Restund + prosody mod_turncredentials

denis.robel · June 14, 2020, 9:44am

Hallo,

I want setup restund that it's working together with prosody mod_turncredentials.
https://modules.prosody.im/mod_turncredentials.html
My problem is the authentication. Is there anybody who can give me some help?

Best regards
Denis

poVoq · June 23, 2020, 6:20pm

I would be also interested in this. At least the above linked page claims that it should work.

My guess would be that it used the restauth method? From the Restund readme (http://www.creytiv.com/restund.html):

3.8. Restauth

The restauth module implements the REST-based authentication as defined
in draft-uberti-behave-turn-rest-00 [REST]. Multiple shared secrets can be
configured, and stored in one of the Database backends.

The script util/genrest.sh can be used to generated REST username
and password.

Example with filedb.so backend:
 user  = test
 realm = myrealm
 pass  = secret
$ echo -n "test:myrealm:secret" | md5
8bee32d57ceffaa4cad79064e1264a17

add this entry to /etc/restund.auth:
 test:8bee32d57ceffaa4cad79064e1264a17
$ ./util/genrest.sh myrealm test 3600 secret
username = 1415180577:test
password = u8E4rTThLqLYFDi/uRTYU4wtTaM=

(your output will be different as the time is different)
This username/password is valid for 1 hour and can then be passed
to the TURN Client.

Anyone got that working and can give us a quick guide?