From b4579949e14ae8182c8f349c9c7535140c2e666c Mon Sep 17 00:00:00 2001
From: Juliusz Chroboczek <jch@irif.fr>
Date: Wed, 11 May 2022 02:17:02 +0200
Subject: [PATCH] Fix the zero value of ICECredentialType

Ensure that the zero value of ICECredentialType is password.
---
 icecredentialtype.go      | 20 ++++++++------------
 icecredentialtype_test.go | 10 ++++++----
 iceserver.go              | 16 ++++++++--------
 iceserver_test.go         |  9 +++++++++
 peerconnection_js.go      |  6 +++++-
 5 files changed, 36 insertions(+), 25 deletions(-)

diff --git a/icecredentialtype.go b/icecredentialtype.go
index ef51a32ad5e..b16a5d5cfc6 100644
--- a/icecredentialtype.go
+++ b/icecredentialtype.go
@@ -12,7 +12,7 @@ type ICECredentialType int
 const (
 	// ICECredentialTypePassword describes username and password based
 	// credentials as described in https://tools.ietf.org/html/rfc5389.
-	ICECredentialTypePassword ICECredentialType = iota + 1
+	ICECredentialTypePassword ICECredentialType = iota
 
 	// ICECredentialTypeOauth describes token based credential as described
 	// in https://tools.ietf.org/html/rfc7635.
@@ -25,21 +25,19 @@ const (
 	iceCredentialTypeOauthStr    = "oauth"
 )
 
-func newICECredentialType(raw string) ICECredentialType {
+func newICECredentialType(raw string) (ICECredentialType, error) {
 	switch raw {
 	case iceCredentialTypePasswordStr:
-		return ICECredentialTypePassword
+		return ICECredentialTypePassword, nil
 	case iceCredentialTypeOauthStr:
-		return ICECredentialTypeOauth
+		return ICECredentialTypeOauth, nil
 	default:
-		return ICECredentialType(Unknown)
+		return ICECredentialTypePassword, errInvalidICECredentialTypeString
 	}
 }
 
 func (t ICECredentialType) String() string {
 	switch t {
-	case Unknown:
-		return ""
 	case ICECredentialTypePassword:
 		return iceCredentialTypePasswordStr
 	case ICECredentialTypeOauth:
@@ -52,15 +50,13 @@ func (t ICECredentialType) String() string {
 // UnmarshalJSON parses the JSON-encoded data and stores the result
 func (t *ICECredentialType) UnmarshalJSON(b []byte) error {
 	var val string
-	var tmp ICECredentialType
 	if err := json.Unmarshal(b, &val); err != nil {
 		return err
 	}
 
-	tmp = newICECredentialType(val)
-
-	if (tmp == ICECredentialType(Unknown)) && (val != "") {
-		return fmt.Errorf("%w: (%s)", errInvalidICECredentialTypeString, val)
+	tmp, err := newICECredentialType(val)
+	if err != nil {
+		return fmt.Errorf("%w: (%s)", err, val)
 	}
 
 	*t = tmp
diff --git a/icecredentialtype_test.go b/icecredentialtype_test.go
index a6fb4985f98..42647710e8a 100644
--- a/icecredentialtype_test.go
+++ b/icecredentialtype_test.go
@@ -17,9 +17,10 @@ func TestNewICECredentialType(t *testing.T) {
 	}
 
 	for i, testCase := range testCases {
+		tpe, err := newICECredentialType(testCase.credentialTypeString)
+		assert.NoError(t, err)
 		assert.Equal(t,
-			testCase.expectedCredentialType,
-			newICECredentialType(testCase.credentialTypeString),
+			testCase.expectedCredentialType, tpe,
 			"testCase: %d %v", i, testCase,
 		)
 	}
@@ -53,9 +54,10 @@ func TestICECredentialType_new(t *testing.T) {
 	}
 
 	for i, testCase := range testCases {
+		tpe, err := newICECredentialType(testCase.expectedString)
+		assert.NoError(t, err)
 		assert.Equal(t,
-			newICECredentialType(testCase.expectedString),
-			testCase.credentialType,
+			tpe, testCase.credentialType,
 			"testCase: %d %v", i, testCase,
 		)
 	}
diff --git a/iceserver.go b/iceserver.go
index a1d3be1b892..c9a9bc6b730 100644
--- a/iceserver.go
+++ b/iceserver.go
@@ -123,17 +123,19 @@ func (s *ICEServer) iceserverUnmarshalFields(m map[string]interface{}) error {
 	}
 	if val, ok := m["credentialType"]; ok {
 		ct, ok := val.(string)
-		if !ok || (newICECredentialType(ct) == ICECredentialType(Unknown)) {
+		if !ok {
 			return errInvalidICEServer
 		}
-		s.CredentialType = newICECredentialType(ct)
+		tpe, err := newICECredentialType(ct)
+		if err != nil {
+			return err
+		}
+		s.CredentialType = tpe
 	} else {
-		s.CredentialType = ICECredentialType(Unknown)
+		s.CredentialType = ICECredentialTypePassword
 	}
 	if val, ok := m["credential"]; ok {
 		switch s.CredentialType {
-		case ICECredentialType(Unknown):
-			s.Credential = val
 		case ICECredentialTypePassword:
 			s.Credential = val
 		case ICECredentialTypeOauth:
@@ -172,8 +174,6 @@ func (s ICEServer) MarshalJSON() ([]byte, error) {
 	if s.Credential != nil {
 		m["credential"] = s.Credential
 	}
-	if s.CredentialType != ICECredentialType(Unknown) {
-		m["credentialType"] = s.CredentialType
-	}
+	m["credentialType"] = s.CredentialType
 	return json.Marshal(m)
 }
diff --git a/iceserver_test.go b/iceserver_test.go
index 94e223748ad..4814f8d7251 100644
--- a/iceserver_test.go
+++ b/iceserver_test.go
@@ -112,3 +112,12 @@ func TestICEServer_validate(t *testing.T) {
 		}
 	})
 }
+
+func TestICEServerZeroValue(t *testing.T) {
+	server := ICEServer{
+		URLs:       []string{"turn:galene.org:1195"},
+		Username:   "galene",
+		Credential: "secret",
+	}
+	assert.Equal(t, server.CredentialType, ICECredentialTypePassword)
+}
diff --git a/peerconnection_js.go b/peerconnection_js.go
index 4b0d538e92f..71d2e9d2868 100644
--- a/peerconnection_js.go
+++ b/peerconnection_js.go
@@ -640,12 +640,16 @@ func valueToICECredential(iceCredentialValue js.Value) interface{} {
 }
 
 func valueToICEServer(iceServerValue js.Value) ICEServer {
+	tpe, err := newICECredentialType(valueToStringOrZero(iceServerValue.Get("credentialType")))
+	if err != nil {
+		tpe = ICECredentialTypePassword
+	}
 	s := ICEServer{
 		URLs:     valueToStrings(iceServerValue.Get("urls")), // required
 		Username: valueToStringOrZero(iceServerValue.Get("username")),
 		// Note: Credential and CredentialType are not currently supported.
 		Credential:     valueToICECredential(iceServerValue.Get("credential")),
-		CredentialType: newICECredentialType(valueToStringOrZero(iceServerValue.Get("credentialType"))),
+		CredentialType: tpe,
 	}
 
 	// default to password