Add warning to config & readme/man

Add warning about that allow-loopback-peer and empty cli-password is not allowed together.
2025-11-03 00:10:59 +01:00 · 2017-12-14 14:03:10 +01:00 · 2017-12-14 14:03:10 +01:00 · 0f11578982
commit 0f11578982
parent 5cce82e782
2 changed files with 8 additions and 0 deletions
--- a/README.turnserver
+++ b/README.turnserver
@ -235,6 +235,10 @@ Flags:
 			Option to suppress STUN functionality, only TURN requests will be processed.

 --allow-loopback-peers	Allow peers on the loopback addresses (127.x.x.x and ::1).
+             Allow it only for testing in a development environment! 
+             In production it adds a possible security vulnerability, 
+             and so due to security reasons, it is not allowed 
+             using it together with empty cli-password.

 --no-multicast-peers	Disallow peers on well-known broadcast addresses 
 			(224.0.0.0 and above, and FFXX:*).
--- a/examples/etc/turnserver.conf
+++ b/examples/etc/turnserver.conf
@ -575,6 +575,10 @@
 # (To avoid any security issue that allowing loopback access may raise,
 # the no-loopback-peers option is replaced by allow-loopback-peers.)
 #
+# Allow it only for testing in a development environment! 
+# In production it adds a possible security vulnerability, so for security reasons 
+# it is not allowed using it together with empty cli-password. 
+#
 #allow-loopback-peers

 # Flag that can be used to disallow peers on well-known broadcast addresses (224.0.0.0 and above, and FFXX:*).