From 664be4d8e6a7413fb719ef635f476c88ea6e24e1 Mon Sep 17 00:00:00 2001 From: mom040267 Date: Thu, 25 Sep 2014 02:12:40 +0000 Subject: [PATCH] working on oauth --- ChangeLog | 6 +++--- rpm/build.settings.sh | 2 +- rpm/turnserver.spec | 6 +++--- src/ns_turn_defs.h | 2 +- src/server/ns_turn_server.c | 27 +++++++++++---------------- 5 files changed, 19 insertions(+), 24 deletions(-) diff --git a/ChangeLog b/ChangeLog index 99a7229..0b7dcea 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ 08/22/2014 Oleg Moskalenko -Version 4.1.2.2 'Vitari': +Version 4.1.3.2 'Vitari': + - oAuth security implementation. (TODO) - redis user key operation fixed. - redis, mysql and psql db operations fixed. - SHA-256 memory leak fixed. @@ -8,8 +9,7 @@ Version 4.1.2.2 'Vitari': - Move secondary download area to coturn.net. - TLS renegotiation DoS attack prevention implemented; - FQDN as relay-ip and listener-ip parameters (issue 6) - (patch provided by Iñaki Baz Castillo); - - oAuth security implementation. (TODO) + (patch provided by Iñaki Baz Castillo); 08/14/2014 Oleg Moskalenko Version 4.1.2.1 'Vitari': diff --git a/rpm/build.settings.sh b/rpm/build.settings.sh index cb9ca5e..21e4f21 100755 --- a/rpm/build.settings.sh +++ b/rpm/build.settings.sh @@ -2,7 +2,7 @@ # Common settings script. -TURNVERSION=4.1.2.2 +TURNVERSION=4.1.3.2 BUILDDIR=~/rpmbuild ARCH=`uname -p` TURNSERVER_SVN_URL=http://coturn.googlecode.com/svn diff --git a/rpm/turnserver.spec b/rpm/turnserver.spec index 7e688f8..9ddde60 100644 --- a/rpm/turnserver.spec +++ b/rpm/turnserver.spec @@ -1,5 +1,5 @@ Name: turnserver -Version: 4.1.2.2 +Version: 4.1.3.2 Release: 0%{dist} Summary: Coturn TURN Server @@ -294,8 +294,8 @@ fi %{_includedir}/turn/client/TurnMsgLib.h %changelog -* Thu Aug 22 2014 Oleg Moskalenko - - Sync to 4.1.2.2 +* Wed Sep 24 2014 Oleg Moskalenko + - Sync to 4.1.3.2 * Thu Aug 14 2014 Oleg Moskalenko - Sync to 4.1.2.1 * Tue Jul 29 2014 Oleg Moskalenko diff --git a/src/ns_turn_defs.h b/src/ns_turn_defs.h index 42a5b3a..f3ac736 100644 --- a/src/ns_turn_defs.h +++ b/src/ns_turn_defs.h @@ -31,7 +31,7 @@ #ifndef __IOADEFS__ #define __IOADEFS__ -#define TURN_SERVER_VERSION "4.1.2.2" +#define TURN_SERVER_VERSION "4.1.3.2" #define TURN_SERVER_VERSION_NAME "Vitari" #define TURN_SOFTWARE "Coturn-" TURN_SERVER_VERSION " '" TURN_SERVER_VERSION_NAME "'" diff --git a/src/server/ns_turn_server.c b/src/server/ns_turn_server.c index db3ac43..8d64450 100644 --- a/src/server/ns_turn_server.c +++ b/src/server/ns_turn_server.c @@ -3308,29 +3308,24 @@ static int check_stun_auth(turn_turnserver *server, /* Password */ if(!(ss->hmackey_set) && (ss->pwd[0] == 0)) { - ur_string_map_value_type ukey = NULL; if(can_resume) { - ukey = (server->userkeycb)(server->id, server->ct, usname, realm, resume_processing_after_username_check, in_buffer, ss->id, postpone_reply); + (server->userkeycb)(server->id, server->ct, usname, realm, resume_processing_after_username_check, in_buffer, ss->id, postpone_reply); if(*postpone_reply) { return 0; } } /* we always return NULL for short-term credentials here */ - if(!ukey) { - /* direct user pattern is supported only for long-term credentials */ - TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, - "%s: Cannot find credentials of user <%s>\n", - __FUNCTION__, (char*)usname); - *err_code = 401; - *reason = (const u08bits*)"Unauthorised"; - if(server->ct != TURN_CREDENTIALS_SHORT_TERM) { - return create_challenge_response(ss,tid,resp_constructed,err_code,reason,nbh,method); - } else { - return -1; - } + /* direct user pattern is supported only for long-term credentials */ + TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, + "%s: Cannot find credentials of user <%s>\n", + __FUNCTION__, (char*)usname); + *err_code = 401; + *reason = (const u08bits*)"Unauthorised"; + if(server->ct != TURN_CREDENTIALS_SHORT_TERM) { + return create_challenge_response(ss,tid,resp_constructed,err_code,reason,nbh,method); + } else { + return -1; } - ns_bcopy(ukey,ss->hmackey,16); - ss->hmackey_set = 1; } /* Check integrity */