Update Changelog and Readme (#1087)

Authors generated using: ``` git log --pretty=format:"%an" 4.6.0..HEAD|sort|uniq ``` Commit log: ``` git log --pretty=format:"- %s (%an)" 4.6.0..HEAD ``` Readme.md files updated by rearranging existing file (and loosely following format suggested by https://github.com/jehna/readme-best-practices)
3 years ago · 38088baa22
parent f41aee2224
commit 38088baa22
3 changed files with 189 additions and 59 deletions
--- a/80
+++ b/80
@ -1,3 +1,83 @@
+TBD Version 4.7.0 '':
+Contributors:
+	- Arjun (36335769+0x34d@users.noreply.github.com)
+	- Emil Ljungdahl (111423223+pando-emil@users.noreply.github.com)
+	- Gregor Jasny (gjasny@googlemail.com)
+	- Gustavo Garcia (gustavogb@gmail.com)
+	- Hyorin Choi (17173216+hyorin@users.noreply.github.com)
+	- Joachim Bauch (bauch@struktur.de)
+	- Kang Lin (kl222@126.com)
+	- Paul Kramer (47924093+paulkram@users.noreply.github.com)
+	- Pavel Punsky (eakraly@users.noreply.github.com)
+	- Robert Scheck (robert-scheck@users.noreply.github.com)
+	- Samuel Marks (807580+SamuelMarks@users.noreply.github.com)
+	- Scott Godin (sgodin@sipspectrum.com)
+	- Thibaut ACKERMANN (thib-ack@users.noreply.github.com)
+	- Tom Bevan (thehorrorthehorror@gmail.com)
+	- Yoshiki Kadoshita (sublimer.me@gmail.com)
+	- tyranron (tyranron@gmail.com)
+
+Changelist:
+	- Do not build debug version during PR preflight (Pavel Punsky)
+	- Fix duplicate prometheus metric report (#1079) (Pavel Punsky)
+	- feature(1026): add sessioncount to prometheus metrics (#1075) (Paul Kramer)
+	- Update openssl API use to non-deprecated version (#1072) (Pavel Punsky)
+	- Log threadId to logs to aid in multi-threaded debugging. (#1030) (Scott Godin)
+	- Use khash 0.2.8 (#1047) (Gregor Jasny)
+	- Reflect new native Windows build support in documentation (#1060) (Samuel Marks)
+	- Check and fix format string for turn_log_func_default (#1064) (Gregor Jasny)
+	- Properly calculate size for sm_allocated (#1063) (Gregor Jasny)
+	- Do not discard qualifiers in free() (#1065) (Gregor Jasny)
+	- Simplify defines for macOS platform (#1058) (Pavel Punsky)
+	- Fix warnings (unused arguments, undeclared function) (#1057) (Pavel Punsky)
+	- WINDOWS: unsigned long should not be used to store pointers (#1055) (Emil Ljungdahl)
+	- Reduce usage of TURN_NO_HIREDIS macros (#1022) (Pavel Punsky)
+	- Update to fix duplicate stdout log output (#1054) (Yoshiki Kadoshita)
+	- Use c11 standard See: #1055 (#1056) (Kang Lin)
+	- Reduce usage of TURN_NO_PROMETHEUS (#1023) (Pavel Punsky)
+	- Remove unnecessary declaration from header file (#1052) (Yoshiki Kadoshita)
+	- Fix compilation warnings for functions with no arguments (#1053) (Pavel Punsky)
+	- Support Windows MSVC (#855) (Kang Lin)
+	- Fix resource leaks (#1048) (Gregor Jasny)
+	- Update turnserver.conf (#1009) (Hyorin Choi)
+	- Fix warnings (#1046) (Gregor Jasny)
+	- Backlog fifo (#1029) (Scott Godin)
+	- Change rpm systemd service type from notify to exec (#1043) (Gustavo Garcia)
+	- Add missing comma (#1041) (Gregor Jasny)
+	- Fix off-by-one when terminating gcm_nonce (#1039) (Gregor Jasny)
+	- Use %zu format specifier for size_t (#1040) (Gregor Jasny)
+	- Fix variable argument handling (#1042) (Gregor Jasny)
+	- Cleanup openssl initialization (#1012) (Pavel Punsky)
+	- fuzzing support (#982) (Arjun)
+	- created netengine.c get_relay_server utility method to reduce code duplication (#1032) (Scott Godin)
+	- fix bug in calls to ssl_read and ssl_send where extra verbose flag goes missing (#1033) (Scott Godin)
+	- ignore raw UDP if no_udp is enabled (#1031) (Scott Godin)
+	- Fix 2 warnings in code (#1027) (Pavel Punsky)
+	- Sanitize DB connection string before printing to log (#1020) (Pavel Punsky)
+	- Better detect SCTP protocol (#1016) (Pavel Punsky)
+	- Redis memleaks and socketleaks (#1015) (Thibaut ACKERMANN)
+	- Fix : Issue 51563 in oss-fuzz (#1010) (Arjun)
+	- Fix multiple warnings in libtelnet.c file (#1011) (Pavel Punsky)
+	- Update libtelnet to 0.23 (portability issues) (#1005) (Pavel Punsky)
+	- Remove debug publish to redis (#1008) (Pavel Punsky)
+	- Cleanup unused include of header files (#1004) (Pavel Punsky)
+	- Use single SSL_CTX for DTLS support (#996) (Pavel Punsky)
+	- Malformed response to mobility refresh request (#1006) (Tom Bevan)
+	- Silence warnings by converting STRCPY to strncpy calls (#995) (Pavel Punsky)
+	- Build CI with prometheus support (#999) (Pavel Punsky)
+	- Replace references to non-existent pdf file with links (#1002) (Pavel Punsky)
+	- Fix TLS1.3 support (Pavel Punsky)
+	- Use a single SSL context object (#989) (Pavel Punsky)
+	- Use epoll for promhttp server if supported.  (#997) (Joachim Bauch)
+	- Fix issues reported by cppcheck (#987) (Pavel Punsky)
+	- Replace bcopy with memcpy (#991) (Pavel Punsky)
+	- Add CI tests in older ubuntu version (#981) (Gustavo Garcia)
+	- Replace bzero with memset (#986) (Pavel Punsky)
+	- Fix a warning (#988) (Pavel Punsky)
+	- Improve openssl3 and FIPS support (#955) (Pavel Punsky)
+	- Preserve file timestamps when using install(1) (#983) (Robert Scheck)
+	- Fix renegotiation flag for older version of openssl (#978) (Pavel Punsky)
+
 13/09/2022 Oleg Moskalenko <mom040267@gmail.com> Mihály Mészáros <misi@majd.eu> Gustavo Garcia <gustavogb@gmail.com> Pavel Punsky <pavel.punsky@epicgames.com>
 Version 4.6.0 'Gorst':
 	- merge PR #967 (eakraly)
--- a/README.md
+++ b/README.md
@ -1,87 +1,130 @@
-**_This project evolved from rfc5766-turn-server project (https://code.google.com/p/rfc5766-turn-server/). There are many new advanced TURN specs which are going far beyond the original RFC 5766 document. This project takes the code of rfc5766-turn-server as the starter, and adds new advanced features to it._**
+[![Docker CI](https://github.com/coturn/coturn/actions/workflows/docker.yml/badge.svg  "Docker CI")](https://github.com/coturn/coturn/actions/workflows/docker.yml)
+[![Docker Hub](https://img.shields.io/docker/pulls/coturn/coturn?label=Docker%20Hub%20pulls "Docker Hub pulls")](https://hub.docker.com/r/coturn/coturn)

-[Downloads page](https://github.com/coturn/coturn/wiki/Downloads)
+[Docker Hub](https://hub.docker.com/r/coturn/coturn)
+| [GitHub Container Registry](https://github.com/orgs/coturn/packages/container/package/coturn)
+| [Quay.io](https://quay.io/repository/coturn/coturn)

-[Docker image](https://github.com/coturn/coturn/tree/master/docker/coturn)
+# Coturn TURN server #

-[Wiki pages](https://github.com/coturn/coturn/wiki/)
+coturn is a free open source implementation of TURN and STUN Server.
+The TURN Server is a VoIP media traffic NAT traversal server and gateway.

-# Free open source implementation of TURN and STUN Server #
+## Installing / Getting started

-The TURN Server is a VoIP media traffic NAT traversal server and gateway. It can be used as a general-purpose network traffic TURN server and gateway, too.
+Linux distros may have a version of coturn which you can install by
+```
+apt install coturn
+turnserver --log-file stdout
+```

-On-line management interface (over telnet or over HTTPS) for the TURN server is available.
+Or run coturn using docker container:
+```
+docker run -d -p 3478:3478 -p 3478:3478/udp -p 5349:5349 -p 5349:5349/udp -p 49152-65535:49152-65535/udp coturn/coturn
+```
+See more details about using docker container [Docker Readme](https://github.com/coturn/coturn/blob/master/docker/coturn/README.md)

-The implementation also includes some extra experimental features.

-Supported RFCs:
+## Developing

+### Dependencies
+
+coturn requires following dependencies to be installed first
+- libevent2
+
+Optional
+- openssl (to support TLS and DTLS, authorized STUN and TURN)
+- libmicrohttp and [prometheus-client-c](https://github.com/digitalocean/prometheus-client-c) (prometheus interface)
+- MySQL (user database)
+- [Hiredis](https://github.com/redis/hiredis) (user database, monitoring)
+- SQLite (user database)
+- PostgreSQL (user database)
+
+### Building
+```shell
+git clone git@github.com:coturn/coturn.git
+cd coturn
+./configure
+make
+```
+
+
+## Features
+
+STUN specs:
+
+  * [RFC 3489](https://datatracker.ietf.org/doc/html/rfc3489) - "classic" STUN
+  * [RFC 5389](https://datatracker.ietf.org/doc/html/rfc5389) - base "new" STUN specs
+  * [RFC 5769](https://datatracker.ietf.org/doc/html/rfc5769) - test vectors for STUN protocol testing
+  * [RFC 5780](https://datatracker.ietf.org/doc/html/rfc5780) - NAT behavior discovery support
+  * [RFC 7443](https://datatracker.ietf.org/doc/html/rfc7443) - ALPN support for STUN & TURN
+  * [RFC 7635](https://datatracker.ietf.org/doc/html/rfc7635) - oAuth third-party TURN/STUN authorization
+  
 TURN specs:

-  * RFC 5766 - base TURN specs
-  * RFC 6062 - TCP relaying TURN extension
-  * RFC 6156 - IPv6 extension for TURN
-  * RFC 7443 - ALPN support for STUN & TURN
-  * RFC 7635 - oAuth third-party TURN/STUN authorization
-  * DTLS support (http://tools.ietf.org/html/draft-petithuguenin-tram-turn-dtls-00).
-  * Mobile ICE (MICE) support (http://tools.ietf.org/html/draft-wing-tram-turn-mobility-02).
+  * [RFC 5766](https://datatracker.ietf.org/doc/html/rfc5766) - base TURN specs
+  * [RFC 6062](https://datatracker.ietf.org/doc/html/rfc6062) - TCP relaying TURN extension
+  * [RFC 6156](https://datatracker.ietf.org/doc/html/rfc6156) - IPv6 extension for TURN
+  * [RFC 7443](https://datatracker.ietf.org/doc/html/rfc7443) - ALPN support for STUN & TURN
+  * [RFC 7635](https://datatracker.ietf.org/doc/html/rfc7635) - oAuth third-party TURN/STUN authorization
+  * DTLS support (http://tools.ietf.org/html/draft-petithuguenin-tram-turn-dtls-00)
+  * Mobile ICE (MICE) support (http://tools.ietf.org/html/draft-wing-tram-turn-mobility-02)
  * TURN REST API (http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00)
  * Origin field in TURN (Multi-tenant TURN Server) (https://tools.ietf.org/html/draft-ietf-tram-stun-origin-06)
  * TURN Bandwidth draft specs (http://tools.ietf.org/html/draft-thomson-tram-turn-bandwidth-01)
-  * TURN-bis (with dual allocation) draft specs (http://tools.ietf.org/html/draft-ietf-tram-turnbis-04).
+  * TURN-bis (with dual allocation) draft specs (http://tools.ietf.org/html/draft-ietf-tram-turnbis-04)

-STUN specs:
+ICE and related specs:

-  * RFC 3489 - "classic" STUN
-  * RFC 5389 - base "new" STUN specs
-  * RFC 5769 - test vectors for STUN protocol testing
-  * RFC 5780 - NAT behavior discovery support
-  * RFC 7443 - ALPN support for STUN & TURN
-  * RFC 7635 - oAuth third-party TURN/STUN authorization
-
-Supported ICE and related specs:
-
-  * RFC 5245 - ICE
-  * RFC 5768 – ICE–SIP
-  * RFC 6336 – ICE–IANA Registry
-  * RFC 6544 – ICE–TCP
-  * RFC 5928 - TURN Resolution Mechanism
+  * [RFC 5245](https://datatracker.ietf.org/doc/html/rfc5245) - ICE
+  * [RFC 5768](https://datatracker.ietf.org/doc/html/rfc5768) – ICE–SIP
+  * [RFC 6336](https://datatracker.ietf.org/doc/html/rfc6336) – ICE–IANA Registry
+  * [RFC 6544](https://datatracker.ietf.org/doc/html/rfc6544) – ICE–TCP
+  * [RFC 5928](https://datatracker.ietf.org/doc/html/rfc5928) - TURN Resolution Mechanism

 The implementation fully supports the following client-to-TURN-server protocols:

-  * UDP (per RFC 5766)
-  * TCP (per RFC 5766 and RFC 6062)
-  * TLS (per RFC 5766 and RFC 6062): TLS1.0/TLS1.1/TLS1.2; ECDHE is supported.
-  * DTLS  (http://tools.ietf.org/html/draft-petithuguenin-tram-turn-dtls-00): DTLS versions 1.0 and 1.2.
+  * UDP (per [RFC 5766](https://datatracker.ietf.org/doc/html/rfc5766))
+  * TCP (per [RFC 5766](https://datatracker.ietf.org/doc/html/rfc5766) and [RFC 6062](https://datatracker.ietf.org/doc/html/rfc6062))
+  * TLS (per [RFC 5766](https://datatracker.ietf.org/doc/html/rfc) and [RFC 6062](https://datatracker.ietf.org/doc/html/rfc6062)): including TLS1.3; ECDHE is supported.
+  * DTLS1.0 and DTLS1.2 (http://tools.ietf.org/html/draft-petithuguenin-tram-turn-dtls-00)
  * SCTP (experimental implementation).

-Supported relay protocols:
+Relay protocols:

-  * UDP (per RFC 5766)
-  * TCP (per RFC 6062)
+  * UDP (per [RFC 5766](https://datatracker.ietf.org/doc/html/rfc5766))
+  * TCP (per [RFC 6062](https://datatracker.ietf.org/doc/html/rfc6062))

-Supported user databases (for user repository, with passwords or keys, if authentication is required):
+User databases (for user repository, with passwords or keys, if authentication is required):

  * SQLite
  * MySQL
  * PostgreSQL
  * Redis
  * MongoDB
+  
+  
+Management interfaces:
+ * telnet cli 
+ * HTTPS interface

-Redis can also be used for status and statistics storage and notification.

-By default a [prometheus](https://prometheus.io/) exporter endpoint is disabled, if it is enabled it will listen on port 9641 under path /metrics
+Monitoring:
+ * Redis can be used for status and statistics storage and notification
+ * [prometheus](https://prometheus.io/) interface

-Supported message integrity digest algorithms:
+Message integrity digest algorithms:

  * HMAC-SHA1, with MD5-hashed keys (as required by STUN and TURN standards)

-Supported TURN authentication mechanisms:
+TURN authentication mechanisms:

  * 'classic' long-term credentials mechanism;
  * TURN REST API (a modification of the long-term mechanism, for time-limited secret-based authentication, for WebRTC applications: http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00);
  * experimental third-party oAuth-based client authorization option;

+Performance and Load Balancing:
+
 When used as a part of an ICE solution, for VoIP connectivity, this TURN server can handle thousands simultaneous calls per CPU (when TURN protocol is used) or tens of thousands calls when only STUN protocol is used. For virtually unlimited scalability a load balancing scheme can be used. The load balancing can be implemented with the following tools (either one or a combination of them):

  * DNS SRV based load balancing;
@ -90,7 +133,7 @@ When used as a part of an ICE solution, for VoIP connectivity, this TURN server

 Traffic bandwidth limitation and congestion avoidance algorithms implemented.

-The supported project target platforms are:
+Target platforms:

  * Linux (Debian, Ubuntu, Mint, CentOS, Fedora, Redhat, Amazon Linux, Arch Linux, OpenSUSE)
  * BSD (FreeBSD, NetBSD, OpenBSD, DragonFlyBSD)
@ -99,10 +142,6 @@ The supported project target platforms are:
  * Cygwin (for non-production R&D purposes)
  * Windows (native with, e.g., MSVC toolchain)

-Other server platforms can be supported by request.
-
-Any client platform is supported, including Android, iOS, Linux, OS X, Windows, and Windows Phone.
-
 This project can be successfully used on other `*NIX` platforms, too, but that is not officially supported.

 The implementation is supposed to be simple, easy to install and configure. The project focuses on performance, scalability and simplicity. The aim is to provide an enterprise-grade TURN solution.
@ -116,15 +155,10 @@ To achieve high performance and scalability, the TURN server is implemented with
  * The TURN project code can be used in a custom proprietary networking environment. In the TURN server code, an abstract networking API is used. Only couple files in the project have to be re-written to plug-in the TURN server into a proprietary environment. With this project, only implementation for standard UNIX Networking/IO API is provided, but the  user can implement any other environment. The TURN server code was originally developed for a high-performance proprietary corporate environment, then adopted for UNIX Networking API
  * The TURN server works as a user space process, without imposing any special requirements on the system

-To download the TURN Server software, the client messaging library and the test programs, click the tab "Downloads".
-
-Contact information:
-
-https://groups.google.com/forum/#!forum/turn-server-project-rfc5766-turn-server
-
-email:misi@majd.eu
-      mom040267@gmail.com

-### Feedback is very welcome (bugs, issues, suggestions, stories, questions). ###
+## Links

-### Volunteers are welcome, too. ###
+- Project homepage: https://coturn.github.io/
+- Repository: https://github.com/coturn/coturn/
+- Issue tracker: https://github.com/coturn/coturn/issues
+- Google group: https://groups.google.com/forum/#!forum/turn-server-project-rfc5766-turn-server
--- a/STATUS.md
+++ b/STATUS.md
@ -126,6 +126,22 @@ supported in the client library).

 55) Multi-tenant implementation based upon third-party authorization
 (oAuth).
+
+56) TLS1.3 support (with openssl-1.1.1+)
+
+57) openssl-3.0 support
+
+58) Windows build support, MSVC and MinGW
+
+59) Add support to Prometheus as metrics interface
+
+60) Sanitize DB connection strings before printing to log
+
+61) Syslog facility support as an additional logging mechanism provider
+
+62) Support LibreSSL
+
+63) CMake as an alternative build system
 
 Things to be implemented in future (the development roadmap) 
 are described in the TODO file.