From b523616b1f70311da5cf4fbe82eb9e603ae3c313 Mon Sep 17 00:00:00 2001 From: Michael Jones Date: Fri, 23 Aug 2024 19:49:14 -0500 Subject: [PATCH] Use bool, instead of int, for the functions in ns_turn_msg.c (#1553) And address knockon effects in other files, e.g. adjust if-statements and other function parameters and return types. --- src/apps/common/stun_buffer.c | 109 ++-- src/apps/common/stun_buffer.h | 46 +- src/apps/natdiscovery/natdiscovery.c | 7 +- src/apps/oauth/oauth.c | 6 +- src/apps/relay/mainrelay.c | 6 +- src/apps/relay/turn_admin_server.c | 6 +- src/apps/relay/userdb.c | 17 +- src/apps/rfc5769/rfc5769check.c | 12 +- src/apps/stunclient/stunclient.c | 4 +- src/apps/uclient/mainuclient.c | 8 +- src/apps/uclient/session.h | 3 +- src/apps/uclient/startuclient.c | 10 +- src/apps/uclient/uclient.c | 16 +- src/client++/TurnMsgLib.h | 62 +- src/client/ns_turn_msg.c | 926 ++++++++++----------------- src/client/ns_turn_msg.h | 126 ++-- src/server/ns_turn_server.c | 14 +- 17 files changed, 539 insertions(+), 839 deletions(-) diff --git a/src/apps/common/stun_buffer.c b/src/apps/common/stun_buffer.c index d6bc080..420abad 100644 --- a/src/apps/common/stun_buffer.c +++ b/src/apps/common/stun_buffer.c @@ -66,36 +66,36 @@ void stun_tid_generate_in_message(stun_buffer *buf, stun_tid *id) { //////////////////////////////////////////////////////// -static inline int is_channel_msg(const stun_buffer *buf) { +static inline bool is_channel_msg(const stun_buffer *buf) { if (buf && buf->len > 0) { return is_channel_msg_str(buf->buf, (size_t)(buf->len)); } - return 0; + return false; } -int stun_is_command_message(const stun_buffer *buf) { +bool stun_is_command_message(const stun_buffer *buf) { if (!buf || buf->len <= 0) { - return 0; + return false; } else { return stun_is_command_message_str(buf->buf, (size_t)(buf->len)); } } -int stun_is_request(const stun_buffer *buf) { return stun_is_request_str(buf->buf, (size_t)buf->len); } +bool stun_is_request(const stun_buffer *buf) { return stun_is_request_str(buf->buf, (size_t)buf->len); } -int stun_is_success_response(const stun_buffer *buf) { +bool stun_is_success_response(const stun_buffer *buf) { return stun_is_success_response_str(buf->buf, (size_t)(buf->len)); } -int stun_is_error_response(const stun_buffer *buf, int *err_code, uint8_t *err_msg, size_t err_msg_size) { +bool stun_is_error_response(const stun_buffer *buf, int *err_code, uint8_t *err_msg, size_t err_msg_size) { return stun_is_error_response_str(buf->buf, (size_t)(buf->len), err_code, err_msg, err_msg_size); } -int stun_is_response(const stun_buffer *buf) { return stun_is_response_str(buf->buf, (size_t)(buf->len)); } +bool stun_is_response(const stun_buffer *buf) { return stun_is_response_str(buf->buf, (size_t)(buf->len)); } -int stun_is_indication(const stun_buffer *buf) { +bool stun_is_indication(const stun_buffer *buf) { if (is_channel_msg(buf)) { - return 0; + return false; } return IS_STUN_INDICATION(stun_get_msg_type(buf)); } @@ -113,7 +113,7 @@ uint16_t stun_get_msg_type(const stun_buffer *buf) { static void stun_init_command(uint16_t message_type, stun_buffer *buf) { buf->len = stun_get_size(buf); - stun_init_command_str(message_type, buf->buf, (size_t *)(&(buf->len))); + stun_init_command_str(message_type, buf->buf, &(buf->len)); } void stun_init_request(uint16_t method, stun_buffer *buf) { stun_init_command(stun_make_request(method), buf); } @@ -122,33 +122,33 @@ void stun_init_indication(uint16_t method, stun_buffer *buf) { stun_init_command void stun_init_success_response(uint16_t method, stun_buffer *buf, stun_tid *id) { buf->len = stun_get_size(buf); - stun_init_success_response_str(method, buf->buf, (size_t *)(&(buf->len)), id); + stun_init_success_response_str(method, buf->buf, &(buf->len), id); } void stun_init_error_response(uint16_t method, stun_buffer *buf, uint16_t error_code, const uint8_t *reason, stun_tid *id) { buf->len = stun_get_size(buf); - stun_init_error_response_str(method, buf->buf, (size_t *)(&(buf->len)), error_code, reason, id); + stun_init_error_response_str(method, buf->buf, &(buf->len), error_code, reason, id); } /////////////////////////////////////////////////////////////////////////////// int stun_get_command_message_len(const stun_buffer *buf) { - return stun_get_command_message_len_str(buf->buf, (size_t)(buf->len)); + return stun_get_command_message_len_str(buf->buf, buf->len); } /////////////////////////////////////////////////////////////////////////////// -int stun_init_channel_message(uint16_t chnumber, stun_buffer *buf, int length, int do_padding) { - return stun_init_channel_message_str(chnumber, buf->buf, (size_t *)(&(buf->len)), length, do_padding); +bool stun_init_channel_message(uint16_t chnumber, stun_buffer *buf, int length, bool do_padding) { + return stun_init_channel_message_str(chnumber, buf->buf, &(buf->len), length, do_padding); } -int stun_is_channel_message(stun_buffer *buf, uint16_t *chnumber, int is_padding_mandatory) { +bool stun_is_channel_message(stun_buffer *buf, uint16_t *chnumber, bool is_padding_mandatory) { if (!buf) { - return 0; + return false; } - size_t blen = (size_t)buf->len; - int ret = stun_is_channel_message_str(buf->buf, &blen, chnumber, is_padding_mandatory); + size_t blen = buf->len; + bool ret = stun_is_channel_message_str(buf->buf, &blen, chnumber, is_padding_mandatory); if (ret) { buf->len = blen; } @@ -157,66 +157,60 @@ int stun_is_channel_message(stun_buffer *buf, uint16_t *chnumber, int is_padding /////////////////////////////////////////////////////////////////////////////// -int stun_set_allocate_request(stun_buffer *buf, uint32_t lifetime, int af4, int af6, uint8_t transport, int mobile, - const char *rt, int ep) { - return stun_set_allocate_request_str(buf->buf, (size_t *)(&(buf->len)), lifetime, af4, af6, transport, mobile, rt, - ep); +bool stun_set_allocate_request(stun_buffer *buf, uint32_t lifetime, bool af4, bool af6, uint8_t transport, bool mobile, + const char *rt, int ep) { + return stun_set_allocate_request_str(buf->buf, &(buf->len), lifetime, af4, af6, transport, mobile, rt, ep); } -int stun_set_allocate_response(stun_buffer *buf, stun_tid *tid, const ioa_addr *relayed_addr1, - const ioa_addr *relayed_addr2, const ioa_addr *reflexive_addr, uint32_t lifetime, - uint32_t max_lifetime, int error_code, const uint8_t *reason, uint64_t reservation_token, - char *mobile_id) { +bool stun_set_allocate_response(stun_buffer *buf, stun_tid *tid, const ioa_addr *relayed_addr1, + const ioa_addr *relayed_addr2, const ioa_addr *reflexive_addr, uint32_t lifetime, + uint32_t max_lifetime, int error_code, const uint8_t *reason, + uint64_t reservation_token, char *mobile_id) { - return stun_set_allocate_response_str(buf->buf, (size_t *)(&(buf->len)), tid, relayed_addr1, relayed_addr2, - reflexive_addr, lifetime, max_lifetime, error_code, reason, reservation_token, - mobile_id); + return stun_set_allocate_response_str(buf->buf, &(buf->len), tid, relayed_addr1, relayed_addr2, reflexive_addr, + lifetime, max_lifetime, error_code, reason, reservation_token, mobile_id); } /////////////////////////////////////////////////////////////////////////////// uint16_t stun_set_channel_bind_request(stun_buffer *buf, const ioa_addr *peer_addr, uint16_t channel_number) { - return stun_set_channel_bind_request_str(buf->buf, (size_t *)(&(buf->len)), peer_addr, channel_number); + return stun_set_channel_bind_request_str(buf->buf, &(buf->len), peer_addr, channel_number); } void stun_set_channel_bind_response(stun_buffer *buf, stun_tid *tid, int error_code, const uint8_t *reason) { - stun_set_channel_bind_response_str(buf->buf, (size_t *)(&(buf->len)), tid, error_code, reason); + stun_set_channel_bind_response_str(buf->buf, &(buf->len), tid, error_code, reason); } //////////////////////////////////////////////////////////////// -stun_attr_ref stun_attr_get_first(const stun_buffer *buf) { - return stun_attr_get_first_str(buf->buf, (size_t)(buf->len)); -} +stun_attr_ref stun_attr_get_first(const stun_buffer *buf) { return stun_attr_get_first_str(buf->buf, buf->len); } stun_attr_ref stun_attr_get_next(const stun_buffer *buf, stun_attr_ref prev) { - return stun_attr_get_next_str(buf->buf, (size_t)(buf->len), prev); + return stun_attr_get_next_str(buf->buf, buf->len, prev); } -int stun_attr_add(stun_buffer *buf, uint16_t attr, const char *avalue, int alen) { - return stun_attr_add_str(buf->buf, (size_t *)(&(buf->len)), attr, (const uint8_t *)avalue, alen); +bool stun_attr_add(stun_buffer *buf, uint16_t attr, const char *avalue, int alen) { + return stun_attr_add_str(buf->buf, &(buf->len), attr, (const uint8_t *)avalue, alen); } -int stun_attr_add_channel_number(stun_buffer *buf, uint16_t chnumber) { - return stun_attr_add_channel_number_str(buf->buf, (size_t *)(&(buf->len)), chnumber); +bool stun_attr_add_channel_number(stun_buffer *buf, uint16_t chnumber) { + return stun_attr_add_channel_number_str(buf->buf, &(buf->len), chnumber); } -int stun_attr_add_addr(stun_buffer *buf, uint16_t attr_type, const ioa_addr *ca) { - return stun_attr_add_addr_str(buf->buf, (size_t *)(&(buf->len)), attr_type, ca); +bool stun_attr_add_addr(stun_buffer *buf, uint16_t attr_type, const ioa_addr *ca) { + return stun_attr_add_addr_str(buf->buf, &(buf->len), attr_type, ca); } -int stun_attr_get_addr(const stun_buffer *buf, stun_attr_ref attr, ioa_addr *ca, const ioa_addr *default_addr) { - - return stun_attr_get_addr_str(buf->buf, (size_t)(buf->len), attr, ca, default_addr); +bool stun_attr_get_addr(const stun_buffer *buf, stun_attr_ref attr, ioa_addr *ca, const ioa_addr *default_addr) { + return stun_attr_get_addr_str(buf->buf, buf->len, attr, ca, default_addr); } -int stun_attr_get_first_addr(const stun_buffer *buf, uint16_t attr_type, ioa_addr *ca, const ioa_addr *default_addr) { - - return stun_attr_get_first_addr_str(buf->buf, (size_t)(buf->len), attr_type, ca, default_addr); +bool stun_attr_get_first_addr(const stun_buffer *buf, uint16_t attr_type, ioa_addr *ca, const ioa_addr *default_addr) { + return stun_attr_get_first_addr_str(buf->buf, buf->len, attr_type, ca, default_addr); } -int stun_attr_add_even_port(stun_buffer *buf, uint8_t value) { +bool stun_attr_add_even_port(stun_buffer *buf, uint8_t value) { if (value) { value = 0x80; } @@ -224,27 +218,24 @@ int stun_attr_add_even_port(stun_buffer *buf, uint8_t value) { } uint16_t stun_attr_get_first_channel_number(const stun_buffer *buf) { - return stun_attr_get_first_channel_number_str(buf->buf, (size_t)(buf->len)); + return stun_attr_get_first_channel_number_str(buf->buf, buf->len); } stun_attr_ref stun_attr_get_first_by_type(const stun_buffer *buf, uint16_t attr_type) { - return stun_attr_get_first_by_type_str(buf->buf, (size_t)(buf->len), attr_type); + return stun_attr_get_first_by_type_str(buf->buf, buf->len, attr_type); } /////////////////////////////////////////////////////////////////////////////// void stun_set_binding_request(stun_buffer *buf) { stun_set_binding_request_str(buf->buf, (size_t *)(&(buf->len))); } -int stun_set_binding_response(stun_buffer *buf, stun_tid *tid, const ioa_addr *reflexive_addr, int error_code, - const uint8_t *reason) { - return stun_set_binding_response_str(buf->buf, (size_t *)(&(buf->len)), tid, reflexive_addr, error_code, reason, 0, 0, - 1); +bool stun_set_binding_response(stun_buffer *buf, stun_tid *tid, const ioa_addr *reflexive_addr, int error_code, + const uint8_t *reason) { + return stun_set_binding_response_str(buf->buf, &(buf->len), tid, reflexive_addr, error_code, reason, 0, false, true); } void stun_prepare_binding_request(stun_buffer *buf) { stun_set_binding_request_str(buf->buf, (size_t *)(&(buf->len))); } -int stun_is_binding_response(const stun_buffer *buf) { - return stun_is_binding_response_str(buf->buf, (size_t)(buf->len)); -} +bool stun_is_binding_response(const stun_buffer *buf) { return stun_is_binding_response_str(buf->buf, buf->len); } /////////////////////////////////////////////////////// diff --git a/src/apps/common/stun_buffer.h b/src/apps/common/stun_buffer.h index d28ea9b..61031d6 100644 --- a/src/apps/common/stun_buffer.h +++ b/src/apps/common/stun_buffer.h @@ -62,12 +62,12 @@ void stun_tid_from_message(const stun_buffer *buf, stun_tid *id); /////////////////////////////////////////////////////////////// -int stun_is_command_message(const stun_buffer *buf); -int stun_is_request(const stun_buffer *buf); -int stun_is_response(const stun_buffer *buf); -int stun_is_success_response(const stun_buffer *buf); -int stun_is_error_response(const stun_buffer *buf, int *err_code, uint8_t *err_msg, size_t err_msg_size); -int stun_is_indication(const stun_buffer *buf); +bool stun_is_command_message(const stun_buffer *buf); +bool stun_is_request(const stun_buffer *buf); +bool stun_is_response(const stun_buffer *buf); +bool stun_is_success_response(const stun_buffer *buf); +bool stun_is_error_response(const stun_buffer *buf, int *err_code, uint8_t *err_msg, size_t err_msg_size); +bool stun_is_indication(const stun_buffer *buf); uint16_t stun_get_method(const stun_buffer *buf); uint16_t stun_get_msg_type(const stun_buffer *buf); @@ -81,17 +81,17 @@ void stun_init_error_response(uint16_t method, stun_buffer *buf, uint16_t error_ /////////////////////////////////////////////////////////////// -int stun_attr_add(stun_buffer *buf, uint16_t attr, const char *avalue, int alen); -int stun_attr_add_channel_number(stun_buffer *buf, uint16_t chnumber); -int stun_attr_add_addr(stun_buffer *buf, uint16_t attr_type, const ioa_addr *ca); +bool stun_attr_add(stun_buffer *buf, uint16_t attr, const char *avalue, int alen); +bool stun_attr_add_channel_number(stun_buffer *buf, uint16_t chnumber); +bool stun_attr_add_addr(stun_buffer *buf, uint16_t attr_type, const ioa_addr *ca); stun_attr_ref stun_attr_get_first(const stun_buffer *buf); stun_attr_ref stun_attr_get_first_by_type(const stun_buffer *buf, uint16_t attr_type); stun_attr_ref stun_attr_get_next(const stun_buffer *buf, stun_attr_ref prev); -int stun_attr_get_addr(const stun_buffer *buf, stun_attr_ref attr, ioa_addr *ca, const ioa_addr *default_addr); -int stun_attr_add_even_port(stun_buffer *buf, uint8_t value); +bool stun_attr_get_addr(const stun_buffer *buf, stun_attr_ref attr, ioa_addr *ca, const ioa_addr *default_addr); +bool stun_attr_add_even_port(stun_buffer *buf, uint8_t value); -int stun_attr_get_first_addr(const stun_buffer *buf, uint16_t attr_type, ioa_addr *ca, const ioa_addr *default_addr); +bool stun_attr_get_first_addr(const stun_buffer *buf, uint16_t attr_type, ioa_addr *ca, const ioa_addr *default_addr); uint16_t stun_attr_get_first_channel_number(const stun_buffer *buf); /////////////////////////////////////////////////////////////// @@ -100,26 +100,26 @@ int stun_get_command_message_len(const stun_buffer *buf); /////////////////////////////////////////////////////////////// -int stun_init_channel_message(uint16_t chnumber, stun_buffer *buf, int length, int do_padding); -int stun_is_channel_message(stun_buffer *buf, uint16_t *chnumber, int is_padding_madatory); +bool stun_init_channel_message(uint16_t chnumber, stun_buffer *buf, int length, bool do_padding); +bool stun_is_channel_message(stun_buffer *buf, uint16_t *chnumber, bool is_padding_madatory); /////////////////////////////////////////////////////////////// -int stun_set_allocate_request(stun_buffer *buf, uint32_t lifetime, int af4, int af6, uint8_t transport, int mobile, - const char *rt, int ep); -int stun_set_allocate_response(stun_buffer *buf, stun_tid *tid, const ioa_addr *relayed_addr1, - const ioa_addr *relayed_addr2, const ioa_addr *reflexive_addr, uint32_t lifetime, - uint32_t max_lifetime, int error_code, const uint8_t *reason, uint64_t reservation_token, - char *mobile_id); +bool stun_set_allocate_request(stun_buffer *buf, uint32_t lifetime, bool af4, bool af6, uint8_t transport, bool mobile, + const char *rt, int ep); +bool stun_set_allocate_response(stun_buffer *buf, stun_tid *tid, const ioa_addr *relayed_addr1, + const ioa_addr *relayed_addr2, const ioa_addr *reflexive_addr, uint32_t lifetime, + uint32_t max_lifetime, int error_code, const uint8_t *reason, + uint64_t reservation_token, char *mobile_id); /////////////////////////////////////////////////////////////// void stun_set_binding_request(stun_buffer *buf); -int stun_set_binding_response(stun_buffer *buf, stun_tid *tid, const ioa_addr *reflexive_addr, int error_code, - const uint8_t *reason); +bool stun_set_binding_response(stun_buffer *buf, stun_tid *tid, const ioa_addr *reflexive_addr, int error_code, + const uint8_t *reason); void stun_prepare_binding_request(stun_buffer *buf); -int stun_is_binding_response(const stun_buffer *buf); +bool stun_is_binding_response(const stun_buffer *buf); /////////////////////////////////////////////////////////////// diff --git a/src/apps/natdiscovery/natdiscovery.c b/src/apps/natdiscovery/natdiscovery.c index 7b698a5..ee28d94 100644 --- a/src/apps/natdiscovery/natdiscovery.c +++ b/src/apps/natdiscovery/natdiscovery.c @@ -371,7 +371,7 @@ static int stunclient_send(stun_buffer *buf, int sockfd, ioa_addr *local_addr, i stun_attr_add_change_request_str((uint8_t *)buf->buf, (size_t *)&(buf->len), change_ip, change_port); } if (padding) { - if (stun_attr_add_padding_str((uint8_t *)buf->buf, (size_t *)&(buf->len), 1500) < 0) { + if (!stun_attr_add_padding_str((uint8_t *)buf->buf, (size_t *)&(buf->len), 1500)) { printf("%s: ERROR: Cannot add padding\n", __FUNCTION__); } } @@ -437,8 +437,7 @@ static int stunclient_receive(stun_buffer *buf, int sockfd, ioa_addr *local_addr if (stun_is_binding_response(buf)) { addr_set_any(reflexive_addr); - if (stun_attr_get_first_addr(buf, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, reflexive_addr, NULL) >= 0) { - + if (stun_attr_get_first_addr(buf, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, reflexive_addr, NULL)) { stun_attr_ref sar = stun_attr_get_first_by_type_str(buf->buf, buf->len, STUN_ATTRIBUTE_OTHER_ADDRESS); if (sar) { *rfc5780 = true; @@ -446,7 +445,7 @@ static int stunclient_receive(stun_buffer *buf, int sockfd, ioa_addr *local_addr printf("RFC 5780 response %d\n", ++counter); ioa_addr mapped_addr; addr_set_any(&mapped_addr); - if (stun_attr_get_first_addr(buf, STUN_ATTRIBUTE_MAPPED_ADDRESS, &mapped_addr, NULL) >= 0) { + if (stun_attr_get_first_addr(buf, STUN_ATTRIBUTE_MAPPED_ADDRESS, &mapped_addr, NULL)) { if (!addr_eq(&mapped_addr, reflexive_addr)) { printf("-= ALG detected! Mapped and XOR-Mapped differ! =-\n"); addr_debug_print(1, &mapped_addr, "Mapped Address: "); diff --git a/src/apps/oauth/oauth.c b/src/apps/oauth/oauth.c index d71e72d..df4f4d8 100644 --- a/src/apps/oauth/oauth.c +++ b/src/apps/oauth/oauth.c @@ -84,7 +84,7 @@ static int setup_ikm_key(const char *kid, const char *ikm_key, const turn_time_t char err_msg[1025] = "\0"; size_t err_msg_size = sizeof(err_msg) - 1; - if (convert_oauth_key_data(&okd, key, err_msg, err_msg_size) < 0) { + if (!convert_oauth_key_data(&okd, key, err_msg, err_msg_size)) { fprintf(stderr, "%s\n", err_msg); return -1; } @@ -113,7 +113,7 @@ static int encode_token(const char *server_name, const char *gcm_nonce, const ch gcm_nonce = NULL; } - if (encode_oauth_token((const uint8_t *)server_name, &etoken, &key, &ot, (const uint8_t *)gcm_nonce) < 0) { + if (!encode_oauth_token((const uint8_t *)server_name, &etoken, &key, &ot, (const uint8_t *)gcm_nonce)) { fprintf(stderr, "%s: cannot encode oauth token\n", __FUNCTION__); return -1; } @@ -139,7 +139,7 @@ static int validate_decode_token(const char *server_name, const oauth_key key, c memcpy(etoken.token, tmp, etoken.size); free(tmp); - if (decode_oauth_token((const uint8_t *)server_name, &etoken, &key, dot) < 0) { + if (!decode_oauth_token((const uint8_t *)server_name, &etoken, &key, dot)) { fprintf(stderr, "%s: cannot decode oauth token\n", __FUNCTION__); return -1; } else { diff --git a/src/apps/relay/mainrelay.c b/src/apps/relay/mainrelay.c index 1b05200..0fc5594 100644 --- a/src/apps/relay/mainrelay.c +++ b/src/apps/relay/mainrelay.c @@ -2693,7 +2693,7 @@ static int adminmain(int argc, char **argv) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong user name structure or symbols, choose another name: %s\n", user); exit(-1); } - if (SASLprep((uint8_t *)user) < 0) { + if (!SASLprep((uint8_t *)user)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong user name: %s\n", user); exit(-1); } @@ -2701,14 +2701,14 @@ static int adminmain(int argc, char **argv) { case 'r': set_default_realm_name(optarg); STRCPY(realm, optarg); - if (SASLprep((uint8_t *)realm) < 0) { + if (!SASLprep((uint8_t *)realm)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong realm: %s\n", realm); exit(-1); } break; case 'p': STRCPY(pwd, optarg); - if (SASLprep((uint8_t *)pwd) < 0) { + if (!SASLprep((uint8_t *)pwd)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong password: %s\n", pwd); exit(-1); } diff --git a/src/apps/relay/turn_admin_server.c b/src/apps/relay/turn_admin_server.c index 1b52f84..6cce44c 100644 --- a/src/apps/relay/turn_admin_server.c +++ b/src/apps/relay/turn_admin_server.c @@ -960,7 +960,7 @@ static int run_cli_input(struct cli_session *cs, const char *buf0, unsigned int if (sl) { cs->cmds += 1; if (cli_password[0] && !(cs->auth_completed)) { - if (check_password(cmd, cli_password)) { + if (check_password_equal(cmd, cli_password)) { if (cs->cmds >= CLI_PASSWORD_TRY_NUMBER) { addr_debug_print(1, &(cs->addr), "CLI authentication error"); TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "CLI authentication error\n"); @@ -3027,7 +3027,7 @@ static void write_https_oauth_show_keys(ioa_socket_handle s, const char *kid) { oauth_key okey; memset(&okey, 0, sizeof(okey)); - if (convert_oauth_key_data(&okd, &okey, err_msg, err_msg_size) < 0) { + if (!convert_oauth_key_data(&okd, &okey, err_msg, err_msg_size)) { str_buffer_append(sb, err_msg); } else { @@ -3312,7 +3312,7 @@ static void handle_logon_request(ioa_socket_handle s, struct http_request *hr) { password_t password; char realm[STUN_MAX_REALM_SIZE + 1] = "\0"; if ((*(dbd->get_admin_user))((const uint8_t *)uname, (uint8_t *)realm, password) >= 0) { - if (!check_password(pwd, (char *)password)) { + if (!check_password_equal(pwd, (char *)password)) { STRCPY(as->as_login, uname); STRCPY(as->as_realm, realm); as->as_eff_realm[0] = 0; diff --git a/src/apps/relay/userdb.c b/src/apps/relay/userdb.c index 673297d..58dded0 100644 --- a/src/apps/relay/userdb.c +++ b/src/apps/relay/userdb.c @@ -449,7 +449,7 @@ int get_user_key(int in_oauth, int *out_oauth, int *max_session_time, uint8_t *u oauth_key okey; memset(&okey, 0, sizeof(okey)); - if (convert_oauth_key_data(&okd, &okey, err_msg, err_msg_size) < 0) { + if (!convert_oauth_key_data(&okd, &okey, err_msg, err_msg_size)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s\n", err_msg); return -1; } @@ -476,7 +476,7 @@ int get_user_key(int in_oauth, int *out_oauth, int *max_session_time, uint8_t *u } } - if (decode_oauth_token((const uint8_t *)server_name, &etoken, &okey, &dot) < 0) { + if (!decode_oauth_token((const uint8_t *)server_name, &etoken, &okey, &dot)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Cannot decode oauth token\n"); return -1; } @@ -576,7 +576,7 @@ int get_user_key(int in_oauth, int *out_oauth, int *max_session_time, uint8_t *u if (secret) { if (stun_calculate_hmac(usname, strlen((char *)usname), (const uint8_t *)secret, strlen(secret), hmac, - &hmac_len, SHATYPE_DEFAULT) >= 0) { + &hmac_len, SHATYPE_DEFAULT)) { size_t pwd_length = 0; char *pwd = base64_encode(hmac, hmac_len, &pwd_length); @@ -584,9 +584,7 @@ int get_user_key(int in_oauth, int *out_oauth, int *max_session_time, uint8_t *u if (pwd_length < 1) { free(pwd); } else { - if (stun_produce_integrity_key_str((uint8_t *)usname, realm, (uint8_t *)pwd, key, SHATYPE_DEFAULT) >= - 0) { - + if (stun_produce_integrity_key_str((uint8_t *)usname, realm, (uint8_t *)pwd, key, SHATYPE_DEFAULT)) { if (stun_check_message_integrity_by_key_str(TURN_CREDENTIALS_LONG_TERM, ioa_network_buffer_data(nbh), ioa_network_buffer_get_size(nbh), key, pwdtmp, SHATYPE_DEFAULT) > 0) { @@ -740,7 +738,7 @@ int add_static_user_account(char *user) { strncpy(usname, user, ulen); usname[ulen] = 0; - if (SASLprep((uint8_t *)usname) < 0) { + if (!SASLprep((uint8_t *)usname)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong user name: %s\n", user); free(usname); return -1; @@ -965,11 +963,10 @@ int adminuser(uint8_t *user, uint8_t *realm, uint8_t *pwd, uint8_t *secret, uint { stun_produce_integrity_key_str(user, realm, pwd, key, SHATYPE_DEFAULT); - size_t i = 0; size_t sz = get_hmackey_size(SHATYPE_DEFAULT); int maxsz = (int)(sz * 2) + 1; char *s = skey; - for (i = 0; (i < sz) && (maxsz > 2); i++) { + for (size_t i = 0; (i < sz) && (maxsz > 2); i++) { snprintf(s, (size_t)(sz * 2), "%02x", (unsigned int)key[i]); maxsz -= 2; s += 2; @@ -1078,7 +1075,7 @@ void run_db_test(void) { oauth_key oak; char err_msg[1025]; err_msg[0] = 0; - if (convert_oauth_key_data(&oakd, &oak, err_msg, sizeof(err_msg) - 1) < 0) { + if (!convert_oauth_key_data(&oakd, &oak, err_msg, sizeof(err_msg) - 1)) { printf(" ERROR: %s\n", err_msg); } else { printf(" OK!\n"); diff --git a/src/apps/rfc5769/rfc5769check.c b/src/apps/rfc5769/rfc5769check.c index c603f95..0ea946b 100644 --- a/src/apps/rfc5769/rfc5769check.c +++ b/src/apps/rfc5769/rfc5769check.c @@ -127,7 +127,7 @@ static int check_oauth(void) { char err_msg[1025] = "\0"; size_t err_msg_size = sizeof(err_msg) - 1; - if (convert_oauth_key_data(&okd, &key, err_msg, err_msg_size) < 0) { + if (!convert_oauth_key_data(&okd, &key, err_msg, err_msg_size)) { fprintf(stderr, "%s\n", err_msg); goto err; } @@ -143,7 +143,7 @@ static int check_oauth(void) { encoded_oauth_token etoken; memset(&etoken, 0, sizeof(etoken)); - if (encode_oauth_token((const uint8_t *)server_name, &etoken, &key, &ot, (const uint8_t *)gcm_nonce) < 0) { + if (!encode_oauth_token((const uint8_t *)server_name, &etoken, &key, &ot, (const uint8_t *)gcm_nonce)) { fprintf(stderr, "%s: cannot encode oauth token\n", __FUNCTION__); goto err; } @@ -152,7 +152,7 @@ static int check_oauth(void) { print_field5769("encoded token", etoken.token, etoken.size); } - if (decode_oauth_token((const uint8_t *)server_name, &etoken, &key, &dot) < 0) { + if (!decode_oauth_token((const uint8_t *)server_name, &etoken, &key, &dot)) { fprintf(stderr, "%s: cannot decode oauth token\n", __FUNCTION__); goto err; } @@ -459,8 +459,7 @@ int main(int argc, const char **argv) { printf("RFC 5769 IPv4 encoding result: "); - res = stun_attr_get_first_addr_str(buf, sizeof(respv4) - 1, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, &addr4, NULL); - if (res < 0) { + if (!stun_attr_get_first_addr_str(buf, sizeof(respv4) - 1, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, &addr4, NULL)) { printf("failure on message structure check\n"); exit(-1); } @@ -548,8 +547,7 @@ int main(int argc, const char **argv) { printf("RFC 5769 IPv6 encoding result: "); - res = stun_attr_get_first_addr_str(buf, sizeof(respv6) - 1, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, &addr6, NULL); - if (res < 0) { + if (!stun_attr_get_first_addr_str(buf, sizeof(respv6) - 1, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, &addr6, NULL)) { printf("failure on message structure check\n"); exit(-1); } diff --git a/src/apps/stunclient/stunclient.c b/src/apps/stunclient/stunclient.c index bc6b84e..f82937e 100644 --- a/src/apps/stunclient/stunclient.c +++ b/src/apps/stunclient/stunclient.c @@ -307,7 +307,7 @@ static int run_stunclient(const char *rip, int rport, int *port, bool *rfc5780, stun_attr_add_change_request_str((uint8_t *)buf.buf, (size_t *)&(buf.len), change_ip, change_port); } if (padding) { - if (stun_attr_add_padding_str((uint8_t *)buf.buf, (size_t *)&(buf.len), 1500) < 0) { + if (!stun_attr_add_padding_str((uint8_t *)buf.buf, (size_t *)&(buf.len), 1500)) { printf("%s: ERROR: Cannot add padding\n", __FUNCTION__); } } @@ -369,7 +369,7 @@ static int run_stunclient(const char *rip, int rport, int *port, bool *rfc5780, ioa_addr reflexive_addr; addr_set_any(&reflexive_addr); - if (stun_attr_get_first_addr(&buf, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, &reflexive_addr, NULL) >= 0) { + if (stun_attr_get_first_addr(&buf, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, &reflexive_addr, NULL)) { stun_attr_ref sar = stun_attr_get_first_by_type_str(buf.buf, buf.len, STUN_ATTRIBUTE_OTHER_ADDRESS); if (sar) { diff --git a/src/apps/uclient/mainuclient.c b/src/apps/uclient/mainuclient.c index 0c8e77a..9614137 100644 --- a/src/apps/uclient/mainuclient.c +++ b/src/apps/uclient/mainuclient.c @@ -210,17 +210,17 @@ int main(int argc, char **argv) { char err_msg[1025] = "\0"; size_t err_msg_size = sizeof(err_msg) - 1; - if (convert_oauth_key_data(&okd_array[0], &okey_array[0], err_msg, err_msg_size) < 0) { + if (!convert_oauth_key_data(&okd_array[0], &okey_array[0], err_msg, err_msg_size)) { fprintf(stderr, "%s\n", err_msg); exit(-1); } - if (convert_oauth_key_data(&okd_array[1], &okey_array[1], err_msg, err_msg_size) < 0) { + if (!convert_oauth_key_data(&okd_array[1], &okey_array[1], err_msg, err_msg_size)) { fprintf(stderr, "%s\n", err_msg); exit(-1); } - if (convert_oauth_key_data(&okd_array[2], &okey_array[2], err_msg, err_msg_size) < 0) { + if (!convert_oauth_key_data(&okd_array[2], &okey_array[2], err_msg, err_msg_size)) { fprintf(stderr, "%s\n", err_msg); exit(-1); } @@ -418,7 +418,7 @@ int main(int argc, char **argv) { hmac[0] = 0; if (stun_calculate_hmac(g_uname, strlen((char *)g_uname), (uint8_t *)g_auth_secret, strlen(g_auth_secret), hmac, - &hmac_len, shatype) >= 0) { + &hmac_len, shatype)) { size_t pwd_length = 0; char *pwd = base64_encode(hmac, hmac_len, &pwd_length); diff --git a/src/apps/uclient/session.h b/src/apps/uclient/session.h index 481482c..a019ece 100644 --- a/src/apps/uclient/session.h +++ b/src/apps/uclient/session.h @@ -74,8 +74,7 @@ typedef struct { uint8_t nonce[STUN_MAX_NONCE_SIZE + 1]; uint8_t realm[STUN_MAX_REALM_SIZE + 1]; /* oAuth */ - int oauth; // Cannot (yet) be converted to bool, as many functions take an int* instead of bool*, those must be - // addressed first. + bool oauth; uint8_t server_name[STUN_MAX_SERVER_NAME_SIZE + 1]; hmackey_t key; bool key_set; diff --git a/src/apps/uclient/startuclient.c b/src/apps/uclient/startuclient.c index e9df185..ab7adfa 100644 --- a/src/apps/uclient/startuclient.c +++ b/src/apps/uclient/startuclient.c @@ -487,7 +487,7 @@ beg_allocate: int attr_type = stun_attr_get_type(sar); if (attr_type == STUN_ATTRIBUTE_XOR_RELAYED_ADDRESS) { - if (stun_attr_get_addr(&response_message, sar, relay_addr, NULL) < 0) { + if (!stun_attr_get_addr(&response_message, sar, relay_addr, NULL)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: !!!: relay addr cannot be received (1)\n", __FUNCTION__); return -1; } else { @@ -551,8 +551,8 @@ beg_allocate: } ioa_addr alternate_server; - if (stun_attr_get_first_addr(&response_message, STUN_ATTRIBUTE_ALTERNATE_SERVER, &alternate_server, - NULL) == -1) { + if (!stun_attr_get_first_addr(&response_message, STUN_ATTRIBUTE_ALTERNATE_SERVER, &alternate_server, + NULL)) { // error } else if (turn_addr && turn_port) { addr_to_string_no_port(&alternate_server, (uint8_t *)turn_addr); @@ -1549,8 +1549,8 @@ beg_cb: TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "success\n"); } atc->tcp_data_bound = true; - } else if (stun_is_challenge_response_str(response_message.buf, (size_t)response_message.len, &err_code, - err_msg, sizeof(err_msg), clnet_info->realm, clnet_info->nonce, + } else if (stun_is_challenge_response_str(response_message.buf, response_message.len, &err_code, err_msg, + sizeof(err_msg), clnet_info->realm, clnet_info->nonce, clnet_info->server_name, &(clnet_info->oauth))) { goto beg_cb; } else if (stun_is_error_response(&response_message, &err_code, err_msg, sizeof(err_msg))) { diff --git a/src/apps/uclient/uclient.c b/src/apps/uclient/uclient.c index 33ef152..3e7332c 100644 --- a/src/apps/uclient/uclient.c +++ b/src/apps/uclient/uclient.c @@ -756,7 +756,7 @@ static int client_read(app_ur_session *elem, int is_tcp_data, app_tcp_conn_info } return rc; - } else if (stun_is_challenge_response_str(elem->in_buffer.buf, (size_t)elem->in_buffer.len, &err_code, err_msg, + } else if (stun_is_challenge_response_str(elem->in_buffer.buf, elem->in_buffer.len, &err_code, err_msg, sizeof(err_msg), clnet_info->realm, clnet_info->nonce, clnet_info->server_name, &(clnet_info->oauth))) { if (is_TCP_relay() && (stun_get_method(&(elem->in_buffer)) == STUN_METHOD_CONNECT)) { @@ -1639,19 +1639,19 @@ int add_integrity(app_ur_conn_info *clnet_info, stun_buffer *message) { otoken.enc_block.key_length = 20; } RAND_bytes((unsigned char *)(otoken.enc_block.mac_key), otoken.enc_block.key_length); - if (encode_oauth_token(clnet_info->server_name, &etoken, &(okey_array[cok]), &otoken, nonce) < 0) { + if (!encode_oauth_token(clnet_info->server_name, &etoken, &(okey_array[cok]), &otoken, nonce)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, " Cannot encode token\n"); return -1; } - stun_attr_add_str(message->buf, (size_t *)&(message->len), STUN_ATTRIBUTE_OAUTH_ACCESS_TOKEN, + stun_attr_add_str(message->buf, &(message->len), STUN_ATTRIBUTE_OAUTH_ACCESS_TOKEN, (const uint8_t *)etoken.token, (int)etoken.size); memcpy(clnet_info->key, otoken.enc_block.mac_key, otoken.enc_block.key_length); clnet_info->key_set = true; } - if (stun_attr_add_integrity_by_key_str(message->buf, (size_t *)&(message->len), (uint8_t *)okey_array[cok].kid, - clnet_info->realm, clnet_info->key, clnet_info->nonce, shatype) < 0) { + if (!stun_attr_add_integrity_by_key_str(message->buf, &(message->len), (uint8_t *)okey_array[cok].kid, + clnet_info->realm, clnet_info->key, clnet_info->nonce, shatype)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, " Cannot add integrity to the message\n"); return -1; } @@ -1659,15 +1659,15 @@ int add_integrity(app_ur_conn_info *clnet_info, stun_buffer *message) { // self-test: { password_t pwd; - if (stun_check_message_integrity_by_key_str(get_turn_credentials_type(), message->buf, (size_t)(message->len), + if (stun_check_message_integrity_by_key_str(get_turn_credentials_type(), message->buf, message->len, clnet_info->key, pwd, shatype) < 1) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, " Self-test of integrity does not comple correctly !\n"); return -1; } } } else { - if (stun_attr_add_integrity_by_user_str(message->buf, (size_t *)&(message->len), g_uname, clnet_info->realm, - g_upwd, clnet_info->nonce, shatype) < 0) { + if (!stun_attr_add_integrity_by_user_str(message->buf, (size_t *)&(message->len), g_uname, clnet_info->realm, + g_upwd, clnet_info->nonce, shatype)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, " Cannot add integrity to the message\n"); return -1; } diff --git a/src/client++/TurnMsgLib.h b/src/client++/TurnMsgLib.h index 9117149..18475e0 100644 --- a/src/client++/TurnMsgLib.h +++ b/src/client++/TurnMsgLib.h @@ -277,7 +277,7 @@ protected: if (!_value) { throw WrongStunAttrFormatException(); } - if (stun_attr_add_str(buffer, &sz, _attr_type, _value, _sz) < 0) { + if (!stun_attr_add_str(buffer, &sz, _attr_type, _value, _sz)) { throw WrongStunBufferFormatException(); } return 0; @@ -317,7 +317,7 @@ public: void setChannelNumber(uint16_t cn) { _cn = cn; } protected: - virtual int addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_channel_number_str(buffer, &sz, _cn); } + virtual bool addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_channel_number_str(buffer, &sz, _cn); } private: uint16_t _cn; @@ -341,7 +341,7 @@ public: void setEvenPort(uint8_t ep) { _ep = ep; } protected: - virtual int addToBuffer(uint8_t *buffer, size_t &sz) { + virtual bool addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_str(buffer, &sz, STUN_ATTRIBUTE_EVEN_PORT, &_ep, 1); } @@ -367,7 +367,7 @@ public: void setReservationToken(uint64_t rt) { _rt = rt; } protected: - virtual int addToBuffer(uint8_t *buffer, size_t &sz) { + virtual bool addToBuffer(uint8_t *buffer, size_t &sz) { uint64_t reservation_token = ioa_ntoh64(_rt); return stun_attr_add_str(buffer, &sz, STUN_ATTRIBUTE_RESERVATION_TOKEN, (uint8_t *)(&reservation_token), 8); } @@ -392,7 +392,7 @@ public: } size_t sz = 0; const uint8_t *buf = iter.getRawBuffer(sz); - if (stun_attr_get_addr_str(buf, sz, getSar(iter), &_addr, NULL) < 0) { + if (!stun_attr_get_addr_str(buf, sz, getSar(iter), &_addr, NULL)) { throw WrongStunAttrFormatException(); } } @@ -401,7 +401,7 @@ public: void setAddr(ioa_addr &addr) { addr_cpy(&_addr, &addr); } protected: - virtual int addToBuffer(uint8_t *buffer, size_t &sz) { + virtual bool addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_addr_str(buffer, &sz, getType(), &_addr); } @@ -414,43 +414,31 @@ private: */ class StunAttrChangeRequest : public StunAttr { public: - StunAttrChangeRequest() : _changeIp(0), _changePort(0) { setType(STUN_ATTRIBUTE_CHANGE_REQUEST); } + StunAttrChangeRequest() : _changeIp(false), _changePort(false) { setType(STUN_ATTRIBUTE_CHANGE_REQUEST); } StunAttrChangeRequest(const StunAttrIterator &iter) : StunAttr(iter) { if (iter.eof()) { throw EndOfStunMsgException(); } - if (stun_attr_get_change_request_str(getSar(iter), &_changeIp, &_changePort) < 0) { + if (!stun_attr_get_change_request_str(getSar(iter), &_changeIp, &_changePort)) { throw WrongStunAttrFormatException(); } } virtual ~StunAttrChangeRequest() {} bool getChangeIp() const { return _changeIp; } - void setChangeIp(bool ci) { - if (ci) { - _changeIp = 1; - } else { - _changeIp = 0; - } - } + void setChangeIp(bool ci) { _changeIp = ci; } bool getChangePort() const { return _changePort; } - void setChangePort(bool cp) { - if (cp) { - _changePort = 1; - } else { - _changePort = 0; - } - } + void setChangePort(bool cp) { _changePort = cp; } protected: - virtual int addToBuffer(uint8_t *buffer, size_t &sz) { + virtual bool addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_change_request_str(buffer, &sz, _changeIp, _changePort); } private: - int _changeIp; - int _changePort; + bool _changeIp; + bool _changePort; }; /** @@ -476,7 +464,7 @@ public: void setResponsePort(uint16_t p) { _rp = p; } protected: - virtual int addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_response_port_str(buffer, &sz, _rp); } + virtual bool addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_response_port_str(buffer, &sz, _rp); } private: uint16_t _rp; @@ -508,7 +496,7 @@ public: void setPadding(uint16_t p) { _p = p; } protected: - virtual int addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_padding_str(buffer, &sz, _p); } + virtual bool addToBuffer(uint8_t *buffer, size_t &sz) { return stun_attr_add_padding_str(buffer, &sz, _p); } private: uint16_t _p; @@ -600,7 +588,7 @@ public: * Check if the raw buffer is a challenge response (the one with 401 error and realm and nonce values). */ static bool isChallengeResponse(const uint8_t *buf, size_t sz, int &err_code, uint8_t *err_msg, size_t err_msg_size, - uint8_t *realm, uint8_t *nonce, uint8_t *server_name, int *oauth) { + uint8_t *realm, uint8_t *nonce, uint8_t *server_name, bool *oauth) { return stun_is_challenge_response_str(buf, sz, &err_code, err_msg, err_msg_size, realm, nonce, server_name, oauth); } @@ -743,7 +731,7 @@ protected: */ class StunMsgRequest : public StunMsg { public: - StunMsgRequest(uint16_t method) : _method(method){}; + StunMsgRequest(uint16_t method) : _method(method) {}; StunMsgRequest(uint8_t *buffer, size_t total_sz, size_t sz, bool constructed) : StunMsg(buffer, total_sz, sz, constructed), _method(0) { @@ -816,11 +804,11 @@ private: */ class StunMsgResponse : public StunMsg { public: - StunMsgResponse(uint16_t method, stun_tid &tid) : _method(method), _err(0), _reason(""), _tid(tid){}; + StunMsgResponse(uint16_t method, stun_tid &tid) : _method(method), _err(0), _reason(""), _tid(tid) {}; StunMsgResponse(uint16_t method, int error_code, std::string reason, stun_tid &tid) - : _method(method), _err(error_code), _reason(reason), _tid(tid){ + : _method(method), _err(error_code), _reason(reason), _tid(tid) { - }; + }; StunMsgResponse(uint8_t *buffer, size_t total_sz, size_t sz, bool constructed) : StunMsg(buffer, total_sz, sz, constructed), _method(0), _err(0), _reason("") { @@ -906,7 +894,7 @@ public: */ void constructBindingResponse(stun_tid &tid, const ioa_addr &reflexive_addr, int error_code, const uint8_t *reason) { - stun_set_binding_response_str(_buffer, &_sz, &tid, &reflexive_addr, error_code, reason, 0, 0, 1); + stun_set_binding_response_str(_buffer, &_sz, &tid, &reflexive_addr, error_code, reason, 0, false, true); } bool isBindingResponse() const { return stun_is_binding_response_str(_buffer, _sz); } @@ -972,7 +960,7 @@ private: */ class StunMsgIndication : public StunMsg { public: - StunMsgIndication(uint16_t method) : _method(method){}; + StunMsgIndication(uint16_t method) : _method(method) {}; StunMsgIndication(uint8_t *buffer, size_t total_sz, size_t sz, bool constructed) : StunMsg(buffer, total_sz, sz, constructed), _method(0) { @@ -1017,12 +1005,12 @@ private: */ class StunMsgChannel : public StunMsg { public: - StunMsgChannel(uint16_t cn, int length) : _cn(cn), _len(length){}; + StunMsgChannel(uint16_t cn, int length) : _cn(cn), _len(length) {}; StunMsgChannel(uint8_t *buffer, size_t total_sz, size_t sz, bool constructed) : StunMsg(buffer, total_sz, sz, constructed), _cn(0) { if (constructed) { - if (!stun_is_channel_message_str(buffer, &_sz, &_cn, 0)) { + if (!stun_is_channel_message_str(buffer, &_sz, &_cn, false)) { throw WrongStunBufferFormatException(); } if (_sz > 0xFFFF || _sz < 4) { @@ -1065,7 +1053,7 @@ protected: return false; } uint16_t cn = 0; - if (!stun_is_channel_message_str(_buffer, &_sz, &cn, 0)) { + if (!stun_is_channel_message_str(_buffer, &_sz, &cn, false)) { return false; } if (_cn != cn) { diff --git a/src/client/ns_turn_msg.c b/src/client/ns_turn_msg.c index 4a5531d..08b87b8 100644 --- a/src/client/ns_turn_msg.c +++ b/src/client/ns_turn_msg.c @@ -39,6 +39,7 @@ /////////// #include // for tolower +#include #include // for fprintf, printf, stderr, snprintf #include #include // for memcpy, strlen, memset, strncpy, strcmp @@ -49,10 +50,6 @@ /////////// -static void generate_random_nonce(unsigned char *nonce, size_t sz); - -/////////// - int stun_method_str(uint16_t method, char *smethod) { int ret = 0; @@ -94,7 +91,7 @@ int stun_method_str(uint16_t method, char *smethod) { }; if (smethod) { - memcpy(smethod, s, strlen(s) + 1); + strcpy(smethod, s); } return ret; @@ -111,58 +108,65 @@ long turn_random_number(void) { return ret; } +static void generate_random_nonce(unsigned char *nonce, size_t sz) { + if (!RAND_bytes(nonce, (int)sz)) { + for (size_t i = 0; i < sz; ++i) { + nonce[i] = (unsigned char)turn_random_number(); + } + } +} + static void turn_random_tid_size(void *id) { uint32_t *ar = (uint32_t *)id; if (!RAND_bytes((unsigned char *)ar, 12)) { - size_t i; - for (i = 0; i < 3; ++i) { + for (size_t i = 0; i < 3; ++i) { ar[i] = (uint32_t)turn_random_number(); } } } -int stun_calculate_hmac(const uint8_t *buf, size_t len, const uint8_t *key, size_t keylen, uint8_t *hmac, - unsigned int *hmac_len, SHATYPE shatype) { +bool stun_calculate_hmac(const uint8_t *buf, size_t len, const uint8_t *key, size_t keylen, uint8_t *hmac, + unsigned int *hmac_len, SHATYPE shatype) { ERR_clear_error(); UNUSED_ARG(shatype); if (shatype == SHATYPE_SHA256) { #if !defined(OPENSSL_NO_SHA256) && defined(SHA256_DIGEST_LENGTH) if (!HMAC(EVP_sha256(), key, (int)keylen, buf, len, hmac, hmac_len)) { - return -1; + return false; } #else fprintf(stderr, "SHA256 is not supported\n"); - return -1; + return false; #endif } else if (shatype == SHATYPE_SHA384) { #if !defined(OPENSSL_NO_SHA384) && defined(SHA384_DIGEST_LENGTH) if (!HMAC(EVP_sha384(), key, (int)keylen, buf, len, hmac, hmac_len)) { - return -1; + return false; } #else fprintf(stderr, "SHA384 is not supported\n"); - return -1; + return false; #endif } else if (shatype == SHATYPE_SHA512) { #if !defined(OPENSSL_NO_SHA512) && defined(SHA512_DIGEST_LENGTH) if (!HMAC(EVP_sha512(), key, (int)keylen, buf, len, hmac, hmac_len)) { - return -1; + return false; } #else fprintf(stderr, "SHA512 is not supported\n"); - return -1; + return false; #endif } else if (!HMAC(EVP_sha1(), key, (int)keylen, buf, len, hmac, hmac_len)) { - return -1; + return false; } - return 0; + return true; } -int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, const uint8_t *upwd, hmackey_t key, - SHATYPE shatype) { - int ret; +bool stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, const uint8_t *upwd, hmackey_t key, + SHATYPE shatype) { + bool ret; ERR_clear_error(); UNUSED_ARG(shatype); @@ -198,10 +202,10 @@ int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, c EVP_DigestFinal(ctx, key, &keylen); EVP_MD_CTX_free(ctx); #endif - ret = 0; + ret = true; #else fprintf(stderr, "SHA256 is not supported\n"); - ret = -1; + ret = false; #endif } else if (shatype == SHATYPE_SHA384) { #if !defined(OPENSSL_NO_SHA384) && defined(SHA384_DIGEST_LENGTH) @@ -220,10 +224,10 @@ int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, c EVP_DigestFinal(ctx, key, &keylen); EVP_MD_CTX_free(ctx); #endif - ret = 0; + ret = true; #else fprintf(stderr, "SHA384 is not supported\n"); - ret = -1; + ret = false; #endif } else if (shatype == SHATYPE_SHA512) { #if !defined(OPENSSL_NO_SHA512) && defined(SHA512_DIGEST_LENGTH) @@ -242,10 +246,10 @@ int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, c EVP_DigestFinal(ctx, key, &keylen); EVP_MD_CTX_free(ctx); #endif - ret = 0; + ret = true; #else fprintf(stderr, "SHA512 is not supported\n"); - ret = -1; + ret = false; #endif } else { #if OPENSSL_VERSION_NUMBER < 0x10100000L @@ -284,7 +288,7 @@ int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, c EVP_DigestFinal(ctx, key, &keylen); EVP_MD_CTX_free(ctx); #endif // OPENSSL_VERSION_NUMBER < 0X10100000L - ret = 0; + ret = true; } free(str); @@ -295,10 +299,8 @@ int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, c #define PWD_SALT_SIZE (8) static void readable_string(unsigned char *orig, unsigned char *out, size_t sz) { - size_t i = 0; - out[0] = 0; - - for (i = 0; i < sz; ++i) { + out[0] = '\0'; + for (size_t i = 0; i < sz; ++i) { snprintf((char *)(out + (i * 2)), 3, "%02x", (unsigned int)orig[i]); } out[sz * 2] = 0; @@ -359,12 +361,11 @@ static void generate_enc_password(const char *pwd, char *result, const unsigned void generate_new_enc_password(const char *pwd, char *result) { generate_enc_password(pwd, result, NULL); } -static int encrypted_password(const char *pin, unsigned char *salt) { - size_t min_len = 3 + PWD_SALT_SIZE + PWD_SALT_SIZE + 1 + 32; +static bool encrypted_password(const char *pin, unsigned char *salt) { + static const size_t min_len = 3 + PWD_SALT_SIZE + PWD_SALT_SIZE + 1 + 32; if (strlen(pin) >= min_len) { if ((pin[0] == '$') && (pin[1] == '5') && (pin[2] == '$') && (pin[3 + PWD_SALT_SIZE + PWD_SALT_SIZE] == '$')) { - size_t i = 0; - for (i = 0; i < PWD_SALT_SIZE; ++i) { + for (size_t i = 0; i < PWD_SALT_SIZE; ++i) { const char *c = pin + 3 + i + i; char sc[3]; sc[0] = c[0]; @@ -372,28 +373,26 @@ static int encrypted_password(const char *pin, unsigned char *salt) { sc[2] = 0; salt[i] = (unsigned char)strtoul(sc, NULL, 16); } - return 1; + return true; } } - return 0; + return false; } -int check_password(const char *pin, const char *pwd) { +bool check_password_equal(const char *pin, const char *pwd) { unsigned char salt[PWD_SALT_SIZE]; if (!encrypted_password(pwd, salt)) { - return strcmp(pin, pwd); + return 0 == strcmp(pin, pwd); } char enc_pin[257]; generate_enc_password(pin, enc_pin, salt); - return strcmp(enc_pin, pwd); + return 0 == strcmp(enc_pin, pwd); } ///////////////////////////////////////////////////////////////// static uint32_t ns_crc32(const uint8_t *buffer, uint32_t len); -void print_hmac(const char *name, const void *s, size_t len); - ///////////////////////////////////////////////////////////////// int stun_get_command_message_len_str(const uint8_t *buf, size_t len) { @@ -410,12 +409,12 @@ int stun_get_command_message_len_str(const uint8_t *buf, size_t len) { return bufLen; } -static int stun_set_command_message_len_str(uint8_t *buf, int len) { +static bool stun_set_command_message_len_str(uint8_t *buf, int len) { if (len < STUN_HEADER_LENGTH) { - return -1; + return false; } ((uint16_t *)buf)[1] = nswap16((uint16_t)(len - STUN_HEADER_LENGTH)); - return 0; + return true; } /////////// Low-level binary ////////////////////////////////////////////// @@ -442,13 +441,13 @@ uint16_t stun_get_msg_type_str(const uint8_t *buf, size_t len) { return ((nswap16(((const uint16_t *)buf)[0])) & 0x3FFF); } -int is_channel_msg_str(const uint8_t *buf, size_t blen) { +bool is_channel_msg_str(const uint8_t *buf, size_t blen) { return (buf && blen >= 4 && STUN_VALID_CHANNEL(nswap16(((const uint16_t *)buf)[0]))); } /////////////// message types ///////////////////////////////// -int stun_is_command_message_str(const uint8_t *buf, size_t blen) { +bool stun_is_command_message_str(const uint8_t *buf, size_t blen) { if (buf && blen >= STUN_HEADER_LENGTH) { if (!STUN_VALID_CHANNEL(nswap16(((const uint16_t *)buf)[0]))) { if ((((uint8_t)buf[0]) & ((uint8_t)(0xC0))) == 0) { @@ -456,17 +455,17 @@ int stun_is_command_message_str(const uint8_t *buf, size_t blen) { uint16_t len = nswap16(((const uint16_t *)(buf))[1]); if ((len & 0x0003) == 0) { if ((size_t)(len + STUN_HEADER_LENGTH) == blen) { - return 1; + return true; } } } } } } - return 0; + return false; } -int old_stun_is_command_message_str(const uint8_t *buf, size_t blen, uint32_t *cookie) { +bool old_stun_is_command_message_str(const uint8_t *buf, size_t blen, uint32_t *cookie) { if (buf && blen >= STUN_HEADER_LENGTH) { if (!STUN_VALID_CHANNEL(nswap16(((const uint16_t *)buf)[0]))) { if ((((uint8_t)buf[0]) & ((uint8_t)(0xC0))) == 0) { @@ -475,20 +474,20 @@ int old_stun_is_command_message_str(const uint8_t *buf, size_t blen, uint32_t *c if ((len & 0x0003) == 0) { if ((size_t)(len + STUN_HEADER_LENGTH) == blen) { *cookie = nswap32(((const uint32_t *)(buf))[1]); - return 1; + return true; } } } } } } - return 0; + return false; } -int stun_is_command_message_full_check_str(const uint8_t *buf, size_t blen, int must_check_fingerprint, - int *fingerprint_present) { +bool stun_is_command_message_full_check_str(const uint8_t *buf, size_t blen, int must_check_fingerprint, + int *fingerprint_present) { if (!stun_is_command_message_str(buf, blen)) { - return 0; + return false; } stun_attr_ref sar = stun_attr_get_first_by_type_str(buf, blen, STUN_ATTRIBUTE_FINGERPRINT); if (!sar) { @@ -496,46 +495,42 @@ int stun_is_command_message_full_check_str(const uint8_t *buf, size_t blen, int *fingerprint_present = 0; } if (stun_get_method_str(buf, blen) == STUN_METHOD_BINDING) { - return 1; + return true; } return !must_check_fingerprint; } if (stun_attr_get_len(sar) != 4) { - return 0; + return false; } const uint32_t *fingerprint = (const uint32_t *)stun_attr_get_value(sar); if (!fingerprint) { return !must_check_fingerprint; } uint32_t crc32len = (uint32_t)((((const uint8_t *)fingerprint) - buf) - 4); - int ret = (*fingerprint == nswap32(ns_crc32(buf, crc32len) ^ ((uint32_t)FINGERPRINT_XOR))); + bool ret = (*fingerprint == nswap32(ns_crc32(buf, crc32len) ^ ((uint32_t)FINGERPRINT_XOR))); if (ret && fingerprint_present) { *fingerprint_present = ret; } return ret; } -int stun_is_command_message_offset_str(const uint8_t *buf, size_t blen, int offset) { - return stun_is_command_message_str(buf + offset, blen); -} - -int stun_is_request_str(const uint8_t *buf, size_t len) { +bool stun_is_request_str(const uint8_t *buf, size_t len) { if (is_channel_msg_str(buf, len)) { - return 0; + return false; } return IS_STUN_REQUEST(stun_get_msg_type_str(buf, len)); } -int stun_is_success_response_str(const uint8_t *buf, size_t len) { +bool stun_is_success_response_str(const uint8_t *buf, size_t len) { if (is_channel_msg_str(buf, len)) { - return 0; + return false; } return IS_STUN_SUCCESS_RESP(stun_get_msg_type_str(buf, len)); } -int stun_is_error_response_str(const uint8_t *buf, size_t len, int *err_code, uint8_t *err_msg, size_t err_msg_size) { +bool stun_is_error_response_str(const uint8_t *buf, size_t len, int *err_code, uint8_t *err_msg, size_t err_msg_size) { if (is_channel_msg_str(buf, len)) { - return 0; + return false; } if (IS_STUN_ERR_RESP(stun_get_msg_type_str(buf, len))) { if (err_code) { @@ -558,19 +553,20 @@ int stun_is_error_response_str(const uint8_t *buf, size_t len, int *err_code, ui } } } - return 1; + return true; } - return 0; + return false; } -int stun_is_challenge_response_str(const uint8_t *buf, size_t len, int *err_code, uint8_t *err_msg, size_t err_msg_size, - uint8_t *realm, uint8_t *nonce, uint8_t *server_name, int *oauth) { - int ret = stun_is_error_response_str(buf, len, err_code, err_msg, err_msg_size); +bool stun_is_challenge_response_str(const uint8_t *buf, size_t len, int *err_code, uint8_t *err_msg, + size_t err_msg_size, uint8_t *realm, uint8_t *nonce, uint8_t *server_name, + bool *oauth) { + bool ret = stun_is_error_response_str(buf, len, err_code, err_msg, err_msg_size); if (ret && (((*err_code) == 401) || ((*err_code) == 438))) { stun_attr_ref sar = stun_attr_get_first_by_type_str(buf, len, STUN_ATTRIBUTE_REALM); if (sar) { - int found_oauth = 0; + bool found_oauth = false; const uint8_t *value = stun_attr_get_value(sar); if (value) { @@ -589,7 +585,7 @@ int stun_is_challenge_response_str(const uint8_t *buf, size_t len, int *err_code if (server_name) { memcpy(server_name, value, vlen); } - found_oauth = 1; + found_oauth = true; } } } @@ -606,32 +602,32 @@ int stun_is_challenge_response_str(const uint8_t *buf, size_t len, int *err_code if (oauth) { *oauth = found_oauth; } - return 1; + return true; } } } } } - return 0; + return false; } -int stun_is_response_str(const uint8_t *buf, size_t len) { +bool stun_is_response_str(const uint8_t *buf, size_t len) { if (is_channel_msg_str(buf, len)) { - return 0; + return false; } if (IS_STUN_SUCCESS_RESP(stun_get_msg_type_str(buf, len))) { - return 1; + return true; } if (IS_STUN_ERR_RESP(stun_get_msg_type_str(buf, len))) { - return 1; + return true; } - return 0; + return false; } -int stun_is_indication_str(const uint8_t *buf, size_t len) { +bool stun_is_indication_str(const uint8_t *buf, size_t len) { if (is_channel_msg_str(buf, len)) { - return 0; + return false; } return IS_STUN_INDICATION(stun_get_msg_type_str(buf, len)); } @@ -692,67 +688,67 @@ void old_stun_init_success_response_str(uint16_t method, uint8_t *buf, size_t *l } const uint8_t *get_default_reason(int error_code) { - const uint8_t *reason = (const uint8_t *)"Unknown error"; + const char *reason = "Unknown error"; switch (error_code) { case 300: - reason = (const uint8_t *)"Try Alternate"; + reason = "Try Alternate"; break; case 400: - reason = (const uint8_t *)"Bad Request"; + reason = "Bad Request"; break; case 401: - reason = (const uint8_t *)"Unauthorized"; + reason = "Unauthorized"; break; case 403: - reason = (const uint8_t *)"Forbidden"; + reason = "Forbidden"; break; case 404: - reason = (const uint8_t *)"Not Found"; + reason = "Not Found"; break; case 420: - reason = (const uint8_t *)"Unknown Attribute"; + reason = "Unknown Attribute"; break; case 437: - reason = (const uint8_t *)"Allocation Mismatch"; + reason = "Allocation Mismatch"; break; case 438: - reason = (const uint8_t *)"Stale Nonce"; + reason = "Stale Nonce"; break; case 440: - reason = (const uint8_t *)"Address Family not Supported"; + reason = "Address Family not Supported"; break; case 441: - reason = (const uint8_t *)"Wrong Credentials"; + reason = "Wrong Credentials"; break; case 442: - reason = (const uint8_t *)"Unsupported Transport Protocol"; + reason = "Unsupported Transport Protocol"; break; case 443: - reason = (const uint8_t *)"Peer Address Family Mismatch"; + reason = "Peer Address Family Mismatch"; break; case 446: - reason = (const uint8_t *)"Connection Already Exists"; + reason = "Connection Already Exists"; break; case 447: - reason = (const uint8_t *)"Connection Timeout or Failure"; + reason = "Connection Timeout or Failure"; break; case 486: - reason = (const uint8_t *)"Allocation Quota Reached"; + reason = "Allocation Quota Reached"; break; case 487: - reason = (const uint8_t *)"Role Conflict"; + reason = "Role Conflict"; break; case 500: - reason = (const uint8_t *)"Server Error"; + reason = "Server Error"; break; case 508: - reason = (const uint8_t *)"Insufficient Capacity"; + reason = "Insufficient Capacity"; break; default:; }; - return reason; + return (const uint8_t *)reason; } static void stun_init_error_response_common_str(uint8_t *buf, size_t *len, uint16_t error_code, const uint8_t *reason, @@ -803,11 +799,11 @@ void stun_init_error_response_str(uint16_t method, uint8_t *buf, size_t *len, ui /////////// CHANNEL //////////////////////////////////////////////// -int stun_init_channel_message_str(uint16_t chnumber, uint8_t *buf, size_t *len, int length, int do_padding) { +bool stun_init_channel_message_str(uint16_t chnumber, uint8_t *buf, size_t *len, int length, bool do_padding) { uint16_t rlen = (uint16_t)length; if (length < 0 || (MAX_STUN_MESSAGE_SIZE < (4 + length))) { - return -1; + return false; } ((uint16_t *)(buf))[0] = nswap16(chnumber); ((uint16_t *)(buf))[1] = nswap16((uint16_t)length); @@ -818,20 +814,20 @@ int stun_init_channel_message_str(uint16_t chnumber, uint8_t *buf, size_t *len, *len = 4 + rlen; - return 0; + return true; } -int stun_is_channel_message_str(const uint8_t *buf, size_t *blen, uint16_t *chnumber, int mandatory_padding) { +bool stun_is_channel_message_str(const uint8_t *buf, size_t *blen, uint16_t *chnumber, bool mandatory_padding) { uint16_t datalen_header; uint16_t datalen_actual; if (!blen || (*blen < 4)) { - return 0; + return false; } uint16_t chn = nswap16(((const uint16_t *)(buf))[0]); if (!STUN_VALID_CHANNEL(chn)) { - return 0; + return false; } if (*blen > (uint16_t)-1) { @@ -843,7 +839,7 @@ int stun_is_channel_message_str(const uint8_t *buf, size_t *blen, uint16_t *chnu datalen_header = nswap16(datalen_header); if (datalen_header > datalen_actual) { - return 0; + return false; } if (datalen_header != datalen_actual) { @@ -853,13 +849,13 @@ int stun_is_channel_message_str(const uint8_t *buf, size_t *blen, uint16_t *chnu if (datalen_actual & 0x0003) { if (mandatory_padding) { - return 0; + return false; } else if (datalen_header == 0) { - return 0; + return false; } else { uint16_t diff = datalen_actual - datalen_header; if (diff > 3) { - return 0; + return false; } } } @@ -871,36 +867,35 @@ int stun_is_channel_message_str(const uint8_t *buf, size_t *blen, uint16_t *chnu *chnumber = chn; } - return 1; + return true; } ////////// STUN message /////////////////////////////// -static inline int sheadof(const char *head, const char *full, int ignore_case) { +static inline bool sheadof(const char *head, const char *full, bool ignore_case) { while (*head) { if (*head != *full) { if (ignore_case && (tolower((int)*head) == tolower((int)*full))) { // OK } else { - return 0; + return false; } } ++head; ++full; } - return 1; + return true; } -static inline const char *findstr(const char *hay, size_t slen, const char *needle, int ignore_case) { +static inline const char *findstr(const char *hay, size_t slen, const char *needle, bool ignore_case) { const char *ret = NULL; if (hay && slen && needle) { size_t nlen = strlen(needle); if (nlen <= slen) { size_t smax = slen - nlen + 1; - size_t i; const char *sp = hay; - for (i = 0; i < smax; ++i) { + for (size_t i = 0; i < smax; ++i) { if (sheadof(needle, sp + i, ignore_case)) { ret = sp + i; break; @@ -912,20 +907,20 @@ static inline const char *findstr(const char *hay, size_t slen, const char *need return ret; } -static inline int is_http_inline(const char *s, size_t blen) { +int is_http(const char *s, size_t blen) { if (s && blen >= 12) { if ((strstr(s, "GET ") == s) || (strstr(s, "POST ") == s) || (strstr(s, "DELETE ") == s) || (strstr(s, "PUT ") == s)) { - const char *sp = findstr(s + 4, blen - 4, " HTTP/", 0); + const char *sp = findstr(s + 4, blen - 4, " HTTP/", false); if (sp) { sp += 6; size_t diff_blen = sp - s; if (diff_blen + 4 <= blen) { - sp = findstr(sp, blen - diff_blen, "\r\n\r\n", 0); + sp = findstr(sp, blen - diff_blen, "\r\n\r\n", false); if (sp) { int ret_len = (int)(sp - s + 4); const char *clheader = "content-length: "; - const char *cl = findstr(s, sp - s, clheader, 1); + const char *cl = findstr(s, sp - s, clheader, true); if (cl) { unsigned long clen = strtoul(cl + strlen(clheader), NULL, 10); if (clen > 0 && clen < (0x0FFFFFFF)) { @@ -941,8 +936,6 @@ static inline int is_http_inline(const char *s, size_t blen) { return 0; } -int is_http(const char *s, size_t blen) { return is_http_inline(s, blen); } - int stun_get_message_len_str(uint8_t *buf, size_t blen, int padding, size_t *app_len) { if (buf && blen) { /* STUN request/response ? */ @@ -965,7 +958,7 @@ int stun_get_message_len_str(uint8_t *buf, size_t blen, int padding, size_t *app // HTTP request ? { - int http_len = is_http_inline(((char *)buf), blen); + int http_len = is_http(((char *)buf), blen); if ((http_len > 0) && ((size_t)http_len <= blen)) { *app_len = (size_t)http_len; return http_len; @@ -997,8 +990,8 @@ int stun_get_message_len_str(uint8_t *buf, size_t blen, int padding, size_t *app ////////// ALLOCATE /////////////////////////////////// -int stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, int af4, int af6, uint8_t transport, - int mobile, const char *rt, int ep) { +bool stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, bool af4, bool af6, uint8_t transport, + bool mobile, const char *rt, int ep) { stun_init_request_str(STUN_METHOD_ALLOCATE, buf, len); @@ -1009,8 +1002,8 @@ int stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, field[1] = 0; field[2] = 0; field[3] = 0; - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_REQUESTED_TRANSPORT, field, sizeof(field)) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_REQUESTED_TRANSPORT, field, sizeof(field))) { + return false; } } @@ -1020,22 +1013,22 @@ int stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, lifetime = STUN_DEFAULT_ALLOCATE_LIFETIME; } uint32_t field = nswap32(lifetime); - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_LIFETIME, (uint8_t *)(&field), sizeof(field)) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_LIFETIME, (uint8_t *)(&field), sizeof(field))) { + return false; } } // MICE if (mobile) { - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_MOBILITY_TICKET, (const uint8_t *)"", 0) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_MOBILITY_TICKET, (const uint8_t *)"", 0)) { + return false; } } if (ep > -1) { uint8_t value = ep ? 0x80 : 0x00; - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_EVEN_PORT, (const uint8_t *)&value, 1) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_EVEN_PORT, (const uint8_t *)&value, 1)) { + return false; } } @@ -1053,8 +1046,8 @@ int stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, field[1] = 0; field[2] = 0; field[3] = 0; - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY, field, sizeof(field)) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY, field, sizeof(field))) { + return false; } } @@ -1064,8 +1057,8 @@ int stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, field[1] = 0; field[2] = 0; field[3] = 0; - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY, field, sizeof(field)) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY, field, sizeof(field))) { + return false; } } @@ -1075,39 +1068,39 @@ int stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, field[1] = 0; field[2] = 0; field[3] = 0; - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_ADDITIONAL_ADDRESS_FAMILY, field, sizeof(field)) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_ADDITIONAL_ADDRESS_FAMILY, field, sizeof(field))) { + return false; } } } - return 0; + return true; } -int stun_set_allocate_response_str(uint8_t *buf, size_t *len, stun_tid *tid, const ioa_addr *relayed_addr1, - const ioa_addr *relayed_addr2, const ioa_addr *reflexive_addr, uint32_t lifetime, - uint32_t max_lifetime, int error_code, const uint8_t *reason, - uint64_t reservation_token, char *mobile_id) { +bool stun_set_allocate_response_str(uint8_t *buf, size_t *len, stun_tid *tid, const ioa_addr *relayed_addr1, + const ioa_addr *relayed_addr2, const ioa_addr *reflexive_addr, uint32_t lifetime, + uint32_t max_lifetime, int error_code, const uint8_t *reason, + uint64_t reservation_token, char *mobile_id) { if (!error_code) { stun_init_success_response_str(STUN_METHOD_ALLOCATE, buf, len, tid); if (relayed_addr1) { - if (stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_RELAYED_ADDRESS, relayed_addr1) < 0) { - return -1; + if (!stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_RELAYED_ADDRESS, relayed_addr1)) { + return false; } } if (relayed_addr2) { - if (stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_RELAYED_ADDRESS, relayed_addr2) < 0) { - return -1; + if (!stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_RELAYED_ADDRESS, relayed_addr2)) { + return false; } } if (reflexive_addr) { - if (stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, reflexive_addr) < 0) { - return -1; + if (!stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, reflexive_addr)) { + return false; } } @@ -1124,15 +1117,14 @@ int stun_set_allocate_response_str(uint8_t *buf, size_t *len, stun_tid *tid, con } uint32_t field = nswap32(lifetime); - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_LIFETIME, (uint8_t *)(&field), sizeof(field)) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_LIFETIME, (uint8_t *)(&field), sizeof(field))) { + return false; } } if (mobile_id && *mobile_id) { - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_MOBILITY_TICKET, (uint8_t *)mobile_id, (int)strlen(mobile_id)) < - 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_MOBILITY_TICKET, (uint8_t *)mobile_id, (int)strlen(mobile_id))) { + return false; } } @@ -1140,7 +1132,7 @@ int stun_set_allocate_response_str(uint8_t *buf, size_t *len, stun_tid *tid, con stun_init_error_response_str(STUN_METHOD_ALLOCATE, buf, len, error_code, reason, tid); } - return 0; + return true; } /////////////// CHANNEL BIND /////////////////////////////////////// @@ -1154,7 +1146,7 @@ uint16_t stun_set_channel_bind_request_str(uint8_t *buf, size_t *len, const ioa_ stun_init_request_str(STUN_METHOD_CHANNEL_BIND, buf, len); - if (stun_attr_add_channel_number_str(buf, len, channel_number) < 0) { + if (!stun_attr_add_channel_number_str(buf, len, channel_number)) { return 0; } @@ -1162,11 +1154,11 @@ uint16_t stun_set_channel_bind_request_str(uint8_t *buf, size_t *len, const ioa_ ioa_addr ca; memset(&ca, 0, sizeof(ioa_addr)); - if (stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_PEER_ADDRESS, &ca) < 0) { + if (!stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_PEER_ADDRESS, &ca)) { return 0; } } else { - if (stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_PEER_ADDRESS, peer_addr) < 0) { + if (!stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_PEER_ADDRESS, peer_addr)) { return 0; } } @@ -1187,9 +1179,9 @@ void stun_set_channel_bind_response_str(uint8_t *buf, size_t *len, stun_tid *tid void stun_set_binding_request_str(uint8_t *buf, size_t *len) { stun_init_request_str(STUN_METHOD_BINDING, buf, len); } -int stun_set_binding_response_str(uint8_t *buf, size_t *len, stun_tid *tid, const ioa_addr *reflexive_addr, - int error_code, const uint8_t *reason, uint32_t cookie, int old_stun, - int no_stun_backward_compatibility) +bool stun_set_binding_response_str(uint8_t *buf, size_t *len, stun_tid *tid, const ioa_addr *reflexive_addr, + int error_code, const uint8_t *reason, uint32_t cookie, bool old_stun, + bool no_stun_backward_compatibility) { if (!error_code) { @@ -1199,14 +1191,14 @@ int stun_set_binding_response_str(uint8_t *buf, size_t *len, stun_tid *tid, cons old_stun_init_success_response_str(STUN_METHOD_BINDING, buf, len, tid, cookie); } if (!old_stun && reflexive_addr) { - if (stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, reflexive_addr) < 0) { - return -1; + if (!stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_XOR_MAPPED_ADDRESS, reflexive_addr)) { + return false; } } if (reflexive_addr) { if (!no_stun_backward_compatibility && - stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_MAPPED_ADDRESS, reflexive_addr) < 0) { - return -1; + !stun_attr_add_addr_str(buf, len, STUN_ATTRIBUTE_MAPPED_ADDRESS, reflexive_addr)) { + return false; } } } else if (!old_stun) { @@ -1215,73 +1207,64 @@ int stun_set_binding_response_str(uint8_t *buf, size_t *len, stun_tid *tid, cons old_stun_init_error_response_str(STUN_METHOD_BINDING, buf, len, error_code, reason, tid, cookie); } - return 0; + return true; } -int stun_is_binding_request_str(const uint8_t *buf, size_t len, size_t offset) { +bool stun_is_binding_request_str(const uint8_t *buf, size_t len, size_t offset) { if (offset < len) { buf += offset; len -= offset; if (stun_is_command_message_str(buf, len)) { if (stun_is_request_str(buf, len) && (stun_get_method_str(buf, len) == STUN_METHOD_BINDING)) { - return 1; + return true; } } } - return 0; + return false; } -int stun_is_binding_response_str(const uint8_t *buf, size_t len) { +bool stun_is_binding_response_str(const uint8_t *buf, size_t len) { if (stun_is_command_message_str(buf, len) && (stun_get_method_str(buf, len) == STUN_METHOD_BINDING)) { if (stun_is_response_str(buf, len)) { - return 1; + return true; } } - return 0; + return false; } /////////////////////////////// TID /////////////////////////////// -int stun_tid_equals(const stun_tid *id1, const stun_tid *id2) { +bool stun_tid_equals(const stun_tid *id1, const stun_tid *id2) { + if (!id1 || !id2) { + return false; + } if (id1 == id2) { - return 1; + return true; } - if (!id1) { - return 0; - } - if (!id2) { - return 0; - } - { - unsigned int i = 0; - for (i = 0; i < STUN_TID_SIZE; ++i) { - if (id1->tsx_id[i] != id2->tsx_id[i]) { - return 0; - } + for (size_t i = 0; i < STUN_TID_SIZE; ++i) { + if (id1->tsx_id[i] != id2->tsx_id[i]) { + return false; } } - return 1; + return true; } void stun_tid_cpy(stun_tid *id1, const stun_tid *id2) { - if (!id1) { + if (!id1 || !id2) { return; } - if (!id2) { - return; - } - memcpy((void *)(id1->tsx_id), (const void *)(id2->tsx_id), STUN_TID_SIZE); + memcpy(id1->tsx_id, id2->tsx_id, STUN_TID_SIZE); } static void stun_tid_string_cpy(uint8_t *s, const stun_tid *id) { if (s && id) { - memcpy(s, (const void *)(id->tsx_id), STUN_TID_SIZE); + memcpy(s, id->tsx_id, STUN_TID_SIZE); } } static void stun_tid_from_string(const uint8_t *s, stun_tid *id) { if (s && id) { - memcpy((void *)(id->tsx_id), s, STUN_TID_SIZE); + memcpy(id->tsx_id, s, STUN_TID_SIZE); } } @@ -1367,7 +1350,6 @@ int stun_get_requested_address_family(stun_attr_ref attr) { int val = ((const uint8_t *)attr)[4]; switch (val) { case STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV4: - return val; case STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6: return val; default: @@ -1413,7 +1395,7 @@ uint64_t stun_attr_get_reservation_token_value(stun_attr_ref attr) { return 0; } -int stun_attr_is_addr(stun_attr_ref attr) { +bool stun_attr_is_addr(stun_attr_ref attr) { if (attr) { switch (stun_attr_get_type(attr)) { @@ -1428,12 +1410,12 @@ int stun_attr_is_addr(stun_attr_ref attr) { case OLD_STUN_ATTRIBUTE_REFLECTED_FROM: case STUN_ATTRIBUTE_RESPONSE_ORIGIN: case STUN_ATTRIBUTE_OTHER_ADDRESS: - return 1; + return true; break; default:; }; } - return 0; + return false; } uint8_t stun_attr_get_even_port(stun_attr_ref attr) { @@ -1449,7 +1431,6 @@ uint8_t stun_attr_get_even_port(stun_attr_ref attr) { } stun_attr_ref stun_attr_get_first_by_type_str(const uint8_t *buf, size_t len, uint16_t attr_type) { - stun_attr_ref attr = stun_attr_get_first_str(buf, len); while (attr) { if (stun_attr_get_type(attr) == attr_type) { @@ -1462,7 +1443,6 @@ stun_attr_ref stun_attr_get_first_by_type_str(const uint8_t *buf, size_t len, ui } static stun_attr_ref stun_attr_check_valid(stun_attr_ref attr, size_t remaining) { - if (remaining >= 4) { /* Read the size of the attribute */ size_t attrlen = stun_attr_get_len(attr); @@ -1484,7 +1464,6 @@ static stun_attr_ref stun_attr_check_valid(stun_attr_ref attr, size_t remaining) } stun_attr_ref stun_attr_get_first_str(const uint8_t *buf, size_t len) { - int bufLen = stun_get_command_message_len_str(buf, len); if (bufLen > STUN_HEADER_LENGTH) { stun_attr_ref attr = (stun_attr_ref)(buf + STUN_HEADER_LENGTH); @@ -1495,7 +1474,6 @@ stun_attr_ref stun_attr_get_first_str(const uint8_t *buf, size_t len) { } stun_attr_ref stun_attr_get_next_str(const uint8_t *buf, size_t len, stun_attr_ref prev) { - if (!prev) { return stun_attr_get_first_str(buf, len); } else { @@ -1514,7 +1492,7 @@ stun_attr_ref stun_attr_get_next_str(const uint8_t *buf, size_t len, stun_attr_r } } -int stun_attr_add_str(uint8_t *buf, size_t *len, uint16_t attr, const uint8_t *avalue, int alen) { +bool stun_attr_add_str(uint8_t *buf, size_t *len, uint16_t attr, const uint8_t *avalue, int alen) { if (alen < 0) { alen = 0; } @@ -1531,30 +1509,31 @@ int stun_attr_add_str(uint8_t *buf, size_t *len, uint16_t attr, const uint8_t *a paddinglen = 4 - newlenrem4; newlen = newlen + paddinglen; } + if (newlen >= MAX_STUN_MESSAGE_SIZE) { - return -1; - } else { - uint8_t *attr_start = buf + clen; - - uint16_t *attr_start_16t = (uint16_t *)attr_start; - - stun_set_command_message_len_str(buf, newlen); - *len = newlen; - - attr_start_16t[0] = nswap16(attr); - attr_start_16t[1] = nswap16(alen); - if (alen > 0) { - memcpy(attr_start + 4, avalue, alen); - } - - // Write 0 padding to not leak data - memset(attr_start + 4 + alen, 0, paddinglen); - - return 0; + return false; } + + uint8_t *attr_start = buf + clen; + + uint16_t *attr_start_16t = (uint16_t *)attr_start; + + stun_set_command_message_len_str(buf, newlen); + *len = newlen; + + attr_start_16t[0] = nswap16(attr); + attr_start_16t[1] = nswap16(alen); + if (alen > 0) { + memcpy(attr_start + 4, avalue, alen); + } + + // Write 0 padding to not leak data + memset(attr_start + 4 + alen, 0, paddinglen); + + return true; } -int stun_attr_add_addr_str(uint8_t *buf, size_t *len, uint16_t attr_type, const ioa_addr *ca) { +bool stun_attr_add_addr_str(uint8_t *buf, size_t *len, uint16_t attr_type, const ioa_addr *ca) { stun_tid tid; stun_tid_from_message_str(buf, *len, &tid); @@ -1575,19 +1554,18 @@ int stun_attr_add_addr_str(uint8_t *buf, size_t *len, uint16_t attr_type, const uint8_t cfield[64]; int clen = 0; if (stun_addr_encode(&public_addr, cfield, &clen, xor_ed, STUN_MAGIC_COOKIE, tid.tsx_id) < 0) { - return -1; + return false; } - if (stun_attr_add_str(buf, len, attr_type, (uint8_t *)(&cfield), clen) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, attr_type, (uint8_t *)(&cfield), clen)) { + return false; } - return 0; + return true; } -int stun_attr_get_addr_str(const uint8_t *buf, size_t len, stun_attr_ref attr, ioa_addr *ca, - const ioa_addr *default_addr) { - +bool stun_attr_get_addr_str(const uint8_t *buf, size_t len, stun_attr_ref attr, ioa_addr *ca, + const ioa_addr *default_addr) { stun_tid tid; stun_tid_from_message_str(buf, len, &tid); ioa_addr public_addr; @@ -1597,7 +1575,7 @@ int stun_attr_get_addr_str(const uint8_t *buf, size_t len, stun_attr_ref attr, i int attr_type = stun_attr_get_type(attr); if (attr_type < 0) { - return -1; + return false; } int xor_ed = 0; @@ -1612,11 +1590,11 @@ int stun_attr_get_addr_str(const uint8_t *buf, size_t len, stun_attr_ref attr, i const uint8_t *cfield = stun_attr_get_value(attr); if (!cfield) { - return -1; + return false; } if (stun_addr_decode(&public_addr, cfield, stun_attr_get_len(attr), xor_ed, STUN_MAGIC_COOKIE, tid.tsx_id) < 0) { - return -1; + return false; } map_addr_from_public_to_private(&public_addr, ca); @@ -1627,27 +1605,26 @@ int stun_attr_get_addr_str(const uint8_t *buf, size_t len, stun_attr_ref attr, i addr_set_port(ca, port); } - return 0; + return true; } -int stun_attr_get_first_addr_str(const uint8_t *buf, size_t len, uint16_t attr_type, ioa_addr *ca, - const ioa_addr *default_addr) { - +bool stun_attr_get_first_addr_str(const uint8_t *buf, size_t len, uint16_t attr_type, ioa_addr *ca, + const ioa_addr *default_addr) { stun_attr_ref attr = stun_attr_get_first_str(buf, len); while (attr) { if (stun_attr_is_addr(attr) && (attr_type == stun_attr_get_type(attr))) { - if (stun_attr_get_addr_str(buf, len, attr, ca, default_addr) == 0) { - return 0; + if (stun_attr_get_addr_str(buf, len, attr, ca, default_addr)) { + return true; } } attr = stun_attr_get_next_str(buf, len, attr); } - return -1; + return false; } -int stun_attr_add_channel_number_str(uint8_t *buf, size_t *len, uint16_t chnumber) { +bool stun_attr_add_channel_number_str(uint8_t *buf, size_t *len, uint16_t chnumber) { uint16_t field[2]; field[0] = nswap16(chnumber); @@ -1656,7 +1633,7 @@ int stun_attr_add_channel_number_str(uint8_t *buf, size_t *len, uint16_t chnumbe return stun_attr_add_str(buf, len, STUN_ATTRIBUTE_CHANNEL_NUMBER, (uint8_t *)(field), sizeof(field)); } -int stun_attr_add_bandwidth_str(uint8_t *buf, size_t *len, band_limit_t bps0) { +bool stun_attr_add_bandwidth_str(uint8_t *buf, size_t *len, band_limit_t bps0) { uint32_t bps = (uint32_t)(band_limit_t)(bps0 >> 7); @@ -1665,7 +1642,7 @@ int stun_attr_add_bandwidth_str(uint8_t *buf, size_t *len, band_limit_t bps0) { return stun_attr_add_str(buf, len, STUN_ATTRIBUTE_NEW_BANDWIDTH, (uint8_t *)(&field), sizeof(field)); } -int stun_attr_add_address_error_code(uint8_t *buf, size_t *len, int requested_address_family, int error_code) { +bool stun_attr_add_address_error_code(uint8_t *buf, size_t *len, int requested_address_family, int error_code) { const uint8_t *reason = get_default_reason(error_code); uint8_t avalue[513]; @@ -1685,40 +1662,7 @@ int stun_attr_add_address_error_code(uint8_t *buf, size_t *len, int requested_ad } } - stun_attr_add_str(buf, len, STUN_ATTRIBUTE_ADDRESS_ERROR_CODE, (uint8_t *)avalue, alen); - - return 0; -} - -int stun_attr_get_address_error_code(uint8_t *buf, size_t len, int *requested_address_family, int *error_code) { - if (requested_address_family) { - *requested_address_family = 0; - } - if (error_code) { - *error_code = 0; - } - if (buf && len) { - stun_attr_ref sar = stun_attr_get_first_by_type_str(buf, len, STUN_ATTRIBUTE_ADDRESS_ERROR_CODE); - if (sar) { - const uint8_t *value = stun_attr_get_value(sar); - if (!value) { - return -1; - } else { - int alen = stun_attr_get_len(sar); - if (alen != 4) { - return -1; - } - if (requested_address_family) { - *requested_address_family = value[0]; - } - if (error_code) { - *error_code = (int)(value[2] * 100 + value[3]); - } - return 0; - } - } - } - return 0; + return stun_attr_add_str(buf, len, STUN_ATTRIBUTE_ADDRESS_ERROR_CODE, (uint8_t *)avalue, alen); } uint16_t stun_attr_get_first_channel_number_str(const uint8_t *buf, size_t len) { @@ -1739,12 +1683,14 @@ uint16_t stun_attr_get_first_channel_number_str(const uint8_t *buf, size_t len) ////////////// FINGERPRINT //////////////////////////// -int stun_attr_add_fingerprint_str(uint8_t *buf, size_t *len) { +bool stun_attr_add_fingerprint_str(uint8_t *buf, size_t *len) { uint32_t crc32 = 0; - stun_attr_add_str(buf, len, STUN_ATTRIBUTE_FINGERPRINT, (uint8_t *)&crc32, 4); + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_FINGERPRINT, (uint8_t *)&crc32, 4)) { + return false; + } crc32 = ns_crc32(buf, (int)*len - 8); *((uint32_t *)(buf + *len - 4)) = nswap32(crc32 ^ ((uint32_t)FINGERPRINT_XOR)); - return 0; + return true; } ////////////// CRC /////////////////////////////////////////////// @@ -1784,30 +1730,6 @@ static const uint32_t crctable[256] = { 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d, }; -/* - -#define CRCPOLY 0xEDB88320UL -reversed 0x04C11DB7 -1110 1101 1001 1000 1000 0011 0010 0000 - -static void make_crctable(void) -{ - uint i, j; - uint32_t r; - - for (i = 0; i < 256; ++i) { - r = i; - for (j = 8; j > 0; --j) { - if (r & 1) - r = (r >> 1) ^ CRCPOLY; - else - r >>= 1; - } - crctable[i] = r; - } -} -*/ - static uint32_t ns_crc32(const uint8_t *buffer, uint32_t len) { uint32_t crc = CRC_MASK; while (len--) { @@ -1820,7 +1742,7 @@ static uint32_t ns_crc32(const uint8_t *buffer, uint32_t len) { /* We support only basic ASCII table */ -int SASLprep(uint8_t *s) { +bool SASLprep(uint8_t *s) { if (s) { uint8_t *strin = s; uint8_t *strout = s; @@ -1842,13 +1764,13 @@ int SASLprep(uint8_t *s) { ++strin; break; case 0x7F: - return -1; + return false; default: if (c < 0x1F) { - return -1; + return false; } if (c >= 0x80 && c <= 0x9F) { - return -1; + return false; } *strout = c; ++strout; @@ -1857,7 +1779,7 @@ int SASLprep(uint8_t *s) { } } - return 0; + return true; } //////////////// Message Integrity //////////////////////////// @@ -1877,15 +1799,14 @@ size_t get_hmackey_size(SHATYPE shatype) { void print_bin_func(const char *name, size_t len, const void *s, const char *func) { printf("<%s>:<%s>:len=%d:[", func, name, (int)len); - size_t i; - for (i = 0; i < len; i++) { + for (size_t i = 0; i < len; i++) { printf("%02x", (int)((const uint8_t *)s)[i]); } printf("]\n"); } -int stun_attr_add_integrity_str(turn_credential_type ct, uint8_t *buf, size_t *len, hmackey_t key, password_t pwd, - SHATYPE shatype) { +bool stun_attr_add_integrity_str(turn_credential_type ct, uint8_t *buf, size_t *len, hmackey_t key, password_t pwd, + SHATYPE shatype) { uint8_t hmac[MAXSHASIZE]; unsigned int shasize; @@ -1904,91 +1825,70 @@ int stun_attr_add_integrity_str(turn_credential_type ct, uint8_t *buf, size_t *l shasize = SHA1SIZEBYTES; }; - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_MESSAGE_INTEGRITY, hmac, shasize) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_MESSAGE_INTEGRITY, hmac, shasize)) { + return false; } if (ct == TURN_CREDENTIALS_SHORT_TERM) { - if (stun_calculate_hmac(buf, *len - 4 - shasize, pwd, strlen((char *)pwd), buf + *len - shasize, &shasize, - shatype) < 0) { - return -1; - } + return stun_calculate_hmac(buf, *len - 4 - shasize, pwd, strlen((char *)pwd), buf + *len - shasize, &shasize, + shatype); } else { - if (stun_calculate_hmac(buf, *len - 4 - shasize, key, get_hmackey_size(shatype), buf + *len - shasize, &shasize, - shatype) < 0) { - return -1; - } + return stun_calculate_hmac(buf, *len - 4 - shasize, key, get_hmackey_size(shatype), buf + *len - shasize, &shasize, + shatype); } - - return 0; } -int stun_attr_add_integrity_by_key_str(uint8_t *buf, size_t *len, const uint8_t *uname, const uint8_t *realm, - hmackey_t key, const uint8_t *nonce, SHATYPE shatype) { - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_USERNAME, uname, (int)strlen((const char *)uname)) < 0) { - return -1; +bool stun_attr_add_integrity_by_key_str(uint8_t *buf, size_t *len, const uint8_t *uname, const uint8_t *realm, + hmackey_t key, const uint8_t *nonce, SHATYPE shatype) { + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_USERNAME, uname, (int)strlen((const char *)uname))) { + return false; } - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_NONCE, nonce, (int)strlen((const char *)nonce)) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_NONCE, nonce, (int)strlen((const char *)nonce))) { + return false; } - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_REALM, realm, (int)strlen((const char *)realm)) < 0) { - return -1; + if (!stun_attr_add_str(buf, len, STUN_ATTRIBUTE_REALM, realm, (int)strlen((const char *)realm))) { + return false; } password_t p; return stun_attr_add_integrity_str(TURN_CREDENTIALS_LONG_TERM, buf, len, key, p, shatype); } -int stun_attr_add_integrity_by_user_str(uint8_t *buf, size_t *len, const uint8_t *uname, const uint8_t *realm, - const uint8_t *upwd, const uint8_t *nonce, SHATYPE shatype) { +bool stun_attr_add_integrity_by_user_str(uint8_t *buf, size_t *len, const uint8_t *uname, const uint8_t *realm, + const uint8_t *upwd, const uint8_t *nonce, SHATYPE shatype) { hmackey_t key; - if (stun_produce_integrity_key_str(uname, realm, upwd, key, shatype) < 0) { - return -1; + if (!stun_produce_integrity_key_str(uname, realm, upwd, key, shatype)) { + return false; } return stun_attr_add_integrity_by_key_str(buf, len, uname, realm, key, nonce, shatype); } -int stun_attr_add_integrity_by_user_short_term_str(uint8_t *buf, size_t *len, const uint8_t *uname, password_t pwd, - SHATYPE shatype) { - if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_USERNAME, uname, (int)strlen((const char *)uname)) < 0) { - return -1; +bool stun_attr_add_integrity_by_user_short_term_str(uint8_t *buf, size_t *len, const uint8_t *uname, password_t pwd, + SHATYPE shatype) { + if (stun_attr_add_str(buf, len, STUN_ATTRIBUTE_USERNAME, uname, (int)strlen((const char *)uname))) { + return false; } hmackey_t key; return stun_attr_add_integrity_str(TURN_CREDENTIALS_SHORT_TERM, buf, len, key, pwd, shatype); } -void print_hmac(const char *name, const void *s, size_t len) { - printf("%s:len=%d:[", name, (int)len); - size_t i; - for (i = 0; i < len; i++) { - printf("%02x", (int)((const uint8_t *)s)[i]); - } - printf("]\n"); -} - /* * Return -1 if failure, 0 if the integrity is not correct, 1 if OK */ int stun_check_message_integrity_by_key_str(turn_credential_type ct, uint8_t *buf, size_t len, hmackey_t key, password_t pwd, SHATYPE shatype) { - int res = 0; - uint8_t new_hmac[MAXSHASIZE] = {0}; - unsigned int shasize; - const uint8_t *old_hmac = NULL; - stun_attr_ref sar = stun_attr_get_first_by_type_str(buf, len, STUN_ATTRIBUTE_MESSAGE_INTEGRITY); if (!sar) { return -1; } - int sarlen = stun_attr_get_len(sar); - - switch (sarlen) { + unsigned int shasize = 0; + switch (stun_attr_get_len(sar)) { case SHA256SIZEBYTES: shasize = SHA256SIZEBYTES; if (shatype != SHATYPE_SHA256) { @@ -2027,16 +1927,26 @@ int stun_check_message_integrity_by_key_str(turn_credential_type ct, uint8_t *bu return -1; } - if (stun_set_command_message_len_str(buf, new_len) < 0) { + if (!stun_set_command_message_len_str(buf, new_len)) { return -1; } + int res = 0; + uint8_t new_hmac[MAXSHASIZE] = {0}; if (ct == TURN_CREDENTIALS_SHORT_TERM) { - res = - stun_calculate_hmac(buf, (size_t)new_len - 4 - shasize, pwd, strlen((char *)pwd), new_hmac, &shasize, shatype); + if (!stun_calculate_hmac(buf, (size_t)new_len - 4 - shasize, pwd, strlen((char *)pwd), new_hmac, &shasize, + shatype)) { + res = -1; + } else { + res = 0; + } } else { - res = stun_calculate_hmac(buf, (size_t)new_len - 4 - shasize, key, get_hmackey_size(shatype), new_hmac, &shasize, - shatype); + if (!stun_calculate_hmac(buf, (size_t)new_len - 4 - shasize, key, get_hmackey_size(shatype), new_hmac, &shasize, + shatype)) { + res = -1; + } else { + res = 0; + } } stun_set_command_message_len_str(buf, orig_len); @@ -2044,12 +1954,12 @@ int stun_check_message_integrity_by_key_str(turn_credential_type ct, uint8_t *bu return -1; } - old_hmac = stun_attr_get_value(sar); + const uint8_t *old_hmac = stun_attr_get_value(sar); if (!old_hmac) { return -1; } - if (memcmp(old_hmac, new_hmac, shasize)) { + if (0 != memcmp(old_hmac, new_hmac, shasize)) { return 0; } @@ -2067,7 +1977,7 @@ int stun_check_message_integrity_str(turn_credential_type ct, uint8_t *buf, size if (ct == TURN_CREDENTIALS_SHORT_TERM) { strncpy((char *)pwd, (const char *)upwd, sizeof(password_t) - 1); pwd[sizeof(password_t) - 1] = 0; - } else if (stun_produce_integrity_key_str(uname, realm, upwd, key, shatype) < 0) { + } else if (!stun_produce_integrity_key_str(uname, realm, upwd, key, shatype)) { return -1; } @@ -2076,19 +1986,19 @@ int stun_check_message_integrity_str(turn_credential_type ct, uint8_t *buf, size /* RFC 5780 */ -int stun_attr_get_change_request_str(stun_attr_ref attr, int *change_ip, int *change_port) { +bool stun_attr_get_change_request_str(stun_attr_ref attr, bool *change_ip, bool *change_port) { if (stun_attr_get_len(attr) == 4) { const uint8_t *value = stun_attr_get_value(attr); if (value) { - *change_ip = (value[3] & (uint8_t)0x04); - *change_port = (value[3] & (uint8_t)0x02); - return 0; + *change_ip = (value[3] & 0x04); + *change_port = (value[3] & 0x02); + return true; } } - return -1; + return false; } -int stun_attr_add_change_request_str(uint8_t *buf, size_t *len, int change_ip, int change_port) { +bool stun_attr_add_change_request_str(uint8_t *buf, size_t *len, bool change_ip, bool change_port) { uint8_t avalue[4] = {0, 0, 0, 0}; if (change_ip) { @@ -2114,7 +2024,7 @@ int stun_attr_get_response_port_str(stun_attr_ref attr) { return -1; } -int stun_attr_add_response_port_str(uint8_t *buf, size_t *len, uint16_t port) { +bool stun_attr_add_response_port_str(uint8_t *buf, size_t *len, uint16_t port) { uint8_t avalue[4] = {0, 0, 0, 0}; uint16_t *port_ptr = (uint16_t *)avalue; @@ -2131,7 +2041,7 @@ int stun_attr_get_padding_len_str(stun_attr_ref attr) { return (uint16_t)len; } -int stun_attr_add_padding_str(uint8_t *buf, size_t *len, uint16_t padding_len) { +bool stun_attr_add_padding_str(uint8_t *buf, size_t *len, uint16_t padding_len) { uint8_t avalue[0xFFFF]; memset(avalue, 0, padding_len); @@ -2212,16 +2122,16 @@ size_t calculate_auth_key_length(ENC_ALG a) { return 0; } -int calculate_key(char *key, size_t key_size, char *new_key, size_t new_key_size); -int calculate_key(char *key, size_t key_size, char *new_key, size_t new_key_size) { +static bool calculate_key(char *key, size_t key_size, char *new_key, size_t new_key_size); +static bool calculate_key(char *key, size_t key_size, char *new_key, size_t new_key_size) { UNUSED_ARG(key_size); memcpy(new_key, key, new_key_size); - return 0; + return true; } -int convert_oauth_key_data(const oauth_key_data *oakd0, oauth_key *key, char *err_msg, size_t err_msg_size) { +bool convert_oauth_key_data(const oauth_key_data *oakd0, oauth_key *key, char *err_msg, size_t err_msg_size) { if (oakd0 && key) { oauth_key_data oakd_obj; @@ -2245,7 +2155,7 @@ int convert_oauth_key_data(const oauth_key_data *oakd0, oauth_key *key, char *er snprintf(err_msg, err_msg_size, "KID is not defined"); } OAUTH_ERROR("KID is not defined\n"); - return -1; + return false; } memset(key, 0, sizeof(oauth_key)); @@ -2283,26 +2193,26 @@ int convert_oauth_key_data(const oauth_key_data *oakd0, oauth_key *key, char *er snprintf(err_msg, err_msg_size, "Wrong oAuth token encryption algorithm: %s (2)\n", oakd->as_rs_alg); } OAUTH_ERROR("Wrong oAuth token encryption algorithm: %s (3)\n", oakd->as_rs_alg); - return -1; + return false; } #if !defined(TURN_NO_GCM) key->auth_key_size = calculate_auth_key_length(key->as_rs_alg); if (key->auth_key_size) { - if (calculate_key(key->ikm_key, key->ikm_key_size, key->auth_key, key->auth_key_size) < 0) { - return -1; + if (!calculate_key(key->ikm_key, key->ikm_key_size, key->auth_key, key->auth_key_size)) { + return false; } } key->as_rs_key_size = calculate_enc_key_length(key->as_rs_alg); - if (calculate_key(key->ikm_key, key->ikm_key_size, key->as_rs_key, key->as_rs_key_size) < 0) { - return -1; + if (!calculate_key(key->ikm_key, key->ikm_key_size, key->as_rs_key, key->as_rs_key_size)) { + return false; } #endif } - return 0; + return true; } const EVP_CIPHER *get_cipher_type(ENC_ALG enc_alg); @@ -2360,192 +2270,10 @@ int my_EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, con *outl = out_len; return 1; } - -void print_field(const char *name, const unsigned char *f, size_t len); -void print_field(const char *name, const unsigned char *f, size_t len) { - printf("\nfield %s==>>\n", name); - size_t i; - for (i = 0; i < len; ++i) { - printf("<0x%x>", (unsigned int)f[i]); - } - printf("\n<<==field %s\n", name); -} - -int encode_oauth_token_normal(const uint8_t *server_name, encoded_oauth_token *etoken, const oauth_key *key, - const oauth_token *dtoken); -int encode_oauth_token_normal(const uint8_t *server_name, encoded_oauth_token *etoken, const oauth_key *key, - const oauth_token *dtoken) { - UNUSED_ARG(server_name); - UNUSED_ARG(etoken); - UNUSED_ARG(key); - UNUSED_ARG(dtoken); - - /* - if(server_name && etoken && key && dtoken && (dtoken->enc_block.key_length<=128)) { - - unsigned char orig_field[MAX_ENCODED_OAUTH_TOKEN_SIZE]; - memset(orig_field, 0, sizeof(orig_field)); - - size_t len = 0; - *((uint16_t*)(orig_field+len)) = nswap16(dtoken->enc_block.key_length); - len +=2; - - memcpy(orig_field+len,dtoken->enc_block.mac_key,dtoken->enc_block.key_length); - len += dtoken->enc_block.key_length; - - *((uint64_t*)(orig_field+len)) = nswap64(dtoken->enc_block.timestamp); - len += 8; - - *((uint32_t*)(orig_field+len)) = nswap32(dtoken->enc_block.lifetime); - len += 4; - - const EVP_CIPHER * cipher = get_cipher_type(key->as_rs_alg); - if(!cipher) - return -1; - - unsigned char *encoded_field = (unsigned char*)etoken->token; - - EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - EVP_EncryptInit_ex(&ctx, cipher, NULL, (const unsigned char *)key->as_rs_key, NULL); - EVP_CIPHER_CTX_set_padding(&ctx,1); - int outl=0; - my_EVP_EncryptUpdate(&ctx, encoded_field, &outl, orig_field, (int)len); - if(outl % OAUTH_ENC_ALG_BLOCK_SIZE) { - int tmp_outl = 0; - EVP_EncryptFinal_ex(&ctx, encoded_field + outl, &tmp_outl); - outl += tmp_outl; - } - - EVP_CIPHER_CTX_cleanup(&ctx); - - size_t sn_len = strlen((const char*)server_name); - memcpy(encoded_field+outl,server_name,sn_len); - outl += sn_len; - - const EVP_MD *md = get_auth_type(key->auth_alg); - if(!md) - return -1; - - unsigned int hmac_len = EVP_MD_size(md); - if (!HMAC(md, key->auth_key, key->auth_key_size, encoded_field, outl, encoded_field + outl, &hmac_len)) { - return -1; - } - - update_hmac_len(key->auth_alg, &hmac_len); - - memcpy(encoded_field + outl - sn_len, encoded_field + outl, hmac_len); - outl -= sn_len; - outl += hmac_len; //encoded+hmac - - etoken->size = outl; - - return 0; - } - */ - return -1; -} - -int decode_oauth_token_normal(const uint8_t *server_name, const encoded_oauth_token *etoken, const oauth_key *key, - oauth_token *dtoken); -int decode_oauth_token_normal(const uint8_t *server_name, const encoded_oauth_token *etoken, const oauth_key *key, - oauth_token *dtoken) { - UNUSED_ARG(server_name); - UNUSED_ARG(etoken); - UNUSED_ARG(key); - UNUSED_ARG(dtoken); - - /* - if(server_name && etoken && key && dtoken) { - - size_t mac_size = calculate_auth_output_length(key->auth_alg); - size_t min_encoded_field_size = 2+4+8+1; - if(etoken->size < mac_size+min_encoded_field_size) { - OAUTH_ERROR("%s: token size too small: %d, mac_size=%d, - min_encoded_field_size=%d\n",__FUNCTION__,(int)etoken->size,(int)mac_size,(int)min_encoded_field_size); return -1; - } - - const unsigned char* encoded_field = (const unsigned char*)etoken->token; - unsigned int encoded_field_size = (unsigned int)etoken->size-mac_size; - const unsigned char* mac = ((const unsigned char*)etoken->token) + etoken->size - mac_size; - - { - const EVP_MD *md = get_auth_type(key->auth_alg); - if(!md) - return -1; - unsigned int hmac_len = EVP_MD_size(md); - update_hmac_len(key->auth_alg,&hmac_len); - if(hmac_len != mac_size) { - OAUTH_ERROR("%s: mac size is wrong: %d, must be %d\n",__FUNCTION__,(int)mac_size,(int)hmac_len); - return -1; - } - unsigned char efield[MAX_ENCODED_OAUTH_TOKEN_SIZE]; - unsigned char check_mac[MAXSHASIZE]; - memcpy(efield,encoded_field,encoded_field_size); - size_t sn_len = strlen((const char*)server_name); - memcpy(efield+encoded_field_size,server_name,sn_len); - if (!HMAC(md, key->auth_key, key->auth_key_size, efield, encoded_field_size+sn_len, check_mac, &hmac_len)) - { return -1; - } - - if(memcmp(check_mac,mac,mac_size)) { - OAUTH_ERROR("%s: token integrity check failed\n",__FUNCTION__); - return -1; - } - } - - unsigned char decoded_field[MAX_ENCODED_OAUTH_TOKEN_SIZE]; - - const EVP_CIPHER * cipher = get_cipher_type(key->as_rs_alg); - if(!cipher) - return -1; - - EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - EVP_DecryptInit_ex(&ctx, cipher, NULL, (const unsigned char *)key->as_rs_key, NULL); - EVP_CIPHER_CTX_set_padding(&ctx,1); - int outl=0; - my_EVP_DecryptUpdate(&ctx, decoded_field, &outl, encoded_field, (int)encoded_field_size); - - int tmp_outl = 0; - EVP_DecryptFinal_ex(&ctx, decoded_field + outl, &tmp_outl); - outl += tmp_outl; - - EVP_CIPHER_CTX_cleanup(&ctx); - - size_t len = 0; - - dtoken->enc_block.key_length = nswap16(*((uint16_t*)(decoded_field+len))); - len += 2; - - memcpy(dtoken->enc_block.mac_key,decoded_field+len,dtoken->enc_block.key_length); - len += dtoken->enc_block.key_length; - - dtoken->enc_block.timestamp = nswap64(*((uint64_t*)(decoded_field+len))); - len += 8; - - dtoken->enc_block.lifetime = nswap32(*((uint32_t*)(decoded_field+len))); - len += 4; - - return 0; - } - */ - return -1; -} - -static void generate_random_nonce(unsigned char *nonce, size_t sz) { - if (!RAND_bytes(nonce, (int)sz)) { - size_t i; - for (i = 0; i < sz; ++i) { - nonce[i] = (unsigned char)turn_random_number(); - } - } -} - #if !defined(TURN_NO_GCM) -static int encode_oauth_token_gcm(const uint8_t *server_name, encoded_oauth_token *etoken, const oauth_key *key, - const oauth_token *dtoken, const uint8_t *nonce0) { +static bool encode_oauth_token_gcm(const uint8_t *server_name, encoded_oauth_token *etoken, const oauth_key *key, + const oauth_token *dtoken, const uint8_t *nonce0) { if (server_name && etoken && key && dtoken && (dtoken->enc_block.key_length <= MAXSHASIZE)) { unsigned char orig_field[MAX_ENCODED_OAUTH_TOKEN_SIZE]; @@ -2581,7 +2309,7 @@ static int encode_oauth_token_gcm(const uint8_t *server_name, encoded_oauth_toke const EVP_CIPHER *cipher = get_cipher_type(key->as_rs_alg); if (!cipher) { - return -1; + return false; } #if OPENSSL_VERSION_NUMBER < 0x10100000L @@ -2601,12 +2329,12 @@ static int encode_oauth_token_gcm(const uint8_t *server_name, encoded_oauth_toke /* Set IV length if default 12 bytes (96 bits) is not appropriate */ if (1 != EVP_CIPHER_CTX_ctrl(ctxp, EVP_CTRL_GCM_SET_IVLEN, OAUTH_GCM_NONCE_SIZE, NULL)) { - return -1; + return false; } /* Initialize key and IV */ if (1 != EVP_EncryptInit_ex(ctxp, NULL, NULL, (const unsigned char *)key->as_rs_key, nonce)) { - return -1; + return false; } int outl = 0; @@ -2616,7 +2344,7 @@ static int encode_oauth_token_gcm(const uint8_t *server_name, encoded_oauth_toke * required */ if (1 != my_EVP_EncryptUpdate(ctxp, NULL, &outl, server_name, (int)sn_len)) { - return -1; + return false; } outl = 0; @@ -2645,13 +2373,13 @@ static int encode_oauth_token_gcm(const uint8_t *server_name, encoded_oauth_toke EVP_CIPHER_CTX_free(ctxp); #endif - return 0; + return true; } - return -1; + return false; } -static int decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oauth_token *etoken, const oauth_key *key, - oauth_token *dtoken) { +static bool decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oauth_token *etoken, const oauth_key *key, + oauth_token *dtoken) { if (server_name && etoken && key && dtoken) { unsigned char snl[2]; @@ -2664,7 +2392,7 @@ static int decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oaut size_t min_encoded_field_size = 2 + 4 + 8 + nonce_len + 2 + OAUTH_GCM_TAG_SIZE + 1; if (etoken->size < min_encoded_field_size) { OAUTH_ERROR("%s: token size too small: %d\n", __FUNCTION__, (int)etoken->size); - return -1; + return false; } const unsigned char *encoded_field = (const unsigned char *)(etoken->token + nonce_len + 2); @@ -2680,7 +2408,7 @@ static int decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oaut const EVP_CIPHER *cipher = get_cipher_type(key->as_rs_alg); if (!cipher) { OAUTH_ERROR("%s: Cannot find cipher for algorithm: %d\n", __FUNCTION__, (int)key->as_rs_alg); - return -1; + return false; } #if OPENSSL_VERSION_NUMBER < 0x10100000L @@ -2693,7 +2421,7 @@ static int decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oaut /* Initialize the decryption operation. */ if (1 != EVP_DecryptInit_ex(ctxp, cipher, NULL, NULL, NULL)) { OAUTH_ERROR("%s: Cannot initialize decryption\n", __FUNCTION__); - return -1; + return false; } // EVP_CIPHER_CTX_set_padding(&ctx,1); @@ -2701,13 +2429,13 @@ static int decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oaut /* Set IV length if default 12 bytes (96 bits) is not appropriate */ if (1 != EVP_CIPHER_CTX_ctrl(ctxp, EVP_CTRL_GCM_SET_IVLEN, nonce_len, NULL)) { OAUTH_ERROR("%s: Cannot set nonce length\n", __FUNCTION__); - return -1; + return false; } /* Initialize key and IV */ if (1 != EVP_DecryptInit_ex(ctxp, NULL, NULL, (const unsigned char *)key->as_rs_key, nonce)) { OAUTH_ERROR("%s: Cannot set nonce\n", __FUNCTION__); - return -1; + return false; } /* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier @@ -2722,11 +2450,11 @@ static int decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oaut */ if (1 != my_EVP_DecryptUpdate(ctxp, NULL, &outl, server_name, (int)sn_len)) { OAUTH_ERROR("%s: Cannot decrypt update server_name: %s, len=%d\n", __FUNCTION__, server_name, (int)sn_len); - return -1; + return false; } if (1 != my_EVP_DecryptUpdate(ctxp, decoded_field, &outl, encoded_field, (int)encoded_field_size)) { OAUTH_ERROR("%s: Cannot decrypt update\n", __FUNCTION__); - return -1; + return false; } int tmp_outl = 0; @@ -2737,7 +2465,7 @@ static int decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oaut EVP_CIPHER_CTX_free(ctxp); #endif OAUTH_ERROR("%s: token integrity check failed\n", __FUNCTION__); - return -1; + return false; } outl += tmp_outl; @@ -2765,15 +2493,15 @@ static int decode_oauth_token_gcm(const uint8_t *server_name, const encoded_oaut dtoken->enc_block.lifetime = nswap32(lt); len += sizeof(lt); - return 0; + return true; } - return -1; + return false; } #endif -int encode_oauth_token(const uint8_t *server_name, encoded_oauth_token *etoken, const oauth_key *key, - const oauth_token *dtoken, const uint8_t *nonce) { +bool encode_oauth_token(const uint8_t *server_name, encoded_oauth_token *etoken, const oauth_key *key, + const oauth_token *dtoken, const uint8_t *nonce) { UNUSED_ARG(nonce); if (server_name && etoken && key && dtoken) { switch (key->as_rs_alg) { @@ -2787,11 +2515,11 @@ int encode_oauth_token(const uint8_t *server_name, encoded_oauth_token *etoken, break; }; } - return -1; + return false; } -int decode_oauth_token(const uint8_t *server_name, const encoded_oauth_token *etoken, const oauth_key *key, - oauth_token *dtoken) { +bool decode_oauth_token(const uint8_t *server_name, const encoded_oauth_token *etoken, const oauth_key *key, + oauth_token *dtoken) { if (server_name && etoken && key && dtoken) { switch (key->as_rs_alg) { #if !defined(TURN_NO_GCM) @@ -2804,7 +2532,7 @@ int decode_oauth_token(const uint8_t *server_name, const encoded_oauth_token *et break; }; } - return -1; + return false; } /////////////////////////////////////////////////////////////// diff --git a/src/client/ns_turn_msg.h b/src/client/ns_turn_msg.h index cee053d..160d4e8 100644 --- a/src/client/ns_turn_msg.h +++ b/src/client/ns_turn_msg.h @@ -35,6 +35,8 @@ #include "ns_turn_ioaddr.h" #include "ns_turn_msg_defs.h" +#include + #ifdef __cplusplus extern "C" { #endif @@ -73,7 +75,7 @@ typedef const void *stun_attr_ref; ////////////////////////////////////////////////////////////// -int stun_tid_equals(const stun_tid *id1, const stun_tid *id2); +bool stun_tid_equals(const stun_tid *id1, const stun_tid *id2); void stun_tid_cpy(stun_tid *id_dst, const stun_tid *id_src); void stun_tid_generate(stun_tid *id); @@ -107,31 +109,31 @@ void stun_init_error_response_str(uint16_t method, uint8_t *buf, size_t *len, ui const uint8_t *reason, stun_tid *id); void old_stun_init_error_response_str(uint16_t method, uint8_t *buf, size_t *len, uint16_t error_code, const uint8_t *reason, stun_tid *id, uint32_t cookie); -int stun_init_channel_message_str(uint16_t chnumber, uint8_t *buf, size_t *len, int length, int do_padding); +bool stun_init_channel_message_str(uint16_t chnumber, uint8_t *buf, size_t *len, int length, bool do_padding); -int stun_is_command_message_str(const uint8_t *buf, size_t blen); -int old_stun_is_command_message_str(const uint8_t *buf, size_t blen, uint32_t *cookie); -int stun_is_command_message_full_check_str(const uint8_t *buf, size_t blen, int must_check_fingerprint, - int *fingerprint_present); -int stun_is_command_message_offset_str(const uint8_t *buf, size_t blen, int offset); -int stun_is_request_str(const uint8_t *buf, size_t len); -int stun_is_success_response_str(const uint8_t *buf, size_t len); -int stun_is_error_response_str(const uint8_t *buf, size_t len, int *err_code, uint8_t *err_msg, size_t err_msg_size); -int stun_is_challenge_response_str(const uint8_t *buf, size_t len, int *err_code, uint8_t *err_msg, size_t err_msg_size, - uint8_t *realm, uint8_t *nonce, uint8_t *server_name, int *oauth); -int stun_is_response_str(const uint8_t *buf, size_t len); -int stun_is_indication_str(const uint8_t *buf, size_t len); +bool stun_is_command_message_str(const uint8_t *buf, size_t blen); +bool old_stun_is_command_message_str(const uint8_t *buf, size_t blen, uint32_t *cookie); +bool stun_is_command_message_full_check_str(const uint8_t *buf, size_t blen, int must_check_fingerprint, + int *fingerprint_present); +bool stun_is_request_str(const uint8_t *buf, size_t len); +bool stun_is_success_response_str(const uint8_t *buf, size_t len); +bool stun_is_error_response_str(const uint8_t *buf, size_t len, int *err_code, uint8_t *err_msg, size_t err_msg_size); +bool stun_is_challenge_response_str(const uint8_t *buf, size_t len, int *err_code, uint8_t *err_msg, + size_t err_msg_size, uint8_t *realm, uint8_t *nonce, uint8_t *server_name, + bool *oauth); +bool stun_is_response_str(const uint8_t *buf, size_t len); +bool stun_is_indication_str(const uint8_t *buf, size_t len); uint16_t stun_get_method_str(const uint8_t *buf, size_t len); uint16_t stun_get_msg_type_str(const uint8_t *buf, size_t len); -int stun_is_channel_message_str(const uint8_t *buf, size_t *blen, uint16_t *chnumber, int mandatory_padding); -int is_channel_msg_str(const uint8_t *buf, size_t blen); +bool stun_is_channel_message_str(const uint8_t *buf, size_t *blen, uint16_t *chnumber, bool mandatory_padding); +bool is_channel_msg_str(const uint8_t *buf, size_t blen); void stun_set_binding_request_str(uint8_t *buf, size_t *len); -int stun_set_binding_response_str(uint8_t *buf, size_t *len, stun_tid *tid, const ioa_addr *reflexive_addr, - int error_code, const uint8_t *reason, uint32_t cookie, int old_stun, - int no_stun_backward_compatibility); -int stun_is_binding_request_str(const uint8_t *buf, size_t len, size_t offset); -int stun_is_binding_response_str(const uint8_t *buf, size_t len); +bool stun_set_binding_response_str(uint8_t *buf, size_t *len, stun_tid *tid, const ioa_addr *reflexive_addr, + int error_code, const uint8_t *reason, uint32_t cookie, bool old_stun, + bool no_stun_backward_compatibility); +bool stun_is_binding_request_str(const uint8_t *buf, size_t len, size_t offset); +bool stun_is_binding_response_str(const uint8_t *buf, size_t len); void stun_tid_from_message_str(const uint8_t *buf, size_t len, stun_tid *id); void stun_tid_message_cpy(uint8_t *buf, const stun_tid *id); @@ -141,7 +143,7 @@ int stun_get_command_message_len_str(const uint8_t *buf, size_t len); const uint8_t *get_default_reason(int error_code); -int stun_attr_is_addr(stun_attr_ref attr); +bool stun_attr_is_addr(stun_attr_ref attr); int stun_attr_get_type(stun_attr_ref attr); int stun_attr_get_len(stun_attr_ref attr); const uint8_t *stun_attr_get_value(stun_attr_ref attr); @@ -152,25 +154,23 @@ uint64_t stun_attr_get_reservation_token_value(stun_attr_ref attr); stun_attr_ref stun_attr_get_first_by_type_str(const uint8_t *buf, size_t len, uint16_t attr_type); stun_attr_ref stun_attr_get_first_str(const uint8_t *buf, size_t len); stun_attr_ref stun_attr_get_next_str(const uint8_t *buf, size_t len, stun_attr_ref prev); -int stun_attr_add_str(uint8_t *buf, size_t *len, uint16_t attr, const uint8_t *avalue, int alen); -int stun_attr_add_addr_str(uint8_t *buf, size_t *len, uint16_t attr_type, const ioa_addr *ca); -int stun_attr_get_addr_str(const uint8_t *buf, size_t len, stun_attr_ref attr, ioa_addr *ca, - const ioa_addr *default_addr); -int stun_attr_get_first_addr_str(const uint8_t *buf, size_t len, uint16_t attr_type, ioa_addr *ca, - const ioa_addr *default_addr); -int stun_attr_add_channel_number_str(uint8_t *buf, size_t *len, uint16_t chnumber); -int stun_attr_add_bandwidth_str(uint8_t *buf, size_t *len, band_limit_t bps); -int stun_attr_add_address_error_code(uint8_t *buf, size_t *len, int requested_address_family, int error_code); -/* return +1 if present, 0 if not, -1 if error: */ -int stun_attr_get_address_error_code(uint8_t *buf, size_t len, int *requested_address_family, int *error_code); +bool stun_attr_add_str(uint8_t *buf, size_t *len, uint16_t attr, const uint8_t *avalue, int alen); +bool stun_attr_add_addr_str(uint8_t *buf, size_t *len, uint16_t attr_type, const ioa_addr *ca); +bool stun_attr_get_addr_str(const uint8_t *buf, size_t len, stun_attr_ref attr, ioa_addr *ca, + const ioa_addr *default_addr); +bool stun_attr_get_first_addr_str(const uint8_t *buf, size_t len, uint16_t attr_type, ioa_addr *ca, + const ioa_addr *default_addr); +bool stun_attr_add_channel_number_str(uint8_t *buf, size_t *len, uint16_t chnumber); +bool stun_attr_add_bandwidth_str(uint8_t *buf, size_t *len, band_limit_t bps); +bool stun_attr_add_address_error_code(uint8_t *buf, size_t *len, int requested_address_family, int error_code); uint16_t stun_attr_get_first_channel_number_str(const uint8_t *buf, size_t len); -int stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, int af4, int af6, uint8_t transport, - int mobile, const char *rt, int ep); -int stun_set_allocate_response_str(uint8_t *buf, size_t *len, stun_tid *tid, const ioa_addr *relayed_addr1, - const ioa_addr *relayed_addr2, const ioa_addr *reflexive_addr, uint32_t lifetime, - uint32_t max_lifetime, int error_code, const uint8_t *reason, - uint64_t reservation_token, char *mobile_id); +bool stun_set_allocate_request_str(uint8_t *buf, size_t *len, uint32_t lifetime, bool af4, bool af6, uint8_t transport, + bool mobile, const char *rt, int ep); +bool stun_set_allocate_response_str(uint8_t *buf, size_t *len, stun_tid *tid, const ioa_addr *relayed_addr1, + const ioa_addr *relayed_addr2, const ioa_addr *reflexive_addr, uint32_t lifetime, + uint32_t max_lifetime, int error_code, const uint8_t *reason, + uint64_t reservation_token, char *mobile_id); uint16_t stun_set_channel_bind_request_str(uint8_t *buf, size_t *len, const ioa_addr *peer_addr, uint16_t channel_number); @@ -179,9 +179,9 @@ void stun_set_channel_bind_response_str(uint8_t *buf, size_t *len, stun_tid *tid int stun_get_requested_address_family(stun_attr_ref attr); -int stun_attr_add_fingerprint_str(uint8_t *buf, size_t *len); +bool stun_attr_add_fingerprint_str(uint8_t *buf, size_t *len); -int SASLprep(uint8_t *s); +bool SASLprep(uint8_t *s); #define print_bin(str, len, field) print_bin_func(str, len, field, __FUNCTION__) void print_bin_func(const char *name, size_t len, const void *s, const char *func); @@ -193,14 +193,14 @@ int stun_check_message_integrity_by_key_str(turn_credential_type ct, uint8_t *bu password_t pwd, SHATYPE shatype); int stun_check_message_integrity_str(turn_credential_type ct, uint8_t *buf, size_t len, const uint8_t *uname, const uint8_t *realm, const uint8_t *upwd, SHATYPE shatype); -int stun_attr_add_integrity_str(turn_credential_type ct, uint8_t *buf, size_t *len, hmackey_t key, password_t pwd, - SHATYPE shatype); -int stun_attr_add_integrity_by_key_str(uint8_t *buf, size_t *len, const uint8_t *uname, const uint8_t *realm, - hmackey_t key, const uint8_t *nonce, SHATYPE shatype); -int stun_attr_add_integrity_by_user_str(uint8_t *buf, size_t *len, const uint8_t *uname, const uint8_t *realm, - const uint8_t *upwd, const uint8_t *nonce, SHATYPE shatype); -int stun_attr_add_integrity_by_user_short_term_str(uint8_t *buf, size_t *len, const uint8_t *uname, password_t pwd, - SHATYPE shatype); +bool stun_attr_add_integrity_str(turn_credential_type ct, uint8_t *buf, size_t *len, hmackey_t key, password_t pwd, + SHATYPE shatype); +bool stun_attr_add_integrity_by_key_str(uint8_t *buf, size_t *len, const uint8_t *uname, const uint8_t *realm, + hmackey_t key, const uint8_t *nonce, SHATYPE shatype); +bool stun_attr_add_integrity_by_user_str(uint8_t *buf, size_t *len, const uint8_t *uname, const uint8_t *realm, + const uint8_t *upwd, const uint8_t *nonce, SHATYPE shatype); +bool stun_attr_add_integrity_by_user_short_term_str(uint8_t *buf, size_t *len, const uint8_t *uname, password_t pwd, + SHATYPE shatype); size_t get_hmackey_size(SHATYPE shatype); /* @@ -211,32 +211,32 @@ size_t get_hmackey_size(SHATYPE shatype); long turn_random(void); long turn_random_number(void); -int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, const uint8_t *upwd, hmackey_t key, - SHATYPE shatype); -int stun_calculate_hmac(const uint8_t *buf, size_t len, const uint8_t *key, size_t sz, uint8_t *hmac, - unsigned int *hmac_len, SHATYPE shatype); +bool stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, const uint8_t *upwd, hmackey_t key, + SHATYPE shatype); +bool stun_calculate_hmac(const uint8_t *buf, size_t len, const uint8_t *key, size_t sz, uint8_t *hmac, + unsigned int *hmac_len, SHATYPE shatype); /* RFC 5780 */ -int stun_attr_get_change_request_str(stun_attr_ref attr, int *change_ip, int *change_port); -int stun_attr_add_change_request_str(uint8_t *buf, size_t *len, int change_ip, int change_port); +bool stun_attr_get_change_request_str(stun_attr_ref attr, bool *change_ip, bool *change_port); +bool stun_attr_add_change_request_str(uint8_t *buf, size_t *len, bool change_ip, bool change_port); int stun_attr_get_response_port_str(stun_attr_ref attr); -int stun_attr_add_response_port_str(uint8_t *buf, size_t *len, uint16_t port); +bool stun_attr_add_response_port_str(uint8_t *buf, size_t *len, uint16_t port); int stun_attr_get_padding_len_str(stun_attr_ref attr); -int stun_attr_add_padding_str(uint8_t *buf, size_t *len, uint16_t padding_len); +bool stun_attr_add_padding_str(uint8_t *buf, size_t *len, uint16_t padding_len); /* HTTP */ int is_http(const char *s, size_t blen); /* OAUTH */ -int convert_oauth_key_data(const oauth_key_data *oakd, oauth_key *key, char *err_msg, size_t err_msg_size); -int decode_oauth_token(const uint8_t *server_name, const encoded_oauth_token *etoken, const oauth_key *key, - oauth_token *dtoken); -int encode_oauth_token(const uint8_t *server_name, encoded_oauth_token *etoken, const oauth_key *key, - const oauth_token *dtoken, const uint8_t *nonce); +bool convert_oauth_key_data(const oauth_key_data *oakd, oauth_key *key, char *err_msg, size_t err_msg_size); +bool decode_oauth_token(const uint8_t *server_name, const encoded_oauth_token *etoken, const oauth_key *key, + oauth_token *dtoken); +bool encode_oauth_token(const uint8_t *server_name, encoded_oauth_token *etoken, const oauth_key *key, + const oauth_token *dtoken, const uint8_t *nonce); /* Encrypted password */ void generate_new_enc_password(const char *pwd, char *result); -int check_password(const char *pin, const char *pwd); +bool check_password_equal(const char *pin, const char *pwd); /////////////////////////////////////////////////////////////// diff --git a/src/server/ns_turn_server.c b/src/server/ns_turn_server.c index 3f4b7af..1c79157 100644 --- a/src/server/ns_turn_server.c +++ b/src/server/ns_turn_server.c @@ -1778,7 +1778,7 @@ static int handle_turn_refresh(turn_turnserver *server, ts_ur_super_session *ss, if ((server->fingerprint) || ss->enforce_fingerprints) { size_t len = ioa_network_buffer_get_size(nbh); - if (stun_attr_add_fingerprint_str(ioa_network_buffer_data(nbh), &len) < 0) { + if (!stun_attr_add_fingerprint_str(ioa_network_buffer_data(nbh), &len)) { *err_code = 500; ioa_network_buffer_delete(server->e, nbh); return -1; @@ -2289,8 +2289,8 @@ static int handle_turn_connect(turn_turnserver *server, ts_ur_super_session *ss, switch (attr_type) { SKIP_ATTRIBUTES; case STUN_ATTRIBUTE_XOR_PEER_ADDRESS: { - if (stun_attr_get_addr_str(ioa_network_buffer_data(in_buffer->nbh), ioa_network_buffer_get_size(in_buffer->nbh), - sar, &peer_addr, NULL) == -1) { + if (!stun_attr_get_addr_str(ioa_network_buffer_data(in_buffer->nbh), + ioa_network_buffer_get_size(in_buffer->nbh), sar, &peer_addr, NULL)) { *err_code = 400; *reason = (const uint8_t *)"Bad Peer Address"; } else { @@ -2748,8 +2748,8 @@ static int handle_turn_binding(turn_turnserver *server, ts_ur_super_session *ss, uint32_t cookie, int old_stun) { FUNCSTART; - int change_ip = 0; - int change_port = 0; + bool change_ip = false; + bool change_port = false; int padding = 0; int response_port_present = 0; uint16_t response_port = 0; @@ -2857,7 +2857,7 @@ static int handle_turn_binding(turn_turnserver *server, ts_ur_super_session *ss, size_t len = ioa_network_buffer_get_size(nbh); if (stun_set_binding_response_str(ioa_network_buffer_data(nbh), &len, tid, get_remote_addr_from_ioa_socket(ss->client_socket), 0, NULL, cookie, old_stun, - *server->no_stun_backward_compatibility) >= 0) { + *server->no_stun_backward_compatibility)) { addr_cpy(response_origin, get_local_addr_from_ioa_socket(ss->client_socket)); @@ -4558,7 +4558,7 @@ static int read_client_connection(turn_turnserver *server, ts_ur_super_session * if ((server->fingerprint) || ss->enforce_fingerprints) { size_t len = ioa_network_buffer_get_size(nbh); - if (stun_attr_add_fingerprint_str(ioa_network_buffer_data(nbh), &len) < 0) { + if (!stun_attr_add_fingerprint_str(ioa_network_buffer_data(nbh), &len)) { FUNCEND; ioa_network_buffer_delete(server->e, nbh); return -1;