Accepting request 1083949 from network:telephony

OBS-URL: https://build.opensuse.org/request/show/1083949
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coturn?expand=0&rev=14

coturn-4.6.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8fba86e593ed74adc46e002e925cccff2819745371814f42465fbe717483f1d8
-size 474757

coturn-4.6.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:13f2a38b66cffb73d86b5ed24acba4e1371d738d758a6039e3a18f0c84c176ad
+size 506275

coturn-no-FIPS-140-mode.patch

@@ -1,31 +0,0 @@
-From: Nicholas Guriev <guriev-ns@ya.ru>
-Date: Thu, 02 Jun 2022 12:34:17 +0300
-Subject: Do not check FIPS 140 mode
- It is not available in OpenSSL as packaged in Debian. The OPENSSL_FIPS macro
- appeared in ancient OpenSSL sources but was never defined.
- https://sources.debian.org/src/openssl/1.1.1n-0%2Bdeb11u2/crypto/o_fips.c/
-
----
- src/client/ns_turn_msg.c |    4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
---- a/src/client/ns_turn_msg.c
-+++ b/src/client/ns_turn_msg.c
-@@ -244,7 +244,7 @@ int stun_produce_integrity_key_str(const
- 		unsigned int keylen = 0;
- 		EVP_MD_CTX ctx;
- 		EVP_MD_CTX_init(&ctx);
--#if defined EVP_MD_CTX_FLAG_NON_FIPS_ALLOW && !defined(LIBRESSL_VERSION_NUMBER)
-+#ifdef OPENSSL_FIPS
- 		if (FIPS_mode()) {
- 			EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- 		}
-@@ -256,7 +256,7 @@ int stun_produce_integrity_key_str(const
- #else
- 		unsigned int keylen = 0;
- 		EVP_MD_CTX *ctx = EVP_MD_CTX_new();
--#if defined EVP_MD_CTX_FLAG_NON_FIPS_ALLOW && ! defined(LIBRESSL_VERSION_NUMBER)
-+#ifdef OPENSSL_FIPS
- 		if (FIPS_mode()) {
- 			EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- 		}

coturn.changes

@@ -1,3 +1,34 @@
+-------------------------------------------------------------------
+Tue May  2 05:19:33 UTC 2023 - Carsten Ziepke <kieltux@gmail.com>
+
+- Update to 4.6.2
+  * Make sure microhttpd starts using epoll if supported
+  * Add sessioncount to prometheus metrics
+  * Add STUN request/response/error prometheus counters
+  * Cleanup logs on turnserver start
+  * Fix duplicate stdout log output
+  * Log threadId to logs to aid in multi-threaded debugging
+  * Optional build info compiled into turnserver binary
+  * Fix arguments expansion in docker-entrypoint.sh
+  * Santise database connection strings before printing to log
+  * Support Windows MSVC
+  * Add configuration option for TLS 1.3 ciphersuites
+  * Improve openssl3 and FIPS support
+  * Use single SSL_CTX for TLS and DTLS support
+  * Update openssl API use to non-deprecated version
+  * Set string bytes to null to prevent random origin
+  * Fix memory corruption on socket close
+  * Fix packet backlog fifo that processed packets in reverse
+    order in some scenarios
+  * Fix off-by-one when terminating gcm_nonce
+  * Fixes to Redis memleaks and socketleaks
+  * Fix malformed response to mobility refresh request
+  * Fuzzing support
+  * Ignore raw UDP if no_udp is enabled
+  * Better detect availability of SCTP protocol
+- Drop coturn-no-FIPS-140-mode.patch, fixed upstream, see
+  https://github.com/coturn/coturn/issues/1170
+
 -------------------------------------------------------------------
 Mon Mar  6 17:09:44 UTC 2023 - Carsten Ziepke <kieltux@gmail.com>
 

coturn.spec

@@ -24,7 +24,7 @@
 %endif
 %bcond_without  apparmor
 Name:           coturn
-Version:        4.6.1
+Version:        4.6.2
 Release:        0
 Summary:        TURN and STUN server for VoIP
 License:        BSD-3-Clause
@@ -40,8 +40,6 @@ Source6:        %{name}.firewalld
 Source7:        README.SUSE
 Source8:        %{name}-apparmor-usr.bin.turnserver
 Source9:        %{name}@.service
-# PATCH-FIX-UPSTREAM - coturn-no-FIPS-140-mode.patch - see https://github.com/coturn/coturn/pull/916/commits/518094e0d30bb04364b6751841cd55172a33b539
-Patch0:         coturn-no-FIPS-140-mode.patch
 BuildRequires:  fdupes
 BuildRequires:  firewall-macros
 BuildRequires:  libevent-devel >= 2.0.0