turn

package

v0.115.0-nightly Latest Latest Go to latest Published: Mar 20, 2026 License: AGPL-3.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/DeBrosOfficial/network

Links

Open Source Insights

Documentation ¶

Index ¶

func GenerateCredentials(secret, namespace string, ttl time.Duration) (username, password string)
func GeneratePassword(secret, username string) string
func GenerateSelfSignedCert(certPath, keyPath, publicIP string) error
func ValidateCredentials(secret, username, password, expectedNamespace string) bool
type Config
- func (c *Config) Validate() []error
type Server
- func NewServer(cfg *Config, logger *zap.Logger) (*Server, error)
- func (s *Server) Close() error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateCredentials ¶

func GenerateCredentials(secret, namespace string, ttl time.Duration) (username, password string)

GenerateCredentials creates time-limited HMAC-SHA1 TURN credentials. Returns username and password suitable for WebRTC ICE server configuration.

func GeneratePassword ¶

func GeneratePassword(secret, username string) string

GeneratePassword computes the HMAC-SHA1 password for a TURN username.

func GenerateSelfSignedCert ¶

func GenerateSelfSignedCert(certPath, keyPath, publicIP string) error

GenerateSelfSignedCert generates a self-signed TLS certificate for TURNS. The certificate is valid for 1 year and includes the public IP as a SAN.

func ValidateCredentials ¶

func ValidateCredentials(secret, username, password, expectedNamespace string) bool

ValidateCredentials checks if TURN credentials are valid and not expired.

Types ¶

type Config ¶

type Config struct {
	// ListenAddr is the address to bind the TURN listener (e.g., "0.0.0.0:3478")
	ListenAddr string `yaml:"listen_addr"`

	// TURNSListenAddr is the address for TURNS (TURN over TLS on TCP, e.g., "0.0.0.0:5349")
	TURNSListenAddr string `yaml:"turns_listen_addr"`

	// TLSCertPath is the path to the TLS certificate PEM file (for TURNS)
	TLSCertPath string `yaml:"tls_cert_path"`

	// TLSKeyPath is the path to the TLS private key PEM file (for TURNS)
	TLSKeyPath string `yaml:"tls_key_path"`

	// PublicIP is the public IP address of this node, advertised in TURN allocations
	PublicIP string `yaml:"public_ip"`

	// Realm is the TURN realm (typically the base domain)
	Realm string `yaml:"realm"`

	// AuthSecret is the HMAC-SHA1 shared secret for credential validation
	AuthSecret string `yaml:"auth_secret"`

	// RelayPortStart is the beginning of the UDP relay port range
	RelayPortStart int `yaml:"relay_port_start"`

	// RelayPortEnd is the end of the UDP relay port range
	RelayPortEnd int `yaml:"relay_port_end"`

	// Namespace this TURN instance belongs to
	Namespace string `yaml:"namespace"`
}

Config holds configuration for the TURN server

func (*Config) Validate ¶

func (c *Config) Validate() []error

Validate checks the TURN configuration for errors

type Server ¶

type Server struct {
	// contains filtered or unexported fields
}

Server wraps a Pion TURN server with namespace-scoped HMAC-SHA1 authentication.

func NewServer ¶

func NewServer(cfg *Config, logger *zap.Logger) (*Server, error)

NewServer creates and starts a TURN server.

func (*Server) Close ¶

func (s *Server) Close() error

Close gracefully shuts down the TURN server.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL