9 years ago · 7f7820a3ee
--- a/examples/etc/turnserver.conf
+++ b/examples/etc/turnserver.conf
@@ -373,13 +373,14 @@
 
				 #no-tcp-relay
			
 
				 
			
 
				 # Uncomment if extra security is desired,
			
 
				-# with nonce value having limited lifetime (600 secs).
			
 
				+# with nonce value having limited lifetime.
			
 
				 # By default, the nonce value is unique for a session,
			
 
				-# but it has unlimited lifetime. With this option,
			
 
				-# the nonce lifetime is limited to 600 seconds, after that 
			
 
				+# and has unlimited lifetime. 
			
 
				+# Set this option to limit the nonce lifetime. 
			
 
				+# It defaults to 600 secs (10 min) if no value is provided. After that delay, 
			
 
				 # the client will get 438 error and will have to re-authenticate itself.
			
 
				 #
			
 
				-#stale-nonce
			
 
				+#stale-nonce=600
			
 
				 
			
 
				 # Certificate file.
			
 
				 # Use an absolute path or path relative to the 
			
--- a/src/apps/relay/mainrelay.c
+++ b/src/apps/relay/mainrelay.c
@@ -878,6 +878,13 @@ static const struct myoption admin_long_options[] = {
 
				 				{ NULL, no_argument, NULL, 0 }
			
 
				 };
			
 
				 
			
 
				+static int get_int_value(const char* s, int default_value)
			
 
				+{
			
 
				+	if (!s || !(s[0]))
			
 
				+		return default_value;
			
 
				+	return atoi(s);
			
 
				+}
			
 
				+
			
 
				 static int get_bool_value(const char* s)
			
 
				 {
			
 
				 	if(!s || !(s[0])) return 1;
			
@@ -1039,7 +1046,7 @@ static void set_option(int c, char *value)
 
				 		turn_params.no_loopback_peers = get_bool_value(value);
			
 
				 		break;
			
 
				 	case STALE_NONCE_OPT:
			
 
				-		turn_params.stale_nonce = get_bool_value(value);
			
 
				+		turn_params.stale_nonce = get_int_value(value, STUN_DEFAULT_NONCE_EXPIRATION_TIME);
			
 
				 		break;
			
 
				 	case MAX_ALLOCATE_TIMEOUT_OPT:
			
 
				 		TURN_MAX_ALLOCATE_TIMEOUT = atoi(value);
			
--- a/src/client/ns_turn_msg_defs.h
+++ b/src/client/ns_turn_msg_defs.h
@@ -65,7 +65,7 @@
 
				 #define STUN_MAX_ALLOCATE_LIFETIME (3600)
			
 
				 #define STUN_CHANNEL_LIFETIME (600)
			
 
				 #define STUN_PERMISSION_LIFETIME (300)
			
 
				-#define STUN_NONCE_EXPIRATION_TIME (600)
			
 
				+#define STUN_DEFAULT_NONCE_EXPIRATION_TIME (600)
			
 
				 /**/
			
 
				 
			
 
				 #define STUN_METHOD_BINDING (0x0001)
			
--- a/src/server/ns_turn_server.c
+++ b/src/server/ns_turn_server.c
@@ -3271,7 +3271,7 @@ static int check_stun_auth(turn_turnserver *server,
 
				 					snprintf((s08bits*)s, NONCE_MAX_SIZE-4*i, "%04x",(unsigned int)rand);
			
 
				 				}
			
 
				 			}
			
 
				-			ss->nonce_expiration_time = server->ctime + STUN_NONCE_EXPIRATION_TIME;
			
 
				+			ss->nonce_expiration_time = server->ctime + *(server->stale_nonce);
			
 
				 		}
			
 
				 	}