[Xubuntu22.04] WebRTC용 coTurn 사용해보기 1

13086 단어 coturn

소개



이번에는 WebRTC로 TURN 서버를 사용해 보겠습니다.
  • coturn - GitHub

  • 이 프로젝트의 주요 목적은 TURN 서버를 설치하고 실행하는 것입니다.
    다음에는 자세한 설정 등을 보도록 하겠습니다.

    설치


    소스 코드에서 빌드(실패)



    PPA 저장소에 coTurn 패키지가 없기 때문에 먼저 소스 코드에서 빌드를 시도했습니다.
  • INSTALL - coturn - GitHub
  • 【WebRTC】「coTurn」の構築手順1 - プログラミングマガジン

  • 하지만 "make"를 실행하려고 하면 오류가 발생했습니다.

    mkdir -p build/obj
    cc  -g  -Wall -Wno-deprecated-declarations -Wextra -Wformat-security -Wnested-externs -Wstrict-prototypes  -Wmissing-prototypes -Wpointer-arith -Wcast-qual  -DTURN_HAS_DAEMON    -DTURN_NO_PROMETHEUS       -DINSTALL_PREFIX=/usr/local -DTURNDB=/usr/local/var/db/turndb -Isrc -Isrc/apps/common -Isrc/server -Isrc/client -Isrc/client++ -I/usr/local/include/ -I/usr/local/include/  -c src/client/ns_turn_ioaddr.c -o build/obj/ns_turn_ioaddr.o
    mkdir -p build/obj
    cc  -g  -Wall -Wno-deprecated-declarations -Wextra -Wformat-security -Wnested-externs -Wstrict-prototypes  -Wmissing-prototypes -Wpointer-arith -Wcast-qual  -DTURN_HAS_DAEMON    -DTURN_NO_PROMETHEUS       -DINSTALL_PREFIX=/usr/local -DTURNDB=/usr/local/var/db/turndb -Isrc -Isrc/apps/common -Isrc/server -Isrc/client -Isrc/client++ -I/usr/local/include/ -I/usr/local/include/  -c src/client/ns_turn_msg_addr.c -o build/obj/ns_turn_msg_addr.o
    mkdir -p build/obj
    cc  -g  -Wall -Wno-deprecated-declarations -Wextra -Wformat-security -Wnested-externs -Wstrict-prototypes  -Wmissing-prototypes -Wpointer-arith -Wcast-qual  -DTURN_HAS_DAEMON    -DTURN_NO_PROMETHEUS       -DINSTALL_PREFIX=/usr/local -DTURNDB=/usr/local/var/db/turndb -Isrc -Isrc/apps/common -Isrc/server -Isrc/client -Isrc/client++ -I/usr/local/include/ -I/usr/local/include/  -c src/client/ns_turn_msg.c -o build/obj/ns_turn_msg.o
    src/client/ns_turn_msg.c: In function ‘stun_produce_integrity_key_str’:
    src/client/ns_turn_msg.c:260:21: warning: implicit declaration of function ‘FIPS_mode’ [-Wimplicit-function-declaration]
      260 |                 if (FIPS_mode()) {
          |                     ^~~~~~~~~
    src/client/ns_turn_msg.c:260:21: warning: nested extern declaration of ‘FIPS_mode’ [-Wnested-externs]
    src/client/ns_turn_msg.c: In function ‘stun_attr_add_integrity_str’:
    src/client/ns_turn_msg.c:1855:12: warning: ‘hmac’ may be used uninitialized [-Wmaybe-uninitialized]
     1855 |         if(stun_attr_add_str(buf, len, STUN_ATTRIBUTE_MESSAGE_INTEGRITY, hmac, shasize)<0)
          |            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    src/client/ns_turn_msg.c:1441:5: note: by argument 4 of type ‘const uint8_t *’ {aka ‘const unsigned char *’} to ‘stun_attr_add_str’ declared here
     1441 | int stun_attr_add_str(uint8_t* buf, size_t *len, uint16_t attr, const uint8_t* avalue, int alen) {
          |     ^~~~~~~~~~~~~~~~~
    src/client/ns_turn_msg.c:1837:17: note: ‘hmac’ declared here
     1837 |         uint8_t hmac[MAXSHASIZE];
          |                 ^~~~
    mkdir -p lib
    ar -r lib/libturnclient.a build/obj/ns_turn_ioaddr.o build/obj/ns_turn_msg_addr.o build/obj/ns_turn_msg.o 
    ar: lib/libturnclient.a を作成しています
    pwd
    /home/example/Documents/coturn
    mkdir -p bin
    cc  -g  -Wall -Wno-deprecated-declarations -Wextra -Wformat-security -Wnested-externs -Wstrict-prototypes  -Wmissing-prototypes -Wpointer-arith -Wcast-qual  -DTURN_HAS_DAEMON    -DTURN_NO_PROMETHEUS       -DINSTALL_PREFIX=/usr/local -DTURNDB=/usr/local/var/db/turndb -Isrc -Isrc/apps/common -Isrc/server -Isrc/client -Isrc/client++ -I/usr/local/include/ -I/usr/local/include/  src/apps/oauth/oauth.c src/apps/common/apputils.c src/apps/common/ns_turn_utils.c src/apps/common/stun_buffer.c -o bin/turnutils_oauth -Llib -lturnclient -Llib -lrt -lnsl -lresolv -lcrypto -lssl -levent_core -levent_extra -levent_openssl -levent_pthreads -levent  -Wl,-rpath,/usr/local/lib
    /usr/bin/ld: lib/libturnclient.a(ns_turn_msg.o): in function `stun_produce_integrity_key_str':
    /home/example/Documents/coturn/src/client/ns_turn_msg.c:260: undefined reference to `FIPS_mode'
    collect2: error: ld returned 1 exit status
    make: *** [Makefile:121: bin/turnutils_oauth] エラー 1
    


    나는 http://turnserver.open-sys.org/을 시도하고 GitHub repository을 복제했지만 동일한 결과를 얻었습니다.

    비공식 PPA 저장소 추가



    그 후 PPA 저장소를 추가하기로 결정했습니다.

    sudo add-apt-repository ppa:ubuntuhandbook1/coturn
    sudo apt update
    sudo apt install coturn
    


  • How to install Coturn (TURN / STUN Server) in Ubuntu 22.04 via PPA - OSS Malta

  • 드디어 coTurn ver.4.5.2-1을 설치했습니다.

    구성 편집 및 coTurn 시작



    coTurn을 시작하려면 "/etc/default/coturn"의 주석을 해제하고 "sudo systemctl start coturn"을 실행합니다.

    코턴




    #
    # Uncomment it if you want to have the turnserver running as 
    # an automatic system service daemon
    #
    TURNSERVER_ENABLED=1
    


    그런 다음 "/etc/turnserver.conf"를 편집합니다.
    저는 도메인이 없기 때문에 이번에는 도메인 대신 IP 주소를 사용합니다.

    turnserver.conf




    ...
    # TURN listener port for UDP and TCP (Default: 3478).
    # Note: actually, TLS & DTLS sessions can connect to the
    # "plain" TCP & UDP port(s), too - if allowed by configuration.
    #
    listening-port=3478
    ...
    # Uncomment to run TURN server in 'extra' verbose mode.
    # This mode is very annoying and produces lots of output.
    # Not recommended under normal circumstances.
    #
    Verbose
    
    # Uncomment to use fingerprints in the TURN messages.
    # By default the fingerprints are off.
    #
    fingerprint
    
    # Uncomment to use long-term credential mechanism.
    # By default no credentials mechanism is used (any user allowed).
    #
    lt-cred-mech
    ...
    # 'Static' user accounts for the long term credentials mechanism, only.
    # This option cannot be used with TURN REST API.
    # 'Static' user accounts are NOT dynamically checked by the turnserver process,
    # so they can NOT be changed while the turnserver is running.
    #
    #user=username1:key1
    #user=username2:key2
    # OR:
    user=username1:password1
    ...
    # The default realm to be used for the users when no explicit
    # origin/realm relationship is found in the database, or if the TURN
    # server is not using any database (just the commands-line settings
    # and the userdb file). Must be used with long-term credentials
    # mechanism or with TURN REST API.
    #
    # Note: If the default realm is not specified, then realm falls back to the host domain name.
    #       If the domain name string is empty, or set to '(None)', then it is initialized as an empty string.
    #
    realm=192.168.XX.YYY
    ...
    # Certificate file.
    # Use an absolute path or path relative to the
    # configuration file.
    # Use PEM file format.
    #
    cert=/home/example/local_cert.pem
    
    # Private key file.
    # Use an absolute path or path relative to the
    # configuration file.
    # Use PEM file format.
    #
    pkey=/home/example/local_key.pem
    ...
    # Option to set the log file name.
    # By default, the turnserver tries to open a log file in
    # /var/log, /var/tmp, /tmp and the current directory
    # (Whichever file open operation succeeds first will be used).
    # With this option you can set the definite log file name.
    # The special names are "stdout" and "-" - they will force everything
    # to the stdout. Also, the "syslog" name will force everything to
    # the system log (syslog).
    # In the runtime, the logfile can be reset with the SIGHUP signal
    # to the turnserver process.
    #
    log-file=/var/tmp/turn.log
    ...
    # Option to suppress STUN functionality, only TURN requests will be processed.
    # Run as TURN server only, all STUN requests will be ignored.
    # By default, this option is NOT set.
    #
    no-stun
    ...
    


  • INSTALL - coturn - GitHub
  • README.turnserver - coturn - GitHub
  • How to setup and configure TURN server using coTURN? - Metered blog
  • How to Set up Coturn TURN Server for Spreed WebRTC - LinuxBabe
  • WebRTC のための TURN サーバ - panda's tech note
  • systemd - ArchWiki

  • 노력하다



    이 경우에 사용되는 모든 클라이언트는 동일한 네트워크에 연결되어 있으므로 일반적으로 TURN 서버를 거치지 않습니다.
    따라서 "iceTransportPolicy"를 추가하여 강제로 통과시킵니다.

    webrtc.controller.ts




    ...
        public connect() {
            if (this.webcamStream == null) {
                console.error("Local video was null");
                return;
            }
            this.peerConnection = new RTCPeerConnection({
                iceServers: [{
                    urls: "turn:192.168.XX.YYY:3478",
                    username: "username1",
                    credential: "password1",
                }],
                // Force using STUN or TURN servers. 
                iceTransportPolicy: "relay"
            });
    ...
    


    클라이언트의 ICE 후보




    {"candidate":"candidate:1070431248 1 udp 41885439 192.168.XX.YYY 61498 typ relay raddr 0.0.0.0 rport 0 generation 0 ufrag U+dE network-id 1","sdpMid":"0","sdpMLineIndex":0}
    


  • RTCPeerConnection() - MDN
  • 좋은 웹페이지 즐겨찾기