redis db refactoring completed

src/apps/relay/dbdrivers/dbd_redis.c

@@ -1041,11 +1041,10 @@ static int redis_get_ip_list(const char *kind, ip_range_list_t * list)
 	int ret = -1;
 	redisContext *rc = get_redis_connection();
 	if (rc) {
-		char header[TURN_LONG_STRING_SIZE];
 		char statement[TURN_LONG_STRING_SIZE];
-		snprintf(header, sizeof(header), "turn/%s-peer-ip/", kind);
+		const char* header = "turn/realm/";
 		size_t header_len = strlen(header);
-		snprintf(statement, sizeof(statement), "keys %s*", header);
+		snprintf(statement, sizeof(statement), "keys %s*/%s-peer-ip", header,kind);
 		redisReply *reply = (redisReply*) redisCommand(rc, statement);
 		if (reply) {
 			secrets_list_t keys;
@@ -1067,29 +1066,40 @@ static int redis_get_ip_list(const char *kind, ip_range_list_t * list)
 			}
 
 			for (isz = 0; isz < keys.sz; ++isz) {
+
 				char *realm = NULL;
-				snprintf(s, sizeof(s), "get %s", keys.secrets[isz]);
+
+				snprintf(s, sizeof(s), "smembers %s", keys.secrets[isz]);
+
 				redisReply *rget = (redisReply *) redisCommand(rc, s);
+
+				char *ptr = ((char*)keys.secrets[isz])+header_len;
+				char *sep = strstr(ptr, "/");
+				if (sep) {
+					*sep = 0;
+					realm = ptr;
+				}
+
 				if (rget) {
-					if (rget->type == REDIS_REPLY_ERROR)
+					if (rget->type == REDIS_REPLY_ERROR) {
 						TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Error: %s\n", rget->str);
-					else if (rget->type != REDIS_REPLY_STRING) {
+					} else if (rget->type == REDIS_REPLY_STRING) {
+						add_ip_list_range(rget->str, realm, list);
+					} else if (rget->type != REDIS_REPLY_ARRAY) {
 						if (rget->type != REDIS_REPLY_NIL)
 							TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Unexpected type: %d\n", rget->type);
 					} else {
-						char *ptr = ((char*)keys.secrets[isz])+header_len;
-						char *sep = strstr(ptr, "/");
-						if (sep) {
-							*sep = 0;
-							realm = ptr;
-						}
-						add_ip_list_range(rget->str, realm, list);
-						if(sep) {
-							*sep='/';
+						size_t i;
+						for (i = 0; i < rget->elements; ++i) {
+							add_ip_list_range(rget->element[i]->str, realm, list);
 						}
 					}
 					turnFreeRedisReply(rget);
 				}
+
+				if(sep) {
+					*sep='/';
+				}
 			}
 
 			clean_secrets_list(&keys);

turndb/schema.userdb.redis

@@ -26,12 +26,10 @@ then we will have set "turn/realm/north.gov/secret" with values
 "hero1", "hero2" and "hero3". The turnserver will try to use the 
 secrets in arbitrary order.
 
-4) The "white" and "black" peer IP ranges are stored as keys of the
-following form: 
-"turn/allowed-peer-ip/<arbitrary-unique-id>" or 
-"turn/allowed-peer-ip/<realm>/<arbitrary-unique-id>" or 
-"turn/denied-peer-ip/<arbitrary-unique-id>" or
-"turn/denied-peer-ip/<realm>/<arbitrary-unique-id>".
+4) The "white" and "black" peer IP ranges are stored as unordered sets
+of the following names:  
+"turn/realm/<realm>/allowed-peer-ip" and
+"turn/realm/<realm>/denied-peer-ip".
 
 The meaning of the keys is the same as the meaning of allowed-peer-ip and
 denied-peer-ip turnserver command-line option (with the addition of the realm option).
@@ -143,15 +141,11 @@ set turn/realm/crinna.org/user-quota 8000
 set turn/origin/http://crinna.org:80 crinna.org
 set turn/origin/https://bligh.edu:443 crinna.org
 
-set turn/denied-peer-ip/123456 "172.17.13.133-172.17.14.56"
-set turn/denied-peer-ip/234567 "123::45"
+sadd turn/realm/north.gov/allowed-peer-ip "172.17.13.200" "172.17.13.201"
+sadd turn/realm/crinna.org/allowed-peer-ip "172.17.13.202"
 
-set turn/denied-peer-ip/north.gov/1234567 "172.17.17.133-172.17.19.56"
-set turn/denied-peer-ip/crinna.org/2345678 "123::77"
-
-set turn/allowed-peer-ip/345678 "172.17.13.200"
-set turn/allowed-peer-ip/north.gov/345679 "172.17.13.201"
-set turn/allowed-peer-ip/crinna.org/3456710 "172.17.13.202"
+sadd turn/realm/north.gov/denied-peer-ip "172.17.13.133-172.17.14.56" "172.17.17.133-172.17.19.56" "123::45"
+sadd turn/realm/crinna.org/denied-peer-ip "123::77"
 
 hmset turn/oauth/kid/north ikm_key Y2FybGVvbg== hkdf_hash_func 'SHA-256' as_rs_alg 'AES-128-CBC' auth_alg 'HMAC-SHA-256-128'
 

turndb/testredisdbsetup.sh

@@ -42,15 +42,11 @@ set turn/realm/crinna.org/user-quota 8000
 set turn/origin/http://crinna.org:80 crinna.org
 set turn/origin/https://bligh.edu:443 crinna.org
 
-set turn/denied-peer-ip/123456 "172.17.13.133-172.17.14.56"
-set turn/denied-peer-ip/234567 "123::45"
+sadd turn/realm/north.gov/allowed-peer-ip "172.17.13.200" "172.17.13.201"
+sadd turn/realm/crinna.org/allowed-peer-ip "172.17.13.202"
 
-set turn/denied-peer-ip/north.gov/1234567 "172.17.17.133-172.17.19.56"
-set turn/denied-peer-ip/crinna.org/2345678 "123::77"
-
-set turn/allowed-peer-ip/345678 "172.17.13.200"
-set turn/allowed-peer-ip/north.gov/345679 "172.17.13.201"
-set turn/allowed-peer-ip/crinna.org/3456710 "172.17.13.202"
+sadd turn/realm/north.gov/denied-peer-ip "172.17.13.133-172.17.14.56" "172.17.17.133-172.17.19.56" "123::45"
+sadd turn/realm/crinna.org/denied-peer-ip "123::77"
 
 hmset turn/oauth/kid/north ikm_key Y2FybGVvbg== hkdf_hash_func 'SHA-256' as_rs_alg 'AES-256-CBC' auth_alg 'HMAC-SHA-256-128'
 hmset turn/oauth/kid/oldempire ikm_key YXVsY3Vz hkdf_hash_func 'SHA-256' as_rs_alg 'AEAD-AES-256-GCM'