Initial commit

master
root 3 years ago
commit d5d35b3e0f
  1. 0
      debian/.debhelper/generated/turnserverauth/installed-by-dh_installdocs
  2. 5
      debian/changelog
  3. 1
      debian/compat
  4. 17
      debian/control
  5. 0
      debian/copyright
  6. 28
      debian/postinst
  7. 9
      debian/rules
  8. 1
      debian/source/format
  9. 4
      turnserverauth
  10. 52
      turnserverauth.js
  11. 14
      turnserverauth.service

5
debian/changelog vendored

@ -0,0 +1,5 @@
turnserverauth (1.0-1) stable; urgency=medium
* Initial release.
-- Benoit LORAND <benoit.lorand@blorand.org> Fri, 20 Mar 2020 01:40:00 +0100

1
debian/compat vendored

@ -0,0 +1 @@
10

17
debian/control vendored

@ -0,0 +1,17 @@
Source: turnserverauth
Maintainer: Benoit LORAND <benoit.lorand@blorand.fr>
Section: misc
Priority: optional
Standards-Version: 3.9.2
Build-Depends: debhelper (>= 9)
Package: turnserverauth
Architecture: all
Depends: ${shlibs:Depends},
${misc:Depends},
nodejs,
npm
Suggests: nginx
Section: BLORAND
Priority: optional
Description: WebService pour distribuer des authentifications éphémères TURN

28
debian/postinst vendored

@ -0,0 +1,28 @@
#! /bin/bash
set -e
case "$1" in
configure)
npm --prefix /opt/turnserverauth/ install hmacsha1
systemctl daemon-reload
systemctl --now enable turnserverauth.service
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 0
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
exit 0

9
debian/rules vendored

@ -0,0 +1,9 @@
#!/usr/bin/make -f
%:
dh $@
override_dh_auto_install:
install -D -m 0644 turnserverauth.js $$(pwd)/debian/turnserverauth/opt/turnserverauth/turnserverauth.js
install -D -m 0644 turnserverauth $$(pwd)/debian/turnserverauth/etc/default/turnserverauth
install -D -m 0644 turnserverauth.service $$(pwd)/debian/turnserverauth/lib/systemd/system/turnserverauth.service

@ -0,0 +1 @@
3.0 (quilt)

@ -0,0 +1,4 @@
NODE_PORT=5000
NODE_LISTEN_IP=127.0.0.1
SECRET='changeme'
TTL=8400

@ -0,0 +1,52 @@
//
//
//
"use strict";
const http = require('http');
const hmacsha1 = require('hmacsha1');
const port = Number(process.env.NODE_PORT);
const listenip = process.env.NODE_LISTEN_IP;
const secret = process.env.SECRET;
const ttl = Number(process.env.TTL);
function onRequest(request, response) {
if (!request.headers['x-forwarded-user'] || request.headers['x-forwarded-user'].indexOf('Basic ') === -1) {
// return response.status(401).json({ message: 'Missing Authorization Header' });
console.log('Missing Authorization Header');
} else {
const base64Credentials = request.headers['x-forwarded-user'].split(' ')[1];
const credentials = Buffer.from(base64Credentials, 'base64').toString('ascii');
var [httpusername, httppassword] = credentials.split(':');
}
var timestamp = Date.now() / 1000 | 0;
var expiry = (timestamp + ttl).toString(10);
var turnusername = expiry + ':' + httpusername;
var username_sha1 = hmacsha1(secret, turnusername);
var turnpassword = username_sha1;
const data = JSON.stringify({
username: turnusername,
password: turnpassword,
ttl: ttl,
uris: [
// "turn:turn.blorand.org:3478?transport=udp",
// "turn:turn.blorand.org:3479?transport=tcp",
"turns:turn.blorand.org:5349?transport=udp",
"turns:turn.blorand.org:5350?transport=tcp"
],
})
if (request.headers['x-forwarded-for'] == undefined) {
var IP = request.connection.remoteAddress;
} else {
var IP = request.headers['x-forwarded-for'];
}
console.log('turnauthserver : Requête reçue de : ' + IP);
response.statusCode = 200;
response.setHeader('Content-Type', 'application/json');
response.write(data);
response.end();
}
http.createServer(onRequest).listen(port, listenip);
console.log(`turnauthserver running at http://${listenip}:${port}/`);

@ -0,0 +1,14 @@
[Unit]
Description=turnserverauth.js - webservice for negociating turn authentication
Documentation=https://www.blorand.org
After=network.target
[Service]
EnvironmentFile=-/etc/default/turnserverauth
Type=simple
User=www-data
ExecStart=/usr/bin/node /opt/turnserverauth/turnserverauth.js
Restart=on-failure
[Install]
WantedBy=multi-user.target
Loading…
Cancel
Save