Skip to content

Comments

Update from public coturn repo#9

Merged
sgodin merged 25 commits intowireapp:masterfrom
coturn:master
Apr 21, 2023
Merged

Update from public coturn repo#9
sgodin merged 25 commits intowireapp:masterfrom
coturn:master

Conversation

@sgodin
Copy link

@sgodin sgodin commented Apr 21, 2023

PR Submission Checklist for internal contributors

  • The PR Title

    • conforms to the style of semantic commits messages¹ supported in Wire's Github Workflow²
    • contains a reference JIRA issue number like SQPIT-764
    • answers the question: If merged, this PR will: ... ³

  • The PR Description

    • is free of optional paragraphs and you have filled the relevant parts to the best of your ability

What's new in this PR?

Issues

Briefly describe the issue you have solved or implemented with this pull request. If the PR contains multiple issues, use a bullet list.

Causes (Optional)

Briefly describe the causes behind the issues. This could be helpful to understand the adopted solutions behind some nasty bugs or complex issues.

Solutions

Briefly describe the solutions you have implemented for the issues explained above.

Dependencies (Optional)

If there are some other pull requests related to this one (e.g. new releases of frameworks), specify them here.

Needs releases with:

  • GitHub link to other pull request

Testing

Test Coverage (Optional)

  • I have added automated test to this contribution

How to Test

Briefly describe how this change was tested and if applicable the exact steps taken to verify that it works as expected.

Notes (Optional)

Specify here any other facts that you think are important for this issue.

Attachments (Optional)

Attachments like images, videos, etc. (drag and drop in the text box)

PR Post Submission Checklist for internal contributors (Optional)

  • Wire's Github Workflow has automatically linked the PR to a JIRA issue

PR Post Merge Checklist for internal contributors

  • If any soft of configuration variable was introduced by this PR, it has been added to the relevant documents and the CI jobs have been updated.
References
  1. https://sparkbox.com/foundry/semantic_commit_messages
  2. https://github.com/wireapp/.github#usage
  3. E.g. feat(conversation-list): Sort conversations by most emojis in the title #SQPIT-764.

paulkram and others added 25 commits December 8, 2022 18:04
@paulkram
bugfix: fix broken type label of turn_total_allocations gauge (#1119)
72e2605 
It's not working when constructing it in-place, likely this is undefined
behaviour.

Co-authored-by: Paul Kramer <paul.kramer@logmein.com>
@paulkram
Fix wrong usage of C-sytle in place generated array (#1122)
39d293c 
This should result in a address of temporary array.

Co-authored-by: Paul Kramer <paul.kramer@logmein.com>
@sysvinit
Add configuration option for TLS 1.3 ciphersuites (#1118)
902cb99 
There are two different API's in OpenSSL for configuring TLS ciphers,
one for TLS 1.2 and below, and another for TLS 1.3. coturn only calls
the TLS 1.2 API when handling the `--cipher-list` configuration option,
which means that it's not possible to use non-default ciphersuites with
TLS 1.3 connections.

This PR calls appropriate OpenSSL API to allow TLS 1.3 ciphersuites to be configured.
@eakraly
Add STUN request/response/error prometheus counters (#1115)
7038763 
Somewhat relevant to #1075
@pando-emil
Use inline functions for errno checks (#1123)
9fa8af6 
Since winsock do not use errno, and have different error codes, this is
needed to be windows compatible

This pull request is a split of PR #1061
@eakraly
Move and split documentation files (#1096)
85c11b6 
This is not a long term documentation works - this is a temp proposal to
modernize existing documentation

- Create docs folder
- Move existing documentation files into docs
- Split one massive INSTALL files into smaller files (no text editing
was done except small markdown header formatting)
- Rename files to be markdowns for nicer rendering
- Bad md rendering is expected in many places
@ggarber
Add contributing guidelines (#1135)
fae5d27 
Add some basic contributing guidelines based (almost cloned) on the
Redis ones.

There were some questions about how to contribute and get started with
the project. I see this type of document in other projects that I think
can be useful.
@pando-emil
Implement non-blocking recvfrom on Windows (#1124)
980ef8f 
This pull request is a split of PR #1061

As @KangLin pointed out in the original PR those sockets should ideally
be permanently non-blocking for performance reasons, but they are NOT at
the moment.
Someone with more knowledge about the code in dtls_listener.c should
probably have a look if it would be feasible to change the sockets to
non-blocking already at creation, similar to what is done in
udpserver.c...
@ggarber
Fix brew for MacOS CI build (#1136)
0b01b9b 
MacOS CI build started to fail in the PRs because when upgrading python
it was not possible to override one existing file (related to 2to3
package). Apparently this happens because MacOS runners some times have
python versions not installed/compatible with brew.

Example of the failure:
https://github.com/coturn/coturn/actions/runs/3850951324

The proposed workaround is taken from here:
actions/runner-images#2322
@ggarber
Update CONTRIBUTING.md
43b430a
@jbg
Use the actual redis connection string to connect, not the sanitized …
8f8038a 
…one (#1141)

fixes #1140
@x86pup
use santisied psql string (#1144)
212e782 
Noticed the plaintext password of my postgresql server in my coturn
logs, but postgresql errors would return the password sanitised. Simple
fix to log the sanitised string.


![image](https://user-images.githubusercontent.com/112147643/213053494-c8a5d226-0b04-4c8d-9b52-3e1330291a39.png)


Signed-off-by: r3g_5z <june@girlboss.ceo>

Signed-off-by: r3g_5z <june@girlboss.ceo>
@eakraly
Delete LICENSE.OpenSSL
46a38d1 
There is no reason to include the license of openssl - coturn uses openssl just like any other library
As a reference - Apache httpd does not have openssl license

#1049
@shu-mutou @tyranron
Fix arguments expansion in docker-entrypoint.sh (#1110, #902)
629face 
Co-authored-by: Kai Ren <tyranron@gmail.com>
@tyranron
Prepare 4.6.1-r1 release of Docker image
f558842
@tyranron
Update Alpine to 3.16.4 version and Debian "bullseye" to 20230208 sna…
cc2560b 
…pshot to fix CVE-2023-0286 (and friends) in Docker image
@eakraly
Remove unused include that breaks OpenBSD (#1165)
79fb655 
PR #855 introduced new include <ssys/sysinfo.h> 
It is not required for compilation or turnserver function but breaks
OpenBSD build (which does not have this file)
This PR removes the include to restore OpenBSD build compatibility

Fixes #1162

Test Plan:
TBD - need some one to test build
@stefansundin
Fix typo in mainrelay.c (#1169)
43f8b87
@thib-ack
Prometheus: make sure microhttpd starts using epoll if supported (#1173)
242eb78 
In some cases the prometheus server was started using SELECT even if
EPOLL was supported.
Some flags were changed in microhttpd and now we use MHD_VERSION to make
sure to use the right ones in all cases (support old version, for ubuntu
16.04 for ex).

This fixes the issue #1167

I also added a log to make sure we know which version is used,
especially to inform the user that the SELECT version might lead to
issues on highly used servers.
@tyranron
Update Alpine to 3.16.5 version and Debian "bullseye" to 20230320 sna…
0a3d510 
…pshot to fix CVE-2023-0464 and CVE-2023-0465 in Docker image
@PrinceChoco
Fix MSVC CI build (#1182)
67beeb8 
Removing windows.h inclusion, not needed with ws2tcpip.h. Causes some
struct redefinitions.
@eakraly @tyranron
Update version to 4.6.2 (#1174)
af8a057 
Update version number, generate authors and changelog files

Release notes (short summary of changes)
```
- Make sure microhttpd starts using epoll if supported
- Add sessioncount to prometheus metrics
- Add STUN request/response/error prometheus counters
- Cleanup logs on turnserver start
- Fix duplicate stdout log output
- Log threadId to logs to aid in multi-threaded debugging
- Optional build info compiled into turnserver binary
- Fix arguments expansion in `docker-entrypoint.sh`
- Santise database connection strings before printing to log
- Support Windows MSVC
- Add configuration option for TLS 1.3 ciphersuites
- Improve openssl3 and FIPS support
- Use single SSL_CTX for TLS and DTLS support
- Update openssl API use to non-deprecated version
- Set string bytes to null to prevent random origin
- Fix memory corruption on socket close
- Fix packet backlog fifo that processed packets in reverse order in some scenarios
- Fix off-by-one when terminating gcm_nonce
- Fixes to Redis memleaks and socketleaks
- Fix malformed response to mobility refresh request
- Fuzzing support
- Ignore raw UDP if no_udp is enabled
- Better detect availability of SCTP protocol
```

---------

Co-authored-by: tyranron <tyranron@gmail.com>
@tyranron
Upgrade Docker image to 4.6.2 Coturn version
8c8ef74 
Additionally:
- update Debian "bullseye" to 20230411 snapshot in Docker image
@Zoey2936 @tyranron
Upgrade Alpine 3.17 version in Docker image (#1156)
d5aa172 
Co-authored-by: Kai Ren <tyranron@gmail.com>
@tyranron
Fix Docker tests for 4.6.2 Coturn
730b328
@sgodin sgodin merged commit 753ce10 into wireapp:master Apr 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.