From bf89c491bbab0797807d8eae37bbf3a13b701606 Mon Sep 17 00:00:00 2001 From: 0x4A6F <0x4A6F@users.noreply.github.com> Date: Mon, 11 Jan 2021 10:27:59 +0000 Subject: [PATCH] coturn: 4.5.1.3 -> 4.5.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Version 4.5.2 'dan Eider': - fix null pointer dereference in case of out of memory. (thanks to Thomas Moeller for the report) - merge PR 517 (by wolmi) * add prometheus metrics - merge PR 637 (by David Florness) * Delete trailing whitespace in example configuration files - merge PR 631 (by Debabrata Deka) * Add architecture ppc64le to travis build - merge PR 627 (by Samuel) * Fix misleading option in doc (prometheus) - merge PR 643 (by tupelo-schneck) * Allow RFC6062 TCP relay data to look like TLS - merge PR 655 (by plinss) * Add support for proxy protocol V1 - merge PR 618 (by Paul Wayper) * Print full date and time in logs * Add new options: "new-log-timestamp" and "new-log-timestamp-format" - merge PR 599 (by Cédric Krier) * Do not use FIPS and remove hardcode OPENSSL_VERSION_NUMBER with LibreSSL - update Docker mongoDB and fix with workaround the missing systemctl - merge PR 660 (by Camden Narzt) * fix compilation on macOS Big Sur - merge PR 546 (by jelmd) * Add ACME redirect url - merge PR 551 (by jelmd) * support of --acme-redirect - merge PR 672 further acme fixes (by jemld) * fix acme security, redundancy, consistency - Disable binding request logging to avoid DoS attacks. (Breaking change!) * Add new --log-binding option to enable binding request logging - Fix stale-nonce documentation. Resolves 604 - Version number is changed to semver 2.0 - Merge PR 288 (by Hristo Venev) * pkg-config, and various cleanups in configure file - Add systemd notification for better systemd integration - Fix Issue 621 (by ycaibb) * Fix: Null pointer dereference on tcp_client_input_handler_rfc6062data function - Fix Issue 600 (by ycaibb) * Fix: use-after-free vulnerability on write_to_peerchannel function - Fix Issue 601 (by ycaibb) * Fix: use-after-free vulnerability on write_client_connection function - Little refactoring prometheus * Fix c++ support * Simplify (as agreed in Issue 666) * Remove session id/allocation labels * Remove per session metrics. We should later add more counters. - Fix CVE-2020-26262 (credits: Enable-Security) * Fix ipv6 ::1 loopback check * Not allow allocate peer address 0.0.0.0/8 and ::/128 * For more details see the github security advisory: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p --- pkgs/servers/coturn/default.nix | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/pkgs/servers/coturn/default.nix b/pkgs/servers/coturn/default.nix index 91ecfc113cd..73b1ba01844 100644 --- a/pkgs/servers/coturn/default.nix +++ b/pkgs/servers/coturn/default.nix @@ -1,17 +1,34 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch, openssl, libevent }: +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, openssl +, libevent +, pkg-config +, libprom +, libpromhttp +, libmicrohttpd +}: stdenv.mkDerivation rec { pname = "coturn"; - version = "4.5.1.3"; + version = "4.5.2"; src = fetchFromGitHub { owner = "coturn"; repo = "coturn"; rev = version; - sha256 = "1801931k4qdvc7jvaqxvjyhbh1xsvjz0pjajf6xc222n4ggar1q5"; + sha256 = "1s7ncc82ny4bb3qkn3fqr0144xsr7h2y8xmzsf5037h6j8f7j3v8"; }; - buildInputs = [ openssl libevent ]; + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ + openssl + libevent + libprom + libpromhttp + libmicrohttpd + ]; patches = [ ./pure-configure.patch @@ -23,6 +40,6 @@ stdenv.mkDerivation rec { description = "A TURN server"; platforms = platforms.all; broken = stdenv.isDarwin; # 2018-10-21 - maintainers = [ maintainers.ralith ]; + maintainers = with maintainers; [ ralith _0x4A6F ]; }; }