coturn / coturn Goto Github PK
View Code? Open in Web Editor NEWcoturn TURN server project
License: Other
coturn TURN server project
License: Other
What steps will reproduce the problem?
1. Setup coturn in AWS Amazon instances, lt-cred-mech, use-auth-secret,
static-auth-secret=Veureka123, without database, just generic username
(timestamp:userx), credential base64(hmac(Veureka123, username)).
2. Use SimpleWebRTC in client side.
3. Create crdentials like:
self.webrtc.config.peerConnectionConfig.iceServers = [{"url" :
"stun:myStunIP:3478"},
{
"url" : "turn:myTurnIP:3478?transport=udp",
"username": username,
"credential":hashEncoded
}];
What is the expected output? What do you see instead?
In Firefox it works fine, but in Chrome it isn't.
What version of the product are you using? On what operating system?
I test coTurn 4.2.3.1, 4.0.0.0 and 4.1.1.1, all fails.
Is there any reason of structure in ice servers config?? I tried use adapterjs
but simplewebrtc don't supports it.
Regards,
Original issue reported on code.google.com by [email protected]
on 18 Nov 2014 at 10:54
Hello currently i would like to use turnserver with peerjs. One think that
bothers me is how to set users for turn.
I would like to store users in file turnuserdb.conf. My problem is when I use
deafult user: ninefingers:youhavetoberealistic everything is fine(I can make
video chat), but when I specify for example myuser:passw and then appy it to
the example 1) as:
var peer = new Peer({host: peerJsServerHost, port: peerJsServerPort, path: peerJsServerPath, debug:3,
config: {'iceServers': [
{ url: 'turn:'+stunTurnServerHost+':3478', credential: 'passw', username: 'myuser' },
{ url: 'stun:'+stunTurnServerHost+':3478', credential: 'passw', username: 'myuser' }
]}
});
there is no connection between those two peerjs. Can anybody give me hint or
solution to this problem.
I'm starting turnserver with command: turnserver -o -c
/etc/turnserver/turnserver.conf -a
1) https://github.com/peers/peerjs/blob/master/examples/videochat/index.html
Original issue reported on code.google.com by [email protected]
on 24 Oct 2014 at 11:39
Hi,
is it possible to run coturn behind a nginx reverse proxy?
i have only 2 ip's on that maschine and need coturn to listen on port 443
so i want to configure nginx to forward name based to coturn, but no luck until now.
if that is known to working, can someone provide me a config?
regards
What steps will reproduce the problem?
The call flow is :
SIP PHONE APP (with ICE) ==> ASTERISK (with ICE)
What is the expected output? What do you see instead?
ICE failed : I receiveid the following error :
Received invalid STUN packet from 176.182.63.143:7076: MESSAGE_INTEGRITY
attribute missing
176.182.63.143 is the IP address from SIP PHONE APP.
What version of the product are you using? On what operating system?
Androïd and iOS Linphone APP.
Please provide any additional information below.
May be, coturn provide a parameter to disable control message integrity ?
Regards.
AfriCallShop
Original issue reported on code.google.com by [email protected]
on 22 May 2015 at 7:50
Would you like to add more error handling for return values from functions like the following?
Even if option "syslog" is defined in config file, small part of log is written to /var/log/turn__.log.
Example:
0: log file opened: /var/log/turn_26966_2016-08-19.log
0:
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.0.4 'dan Eider'
0:
Max number of open files/sockets allowed for this process: 999999
0:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 499500 (approximately)
0:
==== Show him the instruments, Practical Frost: ====
0: TLS supported
0: DTLS supported
0: DTLS 1.2 is not supported
0: TURN/STUN ALPN is not supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.0.1e-fips 11 Feb 2013
0:
0: SQLite supported, default database location is /var/db/turndb
0: Redis supported
0: PostgreSQL supported
0: MySQL supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)
=====================================================
All folowwing lines goes to syslog.
If I additionaly set command line option --syslog, then this part also goes to syslog.
So, I assume, that this part of log is generated before parsing config file.
I'm using turnserver-4.4.5.4 in Debian 8 Jessie, compiled by myself with default options.
When I try to launch turnserver I get this error in the log (with the -o
option):
0: Trying to bind fd 22 to <1.2.3.4:3478>: errno=98
0: Cannot bind TLS/TCP listener socket to addr 1.2.3.4:3478
0: Trying to bind TLS/TCP listener socket to addr 1.2.3.4:3478, again...
Or this error in the standard output (without the -o
option):
Cannot bind local socket to addr: Address already in use
0: Cannot bind TLS/TCP listener socket to addr 1.2.3.4:3478
0: Trying to bind TLS/TCP listener socket to addr 1.2.3.4:3478, again...
TCP or UDP 3478 port is not allocated at all and, in fact, the server runs for a few seconds and then process dies.
I found similar error with older versions and other distros here and tried the --ne=2
option, but then the server dies in the first connection.
hi,
i want to run coturn in a docker container under alpine linux.
But the compilation stopps with
src/apps/relay/mainrelay.c:1706:27: fatal error: linux/version.h: No such file or directory
why are the Kernel headers needed? if i remove the include of linux/version.h everything compiles just fine.
Installation of above RPM fails.
turnserver-4.5.0.3]# ./install.sh
Loaded plugins: fastestmirror, priorities
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
base
| 3.6 kB 00:00:00
centos-7-updates
| 2.5 kB 00:00:00
epel-7
| 4.3 kB 00:00:00
extras
| 3.4 kB 00:00:00
updates
| 3.4 kB 00:00:00
(1/5): epel-7/updateinfo
| 523 kB 00:00:00
(2/5): epel-7/primary_db
| 4.0 MB 00:00:00
(3/5): centos-7-updates/primary_db
| 27 MB 00:00:00
(4/5): extras/7/x86_64/primary_db
| 117 kB 00:00:01
(5/5): updates/7/x86_64/primary_db
| 4.1 MB 00:00:03
Determining fastest mirrors
Its a problem with
http://download.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm,
which has been removed from mirroring sites and new version
epel-release-7-6.noarch.rpm has been uploaded, requires correction in install.sh
Hi,
I seem to be having issues with using TLS or DTLS to connect to the TURN server, a "standard" un-encrypted connection works. I'm using turntutils_uclient with the following setup
turnutils_uclient -u test -w **** -S -y -k /home/***/.ssh/id_rsa ***.ddns.net
0: tls_connect: client session connected with cipher ECDHE-RSA-AES256-SHA, method=DTLSv1.0
0: tls_connect: client session connected with cipher ECDHE-RSA-AES256-SHA, method=DTLSv1.0
0: tls_connect: client session connected with cipher ECDHE-RSA-AES256-SHA, method=DTLSv1.0
0: tls_connect: client session connected with cipher ECDHE-RSA-AES256-SHA, method=DTLSv1.0
0: tls_connect: client session connected with cipher ECDHE-RSA-AES256-SHA, method=DTLSv1.0
1: Total connect time is 1
1: start_mclient: msz=4, tot_send_msgs=0, tot_recv_msgs=0, tot_send_bytes ~ 0, tot_recv_bytes ~ 0
2: start_mclient: msz=4, tot_send_msgs=0, tot_recv_msgs=0, tot_send_bytes ~ 0, tot_recv_bytes ~ 0
3: start_mclient: msz=4, tot_send_msgs=0, tot_recv_msgs=0, tot_send_bytes ~ 0, tot_recv_bytes ~ 0
4: start_mclient: msz=4, tot_send_msgs=5, tot_recv_msgs=5, tot_send_bytes ~ 500, tot_recv_bytes ~ 500
5: start_mclient: msz=4, tot_send_msgs=15, tot_recv_msgs=15, tot_send_bytes ~ 1500, tot_recv_bytes ~ 1500
6: start_mclient: msz=4, tot_send_msgs=15, tot_recv_msgs=15, tot_send_bytes ~ 1500, tot_recv_bytes ~ 1500
6: start_mclient: tot_send_msgs=20, tot_recv_msgs=20
6: start_mclient: tot_send_bytes ~ 2000, tot_recv_bytes ~ 2000
6: Total transmit time is 5
6: Total lost packets 0 (0.000000%), total send dropped 0 (0.000000%)
6: Average round trip delay 2.200000 ms; min = 1 ms, max = 3 ms
6: Average jitter 0.450000 ms; min = 0 ms, max = 1 ms
and the server shows
0: log file opened: /var/log/turn_11968_2015-09-29.log
0:
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.0.1 'dan Eider'
0:
Max number of open files/sockets allowed for this process: 4096
0:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 2000 (approximately)
0:
==== Show him the instruments, Practical Frost: ====
0: TLS supported
0: DTLS supported
0: DTLS 1.2 is not supported
0: TURN/STUN ALPN is not supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.0.1e-fips 11 Feb 2013
0:
0: SQLite supported, default database location is /var/db/turndb
0: Redis supported
0: PostgreSQL supported
0: MySQL supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)
=====================================================
0: Config file found: /etc/turnserver/turnserver.conf
0: log file opened: /var/log/turn_2015-09-29.log
0: Config file found: /etc/turnserver/turnserver.conf
0: Domain name:
0: Default realm: **.ddns.net
0: Config file found: /usr/local/etc/turn_server_cert.pem
0: Config file found: /usr/local/etc/turn_server_pkey.pem
0: SSL23: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: SSL23: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: TLS1.0: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: TLS1.0: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: TLS1.1: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: TLS1.1: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: TLS1.2: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: TLS1.2: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: TLS cipher suite: DEFAULT
0: DTLS: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: DTLS: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: DTLS cipher suite: DEFAULT
0: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering listener addresses: =========
0: Listener address to use: 127.0.0.1
0: Listener address to use: **.server.private.ip.***
0: Listener address to use: ::1
0: =====================================================
0: Total: 1 'real' addresses discovered
0: =====================================================
0: NO EXPLICIT RELAY ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering relay addresses: =============
0: Relay address to use: **.server.private.ip.***
0: Relay address to use: ::1
0: =====================================================
0: Total: 2 relay addresses discovered
0: =====================================================
0: pid file created: /var/run/turnserver.pid
0: IO method (main listener thread): epoll (with changelist)
0: Wait for relay ports initialization...
0: relay **.server.private.ip.*** initialization...
0: relay **.server.private.ip.*** initialization done
0: relay ::1 initialization...
0: relay ::1 initialization done
0: Relay ports initialization done
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=1 created
0: IPv4. TLS/SCTP listener opened on : 127.0.0.1:3478
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:3478
0: IPv4. TLS/SCTP listener opened on : 127.0.0.1:3479
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:3479
0: IPv4. TLS/SCTP listener opened on : 127.0.0.1:5349
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:5349
0: IPv4. TLS/SCTP listener opened on : 127.0.0.1:5350
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:5350
0: IPv4. TLS/SCTP listener opened on : **.server.private.ip.***:3478
0: IPv4. TLS/TCP listener opened on : **.server.private.ip.***:3478
0: IPv4. TLS/SCTP listener opened on : **.server.private.ip.***:3479
0: IPv4. TLS/TCP listener opened on : **.server.private.ip.***:3479
0: IPv4. TLS/SCTP listener opened on : **.server.private.ip.***:5349
0: IPv4. TLS/TCP listener opened on : **.server.private.ip.***:5349
0: IPv4. TLS/SCTP listener opened on : **.server.private.ip.***:5350
0: IPv4. TLS/TCP listener opened on : **.server.private.ip.***:5350
0: IPv6. TLS/SCTP listener opened on : ::1:3478
0: IPv6. TLS/TCP listener opened on : ::1:3478
0: IPv6. TLS/SCTP listener opened on : ::1:3479
0: IPv6. TLS/TCP listener opened on : ::1:3479
0: IPv6. TLS/SCTP listener opened on : ::1:5349
0: IPv6. TLS/TCP listener opened on : ::1:5349
0: IPv6. TLS/SCTP listener opened on : ::1:5350
0: IPv6. TLS/TCP listener opened on : ::1:5350
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=0 created
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:3478
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:3479
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:5349
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:5350
0: IPv4. TLS/TCP listener opened on : **.server.private.ip.***:3478
0: IPv4. TLS/TCP listener opened on : **.server.private.ip.***:3479
0: IPv4. TLS/TCP listener opened on : **.server.private.ip.***:5349
0: IPv4. TLS/TCP listener opened on : **.server.private.ip.***:5350
0: IPv6. TLS/TCP listener opened on : ::1:3478
0: IPv6. TLS/TCP listener opened on : ::1:3479
0: IPv6. TLS/TCP listener opened on : ::1:5349
0: IPv6. TLS/TCP listener opened on : ::1:5350
0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:3478
0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:3479
0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:5349
0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:5350
0: IPv4. DTLS/UDP listener opened on: **.server.private.ip.***:3478
0: IPv4. DTLS/UDP listener opened on: **.server.private.ip.***:3479
0: IPv4. DTLS/UDP listener opened on: **.server.private.ip.***:5349
0: IPv4. DTLS/UDP listener opened on: **.server.private.ip.***:5350
0: IPv6. DTLS/UDP listener opened on: ::1:3478
0: IPv6. DTLS/UDP listener opened on: ::1:3479
0: IPv6. DTLS/UDP listener opened on: ::1:5349
0: IPv6. DTLS/UDP listener opened on: ::1:5350
0: Total General servers: 2
0: IO method (auth thread): epoll (with changelist)
0: IO method (auth thread): epoll (with changelist)
0: IO method (admin thread): epoll (with changelist)
0: IPv4. CLI listener opened on : 127.0.0.1:5766
0: SQLite DB connection success: /var/db/turndb
7: IPv4. Accepted connection from: **.server.public.ip.***:37927
7: handle_udp_packet: New UDP endpoint: local addr **.server.private.ip.***:5349, remote addr **.server.public.ip.***:37927
7: session 001000000000000001: realm <**.ddns.net> user <>: incoming packet message processed, error 401: Unauthorized
7: IPv4. Local relay addr: **.server.private.ip.***:51840
7: IPv4. Local reserved relay addr: **.server.private.ip.***:51841
7: session 001000000000000001: new, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 001000000000000001: realm <**.ddns.net> user <test>: incoming packet ALLOCATE processed, success
7: session 001000000000000001: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 001000000000000001: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: IPv4. Accepted connection from: **.server.public.ip.***:60912
7: handle_udp_packet: New UDP endpoint: local addr **.server.private.ip.***:5349, remote addr **.server.public.ip.***:60912
7: IPv4. Accepted connection from: **.server.public.ip.***:42719
7: handle_udp_packet: New UDP endpoint: local addr **.server.private.ip.***:5349, remote addr **.server.public.ip.***:42719
7: IPv4. Accepted connection from: **.server.public.ip.***:57775
7: handle_udp_packet: New UDP endpoint: local addr **.server.private.ip.***:5349, remote addr **.server.public.ip.***:57775
7: IPv4. Accepted connection from: **.server.public.ip.***:57499
7: handle_udp_packet: New UDP endpoint: local addr **.server.private.ip.***:5349, remote addr **.server.public.ip.***:57499
7: session 001000000000000002: realm <**.ddns.net> user <>: incoming packet message processed, error 401: Unauthorized
7: IPv4. Local relay addr (RTCP): **.server.private.ip.***:51841
7: session 001000000000000002: new, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 001000000000000002: realm <**.ddns.net> user <test>: incoming packet ALLOCATE processed, success
7: session 001000000000000002: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 001000000000000002: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: session 001000000000000003: realm <**.ddns.net> user <>: incoming packet message processed, error 401: Unauthorized
7: IPv4. Local relay addr: **.server.private.ip.***:63474
7: IPv4. Local reserved relay addr: **.server.private.ip.***:63475
7: session 001000000000000003: new, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 001000000000000003: realm <**.ddns.net> user <test>: incoming packet ALLOCATE processed, success
7: session 001000000000000003: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 001000000000000003: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: session 000000000000000001: realm <**.ddns.net> user <>: incoming packet message processed, error 401: Unauthorized
7: IPv4. Local relay addr (RTCP): **.server.private.ip.***:63475
7: session 000000000000000001: new, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 000000000000000001: realm <**.ddns.net> user <test>: incoming packet ALLOCATE processed, success
7: session 000000000000000001: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 000000000000000001: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: session 000000000000000002: realm <**.ddns.net> user <>: incoming packet message processed, error 401: Unauthorized
7: IPv4. Local relay addr: **.server.private.ip.***:65270
7: IPv4. Local reserved relay addr: **.server.private.ip.***:65271
7: session 000000000000000002: new, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 000000000000000002: realm <**.ddns.net> user <test>: incoming packet ALLOCATE processed, success
7: session 000000000000000002: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=777, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 000000000000000002: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: session 001000000000000002: peer **.server.private.ip.***:63475 lifetime updated: 600
7: session 001000000000000002: realm <**.ddns.net> user <test>: incoming packet CHANNEL_BIND processed, success
7: session 001000000000000003: peer **.server.private.ip.***:65270 lifetime updated: 600
7: session 001000000000000003: realm <**.ddns.net> user <test>: incoming packet CHANNEL_BIND processed, success
7: session 000000000000000001: peer **.server.private.ip.***:51841 lifetime updated: 600
7: session 000000000000000001: realm <**.ddns.net> user <test>: incoming packet CHANNEL_BIND processed, success
7: session 000000000000000002: peer **.server.private.ip.***:63474 lifetime updated: 600
7: session 000000000000000002: realm <**.ddns.net> user <test>: incoming packet CHANNEL_BIND processed, success
7: session 001000000000000002: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=600, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 001000000000000002: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: session 001000000000000002: peer **.server.private.ip.***:63475 lifetime updated: 300
7: session 001000000000000002: realm <**.ddns.net> user <test>: incoming packet CREATE_PERMISSION processed, success
7: session 001000000000000002: peer **.server.private.ip.***:63475 lifetime updated: 600
7: session 001000000000000002: realm <**.ddns.net> user <test>: incoming packet CHANNEL_BIND processed, success
7: session 001000000000000003: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=600, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 001000000000000003: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: session 001000000000000003: peer **.server.private.ip.***:65270 lifetime updated: 300
7: session 001000000000000003: realm <**.ddns.net> user <test>: incoming packet CREATE_PERMISSION processed, success
7: session 001000000000000003: peer **.server.private.ip.***:65270 lifetime updated: 600
7: session 001000000000000003: realm <**.ddns.net> user <test>: incoming packet CHANNEL_BIND processed, success
7: session 000000000000000001: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=600, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 000000000000000001: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: session 000000000000000001: peer **.server.private.ip.***:51841 lifetime updated: 300
7: session 000000000000000001: realm <**.ddns.net> user <test>: incoming packet CREATE_PERMISSION processed, success
7: session 000000000000000001: peer **.server.private.ip.***:51841 lifetime updated: 600
7: session 000000000000000001: realm <**.ddns.net> user <test>: incoming packet CHANNEL_BIND processed, success
7: session 000000000000000002: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=600, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
7: session 000000000000000002: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
7: session 000000000000000002: peer **.server.private.ip.***:63474 lifetime updated: 300
7: session 000000000000000002: realm <**.ddns.net> user <test>: incoming packet CREATE_PERMISSION processed, success
7: session 000000000000000002: peer **.server.private.ip.***:63474 lifetime updated: 600
7: session 000000000000000002: realm <**.ddns.net> user <test>: incoming packet CHANNEL_BIND processed, success
13: session 001000000000000002: refreshed, realm=<**.ddns.net>, username=<test>, lifetime=0, cipher=ECDHE-RSA-AES256-SHA, method=DTLSv1.0
13: session 001000000000000002: realm <**.ddns.net> user <test>: incoming packet REFRESH processed, success
13: session 001000000000000002: closed (2nd stage), user <test> realm <**.ddns.net> origin <>, local **.server.private.ip.***:5349, remote **.server.public.ip.***:60912, reason: SSL read error
13: session 001000000000000002: SSL shutdown received, socket to be closed (local **.server.private.ip.***:5349, remote **.server.public.ip.***:60912)
13: session 001000000000000002: delete: realm=<**.ddns.net>, username=<test>
13: session 001000000000000002: peer **.server.private.ip.***:63475 deleted
Segmentation fault
Any ideas of what to try would be greatly appreciated!
➜ coturn git:(master) ✗ make
pwd
/Users/hejiayi/Desktop/yinyueke/coturn
mkdir -p bin
cc -g -Wall -Wno-deprecated-declarations -Wextra -Wformat-security -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wcast-qual -I/usr/local/include -I/usr/local/include/ -I/usr/local/include -DTURN_HAS_SIN_LEN -DTURN_NO_THREAD_BARRIERS -DTURN_HAS_DAEMON -DINSTALL_PREFIX=/usr/local -DTURNDB=/usr/local/var/db/turndb -Isrc -Isrc/apps/common -Isrc/server -Isrc/client -Isrc/client++ -I/usr/local/include/ -I/usr/local/include/ src/apps/stunclient/stunclient.c src/apps/common/apputils.c src/apps/common/ns_turn_utils.c src/apps/common/stun_buffer.c -o bin/turnutils_stunclient -Llib -lturnclient -Llib -L/usr/local/lib/ -L/usr/local/lib/ -lresolv -lcrypto -lssl -levent_core -levent_extra -levent_openssl -levent_pthreads -lsqlite3 -Wl,-rpath,/usr/local/lib/ -Wl,-rpath,/usr/local/lib/ -Wl,-rpath,/usr/local/lib
Undefined symbols for architecture x86_64:
"_DTLSv1_2_client_method", referenced from:
_turn_get_method in apputils-99f2a9.o
"_DTLSv1_2_server_method", referenced from:
_turn_get_method in apputils-99f2a9.o
"_EVP_aes_128_gcm", referenced from:
_get_cipher_type in libturnclient.a(ns_turn_msg.o)
"_EVP_aes_256_gcm", referenced from:
_get_cipher_type in libturnclient.a(ns_turn_msg.o)
"_TLSv1_1_client_method", referenced from:
_turn_get_method in apputils-99f2a9.o
"_TLSv1_1_server_method", referenced from:
_turn_get_method in apputils-99f2a9.o
"_TLSv1_2_client_method", referenced from:
_turn_get_method in apputils-99f2a9.o
"_TLSv1_2_server_method", referenced from:
_turn_get_method in apputils-99f2a9.o
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make: *** [bin/turnutils_stunclient] Error 1
Hi team,
I'm using turnhttp for TURN REST API (https://github.com/dataarts/turnhttp).
So, I don't know how to config coturn with turnhttp. I find some config in turnserver.conf like below:
What should I do with this config? And what's usercombo?
In my case: coturn server is 1.2.3.4:3478, and turnhttp is: A.B.C.D:8080. Please show me how to intergrate them.
Thanks!
It looks like there is a 4.5.0.3 version of the AWS EC2 AMI (thank you!!) but there's no documentation on how to access or setup. I found this page through google: https://coturn.googlecode.com/svn-history/r865/amazonlinuxami/turnserver-4.4.5.3-amazon-aws-ec2-x86_64.txt but I cannot find a similar page in github (either the repo or the wiki).
Thanks so much for making this!
I am currently trying to implement a peer-to-peer file transfer application, which is quite different for the common use of TURN for real-time communication that is not so sensitive about data loss.
So I'm wondering if I use tcp for client to TURN server communication and server-peer relaying, do I have the reliability as if the client connects to peer directly over tcp? Or do I still have to implement reliability at application level?
My config is set to /var/log for the logfiles, but the turnserver logs keep going to /var/tmp
Using CoTurn 4.5.0.4
The server operation may become erratic when the clients are using native SCTP
connections. That is especially true for the FreeBSD server platform.
Original issue reported on code.google.com by [email protected]
on 6 Apr 2015 at 4:08
What steps will reproduce the problem?
1. start coturn with default configuration
2. call turnutils_uclient -T -n 50 -l 10000 host
3.
What is the expected output? What do you see instead?
I see Total lost packets 100 (100.000000%)
What version of the product are you using? On what operating system?
Linux32, Version Coturn-4.2.1.2
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 26 Jun 2015 at 9:27
I would like to point out that identifiers like "__LIB_TURN_MSG_CPP__
" and "_SOCKET_TYPE
" do not fit to the expected naming convention of the C++ language standard.
Would you like to adjust your selection for unique names?
I tried to use postgresql as userdb, but I got this following error:
0: log file opened: /var/log/turn.log
0: Config file found: /etc/turnserver.conf
0: Bad configuration format: psql-userdb
My configuration looks like this:
psql-userdb="host=10.130.108.XXX dbname=dbname user=qisuser password=qispassword connect_timeout=30"
I also tried following format:
psql-userdb="postgresql://qisuser:[email protected]:5432/dbname"
Any ideas on what the correct format should be?
Thank you.
I was using coturn as a turn webrtc service development, but I encountered a new problem, in the webrtc is to use the single port . Using rfc5761 and rfc5888, they seem to be going nowhere. There is no answer address of the other party relay. So I would like to ask coturn support? How to configure?
I see 'secure-stun' configuration in the turnsever.conf, when I uncomment it, I cannot test the stun request right,I find someone also got this problem but no good solution,can you tell me what's the reason?
Coturn and Turnserver cannot be installed side by side.
Currently both projects share a few similar files which means they cannot be
installed side by side. So far I can see that /etc/init.d/rfc5766-turn-server
is the same, I propose to change this to: /etc/init.d/coturn
Secondly the config files, (userdb.conf & turnserver.conf) these should be
changed to be coturn specific to prevent conflicts.
Original issue reported on code.google.com by [email protected]
on 28 Aug 2014 at 4:48
Hello.
I'm using coturn server to relay data. I'm using TCP protocol, and when I send too much data together (ChannelData messages themself are small, but I send lot of them together), receiving side starts losing packets. question is: why does this happen? why doesn't it stop accepting new packets instead if it cannot relay them so quickly? logs don't even show any warning. How can I avoid it? is the only solution to add some layer on top of those packets to make sure they get delivered before sending new ones? like implementing 'pseudo-tcp' layer?
here's how I reproduce it:
turnutils_uclient -T -v -y -z 1 -l 500 -n 300 -u user1 -w pass1 server1
Hi!
Im currently using a alternate mysql installation on my build machine. Usually under /opt/mysql. Is there any way to use that installation to bud coTurn?
Thanks.
Hi,
The attached patch allows the listening-ip and relay-ip configuration fields to
contain a hostname, which is then resolved with getaddrinfo(). Tested under
Linux and OSX.
Rationale:
In some environments (for example, Google Cloud Servers) the host gets a
dynamic private IPv4 upon restart which may change at any time. Fortunately an
alias for the private IP is automatically added into /etc/hosts. For some
reasons one may need to make Coturn to just listen into the private address and
avoid IP autodiscovery. The patch makes this scenario easier to live with.
Original issue reported on code.google.com by [email protected]
on 8 Sep 2014 at 10:50
Attachments:
Hi, I'm looking for some clarification on the removal of flat-file user database.
It was removed after version 4.2.3.1 in commit b9ef9f4 ("working on sqlite support") with no further comment.
What is the reason for its removal, and is it something which could be restored?
Are there any extra considerations that make flat-file functionality unusable? Or was it simply removed because it did not fit into the 'dbdrivers' hierarchy?
Hello, I was reading https://github.com/coturn/coturn/wiki/README and i realised that turnutils_rfc5769check is missing
I build source code coturn and libevent, then install them in CentOS 6.5. STUN and TRUN access seems to be working correct.
But, when I send http query request without "=" and value like http://<ip address>:<port>?key, coturn server crashes because of segmentation fault.
Coturn server does not crash when I send http query with ?key= or ?key=value.
Here is the syslog.
Feb 26 11:44:50 host-192-168-10-9 kernel: turnserver[19668]: segfault at 8 ip 000000000040fe8e sp 00007f3c6dd12220 error 6 in turnserver[400000+6a000]
Feb 26 11:44:50 host-192-168-10-9 abrtd: Directory 'ccpp-2016-02-26-11:44:50-19660' creation detected
Feb 26 11:44:50 host-192-168-10-9 abrt[19674]: Saved core dump of pid 19660 (/usr/local/bin/turnserver) to /var/spool/abrt/ccpp-2016-02-26-11:44:50-19660 (86544384 bytes)
I want not to stop coturn when the server receives any query.
Is this a bug? Otherwise, could you please tell me how to avoid?
Thanks.
When trying to set a mongodb uri in the turnserver.conf configuration I get the
following error:
"Bad configuration format: mongo-userdb"
My configuration looks like this
mongo-userdb="mongodb://user:pass@host/db"
Any ideas on what the correct format should be? I checked out this page (side
note the docs point to an invalid webpage, this is the correct):
http://hergert.me/docs/mongo-c-driver-docs-0.94.2/mongoc_uri.html
My configuration directive looks to be right! I can connect using the shell
script for schema population.
Original issue reported on code.google.com by [email protected]
on 28 Aug 2014 at 6:24
[Assumed cause]
Because "MYSQL_OPT_READ_TIMEOUT" is not set, coturn cannot detect mysql_ping timeout.
I think coturn shoud have "READ_TIMEOUT" setting(like tomcat) to detect mysql_ping timeout.
[Possible modification]
Set "READ_TIMEOUT" just after coturn sets "CONNECT_TIMEOUT".
[Target source]
coturn-master\src\apps\relay\dbdrivers\dbd_mysql.c
What steps will reproduce the problem?
1. run this command to start turn server, "10.0.0.12" is turn server's local ip
address:
./turnserver -E 10.0.0.12 -E 127.0.0.1 -E 10.0.0.12
2. Watch command output, about "Relay address to use".
What is the expected output? What do you see instead?
Expected output:
... ...
0: Relay address to use: 10.0.0.12
0: Relay address to use: 127.0.0.1
... ...
Real output:
... ...
0: Relay address to use: 10.0.0.12
0: Relay address to use: 127.0.0.1
0: Relay address to use: 10.0.0.12
... ...
What version of the product are you using? On what operating system?
Version Coturn-4.4.5.1 'Ardee West'
Please provide any additional information below.
Patch file in attached.
Original issue reported on code.google.com by [email protected]
on 28 Apr 2015 at 3:34
Attachments:
I'm getting a segmentation fault when debugging coturn
The crash is happening on line 1773 of apps/relay/netengine.c
static void setup_auth_server(struct auth_server *as)
{
if(pthread_create(&(as->thr), NULL, run_auth_server_thread, as)<0) {
perror("Cannot create auth thread\n");
exit(-1);
}
pthread_detach(as->thr);
}
On the pthread_detach(as->thr); line.
Here's a dump of some related variables.
The format is
name, value, type.
setup_auth_server {void (struct auth_server *)} 0x55555556e3cc <setup_server+1388> void (struct auth_server *)
authserver @0x5555557dad80 auth_server [256]
[0] @0x5555557dad80 auth_server
id 0 authserver_id
event_base 0x0 event_base *
in_buf 0x0 bufferevent *
out_buf 0x0 bufferevent *
thr 140737255655168 pthread_t
rch 0 redis_context_handle
[1] @0x5555557dadb0 auth_server
id 1 authserver_id
event_base @0x7fffe80008f0 event_base
in_buf @0x7fffe8001210 bufferevent
out_buf @0x7fffe80015b0 bufferevent
thr 0 pthread_t
rch 0 redis_context_handle
[2] @0x5555557dade0 auth_server
id 0 authserver_id
event_base 0x0 event_base *
in_buf 0x0 bufferevent *
out_buf 0x0 bufferevent *
thr 0 pthread_t
rch 0 redis_context_handle
authserver_number 3 authserver_id
Here's some relevant system settings of my machine (Gentoo), which also indicate how turnserver was compiled.
ymir jonesmz # emerge --info turnserver
System Settings
System uname: Linux-4.2.6-hardened-r7-x86_64-Intel-R-Core-TM-2_Quad_CPU_Q9550@_2.83GHz-with-gentoo-2.2
KiB Mem: 8166660 total, 68848 free
KiB Swap: 10494972 total, 10364956 free
Timestamp of repository gentoo: Mon, 07 Dec 2015 19:00:01 +0000
sh bash 4.3_p39
ld GNU ld (Gentoo 2.25.1 p1.1) 2.25.1
distcc 3.2rc1 x86_64-pc-linux-gnu [disabled]
app-shells/bash: 4.3_p39::gentoo
dev-java/java-config: 2.2.0::gentoo
dev-lang/perl: 5.20.2::gentoo
dev-lang/python: 2.7.10-r1::gentoo, 3.4.3::gentoo
dev-util/cmake: 3.3.1-r1::gentoo
dev-util/pkgconfig: 0.28-r2::gentoo
sys-apps/baselayout: 2.2::gentoo
sys-apps/openrc: 0.18.4::gentoo
sys-apps/sandbox: 2.6-r1::gentoo
sys-devel/autoconf: 2.13::gentoo, 2.69::gentoo
sys-devel/automake: 1.11.6-r1::gentoo, 1.12.6::gentoo, 1.14.1::gentoo, 1.15::gentoo
sys-devel/binutils: 2.25.1-r1::gentoo
sys-devel/gcc: 4.9.3::gentoo
sys-devel/gcc-config: 1.7.3::gentoo
sys-devel/libtool: 2.4.6::gentoo
sys-devel/make: 4.1-r1::gentoo
sys-kernel/linux-headers: 3.18::gentoo (virtual/os-headers)
sys-libs/glibc: 2.21-r1::gentoo
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=x86-64 -mtune=generic -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CXXFLAGS="-O2 -pipe -O2 -pipe -march=x86-64 -mtune=generic -O2 -pipe"
FCFLAGS="-O2 -pipe"
FFLAGS="-O2 -pipe"
LANG="en_US.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
Turnserver's installed using this ebuild: https://github.com/jonesmz/gentoo-overlay/blob/master/www-servers/turnserver/turnserver-4.5.0.3.ebuild
I'm debugging with qtcreator (3.4.2). The IDE is being run as root. I'm running a terminal, becoming superuser ( running "su" and giving it my password), then I launch qtcreator from the shell.
Once qtcreator has started, I go to the debug menu, click on "Start Debugging" and then "Start and Debug an External Application"
I select /usr/bin/turnserver as the local executable and then hit OK.
So far, turnserver has always crashed on the pthread_detach line. It seems to break when it's calling it the third time, but I'm not entirely sure.
Any suggestions? Is this a code glitch, or have I done something wrong here?
The function "printf" does not belong to the list of async-signal-safe functions.
I guess that a different program design will be needed for your function "sighup_callback_handler".
Hi,
turnserver-4.5.0.3/install.sh points to http://download.fedoraproject.org/pub/epel/7/x86_64/e/ to download epel-release-7-6.noarch, which is updated with new version (epel-release-7-7.noarch) and old version removed from repo.
Causes build to fail, could we point it to different repo?
Installed the server, configured, enabled the RestAPI mode but when I open the server-ip:3478 only the management interface opens. I deleted the admin user because I read that the management interface only shows when there is an admin in admin_user table.
If I made a user from admin page, then user turnutils_uclient then the test run successfully, so I can connect to my server, only the endpoint is not working or something :(
The last version of debian package in Downloads is 4.4.5.3 - http://turnserver.open-sys.org/downloads/v4.4.5.3/turnserver-4.4.5.3-debian-wheezy-ubuntu-mint-x86-64bits.tar.gz . All versions after that (4.4.5.4, 4.5.0.1, 4.5.0.2) do not have debian packages. Is it dropped altogether or it's just an error ?
My turn server: turn.me.com
My OPENFIRE SERVER: ME.COM
I need ME.COM username and password,
How should I set up?
Apart turnserver.conf, also you need to set other files?
689: ERROR: check_stun_auth: Can not find credentials of user <20769326b318>
814: ERROR: check_stun_auth: Can not find credentials of user <20769326b318>
814: ERROR: check_stun_auth: Can not find credentials of user <20769326b318>
When I set a DSCP tag (by using googDscp constraint : true when setting up a
peer connection), packets from client to TURN server are marked.
Differentiated Services Field: 0x88 (DSCP 0x22: Assured Forwarding 41; (...)
1000 10 .. = Differentiated Services Codepoint: Assured Forwarding 41 (0x22)
DSCP in packets after going through the server are set back to zero:
Differentiated Services Field: 0x00 (DSCP 0x00: Default; (...)
0000 00 .. = Differentiated Services Codepoint: Default (0x00)
On linux preferred behaviour is used mleaning that the outgoing value is set to
the incoming value. But given my tests, this value is set to zero.
I have checked it on coturn 4.3.1.2 (Ubuntu server 14.04) and on turn-5766
3.2.2.4 (Ubuntu server 12.04).
What version of the product are you using? On what operating system?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 3 Feb 2015 at 9:00
Coturn daemon cannot work on host with one core in one CPU.
But corectly starts on host with two cores in one CPU.
Support for authentication against a RADIUS server.
For SIP, this can be done using rlm_digest in the FreeRADIUS server. For TURN, it needs to use HMAC instead of DIGEST, so a server-side module in FreeRADIUS server is required.
This is discussed in some detail in the reSIProcate (reTurnServer) wiki:
http://www.resiprocate.org/Improving_RADIUS_Support
http://www.resiprocate.org/RADIUS
https://www.resiprocate.org/bugzilla/show_bug.cgi?id=103
coTurn mailing list:
https://groups.google.com/forum/#!topic/turn-server-project-rfc5766-turn-server/A7GefqomAZ0
As commented in this group post, --no_tcp
and --no_udp
flags do not disable plain sockets. Intead of that, activating both only disable listening-port
and continue enabling tls-listening-port
, but accepting both, plain and TLS/DTLS connections.
I would like having granularity of which socket is listening, plain or secure and how it behaves, allowing both, only plain or only secure listening socket.
What steps will reproduce the problem?
1. Start a redis-server in localhost, as turn-server's user-statsdb:
./redis-server &
2. Start turn-server with statsdb enabled:
./turnserver -p 10001 -L 10.10.10.15 -a -f -v --no-cli -r localhost -O
port=6379
3. Kill or restart the redis-server started in "step 1":
kill
4. run top command, watch the cpu usage of turn-server:
top
What is the expected output? What do you see instead?
Expected output:
Turn server runs normally, and cpu usage is low.
Real output:
The cpu usage is over 99% per thread:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
30877 xxxxxxxx 20 0 696m 18m 2424 R 99.4 0.5 0:22.79 turnserver
30876 xxxxxxxx 20 0 696m 18m 2424 R 99.1 0.5 0:22.80 turnserver
30878 xxxxxxxx 20 0 696m 18m 2424 R 99.1 0.5 0:22.72 turnserver
What version of the product are you using? On what operating system?
Version:
Version Coturn-4.4.5.1 'Ardee West'
Operating system:
Linux tmpserver 3.2.0-23-generic #36-Ubuntu SMP Tue Apr 10 20:39:51 UTC 2012
x86_64 x86_64 x86_64 GNU/Linux
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 4 May 2015 at 1:43
The @matrix-org project uses the coturn
server, also within the semi-official Docker environment by @silvio.
I am currently refactoring said image to split up services into separate containers.
Any wishes for configurability of the container?
We could try to create a generalized, official one and learn from the others.
This could result in a Pull Request to this repository, if requested.
In Ubuntu the firewall is managed by UFW. The rules can be manually added or an
application configuration file can be added to simplify the process.
I've attached a file with the default ports to simplify firewall setup on
Ubuntu.
To use run these commands
cp turnserver /etc/ufw/applications.d/turnserver
ufw add turnserver
This file should probably be automatically copied as part of the Ubuntu package
install (not quite sure how to do this but it's a standard practise).
Original issue reported on code.google.com by [email protected]
on 20 Aug 2014 at 3:40
Attachments:
I currently have a database with some collection names that follow a
convention. I want to share this DB with Turnserver but unfortunately a couple
of the collection names used are the same.
I would like the option in the conf file to set the string collection name used
for each function.
e.g. in the config we would have the following
mongodb-collection-allowed-peer-ip="allowed_peer_ip"
mongodb-collection-denied-peer-ip="denied_peer_ip"
mongodb-collection-realms="realms"
mongodb-collection-turn-secret="turn_secret"
mongodb-collection-turnusers-lt="turnusers_lt"
mongodb-collection-turnusers-st="turnusers-st"
Original issue reported on code.google.com by [email protected]
on 28 Aug 2014 at 4:54
What steps will reproduce the problem?
1. install turnserver v4.1.1.1 on CentOS 6.5
2. install kamailio-4.1.5
3. install imsdroid on android endpoint
What is the expected output? What do you see instead?
After several necessary configuration, turnserver work only in relay mode with
two imsdroid UAs
What version of the product are you using? On what operating system?
turnserver v4.1.1.1 on CentOS 6.5
kamailio-4.1.5
imsdroid v2.569.1089
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 5 Sep 2014 at 9:27
We're using the lowest verbosity according to the conf file
[..]
# Uncomment to run TURN server in 'normal' 'moderate' verbose mode.
# By default the verbose mode is off.
#verbose
# Uncomment to run TURN server in 'extra' verbose mode.
# This mode is very annoying and produces lots of output.
# Not recommended under any normal circumstances.
#
#Verbose
[..]
It would be nice if one could use TURN_LOG_LEVEL
(
coturn/src/apps/common/ns_turn_utils.h
Line 52 in e544a6c
We end up with log files of ca 275MB every day (easily compressable, though) right now.
Thank you for looking into the issue
configure should respect non-interactive consoles, and use cat command instead of more
We try to use always the newest coturn implementation building from source, but our scripts cannot handle the last command of make install
as it uses more command.
what is the minimum configuration to do to make my Turn server work behind NAT?
what are all ports I have to open for it to work behind NAT?
As I have read coturn comes with inbuilt STUN so can I use STUN address in my application instead of default google STUN mentioned here https://github.com/coturn/coturn/wiki/CoturnConfig
if so what should be my configuration there to be modified in the javascript object in RTCPeerConnection
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.