mirrors/coturn
1
0
Fork 0
mirror of https://github.com/coturn/coturn.git synced 2025-10-26 12:31:00 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #64 from akatsukle/stale-nonce

Browse Source 
Improve configurability: stale nonce
This commit is contained in:
mom040267 2016-09-24 21:09:25 -07:00 committed by GitHub
commit 7f7820a3ee
4 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
examples/etc/turnserver.conf
View File

@ -373,13 +373,14 @@
#no-tcp-relay #no-tcp-relay
# Uncomment if extra security is desired, # Uncomment if extra security is desired,
# with nonce value having limited lifetime (600 secs). # with nonce value having limited lifetime.
# By default, the nonce value is unique for a session, # By default, the nonce value is unique for a session,
# but it has unlimited lifetime. With this option, # and has unlimited lifetime.
# the nonce lifetime is limited to 600 seconds, after that # Set this option to limit the nonce lifetime.
# It defaults to 600 secs (10 min) if no value is provided. After that delay,
# the client will get 438 error and will have to re-authenticate itself. # the client will get 438 error and will have to re-authenticate itself.
# #
#stale-nonce #stale-nonce=600
# Certificate file. # Certificate file.
# Use an absolute path or path relative to the # Use an absolute path or path relative to the

9
src/apps/relay/mainrelay.c
View File

@ -878,6 +878,13 @@ static const struct myoption admin_long_options[] = {
{ NULL, no_argument, NULL, 0 } { NULL, no_argument, NULL, 0 }
}; };
static int get_int_value(const char* s, int default_value)
{
if (!s || !(s[0]))
return default_value;
return atoi(s);
}
static int get_bool_value(const char* s) static int get_bool_value(const char* s)
{ {
if(!s || !(s[0])) return 1; if(!s || !(s[0])) return 1;
@ -1039,7 +1046,7 @@ static void set_option(int c, char *value)
turn_params.no_loopback_peers = get_bool_value(value); turn_params.no_loopback_peers = get_bool_value(value);
break; break;
case STALE_NONCE_OPT: case STALE_NONCE_OPT:
turn_params.stale_nonce = get_bool_value(value); turn_params.stale_nonce = get_int_value(value, STUN_DEFAULT_NONCE_EXPIRATION_TIME);
break; break;
case MAX_ALLOCATE_TIMEOUT_OPT: case MAX_ALLOCATE_TIMEOUT_OPT:
TURN_MAX_ALLOCATE_TIMEOUT = atoi(value); TURN_MAX_ALLOCATE_TIMEOUT = atoi(value);

2
src/client/ns_turn_msg_defs.h
View File

@ -65,7 +65,7 @@
#define STUN_MAX_ALLOCATE_LIFETIME (3600) #define STUN_MAX_ALLOCATE_LIFETIME (3600)
#define STUN_CHANNEL_LIFETIME (600) #define STUN_CHANNEL_LIFETIME (600)
#define STUN_PERMISSION_LIFETIME (300) #define STUN_PERMISSION_LIFETIME (300)
#define STUN_NONCE_EXPIRATION_TIME (600) #define STUN_DEFAULT_NONCE_EXPIRATION_TIME (600)
/**/ /**/
#define STUN_METHOD_BINDING (0x0001) #define STUN_METHOD_BINDING (0x0001)

2
src/server/ns_turn_server.c
View File

@ -3271,7 +3271,7 @@ static int check_stun_auth(turn_turnserver *server,
snprintf((s08bits*)s, NONCE_MAX_SIZE-4*i, "%04x",(unsigned int)rand); snprintf((s08bits*)s, NONCE_MAX_SIZE-4*i, "%04x",(unsigned int)rand);
} }
} }
ss->nonce_expiration_time = server->ctime + STUN_NONCE_EXPIRATION_TIME; ss->nonce_expiration_time = server->ctime + *(server->stale_nonce);
} }
} }