Dear all,
Our apologies if you receive multiple copies of this announcement.
We are glad to announce the first release of our TURN server, called
TurnServer. This implementation has started in the Louis Paster
university during mid July 2008. The software is OpenSource under the
GPLv3 license (with an exception for OpenSSL).
Our implementation supports all the methods from the latest TURN draft
at this day (ietf-draft-behave-turn-09) and the Binding method from STUN
(draft-ietf-behave-rfc3489bis-17). All the messages and attributes from
STUN and TURN can be forged. The transport protocol from the client to
the server can be UDP, TCP or TLS over TCP. The server requires the
long-term authentication for TURN requests. The
ietf-draft-behave-turn-ipv6 is also implemented. The flags E and R are
supported but not P flag (Preserving allocation) for the moment.
I have been in contact with the SIP Communicator community and they are
very interested in this project. Together, we have begin a new project
called Ice4J which is based on the Stun4J stack. Ice4J will provide a
Java implementation of STUN, STUN2 (rfc3489bis), TURN and ICE protocols.
The goal of the project is to provide VoIP Java developers with a means
of handling NATs and firewalls.
TurnServer code can be retrieved from the project page on sourceforge.net :
https://sourceforge.net/projects/turnserver/
TurnServer website is available at http://www.turnserver.org/ and two
mailing lists at http://sourceforge.net/mail/?group_id=234986
Any feedback is very welcome in order to improve our implementation.
Best regards,
Sebastien Vincent
Network Research Team, University of Strasbourg, France
----
Technical details about the implementation :
- Written in pure C in respects of the C99 and POSIX + XSI standards;
- Written with security in mind;
- Documented with Doxygen;
- Use the autoconf / automake build system;
- Use select() to multiplex sockets;
- Can set the maximum number of socket for select() at compilation time
(./configure --enable-fdsetsize=2048)
-> Add a replacement of fd_set which can be set _at_compilation_time_
without modifying system headers.
- Use realtime signals (POSIX 1.b) for the object timeout;
-> When an object timeout, it is placed in a expired list that will be
purged on the next loop.
- Single thread, to avoid having some kind of mutexes in software and in
functions like malloc();
- Use the following librairies : OpenSSL (for cryptographics parts and
TLS), Confuse (configuration parsing), librt (POSIX realtime support);
- Asynchronous TLS socket;
- TLS and TCP socket are the same, the difference between TLS and TCP
stream is made on comparing the first three bytes;
- The accounts is stored in a plain text file that is parsed when the
server is launched;
- Memory leaks free :) (ok just 48 bytes when using TLS but they
could not be avoided);
- STUN2 + TURN parser patch for Wireshark.
Portability notes :
TurnServer should compile and work on POSIX systems with real-time
extensions support. It is known to work on GNU/Linux 2.6 and FreeBSD 7.0.
TurnServer will not work on MacOS X because it does not have realtime
extension and no replacement exists for the functions used
(timer_create, timer_delete, ...), and Microsoft Windows for the same
reason.
Next steps I plan to do in late august :
- P flag support;
- Add a userspace system to simulate timer_create / timer_delete and
realtime signals for MacOS X.
- Add a list of alternate servers with capabilities (IPv4 / IPv6, flags)
in configuration file.
Maybe in september :
- Add mecanisms to support other methods to get the accounts (databases,
PAM, XML, ...);
- Add a userspace system to simulate timer_create / timer_delete and
realtime signals for Microsoft Windows;
- Think about replace linked-list by hashtable.
- draft-ietf-behave-turn-tcp;
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
