Revision 806f4d41

View differences:

plugins/janus_audiobridge.c
1267 1267
			goto error;
1268 1268
		}
1269 1269
		/* A secret may be required for this action */
1270
		JANUS_CHECK_SECRET(audiobridge->room_secret, root,
1271
			error_code, error_cause, TRUE,
1270
		JANUS_CHECK_SECRET(audiobridge->room_secret, root, "secret", error_code, error_cause,
1272 1271
			JANUS_AUDIOBRIDGE_ERROR_MISSING_ELEMENT, JANUS_AUDIOBRIDGE_ERROR_INVALID_ELEMENT, JANUS_AUDIOBRIDGE_ERROR_UNAUTHORIZED);
1273 1272
		if(error_code != 0) {
1274 1273
			janus_mutex_unlock(&rooms_mutex);
......
1777 1776
				goto error;
1778 1777
			}
1779 1778
			/* A pin may be required for this action */
1780
			JANUS_CHECK_PIN(audiobridge->room_pin, root,
1781
				error_code, error_cause, TRUE,
1779
			JANUS_CHECK_SECRET(audiobridge->room_pin, root, "pin", error_code, error_cause,
1782 1780
				JANUS_AUDIOBRIDGE_ERROR_MISSING_ELEMENT, JANUS_AUDIOBRIDGE_ERROR_INVALID_ELEMENT, JANUS_AUDIOBRIDGE_ERROR_UNAUTHORIZED);
1783 1781
			if(error_code != 0) {
1784 1782
				janus_mutex_unlock(&rooms_mutex);
......
2087 2085
				goto error;
2088 2086
			}
2089 2087
			/* A pin may be required for this action */
2090
			JANUS_CHECK_PIN(audiobridge->room_pin, root,
2091
				error_code, error_cause, TRUE,
2088
			JANUS_CHECK_SECRET(audiobridge->room_pin, root, "pin", error_code, error_cause,
2092 2089
				JANUS_AUDIOBRIDGE_ERROR_MISSING_ELEMENT, JANUS_AUDIOBRIDGE_ERROR_INVALID_ELEMENT, JANUS_AUDIOBRIDGE_ERROR_UNAUTHORIZED);
2093 2090
			if(error_code != 0) {
2094 2091
				janus_mutex_unlock(&rooms_mutex);
plugins/janus_streaming.c
1522 1522
			goto error;
1523 1523
		}
1524 1524
		/* A secret may be required for this action */
1525
		JANUS_CHECK_SECRET(mp->secret, root,
1526
			error_code, error_cause, TRUE,
1525
		JANUS_CHECK_SECRET(mp->secret, root, "secret", error_code, error_cause,
1527 1526
			JANUS_STREAMING_ERROR_MISSING_ELEMENT, JANUS_STREAMING_ERROR_INVALID_ELEMENT, JANUS_STREAMING_ERROR_UNAUTHORIZED);
1528 1527
		if(error_code != 0) {
1529 1528
			janus_mutex_unlock(&mountpoints_mutex);
......
1615 1614
			goto error;
1616 1615
		}
1617 1616
		/* A secret may be required for this action */
1618
		JANUS_CHECK_SECRET(mp->secret, root,
1619
			error_code, error_cause, TRUE,
1617
		JANUS_CHECK_SECRET(mp->secret, root, "secret", error_code, error_cause,
1620 1618
			JANUS_STREAMING_ERROR_MISSING_ELEMENT, JANUS_STREAMING_ERROR_INVALID_ELEMENT, JANUS_STREAMING_ERROR_UNAUTHORIZED);
1621 1619
		if(error_code != 0) {
1622 1620
			janus_mutex_unlock(&mountpoints_mutex);
......
1730 1728
			goto error;
1731 1729
		}
1732 1730
		/* A secret may be required for this action */
1733
		JANUS_CHECK_SECRET(mp->secret, root,
1734
			error_code, error_cause, TRUE,
1731
		JANUS_CHECK_SECRET(mp->secret, root, "secret", error_code, error_cause,
1735 1732
			JANUS_STREAMING_ERROR_MISSING_ELEMENT, JANUS_STREAMING_ERROR_INVALID_ELEMENT, JANUS_STREAMING_ERROR_UNAUTHORIZED);
1736 1733
		if(error_code != 0) {
1737 1734
			janus_mutex_unlock(&mountpoints_mutex);
......
2016 2013
				goto error;
2017 2014
			}
2018 2015
			/* A secret may be required for this action */
2019
			JANUS_CHECK_SECRET(mp->pin, root,
2020
				error_code, error_cause, TRUE,
2016
			JANUS_CHECK_SECRET(mp->pin, root, "pin", error_code, error_cause,
2021 2017
				JANUS_STREAMING_ERROR_MISSING_ELEMENT, JANUS_STREAMING_ERROR_INVALID_ELEMENT, JANUS_STREAMING_ERROR_UNAUTHORIZED);
2022 2018
			if(error_code != 0) {
2023 2019
				janus_mutex_unlock(&mountpoints_mutex);
plugins/janus_videoroom.c
1436 1436
			goto error;
1437 1437
		}
1438 1438
		/* A secret may be required for this action */
1439
		JANUS_CHECK_SECRET(videoroom->room_secret, root,
1440
			error_code, error_cause, TRUE,
1439
		JANUS_CHECK_SECRET(videoroom->room_secret, root, "secret", error_code, error_cause,
1441 1440
			JANUS_VIDEOROOM_ERROR_MISSING_ELEMENT, JANUS_VIDEOROOM_ERROR_INVALID_ELEMENT, JANUS_VIDEOROOM_ERROR_UNAUTHORIZED);
1442 1441
		if(error_code != 0) {
1443 1442
			janus_mutex_unlock(&rooms_mutex);
......
1566 1565
			goto error;
1567 1566
		}
1568 1567
		/* A secret may be required for this action */
1569
		JANUS_CHECK_SECRET(videoroom->room_secret, root,
1570
			error_code, error_cause, TRUE,
1568
		JANUS_CHECK_SECRET(videoroom->room_secret, root, "secret", error_code, error_cause,
1571 1569
			JANUS_VIDEOROOM_ERROR_MISSING_ELEMENT, JANUS_VIDEOROOM_ERROR_INVALID_ELEMENT, JANUS_VIDEOROOM_ERROR_UNAUTHORIZED);
1572 1570
		if(error_code != 0) {
1573 1571
			janus_mutex_unlock(&rooms_mutex);
......
1660 1658
			goto error;
1661 1659
		}
1662 1660
		/* A secret may be required for this action */
1663
		JANUS_CHECK_SECRET(videoroom->room_secret, root,
1664
			error_code, error_cause, TRUE,
1661
		JANUS_CHECK_SECRET(videoroom->room_secret, root, "secret", error_code, error_cause,
1665 1662
			JANUS_VIDEOROOM_ERROR_MISSING_ELEMENT, JANUS_VIDEOROOM_ERROR_INVALID_ELEMENT, JANUS_VIDEOROOM_ERROR_UNAUTHORIZED);
1666 1663
		if(error_code != 0) {
1667 1664
			janus_mutex_unlock(&rooms_mutex);
......
2301 2298
				goto error;
2302 2299
			}
2303 2300
			/* A pin may be required for this action */
2304
			JANUS_CHECK_PIN(videoroom->room_pin, root,
2305
				error_code, error_cause, TRUE,
2301
			JANUS_CHECK_SECRET(videoroom->room_pin, root, "pin", error_code, error_cause,
2306 2302
				JANUS_VIDEOROOM_ERROR_MISSING_ELEMENT, JANUS_VIDEOROOM_ERROR_INVALID_ELEMENT, JANUS_VIDEOROOM_ERROR_UNAUTHORIZED);
2307 2303
			if(error_code != 0) {
2308 2304
				janus_mutex_unlock(&rooms_mutex);
utils.h
218 218
#define JANUS_VALIDATE_JSON_OBJECT(obj, params, error_code, error_cause, log_error, missing_code, invalid_code) \
219 219
	JANUS_VALIDATE_JSON_OBJECT_FORMAT("Missing mandatory element (%s)", "Invalid element type (%s should be %s)", obj, params, error_code, error_cause, log_error, missing_code, invalid_code)
220 220

  
221
/*! \brief If the pin isn't NULL, check the pin after validating the "pin" parameter of the JSON object
222
 * @param pin The pin to be checked; no check if the pin is NULL
223
 * @param obj The JSON object to be validated
224
 * @param[out] error_code int to return error code
225
 * @param[out] error_cause Array of char or NULL to return the error descriptions; the array has to be a global or stack variable to make sizeof work; the required size is 57
226
 * @param log_error If TRUE, log any error with JANUS_LOG(LOG_ERR)
227
 * @param missing_code The code to be returned in error_code if a parameter is missing
228
 * @param invalid_code The code to be returned in error_code if a parameter is invalid
229
 * @param unauthorized_code The code to be returned in error_code if the pin doesn't match */
230
#define JANUS_CHECK_PIN(pin, obj, error_code, error_cause, log_error, missing_code, invalid_code, unauthorized_code) \
231
	do { \
232
		if (pin) { \
233
			static struct janus_json_parameter pin_parameters[] = { \
234
				{"pin", JSON_STRING, JANUS_JSON_PARAM_REQUIRED} \
235
			}; \
236
			JANUS_VALIDATE_JSON_OBJECT(obj, pin_parameters, error_code, error_cause, log_error, missing_code, invalid_code); \
237
			if(!error_code && !janus_strcmp_const_time((pin), json_string_value(json_object_get(obj, "pin")))) { \
238
				error_code = (unauthorized_code); \
239
				if(log_error) \
240
					JANUS_LOG(LOG_ERR, "Unauthorized (wrong pin)\n"); \
241
				if(error_cause != NULL) \
242
					g_snprintf(error_cause, sizeof(error_cause), "Unauthorized (wrong pin)"); \
243
			} \
244
		} \
245
	} while(0)
246

  
247
/*! \brief If the secret isn't NULL, check the secret after validating the "secret" parameter of the JSON object
221
/*! \brief If the secret isn't NULL, check the secret after validating the specified member of the JSON object
248 222
 * @param secret The secret to be checked; no check if the secret is NULL
249 223
 * @param obj The JSON object to be validated
224
 * @param member The JSON member with the secret, usually "secret" or "pin"
250 225
 * @param[out] error_code int to return error code
251 226
 * @param[out] error_cause Array of char or NULL to return the error descriptions; the array has to be a global or stack variable to make sizeof work; the required size is 60
252 227
 * @param log_error If TRUE, log any error with JANUS_LOG(LOG_ERR)
253 228
 * @param missing_code The code to be returned in error_code if a parameter is missing
254 229
 * @param invalid_code The code to be returned in error_code if a parameter is invalid
255 230
 * @param unauthorized_code The code to be returned in error_code if the secret doesn't match */
256
#define JANUS_CHECK_SECRET(secret, obj, error_code, error_cause, log_error, missing_code, invalid_code, unauthorized_code) \
231
#define JANUS_CHECK_SECRET(secret, obj, member, error_code, error_cause, missing_code, invalid_code, unauthorized_code) \
257 232
	do { \
258 233
		if (secret) { \
259 234
			static struct janus_json_parameter secret_parameters[] = { \
260
				{"secret", JSON_STRING, JANUS_JSON_PARAM_REQUIRED} \
235
				{member, JSON_STRING, JANUS_JSON_PARAM_REQUIRED} \
261 236
			}; \
262
			JANUS_VALIDATE_JSON_OBJECT(obj, secret_parameters, error_code, error_cause, log_error, missing_code, invalid_code); \
263
			if(error_code == 0 && !janus_strcmp_const_time((secret), json_string_value(json_object_get(obj, "secret")))) { \
237
			JANUS_VALIDATE_JSON_OBJECT(obj, secret_parameters, error_code, error_cause, TRUE, missing_code, invalid_code); \
238
			if(error_code == 0 && !janus_strcmp_const_time((secret), json_string_value(json_object_get(obj, member)))) { \
264 239
				error_code = (unauthorized_code); \
265
				if(log_error) \
266
					JANUS_LOG(LOG_ERR, "Unauthorized (wrong secret)\n"); \
240
				JANUS_LOG(LOG_ERR, "Unauthorized (wrong %s)\n", member); \
267 241
				if(error_cause != NULL) \
268
					g_snprintf(error_cause, sizeof(error_cause), "Unauthorized (wrong secret)"); \
242
					g_snprintf(error_cause, sizeof(error_cause), "Unauthorized (wrong %s)", member); \
269 243
			} \
270 244
		} \
271 245
	} while(0)

Also available in: Unified diff