--- a/mod_turncredentials/mod_turncredentials.lua Fri Aug 09 18:41:51 2019 +0200
+++ b/mod_turncredentials/mod_turncredentials.lua Fri Aug 09 18:59:35 2019 +0200
@@ -6,6 +6,7 @@
local hmac_sha1 = require "util.hashes".hmac_sha1;
local base64 = require "util.encodings".base64;
local os_time = os.time;
+local datetime = require "util.datetime".datetime;
local secret = module:get_option_string("turncredentials_secret");
local host = module:get_option_string("turncredentials_host"); -- use ip addresses here to avoid further dns lookup latency
local port = module:get_option_number("turncredentials_port", 3478);
@@ -31,3 +32,20 @@
);
return true;
end);
+
+module:add_feature("urn:xmpp:extdisco:2");
+
+module:hook("iq-get/host/urn:xmpp:extdisco:2:services", function(event)
+ local origin, stanza = event.origin, event.stanza;
+ if origin.type ~= "c2s" then
+ return;
+ end
+ local now = os_time() + ttl;
+ local userpart = tostring(now);
+ local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false));
+ origin.send(st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:2"})
+ :tag("service", { type = "stun", host = host, port = ("%d"):format(port) }):up()
+ :tag("service", { type = "turn", host = host, port = ("%d"):format(port), username = userpart, password = nonce, expires = datetime(ttl), restricted = "1" }):up()
+ );
+ return true;
+end);