master/coturn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow authenticating with a username to redis (#1488)

Browse Source 
Add ability to authenticate to redis with a password (and optionally username for redis 6.0)

Tested by building and using with redis on old and new versionss
This commit is contained in:
maddy 2024-11-19 01:51:02 +01:00 committed by GitHub
parent e5ffe6e0a3
commit c4a954a7fc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 47 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/apps/relay/dbdrivers/dbd_redis.c
View File

@ -49,6 +49,7 @@ static void turnFreeRedisReply(void *reply) {
struct _Ryconninfo {
char *host;
char *dbname;
char *user;
char *password;
unsigned int connect_timeout;
unsigned int port;
@ -64,6 +65,9 @@ static void RyconninfoFree(Ryconninfo *co) {
if (co->dbname) {
free(co->dbname);
}
if (co->user) {
free(co->user);
}
if (co->password) {
free(co->password);
}
@ -117,13 +121,13 @@ static Ryconninfo *RyconninfoParse(const char *userdb, char **errmsg) {
} else if (!strcmp(s, "database")) {
co->dbname = strdup(seq + 1);
} else if (!strcmp(s, "user")) {
;
co->user = strdup(seq + 1);
} else if (!strcmp(s, "uname")) {
;
co->user = strdup(seq + 1);
} else if (!strcmp(s, "name")) {
;
co->user = strdup(seq + 1);
} else if (!strcmp(s, "username")) {
;
co->user = strdup(seq + 1);
} else if (!strcmp(s, "password")) {
co->password = strdup(seq + 1);
} else if (!strcmp(s, "pwd")) {
@ -162,9 +166,6 @@ static Ryconninfo *RyconninfoParse(const char *userdb, char **errmsg) {
if (!(co->host)) {
co->host = strdup("127.0.0.1");
}
if (!(co->password)) {
co->password = strdup("");
}
}
return co;
@ -224,8 +225,12 @@ redis_context_handle get_redis_async_connection(struct event_base *base, redis_s
if (!rc) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Cannot initialize Redis DB async connection\n");
} else {
if (co->password) {
turnFreeRedisReply(redisCommand(rc, "AUTH %s", co->password));
if (co->password && strlen(co->password)) {
if (co->user && strlen(co->user)) {
turnFreeRedisReply(redisCommand(rc, "AUTH %s %s", co->user, co->password));
} else {
turnFreeRedisReply(redisCommand(rc, "AUTH %s", co->password));
}
}
if (co->dbname) {
turnFreeRedisReply(redisCommand(rc, "select %s", co->dbname));
@ -267,7 +272,7 @@ redis_context_handle get_redis_async_connection(struct event_base *base, redis_s
}
}
ret = redisLibeventAttach(base, co->host, co->port, co->password, atoi(co->dbname));
ret = redisLibeventAttach(base, co->host, co->port, co->user, co->password, atoi(co->dbname));
if (!ret) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Cannot initialize Redis DB connection\n");
@ -347,8 +352,13 @@ static redisContext *get_redis_connection(void) {
}
redisFree(redisconnection);
redisconnection = NULL;
} else if (co->password) {
void *reply = redisCommand(redisconnection, "AUTH %s", co->password);
} else if (co->password && strlen(co->password)) {
void *reply;
if (co->user && strlen(co->user)) {
reply = redisCommand(redisconnection, "AUTH %s %s", co->user, co->password);
} else {
reply = redisCommand(redisconnection, "AUTH %s", co->password);
}
if (!reply) {
if (redisconnection->err && redisconnection->errstr[0]) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Redis: %s\n", redisconnection->errstr);

30
src/apps/relay/hiredis_libevent2.c
View File

@ -50,6 +50,7 @@ struct redisLibeventEvents {
int rev_set, wev_set;
char *ip;
int port;
char *user;
char *pwd;
int db;
};
@ -212,7 +213,7 @@ void send_message_to_redis(redis_context_handle rch, const char *command, const
///////////////////////// Attach /////////////////////////////////
redis_context_handle redisLibeventAttach(struct event_base *base, char *ip0, int port0, char *pwd, int db) {
redis_context_handle redisLibeventAttach(struct event_base *base, char *ip0, int port0, char *user, char *pwd, int db) {
char ip[256];
if (ip0 && ip0[0]) {
@ -246,6 +247,9 @@ redis_context_handle redisLibeventAttach(struct event_base *base, char *ip0, int
e->base = base;
e->ip = strdup(ip);
e->port = port;
if (user) {
e->user = strdup(user);
}
if (pwd) {
e->pwd = strdup(pwd);
}
@ -274,9 +278,15 @@ redis_context_handle redisLibeventAttach(struct event_base *base, char *ip0, int
e->wev_set = 1;
// Authentication
if (redis_le_valid(e) && pwd) {
if (redisAsyncCommand(ac, NULL, e, "AUTH %s", pwd) != REDIS_OK) {
e->invalid = 1;
if (redis_le_valid(e) && pwd && strlen(pwd)) {
if (user && strlen(user)) {
if (redisAsyncCommand(ac, NULL, e, "AUTH %s %s", e->user, e->pwd) != REDIS_OK) {
e->invalid = 1;
}
} else {
if (redisAsyncCommand(ac, NULL, e, "AUTH %s", e->pwd) != REDIS_OK) {
e->invalid = 1;
}
}
}
@ -349,9 +359,15 @@ static void redis_reconnect(struct redisLibeventEvents *e) {
e->invalid = 0;
// Authentication
if (redis_le_valid(e) && e->pwd) {
if (redisAsyncCommand(ac, NULL, e, "AUTH %s", e->pwd) != REDIS_OK) {
e->invalid = 1;
if (redis_le_valid(e) && e->pwd && strlen(e->pwd)) {
if (e->user && strlen(e->user)) {
if (redisAsyncCommand(ac, NULL, e, "AUTH %s %s", e->user, e->pwd) != REDIS_OK) {
e->invalid = 1;
}
} else {
if (redisAsyncCommand(ac, NULL, e, "AUTH %s", e->pwd) != REDIS_OK) {
e->invalid = 1;
}
}
}

2
src/apps/relay/hiredis_libevent2.h
View File

@ -48,7 +48,7 @@ typedef void *redis_context_handle;
#if !defined(TURN_NO_HIREDIS)
redis_context_handle redisLibeventAttach(struct event_base *base, char *ip, int port, char *pwd, int db);
redis_context_handle redisLibeventAttach(struct event_base *base, char *ip, int port, char *user, char *pwd, int db);
void send_message_to_redis(redis_context_handle rch, const char *command, const char *key, const char *format, ...);

2
src/apps/relay/mainrelay.c
View File

@ -3034,7 +3034,7 @@ int main(int argc, char **argv) {
return adminmain(argc, argv);
}
memset(&turn_params.default_users_db, 0, sizeof(default_users_db_t));
memset(&turn_params.default_users_db.ram_db, 0, sizeof(ram_users_db_t));
turn_params.default_users_db.ram_db.static_accounts = ur_string_map_create(free);
// Zero pass apply the log options.