right=&pval.rs;
1122                         }else{
1123                                 pv_value_destroy(&pval);
1124                                 return (op == DIFF_OP); /* not found or invalid type */
1125                         }
1126                         break;
1127                 case RE_ST:
1128                         if (unlikely(op != MATCH_OP)){
1129                                 LOG(L_CRIT, "BUG: comp_str: Bad operator %d,"
1130                                                         " ~= expected\n", op);
1131                                 goto error;
1132                         }
1133                         break;
1134                 case STRING_ST:
1135                         right=&r->str;
1136                         break;
1137                 case NUMBER_ST:
1138                         /* "123" > 100 is not allowed by cfg.y rules
1139                          * but can happen as @select or $avp evaluation
1140                          * $test > 10
1141                          * the right operator MUST be number to do the conversion
1142                          */
1143                         if (str2int(left,&l) < 0)
1144                                 goto error;
1145                         return comp_num(op, l, rtype, r, msg, h);
1146                 default:
1147                         LOG(L_CRIT, "BUG: comp_str: Bad type %d, "
1148                                                 "string or RE expected\n", rtype);
1149                         goto error;
1150         }
1151
1152         ret=-1;
1153         switch(op){
1154                 case EQUAL_OP:
1155                         if (left->len != right->len) return 0;
1156                         ret=(strncasecmp(left->s, right->s, left->len)==0);
1157                         break;
1158                 case DIFF_OP:
1159                         if (left->len != right->len) return 1;
1160                         ret = (strncasecmp(left->s, right->s, left->len)!=0);
1161                         break;
1162                 case MATCH_OP:
1163                         /* this is really ugly -- we put a temporary zero-terminating
1164                          * character in the original string; that's because regexps
1165                          * take 0-terminated strings and our messages are not
1166                          * zero-terminated; it should not hurt as long as this function
1167                          * is applied to content of pkg mem, which is always the case
1168                          * with calls from route{}; the same goes for fline in 
1169                          * reply_route{};
1170                          *
1171                          * also, the received function should always give us an extra
1172                          * character, into which we can put the 0-terminator now;
1173                          * an alternative would be allocating a new piece of memory,
1174                          * which might be too slow
1175                          * -jiri
1176                          *
1177                          * janakj: AVPs are zero terminated too so this is not problem 
1178                          * either
1179                          */
1180                         backup=left->s[left->len];
1181                         left->s[left->len]='\0';
1182                         switch(rtype){
1183                                 case AVP_ST:
1184                                 case SELECT_ST:
1185                                 case RVE_ST:
1186                                 case PVAR_ST:
1187                                         /* we need to compile the RE on the fly */
1188                                         re=(regex_t*)pkg_malloc(sizeof(regex_t));
1189                                         if (re==0){
1190                                                 LOG(L_CRIT, "ERROR: comp_strstr: memory allocation"
1191                                                                          " failure\n");
1192                                                 left->s[left->len] = backup;
1193                                                 goto error;
1194                                         }
1195                                         if (regcomp(re, right->s,
1196                                                                 REG_EXTENDED|REG_NOSUB|REG_ICASE)) {
1197                                                 pkg_free(re);
1198                                                 left->s[left->len] = backup;
1199                                                 goto error;
1200                                         }
1201                                         ret=(regexec(re, left->s, 0, 0, 0)==0);
1202                                         regfree(re);
1203                                         pkg_free(re);
1204                                         break;
1205                                 case RE_ST:
1206                                         ret=(regexec(r->re, left->s, 0, 0, 0)==0);
1207                                         break;
1208                                 case STRING_ST:
1209                                 default:
1210                                         LOG(L_CRIT, "BUG: comp_str: Bad operator type %d, "
1211                                                                 "for ~= \n", rtype);
1212                                         goto error;
1213                         }
1214                         left->s[left->len] = backup;
1215                         break;
1216                 default:
1217                         LOG(L_CRIT, "BUG: comp_str: unknown op %d\n", op);
1218                         goto error;
1219         }
1220         if (rv){
1221                 rval_cache_clean(&rv_cache);
1222                 rval_destroy(rv);
1223         }
1224         if (destroy_pval)
1225                 pv_value_destroy(&pval);
1226         return ret;
1227
1228 error:
1229         if (rv){
1230                 rval_cache_clean(&rv_cache);
1231                 rval_destroy(rv);
1232         }
1233         if (destroy_pval)
1234                 pv_value_destroy(&pval);
1235         return (op == DIFF_OP) ? 1 : -1;
1236 }
1237
1238
1239 /* eval_elem helping function, returns str op param */
1240 inline static int comp_string(int op, char* left, int rtype, union exp_op* r,
1241                                                                 struct sip_msg* msg, struct run_act_ctx* h)
1242 {
1243         str s;
1244         
1245         s.s=left;
1246         s.len=strlen(left);
1247         return comp_str(op, &s, rtype, r, msg, h);
1248 }
1249
1250
1251 inline static int comp_avp(int op, avp_spec_t* spec, int rtype,
1252                                                         union exp_op* r, struct sip_msg* msg,
1253                                                         struct run_act_ctx* h)
1254 {
1255         avp_t* avp;
1256         int_str val;
1257         union exp_op num_val;
1258         str tmp;
1259         unsigned int uval;
1260
1261         if (spec->type & AVP_INDEX_ALL) {
1262                 avp = search_first_avp(spec->type & ~AVP_INDEX_ALL, spec->name,
1263                                                                 NULL, NULL);
1264                 return (avp!=0);
1265         }
1266         avp = search_avp_by_index(spec->type, spec->name, &val, spec->index);
1267         if (!avp) return (op == DIFF_OP);
1268
1269         if (op==NO_OP){
1270                 if (avp->flags & AVP_VAL_STR) {
1271                         return val.s.len!=0;
1272                 } else {
1273                         return val.n != 0;
1274                 }
1275         }
1276         if (avp->flags & AVP_VAL_STR) {
1277                 return comp_str(op, &val.s, rtype, r, msg, h);
1278         } else {
1279                 switch(rtype){
1280                         case NUMBER_ST:
1281                         case AVP_ST:
1282                         case RVE_ST:
1283                         case PVAR_ST:
1284                                 return comp_num(op, val.n, rtype, r, msg, h);
1285                                 break;
1286                         case STRING_ST:
1287                                 tmp.s=r->string;
1288                                 tmp.len=strlen(r->string);
1289                                 if (str2int(&tmp, &uval)<0){
1290                                         LOG(L_WARN, "WARNING: comp_avp: cannot convert"
1291                                                                 " string value to int (%s)\n",
1292                                                                 ZSW(r->string));
1293                                         goto error;
1294                                 }
1295                                 num_val.numval=uval;
1296                                 return comp_num(op, val.n, NUMBER_ST, &num_val, msg, h);
1297                         case STR_ST:
1298                                 if (str2int(&r->str, &uval)<0){
1299                                         LOG(L_WARN, "WARNING: comp_avp: cannot convert str value"
1300                                                                 " to int (%.*s)\n", r->str.len, ZSW(r->str.s));
1301                                         goto error;
1302                                 }
1303                                 num_val.numval=uval;
1304                                 return comp_num(op, val.n, NUMBER_ST, &num_val, msg, h);
1305                         default:
1306                                 LOG(L_CRIT, "BUG: comp_avp: invalid type for numeric avp "
1307                                                         "comparison (%d)\n", rtype);
1308                                 goto error;
1309                 }
1310         }
1311 error:
1312         return (op == DIFF_OP) ? 1 : -1;
1313 }
1314
1315 /*
1316  * Left side of expression was select
1317  */
1318 inline static int comp_select(int op, select_t* sel, int rtype,
1319                                                                 union exp_op* r, struct sip_msg* msg,
1320                                                                 struct run_act_ctx* h)
1321 {
1322         int ret;
1323         str val;
1324         char empty_str=0;
1325
1326         ret = run_select(&val, sel, msg);
1327         if (ret != 0) return (op == DIFF_OP);
1328
1329         if (op==NO_OP) return (val.len>0);
1330         if (unlikely(val.len==0)) {
1331                 /* make sure the string pointer uses accessible memory range
1332                  * the comp_str function might dereference it
1333                  */
1334                 val.s=&empty_str;
1335         }
1336         return comp_str(op, &val, rtype, r, msg, h);
1337 }
1338
1339
1340 inline static int comp_rve(int op, struct rval_expr* rve, int rtype,
1341                                                         union exp_op* r, struct sip_msg* msg,
1342                                                         struct run_act_ctx* h)
1343 {
1344         int i;
1345         struct rvalue* rv;
1346         struct rvalue* rv1;
1347         struct rval_cache c1;
1348         
1349         rval_cache_init(&c1);
1350         if (unlikely(rval_expr_eval_rvint(h,  msg, &rv, &i, rve, &c1)<0)){
1351                 ERR("failure evaluating expression: bad type\n");
1352                 i=0; /* false */
1353                 goto int_expr;
1354         }
1355         if (unlikely(rv)){
1356                 /* no int => str */
1357                 rv1=rval_convert(h, msg, RV_STR, rv, &c1);
1358                 i=comp_str(op, &rv1->v.s, rtype, r, msg, h);
1359                 rval_destroy(rv1);
1360                 rval_destroy(rv);
1361                 rval_cache_clean(&c1);
1362                 return i;
1363         }
1364         /* expr evaluated to int */
1365 int_expr:
1366         rval_cache_clean(&c1);
1367         if (op==NO_OP)
1368                 return !(!i); /* transform it into { 0, 1 } */
1369         return comp_num(op, i, rtype, r, msg, h);
1370 }
1371
1372
1373
1374 inline static int comp_pvar(int op, pv_spec_t* pvs, int rtype,
1375                                                         union exp_op* r, struct sip_msg* msg,
1376                                                         struct run_act_ctx* h)
1377 {
1378         pv_value_t pval;
1379         int ret;
1380         
1381         ret=0;
1382         memset(&pval, 0, sizeof(pv_value_t));
1383         if (unlikely(pv_get_spec_value(msg, r->param, &pval)!=0)){
1384                 return 0; /* error, not found => false */
1385         }
1386         if (likely(pval.flags & PV_TYPE_INT)){
1387                 if (op==NO_OP)
1388                         ret=!(!pval.ri);
1389                 else
1390                         ret=comp_num(op, pval.ri, rtype, r, msg, h);
1391         }else if ((pval.flags==PV_VAL_NONE) ||
1392                         (pval.flags & (PV_VAL_NULL|PV_VAL_EMPTY))){
1393                 if (op==NO_OP)
1394                         ret=0;
1395                 else
1396                         ret=comp_num(op, 0, rtype, r, msg, h);
1397         }else{
1398                 ret=pval.rs.len!=0;
1399                 if (op!=NO_OP)
1400                         ret=comp_num(op, ret, rtype, r, msg, h);
1401         }
1402         pv_value_destroy(&pval);
1403         return ret;
1404 }
1405
1406
1407
1408 /* check_self wrapper -- it checks also for the op */
1409 inline static int check_self_op(int op, str* s, unsigned short p)
1410 {
1411         int ret;
1412
1413         ret=check_self(s, p, 0);
1414         switch(op){
1415                 case EQUAL_OP:
1416                 case MATCH_OP:
1417                         break;
1418                 case DIFF_OP:
1419                         ret=(ret > 0) ? 0 : 1;
1420                         break;
1421                 default:
1422                         LOG(L_CRIT, "BUG: check_self_op: invalid operator %d\n", op);
1423                         ret=-1;
1424         }
1425         return ret;
1426 }
1427
1428
1429 /* eval_elem helping function, returns an op param */
1430 inline static int comp_ip(int op, struct ip_addr* ip, int rtype,
1431                                                         union exp_op* r, struct sip_msg* msg,
1432                                                         struct run_act_ctx *ctx )
1433 {
1434         struct hostent* he;
1435         char ** h;
1436         int ret;
1437         str tmp;
1438
1439         ret=-1;
1440         switch(rtype){
1441                 case NET_ST:
1442                         switch(op){
1443                                 case EQUAL_OP:
1444                                         ret=(matchnet(ip, r->net)==1);
1445                                         break;
1446                                 case DIFF_OP:
1447                                         ret=(matchnet(ip, r->net)!=1);
1448                                         break;
1449                                 default:
1450                                         goto error_op;
1451                         }
1452                         break;
1453                 case AVP_ST:
1454                 case STRING_ST:
1455                 case RE_ST:
1456                 case RVE_ST:
1457                 case SELECT_ST:
1458                         switch(op){
1459                                 case EQUAL_OP:
1460                                 case MATCH_OP:
1461                                         /* 1: compare with ip2str*/
1462                                         ret=comp_string(op, ip_addr2a(ip), rtype, r, msg, ctx);
1463                                         if (likely(ret==1)) break;
1464                                         /* 2: resolve (name) & compare w/ all the ips */
1465                                         if (rtype==STRING_ST){
1466                                                 he=resolvehost(r->str.s);
1467                                                 if (he==0){
1468                                                         DBG("comp_ip: could not resolve %s\n",
1469                                                             r->str.s);
1470                                                 }else if (he->h_addrtype==ip->af){
1471                                                         for(h=he->h_addr_list;(ret!=1)&& (*h); h++){
1472                                                                 ret=(memcmp(ip->u.addr, *h, ip->len)==0);
1473                                                         }
1474                                                         if (ret==1) break;
1475                                                 }
1476                                         }
1477                                         /* 3: (slow) rev dns the address
1478                                         * and compare with all the aliases
1479                                         * !!??!! review: remove this? */
1480                                         if (unlikely((received_dns & DO_REV_DNS) && 
1481                                                         ((he=rev_resolvehost(ip))!=0) )){
1482                                                 /*  compare with primary host name */
1483                                                 ret=comp_string(op, he->h_name, rtype, r, msg, ctx);
1484                                                 /* compare with all the aliases */
1485                                                 for(h=he->h_aliases; (ret!=1) && (*h); h++){
1486                                                         ret=comp_string(op, *h, rtype, r, msg, ctx);
1487                                                 }
1488                                         }else{
1489                                                 ret=0;
1490                                         }
1491                                         break;
1492                                 case DIFF_OP:
1493                                         ret=(comp_ip(EQUAL_OP, ip, rtype, r, msg, ctx) > 0) ?0:1;
1494                                         break;
1495                                 default:
1496                                         goto error_op;
1497                         }
1498                         break;
1499                 case MYSELF_ST: /* check if it's one of our addresses*/
1500                         tmp.s=ip_addr2a(ip);
1501                         tmp.len=strlen(tmp.s);
1502                         ret=check_self_op(op, &tmp, 0);
1503                         break;
1504                 default:
1505                         LOG(L_CRIT, "BUG: comp_ip: invalid type for "
1506                                                 " src_ip or dst_ip (%d)\n", rtype);
1507                         ret=-1;
1508         }
1509         return ret;
1510 error_op:
1511         LOG(L_CRIT, "BUG: comp_ip: invalid operator %d\n", op);
1512         return -1;
1513 }
1514
1515
1516
1517 /* returns: 0/1 (false/true) or -1 on error */
1518 inline static int eval_elem(struct run_act_ctx* h, struct expr* e, 
1519                                                                 struct sip_msg* msg)
1520 {
1521         struct sip_uri uri;
1522         int ret;
1523         struct onsend_info* snd_inf;
1524         struct ip_addr ip;
1525         ret=E_BUG;
1526
1527         if (e->type!=ELEM_T){
1528                 LOG(L_CRIT," BUG: eval_elem: invalid type\n");
1529                 goto error;
1530         }
1531         switch(e->l_type){
1532         case METHOD_O:
1533                 ret=comp_str(e->op, &msg->first_line.u.request.method,
1534                                                 e->r_type, &e->r, msg, h);
1535                 break;
1536         case URI_O:
1537                 if(msg->new_uri.s) {
1538                         if (e->r_type==MYSELF_ST){
1539                                 if (parse_sip_msg_uri(msg)<0) ret=-1;
1540                                 else ret=check_self_op(e->op, &msg->parsed_uri.host,
1541                                                        msg->parsed_uri.port_no?
1542                                                        msg->parsed_uri.port_no:SIP_PORT);
1543                         }else{
1544                                 ret=comp_str(e->op, &msg->new_uri,
1545                                                                 e->r_type, &e->r, msg, h);
1546                         }
1547                 }else{
1548                         if (e->r_type==MYSELF_ST){
1549                                 if (parse_sip_msg_uri(msg)<0) ret=-1;
1550                                 else ret=check_self_op(e->op, &msg->parsed_uri.host,
1551                                                        msg->parsed_uri.port_no?
1552                                                        msg->parsed_uri.port_no:SIP_PORT);
1553                         }else{
1554                                 ret=comp_str(e->op, &msg->first_line.u.request.uri,
1555                                                                 e->r_type, &e->r, msg, h);
1556                         }
1557                 }
1558                 break;
1559
1560         case FROM_URI_O:
1561                 if (parse_from_header(msg)!=0){
1562                         LOG(L_ERR, "ERROR: eval_elem: bad or missing"
1563                             " From: header\n");
1564                         goto error;
1565                 }
1566                 if (e->r_type==MYSELF_ST){
1567                         if (parse_uri(get_from(msg)->uri.s, get_from(msg)->uri.len,
1568                                       &uri) < 0){
1569                                 LOG(L_ERR, "ERROR: eval_elem: bad uri in From:\n");
1570                                 goto error;
1571                         }
1572                         ret=check_self_op(e->op, &uri.host,
1573                                           uri.port_no?uri.port_no:SIP_PORT);
1574                 }else{
1575                         ret=comp_str(e->op, &get_from(msg)->uri,
1576                                                         e->r_type, &e->r, msg, h);
1577                 }
1578                 break;
1579
1580         case TO_URI_O:
1581                 if ((msg->to==0) && ((parse_headers(msg, HDR_TO_F, 0)==-1) ||
1582                                      (msg->to==0))){
1583                         LOG(L_ERR, "ERROR: eval_elem: bad or missing"
1584                             " To: header\n");
1585                         goto error;
1586                 }
1587                      /* to content is parsed automatically */
1588                 if (e->r_type==MYSELF_ST){
1589                         if (parse_uri(get_to(msg)->uri.s, get_to(msg)->uri.len,
1590                                       &uri) < 0){
1591                                 LOG(L_ERR, "ERROR: eval_elem: bad uri in To:\n");
1592                                 goto error;
1593                         }
1594                         ret=check_self_op(e->op, &uri.host,
1595                                           uri.port_no?uri.port_no:SIP_PORT);
1596                 }else{
1597                         ret=comp_str(e->op, &get_to(msg)->uri,
1598                                                         e->r_type, &e->r, msg, h);
1599                 }
1600                 break;
1601
1602         case SRCIP_O:
1603                 ret=comp_ip(e->op, &msg->rcv.src_ip, e->r_type, &e->r, msg, h);
1604                 break;
1605
1606         case DSTIP_O:
1607                 ret=comp_ip(e->op, &msg->rcv.dst_ip, e->r_type, &e->r, msg, h);
1608                 break;
1609
1610         case SNDIP_O:
1611                 snd_inf=get_onsend_info();
1612                 if (likely(snd_inf && snd_inf->send_sock)){
1613                         ret=comp_ip(e->op, &snd_inf->send_sock->address,
1614                                                 e->r_type, &e->r, msg, h);
1615                 }else{
1616                         BUG("eval_elem: snd_ip unknown (not in a onsend_route?)\n");
1617                 }
1618                 break;
1619
1620         case TOIP_O:
1621                 snd_inf=get_onsend_info();
1622                 if (likely(snd_inf && snd_inf->to)){
1623                         su2ip_addr(&ip, snd_inf->to);
1624                         ret=comp_ip(e->op, &ip, e->r_type, &e->r, msg, h);
1625                 }else{
1626                         BUG("eval_elem: to_ip unknown (not in a onsend_route?)\n");
1627                 }
1628                 break;
1629
1630         case NUMBER_O:
1631                 ret=!(!e->r.numval); /* !! to transform it in {0,1} */
1632                 break;
1633
1634         case ACTION_O:
1635                 ret=run_actions(h, (struct action*)e->r.param, msg);
1636                 if (ret<=0) ret=0;
1637                 else ret=1;
1638                 break;
1639
1640         case SRCPORT_O:
1641                 ret=comp_num(e->op, (int)msg->rcv.src_port, e->r_type, &e->r, msg, h);
1642                 break;
1643
1644         case DSTPORT_O:
1645                 ret=comp_num(e->op, (int)msg->rcv.dst_port, e->r_type, &e->r, msg, h);
1646                 break;
1647
1648         case SNDPORT_O:
1649                 snd_inf=get_onsend_info();
1650                 if (likely(snd_inf && snd_inf->send_sock)){
1651                         ret=comp_num(e->op, (int)snd_inf->send_sock->port_no,
1652                                                         e->r_type, &e->r, msg, h);
1653                 }else{
1654                         BUG("eval_elem: snd_port unknown (not in a onsend_route?)\n");
1655                 }
1656                 break;
1657
1658         case TOPORT_O:
1659                 snd_inf=get_onsend_info();
1660                 if (likely(snd_inf && snd_inf->to)){
1661                         ret=comp_num(e->op, (int)su_getport(snd_inf->to),
1662                                                                 e->r_type, &e->r, msg, h);
1663                 }else{
1664                         BUG("eval_elem: to_port unknown (not in a onsend_route?)\n");
1665                 }
1666                 break;
1667
1668         case PROTO_O:
1669                 ret=comp_num(e->op, msg->rcv.proto, e->r_type, &e->r, msg, h);
1670                 break;
1671
1672         case SNDPROTO_O:
1673                 snd_inf=get_onsend_info();
1674                 if (likely(snd_inf && snd_inf->send_sock)){
1675                         ret=comp_num(e->op, snd_inf->send_sock->proto,
1676                                                         e->r_type, &e->r, msg, h);
1677                 }else{
1678                         BUG("eval_elem: snd_proto unknown (not in a onsend_route?)\n");
1679                 }
1680                 break;
1681
1682         case AF_O:
1683                 ret=comp_num(e->op, (int)msg->rcv.src_ip.af, e->r_type, &e->r, msg, h);
1684                 break;
1685
1686         case SNDAF_O:
1687                 snd_inf=get_onsend_info();
1688                 if (likely(snd_inf && snd_inf->send_sock)){
1689                         ret=comp_num(e->op, snd_inf->send_sock->address.af,
1690                                                         e->r_type, &e->r, msg, h);
1691                 }else{
1692                         BUG("eval_elem: snd_af unknown (not in a onsend_route?)\n");
1693                 }
1694                 break;
1695
1696         case MSGLEN_O:
1697                 if ((snd_inf=get_onsend_info())!=0){
1698                         ret=comp_num(e->op, (int)snd_inf->len, e->r_type, &e->r, msg, h);
1699                 }else{
1700                         ret=comp_num(e->op, (int)msg->len, e->r_type, &e->r, msg, h);
1701                 }
1702                 break;
1703
1704         case RETCODE_O:
1705                 ret=comp_num(e->op, h->last_retcode, e->r_type, &e->r, msg, h);
1706                 break;
1707
1708         case AVP_O:
1709                 ret = comp_avp(e->op, e->l.attr, e->r_type, &e->r, msg, h);
1710                 break;
1711
1712         case SELECT_O:
1713                 ret = comp_select(e->op, e->l.select, e->r_type, &e->r, msg, h);
1714                 break;
1715
1716         case RVEXP_O:
1717                 ret = comp_rve(e->op, e->l.param, e->r_type, &e->r, msg, h);
1718                 break;
1719
1720         case PVAR_O:
1721                 ret=comp_pvar(e->op, e->l.param, e->r_type, &e->r, msg, h);
1722                 break;
1723 /*
1724         default:
1725                 LOG(L_CRIT, "BUG: eval_elem: invalid operand %d\n",
1726                     e->l_type);
1727 */
1728         }
1729         return ret;
1730 error:
1731         return (e->op == DIFF_OP) ? 1 : -1;
1732 }
1733
1734
1735
1736 /* ret= 1/0 (true/false) ,  -1 on error (evaluates as false)*/
1737 int eval_expr(struct run_act_ctx* h, struct expr* e, struct sip_msg* msg)
1738 {
1739         int ret;
1740
1741         if (e->type==ELEM_T){
1742                 ret=eval_elem(h, e, msg);
1743         }else if (e->type==EXP_T){
1744                 switch(e->op){
1745                         case LOGAND_OP:
1746                                 ret=eval_expr(h, e->l.expr, msg);
1747                                 /* if error or false stop evaluating the rest */
1748                                 if (ret <= 0) break;
1749                                 ret=eval_expr(h, e->r.expr, msg); /*ret1 is 1*/
1750                                 break;
1751                         case LOGOR_OP:
1752                                 ret=eval_expr(h, e->l.expr, msg);
1753                                 /* if true stop evaluating the rest */
1754                                 if (ret > 0) break;
1755                                 ret=eval_expr(h, e->r.expr, msg); /* ret1 is 0 */
1756                                 break;
1757                         case NOT_OP:
1758                                 ret=eval_expr(h, e->l.expr, msg);
1759                                 ret=(ret > 0) ? 0 : 1;
1760                                 break;
1761                         default:
1762                                 LOG(L_CRIT, "BUG: eval_expr: unknown op %d\n", e->op);
1763                                 ret=-1;
1764                 }
1765         }else{
1766                 LOG(L_CRIT, "BUG: eval_expr: unknown type %d\n", e->type);
1767                 ret=-1;
1768         }
1769         return ret;
1770 }
1771
1772
1773 /* adds an action list to head; a must be null terminated (last a->next=0))*/
1774 void push(struct action* a, struct action** head)
1775 {
1776         struct action *t;
1777         if (*head==0){
1778                 *head=a;
1779                 return;
1780         }
1781         for (t=*head; t->next;t=t->next);
1782         t->next=a;
1783 }
1784
1785
1786
1787
1788 int add_actions(struct action* a, struct action** head)
1789 {
1790         int ret;
1791
1792         LOG(L_DBG, "add_actions: fixing actions...\n");
1793         if ((ret=fix_actions(a))!=0) goto error;
1794         push(a,head);
1795         return 0;
1796
1797 error:
1798         return ret;
1799 }
1800
1801
1802
1803 static int fix_rl(struct route_list* rt)
1804 {
1805         int i;
1806         int ret;
1807         
1808         for(i=0;i<rt->idx; i++){
1809                 if(rt->rlist[i]){
1810                         if ((ret=fix_actions(rt->rlist[i]))!=0){
1811                                 return ret;
1812                         }
1813                 }
1814         }
1815         return 0;
1816 }
1817
1818
1819
1820 /* fixes all action tables */
1821 /* returns 0 if ok , <0 on error */
1822 int fix_rls()
1823 {
1824         int ret;
1825         
1826         if ((ret=fix_rl(&main_rt))!=0)
1827                 return ret;
1828         if ((ret=fix_rl(&onreply_rt))!=0)
1829                 return ret;
1830         if ((ret=fix_rl(&failure_rt))!=0)
1831                 return ret;
1832         if ((ret=fix_rl(&branch_rt))!=0)
1833                 return ret;
1834         if ((ret=fix_rl(&onsend_rt))!=0)
1835                 return ret;
1836         if ((ret=fix_rl(&event_rt))!=0)
1837                 return ret;
1838
1839         return 0;
1840 }
1841
1842
1843
1844 static void print_rl(struct route_list* rt, char* name)
1845 {
1846         int j;
1847         
1848         for(j=0; j<rt->entries; j++){
1849                 if (rt->rlist[j]==0){
1850                         if ((j==0) && (rt==&main_rt))
1851                                 DBG("WARNING: the main routing table is empty\n");
1852                         continue;
1853                 }
1854                 DBG("%s routing table %d:\n", name, j);
1855                 print_actions(rt->rlist[j]);
1856                 DBG("\n");
1857         }
1858 }
1859
1860
1861 /* debug function, prints routing tables */
1862 void print_rls()
1863 {
1864         print_rl(&main_rt, "");
1865         print_rl(&onreply_rt, "onreply");
1866         print_rl(&failure_rt, "failure");
1867         print_rl(&branch_rt, "branch");
1868         print_rl(&onsend_rt, "onsend");
1869         print_rl(&event_rt, "event");
1870 }