mirror of
https://github.com/coturn/coturn.git
synced 2025-10-24 20:41:03 +02:00
working on new third-party auth draft
This commit is contained in:
mom040267
parent
86f40b4bd9
commit
6dbee00b74
10
INSTALL
10
INSTALL
@ -744,8 +744,6 @@ CREATE TABLE oauth_key (
|
||||
timestamp bigint default 0,
|
||||
lifetime integer default 0,
|
||||
as_rs_alg varchar(64) default '',
|
||||
as_rs_key varchar(256) default '',
|
||||
auth_key varchar(256) default '',
|
||||
primary key (kid)
|
||||
);
|
||||
|
||||
@ -754,8 +752,6 @@ The oauth_key table fields meanings are:
|
||||
kid: the kid of the key;
|
||||
|
||||
ikm_key - (optional) base64-encoded key ("input keying material");
|
||||
The ikm_key is not needed if the as_rs_key and auth_key are defined
|
||||
explicitly in the database;
|
||||
|
||||
timestamp - (optional) the timestamp (in seconds) when the key
|
||||
lifetime starts;
|
||||
@ -767,12 +763,6 @@ The oauth_key table fields meanings are:
|
||||
"A256GCMKW", "A128GCMKW" (see
|
||||
http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-4.1).
|
||||
The default value is "A256GCMKW";
|
||||
|
||||
as_rs_key - (optional) base64-encoded AS-RS key. If not defined, then
|
||||
calculated with ikm_key.
|
||||
|
||||
auth_key - (optional) base64-encoded AUTH key. If not defined, then
|
||||
calculated with ikm_key. Not used for AEAD algorithms.
|
||||
|
||||
# Https access admin users.
|
||||
# Leave this table empty if you do not want
|
||||
|
||||
Binary file not shown.
@ -1136,27 +1136,6 @@ void convert_oauth_key_data_raw(const oauth_key_data_raw *raw, oauth_key_data *o
|
||||
turn_free(ikm_key,ikm_key_size);
|
||||
}
|
||||
}
|
||||
|
||||
if(raw->as_rs_key[0]) {
|
||||
size_t as_rs_key_size = 0;
|
||||
char *as_rs_key = (char*)base64_decode(raw->as_rs_key,strlen(raw->as_rs_key),&as_rs_key_size);
|
||||
if(as_rs_key) {
|
||||
ns_bcopy(as_rs_key,oakd->as_rs_key,as_rs_key_size);
|
||||
oakd->as_rs_key_size = as_rs_key_size;
|
||||
turn_free(as_rs_key,as_rs_key_size);
|
||||
}
|
||||
}
|
||||
|
||||
if(raw->auth_key[0]) {
|
||||
size_t auth_key_size = 0;
|
||||
char *auth_key = (char*)base64_decode(raw->auth_key,strlen(raw->auth_key),&auth_key_size);
|
||||
if(auth_key) {
|
||||
ns_bcopy(auth_key,oakd->auth_key,auth_key_size);
|
||||
oakd->auth_key_size = auth_key_size;
|
||||
turn_free(auth_key,auth_key_size);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -142,8 +142,6 @@ struct _oauth_key_data_raw {
|
||||
u64bits timestamp;
|
||||
u32bits lifetime;
|
||||
char as_rs_alg[OAUTH_ALG_SIZE+1];
|
||||
char as_rs_key[OAUTH_KEY_SIZE+1];
|
||||
char auth_key[OAUTH_KEY_SIZE+1];
|
||||
};
|
||||
|
||||
typedef struct _oauth_key_data_raw oauth_key_data_raw;
|
||||
|
||||
@ -255,8 +255,6 @@ static int mongo_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
BSON_APPEND_INT32(&fields, "lifetime", 1);
|
||||
BSON_APPEND_INT32(&fields, "timestamp", 1);
|
||||
BSON_APPEND_INT32(&fields, "as_rs_alg", 1);
|
||||
BSON_APPEND_INT32(&fields, "as_rs_key", 1);
|
||||
BSON_APPEND_INT32(&fields, "auth_key", 1);
|
||||
BSON_APPEND_INT32(&fields, "ikm_key", 1);
|
||||
|
||||
mongoc_cursor_t * cursor;
|
||||
@ -279,12 +277,6 @@ static int mongo_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "as_rs_alg") && BSON_ITER_HOLDS_UTF8(&iter)) {
|
||||
STRCPY(key->as_rs_alg,bson_iter_utf8(&iter, &length));
|
||||
}
|
||||
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "as_rs_key") && BSON_ITER_HOLDS_UTF8(&iter)) {
|
||||
STRCPY(key->as_rs_key,bson_iter_utf8(&iter, &length));
|
||||
}
|
||||
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "auth_key") && BSON_ITER_HOLDS_UTF8(&iter)) {
|
||||
STRCPY(key->auth_key,bson_iter_utf8(&iter, &length));
|
||||
}
|
||||
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "ikm_key") && BSON_ITER_HOLDS_UTF8(&iter)) {
|
||||
STRCPY(key->ikm_key,bson_iter_utf8(&iter, &length));
|
||||
}
|
||||
@ -349,8 +341,6 @@ static int mongo_set_oauth_key(oauth_key_data_raw *key) {
|
||||
bson_init(&doc);
|
||||
BSON_APPEND_UTF8(&doc, "kid", (const char *)key->kid);
|
||||
BSON_APPEND_UTF8(&doc, "as_rs_alg", (const char *)key->as_rs_alg);
|
||||
BSON_APPEND_UTF8(&doc, "as_rs_key", (const char *)key->as_rs_key);
|
||||
BSON_APPEND_UTF8(&doc, "auth_key", (const char *)key->auth_key);
|
||||
BSON_APPEND_UTF8(&doc, "ikm_key", (const char *)key->ikm_key);
|
||||
BSON_APPEND_INT64(&doc, "timestamp", (int64_t)key->timestamp);
|
||||
BSON_APPEND_INT32(&doc, "lifetime", (int32_t)key->lifetime);
|
||||
@ -511,8 +501,6 @@ static int mongo_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
BSON_APPEND_INT32(&fields, "lifetime", 1);
|
||||
BSON_APPEND_INT32(&fields, "timestamp", 1);
|
||||
BSON_APPEND_INT32(&fields, "as_rs_alg", 1);
|
||||
BSON_APPEND_INT32(&fields, "as_rs_key", 1);
|
||||
BSON_APPEND_INT32(&fields, "auth_key", 1);
|
||||
BSON_APPEND_INT32(&fields, "ikm_key", 1);
|
||||
|
||||
mongoc_cursor_t * cursor;
|
||||
@ -537,12 +525,6 @@ static int mongo_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "as_rs_alg") && BSON_ITER_HOLDS_UTF8(&iter)) {
|
||||
STRCPY(key->as_rs_alg,bson_iter_utf8(&iter, &length));
|
||||
}
|
||||
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "as_rs_key") && BSON_ITER_HOLDS_UTF8(&iter)) {
|
||||
STRCPY(key->as_rs_key,bson_iter_utf8(&iter, &length));
|
||||
}
|
||||
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "auth_key") && BSON_ITER_HOLDS_UTF8(&iter)) {
|
||||
STRCPY(key->auth_key,bson_iter_utf8(&iter, &length));
|
||||
}
|
||||
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "ikm_key") && BSON_ITER_HOLDS_UTF8(&iter)) {
|
||||
STRCPY(key->ikm_key,bson_iter_utf8(&iter, &length));
|
||||
}
|
||||
@ -566,9 +548,9 @@ static int mongo_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
add_to_secrets_list(lts,lt);
|
||||
}
|
||||
} else {
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s, as_rs_key=%s, auth_key=%s\n",
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime,
|
||||
key->as_rs_alg, key->as_rs_key, key->auth_key);
|
||||
key->as_rs_alg);
|
||||
}
|
||||
}
|
||||
mongoc_cursor_destroy(cursor);
|
||||
|
||||
@ -343,7 +343,7 @@ static int mysql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
|
||||
int ret = -1;
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key from oauth_key where kid='%s'",(const char*)kid);
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg from oauth_key where kid='%s'",(const char*)kid);
|
||||
|
||||
MYSQL * myc = get_mydb_connection();
|
||||
if(myc) {
|
||||
@ -354,7 +354,7 @@ static int mysql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
MYSQL_RES *mres = mysql_store_result(myc);
|
||||
if(!mres) {
|
||||
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error retrieving MySQL DB information: %s\n",mysql_error(myc));
|
||||
} else if(mysql_field_count(myc)!=6) {
|
||||
} else if(mysql_field_count(myc)!=4) {
|
||||
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Unknown error retrieving MySQL DB information: %s\n",statement);
|
||||
} else {
|
||||
MYSQL_ROW row = mysql_fetch_row(mres);
|
||||
@ -378,12 +378,6 @@ static int mysql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
ns_bcopy(row[3],key->as_rs_alg,lengths[3]);
|
||||
key->as_rs_alg[lengths[3]]=0;
|
||||
|
||||
ns_bcopy(row[4],key->as_rs_key,lengths[4]);
|
||||
key->as_rs_key[lengths[4]]=0;
|
||||
|
||||
ns_bcopy(row[5],key->auth_key,lengths[5]);
|
||||
key->auth_key[lengths[5]]=0;
|
||||
|
||||
ret = 0;
|
||||
}
|
||||
}
|
||||
@ -402,7 +396,7 @@ static int mysql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
oauth_key_data_raw *key=&key_;
|
||||
int ret = -1;
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key,kid from oauth_key order by kid");
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,kid from oauth_key order by kid");
|
||||
|
||||
MYSQL * myc = get_mydb_connection();
|
||||
if(myc) {
|
||||
@ -413,7 +407,7 @@ static int mysql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
MYSQL_RES *mres = mysql_store_result(myc);
|
||||
if(!mres) {
|
||||
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error retrieving MySQL DB information: %s\n",mysql_error(myc));
|
||||
} else if(mysql_field_count(myc)!=7) {
|
||||
} else if(mysql_field_count(myc)!=5) {
|
||||
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Unknown error retrieving MySQL DB information: %s\n",statement);
|
||||
} else {
|
||||
MYSQL_ROW row = mysql_fetch_row(mres);
|
||||
@ -437,14 +431,8 @@ static int mysql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
ns_bcopy(row[3],key->as_rs_alg,lengths[3]);
|
||||
key->as_rs_alg[lengths[3]]=0;
|
||||
|
||||
ns_bcopy(row[4],key->as_rs_key,lengths[4]);
|
||||
key->as_rs_key[lengths[4]]=0;
|
||||
|
||||
ns_bcopy(row[5],key->auth_key,lengths[5]);
|
||||
key->auth_key[lengths[5]]=0;
|
||||
|
||||
ns_bcopy(row[6],key->kid,lengths[6]);
|
||||
key->kid[lengths[6]]=0;
|
||||
key->kid[lengths[4]]=0;
|
||||
|
||||
if(kids) {
|
||||
add_to_secrets_list(kids,key->kid);
|
||||
@ -460,9 +448,9 @@ static int mysql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
add_to_secrets_list(lts,lt);
|
||||
}
|
||||
} else {
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s, as_rs_key=%s, auth_key=%s\n",
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime,
|
||||
key->as_rs_alg, key->as_rs_key, key->auth_key);
|
||||
key->as_rs_alg);
|
||||
}
|
||||
}
|
||||
row = mysql_fetch_row(mres);
|
||||
@ -506,13 +494,13 @@ static int mysql_set_oauth_key(oauth_key_data_raw *key)
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
MYSQL * myc = get_mydb_connection();
|
||||
if(myc) {
|
||||
snprintf(statement,sizeof(statement),"insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key) values('%s','%s',%llu,%lu,'%s','%s','%s')",
|
||||
snprintf(statement,sizeof(statement),"insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg) values('%s','%s',%llu,%lu,'%s')",
|
||||
key->kid,key->ikm_key,(unsigned long long)key->timestamp,(unsigned long)key->lifetime,
|
||||
key->as_rs_alg,key->as_rs_key,key->auth_key);
|
||||
key->as_rs_alg);
|
||||
int res = mysql_query(myc, statement);
|
||||
if(res) {
|
||||
snprintf(statement,sizeof(statement),"update oauth_key set ikm_key='%s',timestamp=%lu,lifetime=%lu, as_rs_alg='%s',as_rs_key='%s',auth_key='%s' where kid='%s'",key->ikm_key,(unsigned long)key->timestamp,(unsigned long)key->lifetime,
|
||||
key->as_rs_alg,key->as_rs_key,key->auth_key,key->kid);
|
||||
snprintf(statement,sizeof(statement),"update oauth_key set ikm_key='%s',timestamp=%lu,lifetime=%lu, as_rs_alg='%s' where kid='%s'",key->ikm_key,(unsigned long)key->timestamp,(unsigned long)key->lifetime,
|
||||
key->as_rs_alg,key->kid);
|
||||
res = mysql_query(myc, statement);
|
||||
if(res) {
|
||||
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error inserting/updating oauth key information: %s\n",mysql_error(myc));
|
||||
|
||||
@ -158,7 +158,7 @@ static int pgsql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
int ret = -1;
|
||||
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key from oauth_key where kid='%s'",(const char*)kid);
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg from oauth_key where kid='%s'",(const char*)kid);
|
||||
|
||||
PGconn * pqc = get_pqdb_connection();
|
||||
if(pqc) {
|
||||
@ -171,8 +171,6 @@ static int pgsql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
key->timestamp = (u64bits)strtoll(PQgetvalue(res,0,1),NULL,10);
|
||||
key->lifetime = (u32bits)strtol(PQgetvalue(res,0,2),NULL,10);
|
||||
STRCPY(key->as_rs_alg,PQgetvalue(res,0,3));
|
||||
STRCPY(key->as_rs_key,PQgetvalue(res,0,4));
|
||||
STRCPY(key->auth_key,PQgetvalue(res,0,5));
|
||||
STRCPY(key->kid,kid);
|
||||
ret = 0;
|
||||
}
|
||||
@ -193,7 +191,7 @@ static int pgsql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
int ret = -1;
|
||||
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key,kid from oauth_key order by kid");
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,kid from oauth_key order by kid");
|
||||
|
||||
PGconn * pqc = get_pqdb_connection();
|
||||
if(pqc) {
|
||||
@ -209,9 +207,7 @@ static int pgsql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
key->timestamp = (u64bits)strtoll(PQgetvalue(res,i,1),NULL,10);
|
||||
key->lifetime = (u32bits)strtol(PQgetvalue(res,i,2),NULL,10);
|
||||
STRCPY(key->as_rs_alg,PQgetvalue(res,i,3));
|
||||
STRCPY(key->as_rs_key,PQgetvalue(res,i,4));
|
||||
STRCPY(key->auth_key,PQgetvalue(res,i,5));
|
||||
STRCPY(key->kid,PQgetvalue(res,i,6));
|
||||
STRCPY(key->kid,PQgetvalue(res,i,4));
|
||||
|
||||
if(kids) {
|
||||
add_to_secrets_list(kids,key->kid);
|
||||
@ -227,9 +223,9 @@ static int pgsql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
add_to_secrets_list(lts,lt);
|
||||
}
|
||||
} else {
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s, as_rs_key=%s, auth_key=%s\n",
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime,
|
||||
key->as_rs_alg, key->as_rs_key, key->auth_key);
|
||||
key->as_rs_alg);
|
||||
}
|
||||
|
||||
ret = 0;
|
||||
@ -277,17 +273,17 @@ static int pgsql_set_oauth_key(oauth_key_data_raw *key) {
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
PGconn *pqc = get_pqdb_connection();
|
||||
if(pqc) {
|
||||
snprintf(statement,sizeof(statement),"insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key) values('%s','%s',%llu,%lu,'%s','%s','%s')",
|
||||
snprintf(statement,sizeof(statement),"insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg) values('%s','%s',%llu,%lu,'%s')",
|
||||
key->kid,key->ikm_key,(unsigned long long)key->timestamp,(unsigned long)key->lifetime,
|
||||
key->as_rs_alg,key->as_rs_key,key->auth_key);
|
||||
key->as_rs_alg);
|
||||
|
||||
PGresult *res = PQexec(pqc, statement);
|
||||
if(!res || (PQresultStatus(res) != PGRES_COMMAND_OK)) {
|
||||
if(res) {
|
||||
PQclear(res);
|
||||
}
|
||||
snprintf(statement,sizeof(statement),"update oauth_key set ikm_key='%s',timestamp=%lu,lifetime=%lu, as_rs_alg='%s',as_rs_key='%s',auth_key='%s' where kid='%s'",key->ikm_key,(unsigned long)key->timestamp,(unsigned long)key->lifetime,
|
||||
key->as_rs_alg,key->as_rs_key,key->auth_key,key->kid);
|
||||
snprintf(statement,sizeof(statement),"update oauth_key set ikm_key='%s',timestamp=%lu,lifetime=%lu, as_rs_alg='%s' where kid='%s'",key->ikm_key,(unsigned long)key->timestamp,(unsigned long)key->lifetime,
|
||||
key->as_rs_alg,key->kid);
|
||||
res = PQexec(pqc, statement);
|
||||
if(!res || (PQresultStatus(res) != PGRES_COMMAND_OK)) {
|
||||
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error inserting/updating oauth_key information: %s\n",PQerrorMessage(pqc));
|
||||
|
||||
@ -477,10 +477,6 @@ static int redis_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
if(kw) {
|
||||
if(!strcmp(kw,"as_rs_alg")) {
|
||||
STRCPY(key->as_rs_alg,val);
|
||||
} else if(!strcmp(kw,"as_rs_key")) {
|
||||
STRCPY(key->as_rs_key,val);
|
||||
} else if(!strcmp(kw,"auth_key")) {
|
||||
STRCPY(key->auth_key,val);
|
||||
} else if(!strcmp(kw,"ikm_key")) {
|
||||
STRCPY(key->ikm_key,val);
|
||||
} else if(!strcmp(kw,"timestamp")) {
|
||||
@ -516,8 +512,8 @@ static int redis_set_oauth_key(oauth_key_data_raw *key) {
|
||||
redisContext *rc = get_redis_connection();
|
||||
if(rc) {
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
snprintf(statement,sizeof(statement),"hmset turn/oauth/kid/%s ikm_key %s as_rs_alg %s as_rs_key %s auth_key %s timestamp %llu lifetime %lu",
|
||||
key->kid,key->ikm_key,key->as_rs_alg,key->as_rs_key,key->auth_key,(unsigned long long)key->timestamp,(unsigned long)key->lifetime);
|
||||
snprintf(statement,sizeof(statement),"hmset turn/oauth/kid/%s ikm_key %s as_rs_alg %s timestamp %llu lifetime %lu",
|
||||
key->kid,key->ikm_key,key->as_rs_alg,(unsigned long long)key->timestamp,(unsigned long)key->lifetime);
|
||||
turnFreeRedisReply(redisCommand(rc, statement));
|
||||
turnFreeRedisReply(redisCommand(rc, "save"));
|
||||
ret = 0;
|
||||
@ -683,9 +679,9 @@ static int redis_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secre
|
||||
add_to_secrets_list(lts,lt);
|
||||
}
|
||||
} else {
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s, as_rs_key=%s, auth_key=%s\n",
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime,
|
||||
key->as_rs_alg, key->as_rs_key, key->auth_key);
|
||||
key->as_rs_alg);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -154,7 +154,7 @@ static void init_sqlite_database(sqlite3 *sqliteconnection) {
|
||||
"CREATE TABLE denied_peer_ip (realm varchar(127) default '', ip_range varchar(256), primary key (realm,ip_range))",
|
||||
"CREATE TABLE turn_origin_to_realm (origin varchar(127),realm varchar(127),primary key (origin))",
|
||||
"CREATE TABLE turn_realm_option (realm varchar(127) default '', opt varchar(32), value varchar(128), primary key (realm,opt))",
|
||||
"CREATE TABLE oauth_key (kid varchar(128),ikm_key varchar(256) default '',timestamp bigint default 0,lifetime integer default 0,as_rs_alg varchar(64) default '',as_rs_key varchar(256) default '',auth_key varchar(256) default '',primary key (kid))",
|
||||
"CREATE TABLE oauth_key (kid varchar(128),ikm_key varchar(256) default '',timestamp bigint default 0,lifetime integer default 0,as_rs_alg varchar(64) default '',primary key (kid))",
|
||||
"CREATE TABLE admin_user (name varchar(32), realm varchar(127), password varchar(127), primary key (name))",
|
||||
NULL
|
||||
};
|
||||
@ -293,7 +293,7 @@ static int sqlite_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
sqlite3_stmt *st = NULL;
|
||||
int rc = 0;
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key from oauth_key where kid='%s'",(const char*)kid);
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg from oauth_key where kid='%s'",(const char*)kid);
|
||||
|
||||
sqlite3 *sqliteconnection = get_sqlite_connection();
|
||||
if(sqliteconnection) {
|
||||
@ -309,8 +309,6 @@ static int sqlite_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
|
||||
key->timestamp = (u64bits)strtoll((const char*)sqlite3_column_text(st, 1),NULL,10);
|
||||
key->lifetime = (u32bits)strtol((const char*)sqlite3_column_text(st, 2),NULL,10);
|
||||
STRCPY(key->as_rs_alg,sqlite3_column_text(st, 3));
|
||||
STRCPY(key->as_rs_key,sqlite3_column_text(st, 4));
|
||||
STRCPY(key->auth_key,sqlite3_column_text(st, 5));
|
||||
STRCPY(key->kid,kid);
|
||||
ret = 0;
|
||||
}
|
||||
@ -339,7 +337,7 @@ static int sqlite_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secr
|
||||
char statement[TURN_LONG_STRING_SIZE];
|
||||
sqlite3_stmt *st = NULL;
|
||||
int rc = 0;
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key,kid from oauth_key order by kid");
|
||||
snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg,kid from oauth_key order by kid");
|
||||
|
||||
sqlite3 *sqliteconnection = get_sqlite_connection();
|
||||
if(sqliteconnection) {
|
||||
@ -357,9 +355,7 @@ static int sqlite_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secr
|
||||
key->timestamp = (u64bits)strtoll((const char*)sqlite3_column_text(st, 1),NULL,10);
|
||||
key->lifetime = (u32bits)strtol((const char*)sqlite3_column_text(st, 2),NULL,10);
|
||||
STRCPY(key->as_rs_alg,sqlite3_column_text(st, 3));
|
||||
STRCPY(key->as_rs_key,sqlite3_column_text(st, 4));
|
||||
STRCPY(key->auth_key,sqlite3_column_text(st, 5));
|
||||
STRCPY(key->kid,sqlite3_column_text(st, 6));
|
||||
STRCPY(key->kid,sqlite3_column_text(st, 4));
|
||||
|
||||
if(kids) {
|
||||
add_to_secrets_list(kids,key->kid);
|
||||
@ -375,9 +371,9 @@ static int sqlite_list_oauth_keys(secrets_list_t *kids,secrets_list_t *teas,secr
|
||||
add_to_secrets_list(lts,lt);
|
||||
}
|
||||
} else {
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s, as_rs_key=%s, auth_key=%s\n",
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime,
|
||||
key->as_rs_alg, key->as_rs_key, key->auth_key);
|
||||
key->as_rs_alg);
|
||||
}
|
||||
|
||||
} else if (res == SQLITE_DONE) {
|
||||
@ -447,9 +443,8 @@ static int sqlite_set_oauth_key(oauth_key_data_raw *key)
|
||||
snprintf(
|
||||
statement,
|
||||
sizeof(statement),
|
||||
"insert or replace into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key) values('%s','%s',%llu,%lu,'%s','%s','%s')",
|
||||
key->kid, key->ikm_key, (unsigned long long) key->timestamp, (unsigned long) key->lifetime, key->as_rs_alg, key->as_rs_key,
|
||||
key->auth_key);
|
||||
"insert or replace into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg) values('%s','%s',%llu,%lu,'%s')",
|
||||
key->kid, key->ikm_key, (unsigned long long) key->timestamp, (unsigned long) key->lifetime, key->as_rs_alg);
|
||||
|
||||
sqlite_lock(1);
|
||||
|
||||
|
||||
@ -1372,8 +1372,6 @@ typedef enum _AS_FORM AS_FORM;
|
||||
#define HR_ADD_OAUTH_TS "oauth_ts"
|
||||
#define HR_ADD_OAUTH_LT "oauth_lt"
|
||||
#define HR_ADD_OAUTH_IKM "oauth_ikm"
|
||||
#define HR_ADD_OAUTH_RS_KEY "oauth_rs_key"
|
||||
#define HR_ADD_OAUTH_AUTH_KEY "oauth_auth_key"
|
||||
#define HR_ADD_OAUTH_TEA "oauth_tea"
|
||||
#define HR_DELETE_OAUTH_KID "oauth_kid_del"
|
||||
#define HR_OAUTH_KID "kid"
|
||||
@ -2878,28 +2876,6 @@ static void write_https_oauth_show_keys(ioa_socket_handle s, const char* kid)
|
||||
str_buffer_append(sb,"</td></tr>\r\n");
|
||||
}
|
||||
|
||||
if(okey.as_rs_key_size) {
|
||||
size_t as_rs_key_size = 0;
|
||||
char *as_rs_key = (char*)base64_encode((unsigned char*)okey.as_rs_key,okey.as_rs_key_size,&as_rs_key_size);
|
||||
if(as_rs_key) {
|
||||
str_buffer_append(sb,"<tr><td>AS-RS key:</td><td>");
|
||||
str_buffer_append(sb,as_rs_key);
|
||||
str_buffer_append(sb,"</td></tr>\r\n");
|
||||
turn_free(as_rs_key,as_rs_key_size);
|
||||
}
|
||||
}
|
||||
|
||||
if(okey.auth_key_size) {
|
||||
size_t auth_key_size = 0;
|
||||
char *auth_key = (char*)base64_encode((unsigned char*)okey.auth_key,okey.auth_key_size,&auth_key_size);
|
||||
if(auth_key) {
|
||||
str_buffer_append(sb,"<tr><td>AUTH key:</td><td>");
|
||||
str_buffer_append(sb,auth_key);
|
||||
str_buffer_append(sb,"</td></tr>\r\n");
|
||||
turn_free(auth_key,auth_key_size);
|
||||
}
|
||||
}
|
||||
|
||||
str_buffer_append(sb,"</table>\r\n");
|
||||
}
|
||||
}
|
||||
@ -2914,7 +2890,6 @@ static void write_https_oauth_show_keys(ioa_socket_handle s, const char* kid)
|
||||
static void write_https_oauth_page(ioa_socket_handle s, const char* add_kid, const char* add_ikm,
|
||||
const char* add_tea,
|
||||
const char *add_ts, const char* add_lt,
|
||||
const char *add_rs_key, const char *add_auth_key,
|
||||
const char* msg)
|
||||
{
|
||||
if(s && !ioa_socket_tobeclosed(s)) {
|
||||
@ -3017,35 +2992,7 @@ static void write_https_oauth_page(ioa_socket_handle s, const char* add_kid, con
|
||||
str_buffer_append(sb,">A256GCMKW\r\n<br>\r\n");
|
||||
}
|
||||
|
||||
str_buffer_append(sb,"</td><td colspan=\"2\">");
|
||||
|
||||
{
|
||||
if(!add_rs_key) add_rs_key = "";
|
||||
|
||||
str_buffer_append(sb," <br>Base64-encoded AS-RS key (optional):<br><textarea wrap=\"soft\" cols=70 rows=4 name=\"");
|
||||
str_buffer_append(sb,HR_ADD_OAUTH_RS_KEY);
|
||||
str_buffer_append(sb,"\" maxLength=256 >");
|
||||
str_buffer_append(sb,(const char*)add_rs_key);
|
||||
str_buffer_append(sb,"</textarea>");
|
||||
str_buffer_append(sb,"<br>\r\n");
|
||||
}
|
||||
|
||||
str_buffer_append(sb,"</td></tr>\r\n");
|
||||
|
||||
str_buffer_append(sb,"<tr><td colspan=\"2\">");
|
||||
|
||||
{
|
||||
if(!add_auth_key) add_auth_key = "";
|
||||
|
||||
str_buffer_append(sb," <br>Base64-encoded AUTH key (optional):<br><textarea wrap=\"soft\" cols=70 rows=4 name=\"");
|
||||
str_buffer_append(sb,HR_ADD_OAUTH_AUTH_KEY);
|
||||
str_buffer_append(sb,"\" maxLength=256 >");
|
||||
str_buffer_append(sb,(const char*)add_auth_key);
|
||||
str_buffer_append(sb,"</textarea>");
|
||||
str_buffer_append(sb,"<br>\r\n");
|
||||
}
|
||||
|
||||
str_buffer_append(sb,"</td></tr></table>\r\n");
|
||||
str_buffer_append(sb,"</td></tr>\r\n</table>\r\n");
|
||||
|
||||
str_buffer_append(sb,"<br><input type=\"submit\" value=\"Add key\">");
|
||||
|
||||
@ -3545,28 +3492,19 @@ static void handle_https(ioa_socket_handle s, ioa_network_buffer_handle nbh)
|
||||
const char* add_ts = "0";
|
||||
const char* add_lt = "0";
|
||||
const char* add_ikm = "";
|
||||
const char *add_rs_key = "";
|
||||
const char *add_auth_key = "";
|
||||
const char* add_tea = "";
|
||||
const char* msg = "";
|
||||
|
||||
add_kid = get_http_header_value(hr,HR_ADD_OAUTH_KID,"");
|
||||
if(add_kid[0]) {
|
||||
add_ikm = get_http_header_value(hr,HR_ADD_OAUTH_IKM,"");
|
||||
add_rs_key = get_http_header_value(hr,HR_ADD_OAUTH_RS_KEY,"");
|
||||
add_auth_key = get_http_header_value(hr,HR_ADD_OAUTH_AUTH_KEY,"");
|
||||
add_ts = get_http_header_value(hr,HR_ADD_OAUTH_TS,"");
|
||||
add_lt = get_http_header_value(hr,HR_ADD_OAUTH_LT,"");
|
||||
add_tea = get_http_header_value(hr,HR_ADD_OAUTH_TEA,"");
|
||||
|
||||
int keys_ok = 0;
|
||||
if(add_rs_key[0] && add_auth_key[0]) {
|
||||
keys_ok = 1;
|
||||
} else if(strstr(add_tea,"GCM") && add_rs_key[0]) {
|
||||
keys_ok = 1;
|
||||
}
|
||||
int keys_ok = (add_ikm[0] != 0);
|
||||
if(!keys_ok) {
|
||||
msg = "Provided information is insufficient for the oAuth key generation.";
|
||||
msg = "You must enter the key value.";
|
||||
} else {
|
||||
oauth_key_data_raw key;
|
||||
ns_bzero(&key,sizeof(key));
|
||||
@ -3588,8 +3526,6 @@ static void handle_https(ioa_socket_handle s, ioa_network_buffer_handle nbh)
|
||||
|
||||
STRCPY(key.ikm_key,add_ikm);
|
||||
STRCPY(key.as_rs_alg,add_tea);
|
||||
STRCPY(key.as_rs_key,add_rs_key);
|
||||
STRCPY(key.auth_key,add_auth_key);
|
||||
|
||||
const turn_dbdriver_t * dbd = get_dbdriver();
|
||||
if (dbd && dbd->set_oauth_key) {
|
||||
@ -3601,14 +3537,12 @@ static void handle_https(ioa_socket_handle s, ioa_network_buffer_handle nbh)
|
||||
add_lt = "0";
|
||||
add_ikm = "";
|
||||
add_tea = "";
|
||||
add_rs_key = "";
|
||||
add_auth_key = "";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
write_https_oauth_page(s,add_kid,add_ikm,add_tea,add_ts,add_lt,add_rs_key,add_auth_key,msg);
|
||||
write_https_oauth_page(s,add_kid,add_ikm,add_tea,add_ts,add_lt,msg);
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
@ -1018,15 +1018,12 @@ void run_db_test(void)
|
||||
oauth_key_data_raw key_;
|
||||
oauth_key_data_raw *key=&key_;
|
||||
dbd->get_oauth_key((const u08bits*)"north",key);
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s, as_rs_key=%s, auth_key=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime,
|
||||
key->as_rs_alg, key->as_rs_key, key->auth_key);
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->as_rs_alg);
|
||||
|
||||
printf("DB TEST 3:\n");
|
||||
|
||||
STRCPY(key->as_rs_alg,"as_rs_alg");
|
||||
STRCPY(key->as_rs_key,"as_rs_key");
|
||||
STRCPY(key->auth_key,"auth_key");
|
||||
STRCPY(key->ikm_key,"ikm_key");
|
||||
STRCPY(key->kid,"kid");
|
||||
key->timestamp = 123;
|
||||
@ -1037,9 +1034,8 @@ void run_db_test(void)
|
||||
|
||||
printf("DB TEST 4:\n");
|
||||
dbd->get_oauth_key((const u08bits*)"kid",key);
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s, as_rs_key=%s, auth_key=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime,
|
||||
key->as_rs_alg, key->as_rs_key, key->auth_key);
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s\n",
|
||||
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->as_rs_alg);
|
||||
|
||||
printf("DB TEST 5:\n");
|
||||
dbd->del_oauth_key((const u08bits*)"kid");
|
||||
@ -1051,9 +1047,8 @@ void run_db_test(void)
|
||||
|
||||
oauth_key_data oakd;
|
||||
convert_oauth_key_data_raw(key, &oakd);
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s, as_rs_key_size=%d, auth_key_size=%d\n",
|
||||
oakd.kid, oakd.ikm_key, (unsigned long long)oakd.timestamp, (unsigned long)oakd.lifetime,
|
||||
oakd.as_rs_alg, (int)oakd.as_rs_key_size, (int)oakd.auth_key_size);
|
||||
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, as_rs_alg=%s\n",
|
||||
oakd.kid, oakd.ikm_key, (unsigned long long)oakd.timestamp, (unsigned long)oakd.lifetime, oakd.as_rs_alg);
|
||||
|
||||
oauth_key oak;
|
||||
char err_msg[1025];
|
||||
|
||||
@ -102,9 +102,9 @@ int oauth = 0;
|
||||
oauth_key okey_array[3];
|
||||
|
||||
static oauth_key_data_raw okdr_array[3] = {
|
||||
{"north","Y2FybGVvbg==",0,0,"A256GCMKW","",""},
|
||||
{"union","aGVyb2Q=",0,0,"A128GCMKW","",""},
|
||||
{"oldempire","YXVsY3Vz",0,0,"A256GCMKW","",""}
|
||||
{"north","Y2FybGVvbg==",0,0,"A256GCMKW"},
|
||||
{"union","aGVyb2Q=",0,0,"A128GCMKW"},
|
||||
{"oldempire","YXVsY3Vz",0,0,"A256GCMKW"}
|
||||
};
|
||||
|
||||
//////////////// local definitions /////////////////
|
||||
|
||||
@ -2045,15 +2045,8 @@ int convert_oauth_key_data(const oauth_key_data *oakd0, oauth_key *key, char *er
|
||||
oauth_key_data *oakd = &oakd_obj;
|
||||
|
||||
if(!(oakd->ikm_key_size)) {
|
||||
if(!(oakd->as_rs_key_size)) {
|
||||
if(err_msg) {
|
||||
snprintf(err_msg,err_msg_size,"AS-RS key is not defined");
|
||||
}
|
||||
OAUTH_ERROR("AS-RS key is not defined\n");
|
||||
return -1;
|
||||
}
|
||||
if(!(oakd->auth_key_size)) {
|
||||
//AEAD ?
|
||||
if(err_msg) {
|
||||
snprintf(err_msg,err_msg_size,"key is not defined");
|
||||
}
|
||||
}
|
||||
|
||||
@ -2075,10 +2068,6 @@ int convert_oauth_key_data(const oauth_key_data *oakd0, oauth_key *key, char *er
|
||||
|
||||
STRCPY(key->kid,oakd->kid);
|
||||
|
||||
ns_bcopy(oakd->as_rs_key,key->as_rs_key,sizeof(key->as_rs_key));
|
||||
key->as_rs_key_size = oakd->as_rs_key_size;
|
||||
ns_bcopy(oakd->auth_key,key->auth_key,sizeof(key->auth_key));
|
||||
key->auth_key_size = oakd->auth_key_size;
|
||||
ns_bcopy(oakd->ikm_key,key->ikm_key,sizeof(key->ikm_key));
|
||||
key->ikm_key_size = oakd->ikm_key_size;
|
||||
|
||||
@ -2108,20 +2097,16 @@ int convert_oauth_key_data(const oauth_key_data *oakd0, oauth_key *key, char *er
|
||||
return -1;
|
||||
}
|
||||
|
||||
if(!(key->auth_key_size)) {
|
||||
key->auth_key_size = calculate_auth_key_length(key->as_rs_alg);
|
||||
if(key->auth_key_size) {
|
||||
if(calculate_key(key->ikm_key,key->ikm_key_size,key->auth_key,key->auth_key_size)<0) {
|
||||
return -1;
|
||||
}
|
||||
key->auth_key_size = calculate_auth_key_length(key->as_rs_alg);
|
||||
if(key->auth_key_size) {
|
||||
if(calculate_key(key->ikm_key,key->ikm_key_size,key->auth_key,key->auth_key_size)<0) {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
if(!(key->as_rs_key_size)) {
|
||||
key->as_rs_key_size = calculate_enc_key_length(key->as_rs_alg);
|
||||
if(calculate_key(key->ikm_key,key->ikm_key_size,key->as_rs_key,key->as_rs_key_size)<0) {
|
||||
return -1;
|
||||
}
|
||||
key->as_rs_key_size = calculate_enc_key_length(key->as_rs_alg);
|
||||
if(calculate_key(key->ikm_key,key->ikm_key_size,key->as_rs_key,key->as_rs_key_size)<0) {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -112,10 +112,6 @@ struct _oauth_key_data {
|
||||
turn_time_t timestamp;
|
||||
turn_time_t lifetime;
|
||||
char as_rs_alg[OAUTH_ALG_SIZE+1];
|
||||
char as_rs_key[OAUTH_KEY_SIZE+1];
|
||||
size_t as_rs_key_size;
|
||||
char auth_key[OAUTH_KEY_SIZE+1];
|
||||
size_t auth_key_size;
|
||||
};
|
||||
|
||||
typedef struct _oauth_key_data oauth_key_data;
|
||||
|
||||
@ -43,8 +43,6 @@ CREATE TABLE oauth_key (
|
||||
timestamp bigint default 0,
|
||||
lifetime integer default 0,
|
||||
as_rs_alg varchar(64) default '',
|
||||
as_rs_key varchar(256) default '',
|
||||
auth_key varchar(256) default '',
|
||||
primary key (kid)
|
||||
);
|
||||
|
||||
|
||||
@ -34,12 +34,10 @@ and they will be almost immediately "seen" by the turnserver process.
|
||||
4) For the oAuth authentication, there is a hash structure with the key
|
||||
"turn/oauth/kid/<kid-value>". The kid structure fields are:
|
||||
|
||||
ikm_key - (optional) base64-encoded key ("input keying material");
|
||||
The ikm_key is not needed if the as_rs_key and auth_key are defined
|
||||
explicitly in the database;
|
||||
ikm_key - (optional) base64-encoded key ("input keying material").
|
||||
|
||||
timestamp - (optional) the timestamp (in seconds) when the key
|
||||
lifetime started;
|
||||
lifetime started.
|
||||
|
||||
lifetime - (optional) the key lifetime in seconds; the default value
|
||||
is 0 - unlimited lifetime.
|
||||
@ -47,14 +45,7 @@ and they will be almost immediately "seen" by the turnserver process.
|
||||
as_rs_alg - oAuth token encryption algorithm; the valid values are
|
||||
"A256GCMKW", "A128GCMKW" (see
|
||||
http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-4.1).
|
||||
The default value is "A256GCMKW";
|
||||
|
||||
as_rs_key - (optional) base64-encoded AS-RS key. If not defined, then
|
||||
calculated with ikm_key. The as_rs_key length
|
||||
is defined by as_rs_alg.
|
||||
|
||||
auth_key - (optional) base64-encoded AUTH key. If not defined, then
|
||||
calculated with ikm_key. Not used with AEAD algorithms.
|
||||
The default value is "A256GCMKW".
|
||||
|
||||
5) admin users (over https interface) are maintained as keys of form:
|
||||
"turn/admin_user/<username> with hash members "password" and,
|
||||
|
||||
@ -31,6 +31,6 @@ insert into denied_peer_ip (ip_range) values('123::45');
|
||||
insert into denied_peer_ip (realm,ip_range) values('north.gov','172.17.17.133-172.17.19.56');
|
||||
insert into denied_peer_ip (realm,ip_range) values('crinna.org','123::77');
|
||||
|
||||
insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key) values('north','Y2FybGVvbg==',0,0,'A256GCMKW','','');
|
||||
insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key) values('union','aGVyb2Q=',0,0,'A128GCMKW','','');
|
||||
insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg,as_rs_key,auth_key) values('oldempire','YXVsY3Vz',0,0,'A256GCMKW','','');
|
||||
insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg) values('north','Y2FybGVvbg==',0,0,'A256GCMKW');
|
||||
insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg) values('union','aGVyb2Q=',0,0,'A128GCMKW');
|
||||
insert into oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg) values('oldempire','YXVsY3Vz',0,0,'A256GCMKW');
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user