Annotate

plugins/mod_turn_external.lua @ 12594:29685403be32

mod_saslauth: Implement RFC 9266 'tls-exporter' channel binding (#1760) Brings back SCRAM-SHA-*-PLUS from its hiatus brought on by the earlier channel binding method being undefined for TLS 1.3, and the increasing deployment of TLS 1.3. See 1bfd238e05ad and #1542 Requires future version of LuaSec, once support for this key material export method is merged. See https://github.com/brunoos/luasec/pull/187
author Kim Alvefur <zash@zash.se>
date Wed, 01 Jun 2022 15:06:59 +0200
parent 12437:9f5d0b77e3df
child 12977:74b9e05af71e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
12282
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
1 local set = require "util.set";
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
2
11599
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 local secret = module:get_option_string("turn_external_secret");
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local host = module:get_option_string("turn_external_host", module.host);
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 local user = module:get_option_string("turn_external_user");
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 local port = module:get_option_number("turn_external_port", 3478);
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 local ttl = module:get_option_number("turn_external_ttl", 86400);
12282
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
8 local tcp = module:get_option_boolean("turn_external_tcp", false);
12290
aa7a8aa64d3f mod_turn_external: Fix type of config option (thanks mirux)
Kim Alvefur <zash@zash.se>
parents: 12283
diff changeset
9 local tls_port = module:get_option_number("turn_external_tls_port");
11599
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10
12437
9f5d0b77e3df mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727)
Matthew Wild <mwild1@gmail.com>
parents: 12290
diff changeset
11 if not secret then
9f5d0b77e3df mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727)
Matthew Wild <mwild1@gmail.com>
parents: 12290
diff changeset
12 module:log_status("error", "Failed to initialize: the 'turn_external_secret' option is not set in your configuration");
9f5d0b77e3df mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727)
Matthew Wild <mwild1@gmail.com>
parents: 12290
diff changeset
13 return;
9f5d0b77e3df mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727)
Matthew Wild <mwild1@gmail.com>
parents: 12290
diff changeset
14 end
11599
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15
12282
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
16 local services = set.new({ "stun-udp"; "turn-udp" });
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
17 if tcp then
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
18 services:add("stun-tcp");
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
19 services:add("turn-tcp");
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
20 end
12283
b5686debb497 mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents: 12282
diff changeset
21 if tls_port then
b5686debb497 mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents: 12282
diff changeset
22 services:add("turns-tcp");
b5686debb497 mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents: 12282
diff changeset
23 end
12282
fe5a87b5972f mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents: 11599
diff changeset
24
11599
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 module:depends "external_services";
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26
12283
b5686debb497 mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents: 12282
diff changeset
27 for _, type in ipairs({ "stun"; "turn"; "turns" }) do
11599
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 for _, transport in ipairs({"udp"; "tcp"}) do
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 if services:contains(type .. "-" .. transport) then
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 module:add_item("external_service", {
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 type = type;
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 transport = transport;
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 host = host;
12283
b5686debb497 mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents: 12282
diff changeset
34 port = type == "turns" and tls_port or port;
11599
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 username = type == "turn" and user or nil;
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 secret = type == "turn" and secret or nil;
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 ttl = type == "turn" and ttl or nil;
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39 })
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40 end
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 end
ed405b6357a8 mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42 end