From 5ed39f2a0971982ee87f236d057f400481aa04b4 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Thu, 10 Feb 2022 15:41:47 +0100
Subject: mod_turn_external: Add option to enable TURN over TLS

Usually on port 443 to avoid restrictive firewalls.

Thanks to Holger for discussion
---
 plugins/mod_turn_external.lua | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'plugins')

diff --git a/plugins/mod_turn_external.lua b/plugins/mod_turn_external.lua
index a064d58b..8e391bb5 100644
--- a/plugins/mod_turn_external.lua
+++ b/plugins/mod_turn_external.lua
@@ -6,6 +6,7 @@ local user = module:get_option_string("turn_external_user");
 local port = module:get_option_number("turn_external_port", 3478);
 local ttl = module:get_option_number("turn_external_ttl", 86400);
 local tcp = module:get_option_boolean("turn_external_tcp", false);
+local tls_port = module:get_option_boolean("turn_external_tls_port");
 
 if not secret then error("mod_" .. module.name .. " requires that 'turn_external_secret' be set") end
 
@@ -14,17 +15,20 @@ if tcp then
 	services:add("stun-tcp");
 	services:add("turn-tcp");
 end
+if tls_port then
+	services:add("turns-tcp");
+end
 
 module:depends "external_services";
 
-for _, type in ipairs({"stun"; "turn"}) do
+for _, type in ipairs({ "stun"; "turn"; "turns" }) do
 	for _, transport in ipairs({"udp"; "tcp"}) do
 		if services:contains(type .. "-" .. transport) then
 			module:add_item("external_service", {
 				type = type;
 				transport = transport;
 				host = host;
-				port = port;
+				port = type == "turns" and tls_port or port;
 
 				username = type == "turn" and user or nil;
 				secret = type == "turn" and secret or nil;
-- 
cgit v1.2.3