From f2a2e877a6b963c5c8621bb07d67f8222f0650ef Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Tue, 17 Mar 2015 14:30:31 +0100 Subject: [PATCH] Remove the old rfc5766-turn-server auth method as it doesn't brings anything Compared to the new TURN REST API --- conf/settings.ini.dist | 5 ----- docs/database/schema.mysql | 29 +---------------------------- lib/Vroom/Constants.pm | 5 +---- scripts/db_upgrade.pl | 24 ++++++++++++++++++++++++ vroom.pl | 18 +++--------------- 5 files changed, 29 insertions(+), 52 deletions(-) diff --git a/conf/settings.ini.dist b/conf/settings.ini.dist index 2658785..2ab1672 100644 --- a/conf/settings.ini.dist +++ b/conf/settings.ini.dist @@ -23,17 +23,12 @@ ; to the secret key you set in your turn server. See http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00 ; This has been tested with rfc-5766-turn-server but should work with any compatible turn server ; -; * rfc-5766-turn-server: In this mode, a MySQL view is used to manage one turn username per room -; It works only with rfc-5766-turn-server but it's recommanded to use rest now -; even when using rfc-5766-turn-server credentials = 'rest' ; Credentials to use with the "static" method ;turn_user = 'foo' ;turn_password = 'bar' ; Secret key shared with the turn server when using the "rest" method ;secret_key = 'secret' -; the realm used for turn accounts. Only needed when using the rfc-5766-turn-server method -;realm = 'vroom' [video] ; Define the max frame rate for video diff --git a/docs/database/schema.mysql b/docs/database/schema.mysql index 9fd5a2c..51b9540 100644 --- a/docs/database/schema.mysql +++ b/docs/database/schema.mysql @@ -6,7 +6,7 @@ CREATE TABLE `config` ( UNIQUE (`key`) ) ENGINE INNODB DEFAULT CHARSET=utf8; INSERT INTO `config` (`key`,`value`) - VALUES ('schema_version', '2'); + VALUES ('schema_version', '5'); CREATE TABLE `rooms` ( `id` INT UNSIGNED NOT NULL AUTO_INCREMENT, @@ -81,30 +81,3 @@ CREATE TABLE `room_keys` ( ON DELETE CASCADE ) ENGINE INNODB DEFAULT CHARSET=utf8; -#DROP TABLE IF EXISTS `turnusers_lt`; -#CREATE TABLE `turnusers_lt` ( -# name VARCHAR(512) PRIMARY KEY, -# hmackey char(32) -#); -CREATE VIEW `turnusers_lt` AS - SELECT `name` AS `name`, - MD5(CONCAT(CONCAT(CONCAT(CONCAT(`name`,':'),`realm`),':'),`token`)) AS `hmackey` - FROM `rooms`; - -CREATE TABLE `turnusers_st` ( - `name` VARCHAR(512) PRIMARY KEY, - `password` VARCHAR(512) -) ENGINE INNODB DEFAULT CHARSET=latin1; - -CREATE TABLE `turn_secret` ( - `value` VARCHAR(512) -) ENGINE INNODB DEFAULT CHARSET=latin1; - -CREATE TABLE `allowed_peer_ip` ( - `ip_range` VARCHAR(256) -) ENGINE INNODB DEFAULT CHARSET=latin1; - -CREATE TABLE `denied_peer_ip` ( - `ip_range` VARCHAR(256) -) ENGINE INNODB DEFAULT CHARSET=latin1; - diff --git a/lib/Vroom/Constants.pm b/lib/Vroom/Constants.pm index 98866d9..d943a66 100644 --- a/lib/Vroom/Constants.pm +++ b/lib/Vroom/Constants.pm @@ -7,7 +7,7 @@ use base 'Exporter'; our @EXPORT = qw/DB_VERSION COMPONENTS MOH JS_STRINGS API_ACTIONS/; # Database version -use constant DB_VERSION => 4; +use constant DB_VERSION => 5; # Components used to generate the credits part use constant COMPONENTS => { @@ -41,9 +41,6 @@ use constant COMPONENTS => { "MariaDB" => { url => 'https://mariadb.org/' }, - "rfc5766-turn-server" => { - url => 'https://code.google.com/p/rfc5766-turn-server/' - }, "FileSaver" => { url => 'https://github.com/eligrey/FileSaver.js' }, diff --git a/scripts/db_upgrade.pl b/scripts/db_upgrade.pl index 6cf28e9..b376e71 100644 --- a/scripts/db_upgrade.pl +++ b/scripts/db_upgrade.pl @@ -108,3 +108,27 @@ if ($cur_ver < 4){ }; print "Successfully upgraded to schema version 4\n"; } + +if ($cur_ver < 5){ + print "Upgrading the schema to version 5\n"; + eval { + $dbh->begin_work; + $dbh->do(qq{ DROP TABLE `denied_peer_ip` }); + $dbh->do(qq{ DROP TABLE `allowed_peer_ip` }); + $dbh->do(qq{ DROP TABLE `turn_secret` }); + $dbh->do(qq{ DROP TABLE `turnusers_st` }); + $dbh->do(qq{ DROP VIEW `turnusers_lt` }); + $dbh->do(qq{ ALTER TABLE `rooms` DROP COLUMN `token` }); + $dbh->do(qq{ ALTER TABLE `rooms` DROP COLUMN `realm` }); + $dbh->do(qq{ UPDATE `config` SET `value`='5' WHERE `key`='schema_version' }); + $dbh->commit; + }; + if ($@){ + print "An error occurred: " . $dbh->errstr . "\n"; + local $dbh->{RaiseError} = 0; + $dbh->rollback; + exit 255; + }; + print "Successfully upgraded to schema version 5\n"; +} + diff --git a/vroom.pl b/vroom.pl index 2a76c9a..3d8e498 100755 --- a/vroom.pl +++ b/vroom.pl @@ -40,7 +40,6 @@ $config->{'turn.credentials'} ||= 'static'; $config->{'turn.secret_key'} ||= ''; $config->{'turn.turn_user'} ||= ''; $config->{'turn.turn_password'} ||= ''; -$config->{'turn.realm'} ||= 'vroom'; $config->{'video.frame_rate'} ||= 15; $config->{'email.from '} ||= 'vroom@example.com'; $config->{'email.contact'} ||= 'admin@example.com'; @@ -230,21 +229,15 @@ helper create_room => sub { (`name`, `create_date`, `last_activity`, - `owner`, - `token`, - `realm`) + `owner`) VALUES (?, CONVERT_TZ(NOW(), @@session.time_zone, \'+00:00\'), CONVERT_TZ(NOW(), @@session.time_zone, \'+00:00\'), - ?, - ?, - ?)'); + ?'); }; $sth->execute( $name, $owner, - $self->get_random(256), - $config->{'turn.realm'} ); $self->app->log->info("Room $name created by " . $self->session('name')); # Etherpad integration ? If so, create the corresponding pad @@ -965,14 +958,10 @@ helper get_turn_creds => sub { elsif ($config->{'turn.credentials'} eq 'static'){ return ($config->{'turn.turn_user'},$config->{'turn.turn_password'}); } - elsif ($config->{'turn.credentials'} eq 'rfc-5766-turn-server'){ - return ($room->{name},$room->{token}); - } elsif ($config->{'turn.credentials'} eq 'rest'){ my $expire = time + 300; my $user = $expire . ':' . $room->{name}; my $pass = encode_base64(hmac_sha1($user, $config->{'turn.secret_key'})); -# my $pass = encode_base64(Digest::HMAC_SHA1->new($config->{'turn.secret_key'})->add($user)->digest); chomp $pass; return ($user,$pass); } @@ -1381,7 +1370,7 @@ any '/api' => sub { my $rooms = $self->get_room_list; foreach my $r (keys %{$rooms}){ # Blank out a few param we don't need - foreach my $p (qw/join_password owner_password owner token etherpad_group/){ + foreach my $p (qw/join_password owner_password owner etherpad_group/){ delete $rooms->{$r}->{$p}; } # Count active users @@ -2083,7 +2072,6 @@ get '/:room' => sub { # Now display the room page return $self->render('join', moh => $self->choose_moh(), - turnPassword => $data->{token}, video => $video, etherpad => ($ec) ? 'true' : 'false', etherpadGroup => $data->{etherpad_group},