Galène videoconferencing server discussion list archives
 help / color / mirror / Atom feed
From: "Michael Ströder" <michael@stroeder.com>
To: galene@lists.galene.org
Subject: [Galene] Re: coturn config
Date: Thu, 7 Jan 2021 13:07:06 +0100	[thread overview]
Message-ID: <43734076-b64d-a4ad-bd44-2e3266aa8d07@stroeder.com> (raw)
In-Reply-To: <87r1n4uv0r.wl-jch@irif.fr>

On 1/1/21 11:55 PM, Juliusz Chroboczek wrote:
>> ...And it turns out that I completely misunderstood how this is supposed
>> to work: there's not supposed to be any communication between the WebRTC
>> server and Coturn. Rather, there's a configured shared secret that the
>> WebRTC server can use to generate as many ephemeral credentials as it
>> wants.
> 
> I just pushed an implementation.
> [..]
> In other words, I've kept the standard configuration syntax, just added
> a non-standard value for "credentialType".
> 
> Your turnserver.conf should look like this:
> 
>     use-auth-secret
>     static-auth-secret=secret
>     realm=trun.example.org
> 
> I've done some testing, but I didn't test that it will properly rotate the
> key — please let me know if it survives 24h.

I'm already using this (with git revision d2f7010) since 2+ days. No
issues so far.

How to ensure that it survived key rotation?
Does key rotation affect existing TURN sessions?

Maybe some logging would be good.

Ciao, Michael.

  parent reply	other threads:[~2021-01-07 12:07 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-27 16:57 [Galene] " Cell
2020-12-27 17:55 ` [Galene] " Toke Høiland-Jørgensen
2020-12-27 18:02 ` Cell
2020-12-27 18:06 ` Cell
2020-12-27 18:16   ` Toke Høiland-Jørgensen
2020-12-27 19:04 ` Juliusz Chroboczek
2020-12-27 19:27   ` Juliusz Chroboczek
2020-12-27 20:32     ` Toke Høiland-Jørgensen
2020-12-27 23:28       ` Juliusz Chroboczek
2020-12-28  1:38         ` Toke Høiland-Jørgensen
2020-12-28 18:49           ` Juliusz Chroboczek
2020-12-28 19:59             ` Toke Høiland-Jørgensen
2020-12-29  1:56               ` Juliusz Chroboczek
2020-12-29  2:09                 ` Toke Høiland-Jørgensen
2020-12-29  8:35                   ` Michael Ströder
2021-01-01 22:55               ` Juliusz Chroboczek
2021-01-01 23:43                 ` Gabriel Kerneis
2021-01-02  0:02                   ` Juliusz Chroboczek
2021-01-07 12:07                 ` Michael Ströder [this message]
2021-01-07 12:14                   ` Toke Høiland-Jørgensen
2021-01-07 12:31                     ` [Galene] logging (was: coturn config) Michael Ströder
2021-01-07 13:27                   ` [Galene] Re: coturn config Juliusz Chroboczek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://lists.galene.org/postorius/lists/galene.lists.galene.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=43734076-b64d-a4ad-bd44-2e3266aa8d07@stroeder.com \
    --to=michael@stroeder.com \
    --cc=galene@lists.galene.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox