From c103d1cfb0fb83ec4bfdd707f9e7b41e99570e65 Mon Sep 17 00:00:00 2001
From: Juliusz Chroboczek <jch@irif.fr>
Date: Tue, 19 Jan 2021 18:04:39 +0100
Subject: [PATCH] Rework configuration of built-in TURN server.

The default configuration is now defined by an explicit value
"auto", which is easier to check and to explain.
---
 README                   | 29 ++++++++++++++++-------------
 galene.go                |  8 +-------
 ice/ice.go               |  2 +-
 turnserver/turnserver.go | 23 ++++++++++++++---------
 4 files changed, 32 insertions(+), 30 deletions(-)

diff --git a/README b/README
index 7aea85c..4174919 100644
--- a/README
+++ b/README
@@ -242,24 +242,27 @@ user entry with a hashed password looks like this:
 ICE is the NAT and firewall traversal protocol used by WebRTC.  ICE can
 make use of two kinds of servers to help with NAT traversal: STUN servers,
 that simply help punching holes in NATs, and TURN servers, that serve as
-relays for traffic.  TURN is a superset of NAT: no STUN server is
+relays for traffic.  TURN is a superset of STUN: no STUN server is
 necessary if a TURN server is available.
 
 Galène includes a simple IPv4-only TURN server, which is controlled by the
-`-turn` command-line option.  If the value of this option is the empty
-string `""`, then the built-in server is disabled.  If the value of this
-option is a colon followed with a port number `:1194`, then the TURN
-server will listen on all public IPv4 addresses of the local host, over
-UDP and TCP.  If the value of this option is a socket address, such as
+`-turn` command-line option.  If its value is set to the empty string
+`""`, then the built-in server is disabled.  If its value is a colon
+followed with a port number, for example `:1194`, then the TURN server
+will listen on all public IPv4 addresses of the local host, over UDP and
+TCP.  If the value of this option is a socket address, such as
 `192.0.2.1:1194`, then the TURN server will listen on all addresses of the
 local host but assume that the address seen by the clients is the one
 given in the option; this is the recommended configuration when running
-behind NAT with port forwarding.
+behind NAT with port forwarding.  The default value is `-turn auto`, which
+enables the TURN server on port 1194 if there is no
+`data/ice-servers.json` file.
 
-Some users may prefer to disable Galène's built in TURN server (`-turn ""`)
-and configure an external ICE server.  In that case, the ICE configuration
-should appear in the file `data/ice-servers.json`.  In the case of a STUN
-server, it should look like this:
+Some users may prefer to use an external ICE server.  In that case, the
+built-in TURN server should be disabled (`-turn ""` or the default
+`-turn auto`), and a working ICE configuration should appear in the file
+`data/ice-servers.json`.  In the case of a single STUN server, it should
+look like this:
 
     [
         {
@@ -283,8 +286,8 @@ look like this:
         }
     ]
 
-If you prefer to use coturn's `use-auth-secret` option, then your
-`ice-servers.json` should look like this:
+If you prefer to use coturn's `use-auth-secret` option, then the
+`ice-servers.json` file should look like this:
 
     [
         {
diff --git a/galene.go b/galene.go
index 57dc659..3c895c4 100644
--- a/galene.go
+++ b/galene.go
@@ -43,16 +43,10 @@ func main() {
 	flag.BoolVar(&group.UseMDNS, "mdns", false, "gather mDNS addresses")
 	flag.BoolVar(&ice.ICERelayOnly, "relay-only", false,
 		"require use of TURN relays for all media traffic")
-	flag.StringVar(&turnserver.Address, "turn", ":1194",
+	flag.StringVar(&turnserver.Address, "turn", "auto",
 		"built-in TURN server `address` (\"\" to disable)")
 	flag.Parse()
 
-	flag.Visit(func(f *flag.Flag) {
-		if f.Name == "turn" {
-			turnserver.Force = true
-		}
-	})
-
 	if cpuprofile != "" {
 		f, err := os.Create(cpuprofile)
 		if err != nil {
diff --git a/ice/ice.go b/ice/ice.go
index bb97b41..9a49ed5 100644
--- a/ice/ice.go
+++ b/ice/ice.go
@@ -107,7 +107,7 @@ func Update() *configuration {
 		}
 	}
 
-	err := turnserver.StartStop(found)
+	err := turnserver.StartStop(!found)
 	if err != nil {
 		log.Printf("TURN: %v", err)
 	}
diff --git a/turnserver/turnserver.go b/turnserver/turnserver.go
index 38c4bc1..4fe9d34 100644
--- a/turnserver/turnserver.go
+++ b/turnserver/turnserver.go
@@ -16,7 +16,6 @@ import (
 var username string
 var password string
 var Address string
-var Force bool
 
 var mu sync.Mutex
 var addresses []net.Addr
@@ -96,7 +95,12 @@ func Start() error {
 	if Address == "" {
 		return errors.New("built-in TURN server disabled")
 	}
-	addr, err := net.ResolveUDPAddr("udp4", Address)
+
+	ad := Address
+	if Address == "auto" {
+		ad = ":1194"
+	}
+	addr, err := net.ResolveUDPAddr("udp4", ad)
 	if err != nil {
 		return err
 	}
@@ -234,13 +238,14 @@ func Stop() error {
 	return err
 }
 
-func StartStop(found bool) error {
-	if Force && Address != "" {
-		return Start()
-	} else if found {
+func StartStop(start bool) error {
+	if Address == "auto" {
+		if start {
+			return Start()
+		}
+		return Stop()
+	} else if Address == "" {
 		return Stop()
-	} else if Address != "" {
-		return Start()
 	}
-	return nil
+	return Start()
 }