Enhancement: Add option to disable Web-Management-Interface

2025-10-25 21:11:00 +02:00 · 2017-04-10 14:49:55 +02:00 · 2017-04-10 14:49:55 +02:00 · c48835e230
commit c48835e230
parent 6aa8b7685b
6 changed files with 46 additions and 29 deletions
--- a/src/apps/relay/mainrelay.c
+++ b/src/apps/relay/mainrelay.c
@ -598,6 +598,7 @@ static char Usage[] = "Usage: turnserver [options]\n"
 "						After the initialization, the turnserver process\n"
 "						will make an attempt to change the current group ID to that group.\n"
 " --mobility					Mobility with ICE (MICE) specs support.\n"
+" --no-http					Turn OFF the HTTP-Admin-Interface. By default it is always ON.\n"
 " --no-cli					Turn OFF the CLI support. By default it is always ON.\n"
 " --cli-ip=<IP>					Local system IP address to be used for CLI server endpoint. Default value\n"
 "						is 127.0.0.1.\n"
@ -742,7 +743,8 @@ enum EXTRA_OPTS {
 	ADMIN_USER_QUOTA_OPT,
 	SERVER_NAME_OPT,
 	OAUTH_OPT,
-	PROD_OPT
+	PROD_OPT,
+	NO_HTTP_OPT
 };

 struct myoption {
@ -849,6 +851,7 @@ static const struct myoption long_options[] = {
 				{ "cli-ip", required_argument, NULL, CLI_IP_OPT },
 				{ "cli-port", required_argument, NULL, CLI_PORT_OPT },
 				{ "cli-password", required_argument, NULL, CLI_PASSWORD_OPT },
+				{ "no-http", optional_argument, NULL, NO_HTTP_OPT },
 				{ "server-relay", optional_argument, NULL, SERVER_RELAY_OPT },
 				{ "cli-max-output-sessions", required_argument, NULL, CLI_MAX_SESSIONS_OPT },
 				{ "ec-curve-name", required_argument, NULL, EC_CURVE_NAME_OPT },
@ -992,6 +995,9 @@ static void set_option(int c, char *value)
  case NO_CLI_OPT:
 	  use_cli = !get_bool_value(value);
 	  break;
+  case NO_HTTP_OPT:
+	  use_http = !get_bool_value(value);
+	  break;
  case CLI_IP_OPT:
 	  if(make_ioa_addr((const u08bits*)value,0,&cli_addr)<0) {
 		  TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR,"Cannot set cli address: %s\n",value);
--- a/src/apps/relay/netengine.c
+++ b/src/apps/relay/netengine.c
@ -1651,7 +1651,7 @@ static void setup_relay_server(struct relay_server *rs, ioa_engine_handle e, int
 			 send_turn_session_info,
 			 send_https_socket,
 			 allocate_bps,
-			 turn_params.oauth, turn_params.oauth_server_name);
+			 turn_params.oauth, turn_params.oauth_server_name, use_http);
 	
 	if(to_set_rfc5780) {
 		set_rfc5780(&(rs->server), get_alt_addr, send_message_from_listener_to_client);
--- a/src/apps/relay/turn_admin_server.c
+++ b/src/apps/relay/turn_admin_server.c
@ -77,6 +77,8 @@ struct admin_server adminserver;

 int use_cli = 1;

+int use_http = 1;
+
 ioa_addr cli_addr;
 int cli_addr_set = 0;

@ -1210,8 +1212,7 @@ void setup_admin_thread(void)
 		bufferevent_setcb(adminserver.in_buf, admin_server_receive_message, NULL, NULL, &adminserver);
 		bufferevent_enable(adminserver.in_buf, EV_READ);
 	}
-
-	{
+	if (use_http) {
 		struct bufferevent *pair[2];

 		bufferevent_pair_new(adminserver.event_base, TURN_BUFFEREVENTS_OPTIONS, pair);
--- a/src/apps/relay/turn_admin_server.h
+++ b/src/apps/relay/turn_admin_server.h
@ -81,6 +81,8 @@ extern struct admin_server adminserver;

 extern int use_cli;

+extern int use_http;
+
 #define CLI_DEFAULT_IP ("127.0.0.1")
 extern ioa_addr cli_addr;
 extern int cli_addr_set;
--- a/src/server/ns_turn_server.c
+++ b/src/server/ns_turn_server.c
@ -4543,32 +4543,34 @@ static int read_client_connection(turn_turnserver *server,
 		}

 	} else {
-		SOCKET_TYPE st = get_ioa_socket_type(ss->client_socket);
-		if(is_stream_socket(st)) {
-			if(is_http((char*)ioa_network_buffer_data(in_buffer->nbh), ioa_network_buffer_get_size(in_buffer->nbh))) {
-				const char *proto = "HTTP";
-				ioa_network_buffer_data(in_buffer->nbh)[ioa_network_buffer_get_size(in_buffer->nbh)] = 0;
-				if(st==TLS_SOCKET) {
-					proto = "HTTPS";
-					set_ioa_socket_app_type(ss->client_socket,HTTPS_CLIENT_SOCKET);
-					TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: %s (%s %s) request: %s\n", __FUNCTION__, proto, get_ioa_socket_cipher(ss->client_socket), get_ioa_socket_ssl_method(ss->client_socket), (char*)ioa_network_buffer_data(in_buffer->nbh));
-					if(server->send_https_socket) {
-						TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s socket to be detached: 0x%lx, st=%d, sat=%d\n", __FUNCTION__,(long)ss->client_socket, get_ioa_socket_type(ss->client_socket), get_ioa_socket_app_type(ss->client_socket));
-						ioa_socket_handle new_s = detach_ioa_socket(ss->client_socket);
-						if(new_s) {
-							TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s new detached socket: 0x%lx, st=%d, sat=%d\n", __FUNCTION__,(long)new_s, get_ioa_socket_type(new_s), get_ioa_socket_app_type(new_s));
-							server->send_https_socket(new_s);
+		if (server->use_http) {
+			SOCKET_TYPE st = get_ioa_socket_type(ss->client_socket);
+			if(is_stream_socket(st)) {
+				if(is_http((char*)ioa_network_buffer_data(in_buffer->nbh), ioa_network_buffer_get_size(in_buffer->nbh))) {
+					const char *proto = "HTTP";
+					ioa_network_buffer_data(in_buffer->nbh)[ioa_network_buffer_get_size(in_buffer->nbh)] = 0;
+					if(st==TLS_SOCKET) {
+						proto = "HTTPS";
+						set_ioa_socket_app_type(ss->client_socket,HTTPS_CLIENT_SOCKET);
+						TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: %s (%s %s) request: %s\n", __FUNCTION__, proto, get_ioa_socket_cipher(ss->client_socket), get_ioa_socket_ssl_method(ss->client_socket), (char*)ioa_network_buffer_data(in_buffer->nbh));
+						if(server->send_https_socket) {
+							TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s socket to be detached: 0x%lx, st=%d, sat=%d\n", __FUNCTION__,(long)ss->client_socket, get_ioa_socket_type(ss->client_socket), get_ioa_socket_app_type(ss->client_socket));
+							ioa_socket_handle new_s = detach_ioa_socket(ss->client_socket);
+							if(new_s) {
+								TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s new detached socket: 0x%lx, st=%d, sat=%d\n", __FUNCTION__,(long)new_s, get_ioa_socket_type(new_s), get_ioa_socket_app_type(new_s));
+								server->send_https_socket(new_s);
+							}
+							ss->to_be_closed = 1;
 						}
-						ss->to_be_closed = 1;
+					} else {
+						set_ioa_socket_app_type(ss->client_socket,HTTP_CLIENT_SOCKET);
+						if(server->verbose) {
+							TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: %s request: %s\n", __FUNCTION__, proto, (char*)ioa_network_buffer_data(in_buffer->nbh));
+						}
+						handle_http_echo(ss->client_socket);
 					}
-				} else {
-					set_ioa_socket_app_type(ss->client_socket,HTTP_CLIENT_SOCKET);
-					if(server->verbose) {
-						TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: %s request: %s\n", __FUNCTION__, proto, (char*)ioa_network_buffer_data(in_buffer->nbh));
-					}
-					handle_http_echo(ss->client_socket);
+					return 0;
 				}
-				return 0;
 			}
 		}
 	}
@ -4825,7 +4827,7 @@ void init_turn_server(turn_turnserver* server,
 		send_turn_session_info_cb send_turn_session_info,
 		send_https_socket_cb send_https_socket,
 		allocate_bps_cb allocate_bps_func,
-		int oauth, const char* oauth_server_name) {
+		int oauth, const char* oauth_server_name, int use_http) {

 	if (!server)
 		return;
@ -4892,6 +4894,8 @@ void init_turn_server(turn_turnserver* server,

 	server->allocate_bps_func = allocate_bps_func;

+	server->use_http = use_http;
+
 	set_ioa_timer(server->e, 1, 0, timer_timeout_handler, server, 1, "timer_timeout_handler");
 }

--- a/src/server/ns_turn_server.h
+++ b/src/server/ns_turn_server.h
@ -169,6 +169,9 @@ struct _turn_turnserver {
 	/* oAuth: */
 	int oauth;
 	const char* oauth_server_name;
+
+	/* HTTP-Admin-Server: */
+	int use_http;
 };

 const char * get_version(turn_turnserver *server);
@ -212,7 +215,8 @@ void init_turn_server(turn_turnserver* server,
 				    send_https_socket_cb send_https_socket,
 				    allocate_bps_cb allocate_bps_func,
 				    int oauth,
-				    const char* oauth_server_name);
+				    const char* oauth_server_name,
+				    int use_http);

 ioa_engine_handle turn_server_get_engine(turn_turnserver *s);