Merge branch 'channel-lifetime' of https://github.com/akatsukle/coturn into akatsukle-channel-lifetime

2016-09-24 23:49:36 -07:00 · 2016-09-24 23:49:36 -07:00 · bd5ff5fe2f
commit bd5ff5fe2f
parent a9029fbfa6 2128253b31
9 changed files with 36 additions and 11 deletions
--- a/README.turnserver
+++ b/README.turnserver
@ -257,11 +257,13 @@ Flags:

 -h			Help.
    
-Options with required values:  
+Options with values:  

--stale-nonce[=<value>]		Use extra security with nonce value having limited lifetime (default 600 secs).
+--stale-nonce[=<value>]		Use extra security with nonce value having limited lifetime, in seconds (default 600 secs).

--max-allocate-lifetime	<value>		Set the maximum value for the allocation lifetime. Default to 3600 secs.
+--max-allocate-lifetime		Set the maximum value for the allocation lifetime. Default to 3600 secs.
+
+--channel-lifetime 	Set the lifetime for channel binding, default to 600 secs. This value MUST not be changed for production purposes.

 -d, --listening-device	Listener interface device.
 			(NOT RECOMMENDED. Optional functionality, Linux only). 
--- a/examples/etc/turnserver.conf
+++ b/examples/etc/turnserver.conf
@ -389,6 +389,12 @@
 #max-allocate-lifetime=3600


+# Uncomment to set the lifetime for the channel.
+# Default value is 600 secs (10 minutes).
+# This value MUST not be changed for production purposes.
+#
+#channel-lifetime=600
+
 # Certificate file.
 # Use an absolute path or path relative to the 
 # configuration file.
--- a/man/man1/turnserver.1
+++ b/man/man1/turnserver.1
@ -392,17 +392,21 @@ initially used by the session).
 Help.
 .TP
 .B
-Options with required values:
+Options with values:
 .TP
 .B
 \fB\-\-stale\-nonce\fP[=<value>]
-Use extra security with nonce value having limited lifetime (default 600 secs).
+Use extra security with nonce value having limited lifetime, in seconds (default 600 secs).
 .TP
 .B
-\fB\-\-max\-allocate\-lifetime\fP <value>
+\fB\-\-max\-allocate\-lifetime\fP
 Set the maximum value for the allocation lifetime. Default to 3600 secs.
 .TP
 .B
+\fB\-\-channel\-lifetime\fP
+Set the lifetime for channel binding, default to 600 secs. This value MUST not be changed for production purposes.
+.TP
+.B
 \fB\-d\fP, \fB\-\-listening\-device\fP
 Listener interface device.
 (NOT RECOMMENDED. Optional functionality, Linux only). 
--- a/src/apps/relay/mainrelay.c
+++ b/src/apps/relay/mainrelay.c
@ -124,7 +124,7 @@ LOW_DEFAULT_PORTS_BOUNDARY,HIGH_DEFAULT_PORTS_BOUNDARY,0,0,0,"",
 /////////////// stop server ////////////////
 0,
 /////////////// MISC PARAMS ////////////////
-0,0,0,0,0,':',0,0,0,TURN_CREDENTIALS_NONE,0,0,0,0,0,0,
+0,0,0,0,0,':',0,0,0,0,TURN_CREDENTIALS_NONE,0,0,0,0,0,0,
 ///////////// Users DB //////////////
 { (TURN_USERDB_TYPE)0, {"\0"}, {0,NULL, {NULL,0}} },
 ///////////// CPUs //////////////////
@ -549,6 +549,8 @@ static char Usage[] = "Usage: turnserver [options]\n"
 "						This option can be used, for example, together with the logrotate tool.\n"
 " --stale-nonce[=<value>]			Use extra security with nonce value having limited lifetime (default 600 secs).\n"
 " --max-allocate-lifetime	<value>		Set the maximum value for the allocation lifetime. Default to 3600 secs.\n"
+" --channel-lifetime		<value>		Set the lifetime for channel binding, default to 600 secs.\n"
+"						This value MUST not be changed for production purposes.\n"
 " -S, --stun-only				Option to set standalone STUN operation only, all TURN requests will be ignored.\n"
 "     --no-stun					Option to suppress STUN functionality, only TURN requests will be processed.\n"
 " --alternate-server		<ip:port>	Set the TURN server to redirect the allocate requests (UDP and TCP services).\n"
@ -672,6 +674,7 @@ enum EXTRA_OPTS {
 	MAX_PORT_OPT,
 	STALE_NONCE_OPT,
 	MAX_ALLOCATE_LIFETIME_OPT,
+	CHANNEL_LIFETIME_OPT,
 	AUTH_SECRET_OPT,
 	DEL_ALL_AUTH_SECRETS_OPT,
 	STATIC_AUTH_SECRET_VAL_OPT,
@ -790,6 +793,7 @@ static const struct myoption long_options[] = {
 				{ "no-tcp-relay", optional_argument, NULL, NO_TCP_RELAY_OPT },
 				{ "stale-nonce", optional_argument, NULL, STALE_NONCE_OPT },
 				{ "max-allocate-lifetime", optional_argument, NULL, MAX_ALLOCATE_LIFETIME_OPT },
+				{ "channel-lifetime", optional_argument, NULL, CHANNEL_LIFETIME_OPT },
 				{ "stun-only", optional_argument, NULL, 'S' },
 				{ "no-stun", optional_argument, NULL, NO_STUN_OPT },
 				{ "cert", required_argument, NULL, CERT_FILE_OPT },
@ -1054,6 +1058,9 @@ static void set_option(int c, char *value)
 	case MAX_ALLOCATE_LIFETIME_OPT:
 		turn_params.max_allocate_lifetime = get_int_value(value, STUN_DEFAULT_MAX_ALLOCATE_LIFETIME);
 		break;
+	case CHANNEL_LIFETIME_OPT:
+		turn_params.channel_lifetime = get_int_value(value, STUN_DEFAULT_CHANNEL_LIFETIME);
+		break;
 	case MAX_ALLOCATE_TIMEOUT_OPT:
 		TURN_MAX_ALLOCATE_TIMEOUT = atoi(value);
 		TURN_MAX_ALLOCATE_TIMEOUT_STUN_ONLY = atoi(value);
--- a/src/apps/relay/mainrelay.h
+++ b/src/apps/relay/mainrelay.h
@ -286,6 +286,7 @@ typedef struct _turn_params_ {
  char rest_api_separator;
  vint stale_nonce;
  vint max_allocate_lifetime;
+  vint channel_lifetime;
  vint mobility;
  turn_credential_type ct;
  int use_auth_secret_with_timestamp;
--- a/src/apps/relay/netengine.c
+++ b/src/apps/relay/netengine.c
@ -1634,6 +1634,7 @@ static void setup_relay_server(struct relay_server *rs, ioa_engine_handle e, int
 			 &turn_params.no_udp_relay,
 			 &turn_params.stale_nonce,
 			 &turn_params.max_allocate_lifetime,
+			 &turn_params.channel_lifetime,
 			 &turn_params.stun_only,
 			 &turn_params.no_stun,
 			 &turn_params.alternate_servers_list,
--- a/src/client/ns_turn_msg_defs.h
+++ b/src/client/ns_turn_msg_defs.h
@ -63,7 +63,7 @@
 #define STUN_DEFAULT_ALLOCATE_LIFETIME (600)
 #define STUN_MIN_ALLOCATE_LIFETIME STUN_DEFAULT_ALLOCATE_LIFETIME
 #define STUN_DEFAULT_MAX_ALLOCATE_LIFETIME (3600)
-#define STUN_CHANNEL_LIFETIME (600)
+#define STUN_DEFAULT_CHANNEL_LIFETIME (600)
 #define STUN_PERMISSION_LIFETIME (300)
 #define STUN_DEFAULT_NONCE_EXPIRATION_TIME (600)
 /**/
--- a/src/server/ns_turn_server.c
+++ b/src/server/ns_turn_server.c
@ -883,13 +883,13 @@ static int update_channel_lifetime(ts_ur_super_session *ss, ch_info* chn)

 			if (server) {

-				if (update_turn_permission_lifetime(ss, tinfo, STUN_CHANNEL_LIFETIME) < 0)
+				if (update_turn_permission_lifetime(ss, tinfo, *(server->channel_lifetime)) < 0)
 					return -1;

-				chn->expiration_time = server->ctime + STUN_CHANNEL_LIFETIME;
+				chn->expiration_time = server->ctime + *(server->channel_lifetime);

 				IOA_EVENT_DEL(chn->lifetime_ev);
-				chn->lifetime_ev = set_ioa_timer(server->e, STUN_CHANNEL_LIFETIME, 0,
+				chn->lifetime_ev = set_ioa_timer(server->e, *(server->channel_lifetime), 0,
 								client_ss_channel_timeout_handler,
 								chn, 0,
 								"client_ss_channel_timeout_handler");
@ -4797,6 +4797,7 @@ void init_turn_server(turn_turnserver* server,
 		vintp no_udp_relay,
 		vintp stale_nonce,
 		vintp max_allocate_lifetime,
+		vintp channel_lifetime,
 		vintp stun_only,
 		vintp no_stun,
 		turn_server_addrs_list_t *alternate_servers_list,
@ -4853,6 +4854,7 @@ void init_turn_server(turn_turnserver* server,

 	server->stale_nonce = stale_nonce;
 	server->max_allocate_lifetime = max_allocate_lifetime;
+	server->channel_lifetime = channel_lifetime;
 	server->stun_only = stun_only;
 	server->no_stun = no_stun;

--- a/src/server/ns_turn_server.h
+++ b/src/server/ns_turn_server.h
@ -116,6 +116,7 @@ struct _turn_turnserver {
 	vintp check_origin;
 	vintp stale_nonce;
        vintp max_allocate_lifetime;
+        vintp channel_lifetime;
 	vintp stun_only;
 	vintp no_stun;
 	vintp secure_stun;
@ -186,6 +187,7 @@ void init_turn_server(turn_turnserver* server,
 				    vintp no_udp_relay,
 				    vintp stale_nonce,
                                    vintp max_allocate_lifetime,
+                                    vintp channel_lifetime,
 				    vintp stun_only,
 				    vintp no_stun,
 				    turn_server_addrs_list_t *alternate_servers_list,