diff options
| author | Marvin Steadfast <marvin@xsteadfastx.org> | 2017-01-19 14:08:20 +0100 |
|---|---|---|
| committer | Marvin Steadfast <marvin@xsteadfastx.org> | 2017-01-19 14:08:20 +0100 |
| commit | 1e38be3a7aaea1b6570b27e271855ee380a9129b (patch) | |
| tree | 44794213a43551f9d389fb4aef9befd04d4932ab | |
| parent | Merge pull request #1828 from matrix-org/erikj/iterable_cache_size (diff) | |
| download | synapse-1e38be3a7aaea1b6570b27e271855ee380a9129b.tar.xz | |
Added username and password for turn server
It makes it possible to use a turn server that needs a username and password instead of a token.
| -rw-r--r-- | synapse/config/voip.py | 4 | ||||
| -rw-r--r-- | synapse/rest/client/v1/voip.py | 26 |
2 files changed, 20 insertions, 10 deletions
diff --git a/synapse/config/voip.py b/synapse/config/voip.py index 169980f60d..ef9d61adfc 100644 --- a/synapse/config/voip.py +++ b/synapse/config/voip.py @@ -19,7 +19,9 @@ class VoipConfig(Config): def read_config(self, config): self.turn_uris = config.get("turn_uris", []) - self.turn_shared_secret = config["turn_shared_secret"] + self.turn_shared_secret = config.get("turn_shared_secret") + self.turn_username = config.get("turn_username") + self.turn_password = config.get("turn_password") self.turn_user_lifetime = self.parse_duration(config["turn_user_lifetime"]) def default_config(self, **kwargs): diff --git a/synapse/rest/client/v1/voip.py b/synapse/rest/client/v1/voip.py index c40442f958..03141c623c 100644 --- a/synapse/rest/client/v1/voip.py +++ b/synapse/rest/client/v1/voip.py @@ -32,18 +32,26 @@ class VoipRestServlet(ClientV1RestServlet): turnUris = self.hs.config.turn_uris turnSecret = self.hs.config.turn_shared_secret + turnUsername = self.hs.config.turn_username + turnPassword = self.hs.config.turn_password userLifetime = self.hs.config.turn_user_lifetime - if not turnUris or not turnSecret or not userLifetime: - defer.returnValue((200, {})) - expiry = (self.hs.get_clock().time_msec() + userLifetime) / 1000 - username = "%d:%s" % (expiry, requester.user.to_string()) + if turnUris and turnSecret and userLifetime: + expiry = (self.hs.get_clock().time_msec() + userLifetime) / 1000 + username = "%d:%s" % (expiry, requester.user.to_string()) + + mac = hmac.new(turnSecret, msg=username, digestmod=hashlib.sha1) + # We need to use standard padded base64 encoding here + # encode_base64 because we need to add the standard padding to get the + # same result as the TURN server. + password = base64.b64encode(mac.digest()) - mac = hmac.new(turnSecret, msg=username, digestmod=hashlib.sha1) - # We need to use standard padded base64 encoding here - # encode_base64 because we need to add the standard padding to get the - # same result as the TURN server. - password = base64.b64encode(mac.digest()) + elif turnUris and turnUsername and turnPassword and userLifetime: + username = turnUsername + password = turnPassword + + else: + defer.returnValue((200, {})) defer.returnValue((200, { 'username': username, |