dandri/livekit
1
0
Fork 0
mirror of https://github.com/livekit/livekit.git synced 2026-05-14 14:05:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

check turn domain and port range (#90)

Browse Source 
* check negative turn port

* check turn domain

* domain check test code
This commit is contained in:
PJC
2021-08-24 02:49:16 +09:00
committed by GitHub
parent bcf6e15e07
commit 9016da1936
3 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/service/turn.go
+6 -2
View File
@@ -26,7 +26,7 @@ func NewTurnServer(conf *config.Config, roomStore RoomStore, node routing.LocalN
return nil, nil
}
if turnConf.TLSPort == 0 && turnConf.UDPPort == 0 {
if turnConf.TLSPort <= 0 && turnConf.UDPPort <= 0 {
return nil, errors.New("invalid TURN ports")
}
@@ -49,6 +49,10 @@ func NewTurnServer(conf *config.Config, roomStore RoomStore, node routing.LocalN
return nil, errors.New("TURN domain required")
}
if IsValidDomain(turnConf.Domain) == false {
return nil, errors.New("TURN domain is not correct")
}
cert, err := tls.LoadX509KeyPair(turnConf.CertFile, turnConf.KeyFile)
if err != nil {
return nil, errors.Wrap(err, "TURN tls cert required")
@@ -99,4 +103,4 @@ func newTurnAuthHandler(roomStore RoomStore) turn.AuthHandler {
return turn.GenerateAuthKey(username, livekitRealm, rm.TurnPassword), true
}
}
}
pkg/service/utils.go
+6
View File
@@ -3,6 +3,7 @@ package service
import (
"context"
"net/http"
"regexp"
"github.com/go-redis/redis/v8"
"github.com/google/wire"
@@ -93,6 +94,11 @@ func boolValue(s string) bool {
return s == "1" || s == "true"
}
func IsValidDomain(domain string) bool {
domainRegexp := regexp.MustCompile(`^(?i)[a-z0-9-]+(\.[a-z0-9-]+)+\.?$`)
return domainRegexp.MatchString(domain)
}
func permissionFromGrant(claim *auth.VideoGrant) *livekit.ParticipantPermission {
p := &livekit.ParticipantPermission{
CanSubscribe: true,
pkg/service/utils_test.go
+16
View File
@@ -2,6 +2,9 @@ package service_test
import (
"github.com/go-redis/redis/v8"
"github.com/livekit/livekit-server/pkg/service"
"github.com/stretchr/testify/require"
"testing"
)
func redisClient() *redis.Client {
@@ -9,3 +12,16 @@ func redisClient() *redis.Client {
Addr: "localhost:6379",
})
}
func TestIsValidDomain(t *testing.T) {
list := map[string]bool{
"turn.myhost.com": true,
"turn.google.com": true,
"https://host.com": false,
"turn://host.com": false,
}
for key, result := range list {
service.IsValidDomain(key)
require.Equal(t, service.IsValidDomain(key), result)
}
}