From 29c16e42bd9553a5b32728c55a9cc4630e24b3e0 Mon Sep 17 00:00:00 2001 From: Frank de Lange Date: Tue, 7 Jul 2020 15:14:28 +0200 Subject: [PATCH] Move STUN/TURN to IANA-assigned ports - 3478 and 5349 (TLS) (#6172) * Move STUN/TURN to IANA-assigned ports - 3478 and 5349 (TLS) * Change remaining references to TURNS port from 4445 to 5349 * Change back TURNS to 443 --- config.js | 2 +- debian/jitsi-meet-turnserver.postinst | 4 ++-- doc/debian/jitsi-meet-prosody/prosody.cfg.lua-jvb.example | 4 ++-- doc/debian/jitsi-meet-turn/turnserver.conf | 4 ++-- doc/debian/jitsi-meet/jitsi-meet.conf | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/config.js b/config.js index 8841d9ec1..0e4bbad5b 100644 --- a/config.js +++ b/config.js @@ -361,7 +361,7 @@ var config = { // The STUN servers that will be used in the peer to peer connections stunServers: [ - // { urls: 'stun:jitsi-meet.example.com:4446' }, + // { urls: 'stun:jitsi-meet.example.com:3478' }, { urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' } ] diff --git a/debian/jitsi-meet-turnserver.postinst b/debian/jitsi-meet-turnserver.postinst index 4272647c5..e3ca04752 100644 --- a/debian/jitsi-meet-turnserver.postinst +++ b/debian/jitsi-meet-turnserver.postinst @@ -49,7 +49,7 @@ case "$1" in # nothing to do echo "------------------------------------------------" echo "" - echo "turnserver is listening on tcp 4445 as other nginx sites use port 443" + echo "turnserver is listening on tcp 5349 as other nginx sites use port 443" echo "" echo "------------------------------------------------" NGINX_MULTIPLEXING="false" @@ -152,7 +152,7 @@ case "$1" in PROSODY_HOST_CONFIG="/etc/prosody/conf.avail/$JVB_HOSTNAME.cfg.lua" if [ -f $PROSODY_HOST_CONFIG ] ; then # If we are not multiplexing we need to change the port in prosody config - sed -i 's/"443"/"4445"/g' $PROSODY_HOST_CONFIG + sed -i 's/"443"/"5349"/g' $PROSODY_HOST_CONFIG invoke-rc.d prosody restart || true fi fi diff --git a/doc/debian/jitsi-meet-prosody/prosody.cfg.lua-jvb.example b/doc/debian/jitsi-meet-prosody/prosody.cfg.lua-jvb.example index 3e8669f89..1e6163d88 100644 --- a/doc/debian/jitsi-meet-prosody/prosody.cfg.lua-jvb.example +++ b/doc/debian/jitsi-meet-prosody/prosody.cfg.lua-jvb.example @@ -6,8 +6,8 @@ muc_mapper_domain_base = "jitmeet.example.com"; turncredentials_secret = "__turnSecret__"; turncredentials = { - { type = "stun", host = "jitmeet.example.com", port = "4446" }, - { type = "turn", host = "jitmeet.example.com", port = "4446", transport = "udp" }, + { type = "stun", host = "jitmeet.example.com", port = "3478" }, + { type = "turn", host = "jitmeet.example.com", port = "3478", transport = "udp" }, { type = "turns", host = "jitmeet.example.com", port = "443", transport = "tcp" } }; diff --git a/doc/debian/jitsi-meet-turn/turnserver.conf b/doc/debian/jitsi-meet-turn/turnserver.conf index f37c6db50..57ae23e35 100644 --- a/doc/debian/jitsi-meet-turn/turnserver.conf +++ b/doc/debian/jitsi-meet-turn/turnserver.conf @@ -10,8 +10,8 @@ no-cli no-loopback-peers no-tcp-relay no-tcp -listening-port=4446 -tls-listening-port=4445 +listening-port=3478 +tls-listening-port=5349 external-ip=__external_ip_address__ no-tlsv1 no-tlsv1_1 diff --git a/doc/debian/jitsi-meet/jitsi-meet.conf b/doc/debian/jitsi-meet/jitsi-meet.conf index 989d6a154..879fcf29e 100644 --- a/doc/debian/jitsi-meet/jitsi-meet.conf +++ b/doc/debian/jitsi-meet/jitsi-meet.conf @@ -7,7 +7,7 @@ stream { server 127.0.0.1:4444; } upstream turn { - server 127.0.0.1:4445; + server 127.0.0.1:5349; } # since 1.13.10 map $ssl_preread_alpn_protocols $upstream {