|
|
9460cbb |
Name: coturn
|
|
|
dd09c2e |
Version: 4.5.1.2
|
|
|
dd09c2e |
Release: 1%{?dist}
|
|
|
9460cbb |
Summary: TURN/STUN & ICE Server
|
|
|
9460cbb |
License: BSD
|
|
|
9460cbb |
URL: https://github.com/coturn/coturn/
|
|
|
9460cbb |
Source0: https://github.com/coturn/coturn/archive/%{version}/%{name}-%{version}.tar.gz
|
|
|
9460cbb |
Source1: coturn.service
|
|
|
b5ac27a |
Source2: coturn.tmpfilesd
|
|
|
b5ac27a |
Source3: coturn.logrotate
|
|
|
9460cbb |
|
|
|
9460cbb |
BuildRequires: gcc
|
|
|
9460cbb |
BuildRequires: hiredis-devel
|
|
|
9460cbb |
BuildRequires: libevent-devel >= 2.0.0
|
|
|
9460cbb |
BuildRequires: make
|
|
|
9460cbb |
BuildRequires: mariadb-devel
|
|
|
9460cbb |
BuildRequires: openssl-devel
|
|
|
9460cbb |
BuildRequires: postgresql-devel
|
|
|
9460cbb |
BuildRequires: sqlite-devel
|
|
|
9460cbb |
BuildRequires: systemd
|
|
|
d9dbecf |
Requires(pre): shadow-utils
|
|
|
dd09c2e |
%if 0%{?fedora} || 0%{?rhel} >= 8
|
|
|
dd09c2e |
Recommends: perl-interpreter
|
|
|
dd09c2e |
Recommends: perl(DBI)
|
|
|
dd09c2e |
Recommends: perl(HTTP::Request::Common)
|
|
|
dd09c2e |
Recommends: perl(strict)
|
|
|
dd09c2e |
Recommends: perl(warnings)
|
|
|
dd09c2e |
Recommends: telnet
|
|
|
dd09c2e |
%else
|
|
|
dd09c2e |
Requires: perl-interpreter
|
|
|
dd09c2e |
Requires: perl(DBI)
|
|
|
dd09c2e |
Requires: perl(HTTP::Request::Common)
|
|
|
dd09c2e |
Requires: perl(strict)
|
|
|
dd09c2e |
Requires: perl(warnings)
|
|
|
9460cbb |
Requires: telnet
|
|
|
dd09c2e |
%endif
|
|
|
9460cbb |
Provides: turnserver = %{version}
|
|
|
9460cbb |
%{?systemd_requires}
|
|
|
9460cbb |
|
|
|
9460cbb |
%description
|
|
|
9460cbb |
The Coturn TURN Server is a VoIP media traffic NAT traversal server and gateway.
|
|
|
9460cbb |
It can be used as a general-purpose network traffic TURN server/gateway, too.
|
|
|
9460cbb |
|
|
|
9460cbb |
This implementation also includes some extra features. Supported RFCs:
|
|
|
9460cbb |
|
|
|
9460cbb |
TURN specs:
|
|
|
9460cbb |
- RFC 5766 - base TURN specs
|
|
|
9460cbb |
- RFC 6062 - TCP relaying TURN extension
|
|
|
9460cbb |
- RFC 6156 - IPv6 extension for TURN
|
|
|
9460cbb |
- Experimental DTLS support as client protocol.
|
|
|
9460cbb |
|
|
|
9460cbb |
STUN specs:
|
|
|
9460cbb |
- RFC 3489 - "classic" STUN
|
|
|
9460cbb |
- RFC 5389 - base "new" STUN specs
|
|
|
9460cbb |
- RFC 5769 - test vectors for STUN protocol testing
|
|
|
9460cbb |
- RFC 5780 - NAT behavior discovery support
|
|
|
9460cbb |
|
|
|
9460cbb |
The implementation fully supports the following client-to-TURN-server protocols:
|
|
|
9460cbb |
- UDP (per RFC 5766)
|
|
|
9460cbb |
- TCP (per RFC 5766 and RFC 6062)
|
|
|
9460cbb |
- TLS (per RFC 5766 and RFC 6062); TLS1.0/TLS1.1/TLS1.2
|
|
|
9460cbb |
- DTLS (experimental non-standard feature)
|
|
|
9460cbb |
|
|
|
9460cbb |
Supported relay protocols:
|
|
|
9460cbb |
- UDP (per RFC 5766)
|
|
|
9460cbb |
- TCP (per RFC 6062)
|
|
|
9460cbb |
|
|
|
9460cbb |
Supported user databases (for user repository, with passwords or keys, if
|
|
|
9460cbb |
authentication is required):
|
|
|
9460cbb |
- SQLite
|
|
|
9460cbb |
- MySQL
|
|
|
9460cbb |
- PostgreSQL
|
|
|
9460cbb |
- Redis
|
|
|
9460cbb |
|
|
|
9460cbb |
Redis can also be used for status and statistics storage and notification.
|
|
|
9460cbb |
|
|
|
9460cbb |
Supported TURN authentication mechanisms:
|
|
|
9460cbb |
- long-term
|
|
|
9460cbb |
- TURN REST API (a modification of the long-term mechanism, for time-limited
|
|
|
9460cbb |
secret-based authentication, for WebRTC applications)
|
|
|
9460cbb |
|
|
|
9460cbb |
The load balancing can be implemented with the following tools (either one or a
|
|
|
9460cbb |
combination of them):
|
|
|
9460cbb |
- network load-balancer server
|
|
|
9460cbb |
- DNS-based load balancing
|
|
|
9460cbb |
- built-in ALTERNATE-SERVER mechanism.
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%package utils
|
|
|
9460cbb |
Summary: Coturn utils
|
|
|
dd09c2e |
|
|
|
9460cbb |
%description utils
|
|
|
9460cbb |
This package contains the TURN client utils.
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%package client-libs
|
|
|
dd09c2e |
Summary: TURN client static library
|
|
|
dd09c2e |
|
|
|
9460cbb |
%description client-libs
|
|
|
dd09c2e |
This package contains the TURN client static library.
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%package client-devel
|
|
|
9460cbb |
Summary: Coturn client development headers
|
|
|
dd09c2e |
|
|
|
9460cbb |
%description client-devel
|
|
|
9460cbb |
This package contains the TURN client development headers.
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%prep
|
|
|
dd09c2e |
%setup -q
|
|
|
b5ac27a |
|
|
|
9460cbb |
# NOTE: Use Fedora Default Ciphers
|
|
|
b5ac27a |
%if 0%{?fedora} || 0%{?rhel} >= 8
|
|
|
9460cbb |
sed -i \
|
|
|
b5ac27a |
-e 's|#define DEFAULT_CIPHER_LIST "DEFAULT"|#define DEFAULT_CIPHER_LIST "PROFILE=SYSTEM"|g' \
|
|
|
b5ac27a |
-e 's|/* "ALL:eNULL:aNULL:NULL" */|/* Fedora Defaults */|g' \
|
|
|
9460cbb |
src/apps/relay/mainrelay.h
|
|
|
9460cbb |
sed -i \
|
|
|
b5ac27a |
-e 's|*csuite = "ALL"; //"AES256-SHA" "DH"|*csuite = "PROFILE=SYSTEM"; // Fedora Defaults|g' \
|
|
|
9460cbb |
src/apps/uclient/mainuclient.c
|
|
|
b5ac27a |
%endif
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%build
|
|
|
dd09c2e |
%configure \
|
|
|
dd09c2e |
--confdir=%{_sysconfdir}/%{name} \
|
|
|
9460cbb |
--examplesdir=%{_docdir}/%{name} \
|
|
|
9460cbb |
--schemadir=%{_datadir}/%{name} \
|
|
|
9460cbb |
--manprefix=%{_datadir} \
|
|
|
9460cbb |
--docdir=%{_docdir}/%{name} \
|
|
|
b5ac27a |
--turndbdir=%{_localstatedir}/lib/%{name} \
|
|
|
9460cbb |
--disable-rpath
|
|
|
9460cbb |
%make_build
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%install
|
|
|
9460cbb |
%make_install
|
|
|
b5ac27a |
mkdir -p %{buildroot}{%{_sysconfdir}/pki/coturn/{public,private},{%{_rundir},%{_localstatedir}/{lib,log}}/%{name}}
|
|
|
9460cbb |
install -Dpm 0644 %{SOURCE1} %{buildroot}%{_unitdir}/coturn.service
|
|
|
b5ac27a |
install -Dpm 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/coturn.conf
|
|
|
b5ac27a |
install -Dpm 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
|
|
|
9460cbb |
sed -i \
|
|
|
b5ac27a |
-e "s|^syslog$|#syslog|g" \
|
|
|
b5ac27a |
-e "s|^#*log-file=.*|log-file=/var/log/coturn/turnserver.log|g" \
|
|
|
b5ac27a |
-e "s|^#*simple-log|simple-log|g" \
|
|
|
b5ac27a |
-e "s|^#*cert=.*|#cert=/etc/pki/coturn/public/turn_server_cert.pem|g" \
|
|
|
b5ac27a |
-e "s|^#*pkey=.*|#pkey=/etc/pki/coturn/private/turn_server_pkey.pem|g" \
|
|
|
9460cbb |
%{buildroot}%{_sysconfdir}/%{name}/turnserver.conf.default
|
|
|
b5ac27a |
touch -c -r examples/etc/turnserver.conf %{buildroot}%{_sysconfdir}/%{name}/turnserver.conf.default
|
|
|
9460cbb |
mv %{buildroot}%{_sysconfdir}/%{name}/turnserver.conf.default %{buildroot}%{_sysconfdir}/%{name}/turnserver.conf
|
|
|
9460cbb |
# NOTE: Removing sqlite db, certs and keys
|
|
|
b5ac27a |
rm %{buildroot}%{_localstatedir}/lib/%{name}/turndb
|
|
|
dd09c2e |
rm %{buildroot}%{_docdir}/%{name}/etc/{cacert,turn_{client,server}_{cert,pkey}}.pem
|
|
|
dd09c2e |
rm %{buildroot}%{_docdir}/%{name}/etc/coturn.service
|
|
|
dd09c2e |
|
|
|
dd09c2e |
|
|
|
dd09c2e |
%check
|
|
|
dd09c2e |
make test
|
|
|
dd09c2e |
|
|
|
dd09c2e |
|
|
|
dd09c2e |
%pre
|
|
|
dd09c2e |
getent group coturn >/dev/null || groupadd -r coturn
|
|
|
dd09c2e |
getent passwd coturn >/dev/null || \
|
|
|
dd09c2e |
useradd -r -g coturn -d %{_datadir}/%{name} -s /sbin/nologin \
|
|
|
dd09c2e |
-c "Coturn TURN Server daemon" coturn
|
|
|
dd09c2e |
exit 0
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%post
|
|
|
9460cbb |
%systemd_post coturn.service
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%preun
|
|
|
9460cbb |
%systemd_preun coturn.service
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%postun
|
|
|
9460cbb |
%systemd_postun_with_restart coturn.service
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%files
|
|
|
13db710 |
%license LICENSE
|
|
|
9460cbb |
%{_bindir}/turnserver
|
|
|
9460cbb |
%{_bindir}/turnadmin
|
|
|
9460cbb |
%dir %{_datadir}/%{name}
|
|
|
9460cbb |
%{_datadir}/%{name}/*.redis
|
|
|
9460cbb |
%{_datadir}/%{name}/*.sql
|
|
|
9460cbb |
%{_datadir}/%{name}/*.sh
|
|
|
9460cbb |
%dir %{_docdir}/%{name}
|
|
|
9460cbb |
%{_docdir}/%{name}/README.*
|
|
|
9460cbb |
%exclude %{_docdir}/%{name}/README.turnutils
|
|
|
9460cbb |
%exclude %{_docdir}/%{name}/INSTALL
|
|
|
9460cbb |
%exclude %{_docdir}/%{name}/LICENSE
|
|
|
9460cbb |
%exclude %{_docdir}/%{name}/postinstall.txt
|
|
|
9460cbb |
%dir %{_docdir}/%{name}/etc
|
|
|
9460cbb |
%doc %{_docdir}/%{name}/etc/*
|
|
|
9460cbb |
%dir %{_docdir}/%{name}/scripts
|
|
|
9460cbb |
%dir %{_docdir}/%{name}/scripts/*
|
|
|
9460cbb |
%{_docdir}/%{name}/scripts/*.sh
|
|
|
9460cbb |
%{_docdir}/%{name}/scripts/readme.txt
|
|
|
9460cbb |
%doc %{_docdir}/%{name}/scripts/*/*
|
|
|
9460cbb |
# NOTE: These schema files are installed twice. Excluding copies in docs.
|
|
|
9460cbb |
%exclude %doc %{_docdir}/%{name}/schema.mongo.sh
|
|
|
9460cbb |
%exclude %doc %{_docdir}/%{name}/schema.sql
|
|
|
9460cbb |
%exclude %doc %{_docdir}/%{name}/schema.stats.redis
|
|
|
9460cbb |
%exclude %doc %{_docdir}/%{name}/schema.userdb.redis
|
|
|
9460cbb |
%{_mandir}/man1/coturn.1.*
|
|
|
9460cbb |
%{_mandir}/man1/turnserver.1.*
|
|
|
9460cbb |
%{_mandir}/man1/turnadmin.1.*
|
|
|
b5ac27a |
%dir %attr(0750,root,%{name}) %{_sysconfdir}/%{name}
|
|
|
b5ac27a |
%config(noreplace) %attr(0640,root,%{name}) %{_sysconfdir}/%{name}/turnserver.conf
|
|
|
b5ac27a |
%dir %{_sysconfdir}/pki/%{name}
|
|
|
b5ac27a |
%dir %{_sysconfdir}/pki/%{name}/public
|
|
|
b5ac27a |
%dir %attr(0750,root,%{name}) %{_sysconfdir}/pki/%{name}/private
|
|
|
9460cbb |
%{_unitdir}/coturn.service
|
|
|
b5ac27a |
%{_tmpfilesdir}/coturn.conf
|
|
|
b5ac27a |
%dir %attr(0750,%{name},%{name}) %{_rundir}/%{name}
|
|
|
b5ac27a |
%dir %attr(0750,%{name},%{name}) %{_localstatedir}/lib/%{name}
|
|
|
b5ac27a |
%dir %attr(0750,%{name},%{name}) %{_localstatedir}/log/%{name}
|
|
|
b5ac27a |
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%files utils
|
|
|
13db710 |
%license LICENSE
|
|
|
9460cbb |
%{_bindir}/turnutils_peer
|
|
|
9460cbb |
%{_bindir}/turnutils_stunclient
|
|
|
9460cbb |
%{_bindir}/turnutils_uclient
|
|
|
9460cbb |
%{_bindir}/turnutils_oauth
|
|
|
9460cbb |
%{_bindir}/turnutils_natdiscovery
|
|
|
9460cbb |
%doc %{_docdir}/%{name}/README.turnutils
|
|
|
9460cbb |
%{_mandir}/man1/turnutils.1.*
|
|
|
9460cbb |
%{_mandir}/man1/turnutils_*.1.*
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%files client-libs
|
|
|
13db710 |
%license LICENSE
|
|
|
9460cbb |
%{_libdir}/libturnclient.a
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%files client-devel
|
|
|
13db710 |
%license LICENSE
|
|
|
9460cbb |
%dir %{_includedir}/turn
|
|
|
9460cbb |
%{_includedir}/turn/*.h
|
|
|
9460cbb |
%dir %{_includedir}/turn/client
|
|
|
9460cbb |
%{_includedir}/turn/client/*
|
|
|
9460cbb |
|
|
|
9460cbb |
|
|
|
9460cbb |
%changelog
|
|
|
dd09c2e |
* Sat May 16 2020 Robert Scheck <robert@fedoraproject.org> - 4.5.1.2-1
|
|
|
dd09c2e |
- Update to 4.5.1.2
|
|
|
dd09c2e |
|
|
|
d9dbecf |
* Mon Mar 23 2020 Robert Scheck <robert@fedoraproject.org> - 4.5.1.1-3
|
|
|
d9dbecf |
- Added upstream patch for CVE-2020-6061 (#1816159)
|
|
|
d9dbecf |
- Backported upstream patch for CVE-2020-6062 (#1816163)
|
|
|
d9dbecf |
|
|
|
69b3b6b |
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.5.1.1-2
|
|
|
69b3b6b |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
|
69b3b6b |
|
|
|
ef6a75d |
* Sat Jul 27 2019 Robert Scheck <robert@fedoraproject.org> - 4.5.1.1-1
|
|
|
ef6a75d |
- Update to 4.5.1.1
|
|
|
ef6a75d |
|
|
|
13db710 |
* Fri Jul 26 2019 Robert Scheck <robert@fedoraproject.org> - 4.5.1.0-3
|
|
|
b5ac27a |
- Added patch to append only to log files rather to override always
|
|
|
b5ac27a |
- Relocate SQLite database to FHS conform /var/lib/coturn/turndb path
|
|
|
b5ac27a |
- Include default log file directory with logrotate configuration
|
|
|
b5ac27a |
- Provide /run/coturn and correct PID file handling (#1705146)
|
|
|
b5ac27a |
- Ensure private keys for SSL certs can be only read by coturn user
|
|
|
b5ac27a |
- Ensure /etc/coturn/turnserver.conf can be only read by coturn user
|
|
|
13db710 |
- Correct subpackage licensing as per Fedora Packaging Guidelines
|
|
|
13db710 |
|
|
|
947cfdb |
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.5.1.0-2
|
|
|
947cfdb |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
|
947cfdb |
|
|
|
9460cbb |
* Mon Feb 18 2019 Christian Glombek <lorbus@fedoraproject.org> - 4.5.1.0-1
|
|
|
9460cbb |
- Initial Fedora Package
|
|
|
9460cbb |
- Update to 4.5.1.0
|
|
|
9460cbb |
- Introduce consistent naming, rename service to coturn
|
|
|
9460cbb |
- Add configure, make and systemd macros
|
|
|
9460cbb |
- Remove dependencies on mariadb, mysql, postgresql and sqlite
|
|
|
9460cbb |
- Forked from https://github.com/coturn/coturn/blob/af674368d120361603342ff4ff30b44f147a38ff/rpm/turnserver.spec
|