Remove the old rfc5766-turn-server auth method as it doesn't brings anything

Compared to the new TURN REST API
master
Daniel Berteaud 10 years ago
parent 14d179ebc0
commit f2a2e877a6
  1. 5
      conf/settings.ini.dist
  2. 29
      docs/database/schema.mysql
  3. 5
      lib/Vroom/Constants.pm
  4. 24
      scripts/db_upgrade.pl
  5. 18
      vroom.pl

@ -23,17 +23,12 @@
; to the secret key you set in your turn server. See http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00 ; to the secret key you set in your turn server. See http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00
; This has been tested with rfc-5766-turn-server but should work with any compatible turn server ; This has been tested with rfc-5766-turn-server but should work with any compatible turn server
; ;
; * rfc-5766-turn-server: In this mode, a MySQL view is used to manage one turn username per room
; It works only with rfc-5766-turn-server but it's recommanded to use rest now
; even when using rfc-5766-turn-server
credentials = 'rest' credentials = 'rest'
; Credentials to use with the "static" method ; Credentials to use with the "static" method
;turn_user = 'foo' ;turn_user = 'foo'
;turn_password = 'bar' ;turn_password = 'bar'
; Secret key shared with the turn server when using the "rest" method ; Secret key shared with the turn server when using the "rest" method
;secret_key = 'secret' ;secret_key = 'secret'
; the realm used for turn accounts. Only needed when using the rfc-5766-turn-server method
;realm = 'vroom'
[video] [video]
; Define the max frame rate for video ; Define the max frame rate for video

@ -6,7 +6,7 @@ CREATE TABLE `config` (
UNIQUE (`key`) UNIQUE (`key`)
) ENGINE INNODB DEFAULT CHARSET=utf8; ) ENGINE INNODB DEFAULT CHARSET=utf8;
INSERT INTO `config` (`key`,`value`) INSERT INTO `config` (`key`,`value`)
VALUES ('schema_version', '2'); VALUES ('schema_version', '5');
CREATE TABLE `rooms` ( CREATE TABLE `rooms` (
`id` INT UNSIGNED NOT NULL AUTO_INCREMENT, `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
@ -81,30 +81,3 @@ CREATE TABLE `room_keys` (
ON DELETE CASCADE ON DELETE CASCADE
) ENGINE INNODB DEFAULT CHARSET=utf8; ) ENGINE INNODB DEFAULT CHARSET=utf8;
#DROP TABLE IF EXISTS `turnusers_lt`;
#CREATE TABLE `turnusers_lt` (
# name VARCHAR(512) PRIMARY KEY,
# hmackey char(32)
#);
CREATE VIEW `turnusers_lt` AS
SELECT `name` AS `name`,
MD5(CONCAT(CONCAT(CONCAT(CONCAT(`name`,':'),`realm`),':'),`token`)) AS `hmackey`
FROM `rooms`;
CREATE TABLE `turnusers_st` (
`name` VARCHAR(512) PRIMARY KEY,
`password` VARCHAR(512)
) ENGINE INNODB DEFAULT CHARSET=latin1;
CREATE TABLE `turn_secret` (
`value` VARCHAR(512)
) ENGINE INNODB DEFAULT CHARSET=latin1;
CREATE TABLE `allowed_peer_ip` (
`ip_range` VARCHAR(256)
) ENGINE INNODB DEFAULT CHARSET=latin1;
CREATE TABLE `denied_peer_ip` (
`ip_range` VARCHAR(256)
) ENGINE INNODB DEFAULT CHARSET=latin1;

@ -7,7 +7,7 @@ use base 'Exporter';
our @EXPORT = qw/DB_VERSION COMPONENTS MOH JS_STRINGS API_ACTIONS/; our @EXPORT = qw/DB_VERSION COMPONENTS MOH JS_STRINGS API_ACTIONS/;
# Database version # Database version
use constant DB_VERSION => 4; use constant DB_VERSION => 5;
# Components used to generate the credits part # Components used to generate the credits part
use constant COMPONENTS => { use constant COMPONENTS => {
@ -41,9 +41,6 @@ use constant COMPONENTS => {
"MariaDB" => { "MariaDB" => {
url => 'https://mariadb.org/' url => 'https://mariadb.org/'
}, },
"rfc5766-turn-server" => {
url => 'https://code.google.com/p/rfc5766-turn-server/'
},
"FileSaver" => { "FileSaver" => {
url => 'https://github.com/eligrey/FileSaver.js' url => 'https://github.com/eligrey/FileSaver.js'
}, },

@ -108,3 +108,27 @@ if ($cur_ver < 4){
}; };
print "Successfully upgraded to schema version 4\n"; print "Successfully upgraded to schema version 4\n";
} }
if ($cur_ver < 5){
print "Upgrading the schema to version 5\n";
eval {
$dbh->begin_work;
$dbh->do(qq{ DROP TABLE `denied_peer_ip` });
$dbh->do(qq{ DROP TABLE `allowed_peer_ip` });
$dbh->do(qq{ DROP TABLE `turn_secret` });
$dbh->do(qq{ DROP TABLE `turnusers_st` });
$dbh->do(qq{ DROP VIEW `turnusers_lt` });
$dbh->do(qq{ ALTER TABLE `rooms` DROP COLUMN `token` });
$dbh->do(qq{ ALTER TABLE `rooms` DROP COLUMN `realm` });
$dbh->do(qq{ UPDATE `config` SET `value`='5' WHERE `key`='schema_version' });
$dbh->commit;
};
if ($@){
print "An error occurred: " . $dbh->errstr . "\n";
local $dbh->{RaiseError} = 0;
$dbh->rollback;
exit 255;
};
print "Successfully upgraded to schema version 5\n";
}

@ -40,7 +40,6 @@ $config->{'turn.credentials'} ||= 'static';
$config->{'turn.secret_key'} ||= ''; $config->{'turn.secret_key'} ||= '';
$config->{'turn.turn_user'} ||= ''; $config->{'turn.turn_user'} ||= '';
$config->{'turn.turn_password'} ||= ''; $config->{'turn.turn_password'} ||= '';
$config->{'turn.realm'} ||= 'vroom';
$config->{'video.frame_rate'} ||= 15; $config->{'video.frame_rate'} ||= 15;
$config->{'email.from '} ||= 'vroom@example.com'; $config->{'email.from '} ||= 'vroom@example.com';
$config->{'email.contact'} ||= 'admin@example.com'; $config->{'email.contact'} ||= 'admin@example.com';
@ -230,21 +229,15 @@ helper create_room => sub {
(`name`, (`name`,
`create_date`, `create_date`,
`last_activity`, `last_activity`,
`owner`, `owner`)
`token`,
`realm`)
VALUES (?, VALUES (?,
CONVERT_TZ(NOW(), @@session.time_zone, \'+00:00\'), CONVERT_TZ(NOW(), @@session.time_zone, \'+00:00\'),
CONVERT_TZ(NOW(), @@session.time_zone, \'+00:00\'), CONVERT_TZ(NOW(), @@session.time_zone, \'+00:00\'),
?, ?');
?,
?)');
}; };
$sth->execute( $sth->execute(
$name, $name,
$owner, $owner,
$self->get_random(256),
$config->{'turn.realm'}
); );
$self->app->log->info("Room $name created by " . $self->session('name')); $self->app->log->info("Room $name created by " . $self->session('name'));
# Etherpad integration ? If so, create the corresponding pad # Etherpad integration ? If so, create the corresponding pad
@ -965,14 +958,10 @@ helper get_turn_creds => sub {
elsif ($config->{'turn.credentials'} eq 'static'){ elsif ($config->{'turn.credentials'} eq 'static'){
return ($config->{'turn.turn_user'},$config->{'turn.turn_password'}); return ($config->{'turn.turn_user'},$config->{'turn.turn_password'});
} }
elsif ($config->{'turn.credentials'} eq 'rfc-5766-turn-server'){
return ($room->{name},$room->{token});
}
elsif ($config->{'turn.credentials'} eq 'rest'){ elsif ($config->{'turn.credentials'} eq 'rest'){
my $expire = time + 300; my $expire = time + 300;
my $user = $expire . ':' . $room->{name}; my $user = $expire . ':' . $room->{name};
my $pass = encode_base64(hmac_sha1($user, $config->{'turn.secret_key'})); my $pass = encode_base64(hmac_sha1($user, $config->{'turn.secret_key'}));
# my $pass = encode_base64(Digest::HMAC_SHA1->new($config->{'turn.secret_key'})->add($user)->digest);
chomp $pass; chomp $pass;
return ($user,$pass); return ($user,$pass);
} }
@ -1381,7 +1370,7 @@ any '/api' => sub {
my $rooms = $self->get_room_list; my $rooms = $self->get_room_list;
foreach my $r (keys %{$rooms}){ foreach my $r (keys %{$rooms}){
# Blank out a few param we don't need # Blank out a few param we don't need
foreach my $p (qw/join_password owner_password owner token etherpad_group/){ foreach my $p (qw/join_password owner_password owner etherpad_group/){
delete $rooms->{$r}->{$p}; delete $rooms->{$r}->{$p};
} }
# Count active users # Count active users
@ -2083,7 +2072,6 @@ get '/:room' => sub {
# Now display the room page # Now display the room page
return $self->render('join', return $self->render('join',
moh => $self->choose_moh(), moh => $self->choose_moh(),
turnPassword => $data->{token},
video => $video, video => $video,
etherpad => ($ec) ? 'true' : 'false', etherpad => ($ec) ? 'true' : 'false',
etherpadGroup => $data->{etherpad_group}, etherpadGroup => $data->{etherpad_group},

Loading…
Cancel
Save