mirrors/coturn
1
0
Fork 0
mirror of https://github.com/coturn/coturn.git synced 2025-11-02 16:01:24 +01:00
Code Issues Projects Releases Wiki Activity

shared secrets admin page and fixes

Browse Source
This commit is contained in:
mom040267 2015-01-19 06:15:06 +00:00
parent 64f0a91ee8
commit 9bd8f29ac8
13 changed files with 445 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,9 +1,11 @@
1/12/2015 Oleg Moskalenko <mom040267@gmail.com>
Version 4.4.1.1 'Ardee West':
- https admin server;
- SSLv2 support removed;
- SSLv2 support removed (security concern fixed);
- The server-side short-term credentials mechanism support removed;
- OpenSSL 1.1.0 supported;
- shared secrets fixed in MongoDB: multiple secrets per realm allowed;
- shared secrets admin fixed in Redis;
12/24/2014 Oleg Moskalenko <mom040267@gmail.com>
Version 4.3.3.1 'Tolomei':

BIN
examples/var/db/turndb
View File

Binary file not shown.

97
src/apps/relay/dbdrivers/dbd_mongo.c
View File

@ -583,47 +583,76 @@ static int mongo_list_oauth_keys(void) {
return ret;
}
static int mongo_show_secret(u08bits *realm) {
mongoc_collection_t * collection = mongo_get_collection("turn_secret");
static int mongo_list_secrets(u08bits *realm, secrets_list_t *secrets, secrets_list_t *realms)
{
mongoc_collection_t * collection = mongo_get_collection("turn_secret");
u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
if(!realm) realm=realm0;
if(!collection)
return -1;
return -1;
bson_t query;
bson_init(&query);
BSON_APPEND_UTF8(&query, "realm", (const char *)realm);
bson_t query, child;
bson_init(&query);
bson_append_document_begin(&query, "$orderby", -1, &child);
bson_append_int32(&child, "realm", -1, 1);
bson_append_int32(&child, "value", -1, 1);
bson_append_document_end(&query, &child);
bson_append_document_begin(&query, "$query", -1, &child);
if (realm && realm[0]) {
BSON_APPEND_UTF8(&child, "realm", (const char *)realm);
}
bson_append_document_end(&query, &child);
bson_t fields;
bson_init(&fields);
BSON_APPEND_INT32(&fields, "value", 1);
bson_t fields;
bson_init(&fields);
BSON_APPEND_INT32(&fields, "value", 1);
BSON_APPEND_INT32(&fields, "realm", 1);
mongoc_cursor_t * cursor;
cursor = mongoc_collection_find(collection, MONGOC_QUERY_NONE, 0, 0, 0, &query, &fields, NULL);
mongoc_cursor_t * cursor;
cursor = mongoc_collection_find(collection, MONGOC_QUERY_NONE, 0, 0, 0, &query, &fields, NULL);
int ret = -1;
int ret = -1;
if (!cursor) {
if (!cursor) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error querying MongoDB collection 'turn_secret'\n");
} else {
const bson_t * item;
uint32_t length;
bson_iter_t iter;
const char * value;
while (mongoc_cursor_next(cursor, &item)) {
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "value") && BSON_ITER_HOLDS_UTF8(&iter)) {
value = bson_iter_utf8(&iter, &length);
if (length) {
printf("%s\n", value);
}
}
}
mongoc_cursor_destroy(cursor);
ret = 0;
}
mongoc_collection_destroy(collection);
bson_destroy(&query);
bson_destroy(&fields);
return ret;
} else {
const bson_t * item;
uint32_t length;
bson_iter_t iter;
bson_iter_t iter_realm;
const char * value;
while (mongoc_cursor_next(cursor, &item)) {
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "value") && BSON_ITER_HOLDS_UTF8(&iter)) {
value = bson_iter_utf8(&iter, &length);
if (length) {
const char *rval = "";
if (bson_iter_init(&iter_realm, item) && bson_iter_find(&iter_realm, "realm") && BSON_ITER_HOLDS_UTF8(&iter_realm)) {
rval = bson_iter_utf8(&iter_realm, &length);
}
if(secrets) {
add_to_secrets_list(secrets,value);
if(realms) {
if(rval && *rval) {
add_to_secrets_list(realms,rval);
} else {
add_to_secrets_list(realms,(char*)realm);
}
}
} else {
printf("%s[%s]\n", value, rval);
}
}
}
}
mongoc_cursor_destroy(cursor);
ret = 0;
}
mongoc_collection_destroy(collection);
bson_destroy(&query);
bson_destroy(&fields);
return ret;
}
static int mongo_del_secret(u08bits *secret, u08bits *realm) {
@ -1277,7 +1306,7 @@ static const turn_dbdriver_t driver = {
&mongo_set_user_key,
&mongo_del_user,
&mongo_list_users,
&mongo_show_secret,
&mongo_list_secrets,
&mongo_del_secret,
&mongo_set_secret,
&mongo_add_origin,

40
src/apps/relay/dbdrivers/dbd_mysql.c
View File

@ -605,10 +605,19 @@ static int mysql_list_users(u08bits *realm, secrets_list_t *users, secrets_list_
return ret;
}
static int mysql_show_secret(u08bits *realm) {
int ret = -1;
static int mysql_list_secrets(u08bits *realm, secrets_list_t *secrets, secrets_list_t *realms)
{
int ret = -1;
u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
if(!realm) realm=realm0;
char statement[TURN_LONG_STRING_SIZE];
snprintf(statement,sizeof(statement)-1,"select value from turn_secret where realm='%s'",realm);
if (realm[0]) {
snprintf(statement, sizeof(statement), "select value,realm from turn_secret where realm='%s' order by value", realm);
} else {
snprintf(statement, sizeof(statement), "select value,realm from turn_secret order by realm,value");
}
donot_print_connection_success=1;
@ -621,7 +630,7 @@ static int mysql_show_secret(u08bits *realm) {
MYSQL_RES *mres = mysql_store_result(myc);
if(!mres) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error retrieving MySQL DB information: %s\n",mysql_error(myc));
} else if(mysql_field_count(myc)!=1) {
} else if(mysql_field_count(myc)!=2) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Unknown error retrieving MySQL DB information: %s\n",statement);
} else {
for(;;) {
@ -629,19 +638,32 @@ static int mysql_show_secret(u08bits *realm) {
if(!row) {
break;
} else {
if(row[0]) {
printf("%s\n",row[0]);
const char* kval = row[0];
if(kval) {
const char* rval = row[1];
if(secrets) {
add_to_secrets_list(secrets,kval);
if(realms) {
if(rval && *rval) {
add_to_secrets_list(realms,rval);
} else {
add_to_secrets_list(realms,(char*)realm);
}
}
} else {
printf("%s[%s]\n",kval,rval);
}
}
}
}
ret = 0;
ret = 0;
}
if(mres)
mysql_free_result(mres);
}
}
return ret;
return ret;
}
static int mysql_del_secret(u08bits *secret, u08bits *realm) {
@ -1145,7 +1167,7 @@ static const turn_dbdriver_t driver = {
&mysql_set_user_key,
&mysql_del_user,
&mysql_list_users,
&mysql_show_secret,
&mysql_list_secrets,
&mysql_del_secret,
&mysql_set_secret,
&mysql_add_origin,

35
src/apps/relay/dbdrivers/dbd_pgsql.c
View File

@ -376,10 +376,19 @@ static int pgsql_list_users(u08bits *realm, secrets_list_t *users, secrets_list_
return ret;
}
static int pgsql_show_secret(u08bits *realm) {
int ret = -1;
static int pgsql_list_secrets(u08bits *realm, secrets_list_t *secrets, secrets_list_t *realms)
{
int ret = -1;
u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
if(!realm) realm=realm0;
char statement[TURN_LONG_STRING_SIZE];
snprintf(statement,sizeof(statement)-1,"select value from turn_secret where realm='%s'",realm);
if (realm[0]) {
snprintf(statement, sizeof(statement), "select value,realm from turn_secret where realm='%s' order by value", realm);
} else {
snprintf(statement, sizeof(statement), "select value,realm from turn_secret order by realm,value");
}
donot_print_connection_success=1;
@ -393,16 +402,28 @@ static int pgsql_show_secret(u08bits *realm) {
for(i=0;i<PQntuples(res);i++) {
char *kval = PQgetvalue(res,i,0);
if(kval) {
printf("%s\n",kval);
char* rval = PQgetvalue(res,i,1);
if(secrets) {
add_to_secrets_list(secrets,kval);
if(realms) {
if(rval && *rval) {
add_to_secrets_list(realms,rval);
} else {
add_to_secrets_list(realms,(char*)realm);
}
}
} else {
printf("%s[%s]\n",kval,rval);
}
}
}
ret = 0;
ret = 0;
}
if(res) {
PQclear(res);
}
}
return ret;
return ret;
}
static int pgsql_del_secret(u08bits *secret, u08bits *realm) {
@ -862,7 +883,7 @@ static const turn_dbdriver_t driver = {
&pgsql_set_user_key,
&pgsql_del_user,
&pgsql_list_users,
&pgsql_show_secret,
&pgsql_list_secrets,
&pgsql_del_secret,
&pgsql_set_secret,
&pgsql_add_origin,

35
src/apps/relay/dbdrivers/dbd_redis.c
View File

@ -686,9 +686,13 @@ static int redis_list_oauth_keys(void) {
}
static int redis_show_secret(u08bits *realm)
static int redis_list_secrets(u08bits *realm, secrets_list_t *secrets, secrets_list_t *realms)
{
int ret = -1;
u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
if(!realm) realm=realm0;
donot_print_connection_success = 1;
redisContext *rc = get_redis_connection();
if (rc) {
@ -717,6 +721,8 @@ static int redis_show_secret(u08bits *realm)
}
}
size_t rhsz=strlen("turn/realm/");
for (isz = 0; isz < keys.sz; ++isz) {
snprintf(s, sizeof(s), "smembers %s", keys.secrets[isz]);
redisReply *rget = (redisReply *) redisCommand(rc, s);
@ -729,9 +735,32 @@ static int redis_show_secret(u08bits *realm)
if (rget->type != REDIS_REPLY_NIL)
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Unexpected type: %d\n", rget->type);
} else {
char *s = keys.secrets[isz];
char *sh = strstr(s,"turn/realm/");
if(sh != s) continue;
sh += rhsz;
char* st = strchr(sh,'/');
if(!st) continue;
*st=0;
const char *rval = sh;
size_t i;
for (i = 0; i < rget->elements; ++i) {
printf("%s\n", rget->element[i]->str);
const char *kval = rget->element[i]->str;
if(secrets) {
add_to_secrets_list(secrets,kval);
if(realms) {
if(rval && *rval) {
add_to_secrets_list(realms,rval);
} else {
add_to_secrets_list(realms,(char*)realm);
}
}
} else {
printf("%s[%s]\n", kval, rval);
}
}
}
}
@ -1262,7 +1291,7 @@ static const turn_dbdriver_t driver = {
&redis_set_user_key,
&redis_del_user,
&redis_list_users,
&redis_show_secret,
&redis_list_secrets,
&redis_del_secret,
&redis_set_secret,
&redis_add_origin,

53
src/apps/relay/dbdrivers/dbd_sqlite.c
View File

@ -581,13 +581,22 @@ static int sqlite_list_users(u08bits *realm, secrets_list_t *users, secrets_list
return ret;
}
static int sqlite_show_secret(u08bits *realm)
static int sqlite_list_secrets(u08bits *realm, secrets_list_t *secrets, secrets_list_t *realms)
{
int ret = -1;
char statement[TURN_LONG_STRING_SIZE];
u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
if(!realm) realm=realm0;
sqlite3_stmt *st = NULL;
int rc = 0;
snprintf(statement,sizeof(statement)-1,"select value from turn_secret where realm='%s'",realm);
if (realm[0]) {
snprintf(statement, sizeof(statement), "select value,realm from turn_secret where realm='%s' order by value", realm);
} else {
snprintf(statement, sizeof(statement), "select value,realm from turn_secret order by realm,value");
}
donot_print_connection_success=1;
@ -597,17 +606,37 @@ static int sqlite_show_secret(u08bits *realm)
sqlite_lock(0);
if ((rc = sqlite3_prepare(sqliteconnection, statement, -1, &st, 0)) == SQLITE_OK) {
int res = sqlite3_step(st);
if (res == SQLITE_ROW) {
ret = 0;
const char* kval = (const char*) sqlite3_column_text(st, 0);
if(kval) {
printf("%s\n",kval);
int res = 0;
while(1) {
res = sqlite3_step(st);
if (res == SQLITE_ROW) {
ret = 0;
const char* kval = (const char*) sqlite3_column_text(st, 0);
if(kval) {
const char* rval = (const char*) sqlite3_column_text(st, 1);
if(secrets) {
add_to_secrets_list(secrets,kval);
if(realms) {
if(rval && *rval) {
add_to_secrets_list(realms,rval);
} else {
add_to_secrets_list(realms,(char*)realm);
}
}
} else {
printf("%s[%s]\n",kval,rval);
}
}
} else if (res == SQLITE_DONE) {
break;
} else {
const char* errmsg = sqlite3_errmsg(sqliteconnection);
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error retrieving SQLite DB information: %s\n", errmsg);
ret = -1;
break;
}
}
} else {
const char* errmsg = sqlite3_errmsg(sqliteconnection);
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error retrieving SQLite DB information: %s\n", errmsg);
}
sqlite3_finalize(st);
@ -1200,7 +1229,7 @@ static const turn_dbdriver_t driver = {
&sqlite_set_user_key,
&sqlite_del_user,
&sqlite_list_users,
&sqlite_show_secret,
&sqlite_list_secrets,
&sqlite_del_secret,
&sqlite_set_secret,
&sqlite_add_origin,

2
src/apps/relay/dbdrivers/dbdriver.h
View File

@ -53,7 +53,7 @@ typedef struct _turn_dbdriver_t {
int (*set_user_key)(u08bits *usname, u08bits *realm, const char *key);
int (*del_user)(u08bits *usname, u08bits *realm);
int (*list_users)(u08bits *realm, secrets_list_t *users, secrets_list_t *realms);
int (*show_secret)(u08bits *realm);
int (*list_secrets)(u08bits *realm, secrets_list_t *users, secrets_list_t *realms);
int (*del_secret)(u08bits *secret, u08bits *realm);
int (*set_secret)(u08bits *secret, u08bits *realm);
int (*add_origin)(u08bits *origin, u08bits *realm);

2
src/apps/relay/http_server.c
View File

@ -61,7 +61,7 @@ static void write_http_echo(ioa_socket_handle s)
char data_http[1025];
char content_http[1025];
const char* title = "TURN Server";
snprintf(content_http,sizeof(content_http)-1,"<!DOCTYPE html>\r\n<html>\r\n <head>\r\n <title>%s</title>\r\n </head>\r\n <body>\r\n %s\r\n </body>\r\n</html>\r\n",title,title);
snprintf(content_http,sizeof(content_http)-1,"<!DOCTYPE html>\r\n<html>\r\n <head>\r\n <title>%s</title>\r\n </head>\r\n <body>\r\n <b>%s</b> <br> <b><i>use https connection for the admin session</i></b>\r\n </body>\r\n</html>\r\n",title,title);
snprintf(data_http,sizeof(data_http)-1,"HTTP/1.1 200 OK\r\nServer: %s\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: %d\r\n\r\n%s",TURN_SOFTWARE,(int)strlen(content_http),content_http);
len_http = strlen(data_http);
ns_bcopy(data_http,data,len_http);

241
src/apps/relay/turn_admin_server.c
View File

@ -1361,6 +1361,7 @@ enum _AS_FORM {
AS_FORM_UPDATE,
AS_FORM_PS,
AS_FORM_USERS,
AS_FORM_SS,
AS_FORM_UNKNOWN
};
@ -1371,13 +1372,15 @@ typedef enum _AS_FORM AS_FORM;
#define HR_PASSWORD1 "pwd1"
#define HR_REALM "realm"
#define HR_ADD_USER "add_user"
#define HR_ADD_USER_REALM "add_user_realm"
#define HR_ADD_REALM "add_user_realm"
#define HR_ADD_SECRET "add_secret"
#define HR_CLIENT_PROTOCOL "cprotocol"
#define HR_USER_PATTERN "puser"
#define HR_MAX_SESSIONS "maxsess"
#define HR_CANCEL_SESSION "cs"
#define HR_DELETE_USER "du"
#define HR_DELETE_REALM "dr"
#define HR_DELETE_SECRET "ds"
struct form_name {
AS_FORM form;
@ -1393,6 +1396,7 @@ static struct form_name form_names[] = {
{AS_FORM_UPDATE,"/update"},
{AS_FORM_PS,"/ps"},
{AS_FORM_USERS,"/us"},
{AS_FORM_SS,"/ss"},
{AS_FORM_UNKNOWN,NULL}
};
@ -1531,6 +1535,10 @@ static void write_https_home_page(ioa_socket_handle s)
str_buffer_append(sb,form_names[AS_FORM_USERS].name);
str_buffer_append(sb,"\">");
str_buffer_append(sb,"<br><input type=\"submit\" value=\"Shared Secrets (for TURN REST API)\" formaction=\"");
str_buffer_append(sb,form_names[AS_FORM_SS].name);
str_buffer_append(sb,"\">");
str_buffer_append(sb,"</fieldset>\r\n");
str_buffer_append(sb,"</form>\r\n");
@ -2325,7 +2333,7 @@ static void write_users_page(ioa_socket_handle s, const u08bits *add_user, const
}
str_buffer_append(sb," <br>Realm name: <input type=\"text\" name=\"");
str_buffer_append(sb,HR_ADD_USER_REALM);
str_buffer_append(sb,HR_ADD_REALM);
str_buffer_append(sb,"\" value=\"");
str_buffer_append(sb,(const char*)add_realm);
str_buffer_append(sb,"\"");
@ -2393,6 +2401,157 @@ static void write_users_page(ioa_socket_handle s, const u08bits *add_user, const
}
}
static size_t https_print_secrets(struct str_buffer* sb)
{
size_t ret = 0;
const turn_dbdriver_t * dbd = get_dbdriver();
if (dbd && dbd->list_secrets) {
secrets_list_t secrets,realms;
init_secrets_list(&secrets);
init_secrets_list(&realms);
dbd->list_secrets((u08bits*)current_socket->as_eff_realm,&secrets,&realms);
size_t sz = get_secrets_list_size(&secrets);
size_t i;
for(i=0;i<sz;++i) {
str_buffer_append(sb,"<tr><td>");
str_buffer_append_sz(sb,i);
str_buffer_append(sb,"</td>");
str_buffer_append(sb,"<td>");
str_buffer_append(sb,get_secrets_list_elem(&secrets,i));
str_buffer_append(sb,"</td>");
if(!current_socket->as_eff_realm[0]) {
str_buffer_append(sb,"<td>");
str_buffer_append(sb,get_secrets_list_elem(&realms,i));
str_buffer_append(sb,"</td>");
}
str_buffer_append(sb,"<td> <a href=\"");
str_buffer_append(sb,form_names[AS_FORM_SS].name);
str_buffer_append(sb,"?");
str_buffer_append(sb,HR_DELETE_SECRET);
str_buffer_append(sb,"=");
str_buffer_append(sb,get_secrets_list_elem(&secrets,i));
str_buffer_append(sb,"&");
str_buffer_append(sb,HR_DELETE_REALM);
str_buffer_append(sb,"=");
str_buffer_append(sb,get_secrets_list_elem(&realms,i));
str_buffer_append(sb,"\">delete</a>");
str_buffer_append(sb,"</td>");
str_buffer_append(sb,"</tr>");
++ret;
}
clean_secrets_list(&secrets);
clean_secrets_list(&realms);
}
return ret;
}
static void write_shared_secrets_page(ioa_socket_handle s, const char* add_secret, const char* add_realm, const char* msg)
{
if(s && !ioa_socket_tobeclosed(s)) {
if(!(s->as_ok)) {
write_https_logon_page(s);
} else {
struct str_buffer* sb = str_buffer_new();
str_buffer_append(sb,"<!DOCTYPE html>\r\n<html>\r\n <head>\r\n <title>");
str_buffer_append(sb,admin_title);
str_buffer_append(sb,"</title>\r\n <style> table, th, td { border: 1px solid black; } table#msg th { color: red; background-color: white; } </style> </head>\r\n <body>\r\n ");
str_buffer_append(sb,bold_admin_title);
str_buffer_append(sb,"<br>\r\n");
str_buffer_append(sb,home_link);
str_buffer_append(sb,"<br>\r\n");
str_buffer_append(sb,"<form action=\"");
str_buffer_append(sb,form_names[AS_FORM_SS].name);
str_buffer_append(sb,"\" method=\"POST\">\r\n");
str_buffer_append(sb," <fieldset><legend>Filter:</legend>\r\n");
str_buffer_append(sb," <br>Realm name: <input type=\"text\" name=\"");
str_buffer_append(sb,HR_REALM);
str_buffer_append(sb,"\" value=\"");
str_buffer_append(sb,get_eff_realm());
str_buffer_append(sb,"\"");
if(!is_superuser()) {
str_buffer_append(sb," disabled ");
}
str_buffer_append(sb,">");
str_buffer_append(sb,"<br><input type=\"submit\" value=\"Filter\">");
str_buffer_append(sb,"</fieldset>\r\n");
str_buffer_append(sb,"</form>\r\n");
str_buffer_append(sb,"<form action=\"");
str_buffer_append(sb,form_names[AS_FORM_SS].name);
str_buffer_append(sb,"\" method=\"POST\">\r\n");
str_buffer_append(sb," <fieldset><legend>Secret:</legend>\r\n");
if(msg && msg[0]) {
str_buffer_append(sb,"<br><table id=\"msg\"><th>");
str_buffer_append(sb,msg);
str_buffer_append(sb,"</th></table><br>");
}
str_buffer_append(sb," <br>Realm name: <input type=\"text\" name=\"");
str_buffer_append(sb,HR_ADD_REALM);
str_buffer_append(sb,"\" value=\"");
str_buffer_append(sb,(const char*)add_realm);
str_buffer_append(sb,"\"");
if(!is_superuser()) {
str_buffer_append(sb," disabled ");
}
str_buffer_append(sb,"><br>\r\n");
str_buffer_append(sb," <br>Secret: <input type=\"text\" name=\"");
str_buffer_append(sb,HR_ADD_SECRET);
str_buffer_append(sb,"\" value=\"");
str_buffer_append(sb,(const char*)add_secret);
str_buffer_append(sb,"\"");
str_buffer_append(sb,"><br>\r\n");
str_buffer_append(sb,"<br><input type=\"submit\" value=\"Add secret\">");
str_buffer_append(sb,"</fieldset>\r\n");
str_buffer_append(sb,"</form>\r\n");
str_buffer_append(sb,"Secrets:<br>\r\n");
str_buffer_append(sb,"<table>\r\n");
str_buffer_append(sb,"<tr><th>N</th><th>Value</th>");
if(!current_socket->as_eff_realm[0]) {
str_buffer_append(sb,"<th>Realm</th>");
}
str_buffer_append(sb,"<th> </th>");
str_buffer_append(sb,"</tr>\r\n");
size_t total_sz = https_print_secrets(sb);
str_buffer_append(sb,"\r\n</table>\r\n");
str_buffer_append(sb,"<br>Total secrets = ");
str_buffer_append_sz(sb,total_sz);
str_buffer_append(sb,"<br>\r\n");
str_buffer_append(sb,"</body>\r\n</html>\r\n");
send_str_from_ioa_socket_tcp(s,"HTTP/1.1 200 OK\r\nServer: ");
send_str_from_ioa_socket_tcp(s,TURN_SOFTWARE);
send_str_from_ioa_socket_tcp(s,"\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: ");
send_ulong_from_ioa_socket_tcp(s,str_buffer_get_str_len(sb));
send_str_from_ioa_socket_tcp(s,"\r\n\r\n");
send_str_from_ioa_socket_tcp(s,str_buffer_get_str(sb));
str_buffer_free(sb);
}
}
}
static void handle_toggle_request(ioa_socket_handle s, struct http_request* hr)
{
if(s && hr) {
@ -2563,7 +2722,7 @@ static void handle_https(ioa_socket_handle s, ioa_network_buffer_handle nbh)
add_user = (const u08bits*)"";
}
if(add_user[0]) {
add_realm = (const u08bits*)get_http_header_value(hr, HR_ADD_USER_REALM);
add_realm = (const u08bits*)get_http_header_value(hr, HR_ADD_REALM);
if(!add_realm) {
add_realm=(const u08bits*)"";
}
@ -2626,6 +2785,82 @@ static void handle_https(ioa_socket_handle s, ioa_network_buffer_handle nbh)
}
break;
}
case AS_FORM_SS: {
if(s->as_ok) {
{
const char *realm0 = get_http_header_value(hr, HR_REALM);
if(!realm0)
realm0="";
if(!is_superuser())
realm0 = current_socket->as_realm;
STRCPY(current_socket->as_eff_realm,realm0);
}
{
const u08bits *secret = (const u08bits*)get_http_header_value(hr, HR_DELETE_SECRET);
if(secret && secret[0]) {
const u08bits *realm = (const u08bits*)get_http_header_value(hr, HR_DELETE_REALM);
if(!is_superuser()) {
realm = (const u08bits*)current_socket->as_realm;
}
if(realm && realm[0]) {
const turn_dbdriver_t * dbd = get_dbdriver();
if (dbd && dbd->del_secret) {
u08bits ss[AUTH_SECRET_SIZE+1];
u08bits r[STUN_MAX_REALM_SIZE+1];
STRCPY(ss,secret);
STRCPY(r,realm);
dbd->del_secret(ss,r);
}
}
}
}
const u08bits *add_realm = (const u08bits*)current_socket->as_eff_realm;
const u08bits *add_secret = (const u08bits*)get_http_header_value(hr, HR_ADD_SECRET);
const char* msg = "";
if(!add_secret) add_secret = (const u08bits*)"";
if(wrong_html_name((const char*)add_secret)) {
msg = "Error: wrong secret value";
add_secret = (const u08bits*)"";
}
if(add_secret[0]) {
add_realm = (const u08bits*)get_http_header_value(hr, HR_ADD_REALM);
if(!add_realm) {
add_realm=(const u08bits*)"";
}
if(!is_superuser()) {
add_realm = (const u08bits*)current_socket->as_realm;
}
if(!add_realm[0]) {
add_realm=(const u08bits*)current_socket->as_eff_realm;
}
if(wrong_html_name((const char*)add_realm)) {
msg = "Error: wrong realm name";
add_realm = (const u08bits*)"";
}
if(add_realm[0]) {
const turn_dbdriver_t * dbd = get_dbdriver();
if (dbd && dbd->set_secret) {
u08bits ss[AUTH_SECRET_SIZE+1];
u08bits r[STUN_MAX_REALM_SIZE+1];
STRCPY(ss,add_secret);
STRCPY(r,add_realm);
(*dbd->set_secret)(ss, r);
}
add_secret=(const u08bits*)"";
add_realm=(const u08bits*)"";
}
}
write_shared_secrets_page(s,(const char*)add_secret,(const char*)add_realm,msg);
} else {
write_https_logon_page(s);
}
break;
}
case AS_FORM_TOGGLE:
if(s->as_ok) {
handle_toggle_request(s,hr);

6
src/apps/relay/userdb.c
View File

@ -785,11 +785,9 @@ static int list_users(u08bits *realm, int is_admin)
static int show_secret(u08bits *realm)
{
must_set_admin_realm(realm);
const turn_dbdriver_t * dbd = get_dbdriver();
if (dbd && dbd->show_secret) {
(*dbd->show_secret)(realm);
if (dbd && dbd->list_secrets) {
(*dbd->list_secrets)(realm,NULL,NULL);
}
return 0;

4
turndb/testmongosetup.sh
View File

@ -5,7 +5,7 @@ mongo $* <<EOF
use coturn;
db.turnusers_lt.ensureIndex({ realm: 1, name: 1 }, { unique: 1 });
db.turn_secret.ensureIndex({ realm: 1 }, { unique: 1 });
db.turn_secret.ensureIndex({ realm: 1, value:1 }, { unique: 1 });
db.realm.ensureIndex({ realm: 1 }, { unique: 1 });
db.oauth_key.ensureIndex({ kid: 1 }, {unique: 1 });
@ -15,7 +15,9 @@ db.turnusers_lt.insert({ realm: 'crinna.org', name: 'whirrun', hmackey: '6972e85
db.turnusers_lt.insert({ realm: 'crinna.org', name: 'stranger-come-knocking', hmackey: 'd43cb678560259a1839bff61c19de15e' });
db.turn_secret.insert({ realm: 'north.gov', value: 'logen' });
db.turn_secret.insert({ realm: 'north.gov', value: 'bloody9' });
db.turn_secret.insert({ realm: 'crinna.org', value: 'north' });
db.turn_secret.insert({ realm: 'crinna.org', value: 'library' });
db.admin_user.insert({ name: 'skarling', realm: 'north.gov', password: 'hoodless' });
db.admin_user.insert({ name: 'bayaz', realm: '', password: 'magi' });

2
turndb/testsqldbsetup.sql
View File

@ -5,7 +5,9 @@ insert into turnusers_lt (realm, name, hmackey) values('crinna.org','whirrun','6
insert into turnusers_lt (realm, name, hmackey) values('crinna.org','stranger-come-knocking','d43cb678560259a1839bff61c19de15e');
insert into turn_secret (realm,value) values('north.gov','logen');
insert into turn_secret (realm,value) values('north.gov','bloody9');
insert into turn_secret (realm,value) values('crinna.org','north');
insert into turn_secret (realm,value) values('crinna.org','library');
insert into admin_user (name, realm, password) values('skarling','north.gov','hoodless');
insert into admin_user (name, realm, password) values('bayaz','','magi');