diff --git a/src/apps/relay/mainrelay.c b/src/apps/relay/mainrelay.c
index ad00eba..2662955 100644
--- a/src/apps/relay/mainrelay.c
+++ b/src/apps/relay/mainrelay.c
@@ -122,9 +122,7 @@ LOW_DEFAULT_PORTS_BOUNDARY,HIGH_DEFAULT_PORTS_BOUNDARY,0,0,0,"",
///////////// Users DB //////////////
{ (TURN_USERDB_TYPE)0, {"\0"}, {0,NULL,NULL, {NULL,0}} },
///////////// CPUs //////////////////
-DEFAULT_CPUS_NUMBER,
-///////////// HTTPS Admin Server ////
-1,DEFAULT_HTTPS_ADMIN_PORT,DEFAULT_HTTPS_ADMIN_ADDR,"123"
+DEFAULT_CPUS_NUMBER
};
//////////////// OpenSSL Init //////////////////////
diff --git a/src/apps/relay/mainrelay.h b/src/apps/relay/mainrelay.h
index bdffed9..be020ac 100644
--- a/src/apps/relay/mainrelay.h
+++ b/src/apps/relay/mainrelay.h
@@ -102,9 +102,6 @@ extern "C" {
#define DEFAULT_CPUS_NUMBER (2)
-#define DEFAULT_HTTPS_ADMIN_PORT (4433)
-#define DEFAULT_HTTPS_ADMIN_ADDR ("0.0.0.0")
-
/////////// TYPES ///////////////////////////////////
enum _DH_KEY_SIZE {
@@ -313,13 +310,6 @@ typedef struct _turn_params_ {
unsigned long cpus;
-/////// HTTPS Admin server //////
-
- int use_https_admin_server;
- int https_admin_server_port;
- char https_admin_server_addr[129];
- char https_admin_server_pwd[129];
-
} turn_params_t;
extern turn_params_t turn_params;
diff --git a/src/apps/relay/netengine.c b/src/apps/relay/netengine.c
index 7bd1d60..e74d786 100644
--- a/src/apps/relay/netengine.c
+++ b/src/apps/relay/netengine.c
@@ -1649,6 +1649,7 @@ static void setup_relay_server(struct relay_server *rs, ioa_engine_handle e, int
&turn_params.secure_stun, turn_params.shatype, &turn_params.mobility,
turn_params.server_relay,
send_turn_session_info,
+ send_https_socket,
allocate_bps,
turn_params.oauth, turn_params.oauth_server_name);
diff --git a/src/apps/relay/turncli.c b/src/apps/relay/turncli.c
index 9eb3e51..c88b509 100644
--- a/src/apps/relay/turncli.c
+++ b/src/apps/relay/turncli.c
@@ -1217,38 +1217,16 @@ static void cliserver_input_handler(struct evconnlistener *l, evutil_socket_t fd
void setup_cli_thread(void)
{
- ns_bzero(&cliserver,sizeof(cliserver));
cliserver.event_base = turn_event_base_new();
+ super_memory_t* sm = new_super_memory_region();
+ cliserver.e = create_ioa_engine(sm, cliserver.event_base, turn_params.listener.tp, turn_params.relay_ifname, turn_params.relays_number, turn_params.relay_addrs,
+ turn_params.default_relays, turn_params.verbose
+ #if !defined(TURN_NO_HIREDIS)
+ ,turn_params.redis_statsdb
+ #endif
+ );
TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO,"IO method (cli thread): %s\n",event_base_get_method(cliserver.event_base));
- if (turn_params.use_https_admin_server
- && turn_params.https_admin_server_pwd[0]) {
-
-#if TLSv1_2_SUPPORTED
- if (turn_params.tls_ctx_v1_2) {
- cliserver.ctx = turn_params.tls_ctx_v1_2;
- }
-#endif
-
-#if TLSv1_1_SUPPORTED
- if (!cliserver.ctx && turn_params.tls_ctx_v1_1) {
- cliserver.ctx = turn_params.tls_ctx_v1_1;
- }
-#endif
-
- if (!cliserver.ctx && turn_params.tls_ctx_v1_0) {
- cliserver.ctx = turn_params.tls_ctx_v1_0;
- }
-
- if (!cliserver.ctx && turn_params.tls_ctx_ssl23) {
- cliserver.ctx = turn_params.tls_ctx_ssl23;
- }
- }
-
- if(!cliserver.ctx) {
- turn_params.use_https_admin_server = 0;
- }
-
{
struct bufferevent *pair[2];
@@ -1261,6 +1239,18 @@ void setup_cli_thread(void)
bufferevent_enable(cliserver.in_buf, EV_READ);
}
+ {
+ struct bufferevent *pair[2];
+
+ bufferevent_pair_new(cliserver.event_base, TURN_BUFFEREVENTS_OPTIONS, pair);
+
+ cliserver.https_in_buf = pair[0];
+ cliserver.https_out_buf = pair[1];
+
+ bufferevent_setcb(cliserver.https_in_buf, https_cli_server_receive_message, NULL, NULL, &cliserver);
+ bufferevent_enable(cliserver.https_in_buf, EV_READ);
+ }
+
if(!cli_addr_set) {
if(make_ioa_addr((const u08bits*)CLI_DEFAULT_IP,0,&cli_addr)<0) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR,"Cannot set cli address %s\n",CLI_DEFAULT_IP);
@@ -1365,8 +1355,80 @@ int send_turn_session_info(struct turn_session_info* tsi)
/////////// HTTPS /////////////
-//https://github.com/ppelleti/https-example
+static void write_https_echo(ioa_socket_handle s)
+{
+ if(s && !ioa_socket_tobeclosed(s)) {
+ SOCKET_APP_TYPE sat = get_ioa_socket_app_type(s);
+ if(sat == HTTPS_CLIENT_SOCKET) {
+ ioa_network_buffer_handle nbh_http = ioa_network_buffer_allocate(s->e);
+ size_t len_http = ioa_network_buffer_get_size(nbh_http);
+ u08bits *data = ioa_network_buffer_data(nbh_http);
+ char data_http[1025];
+ char content_http[1025];
+ const char* title = "HTTPS TURN Server";
+ snprintf(content_http,sizeof(content_http)-1,"\r\n\r\n \r\n %s\r\n \r\n \r\n %s\r\n \r\n\r\n",title,title);
+ snprintf(data_http,sizeof(data_http)-1,"HTTP/1.1 200 OK\r\nServer: %s\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: %d\r\n\r\n%s",TURN_SOFTWARE,(int)strlen(content_http),content_http);
+ len_http = strlen(data_http);
+ ns_bcopy(data_http,data,len_http);
+ ioa_network_buffer_set_size(nbh_http,len_http);
+ send_data_from_ioa_socket_nbh(s, NULL, nbh_http, TTL_IGNORE, TOS_IGNORE);
+ }
+ }
+}
+static void handle_https(ioa_socket_handle s, ioa_network_buffer_handle nbh) {
+ //TODO
+
+ if(turn_params.verbose) {
+ if(nbh) {
+ TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: HTTPS connection input: %s\n", __FUNCTION__, (char*)ioa_network_buffer_data(nbh));
+ } else {
+ TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: HTTPS connection initial input\n", __FUNCTION__);
+ }
+ }
+
+ write_https_echo(s);
+}
+
+static void https_input_handler(ioa_socket_handle s, int event_type, ioa_net_data *data, void *arg, int can_resume) {
+
+ UNUSED_ARG(arg);
+ UNUSED_ARG(s);
+ UNUSED_ARG(event_type);
+ UNUSED_ARG(can_resume);
+
+ handle_https(s,data->nbh);
+
+ ioa_network_buffer_delete(cliserver.e, data->nbh);
+ data->nbh = NULL;
+}
+
+void https_cli_server_receive_message(struct bufferevent *bev, void *ptr)
+{
+ UNUSED_ARG(ptr);
+
+ ioa_socket_handle s= NULL;
+ int n = 0;
+ struct evbuffer *input = bufferevent_get_input(bev);
+
+ while ((n = evbuffer_remove(input, &s, sizeof(s))) > 0) {
+ if (n != sizeof(s)) {
+ fprintf(stderr,"%s: Weird HTTPS CLI buffer error: size=%d\n",__FUNCTION__,n);
+ continue;
+ }
+
+ register_callback_on_ioa_socket(cliserver.e, s, IOA_EV_READ, https_input_handler, NULL, 0);
+
+ handle_https(s,NULL);
+ }
+}
+
+void send_https_socket(ioa_socket_handle s) {
+ struct evbuffer *output = bufferevent_get_output(cliserver.https_out_buf);
+ if(output) {
+ evbuffer_add(output,&s,sizeof(s));
+ }
+}
///////////////////////////////
diff --git a/src/apps/relay/turncli.h b/src/apps/relay/turncli.h
index 8ca61b1..aef0e0c 100644
--- a/src/apps/relay/turncli.h
+++ b/src/apps/relay/turncli.h
@@ -38,7 +38,6 @@
#include
#include
-#include
#include "ns_turn_utils.h"
#include "ns_turn_maps.h"
@@ -55,15 +54,15 @@ extern "C" {
struct cli_server {
evutil_socket_t listen_fd;
struct event_base* event_base;
+ ioa_engine_handle e;
int verbose;
struct evconnlistener *l;
struct bufferevent *in_buf;
struct bufferevent *out_buf;
+ struct bufferevent *https_in_buf;
+ struct bufferevent *https_out_buf;
ur_map *sessions;
pthread_t thr;
- //// HTTPS interface ////
- SSL_CTX *ctx;
- struct evhttp *https;
};
///////////////////////////////////////////
@@ -90,8 +89,10 @@ extern int cli_max_output_sessions;
void setup_cli_thread(void);
void cli_server_receive_message(struct bufferevent *bev, void *ptr);
+void https_cli_server_receive_message(struct bufferevent *bev, void *ptr);
int send_turn_session_info(struct turn_session_info* tsi);
+void send_https_socket(ioa_socket_handle s);
////////////////////////////////////////////
diff --git a/src/server/ns_turn_server.c b/src/server/ns_turn_server.c
index 0823c32..abf2909 100644
--- a/src/server/ns_turn_server.c
+++ b/src/server/ns_turn_server.c
@@ -4164,6 +4164,8 @@ static void client_to_be_allocated_timeout_handler(ioa_engine_handle e,
if(!s || ioa_socket_tobeclosed(s)) {
to_close = 1;
+ } else if(get_ioa_socket_app_type(s) == HTTPS_CLIENT_SOCKET) {
+ ;
} else {
ioa_socket_handle rs4 = ss->alloc.relay_sessions[ALLOC_IPV4_INDEX].s;
ioa_socket_handle rs6 = ss->alloc.relay_sessions[ALLOC_IPV6_INDEX].s;
@@ -4437,7 +4439,7 @@ static int read_client_connection(turn_turnserver *server,
SOCKET_APP_TYPE sat = get_ioa_socket_app_type(ss->client_socket);
int is_padding_mandatory = ((st == TCP_SOCKET)||(st==TLS_SOCKET)||(st==TENTATIVE_TCP_SOCKET));
- if((sat == HTTP_CLIENT_SOCKET)||(sat == HTTPS_CLIENT_SOCKET)) {
+ if(sat == HTTP_CLIENT_SOCKET) {
if(server->verbose) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: HTTP connection input: %s\n", __FUNCTION__, (char*)ioa_network_buffer_data(in_buffer->nbh));
@@ -4445,6 +4447,10 @@ static int read_client_connection(turn_turnserver *server,
handle_http(ss->client_socket);
+ } else if(sat == HTTPS_CLIENT_SOCKET) {
+
+ //???
+
} else if (stun_is_channel_message_str(ioa_network_buffer_data(in_buffer->nbh),
&blen,
&chnum,
@@ -4538,13 +4544,19 @@ static int read_client_connection(turn_turnserver *server,
proto = "HTTPS";
set_ioa_socket_app_type(ss->client_socket,HTTPS_CLIENT_SOCKET);
TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: %s (%s %s) request: %s\n", __FUNCTION__, proto, get_ioa_socket_cipher(ss->client_socket), get_ioa_socket_ssl_method(ss->client_socket), (char*)ioa_network_buffer_data(in_buffer->nbh));
+ if(server->send_https_socket) {
+ ioa_socket_handle new_s = detach_ioa_socket(ss->client_socket);
+ if(new_s) {
+ server->send_https_socket(new_s);
+ }
+ }
} else {
set_ioa_socket_app_type(ss->client_socket,HTTP_CLIENT_SOCKET);
if(server->verbose) {
TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "%s: %s request: %s\n", __FUNCTION__, proto, (char*)ioa_network_buffer_data(in_buffer->nbh));
}
+ handle_http(ss->client_socket);
}
- handle_http(ss->client_socket);
return 0;
}
}
@@ -4799,6 +4811,7 @@ void init_turn_server(turn_turnserver* server,
send_socket_to_relay_cb send_socket_to_relay,
vintp secure_stun, SHATYPE shatype, vintp mobility, int server_relay,
send_turn_session_info_cb send_turn_session_info,
+ send_https_socket_cb send_https_socket,
allocate_bps_cb allocate_bps_func,
int oauth, const char* oauth_server_name) {
@@ -4824,6 +4837,7 @@ void init_turn_server(turn_turnserver* server,
server->mobility = mobility;
server->server_relay = server_relay;
server->send_turn_session_info = send_turn_session_info;
+ server->send_https_socket = send_https_socket;
server->oauth = oauth;
if(oauth)
server->oauth_server_name = oauth_server_name;
diff --git a/src/server/ns_turn_server.h b/src/server/ns_turn_server.h
index 3506e61..7538080 100644
--- a/src/server/ns_turn_server.h
+++ b/src/server/ns_turn_server.h
@@ -96,6 +96,7 @@ typedef int (*check_new_allocation_quota_cb)(u08bits *username, int oauth, u08bi
typedef void (*release_allocation_quota_cb)(u08bits *username, int oauth, u08bits *realm);
typedef int (*send_socket_to_relay_cb)(turnserver_id id, u64bits cid, stun_tid *tid, ioa_socket_handle s, int message_integrity, MESSAGE_TO_RELAY_TYPE rmt, ioa_net_data *nd, int can_resume);
typedef int (*send_turn_session_info_cb)(struct turn_session_info *tsi);
+typedef void (*send_https_socket_cb)(ioa_socket_handle s);
typedef band_limit_t (*allocate_bps_cb)(band_limit_t bps, int positive);
@@ -131,6 +132,7 @@ struct _turn_turnserver {
vintp no_loopback_peers;
vintp no_multicast_peers;
send_turn_session_info_cb send_turn_session_info;
+ send_https_socket_cb send_https_socket;
/* RFC 6062 ==>> */
vintp no_udp_relay;
@@ -199,6 +201,7 @@ void init_turn_server(turn_turnserver* server,
vintp mobility,
int server_relay,
send_turn_session_info_cb send_turn_session_info,
+ send_https_socket_cb send_https_socket,
allocate_bps_cb allocate_bps_func,
int oauth,
const char* oauth_server_name);