mirrors/coturn
1
0
Fork 0
mirror of https://github.com/coturn/coturn.git synced 2025-11-01 15:31:00 +01:00
Code Issues Projects Releases Wiki Activity
1,012 Commits 28 Branches 127 Tags
Commit Graph

1012 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mészáros Mihály
c534eaef41 Merge branch 'input-validation' 
Merge PR #472
 2020-02-18 14:46:11 +01:00
Mészáros Mihály
79361c170f Merge branch 'fips' 2020-02-18 14:36:37 +01:00
Mészáros Mihály
047102a44b Update travis ubuntu version to bionic 2020-02-12 11:31:45 +01:00
Mészáros Mihály
04d7cd1486
Merge pull request #478 from alepolidori/prod-opt 
turnserver.conf: add --prod section to enhance security
 2020-02-12 11:23:06 +01:00
Mészáros Mihály
fb0233a963
Merge pull request #463 from xthursdayx/master 
Updated turnserver.conf to fix typos and grammar to clarify documentation.
 2020-02-12 11:19:57 +01:00
Mészáros Mihály
e57c8fb2b6 Merge branch 'fix typo in README' 2020-02-12 11:07:04 +01:00
Mészáros Mihály
33692365ad Fix typo in README and run make-man.sh 2020-02-12 11:06:41 +01:00
Mészáros Mihály
092c5ad7e7 Update travis macOS image 2020-02-12 10:53:46 +01:00
Mészáros Mihály
fbd79ed560
Merge pull request #466 from chanduthedev/null-check 
added null check for second char
 2020-02-12 08:02:15 +01:00
Mészáros Mihály
4badbbf018
Merge pull request #470 from FeralInteractive/compiler-fixes 
Compiler warning fixes
 2020-02-12 07:56:54 +01:00
Mészáros Mihály
344d06cb34
Merge pull request #475 from raksonibs/patch-1 
Fix typo in README.docker
 2020-02-12 07:49:43 +01:00
Mészáros Mihály
d35b5e8457
Merge pull request #471 from FeralInteractive/leak-fix 
Fix a memory leak when an SHATYPE isn't supported
 2020-02-12 07:48:33 +01:00
Mészáros Mihály
374c719d56
Merge pull request #488 from raccoonback/master 
Fix typos about INSTALL filenames
 2020-02-12 07:40:03 +01:00
seungbin-ko
d1e04869b0 Updated INSTALL 
Fix typos about INSTALL filenames.
 2020-02-10 18:09:56 +09:00
Corey Cole
7af87e8107
docs(turnadmin): fix typo 2019-12-30 10:29:25 -08:00
Alessandro Polidori
3f3a3623c8 turnserver.conf: add --prod section to enhance security 2019-12-19 17:41:02 +01:00
Oskar Niburski
3a9924dd4d
Update README.docker 2019-12-12 18:13:38 -08:00
Feral Interactive
efa7a47632 Silence shadow variable declaration warning. 
'sar', 'value', and 'vlen' already exist in an outer scope and are safe to reuse since they're overwritten before being used again.
 2019-11-20 00:03:46 +00:00
Feral Interactive
9b8baa8055 Validate the size of an attribute before returning it to the caller. 
Previously this was being done in stun_attr_get_next_str() to check that the previous attribute didn't exceed the size of the underlying buffer, however by that point any maliciously crafted attributes would have already had their chance to attack the caller.
 2019-11-19 23:48:41 +00:00
Feral Interactive
14cb1c94e7 Validate the size of the buffer in stun_get_command_message_len_str(). 
Without this the caller could read off the end of the underlying buffer if it receives a maliciously crafted packet with an invalid header size.
 2019-11-19 23:48:34 +00:00
Feral Interactive
353e3b98e6 Add some casts to appease compiler warnings about narrowing. 2019-11-19 23:47:19 +00:00
Feral Interactive
b1990b6130 Liberally apply const where appropriate. 2019-11-19 23:47:11 +00:00
Feral Interactive
763d1f1b9c Fix a memory leak when an SHATYPE isn't supported. 
Deallocating `str` happens at the end of the function, so don't skip it when encountering an unsupported SHATYPE.
 2019-11-19 23:45:37 +00:00
chanduthedev
25338fa1c0 added null check for second char 2019-11-11 15:01:14 +08:00
xthursdayx
d355b992a7
Updated turnserver.conf 
Edited turnserver.conf for typos and language clarity.
 2019-11-09 15:52:37 -05:00
Mészáros Mihály
540ef5fd6e Comment out osx xcode 9.4 2019-10-28 11:16:52 +01:00
Mészáros Mihály
06a8793ca3 Merge PR#449 2019-10-22 15:10:58 +02:00
Mészáros Mihály
76d0698243
Merge pull request #449 from rao-donut/fix-dockerfile 
Fix Dockerfile for latest Debian
 2019-10-22 14:57:01 +02:00
Mészáros Mihály
4096a35d4d Update travis 2019-10-22 14:31:50 +02:00
Mészáros Mihály
4c21fcfba2 Merge PR#442 2019-10-22 13:28:11 +02:00
Mészáros Mihály
8c8af9ec85
Merge pull request #442 from chanduthedev/ssh-length 
Updated incorrect string length check for 'ssh'
 2019-10-22 13:17:32 +02:00
Mészáros Mihály
846dd07bfd
Merge pull request #417 from robert-scheck/append-log 
Append only to log files rather to override them
 2019-10-22 12:19:23 +02:00
Mészáros Mihály
577b0454dc Merge branch 'append-logs' 2019-10-22 12:07:25 +02:00
Mészáros Mihály
1dab47ce56 Add PR#417 2019-10-22 11:43:07 +02:00
Robert Scheck
cfdb99dc72 Append only to log files rather to override them (fixes #416) 2019-10-22 11:40:26 +02:00
Mészáros Mihály
eb0565efbb Merge branch 'typo' 2019-10-22 11:32:11 +02:00
Mészáros Mihály
6cd165117d Merge PR#455 2019-10-22 11:31:32 +02:00
chanduthedev
c317a19334 Some more typo's fixed 2019-10-16 13:56:32 +08:00
chanduthedev
0259b9115c
Type corrected. 
Replace sinse with 'since' and sever with 'server'.
 2019-10-14 18:33:13 +08:00
RIORAO
5b2a3ec2d0 Fix Dockerfile for latest Debian 2019-10-04 20:37:14 +09:00
chanduthedev
9b0e53c18a
Updated incorrect string length check for 'ssh' 
ssh length should be 3, but checking for 4. So updated memcmp method to 3 instead of 4.
 2019-09-27 14:36:03 +08:00
Bradley T. Hughes
24397e896c
Merge pull request #404 from PhillipVoyle/master 
Fix spelling mistake
 2019-08-04 21:42:56 +02:00
Robert Scheck
f1effd1a69 Append only to log files rather to override them (fixes #416) 2019-07-26 17:01:53 +02:00
Phillip Voyle
33b74fdc2a Fix spelling mistake 2019-05-30 14:23:44 +12:00
Byron Clark
0e03fa86df Remove OPENSSL_FIPS wrappers. 
Because we're building with a FIPS enabled OpenSSL instead of the FIPS
canister, the resulting build should be usable on both FIPS and non-FIPS
enabled systems. Since we can't rely on building with a FIPS enabled
OpenSSL, defer the check to runtime.
 2019-05-26 10:52:51 -06:00
Byron Clark
6b01b6f450 Allow MD5 in FIPS mode. 
This is one of those special cases where a non approved cryptographic
algorithm is allowed when operating in FIPS mode. Inform OpenSSL that
this is the case.

In the STUN RFC the long-term credential mechanism requires that the key
used in the HMAC-SHA1 generation be the MD5 of specific values:
https://tools.ietf.org/html/rfc5389#section-15.4

Since this is obfuscating parameters to be used in an approved
cryptographic algorithm, this is allowed usage per the [FIPS 140-2 Implementation Guidance](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/fips140-2/fips1402ig.pdf).
See page 81.

Without this change, coturn crashes when trying to set up any long-term
credential mechanism.
 2019-05-24 00:16:36 +00:00
Byron Clark
68feff5ca3 Use EVP_MD_CTX instead of MD5_CTX. 
Switch to EVP_MD_CTX APIs for MD5 to match how other digest types are
created in this function.
 2019-05-24 00:01:52 +00:00
Mészáros Mihály
9de0b2d420 Update Changelog PR #381 2019-05-21 15:31:10 +02:00
Mészáros Mihály
493efa3179
Merge pull request #381 from islamoglus/feature/configure_with_private_libs 
Modifying configure file for enable to compile with private libraries
 2019-05-21 13:38:39 +02:00
Mészáros Mihály
3bbed1c6d6 Merge remote-tracking branch 'noblewhale/master' 2019-05-21 13:30:14 +02:00