View Source Changelog
All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.
1.8.3 - 2022-05-12
- Specifying an
listenentries is no longer mandatory. The default value is now
- Make sure eturnal's
log_diris used for the additional log files created by
- Keep TURN session IDs unique across eturnal restarts.
- Binary release: Update Erlang/OTP from 24.2.2 to 24.3.4.
- Binary release: Update OpenSSL from 1.1.1m to 1.1.1o.
- Binary release: Update zlib from 1.2.11 to 1.2.12.
- Binary release: Use new (GCC-11.2-based) version of build toolchain.
- Binary release: Provide self-extracting installer for non-DEB/RPM systems.
- Windows: Don't fail to start up after reboot.
1.8.2 - 2022-03-02
- Use a (pseudo)random
- Improve autodetection of relay IP addresses used by default if the
relay_ipv6_addroptions aren't specified.
- Binary release: Update Erlang/OTP from 24.2 to 24.2.2.
- Don't crash without explicit
listenconfiguration. This bug was introduced with version 1.7.0.
- Don't crash if the configuration file is empty (i.e., has no
- Don't crash if TURN is enabled without a public IPv6 relay address being available.
1.8.1 - 2022-01-10
- Don't fail to handle the
$userargument of the
1.8.0 - 2022-01-10
- Allow for configuring TLS connection properties using the new
- Allow for specifying a
whitelistof IP addresses/subnets which will be accepted even if they would otherwise be rejected due to being matched by a
- Don't close active TURN sessions when ephemeral credentials expire, by
default. The new
strict_expiryoption allows for enabling the previous behavior.
eturnalctl disconnect $usercommand for closing any TURN session(s) of the specified
- Let the
eturnalctl sessionscommand accept an optional
$userargument to list only the TURN session(s) of the specified
- Support running eturnal without the
Erlang Port Mapper Daemon (EPMD) by specifying the environment variable
ERL_DIST_PORT(requires at least Erlang/OTP 23.1 and Rebar3 3.18.0).
- Binary release: Run eturnal without EPMD (as described above).
- Don't log bogus error messages if no eturnal modules are enabled when using Erlang/OTP version 21.0, 21.1, or 21.2.
- Binary release: Don't let Erlang/OTP link against libnsl.so.1, which is no longer shipped by default on RedHat-based distributions, and isn't actually needed (#19).
1.7.0 - 2021-12-15
- Introduce the
proxy_protocolfor enabling HAproxy protocol (version 1 and 2) support (#18).
- Binary release: Update Erlang/OTP from 24.1.7 to 24.2.
- Binary release: Update OpenSSL from 1.1.1l to 1.1.1m.
- Binary release: Link
cryptoNIFs statically into BEAM.
- Binary release: Reduce size by a few MiB by omitting a test suite file.
- Binary release: Don't forget to strip ERTS binaries.
- Don't crash when multiple
secrets are configured on Erlang/OTP 23 or later.
1.6.0 - 2021-12-04
eturnalctl passwordcommands for generating ephemeral TURN credentials.
- Support the
transport: autofor accepting unencrypted TCP and TLS connections on the same port (thanks to Annika Hannig). Requires Erlang/OTP 23 or later.
- Binary release: Update Erlang/OTP from 24.1.4 to 24.1.7.
1.5.0 - 2021-11-02
- Allow for specifying a list of shared secrets in order to facilitate key rollover (#16).
- Improve UDP receive performance.
- Reduce risk of UDP packet loss.
- Binary release: Update Erlang/OTP from 24.1.2 to 24.1.4.
- Handle the case where a
tls_key_fileis specified (by assuming the
tls_crt_fileincludes both the certificate and the key).
- Don't forget to check for new PEM files on reload if the configuration wasn't modified (#17).
1.4.6 - 2021-10-11
- Don't abort (but log an appropriate warning) if TURN is enabled without a shared secret.
- Drop the runtime dependency on the
opensslcommand for generating self-signed certificates.
- Binary release: Update Erlang/OTP from 23.2 to 24.1.2.
- Binary release: Update OpenSSL from 1.1.1i to 1.1.1l.
- Drop the
1.4.5 - 2021-01-28
- Don't include timestamp when logging to the systemd journal.
eturnalctl sessionscope with non-latin characters in user names.
- Binary release: Let
eturnalctl remote_consoleactually connect to the running eturnal instance.
1.4.4 - 2021-01-21
- Reject Teredo and 6to4 peers unconditionally.
- Reject 0.0.0.0/8 and ::/128 peers unconditionally.
- Never request certificates from TLS clients.
1.4.3 - 2020-12-16
- Binary release: Update Erlang/OTP from 22.2 to 23.2.
- Binary release: Update OpenSSL from 1.1.1g to 1.1.1i.
- Don't log stack traces if clients attempt authentication while TURN is disabled.
1.4.2 - 2020-11-04
- Make sure the
eturnal.ymlfile isn't installed world-readable, as it might contain the shared TURN secret (#10).
1.4.1 - 2020-09-09
- Fix systemd watchdog interval recalculation during configuration reloads.
1.4.0 - 2020-09-06
mod_log_stunfor logging STUN requests. Without this module, they will now only show up in the debug log output.
- Add list of TURN permissions to the
- Always log reason for TCP/TLS connection termination (at info level).
- Omit Erlang process ID from log messages (now that a session ID is logged).
- Make the
eturnalctl sessionscommand work with recent versions of the
1.3.0 - 2020-08-26
eturnalctl infocommand, which prints some details regarding the running eturnal instance.
- Add the TURN session duration to the
- Document the module API for developers.
- Refactor the module API to avoid bottlenecks.
1.2.1 - 2020-08-16
- Strip the BEAM files shipped with the binary release. Due to a bug in the build tooling, this didn't happen for the previous release.
1.2.0 - 2020-08-16
- Add experimental support for modules and include a
mod_examplewith the source code. The APIs aren't documented yet and may change in the future.
mod_stats_influx, a module for logging STUN/TURN events/statistics to InfluxDB (contributed by Marc Schink).
1.1.0 - 2020-07-22
eturnalctl sessioncommand, which lists some details about the currently active TURN sessions.
- Append session ID, transport, username, and client IP addresses/ports to STUN/TURN log messages.
- Append relay/peer IP addresses/ports to TURN log messages.
- Log amount of relayed traffic per TURN session.
- Log plain STUN (Binding) responses.
- Log more info level messages during TURN sessions.
- Log error responses sent to STUN/TURN clients.
- Make configuration reloads performed after changing the
listenconfiguration more robust against timing issues.
- Let eturnalctl commands that query the running node fail gracefully if eturnal isn't running.
1.0.0 - 2020-07-13
- Allow for setting the
log_diroption to the special value
stdout, which tells eturnal to print log messages to the standard output rather than logging to a file.
- Publish DEB and RPM packages, and adjust the documentation accordingly.
- Allow for binding to privileged ports (if started via systemd).
- Disable TURN support in the example configuration file.
- If the distribution provides an
epmd.service, make sure eturnal uses it rather than starting its own EPMD instance.
- Don't bind EPMD to 127.0.0.1 by default.
- Only signal readiness to systemd if eturnal's startup actually was successful.
0.8.0 - 2020-07-08
- Support systemd's
- Support systemd's service watchdog feature.
max_allocationsoption from the documentation and from the example configuration. The
stunapplication currently ignores this option, and it's not all that useful with ephemeral TURN credentials anyway.
- Don't ignore the
log_leveloption when the configuration is reloaded.
0.7.0 - 2020-07-07
- Ship documentation and license with binary release archive.
- Add reference documentation which can be built by calling
rebar3 edocwithin the source directory.
- Allow for starting up eturnal without release boot file by calling a command
erl -conf file '"/etc/eturnal.yml"' -s eturnal(assuming the BEAM files are in the code path).
- Refuse TURN relaying from/to loopback addresses by default.
0.6.0 - 2020-07-02
- Include an example init script for non-systemd platforms.
- Log more (and improved) info and debug level messages.
- Allow for starting up eturnal without configured secret if TURN is disabled.
0.5.0 - 2020-06-30
eturnalctl versionprint the version string of the running release.
- Add an initial version of a test suite.
- Allow non-root users to run the eturnalctl script if they have eturnal's Erlang cookie.
- Make the release directory freely relocatable.
0.4.0 - 2020-06-28
- Fix TURN authentication on Erlang/OTP versions older than 22.1.
0.3.0 - 2020-06-28
- Change systemd service type in order to support systemd versions older than 240.
- Make sure the eturnalctl script can be invoked by the superuser.
- Fix compatibility with Erlang/OTP 21.0, 21.1, and 21.2.
0.2.0 - 2020-06-25
- Add Erlang process ID to log messages.
0.1.0 - 2020-06-24
- Allow for configuring the same (port, transport) combination on different IP addresses.
- Fix parameter expansion in eturnalctl script which prevented eturnal from starting up.
- In the README section that describes building from source, don't forget to mention that rebar3 needs to be made executable.
0.0.1 - 2020-06-23
- Initial (pre-)release of the eturnal STUN/TURN server.