Fix memory corruption introduced by commit
c8663f4a91cd2d88f1d0e65144158c7bcfe8b35c
If there was an unsuccessful session registration in
open_client_connection_session, it adds a timer (before it didn't).
Later during runtime, at session destruction, it removes the
client_socket in close_ioa_socket. Then the timer gets triggered and
runs the cleanup method client_to_be_allocated_timeout_handler and tries
to access the stored client_socket. This then fails as it already was
freed.
The fix just sets the client_socket pointer to null and then the timer
should detect this and not access already freed memory.
The issue affects version 4.6.0, 4.6.0-r0 and 4.6.0-r1.
Co-authored-by: Paul Kramer <paul.kramer@logmein.com>
Fix memory corruption introduced by commit
c8663f4a91cd2d88f1d0e65144158c7bcfe8b35c
If there was an unsuccessful session registration in
open_client_connection_session, it adds a timer (before it didn't).
Later during runtime, at session destruction, it removes the
client_socket in close_ioa_socket. Then the timer gets triggered and
runs the cleanup method client_to_be_allocated_timeout_handler and tries
to access the stored client_socket. This then fails as it already was
freed.
The fix just sets the client_socket pointer to null and then the timer
should detect this and not access already freed memory.
The issue affects version 4.6.0, 4.6.0-r0 and 4.6.0-r1.
Co-authored-by: Paul Kramer <paul.kramer@logmein.com>
Originated by @KangLin in #1097
Create scripts that generate ChangeLog and Authors - can be
combined/called by other scripts during build process
Scripts are idempotent: running them multiple times should not change
anything
They do not commit or tag - up to the author/reviewer to make those
changes
The lists are generated in Markdown compatible format (so that we can
change those files to .md in the future)
NOTES:
- Authors file is generated in alphabetical order, disregarding specific
contributions
- ChangeLog file is generated in order of commits, omitting bot commits
(dependabot)
Co-authored-by: Kang Lin <kl222@126.com>
- build and test each platform separately on CI
- rework `Makefile` commands
- renew Docker tags description in README
Additionally:
- show output of failed tests
- ensure Docker images are not pulled in tests
- remove usage of deprecated `::set-output` GitHub Actions feature
Reformatting and removing some duplications:
- Some lines have WARNING WARNING: cleaned up.
- Lines printed using perror: only LOG_ mechanism should be used.
- Printing IO mechanism (epoll for example) for each thread: selected
mechanism logged once
- Duplicate lines (perror and also LOG): duplication removed
- Duplicates: clean up (because calling function multiple times -
configuration load)
Example usage with make:
make CPPFLAGS="-DTURN_SERVER_BUILD_INFO=\"\\\" git: $(git rev-parse
HEAD) build: 123\\\"\""
Example usage with cmake:
cmake .. -DTURN_SERVER_BUILD_INFO="\" git: $(git rev-parse HEAD) build:
123\""
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>
<p>This change adds a minimum runner version(node12 -> node16), which
can break users using an out-of-date/fork of the runner. This would be
most commonly affecting users on GHES 3.3 or before, as those runners do
not support node16 actions and they can use actions from github.com via
<a
href="https://docs.github.com/en/enterprise-server@3.0/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect">github
connect</a> or manually copying the repo to their GHES instance.</p>
</li>
<li>
<p>Few dependencies and cache action usage examples have also been
updated.</p>
</li>
</ul>
<h2>v2.1.7</h2>
<p>Support 10GB cache upload using the latest version <code>1.0.8</code>
of <a
href="https://www.npmjs.com/package/@actions/cache"><code>@actions/cache</code>
</a></p>
<h2>v2.1.6</h2>
<ul>
<li>Catch unhandled "bad file descriptor" errors that
sometimes occurs when the cache server returns non-successful response
(<a
href="https://github-redirect.dependabot.com/actions/cache/pull/596">actions/cache#596</a>)</li>
</ul>
<h2>v2.1.5</h2>
<ul>
<li>Fix permissions error seen when extracting caches with GNU tar that
were previously created using BSD tar (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/527">actions/cache#527</a>)</li>
</ul>
<h2>v2.1.4</h2>
<ul>
<li>Make caching more verbose <a
href="https://github-redirect.dependabot.com/actions/toolkit/pull/650">#650</a></li>
<li>Use GNU tar on macOS if available <a
href="https://github-redirect.dependabot.com/actions/toolkit/pull/701">#701</a></li>
</ul>
<h2>v2.1.3</h2>
<ul>
<li>Upgrades <code>@actions/core</code> to v1.2.6 for <a
href="https://github.com/advisories/GHSA-mfwh-5m23-j46w">CVE-2020-15228</a>.
This action was not using the affected methods.</li>
<li>Fix error handling in <code>uploadChunk</code> where 400-level
errors were not being detected and handled correctly</li>
</ul>
<h2>v2.1.2</h2>
<ul>
<li>Adds input to limit the chunk upload size, useful for self-hosted
runners with slower upload speeds</li>
<li>No-op when executing on GHES</li>
</ul>
<h2>v2.1.1</h2>
<ul>
<li>Update <code>@actions/cache</code> package to <code>v1.0.2</code>
which allows cache action to use posix format when taring files.</li>
</ul>
<h2>v2.1.0</h2>
<ul>
<li>Replaces the <code>http-client</code> with the Azure Storage SDK for
NodeJS when downloading cache content from Azure. This should help
improve download performance and reliability as the SDK downloads files
in 4 MB chunks, which can be parallelized and retried independently</li>
<li>Display download progress and speed</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files > 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/624">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://github-redirect.dependabot.com/actions/cache/issues/689">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://github-redirect.dependabot.com/actions/cache/pull/834">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/809">#809</a>
- zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/833">#833</a>
- cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://github-redirect.dependabot.com/actions/cache/issues/810">#810</a>
- download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://github-redirect.dependabot.com/actions/cache/issues/888">#888</a>
and <a
href="https://github-redirect.dependabot.com/actions/cache/issues/891">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<h3>3.0.11</h3>
<ul>
<li>Update toolkit version to 3.0.5 to include
<code>@actions/core@^1.10.0</code></li>
<li>Update <code>@actions/cache</code> to use updated
<code>saveState</code> and <code>setOutput</code> functions from
<code>@actions/core@^1.10.0</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9b0c1fce7a"><code>9b0c1fc</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/actions/cache/issues/956">#956</a>
from actions/pdotl-version-bump</li>
<li><a
href="18103f63fe"><code>18103f6</code></a>
Fix licensed status error</li>
<li><a
href="3e383cd9c3"><code>3e383cd</code></a>
Update RELEASES</li>
<li><a
href="43428ea056"><code>43428ea</code></a>
toolkit versioon update and version bump for cache</li>
<li><a
href="1c73980b09"><code>1c73980</code></a>
3.0.11</li>
<li><a
href="a3f5edc237"><code>a3f5edc</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/actions/cache/issues/950">#950</a>
from rentziass/rentziass/update-actions-core</li>
<li><a
href="831ee695a5"><code>831ee69</code></a>
Update licenses</li>
<li><a
href="b9c8bfe442"><code>b9c8bfe</code></a>
Update <code>@actions/core</code> to 1.10.0</li>
<li><a
href="0f20846208"><code>0f20846</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/actions/cache/issues/946">#946</a>
from actions/Phantsure-patch-2</li>
<li><a
href="862fc14188"><code>862fc14</code></a>
Update README.md</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/v2...v3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
I would like to get feedback on this and see if people is confortable
with these clang rules.
Right now is using the "llvm" style increasing the line length from 80
to 120 given that coturn is using long lines often.
Co-authored-by: Pavel Punsky <eakraly@users.noreply.github.com>
Prometheus would aggregate across all labels (when not specifying)
In this scenario `turn_total_allocations` does not need separate label
"type=all" as such in this case the result would be double the actual
amount
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update default runtime to node16 (<a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/293">#293</a>)</li>
<li>Update package-lock.json file version to 2 (<a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/302">#302</a>)</li>
</ul>
<h3>Breaking Changes</h3>
<p>With the update to Node 16, all scripts will now be run with Node 16
rather than Node 12.</p>
<h2>v2.3.1</h2>
<p>Fix for empty fails on Windows failing on upload <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/281">#281</a></p>
<h2>v2.3.0 Upload Artifact</h2>
<ul>
<li>Optimizations for faster uploads of larger files that are already
compressed</li>
<li>Significantly improved logging when there are chunked uploads</li>
<li>Clarifications in logs around the upload size and prohibited
characters that aren't allowed in the artifact name or any uploaded
files</li>
<li>Various other small bugfixes & optimizations</li>
</ul>
<h2>v2.2.4</h2>
<ul>
<li>Retry on HTTP 500 responses from the service</li>
</ul>
<h2>v2.2.3</h2>
<ul>
<li>Fixes for proxy related issues</li>
</ul>
<h2>v2.2.2</h2>
<ul>
<li>Improved retryability and error handling</li>
</ul>
<h2>v2.2.1</h2>
<ul>
<li>Update used actions/core package to the latest version</li>
</ul>
<h2>v2.2.0</h2>
<ul>
<li>Support for artifact retention</li>
</ul>
<h2>v2.1.4</h2>
<ul>
<li>Add Third Party License Information</li>
</ul>
<h2>v2.1.3</h2>
<ul>
<li>Use updated version of the <code>@action/artifact</code> NPM
package</li>
</ul>
<h2>v2.1.2</h2>
<ul>
<li>Increase upload chunk size from 4MB to 8MB</li>
<li>Detect case insensitive file uploads</li>
</ul>
<h2>v2.1.1</h2>
<ul>
<li>Fix for certain symlinks not correctly being identified as
directories before starting uploads</li>
</ul>
<h2>v2.1.0</h2>
<ul>
<li>Support for uploading artifacts with multiple paths</li>
<li>Support for using exclude paths</li>
<li>Updates to dependencies</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="83fd05a356"><code>83fd05a</code></a>
Bump actions-core to v1.10.0 (<a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/356">#356</a>)</li>
<li><a
href="3cea537223"><code>3cea537</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/327">#327</a>
from actions/robherley/artifact-1.1.0</li>
<li><a
href="849aa7758a"><code>849aa77</code></a>
nvm use 12 & npm run release</li>
<li><a
href="4d3986961d"><code>4d39869</code></a>
recompile with correct ncc version</li>
<li><a
href="2e0d362ec5"><code>2e0d362</code></a>
bump <code>@actions/artifact</code> to 1.1.0</li>
<li><a
href="09a5d6a283"><code>09a5d6a</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/320">#320</a>
from actions/dependabot/npm_and_yarn/ansi-regex-4.1.1</li>
<li><a
href="189315d910"><code>189315d</code></a>
Bump ansi-regex from 4.1.0 to 4.1.1</li>
<li><a
href="d159c2d80b"><code>d159c2d</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/297">#297</a>
from actions/dependabot/npm_and_yarn/ajv-6.12.6</li>
<li><a
href="c26a7ba4b5"><code>c26a7ba</code></a>
Bump ajv from 6.11.0 to 6.12.6</li>
<li><a
href="6ed6c72922"><code>6ed6c72</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/303">#303</a>
from actions/dependabot/npm_and_yarn/yargs-parser-13.1.2</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/upload-artifact/compare/v2...v3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The `sm_allocated` field is an array of `size_t` values. Therefore its
size must be calculated as `n * sizeof(size_t)`.
Our static code analysis tool complained:
```
Sizeof not portable (SIZEOF_MISMATCH)
suspicious_sizeof: Passing argument r->sm_allocated of type size_t * and argument (r->sm_chunk + 1) * 8UL /* sizeof (size_t *) */ to function realloc is suspicious. In this case, sizeof (size_t *) is equal to sizeof (size_t), but this is not a portable assumption.
```
Fix: #1045
`TURN_NO_HIREDIS` is defined when hiredis library is not present and any
redis functionality must be disabled
While all above is correct, it does not require ifdef-ing out all
related code.
For example, redis related fields in `turn_params` do not need to be
compiled out. Same for certain function parameters.
This PR reduces amount of places in code where `TURN_NO_HIREDIS` is used
to make code simpler by moving as much usage of this define into
dbd_redis.h/c files and compiling them unconditionally.
- Always compile/link `dbd_redis.c`
- Move many `TURN_NO_HIREDIS` decisions into `dbd_redis.c`
- Delete empty function redis_async_init
Disables default log output to stdout if stdout is set as logfile.
When execute `turnutils_stunclient` , the output will be duplicated as
in the following example.
```
$ ./turnutils_stunclient stun.example.com
0: : IPv4. UDP reflexive addr: 203.0.113.1:10000
0: : IPv4. UDP reflexive addr: 203.0.113.1:10000
```
This is because stdout is set in `set_logfile` and furthermore log
output to stdout is done by default.
In this change, call `set_no_stdout_log` to disable default log output
to stdout when stdout is set as logfile.
This solves the problem of duplicate output to stdout of the same log.
`TURN_NO_PROMETHEUS` is defined when prometheus libraries are not
present and any prometheus functionality must be disabled
While all above is correct, it does not require ifdef-ing out all
related code.
For example, prometheus related fields in turn_params do not need to be
compiled out. Same for certain function parameters.
This PR reduces amount of places in code where `TURN_NO_PROMETHEUS` is
used to make code simpler by moving as much usage of this define into
prom_server.h/c files and compiling them unconditionally.
- Always compile/link prom_server.c
- Move many TURN_NO_PROMETHEUS decisions into prom_server.c
The following changes have been made:
1. Replace deprecated functions with new standard functions
2. Add corresponding MSVC functions for non-standard functions
3. Remove warnings about unsafe functions
4. CMAKE: modify find pack Libevent and openssl
5. Modify include files
6. Use pthread4W
7. Modify socket in windows
8. Add CI - github action
8.1. msvc
8.2. mingw
10. The database:
9.1. sqlite, pgsql, hiredis, mongo is test compiled.
9.2. mysql, isnot test compiled.
11. The applications、server can be compiled and run successfully!
12. Add vcpkg manifest mode in cmake.
Modify SSL backlog buffer from LIFO to queue/FIFO
If data ends up in the ssl_backlog_buffer because we are waiting for a
handshake to finish, then this change ensures that the data is sent out
in the proper order once the handshake completes. Previous code was
sending in LIFO order.
Fix the issue https://github.com/coturn/coturn/issues/118 that prevent
the process to start as coturn never send the notification to systemd
thus preventing the startup.
Cherry-picked from #990 thanks to @rapsys
