Compliant with the latest RFCs including 5389, 5769, and 5780. Also includes backwards compatibility for RFC 3489.
Supports both UDP and TCP on both IPv4 and IPv6.
Client test app provided.
Stun server can operate in "full" mode as well as "basic" mode. Basic mode configures the server to listen on one port and respond to STUN binding requests. Full mode configures the service to listen on two different IP address interfaces (if available) and provide NAT behavior and filtering detection support for clients.
Open source Apache license. See LICENSE file fore more details.
Server does not honor the stun padding attribute. If someone really wants this support, let me know and I will consider adding it.
By default, the stun server operates in an open mode without performing authentication. All the code for authentication, challenge-response, message hashing, and message integrity attributes are fully coded. HMAC/SHA1/MD5 hashing code for generating and validating the message integrity attribute has been implemented and tested. However, the code for validating a username or looking up a password is outside the scope of this release. Instead, hooks are provided for implementors to write their own code to validate a username, fetch a password, and allow/deny a request. Details of writing your own authentication provider code are described in the file "server/sampleauthprovider.h".
Dependency checking is not implemented in the Makefile. So if you need to recompile, I recommend "make clean" from the root to preceed any subsequent "make" call.
If you run an instance of stunserver locally, you may observe that "stunclient localhost" may not successfully work. This is because the server is not listening on the loopback adapter when running in full mode. The workaround is to specify the actual IP address that the server is listening on. Type "ifconfig" to discover your IP address (e.g. 10.11.12.13) followed by "stunclient 10.11.12.13"
Got Boost and OpenSSL taken care of as described above? Good. Just type "make". There will be three resulting binaries in the root of the source code package produced.
stuntestcode - This is the unit test code. I highly recommend you run this program first. When run, you'll see a series of lines being printed in regards to different code paths being tested. If you see any line that ends in "FAIL", we likely have a bug. Please contact me immediately if you see this.
stunserver - this is the server binary. Run "./stunserver --help" for details on running this program. Running this program without any command line arguments defaults to listening on port 3478 on all adapters.
stunclient - this is the client test binary. Run "./stunclient --help" for details on running this program. Example: "./stunclient stun.selbie.com"
