coturn server: cannot find credentials of user

[verymilan]

Hi there,

i followed the provided docs as good as possible and am using the latest master of the coturn and synapse server.
I am unable to use VoIP - coturn says:

25: ERROR: check_stun_auth: Cannot find credentials of user <148....898:@User:domain.de>

I did some research and am now guessing it may be an invalid format synapse is serving so i created this issue.

kind Regards

[schnuffle]

Show your config with the secrets anonymized of coturn and synapse.

[verymilan]

# coturn

lt-cred-mech
use-auth-secret
static-auth-secret=C2Em...33dr
realm=turn.domain.de
cert=/path/to/turnserver_cert.pem
pkey=/path/to/turnserver_key.pem

# synapse

# i already tried domain/localhost/127.0.0.1/coturn non-tls port
turn_uris: ["turn:5.1.......:5350?transport=udp", "turn:5.1.......:5350?transport=tcp"]
turn_shared_secret: "C2Em...33dr"
turn_user_lifetime: "1h"

[schnuffle]

From seeing your inout I've two ideas:

• turn_uri: has to be the FQDN under which the turnserver is available
• The certs have to match that FQDN

Here's my working config, of course with random secrets ( cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1 ).

Coturn config

listening-port=3478
tls-listening-port=5349
alt-listening-port=3479
alt-tls-listening-port=5350
listening-ip=5.9.105.251
verbose
lt-cred-mech
use-auth-secret
static-auth-secret=KSuSNqpx3XWDiFdRKxrJFy7GBa9drsWvg5HMVipOvc9rJLsr20OCqDQdUzPGT0AJ
server-name=kolab.schnuffle.de
realm=kolab.schnuffle.de
cert=/etc/letsencrypt/live/kolab.schnuffle.de/fullchain.pem
pkey=/etc/letsencrypt/live/kolab.schnuffle.de/privkey.pem
no-stdout-log
log-file=/var/log/turnserver/turn.log
simple-log
pidfile="/var/run/turnserver/turnserver.pid"
mobility
no-tlsv1
no-tlsv1_1

Synapse Config

turn_uris: ["turn:kolab.schnuffle.de:3478?transport=udp","turn:kolab.schnuffle.de:3478?transport=tcp"]
turn_shared_secret: "KSuSNqpx3XWDiFdRKxrJFy7GBa9drsWvg5HMVipOvc9rJLsr20OCqDQdUzPGT0AJ"
turn_user_lifetime: "1h"

[richvdh]

@tchncs your config really ought to work; something very similar (minus TLS) works fine here.

you don't have anything else in your coturn config?

[verymilan]

Sorry for my late response, i just added the following to my config and it worked. 🎉

listening-ip=5.1.00.000
server-name=turn.domain.de
#no-stdout-log
mobility
no-tlsv1
no-tlsv1_1                                                                                                                          no-tlsv1_1 

Thank you very much!

[verymilan]

Ow how sad voip calls to outside the local network still fail and stuck at connecting :(
No logentries from coturn and

2017-03-06 15:46:10,631 - synapse.access.https.8448 - 91 - INFO - GET-20919- 47........5 - 8448 - {@User:domain.de} Processed request: 1ms (0ms, 0ms) (0ms/0) 156B 200 "GET /_matrix/client/r0/voip/turnServer?access_token=<redacted> HTTP/1.0" "Dalvik/2.1.0 (Linux; U; Android 7.1.1; A0001 Build/NMF26V)"

in the synapse log.

[verymilan]

It is now working - had synapse configured to 5350 for some reason

[hamber-dick]

2017-03-07 17:10:13,911 - synapse.access.http.8008 - 91 - INFO - GET-17531- - - 8008 - {@User:domain.de} Processed request: 30003ms (3ms, 0ms) (0ms/0) 158B 200 "GET /_matrix/client/r0/sync?timeout=30000&since=s312939_552622_661_40807_24_11_84_6145&access_token=<redacted> HTTP/1.1" "Dalvik/1.6.0 (Linux; U; Android 4.4.2; GT-I9195 Build/KOT49H)"

What exactly is the Solution for this Problem I Get a similar Log.

[richvdh]

this isn't a support forum