Steps:
https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/tokens.md
https://community.jitsi.org/t/jitsi-meet-tokens-unable-to-install/29325/5
https://github.com/ASolomatin/luajwt/tree/replace_luacrypto
https://github.com/christiancuri/Docs/blob/master/Jitsi%20Meet%20Installation.md
https://community.jitsi.org/t/heres-how-you-should-install-jitsi-meet-tokens-on-debian-10/59606
https://community.jitsi.org/t/jwt-token-authentication-broken-on-debian-10-with-openssl-1-1/31027/5
Most Important – Luarocks with lua 5.2
sudo su
apt install gcc -y
apt install make -y
apt install cmake
apt-get install libssl-dev
# apt-get install libssl1.0-dev -y Gives error
apt-get install luarocks
luarocks install basexx
apt-get install jitsi-meet-tokensCode language: JavaScript (javascript)Luacrypto Installation Fails if you use
luarocks install luacrypto AS per https://github.com/mkottman/luacrypto – LuaCrypto provides a Lua frontend to the OpenSSL cryptographic library. The OpenSSL features that are currently exposed are digests (MD5, SHA-1, HMAC, and more) and crypto-grade random number generators. LuaCrypto also supports encryption and decryption, signing and verifying, sealing and opening using the OpenSSL EVP API.
Buster comes with libssl-1.1 which is not supported by luacrypto so the fork uses luaossl which compiles fine with libssl-dev-1.1. To combat that: https://community.jitsi.org/t/jitsi-meet-tokens-unable-to-install/29325/5
cd ~
nano luajwtjitsi-1.3-7.rockspec
-------------- CONTENTS OF FILE
package = "luajwtjitsi"
version = "1.3-7"
source = {
-- Use fork from ASolomatin which uses luaossl
url = "git://github.com/ASolomatin/luajwt/",
tag = "replace_luacrypto"
}
description = {
summary = "JSON Web Tokens for Lua",
detailed = "Very fast and compatible with pyjwt, php-jwt, ruby-jwt, node-jwt-simple and others",
homepage = "https://github.com/jitsi/luajwt/",
license = "MIT <http://opensource.org/licenses/MIT>"
}
dependencies = {
-- Prosody uses lua 5.2
"lua >= 5.2",
"luaossl >= 20190731-0",
-- Use exact version 2.1, see https://github.com/mpx/lua-cjson/issues/56
"lua-cjson = 2.1.0",
"lbase64 >= 20120807-3"
}
build = {
type = "builtin",
modules = {
luajwtjitsi = "luajwtjitsi.lua"
}
}Code language: JavaScript (javascript)Install the luajwtjitsi
sudo luarocks install luajwtjitsi-1.3-7.rockspec
---------- Output
Missing dependencies for luajwtjitsi 1.3-7:
luaossl >= 20190731-0 (not installed)
lua-cjson == 2.1.0 (not installed)
lbase64 >= 20120807-3 (not installed)
luajwtjitsi 1.3-7 depends on luaossl >= 20190731-0 (not installed)
Installing https://luarocks.org/luaossl-20190731-0.src.rock
Applying patch config.h.diff...
Hunk 1 found at offset 2...
successfully patched src/openssl.c
gcc -O2 -fPIC -I/usr/include/lua5.2 -c src/openssl.c -o src/openssl.o -D_REENTRANT -D_THREAD_SAFE -DCOMPAT53_PREFIX=luaossl -D_GNU_SOURCE -I/usr/include -I/usr/include
In file included from src/openssl.c:12414:
/usr/include/x86_64-linux-gnu/sys/sysctl.h:21:2: warning: #warning "The <sys/sysctl.h> header is deprecated and will be removed." [-Wcpp]
21 | #warning "The <sys/sysctl.h> header is deprecated and will be removed."
| ^~~~~~~
src/openssl.c: In function ‘randL_stir’:
src/openssl.c:12481:3: warning: ‘sysctl’ is deprecated [-Wdeprecated-declarations]
12481 | if (0 != sysctl(mib, countof(mib), data, &n, (void *)0, 0))
| ^~
In file included from src/openssl.c:12414:
/usr/include/x86_64-linux-gnu/sys/sysctl.h:70:12: note: declared here
70 | extern int sysctl (int *__name, int __nlen, void *__oldval,
| ^~~~~~
gcc -O2 -fPIC -I/usr/include/lua5.2 -c vendor/compat53/c-api/compat-5.3.c -o vendor/compat53/c-api/compat-5.3.o -D_REENTRANT -D_THREAD_SAFE -DCOMPAT53_PREFIX=luaossl -D_GNU_SOURCE -I/usr/include -I/usr/include
gcc -shared -o _openssl.so -L/usr/local/lib src/openssl.o vendor/compat53/c-api/compat-5.3.o -L/usr/lib/x86_64-linux-gnu -L/usr/lib/x86_64-linux-gnu -Wl,-rpath,/usr/lib/x86_64-linux-gnu: -Wl,-rpath,/usr/lib/x86_64-linux-gnu: -lssl -lcrypto -lpthread -lm -ldl
luaossl 20190731-0 is now installed in /usr/local (license: MIT/X11)
luajwtjitsi 1.3-7 depends on lua-cjson == 2.1.0 (not installed)
Installing https://luarocks.org/lua-cjson-2.1.0-1.src.rock
gcc -O2 -fPIC -I/usr/include/lua5.2 -c lua_cjson.c -o lua_cjson.o
In file included from lua_cjson.c:47:
fpconv.h:15:20: warning: inline function ‘fpconv_init’ declared but never defined
15 | extern inline void fpconv_init();
| ^~~~~~~~~~~
gcc -O2 -fPIC -I/usr/include/lua5.2 -c strbuf.c -o strbuf.o
gcc -O2 -fPIC -I/usr/include/lua5.2 -c fpconv.c -o fpconv.o
gcc -shared -o cjson.so -L/usr/local/lib lua_cjson.o strbuf.o fpconv.o
lua-cjson 2.1.0-1 is now installed in /usr/local (license: MIT)
luajwtjitsi 1.3-7 depends on lbase64 >= 20120807-3 (not installed)
Installing https://luarocks.org/lbase64-20120807-3.src.rock
gcc -O2 -fPIC -I/usr/include/lua5.2 -c lbase64.c -o lbase64.o
gcc -shared -o base64.so -L/usr/local/lib lbase64.o
lbase64 20120807-3 is now installed in /usr/local (license: Public domain)
Cloning into 'luajwt'...
remote: Enumerating objects: 7, done.
remote: Counting objects: 100% (7/7), done.
remote: Compressing objects: 100% (7/7), done.
remote: Total 7 (delta 0), reused 1 (delta 0), pack-reused 0
Receiving objects: 100% (7/7), done.
luajwtjitsi 1.3-7 is now installed in /usr/local (license: MIT <http://opensource.org/licenses/MIT>)
Code language: HTML, XML (xml)install basexx
luarocks install basexx
Installing https://luarocks.org/basexx-0.4.1-1.rockspec
basexx 0.4.1-1 is now installed in /usr/local (license: MIT)
Code language: JavaScript (javascript)Prosody CONFIGURATION : https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/tokens.md
plugin_paths = { "/usr/local/lib/prosody/modules", "/usr/share/jitsi-meet/prosody-plugins/" }
c2s_require_encryption = false
Include "conf.d/*.cfg.lua"
Code language: PHP (php)Open /etc/prosody/conf.avail/<host>.cfg.lua and add above lines with your issuers and audiences
asap_accepted_issuers = { "jitsi", "smash" }
asap_accepted_audiences = { "jitsi", "smash" }Code language: JavaScript (javascript)
# luarocks install luacrypto
Installing https://luarocks.org/luacrypto-0.3.2-2.src.rock
gcc -O2 -fPIC -I/usr/include/lua5.2 -c src/lcrypto.c -o src/lcrypto.o -I/usr/include
src/lcrypto.c: In function ‘digest_pnew’:
src/lcrypto.c:81:61: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_MD_CTX’ {aka ‘struct evp_md_ctx_st’}
81 | EVP_MD_CTX *c = (EVP_MD_CTX *)lua_newuserdata(L, sizeof(EVP_MD_CTX));
| ^~~~~~~~~~
src/lcrypto.c: In function ‘digest_reset’:
src/lcrypto.c:120:10: warning: implicit declaration of function ‘EVP_MD_CTX_cleanup’; did you mean ‘EVP_MD_CTX_create’? [-Wimplicit-function-declaration]
120 | if (!EVP_MD_CTX_cleanup(c))
| ^~~~~~~~~~~~~~~~~~
| EVP_MD_CTX_create
src/lcrypto.c: In function ‘encrypt_pnew’:
src/lcrypto.c:331:69: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_CIPHER_CTX’ {aka ‘struct evp_cipher_ctx_st’}
331 | EVP_CIPHER_CTX *c = (EVP_CIPHER_CTX *)lua_newuserdata(L, sizeof(EVP_CIPHER_CTX));
| ^~~~~~~~~~~~~~
src/lcrypto.c: In function ‘encrypt_fencrypt’:
src/lcrypto.c:425:20: error: storage size of ‘c’ isn’t known
425 | EVP_CIPHER_CTX c;
| ^
src/lcrypto.c: In function ‘decrypt_pnew’:
src/lcrypto.c:470:69: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_CIPHER_CTX’ {aka ‘struct evp_cipher_ctx_st’}
470 | EVP_CIPHER_CTX *c = (EVP_CIPHER_CTX *)lua_newuserdata(L, sizeof(EVP_CIPHER_CTX));
| ^~~~~~~~~~~~~~
src/lcrypto.c: In function ‘decrypt_fdecrypt’:
src/lcrypto.c:561:20: error: storage size of ‘c’ isn’t known
561 | EVP_CIPHER_CTX c;
| ^
src/lcrypto.c: In function ‘hmac_pnew’:
src/lcrypto.c:604:57: error: invalid application of ‘sizeof’ to incomplete type ‘HMAC_CTX’ {aka ‘struct hmac_ctx_st’}
604 | HMAC_CTX *c = (HMAC_CTX *)lua_newuserdata(L, sizeof(HMAC_CTX));
| ^~~~~~~~
src/lcrypto.c: In function ‘hmac_fnew’:
src/lcrypto.c:621:5: warning: implicit declaration of function ‘HMAC_CTX_init’; did you mean ‘HMAC_CTX_new’? [-Wimplicit-function-declaration]
621 | HMAC_CTX_init(c);
| ^~~~~~~~~~~~~
| HMAC_CTX_new
src/lcrypto.c: In function ‘hmac_clone’:
src/lcrypto.c:631:5: error: dereferencing pointer to incomplete type ‘HMAC_CTX’ {aka ‘struct hmac_ctx_st’}
631 | *d = *c;
| ^~
src/lcrypto.c: In function ‘hmac_gc’:
src/lcrypto.c:697:5: warning: implicit declaration of function ‘HMAC_CTX_cleanup’ [-Wimplicit-function-declaration]
697 | HMAC_CTX_cleanup(c);
| ^~~~~~~~~~~~~~~~
src/lcrypto.c: In function ‘hmac_fdigest’:
src/lcrypto.c:711:14: error: storage size of ‘c’ isn’t known
711 | HMAC_CTX c;
| ^
src/lcrypto.c: In function ‘sign_pnew’:
src/lcrypto.c:747:61: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_MD_CTX’ {aka ‘struct evp_md_ctx_st’}
747 | EVP_MD_CTX *c = (EVP_MD_CTX *)lua_newuserdata(L, sizeof(EVP_MD_CTX));
| ^~~~~~~~~~
src/lcrypto.c: In function ‘sign_fsign’:
src/lcrypto.c:828:20: error: storage size of ‘c’ isn’t known
828 | EVP_MD_CTX c;
| ^
src/lcrypto.c: In function ‘verify_pnew’:
src/lcrypto.c:857:61: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_MD_CTX’ {aka ‘struct evp_md_ctx_st’}
857 | EVP_MD_CTX *c = (EVP_MD_CTX *)lua_newuserdata(L, sizeof(EVP_MD_CTX));
| ^~~~~~~~~~
src/lcrypto.c: In function ‘verify_fverify’:
src/lcrypto.c:940:20: error: storage size of ‘c’ isn’t known
940 | EVP_MD_CTX c;
| ^
src/lcrypto.c: In function ‘rand_pseudo_bytes’:
src/lcrypto.c:992:5: warning: ‘RAND_pseudo_bytes’ is deprecated [-Wdeprecated-declarations]
992 | return rand_do_bytes(L, RAND_pseudo_bytes);
| ^~~~~~
In file included from /usr/include/openssl/e_os2.h:13,
from /usr/include/openssl/err.h:13,
from src/lcrypto.c:7:
/usr/include/openssl/rand.h:44:1: note: declared here
44 | DEPRECATEDIN_1_1_0(int RAND_pseudo_bytes(unsigned char *buf, int num))
| ^~~~~~~~~~~~~~~~~~
src/lcrypto.c: In function ‘pkey_generate’:
src/lcrypto.c:1064:9: warning: ‘RSA_generate_key’ is deprecated [-Wdeprecated-declarations]
1064 | RSA *rsa = RSA_generate_key(key_len, RSA_F4, NULL, NULL);
| ^~~
In file included from /usr/include/openssl/e_os2.h:13,
from /usr/include/openssl/err.h:13,
from src/lcrypto.c:7:
/usr/include/openssl/rsa.h:235:1: note: declared here
235 | DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void
| ^~~~~~~~~~~~~~~~~~
src/lcrypto.c:1074:9: warning: ‘DSA_generate_parameters’ is deprecated [-Wdeprecated-declarations]
1074 | DSA *dsa = DSA_generate_parameters(key_len, NULL, 0, NULL, NULL, NULL, NULL);
| ^~~
In file included from /usr/include/openssl/e_os2.h:13,
from /usr/include/openssl/err.h:13,
from src/lcrypto.c:7:
/usr/include/openssl/dsa.h:117:1: note: declared here
117 | DEPRECATEDIN_0_9_8(DSA *DSA_generate_parameters(int bits,
| ^~~~~~~~~~~~~~~~~~
src/lcrypto.c: In function ‘pkey_to_pem’:
src/lcrypto.c:1164:27: error: dereferencing pointer to incomplete type ‘struct evp_pkey_st’
1164 | if (private && pkey_st->type == EVP_PKEY_DSA)
| ^~
src/lcrypto.c: In function ‘pkey_tostring’:
src/lcrypto.c:1277:60: error: dereferencing pointer to incomplete type ‘EVP_PKEY’ {aka ‘struct evp_pkey_st’}
1277 | sprintf(buf, "%s %s %d %p", LUACRYPTO_PKEYNAME, (*pkey)->type == EVP_PKEY_DSA ? "DSA" : "RSA", EVP_PKEY_bits(*pkey), pkey);
| ^~
src/lcrypto.c: In function ‘seal_pnew’:
src/lcrypto.c:1299:46: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_CIPHER_CTX’ {aka ‘struct evp_cipher_ctx_st’}
1299 | c->ctx = (EVP_CIPHER_CTX *)malloc(sizeof(EVP_CIPHER_CTX));
| ^~~~~~~~~~~~~~
In file included from src/lcrypto.c:8:
src/lcrypto.c: In function ‘seal_tostring’:
src/lcrypto.c:1320:81: error: dereferencing pointer to incomplete type ‘EVP_CIPHER_CTX’ {aka ‘struct evp_cipher_ctx_st’}
1320 | sprintf(s, "%s %p %s", LUACRYPTO_SEALNAME, (void *)c, EVP_CIPHER_name(c->ctx->cipher));
| ^~
src/lcrypto.c: In function ‘seal_fseal’:
src/lcrypto.c:1400:20: error: storage size of ‘ctx’ isn’t known
1400 | EVP_CIPHER_CTX ctx;
| ^~~
src/lcrypto.c: In function ‘open_pnew’:
src/lcrypto.c:1483:46: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_CIPHER_CTX’ {aka ‘struct evp_cipher_ctx_st’}
1483 | c->ctx = (EVP_CIPHER_CTX *)malloc(sizeof(EVP_CIPHER_CTX));
| ^~~~~~~~~~~~~~
src/lcrypto.c: In function ‘open_fopen’:
src/lcrypto.c:1602:20: error: storage size of ‘ctx’ isn’t known
1602 | EVP_CIPHER_CTX ctx;
| ^~~