diff --git a/internal/client/periodic_timer_test.go b/internal/client/periodic_timer_test.go index d77a16b3..03fa71fe 100644 --- a/internal/client/periodic_timer_test.go +++ b/internal/client/periodic_timer_test.go @@ -34,7 +34,7 @@ func TestPeriodicTimer(t *testing.T) { time.Sleep(120 * time.Millisecond) rt.Stop() assert.False(t, rt.IsRunning(), "should not be running") - assert.Equal(t, 4, int(atomic.LoadUint64(&nCbs)), "should be called 4 times (actual: %d)", atomic.LoadUint64(&nCbs)) + assert.Equal(t, 4, int(atomic.LoadUint64(&nCbs)), "should be called 4 times (actual: %d)", atomic.LoadUint64(&nCbs)) //nolint:gosec }) t.Run("stop inside handler", func(t *testing.T) { diff --git a/internal/proto/chandata.go b/internal/proto/chandata.go index df937119..e4eee622 100644 --- a/internal/proto/chandata.go +++ b/internal/proto/chandata.go @@ -90,7 +90,7 @@ func (c *ChannelData) WriteHeader() { _ = c.Raw[:channelDataHeaderSize] binary.BigEndian.PutUint16(c.Raw[:channelDataNumberSize], uint16(c.Number)) binary.BigEndian.PutUint16(c.Raw[channelDataNumberSize:channelDataHeaderSize], - uint16(len(c.Data)), + uint16(len(c.Data)), //nolint:gosec ) } diff --git a/internal/server/nonce.go b/internal/server/nonce.go index b3f3131e..d6ba3207 100644 --- a/internal/server/nonce.go +++ b/internal/server/nonce.go @@ -37,7 +37,7 @@ type NonceHash struct { // Generate a nonce func (n *NonceHash) Generate() (string, error) { nonce := make([]byte, 8, nonceLength) - binary.BigEndian.PutUint64(nonce, uint64(time.Now().UnixMilli())) + binary.BigEndian.PutUint64(nonce, uint64(time.Now().UnixMilli())) //nolint:gosec hash := hmac.New(sha256.New, n.key) if _, err := hash.Write(nonce[:8]); err != nil { @@ -55,7 +55,7 @@ func (n *NonceHash) Validate(nonce string) error { return fmt.Errorf("%w: %v", errInvalidNonce, err) //nolint:errorlint } - if ts := time.UnixMilli(int64(binary.BigEndian.Uint64(b))); time.Since(ts) > nonceLifetime { + if ts := time.UnixMilli(int64(binary.BigEndian.Uint64(b))); time.Since(ts) > nonceLifetime { //nolint:gosec return errInvalidNonce } diff --git a/internal/server/turn.go b/internal/server/turn.go index 52b83a01..b3e972bc 100644 --- a/internal/server/turn.go +++ b/internal/server/turn.go @@ -127,15 +127,11 @@ func handleAllocateRequest(r Request, m *stun.Message) error { // client to a different server. The use of this error code and // attribute follow the specification in [RFC5389]. lifetimeDuration := allocationLifeTime(m) - usernameAttr := &stun.Username{} + // Already checked realm/username in authenticateRequest realmAttr := &stun.Realm{} - if err := realmAttr.GetFrom(m); err != nil { - return buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...) - } - if err := usernameAttr.GetFrom(m); err != nil { - return buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...) - } - + _ = realmAttr.GetFrom(m) + usernameAttr := &stun.Username{} + _ = usernameAttr.GetFrom(m) a, err := r.AllocationManager.CreateAllocation( fiveTuple, r.Conn, diff --git a/lt_cred.go b/lt_cred.go index 42466c38..bd3197f1 100644 --- a/lt_cred.go +++ b/lt_cred.go @@ -79,7 +79,7 @@ func LongTermTURNRESTAuthHandler(sharedSecret string, l logging.LeveledLogger) A l = logging.NewDefaultLoggerFactory().NewLogger("turn") } return func(username, realm string, srcAddr net.Addr) (key []byte, ok bool) { - l.Tracef("Authentication username=%q realm=%q srcAddr=%v\n", username, realm, srcAddr) + l.Tracef("Authentication username=%q realm=%q srcAddr=%v", username, realm, srcAddr) timestamp := strings.Split(username, ":")[0] t, err := strconv.Atoi(timestamp) if err != nil { diff --git a/relay_address_generator_range.go b/relay_address_generator_range.go index d87a57f9..8ebf55d2 100644 --- a/relay_address_generator_range.go +++ b/relay_address_generator_range.go @@ -84,7 +84,7 @@ func (r *RelayAddressGeneratorPortRange) AllocatePacketConn(network string, requ } for try := 0; try < r.MaxRetries; try++ { - port := r.MinPort + uint16(r.Rand.Intn(int((r.MaxPort+1)-r.MinPort))) + port := r.MinPort + uint16(r.Rand.Intn(int((r.MaxPort+1)-r.MinPort))) //nolint:gosec conn, err := r.Net.ListenPacket(network, fmt.Sprintf("%s:%d", r.Address, port)) if err != nil { continue diff --git a/server_config.go b/server_config.go index c313db06..bee560f9 100644 --- a/server_config.go +++ b/server_config.go @@ -120,7 +120,7 @@ type EventHandlers struct { // OnAllocationDeleted is called after an allocation has been removed. OnAllocationDeleted func(srcAddr, dstAddr net.Addr, protocol, username, realm string) // OnAllocationError is called when the readloop hdndling an allocation exits with an - // error wtih an error message. + // error with an error message. OnAllocationError func(srcAddr, dstAddr net.Addr, protocol, message string) // OnPermissionCreated is called after a new permission has been made to an IP address. OnPermissionCreated func(srcAddr, dstAddr net.Addr, protocol, username, realm string, peer net.IP) @@ -173,6 +173,7 @@ func genericEventHandler(handlers EventHandlers) allocation.EventHandler { handlers.OnChannelDeleted(arg.SrcAddr, arg.DstAddr, arg.Protocol.String(), arg.Username, arg.Realm, arg.PeerAddr, arg.ChannelNumber) } + default: } } } diff --git a/server_test.go b/server_test.go index 8080302b..19756df2 100644 --- a/server_test.go +++ b/server_test.go @@ -26,6 +26,7 @@ const ( timeout = 200 * time.Millisecond interval = 50 * time.Millisecond stunAddr = "1.2.3.4:3478" + turnAddr = "1.2.3.4:3478" ) func TestServer(t *testing.T) { @@ -513,11 +514,11 @@ func buildVNetWithServerEventHandlers(handlers *EventHandlers) (*VNet, error) { }, nil } -func expectEvent(ch chan allocation.EventHandlerArgs, d time.Duration) (allocation.EventHandlerArgs, bool) { +func expectEvent(ch chan allocation.EventHandlerArgs) (allocation.EventHandlerArgs, bool) { select { case res := <-ch: return res, true - case <-time.After(d): + case <-time.After(timeout): return allocation.EventHandlerArgs{}, false } } @@ -589,8 +590,6 @@ func TestServerVNet(t *testing.T) { assert.NoError(t, lconn.Close()) }() - turnAddr := "1.2.3.4:3478" - log.Debug("creating a client.") client, err := NewClient(&ClientConfig{ TURNServerAddr: turnAddr, @@ -608,7 +607,7 @@ func TestServerVNet(t *testing.T) { relayConn, err := client.Allocate() assert.NoError(t, err, "should succeed") - event, ok := expectEvent(events, timeout) + event, ok := expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnAuth, event.Type, "should receive an OnAuth event") udpAddr, ok := event.SrcAddr.(*net.UDPAddr) @@ -623,7 +622,7 @@ func TestServerVNet(t *testing.T) { assert.Equal(t, "Allocate", event.Method) assert.True(t, event.Verdict) - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnAllocationCreated, event.Type, "should receive an OnAllocationCreated event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -649,7 +648,7 @@ func TestServerVNet(t *testing.T) { _, err = relayConn.WriteTo([]byte("test"), peerAddr) assert.NoError(t, err, "should succeed") - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnAuth, event.Type, "should receive an OnAuth event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -664,7 +663,7 @@ func TestServerVNet(t *testing.T) { assert.Equal(t, "CreatePermission", event.Method) assert.True(t, event.Verdict) - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnPermissionCreated, event.Type, "should receive an OnPermissionCreated event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -682,7 +681,7 @@ func TestServerVNet(t *testing.T) { _, err = relayConn.WriteTo([]byte("test"), peerAddr) assert.NoError(t, err, "should succeed") - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnAuth, event.Type, "should receive an OnAuth event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -697,7 +696,7 @@ func TestServerVNet(t *testing.T) { assert.Equal(t, "ChannelBind", event.Method) assert.True(t, event.Verdict) - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnChannelCreated, event.Type, "should receive an OnChannelCreated event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -724,7 +723,7 @@ func TestServerVNet(t *testing.T) { log.Debug("Closing relay connection") assert.NoError(t, relayConn.Close(), "relay conn close should succeed") - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnAuth, event.Type, "should receive an OnAuth event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -739,7 +738,7 @@ func TestServerVNet(t *testing.T) { assert.Equal(t, "Refresh", event.Method) assert.True(t, event.Verdict) - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnPermissionDeleted, event.Type, "should receive an OnPermissionDeleted event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -753,7 +752,7 @@ func TestServerVNet(t *testing.T) { assert.Equal(t, "pion.ly", event.Realm) assert.True(t, net.ParseIP("1.2.3.5").Equal(event.PeerIP)) - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnChannelDeleted, event.Type, "should receive an OnChannelDeleted event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -767,7 +766,7 @@ func TestServerVNet(t *testing.T) { assert.Equal(t, "pion.ly", event.Realm) assert.Equal(t, channelBind.Number, proto.ChannelNumber(event.ChannelNumber)) - event, ok = expectEvent(events, timeout) + event, ok = expectEvent(events) assert.True(t, ok, "should receive an event") assert.Equal(t, allocation.OnAllocationDeleted, event.Type, "should receive an OnAllocationDeleted event") udpAddr, ok = event.SrcAddr.(*net.UDPAddr) @@ -818,8 +817,6 @@ func TestServerVNet(t *testing.T) { assert.NoError(t, lconn.Close()) }() - turnAddr := "1.2.3.4:3478" - log.Debug("creating a client.") client, err := NewClient(&ClientConfig{ TURNServerAddr: turnAddr, @@ -857,8 +854,6 @@ func TestServerVNet(t *testing.T) { assert.NoError(t, lconn.Close()) }() - turnAddr := "1.2.3.4:3478" - log.Debug("creating a client.") client, err := NewClient(&ClientConfig{ TURNServerAddr: turnAddr, @@ -906,15 +901,19 @@ func TestServerVNet(t *testing.T) { }, OnChannelCreated: func(srcAddr, dstAddr net.Addr, protocol, username, realm string, peer net.Addr, channelNumber uint16) { checkAllocation(srcAddr, dstAddr, protocol, username, realm) - assert.True(t, net.ParseIP("1.2.3.5").Equal(peerAddr.IP)) - assert.Equal(t, 80, peerAddr.Port) + addr, ok := peer.(*net.UDPAddr) + assert.True(t, ok) + assert.True(t, addr.IP.Equal(peerAddr.IP)) + assert.Equal(t, peerAddr.Port, addr.Port) assert.NotZero(t, channelNumber) channelCreated.Add(1) }, OnChannelDeleted: func(srcAddr, dstAddr net.Addr, protocol, username, realm string, peer net.Addr, channelNumber uint16) { checkAllocation(srcAddr, dstAddr, protocol, username, realm) - assert.True(t, net.ParseIP("1.2.3.5").Equal(peerAddr.IP)) - assert.Equal(t, 80, peerAddr.Port) + addr, ok := peer.(*net.UDPAddr) + assert.True(t, ok) + assert.True(t, addr.IP.Equal(peerAddr.IP)) + assert.Equal(t, peerAddr.Port, addr.Port) assert.NotZero(t, channelNumber) channelDeleted.Add(1) }, @@ -932,8 +931,6 @@ func TestServerVNet(t *testing.T) { assert.NoError(t, lconn.Close()) }() - turnAddr := "1.2.3.4:3478" - log.Debug("creating a client.") client, err := NewClient(&ClientConfig{ TURNServerAddr: turnAddr,