10 år sedan · cfe61ab284
--- a/src/apps/common/ns_turn_utils.c
+++ b/src/apps/common/ns_turn_utils.c
@@ -861,21 +861,23 @@ char *turn_strdup_func(const char* s, const char* function, int line) {
 
				 
			
 
				 ////////////////////////////////
			
 
				 
			
 
				-int secure_username(u08bits *username)
			
 
				+int is_secure_username(const u08bits *username)
			
 
				 {
			
 
				-	int ret = -1;
			
 
				+	int ret = 0;
			
 
				 	if(username) {
			
 
				-		unsigned char *s = (unsigned char*)turn_strdup((char*)username);
			
 
				+		unsigned char *s0 = (unsigned char*)turn_strdup((const char*)username);
			
 
				+		unsigned char *s = s0;
			
 
				 		while(*s) {
			
 
				 			*s = (unsigned char)tolower((int)*s);
			
 
				 			++s;
			
 
				 		}
			
 
				-		if(strstr((char*)s," ")||strstr((char*)s,"\t")||strstr((char*)s,"'")) {
			
 
				-			username[0]=0;
			
 
				-		} else if(strstr((char*)s,"and")&&strstr((char*)s,"union")&&strstr((char*)s,"select")) {
			
 
				-			username[0]=0;
			
 
				+		s = s0;
			
 
				+		if(strstr((char*)s," ")||strstr((char*)s,"\t")||strstr((char*)s,"'")||strstr((char*)s,"\"")||strstr((char*)s,"\n")||strstr((char*)s,"\r")||strstr((char*)s,"\\")) {
			
 
				+			;
			
 
				+		} else if(strstr((char*)s,"union")&&strstr((char*)s,"select")) {
			
 
				+			;
			
 
				 		} else {
			
 
				-			ret = 0;
			
 
				+			ret = 1;
			
 
				 		}
			
 
				 		turn_free(s,strlen((char*)s));
			
 
				 	}
			
@@ -883,3 +885,4 @@ int secure_username(u08bits *username)
 
				 }
			
 
				 
			
 
				 //////////////////////////////////////////////////////////////////
			
 
				+
			
--- a/src/apps/common/ns_turn_utils.h
+++ b/src/apps/common/ns_turn_utils.h
@@ -78,7 +78,7 @@ void rollover_logfile(void);
 
				 
			
 
				 ///////////////////////////////////////////////////////
			
 
				 
			
 
				-int secure_username(u08bits *username);
			
 
				+int is_secure_username(const u08bits *username);
			
 
				 
			
 
				 ///////////////////////////////////////////////////////
			
 
				 
			
--- a/src/apps/relay/mainrelay.c
+++ b/src/apps/relay/mainrelay.c
@@ -1536,6 +1536,10 @@ static int adminmain(int argc, char **argv)
 
				 #endif
			
 
				 		case 'u':
			
 
				 			STRCPY(user,optarg);
			
 
				+			if(!is_secure_username((u08bits*)user)) {
			
 
				+				TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong user name structure or symbols, choose another name: %s\n",user);
			
 
				+				exit(-1);
			
 
				+			}
			
 
				 			if(SASLprep((u08bits*)user)<0) {
			
 
				 				TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Wrong user name: %s\n",user);
			
 
				 				exit(-1);
			
--- a/src/server/ns_turn_server.c
+++ b/src/server/ns_turn_server.c
@@ -1015,7 +1015,9 @@ static int handle_turn_allocate(turn_turnserver *server,
 
				 					}
			
 
				 					ns_bcopy(value,username,ulen);
			
 
				 					username[ulen]=0;
			
 
				-					if(secure_username(username)<0) {
			
 
				+					if(!is_secure_username(username)) {
			
 
				+						TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: wrong username: %s\n", __FUNCTION__, (char*)username);
			
 
				+						username[0]=0;
			
 
				 						*err_code = 400;
			
 
				 						break;
			
 
				 					}
			
@@ -3342,7 +3344,9 @@ static int check_stun_auth(turn_turnserver *server,
 
				 	ns_bcopy(stun_attr_get_value(sar),usname,alen);
			
 
				 	usname[alen]=0;
			
 
				 
			
 
				-	if(secure_username(usname)<0) {
			
 
				+	if(!is_secure_username(usname)) {
			
 
				+		TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: wrong username: %s\n", __FUNCTION__, (char*)usname);
			
 
				+		usname[0]=0;
			
 
				 		*err_code = 400;
			
 
				 		return -1;
			
 
				 	} else if(ss->username[0]) {