users admin

2015-01-18 08:31:57 +00:00 · 2015-01-18 08:31:57 +00:00 · e650375917
commit e650375917
parent e3d9f5484c
3 changed files with 280 additions and 9 deletions
--- a/examples/var/db/turndb
+++ b/examples/var/db/turndb
--- a/src/apps/relay/turn_admin_server.c
+++ b/src/apps/relay/turn_admin_server.c
@ -1359,6 +1359,7 @@ enum _AS_FORM {
 	AS_FORM_TOGGLE,
 	AS_FORM_UPDATE,
 	AS_FORM_PS,
+	AS_FORM_USERS,
 	AS_FORM_UNKNOWN
 };

@ -1366,11 +1367,16 @@ typedef enum _AS_FORM AS_FORM;

 #define HR_USERNAME "uname"
 #define HR_PASSWORD "pwd"
+#define HR_PASSWORD1 "pwd1"
 #define HR_REALM "realm"
+#define HR_ADD_USER "add_user"
+#define HR_ADD_USER_REALM "add_user_realm"
 #define HR_CLIENT_PROTOCOL "cprotocol"
 #define HR_USER_PATTERN "puser"
 #define HR_MAX_SESSIONS "maxsess"
 #define HR_CANCEL_SESSION "cs"
+#define HR_DELETE_USER "du"
+#define HR_DELETE_REALM "dr"

 struct form_name {
 	AS_FORM form;
@ -1385,6 +1391,7 @@ static struct form_name form_names[] = {
 				{AS_FORM_TOGGLE,"/toggle"},
 				{AS_FORM_UPDATE,"/update"},
 				{AS_FORM_PS,"/ps"},
+				{AS_FORM_USERS,"/us"},
 				{AS_FORM_UNKNOWN,NULL}
 };

@ -1510,6 +1517,10 @@ static void write_https_home_page(ioa_socket_handle s)
 			str_buffer_append_sz(sb,cli_max_output_sessions);
 			str_buffer_append(sb,"\">");

+			str_buffer_append(sb,"<br><input type=\"submit\" value=\"Users\" formaction=\"");
+			str_buffer_append(sb,form_names[AS_FORM_USERS].name);
+			str_buffer_append(sb,"\">");
+
 			str_buffer_append(sb,"</fieldset>\r\n");
 			str_buffer_append(sb,"</form>\r\n");

@ -2200,6 +2211,171 @@ static void write_ps_page(ioa_socket_handle s, const char* client_protocol, cons
 	}
 }

+static size_t https_print_users(struct str_buffer* sb)
+{
+	size_t ret = 0;
+	const turn_dbdriver_t * dbd = get_dbdriver();
+	if (dbd && dbd->list_users) {
+		secrets_list_t users,realms;
+		init_secrets_list(&users);
+		init_secrets_list(&realms);
+		dbd->list_users((u08bits*)current_socket->as_eff_realm,&users,&realms);
+
+		size_t sz = get_secrets_list_size(&users);
+		size_t i;
+		for(i=0;i<sz;++i) {
+			str_buffer_append(sb,"<tr><td>");
+			str_buffer_append_sz(sb,i);
+			str_buffer_append(sb,"</td>");
+			str_buffer_append(sb,"<td>");
+			str_buffer_append(sb,get_secrets_list_elem(&users,i));
+			str_buffer_append(sb,"</td>");
+			if(!current_socket->as_eff_realm[0]) {
+				str_buffer_append(sb,"<td>");
+				str_buffer_append(sb,get_secrets_list_elem(&realms,i));
+				str_buffer_append(sb,"</td>");
+			}
+			str_buffer_append(sb,"<td> <a href=\"");
+			str_buffer_append(sb,form_names[AS_FORM_USERS].name);
+			str_buffer_append(sb,"?");
+			str_buffer_append(sb,HR_DELETE_USER);
+			str_buffer_append(sb,"=");
+			str_buffer_append(sb,get_secrets_list_elem(&users,i));
+			str_buffer_append(sb,"&");
+			str_buffer_append(sb,HR_DELETE_REALM);
+			str_buffer_append(sb,"=");
+			str_buffer_append(sb,get_secrets_list_elem(&realms,i));
+			str_buffer_append(sb,"\">delete</a>");
+			str_buffer_append(sb,"</td>");
+			str_buffer_append(sb,"</tr>");
+			++ret;
+		}
+
+		clean_secrets_list(&users);
+		clean_secrets_list(&realms);
+	}
+
+	return ret;
+}
+
+static void write_users_page(ioa_socket_handle s, const u08bits *add_user, const u08bits *add_realm, const char* msg)
+{
+	if(s && !ioa_socket_tobeclosed(s)) {
+
+		if(!(s->as_ok)) {
+			write_https_logon_page(s);
+		} else {
+
+			struct str_buffer* sb = str_buffer_new();
+
+			str_buffer_append(sb,"<!DOCTYPE html>\r\n<html>\r\n  <head>\r\n    <title>");
+			str_buffer_append(sb,admin_title);
+			str_buffer_append(sb,"</title>\r\n <style> table, th, td { border: 1px solid black; } table#msg th { color: red; background-color: white; } </style> </head>\r\n  <body>\r\n    ");
+			str_buffer_append(sb,bold_admin_title);
+			str_buffer_append(sb,"<br>\r\n");
+			str_buffer_append(sb,home_link);
+			str_buffer_append(sb,"<br>\r\n");
+
+			str_buffer_append(sb,"<form action=\"");
+			str_buffer_append(sb,form_names[AS_FORM_USERS].name);
+			str_buffer_append(sb,"\" method=\"POST\">\r\n");
+			str_buffer_append(sb,"  <fieldset><legend>Filter:</legend>\r\n");
+
+			str_buffer_append(sb,"  <br>Realm name: <input type=\"text\" name=\"");
+			str_buffer_append(sb,HR_REALM);
+			str_buffer_append(sb,"\" value=\"");
+			str_buffer_append(sb,get_eff_realm());
+			str_buffer_append(sb,"\"");
+			if(!is_superuser()) {
+				str_buffer_append(sb," disabled ");
+			}
+			str_buffer_append(sb,">");
+
+			str_buffer_append(sb,"<br><input type=\"submit\" value=\"Filter\">");
+
+			str_buffer_append(sb,"</fieldset>\r\n");
+			str_buffer_append(sb,"</form>\r\n");
+
+			str_buffer_append(sb,"<form action=\"");
+			str_buffer_append(sb,form_names[AS_FORM_USERS].name);
+			str_buffer_append(sb,"\" method=\"POST\">\r\n");
+			str_buffer_append(sb,"  <fieldset><legend>User:</legend>\r\n");
+
+			if(msg && msg[0]) {
+				str_buffer_append(sb,"<br><table id=\"msg\"><th>");
+				str_buffer_append(sb,msg);
+				str_buffer_append(sb,"</th></table><br>");
+			}
+
+			str_buffer_append(sb,"  <br>Realm name: <input type=\"text\" name=\"");
+			str_buffer_append(sb,HR_ADD_USER_REALM);
+			str_buffer_append(sb,"\" value=\"");
+			str_buffer_append(sb,(const char*)add_realm);
+			str_buffer_append(sb,"\"");
+			if(!is_superuser()) {
+				str_buffer_append(sb," disabled ");
+			}
+			str_buffer_append(sb,"><br>\r\n");
+
+			str_buffer_append(sb,"  <br>User name: <input type=\"text\" name=\"");
+			str_buffer_append(sb,HR_ADD_USER);
+			str_buffer_append(sb,"\" value=\"");
+			str_buffer_append(sb,(const char*)add_user);
+			str_buffer_append(sb,"\"");
+			str_buffer_append(sb,"><br>\r\n");
+
+			str_buffer_append(sb,"  <br>Password: <input type=\"password\" name=\"");
+			str_buffer_append(sb,HR_PASSWORD);
+			str_buffer_append(sb,"\" value=\"");
+			str_buffer_append(sb,"");
+			str_buffer_append(sb,"\"");
+			str_buffer_append(sb,"><br>\r\n");
+
+			str_buffer_append(sb,"  <br>Confirm password: <input type=\"password\" name=\"");
+			str_buffer_append(sb,HR_PASSWORD1);
+			str_buffer_append(sb,"\" value=\"");
+			str_buffer_append(sb,"");
+			str_buffer_append(sb,"\"");
+			str_buffer_append(sb,"><br>\r\n");
+
+			str_buffer_append(sb,"<br><input type=\"submit\" value=\"Add user\">");
+
+			str_buffer_append(sb,"</fieldset>\r\n");
+			str_buffer_append(sb,"</form>\r\n");
+
+			str_buffer_append(sb,"Users:<br>\r\n");
+			str_buffer_append(sb,"<table>\r\n");
+			str_buffer_append(sb,"<tr><th>N</th><th>Name</th>");
+			if(!current_socket->as_eff_realm[0]) {
+				str_buffer_append(sb,"<th>Realm</th>");
+			}
+			str_buffer_append(sb,"<th> </th>");
+			str_buffer_append(sb,"</tr>\r\n");
+
+			size_t total_sz = https_print_users(sb);
+
+			str_buffer_append(sb,"\r\n</table>\r\n");
+
+			str_buffer_append(sb,"<br>Total users = ");
+			str_buffer_append_sz(sb,total_sz);
+			str_buffer_append(sb,"<br>\r\n");
+
+			str_buffer_append(sb,"</body>\r\n</html>\r\n");
+
+			send_str_from_ioa_socket_tcp(s,"HTTP/1.1 200 OK\r\nServer: ");
+			send_str_from_ioa_socket_tcp(s,TURN_SOFTWARE);
+			send_str_from_ioa_socket_tcp(s,"\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: ");
+
+			send_ulong_from_ioa_socket_tcp(s,str_buffer_get_str_len(sb));
+
+			send_str_from_ioa_socket_tcp(s,"\r\n\r\n");
+			send_str_from_ioa_socket_tcp(s,str_buffer_get_str(sb));
+
+			str_buffer_free(sb);
+		}
+	}
+}
+
 static void handle_toggle_request(ioa_socket_handle s, struct http_request* hr)
 {
 	if(s && hr) {
@ -2330,6 +2506,101 @@ static void handle_https(ioa_socket_handle s, ioa_network_buffer_handle nbh)
 				}
 				break;
 			}
+			case AS_FORM_USERS: {
+				if(s->as_ok) {
+					{
+						const char *realm0 = get_http_header_value(hr, HR_REALM);
+						if(!realm0)
+							realm0="";
+						if(!is_superuser())
+							realm0 = current_socket->as_realm;
+						STRCPY(current_socket->as_eff_realm,realm0);
+					}
+
+					{
+						const u08bits *user = (const u08bits*)get_http_header_value(hr, HR_DELETE_USER);
+						if(user && user[0]) {
+							const u08bits *realm = (const u08bits*)get_http_header_value(hr, HR_DELETE_REALM);
+							if(!is_superuser()) {
+								realm = (const u08bits*)current_socket->as_realm;
+							}
+							if(realm && realm[0]) {
+								const turn_dbdriver_t * dbd = get_dbdriver();
+								if (dbd && dbd->del_user) {
+									u08bits u[STUN_MAX_USERNAME_SIZE+1];
+									u08bits r[STUN_MAX_REALM_SIZE+1];
+									STRCPY(u,user);
+									STRCPY(r,realm);
+									dbd->del_user(u,r);
+								}
+							}
+						}
+					}
+
+					const u08bits *add_realm = (const u08bits*)current_socket->as_eff_realm;
+					const u08bits *add_user = (const u08bits*)get_http_header_value(hr, HR_ADD_USER);
+					const char* msg = "";
+					if(!add_user) add_user = (const u08bits*)"";
+					if(add_user[0]) {
+						add_realm = (const u08bits*)get_http_header_value(hr, HR_ADD_USER_REALM);
+						if(!add_realm) {
+							add_realm=(const u08bits*)"";
+						}
+						if(!is_superuser()) {
+							add_realm = (const u08bits*)current_socket->as_realm;
+						}
+						if(!add_realm[0]) {
+							add_realm=(const u08bits*)current_socket->as_eff_realm;
+						}
+						if(add_realm[0]) {
+							const u08bits *pwd = (const u08bits*)get_http_header_value(hr, HR_PASSWORD);
+							const u08bits *pwd1 = (const u08bits*)get_http_header_value(hr, HR_PASSWORD1);
+							if(pwd && pwd1 && pwd[0] && pwd1[0] && !strcmp((const char*)pwd,(const char*)pwd1)) {
+
+								const turn_dbdriver_t * dbd = get_dbdriver();
+								if (dbd && dbd->set_user_key) {
+
+									hmackey_t key;
+									char skey[sizeof(hmackey_t) * 2 + 1];
+
+									{
+										u08bits u[STUN_MAX_USERNAME_SIZE+1];
+										u08bits r[STUN_MAX_REALM_SIZE+1];
+										u08bits p[STUN_MAX_PWD_SIZE+1];
+										STRCPY(u,add_user);
+										STRCPY(r,add_realm);
+										STRCPY(p,pwd);
+										stun_produce_integrity_key_str(u, r, p, key, SHATYPE_DEFAULT);
+										size_t i = 0;
+										size_t sz = get_hmackey_size(SHATYPE_DEFAULT);
+										int maxsz = (int) (sz * 2) + 1;
+										char *s = skey;
+										for (i = 0; (i < sz) && (maxsz > 2); i++) {
+											snprintf(s, (size_t) (sz * 2), "%02x", (unsigned int) key[i]);
+											maxsz -= 2;
+											s += 2;
+										}
+										skey[sz * 2] = 0;
+
+										(*dbd->set_user_key)(u, r, skey);
+									}
+
+									add_realm=(const u08bits*)"";
+									add_user=(const u08bits*)"";
+								}
+							} else {
+								msg = "Error: wrong password";
+							}
+						}
+					}
+
+					write_users_page(s,add_user,add_realm,msg);
+
+				} else {
+					write_https_logon_page(s);
+				}
+				break;
+			}
 			case AS_FORM_TOGGLE:
 				if(s->as_ok) {
 					handle_toggle_request(s,hr);
--- a/src/apps/relay/userdb.c
+++ b/src/apps/relay/userdb.c
@ -790,21 +790,21 @@ static int show_secret(u08bits *realm)
  const turn_dbdriver_t * dbd = get_dbdriver();
  if (dbd && dbd->show_secret) {
    (*dbd->show_secret)(realm);
-	}
+  }

-	return 0;
+  return 0;
 }

 static int del_secret(u08bits *secret, u08bits *realm) {

 	must_set_admin_realm(realm);

-  const turn_dbdriver_t * dbd = get_dbdriver();
-  if (dbd && dbd->del_secret) {
-    (*dbd->del_secret)(secret, realm);
+	const turn_dbdriver_t * dbd = get_dbdriver();
+	if (dbd && dbd->del_secret) {
+		(*dbd->del_secret)(secret, realm);
 	}

-  return 0;
+	return 0;
 }

 static int set_secret(u08bits *secret, u08bits *realm) {
@ -816,9 +816,9 @@ static int set_secret(u08bits *secret, u08bits *realm) {

 	del_secret(secret, realm);

-  const turn_dbdriver_t * dbd = get_dbdriver();
-  if (dbd && dbd->set_secret) {
-    (*dbd->set_secret)(secret, realm);
+	const turn_dbdriver_t * dbd = get_dbdriver();
+	if (dbd && dbd->set_secret) {
+		(*dbd->set_secret)(secret, realm);
 	}

 	return 0;