STUN Authentication and DTLS Support in Browsers
Question
I am setting up a webRTC environment with janus and coturn. Even though STUN is a very lightweight protocol I would like to authenticate it if possible, and according to the STUN specifications that is the case.
Coturn also supports authentication for both STUN and TURN, I am using it with the --use-auth-secret and --secure-stun flags.
I can verify that the authentication works perfectly using the
username and
credential flags for the TURN configuration in
iceServers , but for STUN it just won't do anything.
It was hard enough to get reliable information about the ICE exchange because I cannot find useful information in
chrome://webrtc-internals and
onicestatechange etc. but with WireShark I was able to inspect the STUN requests themselves and it turns out that Chrome completely ignores the
username and
credential fields for
stun:... servers.
EDIT : I realized now that this is documented on MDN.
It also seems like Chrome doesn't support the DTLS-secured stuns:... protocol and turns:... only as TLS/via TCP transports.
Are there plans to support these features? Where can I find them or why not? The supported features (only stun auth...) seem very arbitrary to me.
1 answers
solution1
0 2018-03-15 20:59:15
You'd have to ask the Chrome developers themselves but the reason behind the arbitrarily supported features is that what you're looking for is written in an entirely different RFC whereas auth was in the original STUN RFC.
There's very little benefit to a DTLS STUN and TURN so I can't see them prioritizing it very high.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.