parameter for stale-nonce

examples/etc/turnserver.conf

@@ -373,13 +373,14 @@
 #no-tcp-relay
 
 # Uncomment if extra security is desired,
-# with nonce value having limited lifetime (600 secs).
+# with nonce value having limited lifetime.
 # By default, the nonce value is unique for a session,
-# but it has unlimited lifetime. With this option,
-# the nonce lifetime is limited to 600 seconds, after that 
+# and has unlimited lifetime. 
+# Set this option to limit the nonce lifetime. 
+# It defaults to 600 secs (10 min) if no value is provided. After that delay, 
 # the client will get 438 error and will have to re-authenticate itself.
 #
-#stale-nonce
+#stale-nonce=600
 
 # Certificate file.
 # Use an absolute path or path relative to the 

src/apps/relay/mainrelay.c

@@ -1046,7 +1046,7 @@ static void set_option(int c, char *value)
 		turn_params.no_loopback_peers = get_bool_value(value);
 		break;
 	case STALE_NONCE_OPT:
-		turn_params.stale_nonce = get_bool_value(value);
+		turn_params.stale_nonce = get_int_value(value, STUN_DEFAULT_NONCE_EXPIRATION_TIME);
 		break;
 	case MAX_ALLOCATE_TIMEOUT_OPT:
 		TURN_MAX_ALLOCATE_TIMEOUT = atoi(value);

src/client/ns_turn_msg_defs.h

@@ -65,7 +65,7 @@
 #define STUN_MAX_ALLOCATE_LIFETIME (3600)
 #define STUN_CHANNEL_LIFETIME (600)
 #define STUN_PERMISSION_LIFETIME (300)
-#define STUN_NONCE_EXPIRATION_TIME (600)
+#define STUN_DEFAULT_NONCE_EXPIRATION_TIME (600)
 /**/
 
 #define STUN_METHOD_BINDING (0x0001)

src/server/ns_turn_server.c

@@ -3271,7 +3271,7 @@ static int check_stun_auth(turn_turnserver *server,
 					snprintf((s08bits*)s, NONCE_MAX_SIZE-4*i, "%04x",(unsigned int)rand);
 				}
 			}
-			ss->nonce_expiration_time = server->ctime + STUN_NONCE_EXPIRATION_TIME;
+			ss->nonce_expiration_time = server->ctime + *(server->stale_nonce);
 		}
 	}