diff --git a/src/server/ns_turn_server.c b/src/server/ns_turn_server.c index f92f4211..6a1c2bde 100644 --- a/src/server/ns_turn_server.c +++ b/src/server/ns_turn_server.c @@ -257,11 +257,12 @@ static int send_turn_message_to(turn_turnserver *server, ioa_network_buffer_hand /////////////////// Peer addr check ///////////////////////////// -static int good_peer_addr(turn_turnserver *server, const char *realm, ioa_addr *peer_addr) { +static int good_peer_addr(turn_turnserver *server, const char *realm, ioa_addr *peer_addr, turnsession_id session_id) { #define CHECK_REALM(r) \ if ((r)[0] && realm && realm[0] && strcmp((r), realm)) \ continue + turnserver_id server_id = (turnserver_id)(session_id / TURN_SESSION_ID_FACTOR); if (server && peer_addr) { if (*(server->no_multicast_peers) && ioa_addr_is_multicast(peer_addr)) return 0; @@ -307,8 +308,8 @@ static int good_peer_addr(turn_turnserver *server, const char *realm, ioa_addr * if (ioa_addr_in_range(&(server->ip_blacklist->rs[i].enc), peer_addr)) { char saddr[129]; addr_to_string_no_port(peer_addr, (uint8_t *)saddr); - TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "A peer IP %s denied in the range: %s\n", saddr, - server->ip_blacklist->rs[i].str); + TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "session %018llu: A peer IP %s denied in the range: %s in server %d \n", + (unsigned long long)session_id, saddr, server->ip_blacklist->rs[i].str, server_id); return 0; } } @@ -326,7 +327,9 @@ static int good_peer_addr(turn_turnserver *server, const char *realm, ioa_addr * ioa_unlock_blacklist(server->e); char saddr[129]; addr_to_string_no_port(peer_addr, (uint8_t *)saddr); - TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "A peer IP %s denied in the range: %s\n", saddr, bl->rs[i].str); + TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, + "session %018llu: A peer IP %s denied in the range= %s in server %d \n", + (unsigned long long)session_id, saddr, bl->rs[i].str, server_id); return 0; } } @@ -2137,7 +2140,7 @@ static void tcp_peer_accept_connection(ioa_socket_handle s, void *arg) { return; } - if (!good_peer_addr(server, ss->realm_options.name, peer_addr)) { + if (!good_peer_addr(server, ss->realm_options.name, peer_addr, ss->id)) { uint8_t saddr[256]; addr_to_string(peer_addr, saddr); TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: an attempt to connect from a peer with forbidden address: %s\n", @@ -2272,7 +2275,7 @@ static int handle_turn_connect(turn_turnserver *server, ts_ur_super_session *ss, *reason = (const uint8_t *)"Where is Peer Address ?"; } else { - if (!good_peer_addr(server, ss->realm_options.name, &peer_addr)) { + if (!good_peer_addr(server, ss->realm_options.name, &peer_addr, ss->id)) { *err_code = 403; *reason = (const uint8_t *)"Forbidden IP"; } else { @@ -2629,7 +2632,7 @@ static int handle_turn_channel_bind(turn_turnserver *server, ts_ur_super_session *err_code = 400; *reason = (const uint8_t *)"You cannot use the same peer with different channel number"; } else { - if (!good_peer_addr(server, ss->realm_options.name, &peer_addr)) { + if (!good_peer_addr(server, ss->realm_options.name, &peer_addr, ss->id)) { *err_code = 403; *reason = (const uint8_t *)"Forbidden IP"; } else { @@ -3046,7 +3049,7 @@ static int handle_turn_create_permission(turn_turnserver *server, ts_ur_super_se if (!get_relay_socket(a, peer_addr.ss.sa_family)) { *err_code = 443; *reason = (const uint8_t *)"Peer Address Family Mismatch (4)"; - } else if (!good_peer_addr(server, ss->realm_options.name, &peer_addr)) { + } else if (!good_peer_addr(server, ss->realm_options.name, &peer_addr, ss->id)) { *err_code = 403; *reason = (const uint8_t *)"Forbidden IP"; } else {