TURN Rest API issue

107 views

Skip to first unread message

Sumit Sharma

unread,

Mar 11, 2016, 4:40:52 AM3/11/16

to TURN Server (Open-Source project)

My TURN server (RFC5766) works fine and returns the relay candidate when I ping it with static credentials and "use-auth-secret" commented out.

However When trying to ping my TURN server from using TURN REST API for ephemeral password, i get authentication error.

My REST API written in Ruby:

def get_turn_temp_credentials

new_username = "#{timestamp}:#{params[:username]}"

digest = OpenSSL::Digest.new('sha1')

hmac = OpenSSL::HMAC.hexdigest(digest, "some_secret_code", new_username)

password = Base64.encode64(hmac)

respond_to do |format|

format.json{

render :json => {

"username" => "#{new_username}",

"password" => "#{password}",

"uris" => ['turn:turn.mycompany.com:3478?transport=udp',

'turn.mycompany.com:3478?transport=tcp',

]

}

end

And the response for the same is(for username: user)

{

"username": "1458207302:user"

"password": "NTNmYTU3MzNjNTg1YzIwNWE2ODIzZDBlYmFiYWExNDBiZDM3MDU1NQ== "

"current_timestamp": "1457607302"

"uris": [2]

0: "turn:turn.mycompany.com:3478?transport=udp"

1: "turn:turn.mycompany.com:3478?transport=tcp"

}

My turnserver.conf file contains following uncommented fields:

listening-port=3478

tls-listening-port=5349

verbose

fingerprint

use-auth-secret

static-auth-secret=some_secret_code

realm=mycompany.com

cert=turn_server_cert.pem

pkey=turn_server_pkey.pem

And I start TURN server like this:

turnserver -c turnserver.conf

It starts with the following log:

1457607109: RFC 5389/5766/5780/6062/6156 STUN/TURN Server, version Citrix-1.8.6.0 'Black Dow'

1457607109: Config file found: /etc/turnserver.conf

1457607109: Config file found: /etc/turn_server_cert.pem

1457607109: Config file found: /etc/turn_server_pkey.pem

1457607109: TLS: Certificate file found: /etc/turn_server_cert.pem

1457607109: TLS: Private key file found: /etc/turn_server_pkey.pem

1457607109: DTLS: Certificate file found: /etc/turn_server_cert.pem

1457607109: DTLS: Private key file found: /etc/turn_server_pkey.pem

1457607109: ===========Discovering listener addresses: =========

1457607109: Listener address to use: 127.0.0.1

1457607109: Listener address to use: xxx.xx.xx.xx

1457607109: Listener address to use: ::1

1457607109: =====================================================

1457607109: ===========Discovering relay addresses: =============

1457607109: Relay address to use: xxx.xx.xx.xx

1457607109: =====================================================

1457607109: IO method (listener thread): epoll

1457607109: IO method: epoll

1457607109: IPv4. UDP/DTLS listener opened on : 127.0.0.1:3478

1457607109: IO method: epoll

1457607109: IPv4. UDP/DTLS listener opened on : 127.0.0.1:3479

1457607109: IPv4. TCP/TLS listener opened on : 0.0.0.0:34480

1457607109: IPv4. TCP/TLS listener opened on : 0.0.0.0:58348

1457607109: IPv4. TCP/TLS listener opened on : 0.0.0.0:36655

1457607109: IPv4. TCP/TLS listener opened on : 0.0.0.0:47945

1457607109: IO method: epoll

1457607109: IPv4. UDP/DTLS listener opened on : 127.0.0.1:5349

1457607109: IO method: epoll

1457607109: IPv4. UDP/DTLS listener opened on : 127.0.0.1:5350

1457607109: IO method: epoll

1457607109: IPv4. UDP/DTLS listener opened on : xxx.xx.xx.xx:3478

1457607109: IO method: epoll

1457607109: IPv4. UDP/DTLS listener opened on : xxx.xx.xx.xx:3479

1457607109: IPv4. TCP/TLS listener opened on : 0.0.0.0:56571

1457607109: IPv4. TCP/TLS listener opened on : 0.0.0.0:50533

1457607109: IPv4. TCP/TLS listener opened on : 0.0.0.0:44441

1457607109: IPv4. TCP/TLS listener opened on : 0.0.0.0:55918

1457607109: IO method: epoll

1457607109: IPv4. UDP/DTLS listener opened on : xxx.xx.xx.xx:5349

1457607109: IO method: epoll

1457607109: IPv4. UDP/DTLS listener opened on : xxx.xx.xx.xx:5350

1457607109: IO method: epoll

1457607109: IPv6. UDP/DTLS listener opened on : ::1:3478

1457607109: IO method: epoll

1457607109: IPv6. UDP/DTLS listener opened on : ::1:3479

1457607109: IPv6. TCP/TLS listener opened on : :::33850

1457607109: IPv6. TCP/TLS listener opened on : :::34878

1457607109: IPv6. TCP/TLS listener opened on : :::36398

1457607109: IPv6. TCP/TLS listener opened on : :::48838

1457607109: IO method: epoll

1457607109: IPv6. UDP/DTLS listener opened on : ::1:5349

1457607109: IO method: epoll

1457607109: IPv6. UDP/DTLS listener opened on : ::1:5350

1457607109: IO method (auth thread): epoll

1457607109: IO method (relay thread): epoll

And When I try to ping with the client "http://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/"

I get following error log:

1457607229: open_client_connection_socket: AF: 2:2

1457607229: Binding socket 42 to addr

1457607229: IPv4. Bind to: xxx.xx.xx.xx:3478

1457607229: IPv4. UDP connected to: yyy.yy.yy.yy:3383

1457607229: handle_turn_command: user <>: request BINDING processed, error 0

1457607229: open_client_connection_socket: AF: 2:2

1457607229: Binding socket 43 to addr

1457607229: IPv4. Bind to: xxx.xx.xx.xx:3478

1457607229: IPv4. UDP connected to: yyy.yy.yy.yy:9833

1457607229: handle_turn_command: user <>: request BINDING processed, error 0