Software / code / prosody
Annotate
plugins/mod_turn_external.lua @ 12482:b193f8a2737e
mod_tls: Do not offer TLS if the connection is considered secure
This may be necessary if the session.conn object is not exchanged by the
network backend when establishing TLS. In that case, the starttls method
will always exist and thus that is not a good indicator for offering
TLS.
However, the secure bit already tells us that TLS has been established
or is not to be established on the connection, so we use that instead.
| author | Jonas Schäfer <jonas@wielicki.name> |
|---|---|
| date | Fri, 17 Sep 2021 21:18:30 +0200 |
| parent | 12437:9f5d0b77e3df |
| child | 12977:74b9e05af71e |
| rev | line source |
|---|---|
|
12282
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
1 local set = require "util.set"; |
|
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
2 |
|
11599
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local secret = module:get_option_string("turn_external_secret"); |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 local host = module:get_option_string("turn_external_host", module.host); |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local user = module:get_option_string("turn_external_user"); |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 local port = module:get_option_number("turn_external_port", 3478); |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 local ttl = module:get_option_number("turn_external_ttl", 86400); |
|
12282
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
8 local tcp = module:get_option_boolean("turn_external_tcp", false); |
|
12290
aa7a8aa64d3f
mod_turn_external: Fix type of config option (thanks mirux)
Kim Alvefur <zash@zash.se>
parents:
12283
diff
changeset
|
9 local tls_port = module:get_option_number("turn_external_tls_port"); |
|
11599
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
|
12437
9f5d0b77e3df
mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727)
Matthew Wild <mwild1@gmail.com>
parents:
12290
diff
changeset
|
11 if not secret then |
|
9f5d0b77e3df
mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727)
Matthew Wild <mwild1@gmail.com>
parents:
12290
diff
changeset
|
12 module:log_status("error", "Failed to initialize: the 'turn_external_secret' option is not set in your configuration"); |
|
9f5d0b77e3df
mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727)
Matthew Wild <mwild1@gmail.com>
parents:
12290
diff
changeset
|
13 return; |
|
9f5d0b77e3df
mod_turn_external: Update status and friendlier handling of missing secret option (fixes #1727)
Matthew Wild <mwild1@gmail.com>
parents:
12290
diff
changeset
|
14 end |
|
11599
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 |
|
12282
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
16 local services = set.new({ "stun-udp"; "turn-udp" }); |
|
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
17 if tcp then |
|
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
18 services:add("stun-tcp"); |
|
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
19 services:add("turn-tcp"); |
|
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
20 end |
|
12283
b5686debb497
mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents:
12282
diff
changeset
|
21 if tls_port then |
|
b5686debb497
mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents:
12282
diff
changeset
|
22 services:add("turns-tcp"); |
|
b5686debb497
mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents:
12282
diff
changeset
|
23 end |
|
12282
fe5a87b5972f
mod_turn_external: Simplify configuration
Kim Alvefur <zash@zash.se>
parents:
11599
diff
changeset
|
24 |
|
11599
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 module:depends "external_services"; |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 |
|
12283
b5686debb497
mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents:
12282
diff
changeset
|
27 for _, type in ipairs({ "stun"; "turn"; "turns" }) do |
|
11599
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 for _, transport in ipairs({"udp"; "tcp"}) do |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 if services:contains(type .. "-" .. transport) then |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 module:add_item("external_service", { |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 type = type; |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 transport = transport; |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 host = host; |
|
12283
b5686debb497
mod_turn_external: Add option to enable TURN over TLS
Kim Alvefur <zash@zash.se>
parents:
12282
diff
changeset
|
34 port = type == "turns" and tls_port or port; |
|
11599
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 username = type == "turn" and user or nil; |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 secret = type == "turn" and secret or nil; |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 ttl = type == "turn" and ttl or nil; |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 }) |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 end |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 end |
|
ed405b6357a8
mod_turn_external: Simple module to offer TURN(+STUN) via mod_external_services
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 end |
