From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id 8EED67C2E64; Sat, 2 Jan 2021 01:02:06 +0100 (CET) Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 102023xw017497; Sat, 2 Jan 2021 01:02:03 +0100 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 8382BBED55; Sat, 2 Jan 2021 01:02:03 +0100 (CET) X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id iHMl8XL_CpAB; Sat, 2 Jan 2021 01:02:02 +0100 (CET) Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 4A358BED53; Sat, 2 Jan 2021 01:02:02 +0100 (CET) Date: Sat, 02 Jan 2021 01:02:02 +0100 Message-ID: <87lfdcuryd.wl-jch@irif.fr> From: Juliusz Chroboczek To: "Gabriel Kerneis" In-Reply-To: References: <1082cfcde178ddb72b51bcd03ee6770a@kn1ght.org> <87zh1zt6ip.wl-jch@irif.fr> <87y2hjt5fx.wl-jch@irif.fr> <87y2hjxa64.fsf@toke.dk> <87r1nau8v0.wl-jch@irif.fr> <87sg7qyaj2.fsf@toke.dk> <87a6tx7olm.wl-jch@irif.fr> <8735zpya4m.fsf@toke.dk> <87r1n4uv0r.wl-jch@irif.fr> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/27.1 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Sat, 02 Jan 2021 01:02:03 +0100 (CET) X-Miltered: at korolev with ID 5FEFB7FB.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 5FEFB7FB.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 5FEFB7FB.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham Message-ID-Hash: 7YHBDAR7ZQUL6FTKKC5FAULOPK7VXICS X-Message-ID-Hash: 7YHBDAR7ZQUL6FTKKC5FAULOPK7VXICS X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: Cell , galene@lists.galene.org X-Mailman-Version: 3.3.2 Precedence: list Subject: [Galene] Re: coturn config List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: >> "username": "galene", >> "credential": "secret", >> "credentialType": "hmac-sha1" > There is no username in the coturn configuration when using TURN REST API, > so is the "username" key still necessary here? It is optional. If present, it will be communicated to the TURN server in a secure manner (it cannot be spoofed by the client), so it may be used for logging or accounting. The protocol is fairly simple. The WebRTC server picks an expiration date for the credentials and encodes it as Unix time in base 10. It then sets if original_username == "" username = expires else username = expires:original_username password = BASE64(HMAC_SHA1(username, secret)) This is equivalent to the code that Toke posted earlier, except that that code picks the username at random. -- Juliusz