Merge branch 'master' into fixes

.travis.yml

@@ -52,6 +52,6 @@ notifications:
     secure: N12+BCGiTDzfKkYnjF+666ZhREuBncfPpWge9AdG6DwusyGza+hNrjfRRHjF8WfGQj+X8ogFoF1lVFDC27lwH1ElOv4GJHShnGbtsWv10Va1GdDafDeC5JorUNWHlsDHC1AZkNUj9n2KAZTSbN076gUaNhwsXob/B1MEnNKXibitDdyE2FC6wCRu6ckXM4UiEXoG/a7lHS4m9dKt2xDUNK8vwhtRdCkip9YW8rUFdiwqMScdr9OdF8YWiKJIUYV7LC7eXF0YqslWTJkeIMEEnvotLs4JNytFz1wNPzTiY8hM4nPM0YwC1oPhFWlBodQ1x+dBX3vxitnque0gVhj/p6Eij0amM3tirgONw/r2V9JToE6vfh6ERAWIVzI/+tmqcEbZZvwcgafZphlT9W/8Gzy/av/zTpdfaTUEYnsuQRCA87FPIFAAVjzSmT3llY6WQXFB+UU0T0ZE42PkPqhR3zpjqt7nDXf2g1ZY5ZRkWRvznyqBdrVx0Ld8AKnv/Ynk/KqiJqV94DUMhGzAadqbYrDL/87eiDtW4lBpCl7cQnfEI7besdduNzWlgmJ93CU1kyruK37/w+D1jyBnc1ppQTj1+B2GanB0weY7ViNqyQmN+tam7EmM+9R8VKMi8EO0xlvb1YFL18NtrCMMMEsZRHj823g68lFntUWs5oGsFMI=
   email:
     recipients:
-       - [email protected]
+       - [email protected]
     # on_success: [always|never|change] # default: always
     # on_failure: [always|never|change] # default: always

AUTHORS

@@ -52,6 +52,6 @@ Bradley T. Hughes <[email protected]> :
 	FreeBSD port
 	(since v4.1.2.1)
 
-Mészáros Mihály <[email protected]> :
+Mészáros Mihály <[email protected]> :
         OAuth utility, NAT behavior Discovery
         (since v4.5.0.4)

ChangeLog

@@ -1,18 +1,21 @@
-12/11/2017 Oleg Moskalenko <[email protected]>
+27/09/2018 Oleg Moskalenko <[email protected]> Mihály Mészáros <[email protected]>
+Version 4.5.0.9 'dan Eider':
+
+27/09/2018 Oleg Moskalenko <[email protected]> Mihály Mészáros <[email protected]>
 Version 4.5.0.8 'dan Eider':
 	- Travis CI integration
-	- hint with comment fallthrough to avoid warning
+	- to avoid warnings add compiler comment hint to fallthrough
 	- reload-tls-certs PR#236 (by Arne Georg Gisnås Gleditsch)
-	- minor fixe PR#223 (by Pavel Kretov)
+	- minor fixes PR#223 (by Pavel Kretov)
 	  move rm Makefile to distclean
 	  list all phony targets
 	- Fix typo PR#253 (by Orsiris de Jong)
-	- Fix WebRTC client IPv6 stuck connection. (issue #217)
+	- Fix stuck IPv6 connections. (issue #217)
 	  THX to damencho, vol4iniche
 	- Spelling fixes.
 	- Add a warning if --lt-cred-mech and --use-auth-secret both presents.
 	- Revert "Add the realm parameter in the example config file (by Domenico)"
-	- Fix for Verbose config file option -v cli option overridea
+	- Fix for Verbose config file option -v cli option override
 	- Add a Notice to config about realm default value is the domain name.
 	- Update total allocation usage on client shutdown
 	- Fix total and user quota mix-up
@@ -24,8 +27,9 @@ Version 4.5.0.8 'dan Eider':
 	- Fix --prod pointer bug
 	- Fix auth server thread detach race (by weishuyin)
 	- New Feature: Add -K --keep-address-family 
-	  Be aware if you enable it, then it breaks rfc6156 section-4.2 (default IPv4 family)
+	  Be aware if you enable it, then it breaks rfc6156 section 4.2 (default IPv4 family fallback)
 	- Fix dtls double free crash
+	- Fix compilation errors and warnings (by Oleg)
 
 12/10/2017 Oleg Moskalenko <[email protected]>
 Version 4.5.0.7 'dan Eider':

README.turnadmin

@@ -271,4 +271,4 @@ to see the man page.
 
 	Bradley T. Hughes <[email protected]>
 
-        Mihaly Meszaros <[email protected]>
+        Mihaly Meszaros <[email protected]>

README.turnserver

@@ -984,4 +984,4 @@ https://groups.google.com/forum/?fromgroups=#!forum/turn-server-project-rfc5766-
 
 	Bradley T. Hughes <[email protected]>
 
-        Mihaly Meszaros <[email protected]>
+        Mihaly Meszaros <[email protected]>

README.turnutils

@@ -474,4 +474,4 @@ SEE ALSO
 
 	Bradley T. Hughes <[email protected]>
 
-    Mihaly Meszaros <[email protected]>
+        Mihaly Meszaros <[email protected]>

man/man1/turnadmin.1

@@ -1,5 +1,5 @@
 .\" Text automatically generated by txt2man
-.TH TURN 1 "12 September 2018" "" ""
+.TH TURN 1 "31 October 2018" "" ""
 .SH GENERAL INFORMATION
 
 \fIturnadmin\fP is a TURN administration tool. This tool can be used to manage 
@@ -374,4 +374,4 @@ Federico Pinna <[email protected]>
 .PP
 Bradley T. Hughes <[email protected]>
 .PP
-Mihaly Meszaros <[email protected]>
+Mihaly Meszaros <[email protected]>

man/man1/turnserver.1

@@ -1,5 +1,5 @@
 .\" Text automatically generated by txt2man
-.TH TURN 1 "12 September 2018" "" ""
+.TH TURN 1 "31 October 2018" "" ""
 .SH GENERAL INFORMATION
 
 The \fBTURN Server\fP project contains the source code of a TURN server and TURN client 
@@ -810,6 +810,12 @@ Local system IP address to be used for Web\-admin server endpoint. Default value
 Web\-admin server port. Default is 8080.
 .TP
 .B
+\fB\-\-web\-admin\-listen\-on\-workers\fP
+Enable for web\-admin server to listens on STUN/TURN workers STUN/TURN ports.
+By default it is disabled for security resons!
+(This beahvior used to be the default bahavior, and was enabled by default.)
+.TP
+.B
 \fB\-\-ne\fP=[1|2|3]
 Set network engine type for the process (for internal purposes).
 .PP
@@ -1241,4 +1247,4 @@ Federico Pinna <[email protected]>
 .PP
 Bradley T. Hughes <[email protected]>
 .PP
-Mihaly Meszaros <[email protected]>
+Mihaly Meszaros <[email protected]>

man/man1/turnutils.1

@@ -1,5 +1,5 @@
 .\" Text automatically generated by txt2man
-.TH TURN 1 "12 September 2018" "" ""
+.TH TURN 1 "31 October 2018" "" ""
 .SH GENERAL INFORMATION
 
 A set of turnutils_* programs provides some utility functionality to be used
@@ -669,6 +669,5 @@ Mutsutoshi Yoshimoto <[email protected]>
 Federico Pinna <[email protected]>
 .PP
 Bradley T. Hughes <[email protected]>
-.RE
 .PP
-Mihaly Meszaros <[email protected]>
+Mihaly Meszaros <[email protected]>

rpm/build.settings.sh

@@ -2,7 +2,7 @@
 
 # Common settings script.
 
-TURNVERSION=4.5.0.7
+TURNVERSION=4.5.0.8
 BUILDDIR=~/rpmbuild
 ARCH=`uname -p`
 TURNSERVER_GIT_URL=https://github.com/coturn/coturn.git

rpm/turnserver.spec

@@ -1,5 +1,5 @@
 Name:		turnserver
-Version:	4.5.0.7
+Version:	4.5.0.8
 Release:	0%{dist}
 Summary:	Coturn TURN Server
 
@@ -295,6 +295,8 @@ fi
 %{_includedir}/turn/client/TurnMsgLib.h
 
 %changelog
+* Thu Sep 27 2018 Oleg Moskalenko <[email protected]>
+  - Sync to 4.5.0.8
 * Sun Dec 10 2017 Oleg Moskalenko <[email protected]>
   - Sync to 4.5.0.7
 * Mon Oct 17 2016 Oleg Moskalenko <[email protected]>

src/apps/relay/dbdrivers/dbd_mysql.c

@@ -73,7 +73,7 @@ static void MyconninfoFree(Myconninfo *co) {
 		ns_bzero(co,sizeof(Myconninfo));
 	}
 }
-struct ctr_state state;
+
 char* decryptPassword(char* in, const unsigned char* mykey){
 
 	char *out;
@@ -85,6 +85,7 @@ char* decryptPassword(char* in, const unsigned char* mykey){
 	int bytes_to_decode = strlen(in);
 	unsigned char *encryptedText = base64decode(in, bytes_to_decode); //changed
 	char last[1024]="";
+	struct ctr_state state;
 	init_ctr(&state, iv);
 	memset(outdata,'\0', sizeof(outdata));
 
@@ -95,7 +96,7 @@ char* decryptPassword(char* in, const unsigned char* mykey){
 #endif
 
 	strcat(last,(char*)outdata);
-	out=malloc(sizeof(char)*strlen(last));
+	out=(char*)malloc(sizeof(char)*strlen(last));
 	strcpy(out,last);
 	return out;
 }

src/apps/relay/mainrelay.c

@@ -957,8 +957,6 @@ static const struct myoption admin_long_options[] = {
 				{ NULL, no_argument, NULL, 0 }
 };
 
-
-struct ctr_state state;
 int init_ctr(struct ctr_state *state, const unsigned char iv[8]){
 	state->num = 0;
 	memset(state->ecount, 0, 16);
@@ -966,6 +964,7 @@ int init_ctr(struct ctr_state *state, const unsigned char iv[8]){
 	memcpy(state->ivec, iv, 8);
 	return 1;
 }
+
 unsigned char *base64encode (const void *b64_encode_this, int encode_this_many_bytes){
 	BIO *b64_bio, *mem_bio;      //Declares two OpenSSL BIOs: a base64 filter and a memory BIO.
 	BUF_MEM *mem_bio_mem_ptr;    //Pointer to a "memory BIO" structure holding our base64 data.
@@ -974,9 +973,9 @@ unsigned char *base64encode (const void *b64_encode_this, int encode_this_many_b
 	BIO_push(b64_bio, mem_bio);            //Link the BIOs by creating a filter-sink BIO chain.
 	BIO_set_flags(b64_bio, BIO_FLAGS_BASE64_NO_NL);  //No newlines every 64 characters or less.
 	BIO_write(b64_bio, b64_encode_this, encode_this_many_bytes); //Records base64 encoded data.
-	BIO_flush(b64_bio);   //Flush data.  Necessary for b64 encoding, because of pad characters.
+	(void)BIO_flush(b64_bio); //Flush data. Necessary for b64 encoding, because of pad characters.
 	BIO_get_mem_ptr(mem_bio, &mem_bio_mem_ptr);  //Store address of mem_bio's memory structure.
-	BIO_set_close(mem_bio, BIO_NOCLOSE);   //Permit access to mem_ptr after BIOs are destroyed.
+	(void)BIO_set_close(mem_bio, BIO_NOCLOSE); //Permit access to mem_ptr after BIOs are destroyed.
 	BIO_free_all(b64_bio);  //Destroys all BIOs in chain, starting with b64 (i.e. the 1st one).
 	BUF_MEM_grow(mem_bio_mem_ptr, (*mem_bio_mem_ptr).length + 1);   //Makes space for end null.
 	(*mem_bio_mem_ptr).data[(*mem_bio_mem_ptr).length] = '\0';  //Adds null-terminator to tail.
@@ -992,6 +991,7 @@ void encrypt_aes_128(unsigned  char* in, const unsigned char* mykey){
 	AES_set_encrypt_key(mykey, 128, &key);
 	char total[256];
     int size=0;
+    struct ctr_state state;
     init_ctr(&state, iv);
 
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
@@ -1045,7 +1045,7 @@ void generate_aes_128_key(char* filePath, unsigned char* returnedKey){
 
 unsigned char *base64decode (const void *b64_decode_this, int decode_this_many_bytes){
 	BIO *b64_bio, *mem_bio;      //Declares two OpenSSL BIOs: a base64 filter and a memory BIO.
-	unsigned char *base64_decoded = calloc( (decode_this_many_bytes*3)/4+1, sizeof(char) ); //+1 = null.
+	unsigned char *base64_decoded = (unsigned char*)calloc( (decode_this_many_bytes*3)/4+1, sizeof(char) ); //+1 = null.
 	b64_bio = BIO_new(BIO_f_base64());                      //Initialize our base64 filter BIO.
 	mem_bio = BIO_new(BIO_s_mem());                         //Initialize our memory source BIO.
 	BIO_write(mem_bio, b64_decode_this, decode_this_many_bytes); //Base64 data saved in source.
@@ -1080,6 +1080,7 @@ void decrypt_aes_128(char* in, const unsigned char* mykey){
     int bytes_to_decode = strlen(in);
     unsigned char *encryptedText = base64decode(in, bytes_to_decode);
     char last[1024]="";
+    struct ctr_state state;
     init_ctr(&state, iv);
     memset(outdata,'\0', sizeof(outdata));
 

src/apps/relay/mainrelay.h

@@ -80,7 +80,10 @@
 #include <openssl/aes.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
-#include <openssl/modes.h>
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  #include <openssl/modes.h>
+#endif
 
 #ifdef __cplusplus
 extern "C" {

src/server/ns_turn_server.c

@@ -1269,8 +1269,6 @@ static int handle_turn_allocate(turn_turnserver *server,
 									a_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV4;
 									break;
 							}
-							if(get_ioa_socket_address_family(ss->client_socket) == AF_INET6)
-								a_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6;
 						}
 
 						int res = create_relay_connection(server, ss, lifetime,