From 1300021c6f6d828240b88784338539e4738d22cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A9sz=C3=A1ros=20Mih=C3=A1ly?= Date: Tue, 15 Dec 2020 13:35:21 +0000 Subject: [PATCH] Correct acme-redirect man and readme --- README.turnserver | 6 +++ man/man1/turnadmin.1 | 32 ++++++++-------- man/man1/turnserver.1 | 87 ++++++++++++++++++++++++------------------- man/man1/turnutils.1 | 61 +++++++++++++++--------------- 4 files changed, 103 insertions(+), 83 deletions(-) diff --git a/README.turnserver b/README.turnserver index 5969ba6d..df74704b 100644 --- a/README.turnserver +++ b/README.turnserver @@ -547,6 +547,12 @@ Options with values: Default is /var/run/turnserver.pid (if superuser account is used) or /var/tmp/turnserver.pid . +--acme-redirect Redirect ACME/RFC8555 (like Let's Encrypt challenge) requests, i.e. + HTTP GET requests matching '^/.well-known/acme-challenge/(.*)' + to $1 with $1 == (.*). No validation of will be done, + so make sure you do not forget the trailing slash. If is an empty + string (the default value), no special handling of such requests will be done. + --proc-user User name to run the process. After the initialization, the turnserver process will make an attempt to change the current user ID to that user. diff --git a/man/man1/turnadmin.1 b/man/man1/turnadmin.1 index dc2982c2..8540085b 100644 --- a/man/man1/turnadmin.1 +++ b/man/man1/turnadmin.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "08 December 2020" "" "" +.TH TURN 1 "15 December 2020" "" "" .SH GENERAL INFORMATION \fIturnadmin\fP is a TURN administration tool. This tool can be used to manage @@ -48,8 +48,8 @@ is equivalent to: .fi You have always the use the \fB\-r\fP option with commands for long term credentials \- because data for multiple realms can be stored in the same database. -.SH ===================================== - +.PP +===================================== .SS NAME \fB \fBturnadmin \fP\- a TURN relay administration tool. @@ -288,8 +288,8 @@ $ \fIturnadmin\fP \fB\-\-file\-key\-path\fP \fB\-v\fP Help: .PP $ \fIturnadmin\fP \fB\-h\fP -.SH ======================================= - +.PP +======================================= .SS DOCS After installation, run the \fIcommand\fP: @@ -301,8 +301,8 @@ or in the project root directory: $ man \fB\-M\fP man \fIturnadmin\fP .PP to see the man page. -.SH ===================================== - +.PP +===================================== .SS FILES /etc/turnserver.conf @@ -314,8 +314,8 @@ to see the man page. /var/lib/turn/turndb .PP /usr/local/etc/turnserver.conf -.SH ===================================== - +.PP +===================================== .SS DIRECTORIES /usr/local/share/\fIturnserver\fP @@ -323,13 +323,14 @@ to see the man page. /usr/local/share/doc/\fIturnserver\fP .PP /usr/local/share/examples/\fIturnserver\fP -.SH ====================================== - +.PP +====================================== .SS SEE ALSO \fIturnserver\fP, \fIturnutils\fP -.SH ====================================== - +.RE +.PP +====================================== .SS WEB RESOURCES project page: @@ -343,8 +344,9 @@ https://github.com/coturn/coturn/wiki forum: .PP https://groups.google.com/forum/?fromgroups=#!forum/turn\-server\-project\-rfc5766\-turn\-server/ -.SH ====================================== - +.RE +.PP +====================================== .SS AUTHORS Oleg Moskalenko diff --git a/man/man1/turnserver.1 b/man/man1/turnserver.1 index 3a9131bd..f52a25c5 100644 --- a/man/man1/turnserver.1 +++ b/man/man1/turnserver.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "08 December 2020" "" "" +.TH TURN 1 "15 December 2020" "" "" .SH GENERAL INFORMATION The \fBTURN Server\fP project contains the source code of a TURN server and TURN client @@ -78,8 +78,7 @@ is equivalent to: .fam T .fi -.SH ===================================== - +===================================== .SS NAME \fB \fBturnserver \fP\- a TURN relay server implementation. @@ -788,6 +787,14 @@ Default is /var/run/turnserver.pid (if superuser account is used) or /var/tmp/turnserver.pid . .TP .B +\fB\-\-acme\-redirect\fP + Redirect ACME/RFC8555 (like Let's Encrypt challenge) requests, i.e. +HTTP GET requests matching '^/.well\-known/acme\-challenge/(.*)' +to $1 with $1 == (.*). No validation of will be done, +so make sure you do not forget the trailing slash. If is an empty +string (the default value), no special handling of such requests will be done. +.TP +.B \fB\-\-proc\-user\fP User name to run the process. After the initialization, the \fIturnserver\fP process will make an attempt to change the current user ID to that user. @@ -848,15 +855,15 @@ By default it is disabled for security resons! .B \fB\-\-ne\fP=[1|2|3] Set network engine type for the process (for internal purposes). -.SH ================================== - +.PP +================================== .SH LOAD BALANCE AND PERFORMANCE TUNING This topic is covered in the wiki page: .PP https://github.com/coturn/coturn/wiki/turn_performance_and_load_balance -.SH =================================== - +.PP +=================================== .SH WEBRTC USAGE This is a set of notes for the WebRTC users: @@ -893,8 +900,8 @@ Usually WebRTC uses fingerprinting (\fB\-f\fP). .IP 5) 4 \fB\-\-min\-port\fP and \fB\-\-max\-port\fP may be needed if you want to limit the relay endpoints ports number range. -.SH =================================== - +.PP +=================================== .SH TURN REST API In WebRTC, the browser obtains the TURN connection information from the web @@ -1032,8 +1039,8 @@ examples/scripts/restapi/shared_secret_maintainer.pl . .PP A very important thing is that the nonce must be totally random and it must be different for different clients and different sessions. -.SH =================================== - +.PP +=================================== .SH DATABASES For the user database, the \fIturnserver\fP has the following \fIoptions\fP: @@ -1096,8 +1103,8 @@ it will set the users for you (see the \fIturnadmin\fP manuals). If you are usin \fIturnserver\fP or \fIturnadmin\fP will initialize the empty database, for you, when started. The TURN server installation process creates an empty initialized SQLite database in the default location (/var/db/turndb or /usr/local/var/db/turndb or /var/lib/turn/turndb, depending on the system). -.SH ================================= - +.PP +================================= .SH ALPN The server supports ALPNs "stun.turn" and "stun.nat\-discovery", when @@ -1106,16 +1113,16 @@ ClientHello message that contains one or both of those ALPNs, then the server chooses the first stun.* label and sends it back (in the ServerHello) in the ALPN extension field. If no stun.* label is found, then the server does not include the ALPN information into the ServerHello. -.SH ================================= - +.PP +================================= .SH LIBRARIES In the lib/ sub\-directory the build process will create TURN client messaging library. In the include/ sub\-directory, the necessary include files will be placed. The C++ wrapper for the messaging functionality is located in TurnMsgLib.h header. An example of C++ code can be found in stunclient.c file. -.SH ================================= - +.PP +================================= .SH DOCS After installation, run the command: @@ -1130,8 +1137,8 @@ to see the man page. .PP In the docs/html subdirectory of the original archive tree, you will find the client library reference. After the installation, it will be placed in PREFIX/share/doc/\fIturnserver\fP/html. -.SH ================================= - +.PP +================================= .SH LOGS When the \fBTURN Server\fP starts, it makes efforts to create a log file turn_.log @@ -1154,8 +1161,8 @@ log messages are sent only to the standard output of the process. .PP This behavior can be controlled by \fB\-\-log\-file\fP, \fB\-\-syslog\fP and \fB\-\-no\-stdout\-log\fP \fIoptions\fP. -.SH ================================= - +.PP +================================= .SH HTTPS MANAGEMENT INTERFACE The \fIturnserver\fP process provides an HTTPS Web access as statistics and basic @@ -1168,8 +1175,8 @@ populated with the admin user \fBaccount\fP(s). An admin user can be a superuser (if not assigned to a particular realm) or a restricted user (if assigned to a realm). The restricted admin users can perform only limited actions, within their corresponding realms. -.SH ================================= - +.PP +================================= .SH TELNET CLI The \fIturnserver\fP process provides a telnet CLI access as statistics and basic management @@ -1177,8 +1184,8 @@ interface. By default, the \fIturnserver\fP starts a telnet CLI listener on IP 1 port 5766. That can be changed by the command\-cline \fIoptions\fP of the \fIturnserver\fP process (see \fB\-\-cli\-ip\fP and \fB\-\-cli\-port\fP \fIoptions\fP). The full list of telnet CLI commands is provided in "help" command output in the telnet CLI. -.SH ================================= - +.PP +================================= .SH CLUSTERS \fBTURN Server\fP can be a part of the cluster installation. But, to support the "even port" functionality @@ -1187,8 +1194,8 @@ in "help" command output in the telnet CLI. the RTP and RTCP relaying endpoints must be allocated on the same relay IP. It would be possible to design a scheme with the application\-level requests forwarding (and we may do that later) but it would affect the performance. -.SH ================================= - +.PP +================================= .SH FILES /etc/turnserver.conf @@ -1200,8 +1207,8 @@ it would affect the performance. /var/lib/turn/turndb .PP /usr/local/etc/turnserver.conf -.SH ================================= - +.PP +================================= .SH DIRECTORIES /usr/local/share/\fIturnserver\fP @@ -1209,15 +1216,16 @@ it would affect the performance. /usr/local/share/doc/\fIturnserver\fP .PP /usr/local/share/examples/\fIturnserver\fP -.SH ================================= - +.PP +================================= .SH STANDARDS obsolete STUN RFC 3489 .PP new STUN RFC 5389 -.SH TURN RFC 5766 - +.PP +TURN RFC 5766 +.PP TURN\-TCP extension RFC 6062 .PP TURN IPv6 extension RFC 6156 @@ -1225,13 +1233,14 @@ TURN IPv6 extension RFC 6156 STUN/TURN test vectors RFC 5769 .PP STUN NAT behavior discovery RFC 5780 -.SH ================================= - +.PP +================================= .SH SEE ALSO \fIturnadmin\fP, \fIturnutils\fP -.SH ====================================== - +.RE +.PP +====================================== .SS WEB RESOURCES project page: @@ -1245,8 +1254,8 @@ https://github.com/coturn/coturn/wiki forum: .PP https://groups.google.com/forum/?fromgroups=#!forum/turn\-server\-project\-rfc5766\-turn\-server -.SH ====================================== - +.PP +====================================== .SS AUTHORS Oleg Moskalenko diff --git a/man/man1/turnutils.1 b/man/man1/turnutils.1 index 93a03ef3..809f83a4 100644 --- a/man/man1/turnutils.1 +++ b/man/man1/turnutils.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "08 December 2020" "" "" +.TH TURN 1 "15 December 2020" "" "" .SH GENERAL INFORMATION A set of turnutils_* programs provides some utility functionality to be used @@ -63,8 +63,8 @@ script in examples/scripts/oauth.sh. .RE .PP -.SH ===================================== - +.RS +===================================== .SS NAME \fB \fBturnutils_uclient \fP\- this client emulation application is supplied for the test purposes only. @@ -276,8 +276,8 @@ the ORIGIN STUN attribute value. Bandwidth for the bandwidth request in ALLOCATE. The default value is zero. .PP See the examples in the "examples/scripts" directory. -.SH ====================================== - +.PP +====================================== .SS NAME \fB \fBturnutils_peer \fP\- a simple UDP\-only echo backend server. @@ -314,8 +314,8 @@ If no listener \fBaddress\fP(es) defined, then it listens on all IPv4 and IPv6 a .B \fB\-v\fP Verbose -.SH ======================================== - +.PP +======================================== .SS NAME \fB \fBturnutils_stunclient \fP\- a basic STUN client. @@ -354,8 +354,8 @@ and if it finds that the STUN server supports RFC 5780 requests with different parameters, to demonstrate the NAT discovery capabilities. .PP This utility does not support the "old" "classic" STUN protocol (RFC 3489). -.SH ===================================== - +.PP +===================================== .SS NAME \fB \fBturnutils_rfc5769check \fP\- a utility that tests the correctness of STUN protocol implementation. @@ -380,8 +380,8 @@ check procedure, it is not copied to the installation destination. Usage: .PP $ \fIturnutils_rfc5769check\fP -.SH ===================================== - +.PP +===================================== .SS NAME \fB \fBturnutils_natdiscovery \fP\- a utility that discovers NAT mapping and filtering @@ -462,8 +462,8 @@ Used by mapping lifetime behavior discovery Usage: .PP $ \fIturnutils_natdiscovery\fP \fB\-m\fP \fB\-f\fP stun.example.com -.SH ===================================== - +.PP +===================================== .SS NAME \fB \fBturnutils_oauth \fP\- a utility that helps OAuth access_token generation/encryption and validation/decyption @@ -568,8 +568,8 @@ stun client hmac algorithm Usage: .PP $ \fIturnutils_natdiscovery\fP -.SH =================================== - +.PP +=================================== .SH DOCS After installation, run the command: @@ -581,8 +581,8 @@ or in the project root directory: $ man \fB\-M\fP man \fIturnutils\fP .PP to see the man page. -.SH ===================================== - +.PP +===================================== .SH FILES /etc/turnserver.conf @@ -594,8 +594,8 @@ to see the man page. /var/lib/turn/turndb .PP /usr/local/etc/turnserver.conf -.SH ================================= - +.PP +================================= .SH DIRECTORIES /usr/local/share/\fIturnserver\fP @@ -603,13 +603,14 @@ to see the man page. /usr/local/share/doc/\fIturnserver\fP .PP /usr/local/share/examples/\fIturnserver\fP -.SH =================================== - +.PP +=================================== .SH STANDARDS new STUN RFC 5389 -.SH TURN RFC 5766 - +.PP +TURN RFC 5766 +.PP TURN\-TCP extension RFC 6062 .PP TURN IPv6 extension RFC 6156 @@ -617,13 +618,14 @@ TURN IPv6 extension RFC 6156 STUN/TURN test vectors RFC 5769 .PP STUN NAT behavior discovery RFC 5780 -.SH ==================================== - +.PP +==================================== .SH SEE ALSO \fIturnserver\fP, \fIturnadmin\fP -.SH ====================================== - +.RE +.PP +====================================== .SS WEB RESOURCES project page: @@ -637,8 +639,9 @@ https://github.com/coturn/coturn/wiki forum: .PP https://groups.google.com/forum/?fromgroups=#!forum/turn\-server\-project\-rfc5766\-turn\-server/ -.SH ====================================== - +.RE +.PP +====================================== .SS AUTHORS Oleg Moskalenko