allocation

package
v5.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2026 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package allocation contains all CRUD operations for allocations

Index

Constants

View Source 
const DefaultPermissionTimeout = time.Duration(5) * time.Minute

Variables

View Source 
var (
	ErrTCPConnectionTimeoutOrFailure = errors.New("failed to create tcp connection")
	ErrDupeTCPConnection             = errors.New("tcp connection already exists for peer address")

	// ErrSameChannelDifferentPeer is returned when a client attempts to bind a
	// channel number that is already bound to a different peer address.
	ErrSameChannelDifferentPeer = errors.New("you cannot use the same channel number with different peer")

	// ErrSamePeerDifferentChannel is returned when a client attempts to bind a
	// peer address that is already bound to a different channel number.
	ErrSamePeerDifferentChannel = errors.New("you cannot use the same peer with different channel number")
)

Functions

This section is empty.

Types

type AllocateConnConfig 

type AllocateConnConfig struct {
	// Network specifies the network type for the connection: "tcp4" or "tcp6".
	Network string
	// UserID is the authenticated user's identifier as returned by the AuthHandler.
	//
	// Note: The UserID is typcally the same as the TURN username, except for authentication
	// schemes that overload the username field with additional info (e.g., the lifetime of the
	// credential, as in the time-windowed credential mechanism in
	// https://datatracker.ietf.org/doc/html/draft-uberti-behave-turn-rest-00.
	UserID string
	// Realm is the TURN realm for this allocation.
	Realm string
	// LocalAddr is the relay address to bind the local side of the connection
	// to. Implementations must allocate the local address as requested.
	LocalAddr net.Addr
	// RemoteAddr is the peer address to connect to.
	RemoteAddr net.Addr
}

AllocateConnConfig contains the parameters passed to the relay address allocator when creating a new outbound TCP connection for RFC 6062 (TURN TCP) Connect requests.

type AllocateListenerConfig 

type AllocateListenerConfig struct {
	// Network specifies the network type for the allocation: "udp4", "udp6", "tcp4", or "tcp6".
	Network string
	// UserID is the authenticated user's identifier as returned by the AuthHandler.
	//
	// Note: The UserID is typcally the same as the TURN username, except for authentication
	// schemes that overload the username field with additional info (e.g., the lifetime of the
	// credential, as in the time-windowed credential mechanism in
	// https://datatracker.ietf.org/doc/html/draft-uberti-behave-turn-rest-00.
	UserID string
	// Realm is the TURN realm for this allocation.
	Realm string
	// RequestedPort is the port requested by the client in the TURN Allocate request.
	// A value of 0 indicates that the client did not request a specific port and any
	// available port may be used.
	RequestedPort int
}

AllocateListenerConfig contains the parameters passed to the relay address allocator when creating a new UDP or TCP allocation.

type Allocation 

type Allocation struct {
	RelayAddr  net.Addr
	Protocol   Protocol
	TurnSocket net.PacketConn
	// contains filtered or unexported fields
}

Allocation is tied to a FiveTuple and relays traffic use CreateAllocation and GetAllocation to operate.

func NewAllocation 

func NewAllocation(
	turnSocket net.PacketConn,
	fiveTuple *FiveTuple,
	eventHandler EventHandler,
	log logging.LeveledLogger,
) *Allocation

NewAllocation creates a new instance of NewAllocation.

func (*Allocation) AddChannelBind 

func (a *Allocation) AddChannelBind(chanBind *ChannelBind, channelLifetime, permissionLifetime time.Duration) error

AddChannelBind adds a new ChannelBind to the allocation, it also updates the permissions needed for this ChannelBind.

func (*Allocation) AddPermission 

func (a *Allocation) AddPermission(perms *Permission)

AddPermission adds a new permission to the allocation.

func (*Allocation) AddressFamily 

func (a *Allocation) AddressFamily() proto.RequestedAddressFamily

AddressFamily returns the address family of the allocation (RFC 6156).

func (*Allocation) Close 

func (a *Allocation) Close() error

Close closes the allocation.

func (*Allocation) GetChannelByAddr 

func (a *Allocation) GetChannelByAddr(addr net.Addr) *ChannelBind

GetChannelByAddr gets the ChannelBind from this allocation by net.Addr.

func (*Allocation) GetChannelByNumber 

func (a *Allocation) GetChannelByNumber(number proto.ChannelNumber) *ChannelBind

GetChannelByNumber gets the ChannelBind from this allocation by id.

func (*Allocation) GetPermission 

func (a *Allocation) GetPermission(addr net.Addr) *Permission

GetPermission gets the Permission from the allocation.

func (*Allocation) GetResponseCache 

func (a *Allocation) GetResponseCache() (id [stun.TransactionIDSize]byte, attrs []stun.Setter)

GetResponseCache return response cache for retransmit allocation request.

func (*Allocation) ListChannelBindings 

func (a *Allocation) ListChannelBindings() []*ChannelBind

ListChannelBindings returns the channel bindings associated with an allocation.

func (*Allocation) ListPermissions 

func (a *Allocation) ListPermissions() []*Permission

ListPermissions returns the permissions associated with an allocation.

func (*Allocation) Refresh 

func (a *Allocation) Refresh(lifetime time.Duration)

Refresh updates the allocations lifetime.

func (*Allocation) RemoveChannelBind 

func (a *Allocation) RemoveChannelBind(number proto.ChannelNumber) bool

RemoveChannelBind removes the ChannelBind from this allocation by id.

func (*Allocation) RemovePermission 

func (a *Allocation) RemovePermission(addr net.Addr)

RemovePermission removes the net.Addr's fingerprint from the allocation's permissions.

func (*Allocation) RemoveTCPConnection 

func (a *Allocation) RemoveTCPConnection(m *Manager, connectionID proto.ConnectionID)

RemoveTCPConnection closes and removes the TCP Connection.

func (*Allocation) SetResponseCache 

func (a *Allocation) SetResponseCache(transactionID [stun.TransactionIDSize]byte, attrs []stun.Setter)

SetResponseCache cache allocation response for retransmit allocation request.

func (*Allocation) WriteTo 

func (a *Allocation) WriteTo(p []byte, addr net.Addr) (n int, err error)

WriteTo writes a packet with payload p to addr via the Relay socket.

type ChannelBind 

type ChannelBind struct {
	Peer   net.Addr
	Number proto.ChannelNumber
	// contains filtered or unexported fields
}

ChannelBind represents a TURN Channel See: https://tools.ietf.org/html/rfc5766#section-2.5

func NewChannelBind 

func NewChannelBind(number proto.ChannelNumber, peer net.Addr, log logging.LeveledLogger) *ChannelBind

NewChannelBind creates a new ChannelBind.

type EventHandler 

type EventHandler struct {
	// OnAuth is called after an authentication request has been processed with the TURN method
	// triggering the authentication request (either "Allocate", "Refresh" "CreatePermission",
	// or "ChannelBind"), and the verdict is the authentication result.
	OnAuth func(srcAddr, dstAddr net.Addr, protocol, username, realm string, method string, verdict bool)
	// OnAllocationCreated is called after a new allocation has been made. The relayAddr
	// argument specifies the relay address and requestedPort is the port requested by the
	// client (if any).
	OnAllocationCreated func(srcAddr, dstAddr net.Addr, protocol, userID, realm string,
		relayAddr net.Addr, requestedPort int)
	// OnAllocationDeleted is called after an allocation has been removed.
	OnAllocationDeleted func(srcAddr, dstAddr net.Addr, protocol, userID, realm string)
	// OnAllocationError is called when the readloop hdndling an allocation exits with an
	// error with an error message.
	OnAllocationError func(srcAddr, dstAddr net.Addr, protocol, message string)
	// OnPermissionCreated is called after a new permission has been made to an IP address.
	OnPermissionCreated func(srcAddr, dstAddr net.Addr, protocol, userID, realm string,
		relayAddr net.Addr, peer net.IP)
	// OnPermissionDeleted is called after a permission for a given IP address has been
	// removed.
	OnPermissionDeleted func(srcAddr, dstAddr net.Addr, protocol, userID, realm string,
		relayAddr net.Addr, peer net.IP)
	// OnChannelCreated is called after a new channel has been made. The relay address, the
	// peer address and the channel number can be used to uniquely identify the channel
	// created.
	OnChannelCreated func(srcAddr, dstAddr net.Addr, protocol, userID, realm string,
		relayAddr, peer net.Addr, channelNumber uint16)
	// OnChannelDeleted is called after a channel has been removed from the server. The relay
	// address, the peer address and the channel number can be used to uniquely identify the
	// channel deleted.
	OnChannelDeleted func(srcAddr, dstAddr net.Addr, protocol, userID, realm string,
		relayAddr, peer net.Addr, channelNumber uint16)
}

EventHandler is a set of callbacks that the server will call at certain hook points during an allocation's lifecycle. All events are reported with the context that identifies the allocation triggering the event (source and destination address, protocol, user-id (as parsed and returned by the authentication handler from the TURN username) and realm used for authenticating the allocation), plus additional callback specific parameters. It is OK to handle only a subset of the callbacks.

type FiveTuple 

type FiveTuple struct {
	Protocol
	SrcAddr, DstAddr net.Addr
}

FiveTuple is the combination (client IP address and port, server IP address and port, and transport protocol (currently one of UDP, TCP, or TLS)) used to communicate between the client and the server. The 5-tuple uniquely identifies this communication stream. The 5-tuple also uniquely identifies the Allocation on the server.

func (*FiveTuple) Equal 

func (f *FiveTuple) Equal(b *FiveTuple) bool

Equal asserts if two FiveTuples are equal.

func (*FiveTuple) Fingerprint 

func (f *FiveTuple) Fingerprint() (fp FiveTupleFingerprint)

Fingerprint is the identity of a FiveTuple.

type FiveTupleFingerprint 

type FiveTupleFingerprint struct {
	// contains filtered or unexported fields
}

FiveTupleFingerprint is a comparable representation of a FiveTuple.

type Manager 

type Manager struct {
	EventHandler EventHandler
	// contains filtered or unexported fields
}

Manager is used to hold active allocations.

func NewManager 

func NewManager(config ManagerConfig) (*Manager, error)

NewManager creates a new instance of Manager.

func (*Manager) AllocationCount 

func (m *Manager) AllocationCount() int

AllocationCount returns the number of existing allocations.

func (*Manager) Close 

func (m *Manager) Close() error

Close closes the manager and closes all allocations it manages.

func (*Manager) CreateAllocation 

func (m *Manager) CreateAllocation(
	fiveTuple *FiveTuple,
	turnSocket net.PacketConn,
	protocol proto.Protocol,
	requestedPort int,
	lifetime time.Duration,
	userID, realm string,
	addressFamily proto.RequestedAddressFamily,
) (*Allocation, error)

CreateAllocation creates a new allocation and starts relaying.

func (*Manager) CreateReservation 

func (m *Manager) CreateReservation(reservationToken string, port int)

CreateReservation stores the reservation for the token+port.

func (*Manager) CreateTCPConnection 

func (m *Manager) CreateTCPConnection(
	allocation *Allocation,
	peerAddress proto.PeerAddress,
) (proto.ConnectionID, error)

CreateTCPConnection creates a new outbound TCP Connection and returns the Connection-ID if it succeeds.

func (*Manager) DeleteAllocation 

func (m *Manager) DeleteAllocation(fiveTuple *FiveTuple)

DeleteAllocation removes an allocation.

func (*Manager) GetAllocation 

func (m *Manager) GetAllocation(fiveTuple *FiveTuple) *Allocation

GetAllocation fetches the allocation matching the passed FiveTuple.

func (*Manager) GetAllocationForUserID 

func (m *Manager) GetAllocationForUserID(fiveTuple *FiveTuple, userID string) *Allocation

GetAllocationForUserID fetches the allocation matching the passed FiveTuple and Username.

func (*Manager) GetRandomEvenPort 

func (m *Manager) GetRandomEvenPort() (int, error)

GetRandomEvenPort returns a random un-allocated udp4 port.

func (*Manager) GetReservation 

func (m *Manager) GetReservation(reservationToken string) (int, bool)

GetReservation returns the port for a given reservation if it exists.

func (*Manager) GetTCPConnection 

func (m *Manager) GetTCPConnection(userID string, connectionID proto.ConnectionID) net.Conn

GetTCPConnection returns the TCP Connection for the given ConnectionID.

func (*Manager) GrantPermission 

func (m *Manager) GrantPermission(sourceAddr net.Addr, peerIP net.IP) error

GrantPermission handles permission requests by calling the permission handler callback associated with the TURN server listener socket.

func (*Manager) RemoveTCPConnection 

func (m *Manager) RemoveTCPConnection(connectionID proto.ConnectionID)

type ManagerConfig 

type ManagerConfig struct {
	LeveledLogger      logging.LeveledLogger
	AllocatePacketConn func(info AllocateListenerConfig) (net.PacketConn, net.Addr, error)
	AllocateListener   func(info AllocateListenerConfig) (net.Listener, net.Addr, error)
	AllocateConn       func(info AllocateConnConfig) (net.Conn, error)
	PermissionHandler  func(sourceAddr net.Addr, peerIP net.IP) bool
	EventHandler       EventHandler
	// contains filtered or unexported fields
}

ManagerConfig a bag of config params for Manager.

type Permission 

type Permission struct {
	Addr net.Addr
	// contains filtered or unexported fields
}

Permission represents a TURN permission. TURN permissions mimic the address-restricted filtering mechanism of NATs that comply with [RFC4787]. See: https://tools.ietf.org/html/rfc5766#section-2.3

func NewPermission 

func NewPermission(addr net.Addr, log logging.LeveledLogger, timeout time.Duration) *Permission

NewPermission create a new Permission.

type Protocol 

type Protocol uint8

Protocol is an enum for relay protocol. 

const (
	UDP Protocol = iota
	TCP
)

Network protocols for relay.

func (Protocol) String 

func (p Protocol) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.