View Source Changelog
All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.
unreleased
Unreleased
1-8-3-2022-05-12
1.8.3 - 2022-05-12
changed
Changed
- Specifying an
ip
address forlisten
entries is no longer mandatory. The default value is now"::"
. - Make sure eturnal's
log_dir
is used for the additional log files created byeturnalctl daemon
. - Keep TURN session IDs unique across eturnal restarts.
- Binary release: Update Erlang/OTP from 24.2.2 to 24.3.4.
- Binary release: Update OpenSSL from 1.1.1m to 1.1.1o.
- Binary release: Update zlib from 1.2.11 to 1.2.12.
- Binary release: Use new (GCC-11.2-based) version of build toolchain.
- Binary release: Provide self-extracting installer for non-DEB/RPM systems.
fixed
Fixed
- Windows: Don't fail to start up after reboot.
1-8-2-2022-03-02
1.8.2 - 2022-03-02
changed-1
Changed
- Use a (pseudo)random
secret
by default. - Improve autodetection of relay IP addresses used by default if the
relay_ipv4_addr
and/orrelay_ipv6_addr
options aren't specified. - Binary release: Update Erlang/OTP from 24.2 to 24.2.2.
fixed-1
Fixed
- Don't crash without explicit
listen
configuration. This bug was introduced with version 1.7.0. - Don't crash if the configuration file is empty (i.e., has no
eturnal
section). - Don't crash if TURN is enabled without a public IPv6 relay address being available.
1-8-1-2022-01-10
1.8.1 - 2022-01-10
fixed-2
Fixed
- Don't fail to handle the
$user
argument of theeturnalctl sessions
andeturnalctl disconnect
calls.
1-8-0-2022-01-10
1.8.0 - 2022-01-10
added
Added
- Allow for configuring TLS connection properties using the new
tls_options
,tls_ciphers
, andtls_dh_file
options (#6). - Allow for specifying a
whitelist
of IP addresses/subnets which will be accepted even if they would otherwise be rejected due to being matched by ablacklist
(#12). - Don't close active TURN sessions when ephemeral credentials expire, by
default. The new
strict_expiry
option allows for enabling the previous behavior. - Add
eturnalctl disconnect $user
command for closing any TURN session(s) of the specified$user
name. - Let the
eturnalctl sessions
command accept an optional$user
argument to list only the TURN session(s) of the specified$user
name. - Support running eturnal without the
Erlang Port Mapper Daemon (EPMD) by specifying the environment variable
ERL_DIST_PORT
(requires at least Erlang/OTP 23.1 and Rebar3 3.18.0).
changed-2
Changed
- Binary release: Run eturnal without EPMD (as described above).
fixed-3
Fixed
- Don't log bogus error messages if no eturnal modules are enabled when using Erlang/OTP version 21.0, 21.1, or 21.2.
- Binary release: Don't let Erlang/OTP link against libnsl.so.1, which is no longer shipped by default on RedHat-based distributions, and isn't actually needed (#19).
1-7-0-2021-12-15
1.7.0 - 2021-12-15
added-1
Added
- Introduce the
listen
optionproxy_protocol
for enabling HAproxy protocol (version 1 and 2) support (#18).
changed-3
Changed
- Binary release: Update Erlang/OTP from 24.1.7 to 24.2.
- Binary release: Update OpenSSL from 1.1.1l to 1.1.1m.
- Binary release: Link
asn1
andcrypto
NIFs statically into BEAM. - Binary release: Reduce size by a few MiB by omitting a test suite file.
- Binary release: Don't forget to strip ERTS binaries.
fixed-4
Fixed
- Don't crash when multiple
secret
s are configured on Erlang/OTP 23 or later.
1-6-0-2021-12-04
1.6.0 - 2021-12-04
added-2
Added
- Add
eturnalctl credentials
andeturnalctl password
commands for generating ephemeral TURN credentials. - Support the
listen
optiontransport: auto
for accepting unencrypted TCP and TLS connections on the same port (thanks to Annika Hannig). Requires Erlang/OTP 23 or later.
changed-4
Changed
- Binary release: Update Erlang/OTP from 24.1.4 to 24.1.7.
1-5-0-2021-11-02
1.5.0 - 2021-11-02
added-3
Added
- Allow for specifying a list of shared secrets in order to facilitate key rollover (#16).
- Improve UDP receive performance.
- Reduce risk of UDP packet loss.
changed-5
Changed
- Binary release: Update Erlang/OTP from 24.1.2 to 24.1.4.
fixed-5
Fixed
- Handle the case where a
tls_crt_file
but notls_key_file
is specified (by assuming thetls_crt_file
includes both the certificate and the key). - Don't forget to check for new PEM files on reload if the configuration wasn't modified (#17).
1-4-6-2021-10-11
1.4.6 - 2021-10-11
changed-6
Changed
- Don't abort (but log an appropriate warning) if TURN is enabled without a shared secret.
- Drop the runtime dependency on the
openssl
command for generating self-signed certificates. - Binary release: Update Erlang/OTP from 23.2 to 24.1.2.
- Binary release: Update OpenSSL from 1.1.1i to 1.1.1l.
removed
Removed
- Drop the
mod_example
module.
1-4-5-2021-01-28
1.4.5 - 2021-01-28
changed-7
Changed
- Don't include timestamp when logging to the systemd journal.
fixed-6
Fixed
- Let
eturnalctl sessions
cope with non-latin characters in user names. - Binary release: Let
eturnalctl remote_console
actually connect to the running eturnal instance.
1-4-4-2021-01-21
1.4.4 - 2021-01-21
changed-8
Changed
- Reject Teredo and 6to4 peers unconditionally.
- Reject 0.0.0.0/8 and ::/128 peers unconditionally.
fixed-7
Fixed
- Never request certificates from TLS clients.
1-4-3-2020-12-16
1.4.3 - 2020-12-16
changed-9
Changed
- Binary release: Update Erlang/OTP from 22.2 to 23.2.
- Binary release: Update OpenSSL from 1.1.1g to 1.1.1i.
fixed-8
Fixed
- Don't log stack traces if clients attempt authentication while TURN is disabled.
1-4-2-2020-11-04
1.4.2 - 2020-11-04
changed-10
Changed
- Make sure the
eturnal.yml
file isn't installed world-readable, as it might contain the shared TURN secret (#10).
1-4-1-2020-09-09
1.4.1 - 2020-09-09
fixed-9
Fixed
- Fix systemd watchdog interval recalculation during configuration reloads.
1-4-0-2020-09-06
1.4.0 - 2020-09-06
added-4
Added
- Add
mod_log_stun
for logging STUN requests. Without this module, they will now only show up in the debug log output. - Add list of TURN permissions to the
eturnalctl sessions
output.
changed-11
Changed
- Always log reason for TCP/TLS connection termination (at info level).
- Omit Erlang process ID from log messages (now that a session ID is logged).
fixed-10
Fixed
- Make the
eturnalctl sessions
command work with recent versions of thestun
application.
1-3-0-2020-08-26
1.3.0 - 2020-08-26
added-5
Added
- Add
eturnalctl info
command, which prints some details regarding the running eturnal instance. - Add the TURN session duration to the
eturnalctl sessions
output. - Document the module API for developers.
changed-12
Changed
- Refactor the module API to avoid bottlenecks.
1-2-1-2020-08-16
1.2.1 - 2020-08-16
fixed-11
Fixed
- Strip the BEAM files shipped with the binary release. Due to a bug in the build tooling, this didn't happen for the previous release.
1-2-0-2020-08-16
1.2.0 - 2020-08-16
added-6
Added
- Add experimental support for modules and include a
mod_example
with the source code. The APIs aren't documented yet and may change in the future. - Include
mod_stats_influx
, a module for logging STUN/TURN events/statistics to InfluxDB (contributed by Marc Schink).
1-1-0-2020-07-22
1.1.0 - 2020-07-22
added-7
Added
- Add
eturnalctl session
command, which lists some details about the currently active TURN sessions.
changed-13
Changed
- Append session ID, transport, username, and client IP addresses/ports to STUN/TURN log messages.
- Append relay/peer IP addresses/ports to TURN log messages.
- Log amount of relayed traffic per TURN session.
- Log plain STUN (Binding) responses.
- Log more info level messages during TURN sessions.
- Log error responses sent to STUN/TURN clients.
fixed-12
Fixed
- Make configuration reloads performed after changing the
listen
configuration more robust against timing issues. - Let eturnalctl commands that query the running node fail gracefully if eturnal isn't running.
1-0-0-2020-07-13
1.0.0 - 2020-07-13
added-8
Added
- Allow for setting the
log_dir
option to the special valuestdout
, which tells eturnal to print log messages to the standard output rather than logging to a file. - Publish DEB and RPM packages, and adjust the documentation accordingly.
changed-14
Changed
- Allow for binding to privileged ports (if started via systemd).
- Disable TURN support in the example configuration file.
- If the distribution provides an
epmd.service
, make sure eturnal uses it rather than starting its own EPMD instance. - Don't bind EPMD to 127.0.0.1 by default.
fixed-13
Fixed
- Only signal readiness to systemd if eturnal's startup actually was successful.
0-8-0-2020-07-08
0.8.0 - 2020-07-08
added-9
Added
- Support systemd's
notify
startup type. - Support systemd's service watchdog feature.
changed-15
Changed
- Remove
max_allocations
option from the documentation and from the example configuration. Thestun
application currently ignores this option, and it's not all that useful with ephemeral TURN credentials anyway.
fixed-14
Fixed
- Don't ignore the
log_level
option when the configuration is reloaded.
0-7-0-2020-07-07
0.7.0 - 2020-07-07
added-10
Added
- Ship documentation and license with binary release archive.
- Add reference documentation which can be built by calling
rebar3 edoc
within the source directory. - Allow for starting up eturnal without release boot file by calling a command
such as
erl -conf file '"/etc/eturnal.yml"' -s eturnal
(assuming the BEAM files are in the code path).
changed-16
Changed
- Refuse TURN relaying from/to loopback addresses by default.
0-6-0-2020-07-02
0.6.0 - 2020-07-02
added-11
Added
- Include an example init script for non-systemd platforms.
changed-17
Changed
- Log more (and improved) info and debug level messages.
- Allow for starting up eturnal without configured secret if TURN is disabled.
0-5-0-2020-06-30
0.5.0 - 2020-06-30
added-12
Added
- Let
eturnalctl version
print the version string of the running release. - Add an initial version of a test suite.
changed-18
Changed
- Allow non-root users to run the eturnalctl script if they have eturnal's Erlang cookie.
- Make the release directory freely relocatable.
0-4-0-2020-06-28
0.4.0 - 2020-06-28
fixed-15
Fixed
- Fix TURN authentication on Erlang/OTP versions older than 22.1.
0-3-0-2020-06-28
0.3.0 - 2020-06-28
changed-19
Changed
- Change systemd service type in order to support systemd versions older than 240.
fixed-16
Fixed
- Make sure the eturnalctl script can be invoked by the superuser.
- Fix compatibility with Erlang/OTP 21.0, 21.1, and 21.2.
0-2-0-2020-06-25
0.2.0 - 2020-06-25
changed-20
Changed
- Add Erlang process ID to log messages.
0-1-0-2020-06-24
0.1.0 - 2020-06-24
changed-21
Changed
- Allow for configuring the same (port, transport) combination on different IP addresses.
fixed-17
Fixed
- Fix parameter expansion in eturnalctl script which prevented eturnal from starting up.
- In the README section that describes building from source, don't forget to mention that rebar3 needs to be made executable.
0-0-1-2020-06-23
0.0.1 - 2020-06-23
added-13
Added
- Initial (pre-)release of the eturnal STUN/TURN server.