From abf71649b0a27ddc564105f94db270696698ecd5 Mon Sep 17 00:00:00 2001 From: fcwoknhenuxdfiyv-nextcloud <84577563+fcwoknhenuxdfiyv@users.noreply.github.com> Date: Tue, 19 Apr 2022 10:46:54 +0200 Subject: [PATCH] Make sure resp.Username is defined before hashing. Fixes #2356 (#2357) Co-authored-by: Jason Quigley --- clientapi/routing/voip.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clientapi/routing/voip.go b/clientapi/routing/voip.go index 13dca7ac..c7ddaabc 100644 --- a/clientapi/routing/voip.go +++ b/clientapi/routing/voip.go @@ -52,6 +52,7 @@ func RequestTurnServer(req *http.Request, device *api.Device, cfg *config.Client if turnConfig.SharedSecret != "" { expiry := time.Now().Add(duration).Unix() + resp.Username = fmt.Sprintf("%d:%s", expiry, device.UserID) mac := hmac.New(sha1.New, []byte(turnConfig.SharedSecret)) _, err := mac.Write([]byte(resp.Username)) @@ -60,7 +61,6 @@ func RequestTurnServer(req *http.Request, device *api.Device, cfg *config.Client return jsonerror.InternalServerError() } - resp.Username = fmt.Sprintf("%d:%s", expiry, device.UserID) resp.Password = base64.StdEncoding.EncodeToString(mac.Sum(nil)) } else if turnConfig.Username != "" && turnConfig.Password != "" { resp.Username = turnConfig.Username