Mercurial > prosody-modules

annotate mod_turncredentials/mod_turncredentials.lua @ 1325:b21236b6b8d8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Backed out changeset 853a382c9bd6
author Kim Alvefur <zash@zash.se>
date Fri, 28 Feb 2014 15:37:55 +0100
parents 853a382c9bd6
children afae347928d8
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1059
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
1 -- XEP-0215 implementation for time-limited turn credentials
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
2 -- Copyright (C) 2012-2013 Philipp Hancke
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
3 -- This file is MIT/X11 licensed.
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
4
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
5 local st = require "util.stanza";
1108
2da546139cb5 mod_turncredentials: Import HMAC from util.hashes
Kim Alvefur <zash@zash.se>
parents: 1059
diff changeset
6 local hmac_sha1 = require "util.hashes".hmac_sha1;
1059
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
7 local base64 = require "util.encodings".base64;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
8 local os_time = os.time;
1169
0ae2c250f274 mod_turncredentials: Use type-specific get_option() methods where appropriate, and pass in default values
Matthew Wild <mwild1@gmail.com>
parents: 1168
diff changeset
9 local secret = module:get_option_string("turncredentials_secret");
0ae2c250f274 mod_turncredentials: Use type-specific get_option() methods where appropriate, and pass in default values
Matthew Wild <mwild1@gmail.com>
parents: 1168
diff changeset
10 local host = module:get_option_string("turncredentials_host"); -- use ip addresses here to avoid further dns lookup latency
0ae2c250f274 mod_turncredentials: Use type-specific get_option() methods where appropriate, and pass in default values
Matthew Wild <mwild1@gmail.com>
parents: 1168
diff changeset
11 local port = module:get_option_number("turncredentials_port", 3478);
0ae2c250f274 mod_turncredentials: Use type-specific get_option() methods where appropriate, and pass in default values
Matthew Wild <mwild1@gmail.com>
parents: 1168
diff changeset
12 local ttl = module:get_option_number("turncredentials_ttl", 86400);
1059
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
13 if not (secret and host) then
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
14 module:log("error", "turncredentials not configured");
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
15 return;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
16 end
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
17
1170
6695c3098025 mod_turncredentials: Use iq-get event, to save checking attr.type manually
Matthew Wild <mwild1@gmail.com>
parents: 1169
diff changeset
18 module:hook("iq-get/host/urn:xmpp:extdisco:1:services", function(event)
1059
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
19 local origin, stanza = event.origin, event.stanza;
1171
a18effacd384 mod_turncredentials: No need to check tag name, we're already in the event handler for the 'services' tag
Matthew Wild <mwild1@gmail.com>
parents: 1170
diff changeset
20 if origin.type ~= "c2s" then
1059
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
21 return;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
22 end
1168
0b6b33688b75 mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00
Philipp Hancke <fippo@goodadvice.pages.de>
parents: 1108
diff changeset
23 local now = os_time() + ttl;
1059
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
24 local userpart = tostring(now);
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
25 local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false));
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
26 origin.send(st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"})
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
27 :tag("service", { type = "stun", host = host, port = port }):up()
1168
0b6b33688b75 mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00
Philipp Hancke <fippo@goodadvice.pages.de>
parents: 1108
diff changeset
28 :tag("service", { type = "turn", host = host, port = port, username = userpart, password = nonce, ttl = ttl}):up()
1059
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
29 );
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
30 return true;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff changeset
31 end);