diff --git a/.travis.yml b/.travis.yml index fb5c95df..384c852d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -52,6 +52,6 @@ notifications: secure: N12+BCGiTDzfKkYnjF+666ZhREuBncfPpWge9AdG6DwusyGza+hNrjfRRHjF8WfGQj+X8ogFoF1lVFDC27lwH1ElOv4GJHShnGbtsWv10Va1GdDafDeC5JorUNWHlsDHC1AZkNUj9n2KAZTSbN076gUaNhwsXob/B1MEnNKXibitDdyE2FC6wCRu6ckXM4UiEXoG/a7lHS4m9dKt2xDUNK8vwhtRdCkip9YW8rUFdiwqMScdr9OdF8YWiKJIUYV7LC7eXF0YqslWTJkeIMEEnvotLs4JNytFz1wNPzTiY8hM4nPM0YwC1oPhFWlBodQ1x+dBX3vxitnque0gVhj/p6Eij0amM3tirgONw/r2V9JToE6vfh6ERAWIVzI/+tmqcEbZZvwcgafZphlT9W/8Gzy/av/zTpdfaTUEYnsuQRCA87FPIFAAVjzSmT3llY6WQXFB+UU0T0ZE42PkPqhR3zpjqt7nDXf2g1ZY5ZRkWRvznyqBdrVx0Ld8AKnv/Ynk/KqiJqV94DUMhGzAadqbYrDL/87eiDtW4lBpCl7cQnfEI7besdduNzWlgmJ93CU1kyruK37/w+D1jyBnc1ppQTj1+B2GanB0weY7ViNqyQmN+tam7EmM+9R8VKMi8EO0xlvb1YFL18NtrCMMMEsZRHj823g68lFntUWs5oGsFMI= email: recipients: - - bakfitty@gmail.com + - misi@majd.eu # on_success: [always|never|change] # default: always # on_failure: [always|never|change] # default: always diff --git a/AUTHORS b/AUTHORS index 5d2b4538..fffbc68d 100644 --- a/AUTHORS +++ b/AUTHORS @@ -52,6 +52,6 @@ Bradley T. Hughes : FreeBSD port (since v4.1.2.1) -Mészáros Mihály : +Mészáros Mihály : OAuth utility, NAT behavior Discovery (since v4.5.0.4) diff --git a/ChangeLog b/ChangeLog index eb0e387f..8a5767b3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,18 +1,21 @@ -12/11/2017 Oleg Moskalenko +27/09/2018 Oleg Moskalenko Mihály Mészáros +Version 4.5.0.9 'dan Eider': + +27/09/2018 Oleg Moskalenko Mihály Mészáros Version 4.5.0.8 'dan Eider': - Travis CI integration - - hint with comment fallthrough to avoid warning + - to avoid warnings add compiler comment hint to fallthrough - reload-tls-certs PR#236 (by Arne Georg Gisnås Gleditsch) - - minor fixe PR#223 (by Pavel Kretov) + - minor fixes PR#223 (by Pavel Kretov) move rm Makefile to distclean list all phony targets - Fix typo PR#253 (by Orsiris de Jong) - - Fix WebRTC client IPv6 stuck connection. (issue #217) + - Fix stuck IPv6 connections. (issue #217) THX to damencho, vol4iniche - Spelling fixes. - Add a warning if --lt-cred-mech and --use-auth-secret both presents. - Revert "Add the realm parameter in the example config file (by Domenico)" - - Fix for Verbose config file option -v cli option overridea + - Fix for Verbose config file option -v cli option override - Add a Notice to config about realm default value is the domain name. - Update total allocation usage on client shutdown - Fix total and user quota mix-up @@ -24,8 +27,9 @@ Version 4.5.0.8 'dan Eider': - Fix --prod pointer bug - Fix auth server thread detach race (by weishuyin) - New Feature: Add -K --keep-address-family - Be aware if you enable it, then it breaks rfc6156 section-4.2 (default IPv4 family) + Be aware if you enable it, then it breaks rfc6156 section 4.2 (default IPv4 family fallback) - Fix dtls double free crash + - Fix compilation errors and warnings (by Oleg) 12/10/2017 Oleg Moskalenko Version 4.5.0.7 'dan Eider': diff --git a/README.turnadmin b/README.turnadmin index b3cd0e97..3cb375b2 100644 --- a/README.turnadmin +++ b/README.turnadmin @@ -271,4 +271,4 @@ to see the man page. Bradley T. Hughes - Mihaly Meszaros + Mihaly Meszaros diff --git a/README.turnserver b/README.turnserver index a5344580..cb764c01 100644 --- a/README.turnserver +++ b/README.turnserver @@ -984,4 +984,4 @@ https://groups.google.com/forum/?fromgroups=#!forum/turn-server-project-rfc5766- Bradley T. Hughes - Mihaly Meszaros + Mihaly Meszaros diff --git a/README.turnutils b/README.turnutils index d995f9ad..39fda214 100644 --- a/README.turnutils +++ b/README.turnutils @@ -474,4 +474,4 @@ SEE ALSO Bradley T. Hughes - Mihaly Meszaros + Mihaly Meszaros diff --git a/man/man1/turnadmin.1 b/man/man1/turnadmin.1 index 6b91e6fb..cdcb4c9c 100644 --- a/man/man1/turnadmin.1 +++ b/man/man1/turnadmin.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "12 September 2018" "" "" +.TH TURN 1 "31 October 2018" "" "" .SH GENERAL INFORMATION \fIturnadmin\fP is a TURN administration tool. This tool can be used to manage @@ -374,4 +374,4 @@ Federico Pinna .PP Bradley T. Hughes .PP -Mihaly Meszaros +Mihaly Meszaros diff --git a/man/man1/turnserver.1 b/man/man1/turnserver.1 index 7a228d54..183256d3 100644 --- a/man/man1/turnserver.1 +++ b/man/man1/turnserver.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "12 September 2018" "" "" +.TH TURN 1 "31 October 2018" "" "" .SH GENERAL INFORMATION The \fBTURN Server\fP project contains the source code of a TURN server and TURN client @@ -810,6 +810,12 @@ Local system IP address to be used for Web\-admin server endpoint. Default value Web\-admin server port. Default is 8080. .TP .B +\fB\-\-web\-admin\-listen\-on\-workers\fP +Enable for web\-admin server to listens on STUN/TURN workers STUN/TURN ports. +By default it is disabled for security resons! +(This beahvior used to be the default bahavior, and was enabled by default.) +.TP +.B \fB\-\-ne\fP=[1|2|3] Set network engine type for the process (for internal purposes). .PP @@ -1241,4 +1247,4 @@ Federico Pinna .PP Bradley T. Hughes .PP -Mihaly Meszaros +Mihaly Meszaros diff --git a/man/man1/turnutils.1 b/man/man1/turnutils.1 index 743aac0e..b9808795 100644 --- a/man/man1/turnutils.1 +++ b/man/man1/turnutils.1 @@ -1,5 +1,5 @@ .\" Text automatically generated by txt2man -.TH TURN 1 "12 September 2018" "" "" +.TH TURN 1 "31 October 2018" "" "" .SH GENERAL INFORMATION A set of turnutils_* programs provides some utility functionality to be used @@ -669,6 +669,5 @@ Mutsutoshi Yoshimoto Federico Pinna .PP Bradley T. Hughes -.RE .PP -Mihaly Meszaros +Mihaly Meszaros diff --git a/rpm/build.settings.sh b/rpm/build.settings.sh index cf95b46e..0ae0ad32 100755 --- a/rpm/build.settings.sh +++ b/rpm/build.settings.sh @@ -2,7 +2,7 @@ # Common settings script. -TURNVERSION=4.5.0.7 +TURNVERSION=4.5.0.8 BUILDDIR=~/rpmbuild ARCH=`uname -p` TURNSERVER_GIT_URL=https://github.com/coturn/coturn.git diff --git a/rpm/turnserver.spec b/rpm/turnserver.spec index 516b7934..77a03ae1 100644 --- a/rpm/turnserver.spec +++ b/rpm/turnserver.spec @@ -1,5 +1,5 @@ Name: turnserver -Version: 4.5.0.7 +Version: 4.5.0.8 Release: 0%{dist} Summary: Coturn TURN Server @@ -295,6 +295,8 @@ fi %{_includedir}/turn/client/TurnMsgLib.h %changelog +* Thu Sep 27 2018 Oleg Moskalenko + - Sync to 4.5.0.8 * Sun Dec 10 2017 Oleg Moskalenko - Sync to 4.5.0.7 * Mon Oct 17 2016 Oleg Moskalenko diff --git a/src/apps/relay/dbdrivers/dbd_mysql.c b/src/apps/relay/dbdrivers/dbd_mysql.c index 6b6bd6fd..d54542a6 100644 --- a/src/apps/relay/dbdrivers/dbd_mysql.c +++ b/src/apps/relay/dbdrivers/dbd_mysql.c @@ -73,7 +73,7 @@ static void MyconninfoFree(Myconninfo *co) { ns_bzero(co,sizeof(Myconninfo)); } } -struct ctr_state state; + char* decryptPassword(char* in, const unsigned char* mykey){ char *out; @@ -85,6 +85,7 @@ char* decryptPassword(char* in, const unsigned char* mykey){ int bytes_to_decode = strlen(in); unsigned char *encryptedText = base64decode(in, bytes_to_decode); //changed char last[1024]=""; + struct ctr_state state; init_ctr(&state, iv); memset(outdata,'\0', sizeof(outdata)); @@ -95,7 +96,7 @@ char* decryptPassword(char* in, const unsigned char* mykey){ #endif strcat(last,(char*)outdata); - out=malloc(sizeof(char)*strlen(last)); + out=(char*)malloc(sizeof(char)*strlen(last)); strcpy(out,last); return out; } diff --git a/src/apps/relay/mainrelay.c b/src/apps/relay/mainrelay.c index f4640df6..85424058 100644 --- a/src/apps/relay/mainrelay.c +++ b/src/apps/relay/mainrelay.c @@ -957,8 +957,6 @@ static const struct myoption admin_long_options[] = { { NULL, no_argument, NULL, 0 } }; - -struct ctr_state state; int init_ctr(struct ctr_state *state, const unsigned char iv[8]){ state->num = 0; memset(state->ecount, 0, 16); @@ -966,6 +964,7 @@ int init_ctr(struct ctr_state *state, const unsigned char iv[8]){ memcpy(state->ivec, iv, 8); return 1; } + unsigned char *base64encode (const void *b64_encode_this, int encode_this_many_bytes){ BIO *b64_bio, *mem_bio; //Declares two OpenSSL BIOs: a base64 filter and a memory BIO. BUF_MEM *mem_bio_mem_ptr; //Pointer to a "memory BIO" structure holding our base64 data. @@ -974,9 +973,9 @@ unsigned char *base64encode (const void *b64_encode_this, int encode_this_many_b BIO_push(b64_bio, mem_bio); //Link the BIOs by creating a filter-sink BIO chain. BIO_set_flags(b64_bio, BIO_FLAGS_BASE64_NO_NL); //No newlines every 64 characters or less. BIO_write(b64_bio, b64_encode_this, encode_this_many_bytes); //Records base64 encoded data. - BIO_flush(b64_bio); //Flush data. Necessary for b64 encoding, because of pad characters. + (void)BIO_flush(b64_bio); //Flush data. Necessary for b64 encoding, because of pad characters. BIO_get_mem_ptr(mem_bio, &mem_bio_mem_ptr); //Store address of mem_bio's memory structure. - BIO_set_close(mem_bio, BIO_NOCLOSE); //Permit access to mem_ptr after BIOs are destroyed. + (void)BIO_set_close(mem_bio, BIO_NOCLOSE); //Permit access to mem_ptr after BIOs are destroyed. BIO_free_all(b64_bio); //Destroys all BIOs in chain, starting with b64 (i.e. the 1st one). BUF_MEM_grow(mem_bio_mem_ptr, (*mem_bio_mem_ptr).length + 1); //Makes space for end null. (*mem_bio_mem_ptr).data[(*mem_bio_mem_ptr).length] = '\0'; //Adds null-terminator to tail. @@ -992,6 +991,7 @@ void encrypt_aes_128(unsigned char* in, const unsigned char* mykey){ AES_set_encrypt_key(mykey, 128, &key); char total[256]; int size=0; + struct ctr_state state; init_ctr(&state, iv); #if OPENSSL_VERSION_NUMBER >= 0x10100000L @@ -1045,7 +1045,7 @@ void generate_aes_128_key(char* filePath, unsigned char* returnedKey){ unsigned char *base64decode (const void *b64_decode_this, int decode_this_many_bytes){ BIO *b64_bio, *mem_bio; //Declares two OpenSSL BIOs: a base64 filter and a memory BIO. - unsigned char *base64_decoded = calloc( (decode_this_many_bytes*3)/4+1, sizeof(char) ); //+1 = null. + unsigned char *base64_decoded = (unsigned char*)calloc( (decode_this_many_bytes*3)/4+1, sizeof(char) ); //+1 = null. b64_bio = BIO_new(BIO_f_base64()); //Initialize our base64 filter BIO. mem_bio = BIO_new(BIO_s_mem()); //Initialize our memory source BIO. BIO_write(mem_bio, b64_decode_this, decode_this_many_bytes); //Base64 data saved in source. @@ -1080,6 +1080,7 @@ void decrypt_aes_128(char* in, const unsigned char* mykey){ int bytes_to_decode = strlen(in); unsigned char *encryptedText = base64decode(in, bytes_to_decode); char last[1024]=""; + struct ctr_state state; init_ctr(&state, iv); memset(outdata,'\0', sizeof(outdata)); diff --git a/src/apps/relay/mainrelay.h b/src/apps/relay/mainrelay.h index 631ab2f6..b679ad93 100644 --- a/src/apps/relay/mainrelay.h +++ b/src/apps/relay/mainrelay.h @@ -80,7 +80,10 @@ #include #include #include -#include + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + #include +#endif #ifdef __cplusplus extern "C" { diff --git a/src/server/ns_turn_server.c b/src/server/ns_turn_server.c index 5a7515e9..3e401fb9 100644 --- a/src/server/ns_turn_server.c +++ b/src/server/ns_turn_server.c @@ -1269,8 +1269,6 @@ static int handle_turn_allocate(turn_turnserver *server, a_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV4; break; } - if(get_ioa_socket_address_family(ss->client_socket) == AF_INET6) - a_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6; } int res = create_relay_connection(server, ss, lifetime,