[pull] master from coturn:master #51
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
tyranron
force-pushed
the
master
branch
3 times, most recently
from
300eb2d to
32e9773
Compare
tyranron
force-pushed
the
master
branch
2 times, most recently
from
883c06f to
f383e5e
Compare
Function with no arguments must be defined as f(void) according to C standard
Remove unnecessary declaration. The implementation of the vrtpprintf function has been removed in commit 5e87c44.
`TURN_NO_PROMETHEUS` is defined when prometheus libraries are not present and any prometheus functionality must be disabled While all above is correct, it does not require ifdef-ing out all related code. For example, prometheus related fields in turn_params do not need to be compiled out. Same for certain function parameters. This PR reduces amount of places in code where `TURN_NO_PROMETHEUS` is used to make code simpler by moving as much usage of this define into prom_server.h/c files and compiling them unconditionally. - Always compile/link prom_server.c - Move many TURN_NO_PROMETHEUS decisions into prom_server.c
Disables default log output to stdout if stdout is set as logfile. When execute `turnutils_stunclient` , the output will be duplicated as in the following example. ``` $ ./turnutils_stunclient stun.example.com 0: : IPv4. UDP reflexive addr: 203.0.113.1:10000 0: : IPv4. UDP reflexive addr: 203.0.113.1:10000 ``` This is because stdout is set in `set_logfile` and furthermore log output to stdout is done by default. In this change, call `set_no_stdout_log` to disable default log output to stdout when stdout is set as logfile. This solves the problem of duplicate output to stdout of the same log.
`TURN_NO_HIREDIS` is defined when hiredis library is not present and any redis functionality must be disabled While all above is correct, it does not require ifdef-ing out all related code. For example, redis related fields in `turn_params` do not need to be compiled out. Same for certain function parameters. This PR reduces amount of places in code where `TURN_NO_HIREDIS` is used to make code simpler by moving as much usage of this define into dbd_redis.h/c files and compiling them unconditionally. - Always compile/link `dbd_redis.c` - Move many `TURN_NO_HIREDIS` decisions into `dbd_redis.c` - Delete empty function redis_async_init
On LLP64 systems (read Windows) unsigned long is only 4 bytes wide, which makes it very unsuitable for storing pointers. ----- Additional comments: uintptr_t since c99 or uintptr_t since C++11 see: https://cplusplus.com/reference/cstdint/, https://en.cppreference.com/w/c/types/integer, https://en.cppreference.com/w/cpp/types/integer C11 re-enabled in #1056
`__APPLE__` is enough to detect macOS
Warning emitted from GCC: ``` warning: passing argument 1 of ‘free’ discards ‘const’ qualifier from pointer target type ```
The `sm_allocated` field is an array of `size_t` values. Therefore its size must be calculated as `n * sizeof(size_t)`. Our static code analysis tool complained: ``` Sizeof not portable (SIZEOF_MISMATCH) suspicious_sizeof: Passing argument r->sm_allocated of type size_t * and argument (r->sm_chunk + 1) * 8UL /* sizeof (size_t *) */ to function realloc is suspicious. In this case, sizeof (size_t *) is equal to sizeof (size_t), but this is not a portable assumption. ``` Fix: #1045
The MSVC CI pipelines broke in #1056 due to the bump in C standard version.
The previously used version of khash trigged some static code analysis warnings that are gone with the latest version: https://github.com/attractivechaos/klib/blob/9a063b33efd841fcc42d4b9f68cb78bb528bf75b/khash.h
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <ul> <li>Updated to the node16 runtime by default <ul> <li>This requires a minimum <a href="https://github.com/actions/runner/releases/tag/v2.285.0">Actions Runner</a> version of v2.285.0 to run, which is by default available in GHES 3.4 or later.</li> </ul> </li> </ul> <h2>v2.5.0</h2> <h2>What's Changed</h2> <ul> <li>Update <code>@actions/core</code> to 1.10.0 by <a href="https://github.com/rentziass"><code>@rentziass</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/962">actions/checkout#962</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v2...v2.5.0">https://github.com/actions/checkout/compare/v2...v2.5.0</a></p> <h2>v2.4.2</h2> <h2>What's Changed</h2> <ul> <li>Add set-safe-directory input to allow customers to take control. (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/770">#770</a>) by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/776">actions/checkout#776</a></li> <li>Prepare changelog for v2.4.2. by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/778">actions/checkout#778</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v2...v2.4.2">https://github.com/actions/checkout/compare/v2...v2.4.2</a></p> <h2>v2.4.1</h2> <ul> <li>Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></li> </ul> <h2>v2.4.0</h2> <ul> <li>Convert SSH URLs like <code>org-<ORG_ID>@github.com:</code> to <code>https://github.com/</code> - <a href="https://github-redirect.dependabot.com/actions/checkout/pull/621">pr</a></li> </ul> <h2>v2.3.5</h2> <p>Update dependencies</p> <h2>v2.3.4</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/379">Add missing <code>await</code>s</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/360">Swap to Environment Files</a></li> </ul> <h2>v2.3.3</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/345">Remove Unneeded commit information from build logs</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/326">Add Licensed to verify third party dependencies</a></li> </ul> <h2>v2.3.2</h2> <p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/320">Add Third Party License Information to Dist Files</a></p> <h2>v2.3.1</h2> <p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></p> <h2>v2.3.0</h2> <p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/278">Fallback to the default branch</a></p> <h2>v2.2.0</h2> <p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></p> <h2>v2.1.1</h2> <p>Changes to support GHES (<a href="https://github-redirect.dependabot.com/actions/checkout/pull/236">here</a> and <a href="https://github-redirect.dependabot.com/actions/checkout/pull/248">here</a>)</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v3.1.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/939">Use <code>@actions/core</code> <code>saveState</code> and <code>getState</code></a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li> </ul> <h2>v3.0.2</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li> </ul> <h2>v3.0.1</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/744">Bumped various npm package versions</a></li> </ul> <h2>v3.0.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/689">Update to node 16</a></li> </ul> <h2>v2.3.1</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></li> </ul> <h2>v2.3.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/278">Fallback to the default branch</a></li> </ul> <h2>v2.2.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></li> </ul> <h2>v2.1.1</h2> <ul> <li>Changes to support GHES (<a href="https://github-redirect.dependabot.com/actions/checkout/pull/236">here</a> and <a href="https://github-redirect.dependabot.com/actions/checkout/pull/248">here</a>)</li> </ul> <h2>v2.1.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/191">Group output</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/199">Changes to support GHES alpha release</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/184">Persist core.sshCommand for submodules</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/163">Add support ssh</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/179">Convert submodule SSH URL to HTTPS, when not using SSH</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/157">Add submodule support</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/144">Follow proxy settings</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/141">Fix ref for pr closed event when a pr is merged</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/128">Fix issue checking detached when git less than 2.22</a></li> </ul> <h2>v2.0.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/108">Do not pass cred on command line</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/107">Add input persist-credentials</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/104">Fallback to REST API to download repo</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8"><code>93ea575</code></a> Prepare release v3.1.0 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/940">#940</a>)</li> <li><a href="https://github.com/actions/checkout/commit/6a84743051be17cee477b0a26bd866b5dba996e4"><code>6a84743</code></a> Bump <code>@actions/core</code> to 1.10.0 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/939">#939</a>)</li> <li><a href="https://github.com/actions/checkout/commit/e6d535c99c374d0c3f6d8cd8086a57b43c6c700a"><code>e6d535c</code></a> Inject GitHub host to be able to clone from another GitHub instance (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/922">#922</a>)</li> <li><a href="https://github.com/actions/checkout/commit/2541b1294d2704b0964813337f33b291d3f8596b"><code>2541b12</code></a> Prepare changelog for v3.0.2. (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/777">#777</a>)</li> <li><a href="https://github.com/actions/checkout/commit/0ffe6f9c5599e73776da5b7f113e994bc0a76ede"><code>0ffe6f9</code></a> Add set-safe-directory input to allow customers to take control. (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/770">#770</a>)</li> <li><a href="https://github.com/actions/checkout/commit/dcd71f646680f2efd8db4afa5ad64fdcba30e748"><code>dcd71f6</code></a> Enforce safe directory (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/762">#762</a>)</li> <li><a href="https://github.com/actions/checkout/commit/add3486cc3b55d4a5e11c8045058cef96538edc7"><code>add3486</code></a> Patch to fix the dependbot alert. (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/744">#744</a>)</li> <li><a href="https://github.com/actions/checkout/commit/5126516654c75f76bca1de45dd82a3006d8890f9"><code>5126516</code></a> Bump minimist from 1.2.5 to 1.2.6 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/741">#741</a>)</li> <li><a href="https://github.com/actions/checkout/commit/d50f8ea76748df49594d9b109b614f3b4db63c71"><code>d50f8ea</code></a> Add v3.0 release information to changelog (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/740">#740</a>)</li> <li><a href="https://github.com/actions/checkout/commit/2d1c1198e79c30cca5c3957b1e3b65ce95b5356e"><code>2d1c119</code></a> update test workflows to checkout v3 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/709">#709</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/checkout/compare/v2...v3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update default runtime to node16 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/293">#293</a>)</li> <li>Update package-lock.json file version to 2 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/302">#302</a>)</li> </ul> <h3>Breaking Changes</h3> <p>With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.</p> <h2>v2.3.1</h2> <p>Fix for empty fails on Windows failing on upload <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/281">#281</a></p> <h2>v2.3.0 Upload Artifact</h2> <ul> <li>Optimizations for faster uploads of larger files that are already compressed</li> <li>Significantly improved logging when there are chunked uploads</li> <li>Clarifications in logs around the upload size and prohibited characters that aren't allowed in the artifact name or any uploaded files</li> <li>Various other small bugfixes & optimizations</li> </ul> <h2>v2.2.4</h2> <ul> <li>Retry on HTTP 500 responses from the service</li> </ul> <h2>v2.2.3</h2> <ul> <li>Fixes for proxy related issues</li> </ul> <h2>v2.2.2</h2> <ul> <li>Improved retryability and error handling</li> </ul> <h2>v2.2.1</h2> <ul> <li>Update used actions/core package to the latest version</li> </ul> <h2>v2.2.0</h2> <ul> <li>Support for artifact retention</li> </ul> <h2>v2.1.4</h2> <ul> <li>Add Third Party License Information</li> </ul> <h2>v2.1.3</h2> <ul> <li>Use updated version of the <code>@action/artifact</code> NPM package</li> </ul> <h2>v2.1.2</h2> <ul> <li>Increase upload chunk size from 4MB to 8MB</li> <li>Detect case insensitive file uploads</li> </ul> <h2>v2.1.1</h2> <ul> <li>Fix for certain symlinks not correctly being identified as directories before starting uploads</li> </ul> <h2>v2.1.0</h2> <ul> <li>Support for uploading artifacts with multiple paths</li> <li>Support for using exclude paths</li> <li>Updates to dependencies</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/83fd05a356d7e2593de66fc9913b3002723633cb"><code>83fd05a</code></a> Bump actions-core to v1.10.0 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/356">#356</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/3cea5372237819ed00197afe530f5a7ea3e805c8"><code>3cea537</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/327">#327</a> from actions/robherley/artifact-1.1.0</li> <li><a href="https://github.com/actions/upload-artifact/commit/849aa7758a428ee22be38de371b49c8bd57c4b9d"><code>849aa77</code></a> nvm use 12 & npm run release</li> <li><a href="https://github.com/actions/upload-artifact/commit/4d3986961d0423ba9a593efb490a2960eb65f43b"><code>4d39869</code></a> recompile with correct ncc version</li> <li><a href="https://github.com/actions/upload-artifact/commit/2e0d362ec5cf81e334dda822c49c96dcd4b7df2c"><code>2e0d362</code></a> bump <code>@actions/artifact</code> to 1.1.0</li> <li><a href="https://github.com/actions/upload-artifact/commit/09a5d6a283da3e7c9f3253a5d4cdab2347712a66"><code>09a5d6a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/320">#320</a> from actions/dependabot/npm_and_yarn/ansi-regex-4.1.1</li> <li><a href="https://github.com/actions/upload-artifact/commit/189315d9106f43a2a8eb60836608bb96b1f69d77"><code>189315d</code></a> Bump ansi-regex from 4.1.0 to 4.1.1</li> <li><a href="https://github.com/actions/upload-artifact/commit/d159c2d80bf32e77611286e4d71bfe6d15208d88"><code>d159c2d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/297">#297</a> from actions/dependabot/npm_and_yarn/ajv-6.12.6</li> <li><a href="https://github.com/actions/upload-artifact/commit/c26a7ba4b5dbaecea906fec3b7d2c0c86f1ccaba"><code>c26a7ba</code></a> Bump ajv from 6.11.0 to 6.12.6</li> <li><a href="https://github.com/actions/upload-artifact/commit/6ed6c729229a623bcb1fdd75903dc6e436b3d0a7"><code>6ed6c72</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/303">#303</a> from actions/dependabot/npm_and_yarn/yargs-parser-13.1.2</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/v2...v3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Use version independent APIs for openssl-1.1.0 and above Tested with turnutils_uclient against a turnserver with TLS and DTLS modes
Fixes #1051 This adds basic PR build action on macOS to confirm we keep builds green for developers using mac
Co-authored-by: Paul Kramer <[email protected]>
Add new Drain feature -when coturn server is in drain mode -current allocations will continue to work as usual -new allocations will be rejected with a 403 (Forbidden) response -when all allocations go away, then coturn will shutdown -Enable drain mode with either -signaling SIGUSR1 -turn_admin_server "drain" CLI command This contribution is from Wire. https://wire.com/
In preparation to deprecation of openssl below version 1.1.1 switch to using openssl-1.1.1 on amazonlinux:2 (where 1.0.2 is the default) Fixes build issue for #1397
) I believe that many users, like myself, prefer to reference the `turn.conf` file when deploying the TURN server with Docker, rather than the `Readme.turnserver`. Additionally, I think it's important to synchronize the Prometheus settings from the README into the` turn.conf` file for better clarity. This way, users won't overlook any essential options. Co-authored-by: Ben Chang <[email protected]>
#1576 Co-authored-by: Pavel Punsky <[email protected]>
Add ability to authenticate to redis with a password (and optionally username for redis 6.0) Tested by building and using with redis on old and new versionss
Suggesting to add MariaDB to README - any reason not to?
Implement a custom prometheus http handler in order to: 1. Support listening on a specified address as opposed to any 2. Remove the requirement on the unmaintained promhttp library This feature comes with one limitation: if an IPv4 address is used, the server will not listen on the IPv6-mapped address, even if IPv6 is available. That is, dual-stacking does not work. Solves: #1475 --------- Co-authored-by: Pavel Punsky <[email protected]>
Some actions do not build with prometheus - adding prometheus tests fails the jobs cmake build tests did not run due to different target folder (while reporting success) - now the bin folder is detected
preparing for new tag 4.6.3 --------- Co-authored-by: tyranron <[email protected]>
As part of looking at #1588 , I figured that sending `SOFTWARE` attribute is also part of a problem as it increases messages sent out by coturn and thus increasing amplification factor. For 4.6.2, the additional size is 24 bytes (4 bytes attribute header, and 20 bytes for "Coturn-4.6.2 'Gorst'") If we are to use an example from #1588, "A 62 byte request will be met with Coturn’s 401 Unauthorized response which is 150 bytes, a factor of ~2.42." - without SOFTWARE the response will be 126 bytes which reduces amplification factor to ~2. As I observed with multiple providers using coturn - some of the are sending it. Meaning, they do not set `--no-software-attribute` - most probably due to lack of clarity about this setting. I believe sending SOFTWARE_ATTRIBUTE should be off by default which is hinted in the RFC (https://datatracker.ietf.org/doc/html/rfc8489#section-16.1.2) Detailed changes: - Extract setting the attribute into a function to avoid code duplication - This option is now not reloadable - The option is now called `software_attribute` because inverse logic creates multiple double-not in the code which makes it harder to read. - `no-software_attribute` is still functional but marked as deprecated in documentation Test Plan: - Run local tests with different cli arguments (new and deprecated) and confirm SOFTWARE attribute is off by default, and added when arguments say so
Following configuration options deleted: - `--secret-ts-exp-time` - `--prod` - disables SOFTWARE_ATTRIBUTE in messages. Now it is default. To enable SOFTWARE_ATTRIBUTE use `--software-attribute` - `--no-sslv2`, `--no-sslv3` - old versions of SSL are not supported and it is not possible to enable them These are breaking changes - if the CLI command has any of those arguments it will cause turnserver to terminate and notify about unknown argument
Openssl 1.1.1 is end-of-life in September 2023. This PR removes support for versions of openssl OLDER than 1.1.1 1.1.1 should still be usable after this change is merged. I don't see any value in supporting 1.1.1, but didn't see a reason to purge support for 1.1.1 when there are so few checks for >= 3.0. Note that this does also remove CI support for Ubuntu 16.04. The official version of OpenSSL from Ubuntu for this release is listed here: https://launchpad.net/ubuntu/+source/openssl as 1.0.2g Since no newer releases of coturn will be backported by Canonical to Ubuntu 16.04, anyone using Coturn on this operating system will have to download and compile it themselves. They may build their own version of OpenSSL if they somehow cannot upgrade to a newer version of Ubuntu. My position is that these users should prefer to upgrade to a newer operating system than worry about chasing newer releases of Coturn. Co-authored-by: Pavel Punsky <[email protected]>
Re-delete file that was undeleted accidentally
Add a `--prometheus-path` parameter which allows users to specify at what path the metrics should be exposed. This simplifies serving metrics on a specific path behind some restrictive reverse proxies that expect the upstream server to serve URLs with paths matching the requested path. Co-authored-by: Pavel Punsky <[email protected]>
As of openssl 1.1.1 ALPN is supported - no need for all the ifdefs anymore
With requiring openssl version at least 1.1.1 all versions of TLS (up to and including 1.3) and DTLS 1.2 are supported With that, no detection or ability to disable a version will be provided
See #1618 for details This fix allows proper hiredis detection on macOS when building with cmake
- libsystemd does not exist on macOS - ignore it and reduce warnings during cmake step - mongo-c has cmake file on macOS - reusing the same code path and reduce warnings
Every time the '_WTA' is called, its initial value is null, so the function returns directly. https://github.com/coturn/coturn/blob/c98bb935148288b6d13a8b954422a52edfb17a83/src/apps/common/apputils.c#L905-L908 https://github.com/coturn/coturn/blob/c98bb935148288b6d13a8b954422a52edfb17a83/src/apps/common/apputils.c#L939-L941 https://github.com/coturn/coturn/blob/c98bb935148288b6d13a8b954422a52edfb17a83/src/apps/common/apputils.c#L960-L962 https://github.com/coturn/coturn/blob/c98bb935148288b6d13a8b954422a52edfb17a83/src/apps/common/apputils.c#L981-L983
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.1)
Can you help keep this open source service alive? 💖 Please sponsor : )