TURN allocation identity types and transport helpers.
| Name | Description |
|---|---|
Client | TURN client that manages relay allocations, permissions, and data relay via RFC 5766. |
FiveTuple | TURN allocation identity tuple: client remote address, server local address, and transport protocol. |
IAllocation | Base class for TURN relay allocations shared by client and server flows. |
PermissionPolicy | Lightweight server-side TURN permission policy. |
Request | A STUN message annotated with the transport type and source/destination addresses needed for server-side routing and response generation. |
Server | TURN server RFC 5766 / RFC 6062 implementation. Listens on UDP and/or TCP, authenticates requests via ServerObserver, and manages ServerAllocation objects for each 5-tuple. |
ServerAllocation | Server-side TURN allocation that tracks permissions, lifetime, and relay state. Handles Refresh and CreatePermission requests common to both UDP and TCP allocations. Subclassed by UDPAllocation and TCPAllocation for transport-specific behaviour. |
TCPAllocation | Server-side TCP TURN allocation with connection pair management per RFC 6062. Maintains a control connection for STUN signalling and an acceptor socket for incoming peer TCP connections. Each peer connection is tracked as a TCPConnectionPair and bridged to the client after a successful ConnectionBind. |
TCPClient | TCP transport TURN client with relay connection management per RFC 6062. Uses a single TCP control connection for STUN signalling and opens additional TCP relay connections for each peer via the Connect / ConnectionBind flow. |
TCPConnectionPair | Paired TCP connections forming a single TURN relay pipe between a client and a peer. Lifetime managed by IntrusivePtr; the owning TCPAllocation holds the Ptr in its pair map. |
UDPAllocation | Server-side UDP TURN allocation that relays datagrams to permitted peers. Binds a dedicated UDP relay socket for peer communication and forwards incoming datagrams to the client as Data Indications. |
UDPClient | UDP transport TURN client for datagram-based relay allocations. Uses a single UDP socket for both STUN signalling and Send/Data Indications. All Client methods apply; data is relayed via sendData() using Send Indications. |
ClientObserver | Abstract observer interface for TURN client events. Callers subclass this to receive allocation lifecycle and data relay callbacks. |
ClientState | State machine states for the TURN client. |
Permission | A single TURN permission entry associating a peer IP with a 5-minute expiry timer. Per RFC 5766 section 8, permissions last exactly 300 seconds and must be refreshed via a new CreatePermission request before they expire. |
RelayConnectionBinding | Binding metadata stored as socket opaque data during a ConnectionBind handshake. Associates a relay socket with its TURN connection ID and peer address. |
ServerObserver | Observer interface that the application must implement to participate in server-side allocation management and authentication. |
ServerOptions | Configuration options for the TURN server. |
TCPClientObserver | Observer interface for TCP TURN client events (RFC 6062). Extends ClientObserver with callbacks specific to TCP relay connections. |
| Name | Description |
|---|---|
AuthenticationState | Result returned by ServerObserver::authenticateRequest() to control how the server proceeds with an incoming STUN request. |
enum AuthenticationStateResult returned by ServerObserver::authenticateRequest() to control how the server proceeds with an incoming STUN request.
| Value | Description |
|---|---|
Authenticating | Authentication is in progress; server holds the request. |
Authorized | Credentials verified; request may proceed. |
QuotaReached | User quota exceeded; respond with 486. |
NotAuthorized | Credentials rejected; respond with 401. |
| Return | Name | Description |
|---|---|---|
KVCollection< net::Address, net::SocketEmitter > | ConnectionManager | Relay connection registry keyed by peer address for RFC 6062 TCP relays. |
ConnectionManager::Map | ConnectionManagerMap | Underlying map type used by the TCP relay connection registry. |
std::vector< Permission > | PermissionList | Active TURN permissions associated with one allocation. |
std::map< FiveTuple, std::unique_ptr< ServerAllocation > > | ServerAllocationMap | Active server allocations keyed by the client/server 5-tuple. |
std::map< uint32_t, TCPConnectionPair::Ptr > | TCPConnectionPairMap | Accepted peer TCP connections keyed by TURN CONNECTION-ID. |
std::vector< std::string > | IPList | List of peer IP strings used when creating or refreshing permissions. |
KVCollection< net::Address, net::SocketEmitter > ConnectionManager()Relay connection registry keyed by peer address for RFC 6062 TCP relays.
ConnectionManager::Map ConnectionManagerMap()Underlying map type used by the TCP relay connection registry.
std::vector< Permission > PermissionList()Active TURN permissions associated with one allocation.
std::map< FiveTuple, std::unique_ptr< ServerAllocation > > ServerAllocationMap()Active server allocations keyed by the client/server 5-tuple.
std::map< uint32_t, TCPConnectionPair::Ptr > TCPConnectionPairMap()Accepted peer TCP connections keyed by TURN CONNECTION-ID.
std::vector< std::string > IPList()List of peer IP strings used when creating or refreshing permissions.
| Return | Name | Description |
|---|---|---|
constexpr std::int64_t | kClientTimerInterval static | Timer interval for client maintenance (30 seconds) |
constexpr std::int64_t | kClientDefaultLifetime static | Default client allocation lifetime (5 minutes, in milliseconds) |
constexpr long | kClientDefaultTimeout static | Default client transaction timeout (10 seconds) |
constexpr std::int64_t | kDefaultAllocationLifetime static | Default allocation lifetime: 10 minutes (in milliseconds) |
constexpr int | PERMISSION_LIFETIME static | Permission Lifetime MUST be 300 seconds (= 5 minutes). |
constexpr uint32_t | kServerDefaultLifetime static | Default server allocation lifetime (2 minutes, in milliseconds) |
constexpr uint32_t | kServerMaxLifetime static | Maximum server allocation lifetime (15 minutes, in milliseconds) |
constexpr int | kServerMaxPermissions static | Maximum number of permissions per allocation. |
constexpr int | kServerTimerInterval static | Server timer interval (10 seconds) |
constexpr int | kServerEarlyMediaBufferSize static | Early media buffer size. |
constexpr int | kConnectionBindTimeout static | ConnectionBind request timeout (30 seconds, in milliseconds) |
constexpr int | CLIENT_SOCK_BUF_SIZE static | Default socket buffer size for TURN client sockets. |
constexpr int | SERVER_SOCK_BUF_SIZE static | Default socket buffer size for TURN server sockets. |
constexpr uint8_t | kProtocolUDP static | TURN protocol numbers. |
constexpr uint8_t | kProtocolTCP static | IP protocol number for TCP. |
constexpr int | kErrorTryAlternate static | TURN/STUN error codes used in this module. |
constexpr int | kErrorBadRequest static | Request was malformed or missing required attributes. |
constexpr int | kErrorNotAuthorized static | Authentication failed or credentials were not accepted. |
constexpr int | kErrorForbidden static | Request was understood but is not permitted for this client. |
constexpr int | kErrorUnknownAttribute static | Request included an unsupported comprehension-required attribute. |
constexpr int | kErrorUnsupportedTransport static | Requested transport protocol is not supported by the server. |
constexpr int | kErrorAllocationMismatch static | Client attempted an allocation operation that conflicts with existing state. |
constexpr int | kErrorStaleNonce static | Authentication nonce expired and must be refreshed. |
constexpr int | kErrorWrongCredentials static | Supplied credentials were well formed but did not match the allocation. |
constexpr int | kErrorConnectionAlreadyExists static | TURN TCP connection binding already exists. |
constexpr int | kErrorConnectionTimeoutOrFailure static | TURN TCP peer connection attempt timed out or failed. |
constexpr int | kErrorAllocationQuotaReached static | User or server allocation quota was exceeded. |
constexpr int | kErrorInsufficientCapacity static | Server lacks capacity to satisfy the request. |
constexpr int | kErrorOperationNotSupported static | Request is recognized but not implemented by this server. |
static
constexpr std::int64_t kClientTimerInterval = 30 * 1000Timer interval for client maintenance (30 seconds)
static
constexpr std::int64_t kClientDefaultLifetime = 5 * 60 * 1000Default client allocation lifetime (5 minutes, in milliseconds)
static
constexpr long kClientDefaultTimeout = 10 * 1000Default client transaction timeout (10 seconds)
static
constexpr std::int64_t kDefaultAllocationLifetime = 10 * 60 * 1000Default allocation lifetime: 10 minutes (in milliseconds)
static
constexpr int PERMISSION_LIFETIME = 5 * 60 * 1000Permission Lifetime MUST be 300 seconds (= 5 minutes).
static
constexpr uint32_t kServerDefaultLifetime = 2 * 60 * 1000Default server allocation lifetime (2 minutes, in milliseconds)
static
constexpr uint32_t kServerMaxLifetime = 15 * 60 * 1000Maximum server allocation lifetime (15 minutes, in milliseconds)
static
constexpr int kServerMaxPermissions = 10Maximum number of permissions per allocation.
static
constexpr int kServerTimerInterval = 10 * 1000Server timer interval (10 seconds)
static
constexpr int kServerEarlyMediaBufferSize = 8192Early media buffer size.
static
constexpr int kConnectionBindTimeout = 30 * 1000ConnectionBind request timeout (30 seconds, in milliseconds)
static
constexpr int CLIENT_SOCK_BUF_SIZE = 65536Default socket buffer size for TURN client sockets.
static
constexpr int SERVER_SOCK_BUF_SIZE = CLIENT_SOCK_BUF_SIZE * 32Default socket buffer size for TURN server sockets.
static
constexpr uint8_t kProtocolUDP = 17TURN protocol numbers.
IP protocol number for UDP.
static
constexpr uint8_t kProtocolTCP = 6IP protocol number for TCP.
static
constexpr int kErrorTryAlternate = 300TURN/STUN error codes used in this module.
Client should retry against an alternate TURN server.
static
constexpr int kErrorBadRequest = 400Request was malformed or missing required attributes.
static
constexpr int kErrorNotAuthorized = 401Authentication failed or credentials were not accepted.
static
constexpr int kErrorForbidden = 403Request was understood but is not permitted for this client.
static
constexpr int kErrorUnknownAttribute = 420Request included an unsupported comprehension-required attribute.
static
constexpr int kErrorUnsupportedTransport = 442Requested transport protocol is not supported by the server.
static
constexpr int kErrorAllocationMismatch = 437Client attempted an allocation operation that conflicts with existing state.
static
constexpr int kErrorStaleNonce = 438Authentication nonce expired and must be refreshed.
static
constexpr int kErrorWrongCredentials = 441Supplied credentials were well formed but did not match the allocation.
static
constexpr int kErrorConnectionAlreadyExists = 446TURN TCP connection binding already exists.
static
constexpr int kErrorConnectionTimeoutOrFailure = 447TURN TCP peer connection attempt timed out or failed.
static
constexpr int kErrorAllocationQuotaReached = 486User or server allocation quota was exceeded.
static
constexpr int kErrorInsufficientCapacity = 508Server lacks capacity to satisfy the request.
static
constexpr int kErrorOperationNotSupported = 600Request is recognized but not implemented by this server.