head 1.12; access; symbols pkgsrc-2026Q1:1.12.0.2 pkgsrc-2026Q1-base:1.12 pkgsrc-2025Q4:1.7.0.6 pkgsrc-2025Q4-base:1.7 pkgsrc-2025Q3:1.7.0.4 pkgsrc-2025Q3-base:1.7 pkgsrc-2025Q2:1.7.0.2 pkgsrc-2025Q2-base:1.7 pkgsrc-2025Q1:1.6.0.2 pkgsrc-2025Q1-base:1.6; locks; strict; comment @# @; 1.12 date 2026.02.27.16.03.09; author gdt; state Exp; branches; next 1.11; commitid ojJ331qs6qGq12wG; 1.11 date 2026.02.27.15.29.25; author gdt; state Exp; branches; next 1.10; commitid E6dCkb4tYjStQ1wG; 1.10 date 2026.02.27.14.29.16; author adam; state Exp; branches; next 1.9; commitid Gr4joMVrC06Iv1wG; 1.9 date 2026.02.08.00.52.55; author gdt; state Exp; branches; next 1.8; commitid xdv8yBNQ14cpzvtG; 1.8 date 2026.01.07.08.48.14; author wiz; state Exp; branches; next 1.7; commitid 1wQ3ICD8eebefrpG; 1.7 date 2025.04.17.21.51.51; author wiz; state Exp; branches; next 1.6; commitid xcIXAVA292fk6sRF; 1.6 date 2025.01.23.17.47.20; author gdt; state Exp; branches; next 1.5; commitid hsg9W2fk2ClXsDGF; 1.5 date 2025.01.23.17.33.16; author gdt; state Exp; branches; next 1.4; commitid GhUfmhnOtsJfnDGF; 1.4 date 2025.01.23.17.21.26; author gdt; state Exp; branches; next 1.3; commitid uEazgoB2ZJyqiDGF; 1.3 date 2025.01.23.17.06.18; author gdt; state Exp; branches; next 1.2; commitid 86MzuOMVjOEydDGF; 1.2 date 2025.01.23.16.24.02; author adam; state Exp; branches; next 1.1; commitid R4cghBnndefn0DGF; 1.1 date 2025.01.15.14.13.39; author manu; state Exp; branches; next ; commitid opWQ5USesVIwxAFF; desc @@ 1.12 log @net/coturn: Require openssl 3 Upstream did not note this rather significant change in NEWS :-( Restores building on NetBSD 9. No PKGREVISION, as I think this is a NOP on systems that used openssl 3 anyway, and it didn't build on those that defaulted to 1.1.1. @ text @# $NetBSD: Makefile,v 1.11 2026/02/27 15:29:25 gdt Exp $ DISTNAME= coturn-4.9.0 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_GITHUB:=coturn/} MAINTAINER= gdt@@NetBSD.org #MAINTAINER+= kethzer.dr@@gmail.com HOMEPAGE= https://github.com/coturn/coturn COMMENT= TURN and STUN server (for VoIP/webrtc) LICENSE= modified-bsd USE_LANGUAGES= c c++ USE_LIBTOOL= yes USE_TOOLS+= pkg-config HAS_CONFIGURE= yes # Set up to run as a non-root user, with a partitioned data directory. COTURN_USER?= coturn COTURN_GROUP?= ${COTURN_USER} COTURN_DATA?= ${VARBASE}/db/coturn BUILD_DEFS+= COTURN_USER COTURN_GROUP VARBASE COTURN_DATA # \todo Justify disabling rpath. CONFIGURE_ARGS+= --disable-rpath CONFIGURE_ARGS+= --localstatedir ${COTURN_DATA} CONFIGURE_ARGS+= --prefix ${PREFIX} # Pass cflags/libs CONFIGURE_ENV+= LIBEVENT_OPENSSL_CFLAGS="-I${BUILDLINK_PREFIX.libevent}/include" CONFIGURE_ENV+= LIBEVENT_OPENSSL_LIBS="-L${BUILDLINK_PREFIX.libevent}/lib -levent_openssl -levent" # \todo File a bug upstream, or explain why the warning is wrong. CFLAGS+= -Wno-stringop-truncation COTURN_CONFIG= ${PKG_SYSCONFDIR}/turnserver.conf COTURN_EGDIR= ${PREFIX}/share/examples/coturn CONF_FILES= ${COTURN_EGDIR}/etc/turnserver.conf ${COTURN_CONFIG} RCD_SCRIPTS= turnserver # Create the data directory, because the daemon can't due to dropping root. OWN_DIRS_PERMS+= ${COTURN_DATA} ${COTURN_USER} ${COTURN_GROUP} 0770 PKG_USERS_VARS= COTURN_USER PKG_GROUPS_VARS= COTURN_GROUP PKG_GROUPS= ${COTURN_GROUP} PKG_USERS= ${COTURN_USER}:${COTURN_GROUP} PKG_GECOS.${COTURN_USER}= coturn daemon user PKG_HOME.${COTURN_USER}= ${COTURN_DATA} PKG_SHELL.${COTURN_USER}= ${NOLOGIN} FILES_SUBST+= COTURN_USER=${COTURN_USER:Q} FILES_SUBST+= COTURN_GROUP=${COTURN_GROUP:Q} FILES_SUBST+= PKG_SYSCONFDIR=${PKG_SYSCONFDIR} # Use coturn as docs/examples subdir name. \todo No command-line argument? CONFIGURE_ENV+= PORTNAME=coturn # Defaults to ${PREFIX}/etc; respect pkgsrc tunable. CONFIGURE_ARGS+= --confdir=${PKG_SYSCONFDIR} # Defaults to ${PREFIX}/var; give it a subdirectory. CONFIGURE_ARGS+= --localstatedir=${COTURN_DATA} # \todo Why is there a db installed in /var? If not within PREFIX we don't pick it up, # but it seems like a bug. .include "options.mk" # upstream installs both a .conf.default in etcdir, and the # pkgsrc-right-way .conf in egdir. post-install: ${RM} ${DESTDIR}${PKG_SYSCONFDIR}/turnserver.conf.default TEST_TARGET= check .include "../../devel/libevent/buildlink3.mk" BUILDLINK_API_DEPENDS.openssl+= openssl>=3.0.2 .include "../../security/openssl/buildlink3.mk" .include "../../mk/bsd.pkg.mk" @ 1.11 log @net/coturn: Restore wrongly-deleted comment @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10 2026/02/27 14:29:16 adam Exp $ d77 1 @ 1.10 log @coturn: updated to 4.9.0 4.9.0 Changelist: - Fix thread sanitizer warning - OpenSSL: migrate to modern API for DH param - Migrate AES-128 encryption from deprecated OpenSSL API to EVP - Fix unbounded strcpy in stun_method_str (ns_turn_msg.c) - Fix missing null termination in addr_to_string (ns_turn_ioaddr.c) - Fix missing null termination after strncpy in DB drivers - Fix unbounded strcpy in HTTP response (http_server.c) - Remove ubuntu20, DEBUG builds from build matrix - Fix buffer overflow in decryptPassword in mysql - Fix missing null termination after strncpy in MongoDB driver (dbd_mongo.c) - Fix buffer overflow in decrypt_aes_128 - Fix Web Admin Password Check @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.9 2026/02/08 00:52:55 gdt Exp $ d64 3 @ 1.9 log @net/coturn: Update to 4.8.0 Release 4.8.0 Changelist: - Allow faster packet validation on listener threads (#1768) (Pavel Punsky ) - Fix order of arguments to calloc (#1790) (Pavel Punsky ) - Fix crashes while setting socket buffer size (#1789) (Pavel Punsky ) - Implement configurable buffer sizes (#1780) (Pavel Punsky ) - Update Alpine to 3.23.2 version in Docker image (tyranron ) - Update Debian "trixie" to 20251208 snapshot in Docker image (tyranron ) - Use bool to enable prometheus (#1779) (Pavel Punsky ) - Fix memory leak using libevent (#1751) (Pavel Punsky ) - Addressed possible null pointer dereferences (#1729) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - Address possible null pointer dereferences (#1744) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - Improve const correctness in coturn (#1424) (Michael Jones ) - Update attribute values according to RFC 8656 (#1748) (Pavel Punsky ) - Fixing missing dependencies in Makefile (#1739) (Jun Lyu <71107931+Meiye-lj@@users.noreply.github.com>) - Add fuzzing to ci workflows (#1745) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - mainreplay: fix leak in decrypt_aes_128() (#1737) (Lidong Yan <502024330056@@smail.nju.edu.cn>) - Upgrade Debian to "trixie" in Docker image (tyranron ) - Fix typo in Docker CI spec (tyranron ) - Verify CHANGELOG date on Docker CI (tyranron ) - Fix logging before parsing logging cmd line args (#1723) (Gustavo Garcia ) - Fix dead link in turnserver.spec Source0 field (#1722) (Copilot <198982749+Copilot@@users.noreply.github.com>) - reduce calls to random (#1710) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - Fix null pointer dereference in set_ssl_ctx function (#1720) (Gustavo Garcia ) - Add configurable CPU count option for containerized environments (#1717) (Copilot <198982749+Copilot@@users.noreply.github.com>) - Fix memory and resource leaks in udp_create_server_socket( ) (#1714) (lhywk ) - Add define to disable OAuth support (#1713) (Shane ) - typo correction (#1715) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - refactored tri-state to bools (#1709) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - addressed null pointer deref warnings (#1712) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - removed unnecessary null check (#1706) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - Fix compiler warnings in source files (#1704) (Gustavo Garcia ) - Revert random number generation (Pavel Punsky ) - guarantee no oob write in strncat (#1702) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - Fix issues with Global Allocation Count for drain mode (#1699) (Scott Godin ) - fix: comment out verbose mode by default (#1696) (Amin Farjadi <31803062+amin-farjadi@@users.noreply.github.com>) Contributors: - Amin Farjadi <31803062+amin-farjadi@@users.noreply.github.com> - Copilot <198982749+Copilot@@users.noreply.github.com> - dependabot[bot] <49699333+dependabot[bot]@@users.noreply.github.com> - Gustavo Garcia - Jun Lyu <71107931+Meiye-lj@@users.noreply.github.com> - Kai Ren - lhywk - Lidong Yan <502024330056@@smail.nju.edu.cn> - Michael Jones - Pavel Punsky - redraincatching <99604494+redraincatching@@users.noreply.github.com> - Scott Godin - Shane - tyranron Release 4.7.0 Changelist: - [BREAKING] Remove support for openssl older than 1.1.1 (#1397) (Michael Jones ) - [BREAKING] Cleanup deprecated options (#1599) (Pavel Punsky ) - [BREAKING] Reverse SOFTWARE_ATTRIBUTE_OPT to avoid inverse logic (#1598) (Pavel Punsky ) - [BREAKING] Deprecate response-origin-only-with-rfc5780 (#1690) (Pavel Punsky ) - [BREAKING] Invert no-stun-backward-compatibility to be default on (#1689) (Pavel Punsky ) - Make older TLS versions optional (#1693) (Pavel Punsky ) - Add missing close socket when ioa_socket call fails (#1694) (tyranron ) - Add spdx tags to all source files (#1510) (Michael Jones ) - Address various minor clang-tidy warnings (#1513) (Michael Jones ) - Update reference to old draft in README to RFC8016 (Gustavo Garcia ) - Invert RFC5780 option to default off (#1688) (Pavel Punsky ) - Add modules diagram to developer doc (#1685) (Gustavo Garcia ) - Fix compilation warning with const - non const conversions (#1686) (Gustavo Garcia ) - Makefile.in: Don't install sql schema into DOCSDIR (#1684) (Greg Troxel ) - Fix infinite loop in ns_turn_server.c (#1460) (Asmir Mehic ) - Fix the ability to compile coturn using C++ compiler (#1546) (Michael Jones ) - Restore returning 200 OK on root prometheus path for health check (#1678) (Gustavo Garcia ) - Improve MySQL connection error logging to include actual MySQL error message (#1679) (Gustavo Garcia ) - redis: use dbname param when redis is unauthenticated (#1668) (maddy ) - Show allocations increment/decrement logs behind verbose flag (#1677) (Gustavo Garcia ) - [Fix] Fix Repeated Line in Example turnserver.conf (#1671) (Stefan Kieszkowski <85728496+stefankiesz@@users.noreply.github.com>) - change for incorrect handling of TURN_NO_TLS environment variable (#1663) (Leonid Gorbachev <60500216+leonidgorbachev@@users.noreply.github.com>) - Add Content-Type header to prometheus response (#1662) (Pavel Punsky ) - Fix infinite loop while triggering SIGHUP and log file reset causing … (#1630) (nicolas-laduguie <111897939+nicolas-laduguie@@users.noreply.github.com>) - rename and dependency extraction (#1634) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - updated types to bool in _turn_params_ to reflect C11 (#1406) (redraincatching <99604494+redraincatching@@users.noreply.github.com>) - Windows '_WTA' bug (#1624) (guoyingbo ) - Fix cmake issues detecting mongo and libsystemd on macOS (#1621) (Pavel Punsky ) - Fix hiredis detection by cmake (#1620) (Pavel Punsky ) - Drop TLS version support detection (#1617) (Pavel Punsky ) - Cleanup ALPN_SUPPORTED define usage (#1616) (Pavel Punsky ) - Fix warnings type conversion (#1615) (Pavel Punsky ) - Add parameter for specifying prometheus path (#1602) (Alex Gustafsson <89969483+alexg-axis@@users.noreply.github.com>) - Do not build with Ubuntu 18, use 24 (#1613) (Pavel Punsky ) Contributors: - Alex Gustafsson <89969483+alexg-axis@@users.noreply.github.com> - Asmir Mehic - Greg Troxel - guoyingbo - Gustavo Garcia - Kai Ren - Leonid Gorbachev <60500216+leonidgorbachev@@users.noreply.github.com> - maddy - Michael Jones - nicolas-laduguie <111897939+nicolas-laduguie@@users.noreply.github.com> - Pavel Punsky - redraincatching <99604494+redraincatching@@users.noreply.github.com> - Stefan Kieszkowski <85728496+stefankiesz@@users.noreply.github.com> - tyranron @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 2026/01/07 08:48:14 wiz Exp $ d3 1 a3 1 DISTNAME= coturn-4.8.0 d55 1 a55 1 FILES_SUBST+= PKG_SYSCONFDIR=${PKG_SYSCONFDIR:Q} @ 1.8 log @*: recursive bump for icu 78.1 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 2025/04/17 21:51:51 wiz Exp $ d3 1 a3 2 DISTNAME= coturn-4.6.3 PKGREVISION= 9 d24 1 a63 7 # \todo Why is there a db installed in /var? If not within PREFIX we don't pick it up, # but it seems like a bug. # Upstream installs some files twice (examples and docs). This is not # causing real trouble, but it's a bug. # https://github.com/coturn/coturn/issues/1631 d71 2 @ 1.7 log @*: recursive bump for icu 77 and libxml2 2.14 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2025/01/23 17:47:20 gdt Exp $ d4 1 a4 1 PKGREVISION= 8 @ 1.6 log @net/coturn: Take MAINTAINERship Leave previous MAINTAINER (email timed out) as co-maintainer. Add upstream bug report about duplicate installed scheme files. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 2025/01/23 17:33:16 gdt Exp $ d4 1 a4 1 PKGREVISION= 7 @ 1.5 log @net/coturn: Set up partitioned data directory with right permissions (This is step 3 of the 3-way merge from wip, and I think the end.) Because the daemon runs as a non-root user, it needs to have the state directory pre-created with the right uid/gid and (probably) also permissions to prevent randoms from reading the state. PKGREVISION set to high enough that this will seem newer than the wip packages. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2025/01/23 17:21:26 gdt Exp $ d8 2 a9 2 MAINTAINER= kethzer.dr@@gmail.com #MAINTAINER+= gdt@@NetBSD.org d67 4 @ 1.4 log @coturn: Merge improvements from wip This is step 2 of the three-way merge of wip and net. - Set up a non-root user/group and tell the daemon to run as that user, avoiding it staying as root. - Use 'coturn' as the package name consistently, because upstream releases the package coturn containing the program turnserver. The package name is used for example/doc directories and the user/group. - Respect PKG_SYSCONFDIR harder, not letting coturn default to $prefix/etc, and use PKG_SYSCONFDIR in the rc.d script. - Simplify CONF_FILES handling, as upstream already installed the example in $egdir as just turnserver.conf. Rather than moving .conf.example from etcdir to egdir, just remove, and then have CONF_FILES use the example. - add comment about a database installed in .destdir/var -- which doesn't get picked up by the package but still seems wrong. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.3 2025/01/23 17:06:18 gdt Exp $ d4 1 a4 1 PKGREVISION= 2 d18 7 d26 1 a26 1 CONFIGURE_ARGS+= --localstatedir ${VARBASE}/turnserver a39 1 BUILD_DEFS+= VARBASE d42 2 a43 5 # Set up to run as a non-root user. COTURN_USER?= coturn COTURN_GROUP?= ${COTURN_USER} COTURN_DATA?= ${VARBASE}/db/coturn BUILD_DEFS+= COTURN_USER COTURN_GROUP COTURN_DATA @ 1.3 log @net/coturn: Merge (minor) improvements from wip (There is also wip/coturn, from which net/ was apparently imported. I didn't realize net/coturn existed,, and had improved wip significantly, and Adam made mostly-independent improvements to net/, probably not realizing wip/coturn existed... This is of the start of fully merging back to just net/ with all the improvements.) - reword DESCR and COMMENT based on upstream site - take coMAINTAINERSHIP, to be changed to MAINTAINER after mail I sent to the MAINTAINER times out - fix rcsid in rc script - add comment about disabling the stringop warning; it's not clear that this isn't masking bugs (Overall, this commit does nothing impactful.) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.2 2025/01/23 16:24:02 adam Exp $ d4 1 a4 1 PKGREVISION= 1 d30 2 a31 2 COTURN_EGDIR= ${PREFIX}/share/examples/turnserver CONF_FILES= ${COTURN_EGDIR}/turnserver.conf.default ${COTURN_CONFIG} d36 28 d66 2 d69 1 a69 2 ${MV} ${DESTDIR}${PKG_SYSCONFDIR}/turnserver.conf.default \ ${DESTDIR}${COTURN_EGDIR}/turnserver.conf.default @ 1.2 log @coturn: cleanup, fix options, fix rc.d file, bump revision @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1 2025/01/15 14:13:39 manu Exp $ d9 1 d11 1 a11 1 COMMENT= VoIP media traffic NAT traversal server d26 1 @ 1.1 log @Add net/coturn 4.6.3, contributed to pkgsrc-wip by kethzer.dr@@gmail.com From contributor TODO list: > Install upstream's postinstall as documentation. > > Fix path to examples. > > Fix detection of libevent2. > > This package has known vulnerabilities, please investigate and fix if > possible: > CVE-2018-4056, CVE-2018-4058, CVE-2018-4059 @ text @d1 1 a1 1 # $NetBSD$ d4 1 a6 1 GITHUB_PROJECT= coturn d13 7 a19 6 USE_LANGUAGES= c c++ USE_TOOLS+= pkg-config USE_LIBTOOL= yes HAS_CONFIGURE= yes a21 1 CONFIGURE_ENV+= PTHREAD_LIBS=-pthread TURN_DISABLE_RPATH=1 d25 1 a25 21 # Configure installation paths. # \todo Why is this not setting PREFIX? CONFIGURE_ENV+= BINDIR=${PREFIX}/bin CONFIGURE_ENV+= LIBDIR=${PREFIX}/lib CONFIGURE_ENV+= MANPREFIX=${PREFIX} CONFIGURE_ENV+= CONFDIR=${PKG_SYSCONFDIR} CONFIGURE_ENV+= INCLUDEDIR=${PREFIX}/include CONFIGURE_ENV+= LOCALSTATEDIR=${PREFIX}/var/turnserver CONFIGURE_ENV+= DOCSDIR=${PREFIX}/share/doc/coturn CONFIGURE_ENV+= EXAMPLESDIR=${PREFIX}/share/examples/coturn CONFIGURE_ENV+= TURNDBDIR=${VARBASE}/turnserver CONFIGURE_ENV+= TURNINCLUDEDIR=${PREFIX}/include/turn CONFIGURE_ENV+= TURN_NO_MYSQL=1 CFLAGS+= -Wno-stringop-truncation COTURN_CONFIG= ${PKG_SYSCONFDIR}/turnserver.conf COTURN_EGDIR= ${PKG_SYSCONFDIR} CONF_FILES+= ${COTURN_EGDIR}/turnserver.conf.default ${COTURN_CONFIG} RCD_SCRIPTS= turnserver d27 3 a29 1 WRKSRC= ${WRKDIR}/${DISTNAME} d32 1 d36 5 a41 1 .include "../../devel/libevent/buildlink3.mk" @