Software `/` code `/` prosody-modules

Annotate

mod_turncredentials/mod_turncredentials.lua @ 1168:0b6b33688b75

mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00

author	Philipp Hancke <fippo@goodadvice.pages.de>
date	Wed, 28 Aug 2013 10:31:15 +0100
parent	1108:2da546139cb5
child	1169:0ae2c250f274

rev	line source
1059 95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	1 -- XEP-0215 implementation for time-limited turn credentials
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	2 -- Copyright (C) 2012-2013 Philipp Hancke
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	3 -- This file is MIT/X11 licensed.
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	4
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	5 local st = require "util.stanza";
1108 2da546139cb5 mod_turncredentials: Import HMAC from util.hashes Kim Alvefur <zash@zash.se> parents: 1059 diff changeset	6 local hmac_sha1 = require "util.hashes".hmac_sha1;
1059 95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	7 local base64 = require "util.encodings".base64;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	8 local os_time = os.time;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	9 local secret = module:get_option("turncredentials_secret") or false;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	10 local host = module:get_option("turncredentials_host") or false -- use ip addresses here to avoid further dns lookup latency
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	11 local port = module:get_option("turncredentials_port") or 3478
1168 0b6b33688b75 mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00 Philipp Hancke <fippo@goodadvice.pages.de> parents: 1108 diff changeset	12 local ttl = module:get_option("turncredentials_ttl") or 86400
1059 95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	13 if not (secret and host) then
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	14 module:log("error", "turncredentials not configured");
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	15 return;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	16 end
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	17
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	18 module:hook("iq/host/urn:xmpp:extdisco:1:services", function(event)
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	19 local origin, stanza = event.origin, event.stanza;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	20 if stanza.attr.type ~= "get" or stanza.tags[1].name ~= "services" or origin.type ~= "c2s" then
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	21 return;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	22 end
1168 0b6b33688b75 mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00 Philipp Hancke <fippo@goodadvice.pages.de> parents: 1108 diff changeset	23 local now = os_time() + ttl;
1059 95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	24 local userpart = tostring(now);
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	25 local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false));
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	26 origin.send(st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"})
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	27 :tag("service", { type = "stun", host = host, port = port }):up()
1168 0b6b33688b75 mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00 Philipp Hancke <fippo@goodadvice.pages.de> parents: 1108 diff changeset	28 :tag("service", { type = "turn", host = host, port = port, username = userpart, password = nonce, ttl = ttl}):up()
1059 95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	29 );
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	30 return true;
95ab35ef52ba mod_turncredentials: XEP-0215 implementation for time-limited turn credentials Philipp Hancke <fippo@goodadvice.pages.de> parents: diff changeset	31 end);

prosody-modules

0b6b33688b75

mod_turncredentials/mod_turncredentials.lua

Software / code / prosody-modules

Annotate

mod_turncredentials/mod_turncredentials.lua @ 1168:0b6b33688b75

Software `/` code `/` prosody-modules