Mercurial > prosody-modules
changeset 1059:95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
author | Philipp Hancke <fippo@goodadvice.pages.de> |
---|---|
date | Mon, 10 Jun 2013 15:07:00 +0100 (2013-06-10) |
parents | 1255de347dd4 |
children | 25b83ed7838a |
files | mod_turncredentials/mod_turncredentials.lua |
diffstat | 1 files changed, 30 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_turncredentials/mod_turncredentials.lua Mon Jun 10 15:07:00 2013 +0100 @@ -0,0 +1,30 @@ +-- XEP-0215 implementation for time-limited turn credentials +-- Copyright (C) 2012-2013 Philipp Hancke +-- This file is MIT/X11 licensed. + +local st = require "util.stanza"; +local hmac_sha1 = require "util.hmac".sha1; +local base64 = require "util.encodings".base64; +local os_time = os.time; +local secret = module:get_option("turncredentials_secret") or false; +local host = module:get_option("turncredentials_host") or false -- use ip addresses here to avoid further dns lookup latency +local port = module:get_option("turncredentials_port") or 3478 +if not (secret and host) then + module:log("error", "turncredentials not configured"); + return; +end + +module:hook("iq/host/urn:xmpp:extdisco:1:services", function(event) + local origin, stanza = event.origin, event.stanza; + if stanza.attr.type ~= "get" or stanza.tags[1].name ~= "services" or origin.type ~= "c2s" then + return; + end + local now = os_time(); + local userpart = tostring(now); + local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false)); + origin.send(st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"}) + :tag("service", { type = "stun", host = host, port = port }):up() + :tag("service", { type = "turn", host = host, port = port, username = userpart, password = nonce }):up() + ); + return true; +end);