From dd1a632d8d3242dd68bc1cae9c2cb4339281c669 Mon Sep 17 00:00:00 2001 From: Oleg Moskalenko Date: Mon, 14 Sep 2015 22:48:39 -0700 Subject: [PATCH] working on multi-tenant server --- ChangeLog | 6 ++++-- rpm/build.settings.sh | 2 +- rpm/turnserver.spec | 4 ++-- src/apps/relay/netengine.c | 2 +- src/apps/relay/ns_ioalib_engine_impl.c | 4 ++-- src/apps/relay/userdb.c | 4 ++++ src/ns_turn_defs.h | 2 +- src/server/ns_turn_ioalib.h | 2 +- src/server/ns_turn_maps_rtcp.c | 8 ++------ src/server/ns_turn_maps_rtcp.h | 2 +- src/server/ns_turn_server.c | 25 ++++++++++++++++--------- src/server/ns_turn_server.h | 2 +- 12 files changed, 36 insertions(+), 27 deletions(-) diff --git a/ChangeLog b/ChangeLog index d623f88..111f11e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,8 +1,10 @@ 9/13/2015 Oleg Moskalenko -Version 4.5.0.0 'Ardee West': +Version 4.4.6.0 'Ardee West': - multiple realms based on oAuth (third-party authorization); - STUN attributes conflict resolution; - - SIGHUP handler fixed. + - SIGHUP handler fixed; + - error message logging improved; + - mongo test db files fixed. 7/18/2015 Oleg Moskalenko Version 4.4.5.4 'Ardee West': diff --git a/rpm/build.settings.sh b/rpm/build.settings.sh index 09ec393..90f5bcc 100755 --- a/rpm/build.settings.sh +++ b/rpm/build.settings.sh @@ -2,7 +2,7 @@ # Common settings script. -TURNVERSION=4.5.0.0 +TURNVERSION=4.4.6.0 BUILDDIR=~/rpmbuild ARCH=`uname -p` TURNSERVER_GIT_URL=https://github.com/coturn/coturn.git diff --git a/rpm/turnserver.spec b/rpm/turnserver.spec index 05414bd..ec88ea1 100644 --- a/rpm/turnserver.spec +++ b/rpm/turnserver.spec @@ -1,5 +1,5 @@ Name: turnserver -Version: 4.5.0.0 +Version: 4.4.6.0 Release: 0%{dist} Summary: Coturn TURN Server @@ -290,7 +290,7 @@ fi %changelog * Sun Sep 13 2015 Oleg Moskalenko - - Sync to 4.5.0.0 + - Sync to 4.4.6.0 * Sat Jul 18 2015 Oleg Moskalenko - Sync to 4.4.5.4 * Sat Jun 20 2015 Oleg Moskalenko diff --git a/src/apps/relay/netengine.c b/src/apps/relay/netengine.c index 71350d0..6f8e3fd 100644 --- a/src/apps/relay/netengine.c +++ b/src/apps/relay/netengine.c @@ -805,7 +805,7 @@ static int handle_relay_message(relay_server_handle rs, struct message_to_relay static void handle_relay_auth_message(struct relay_server *rs, struct auth_message *am) { am->resume_func(am->success, am->out_oauth, am->max_session_time, am->key, am->pwd, - &(rs->server), am->ctxkey, &(am->in_buffer)); + &(rs->server), am->ctxkey, &(am->in_buffer), am->realm); if (am->in_buffer.nbh) { ioa_network_buffer_delete(rs->ioa_eng, am->in_buffer.nbh); am->in_buffer.nbh = NULL; diff --git a/src/apps/relay/ns_ioalib_engine_impl.c b/src/apps/relay/ns_ioalib_engine_impl.c index 4fa84a8..0cf15b5 100644 --- a/src/apps/relay/ns_ioalib_engine_impl.c +++ b/src/apps/relay/ns_ioalib_engine_impl.c @@ -708,10 +708,10 @@ int ioa_socket_check_bandwidth(ioa_socket_handle s, ioa_network_buffer_handle nb return 1; } -int get_ioa_socket_from_reservation(ioa_engine_handle e, u64bits in_reservation_token, ioa_socket_handle *s, u08bits *realm) +int get_ioa_socket_from_reservation(ioa_engine_handle e, u64bits in_reservation_token, ioa_socket_handle *s) { if (e && in_reservation_token && s) { - *s = rtcp_map_get(e->map_rtcp, in_reservation_token, realm); + *s = rtcp_map_get(e->map_rtcp, in_reservation_token); if (*s) { return 0; } diff --git a/src/apps/relay/userdb.c b/src/apps/relay/userdb.c index 401d05f..cb7f219 100644 --- a/src/apps/relay/userdb.c +++ b/src/apps/relay/userdb.c @@ -517,6 +517,10 @@ int get_user_key(int in_oauth, int *out_oauth, int *max_session_time, u08bits *u ns_bcopy(dot.enc_block.mac_key,key,dot.enc_block.key_length); + if(rawKey.realm[0]) { + ns_bcopy(rawKey.realm,realm,sizeof(rawKey.realm)); + } + ret = 0; } } diff --git a/src/ns_turn_defs.h b/src/ns_turn_defs.h index 5b730b5..11bcf3d 100644 --- a/src/ns_turn_defs.h +++ b/src/ns_turn_defs.h @@ -31,7 +31,7 @@ #ifndef __IOADEFS__ #define __IOADEFS__ -#define TURN_SERVER_VERSION "4.5.0.0" +#define TURN_SERVER_VERSION "4.4.6.0" #define TURN_SERVER_VERSION_NAME "Ardee West" #define TURN_SOFTWARE "Coturn-" TURN_SERVER_VERSION " '" TURN_SERVER_VERSION_NAME "'" diff --git a/src/server/ns_turn_ioalib.h b/src/server/ns_turn_ioalib.h index e464c0c..221cdfd 100644 --- a/src/server/ns_turn_ioalib.h +++ b/src/server/ns_turn_ioalib.h @@ -227,7 +227,7 @@ int create_relay_ioa_sockets(ioa_engine_handle e, ioa_socket_handle client_s, ioa_socket_handle ioa_create_connecting_tcp_relay_socket(ioa_socket_handle s, ioa_addr *peer_addr, connect_cb cb, void *arg); -int get_ioa_socket_from_reservation(ioa_engine_handle e, u64bits in_reservation_token, ioa_socket_handle *s, u08bits *realm); +int get_ioa_socket_from_reservation(ioa_engine_handle e, u64bits in_reservation_token, ioa_socket_handle *s); int get_ioa_socket_address_family(ioa_socket_handle s); int is_stream_socket(int st); diff --git a/src/server/ns_turn_maps_rtcp.c b/src/server/ns_turn_maps_rtcp.c index 34d7d75..2d0c410 100644 --- a/src/server/ns_turn_maps_rtcp.c +++ b/src/server/ns_turn_maps_rtcp.c @@ -214,7 +214,7 @@ int rtcp_map_put(rtcp_map* map, rtcp_token_type token, ioa_socket_handle s) { * >=0 - success * <0 - not found */ -ioa_socket_handle rtcp_map_get(rtcp_map* map, rtcp_token_type token, u08bits *realm) { +ioa_socket_handle rtcp_map_get(rtcp_map* map, rtcp_token_type token) { ioa_socket_handle s = NULL; if (rtcp_map_valid(map)) { ur_map_value_type value; @@ -224,11 +224,7 @@ ioa_socket_handle rtcp_map_get(rtcp_map* map, rtcp_token_type token, u08bits *re rtcp_alloc_type* rval = (rtcp_alloc_type*) value; if (rval) { s = rval->s; - if(!check_realm_hash(s,realm)) { - s = NULL; - } else { - rtcp_map_del_savefd(map, token); - } + rtcp_map_del_savefd(map, token); } } TURN_MUTEX_UNLOCK(&map->mutex); diff --git a/src/server/ns_turn_maps_rtcp.h b/src/server/ns_turn_maps_rtcp.h index e8c2a0f..43be9ad 100644 --- a/src/server/ns_turn_maps_rtcp.h +++ b/src/server/ns_turn_maps_rtcp.h @@ -61,7 +61,7 @@ int rtcp_map_put(rtcp_map* map, rtcp_token_type key, ioa_socket_handle s); * >=0 - success * <0 - not found */ -ioa_socket_handle rtcp_map_get(rtcp_map* map, rtcp_token_type token, u08bits *realm); +ioa_socket_handle rtcp_map_get(rtcp_map* map, rtcp_token_type token); /** * @ret: diff --git a/src/server/ns_turn_server.c b/src/server/ns_turn_server.c index 3db0aee..af5a4d9 100644 --- a/src/server/ns_turn_server.c +++ b/src/server/ns_turn_server.c @@ -77,7 +77,7 @@ static inline void log_method(ts_ur_super_session* ss, const char *method, int e (unsigned long long)(ss->id), (const char*)(ss->realm_options.name),(const char*)(ss->username),method); } } else { - if(!reason) reason=(const u08bits*)"Unknown error"; + if(!reason) reason=get_default_reason(err_code); if(ss->origin[0]) { TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "session %018llu: origin <%s> realm <%s> user <%s>: incoming packet %s processed, error %d: %s\n", @@ -3191,7 +3191,7 @@ static int create_challenge_response(ts_ur_super_session *ss, stun_tid *tid, int #define min(a,b) ((a)<=(b) ? (a) : (b)) #endif -static void resume_processing_after_username_check(int success, int oauth, int max_session_time, hmackey_t hmackey, password_t pwd, turn_turnserver *server, u64bits ctxkey, ioa_net_data *in_buffer) +static void resume_processing_after_username_check(int success, int oauth, int max_session_time, hmackey_t hmackey, password_t pwd, turn_turnserver *server, u64bits ctxkey, ioa_net_data *in_buffer, u08bits *realm) { if(server && in_buffer && in_buffer->nbh) { @@ -3206,6 +3206,9 @@ static void resume_processing_after_username_check(int success, int oauth, int ss->oauth = oauth; ss->max_session_time_auth = (turn_time_t)max_session_time; ns_bcopy(pwd,ss->pwd,sizeof(password_t)); + if(realm && realm[0]) { + get_realm_options_by_name((char*)realm, &(ss->realm_options)); + } } read_client_connection(server,ss,in_buffer,0,0); @@ -3318,14 +3321,18 @@ static int check_stun_auth(turn_turnserver *server, get_realm_options_by_name((char *)realm, &(ss->realm_options)); } else if(strcmp((char*)realm, (char*)(ss->realm_options.name))) { - if(method == STUN_METHOD_ALLOCATE) { - *err_code = 437; - *reason = (const u08bits*)"Allocation mismatch: wrong credentials: the realm value is incorrect"; + if(!(ss->oauth)){ + if(method == STUN_METHOD_ALLOCATE) { + *err_code = 437; + *reason = (const u08bits*)"Allocation mismatch: wrong credentials: the realm value is incorrect"; + } else { + *err_code = 441; + *reason = (const u08bits*)"Wrong credentials: the realm value is incorrect"; + } + return -1; } else { - *err_code = 441; - *reason = (const u08bits*)"Wrong credentials: the realm value is incorrect"; + ns_bcopy(ss->realm_options.name,realm,sizeof(ss->realm_options.name)); } - return -1; } } @@ -4261,7 +4268,7 @@ static int create_relay_connection(turn_turnserver* server, ioa_socket_handle s = NULL; - if ((get_ioa_socket_from_reservation(server->e, in_reservation_token,&s,(u08bits*)ss->realm_options.name) < 0)|| + if ((get_ioa_socket_from_reservation(server->e, in_reservation_token,&s) < 0)|| !s || ioa_socket_tobeclosed(s)) { diff --git a/src/server/ns_turn_server.h b/src/server/ns_turn_server.h index e976a07..bdba4ea 100644 --- a/src/server/ns_turn_server.h +++ b/src/server/ns_turn_server.h @@ -90,7 +90,7 @@ typedef enum { struct _turn_turnserver; typedef struct _turn_turnserver turn_turnserver; -typedef void (*get_username_resume_cb)(int success, int oauth, int max_session_time, hmackey_t hmackey, password_t pwd, turn_turnserver *server, u64bits ctxkey, ioa_net_data *in_buffer); +typedef void (*get_username_resume_cb)(int success, int oauth, int max_session_time, hmackey_t hmackey, password_t pwd, turn_turnserver *server, u64bits ctxkey, ioa_net_data *in_buffer, u08bits* realm); typedef u08bits *(*get_user_key_cb)(turnserver_id id, turn_credential_type ct, int in_oauth, int *out_oauth, u08bits *uname, u08bits *realm, get_username_resume_cb resume, ioa_net_data *in_buffer, u64bits ctxkey, int *postpone_reply); typedef int (*check_new_allocation_quota_cb)(u08bits *username, int oauth, u08bits *realm); typedef void (*release_allocation_quota_cb)(u08bits *username, int oauth, u08bits *realm);