[sslh] TURN server?
Christian Hoene
christian.hoene at symonics.com
Mon May 30 10:51:58 UTC 2016
Thank you, Yves,
if you considered in addition https://tools.ietf.org/html/rfc6544 and thus RTP
over TCP https://tools.ietf.org/html/rfc4571 Then, you would need to identify
the RFC4571 framing (skip the very first 2 bytes...) and then check, if the
following bytes are either STUN, DTLS or RTP/RTCP.
1) For STUN, as you have written it.
2) For DTLS (https://tools.ietf.org/html/rfc6347#section-4.1), the Content Type
(first byte) must be >=20 and <=24 (according to
http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-5),
the second and third bytes equal { 254, 253 } (DTLS version 1.2)
3) As for RTP ort RTCP, the first two bits must be 2.
Do you believe that this would work?
With best regards,
Christian
> Yves Rutschle <yves at rutschle.net> hat am 30. Mai 2016 um 12:19 geschrieben:
>
>
> Hi Christian,
>
> On Sat, May 28, 2016 at 06:22:02PM +0200, Christian Hoene wrote:
> > is it possible to place a coTURN server
> > (https://tools.ietf.org/html/rfc5766) on
> > 443 in parallel with a SSL web server?
> >
> > If so, does anybody have an idea on how to define a matching regular
> > expression?
>
> I had a quick look through the RFC.
>
> Anything to do with UDP can't go through sslh as it only
> processes TCP (but you can presumably put a UDP/TCP bridge
> after the client)
>
> In the case of TCP, I understand that TURN is an extension
> to STUN (RFC5389), which conveniently uses a 'magic cookie'
> as the second word of every message (chapter 6), whose value
> is 0x2112A442.
>
> Soooo I'd expect something like this to work:
>
> { name: "regex"; host: "stunserver"; port: "stunport"; regex_patterns: [
> "\x21\x12\xa4\x42" ]; },
>
> Please report back if that works :-)
>
> Y.
>
>
--
Symonics GmbH
Geierweg 25
72144 Dußlingen
Tel +49 7072 8006100
Fax +49 7072 8006109
Email: christian.hoene at symonics.com
Geschäftsführer/President: Dr. Christian Hoene
Sitz der Gesellschaft/Place of Business: Tübingen
Registereintrag/Commercial Register: Amtsgericht Stuttgart, HRB 739918
More information about the sslh
mailing list