Make sure resp.Username is defined before hashing. Fixes #2356 (#2357)

Co-authored-by: Jason Quigley <jason@onecha.net>
This commit is contained in:
fcwoknhenuxdfiyv-nextcloud 2022-04-19 10:46:54 +02:00 committed by GitHub
parent 57e3622b85
commit abf71649b0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -52,6 +52,7 @@ func RequestTurnServer(req *http.Request, device *api.Device, cfg *config.Client
if turnConfig.SharedSecret != "" { if turnConfig.SharedSecret != "" {
expiry := time.Now().Add(duration).Unix() expiry := time.Now().Add(duration).Unix()
resp.Username = fmt.Sprintf("%d:%s", expiry, device.UserID)
mac := hmac.New(sha1.New, []byte(turnConfig.SharedSecret)) mac := hmac.New(sha1.New, []byte(turnConfig.SharedSecret))
_, err := mac.Write([]byte(resp.Username)) _, err := mac.Write([]byte(resp.Username))
@ -60,7 +61,6 @@ func RequestTurnServer(req *http.Request, device *api.Device, cfg *config.Client
return jsonerror.InternalServerError() return jsonerror.InternalServerError()
} }
resp.Username = fmt.Sprintf("%d:%s", expiry, device.UserID)
resp.Password = base64.StdEncoding.EncodeToString(mac.Sum(nil)) resp.Password = base64.StdEncoding.EncodeToString(mac.Sum(nil))
} else if turnConfig.Username != "" && turnConfig.Password != "" { } else if turnConfig.Username != "" && turnConfig.Password != "" {
resp.Username = turnConfig.Username resp.Username = turnConfig.Username