summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorMarvin Steadfast <marvin@xsteadfastx.org>2017-01-19 14:08:20 +0100
committerMarvin Steadfast <marvin@xsteadfastx.org>2017-01-19 14:08:20 +0100
commit1e38be3a7aaea1b6570b27e271855ee380a9129b (patch)
tree44794213a43551f9d389fb4aef9befd04d4932ab /synapse
parentMerge pull request #1828 from matrix-org/erikj/iterable_cache_size (diff)
downloadsynapse-1e38be3a7aaea1b6570b27e271855ee380a9129b.tar.xz
Added username and password for turn server
It makes it possible to use a turn server that needs a username and
password instead of a token.
Diffstat (limited to 'synapse')
-rw-r--r--synapse/config/voip.py4
-rw-r--r--synapse/rest/client/v1/voip.py26
2 files changed, 20 insertions, 10 deletions
diff --git a/synapse/config/voip.py b/synapse/config/voip.py
index 169980f60d..ef9d61adfc 100644
--- a/synapse/config/voip.py
+++ b/synapse/config/voip.py
@@ -19,7 +19,9 @@ class VoipConfig(Config):
 
     def read_config(self, config):
         self.turn_uris = config.get("turn_uris", [])
-        self.turn_shared_secret = config["turn_shared_secret"]
+        self.turn_shared_secret = config.get("turn_shared_secret")
+        self.turn_username = config.get("turn_username")
+        self.turn_password = config.get("turn_password")
         self.turn_user_lifetime = self.parse_duration(config["turn_user_lifetime"])
 
     def default_config(self, **kwargs):
diff --git a/synapse/rest/client/v1/voip.py b/synapse/rest/client/v1/voip.py
index c40442f958..03141c623c 100644
--- a/synapse/rest/client/v1/voip.py
+++ b/synapse/rest/client/v1/voip.py
@@ -32,18 +32,26 @@ class VoipRestServlet(ClientV1RestServlet):
 
         turnUris = self.hs.config.turn_uris
         turnSecret = self.hs.config.turn_shared_secret
+        turnUsername = self.hs.config.turn_username
+        turnPassword = self.hs.config.turn_password
         userLifetime = self.hs.config.turn_user_lifetime
-        if not turnUris or not turnSecret or not userLifetime:
-            defer.returnValue((200, {}))
 
-        expiry = (self.hs.get_clock().time_msec() + userLifetime) / 1000
-        username = "%d:%s" % (expiry, requester.user.to_string())
+        if turnUris and turnSecret and userLifetime:
+            expiry = (self.hs.get_clock().time_msec() + userLifetime) / 1000
+            username = "%d:%s" % (expiry, requester.user.to_string())
+
+            mac = hmac.new(turnSecret, msg=username, digestmod=hashlib.sha1)
+            # We need to use standard padded base64 encoding here
+            # encode_base64 because we need to add the standard padding to get the
+            # same result as the TURN server.
+            password = base64.b64encode(mac.digest())
 
-        mac = hmac.new(turnSecret, msg=username, digestmod=hashlib.sha1)
-        # We need to use standard padded base64 encoding here
-        # encode_base64 because we need to add the standard padding to get the
-        # same result as the TURN server.
-        password = base64.b64encode(mac.digest())
+        elif turnUris and turnUsername and turnPassword and userLifetime:
+            username = turnUsername
+            password = turnPassword
+
+        else:
+            defer.returnValue((200, {}))
 
         defer.returnValue((200, {
             'username': username,