# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1644504107 -3600
# Node ID b5686debb497791975077edb9ffe53c036fe3871
# Parent  fe5a87b5972f6bfe99c17aa089d4d6a6fc9edfc2
mod_turn_external: Add option to enable TURN over TLS

Usually on port 443 to avoid restrictive firewalls.

Thanks to Holger for discussion

diff -r fe5a87b5972f -r b5686debb497 plugins/mod_turn_external.lua
--- a/plugins/mod_turn_external.lua	Thu Feb 10 15:39:15 2022 +0100
+++ b/plugins/mod_turn_external.lua	Thu Feb 10 15:41:47 2022 +0100
@@ -6,6 +6,7 @@
 local port = module:get_option_number("turn_external_port", 3478);
 local ttl = module:get_option_number("turn_external_ttl", 86400);
 local tcp = module:get_option_boolean("turn_external_tcp", false);
+local tls_port = module:get_option_boolean("turn_external_tls_port");
 
 if not secret then error("mod_" .. module.name .. " requires that 'turn_external_secret' be set") end
 
@@ -14,17 +15,20 @@
 	services:add("stun-tcp");
 	services:add("turn-tcp");
 end
+if tls_port then
+	services:add("turns-tcp");
+end
 
 module:depends "external_services";
 
-for _, type in ipairs({"stun"; "turn"}) do
+for _, type in ipairs({ "stun"; "turn"; "turns" }) do
 	for _, transport in ipairs({"udp"; "tcp"}) do
 		if services:contains(type .. "-" .. transport) then
 			module:add_item("external_service", {
 				type = type;
 				transport = transport;
 				host = host;
-				port = port;
+				port = type == "turns" and tls_port or port;
 
 				username = type == "turn" and user or nil;
 				secret = type == "turn" and secret or nil;