há 10 anos atrás · e8b18b4586
--- a/examples/scripts/selfloadbalance/secure_relay.sh
+++ b/examples/scripts/selfloadbalance/secure_relay.sh
@@ -39,4 +39,4 @@ fi
 
				 export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/usr/local/lib/:/usr/local/mysql/lib/
			
 
				 export DYLD_LIBRARY_PATH=${DYLD_LIBRARY_PATH}:/usr/local/lib/:/usr/local/mysql/lib/
			
 
				 
			
 
				-PATH="./bin/:../bin/:../../bin/:${PATH}" turnserver --aux-server=127.0.0.1:12345 --aux-server=[::1]:12345 --aux-server=127.0.0.1:12346 --aux-server=[::1]:12346 --udp-self-balance --syslog -a -L 127.0.0.1 -L ::1 -E 127.0.0.1 -E ::1 --max-bps=3000000 -f -m 10 --min-port=32355 --max-port=65535 --user=ninefingers:youhavetoberealistic --user=gorst:hero -r north.gov --cert=turn_server_cert.pem --pkey=turn_server_pkey.pem --log-file=stdout --cipher-list=ALL $@
			
 
				+PATH="./bin/:../bin/:../../bin/:${PATH}" turnserver --aux-server=127.0.0.1:12345 --aux-server=[::1]:12345 --aux-server=127.0.0.1:12346 --aux-server=[::1]:12346 --udp-self-balance --syslog -a -L 127.0.0.1 -L ::1 -E 127.0.0.1 -E ::1 --max-bps=3000000 -f -m 10 --min-port=32355 --max-port=65535 --user=ninefingers:youhavetoberealistic --user=gorst:hero -r north.gov --cert=turn_server_cert.pem --pkey=turn_server_pkey.pem --log-file=stdout --cipher-list=ALL --db=var/db/turndb $@
			
--- a/src/apps/uclient/startuclient.c
+++ b/src/apps/uclient/startuclient.c
@@ -649,6 +649,18 @@ static int clnet_allocate(int verbose,
 
				 				stun_attr_add(&request_message, STUN_ATTRIBUTE_MOBILITY_TICKET, (const char*)clnet_info->s_mobile_id, strlen(clnet_info->s_mobile_id));
			
 
				 			}
			
 
				 
			
 
				+			if(dual_allocation && !mobility) {
			
 
				+				int t = ((u08bits)random())%3;
			
 
				+				if(t) {
			
 
				+					u08bits field[4];
			
 
				+					field[0] = (t==1) ? (u08bits)STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV4 : (u08bits)STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6;
			
 
				+					field[1]=0;
			
 
				+					field[2]=0;
			
 
				+					field[3]=0;
			
 
				+					stun_attr_add(&request_message, STUN_ATTRIBUTE_ADDITIONAL_ADDRESS_FAMILY, (const char*) field, 4);
			
 
				+				}
			
 
				+			}
			
 
				+
			
 
				 			add_origin(&request_message);
			
 
				 
			
 
				 			if(add_integrity(clnet_info, &request_message)<0) return -1;
			
--- a/src/apps/uclient/uclient.c
+++ b/src/apps/uclient/uclient.c
@@ -1232,6 +1232,19 @@ static int refresh_channel(app_ur_session* elem, u16bits method, uint32_t lt)
 
				 		stun_init_request(STUN_METHOD_REFRESH, &message);
			
 
				 		lt = htonl(lt);
			
 
				 		stun_attr_add(&message, STUN_ATTRIBUTE_LIFETIME, (const char*) &lt, 4);
			
 
				+
			
 
				+		if(dual_allocation && !mobility) {
			
 
				+			int t = ((u08bits)random())%3;
			
 
				+			if(t) {
			
 
				+				u08bits field[4];
			
 
				+				field[0] = (t==1) ? (u08bits)STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV4 : (u08bits)STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6;
			
 
				+				field[1]=0;
			
 
				+				field[2]=0;
			
 
				+				field[3]=0;
			
 
				+				stun_attr_add(&message, STUN_ATTRIBUTE_ADDITIONAL_ADDRESS_FAMILY, (const char*) field, 4);
			
 
				+			}
			
 
				+		}
			
 
				+
			
 
				 		add_origin(&message);
			
 
				 		if(add_integrity(clnet_info, &message)<0) return -1;
			
 
				 		if(use_fingerprints)
			
--- a/src/server/ns_turn_server.c
+++ b/src/server/ns_turn_server.c
@@ -1512,7 +1512,8 @@ static int handle_turn_refresh(turn_turnserver *server,
 
				 				}
			
 
				 			}
			
 
				 				break;
			
 
				-			case STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY: {
			
 
				+			case STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY: /* <<== ??? */
			
 
				+			case STUN_ATTRIBUTE_ADDITIONAL_ADDRESS_FAMILY: {
			
 
				 				int af_req = stun_get_requested_address_family(sar);
			
 
				 				{
			
 
				 					int is_err = 0;
			
@@ -1537,7 +1538,7 @@ static int handle_turn_refresh(turn_turnserver *server,
 
				 
			
 
				 					if(is_err) {
			
 
				 						*err_code = 443;
			
 
				-						*reason = (const u08bits *)"Peer Address Family Mismatch";
			
 
				+						*reason = (const u08bits *)"Peer Address Family Mismatch (1)";
			
 
				 					}
			
 
				 				}
			
 
				 			}
			
@@ -2231,7 +2232,7 @@ static int handle_turn_connect(turn_turnserver *server,
 
				 				} else {
			
 
				 					if(!get_relay_socket(a,peer_addr.ss.sa_family)) {
			
 
				 						*err_code = 443;
			
 
				-						*reason = (const u08bits *)"Peer Address Family Mismatch";
			
 
				+						*reason = (const u08bits *)"Peer Address Family Mismatch (2)";
			
 
				 					}
			
 
				 
			
 
				 					peer_found = 1;
			
@@ -2552,7 +2553,7 @@ static int handle_turn_channel_bind(turn_turnserver *server,
 
				 
			
 
				 				if(!get_relay_socket(a,peer_addr.ss.sa_family)) {
			
 
				 					*err_code = 443;
			
 
				-					*reason = (const u08bits *)"Peer Address Family Mismatch";
			
 
				+					*reason = (const u08bits *)"Peer Address Family Mismatch (3)";
			
 
				 				}
			
 
				 
			
 
				 				if(addr_get_port(&peer_addr) < 1) {
			
@@ -3050,7 +3051,7 @@ static int handle_turn_create_permission(turn_turnserver *server,
 
				 
			
 
				 					if(!get_relay_socket(a,peer_addr.ss.sa_family)) {
			
 
				 						*err_code = 443;
			
 
				-						*reason = (const u08bits *)"Peer Address Family Mismatch";
			
 
				+						*reason = (const u08bits *)"Peer Address Family Mismatch (4)";
			
 
				 					} else if(!good_peer_addr(server, ss->realm_options.name, &peer_addr)) {
			
 
				 						*err_code = 403;
			
 
				 						*reason = (const u08bits *) "Forbidden IP";