Mercurial > prosody-modules

changeset 1059:95ab35ef52ba

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
author Philipp Hancke <fippo@goodadvice.pages.de>
date Mon, 10 Jun 2013 15:07:00 +0100
parents 1255de347dd4
children 25b83ed7838a
files mod_turncredentials/mod_turncredentials.lua
diffstat 1 files changed, 30 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_turncredentials/mod_turncredentials.lua	Mon Jun 10 15:07:00 2013 +0100
@@ -0,0 +1,30 @@
+-- XEP-0215 implementation for time-limited turn credentials
+-- Copyright (C) 2012-2013 Philipp Hancke
+-- This file is MIT/X11 licensed. 
+
+local st = require "util.stanza";
+local hmac_sha1 = require "util.hmac".sha1;
+local base64 = require "util.encodings".base64;
+local os_time = os.time;
+local secret = module:get_option("turncredentials_secret") or false;
+local host = module:get_option("turncredentials_host") or false -- use ip addresses here to avoid further dns lookup latency
+local port = module:get_option("turncredentials_port") or 3478
+if not (secret and host) then
+    module:log("error", "turncredentials not configured");
+    return;
+end
+
+module:hook("iq/host/urn:xmpp:extdisco:1:services", function(event)
+    local origin, stanza = event.origin, event.stanza;
+    if stanza.attr.type ~= "get" or stanza.tags[1].name ~= "services" or origin.type ~= "c2s" then
+        return;
+    end
+    local now = os_time();
+    local userpart = tostring(now);
+    local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false));
+    origin.send(st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"})
+        :tag("service", { type = "stun", host = host, port = port }):up()
+        :tag("service", { type = "turn", host = host, port = port, username = userpart, password = nonce }):up()
+    );
+    return true;
+end);