Mercurial > prosody-modules
comparison mod_turncredentials/mod_turncredentials.lua @ 1168:0b6b33688b75
mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00
| author | Philipp Hancke <fippo@goodadvice.pages.de> |
|---|---|
| date | Wed, 28 Aug 2013 10:31:15 +0100 |
| parents | 2da546139cb5 |
| children | 0ae2c250f274 |
comparison
equal
deleted
inserted
replaced
| 1167:8ceab2331216 | 1168:0b6b33688b75 |
|---|---|
| 7 local base64 = require "util.encodings".base64; | 7 local base64 = require "util.encodings".base64; |
| 8 local os_time = os.time; | 8 local os_time = os.time; |
| 9 local secret = module:get_option("turncredentials_secret") or false; | 9 local secret = module:get_option("turncredentials_secret") or false; |
| 10 local host = module:get_option("turncredentials_host") or false -- use ip addresses here to avoid further dns lookup latency | 10 local host = module:get_option("turncredentials_host") or false -- use ip addresses here to avoid further dns lookup latency |
| 11 local port = module:get_option("turncredentials_port") or 3478 | 11 local port = module:get_option("turncredentials_port") or 3478 |
| 12 local ttl = module:get_option("turncredentials_ttl") or 86400 | |
| 12 if not (secret and host) then | 13 if not (secret and host) then |
| 13 module:log("error", "turncredentials not configured"); | 14 module:log("error", "turncredentials not configured"); |
| 14 return; | 15 return; |
| 15 end | 16 end |
| 16 | 17 |
| 17 module:hook("iq/host/urn:xmpp:extdisco:1:services", function(event) | 18 module:hook("iq/host/urn:xmpp:extdisco:1:services", function(event) |
| 18 local origin, stanza = event.origin, event.stanza; | 19 local origin, stanza = event.origin, event.stanza; |
| 19 if stanza.attr.type ~= "get" or stanza.tags[1].name ~= "services" or origin.type ~= "c2s" then | 20 if stanza.attr.type ~= "get" or stanza.tags[1].name ~= "services" or origin.type ~= "c2s" then |
| 20 return; | 21 return; |
| 21 end | 22 end |
| 22 local now = os_time(); | 23 local now = os_time() + ttl; |
| 23 local userpart = tostring(now); | 24 local userpart = tostring(now); |
| 24 local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false)); | 25 local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false)); |
| 25 origin.send(st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"}) | 26 origin.send(st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"}) |
| 26 :tag("service", { type = "stun", host = host, port = port }):up() | 27 :tag("service", { type = "stun", host = host, port = port }):up() |
| 27 :tag("service", { type = "turn", host = host, port = port, username = userpart, password = nonce }):up() | 28 :tag("service", { type = "turn", host = host, port = port, username = userpart, password = nonce, ttl = ttl}):up() |
| 28 ); | 29 ); |
| 29 return true; | 30 return true; |
| 30 end); | 31 end); |