improve slow sql query and fix support for readonly endpoints (#232)

app.js

@@ -64,7 +64,15 @@ const {
   password: process.env.JAMBONES_MYSQL_PASSWORD,
   database: process.env.JAMBONES_MYSQL_DATABASE,
   connectionLimit: process.env.JAMBONES_MYSQL_CONNECTION_LIMIT || 10
-}, logger);
+}, logger, process.env.JAMBONES_MYSQL_WRITE_HOST && process.env.JAMBONES_MYSQL_WRITE_USER &&
+  process.env.JAMBONES_MYSQL_WRITE_PASSWORD && process.env.JAMBONES_MYSQL_WRITE_DATABASE ? {
+    host: process.env.JAMBONES_MYSQL_WRITE_HOST,
+    port: process.env.JAMBONES_MYSQL_WRITE_PORT || 3306,
+    user: process.env.JAMBONES_MYSQL_WRITE_USER,
+    password: process.env.JAMBONES_MYSQL_WRITE_PASSWORD,
+    database: process.env.JAMBONES_MYSQL_WRITE_DATABASE,
+    connectionLimit: process.env.JAMBONES_MYSQL_CONNECTION_LIMIT || 10
+  } : null);
 const {
   client: redisClient,
   addKey,

lib/db-utils.js

@@ -28,15 +28,30 @@ AND vc.is_active = 1
 AND sg.inbound = 1 
 AND sg.voip_carrier_sid = vc.voip_carrier_sid`;
 
-const sqlSelectAllGatewaysForSP =
+const sqlSelectExactGatewayForSP =
-`SELECT sg.sip_gateway_sid, sg.voip_carrier_sid, vc.name, vc.service_provider_sid,  
+`SELECT sg.sip_gateway_sid, sg.voip_carrier_sid, vc.name, vc.service_provider_sid,
 vc.account_sid, vc.application_sid, sg.inbound, sg.outbound, sg.is_active, sg.ipv4, sg.netmask, sg.pad_crypto,
 vc.register_username, vc.register_password
 FROM sip_gateways sg, voip_carriers vc
-WHERE sg.voip_carrier_sid = vc.voip_carrier_sid 
+WHERE sg.voip_carrier_sid = vc.voip_carrier_sid
-AND vc.service_provider_sid IS NOT NULL 
+AND vc.service_provider_sid IS NOT NULL
-AND vc.is_active = 1 
+AND vc.is_active = 1
-AND sg.inbound = 1`;
+AND sg.inbound = 1
+AND sg.netmask = 32
+AND sg.ipv4 = ?
+ORDER BY vc.account_sid IS NOT NULL DESC`;
+
+const sqlSelectCIDRGatewaysForSP =
+`SELECT sg.sip_gateway_sid, sg.voip_carrier_sid, vc.name, vc.service_provider_sid,
+vc.account_sid, vc.application_sid, sg.inbound, sg.outbound, sg.is_active, sg.ipv4, sg.netmask, sg.pad_crypto,
+vc.register_username, vc.register_password
+FROM sip_gateways sg, voip_carriers vc
+WHERE sg.voip_carrier_sid = vc.voip_carrier_sid
+AND vc.service_provider_sid IS NOT NULL
+AND vc.is_active = 1
+AND sg.inbound = 1
+AND sg.netmask < 32
+ORDER BY sg.netmask DESC`;
 
 const sqlAccountByRealm = 'SELECT * from accounts WHERE sip_realm = ? AND is_active = 1';
 const sqlAccountBySid = 'SELECT * from accounts WHERE account_sid = ?';
@@ -455,10 +470,17 @@ module.exports = (srf, logger) => {
     }
 
     /* find all carrier entries that have an inbound gateway matching the source IP */
-    const [gw] = await pp.query(sqlSelectAllGatewaysForSP);
+    /* Query both exact IP matches AND CIDR ranges to handle the case where
+       multiple accounts have configured the same carrier with different netmasks.
+       The phone number lookup will disambiguate which account owns the call. */
+    const [gwExact] = await pp.query(sqlSelectExactGatewayForSP, [req.source_address]);
+    const [gwCidr] = await pp.query(sqlSelectCIDRGatewaysForSP);
+
+    /* Merge both result sets - exact matches first, then CIDR ranges (already sorted by netmask DESC) */
+    const gw = [...gwExact, ...gwCidr];
+
     //logger.debug({gw}, `checking gateways for source address ${req.source_address}`);
     let matches = gw
-      .sort((a, b) => b.netmask - a.netmask)
       .filter(gatewayMatchesSourceAddress.bind(null, logger, req.source_address))
       .map((gw) => {
         return {