mirror of
https://github.com/coturn/coturn.git
synced 2025-10-23 12:00:59 +02:00
turnadmin command to produce an encrypted password
This commit is contained in:
parent
fb8324fa51
commit
3ec05410c5
@ -1,6 +1,9 @@
|
|||||||
3/15/2015 Oleg Moskalenko <mom040267@gmail.com>
|
3/15/2015 Oleg Moskalenko <mom040267@gmail.com>
|
||||||
Version 4.4.4.1 'Ardee West':
|
Version 4.4.4.1 'Ardee West':
|
||||||
- 'native' SCTP support;
|
- 'native' SCTP support;
|
||||||
|
- option of encrypted passwords for web admin users;
|
||||||
|
- option of encrypted password for CLI user;
|
||||||
|
- option of encrypted shared secrets;
|
||||||
|
|
||||||
2/28/2015 Oleg Moskalenko <mom040267@gmail.com>
|
2/28/2015 Oleg Moskalenko <mom040267@gmail.com>
|
||||||
Version 4.4.2.3 'Ardee West':
|
Version 4.4.2.3 'Ardee West':
|
||||||
|
@ -47,6 +47,15 @@ $ turnadmin [ -h | --help]
|
|||||||
|
|
||||||
Commands:
|
Commands:
|
||||||
|
|
||||||
|
-P, --generate-encrypted-password Generate and print to the standard
|
||||||
|
output an encrypted form of a password (for web admin user, or shared
|
||||||
|
secret, or CLI). The value then can be used as a safe key for the password
|
||||||
|
storage on disk or in the database. Every invocation for the same password
|
||||||
|
produces a different result. The for mat of the encrypted password is:
|
||||||
|
$5$<...salt...>$<...sha256(salt+password)...>. Salt is 16 characters,
|
||||||
|
the sha256 output is 64 characters. Character 5 is the algorithm id (sha256).
|
||||||
|
Only sha256 is supported as the hash function.
|
||||||
|
|
||||||
-k, --key Generate key for a long-term credentials mechanism user.
|
-k, --key Generate key for a long-term credentials mechanism user.
|
||||||
|
|
||||||
-a, --add Add or update a long-term user.
|
-a, --add Add or update a long-term user.
|
||||||
@ -104,8 +113,14 @@ Options with required values:
|
|||||||
--total-quota Set value of realm's total-quota parameter.
|
--total-quota Set value of realm's total-quota parameter.
|
||||||
--user-quota Set value of realm's user-quota parameter.
|
--user-quota Set value of realm's user-quota parameter.
|
||||||
-h, --help Help.
|
-h, --help Help.
|
||||||
|
|
||||||
Generate a key:
|
Command examples:
|
||||||
|
|
||||||
|
Generate an encrypted form of a password:
|
||||||
|
|
||||||
|
$ turnadmin -P -p <password>
|
||||||
|
|
||||||
|
Generate a key:
|
||||||
|
|
||||||
$ turnadmin -k -u <username> -r <realm> -p <password>
|
$ turnadmin -k -u <username> -r <realm> -p <password>
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
.\" Text automatically generated by txt2man
|
.\" Text automatically generated by txt2man
|
||||||
.TH TURN 1 "15 March 2015" "" ""
|
.TH TURN 1 "20 March 2015" "" ""
|
||||||
.SH GENERAL INFORMATION
|
.SH GENERAL INFORMATION
|
||||||
|
|
||||||
\fIturnadmin\fP is a TURN administration tool. This tool can be used to manage
|
\fIturnadmin\fP is a TURN administration tool. This tool can be used to manage
|
||||||
@ -66,6 +66,17 @@ $ \fIturnadmin\fP [ \fB\-h\fP | \fB\-\-help\fP]
|
|||||||
Commands:
|
Commands:
|
||||||
.TP
|
.TP
|
||||||
.B
|
.B
|
||||||
|
\fB\-P\fP, \fB\-\-generate\-encrypted\-password\fP
|
||||||
|
Generate and print to the standard
|
||||||
|
output an encrypted form of a password (for web admin user, or shared
|
||||||
|
secret, or CLI). The value then can be used as a safe key for the password
|
||||||
|
storage on disk or in the database. Every invocation for the same password
|
||||||
|
produces a different result. The for mat of the encrypted password is:
|
||||||
|
$5$<\.\.\.salt\.\.\.>$<\.\.\.sha256(salt+password)\.\.\.>. Salt is 16 characters,
|
||||||
|
the sha256 output is 64 characters. Character 5 is the algorithm id (sha256).
|
||||||
|
Only sha256 is supported as the hash function.
|
||||||
|
.TP
|
||||||
|
.B
|
||||||
\fB\-k\fP, \fB\-\-key\fP
|
\fB\-k\fP, \fB\-\-key\fP
|
||||||
Generate key for a long\-term credentials mechanism user.
|
Generate key for a long\-term credentials mechanism user.
|
||||||
.TP
|
.TP
|
||||||
@ -203,6 +214,12 @@ Set value of realm's user\-quota parameter.
|
|||||||
Help.
|
Help.
|
||||||
.TP
|
.TP
|
||||||
.B
|
.B
|
||||||
|
Command examples:
|
||||||
|
.PP
|
||||||
|
Generate an encrypted form of a password:
|
||||||
|
.PP
|
||||||
|
$ \fIturnadmin\fP \fB\-P\fP \fB\-p\fP <password>
|
||||||
|
.PP
|
||||||
Generate a key:
|
Generate a key:
|
||||||
.PP
|
.PP
|
||||||
$ \fIturnadmin\fP \fB\-k\fP \fB\-u\fP <username> \fB\-r\fP <realm> \fB\-p\fP <password>
|
$ \fIturnadmin\fP \fB\-k\fP \fB\-u\fP <username> \fB\-r\fP <realm> \fB\-p\fP <password>
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
.\" Text automatically generated by txt2man
|
.\" Text automatically generated by txt2man
|
||||||
.TH TURN 1 "15 March 2015" "" ""
|
.TH TURN 1 "20 March 2015" "" ""
|
||||||
.SH GENERAL INFORMATION
|
.SH GENERAL INFORMATION
|
||||||
|
|
||||||
The \fBTURN Server\fP project contains the source code of a TURN server and TURN client
|
The \fBTURN Server\fP project contains the source code of a TURN server and TURN client
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
.\" Text automatically generated by txt2man
|
.\" Text automatically generated by txt2man
|
||||||
.TH TURN 1 "15 March 2015" "" ""
|
.TH TURN 1 "20 March 2015" "" ""
|
||||||
.SH GENERAL INFORMATION
|
.SH GENERAL INFORMATION
|
||||||
|
|
||||||
A set of turnutils_* programs provides some utility functionality to be used
|
A set of turnutils_* programs provides some utility functionality to be used
|
||||||
|
@ -599,6 +599,11 @@ static char Usage[] = "Usage: turnserver [options]\n"
|
|||||||
|
|
||||||
static char AdminUsage[] = "Usage: turnadmin [command] [options]\n"
|
static char AdminUsage[] = "Usage: turnadmin [command] [options]\n"
|
||||||
"\nCommands:\n\n"
|
"\nCommands:\n\n"
|
||||||
|
" -P, --generate-encrypted-password Generate and print to the standard\n"
|
||||||
|
" output an encrypted form of a password\n"
|
||||||
|
" (for web admin user, or shared\n"
|
||||||
|
" secret, or CLI). See wiki, README or man\n"
|
||||||
|
" pages for more detailed description.\n"
|
||||||
" -k, --key generate long-term credential mechanism key for a user\n"
|
" -k, --key generate long-term credential mechanism key for a user\n"
|
||||||
" -a, --add add/update a long-term mechanism user\n"
|
" -a, --add add/update a long-term mechanism user\n"
|
||||||
" -A, --add-admin add/update a web admin user\n"
|
" -A, --add-admin add/update a web admin user\n"
|
||||||
@ -652,7 +657,7 @@ static char AdminUsage[] = "Usage: turnadmin [command] [options]\n"
|
|||||||
|
|
||||||
#define OPTIONS "c:d:p:L:E:X:i:m:l:r:u:b:B:e:M:J:N:O:q:Q:s:C:vVofhznaAS"
|
#define OPTIONS "c:d:p:L:E:X:i:m:l:r:u:b:B:e:M:J:N:O:q:Q:s:C:vVofhznaAS"
|
||||||
|
|
||||||
#define ADMIN_OPTIONS "gGORIHKYlLkaADSdb:e:M:J:N:u:r:p:s:X:o:h"
|
#define ADMIN_OPTIONS "PgGORIHKYlLkaADSdb:e:M:J:N:u:r:p:s:X:o:h"
|
||||||
|
|
||||||
enum EXTRA_OPTS {
|
enum EXTRA_OPTS {
|
||||||
NO_UDP_OPT=256,
|
NO_UDP_OPT=256,
|
||||||
@ -841,6 +846,7 @@ static const struct myoption long_options[] = {
|
|||||||
};
|
};
|
||||||
|
|
||||||
static const struct myoption admin_long_options[] = {
|
static const struct myoption admin_long_options[] = {
|
||||||
|
{"generate-encrypted-password", no_argument, NULL, 'P' },
|
||||||
{ "key", no_argument, NULL, 'k' },
|
{ "key", no_argument, NULL, 'k' },
|
||||||
{ "add", no_argument, NULL, 'a' },
|
{ "add", no_argument, NULL, 'a' },
|
||||||
{ "delete", no_argument, NULL, 'd' },
|
{ "delete", no_argument, NULL, 'd' },
|
||||||
@ -1437,18 +1443,29 @@ static int adminmain(int argc, char **argv)
|
|||||||
|
|
||||||
int is_admin = 0;
|
int is_admin = 0;
|
||||||
|
|
||||||
u08bits user[STUN_MAX_USERNAME_SIZE+1]="";
|
u08bits user[STUN_MAX_USERNAME_SIZE+1]="\0";
|
||||||
u08bits realm[STUN_MAX_REALM_SIZE+1]="";
|
u08bits realm[STUN_MAX_REALM_SIZE+1]="\0";
|
||||||
u08bits pwd[STUN_MAX_PWD_SIZE+1]="";
|
u08bits pwd[STUN_MAX_PWD_SIZE+1]="\0";
|
||||||
u08bits secret[AUTH_SECRET_SIZE+1]="";
|
u08bits secret[AUTH_SECRET_SIZE+1]="\0";
|
||||||
u08bits origin[STUN_MAX_ORIGIN_SIZE+1]="";
|
u08bits origin[STUN_MAX_ORIGIN_SIZE+1]="\0";
|
||||||
perf_options_t po = {(band_limit_t)-1,-1,-1};
|
perf_options_t po = {(band_limit_t)-1,-1,-1};
|
||||||
|
|
||||||
struct uoptions uo;
|
struct uoptions uo;
|
||||||
uo.u.m = admin_long_options;
|
uo.u.m = admin_long_options;
|
||||||
|
|
||||||
|
int print_enc_password = 0;
|
||||||
|
|
||||||
while (((c = getopt_long(argc, argv, ADMIN_OPTIONS, uo.u.o, NULL)) != -1)) {
|
while (((c = getopt_long(argc, argv, ADMIN_OPTIONS, uo.u.o, NULL)) != -1)) {
|
||||||
switch (c){
|
switch (c){
|
||||||
|
case 'P':
|
||||||
|
if(pwd[0]) {
|
||||||
|
char result[257];
|
||||||
|
generate_new_enc_password((char*)pwd, result);
|
||||||
|
printf("%s\n",result);
|
||||||
|
exit(0);
|
||||||
|
}
|
||||||
|
print_enc_password = 1;
|
||||||
|
break;
|
||||||
case 'g':
|
case 'g':
|
||||||
ct = TA_SET_REALM_OPTION;
|
ct = TA_SET_REALM_OPTION;
|
||||||
break;
|
break;
|
||||||
@ -1566,6 +1583,12 @@ static int adminmain(int argc, char **argv)
|
|||||||
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong password: %s\n",pwd);
|
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong password: %s\n",pwd);
|
||||||
exit(-1);
|
exit(-1);
|
||||||
}
|
}
|
||||||
|
if(print_enc_password) {
|
||||||
|
char result[257];
|
||||||
|
generate_new_enc_password((char*)pwd, result);
|
||||||
|
printf("%s\n",result);
|
||||||
|
exit(0);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case 'H':
|
case 'H':
|
||||||
if(get_bool_value(optarg))
|
if(get_bool_value(optarg))
|
||||||
|
Loading…
x
Reference in New Issue
Block a user