int nr_stun_process_response(nr_stun_message *req, nr_stun_message *res, Data *password) { int _status; nr_stun_message_attribute *attr; /* draft-ietf-behave-rfc3489bis-07.txt S 10.1.3 */ if (res->header.magic_cookie != req->header.magic_cookie) { r_log(NR_LOG_STUN, LOG_DEBUG, "Rejecting message: Invalid Cookie"); ABORT(R_REJECTED); } if (memcmp(&res->header.id, &req->header.id, sizeof(res->header.id))) { r_log(NR_LOG_STUN, LOG_DEBUG, "Rejecting message: Unrecognized Transaction"); ABORT(R_REJECTED); } if (res->header.magic_cookie == NR_STUN_MAGIC_COOKIE && NR_STUN_GET_TYPE_CLASS(res->header.type) == NR_CLASS_RESPONSE) { if (!nr_stun_message_has_attribute(res, NR_STUN_ATTR_FINGERPRINT, &attr)) { r_log(NR_LOG_STUN, LOG_DEBUG, "Rejecting message: Missing Fingerprint"); ABORT(R_REJECTED); } if (! attr->u.fingerprint.valid) { r_log(NR_LOG_STUN, LOG_DEBUG, "Rejecting message: Invalid Fingerprint"); ABORT(R_REJECTED); } } if (NR_STUN_GET_TYPE_CLASS(res->header.type) != NR_CLASS_ERROR_RESPONSE) { if (password != 0 && nr_stun_message_has_attribute(res, NR_STUN_ATTR_MESSAGE_INTEGRITY, &attr) && !attr->u.message_integrity.valid) { r_log(NR_LOG_STUN, LOG_DEBUG, "Rejecting message: Bad MessageIntegrity"); ABORT(R_REJECTED); } } _status=0; abort: if (_status) { r_log(NR_LOG_STUN, LOG_INFO, "Response failure"); } else { r_log(NR_LOG_STUN, LOG_DEBUG, "Response accepted"); } return _status; }
int nr_stun_build_req_stund_0_96(nr_stun_client_stun_binding_request_stund_0_96_params *params, nr_stun_message **msg) { int r,_status; nr_stun_message *req = 0; if ((r=nr_stun_form_request_or_indication(NR_STUN_MODE_STUND_0_96, NR_STUN_MSG_BINDING_REQUEST, &req))) ABORT(r); if ((r=nr_stun_message_add_change_request_attribute(req, 0))) ABORT(r); assert(! nr_stun_message_has_attribute(req, NR_STUN_ATTR_USERNAME, 0)); assert(! nr_stun_message_has_attribute(req, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)); *msg = req; _status=0; abort: if (_status) nr_stun_message_destroy(&req); return _status; }
int nr_stun_client_restart(nr_stun_client_ctx *ctx) { int r,_status; int mode; NR_async_cb finished_cb; void *cb_arg; nr_stun_message_attribute *ec; nr_stun_message_attribute *as; if (ctx->state != NR_STUN_CLIENT_STATE_RUNNING) ABORT(R_NOT_PERMITTED); assert(ctx->retry_ct <= 2); if (ctx->retry_ct > 2) ABORT(R_NOT_PERMITTED); ++ctx->retry_ct; mode = ctx->mode; finished_cb = ctx->finished_cb; cb_arg = ctx->cb_arg; if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_ERROR_CODE, &ec) && ec->u.error_code.number == 300) { if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_ALTERNATE_SERVER, &as)) { nr_transport_addr_copy(&ctx->peer_addr, &as->u.alternate_server); } } nr_stun_client_reset(ctx); if (r=nr_stun_client_start(ctx, mode, finished_cb, cb_arg)) ABORT(r); _status=0; abort: return(_status); }
static void nr_ice_candidate_pair_stun_cb(NR_SOCKET s, int how, void *cb_arg) { int r,_status; nr_ice_cand_pair *pair=cb_arg,*orig_pair; nr_ice_candidate *cand=0; nr_stun_message *sres; nr_transport_addr *request_src; nr_transport_addr *request_dst; nr_transport_addr *response_src; nr_transport_addr response_dst; nr_stun_message_attribute *attr; pair->stun_cb_timer=0; r_log(LOG_ICE,LOG_DEBUG,"ICE-PEER(%s)/STREAM(%s)/CAND-PAIR(%s): STUN cb on pair addr = %s", pair->pctx->label,pair->local->stream->label,pair->codeword,pair->as_string); /* This ordinarily shouldn't happen, but can if we're doing the second check to confirm nomination. Just bail out */ if(pair->state==NR_ICE_PAIR_STATE_SUCCEEDED) goto done; switch(pair->stun_client->state){ case NR_STUN_CLIENT_STATE_FAILED: sres=pair->stun_client->response; if(sres && nr_stun_message_has_attribute(sres,NR_STUN_ATTR_ERROR_CODE,&attr)&&attr->u.error_code.number==487){ /* * Flip the controlling bit; subsequent 487s for other pairs will be * ignored, since we abandon their STUN transactions. */ nr_ice_peer_ctx_switch_controlling_role(pair->pctx); return; } /* Fall through */ case NR_STUN_CLIENT_STATE_TIMED_OUT: nr_ice_candidate_pair_set_state(pair->pctx,pair,NR_ICE_PAIR_STATE_FAILED); break; case NR_STUN_CLIENT_STATE_DONE: /* make sure the addresses match up S 7.1.2.2 */ response_src=&pair->stun_client->peer_addr; request_dst=&pair->remote->addr; if (nr_transport_addr_cmp(response_src,request_dst,NR_TRANSPORT_ADDR_CMP_MODE_ALL)){ r_log(LOG_ICE,LOG_WARNING,"ICE-PEER(%s)/CAND-PAIR(%s): Peer address mismatch %s != %s",pair->pctx->label,pair->codeword,response_src->as_string,request_dst->as_string); nr_ice_candidate_pair_set_state(pair->pctx,pair,NR_ICE_PAIR_STATE_FAILED); break; } request_src=&pair->stun_client->my_addr; nr_socket_getaddr(pair->local->osock,&response_dst); if (nr_transport_addr_cmp(request_src,&response_dst,NR_TRANSPORT_ADDR_CMP_MODE_ALL)){ r_log(LOG_ICE,LOG_WARNING,"ICE-PEER(%s)/CAND-PAIR(%s): Local address mismatch %s != %s",pair->pctx->label,pair->codeword,request_src->as_string,response_dst.as_string); nr_ice_candidate_pair_set_state(pair->pctx,pair,NR_ICE_PAIR_STATE_FAILED); break; } if(strlen(pair->stun_client->results.ice_binding_response.mapped_addr.as_string)==0){ /* we're using the mapped_addr returned by the server to lookup our * candidate, but if the server fails to do that we can't perform * the lookup -- this may be a BUG because if we've gotten here * then the transaction ID check succeeded, and perhaps we should * just assume that it's the server we're talking to and that our * peer is ok, but I'm not sure how that'll interact with the * peer reflexive logic below */ r_log(LOG_ICE,LOG_WARNING,"ICE-PEER(%s)/CAND-PAIR(%s): server failed to return mapped address on pair %s", pair->pctx->label,pair->codeword,pair->as_string); nr_ice_candidate_pair_set_state(pair->pctx,pair,NR_ICE_PAIR_STATE_FAILED); break; } else if(!nr_transport_addr_cmp(&pair->local->addr,&pair->stun_client->results.ice_binding_response.mapped_addr,NR_TRANSPORT_ADDR_CMP_MODE_ALL)){ nr_ice_candidate_pair_set_state(pair->pctx,pair,NR_ICE_PAIR_STATE_SUCCEEDED); } else{ /* OK, this didn't correspond to a pair on the check list, but it probably matches one of our candidates */ cand=TAILQ_FIRST(&pair->local->component->candidates); while(cand){ if(!nr_transport_addr_cmp(&cand->addr,&pair->stun_client->results.ice_binding_response.mapped_addr,NR_TRANSPORT_ADDR_CMP_MODE_ALL)) break; cand=TAILQ_NEXT(cand,entry_comp); } /* OK, nothing found, must be peer reflexive */ if(!cand){ if(r=nr_ice_candidate_create(pair->pctx->ctx, pair->local->component,pair->local->isock,pair->local->osock, PEER_REFLEXIVE,0,pair->local->component->component_id,&cand)) ABORT(r); if(r=nr_transport_addr_copy(&cand->addr,&pair->stun_client->results.ice_binding_response.mapped_addr)) ABORT(r); cand->state=NR_ICE_CAND_STATE_INITIALIZED; TAILQ_INSERT_TAIL(&pair->local->component->candidates,cand,entry_comp); } /* Note: we stomp the existing pair! */ orig_pair=pair; if(r=nr_ice_candidate_pair_create(pair->pctx,cand,pair->remote, &pair)) ABORT(r); nr_ice_candidate_pair_set_state(pair->pctx,pair,NR_ICE_PAIR_STATE_SUCCEEDED); if(r=nr_ice_component_insert_pair(pair->remote->component,pair)) ABORT(r); /* If the original pair was nominated, make us nominated, since we replace him*/ if(orig_pair->peer_nominated) pair->peer_nominated=1; /* Now mark the orig pair failed */ nr_ice_candidate_pair_set_state(orig_pair->pctx,orig_pair,NR_ICE_PAIR_STATE_FAILED); } /* Should we set nominated? */ if(pair->pctx->controlling){ if(pair->pctx->ctx->flags & NR_ICE_CTX_FLAGS_AGGRESSIVE_NOMINATION) pair->nominated=1; } else{ if(pair->peer_nominated) pair->nominated=1; } /* increment the number of valid pairs in the component */ /* We don't bother to maintain a separate valid list */ pair->remote->component->valid_pairs++; /* S 7.1.2.2: unfreeze other pairs with the same foundation*/ if(r=nr_ice_media_stream_unfreeze_pairs_foundation(pair->remote->stream,pair->foundation)) ABORT(r); /* Deal with this pair being nominated */ if(pair->nominated){ if(r=nr_ice_component_nominated_pair(pair->remote->component, pair)) ABORT(r); } break; default: ABORT(R_INTERNAL); } /* If we're controlling but in regular mode, ask the handler if he wants to nominate something and stop... */ if(pair->pctx->controlling && !(pair->pctx->ctx->flags & NR_ICE_CTX_FLAGS_AGGRESSIVE_NOMINATION)){ if(r=nr_ice_component_select_pair(pair->pctx,pair->remote->component)){ if(r!=R_NOT_FOUND) ABORT(r); } } done: _status=0; abort: return; }
int nr_stun_request( StunAddress4* dest, int testNum, StunAddress4* sAddr ) { int r,_status; Data password2; int port; UINT4 interfaceIp=0; nr_stun_message *resp; Socket myFd; StunAtrString username; StunAtrString password; char msg[NR_STUN_MAX_MESSAGE_SIZE]; int msgLen = NR_STUN_MAX_MESSAGE_SIZE; StunAddress4 from; nr_stun_message_attribute *attr; assert( dest->addr != 0 ); assert( dest->port != 0 ); if ((r=nr_stun_randomPort(&port))) ABORT(r); if (sAddr) { interfaceIp = sAddr->addr; if ( sAddr->port != 0 ) { port = sAddr->port; } } myFd = openPort(port,interfaceIp); assert(myFd != -1); strcpy(username.value,"hello"); strcpy(password.value,"hello"); username.sizeValue=5; password.sizeValue=5; nr_stun_send_test( myFd, dest, &username, &password, testNum); getMessage( myFd, msg, &msgLen, &from.addr, &from.port); r_log(NR_LOG_STUN, LOG_DEBUG, "Got a response"); if ((r=nr_stun_message_create2(&resp, (UCHAR*)msg, msgLen))) ABORT(r); password2.data = (UCHAR*)password.value; password2.len = password.sizeValue; if ((r=nr_stun_decode_message(resp, returnpassword, &password2))) { r_log(NR_LOG_STUN, LOG_DEBUG, "Failed to parse message"); ABORT(r); } if (nr_stun_message_has_attribute(resp, NR_STUN_ATTR_ERROR_CODE, &attr)) { r_log(NR_LOG_STUN, LOG_DEBUG, "Received error response"); if (attr->u.error_code.number == 300) { if (!nr_stun_message_has_attribute(resp, NR_STUN_ATTR_ALTERNATE_SERVER, &attr)) { r_log(NR_LOG_STUN, LOG_DEBUG, "Missing Alternate Server"); ABORT(R_FAILED); } dest->addr = ntohl(attr->u.alternate_server.u.addr4.sin_addr.s_addr); dest->port = ntohs(attr->u.alternate_server.u.addr4.sin_port); if ((r=nr_stun_request(dest, testNum, sAddr))) ABORT(r); return 0; } } if ((r=nr_stun_process_response(resp, resp, &password2))) { r_log(NR_LOG_STUN, LOG_DEBUG, "Failed to process message"); ABORT(r); } if (nr_stun_message_has_attribute(resp, NR_STUN_ATTR_FINGERPRINT, &attr)) { r_log(NR_LOG_STUN, LOG_DEBUG, "Validating Fingerprint"); if (!attr->u.fingerprint.valid) { r_log(NR_LOG_STUN, LOG_WARNING, "Fingerprint is bad"); ABORT(R_FAILED); } } else if (resp->header.magic_cookie != MAGIC_COOKIE && resp->header.magic_cookie != MAGIC_COOKIE2) { r_log(NR_LOG_STUN, LOG_WARNING, "Missing Magic Cookie"); ABORT(R_FAILED); } if (1) { if (nr_stun_message_has_attribute(resp, NR_STUN_ATTR_MAPPED_ADDRESS, &attr)) { r_log(NR_LOG_STUN, LOG_DEBUG, " MappedAddr=%s", attr->u.mapped_address.as_string); } if (nr_stun_message_has_attribute(resp, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, &attr)) { r_log(NR_LOG_STUN, LOG_DEBUG, " XorMappedAddr=%s", attr->u.xor_mapped_address.unmasked.as_string); } } _status=0; abort: return _status; }
int nr_stun_client_process_response(nr_stun_client_ctx *ctx, UCHAR *msg, int len, nr_transport_addr *peer_addr) { int r,_status; char string[256]; char *username = 0; Data *password = 0; nr_stun_message_attribute *attr; nr_transport_addr *mapped_addr = 0; int fail_on_error = 0; UCHAR hmac_key_d[16]; Data hmac_key; int compute_lt_key=0; /* TODO([email protected]): Bug 1023619, refactor this. */ int response_matched=0; ATTACH_DATA(hmac_key, hmac_key_d); if ((ctx->state != NR_STUN_CLIENT_STATE_RUNNING) && (ctx->state != NR_STUN_CLIENT_STATE_WAITING)) ABORT(R_REJECTED); r_log(NR_LOG_STUN,LOG_DEBUG,"STUN-CLIENT(%s): Inspecting STUN response (my_addr=%s, peer_addr=%s)",ctx->label,ctx->my_addr.as_string,peer_addr->as_string); snprintf(string, sizeof(string)-1, "STUN-CLIENT(%s): Received ", ctx->label); r_dump(NR_LOG_STUN, LOG_DEBUG, string, (char*)msg, len); /* determine password */ switch (ctx->mode) { case NR_STUN_CLIENT_MODE_BINDING_REQUEST_LONG_TERM_AUTH: compute_lt_key = 1; /* Fall through */ case NR_STUN_CLIENT_MODE_BINDING_REQUEST_SHORT_TERM_AUTH: password = ctx->params.stun_binding_request.password; break; case NR_STUN_CLIENT_MODE_BINDING_REQUEST_NO_AUTH: /* do nothing */ break; case NR_STUN_CLIENT_MODE_BINDING_REQUEST_STUND_0_96: /* do nothing */ break; #ifdef USE_ICE case NR_ICE_CLIENT_MODE_BINDING_REQUEST: password = &ctx->params.ice_binding_request.password; break; case NR_ICE_CLIENT_MODE_USE_CANDIDATE: password = &ctx->params.ice_binding_request.password; break; #endif /* USE_ICE */ #ifdef USE_TURN case NR_TURN_CLIENT_MODE_ALLOCATE_REQUEST: fail_on_error = 1; compute_lt_key = 1; username = ctx->auth_params.username; password = &ctx->auth_params.password; /* do nothing */ break; case NR_TURN_CLIENT_MODE_REFRESH_REQUEST: fail_on_error = 1; compute_lt_key = 1; username = ctx->auth_params.username; password = &ctx->auth_params.password; /* do nothing */ break; case NR_TURN_CLIENT_MODE_PERMISSION_REQUEST: fail_on_error = 1; compute_lt_key = 1; username = ctx->auth_params.username; password = &ctx->auth_params.password; /* do nothing */ break; case NR_TURN_CLIENT_MODE_SEND_INDICATION: /* do nothing -- we just got our DATA-INDICATION */ break; #endif /* USE_TURN */ default: assert(0); ABORT(R_FAILED); break; } if (compute_lt_key) { if (!ctx->realm || !username) { r_log(NR_LOG_STUN, LOG_DEBUG, "Long-term auth required but no realm/username specified. Randomizing key"); /* Fill the key with random bytes to guarantee non-match */ if (r=nr_crypto_random_bytes(hmac_key_d, sizeof(hmac_key_d))) ABORT(r); } else { if (r=nr_stun_compute_lt_message_integrity_password(username, ctx->realm, password, &hmac_key)) ABORT(r); } password = &hmac_key; } if (ctx->response) { nr_stun_message_destroy(&ctx->response); } /* TODO([email protected]): Bug 1023619, refactor this. */ if ((r=nr_stun_message_create2(&ctx->response, msg, len))) ABORT(r); if ((r=nr_stun_decode_message(ctx->response, nr_stun_client_get_password, password))) { r_log(NR_LOG_STUN,LOG_WARNING,"STUN-CLIENT(%s): error decoding response",ctx->label); ABORT(r); } /* This will return an error if request and response don't match, which is how we reject responses that match other contexts. */ if ((r=nr_stun_receive_message(ctx->request, ctx->response))) { r_log(NR_LOG_STUN,LOG_DEBUG,"STUN-CLIENT(%s): Response is not for us",ctx->label); ABORT(r); } r_log(NR_LOG_STUN,LOG_INFO, "STUN-CLIENT(%s): Received response; processing",ctx->label); response_matched=1; /* TODO: !nn! currently using password!=0 to mean that auth is required, * TODO: !nn! but we should probably pass that in explicitly via the * TODO: !nn! usage (ctx->mode?) */ if (password) { if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_NONCE, 0)) { if ((r=nr_stun_receive_response_long_term_auth(ctx->response, ctx))) ABORT(r); } else { if ((r=nr_stun_receive_response_short_term_auth(ctx->response))) ABORT(r); } } if (NR_STUN_GET_TYPE_CLASS(ctx->response->header.type) == NR_CLASS_RESPONSE) { if ((r=nr_stun_process_success_response(ctx->response))) ABORT(r); } else { if (fail_on_error) { ctx->state = NR_STUN_CLIENT_STATE_FAILED; } /* Note: most times we call process_error_response, we get r != 0. However, if the error is to be discarded, we get r == 0, smash the error code, and just keep going. */ if ((r=nr_stun_process_error_response(ctx->response, &ctx->error_code))) { ABORT(r); } else { ctx->error_code = 0xffff; /* drop the error on the floor */ ABORT(R_FAILED); } } r_log(NR_LOG_STUN,LOG_DEBUG,"STUN-CLIENT(%s): Successfully parsed mode=%d",ctx->label,ctx->mode); /* TODO: !nn! this should be moved to individual message receive/processing sections */ switch (ctx->mode) { case NR_STUN_CLIENT_MODE_BINDING_REQUEST_LONG_TERM_AUTH: case NR_STUN_CLIENT_MODE_BINDING_REQUEST_SHORT_TERM_AUTH: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response.mapped_addr; break; case NR_STUN_CLIENT_MODE_BINDING_REQUEST_NO_AUTH: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) { if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MAPPED_ADDRESS, 0)) { /* Compensate for a bug in Google's STUN servers where they always respond with MAPPED-ADDRESS */ r_log(NR_LOG_STUN,LOG_INFO,"STUN-CLIENT(%s): No XOR-MAPPED-ADDRESS but MAPPED-ADDRESS. Falling back (though server is wrong).", ctx->label); } else { ABORT(R_BAD_DATA); } } mapped_addr = &ctx->results.stun_binding_response.mapped_addr; break; case NR_STUN_CLIENT_MODE_BINDING_REQUEST_STUND_0_96: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MAPPED_ADDRESS, 0) && ! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response_stund_0_96.mapped_addr; break; #ifdef USE_ICE case NR_ICE_CLIENT_MODE_BINDING_REQUEST: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response.mapped_addr; break; case NR_ICE_CLIENT_MODE_USE_CANDIDATE: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response.mapped_addr; break; #endif /* USE_ICE */ #ifdef USE_TURN case NR_TURN_CLIENT_MODE_ALLOCATE_REQUEST: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); if (!nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_RELAY_ADDRESS, &attr)) ABORT(R_BAD_DATA); if ((r=nr_stun_transport_addr_check(&attr->u.relay_address.unmasked, ctx->mapped_addr_check_mask))) ABORT(r); if ((r=nr_transport_addr_copy( &ctx->results.allocate_response.relay_addr, &attr->u.relay_address.unmasked))) ABORT(r); if (!nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_LIFETIME, &attr)) ABORT(R_BAD_DATA); ctx->results.allocate_response.lifetime_secs=attr->u.lifetime_secs; r_log(NR_LOG_STUN,LOG_DEBUG,"STUN-CLIENT(%s): Received relay address: %s", ctx->label, ctx->results.allocate_response.relay_addr.as_string); mapped_addr = &ctx->results.allocate_response.mapped_addr; break; case NR_TURN_CLIENT_MODE_REFRESH_REQUEST: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); if (!nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_LIFETIME, &attr)) ABORT(R_BAD_DATA); ctx->results.refresh_response.lifetime_secs=attr->u.lifetime_secs; break; case NR_TURN_CLIENT_MODE_PERMISSION_REQUEST: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); break; #endif /* USE_TURN */ default: assert(0); ABORT(R_FAILED); break; } /* make sure we have the most up-to-date address from this peer */ if (nr_transport_addr_cmp(&ctx->peer_addr, peer_addr, NR_TRANSPORT_ADDR_CMP_MODE_ALL)) { r_log(NR_LOG_STUN,LOG_INFO,"STUN-CLIENT(%s): Peer moved from %s to %s", ctx->label, ctx->peer_addr.as_string, peer_addr->as_string); nr_transport_addr_copy(&ctx->peer_addr, peer_addr); } if (mapped_addr) { if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, &attr)) { if ((r=nr_stun_transport_addr_check(&attr->u.xor_mapped_address.unmasked, ctx->mapped_addr_check_mask))) ABORT(r); if ((r=nr_transport_addr_copy(mapped_addr, &attr->u.xor_mapped_address.unmasked))) ABORT(r); } else if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MAPPED_ADDRESS, &attr)) { if ((r=nr_stun_transport_addr_check(&attr->u.mapped_address, ctx->mapped_addr_check_mask))) ABORT(r); if ((r=nr_transport_addr_copy(mapped_addr, &attr->u.mapped_address))) ABORT(r); } else ABORT(R_BAD_DATA); // STUN doesn't distinguish protocol in mapped address, therefore // assign used protocol from peer_addr if (mapped_addr->protocol!=peer_addr->protocol){ mapped_addr->protocol=peer_addr->protocol; nr_transport_addr_fmt_addr_string(mapped_addr); } r_log(NR_LOG_STUN,LOG_DEBUG,"STUN-CLIENT(%s): Received mapped address: %s", ctx->label, mapped_addr->as_string); } ctx->state=NR_STUN_CLIENT_STATE_DONE; _status=0; abort: if(_status && response_matched){ r_log(NR_LOG_STUN,LOG_WARNING,"STUN-CLIENT(%s): Error processing response: %s, stun error code %d.", ctx->label, nr_strerror(_status), (int)ctx->error_code); } if ((ctx->state != NR_STUN_CLIENT_STATE_RUNNING) && (ctx->state != NR_STUN_CLIENT_STATE_WAITING)) { /* Cancel the timer firing */ if (ctx->timer_handle) { NR_async_timer_cancel(ctx->timer_handle); ctx->timer_handle = 0; } nr_stun_client_fire_finished_cb(ctx); } return(_status); }
int nr_turn_client_parse_data_indication(nr_turn_client_ctx *ctx, nr_transport_addr *source_addr, UCHAR *msg, size_t len, UCHAR *newmsg, size_t *newlen, size_t newsize, nr_transport_addr *remote_addr) { int r,_status; nr_stun_message *ind=0; nr_stun_message_attribute *attr; nr_turn_permission *perm; if (nr_transport_addr_cmp(&ctx->turn_server_addr, source_addr, NR_TRANSPORT_ADDR_CMP_MODE_ALL)) { r_log(NR_LOG_TURN, LOG_WARNING, "TURN(%s): Indication from unexpected source addr %s (expected %s)", ctx->label, source_addr->as_string, ctx->turn_server_addr.as_string); ABORT(R_REJECTED); } if ((r=nr_stun_message_create2(&ind, msg, len))) ABORT(r); if ((r=nr_stun_decode_message(ind, 0, 0))) ABORT(r); if (ind->header.type != NR_STUN_MSG_DATA_INDICATION) ABORT(R_BAD_ARGS); if (!nr_stun_message_has_attribute(ind, NR_STUN_ATTR_XOR_PEER_ADDRESS, &attr)) ABORT(R_BAD_ARGS); if ((r=nr_turn_permission_find(ctx, &attr->u.xor_mapped_address.unmasked, &perm))) { if (r == R_NOT_FOUND) { r_log(NR_LOG_TURN, LOG_WARNING, "TURN(%s): Indication from peer addr %s with no permission", ctx->label, attr->u.xor_mapped_address.unmasked.as_string); } ABORT(r); } if ((r=nr_transport_addr_copy(remote_addr, &attr->u.xor_mapped_address.unmasked))) ABORT(r); #if REFRESH_RESERVATION_ON_RECV if ((r=nr_turn_client_ensure_perm(ctx, remote_addr))) { ABORT(r); } #endif if (!nr_stun_message_has_attribute(ind, NR_STUN_ATTR_DATA, &attr)) { ABORT(R_BAD_DATA); } assert(newsize >= attr->u.data.length); if (newsize < attr->u.data.length) ABORT(R_BAD_ARGS); memcpy(newmsg, attr->u.data.data, attr->u.data.length); *newlen = attr->u.data.length; _status=0; abort: nr_stun_message_destroy(&ind); return(_status); }
int nr_stun_client_process_response(nr_stun_client_ctx *ctx, UCHAR *msg, int len, nr_transport_addr *peer_addr) { int r,_status; char string[256]; Data *password = 0; nr_stun_message_attribute *attr; nr_transport_addr *mapped_addr = 0; if(ctx->state==NR_STUN_CLIENT_STATE_CANCELLED) ABORT(R_REJECTED); if (ctx->state != NR_STUN_CLIENT_STATE_RUNNING) ABORT(R_REJECTED); r_log(NR_LOG_STUN,LOG_DEBUG,"STUN-CLIENT(%s): Received(my_addr=%s,peer_addr=%s)",ctx->label,ctx->my_addr.as_string,peer_addr->as_string); snprintf(string, sizeof(string)-1, "STUN-CLIENT(%s): Received ", ctx->label); r_dump(NR_LOG_STUN, LOG_DEBUG, string, (char*)msg, len); /* determine password */ switch (ctx->mode) { case NR_STUN_CLIENT_MODE_BINDING_REQUEST_LONG_TERM_AUTH: case NR_STUN_CLIENT_MODE_BINDING_REQUEST_SHORT_TERM_AUTH: password = ctx->params.stun_binding_request.password; break; case NR_STUN_CLIENT_MODE_BINDING_REQUEST_NO_AUTH: /* do nothing */ break; case NR_STUN_CLIENT_MODE_BINDING_REQUEST_STUND_0_96: /* do nothing */ break; #ifdef USE_ICE case NR_ICE_CLIENT_MODE_BINDING_REQUEST: password = &ctx->params.ice_binding_request.password; break; case NR_ICE_CLIENT_MODE_USE_CANDIDATE: password = &ctx->params.ice_binding_request.password; break; #endif /* USE_ICE */ #ifdef USE_TURN case NR_TURN_CLIENT_MODE_ALLOCATE_REQUEST1: /* do nothing */ break; case NR_TURN_CLIENT_MODE_ALLOCATE_REQUEST2: /* do nothing */ break; case NR_TURN_CLIENT_MODE_SET_ACTIVE_DEST_REQUEST: /* do nothing */ break; case NR_TURN_CLIENT_MODE_SEND_INDICATION: /* do nothing -- we just got our DATA-INDICATION */ break; #endif /* USE_TURN */ default: assert(0); ABORT(R_FAILED); break; } #ifdef USE_TURN if (ctx->mode == NR_TURN_CLIENT_MODE_SEND_INDICATION) { /* SEND-INDICATION gets a DATA-INDICATION back, which will always * be a different transaction, so don't perform the check in that * case */ } #endif /* USE_TURN */ if ((r=nr_stun_message_create2(&ctx->response, msg, len))) ABORT(r); if ((r=nr_stun_decode_message(ctx->response, nr_stun_client_get_password, password))) ABORT(r); if ((r=nr_stun_receive_message(ctx->request, ctx->response))) ABORT(r); /* TODO: !nn! currently using password!=0 to mean that auth is required, * TODO: !nn! but we should probably pass that in explicitly via the * TODO: !nn! usage (ctx->mode?) */ if (password) { if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_NONCE, 0)) { if ((r=nr_stun_receive_response_long_term_auth(ctx->response, ctx))) ABORT(r); } else { if ((r=nr_stun_receive_response_short_term_auth(ctx->response))) ABORT(r); } } if (NR_STUN_GET_TYPE_CLASS(ctx->response->header.type) == NR_CLASS_RESPONSE) { if ((r=nr_stun_process_success_response(ctx->response))) ABORT(r); } else { if ((r=nr_stun_process_error_response(ctx->response))) { ABORT(r); } else { /* drop the error on the floor */ ABORT(R_FAILED); } } /* TODO: !nn! this should be moved to individual message receive/processing sections */ switch (ctx->mode) { case NR_STUN_CLIENT_MODE_BINDING_REQUEST_LONG_TERM_AUTH: case NR_STUN_CLIENT_MODE_BINDING_REQUEST_SHORT_TERM_AUTH: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response.mapped_addr; break; case NR_STUN_CLIENT_MODE_BINDING_REQUEST_NO_AUTH: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response.mapped_addr; break; case NR_STUN_CLIENT_MODE_BINDING_REQUEST_STUND_0_96: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MAPPED_ADDRESS, 0) && ! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response_stund_0_96.mapped_addr; break; #ifdef USE_ICE case NR_ICE_CLIENT_MODE_BINDING_REQUEST: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response.mapped_addr; break; case NR_ICE_CLIENT_MODE_USE_CANDIDATE: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); mapped_addr = &ctx->results.stun_binding_response.mapped_addr; break; #endif /* USE_ICE */ #ifdef USE_TURN case NR_TURN_CLIENT_MODE_ALLOCATE_REQUEST1: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_REALM, &attr)) ABORT(R_BAD_DATA); ctx->results.allocate_response1.realm = attr->u.realm; if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_NONCE, &attr)) ABORT(R_BAD_DATA); ctx->results.allocate_response1.nonce = attr->u.nonce; break; case NR_TURN_CLIENT_MODE_ALLOCATE_REQUEST2: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_USERNAME, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, 0)) ABORT(R_BAD_DATA); if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_RELAY_ADDRESS, &attr)) { if ((r=nr_transport_addr_copy( &ctx->results.allocate_response2.relay_addr, &attr->u.relay_address))) ABORT(r); } else { if ((r=nr_transport_addr_copy(&ctx->results.allocate_response2.relay_addr, peer_addr))) ABORT(r); } mapped_addr = &ctx->results.allocate_response2.mapped_addr; break; case NR_TURN_CLIENT_MODE_SET_ACTIVE_DEST_REQUEST: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MESSAGE_INTEGRITY, 0)) ABORT(R_BAD_DATA); break; case NR_TURN_CLIENT_MODE_SEND_INDICATION: if (! nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_REMOTE_ADDRESS, 0)) ABORT(R_BAD_DATA); break; #endif /* USE_TURN */ default: assert(0); ABORT(R_FAILED); break; } /* make sure we have the most up-to-date address from this peer */ if (nr_transport_addr_cmp(&ctx->peer_addr, peer_addr, NR_TRANSPORT_ADDR_CMP_MODE_ALL)) { r_log(NR_LOG_STUN,LOG_INFO,"STUN-CLIENT(%s): Peer moved from %s to %s", ctx->label, ctx->peer_addr.as_string, peer_addr->as_string); nr_transport_addr_copy(&ctx->peer_addr, peer_addr); } if (mapped_addr) { if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_XOR_MAPPED_ADDRESS, &attr)) { if ((r=nr_transport_addr_copy(mapped_addr, &attr->u.xor_mapped_address.unmasked))) ABORT(r); } else if (nr_stun_message_has_attribute(ctx->response, NR_STUN_ATTR_MAPPED_ADDRESS, &attr)) { if ((r=nr_transport_addr_copy(mapped_addr, &attr->u.mapped_address))) ABORT(r); } else ABORT(R_BAD_DATA); r_log(NR_LOG_STUN,LOG_DEBUG,"STUN-CLIENT(%s): Received mapped address: %s", ctx->label, mapped_addr->as_string); } ctx->state=NR_STUN_CLIENT_STATE_DONE; _status=0; abort: if (ctx->state != NR_STUN_CLIENT_STATE_RUNNING) { /* Cancel the timer firing */ if (ctx->timer_handle) { NR_async_timer_cancel(ctx->timer_handle); ctx->timer_handle = 0; } /* Fire the callback */ if (ctx->finished_cb) { NR_async_cb finished_cb = ctx->finished_cb; ctx->finished_cb = 0; /* prevent 2nd call */ /* finished_cb call must be absolutely last thing in function * because as a side effect this ctx may be operated on in the * callback */ finished_cb(0,0,ctx->cb_arg); } } return(_status); }