diff --git a/ChangeLog b/ChangeLog index 333d1907..fd28c9a3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,9 +1,15 @@ +6/20/2015 Oleg Moskalenko +Version 4.4.5.3 'Ardee West': + - third-party authorization STUN attributes adjusted according + to the values assigned by IANA. + - SQL injection security hole fixed. + 5/29/2015 Oleg Moskalenko Version 4.4.5.2 'Ardee West': - dual allocation adjusted according to the new TURN-bis draft; - options sha256, sha384, sha512 retired as non-standard; - third-party authorization (oAuth) updated according to the - version 14 of the draft; + version 16 of the draft; - C++ compilation fixes; - cosmetic fixes; - fixed binary package for CentOS 7.1; diff --git a/INSTALL b/INSTALL index 583ee409..f97fc2af 100644 --- a/INSTALL +++ b/INSTALL @@ -751,7 +751,7 @@ The oauth_key table fields meanings are: kid: the kid of the key; - ikm_key - (optional) base64-encoded key ("input keying material"); + ikm_key - base64-encoded key ("input keying material"); timestamp - (optional) the timestamp (in seconds) when the key lifetime starts; diff --git a/Makefile.in b/Makefile.in index 7b99032b..cde7dda8 100755 --- a/Makefile.in +++ b/Makefile.in @@ -7,7 +7,7 @@ CFLAGS += ${INCFLAGS} MAKE_DEPS = Makefile -LIBCLIENTTURN_HEADERS = src/ns_turn_defs.h src/client++/TurnMsgLib.h src/client/ns_turn_ioaddr.h src/client/ns_turn_msg.h src/client/ns_turn_msg_defs.h src/client/ns_turn_msg_defs_new.h src/client/ns_turn_msg_addr.h +LIBCLIENTTURN_HEADERS = src/ns_turn_defs.h src/client++/TurnMsgLib.h src/client/ns_turn_ioaddr.h src/client/ns_turn_msg.h src/client/ns_turn_msg_defs.h src/client/ns_turn_msg_defs_experimental.h src/client/ns_turn_msg_addr.h LIBCLIENTTURN_MODS = src/client/ns_turn_ioaddr.c src/client/ns_turn_msg_addr.c src/client/ns_turn_msg.c LIBCLIENTTURN_DEPS = ${LIBCLIENTTURN_HEADERS} ${MAKE_DEPS} LIBCLIENTTURN_OBJS = build/obj/ns_turn_ioaddr.o build/obj/ns_turn_msg_addr.o build/obj/ns_turn_msg.o diff --git a/README.turnutils b/README.turnutils index bb4ed688..2233b66e 100644 --- a/README.turnutils +++ b/README.turnutils @@ -49,7 +49,7 @@ It was designed to simulate multiple clients. It uses asynch IO API in libevent to handle multiple clients. A client connects to the relay, negotiates the session, and sends multiple (configured number) messages to the server (relay), expecting the same number of replies. The length of the messages is configurable. -The message is an arbitrary octet stream, but it can be configured as a string. +The message is an arbitrary octet stream. The number of the messages to send is configurable. Flags: diff --git a/man/man1/turnadmin.1 b/man/man1/turnadmin.1 index 54a36fc0..2269b378 100644 --- a/man/man1/turnadmin.1 +++ b/man/man1/turnadmin.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "11 April 2015" "" "" +.TH TURN 1 "15 June 2015" "" "" .SH GENERAL INFORMATION \fIturnadmin\fP is a TURN administration tool. This tool can be used to manage diff --git a/man/man1/turnserver.1 b/man/man1/turnserver.1 index a05d8369..51389c91 100644 --- a/man/man1/turnserver.1 +++ b/man/man1/turnserver.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "11 April 2015" "" "" +.TH TURN 1 "15 June 2015" "" "" .SH GENERAL INFORMATION The \fBTURN Server\fP project contains the source code of a TURN server and TURN client diff --git a/man/man1/turnutils.1 b/man/man1/turnutils.1 index 6148da32..d0dcf260 100644 --- a/man/man1/turnutils.1 +++ b/man/man1/turnutils.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "11 April 2015" "" "" +.TH TURN 1 "15 June 2015" "" "" .SH GENERAL INFORMATION A set of turnutils_* programs provides some utility functionality to be used @@ -59,7 +59,7 @@ It was designed to simulate multiple clients. It uses asynch IO API in libevent to handle multiple clients. A client connects to the relay, negotiates the session, and sends multiple (configured number) messages to the server (relay), expecting the same number of replies. The length of the messages is configurable. -The message is an arbitrary octet stream, but it can be configured as a string. +The message is an arbitrary octet stream. The number of the messages to send is configurable. .TP .B diff --git a/rpm/build.settings.sh b/rpm/build.settings.sh index dac4087c..ec4de760 100755 --- a/rpm/build.settings.sh +++ b/rpm/build.settings.sh @@ -2,7 +2,7 @@ # Common settings script. -TURNVERSION=4.4.5.2 +TURNVERSION=4.4.5.3 BUILDDIR=~/rpmbuild ARCH=`uname -p` TURNSERVER_SVN_URL=http://coturn.googlecode.com/svn diff --git a/rpm/turnserver.spec b/rpm/turnserver.spec index a09784ba..e4716dde 100644 --- a/rpm/turnserver.spec +++ b/rpm/turnserver.spec @@ -1,5 +1,5 @@ Name: turnserver -Version: 4.4.5.2 +Version: 4.4.5.3 Release: 0%{dist} Summary: Coturn TURN Server @@ -284,11 +284,13 @@ fi %{_includedir}/turn/client/ns_turn_ioaddr.h %{_includedir}/turn/client/ns_turn_msg_addr.h %{_includedir}/turn/client/ns_turn_msg_defs.h -%{_includedir}/turn/client/ns_turn_msg_defs_new.h +%{_includedir}/turn/client/ns_turn_msg_defs_experimental.h %{_includedir}/turn/client/ns_turn_msg.h %{_includedir}/turn/client/TurnMsgLib.h %changelog +* Sat Jun 20 2015 Oleg Moskalenko + - Sync to 4.4.5.3 * Wed May 29 2015 Oleg Moskalenko - Sync to 4.4.5.2 * Tue Mar 31 2015 Oleg Moskalenko diff --git a/src/apps/common/ns_turn_utils.c b/src/apps/common/ns_turn_utils.c index ddc937a4..bc25d0db 100644 --- a/src/apps/common/ns_turn_utils.c +++ b/src/apps/common/ns_turn_utils.c @@ -859,4 +859,30 @@ char *turn_strdup_func(const char* s, const char* function, int line) { #endif #endif +//////////////////////////////// + +int is_secure_username(const u08bits *username) +{ + int ret = 0; + if(username) { + unsigned char *s0 = (unsigned char*)turn_strdup((const char*)username); + unsigned char *s = s0; + while(*s) { + *s = (unsigned char)tolower((int)*s); + ++s; + } + s = s0; + if(strstr((char*)s," ")||strstr((char*)s,"\t")||strstr((char*)s,"'")||strstr((char*)s,"\"")||strstr((char*)s,"\n")||strstr((char*)s,"\r")||strstr((char*)s,"\\")) { + ; + } else if(strstr((char*)s,"union")&&strstr((char*)s,"select")) { + ; + } else { + ret = 1; + } + turn_free(s,strlen((char*)s)); + } + return ret; +} + ////////////////////////////////////////////////////////////////// + diff --git a/src/apps/common/ns_turn_utils.h b/src/apps/common/ns_turn_utils.h index 1df95651..809a04c4 100644 --- a/src/apps/common/ns_turn_utils.h +++ b/src/apps/common/ns_turn_utils.h @@ -78,6 +78,10 @@ void rollover_logfile(void); /////////////////////////////////////////////////////// +int is_secure_username(const u08bits *username); + +/////////////////////////////////////////////////////// + #ifdef __cplusplus } #endif diff --git a/src/apps/relay/dbdrivers/dbd_mysql.c b/src/apps/relay/dbdrivers/dbd_mysql.c index a7eb317d..b8bb30fa 100644 --- a/src/apps/relay/dbdrivers/dbd_mysql.c +++ b/src/apps/relay/dbdrivers/dbd_mysql.c @@ -300,6 +300,7 @@ static int mysql_get_user_key(u08bits *usname, u08bits *realm, hmackey_t key) { MYSQL * myc = get_mydb_connection(); if(myc) { char statement[TURN_LONG_STRING_SIZE]; + /* direct user input eliminated - there is no SQL injection problem (since version 4.4.5.3) */ snprintf(statement,sizeof(statement),"select hmackey from turnusers_lt where name='%s' and realm='%s'",usname,realm); int res = mysql_query(myc, statement); if(res) { @@ -343,6 +344,7 @@ static int mysql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) { int ret = -1; char statement[TURN_LONG_STRING_SIZE]; + /* direct user input eliminated - there is no SQL injection problem (since version 4.4.5.3) */ snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg from oauth_key where kid='%s'",(const char*)kid); MYSQL * myc = get_mydb_connection(); diff --git a/src/apps/relay/dbdrivers/dbd_pgsql.c b/src/apps/relay/dbdrivers/dbd_pgsql.c index cfb0187e..b7b72718 100644 --- a/src/apps/relay/dbdrivers/dbd_pgsql.c +++ b/src/apps/relay/dbdrivers/dbd_pgsql.c @@ -124,6 +124,7 @@ static int pgsql_get_user_key(u08bits *usname, u08bits *realm, hmackey_t key) { PGconn * pqc = get_pqdb_connection(); if(pqc) { char statement[TURN_LONG_STRING_SIZE]; + /* direct user input eliminated - there is no SQL injection problem (since version 4.4.5.3) */ snprintf(statement,sizeof(statement),"select hmackey from turnusers_lt where name='%s' and realm='%s'",usname,realm); PGresult *res = PQexec(pqc, statement); @@ -158,6 +159,7 @@ static int pgsql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) { int ret = -1; char statement[TURN_LONG_STRING_SIZE]; + /* direct user input eliminated - there is no SQL injection problem (since version 4.4.5.3) */ snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg from oauth_key where kid='%s'",(const char*)kid); PGconn * pqc = get_pqdb_connection(); diff --git a/src/apps/relay/dbdrivers/dbd_sqlite.c b/src/apps/relay/dbdrivers/dbd_sqlite.c index 334b934f..26f32b16 100644 --- a/src/apps/relay/dbdrivers/dbd_sqlite.c +++ b/src/apps/relay/dbdrivers/dbd_sqlite.c @@ -261,6 +261,7 @@ static int sqlite_get_user_key(u08bits *usname, u08bits *realm, hmackey_t key) char statement[TURN_LONG_STRING_SIZE]; sqlite3_stmt *st = NULL; int rc = 0; + /* direct user input eliminated - there is no SQL injection problem (since version 4.4.5.3) */ snprintf(statement, sizeof(statement), "select hmackey from turnusers_lt where name='%s' and realm='%s'", usname, realm); sqlite_lock(0); @@ -296,6 +297,8 @@ static int sqlite_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) { char statement[TURN_LONG_STRING_SIZE]; sqlite3_stmt *st = NULL; int rc = 0; + + /* direct user input eliminated - there is no SQL injection problem (since version 4.4.5.3) */ snprintf(statement,sizeof(statement),"select ikm_key,timestamp,lifetime,as_rs_alg from oauth_key where kid='%s'",(const char*)kid); sqlite3 *sqliteconnection = get_sqlite_connection(); diff --git a/src/apps/relay/dbdrivers/dbdriver.h b/src/apps/relay/dbdrivers/dbdriver.h index 1ab87a27..d013e165 100644 --- a/src/apps/relay/dbdrivers/dbdriver.h +++ b/src/apps/relay/dbdrivers/dbdriver.h @@ -34,7 +34,7 @@ #include "../userdb.h" -#include "ns_turn_msg_defs_new.h" +#include "ns_turn_msg_defs.h" #include diff --git a/src/apps/relay/mainrelay.c b/src/apps/relay/mainrelay.c index f0c64d87..66326757 100644 --- a/src/apps/relay/mainrelay.c +++ b/src/apps/relay/mainrelay.c @@ -1536,6 +1536,10 @@ static int adminmain(int argc, char **argv) #endif case 'u': STRCPY(user,optarg); + if(!is_secure_username((u08bits*)user)) { + TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong user name structure or symbols, choose another name: %s\n",user); + exit(-1); + } if(SASLprep((u08bits*)user)<0) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong user name: %s\n",user); exit(-1); diff --git a/src/client/ns_turn_msg_defs.h b/src/client/ns_turn_msg_defs.h index 78653e05..2887c89c 100644 --- a/src/client/ns_turn_msg_defs.h +++ b/src/client/ns_turn_msg_defs.h @@ -31,7 +31,7 @@ #ifndef __LIB_TURN_MSG_DEFS__ #define __LIB_TURN_MSG_DEFS__ -#include "ns_turn_msg_defs_new.h" +#include "ns_turn_msg_defs_experimental.h" /////////////////////////////////////////// // http://www.iana.org/assignments/stun-parameters/stun-parameters.xhtml @@ -154,6 +154,119 @@ #define STUN_ATTRIBUTE_MOBILITY_SUPPORT (0x8000) /* <<== Mobility */ +/* SHA ==>> */ + +#define SHA1SIZEBYTES (20) +#define SHA256SIZEBYTES (32) +#define SHA384SIZEBYTES (48) +#define SHA512SIZEBYTES (64) + +#define MAXSHASIZE (128) + +enum _SHATYPE { + SHATYPE_ERROR = -1, + SHATYPE_DEFAULT=0, + SHATYPE_SHA1=SHATYPE_DEFAULT, + SHATYPE_SHA256, + SHATYPE_SHA384, + SHATYPE_SHA512 +}; + +typedef enum _SHATYPE SHATYPE; + +#define shatype_name(sht) ((sht == SHATYPE_SHA1) ? "SHA1" : ((sht == SHATYPE_SHA256) ? "SHA256" : ((sht == SHATYPE_SHA384) ? "SHA384" : "SHA512"))) + +/* <<== SHA */ + +/* OAUTH TOKEN ENC ALG ==> */ + +enum _ENC_ALG { + ENC_ALG_ERROR=-1, +#if !defined(TURN_NO_GCM) + ENC_ALG_DEFAULT=0, + A256GCM=ENC_ALG_DEFAULT, + A128GCM, +#endif + ENC_ALG_NUM +}; + +typedef enum _ENC_ALG ENC_ALG; + +/* <<== OAUTH TOKEN ENC ALG */ + +/** + * oAuth struct + */ + +#define STUN_ATTRIBUTE_THIRD_PARTY_AUTHORIZATION (0x802E) +#define STUN_ATTRIBUTE_OAUTH_ACCESS_TOKEN (0x001B) + +#define OAUTH_KID_SIZE (128) +#define OAUTH_HASH_FUNC_SIZE (64) +#define OAUTH_ALG_SIZE (64) +#define OAUTH_KEY_SIZE (256) +#define OAUTH_GCM_NONCE_SIZE (12) +#define OAUTH_MAX_NONCE_SIZE (256) +#define OAUTH_GCM_TAG_SIZE (16) +#define OAUTH_ENC_ALG_BLOCK_SIZE (16) + +#define OAUTH_DEFAULT_LIFETIME (0) +#define OAUTH_DEFAULT_TIMESTAMP (turn_time()) + +#define OAUTH_TIME_DELTA (5) + +struct _oauth_key_data { + char kid[OAUTH_KID_SIZE+1]; + char ikm_key[OAUTH_KEY_SIZE+1]; + size_t ikm_key_size; + turn_time_t timestamp; + turn_time_t lifetime; + char as_rs_alg[OAUTH_ALG_SIZE+1]; +}; + +typedef struct _oauth_key_data oauth_key_data; + +struct _oauth_key { + char kid[OAUTH_KID_SIZE+1]; + char ikm_key[OAUTH_KEY_SIZE+1]; + size_t ikm_key_size; + turn_time_t timestamp; + turn_time_t lifetime; + ENC_ALG as_rs_alg; + char as_rs_key[OAUTH_KEY_SIZE+1]; + size_t as_rs_key_size; + char auth_key[OAUTH_KEY_SIZE+1]; + size_t auth_key_size; +}; + +typedef struct _oauth_key oauth_key; + +struct _oauth_encrypted_block { + uint16_t nonce_length; + uint8_t nonce[OAUTH_MAX_NONCE_SIZE]; + uint16_t key_length; + uint8_t mac_key[MAXSHASIZE]; + uint64_t timestamp; + uint32_t lifetime; +}; + +typedef struct _oauth_encrypted_block oauth_encrypted_block; + +struct _oauth_token { + oauth_encrypted_block enc_block; +}; + +typedef struct _oauth_token oauth_token; + +#define MAX_ENCODED_OAUTH_TOKEN_SIZE (1024) + +struct _encoded_oauth_token { + char token[MAX_ENCODED_OAUTH_TOKEN_SIZE]; + size_t size; +}; + +typedef struct _encoded_oauth_token encoded_oauth_token; + //////////////////////////////////////////////// #endif //__LIB_TURN_MSG_DEFS__ diff --git a/src/client/ns_turn_msg_defs_experimental.h b/src/client/ns_turn_msg_defs_experimental.h new file mode 100644 index 00000000..dfc2fb9d --- /dev/null +++ b/src/client/ns_turn_msg_defs_experimental.h @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2011, 2012, 2013 Citrix Systems + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef __LIB_TURN_MSG_DEFS_NEW__ +#define __LIB_TURN_MSG_DEFS_NEW__ + +/***** POST-RFC5766 FRESH SPECS ***********/ + +/* Origin ==>> */ +#define STUN_MAX_ORIGIN_SIZE (127) +#define STUN_ATTRIBUTE_ORIGIN (0x802F) +/* <<== Origin */ + +/* Bandwidth */ + +#define STUN_ATTRIBUTE_NEW_BANDWIDTH (0x8000 + STUN_ATTRIBUTE_BANDWIDTH) + +/* <<== Bandwidth */ + +////////////// SSODA /////////////////// + +#define STUN_ATTRIBUTE_ADDITIONAL_ADDRESS_FAMILY (0x8032) +#define STUN_ATTRIBUTE_ADDRESS_ERROR_CODE (0x8033) + +#endif //__LIB_TURN_MSG_DEFS_NEW__ diff --git a/src/client/ns_turn_msg_defs_new.h b/src/client/ns_turn_msg_defs_new.h deleted file mode 100644 index cc3b4074..00000000 --- a/src/client/ns_turn_msg_defs_new.h +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Copyright (C) 2011, 2012, 2013 Citrix Systems - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __LIB_TURN_MSG_DEFS_NEW__ -#define __LIB_TURN_MSG_DEFS_NEW__ - -/***** POST-RFC5766 FRESH SPECS ***********/ - -/* Origin ==>> */ -#define STUN_MAX_ORIGIN_SIZE (127) -#define STUN_ATTRIBUTE_ORIGIN (0x802F) -/* <<== Origin */ - -/* Bandwidth */ - -#define STUN_ATTRIBUTE_NEW_BANDWIDTH (0x8000 + STUN_ATTRIBUTE_BANDWIDTH) - -/* <<== Bandwidth */ - -/* SHA ==>> */ - -#define SHA1SIZEBYTES (20) -#define SHA256SIZEBYTES (32) -#define SHA384SIZEBYTES (48) -#define SHA512SIZEBYTES (64) - -#define MAXSHASIZE (128) - -enum _SHATYPE { - SHATYPE_ERROR = -1, - SHATYPE_DEFAULT=0, - SHATYPE_SHA1=SHATYPE_DEFAULT, - SHATYPE_SHA256, - SHATYPE_SHA384, - SHATYPE_SHA512 -}; - -typedef enum _SHATYPE SHATYPE; - -#define shatype_name(sht) ((sht == SHATYPE_SHA1) ? "SHA1" : ((sht == SHATYPE_SHA256) ? "SHA256" : ((sht == SHATYPE_SHA384) ? "SHA384" : "SHA512"))) - -/* <<== SHA */ - -/* OAUTH TOKEN ENC ALG ==> */ - -enum _ENC_ALG { - ENC_ALG_ERROR=-1, -#if !defined(TURN_NO_GCM) - ENC_ALG_DEFAULT=0, - A256GCM=ENC_ALG_DEFAULT, - A128GCM, -#endif - ENC_ALG_NUM -}; - -typedef enum _ENC_ALG ENC_ALG; - -/* <<== OAUTH TOKEN ENC ALG */ - -/** - * oAuth struct - */ - -#define STUN_ATTRIBUTE_THIRD_PARTY_AUTHORIZATION (0x8031) -#define STUN_ATTRIBUTE_OAUTH_ACCESS_TOKEN (0x0031) - -#define OAUTH_KID_SIZE (128) -#define OAUTH_HASH_FUNC_SIZE (64) -#define OAUTH_ALG_SIZE (64) -#define OAUTH_KEY_SIZE (256) -#define OAUTH_GCM_NONCE_SIZE (12) -#define OAUTH_MAX_NONCE_SIZE (256) -#define OAUTH_GCM_TAG_SIZE (16) -#define OAUTH_ENC_ALG_BLOCK_SIZE (16) - -#define OAUTH_DEFAULT_LIFETIME (0) -#define OAUTH_DEFAULT_TIMESTAMP (turn_time()) - -#define OAUTH_TIME_DELTA (5) - -struct _oauth_key_data { - char kid[OAUTH_KID_SIZE+1]; - char ikm_key[OAUTH_KEY_SIZE+1]; - size_t ikm_key_size; - turn_time_t timestamp; - turn_time_t lifetime; - char as_rs_alg[OAUTH_ALG_SIZE+1]; -}; - -typedef struct _oauth_key_data oauth_key_data; - -struct _oauth_key { - char kid[OAUTH_KID_SIZE+1]; - char ikm_key[OAUTH_KEY_SIZE+1]; - size_t ikm_key_size; - turn_time_t timestamp; - turn_time_t lifetime; - ENC_ALG as_rs_alg; - char as_rs_key[OAUTH_KEY_SIZE+1]; - size_t as_rs_key_size; - char auth_key[OAUTH_KEY_SIZE+1]; - size_t auth_key_size; -}; - -typedef struct _oauth_key oauth_key; - -struct _oauth_encrypted_block { - uint16_t nonce_length; - uint8_t nonce[OAUTH_MAX_NONCE_SIZE]; - uint16_t key_length; - uint8_t mac_key[MAXSHASIZE]; - uint64_t timestamp; - uint32_t lifetime; -}; - -typedef struct _oauth_encrypted_block oauth_encrypted_block; - -struct _oauth_token { - oauth_encrypted_block enc_block; -}; - -typedef struct _oauth_token oauth_token; - -#define MAX_ENCODED_OAUTH_TOKEN_SIZE (1024) - -struct _encoded_oauth_token { - char token[MAX_ENCODED_OAUTH_TOKEN_SIZE]; - size_t size; -}; - -typedef struct _encoded_oauth_token encoded_oauth_token; - -////////////// SSODA /////////////////// - -#define STUN_ATTRIBUTE_ADDITIONAL_ADDRESS_FAMILY (0x8032) -#define STUN_ATTRIBUTE_ADDRESS_ERROR_CODE (0x8033) - -#endif //__LIB_TURN_MSG_DEFS_NEW__ diff --git a/src/ns_turn_defs.h b/src/ns_turn_defs.h index f8f13b22..bc00fbe7 100644 --- a/src/ns_turn_defs.h +++ b/src/ns_turn_defs.h @@ -31,7 +31,7 @@ #ifndef __IOADEFS__ #define __IOADEFS__ -#define TURN_SERVER_VERSION "4.4.5.2" +#define TURN_SERVER_VERSION "4.4.5.3" #define TURN_SERVER_VERSION_NAME "Ardee West" #define TURN_SOFTWARE "Coturn-" TURN_SERVER_VERSION " '" TURN_SERVER_VERSION_NAME "'" diff --git a/src/server/ns_turn_server.c b/src/server/ns_turn_server.c index 203f69d1..3db0aeef 100644 --- a/src/server/ns_turn_server.c +++ b/src/server/ns_turn_server.c @@ -1015,6 +1015,12 @@ static int handle_turn_allocate(turn_turnserver *server, } ns_bcopy(value,username,ulen); username[ulen]=0; + if(!is_secure_username(username)) { + TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: wrong username: %s\n", __FUNCTION__, (char*)username); + username[0]=0; + *err_code = 400; + break; + } } } @@ -3338,7 +3344,12 @@ static int check_stun_auth(turn_turnserver *server, ns_bcopy(stun_attr_get_value(sar),usname,alen); usname[alen]=0; - if(ss->username[0]) { + if(!is_secure_username(usname)) { + TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: wrong username: %s\n", __FUNCTION__, (char*)usname); + usname[0]=0; + *err_code = 400; + return -1; + } else if(ss->username[0]) { if(strcmp((char*)ss->username,(char*)usname)) { if(ss->oauth) { ss->hmackey_set = 0;