list users

2025-10-26 20:41:07 +01:00 · 2015-01-18 05:48:34 +00:00 · 2015-01-18 05:48:34 +00:00 · e3d9f5484c
commit e3d9f5484c
parent 91cafd9f1a
9 changed files with 124 additions and 103 deletions
--- a/src/apps/relay/dbdrivers/dbd_mongo.c
+++ b/src/apps/relay/dbdrivers/dbd_mongo.c
@ -424,16 +424,21 @@ static int mongo_del_oauth_key(const u08bits *kid) {
  return ret;
 }
  
-static int mongo_list_users(u08bits *realm) {
+static int mongo_list_users(u08bits *realm, secrets_list_t *users, secrets_list_t *realms)
+{
  const char * collection_name = "turnusers_lt";
  mongoc_collection_t * collection = mongo_get_collection(collection_name);

+  u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
+  if(!realm) realm=realm0;
+
  if(!collection)
    return -1;
    
  bson_t query, child;
  bson_init(&query);
  bson_append_document_begin(&query, "$orderby", -1, &child);
+  bson_append_int32(&child, "realm", -1, 1);
  bson_append_int32(&child, "name", -1, 1);
  bson_append_document_end(&query, &child);
  bson_append_document_begin(&query, "$query", -1, &child);
@ -464,14 +469,21 @@ static int mongo_list_users(u08bits *realm) {
    	if (bson_iter_init(&iter, item) && bson_iter_find(&iter, "name") && BSON_ITER_HOLDS_UTF8(&iter)) {
    		value = bson_iter_utf8(&iter, &length);
    		if (length) {
-        		const char *realm = "";
+        		const char *rval = "";
    			if (bson_iter_init(&iter_realm, item) && bson_iter_find(&iter_realm, "realm") && BSON_ITER_HOLDS_UTF8(&iter_realm)) {
-    				realm = bson_iter_utf8(&iter_realm, &length);
+    				rval = bson_iter_utf8(&iter_realm, &length);
    			}
-    			if(realm && *realm) {
-    				printf("%s[%s]\n", value, realm);
+    			if(users) {
+    				add_to_secrets_list(users,value);
+    				if(realms) {
+    					if(rval && *rval) {
+    						add_to_secrets_list(realms,rval);
    					} else {
-    				printf("%s\n", value);
+    						add_to_secrets_list(realms,(char*)realm);
+    					}
+    				}
+    			} else {
+    				printf("%s[%s]\n", value, rval);
    			}
    		}
    	}
--- a/src/apps/relay/dbdrivers/dbd_mysql.c
+++ b/src/apps/relay/dbdrivers/dbd_mysql.c
@ -549,15 +549,20 @@ static int mysql_del_oauth_key(const u08bits *kid) {
 	return ret;
 }
  
-static int mysql_list_users(u08bits *realm) {
+static int mysql_list_users(u08bits *realm, secrets_list_t *users, secrets_list_t *realms)
+{
 	int ret = -1;
 	char statement[TURN_LONG_STRING_SIZE];
+
+	u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
+	if(!realm) realm=realm0;
+
 	MYSQL * myc = get_mydb_connection();
 	if(myc) {
-		if(realm && realm[0]) {
+		if(realm[0]) {
 		  snprintf(statement,sizeof(statement),"select name, realm from turnusers_lt where realm='%s' order by name",realm);
 		} else {
-		  snprintf(statement,sizeof(statement),"select name, realm from turnusers_lt order by name");
+		  snprintf(statement,sizeof(statement),"select name, realm from turnusers_lt order by realm,name");
 		}
 		int res = mysql_query(myc, statement);
 		if(res) {
@ -575,10 +580,17 @@ static int mysql_list_users(u08bits *realm) {
 						break;
 					} else {
 						if(row[0]) {
-							if(row[1] && row[1][0]) {
-								printf("%s[%s]\n",row[0],row[1]);
+							if(users) {
+								add_to_secrets_list(users,row[0]);
+								if(realms) {
+									if(row[1]) {
+										add_to_secrets_list(realms,row[1]);
 									} else {
-								printf("%s\n",row[0]);
+										add_to_secrets_list(realms,(char*)realm);
+									}
+								}
+							} else {
+								printf("%s[%s]\n", row[0], row[1]);
 							}
 						}
 					}
--- a/src/apps/relay/dbdrivers/dbd_pgsql.c
+++ b/src/apps/relay/dbdrivers/dbd_pgsql.c
@ -327,15 +327,20 @@ static int pgsql_del_oauth_key(const u08bits *kid) {
  return ret;
 }
  
-static int pgsql_list_users(u08bits *realm) {
+static int pgsql_list_users(u08bits *realm, secrets_list_t *users, secrets_list_t *realms)
+{
 	int ret = -1;
 	char statement[TURN_LONG_STRING_SIZE];
+
+	u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
+	if(!realm) realm=realm0;
+
 	PGconn *pqc = get_pqdb_connection();
 	if(pqc) {
-		if(realm && realm[0]) {
+		if(realm[0]) {
 		  snprintf(statement,sizeof(statement),"select name,realm from turnusers_lt where realm='%s' order by name",realm);
 		} else {
-		  snprintf(statement,sizeof(statement),"select name,realm from turnusers_lt order by name");
+		  snprintf(statement,sizeof(statement),"select name,realm from turnusers_lt order by realm,name");
 		}
 		PGresult *res = PQexec(pqc, statement);
 		if(!res || (PQresultStatus(res) != PGRES_TUPLES_OK)) {
@ -346,10 +351,19 @@ static int pgsql_list_users(u08bits *realm) {
 				char *kval = PQgetvalue(res,i,0);
 				if(kval) {
 					char *rval = PQgetvalue(res,i,1);
+					if(rval) {
+						if(users) {
+							add_to_secrets_list(users,kval);
+							if(realms) {
 								if(rval && *rval) {
-						printf("%s[%s]\n",kval,rval);
+									add_to_secrets_list(realms,rval);
 								} else {
-						printf("%s\n",kval);
+									add_to_secrets_list(realms,(char*)realm);
+								}
+							}
+						} else {
+							printf("%s[%s]\n", kval, rval);
+						}
 					}
 				}
 			}
--- a/src/apps/relay/dbdrivers/dbd_redis.c
+++ b/src/apps/relay/dbdrivers/dbd_redis.c
@ -450,23 +450,6 @@ static int redis_get_user_key(u08bits *usname, u08bits *realm, hmackey_t key) {
 			}
 			turnFreeRedisReply(rget);
 		}
-		if(ret == 0) {
-			snprintf(s,sizeof(s),"get turn/realm/%s/user/%s/password", (char*)realm, usname);
-			rget = (redisReply *)redisCommand(rc, s);
-			if(rget) {
-				if (rget->type == REDIS_REPLY_ERROR)
-					TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error: %s\n", rget->str);
-				else if (rget->type != REDIS_REPLY_STRING) {
-					if (rget->type != REDIS_REPLY_NIL)
-						TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Unexpected type: %d\n", rget->type);
-				} else {
-					if(stun_produce_integrity_key_str((u08bits*)usname, realm, (u08bits*)rget->str, key, turn_params.shatype)>=0) {
-						ret = 0;
-					}
-				}
-				turnFreeRedisReply(rget);
-			}
-		}
 	}
  return ret;
 }
@ -525,8 +508,6 @@ static int redis_set_user_key(u08bits *usname, u08bits *realm, const char *key)
 	if(rc) {
 		char statement[TURN_LONG_STRING_SIZE];
 		snprintf(statement,sizeof(statement),"set turn/realm/%s/user/%s/key %s",(char*)realm,usname,key);
-	  turnFreeRedisReply(redisCommand(rc, statement));
-	  snprintf(statement,sizeof(statement),"del turn/realm/%s/user/%s/password",(char*)realm,usname);
 		turnFreeRedisReply(redisCommand(rc, statement));
 		turnFreeRedisReply(redisCommand(rc, "save"));
 		ret = 0;
@ -556,8 +537,6 @@ static int redis_del_user(u08bits *usname, u08bits *realm) {
 		{
 		  snprintf(statement,sizeof(statement),"del turn/realm/%s/user/%s/key",(char*)realm,usname);
 		  turnFreeRedisReply(redisCommand(rc, statement));
-		  snprintf(statement,sizeof(statement),"del turn/realm/%s/user/%s/password",(char*)realm,usname);
-		  turnFreeRedisReply(redisCommand(rc, statement));
 		}

 		turnFreeRedisReply(redisCommand(rc, "save"));
@ -579,9 +558,14 @@ static int redis_del_oauth_key(const u08bits *kid) {
  return ret;
 }
  
-static int redis_list_users(u08bits *realm) {
+static int redis_list_users(u08bits *realm, secrets_list_t *users, secrets_list_t *realms)
+{
 	int ret = -1;
 	redisContext *rc = get_redis_connection();
+
+	u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
+	if(!realm) realm=realm0;
+
 	if(rc) {
 		secrets_list_t keys;
 		size_t isz = 0;
@ -596,27 +580,7 @@ static int redis_list_users(u08bits *realm) {
 			} else {
 				reply = (redisReply*)redisCommand(rc, "keys turn/realm/*/user/*/key");
 			}
-			if(reply) {

-				if (reply->type == REDIS_REPLY_ERROR)
-					TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error: %s\n", reply->str);
-				else if (reply->type != REDIS_REPLY_ARRAY) {
-					if (reply->type != REDIS_REPLY_NIL)
-						TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Unexpected type: %d\n", reply->type);
-				} else {
-					size_t i;
-					for (i = 0; i < reply->elements; ++i) {
-						add_to_secrets_list(&keys,reply->element[i]->str);
-					}
-				}
-				turnFreeRedisReply(reply);
-			}
-
-			if(realm && realm[0]) {
-				reply = (redisReply*)redisCommand(rc, "keys turn/realm/%s/user/*/password", (char*)realm);
-			} else {
-				reply = (redisReply*)redisCommand(rc, "keys turn/realm/*/user/*/password");
-			}
 			if(reply) {

 				if (reply->type == REDIS_REPLY_ERROR)
@ -634,15 +598,36 @@ static int redis_list_users(u08bits *realm) {
 			}
 		}

+		size_t rhsz=strlen("turn/realm/");
+		size_t uhsz = strlen("user/");
+
 		for(isz=0;isz<keys.sz;++isz) {
 			char *s = keys.secrets[isz];
-			char *sh = strstr(s,"/user/");
-			if(sh) {
-				sh += 6;
+
+			char *sh = strstr(s,"turn/realm/");
+			if(sh != s) continue;
+			sh += rhsz;
 			char* st = strchr(sh,'/');
-				if(st)
+			if(!st) continue;
 			*st=0;
-				printf("%s\n",sh);
+			char *sr = sh;
+			++st;
+
+			sh = strstr(st,"user/");
+			if(sh != st) continue;
+			sh += uhsz;
+			st = strchr(sh,'/');
+			if(!st) continue;
+			*st=0;
+			char *su = sh;
+
+			if(users) {
+				add_to_secrets_list(users,su);
+				if(realms) {
+					add_to_secrets_list(realms,sr);
+				}
+			} else {
+				printf("%s[%s]\n", su, sr);
 			}
 		}

--- a/src/apps/relay/dbdrivers/dbd_sqlite.c
+++ b/src/apps/relay/dbdrivers/dbd_sqlite.c
@ -516,21 +516,24 @@ static int sqlite_del_oauth_key(const u08bits *kid)
 }


-static int sqlite_list_users(u08bits *realm)
+static int sqlite_list_users(u08bits *realm, secrets_list_t *users, secrets_list_t *realms)
 {
 	int ret = -1;
 	char statement[TURN_LONG_STRING_SIZE];
 	sqlite3_stmt *st = NULL;
 	int rc = 0;

+	u08bits realm0[STUN_MAX_REALM_SIZE+1] = "\0";
+	if(!realm) realm=realm0;
+
 	donot_print_connection_success=1;

 	sqlite3 *sqliteconnection = get_sqlite_connection();
 	if (sqliteconnection) {
-		if (realm && realm[0]) {
+		if (realm[0]) {
 			snprintf(statement, sizeof(statement), "select name,realm from turnusers_lt where realm='%s' order by name", realm);
 		} else {
-			snprintf(statement, sizeof(statement), "select name,realm from turnusers_lt order by name");
+			snprintf(statement, sizeof(statement), "select name,realm from turnusers_lt order by realm,name");
 		}

 		sqlite_lock(0);
@ -545,10 +548,17 @@ static int sqlite_list_users(u08bits *realm)
 					const char* kval = (const char*) sqlite3_column_text(st, 0);
 					const char* rval = (const char*) sqlite3_column_text(st, 1);

+					if(users) {
+						add_to_secrets_list(users,kval);
+						if(realms) {
 							if(rval && *rval) {
-						printf("%s[%s]\n", kval, rval);
+								add_to_secrets_list(realms,rval);
 							} else {
-						printf("%s\n", kval);
+								add_to_secrets_list(realms,(char*)realm);
+							}
+						}
+					} else {
+						printf("%s[%s]\n", kval, rval);
 					}

 				} else if (res == SQLITE_DONE) {
--- a/src/apps/relay/dbdrivers/dbdriver.h
+++ b/src/apps/relay/dbdrivers/dbdriver.h
@ -52,7 +52,7 @@ typedef struct _turn_dbdriver_t {
  int (*get_user_key)(u08bits *usname, u08bits *realm, hmackey_t key);
  int (*set_user_key)(u08bits *usname, u08bits *realm, const char *key);
  int (*del_user)(u08bits *usname, u08bits *realm);
-  int (*list_users)(u08bits *realm);
+  int (*list_users)(u08bits *realm, secrets_list_t *users, secrets_list_t *realms);
  int (*show_secret)(u08bits *realm);
  int (*del_secret)(u08bits *secret, u08bits *realm);
  int (*set_secret)(u08bits *secret, u08bits *realm);
--- a/src/apps/relay/userdb.c
+++ b/src/apps/relay/userdb.c
@ -775,7 +775,7 @@ static int list_users(u08bits *realm, int is_admin)
 		  }
 	  } else {
 		  if(dbd->list_users) {
-			  (*dbd->list_users)(realm);
+			  (*dbd->list_users)(realm,NULL,NULL);
 		  }
 	  }
  }
--- a/turndb/schema.userdb.redis
+++ b/turndb/schema.userdb.redis
@ -8,9 +8,7 @@ has the following schema:
 "turn/realm/<realm-name>/user/<username>/key" and the values must be 
 the the hmackeys. For example, for the user "gorst", realm "north.gov" 
 and password "hero", there must be key "turn/realm/north.gov/user/gorst/key" 
-with value "7da2270ccfa49786e0115366d3a3d14d". Alternatively, the password 
-may be stored in clear text format. Then the key will be 
-"turn/realm/north.gov/user/gorst/password" and the key will be simply "hero".
+with value "7da2270ccfa49786e0115366d3a3d14d".

 2) For the shared secrets (REST API), several key/value pairs 
 may be used (same as in SQL schema). The secrets are stored as members 
@ -118,11 +116,6 @@ set turn/realm/north.gov/user/gorst/key "7da2270ccfa49786e0115366d3a3d14d"
 set turn/realm/crinna.org/user/whirrun/key "6972e85e51f36e53b0b61759c5a5219a"
 set turn/realm/crinna.org/user/stranger-come-knocking/key "d43cb678560259a1839bff61c19de15e"

-set turn/realm/north.gov/user/ninefingers/password "youhavetoberealistic"
-set turn/realm/north.gov/user/gorst/password "hero"
-set turn/realm/crinna.org/user/whirrun/password "sword"
-set turn/realm/crinna.org/user/stranger-come-knocking/password "civilization"
-
 sadd turn/realm/north.gov/secret "logen" "bloody9"
 sadd turn/realm/crinna.org/secret "north" "library"

--- a/turndb/testredisdbsetup.sh
+++ b/turndb/testredisdbsetup.sh
@ -1,5 +1,10 @@
 #!/bin/sh

+# ninefingers:password: youhavetoberealistic
+# gorst:password: hero
+# whirrun:password: sword
+# stranger-come-knocking:password: civilization
+
 redis-cli <<!

 SELECT 2
@ -8,19 +13,9 @@ AUTH turn
 set turn/realm/north.gov/user/ninefingers/key "bc807ee29df3c9ffa736523fb2c4e8ee"
 set turn/realm/north.gov/user/gorst/key "7da2270ccfa49786e0115366d3a3d14d"

-set turn/realm/north.gov/user/bethod/key "3b4125e139811b8577a214c24273fee27b15ff397631c7775b980785a229e6bd"
-
 set turn/realm/crinna.org/user/whirrun/key "6972e85e51f36e53b0b61759c5a5219a"
 set turn/realm/crinna.org/user/stranger-come-knocking/key "d43cb678560259a1839bff61c19de15e"

-set turn/realm/north.gov/user/ninefingers/password "youhavetoberealistic"
-set turn/realm/north.gov/user/gorst/password "hero"
-
-set turn/realm/north.gov/user/bethod/password "king-of-north"
-
-set turn/realm/crinna.org/user/whirrun/password "sword"
-set turn/realm/crinna.org/user/stranger-come-knocking/password "civilization"
-
 sadd turn/realm/north.gov/secret "logen" "bloody9"
 sadd turn/realm/crinna.org/secret "north" "library"