turn
May 15, 2026 ยท View on GitHub
{#turnmodulerfc5766}
turn
The [TURN module (rfc5766)](#turnmodulerfc5766) module contains TURN (rfc5766) client and server implementations.
Namespaces
| Name | Description |
|---|---|
turn | TURN allocation identity types and transport helpers. |
{#turn}
turn
TURN allocation identity types and transport helpers.
Classes
| Name | Description |
|---|---|
Client | TURN client that manages relay allocations, permissions, and data relay via RFC 5766. |
FiveTuple | TURN allocation identity tuple: client remote address, server local address, and transport protocol. |
IAllocation | Base class for TURN relay allocations shared by client and server flows. |
PermissionPolicy | Lightweight server-side TURN permission policy. |
Request | A STUN message annotated with the transport type and source/destination addresses needed for server-side routing and response generation. |
Server | TURN server RFC 5766 / RFC 6062 implementation. Listens on UDP and/or TCP, authenticates requests via ServerObserver, and manages ServerAllocation objects for each 5-tuple. |
ServerAllocation | Server-side TURN allocation that tracks permissions, lifetime, and relay state. Handles Refresh and CreatePermission requests common to both UDP and TCP allocations. Subclassed by UDPAllocation and TCPAllocation for transport-specific behaviour. |
TCPAllocation | Server-side TCP TURN allocation with connection pair management per RFC 6062. Maintains a control connection for STUN signalling and an acceptor socket for incoming peer TCP connections. Each peer connection is tracked as a TCPConnectionPair and bridged to the client after a successful ConnectionBind. |
TCPClient | TCP transport TURN client with relay connection management per RFC 6062. Uses a single TCP control connection for STUN signalling and opens additional TCP relay connections for each peer via the Connect / ConnectionBind flow. |
TCPConnectionPair | Paired TCP connections forming a single TURN relay pipe between a client and a peer. Lifetime managed by IntrusivePtr; the owning TCPAllocation holds the Ptr in its pair map. |
UDPAllocation | Server-side UDP TURN allocation that relays datagrams to permitted peers. Binds a dedicated UDP relay socket for peer communication and forwards incoming datagrams to the client as Data Indications. |
UDPClient | UDP transport TURN client for datagram-based relay allocations. Uses a single UDP socket for both STUN signalling and Send/Data Indications. All Client methods apply; data is relayed via sendData() using Send Indications. |
ClientObserver | Abstract observer interface for TURN client events. Callers subclass this to receive allocation lifecycle and data relay callbacks. |
ClientState | State machine states for the TURN client. |
Permission | A single TURN permission entry associating a peer IP with a 5-minute expiry timer. Per RFC 5766 section 8, permissions last exactly 300 seconds and must be refreshed via a new CreatePermission request before they expire. |
RelayConnectionBinding | Binding metadata stored as socket opaque data during a ConnectionBind handshake. Associates a relay socket with its TURN connection ID and peer address. |
ServerObserver | Observer interface that the application must implement to participate in server-side allocation management and authentication. |
ServerOptions | Configuration options for the TURN server. |
TCPClientObserver | Observer interface for TCP TURN client events (RFC 6062). Extends ClientObserver with callbacks specific to TCP relay connections. |
Enumerations
| Name | Description |
|---|---|
AuthenticationState | Result returned by ServerObserver::authenticateRequest() to control how the server proceeds with an incoming STUN request. |
{#authenticationstate}
AuthenticationState
enum AuthenticationState
Result returned by ServerObserver::authenticateRequest() to control how the server proceeds with an incoming STUN request.
| Value | Description |
|---|---|
Authenticating | Authentication is in progress; server holds the request. |
Authorized | Credentials verified; request may proceed. |
QuotaReached | User quota exceeded; respond with 486. |
NotAuthorized | Credentials rejected; respond with 401. |
Typedefs
| Return | Name | Description |
|---|---|---|
KVCollection< net::Address, net::SocketEmitter > | ConnectionManager | Relay connection registry keyed by peer address for RFC 6062 TCP relays. |
ConnectionManager::Map | ConnectionManagerMap | Underlying map type used by the TCP relay connection registry. |
std::vector< Permission > | PermissionList | Active TURN permissions associated with one allocation. |
std::map< FiveTuple, std::unique_ptr< ServerAllocation > > | ServerAllocationMap | Active server allocations keyed by the client/server 5-tuple. |
std::map< uint32_t, TCPConnectionPair::Ptr > | TCPConnectionPairMap | Accepted peer TCP connections keyed by TURN CONNECTION-ID. |
std::vector< std::string > | IPList | List of peer IP strings used when creating or refreshing permissions. |
{#connectionmanager}
ConnectionManager
using ConnectionManager = KVCollection< net::Address, net::SocketEmitter >
Relay connection registry keyed by peer address for RFC 6062 TCP relays.
{#connectionmanagermap}
ConnectionManagerMap
using ConnectionManagerMap = ConnectionManager::Map
Underlying map type used by the TCP relay connection registry.
{#permissionlist}
PermissionList
using PermissionList = std::vector< Permission >
Active TURN permissions associated with one allocation.
{#serverallocationmap}
ServerAllocationMap
using ServerAllocationMap = std::map< FiveTuple, std::unique_ptr< ServerAllocation > >
Active server allocations keyed by the client/server 5-tuple.
{#tcpconnectionpairmap}
TCPConnectionPairMap
using TCPConnectionPairMap = std::map< uint32_t, TCPConnectionPair::Ptr >
Accepted peer TCP connections keyed by TURN CONNECTION-ID.
{#iplist}
IPList
using IPList = std::vector< std::string >
List of peer IP strings used when creating or refreshing permissions.
Variables
| Return | Name | Description |
|---|---|---|
std::int64_t | kClientTimerInterval static constexpr | Timer interval for client maintenance (30 seconds). |
std::int64_t | kClientDefaultLifetime static constexpr | Default client allocation lifetime (5 minutes, in milliseconds). |
long | kClientDefaultTimeout static constexpr | Default client transaction timeout (10 seconds). |
std::int64_t | kDefaultAllocationLifetime static constexpr | Default allocation lifetime: 10 minutes (in milliseconds). |
int | PERMISSION_LIFETIME static constexpr | Permission Lifetime MUST be 300 seconds (= 5 minutes). |
uint32_t | kServerDefaultLifetime static constexpr | Default server allocation lifetime (2 minutes, in milliseconds). |
uint32_t | kServerMaxLifetime static constexpr | Maximum server allocation lifetime (15 minutes, in milliseconds). |
int | kServerMaxPermissions static constexpr | Maximum number of permissions per allocation. |
int | kServerTimerInterval static constexpr | Server timer interval (10 seconds). |
int | kServerEarlyMediaBufferSize static constexpr | Early media buffer size. |
int | kConnectionBindTimeout static constexpr | ConnectionBind request timeout (30 seconds, in milliseconds). |
int | CLIENT_SOCK_BUF_SIZE static constexpr | Default socket buffer size for TURN client sockets. |
int | SERVER_SOCK_BUF_SIZE static constexpr | Default socket buffer size for TURN server sockets. |
uint8_t | kProtocolUDP static constexpr | TURN protocol numbers. |
uint8_t | kProtocolTCP static constexpr | IP protocol number for TCP. |
int | kErrorTryAlternate static constexpr | TURN/STUN error codes used in this module. |
int | kErrorBadRequest static constexpr | Request was malformed or missing required attributes. |
int | kErrorNotAuthorized static constexpr | Authentication failed or credentials were not accepted. |
int | kErrorForbidden static constexpr | Request was understood but is not permitted for this client. |
int | kErrorUnknownAttribute static constexpr | Request included an unsupported comprehension-required attribute. |
int | kErrorUnsupportedTransport static constexpr | Requested transport protocol is not supported by the server. |
int | kErrorAllocationMismatch static constexpr | Client attempted an allocation operation that conflicts with existing state. |
int | kErrorStaleNonce static constexpr | Authentication nonce expired and must be refreshed. |
int | kErrorWrongCredentials static constexpr | Supplied credentials were well formed but did not match the allocation. |
int | kErrorConnectionAlreadyExists static constexpr | TURN TCP connection binding already exists. |
int | kErrorConnectionTimeoutOrFailure static constexpr | TURN TCP peer connection attempt timed out or failed. |
int | kErrorAllocationQuotaReached static constexpr | User or server allocation quota was exceeded. |
int | kErrorInsufficientCapacity static constexpr | Server lacks capacity to satisfy the request. |
int | kErrorOperationNotSupported static constexpr | Request is recognized but not implemented by this server. |
{#kclienttimerinterval}
kClientTimerInterval
static constexpr
std::int64_t kClientTimerInterval = 30 * 1000
Timer interval for client maintenance (30 seconds).
{#kclientdefaultlifetime}
kClientDefaultLifetime
static constexpr
std::int64_t kClientDefaultLifetime = 5 * 60 * 1000
Default client allocation lifetime (5 minutes, in milliseconds).
{#kclientdefaulttimeout}
kClientDefaultTimeout
static constexpr
long kClientDefaultTimeout = 10 * 1000
Default client transaction timeout (10 seconds).
{#kdefaultallocationlifetime}
kDefaultAllocationLifetime
static constexpr
std::int64_t kDefaultAllocationLifetime = 10 * 60 * 1000
Default allocation lifetime: 10 minutes (in milliseconds).
{#permission_lifetime}
PERMISSION_LIFETIME
static constexpr
int PERMISSION_LIFETIME = 5 * 60 * 1000
Permission Lifetime MUST be 300 seconds (= 5 minutes).
{#kserverdefaultlifetime}
kServerDefaultLifetime
static constexpr
uint32_t kServerDefaultLifetime = 2 * 60 * 1000
Default server allocation lifetime (2 minutes, in milliseconds).
{#kservermaxlifetime}
kServerMaxLifetime
static constexpr
uint32_t kServerMaxLifetime = 15 * 60 * 1000
Maximum server allocation lifetime (15 minutes, in milliseconds).
{#kservermaxpermissions}
kServerMaxPermissions
static constexpr
int kServerMaxPermissions = 10
Maximum number of permissions per allocation.
{#kservertimerinterval}
kServerTimerInterval
static constexpr
int kServerTimerInterval = 10 * 1000
Server timer interval (10 seconds).
{#kserverearlymediabuffersize}
kServerEarlyMediaBufferSize
static constexpr
int kServerEarlyMediaBufferSize = 8192
Early media buffer size.
{#kconnectionbindtimeout}
kConnectionBindTimeout
static constexpr
int kConnectionBindTimeout = 30 * 1000
ConnectionBind request timeout (30 seconds, in milliseconds).
{#client_sock_buf_size}
CLIENT_SOCK_BUF_SIZE
static constexpr
int CLIENT_SOCK_BUF_SIZE = 65536
Default socket buffer size for TURN client sockets.
{#server_sock_buf_size}
SERVER_SOCK_BUF_SIZE
static constexpr
int SERVER_SOCK_BUF_SIZE = CLIENT_SOCK_BUF_SIZE * 32
Default socket buffer size for TURN server sockets.
{#kprotocoludp}
kProtocolUDP
static constexpr
uint8_t kProtocolUDP = 17
TURN protocol numbers.
IP protocol number for UDP.
{#kprotocoltcp}
kProtocolTCP
static constexpr
uint8_t kProtocolTCP = 6
IP protocol number for TCP.
{#kerrortryalternate}
kErrorTryAlternate
static constexpr
int kErrorTryAlternate = 300
TURN/STUN error codes used in this module.
Client should retry against an alternate TURN server.
{#kerrorbadrequest}
kErrorBadRequest
static constexpr
int kErrorBadRequest = 400
Request was malformed or missing required attributes.
{#kerrornotauthorized}
kErrorNotAuthorized
static constexpr
int kErrorNotAuthorized = 401
Authentication failed or credentials were not accepted.
{#kerrorforbidden}
kErrorForbidden
static constexpr
int kErrorForbidden = 403
Request was understood but is not permitted for this client.
{#kerrorunknownattribute}
kErrorUnknownAttribute
static constexpr
int kErrorUnknownAttribute = 420
Request included an unsupported comprehension-required attribute.
{#kerrorunsupportedtransport}
kErrorUnsupportedTransport
static constexpr
int kErrorUnsupportedTransport = 442
Requested transport protocol is not supported by the server.
{#kerrorallocationmismatch}
kErrorAllocationMismatch
static constexpr
int kErrorAllocationMismatch = 437
Client attempted an allocation operation that conflicts with existing state.
{#kerrorstalenonce}
kErrorStaleNonce
static constexpr
int kErrorStaleNonce = 438
Authentication nonce expired and must be refreshed.
{#kerrorwrongcredentials}
kErrorWrongCredentials
static constexpr
int kErrorWrongCredentials = 441
Supplied credentials were well formed but did not match the allocation.
{#kerrorconnectionalreadyexists}
kErrorConnectionAlreadyExists
static constexpr
int kErrorConnectionAlreadyExists = 446
TURN TCP connection binding already exists.
{#kerrorconnectiontimeoutorfailure}
kErrorConnectionTimeoutOrFailure
static constexpr
int kErrorConnectionTimeoutOrFailure = 447
TURN TCP peer connection attempt timed out or failed.
{#kerrorallocationquotareached}
kErrorAllocationQuotaReached
static constexpr
int kErrorAllocationQuotaReached = 486
User or server allocation quota was exceeded.
{#kerrorinsufficientcapacity}
kErrorInsufficientCapacity
static constexpr
int kErrorInsufficientCapacity = 508
Server lacks capacity to satisfy the request.
{#kerroroperationnotsupported}
kErrorOperationNotSupported
static constexpr
int kErrorOperationNotSupported = 600
Request is recognized but not implemented by this server.
{#client-2}
Client
#include <icy/turn/client/client.h>
class Client
Defined in src/turn/include/icy/turn/client/client.h:124
Inherits:
Stateful< ClientState >,IAllocationSubclassed by:TCPClient,UDPClient
TURN client that manages relay allocations, permissions, and data relay via RFC 5766.
List of all members
| Name | Kind | Owner |
|---|---|---|
Client | function | Declared here |
start | function | Declared here |
stop | function | Declared here |
sendAllocate | function | Declared here |
addPermission | function | Declared here |
addPermission | function | Declared here |
sendCreatePermission | function | Declared here |
sendChannelBind | function | Declared here |
sendRefresh | function | Declared here |
sendData | function | Declared here |
handleResponse | function | Declared here |
handleAllocateResponse | function | Declared here |
handleAllocateErrorResponse | function | Declared here |
handleCreatePermissionResponse | function | Declared here |
handleCreatePermissionErrorResponse | function | Declared here |
handleRefreshResponse | function | Declared here |
handleDataIndication | function | Declared here |
transportProtocol | function | Declared here |
createTransaction | function | Declared here |
authenticateRequest | function | Declared here |
sendAuthenticatedTransaction | function | Declared here |
removeTransaction | function | Declared here |
mappedAddress | function | Declared here |
relayedAddress | function | Declared here |
closed | function | Declared here |
observer | function | Declared here |
options | function | Declared here |
addPermission | function | Declared here |
hasPermission | function | Declared here |
hasPermission | function | Declared here |
removePermission | function | Declared here |
removePermission | function | Declared here |
_observer | variable | Declared here |
_options | variable | Declared here |
_socket | variable | Declared here |
_timer | variable | Declared here |
_error | variable | Declared here |
_mappedAddress | variable | Declared here |
_relayedAddress | variable | Declared here |
_realm | variable | Declared here |
_nonce | variable | Declared here |
_pendingIndications | variable | Declared here |
_transactions | variable | Declared here |
setError | function | Declared here |
onSocketConnect | function | Declared here |
onSocketRecv | function | Declared here |
onSocketClose | function | Declared here |
onTransactionProgress | function | Declared here |
onStateChange | function | Declared here |
onTimer | function | Declared here |
StateChange | variable | Inherited from Stateful |
_state | variable | Inherited from Stateful |
Stateful | function | Inherited from Stateful |
~Stateful | function | Inherited from Stateful |
stateEquals | function | Inherited from Stateful |
stateBetween | function | Inherited from Stateful |
state | function | Inherited from Stateful |
state | function | Inherited from Stateful |
beforeStateChange | function | Inherited from Stateful |
onStateChange | function | Inherited from Stateful |
setState | function | Inherited from Stateful |
setState | function | Inherited from Stateful |
operator<< | friend | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
updateUsage | function | Inherited from IAllocation |
setLifetime | function | Inherited from IAllocation |
setBandwidthLimit | function | Inherited from IAllocation |
expired | function | Inherited from IAllocation |
deleted | function | Inherited from IAllocation |
bandwidthLimit | function | Inherited from IAllocation |
bandwidthUsed | function | Inherited from IAllocation |
bandwidthRemaining | function | Inherited from IAllocation |
timeRemaining | function | Inherited from IAllocation |
tuple | function | Inherited from IAllocation |
username | function | Inherited from IAllocation |
lifetime | function | Inherited from IAllocation |
permissions | function | Inherited from IAllocation |
relayedAddress | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermissions | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removeAllPermissions | function | Inherited from IAllocation |
removeExpiredPermissions | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
print | function | Inherited from IAllocation |
_tuple | variable | Inherited from IAllocation |
_username | variable | Inherited from IAllocation |
_permissions | variable | Inherited from IAllocation |
_lifetime | variable | Inherited from IAllocation |
_bandwidthLimit | variable | Inherited from IAllocation |
_bandwidthUsed | variable | Inherited from IAllocation |
_createdAt | variable | Inherited from IAllocation |
_updatedAt | variable | Inherited from IAllocation |
_deleted | variable | Inherited from IAllocation |
Inherited from Stateful
| Kind | Name | Description |
|---|---|---|
variable | StateChange | Signals when the state changes. |
variable | _state | |
function | Stateful inline | |
function | ~Stateful virtual inline | |
function | stateEquals virtual const inline | Returns true if the current state ID equals the given ID. |
function | stateBetween virtual const inline | Returns true if the current state ID is in the inclusive range [lid, rid]. |
function | state virtual inline | Returns a mutable reference to the current state. |
function | state virtual const inline | Returns a copy of the current state. |
function | beforeStateChange virtual inline | Override to handle pre state change logic. Return false to prevent state change. |
function | onStateChange virtual inline | Override to handle post state change logic. |
function | setState virtual inline | Sets the state and sends the state signal if the state change was successful. |
function | setState virtual inline | Sets the state and sends the state signal if the state change was successful. |
Inherited from IAllocation
| Kind | Name | Description |
|---|---|---|
friend | operator<< inline | |
function | IAllocation | |
function | IAllocation | Deleted constructor. |
function | IAllocation | Deleted constructor. |
function | updateUsage virtual | Updates the last-activity timestamp and accumulates bandwidth usage. Call this whenever data is relayed through the allocation. |
function | setLifetime virtual | Sets the allocation lifetime in seconds and resets the activity timestamp, effectively extending the expiry from the current moment. |
function | setBandwidthLimit virtual | Sets the maximum number of bytes this allocation may relay in its lifetime. Pass 0 to disable bandwidth limiting. |
function | expired virtual const nodiscard | |
function | deleted virtual const nodiscard | Returns true if the allocation's deleted flag is set and or if the allocation has expired. |
function | bandwidthLimit virtual const nodiscard | |
function | bandwidthUsed virtual const nodiscard | |
function | bandwidthRemaining virtual const nodiscard | |
function | timeRemaining virtual const nodiscard | |
function | tuple virtual | |
function | username virtual const nodiscard | |
function | lifetime virtual const nodiscard | |
function | permissions virtual const nodiscard | |
function | relayedAddress virtual const nodiscard | |
function | addPermission virtual | Adds a permission for ip, or refreshes the existing one. |
function | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
function | addPermissions virtual | Adds (or refreshes) permissions for multiple IPs. |
function | removePermission virtual | Removes the permission for ip if present. |
function | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
function | removeAllPermissions virtual | Removes all permissions from the list. |
function | removeExpiredPermissions virtual | Removes any permissions whose 5-minute lifetime has elapsed. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | print virtual const inline | |
variable | _tuple | |
variable | _username | |
variable | _permissions | |
variable | _lifetime | |
variable | _bandwidthLimit | |
variable | _bandwidthUsed | |
variable | _createdAt | |
variable | _updatedAt | |
variable | _deleted |
Public Methods
| Return | Name | Description |
|---|---|---|
Client | ||
void | start virtual | Connects the socket to the TURN server and starts the allocation sequence. Permissions must be added via addPermission() before calling this. |
void | stop virtual | Stops the timer, cancels pending transactions, and closes the socket. |
void | sendAllocate virtual | Sends an Allocate request to the server with the configured transport and lifetime. On first call the server will typically respond with a 401 challenge; the client re-sends with credentials automatically. |
void | addPermission virtual | Adds multiple peer IP addresses to the permission list. |
void | addPermission virtual override | Adds a single peer IP to the permission list, or refreshes it if already present. Permissions should be added before start(); they may also be added later, in which case a new CreatePermission request is required. |
void | sendCreatePermission virtual | Sends a CreatePermission request for all IPs currently in the permission list. Called automatically after allocation succeeds and periodically by the timer to refresh expiring permissions. |
void | sendChannelBind virtual | Channel bindings (RFC 5766 Section 11) are intentionally not implemented. They are a bandwidth optimization that replaces STUN-framed Send/Data indications with a compact 4-byte ChannelData header. This only benefits high-throughput media relay scenarios; in practice, media flows directly via ICE/DTLS rather than through this TURN client's data path, so the optimization is not worth the complexity (channel number allocation, 10-minute binding refresh timers, ChannelData wire framing). Data relay uses sendData() with Send Indications instead. |
void | sendRefresh virtual | Sends a Refresh request to extend the allocation lifetime. Called automatically by the timer when roughly one-third of the lifetime remains. |
void | sendData virtual | Sends a Send Indication to relay data to peerAddress through the TURN server. If permissions are still being negotiated the indication is queued and flushed once CreatePermission succeeds. |
bool | handleResponse virtual | Dispatches an incoming STUN/TURN response to the appropriate handler. |
void | handleAllocateResponse virtual | Processes a successful Allocate response; extracts mapped/relayed addresses and advances the state to Authorizing, then sends CreatePermission. |
void | handleAllocateErrorResponse virtual | Handles an Allocate error response; manages the 401 challenge/re-send flow and sets the client to Failed for unrecoverable errors. |
void | handleCreatePermissionResponse virtual | Handles a successful CreatePermission response; flushes queued Send Indications and advances state to Success. |
void | handleCreatePermissionErrorResponse virtual | Handles a failed CreatePermission response; clears all permissions and sets the client to Failed. |
void | handleRefreshResponse virtual | Handles a Refresh response; updates the stored lifetime. |
void | handleDataIndication virtual | Handles an incoming Data Indication; extracts peer address and data and forwards to ClientObserver::onRelayDataReceived(). |
int | transportProtocol virtual | |
stun::Transaction::Ptr | createTransaction virtual | Creates a new STUN transaction, registers the progress callback, and adds it to the active transaction list. |
void | authenticateRequest virtual | Adds STUN long-term credential attributes (Username, Realm, Nonce, MessageIntegrity) to request if the realm has been received from the server. |
bool | sendAuthenticatedTransaction virtual | Calls authenticateRequest() then sends the transaction. |
stun::Transaction::Ptr | removeTransaction virtual | Removes a transaction from the active list. The IntrusivePtr keeps the object alive until the caller's copy is released. |
net::Address | mappedAddress const nodiscard | |
net::Address | relayedAddress virtual const nodiscard override | |
bool | closed const nodiscard | |
ClientObserver & | observer | |
const Options & | options const nodiscard | |
void | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
bool | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
bool | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
void | removePermission virtual | Removes the permission for ip if present. |
void | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
{#client-3}
Client
Client(ClientObserver & observer, const Options & options, const net::Socket::Ptr & socket)
Defined in src/turn/include/icy/turn/client/client.h:161
Parameters
-
observerObserver to receive lifecycle and data callbacks. -
optionsConfiguration for this client instance. -
socketUnderlying transport socket (TCP or UDP).
{#start-13}
start
virtual
virtual void start()
Defined in src/turn/include/icy/turn/client/client.h:166
Connects the socket to the TURN server and starts the allocation sequence. Permissions must be added via addPermission() before calling this.
Reimplemented by
{#stop-10}
stop
virtual
virtual void stop()
Defined in src/turn/include/icy/turn/client/client.h:169
Stops the timer, cancels pending transactions, and closes the socket.
Reimplemented by
{#sendallocate}
sendAllocate
virtual
virtual void sendAllocate()
Defined in src/turn/include/icy/turn/client/client.h:175
Sends an Allocate request to the server with the configured transport and lifetime. On first call the server will typically respond with a 401 challenge; the client re-sends with credentials automatically.
{#addpermission}
addPermission
virtual
virtual void addPermission(const IPList & peerIPs)
Defined in src/turn/include/icy/turn/client/client.h:179
Adds multiple peer IP addresses to the permission list.
Parameters
peerIPsList of IPv4 address strings to permit.
{#addpermission-1}
addPermission
virtual override
virtual void addPermission(const std::string & ip) override
Defined in src/turn/include/icy/turn/client/client.h:186
Adds a single peer IP to the permission list, or refreshes it if already present. Permissions should be added before start(); they may also be added later, in which case a new CreatePermission request is required.
Parameters
ipIPv4 address string of the permitted peer.
Reimplements
{#sendcreatepermission}
sendCreatePermission
virtual
virtual void sendCreatePermission()
Defined in src/turn/include/icy/turn/client/client.h:191
Sends a CreatePermission request for all IPs currently in the permission list. Called automatically after allocation succeeds and periodically by the timer to refresh expiring permissions.
{#sendchannelbind}
sendChannelBind
virtual
virtual void sendChannelBind(const std::string & peerIP)
Defined in src/turn/include/icy/turn/client/client.h:202
Channel bindings (RFC 5766 Section 11) are intentionally not implemented. They are a bandwidth optimization that replaces STUN-framed Send/Data indications with a compact 4-byte ChannelData header. This only benefits high-throughput media relay scenarios; in practice, media flows directly via ICE/DTLS rather than through this TURN client's data path, so the optimization is not worth the complexity (channel number allocation, 10-minute binding refresh timers, ChannelData wire framing). Data relay uses sendData() with Send Indications instead.
Parameters
peerIPUnused; always throws std::logic_error.
{#sendrefresh}
sendRefresh
virtual
virtual void sendRefresh()
Defined in src/turn/include/icy/turn/client/client.h:207
Sends a Refresh request to extend the allocation lifetime. Called automatically by the timer when roughly one-third of the lifetime remains.
{#senddata}
sendData
virtual
virtual void sendData(const char * data, size_t size, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/client.h:215
Sends a Send Indication to relay data to peerAddress through the TURN server. If permissions are still being negotiated the indication is queued and flushed once CreatePermission succeeds.
Parameters
-
dataPointer to the payload to relay. -
sizeNumber of bytes to relay. -
peerAddressDestination peer address (must have an active permission).
Reimplemented by
{#handleresponse}
handleResponse
virtual
virtual bool handleResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/client.h:220
Dispatches an incoming STUN/TURN response to the appropriate handler.
Parameters
responseReceived STUN message.
Returns
true if the message was handled, false if it was unrecognised.
Reimplemented by
{#handleallocateresponse}
handleAllocateResponse
virtual
virtual void handleAllocateResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/client.h:225
Processes a successful Allocate response; extracts mapped/relayed addresses and advances the state to Authorizing, then sends CreatePermission.
Parameters
responseAllocate success response from the server.
{#handleallocateerrorresponse}
handleAllocateErrorResponse
virtual
virtual void handleAllocateErrorResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/client.h:230
Handles an Allocate error response; manages the 401 challenge/re-send flow and sets the client to Failed for unrecoverable errors.
Parameters
responseAllocate error response from the server.
{#handlecreatepermissionresponse}
handleCreatePermissionResponse
virtual
virtual void handleCreatePermissionResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/client.h:235
Handles a successful CreatePermission response; flushes queued Send Indications and advances state to Success.
Parameters
responseCreatePermission success response from the server.
{#handlecreatepermissionerrorresponse}
handleCreatePermissionErrorResponse
virtual
virtual void handleCreatePermissionErrorResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/client.h:240
Handles a failed CreatePermission response; clears all permissions and sets the client to Failed.
Parameters
responseCreatePermission error response from the server.
{#handlerefreshresponse}
handleRefreshResponse
virtual
virtual void handleRefreshResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/client.h:244
Handles a Refresh response; updates the stored lifetime.
Parameters
responseRefresh response from the server.
{#handledataindication}
handleDataIndication
virtual
virtual void handleDataIndication(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/client.h:249
Handles an incoming Data Indication; extracts peer address and data and forwards to ClientObserver::onRelayDataReceived().
Parameters
responseData Indication message from the server.
{#transportprotocol}
transportProtocol
virtual
virtual int transportProtocol()
Defined in src/turn/include/icy/turn/client/client.h:253
Returns
The IANA protocol number for the underlying transport (kProtocolUDP or kProtocolTCP).
Reimplemented by
{#createtransaction}
createTransaction
virtual
virtual stun::Transaction::Ptr createTransaction(const net::Socket::Ptr & socket = nullptr)
Defined in src/turn/include/icy/turn/client/client.h:259
Creates a new STUN transaction, registers the progress callback, and adds it to the active transaction list.
Parameters
socketOptional override socket; uses the control socket if nullptr.
Returns
IntrusivePtr to the new transaction.
{#authenticaterequest}
authenticateRequest
virtual
virtual void authenticateRequest(stun::Message & request)
Defined in src/turn/include/icy/turn/client/client.h:264
Adds STUN long-term credential attributes (Username, Realm, Nonce, MessageIntegrity) to request if the realm has been received from the server.
Parameters
requestMessage to decorate with authentication attributes.
{#sendauthenticatedtransaction}
sendAuthenticatedTransaction
virtual
virtual bool sendAuthenticatedTransaction(stun::Transaction * transaction)
Defined in src/turn/include/icy/turn/client/client.h:269
Calls authenticateRequest() then sends the transaction.
Parameters
transactionTransaction whose request to authenticate and send.
Returns
true if the send succeeded.
{#removetransaction}
removeTransaction
virtual
virtual stun::Transaction::Ptr removeTransaction(stun::Transaction * transaction)
Defined in src/turn/include/icy/turn/client/client.h:275
Removes a transaction from the active list. The IntrusivePtr keeps the object alive until the caller's copy is released.
Parameters
transactionTransaction to remove.
Returns
The removed Ptr, or nullptr if not found.
{#mappedaddress}
mappedAddress
const nodiscard
[[nodiscard]] net::Address mappedAddress() const
Defined in src/turn/include/icy/turn/client/client.h:278
Returns
The server-reflexive (mapped) address assigned by the TURN server.
{#relayedaddress}
relayedAddress
virtual const nodiscard override
[[nodiscard]] virtual net::Address relayedAddress() const override
Defined in src/turn/include/icy/turn/client/client.h:281
Returns
The relayed transport address assigned by the TURN server.
Reimplements
{#closed-5}
closed
const nodiscard
[[nodiscard]] bool closed() const
Defined in src/turn/include/icy/turn/client/client.h:284
Returns
true when the client is in the None or Failed state.
{#observer-1}
observer
ClientObserver & observer()
Defined in src/turn/include/icy/turn/client/client.h:287
Returns
Reference to the observer provided at construction.
{#options-8}
options
const nodiscard
[[nodiscard]] const Options & options() const
Defined in src/turn/include/icy/turn/client/client.h:290
Returns
Reference to the immutable options struct.
{#addpermission-2}
addPermission
virtual
virtual void addPermission(const net::Address & address)
Defined in src/turn/include/icy/turn/client/client.h:154
Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only.
Reimplements
{#haspermission}
hasPermission
virtual nodiscard
[[nodiscard]] virtual bool hasPermission(const std::string & peerIP)
Defined in src/turn/include/icy/turn/client/client.h:155
Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted.
Parameters
peerIPIPv4 address string to check.
Returns
true if a valid (non-expired) permission exists.
Reimplements
{#haspermission-1}
hasPermission
virtual nodiscard
[[nodiscard]] virtual bool hasPermission(const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/client.h:155
Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only.
Reimplements
{#removepermission}
removePermission
virtual
virtual void removePermission(const std::string & ip)
Defined in src/turn/include/icy/turn/client/client.h:156
Removes the permission for ip if present.
Parameters
ipIPv4 address string to remove.
Reimplements
{#removepermission-1}
removePermission
virtual
virtual void removePermission(const net::Address & address)
Defined in src/turn/include/icy/turn/client/client.h:156
Removes the permission for address if present. The port is ignored; TURN permissions are IP-only.
Reimplements
Protected Attributes
| Return | Name | Description |
|---|---|---|
ClientObserver & | _observer | |
Options | _options | |
net::SocketEmitter | _socket | |
Timer | _timer | |
icy::Error | _error | |
net::Address | _mappedAddress | |
net::Address | _relayedAddress | |
std::string | _realm | |
std::string | _nonce | |
std::deque< stun::Message > | _pendingIndications | A list of queued Send indication packets awaiting server permissions. |
std::vector< stun::Transaction::Ptr > | _transactions | A list containing currently active transactions. |
{#_observer-1}
_observer
ClientObserver & _observer
Defined in src/turn/include/icy/turn/client/client.h:324
{#_options-3}
_options
Options _options
Defined in src/turn/include/icy/turn/client/client.h:325
{#_socket-3}
_socket
net::SocketEmitter _socket
Defined in src/turn/include/icy/turn/client/client.h:326
{#_timer-1}
_timer
Timer _timer
Defined in src/turn/include/icy/turn/client/client.h:327
{#_error-5}
_error
icy::Error _error
Defined in src/turn/include/icy/turn/client/client.h:328
{#_mappedaddress}
_mappedAddress
net::Address _mappedAddress
Defined in src/turn/include/icy/turn/client/client.h:329
{#_relayedaddress}
_relayedAddress
net::Address _relayedAddress
Defined in src/turn/include/icy/turn/client/client.h:330
{#_realm}
_realm
std::string _realm
Defined in src/turn/include/icy/turn/client/client.h:332
{#_nonce}
_nonce
std::string _nonce
Defined in src/turn/include/icy/turn/client/client.h:333
{#_pendingindications}
_pendingIndications
std::deque< stun::Message > _pendingIndications
Defined in src/turn/include/icy/turn/client/client.h:336
A list of queued Send indication packets awaiting server permissions.
{#_transactions}
_transactions
std::vector< stun::Transaction::Ptr > _transactions
Defined in src/turn/include/icy/turn/client/client.h:339
A list containing currently active transactions.
Protected Methods
| Return | Name | Description |
|---|---|---|
void | setError virtual | Sets the error field and transitions the client to the Failed state. |
bool | onSocketConnect virtual | Socket connect callback; starts the timer and sends the first Allocate request. |
bool | onSocketRecv virtual | Socket receive callback; parses STUN messages from the buffer and dispatches them. |
bool | onSocketClose virtual | Socket close callback; shuts down the client and records the socket error. |
void | onTransactionProgress virtual | STUN transaction state-change callback; handles Success and Failed outcomes. |
void | onStateChange override | Forwards state-change events to the observer. |
void | onTimer virtual | Periodic timer callback; re-allocates on expiry or refreshes when lifetime is below one-third remaining. Also calls ClientObserver::onTimer(). |
{#seterror-5}
setError
virtual
virtual void setError(const icy::Error & error)
Defined in src/turn/include/icy/turn/client/client.h:295
Sets the error field and transitions the client to the Failed state.
Parameters
errorError descriptor.
{#onsocketconnect-5}
onSocketConnect
virtual
virtual bool onSocketConnect(net::Socket & socket)
Defined in src/turn/include/icy/turn/client/client.h:299
Socket connect callback; starts the timer and sends the first Allocate request.
Parameters
socketThe connected socket.
{#onsocketrecv-7}
onSocketRecv
virtual
virtual bool onSocketRecv(net::Socket & socket, const MutableBuffer & buffer, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/client.h:305
Socket receive callback; parses STUN messages from the buffer and dispatches them.
Parameters
-
socketThe receiving socket. -
bufferReceived data. -
peerAddressSource address of the received data.
{#onsocketclose-5}
onSocketClose
virtual
virtual bool onSocketClose(net::Socket & socket)
Defined in src/turn/include/icy/turn/client/client.h:309
Socket close callback; shuts down the client and records the socket error.
Parameters
socketThe closed socket.
{#ontransactionprogress}
onTransactionProgress
virtual
virtual void onTransactionProgress(void * sender, TransactionState & state, const TransactionState &)
Defined in src/turn/include/icy/turn/client/client.h:314
STUN transaction state-change callback; handles Success and Failed outcomes.
Parameters
-
senderPointer to the stun::Transaction that changed state. -
stateThe new transaction state.
{#onstatechange-1}
onStateChange
override
void onStateChange(ClientState & state, const ClientState & oldState) override
Defined in src/turn/include/icy/turn/client/client.h:317
Forwards state-change events to the observer.
{#ontimer-1}
onTimer
virtual
virtual void onTimer()
Defined in src/turn/include/icy/turn/client/client.h:321
Periodic timer callback; re-allocates on expiry or refreshes when lifetime is below one-third remaining. Also calls ClientObserver::onTimer().
{#options-9}
Options
#include <icy/turn/client/client.h>
struct Options
Defined in src/turn/include/icy/turn/client/client.h:129
Configuration options for the TURN client.
List of all members
| Name | Kind | Owner |
|---|---|---|
software | variable | Declared here |
username | variable | Declared here |
password | variable | Declared here |
timeout | variable | Declared here |
lifetime | variable | Declared here |
timerInterval | variable | Declared here |
serverAddr | variable | Declared here |
Options | function | Declared here |
Public Attributes
| Return | Name | Description |
|---|---|---|
std::string | software | |
std::string | username | |
std::string | password | |
long | timeout | |
std::int64_t | lifetime | |
std::int64_t | timerInterval | |
net::Address | serverAddr |
{#software}
software
std::string software
Defined in src/turn/include/icy/turn/client/client.h:131
{#username-2}
username
std::string username
Defined in src/turn/include/icy/turn/client/client.h:132
{#password-2}
password
std::string password
Defined in src/turn/include/icy/turn/client/client.h:134
{#timeout-1}
timeout
long timeout
Defined in src/turn/include/icy/turn/client/client.h:136
{#lifetime}
lifetime
std::int64_t lifetime
Defined in src/turn/include/icy/turn/client/client.h:137
{#timerinterval}
timerInterval
std::int64_t timerInterval
Defined in src/turn/include/icy/turn/client/client.h:138
{#serveraddr}
serverAddr
net::Address serverAddr
Defined in src/turn/include/icy/turn/client/client.h:139
Public Methods
| Return | Name | Description |
|---|---|---|
Options inline |
{#options-10}
Options
inline
inline Options()
Defined in src/turn/include/icy/turn/client/client.h:140
{#fivetuple}
FiveTuple
#include <icy/turn/fivetuple.h>
class FiveTuple
Defined in src/turn/include/icy/turn/fivetuple.h:69
TURN allocation identity tuple: client remote address, server local address, and transport protocol.
The TURN 5-tuple consists of a local address, a remote address, and the transport protocol used by the client to communicate with the server.
+---------+
| |
| External|
/ | Client |
// | |
/ | |
// +---------+
/
//
+-+ /
| | /
| | //
+---------+ | | +---------+ / +---------+
| | |N| | | // | |
| TURN | | | | |/ | External|
| Client |----|A|----------| TURN |------------------| Client |
| | | |^ ^| Server |^ ^| |
| | |T|| || || || |
+---------+ | || |+---------+| |+---------+
^ | || | | |
| | || | | |
| +-+| | | |
| | | | |
|
Internal Internal External External
Client Remote Local Local Remote
Performing Transport Transport Transport Transport
Allocations Address Address Address Address
| | | |
+-----+----+ +--------+-------+
| |
| |
Internal External
5-Tuple 5-tuple
List of all members
| Name | Kind | Owner |
|---|---|---|
operator<< | friend | Declared here |
FiveTuple | function | Declared here |
FiveTuple | function | Declared here |
FiveTuple | function | Declared here |
remote | function | Declared here |
local | function | Declared here |
transport | function | Declared here |
remote | function | Declared here |
local | function | Declared here |
transport | function | Declared here |
operator== | function | Declared here |
operator< | function | Declared here |
toString | function | Declared here |
_remote | variable | Declared here |
_local | variable | Declared here |
_transport | variable | Declared here |
Friends
| Name | Description |
|---|---|
operator<< inline |
{#operator-25}
operator<<
inline
friend inline std::ostream & operator<<(std::ostream & stream, const FiveTuple & tuple)
Defined in src/turn/include/icy/turn/fivetuple.h:118
Public Methods
| Return | Name | Description |
|---|---|---|
FiveTuple | Constructs a default FiveTuple with empty addresses and UDP transport. | |
FiveTuple | Constructs a FiveTuple from explicit addresses and transport. | |
FiveTuple | Copy constructor. | |
const net::Address & | remote const inline nodiscard | |
const net::Address & | local const inline nodiscard | |
const net::TransportType & | transport const inline nodiscard | |
void | remote inline | Sets the remote address. |
void | local inline | Sets the local address. |
void | transport inline | Sets the transport protocol. |
bool | operator== const | Equality comparison; all three components must match. |
bool | operator< const | Less-than ordering based on remote then local port; used as std::map key. |
std::string | toString const nodiscard |
{#fivetuple-1}
FiveTuple
FiveTuple()
Defined in src/turn/include/icy/turn/fivetuple.h:73
Constructs a default FiveTuple with empty addresses and UDP transport.
{#fivetuple-2}
FiveTuple
FiveTuple(const net::Address & remote, const net::Address & local, net::TransportType transport)
Defined in src/turn/include/icy/turn/fivetuple.h:79
Constructs a FiveTuple from explicit addresses and transport.
Parameters
-
remoteClient's remote transport address (as seen by the server). -
localServer's local transport address.
{#fivetuple-3}
FiveTuple
FiveTuple(const FiveTuple & r)
Defined in src/turn/include/icy/turn/fivetuple.h:83
Copy constructor.
{#remote-2}
remote
const inline nodiscard
[[nodiscard]] inline const net::Address & remote() const
Defined in src/turn/include/icy/turn/fivetuple.h:86
Returns
The remote (client-side) transport address.
{#local-2}
local
const inline nodiscard
[[nodiscard]] inline const net::Address & local() const
Defined in src/turn/include/icy/turn/fivetuple.h:89
Returns
The local (server-side) transport address.
{#transport-4}
transport
const inline nodiscard
[[nodiscard]] inline const net::TransportType & transport() const
Defined in src/turn/include/icy/turn/fivetuple.h:92
Returns
The transport protocol for this tuple.
{#remote-3}
remote
inline
inline void remote(const net::Address & remote)
Defined in src/turn/include/icy/turn/fivetuple.h:96
Sets the remote address.
Parameters
remoteNew remote address.
{#local-3}
local
inline
inline void local(const net::Address & local)
Defined in src/turn/include/icy/turn/fivetuple.h:100
Sets the local address.
Parameters
localNew local address.
{#transport-5}
transport
inline
inline void transport(const net::TransportType & transport)
Defined in src/turn/include/icy/turn/fivetuple.h:104
Sets the transport protocol.
Parameters
transportNew transport type.
{#operator-26}
operator==
const
bool operator==(const FiveTuple & r) const
Defined in src/turn/include/icy/turn/fivetuple.h:110
Equality comparison; all three components must match.
{#operator-27}
operator<
const
bool operator<(const FiveTuple & r) const
Defined in src/turn/include/icy/turn/fivetuple.h:113
Less-than ordering based on remote then local port; used as std::map key.
{#tostring-7}
toString
const nodiscard
[[nodiscard]] std::string toString() const
Defined in src/turn/include/icy/turn/fivetuple.h:116
Returns
A human-readable string of the form "FiveTuple[remote:local:transport]".
Private Attributes
| Return | Name | Description |
|---|---|---|
net::Address | _remote | |
net::Address | _local | |
net::TransportType | _transport |
{#_remote-1}
_remote
net::Address _remote
Defined in src/turn/include/icy/turn/fivetuple.h:126
{#_local-1}
_local
net::Address _local
Defined in src/turn/include/icy/turn/fivetuple.h:127
{#_transport}
_transport
net::TransportType _transport
Defined in src/turn/include/icy/turn/fivetuple.h:128
{#iallocation}
IAllocation
#include <icy/turn/iallocation.h>
class IAllocation
Defined in src/turn/include/icy/turn/iallocation.h:75
Subclassed by:
Client,ServerAllocation
Base class for TURN relay allocations shared by client and server flows.
All TURN operations revolve around allocations, and all TURN messages are associated with an allocation. An allocation conceptually consists of:
-
the relayed transport address;
-
the 5-tuple: client's IP address, client's port, server IP address, server port, and transport protocol;
-
the authentication information;
-
the time-to-expiry;
-
a list of permissions;
-
a list of channel-to-peer bindings.
The relayed transport address is the transport address allocated by the server for communicating with peers, while the 5-tuple describes the communication path between the client and the server. On the client, the 5-tuple uses the client's host transport address; on the server, the 5-tuple uses the client's server-reflexive transport address.
Both the relayed transport address and the 5-tuple must be unique across all allocations, so either one can be used to uniquely identify the allocation.
The authentication information, such as username, password, realm, and nonce, is used to verify subsequent requests and compute the message integrity of responses. The username, realm, and nonce values are initially those used in the authenticated Allocate request that creates the allocation, though the server can change the nonce during the allocation lifetime using a 438 (Stale Nonce) reply. Rather than storing the password explicitly, a server may prefer to store the key value, which is an MD5 hash over the username, realm, and password as described by RFC 5389.
The time-to-expiry is the time left until the allocation expires. Each Allocate or Refresh transaction resets this timer, which then ticks down toward zero. By default, each Allocate or Refresh resets the lifetime to 600 seconds (10 minutes), but the client can request a different value in the Allocate and Refresh requests. Allocations can only be refreshed using Refresh; sending data to a peer does not refresh an allocation. When an allocation expires, the state data associated with it can be freed.
List of all members
| Name | Kind | Owner |
|---|---|---|
operator<< | friend | Declared here |
IAllocation | function | Declared here |
IAllocation | function | Declared here |
IAllocation | function | Declared here |
updateUsage | function | Declared here |
setLifetime | function | Declared here |
setBandwidthLimit | function | Declared here |
expired | function | Declared here |
deleted | function | Declared here |
bandwidthLimit | function | Declared here |
bandwidthUsed | function | Declared here |
bandwidthRemaining | function | Declared here |
timeRemaining | function | Declared here |
tuple | function | Declared here |
username | function | Declared here |
lifetime | function | Declared here |
permissions | function | Declared here |
relayedAddress | function | Declared here |
addPermission | function | Declared here |
addPermission | function | Declared here |
addPermissions | function | Declared here |
removePermission | function | Declared here |
removePermission | function | Declared here |
removeAllPermissions | function | Declared here |
removeExpiredPermissions | function | Declared here |
hasPermission | function | Declared here |
hasPermission | function | Declared here |
print | function | Declared here |
_tuple | variable | Declared here |
_username | variable | Declared here |
_permissions | variable | Declared here |
_lifetime | variable | Declared here |
_bandwidthLimit | variable | Declared here |
_bandwidthUsed | variable | Declared here |
_createdAt | variable | Declared here |
_updatedAt | variable | Declared here |
_deleted | variable | Declared here |
Friends
| Name | Description |
|---|---|
operator<< inline |
{#operator-28}
operator<<
inline
friend inline std::ostream & operator<<(std::ostream & stream, const IAllocation & alloc)
Defined in src/turn/include/icy/turn/iallocation.h:187
Public Methods
| Return | Name | Description |
|---|---|---|
IAllocation | ||
IAllocation | Deleted constructor. | |
IAllocation | Deleted constructor. | |
void | updateUsage virtual | Updates the last-activity timestamp and accumulates bandwidth usage. Call this whenever data is relayed through the allocation. |
void | setLifetime virtual | Sets the allocation lifetime in seconds and resets the activity timestamp, effectively extending the expiry from the current moment. |
void | setBandwidthLimit virtual | Sets the maximum number of bytes this allocation may relay in its lifetime. Pass 0 to disable bandwidth limiting. |
bool | expired virtual const nodiscard | |
bool | deleted virtual const nodiscard | Returns true if the allocation's deleted flag is set and or if the allocation has expired. |
std::int64_t | bandwidthLimit virtual const nodiscard | |
std::int64_t | bandwidthUsed virtual const nodiscard | |
std::int64_t | bandwidthRemaining virtual const nodiscard | |
std::int64_t | timeRemaining virtual const nodiscard | |
FiveTuple & | tuple virtual | |
std::string | username virtual const nodiscard | |
std::int64_t | lifetime virtual const nodiscard | |
PermissionList | permissions virtual const nodiscard | |
net::Address | relayedAddress virtual const nodiscard | |
void | addPermission virtual | Adds a permission for ip, or refreshes the existing one. |
void | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
void | addPermissions virtual | Adds (or refreshes) permissions for multiple IPs. |
void | removePermission virtual | Removes the permission for ip if present. |
void | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
void | removeAllPermissions virtual | Removes all permissions from the list. |
void | removeExpiredPermissions virtual | Removes any permissions whose 5-minute lifetime has elapsed. |
bool | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
bool | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
void | print virtual const inline |
{#iallocation-1}
IAllocation
IAllocation(const FiveTuple & tuple = FiveTuple(), const std::string & username = "", std::int64_t lifetime = kDefaultAllocationLifetime)
Defined in src/turn/include/icy/turn/iallocation.h:81
Parameters
-
tupleThe 5-tuple identifying this allocation. -
usernameAuthenticated username associated with this allocation. -
lifetimeInitial lifetime in seconds.
{#iallocation-2}
IAllocation
IAllocation(const IAllocation &) = delete
Defined in src/turn/include/icy/turn/iallocation.h:86
Deleted constructor.
{#iallocation-3}
IAllocation
IAllocation(IAllocation &&) = delete
Defined in src/turn/include/icy/turn/iallocation.h:88
Deleted constructor.
{#updateusage}
updateUsage
virtual
virtual void updateUsage(std::int64_t numBytes = 0)
Defined in src/turn/include/icy/turn/iallocation.h:94
Updates the last-activity timestamp and accumulates bandwidth usage. Call this whenever data is relayed through the allocation.
Parameters
numBytesNumber of bytes relayed (0 just refreshes the timestamp).
{#setlifetime}
setLifetime
virtual
virtual void setLifetime(std::int64_t lifetime)
Defined in src/turn/include/icy/turn/iallocation.h:99
Sets the allocation lifetime in seconds and resets the activity timestamp, effectively extending the expiry from the current moment.
Parameters
lifetimeNew lifetime in seconds.
{#setbandwidthlimit}
setBandwidthLimit
virtual
virtual void setBandwidthLimit(std::int64_t numBytes)
Defined in src/turn/include/icy/turn/iallocation.h:104
Sets the maximum number of bytes this allocation may relay in its lifetime. Pass 0 to disable bandwidth limiting.
Parameters
numBytesBandwidth cap in bytes (0 = unlimited).
{#expired}
expired
virtual const nodiscard
[[nodiscard]] virtual bool expired() const
Defined in src/turn/include/icy/turn/iallocation.h:108
Returns
true if the allocation's lifetime has elapsed or the bandwidth quota has been exhausted.
{#deleted-1}
deleted
virtual const nodiscard
[[nodiscard]] virtual bool deleted() const
Defined in src/turn/include/icy/turn/iallocation.h:116
Returns true if the allocation's deleted flag is set and or if the allocation has expired.
This signifies that the allocation is ready to be destroyed via async garbage collection. See Server::onTimer() and Client::onTimer()
{#bandwidthlimit}
bandwidthLimit
virtual const nodiscard
[[nodiscard]] virtual std::int64_t bandwidthLimit() const
Defined in src/turn/include/icy/turn/iallocation.h:119
Returns
The configured bandwidth limit in bytes (0 means unlimited).
{#bandwidthused}
bandwidthUsed
virtual const nodiscard
[[nodiscard]] virtual std::int64_t bandwidthUsed() const
Defined in src/turn/include/icy/turn/iallocation.h:122
Returns
Total bytes transferred through this allocation since creation.
{#bandwidthremaining}
bandwidthRemaining
virtual const nodiscard
[[nodiscard]] virtual std::int64_t bandwidthRemaining() const
Defined in src/turn/include/icy/turn/iallocation.h:126
Returns
Bytes remaining before the bandwidth quota is exhausted. Returns a large sentinel value when no limit is configured.
{#timeremaining}
timeRemaining
virtual const nodiscard
[[nodiscard]] virtual std::int64_t timeRemaining() const
Defined in src/turn/include/icy/turn/iallocation.h:129
Returns
Seconds until the allocation expires (0 if already expired).
Reimplemented by
{#tuple}
tuple
virtual
virtual FiveTuple & tuple()
Defined in src/turn/include/icy/turn/iallocation.h:132
Returns
Reference to the 5-tuple identifying this allocation.
{#username-3}
username
virtual const nodiscard
[[nodiscard]] virtual std::string username() const
Defined in src/turn/include/icy/turn/iallocation.h:135
Returns
The username associated with this allocation.
{#lifetime-1}
lifetime
virtual const nodiscard
[[nodiscard]] virtual std::int64_t lifetime() const
Defined in src/turn/include/icy/turn/iallocation.h:138
Returns
The configured lifetime in seconds.
{#permissions}
permissions
virtual const nodiscard
[[nodiscard]] virtual PermissionList permissions() const
Defined in src/turn/include/icy/turn/iallocation.h:141
Returns
A copy of the current permission list.
{#relayedaddress-1}
relayedAddress
virtual const nodiscard
[[nodiscard]] virtual net::Address relayedAddress() const
Defined in src/turn/include/icy/turn/iallocation.h:144
Returns
The relay transport address assigned to this allocation.
Reimplemented by
{#addpermission-3}
addPermission
virtual
virtual void addPermission(const std::string & ip)
Defined in src/turn/include/icy/turn/iallocation.h:148
Adds a permission for ip, or refreshes the existing one.
Parameters
ipIPv4 address string to permit.
Reimplemented by
{#addpermission-4}
addPermission
virtual
virtual void addPermission(const net::Address & address)
Defined in src/turn/include/icy/turn/iallocation.h:152
Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only.
Reimplemented by
{#addpermissions}
addPermissions
virtual
virtual void addPermissions(const IPList & ips)
Defined in src/turn/include/icy/turn/iallocation.h:156
Adds (or refreshes) permissions for multiple IPs.
Parameters
ipsList of IPv4 address strings.
{#removepermission-2}
removePermission
virtual
virtual void removePermission(const std::string & ip)
Defined in src/turn/include/icy/turn/iallocation.h:160
Removes the permission for ip if present.
Parameters
ipIPv4 address string to remove.
Reimplemented by
{#removepermission-3}
removePermission
virtual
virtual void removePermission(const net::Address & address)
Defined in src/turn/include/icy/turn/iallocation.h:164
Removes the permission for address if present. The port is ignored; TURN permissions are IP-only.
Reimplemented by
{#removeallpermissions}
removeAllPermissions
virtual
virtual void removeAllPermissions()
Defined in src/turn/include/icy/turn/iallocation.h:167
Removes all permissions from the list.
{#removeexpiredpermissions}
removeExpiredPermissions
virtual
virtual void removeExpiredPermissions()
Defined in src/turn/include/icy/turn/iallocation.h:170
Removes any permissions whose 5-minute lifetime has elapsed.
{#haspermission-2}
hasPermission
virtual nodiscard
[[nodiscard]] virtual bool hasPermission(const std::string & peerIP)
Defined in src/turn/include/icy/turn/iallocation.h:176
Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted.
Parameters
peerIPIPv4 address string to check.
Returns
true if a valid (non-expired) permission exists.
Reimplemented by
{#haspermission-3}
hasPermission
virtual nodiscard
[[nodiscard]] virtual bool hasPermission(const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/iallocation.h:180
Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only.
Reimplemented by
{#print-11}
virtual const inline
virtual inline void print(std::ostream & os) const
Defined in src/turn/include/icy/turn/iallocation.h:182
Reimplemented by
Protected Attributes
| Return | Name | Description |
|---|---|---|
FiveTuple | _tuple | |
std::string | _username | |
PermissionList | _permissions | |
std::int64_t | _lifetime | |
std::int64_t | _bandwidthLimit | |
std::int64_t | _bandwidthUsed | |
time_t | _createdAt | |
time_t | _updatedAt | |
bool | _deleted |
{#_tuple}
_tuple
FiveTuple _tuple
Defined in src/turn/include/icy/turn/iallocation.h:195
{#_username-2}
_username
std::string _username
Defined in src/turn/include/icy/turn/iallocation.h:196
{#_permissions}
_permissions
PermissionList _permissions
Defined in src/turn/include/icy/turn/iallocation.h:197
{#_lifetime}
_lifetime
std::int64_t _lifetime
Defined in src/turn/include/icy/turn/iallocation.h:198
{#_bandwidthlimit}
_bandwidthLimit
std::int64_t _bandwidthLimit
Defined in src/turn/include/icy/turn/iallocation.h:199
{#_bandwidthused}
_bandwidthUsed
std::int64_t _bandwidthUsed
Defined in src/turn/include/icy/turn/iallocation.h:200
{#_createdat}
_createdAt
time_t _createdAt
Defined in src/turn/include/icy/turn/iallocation.h:201
{#_updatedat}
_updatedAt
time_t _updatedAt
Defined in src/turn/include/icy/turn/iallocation.h:202
{#_deleted}
_deleted
bool _deleted
Defined in src/turn/include/icy/turn/iallocation.h:203
{#permissionpolicy}
PermissionPolicy
#include <icy/turn/server/permissionpolicy.h>
class PermissionPolicy
Defined in src/turn/include/icy/turn/server/permissionpolicy.h:25
Lightweight server-side TURN permission policy.
Keeps the explicit permission list fast and binary, while making server exceptions such as local-IP auto-grants explicit and auditable.
List of all members
| Name | Kind | Owner |
|---|---|---|
PermissionPolicy | function | Declared here |
allowsExplicit | function | Declared here |
allowsImplicit | function | Declared here |
allows | function | Declared here |
_enableLocalIPPermissions | variable | Declared here |
isLocalAutoGrantAddress | function | Declared here |
Public Methods
| Return | Name | Description |
|---|---|---|
PermissionPolicy inline explicit noexcept | ||
bool | allowsExplicit const nodiscard noexcept | |
bool | allowsImplicit const nodiscard noexcept | |
bool | allows const nodiscard noexcept |
{#permissionpolicy-1}
PermissionPolicy
inline explicit noexcept
inline explicit PermissionPolicy(bool enableLocalIPPermissions = false) noexcept
Defined in src/turn/include/icy/turn/server/permissionpolicy.h:28
{#allowsexplicit}
allowsExplicit
const nodiscard noexcept
[[nodiscard]] bool allowsExplicit(const PermissionList & permissions, const Permission::Key & peerKey) const noexcept
Defined in src/turn/include/icy/turn/server/permissionpolicy.h:33
{#allowsimplicit}
allowsImplicit
const nodiscard noexcept
[[nodiscard]] bool allowsImplicit(const Permission::Key & peerKey) const noexcept
Defined in src/turn/include/icy/turn/server/permissionpolicy.h:35
{#allows}
allows
const nodiscard noexcept
[[nodiscard]] bool allows(const PermissionList & permissions, const Permission::Key & peerKey) const noexcept
Defined in src/turn/include/icy/turn/server/permissionpolicy.h:36
Private Attributes
| Return | Name | Description |
|---|---|---|
bool | _enableLocalIPPermissions |
{#_enablelocalippermissions}
_enableLocalIPPermissions
bool _enableLocalIPPermissions = false
Defined in src/turn/include/icy/turn/server/permissionpolicy.h:42
Private Static Methods
| Return | Name | Description |
|---|---|---|
bool | isLocalAutoGrantAddress static nodiscard noexcept |
{#islocalautograntaddress}
isLocalAutoGrantAddress
static nodiscard noexcept
[[nodiscard]] static bool isLocalAutoGrantAddress(const Permission::Key & peerKey) noexcept
Defined in src/turn/include/icy/turn/server/permissionpolicy.h:40
{#request-12}
Request
#include <icy/turn/types.h>
class Request
Defined in src/turn/include/icy/turn/types.h:61
Inherits:
Message
A STUN message annotated with the transport type and source/destination addresses needed for server-side routing and response generation.
List of all members
| Name | Kind | Owner |
|---|---|---|
transport | variable | Declared here |
localAddress | variable | Declared here |
remoteAddress | variable | Declared here |
hash | variable | Declared here |
Request | function | Declared here |
Message | function | Inherited from Message |
Message | function | Inherited from Message |
Message | function | Inherited from Message |
Message | function | Inherited from Message |
operator= | function | Inherited from Message |
operator= | function | Inherited from Message |
clone | function | Inherited from Message |
setClass | function | Inherited from Message |
setMethod | function | Inherited from Message |
setTransactionID | function | Inherited from Message |
classType | function | Inherited from Message |
methodType | function | Inherited from Message |
transactionID | function | Inherited from Message |
size | function | Inherited from Message |
methodString | function | Inherited from Message |
classString | function | Inherited from Message |
errorString | function | Inherited from Message |
add | function | Inherited from Message |
add | function | Inherited from Message |
get | function | Inherited from Message |
get | function | Inherited from Message |
read | function | Inherited from Message |
write | function | Inherited from Message |
toString | function | Inherited from Message |
print | function | Inherited from Message |
className | function | Inherited from Message |
_class | variable | Inherited from Message |
_method | variable | Inherited from Message |
_size | variable | Inherited from Message |
_transactionID | variable | Inherited from Message |
_attrs | variable | Inherited from Message |
MethodType | enum | Inherited from Message |
ClassType | enum | Inherited from Message |
ErrorCodes | enum | Inherited from Message |
computeBodySize | function | Inherited from Message |
opaque | variable | Inherited from IPacket |
info | variable | Inherited from IPacket |
flags | variable | Inherited from IPacket |
IPacket | function | Inherited from IPacket |
IPacket | function | Inherited from IPacket |
operator= | function | Inherited from IPacket |
clone | function | Inherited from IPacket |
~IPacket | function | Inherited from IPacket |
read | function | Inherited from IPacket |
write | function | Inherited from IPacket |
size | function | Inherited from IPacket |
hasData | function | Inherited from IPacket |
data | function | Inherited from IPacket |
constData | function | Inherited from IPacket |
className | function | Inherited from IPacket |
print | function | Inherited from IPacket |
operator<< | friend | Inherited from IPacket |
Inherited from Message
| Kind | Name | Description |
|---|---|---|
function | Message | Constructs a default message (Request class, Undefined method) with a randomly generated 12-byte transaction ID. |
function | Message | Constructs a message with explicit class and method. |
function | Message | Deep-copy constructor; clones all attributes. |
function | Message noexcept | Move constructor. |
function | operator= | Deep-copy assignment; clones all attributes from that. |
function | operator= noexcept | Move assignment. |
function | clone virtual const override | |
function | setClass | Sets the message class field. |
function | setMethod | Sets the message method field. |
function | setTransactionID | Sets the 12-byte transaction ID. |
function | classType const nodiscard | |
function | methodType const nodiscard | |
function | transactionID const inline nodiscard | |
function | size virtual const inline nodiscard override | |
function | methodString const nodiscard | |
function | classString const nodiscard | |
function | errorString const nodiscard | Maps a numeric error code to its canonical string description. |
function | add inline | Constructs an attribute of type T in-place and appends it to the message. Returns a reference to the new attribute for further configuration. |
function | add | Appends an attribute to the message, taking ownership via unique_ptr. |
function | get const nodiscard | Returns the Nth attribute of the given type, or nullptr if not found. |
function | get const inline nodiscard | Type-safe attribute accessor using the concrete attribute's TypeID. |
function | read virtual override | Parses a STUN/TURN packet from the given buffer. |
function | write virtual const override | Serialises this message into a STUN/TURN wire-format packet. |
function | toString const nodiscard | |
function | print virtual const override | Writes the same representation as toString() to the given stream. |
function | className virtual const inline override | Returns the class name of this packet type for logging and diagnostics. |
variable | _class | |
variable | _method | |
variable | _size | Set by read(); write() uses computeBodySize() instead. |
variable | _transactionID | |
variable | _attrs | |
enum | MethodType | |
enum | ClassType | |
enum | ErrorCodes | |
function | computeBodySize const nodiscard | Computes the wire body size from the current attribute list. |
Inherited from IPacket
| Kind | Name | Description |
|---|---|---|
variable | opaque | Optional type-safe context data. Use std::any_cast to retrieve. Lifetime of the stored value is tied to the packet's lifetime. |
variable | info | Optional extra information about the packet. |
variable | flags | Provides basic information about the packet. |
function | IPacket inline | |
function | IPacket inline | Copy constructor; clones the info object if present. |
function | operator= inline | Copy assignment; clones the info object if present. |
function | clone virtual const | Returns a heap-allocated deep copy of this packet. |
function | ~IPacket virtual | Defaulted destructor. |
function | read virtual | Read/parse to the packet from the given input buffer. The number of bytes read is returned. |
function | write virtual const | Copy/generate to the packet given output buffer. The number of bytes written can be obtained from the buffer. |
function | size virtual const inline | The size of the packet in bytes. |
function | hasData virtual const inline | Returns true if the packet has a non-null data pointer. |
function | data virtual const inline | The packet data pointer for buffered packets. |
function | constData virtual const inline | The const packet data pointer for buffered packets. |
function | className virtual const | Returns the class name of this packet type for logging and diagnostics. |
function | print virtual const inline | Prints a human-readable representation to the given stream. |
friend | operator<< inline | Stream insertion operator; delegates to print(). |
Public Attributes
| Return | Name | Description |
|---|---|---|
net::TransportType | transport | Protocol on which the request arrived (UDP or TCP). |
net::Address | localAddress | Server's local address that received the request. |
net::Address | remoteAddress | Client's remote address (used to build the 5-tuple). |
std::string | hash | Pre-computed MessageIntegrity key for signing responses. |
{#transport-6}
transport
net::TransportType transport
Defined in src/turn/include/icy/turn/types.h:64
Protocol on which the request arrived (UDP or TCP).
{#localaddress}
localAddress
net::Address localAddress
Defined in src/turn/include/icy/turn/types.h:65
Server's local address that received the request.
{#remoteaddress}
remoteAddress
net::Address remoteAddress
Defined in src/turn/include/icy/turn/types.h:66
Client's remote address (used to build the 5-tuple).
{#hash}
hash
std::string hash
Defined in src/turn/include/icy/turn/types.h:67
Pre-computed MessageIntegrity key for signing responses.
Public Methods
| Return | Name | Description |
|---|---|---|
Request inline | Constructs a Request by copying a parsed STUN message and annotating it with the transport context. |
{#request-13}
Request
inline
inline Request(const stun::Message & message, net::TransportType transport, const net::Address & localAddress = net::Address(), const net::Address & remoteAddress = net::Address())
Defined in src/turn/include/icy/turn/types.h:75
Constructs a Request by copying a parsed STUN message and annotating it with the transport context.
Parameters
-
messageParsed STUN message. -
transportTransport protocol on which the message arrived. -
localAddressServer-side local address. -
remoteAddressClient-side remote address.
{#server-6}
Server
#include <icy/turn/server/server.h>
class Server
Defined in src/turn/include/icy/turn/server/server.h:126
TURN server RFC 5766 / RFC 6062 implementation. Listens on UDP and/or TCP, authenticates requests via ServerObserver, and manages ServerAllocation objects for each 5-tuple.
List of all members
| Name | Kind | Owner |
|---|---|---|
Server | function | Declared here |
start | function | Declared here |
stop | function | Declared here |
handleRequest | function | Declared here |
handleAuthorizedRequest | function | Declared here |
handleBindingRequest | function | Declared here |
handleAllocateRequest | function | Declared here |
handleConnectionBindRequest | function | Declared here |
respond | function | Declared here |
respondError | function | Declared here |
allocations | function | Declared here |
addAllocation | function | Declared here |
removeAllocation | function | Declared here |
getAllocation | function | Declared here |
getTCPAllocation | function | Declared here |
getTCPSocket | function | Declared here |
releaseTCPSocket | function | Declared here |
observer | function | Declared here |
options | function | Declared here |
udpSocket | function | Declared here |
tcpSocket | function | Declared here |
timer | function | Declared here |
onTCPAcceptConnection | function | Declared here |
onTCPSocketClosed | function | Declared here |
onSocketRecv | function | Declared here |
onTimer | function | Declared here |
scheduleDeferredTCPSocketRelease | function | Declared here |
drainReleasedTCPSockets | function | Declared here |
_mutex | variable | Declared here |
_observer | variable | Declared here |
_options | variable | Declared here |
_udpSocket | variable | Declared here |
_tcpSocket | variable | Declared here |
_tcpSockets | variable | Declared here |
_pendingReleasedTCPSockets | variable | Declared here |
_tcpSocketReleaseScheduled | variable | Declared here |
_allocations | variable | Declared here |
_timer | variable | Declared here |
Public Methods
| Return | Name | Description |
|---|---|---|
Server | ||
void | start virtual | Binds and listens on the configured address, then starts the maintenance timer. |
void | stop virtual | Stops the timer, destroys all allocations, and closes server sockets. |
void | handleRequest | Routes an authenticated request to the appropriate handler based on state. Pending (Authenticating) requests are held until the observer calls back. |
void | handleAuthorizedRequest | Dispatches an already-authorized request to the specific method handler. |
void | handleBindingRequest | Handles a Binding request; responds with XOR-MAPPED-ADDRESS. |
void | handleAllocateRequest | Handles an Allocate request; creates a UDP or TCP ServerAllocation and sends a success response with XOR-RELAYED-ADDRESS and LIFETIME. |
void | handleConnectionBindRequest | Handles a ConnectionBind request by locating the TCPAllocation that owns the given CONNECTION-ID and delegating to it. |
void | respond | Sends a STUN response, signing it with MessageIntegrity if the request had a hash. Routes via UDP or TCP depending on request.transport. |
void | respondError | Constructs and sends an error response with SOFTWARE, REALM, NONCE, and ERROR-CODE. |
std::map< FiveTuple, ServerAllocation * > | allocations const | Returns a snapshot copy of the allocation map for safe iteration. Returned raw pointers are valid only while the server holds the allocations. |
void | addAllocation | Transfers ownership of alloc to the server and notifies the observer. |
void | removeAllocation | Removes alloc from the map and notifies the observer. Called automatically from the ServerAllocation destructor. |
ServerAllocation * | getAllocation nodiscard | Looks up an allocation by its 5-tuple. |
TCPAllocation * | getTCPAllocation nodiscard | Finds the TCPAllocation that owns a TCPConnectionPair with the given connection ID. |
net::TCPSocket::Ptr | getTCPSocket nodiscard | Returns the accepted TCP socket whose peer address matches remoteAddr. |
void | releaseTCPSocket | Removes a TCP control socket from the server's socket list and unregisters callbacks. Called when the socket is handed off to a TCPAllocation (ConnectionBind). |
ServerObserver & | observer | |
const ServerOptions & | options const nodiscard | |
net::UDPSocket & | udpSocket | |
net::TCPSocket & | tcpSocket | |
Timer & | timer | |
void | onTCPAcceptConnection | Accept callback for the TCP listening socket; registers new connections for STUN message processing. |
bool | onTCPSocketClosed | Close callback for accepted TCP sockets; removes the socket from the list. |
bool | onSocketRecv | Receive callback for both UDP and TCP sockets; parses STUN messages and calls handleRequest() for each one. |
void | onTimer | Periodic maintenance callback; expires and removes stale allocations. |
void | scheduleDeferredTCPSocketRelease | Defers accepted TCP socket removal until after the active callback stack unwinds. |
void | drainReleasedTCPSockets |
{#server-7}
Server
Server(ServerObserver & observer, const ServerOptions & options = ServerOptions())
Defined in src/turn/include/icy/turn/server/server.h:131
Parameters
-
observerObserver used for authentication and allocation lifecycle events. -
optionsServer configuration; defaults to 0.0.0.0:3478 with TCP and UDP enabled.
{#start-14}
start
virtual
virtual void start()
Defined in src/turn/include/icy/turn/server/server.h:135
Binds and listens on the configured address, then starts the maintenance timer.
{#stop-11}
stop
virtual
virtual void stop()
Defined in src/turn/include/icy/turn/server/server.h:138
Stops the timer, destroys all allocations, and closes server sockets.
{#handlerequest}
handleRequest
void handleRequest(Request & request, AuthenticationState state)
Defined in src/turn/include/icy/turn/server/server.h:144
Routes an authenticated request to the appropriate handler based on state. Pending (Authenticating) requests are held until the observer calls back.
Parameters
-
requestIncoming STUN request. -
stateResult of the observer's authenticateRequest() call.
{#handleauthorizedrequest}
handleAuthorizedRequest
void handleAuthorizedRequest(Request & request)
Defined in src/turn/include/icy/turn/server/server.h:148
Dispatches an already-authorized request to the specific method handler.
Parameters
requestAuthorized STUN request.
{#handlebindingrequest}
handleBindingRequest
void handleBindingRequest(Request & request)
Defined in src/turn/include/icy/turn/server/server.h:152
Handles a Binding request; responds with XOR-MAPPED-ADDRESS.
Parameters
requestIncoming Binding request.
{#handleallocaterequest}
handleAllocateRequest
void handleAllocateRequest(Request & request)
Defined in src/turn/include/icy/turn/server/server.h:157
Handles an Allocate request; creates a UDP or TCP ServerAllocation and sends a success response with XOR-RELAYED-ADDRESS and LIFETIME.
Parameters
requestIncoming Allocate request.
{#handleconnectionbindrequest}
handleConnectionBindRequest
void handleConnectionBindRequest(Request & request)
Defined in src/turn/include/icy/turn/server/server.h:162
Handles a ConnectionBind request by locating the TCPAllocation that owns the given CONNECTION-ID and delegating to it.
Parameters
requestIncoming ConnectionBind request.
{#respond}
respond
void respond(Request & request, stun::Message & response)
Defined in src/turn/include/icy/turn/server/server.h:168
Sends a STUN response, signing it with MessageIntegrity if the request had a hash. Routes via UDP or TCP depending on request.transport.
Parameters
-
requestThe original request (provides transport and remote address). -
responseThe response message to send.
{#responderror}
respondError
void respondError(Request & request, int errorCode, const char * errorDesc)
Defined in src/turn/include/icy/turn/server/server.h:174
Constructs and sends an error response with SOFTWARE, REALM, NONCE, and ERROR-CODE.
Parameters
-
requestThe original request. -
errorCodeSTUN error code (e.g. 400, 401, 437). -
errorDescHuman-readable error description string.
{#allocations}
allocations
const
std::map< FiveTuple, ServerAllocation * > allocations() const
Defined in src/turn/include/icy/turn/server/server.h:179
Returns a snapshot copy of the allocation map for safe iteration. Returned raw pointers are valid only while the server holds the allocations.
Returns
Map from FiveTuple to raw ServerAllocation pointers.
{#addallocation}
addAllocation
void addAllocation(std::unique_ptr< ServerAllocation > alloc)
Defined in src/turn/include/icy/turn/server/server.h:183
Transfers ownership of alloc to the server and notifies the observer.
Parameters
allocNewly constructed allocation to register.
{#removeallocation}
removeAllocation
void removeAllocation(ServerAllocation * alloc)
Defined in src/turn/include/icy/turn/server/server.h:188
Removes alloc from the map and notifies the observer. Called automatically from the ServerAllocation destructor.
Parameters
allocAllocation being destroyed.
{#getallocation}
getAllocation
nodiscard
[[nodiscard]] ServerAllocation * getAllocation(const FiveTuple & tuple)
Defined in src/turn/include/icy/turn/server/server.h:193
Looks up an allocation by its 5-tuple.
Parameters
tupleThe 5-tuple to search for.
Returns
Pointer to the matching allocation, or nullptr if not found.
{#gettcpallocation}
getTCPAllocation
nodiscard
[[nodiscard]] TCPAllocation * getTCPAllocation(const uint32_t & connectionID)
Defined in src/turn/include/icy/turn/server/server.h:198
Finds the TCPAllocation that owns a TCPConnectionPair with the given connection ID.
Parameters
connectionIDTURN CONNECTION-ID to search for.
Returns
Pointer to the owning TCPAllocation, or nullptr if not found.
{#gettcpsocket}
getTCPSocket
nodiscard
[[nodiscard]] net::TCPSocket::Ptr getTCPSocket(const net::Address & remoteAddr)
Defined in src/turn/include/icy/turn/server/server.h:203
Returns the accepted TCP socket whose peer address matches remoteAddr.
Parameters
remoteAddrPeer address to search for.
Returns
Shared pointer to the socket, or empty if not found.
{#releasetcpsocket}
releaseTCPSocket
void releaseTCPSocket(const net::Socket & socket)
Defined in src/turn/include/icy/turn/server/server.h:208
Removes a TCP control socket from the server's socket list and unregisters callbacks. Called when the socket is handed off to a TCPAllocation (ConnectionBind).
Parameters
socketThe socket to release.
{#observer-2}
observer
ServerObserver & observer()
Defined in src/turn/include/icy/turn/server/server.h:211
Returns
Reference to the observer provided at construction.
{#options-11}
options
const nodiscard
[[nodiscard]] const ServerOptions & options() const
Defined in src/turn/include/icy/turn/server/server.h:214
Returns
Reference to the immutable options struct.
{#udpsocket-4}
udpSocket
net::UDPSocket & udpSocket()
Defined in src/turn/include/icy/turn/server/server.h:217
Returns
Reference to the UDP server socket.
{#tcpsocket-4}
tcpSocket
net::TCPSocket & tcpSocket()
Defined in src/turn/include/icy/turn/server/server.h:220
Returns
Reference to the TCP server listening socket.
{#timer-1}
timer
Timer & timer()
Defined in src/turn/include/icy/turn/server/server.h:223
Returns
Reference to the maintenance timer.
{#ontcpacceptconnection}
onTCPAcceptConnection
void onTCPAcceptConnection(const net::TCPSocket::Ptr & sock)
Defined in src/turn/include/icy/turn/server/server.h:228
Accept callback for the TCP listening socket; registers new connections for STUN message processing.
Parameters
sockNewly accepted TCP socket.
{#ontcpsocketclosed}
onTCPSocketClosed
bool onTCPSocketClosed(net::Socket & socket)
Defined in src/turn/include/icy/turn/server/server.h:232
Close callback for accepted TCP sockets; removes the socket from the list.
Parameters
socketThe closed socket.
{#onsocketrecv-8}
onSocketRecv
bool onSocketRecv(net::Socket & socket, const MutableBuffer & buffer, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/server/server.h:239
Receive callback for both UDP and TCP sockets; parses STUN messages and calls handleRequest() for each one.
Parameters
-
socketThe receiving socket. -
bufferReceived data buffer. -
peerAddressSource address of the data.
{#ontimer-3}
onTimer
void onTimer()
Defined in src/turn/include/icy/turn/server/server.h:243
Periodic maintenance callback; expires and removes stale allocations.
{#scheduledeferredtcpsocketrelease}
scheduleDeferredTCPSocketRelease
void scheduleDeferredTCPSocketRelease()
Defined in src/turn/include/icy/turn/server/server.h:246
Defers accepted TCP socket removal until after the active callback stack unwinds.
{#drainreleasedtcpsockets}
drainReleasedTCPSockets
void drainReleasedTCPSockets()
Defined in src/turn/include/icy/turn/server/server.h:247
Private Attributes
| Return | Name | Description |
|---|---|---|
std::mutex | _mutex | |
ServerObserver & | _observer | |
ServerOptions | _options | |
net::SocketEmitter | _udpSocket | |
net::SocketEmitter | _tcpSocket | |
std::vector< net::SocketEmitter > | _tcpSockets | |
std::unordered_set< const net::Socket * > | _pendingReleasedTCPSockets | |
bool | _tcpSocketReleaseScheduled | |
ServerAllocationMap | _allocations | |
Timer | _timer |
{#_mutex-13}
_mutex
std::mutex _mutex
Defined in src/turn/include/icy/turn/server/server.h:250
{#_observer-2}
_observer
ServerObserver & _observer
Defined in src/turn/include/icy/turn/server/server.h:251
{#_options-4}
_options
ServerOptions _options
Defined in src/turn/include/icy/turn/server/server.h:252
{#_udpsocket}
_udpSocket
net::SocketEmitter _udpSocket
Defined in src/turn/include/icy/turn/server/server.h:253
{#_tcpsocket}
_tcpSocket
net::SocketEmitter _tcpSocket
Defined in src/turn/include/icy/turn/server/server.h:254
{#_tcpsockets}
_tcpSockets
std::vector< net::SocketEmitter > _tcpSockets
Defined in src/turn/include/icy/turn/server/server.h:255
{#_pendingreleasedtcpsockets}
_pendingReleasedTCPSockets
std::unordered_set< const net::Socket * > _pendingReleasedTCPSockets
Defined in src/turn/include/icy/turn/server/server.h:256
{#_tcpsocketreleasescheduled}
_tcpSocketReleaseScheduled
bool _tcpSocketReleaseScheduled {false}
Defined in src/turn/include/icy/turn/server/server.h:257
{#_allocations}
_allocations
ServerAllocationMap _allocations
Defined in src/turn/include/icy/turn/server/server.h:258
{#_timer-2}
_timer
Timer _timer
Defined in src/turn/include/icy/turn/server/server.h:259
{#serverallocation}
ServerAllocation
#include <icy/turn/server/serverallocation.h>
class ServerAllocation
Defined in src/turn/include/icy/turn/server/serverallocation.h:29
Inherits:
IAllocationSubclassed by:TCPAllocation,UDPAllocation
Server-side TURN allocation that tracks permissions, lifetime, and relay state. Handles Refresh and CreatePermission requests common to both UDP and TCP allocations. Subclassed by UDPAllocation and TCPAllocation for transport-specific behaviour.
List of all members
| Name | Kind | Owner |
|---|---|---|
Server | friend | Declared here |
ServerAllocation | function | Declared here |
handleRequest | function | Declared here |
handleRefreshRequest | function | Declared here |
handleCreatePermission | function | Declared here |
onTimer | function | Declared here |
timeRemaining | function | Declared here |
maxTimeRemaining | function | Declared here |
hasPermission | function | Declared here |
hasPermission | function | Declared here |
server | function | Declared here |
print | function | Declared here |
refreshDeleteRequested | function | Declared here |
_maxLifetime | variable | Declared here |
_server | variable | Declared here |
_permissionPolicy | variable | Declared here |
_refreshDeleteRequested | variable | Declared here |
ServerAllocation | function | Declared here |
ServerAllocation | function | Declared here |
operator<< | friend | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
updateUsage | function | Inherited from IAllocation |
setLifetime | function | Inherited from IAllocation |
setBandwidthLimit | function | Inherited from IAllocation |
expired | function | Inherited from IAllocation |
deleted | function | Inherited from IAllocation |
bandwidthLimit | function | Inherited from IAllocation |
bandwidthUsed | function | Inherited from IAllocation |
bandwidthRemaining | function | Inherited from IAllocation |
timeRemaining | function | Inherited from IAllocation |
tuple | function | Inherited from IAllocation |
username | function | Inherited from IAllocation |
lifetime | function | Inherited from IAllocation |
permissions | function | Inherited from IAllocation |
relayedAddress | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermissions | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removeAllPermissions | function | Inherited from IAllocation |
removeExpiredPermissions | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
print | function | Inherited from IAllocation |
_tuple | variable | Inherited from IAllocation |
_username | variable | Inherited from IAllocation |
_permissions | variable | Inherited from IAllocation |
_lifetime | variable | Inherited from IAllocation |
_bandwidthLimit | variable | Inherited from IAllocation |
_bandwidthUsed | variable | Inherited from IAllocation |
_createdAt | variable | Inherited from IAllocation |
_updatedAt | variable | Inherited from IAllocation |
_deleted | variable | Inherited from IAllocation |
Inherited from IAllocation
| Kind | Name | Description |
|---|---|---|
friend | operator<< inline | |
function | IAllocation | |
function | IAllocation | Deleted constructor. |
function | IAllocation | Deleted constructor. |
function | updateUsage virtual | Updates the last-activity timestamp and accumulates bandwidth usage. Call this whenever data is relayed through the allocation. |
function | setLifetime virtual | Sets the allocation lifetime in seconds and resets the activity timestamp, effectively extending the expiry from the current moment. |
function | setBandwidthLimit virtual | Sets the maximum number of bytes this allocation may relay in its lifetime. Pass 0 to disable bandwidth limiting. |
function | expired virtual const nodiscard | |
function | deleted virtual const nodiscard | Returns true if the allocation's deleted flag is set and or if the allocation has expired. |
function | bandwidthLimit virtual const nodiscard | |
function | bandwidthUsed virtual const nodiscard | |
function | bandwidthRemaining virtual const nodiscard | |
function | timeRemaining virtual const nodiscard | |
function | tuple virtual | |
function | username virtual const nodiscard | |
function | lifetime virtual const nodiscard | |
function | permissions virtual const nodiscard | |
function | relayedAddress virtual const nodiscard | |
function | addPermission virtual | Adds a permission for ip, or refreshes the existing one. |
function | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
function | addPermissions virtual | Adds (or refreshes) permissions for multiple IPs. |
function | removePermission virtual | Removes the permission for ip if present. |
function | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
function | removeAllPermissions virtual | Removes all permissions from the list. |
function | removeExpiredPermissions virtual | Removes any permissions whose 5-minute lifetime has elapsed. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | print virtual const inline | |
variable | _tuple | |
variable | _username | |
variable | _permissions | |
variable | _lifetime | |
variable | _bandwidthLimit | |
variable | _bandwidthUsed | |
variable | _createdAt | |
variable | _updatedAt | |
variable | _deleted |
Friends
| Name | Description |
|---|---|
Server |
{#server-8}
Server
friend class Server
Defined in src/turn/include/icy/turn/server/serverallocation.h:84
Public Methods
| Return | Name | Description |
|---|---|---|
ServerAllocation | ||
bool | handleRequest virtual | Dispatches incoming STUN requests to handleCreatePermission() or handleRefreshRequest(). Subclasses override to add transport-specific methods. |
void | handleRefreshRequest virtual | Processes a Refresh request; updates the lifetime or sets the delete flag if the requested lifetime is 0, then sends a success response. |
void | handleCreatePermission virtual | Processes a CreatePermission request; installs or refreshes permissions for each XOR-PEER-ADDRESS attribute, then sends a success response. |
bool | onTimer nodiscard | Periodic maintenance callback called by Server::onTimer(). Removes expired permissions. Returns false to signal that this allocation should be destroyed. |
std::int64_t | timeRemaining virtual const nodiscard override | |
std::int64_t | maxTimeRemaining const nodiscard | |
bool | hasPermission virtual nodiscard override | Checks permission, auto-granting local IPs if enabled in server options. |
bool | hasPermission virtual nodiscard override | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
Server & | server virtual | |
void | print virtual const override | Writes a detailed diagnostic dump of this allocation to os. |
bool | refreshDeleteRequested const inline nodiscard | Returns true if the refresh request set lifetime to 0, signaling the parent Server to delete this allocation. |
{#serverallocation-1}
ServerAllocation
ServerAllocation(Server & server, const FiveTuple & tuple, const std::string & username, std::int64_t lifetime)
Defined in src/turn/include/icy/turn/server/serverallocation.h:36
Parameters
-
serverOwning TURN server. -
tuple5-tuple uniquely identifying this allocation. -
usernameAuthenticated username from the Allocate request. -
lifetimeInitial lifetime in seconds as negotiated with the client.
{#handlerequest-1}
handleRequest
virtual
virtual bool handleRequest(Request & request)
Defined in src/turn/include/icy/turn/server/serverallocation.h:45
Dispatches incoming STUN requests to handleCreatePermission() or handleRefreshRequest(). Subclasses override to add transport-specific methods.
Parameters
requestIncoming STUN request.
Returns
true if the request was handled; false signals the server to respond with a 600 "Operation Not Supported" error.
Reimplemented by
{#handlerefreshrequest}
handleRefreshRequest
virtual
virtual void handleRefreshRequest(Request & request)
Defined in src/turn/include/icy/turn/server/serverallocation.h:50
Processes a Refresh request; updates the lifetime or sets the delete flag if the requested lifetime is 0, then sends a success response.
Parameters
requestIncoming Refresh request.
{#handlecreatepermission}
handleCreatePermission
virtual
virtual void handleCreatePermission(Request & request)
Defined in src/turn/include/icy/turn/server/serverallocation.h:55
Processes a CreatePermission request; installs or refreshes permissions for each XOR-PEER-ADDRESS attribute, then sends a success response.
Parameters
requestIncoming CreatePermission request.
{#ontimer-4}
onTimer
nodiscard
[[nodiscard]] bool onTimer()
Defined in src/turn/include/icy/turn/server/serverallocation.h:61
Periodic maintenance callback called by Server::onTimer(). Removes expired permissions. Returns false to signal that this allocation should be destroyed.
Returns
true to keep the allocation alive; false to destroy it.
{#timeremaining-1}
timeRemaining
virtual const nodiscard override
[[nodiscard]] virtual std::int64_t timeRemaining() const override
Defined in src/turn/include/icy/turn/server/serverallocation.h:64
Returns
The lesser of IAllocation::timeRemaining() and maxTimeRemaining().
Reimplements
{#maxtimeremaining}
maxTimeRemaining
const nodiscard
[[nodiscard]] std::int64_t maxTimeRemaining() const
Defined in src/turn/include/icy/turn/server/serverallocation.h:67
Returns
Seconds remaining before the server-enforced maximum lifetime expires.
{#haspermission-4}
hasPermission
virtual nodiscard override
[[nodiscard]] virtual bool hasPermission(const std::string & peerIP) override
Defined in src/turn/include/icy/turn/server/serverallocation.h:70
Checks permission, auto-granting local IPs if enabled in server options.
Reimplements
{#haspermission-5}
hasPermission
virtual nodiscard override
[[nodiscard]] virtual bool hasPermission(const net::Address & peerAddress) override
Defined in src/turn/include/icy/turn/server/serverallocation.h:71
Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only.
Reimplements
{#server-9}
server
virtual
virtual Server & server()
Defined in src/turn/include/icy/turn/server/serverallocation.h:74
Returns
Reference to the owning TURN server.
{#print-12}
virtual const override
virtual void print(std::ostream & os) const override
Defined in src/turn/include/icy/turn/server/serverallocation.h:77
Writes a detailed diagnostic dump of this allocation to os.
Reimplements
{#refreshdeleterequested}
refreshDeleteRequested
const inline nodiscard
[[nodiscard]] inline bool refreshDeleteRequested() const
Defined in src/turn/include/icy/turn/server/serverallocation.h:81
Returns true if the refresh request set lifetime to 0, signaling the parent Server to delete this allocation.
Protected Attributes
| Return | Name | Description |
|---|---|---|
uint32_t | _maxLifetime | |
Server & | _server | |
PermissionPolicy | _permissionPolicy | |
bool | _refreshDeleteRequested |
{#_maxlifetime}
_maxLifetime
uint32_t _maxLifetime
Defined in src/turn/include/icy/turn/server/serverallocation.h:86
{#_server-1}
_server
Server & _server
Defined in src/turn/include/icy/turn/server/serverallocation.h:87
{#_permissionpolicy}
_permissionPolicy
PermissionPolicy _permissionPolicy
Defined in src/turn/include/icy/turn/server/serverallocation.h:88
{#_refreshdeleterequested}
_refreshDeleteRequested
bool _refreshDeleteRequested = false
Defined in src/turn/include/icy/turn/server/serverallocation.h:89
Private Methods
| Return | Name | Description |
|---|---|---|
ServerAllocation | NonCopyable and NonMovable. | |
ServerAllocation | Deleted constructor. |
{#serverallocation-2}
ServerAllocation
ServerAllocation(const ServerAllocation &) = delete
Defined in src/turn/include/icy/turn/server/serverallocation.h:93
NonCopyable and NonMovable.
{#serverallocation-3}
ServerAllocation
ServerAllocation(ServerAllocation &&) = delete
Defined in src/turn/include/icy/turn/server/serverallocation.h:95
Deleted constructor.
{#tcpallocation}
TCPAllocation
#include <icy/turn/server/tcpallocation.h>
class TCPAllocation
Defined in src/turn/include/icy/turn/server/tcpallocation.h:36
Inherits:
ServerAllocation
Server-side TCP TURN allocation with connection pair management per RFC 6062. Maintains a control connection for STUN signalling and an acceptor socket for incoming peer TCP connections. Each peer connection is tracked as a TCPConnectionPair and bridged to the client after a successful ConnectionBind.
List of all members
| Name | Kind | Owner |
|---|---|---|
TCPAllocation | function | Declared here |
handleRequest | function | Declared here |
handleConnectRequest | function | Declared here |
handleConnectionBindRequest | function | Declared here |
sendPeerConnectResponse | function | Declared here |
sendToControl | function | Declared here |
control | function | Declared here |
relayedAddress | function | Declared here |
pairs | function | Declared here |
onTimer | function | Declared here |
onPeerAccept | function | Declared here |
onControlClosed | function | Declared here |
_control | variable | Declared here |
_acceptor | variable | Declared here |
_pairs | variable | Declared here |
Server | friend | Inherited from ServerAllocation |
ServerAllocation | function | Inherited from ServerAllocation |
handleRequest | function | Inherited from ServerAllocation |
handleRefreshRequest | function | Inherited from ServerAllocation |
handleCreatePermission | function | Inherited from ServerAllocation |
onTimer | function | Inherited from ServerAllocation |
timeRemaining | function | Inherited from ServerAllocation |
maxTimeRemaining | function | Inherited from ServerAllocation |
hasPermission | function | Inherited from ServerAllocation |
hasPermission | function | Inherited from ServerAllocation |
server | function | Inherited from ServerAllocation |
print | function | Inherited from ServerAllocation |
refreshDeleteRequested | function | Inherited from ServerAllocation |
_maxLifetime | variable | Inherited from ServerAllocation |
_server | variable | Inherited from ServerAllocation |
_permissionPolicy | variable | Inherited from ServerAllocation |
_refreshDeleteRequested | variable | Inherited from ServerAllocation |
ServerAllocation | function | Inherited from ServerAllocation |
ServerAllocation | function | Inherited from ServerAllocation |
operator<< | friend | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
updateUsage | function | Inherited from IAllocation |
setLifetime | function | Inherited from IAllocation |
setBandwidthLimit | function | Inherited from IAllocation |
expired | function | Inherited from IAllocation |
deleted | function | Inherited from IAllocation |
bandwidthLimit | function | Inherited from IAllocation |
bandwidthUsed | function | Inherited from IAllocation |
bandwidthRemaining | function | Inherited from IAllocation |
timeRemaining | function | Inherited from IAllocation |
tuple | function | Inherited from IAllocation |
username | function | Inherited from IAllocation |
lifetime | function | Inherited from IAllocation |
permissions | function | Inherited from IAllocation |
relayedAddress | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermissions | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removeAllPermissions | function | Inherited from IAllocation |
removeExpiredPermissions | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
print | function | Inherited from IAllocation |
_tuple | variable | Inherited from IAllocation |
_username | variable | Inherited from IAllocation |
_permissions | variable | Inherited from IAllocation |
_lifetime | variable | Inherited from IAllocation |
_bandwidthLimit | variable | Inherited from IAllocation |
_bandwidthUsed | variable | Inherited from IAllocation |
_createdAt | variable | Inherited from IAllocation |
_updatedAt | variable | Inherited from IAllocation |
_deleted | variable | Inherited from IAllocation |
Inherited from ServerAllocation
| Kind | Name | Description |
|---|---|---|
friend | Server | |
function | ServerAllocation | |
function | handleRequest virtual | Dispatches incoming STUN requests to handleCreatePermission() or handleRefreshRequest(). Subclasses override to add transport-specific methods. |
function | handleRefreshRequest virtual | Processes a Refresh request; updates the lifetime or sets the delete flag if the requested lifetime is 0, then sends a success response. |
function | handleCreatePermission virtual | Processes a CreatePermission request; installs or refreshes permissions for each XOR-PEER-ADDRESS attribute, then sends a success response. |
function | onTimer nodiscard | Periodic maintenance callback called by Server::onTimer(). Removes expired permissions. Returns false to signal that this allocation should be destroyed. |
function | timeRemaining virtual const nodiscard override | |
function | maxTimeRemaining const nodiscard | |
function | hasPermission virtual nodiscard override | Checks permission, auto-granting local IPs if enabled in server options. |
function | hasPermission virtual nodiscard override | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | server virtual | |
function | print virtual const override | Writes a detailed diagnostic dump of this allocation to os. |
function | refreshDeleteRequested const inline nodiscard | Returns true if the refresh request set lifetime to 0, signaling the parent Server to delete this allocation. |
variable | _maxLifetime | |
variable | _server | |
variable | _permissionPolicy | |
variable | _refreshDeleteRequested | |
function | ServerAllocation | NonCopyable and NonMovable. |
function | ServerAllocation | Deleted constructor. |
Inherited from IAllocation
| Kind | Name | Description |
|---|---|---|
friend | operator<< inline | |
function | IAllocation | |
function | IAllocation | Deleted constructor. |
function | IAllocation | Deleted constructor. |
function | updateUsage virtual | Updates the last-activity timestamp and accumulates bandwidth usage. Call this whenever data is relayed through the allocation. |
function | setLifetime virtual | Sets the allocation lifetime in seconds and resets the activity timestamp, effectively extending the expiry from the current moment. |
function | setBandwidthLimit virtual | Sets the maximum number of bytes this allocation may relay in its lifetime. Pass 0 to disable bandwidth limiting. |
function | expired virtual const nodiscard | |
function | deleted virtual const nodiscard | Returns true if the allocation's deleted flag is set and or if the allocation has expired. |
function | bandwidthLimit virtual const nodiscard | |
function | bandwidthUsed virtual const nodiscard | |
function | bandwidthRemaining virtual const nodiscard | |
function | timeRemaining virtual const nodiscard | |
function | tuple virtual | |
function | username virtual const nodiscard | |
function | lifetime virtual const nodiscard | |
function | permissions virtual const nodiscard | |
function | relayedAddress virtual const nodiscard | |
function | addPermission virtual | Adds a permission for ip, or refreshes the existing one. |
function | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
function | addPermissions virtual | Adds (or refreshes) permissions for multiple IPs. |
function | removePermission virtual | Removes the permission for ip if present. |
function | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
function | removeAllPermissions virtual | Removes all permissions from the list. |
function | removeExpiredPermissions virtual | Removes any permissions whose 5-minute lifetime has elapsed. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | print virtual const inline | |
variable | _tuple | |
variable | _username | |
variable | _permissions | |
variable | _lifetime | |
variable | _bandwidthLimit | |
variable | _bandwidthUsed | |
variable | _createdAt | |
variable | _updatedAt | |
variable | _deleted |
Public Methods
| Return | Name | Description |
|---|---|---|
TCPAllocation | ||
bool | handleRequest virtual | Extends the base handler with Connect and ConnectionBind methods. |
void | handleConnectRequest | Handles a Connect request; creates a TCPConnectionPair and initiates a TCP connection to the peer address carried in XOR-PEER-ADDRESS. |
void | handleConnectionBindRequest | Handles a ConnectionBind request; associates the incoming TCP data socket with the pending TCPConnectionPair and activates the relay pipe. |
void | sendPeerConnectResponse | Sends a Connect success or failure response to the control connection. |
ssize_t | sendToControl | Sends a STUN message to the client over the control TCP connection. |
net::TCPSocket & | control | |
net::Address | relayedAddress virtual const nodiscard | |
TCPConnectionPairMap & | pairs | |
bool | onTimer | Periodic timer callback; removes expired or pending-delete connection pairs, then calls the base class timer. |
void | onPeerAccept | Accepts incoming peer sockets on the relay acceptor socket. Checks permissions and sends a ConnectionAttempt indication to the control. |
bool | onControlClosed | Called when the control connection closes; marks the allocation for deletion. |
{#tcpallocation-1}
TCPAllocation
TCPAllocation(Server & server, const net::Socket::Ptr & control, const FiveTuple & tuple, const std::string & username, const uint32_t & lifetime)
Defined in src/turn/include/icy/turn/server/tcpallocation.h:44
Parameters
-
serverOwning TURN server. -
controlThe accepted TCP socket used for STUN control messages. -
tuple5-tuple identifying this allocation. -
usernameAuthenticated username from the Allocate request. -
lifetimeInitial lifetime in seconds.
{#handlerequest-2}
handleRequest
virtual
virtual bool handleRequest(Request & request)
Defined in src/turn/include/icy/turn/server/tcpallocation.h:52
Extends the base handler with Connect and ConnectionBind methods.
Parameters
requestIncoming STUN request.
Returns
true if handled.
Reimplements
{#handleconnectrequest}
handleConnectRequest
void handleConnectRequest(Request & request)
Defined in src/turn/include/icy/turn/server/tcpallocation.h:57
Handles a Connect request; creates a TCPConnectionPair and initiates a TCP connection to the peer address carried in XOR-PEER-ADDRESS.
Parameters
requestIncoming Connect request.
{#handleconnectionbindrequest-1}
handleConnectionBindRequest
void handleConnectionBindRequest(Request & request)
Defined in src/turn/include/icy/turn/server/tcpallocation.h:62
Handles a ConnectionBind request; associates the incoming TCP data socket with the pending TCPConnectionPair and activates the relay pipe.
Parameters
requestIncoming ConnectionBind request.
{#sendpeerconnectresponse}
sendPeerConnectResponse
void sendPeerConnectResponse(TCPConnectionPair * pair, bool success)
Defined in src/turn/include/icy/turn/server/tcpallocation.h:67
Sends a Connect success or failure response to the control connection.
Parameters
-
pairThe connection pair whose peer connection attempt completed. -
successtrue if the peer TCP connection succeeded.
{#sendtocontrol}
sendToControl
ssize_t sendToControl(stun::Message & message)
Defined in src/turn/include/icy/turn/server/tcpallocation.h:72
Sends a STUN message to the client over the control TCP connection.
Parameters
messageMessage to send.
Returns
Number of bytes sent, or a negative value on error.
{#control}
control
net::TCPSocket & control()
Defined in src/turn/include/icy/turn/server/tcpallocation.h:75
Returns
Reference to the TCP control socket.
{#relayedaddress-2}
relayedAddress
virtual const nodiscard
[[nodiscard]] virtual net::Address relayedAddress() const
Defined in src/turn/include/icy/turn/server/tcpallocation.h:78
Returns
The listen address of the peer acceptor socket (used as the relayed address).
Reimplements
{#pairs}
pairs
TCPConnectionPairMap & pairs()
Defined in src/turn/include/icy/turn/server/tcpallocation.h:81
Returns
Reference to the map of active TCPConnectionPairs keyed by connection ID.
{#ontimer-5}
onTimer
bool onTimer()
Defined in src/turn/include/icy/turn/server/tcpallocation.h:86
Periodic timer callback; removes expired or pending-delete connection pairs, then calls the base class timer.
Returns
false if the allocation should be destroyed.
{#onpeeraccept}
onPeerAccept
void onPeerAccept(const net::TCPSocket::Ptr & sock)
Defined in src/turn/include/icy/turn/server/tcpallocation.h:91
Accepts incoming peer sockets on the relay acceptor socket. Checks permissions and sends a ConnectionAttempt indication to the control.
Parameters
sockNewly accepted peer socket.
{#oncontrolclosed}
onControlClosed
bool onControlClosed(net::Socket & socket)
Defined in src/turn/include/icy/turn/server/tcpallocation.h:96
Called when the control connection closes; marks the allocation for deletion.
Parameters
socketThe closed control socket.
Returns
false (event propagation convention).
Protected Attributes
| Return | Name | Description |
|---|---|---|
net::SocketEmitter | _control | |
net::SocketEmitter | _acceptor | |
TCPConnectionPairMap | _pairs |
{#_control}
_control
net::SocketEmitter _control
Defined in src/turn/include/icy/turn/server/tcpallocation.h:99
{#_acceptor}
_acceptor
net::SocketEmitter _acceptor
Defined in src/turn/include/icy/turn/server/tcpallocation.h:100
{#_pairs}
_pairs
TCPConnectionPairMap _pairs
Defined in src/turn/include/icy/turn/server/tcpallocation.h:101
{#tcpclient}
TCPClient
#include <icy/turn/client/tcpclient.h>
class TCPClient
Defined in src/turn/include/icy/turn/client/tcpclient.h:87
Inherits:
Client
TCP transport TURN client with relay connection management per RFC 6062. Uses a single TCP control connection for STUN signalling and opens additional TCP relay connections for each peer via the Connect / ConnectionBind flow.
List of all members
| Name | Kind | Owner |
|---|---|---|
TCPClient | function | Declared here |
start | function | Declared here |
stop | function | Declared here |
sendConnectRequest | function | Declared here |
sendData | function | Declared here |
handleResponse | function | Declared here |
handleConnectResponse | function | Declared here |
handleConnectErrorResponse | function | Declared here |
handleConnectionBindResponse | function | Declared here |
handleConnectionBindErrorResponse | function | Declared here |
handleConnectionAttemptIndication | function | Declared here |
createAndBindConnection | function | Declared here |
onRelayConnectionConnect | function | Declared here |
onRelayDataReceived | function | Declared here |
onRelayConnectionError | function | Declared here |
onRelayConnectionClosed | function | Declared here |
freeConnection | function | Declared here |
transportProtocol | function | Declared here |
connections | function | Declared here |
className | function | Declared here |
_observer | variable | Declared here |
_connections | variable | Declared here |
Client | function | Inherited from Client |
start | function | Inherited from Client |
stop | function | Inherited from Client |
sendAllocate | function | Inherited from Client |
addPermission | function | Inherited from Client |
addPermission | function | Inherited from Client |
sendCreatePermission | function | Inherited from Client |
sendChannelBind | function | Inherited from Client |
sendRefresh | function | Inherited from Client |
sendData | function | Inherited from Client |
handleResponse | function | Inherited from Client |
handleAllocateResponse | function | Inherited from Client |
handleAllocateErrorResponse | function | Inherited from Client |
handleCreatePermissionResponse | function | Inherited from Client |
handleCreatePermissionErrorResponse | function | Inherited from Client |
handleRefreshResponse | function | Inherited from Client |
handleDataIndication | function | Inherited from Client |
transportProtocol | function | Inherited from Client |
createTransaction | function | Inherited from Client |
authenticateRequest | function | Inherited from Client |
sendAuthenticatedTransaction | function | Inherited from Client |
removeTransaction | function | Inherited from Client |
mappedAddress | function | Inherited from Client |
relayedAddress | function | Inherited from Client |
closed | function | Inherited from Client |
observer | function | Inherited from Client |
options | function | Inherited from Client |
addPermission | function | Inherited from Client |
hasPermission | function | Inherited from Client |
hasPermission | function | Inherited from Client |
removePermission | function | Inherited from Client |
removePermission | function | Inherited from Client |
_observer | variable | Inherited from Client |
_options | variable | Inherited from Client |
_socket | variable | Inherited from Client |
_timer | variable | Inherited from Client |
_error | variable | Inherited from Client |
_mappedAddress | variable | Inherited from Client |
_relayedAddress | variable | Inherited from Client |
_realm | variable | Inherited from Client |
_nonce | variable | Inherited from Client |
_pendingIndications | variable | Inherited from Client |
_transactions | variable | Inherited from Client |
setError | function | Inherited from Client |
onSocketConnect | function | Inherited from Client |
onSocketRecv | function | Inherited from Client |
onSocketClose | function | Inherited from Client |
onTransactionProgress | function | Inherited from Client |
onStateChange | function | Inherited from Client |
onTimer | function | Inherited from Client |
StateChange | variable | Inherited from Stateful |
_state | variable | Inherited from Stateful |
Stateful | function | Inherited from Stateful |
~Stateful | function | Inherited from Stateful |
stateEquals | function | Inherited from Stateful |
stateBetween | function | Inherited from Stateful |
state | function | Inherited from Stateful |
state | function | Inherited from Stateful |
beforeStateChange | function | Inherited from Stateful |
onStateChange | function | Inherited from Stateful |
setState | function | Inherited from Stateful |
setState | function | Inherited from Stateful |
operator<< | friend | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
updateUsage | function | Inherited from IAllocation |
setLifetime | function | Inherited from IAllocation |
setBandwidthLimit | function | Inherited from IAllocation |
expired | function | Inherited from IAllocation |
deleted | function | Inherited from IAllocation |
bandwidthLimit | function | Inherited from IAllocation |
bandwidthUsed | function | Inherited from IAllocation |
bandwidthRemaining | function | Inherited from IAllocation |
timeRemaining | function | Inherited from IAllocation |
tuple | function | Inherited from IAllocation |
username | function | Inherited from IAllocation |
lifetime | function | Inherited from IAllocation |
permissions | function | Inherited from IAllocation |
relayedAddress | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermissions | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removeAllPermissions | function | Inherited from IAllocation |
removeExpiredPermissions | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
print | function | Inherited from IAllocation |
_tuple | variable | Inherited from IAllocation |
_username | variable | Inherited from IAllocation |
_permissions | variable | Inherited from IAllocation |
_lifetime | variable | Inherited from IAllocation |
_bandwidthLimit | variable | Inherited from IAllocation |
_bandwidthUsed | variable | Inherited from IAllocation |
_createdAt | variable | Inherited from IAllocation |
_updatedAt | variable | Inherited from IAllocation |
_deleted | variable | Inherited from IAllocation |
Inherited from Client
| Kind | Name | Description |
|---|---|---|
function | Client | |
function | start virtual | Connects the socket to the TURN server and starts the allocation sequence. Permissions must be added via addPermission() before calling this. |
function | stop virtual | Stops the timer, cancels pending transactions, and closes the socket. |
function | sendAllocate virtual | Sends an Allocate request to the server with the configured transport and lifetime. On first call the server will typically respond with a 401 challenge; the client re-sends with credentials automatically. |
function | addPermission virtual | Adds multiple peer IP addresses to the permission list. |
function | addPermission virtual override | Adds a single peer IP to the permission list, or refreshes it if already present. Permissions should be added before start(); they may also be added later, in which case a new CreatePermission request is required. |
function | sendCreatePermission virtual | Sends a CreatePermission request for all IPs currently in the permission list. Called automatically after allocation succeeds and periodically by the timer to refresh expiring permissions. |
function | sendChannelBind virtual | Channel bindings (RFC 5766 Section 11) are intentionally not implemented. They are a bandwidth optimization that replaces STUN-framed Send/Data indications with a compact 4-byte ChannelData header. This only benefits high-throughput media relay scenarios; in practice, media flows directly via ICE/DTLS rather than through this TURN client's data path, so the optimization is not worth the complexity (channel number allocation, 10-minute binding refresh timers, ChannelData wire framing). Data relay uses sendData() with Send Indications instead. |
function | sendRefresh virtual | Sends a Refresh request to extend the allocation lifetime. Called automatically by the timer when roughly one-third of the lifetime remains. |
function | sendData virtual | Sends a Send Indication to relay data to peerAddress through the TURN server. If permissions are still being negotiated the indication is queued and flushed once CreatePermission succeeds. |
function | handleResponse virtual | Dispatches an incoming STUN/TURN response to the appropriate handler. |
function | handleAllocateResponse virtual | Processes a successful Allocate response; extracts mapped/relayed addresses and advances the state to Authorizing, then sends CreatePermission. |
function | handleAllocateErrorResponse virtual | Handles an Allocate error response; manages the 401 challenge/re-send flow and sets the client to Failed for unrecoverable errors. |
function | handleCreatePermissionResponse virtual | Handles a successful CreatePermission response; flushes queued Send Indications and advances state to Success. |
function | handleCreatePermissionErrorResponse virtual | Handles a failed CreatePermission response; clears all permissions and sets the client to Failed. |
function | handleRefreshResponse virtual | Handles a Refresh response; updates the stored lifetime. |
function | handleDataIndication virtual | Handles an incoming Data Indication; extracts peer address and data and forwards to ClientObserver::onRelayDataReceived(). |
function | transportProtocol virtual | |
function | createTransaction virtual | Creates a new STUN transaction, registers the progress callback, and adds it to the active transaction list. |
function | authenticateRequest virtual | Adds STUN long-term credential attributes (Username, Realm, Nonce, MessageIntegrity) to request if the realm has been received from the server. |
function | sendAuthenticatedTransaction virtual | Calls authenticateRequest() then sends the transaction. |
function | removeTransaction virtual | Removes a transaction from the active list. The IntrusivePtr keeps the object alive until the caller's copy is released. |
function | mappedAddress const nodiscard | |
function | relayedAddress virtual const nodiscard override | |
function | closed const nodiscard | |
function | observer | |
function | options const nodiscard | |
function | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | removePermission virtual | Removes the permission for ip if present. |
function | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
variable | _observer | |
variable | _options | |
variable | _socket | |
variable | _timer | |
variable | _error | |
variable | _mappedAddress | |
variable | _relayedAddress | |
variable | _realm | |
variable | _nonce | |
variable | _pendingIndications | A list of queued Send indication packets awaiting server permissions. |
variable | _transactions | A list containing currently active transactions. |
function | setError virtual | Sets the error field and transitions the client to the Failed state. |
function | onSocketConnect virtual | Socket connect callback; starts the timer and sends the first Allocate request. |
function | onSocketRecv virtual | Socket receive callback; parses STUN messages from the buffer and dispatches them. |
function | onSocketClose virtual | Socket close callback; shuts down the client and records the socket error. |
function | onTransactionProgress virtual | STUN transaction state-change callback; handles Success and Failed outcomes. |
function | onStateChange override | Forwards state-change events to the observer. |
function | onTimer virtual | Periodic timer callback; re-allocates on expiry or refreshes when lifetime is below one-third remaining. Also calls ClientObserver::onTimer(). |
Inherited from Stateful
| Kind | Name | Description |
|---|---|---|
variable | StateChange | Signals when the state changes. |
variable | _state | |
function | Stateful inline | |
function | ~Stateful virtual inline | |
function | stateEquals virtual const inline | Returns true if the current state ID equals the given ID. |
function | stateBetween virtual const inline | Returns true if the current state ID is in the inclusive range [lid, rid]. |
function | state virtual inline | Returns a mutable reference to the current state. |
function | state virtual const inline | Returns a copy of the current state. |
function | beforeStateChange virtual inline | Override to handle pre state change logic. Return false to prevent state change. |
function | onStateChange virtual inline | Override to handle post state change logic. |
function | setState virtual inline | Sets the state and sends the state signal if the state change was successful. |
function | setState virtual inline | Sets the state and sends the state signal if the state change was successful. |
Inherited from IAllocation
| Kind | Name | Description |
|---|---|---|
friend | operator<< inline | |
function | IAllocation | |
function | IAllocation | Deleted constructor. |
function | IAllocation | Deleted constructor. |
function | updateUsage virtual | Updates the last-activity timestamp and accumulates bandwidth usage. Call this whenever data is relayed through the allocation. |
function | setLifetime virtual | Sets the allocation lifetime in seconds and resets the activity timestamp, effectively extending the expiry from the current moment. |
function | setBandwidthLimit virtual | Sets the maximum number of bytes this allocation may relay in its lifetime. Pass 0 to disable bandwidth limiting. |
function | expired virtual const nodiscard | |
function | deleted virtual const nodiscard | Returns true if the allocation's deleted flag is set and or if the allocation has expired. |
function | bandwidthLimit virtual const nodiscard | |
function | bandwidthUsed virtual const nodiscard | |
function | bandwidthRemaining virtual const nodiscard | |
function | timeRemaining virtual const nodiscard | |
function | tuple virtual | |
function | username virtual const nodiscard | |
function | lifetime virtual const nodiscard | |
function | permissions virtual const nodiscard | |
function | relayedAddress virtual const nodiscard | |
function | addPermission virtual | Adds a permission for ip, or refreshes the existing one. |
function | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
function | addPermissions virtual | Adds (or refreshes) permissions for multiple IPs. |
function | removePermission virtual | Removes the permission for ip if present. |
function | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
function | removeAllPermissions virtual | Removes all permissions from the list. |
function | removeExpiredPermissions virtual | Removes any permissions whose 5-minute lifetime has elapsed. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | print virtual const inline | |
variable | _tuple | |
variable | _username | |
variable | _permissions | |
variable | _lifetime | |
variable | _bandwidthLimit | |
variable | _bandwidthUsed | |
variable | _createdAt | |
variable | _updatedAt | |
variable | _deleted |
Public Methods
| Return | Name | Description |
|---|---|---|
TCPClient | ||
void | start virtual override | Connects the socket to the TURN server and starts the allocation sequence. Permissions must be added via addPermission() before calling this. |
void | stop virtual override | Stops the control connection, cancels all relay connections, and calls the base class stop(). |
void | sendConnectRequest virtual | Sends a Connect request to the server asking it to open a TCP connection to peerAddress on the client's behalf (RFC 6062 section 4.3). |
void | sendData virtual override | Sends raw data to peerAddress over the established relay connection. The peer must have an active permission and a bound relay connection. |
bool | handleResponse virtual override | Extends the base handler with Connect, ConnectionBind, and ConnectionAttempt responses. |
void | handleConnectResponse virtual | Processes a successful Connect response; extracts the connection ID and calls createAndBindConnection(). |
void | handleConnectErrorResponse virtual | Processes a Connect error response; notifies the observer that binding failed. |
void | handleConnectionBindResponse virtual | Processes a successful ConnectionBind response; arms the relay socket for data transfer and notifies the observer. |
void | handleConnectionBindErrorResponse virtual | Processes a ConnectionBind error response; frees the failed connection. |
void | handleConnectionAttemptIndication virtual | Processes a ConnectionAttempt indication from the server; optionally accepts the incoming peer connection by calling createAndBindConnection(). |
bool | createAndBindConnection virtual | Opens a new TCP relay socket to the TURN server and sends a ConnectionBind request carrying connectionID. |
bool | onRelayConnectionConnect virtual | Relay socket connect callback; sends the ConnectionBind request. |
bool | onRelayDataReceived virtual | Relay socket receive callback; forwards data to the observer. |
bool | onRelayConnectionError virtual | Relay socket error callback; notifies the observer of the error. |
bool | onRelayConnectionClosed virtual | Relay socket close callback; notifies the observer and frees the connection. |
void | freeConnection | Removes the relay connection for peerAddress, unregisters its callbacks, and deletes the associated RelayConnectionBinding. |
int | transportProtocol virtual override | |
ConnectionManager & | connections | |
const char * | className virtual const inline |
{#tcpclient-1}
TCPClient
TCPClient(TCPClientObserver & observer, const Client::Options & options = Client::Options())
Defined in src/turn/include/icy/turn/client/tcpclient.h:92
Parameters
-
observerObserver for TCP-specific relay events. -
optionsClient configuration; defaults to loopback server, 5-min lifetime.
{#start-15}
start
virtual override
virtual void start() override
Defined in src/turn/include/icy/turn/client/tcpclient.h:96
Connects the socket to the TURN server and starts the allocation sequence. Permissions must be added via addPermission() before calling this.
Reimplements
{#stop-12}
stop
virtual override
virtual void stop() override
Defined in src/turn/include/icy/turn/client/tcpclient.h:100
Stops the control connection, cancels all relay connections, and calls the base class stop().
Reimplements
{#sendconnectrequest}
sendConnectRequest
virtual
virtual void sendConnectRequest(const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:105
Sends a Connect request to the server asking it to open a TCP connection to peerAddress on the client's behalf (RFC 6062 section 4.3).
Parameters
peerAddressTarget peer address.
{#senddata-1}
sendData
virtual override
virtual void sendData(const char * data, size_t size, const net::Address & peerAddress) override
Defined in src/turn/include/icy/turn/client/tcpclient.h:112
Sends raw data to peerAddress over the established relay connection. The peer must have an active permission and a bound relay connection.
Parameters
-
dataPayload bytes. -
sizeNumber of bytes to send. -
peerAddressDestination peer (must have an entry in connections()).
Reimplements
{#handleresponse-1}
handleResponse
virtual override
virtual bool handleResponse(const stun::Message & response) override
Defined in src/turn/include/icy/turn/client/tcpclient.h:118
Extends the base handler with Connect, ConnectionBind, and ConnectionAttempt responses.
Parameters
responseIncoming STUN response.
Returns
true if the message was handled.
Reimplements
{#handleconnectresponse}
handleConnectResponse
virtual
virtual void handleConnectResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/tcpclient.h:123
Processes a successful Connect response; extracts the connection ID and calls createAndBindConnection().
Parameters
responseConnect success response.
{#handleconnecterrorresponse}
handleConnectErrorResponse
virtual
virtual void handleConnectErrorResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/tcpclient.h:127
Processes a Connect error response; notifies the observer that binding failed.
Parameters
responseConnect error response.
{#handleconnectionbindresponse}
handleConnectionBindResponse
virtual
virtual void handleConnectionBindResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/tcpclient.h:132
Processes a successful ConnectionBind response; arms the relay socket for data transfer and notifies the observer.
Parameters
responseConnectionBind success response.
{#handleconnectionbinderrorresponse}
handleConnectionBindErrorResponse
virtual
virtual void handleConnectionBindErrorResponse(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/tcpclient.h:136
Processes a ConnectionBind error response; frees the failed connection.
Parameters
responseConnectionBind error response.
{#handleconnectionattemptindication}
handleConnectionAttemptIndication
virtual
virtual void handleConnectionAttemptIndication(const stun::Message & response)
Defined in src/turn/include/icy/turn/client/tcpclient.h:141
Processes a ConnectionAttempt indication from the server; optionally accepts the incoming peer connection by calling createAndBindConnection().
Parameters
responseConnectionAttempt indication message.
{#createandbindconnection}
createAndBindConnection
virtual
virtual bool createAndBindConnection(uint32_t connectionID, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:148
Opens a new TCP relay socket to the TURN server and sends a ConnectionBind request carrying connectionID.
Parameters
-
connectionIDTURN CONNECTION-ID from the server. -
peerAddressPeer associated with this connection.
Returns
true on success.
{#onrelayconnectionconnect}
onRelayConnectionConnect
virtual
virtual bool onRelayConnectionConnect(net::Socket & socket)
Defined in src/turn/include/icy/turn/client/tcpclient.h:152
Relay socket connect callback; sends the ConnectionBind request.
Parameters
socketThe relay socket that just connected.
{#onrelaydatareceived-1}
onRelayDataReceived
virtual
virtual bool onRelayDataReceived(net::Socket & socket, const MutableBuffer & buffer, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:158
Relay socket receive callback; forwards data to the observer.
Parameters
-
socketThe receiving relay socket. -
bufferReceived data. -
peerAddressSource address (populated by the socket layer).
{#onrelayconnectionerror}
onRelayConnectionError
virtual
virtual bool onRelayConnectionError(net::Socket & socket, const Error & error)
Defined in src/turn/include/icy/turn/client/tcpclient.h:163
Relay socket error callback; notifies the observer of the error.
Parameters
-
socketThe affected relay socket. -
errorError descriptor.
{#onrelayconnectionclosed}
onRelayConnectionClosed
virtual
virtual bool onRelayConnectionClosed(net::Socket & socket)
Defined in src/turn/include/icy/turn/client/tcpclient.h:167
Relay socket close callback; notifies the observer and frees the connection.
Parameters
socketThe closed relay socket.
{#freeconnection}
freeConnection
void freeConnection(const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:172
Removes the relay connection for peerAddress, unregisters its callbacks, and deletes the associated RelayConnectionBinding.
Parameters
peerAddressPeer whose connection to release.
{#transportprotocol-1}
transportProtocol
virtual override
virtual int transportProtocol() override
Defined in src/turn/include/icy/turn/client/tcpclient.h:175
Returns
kProtocolTCP (6).
Reimplements
{#connections}
connections
ConnectionManager & connections()
Defined in src/turn/include/icy/turn/client/tcpclient.h:178
Returns
Reference to the map of active relay connections keyed by peer address.
{#classname-6}
className
virtual const inline
virtual inline const char * className() const
Defined in src/turn/include/icy/turn/client/tcpclient.h:180
Protected Attributes
| Return | Name | Description |
|---|---|---|
TCPClientObserver & | _observer | |
ConnectionManager | _connections |
{#_observer-3}
_observer
TCPClientObserver & _observer
Defined in src/turn/include/icy/turn/client/tcpclient.h:183
{#_connections-2}
_connections
ConnectionManager _connections
Defined in src/turn/include/icy/turn/client/tcpclient.h:184
{#tcpconnectionpair}
TCPConnectionPair
#include <icy/turn/server/tcpconnectionpair.h>
class TCPConnectionPair
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:35
Inherits:
RefCounted< TCPConnectionPair >
Paired TCP connections forming a single TURN relay pipe between a client and a peer. Lifetime managed by IntrusivePtr; the owning TCPAllocation holds the Ptr in its pair map.
List of all members
| Name | Kind | Owner |
|---|---|---|
allocation | variable | Declared here |
client | variable | Declared here |
peer | variable | Declared here |
earlyPeerData | variable | Declared here |
connectionID | variable | Declared here |
isDataConnection | variable | Declared here |
pendingDelete | variable | Declared here |
timeout | variable | Declared here |
transactionID | variable | Declared here |
TCPConnectionPair | function | Declared here |
doPeerConnect | function | Declared here |
makeDataConnection | function | Declared here |
setPeerSocket | function | Declared here |
setClientSocket | function | Declared here |
onPeerConnectSuccess | function | Declared here |
onPeerConnectError | function | Declared here |
onClientDataReceived | function | Declared here |
onPeerDataReceived | function | Declared here |
onConnectionClosed | function | Declared here |
startTimeout | function | Declared here |
requestDeletion | function | Declared here |
expired | function | Declared here |
Ptr | typedef | Declared here |
TCPConnectionPair | function | Declared here |
TCPConnectionPair | function | Declared here |
_refCount | variable | Inherited from RefCounted |
RefCounted | function | Inherited from RefCounted |
RefCounted | function | Inherited from RefCounted |
operator= | function | Inherited from RefCounted |
addRef | function | Inherited from RefCounted |
releaseRef | function | Inherited from RefCounted |
refCount | function | Inherited from RefCounted |
~RefCounted | function | Inherited from RefCounted |
Inherited from RefCounted
| Kind | Name | Description |
|---|---|---|
variable | _refCount | |
function | RefCounted | Defaulted constructor. |
function | RefCounted inline noexcept | |
function | operator= inline noexcept | |
function | addRef const inline noexcept | Increments the reference count. Called by IntrusivePtr on acquisition. |
function | releaseRef const inline noexcept | Decrements the reference count. |
function | refCount const inline nodiscard noexcept | Returns the current reference count. |
function | ~RefCounted | Defaulted destructor. |
Public Attributes
| Return | Name | Description |
|---|---|---|
TCPAllocation & | allocation | |
net::SocketEmitter | client | |
net::SocketEmitter | peer | |
Buffer | earlyPeerData | |
uint32_t | connectionID | |
bool | isDataConnection | |
bool | pendingDelete | |
Timeout | timeout | |
stun::TransactionID | transactionID |
{#allocation}
allocation
TCPAllocation & allocation
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:67
{#client-4}
client
net::SocketEmitter client
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:69
{#peer}
peer
net::SocketEmitter peer
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:70
{#earlypeerdata}
earlyPeerData
Buffer earlyPeerData
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:72
{#connectionid-1}
connectionID
uint32_t connectionID
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:73
{#isdataconnection}
isDataConnection
bool isDataConnection
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:74
{#pendingdelete}
pendingDelete
bool pendingDelete = false
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:75
{#timeout-3}
timeout
Timeout timeout
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:76
{#transactionid}
transactionID
stun::TransactionID transactionID
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:77
Public Methods
| Return | Name | Description |
|---|---|---|
TCPConnectionPair | Constructs a pair with a randomly assigned connection ID. The caller must add the pair to the allocation's pair map. | |
bool | doPeerConnect | |
bool | makeDataConnection | |
void | setPeerSocket | |
void | setClientSocket | |
bool | onPeerConnectSuccess | |
bool | onPeerConnectError | |
bool | onClientDataReceived | |
bool | onPeerDataReceived | |
bool | onConnectionClosed | |
void | startTimeout | |
void | requestDeletion | |
bool | expired const nodiscard |
{#tcpconnectionpair-1}
TCPConnectionPair
TCPConnectionPair(TCPAllocation & allocation)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:43
Constructs a pair with a randomly assigned connection ID. The caller must add the pair to the allocation's pair map.
Parameters
allocationThe TCPAllocation that owns this pair.
{#dopeerconnect}
doPeerConnect
bool doPeerConnect(const net::Address & peerAddr)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:46
{#makedataconnection}
makeDataConnection
bool makeDataConnection()
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:47
{#setpeersocket}
setPeerSocket
void setPeerSocket(const net::TCPSocket::Ptr & socket)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:49
{#setclientsocket}
setClientSocket
void setClientSocket(const net::TCPSocket::Ptr & socket)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:50
{#onpeerconnectsuccess}
onPeerConnectSuccess
bool onPeerConnectSuccess(net::Socket & socket)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:52
{#onpeerconnecterror}
onPeerConnectError
bool onPeerConnectError(net::Socket & socket, const Error & error)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:53
{#onclientdatareceived}
onClientDataReceived
bool onClientDataReceived(net::Socket & socket, const MutableBuffer & buffer, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:55
{#onpeerdatareceived}
onPeerDataReceived
bool onPeerDataReceived(net::Socket & socket, const MutableBuffer & buffer, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:57
{#onconnectionclosed}
onConnectionClosed
bool onConnectionClosed(net::Socket & socket)
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:60
{#starttimeout}
startTimeout
void startTimeout()
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:62
{#requestdeletion}
requestDeletion
void requestDeletion()
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:63
{#expired-1}
expired
const nodiscard
[[nodiscard]] bool expired() const
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:65
Public Types
| Name | Description |
|---|---|
Ptr |
{#ptr-15}
Ptr
using Ptr = IntrusivePtr< TCPConnectionPair >
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:38
Private Methods
| Return | Name | Description |
|---|---|---|
TCPConnectionPair | Deleted constructor. | |
TCPConnectionPair | Deleted constructor. |
{#tcpconnectionpair-2}
TCPConnectionPair
TCPConnectionPair(const TCPConnectionPair &) = delete
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:80
Deleted constructor.
{#tcpconnectionpair-3}
TCPConnectionPair
TCPConnectionPair(TCPConnectionPair &&) = delete
Defined in src/turn/include/icy/turn/server/tcpconnectionpair.h:82
Deleted constructor.
{#udpallocation}
UDPAllocation
#include <icy/turn/server/udpallocation.h>
class UDPAllocation
Defined in src/turn/include/icy/turn/server/udpallocation.h:31
Inherits:
ServerAllocation
Server-side UDP TURN allocation that relays datagrams to permitted peers. Binds a dedicated UDP relay socket for peer communication and forwards incoming datagrams to the client as Data Indications.
List of all members
Inherited from ServerAllocation
| Kind | Name | Description |
|---|---|---|
friend | Server | |
function | ServerAllocation | |
function | handleRequest virtual | Dispatches incoming STUN requests to handleCreatePermission() or handleRefreshRequest(). Subclasses override to add transport-specific methods. |
function | handleRefreshRequest virtual | Processes a Refresh request; updates the lifetime or sets the delete flag if the requested lifetime is 0, then sends a success response. |
function | handleCreatePermission virtual | Processes a CreatePermission request; installs or refreshes permissions for each XOR-PEER-ADDRESS attribute, then sends a success response. |
function | onTimer nodiscard | Periodic maintenance callback called by Server::onTimer(). Removes expired permissions. Returns false to signal that this allocation should be destroyed. |
function | timeRemaining virtual const nodiscard override | |
function | maxTimeRemaining const nodiscard | |
function | hasPermission virtual nodiscard override | Checks permission, auto-granting local IPs if enabled in server options. |
function | hasPermission virtual nodiscard override | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | server virtual | |
function | print virtual const override | Writes a detailed diagnostic dump of this allocation to os. |
function | refreshDeleteRequested const inline nodiscard | Returns true if the refresh request set lifetime to 0, signaling the parent Server to delete this allocation. |
variable | _maxLifetime | |
variable | _server | |
variable | _permissionPolicy | |
variable | _refreshDeleteRequested | |
function | ServerAllocation | NonCopyable and NonMovable. |
function | ServerAllocation | Deleted constructor. |
Inherited from IAllocation
| Kind | Name | Description |
|---|---|---|
friend | operator<< inline | |
function | IAllocation | |
function | IAllocation | Deleted constructor. |
function | IAllocation | Deleted constructor. |
function | updateUsage virtual | Updates the last-activity timestamp and accumulates bandwidth usage. Call this whenever data is relayed through the allocation. |
function | setLifetime virtual | Sets the allocation lifetime in seconds and resets the activity timestamp, effectively extending the expiry from the current moment. |
function | setBandwidthLimit virtual | Sets the maximum number of bytes this allocation may relay in its lifetime. Pass 0 to disable bandwidth limiting. |
function | expired virtual const nodiscard | |
function | deleted virtual const nodiscard | Returns true if the allocation's deleted flag is set and or if the allocation has expired. |
function | bandwidthLimit virtual const nodiscard | |
function | bandwidthUsed virtual const nodiscard | |
function | bandwidthRemaining virtual const nodiscard | |
function | timeRemaining virtual const nodiscard | |
function | tuple virtual | |
function | username virtual const nodiscard | |
function | lifetime virtual const nodiscard | |
function | permissions virtual const nodiscard | |
function | relayedAddress virtual const nodiscard | |
function | addPermission virtual | Adds a permission for ip, or refreshes the existing one. |
function | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
function | addPermissions virtual | Adds (or refreshes) permissions for multiple IPs. |
function | removePermission virtual | Removes the permission for ip if present. |
function | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
function | removeAllPermissions virtual | Removes all permissions from the list. |
function | removeExpiredPermissions virtual | Removes any permissions whose 5-minute lifetime has elapsed. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | print virtual const inline | |
variable | _tuple | |
variable | _username | |
variable | _permissions | |
variable | _lifetime | |
variable | _bandwidthLimit | |
variable | _bandwidthUsed | |
variable | _createdAt | |
variable | _updatedAt | |
variable | _deleted |
Public Methods
| Return | Name | Description |
|---|---|---|
UDPAllocation | Binds the relay UDP socket and registers the peer receive callback. | |
bool | onPeerDataReceived | Receive callback for the relay UDP socket; validates permissions, updates bandwidth usage, and forwards data to the client as a Data Indication. |
bool | handleRequest virtual | Extends the base handler with Send Indication support. |
void | handleSendIndication | Handles a Send Indication from the client; validates permissions and relays the DATA attribute payload to the peer via the relay socket. Silently discards on permission or attribute errors. |
ssize_t | send | Sends raw data to peerAddress via the relay UDP socket. Updates bandwidth usage and returns -1 if the allocation is expired. |
net::Address | relayedAddress virtual const nodiscard |
{#udpallocation-1}
UDPAllocation
UDPAllocation(Server & server, const FiveTuple & tuple, const std::string & username, const uint32_t & lifetime)
Defined in src/turn/include/icy/turn/server/udpallocation.h:39
Binds the relay UDP socket and registers the peer receive callback.
Parameters
-
serverOwning TURN server. -
tuple5-tuple identifying this allocation. -
usernameAuthenticated username from the Allocate request. -
lifetimeInitial lifetime in seconds.
{#onpeerdatareceived-1}
onPeerDataReceived
bool onPeerDataReceived(net::Socket & socket, const MutableBuffer & buffer, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/server/udpallocation.h:48
Receive callback for the relay UDP socket; validates permissions, updates bandwidth usage, and forwards data to the client as a Data Indication.
Parameters
-
socketThe relay socket. -
bufferReceived datagram. -
peerAddressSource address of the peer datagram.
{#handlerequest-3}
handleRequest
virtual
virtual bool handleRequest(Request & request)
Defined in src/turn/include/icy/turn/server/udpallocation.h:54
Extends the base handler with Send Indication support.
Parameters
requestIncoming STUN request or indication.
Returns
true if handled.
Reimplements
{#handlesendindication}
handleSendIndication
void handleSendIndication(Request & request)
Defined in src/turn/include/icy/turn/server/udpallocation.h:60
Handles a Send Indication from the client; validates permissions and relays the DATA attribute payload to the peer via the relay socket. Silently discards on permission or attribute errors.
Parameters
requestIncoming Send Indication.
{#send-16}
send
ssize_t send(const char * data, size_t size, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/server/udpallocation.h:68
Sends raw data to peerAddress via the relay UDP socket. Updates bandwidth usage and returns -1 if the allocation is expired.
Parameters
-
dataPayload bytes to relay. -
sizeNumber of bytes. -
peerAddressDestination peer address.
Returns
Number of bytes sent, or -1 if the quota is exhausted.
{#relayedaddress-3}
relayedAddress
virtual const nodiscard
[[nodiscard]] virtual net::Address relayedAddress() const
Defined in src/turn/include/icy/turn/server/udpallocation.h:72
Returns
The bound address of the relay UDP socket.
Reimplements
Private Attributes
| Return | Name | Description |
|---|---|---|
net::SocketEmitter | _relaySocket |
{#_relaysocket}
_relaySocket
net::SocketEmitter _relaySocket
Defined in src/turn/include/icy/turn/server/udpallocation.h:75
{#udpclient}
UDPClient
#include <icy/turn/client/udpclient.h>
class UDPClient
Defined in src/turn/include/icy/turn/client/udpclient.h:31
Inherits:
Client
UDP transport TURN client for datagram-based relay allocations. Uses a single UDP socket for both STUN signalling and Send/Data Indications. All Client methods apply; data is relayed via sendData() using Send Indications.
List of all members
| Name | Kind | Owner |
|---|---|---|
UDPClient | function | Declared here |
Client | function | Inherited from Client |
start | function | Inherited from Client |
stop | function | Inherited from Client |
sendAllocate | function | Inherited from Client |
addPermission | function | Inherited from Client |
addPermission | function | Inherited from Client |
sendCreatePermission | function | Inherited from Client |
sendChannelBind | function | Inherited from Client |
sendRefresh | function | Inherited from Client |
sendData | function | Inherited from Client |
handleResponse | function | Inherited from Client |
handleAllocateResponse | function | Inherited from Client |
handleAllocateErrorResponse | function | Inherited from Client |
handleCreatePermissionResponse | function | Inherited from Client |
handleCreatePermissionErrorResponse | function | Inherited from Client |
handleRefreshResponse | function | Inherited from Client |
handleDataIndication | function | Inherited from Client |
transportProtocol | function | Inherited from Client |
createTransaction | function | Inherited from Client |
authenticateRequest | function | Inherited from Client |
sendAuthenticatedTransaction | function | Inherited from Client |
removeTransaction | function | Inherited from Client |
mappedAddress | function | Inherited from Client |
relayedAddress | function | Inherited from Client |
closed | function | Inherited from Client |
observer | function | Inherited from Client |
options | function | Inherited from Client |
addPermission | function | Inherited from Client |
hasPermission | function | Inherited from Client |
hasPermission | function | Inherited from Client |
removePermission | function | Inherited from Client |
removePermission | function | Inherited from Client |
_observer | variable | Inherited from Client |
_options | variable | Inherited from Client |
_socket | variable | Inherited from Client |
_timer | variable | Inherited from Client |
_error | variable | Inherited from Client |
_mappedAddress | variable | Inherited from Client |
_relayedAddress | variable | Inherited from Client |
_realm | variable | Inherited from Client |
_nonce | variable | Inherited from Client |
_pendingIndications | variable | Inherited from Client |
_transactions | variable | Inherited from Client |
setError | function | Inherited from Client |
onSocketConnect | function | Inherited from Client |
onSocketRecv | function | Inherited from Client |
onSocketClose | function | Inherited from Client |
onTransactionProgress | function | Inherited from Client |
onStateChange | function | Inherited from Client |
onTimer | function | Inherited from Client |
StateChange | variable | Inherited from Stateful |
_state | variable | Inherited from Stateful |
Stateful | function | Inherited from Stateful |
~Stateful | function | Inherited from Stateful |
stateEquals | function | Inherited from Stateful |
stateBetween | function | Inherited from Stateful |
state | function | Inherited from Stateful |
state | function | Inherited from Stateful |
beforeStateChange | function | Inherited from Stateful |
onStateChange | function | Inherited from Stateful |
setState | function | Inherited from Stateful |
setState | function | Inherited from Stateful |
operator<< | friend | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
IAllocation | function | Inherited from IAllocation |
updateUsage | function | Inherited from IAllocation |
setLifetime | function | Inherited from IAllocation |
setBandwidthLimit | function | Inherited from IAllocation |
expired | function | Inherited from IAllocation |
deleted | function | Inherited from IAllocation |
bandwidthLimit | function | Inherited from IAllocation |
bandwidthUsed | function | Inherited from IAllocation |
bandwidthRemaining | function | Inherited from IAllocation |
timeRemaining | function | Inherited from IAllocation |
tuple | function | Inherited from IAllocation |
username | function | Inherited from IAllocation |
lifetime | function | Inherited from IAllocation |
permissions | function | Inherited from IAllocation |
relayedAddress | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermission | function | Inherited from IAllocation |
addPermissions | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removePermission | function | Inherited from IAllocation |
removeAllPermissions | function | Inherited from IAllocation |
removeExpiredPermissions | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
hasPermission | function | Inherited from IAllocation |
print | function | Inherited from IAllocation |
_tuple | variable | Inherited from IAllocation |
_username | variable | Inherited from IAllocation |
_permissions | variable | Inherited from IAllocation |
_lifetime | variable | Inherited from IAllocation |
_bandwidthLimit | variable | Inherited from IAllocation |
_bandwidthUsed | variable | Inherited from IAllocation |
_createdAt | variable | Inherited from IAllocation |
_updatedAt | variable | Inherited from IAllocation |
_deleted | variable | Inherited from IAllocation |
Inherited from Client
| Kind | Name | Description |
|---|---|---|
function | Client | |
function | start virtual | Connects the socket to the TURN server and starts the allocation sequence. Permissions must be added via addPermission() before calling this. |
function | stop virtual | Stops the timer, cancels pending transactions, and closes the socket. |
function | sendAllocate virtual | Sends an Allocate request to the server with the configured transport and lifetime. On first call the server will typically respond with a 401 challenge; the client re-sends with credentials automatically. |
function | addPermission virtual | Adds multiple peer IP addresses to the permission list. |
function | addPermission virtual override | Adds a single peer IP to the permission list, or refreshes it if already present. Permissions should be added before start(); they may also be added later, in which case a new CreatePermission request is required. |
function | sendCreatePermission virtual | Sends a CreatePermission request for all IPs currently in the permission list. Called automatically after allocation succeeds and periodically by the timer to refresh expiring permissions. |
function | sendChannelBind virtual | Channel bindings (RFC 5766 Section 11) are intentionally not implemented. They are a bandwidth optimization that replaces STUN-framed Send/Data indications with a compact 4-byte ChannelData header. This only benefits high-throughput media relay scenarios; in practice, media flows directly via ICE/DTLS rather than through this TURN client's data path, so the optimization is not worth the complexity (channel number allocation, 10-minute binding refresh timers, ChannelData wire framing). Data relay uses sendData() with Send Indications instead. |
function | sendRefresh virtual | Sends a Refresh request to extend the allocation lifetime. Called automatically by the timer when roughly one-third of the lifetime remains. |
function | sendData virtual | Sends a Send Indication to relay data to peerAddress through the TURN server. If permissions are still being negotiated the indication is queued and flushed once CreatePermission succeeds. |
function | handleResponse virtual | Dispatches an incoming STUN/TURN response to the appropriate handler. |
function | handleAllocateResponse virtual | Processes a successful Allocate response; extracts mapped/relayed addresses and advances the state to Authorizing, then sends CreatePermission. |
function | handleAllocateErrorResponse virtual | Handles an Allocate error response; manages the 401 challenge/re-send flow and sets the client to Failed for unrecoverable errors. |
function | handleCreatePermissionResponse virtual | Handles a successful CreatePermission response; flushes queued Send Indications and advances state to Success. |
function | handleCreatePermissionErrorResponse virtual | Handles a failed CreatePermission response; clears all permissions and sets the client to Failed. |
function | handleRefreshResponse virtual | Handles a Refresh response; updates the stored lifetime. |
function | handleDataIndication virtual | Handles an incoming Data Indication; extracts peer address and data and forwards to ClientObserver::onRelayDataReceived(). |
function | transportProtocol virtual | |
function | createTransaction virtual | Creates a new STUN transaction, registers the progress callback, and adds it to the active transaction list. |
function | authenticateRequest virtual | Adds STUN long-term credential attributes (Username, Realm, Nonce, MessageIntegrity) to request if the realm has been received from the server. |
function | sendAuthenticatedTransaction virtual | Calls authenticateRequest() then sends the transaction. |
function | removeTransaction virtual | Removes a transaction from the active list. The IntrusivePtr keeps the object alive until the caller's copy is released. |
function | mappedAddress const nodiscard | |
function | relayedAddress virtual const nodiscard override | |
function | closed const nodiscard | |
function | observer | |
function | options const nodiscard | |
function | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | removePermission virtual | Removes the permission for ip if present. |
function | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
variable | _observer | |
variable | _options | |
variable | _socket | |
variable | _timer | |
variable | _error | |
variable | _mappedAddress | |
variable | _relayedAddress | |
variable | _realm | |
variable | _nonce | |
variable | _pendingIndications | A list of queued Send indication packets awaiting server permissions. |
variable | _transactions | A list containing currently active transactions. |
function | setError virtual | Sets the error field and transitions the client to the Failed state. |
function | onSocketConnect virtual | Socket connect callback; starts the timer and sends the first Allocate request. |
function | onSocketRecv virtual | Socket receive callback; parses STUN messages from the buffer and dispatches them. |
function | onSocketClose virtual | Socket close callback; shuts down the client and records the socket error. |
function | onTransactionProgress virtual | STUN transaction state-change callback; handles Success and Failed outcomes. |
function | onStateChange override | Forwards state-change events to the observer. |
function | onTimer virtual | Periodic timer callback; re-allocates on expiry or refreshes when lifetime is below one-third remaining. Also calls ClientObserver::onTimer(). |
Inherited from Stateful
| Kind | Name | Description |
|---|---|---|
variable | StateChange | Signals when the state changes. |
variable | _state | |
function | Stateful inline | |
function | ~Stateful virtual inline | |
function | stateEquals virtual const inline | Returns true if the current state ID equals the given ID. |
function | stateBetween virtual const inline | Returns true if the current state ID is in the inclusive range [lid, rid]. |
function | state virtual inline | Returns a mutable reference to the current state. |
function | state virtual const inline | Returns a copy of the current state. |
function | beforeStateChange virtual inline | Override to handle pre state change logic. Return false to prevent state change. |
function | onStateChange virtual inline | Override to handle post state change logic. |
function | setState virtual inline | Sets the state and sends the state signal if the state change was successful. |
function | setState virtual inline | Sets the state and sends the state signal if the state change was successful. |
Inherited from IAllocation
| Kind | Name | Description |
|---|---|---|
friend | operator<< inline | |
function | IAllocation | |
function | IAllocation | Deleted constructor. |
function | IAllocation | Deleted constructor. |
function | updateUsage virtual | Updates the last-activity timestamp and accumulates bandwidth usage. Call this whenever data is relayed through the allocation. |
function | setLifetime virtual | Sets the allocation lifetime in seconds and resets the activity timestamp, effectively extending the expiry from the current moment. |
function | setBandwidthLimit virtual | Sets the maximum number of bytes this allocation may relay in its lifetime. Pass 0 to disable bandwidth limiting. |
function | expired virtual const nodiscard | |
function | deleted virtual const nodiscard | Returns true if the allocation's deleted flag is set and or if the allocation has expired. |
function | bandwidthLimit virtual const nodiscard | |
function | bandwidthUsed virtual const nodiscard | |
function | bandwidthRemaining virtual const nodiscard | |
function | timeRemaining virtual const nodiscard | |
function | tuple virtual | |
function | username virtual const nodiscard | |
function | lifetime virtual const nodiscard | |
function | permissions virtual const nodiscard | |
function | relayedAddress virtual const nodiscard | |
function | addPermission virtual | Adds a permission for ip, or refreshes the existing one. |
function | addPermission virtual | Adds a permission for address, or refreshes the existing one. The port is ignored; TURN permissions are IP-only. |
function | addPermissions virtual | Adds (or refreshes) permissions for multiple IPs. |
function | removePermission virtual | Removes the permission for ip if present. |
function | removePermission virtual | Removes the permission for address if present. The port is ignored; TURN permissions are IP-only. |
function | removeAllPermissions virtual | Removes all permissions from the list. |
function | removeExpiredPermissions virtual | Removes any permissions whose 5-minute lifetime has elapsed. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerIP. Local addresses (192.168.x.x and 127.x.x.x) are always permitted. |
function | hasPermission virtual nodiscard | Checks whether a permission exists for peerAddress. The port is ignored; TURN permissions are IP-only. |
function | print virtual const inline | |
variable | _tuple | |
variable | _username | |
variable | _permissions | |
variable | _lifetime | |
variable | _bandwidthLimit | |
variable | _bandwidthUsed | |
variable | _createdAt | |
variable | _updatedAt | |
variable | _deleted |
Public Methods
| Return | Name | Description |
|---|---|---|
UDPClient |
{#udpclient-1}
UDPClient
UDPClient(ClientObserver & observer, const Options & options = Options())
Defined in src/turn/include/icy/turn/client/udpclient.h:36
Parameters
-
observerObserver for allocation lifecycle and data relay events. -
optionsClient configuration; defaults to loopback server, 5-min lifetime.
{#clientobserver}
ClientObserver
#include <icy/turn/client/client.h>
struct ClientObserver
Defined in src/turn/include/icy/turn/client/client.h:69
Subclassed by:
TCPClientObserver
Abstract observer interface for TURN client events. Callers subclass this to receive allocation lifecycle and data relay callbacks.
List of all members
| Name | Kind | Owner |
|---|---|---|
onClientStateChange | function | Declared here |
onRelayDataReceived | function | Declared here |
onAllocationFailed | function | Declared here |
onAllocationDeleted | function | Declared here |
onAllocationPermissionsCreated | function | Declared here |
onTransactionResponse | function | Declared here |
onTimer | function | Declared here |
Public Methods
| Return | Name | Description |
|---|---|---|
void | onClientStateChange virtual | Called whenever the client's state machine transitions to a new state. |
void | onRelayDataReceived virtual | Called when relayed data is received from a peer via a Data Indication. |
void | onAllocationFailed virtual inline | Called when the server rejects an Allocate request with an error. |
void | onAllocationDeleted virtual inline | Called when the server confirms deletion of the allocation. |
void | onAllocationPermissionsCreated virtual inline | Called after a CreatePermission request succeeds. |
void | onTransactionResponse virtual inline | All received transaction responses will be routed here after local processing so the observer can easily implement extra functionality. |
void | onTimer virtual inline | Fires after the client's internal timer callback. Handy for performing extra async cleanup tasks. |
{#onclientstatechange}
onClientStateChange
virtual
virtual void onClientStateChange(Client & client, ClientState & state, const ClientState & oldState)
Defined in src/turn/include/icy/turn/client/client.h:75
Called whenever the client's state machine transitions to a new state.
Parameters
-
clientThe client that changed state. -
stateThe new state. -
oldStateThe previous state.
{#onrelaydatareceived}
onRelayDataReceived
virtual
virtual void onRelayDataReceived(Client & client, const char * data, size_t size, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/client.h:82
Called when relayed data is received from a peer via a Data Indication.
Parameters
-
clientThe owning client. -
dataPointer to the received payload bytes. -
sizeNumber of bytes indata. -
peerAddressSource address of the remote peer.
{#onallocationfailed}
onAllocationFailed
virtual inline
virtual inline void onAllocationFailed(Client & client, int errorCode, const std::string & reason)
Defined in src/turn/include/icy/turn/client/client.h:88
Called when the server rejects an Allocate request with an error.
Parameters
-
clientThe owning client. -
errorCodeSTUN error code (e.g. 401, 438). -
reasonHuman-readable error reason string.
{#onallocationdeleted}
onAllocationDeleted
virtual inline
virtual inline void onAllocationDeleted(Client & client, const stun::Transaction & transaction)
Defined in src/turn/include/icy/turn/client/client.h:93
Called when the server confirms deletion of the allocation.
Parameters
-
clientThe owning client. -
transactionThe completed Refresh transaction (lifetime == 0).
{#onallocationpermissionscreated}
onAllocationPermissionsCreated
virtual inline
virtual inline void onAllocationPermissionsCreated(Client & client, const PermissionList & permissions)
Defined in src/turn/include/icy/turn/client/client.h:98
Called after a CreatePermission request succeeds.
Parameters
-
clientThe owning client. -
permissionsThe full list of active permissions after this update.
{#ontransactionresponse}
onTransactionResponse
virtual inline
virtual inline void onTransactionResponse(Client & client, const stun::Transaction & transaction)
Defined in src/turn/include/icy/turn/client/client.h:104
All received transaction responses will be routed here after local processing so the observer can easily implement extra functionality.
Parameters
-
clientThe owning client. -
transactionThe completed transaction (request + response accessible).
{#ontimer-2}
onTimer
virtual inline
virtual inline void onTimer(Client & client)
Defined in src/turn/include/icy/turn/client/client.h:109
Fires after the client's internal timer callback. Handy for performing extra async cleanup tasks.
Parameters
clientThe owning client.
{#clientstate}
ClientState
#include <icy/turn/client/client.h>
struct ClientState
Defined in src/turn/include/icy/turn/client/client.h:30
Inherits:
State
State machine states for the TURN client.
List of all members
| Name | Kind | Owner |
|---|---|---|
toString | function | Declared here |
Type | enum | Declared here |
ID | typedef | Inherited from State |
_id | variable | Inherited from State |
State | function | Inherited from State |
State | function | Inherited from State |
operator= | function | Inherited from State |
~State | function | Inherited from State |
id | function | Inherited from State |
set | function | Inherited from State |
str | function | Inherited from State |
toString | function | Inherited from State |
equals | function | Inherited from State |
between | function | Inherited from State |
operator== | function | Inherited from State |
operator== | function | Inherited from State |
operator<< | friend | Inherited from State |
Inherited from State
| Kind | Name | Description |
|---|---|---|
typedef | ID | |
variable | _id | |
function | State | |
function | State | Copy constructor. |
function | operator= | Copy assignment. |
function | ~State virtual | Defaulted destructor. |
function | id const | Returns the current state ID. |
function | set | Sets the state ID. |
function | str virtual const | Returns a human-readable string for the given state ID. Override in derived classes to provide meaningful names. |
function | toString virtual const | Returns a human-readable string for the current state ID. |
function | equals const | Returns true if the current state ID equals the given ID. |
function | between const | Returns true if the current state ID is in the inclusive range [lid, rid]. |
function | operator== const inline | |
function | operator== const inline | |
friend | operator<< inline |
Public Methods
| Return | Name | Description |
|---|---|---|
std::string | toString virtual const inline |
{#tostring-6}
toString
virtual const inline
virtual inline std::string toString() const
Defined in src/turn/include/icy/turn/client/client.h:43
Returns
Human-readable name for the current state.
Reimplements
Public Types
| Name | Description |
|---|---|
Type |
{#type-13}
Type
enum Type
Defined in src/turn/include/icy/turn/client/client.h:32
| Value | Description |
|---|---|
None | |
Allocating | |
Authorizing | |
Success | |
Failed |
{#permission}
Permission
#include <icy/turn/permission.h>
struct Permission
Defined in src/turn/include/icy/turn/permission.h:37
A single TURN permission entry associating a peer IP with a 5-minute expiry timer. Per RFC 5766 section 8, permissions last exactly 300 seconds and must be refreshed via a new CreatePermission request before they expire.
List of all members
| Name | Kind | Owner |
|---|---|---|
ip | variable | Declared here |
key | variable | Declared here |
timeout | variable | Declared here |
Permission | function | Declared here |
Permission | function | Declared here |
refresh | function | Declared here |
operator== | function | Declared here |
matches | function | Declared here |
Public Attributes
| Return | Name | Description |
|---|---|---|
std::string | ip | IPv4 address string of the permitted peer. |
Key | key | Binary IP key for allocation hot-path comparisons. |
Timeout | timeout | Countdown timer; expires after PERMISSION_LIFETIME milliseconds. |
{#ip}
ip
std::string ip
Defined in src/turn/include/icy/turn/permission.h:100
IPv4 address string of the permitted peer.
{#key}
key
Key key
Defined in src/turn/include/icy/turn/permission.h:101
Binary IP key for allocation hot-path comparisons.
{#timeout-2}
timeout
Timeout timeout
Defined in src/turn/include/icy/turn/permission.h:102
Countdown timer; expires after PERMISSION_LIFETIME milliseconds.
Public Methods
| Return | Name | Description |
|---|---|---|
Permission inline | Constructs a permission for ip and immediately starts the expiry timer. | |
Permission inline | Constructs a permission from a binary socket address. | |
void | refresh inline | Resets the expiry timer, extending the permission lifetime by another 300 seconds. |
bool | operator== const inline | Equality comparison against an IP string. |
bool | matches const inline nodiscard | Binary IP comparison used on the TURN relay hot path. |
{#permission-1}
Permission
inline
inline Permission(const std::string & ip)
Defined in src/turn/include/icy/turn/permission.h:106
Constructs a permission for ip and immediately starts the expiry timer.
Parameters
ipIPv4 address string of the permitted peer.
{#permission-2}
Permission
inline
inline Permission(const net::Address & address)
Defined in src/turn/include/icy/turn/permission.h:116
Constructs a permission from a binary socket address.
Parameters
addressPeer IP address; port is ignored.
{#refresh}
refresh
inline
inline void refresh()
Defined in src/turn/include/icy/turn/permission.h:125
Resets the expiry timer, extending the permission lifetime by another 300 seconds.
{#operator-29}
operator==
const inline
inline bool operator==(std::string_view r) const
Defined in src/turn/include/icy/turn/permission.h:130
Equality comparison against an IP string.
Parameters
rIPv4 address string to compare against.
Returns
true if this permission's IP matches r.
{#matches}
matches
const inline nodiscard
[[nodiscard]] inline bool matches(const net::Address & address) const
Defined in src/turn/include/icy/turn/permission.h:133
Binary IP comparison used on the TURN relay hot path.
{#key-1}
Key
#include <icy/turn/permission.h>
struct Key
Defined in src/turn/include/icy/turn/permission.h:39
List of all members
| Name | Kind | Owner |
|---|---|---|
af | variable | Declared here |
bytes | variable | Declared here |
size | variable | Declared here |
valid | function | Declared here |
matches | function | Declared here |
matches | function | Declared here |
fromAddress | function | Declared here |
fromIP | function | Declared here |
Public Attributes
| Return | Name | Description |
|---|---|---|
int | af | |
std::array< uint8_t, 16 > | bytes | |
uint8_t | size |
{#af-1}
af
int af = AF_UNSPEC
Defined in src/turn/include/icy/turn/permission.h:41
{#bytes}
bytes
std::array< uint8_t, 16 > bytes {}
Defined in src/turn/include/icy/turn/permission.h:42
{#size-3}
size
uint8_t size = 0
Defined in src/turn/include/icy/turn/permission.h:43
Public Methods
| Return | Name | Description |
|---|---|---|
bool | valid const inline nodiscard | |
bool | matches const inline nodiscard | |
bool | matches const inline nodiscard |
{#valid-8}
valid
const inline nodiscard
[[nodiscard]] inline bool valid() const
Defined in src/turn/include/icy/turn/permission.h:45
{#matches-1}
matches
const inline nodiscard
[[nodiscard]] inline bool matches(const net::Address & address) const
Defined in src/turn/include/icy/turn/permission.h:81
{#matches-2}
matches
const inline nodiscard
[[nodiscard]] inline bool matches(const Key & other) const
Defined in src/turn/include/icy/turn/permission.h:90
Public Static Methods
| Return | Name | Description |
|---|---|---|
Key | fromAddress static inline | |
Key | fromIP static inline |
{#fromaddress}
fromAddress
static inline
static inline Key fromAddress(const net::Address & address)
Defined in src/turn/include/icy/turn/permission.h:50
{#fromip}
fromIP
static inline
static inline Key fromIP(const std::string & ip)
Defined in src/turn/include/icy/turn/permission.h:72
{#relayconnectionbinding}
RelayConnectionBinding
#include <icy/turn/client/tcpclient.h>
struct RelayConnectionBinding
Defined in src/turn/include/icy/turn/client/tcpclient.h:70
Binding metadata stored as socket opaque data during a ConnectionBind handshake. Associates a relay socket with its TURN connection ID and peer address.
List of all members
| Name | Kind | Owner |
|---|---|---|
connectionID | variable | Declared here |
peerAddress | variable | Declared here |
Public Attributes
| Return | Name | Description |
|---|---|---|
uint32_t | connectionID | TURN CONNECTION-ID attribute value from the server. |
net::Address | peerAddress | The peer address this binding targets. |
{#connectionid}
connectionID
uint32_t connectionID
Defined in src/turn/include/icy/turn/client/tcpclient.h:72
TURN CONNECTION-ID attribute value from the server.
{#peeraddress-5}
peerAddress
net::Address peerAddress
Defined in src/turn/include/icy/turn/client/tcpclient.h:73
The peer address this binding targets.
{#serverobserver}
ServerObserver
#include <icy/turn/server/server.h>
struct ServerObserver
Defined in src/turn/include/icy/turn/server/server.h:96
Observer interface that the application must implement to participate in server-side allocation management and authentication.
The observer is responsible for enforcing per-user allocation quotas and bandwidth limits. Implementations may perform authentication synchronously (returning Authorized/NotAuthorized immediately) or asynchronously (returning Authenticating and calling handleRequest() again later).
List of all members
| Name | Kind | Owner |
|---|---|---|
onServerAllocationCreated | function | Declared here |
onServerAllocationRemoved | function | Declared here |
authenticateRequest | function | Declared here |
Public Methods
| Return | Name | Description |
|---|---|---|
void | onServerAllocationCreated virtual | Called after a new allocation is successfully created. |
void | onServerAllocationRemoved virtual | Called just before an allocation is destroyed (expired, deleted, or server stopped). |
AuthenticationState | authenticateRequest virtual | Authenticates an incoming STUN request using the long-term credential mechanism (RFC 5389 section 10.2). Return Authorized to proceed, NotAuthorized to reject with a 401, QuotaReached to reject with a 486, or Authenticating to defer until the result is available asynchronously. |
{#onserverallocationcreated}
onServerAllocationCreated
virtual
virtual void onServerAllocationCreated(Server * server, IAllocation * alloc)
Defined in src/turn/include/icy/turn/server/server.h:101
Called after a new allocation is successfully created.
Parameters
-
serverThe server that owns the allocation. -
allocThe newly created allocation (lifetime managed by the server).
{#onserverallocationremoved}
onServerAllocationRemoved
virtual
virtual void onServerAllocationRemoved(Server * server, IAllocation * alloc)
Defined in src/turn/include/icy/turn/server/server.h:106
Called just before an allocation is destroyed (expired, deleted, or server stopped).
Parameters
-
serverThe server that owned the allocation. -
allocThe allocation being removed; do not delete this pointer.
{#authenticaterequest-1}
authenticateRequest
virtual
virtual AuthenticationState authenticateRequest(Server * server, Request & request)
Defined in src/turn/include/icy/turn/server/server.h:115
Authenticates an incoming STUN request using the long-term credential mechanism (RFC 5389 section 10.2). Return Authorized to proceed, NotAuthorized to reject with a 401, QuotaReached to reject with a 486, or Authenticating to defer until the result is available asynchronously.
Parameters
-
serverThe server receiving the request. -
requestThe STUN request to authenticate.
Returns
An AuthenticationState indicating how to proceed.
{#serveroptions}
ServerOptions
#include <icy/turn/server/server.h>
struct ServerOptions
Defined in src/turn/include/icy/turn/server/server.h:53
Configuration options for the TURN server.
List of all members
| Name | Kind | Owner |
|---|---|---|
software | variable | Declared here |
realm | variable | Declared here |
allocationDefaultLifetime | variable | Declared here |
allocationMaxLifetime | variable | Declared here |
allocationMaxPermissions | variable | Declared here |
timerInterval | variable | Declared here |
earlyMediaBufferSize | variable | Declared here |
listenAddr | variable | Declared here |
externalIP | variable | Declared here |
enableTCP | variable | Declared here |
enableUDP | variable | Declared here |
enableLocalIPPermissions | variable | Declared here |
ServerOptions | function | Declared here |
Public Attributes
| Return | Name | Description |
|---|---|---|
std::string | software | |
std::string | realm | |
uint32_t | allocationDefaultLifetime | |
uint32_t | allocationMaxLifetime | |
int | allocationMaxPermissions | |
int | timerInterval | |
int | earlyMediaBufferSize | |
net::Address | listenAddr | The TCP and UDP bind() address. |
std::string | externalIP | The external public facing IP address of the server. |
bool | enableTCP | |
bool | enableUDP | |
bool | enableLocalIPPermissions | Auto-grant permissions for RFC 1918/loopback addresses. |
{#software-1}
software
std::string software
Defined in src/turn/include/icy/turn/server/server.h:55
{#realm}
realm
std::string realm
Defined in src/turn/include/icy/turn/server/server.h:56
{#allocationdefaultlifetime}
allocationDefaultLifetime
uint32_t allocationDefaultLifetime
Defined in src/turn/include/icy/turn/server/server.h:58
{#allocationmaxlifetime}
allocationMaxLifetime
uint32_t allocationMaxLifetime
Defined in src/turn/include/icy/turn/server/server.h:59
{#allocationmaxpermissions}
allocationMaxPermissions
int allocationMaxPermissions
Defined in src/turn/include/icy/turn/server/server.h:60
{#timerinterval-1}
timerInterval
int timerInterval
Defined in src/turn/include/icy/turn/server/server.h:61
{#earlymediabuffersize}
earlyMediaBufferSize
int earlyMediaBufferSize
Defined in src/turn/include/icy/turn/server/server.h:62
{#listenaddr}
listenAddr
net::Address listenAddr
Defined in src/turn/include/icy/turn/server/server.h:64
The TCP and UDP bind() address.
{#externalip}
externalIP
std::string externalIP
Defined in src/turn/include/icy/turn/server/server.h:65
The external public facing IP address of the server.
{#enabletcp}
enableTCP
bool enableTCP
Defined in src/turn/include/icy/turn/server/server.h:67
{#enableudp}
enableUDP
bool enableUDP
Defined in src/turn/include/icy/turn/server/server.h:68
{#enablelocalippermissions}
enableLocalIPPermissions
bool enableLocalIPPermissions
Defined in src/turn/include/icy/turn/server/server.h:69
Auto-grant permissions for RFC 1918/loopback addresses.
Public Methods
| Return | Name | Description |
|---|---|---|
ServerOptions inline |
{#serveroptions-1}
ServerOptions
inline
inline ServerOptions()
Defined in src/turn/include/icy/turn/server/server.h:71
{#tcpclientobserver}
TCPClientObserver
#include <icy/turn/client/tcpclient.h>
struct TCPClientObserver
Defined in src/turn/include/icy/turn/client/tcpclient.h:31
Inherits:
ClientObserver
Observer interface for TCP TURN client events (RFC 6062). Extends ClientObserver with callbacks specific to TCP relay connections.
List of all members
| Name | Kind | Owner |
|---|---|---|
onRelayConnectionCreated | function | Declared here |
onRelayConnectionError | function | Declared here |
onRelayConnectionClosed | function | Declared here |
onRelayConnectionBindingFailed | function | Declared here |
onPeerConnectionAttempt | function | Declared here |
onClientStateChange | function | Inherited from ClientObserver |
onRelayDataReceived | function | Inherited from ClientObserver |
onAllocationFailed | function | Inherited from ClientObserver |
onAllocationDeleted | function | Inherited from ClientObserver |
onAllocationPermissionsCreated | function | Inherited from ClientObserver |
onTransactionResponse | function | Inherited from ClientObserver |
onTimer | function | Inherited from ClientObserver |
Inherited from ClientObserver
| Kind | Name | Description |
|---|---|---|
function | onClientStateChange virtual | Called whenever the client's state machine transitions to a new state. |
function | onRelayDataReceived virtual | Called when relayed data is received from a peer via a Data Indication. |
function | onAllocationFailed virtual inline | Called when the server rejects an Allocate request with an error. |
function | onAllocationDeleted virtual inline | Called when the server confirms deletion of the allocation. |
function | onAllocationPermissionsCreated virtual inline | Called after a CreatePermission request succeeds. |
function | onTransactionResponse virtual inline | All received transaction responses will be routed here after local processing so the observer can easily implement extra functionality. |
function | onTimer virtual inline | Fires after the client's internal timer callback. Handy for performing extra async cleanup tasks. |
Public Methods
| Return | Name | Description |
|---|---|---|
void | onRelayConnectionCreated virtual | Called when a ConnectionBind succeeds and the relay pipe is live. |
void | onRelayConnectionError virtual inline | Called when an error occurs on a relay connection socket. |
void | onRelayConnectionClosed virtual | Called when a relay connection socket is closed. |
void | onRelayConnectionBindingFailed virtual inline | Called when a Connect request (client-initiated) or a ConnectionBind handshake fails for the given peer. |
bool | onPeerConnectionAttempt virtual inline | Called when the server sends a ConnectionAttempt indication indicating that a remote peer wants to connect. Return true to accept the connection (proceeds with ConnectionBind), or false to reject it. |
{#onrelayconnectioncreated}
onRelayConnectionCreated
virtual
virtual void onRelayConnectionCreated(TCPClient & client, const net::TCPSocket::Ptr & socket, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:38
Called when a ConnectionBind succeeds and the relay pipe is live.
Parameters
-
clientThe owning TCP client. -
socketThe TCP socket that is now connected to the TURN server and ready for direct data transfer to/from the peer. -
peerAddressThe remote peer address associated with this connection.
{#onrelayconnectionerror-1}
onRelayConnectionError
virtual inline
virtual inline void onRelayConnectionError(TCPClient & client, const net::TCPSocket::Ptr & socket, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:44
Called when an error occurs on a relay connection socket.
Parameters
-
clientThe owning TCP client. -
socketThe affected socket. -
peerAddressThe remote peer address for this connection.
{#onrelayconnectionclosed-1}
onRelayConnectionClosed
virtual
virtual void onRelayConnectionClosed(TCPClient & client, const net::TCPSocket::Ptr & socket, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:50
Called when a relay connection socket is closed.
Parameters
-
clientThe owning TCP client. -
socketThe closed socket. -
peerAddressThe remote peer address for this connection.
{#onrelayconnectionbindingfailed}
onRelayConnectionBindingFailed
virtual inline
virtual inline void onRelayConnectionBindingFailed(TCPClient & client, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:56
Called when a Connect request (client-initiated) or a ConnectionBind handshake fails for the given peer.
Parameters
-
clientThe owning TCP client. -
peerAddressThe peer address whose binding failed.
{#onpeerconnectionattempt}
onPeerConnectionAttempt
virtual inline
virtual inline bool onPeerConnectionAttempt(TCPClient & client, const net::Address & peerAddress)
Defined in src/turn/include/icy/turn/client/tcpclient.h:64
Called when the server sends a ConnectionAttempt indication indicating that a remote peer wants to connect. Return true to accept the connection (proceeds with ConnectionBind), or false to reject it.
Parameters
-
clientThe owning TCP client. -
peerAddressThe address of the connecting peer.
Returns
true to accept and bind, false to ignore.