« back to all changes in this revision
Viewing changes to src/apps/relay/mainrelay.c
- browse files at revision 1.1.7
- compare with another revision
- download diff
- download tarball
- view history from revision 1.1.7
- Committer: Package Import Robot
- Author(s): Oleg Moskalenko
- Date: 2014-11-23 00:15:03 UTC
- mto: This revision was merged to the branch mainline in revision 11.
- Revision ID: package-import@ubuntu.com-20141123001503-7ks3iybmqdsjix52
Tags: upstream-4.3.1.1
ImportĀ upstreamĀ versionĀ 4.3.1.1
- examples/var
- examples/var/db
- files removed:
- examples/etc/turnuserdb.conf
- files modified:
- ChangeLog
added
removed
src/apps/relay/mainrelay.c
36
36
static int use_st_credentials = 0;
37
37
static int anon_credentials = 0;
38
38
39
////// TURNDB //////////////
40
41
#if defined(TURNDB)
42
43
#if defined(Q)
44
#undef Q
45
#endif
46
47
#define Q(x) #x
48
49
#if defined(QUOTE)
50
#undef QUOTE
51
#endif
52
53
#define QUOTE(x) Q(x)
54
55
#define DEFAULT_USERDB_FILE QUOTE(TURNDB)
56
57
#else
58
59
#define DEFAULT_USERDB_FILE "/usr/local/var/db/turndb"
60
61
#endif
62
39
63
//////TURN PARAMS STRUCTURE DEFINITION //////
40
64
41
65
#define DEFAULT_GENERAL_RELAY_SERVERS_NUMBER (1)
95
119
/////////////// MISC PARAMS ////////////////
96
120
0,0,0,0,0,SHATYPE_SHA1,':',0,0,TURN_CREDENTIALS_NONE,0,0,0,0,0,0,
97
121
///////////// Users DB //////////////
98
{ TURN_USERDB_TYPE_FILE, {"\0",NULL}, {0,NULL,NULL, {NULL,0}} }
122
{ (TURN_USERDB_TYPE)0, {"\0",NULL}, {0,NULL,NULL, {NULL,0}} }
99
123
100
124
};
101
125
386
410
" -V, --Verbose Extra verbose mode, very annoying (for debug purposes only).\n"
387
411
" -o, --daemon Start process as daemon (detach from current shell).\n"
388
412
" -f, --fingerprint Use fingerprints in the TURN messages.\n"
389
" -a, --lt-cred-mech Use the long-term credential mechanism. This option can be used with either\n"
390
" flat file user database or PostgreSQL DB or MySQL DB for user keys storage.\n"
391
" -A, --st-cred-mech Use the short-term credential mechanism. This option requires\n"
392
" a PostgreSQL or MySQL DB for short term passwords storage.\n"
413
" -a, --lt-cred-mech Use the long-term credential mechanism.\n"
414
" -A, --st-cred-mech Use the short-term credential mechanism.\n"
393
415
" -z, --no-auth Do not use any credential mechanism, allow anonymous access.\n"
394
416
" -u, --user <user:pwd> User account, in form 'username:password', for long-term credentials.\n"
395
417
" Cannot be used with TURN REST API or with short-term credentials.\n"
396
418
" -r, --realm <realm> The default realm to be used for the users when no explicit\n"
397
" origin/realm relationship was found in the database, or if the TURN\n"
398
" server is not using any database (just the commands-line settings\n"
399
" and the userdb file). Must be used with long-term credentials \n"
419
" origin/realm relationship was found in the database.\n"
420
" Must be used with long-term credentials \n"
400
421
" mechanism or with TURN REST API.\n"
401
422
" --check-origin-consistency The flag that sets the origin consistency check:\n"
402
423
" across the session, all requests must have the same\n"
415
436
" Total bytes-per-second bandwidth the TURN server is allowed to allocate\n"
416
437
" for the sessions, combined (input and output network streams are treated separately).\n"
417
438
" -c <filename> Configuration file name (default - turnserver.conf).\n"
418
" -b, --userdb <filename> User database file name (default - turnuserdb.conf) for long-term credentials only.\n"
439
#if !defined(TURN_NO_SQLITE)
440
" -b, , --db, --userdb <filename> SQLite database file name; default - /var/db/turndb or\n"
441
" /usr/local/var/db/turndb.\n"
442
#endif
419
443
#if !defined(TURN_NO_PQ)
420
444
" -e, --psql-userdb, --sql-userdb <conn-string> PostgreSQL database connection string, if used (default - empty, no PostreSQL DB used).\n"
421
445
" This database can be used for long-term and short-term credentials mechanisms,\n"
569
593
"\n";
570
594
571
595
static char AdminUsage[] = "Usage: turnadmin [command] [options]\n"
572
"Commands:\n"
596
"\nCommands:\n\n"
573
597
" -k, --key generate long-term credential mechanism key for a user\n"
574
598
" -a, --add add/update a long-term mechanism user\n"
575
599
" -A, --add-st add/update a short-term mechanism user\n"
577
601
" -D, --delete-st delete a short-term mechanism user\n"
578
602
" -l, --list list all long-term mechanism users\n"
579
603
" -L, --list-st list all short-term mechanism users\n"
580
#if !defined(TURN_NO_PQ) || !defined(TURN_NO_MYSQL) || !defined(TURN_NO_MONGO) || !defined(TURN_NO_HIREDIS)
581
604
" -s, --set-secret=<value> Add shared secret for TURN RESP API\n"
582
605
" -S, --show-secret Show stored shared secrets for TURN REST API\n"
583
606
" -X, --delete-secret=<value> Delete a shared secret\n"
587
610
" -I, --list-origins List origin-to-realm relations.\n"
588
611
" -g, --set-realm-option Set realm params: max-bps, total-quota, user-quota.\n"
589
612
" -G, --list-realm-options List realm params.\n"
613
"\nOptions with mandatory values:\n\n"
614
#if !defined(TURN_NO_SQLITE)
615
" -b, --db, --userdb SQLite database file, default value is /var/db/turndb or\n"
616
" /usr/local/var/db/turndb.\n"
590
617
#endif
591
"Options with mandatory values:\n"
592
" -b, --userdb User database file, if flat DB file is used.\n"
593
618
#if !defined(TURN_NO_PQ)
594
619
" -e, --psql-userdb, --sql-userdb PostgreSQL user database connection string, if PostgreSQL DB is used.\n"
595
620
#endif
605
630
" -u, --user Username\n"
606
631
" -r, --realm Realm for long-term mechanism only\n"
607
632
" -p, --password Password\n"
608
#if !defined(TURN_NO_PQ) || !defined(TURN_NO_MYSQL) || !defined(TURN_NO_MONGO) || !defined(TURN_NO_HIREDIS)
633
#if !defined(TURN_NO_SQLITE) || !defined(TURN_NO_PQ) || !defined(TURN_NO_MYSQL) || !defined(TURN_NO_MONGO) || !defined(TURN_NO_HIREDIS)
609
634
" -o, --origin Origin\n"
610
635
#endif
611
636
" -H, --sha256 Use SHA256 digest function to be used for the message integrity.\n"
719
744
{ "st-cred-mech", optional_argument, NULL, 'A' },
720
745
{ "no-auth", optional_argument, NULL, 'z' },
721
746
{ "user", required_argument, NULL, 'u' },
747
#if !defined(TURN_NO_SQLITE)
722
748
{ "userdb", required_argument, NULL, 'b' },
749
{ "db", required_argument, NULL, 'b' },
750
#endif
723
751
#if !defined(TURN_NO_PQ)
724
752
{ "psql-userdb", required_argument, NULL, 'e' },
725
753
{ "sql-userdb", required_argument, NULL, 'e' },
808
836
{ "delete", no_argument, NULL, 'd' },
809
837
{ "list", no_argument, NULL, 'l' },
810
838
{ "list-st", no_argument, NULL, 'L' },
811
#if !defined(TURN_NO_PQ) || !defined(TURN_NO_MYSQL) || !defined(TURN_NO_MONGO) || !defined(TURN_NO_HIREDIS)
812
839
{ "set-secret", required_argument, NULL, 's' },
813
840
{ "show-secret", no_argument, NULL, 'S' },
814
841
{ "delete-secret", required_argument, NULL, 'X' },
815
842
{ "delete-all-secrets", no_argument, NULL, DEL_ALL_AUTH_SECRETS_OPT },
816
#endif
817
843
{ "add-st", no_argument, NULL, 'A' },
818
844
{ "delete-st", no_argument, NULL, 'D' },
845
#if !defined(TURN_NO_SQLITE)
819
846
{ "userdb", required_argument, NULL, 'b' },
847
{ "db", required_argument, NULL, 'b' },
848
#endif
820
849
#if !defined(TURN_NO_PQ)
821
850
{ "psql-userdb", required_argument, NULL, 'e' },
822
851
{ "sql-userdb", required_argument, NULL, 'e' },
834
863
{ "realm", required_argument, NULL, 'r' },
835
864
{ "password", required_argument, NULL, 'p' },
836
865
{ "sha256", no_argument, NULL, 'H' },
837
#if !defined(TURN_NO_PQ) || !defined(TURN_NO_MYSQL) || !defined(TURN_NO_MONGO) || !defined(TURN_NO_HIREDIS)
838
866
{ "add-origin", no_argument, NULL, 'O' },
839
867
{ "del-origin", no_argument, NULL, 'R' },
840
868
{ "list-origins", required_argument, NULL, 'I' },
844
872
{ "user-quota", required_argument, NULL, ADMIN_USER_QUOTA_OPT },
845
873
{ "total-quota", required_argument, NULL, ADMIN_TOTAL_QUOTA_OPT },
846
874
{ "max-bps", required_argument, NULL, ADMIN_MAX_BPS_OPT },
847
#endif
848
875
{ "help", no_argument, NULL, 'h' },
849
876
{ NULL, no_argument, NULL, 0 }
850
877
};
1111
1138
case 'u':
1112
1139
add_user_account(value,0);
1113
1140
break;
1141
#if !defined(TURN_NO_SQLITE)
1114
1142
case 'b':
1115
1143
STRCPY(turn_params.default_users_db.persistent_users_db.userdb, value);
1116
turn_params.default_users_db.userdb_type = TURN_USERDB_TYPE_FILE;
1144
turn_params.default_users_db.userdb_type = TURN_USERDB_TYPE_SQLITE;
1117
1145
break;
1146
#endif
1118
1147
#if !defined(TURN_NO_PQ)
1119
1148
case 'e':
1120
1149
STRCPY(turn_params.default_users_db.persistent_users_db.userdb, value);
1461
1490
ct = TA_LIST_USERS;
1462
1491
is_st = 1;
1463
1492
break;
1464
#if !defined(TURN_NO_PQ) || !defined(TURN_NO_MYSQL) || !defined(TURN_NO_MONGO) || !defined(TURN_NO_HIREDIS)
1465
1493
case 's':
1466
1494
ct = TA_SET_SECRET;
1467
1495
STRCPY(secret,optarg);
1477
1505
case DEL_ALL_AUTH_SECRETS_OPT:
1478
1506
ct = TA_DEL_SECRET;
1479
1507
break;
1480
#endif
1508
#if !defined(TURN_NO_SQLITE)
1481
1509
case 'b':
1482
1510
STRCPY(turn_params.default_users_db.persistent_users_db.userdb,optarg);
1483
turn_params.default_users_db.userdb_type = TURN_USERDB_TYPE_FILE;
1511
turn_params.default_users_db.userdb_type = TURN_USERDB_TYPE_SQLITE;
1484
1512
break;
1513
#endif
1485
1514
#if !defined(TURN_NO_PQ)
1486
1515
case 'e':
1487
1516
STRCPY(turn_params.default_users_db.persistent_users_db.userdb,optarg);
1544
1573
}
1545
1574
}
1546
1575
1547
if(is_st && (turn_params.default_users_db.userdb_type == TURN_USERDB_TYPE_FILE)) {
1548
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "ERROR: you have to use a PostgreSQL or MySQL database with short-term credentials\n");
1549
exit(-1);
1550
}
1551
1552
if(!strlen(turn_params.default_users_db.persistent_users_db.userdb) && (turn_params.default_users_db.userdb_type == TURN_USERDB_TYPE_FILE))
1576
#if !defined(TURN_NO_SQLITE)
1577
if(!strlen(turn_params.default_users_db.persistent_users_db.userdb) && (turn_params.default_users_db.userdb_type == TURN_USERDB_TYPE_SQLITE))
1553
1578
STRCPY(turn_params.default_users_db.persistent_users_db.userdb,DEFAULT_USERDB_FILE);
1579
#endif
1554
1580
1555
1581
if(ct == TA_COMMAND_UNKNOWN) {
1556
1582
fprintf(stderr,"\n%s\n", AdminUsage);
1601
1627
TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "AEAD supported\n");
1602
1628
#endif
1603
1629
1630
#if !defined(TURN_NO_SQLITE)
1631
TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "SQLite supported, default database location is %s\n",DEFAULT_USERDB_FILE);
1632
#else
1633
TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "SQLite is not supported\n");
1634
#endif
1635
1604
1636
#if !defined(TURN_NO_HIREDIS)
1605
1637
TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "Redis supported\n");
1606
1638
#else
1851
1883
TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "\nCONFIG: WARNING: --server-relay: NON-STANDARD AND DANGEROUS OPTION.\n");
1852
1884
}
1853
1885
1854
if(!strlen(turn_params.default_users_db.persistent_users_db.userdb) && (turn_params.default_users_db.userdb_type == TURN_USERDB_TYPE_FILE))
1886
#if !defined(TURN_NO_SQLITE)
1887
if(!strlen(turn_params.default_users_db.persistent_users_db.userdb) && (turn_params.default_users_db.userdb_type == TURN_USERDB_TYPE_SQLITE))
1855
1888
STRCPY(turn_params.default_users_db.persistent_users_db.userdb,DEFAULT_USERDB_FILE);
1889
#endif
1856
1890
1857
read_userdb_file(0);
1858
1891
update_white_and_black_lists();
1859
1892
1860
1893
argc -= optind;
1891
1924
}
1892
1925
1893
1926
if(use_lt_credentials) {
1894
if(!turn_params.default_users_db.ram_db.users_number && (turn_params.default_users_db.userdb_type == TURN_USERDB_TYPE_FILE) && !turn_params.use_auth_secret_with_timestamp) {
1895
TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "\nCONFIGURATION ALERT: you did not specify any user account, (-u option) \n but you did specified a long-term credentials mechanism option (-a option).\n The TURN Server will be inaccessible.\n Check your configuration.\n");
1896
} else if(!get_realm(NULL)->options.name[0]) {
1927
if(!get_realm(NULL)->options.name[0]) {
1897
1928
TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "\nCONFIGURATION ALERT: you did specify the long-term credentials usage\n but you did not specify the default realm option (-r option).\n Check your configuration.\n");
1898
1929
}
1899
1930
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.1