I am setting up a webRTC environment with janus and coturn. Even though STUN is a very lightweight protocol I would like to authenticate it if possible, and according to the STUN specifications that is the case.
Coturn also supports authentication for both STUN and TURN, I am using it with the --use-auth-secret
and --secure-stun
flags.
I can verify that the authentication works perfectly using the
username
and
credential
flags for the TURN configuration in
iceServers
, but for STUN it just won't do anything.
It was hard enough to get reliable information about the ICE exchange because I cannot find useful information in
chrome://webrtc-internals
and
onicestatechange
etc. but with WireShark I was able to inspect the STUN requests themselves and it turns out that Chrome completely ignores the
username
and
credential
fields for
stun:...
servers.
EDIT : I realized now that this is documented on MDN.
It also seems like Chrome doesn't support the DTLS-secured stuns:...
protocol and turns:...
only as TLS/via TCP transports.
Are there plans to support these features? Where can I find them or why not? The supported features (only stun auth...) seem very arbitrary to me.
You'd have to ask the Chrome developers themselves but the reason behind the arbitrarily supported features
is that what you're looking for is written in an entirely different RFC whereas auth was in the original STUN RFC.
There's very little benefit to a DTLS STUN and TURN so I can't see them prioritizing it very high.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.