turn icon indicating copy to clipboard operation
turn copied to clipboard

Published 20 hours ago verified publisher icon pion

integrity check failed

Open shanjunmei opened this issue 7 months ago • 7 comments

Your environment.

  • Version: Release or SHA
  • Browser: include version
  • Other Information - stacktraces, related issues, suggestions how to fix, links for us to have context

What did you do?

I created a service according to the code in the example, and always got the result that the integrity check failed.

var users = "user=pass"
usersMap := map[string][]byte{}
for _, kv := range regexp.MustCompile(`(\w+)=(\w+)`).FindAllStringSubmatch(users, -1) {
	usersMap[kv[1]] = turn.GenerateAuthKey(kv[1], realm, kv[2])
}
var authHandler = func(username string, realm string, srcAddr net.Addr) ([]byte, bool) {
	if key, ok := usersMap[username]; ok {
		return key, true
	}
	return nil, false
}
s, err := turn.NewServer(turn.ServerConfig{
	Realm: realm,
	// Set AuthHandler callback
	// This is called every time a user tries to authenticate with the TURN server
	// Return the key for that user, or false when no user is found
	AuthHandler: authHandler,
	// PacketConnConfigs is a list of UDP Listeners and the configuration around them
	PacketConnConfigs: []turn.PacketConnConfig{
		{
			PacketConn: udpListener,
			RelayAddressGenerator: &turn.RelayAddressGeneratorStatic{
				RelayAddress: net.ParseIP(publicIP), // Claim that we are listening on IP passed by user (This should be your Public IP)
				Address:      "0.0.0.0",             // But actually be listening on every interface
				//	MinPort:      32355,
				//	MaxPort:      65535,
			},
		},
	},
}

What did you expect?

Hope it works as expected

What happened?

turn ERROR: 2024/01/02 08:53:43 Failed to handle datagram: failed to handle Allocate-request from 8.244.68.36:55549: integrity check failed

shanjunmei avatar Jan 02 '24 09:01 shanjunmei

I'm afraid we need more info. Which client did you use? How did you specify the username/password on the client side? Did you try the example server and client code? (This works like charm on my side.)

My first guess would be that you're not setting the client side credentials correctly, but this is just a guess. (Tracking this down would be much easier if our example codes contained proper logging, which they do not.)

rg0now avatar Jan 02 '24 10:01 rg0now

I'm afraid we need more info. Which client did you use? How did you specify the username/password on the client side? Did you try the example server and client code? (This works like charm on my side.)

My first guess would be that you're not setting the client side credentials correctly, but this is just a guess. (Tracking this down would be much easier if our example codes contained proper logging, which they do not.)

I'm making a call through webrtc's api in the browser, and I'm not quite sure how to look at the client version. I only used the server-related code in the example and did not use the code in the client.

shanjunmei avatar Jan 02 '24 11:01 shanjunmei 

const configuration = {'iceServers': [{'urls': 'stun:xx.com:3478'}]}
rtcConnObject = new RTCPeerConnection(configuration);

The client code looks like this, it is pure js. In addition, the code I posted is not the latest code. The latest code actually also sets the credentials and turn url.

shanjunmei avatar Jan 02 '24 11:01 shanjunmei

Is your actual ICE server config something like this?

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        password: "my-password"
    }]
};

ps: Please use proper markdown code blocks when copy-pasting code.

rg0now avatar Jan 02 '24 12:01 rg0now

Is your actual ICE server config something like this?

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        password: "my-password"
    }]
};

ps: Please use proper markdown code blocks when copy-pasting code.

Sorry, please correct me, the password field should be credential

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        credential: "my-password",
       credentialType:"password"
    }]
};

shanjunmei avatar Jan 02 '24 12:01 shanjunmei

Is your actual ICE server config something like this?

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        password: "my-password"
    }]
};

ps: Please use proper markdown code blocks when copy-pasting code. Except for password, which is actually credential, everything else is the same.

shanjunmei avatar Jan 03 '24 02:01 shanjunmei

Is your actual ICE server config something like this?

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        password: "my-password"
    }]
};

ps: Please use proper markdown code blocks when copy-pasting code.

You can reproduce it directly using this tool https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

shanjunmei avatar Jan 03 '24 05:01 shanjunmei