[sslh] TURN server?

Christian Hoene christian.hoene at symonics.com
Mon May 30 10:51:58 UTC 2016 

Thank you, Yves,

if you considered in addition https://tools.ietf.org/html/rfc6544 and thus RTP
over TCP https://tools.ietf.org/html/rfc4571 Then, you would need to identify
the RFC4571 framing  (skip the very first 2 bytes...) and then check, if the
following bytes are either STUN, DTLS or RTP/RTCP.

1) For STUN, as you have written it.

2) For DTLS (https://tools.ietf.org/html/rfc6347#section-4.1), the Content Type
(first byte) must be >=20 and <=24 (according to
http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-5),
the second and third bytes equal { 254, 253 } (DTLS version 1.2)

3) As for RTP ort RTCP, the first two bits must be 2.

Do you believe that this would work?

With best regards,

 Christian






> Yves Rutschle <yves at rutschle.net> hat am 30. Mai 2016 um 12:19 geschrieben:
> 
> 
> Hi Christian,
> 
> On Sat, May 28, 2016 at 06:22:02PM +0200, Christian Hoene wrote:
> > is it possible to place a coTURN server
> > (https://tools.ietf.org/html/rfc5766) on
> > 443 in parallel with a SSL web server?
> > 
> > If so, does anybody have an idea on how to define a matching regular
> > expression?
> 
> I had a quick look through the RFC.
> 
> Anything to do with UDP can't go through sslh as it only
> processes TCP (but you can presumably put a UDP/TCP bridge
> after the client)
> 
> In the case of TCP, I understand that TURN is an extension
> to STUN (RFC5389), which conveniently uses a 'magic cookie'
> as the second word of every message (chapter 6), whose value
> is 0x2112A442.
> 
> Soooo I'd expect something like this to work:
> 
> { name: "regex"; host: "stunserver"; port: "stunport"; regex_patterns: [
> "\x21\x12\xa4\x42" ]; },
> 
> Please report back if that works :-)
> 
> Y.
> 
>

--
Symonics GmbH
Geierweg 25
72144 Dußlingen
Tel +49 7072 8006100
Fax +49 7072 8006109
Email: christian.hoene at symonics.com
Geschäftsführer/President: Dr. Christian Hoene 
Sitz der Gesellschaft/Place of Business: Tübingen
Registereintrag/Commercial Register: Amtsgericht Stuttgart, HRB 739918

More information about the sslh mailing list