mirror of
https://mau.dev/maunium/synapse.git
synced 2024-11-05 14:18:55 +01:00
Added username and password for turn server
It makes it possible to use a turn server that needs a username and password instead of a token.
This commit is contained in:
parent
841c228533
commit
1e38be3a7a
2 changed files with 21 additions and 11 deletions
|
@ -19,7 +19,9 @@ class VoipConfig(Config):
|
||||||
|
|
||||||
def read_config(self, config):
|
def read_config(self, config):
|
||||||
self.turn_uris = config.get("turn_uris", [])
|
self.turn_uris = config.get("turn_uris", [])
|
||||||
self.turn_shared_secret = config["turn_shared_secret"]
|
self.turn_shared_secret = config.get("turn_shared_secret")
|
||||||
|
self.turn_username = config.get("turn_username")
|
||||||
|
self.turn_password = config.get("turn_password")
|
||||||
self.turn_user_lifetime = self.parse_duration(config["turn_user_lifetime"])
|
self.turn_user_lifetime = self.parse_duration(config["turn_user_lifetime"])
|
||||||
|
|
||||||
def default_config(self, **kwargs):
|
def default_config(self, **kwargs):
|
||||||
|
|
|
@ -32,19 +32,27 @@ class VoipRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
turnUris = self.hs.config.turn_uris
|
turnUris = self.hs.config.turn_uris
|
||||||
turnSecret = self.hs.config.turn_shared_secret
|
turnSecret = self.hs.config.turn_shared_secret
|
||||||
|
turnUsername = self.hs.config.turn_username
|
||||||
|
turnPassword = self.hs.config.turn_password
|
||||||
userLifetime = self.hs.config.turn_user_lifetime
|
userLifetime = self.hs.config.turn_user_lifetime
|
||||||
if not turnUris or not turnSecret or not userLifetime:
|
|
||||||
|
if turnUris and turnSecret and userLifetime:
|
||||||
|
expiry = (self.hs.get_clock().time_msec() + userLifetime) / 1000
|
||||||
|
username = "%d:%s" % (expiry, requester.user.to_string())
|
||||||
|
|
||||||
|
mac = hmac.new(turnSecret, msg=username, digestmod=hashlib.sha1)
|
||||||
|
# We need to use standard padded base64 encoding here
|
||||||
|
# encode_base64 because we need to add the standard padding to get the
|
||||||
|
# same result as the TURN server.
|
||||||
|
password = base64.b64encode(mac.digest())
|
||||||
|
|
||||||
|
elif turnUris and turnUsername and turnPassword and userLifetime:
|
||||||
|
username = turnUsername
|
||||||
|
password = turnPassword
|
||||||
|
|
||||||
|
else:
|
||||||
defer.returnValue((200, {}))
|
defer.returnValue((200, {}))
|
||||||
|
|
||||||
expiry = (self.hs.get_clock().time_msec() + userLifetime) / 1000
|
|
||||||
username = "%d:%s" % (expiry, requester.user.to_string())
|
|
||||||
|
|
||||||
mac = hmac.new(turnSecret, msg=username, digestmod=hashlib.sha1)
|
|
||||||
# We need to use standard padded base64 encoding here
|
|
||||||
# encode_base64 because we need to add the standard padding to get the
|
|
||||||
# same result as the TURN server.
|
|
||||||
password = base64.b64encode(mac.digest())
|
|
||||||
|
|
||||||
defer.returnValue((200, {
|
defer.returnValue((200, {
|
||||||
'username': username,
|
'username': username,
|
||||||
'password': password,
|
'password': password,
|
||||||
|
|
Loading…
Reference in a new issue