mirrors/coturn
1
0
Fork 0
mirror of https://github.com/coturn/coturn.git synced 2025-11-02 07:50:59 +01:00
Code Issues Projects Releases Wiki Activity

oauth keys page

Browse Source
This commit is contained in:
mom040267 2015-01-22 10:03:40 +00:00
parent 49c88a5576
commit aefe2608d0
11 changed files with 382 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
INSTALL
View File

@ -757,7 +757,7 @@ The oauth_key table fields meanings are:
explicitly in the database;
timestamp - (optional) the timestamp (in seconds) when the key
lifetime started;
lifetime starts;
lifetime - (optional) the key lifetime in seconds; the default value
is 0 - unlimited lifetime.

BIN
examples/var/db/turndb
View File

Binary file not shown.

15
src/apps/relay/dbdrivers/dbd_mongo.c
View File

@ -497,7 +497,7 @@ static int mongo_list_users(u08bits *realm, secrets_list_t *users, secrets_list_
return ret;
}
static int mongo_list_oauth_keys(void) {
static int mongo_list_oauth_keys(secrets_list_t *kids,secrets_list_t *hkdfs,secrets_list_t *teas,secrets_list_t *aas) {
const char * collection_name = "oauth_key";
mongoc_collection_t * collection = mongo_get_collection(collection_name);
@ -570,9 +570,16 @@ static int mongo_list_oauth_keys(void) {
if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "lifetime") && BSON_ITER_HOLDS_INT32(&iter)) {
key->lifetime = (u32bits)bson_iter_int32(&iter);
}
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->hkdf_hash_func,
key->as_rs_alg, key->as_rs_key, key->auth_alg, key->auth_key);
if(kids) {
add_to_secrets_list(kids,key->kid);
add_to_secrets_list(hkdfs,key->hkdf_hash_func);
add_to_secrets_list(teas,key->as_rs_alg);
add_to_secrets_list(aas,key->auth_alg);
} else {
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->hkdf_hash_func,
key->as_rs_alg, key->as_rs_key, key->auth_alg, key->auth_key);
}
}
mongoc_cursor_destroy(cursor);
ret = 0;

22
src/apps/relay/dbdrivers/dbd_mysql.c
View File

@ -402,7 +402,7 @@ static int mysql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
return ret;
}
static int mysql_list_oauth_keys(void) {
static int mysql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *hkdfs,secrets_list_t *teas,secrets_list_t *aas) {
oauth_key_data_raw key_;
oauth_key_data_raw *key=&key_;
@ -457,9 +457,16 @@ static int mysql_list_oauth_keys(void) {
ns_bcopy(row[8],key->kid,lengths[8]);
key->kid[lengths[8]]=0;
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
if(kids) {
add_to_secrets_list(kids,key->kid);
add_to_secrets_list(hkdfs,key->hkdf_hash_func);
add_to_secrets_list(teas,key->as_rs_alg);
add_to_secrets_list(aas,key->auth_alg);
} else {
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->hkdf_hash_func,
key->as_rs_alg, key->as_rs_key, key->auth_alg, key->auth_key);
}
}
row = mysql_fetch_row(mres);
}
@ -496,8 +503,9 @@ static int mysql_set_user_key(u08bits *usname, u08bits *realm, const char *key)
return ret;
}
static int mysql_set_oauth_key(oauth_key_data_raw *key) {
int ret = -1;
static int mysql_set_oauth_key(oauth_key_data_raw *key)
{
int ret = -1;
char statement[TURN_LONG_STRING_SIZE];
MYSQL * myc = get_mydb_connection();
if(myc) {
@ -511,10 +519,14 @@ static int mysql_set_oauth_key(oauth_key_data_raw *key) {
res = mysql_query(myc, statement);
if(res) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error inserting/updating oauth key information: %s\n",mysql_error(myc));
} else {
ret = 0;
}
} else {
ret = 0;
}
}
return ret;
return ret;
}
static int mysql_del_user(u08bits *usname, u08bits *realm) {

14
src/apps/relay/dbdrivers/dbd_pgsql.c
View File

@ -187,7 +187,7 @@ static int pgsql_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
return ret;
}
static int pgsql_list_oauth_keys(void) {
static int pgsql_list_oauth_keys(secrets_list_t *kids,secrets_list_t *hkdfs,secrets_list_t *teas,secrets_list_t *aas) {
oauth_key_data_raw key_;
oauth_key_data_raw *key=&key_;
@ -217,9 +217,16 @@ static int pgsql_list_oauth_keys(void) {
STRCPY((char*)key->auth_key,PQgetvalue(res,i,7));
STRCPY((char*)key->kid,PQgetvalue(res,i,8));
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
if(kids) {
add_to_secrets_list(kids,key->kid);
add_to_secrets_list(hkdfs,key->hkdf_hash_func);
add_to_secrets_list(teas,key->as_rs_alg);
add_to_secrets_list(aas,key->auth_alg);
} else {
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->hkdf_hash_func,
key->as_rs_alg, key->as_rs_key, key->auth_alg, key->auth_key);
}
ret = 0;
}
@ -283,7 +290,10 @@ static int pgsql_set_oauth_key(oauth_key_data_raw *key) {
} else {
ret = 0;
}
} else {
ret = 0;
}
if(res) {
PQclear(res);
}

15
src/apps/relay/dbdrivers/dbd_redis.c
View File

@ -637,7 +637,7 @@ static int redis_list_users(u08bits *realm, secrets_list_t *users, secrets_list_
return ret;
}
static int redis_list_oauth_keys(void) {
static int redis_list_oauth_keys(secrets_list_t *kids,secrets_list_t *hkdfs,secrets_list_t *teas,secrets_list_t *aas) {
int ret = -1;
redisContext *rc = get_redis_connection();
secrets_list_t keys;
@ -673,9 +673,16 @@ static int redis_list_oauth_keys(void) {
oauth_key_data_raw key_;
oauth_key_data_raw *key=&key_;
if(redis_get_oauth_key((const u08bits*)s,key) == 0) {
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->hkdf_hash_func,
key->as_rs_alg, key->as_rs_key, key->auth_alg, key->auth_key);
if(kids) {
add_to_secrets_list(kids,key->kid);
add_to_secrets_list(hkdfs,key->hkdf_hash_func);
add_to_secrets_list(teas,key->as_rs_alg);
add_to_secrets_list(aas,key->auth_alg);
} else {
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->hkdf_hash_func,
key->as_rs_alg, key->as_rs_key, key->auth_alg, key->auth_key);
}
}
}

17
src/apps/relay/dbdrivers/dbd_sqlite.c
View File

@ -329,7 +329,7 @@ static int sqlite_get_oauth_key(const u08bits *kid, oauth_key_data_raw *key) {
return ret;
}
static int sqlite_list_oauth_keys(void) {
static int sqlite_list_oauth_keys(secrets_list_t *kids,secrets_list_t *hkdfs,secrets_list_t *teas,secrets_list_t *aas) {
oauth_key_data_raw key_;
oauth_key_data_raw *key=&key_;
@ -363,11 +363,18 @@ static int sqlite_list_oauth_keys(void) {
STRCPY((char*)key->as_rs_key,sqlite3_column_text(st, 5));
STRCPY((char*)key->auth_alg,sqlite3_column_text(st, 6));
STRCPY((char*)key->auth_key,sqlite3_column_text(st, 7));
STRCPY((char*)key->kid,sqlite3_column_text(st, 7));
STRCPY((char*)key->kid,sqlite3_column_text(st, 8));
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->hkdf_hash_func,
key->as_rs_alg, key->as_rs_key, key->auth_alg, key->auth_key);
if(kids) {
add_to_secrets_list(kids,key->kid);
add_to_secrets_list(hkdfs,key->hkdf_hash_func);
add_to_secrets_list(teas,key->as_rs_alg);
add_to_secrets_list(aas,key->auth_alg);
} else {
printf(" kid=%s, ikm_key=%s, timestamp=%llu, lifetime=%lu, hkdf_hash_func=%s, as_rs_alg=%s, as_rs_key=%s, auth_alg=%s, auth_key=%s\n",
key->kid, key->ikm_key, (unsigned long long)key->timestamp, (unsigned long)key->lifetime, key->hkdf_hash_func,
key->as_rs_alg, key->as_rs_key, key->auth_alg, key->auth_key);
}
} else if (res == SQLITE_DONE) {
break;

2
src/apps/relay/dbdrivers/dbdriver.h
View File

@ -68,7 +68,7 @@ typedef struct _turn_dbdriver_t {
int (*set_oauth_key)(oauth_key_data_raw *key);
int (*get_oauth_key)(const u08bits *kid, oauth_key_data_raw *key);
int (*del_oauth_key)(const u08bits *kid);
int (*list_oauth_keys)(void);
int (*list_oauth_keys)(secrets_list_t *kids,secrets_list_t *hkdfs,secrets_list_t *teas,secrets_list_t *aas);
int (*get_admin_user)(const u08bits *usname, u08bits *realm, password_t pwd);
int (*set_admin_user)(const u08bits *usname, const u08bits *realm, const password_t pwd);
int (*del_admin_user)(const u08bits *usname);

9
src/apps/relay/http_server.c
View File

@ -117,7 +117,7 @@ static struct headers_list * post_parse(char *data, size_t data_len)
value = value ? value : "";
value = evhttp_decode_uri(value);
char *p = value;
while (*p != '\0') {
while (*p) {
if (*p == '+')
*p = ' ';
p++;
@ -135,6 +135,7 @@ static struct headers_list * post_parse(char *data, size_t data_len)
static struct http_request* parse_http_request_1(struct http_request* ret, char* request, int parse_post)
{
if(ret && request) {
char* s = strstr(request," HTTP/");
@ -266,7 +267,7 @@ static void free_headers_list(struct headers_list *h) {
}
const char *get_http_header_value(const struct http_request *request, const char* key, const char* default_value) {
const char *ret = default_value;
const char *ret = NULL;
if(key && key[0] && request && request->headers) {
if(request->headers->uri_headers) {
ret = evhttp_find_header(request->headers->uri_headers,key);
@ -274,7 +275,9 @@ const char *get_http_header_value(const struct http_request *request, const char
if(!ret && request->headers->post_headers) {
ret = get_headers_list_value(request->headers->post_headers,key);
}
if(!ret) ret = default_value;
}
if(!ret) {
ret = default_value;
}
return ret;
}

312
src/apps/relay/turn_admin_server.c
View File

@ -1392,6 +1392,12 @@ typedef enum _AS_FORM AS_FORM;
#define HR_ADD_IP_REALM "aipr"
#define HR_ADD_IP_KIND "aipk"
#define HR_UPDATE_PARAMETER "togglepar"
#define HR_ADD_OAUTH_KID "oauth_kid"
#define HR_ADD_OAUTH_IKM "oauth_ikm"
#define HR_ADD_OAUTH_HKDF "oauth_hkdf"
#define HR_ADD_OAUTH_TEA "oauth_tea"
#define HR_ADD_OAUTH_AA "oauth_aa"
#define HR_DELETE_OAUTH_KID "oauth_kid_del"
struct form_name {
AS_FORM form;
@ -1558,9 +1564,11 @@ static void write_https_home_page(ioa_socket_handle s)
str_buffer_append(sb,form_names[AS_FORM_OS].name);
str_buffer_append(sb,"\">");
str_buffer_append(sb,"<br><input type=\"submit\" value=\"oAuth keys\" formaction=\"");
str_buffer_append(sb,form_names[AS_FORM_OAUTH].name);
str_buffer_append(sb,"\">");
if(is_superuser()) {
str_buffer_append(sb,"<br><input type=\"submit\" value=\"oAuth keys\" formaction=\"");
str_buffer_append(sb,form_names[AS_FORM_OAUTH].name);
str_buffer_append(sb,"\">");
}
str_buffer_append(sb,"</fieldset>\r\n");
str_buffer_append(sb,"</form>\r\n");
@ -2778,6 +2786,246 @@ static void write_origins_page(ioa_socket_handle s, const char* add_origin, cons
}
}
static size_t https_print_oauth_keys(struct str_buffer* sb)
{
size_t ret = 0;
const turn_dbdriver_t * dbd = get_dbdriver();
if (dbd && dbd->list_oauth_keys) {
secrets_list_t kids,hkdfs,teas,aas;
init_secrets_list(&kids);
init_secrets_list(&hkdfs);
init_secrets_list(&teas);
init_secrets_list(&aas);
dbd->list_oauth_keys(&kids,&hkdfs,&teas,&aas);
size_t sz = get_secrets_list_size(&kids);
size_t i;
for(i=0;i<sz;++i) {
str_buffer_append(sb,"<tr><td>");
str_buffer_append_sz(sb,i+1);
str_buffer_append(sb,"</td>");
str_buffer_append(sb,"<td>");
str_buffer_append(sb,get_secrets_list_elem(&kids,i));
str_buffer_append(sb,"</td>");
str_buffer_append(sb,"<td>");
str_buffer_append(sb,get_secrets_list_elem(&hkdfs,i));
str_buffer_append(sb,"</td>");
str_buffer_append(sb,"<td>");
str_buffer_append(sb,get_secrets_list_elem(&teas,i));
str_buffer_append(sb,"</td>");
str_buffer_append(sb,"<td>");
str_buffer_append(sb,get_secrets_list_elem(&aas,i));
str_buffer_append(sb,"</td>");
{
str_buffer_append(sb,"<td> <a href=\"");
str_buffer_append(sb,form_names[AS_FORM_OAUTH].name);
str_buffer_append(sb,"?");
str_buffer_append(sb,HR_DELETE_OAUTH_KID);
str_buffer_append(sb,"=");
str_buffer_append(sb,get_secrets_list_elem(&kids,i));
str_buffer_append(sb,"\">delete</a>");
str_buffer_append(sb,"</td>");
}
str_buffer_append(sb,"</tr>");
++ret;
}
clean_secrets_list(&kids);
clean_secrets_list(&hkdfs);
clean_secrets_list(&teas);
clean_secrets_list(&aas);
}
return ret;
}
static void write_https_oauth_page(ioa_socket_handle s, const char* add_kid, const char* add_ikm,
const char* add_hkdf_hash_func, const char* add_tea, const char* add_aa,
const char* msg)
{
if(s && !ioa_socket_tobeclosed(s)) {
if(!(s->as_ok)) {
write_https_logon_page(s);
} else if(!is_superuser()) {
write_https_home_page(s);
} else {
struct str_buffer* sb = str_buffer_new();
str_buffer_append(sb,"<!DOCTYPE html>\r\n<html>\r\n <head>\r\n <title>");
str_buffer_append(sb,admin_title);
str_buffer_append(sb,"</title>\r\n <style> table, th, td { border: 1px solid black; } table#msg th { color: red; background-color: white; } </style> </head>\r\n <body>\r\n ");
str_buffer_append(sb,bold_admin_title);
str_buffer_append(sb,"<br>\r\n");
str_buffer_append(sb,home_link);
str_buffer_append(sb,"<br>\r\n");
{
str_buffer_append(sb,"<form action=\"");
str_buffer_append(sb,form_names[AS_FORM_OAUTH].name);
str_buffer_append(sb,"\" method=\"POST\">\r\n");
str_buffer_append(sb," <fieldset><legend>oAuth key:</legend>\r\n");
if(msg && msg[0]) {
str_buffer_append(sb,"<br><table id=\"msg\"><th>");
str_buffer_append(sb,msg);
str_buffer_append(sb,"</th></table><br>");
}
{
if(!add_kid) add_kid="";
str_buffer_append(sb," <br>KID: <input type=\"text\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_KID);
str_buffer_append(sb,"\" value=\"");
str_buffer_append(sb,(const char*)add_kid);
str_buffer_append(sb,"\"");
str_buffer_append(sb,"><br>\r\n");
}
{
if(!add_ikm) add_ikm = "";
str_buffer_append(sb," <br>Base64-encoded input keying material: <input type=\"text\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_IKM);
str_buffer_append(sb,"\" value=\"");
str_buffer_append(sb,(const char*)add_ikm);
str_buffer_append(sb,"\"");
str_buffer_append(sb,"><br>\r\n");
}
{
str_buffer_append(sb,"><br>Hash key derivation function:<br>\r\n");
if(!add_hkdf_hash_func || !add_hkdf_hash_func[0])
add_hkdf_hash_func = "SHA-256";
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_HKDF);
str_buffer_append(sb,"\" value=\"SHA-1\" ");
if(!strcmp("SHA-1",add_hkdf_hash_func)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">SHA-1\r\n<br>\r\n");
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_HKDF);
str_buffer_append(sb,"\" value=\"SHA-256\" ");
if(strcmp("SHA-1",add_hkdf_hash_func)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">SHA-256\r\n<br>\r\n");
}
{
str_buffer_append(sb,"><br>Token encryption algorithm:<br>\r\n");
if(!add_tea || !add_tea[0])
add_tea = "AES-256-CBC";
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_TEA);
str_buffer_append(sb,"\" value=\"AES-128-CBC\" ");
if(!strcmp("AES-128-CBC",add_tea)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">AES-128-CBC\r\n<br>\r\n");
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_TEA);
str_buffer_append(sb,"\" value=\"AES-256-CBC\" ");
if(!strcmp("AES-256-CBC",add_tea)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">AES-256-CBC\r\n<br>\r\n");
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_TEA);
str_buffer_append(sb,"\" value=\"AEAD-AES-128-GCM\" ");
if(!strcmp("AEAD-AES-128-GCM",add_tea)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">AEAD-AES-128-GCM\r\n<br>\r\n");
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_TEA);
str_buffer_append(sb,"\" value=\"AEAD-AES-256-GCM\" ");
if(!strcmp("AEAD-AES-256-GCM",add_tea)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">AEAD-AES-256-GCM\r\n<br>\r\n");
}
{
str_buffer_append(sb,"><br>Token authentication algorithm:<br>\r\n");
if(!add_aa || !add_aa[0])
add_aa = "HMAC-SHA-256-128";
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_AA);
str_buffer_append(sb,"\" value=\"HMAC-SHA-256-128\" ");
if(!strcmp("HMAC-SHA-256-128",add_aa)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">HMAC-SHA-256-128\r\n<br>\r\n");
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_AA);
str_buffer_append(sb,"\" value=\"HMAC-SHA-256\" ");
if(!strcmp("HMAC-SHA-256",add_aa)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">HMAC-SHA-256\r\n<br>\r\n");
str_buffer_append(sb,"<input type=\"radio\" name=\"");
str_buffer_append(sb,HR_ADD_OAUTH_AA);
str_buffer_append(sb,"\" value=\"HMAC-SHA-1\" ");
if(!strcmp("HMAC-SHA-1",add_aa)) {
str_buffer_append(sb," checked ");
}
str_buffer_append(sb,">HMAC-SHA-1\r\n<br>\r\n");
}
str_buffer_append(sb,"<br><input type=\"submit\" value=\"Add key\">");
str_buffer_append(sb,"</fieldset>\r\n");
str_buffer_append(sb,"</form>\r\n");
}
str_buffer_append(sb,"<br><b>OAuth keys:</b><br><br>\r\n");
str_buffer_append(sb,"<table>\r\n");
str_buffer_append(sb,"<tr><th>N</th><th>KID</th>");
str_buffer_append(sb,"<th>Hash key derivation function</th>");
str_buffer_append(sb,"<th>Token encryption algorithm</th>");
str_buffer_append(sb,"<th>Token authentication algorithm</th>");
str_buffer_append(sb,"<th> </th>");
str_buffer_append(sb,"</tr>\r\n");
size_t total_sz = https_print_oauth_keys(sb);
str_buffer_append(sb,"\r\n</table>\r\n");
str_buffer_append(sb,"<br>Total oAuth keys = ");
str_buffer_append_sz(sb,total_sz);
str_buffer_append(sb,"<br>\r\n");
str_buffer_append(sb,"</body>\r\n</html>\r\n");
send_str_from_ioa_socket_tcp(s,"HTTP/1.1 200 OK\r\nServer: ");
send_str_from_ioa_socket_tcp(s,TURN_SOFTWARE);
send_str_from_ioa_socket_tcp(s,"\r\n");
send_str_from_ioa_socket_tcp(s,get_http_date_header());
send_str_from_ioa_socket_tcp(s,"Content-Type: text/html; charset=UTF-8\r\nContent-Length: ");
send_ulong_from_ioa_socket_tcp(s,str_buffer_get_str_len(sb));
send_str_from_ioa_socket_tcp(s,"\r\n\r\n");
send_str_from_ioa_socket_tcp(s,str_buffer_get_str(sb));
str_buffer_free(sb);
}
}
}
static void handle_toggle_request(ioa_socket_handle s, struct http_request* hr)
{
if(s && hr) {
@ -3197,11 +3445,63 @@ static void handle_https(ioa_socket_handle s, ioa_network_buffer_handle nbh)
break;
}
case AS_FORM_OAUTH: {
if(s->as_ok) {
//TODO
if(!s->as_ok) {
write_https_logon_page(s);
} else if(!is_superuser()) {
write_https_home_page(s);
} else {
write_https_logon_page(s);
{
const char* del_kid = get_http_header_value(hr,HR_DELETE_OAUTH_KID,"");
if(del_kid[0]) {
const turn_dbdriver_t * dbd = get_dbdriver();
if (dbd && dbd->del_oauth_key) {
(*dbd->del_oauth_key)((const u08bits*)del_kid);
}
}
}
const char* add_kid = "";
const char* add_ikm = "";
const char* add_hkdf_hash_func = "";
const char* add_tea = "";
const char* add_aa = "";
const char* msg = "";
add_kid = get_http_header_value(hr,HR_ADD_OAUTH_KID,"");
if(add_kid[0]) {
add_ikm = get_http_header_value(hr,HR_ADD_OAUTH_IKM,"");
if(add_ikm[0]) {
add_hkdf_hash_func = get_http_header_value(hr,HR_ADD_OAUTH_HKDF,"");
add_tea = get_http_header_value(hr,HR_ADD_OAUTH_TEA,"");
add_aa = get_http_header_value(hr,HR_ADD_OAUTH_AA,"");
oauth_key_data_raw key;
ns_bzero(&key,sizeof(key));
STRCPY(key.kid,add_kid);
STRCPY(key.ikm_key,add_ikm);
STRCPY(key.hkdf_hash_func,add_hkdf_hash_func);
STRCPY(key.as_rs_alg,add_tea);
STRCPY(key.auth_alg,add_aa);
if(strstr(key.as_rs_alg,"AEAD")) key.auth_alg[0]=0;
const turn_dbdriver_t * dbd = get_dbdriver();
if (dbd && dbd->set_oauth_key) {
if((*dbd->set_oauth_key)(&key)<0) {
msg = "Cannot insert oAuth key into the database";
} else {
add_kid = "";
add_ikm = "";
add_hkdf_hash_func = "";
add_tea = "";
add_aa = "";
}
}
}
}
write_https_oauth_page(s,add_kid,add_ikm,add_hkdf_hash_func,add_tea,add_aa,msg);
}
break;
}

6
src/apps/relay/userdb.c
View File

@ -405,7 +405,7 @@ int get_user_key(int in_oauth, int *out_oauth, int *max_session_time, u08bits *u
if(max_session_time)
*max_session_time = 0;
if(in_oauth && out_oauth && usname && usname[0] && realm && realm[0]) {
if(in_oauth && out_oauth && usname && usname[0]) {
stun_attr_ref sar = stun_attr_get_first_by_type_str(ioa_network_buffer_data(nbh),
ioa_network_buffer_get_size(nbh),
@ -471,6 +471,10 @@ int get_user_key(int in_oauth, int *out_oauth, int *max_session_time, u08bits *u
const char* server_name = (char*)turn_params.oauth_server_name;
if(!(server_name && server_name[0])) {
server_name = (char*)realm;
if(!(server_name && server_name[0])) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Cannot determine oAuth server name");
return -1;
}
}
if (decode_oauth_token((const u08bits *) server_name, &etoken,&okey, &dot) < 0) {