Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

integrity check failed #364

Open
shanjunmei opened this issue Jan 2, 2024 · 9 comments
Open

integrity check failed #364

shanjunmei opened this issue Jan 2, 2024 · 9 comments

Comments

@shanjunmei
Copy link

shanjunmei commented Jan 2, 2024

Your environment.

  • Version: Release or SHA
  • Browser: include version
  • Other Information - stacktraces, related issues, suggestions how to fix, links for us to have context

What did you do?

I created a service according to the code in the example, and always got the result that the integrity check failed.

var users = "user=pass"
usersMap := map[string][]byte{}
for _, kv := range regexp.MustCompile(`(\w+)=(\w+)`).FindAllStringSubmatch(users, -1) {
	usersMap[kv[1]] = turn.GenerateAuthKey(kv[1], realm, kv[2])
}
var authHandler = func(username string, realm string, srcAddr net.Addr) ([]byte, bool) {
	if key, ok := usersMap[username]; ok {
		return key, true
	}
	return nil, false
}
s, err := turn.NewServer(turn.ServerConfig{
	Realm: realm,
	// Set AuthHandler callback
	// This is called every time a user tries to authenticate with the TURN server
	// Return the key for that user, or false when no user is found
	AuthHandler: authHandler,
	// PacketConnConfigs is a list of UDP Listeners and the configuration around them
	PacketConnConfigs: []turn.PacketConnConfig{
		{
			PacketConn: udpListener,
			RelayAddressGenerator: &turn.RelayAddressGeneratorStatic{
				RelayAddress: net.ParseIP(publicIP), // Claim that we are listening on IP passed by user (This should be your Public IP)
				Address:      "0.0.0.0",             // But actually be listening on every interface
				//	MinPort:      32355,
				//	MaxPort:      65535,
			},
		},
	},
}

What did you expect?

Hope it works as expected

What happened?

turn ERROR: 2024/01/02 08:53:43 Failed to handle datagram: failed to handle Allocate-request from 8.244.68.36:55549: integrity check failed
@rg0now
Copy link
Contributor

rg0now commented Jan 2, 2024

I'm afraid we need more info. Which client did you use? How did you specify the username/password on the client side? Did you try the example server and client code? (This works like charm on my side.)

My first guess would be that you're not setting the client side credentials correctly, but this is just a guess. (Tracking this down would be much easier if our example codes contained proper logging, which they do not.)

@shanjunmei
Copy link
Author

I'm afraid we need more info. Which client did you use? How did you specify the username/password on the client side? Did you try the example server and client code? (This works like charm on my side.)

My first guess would be that you're not setting the client side credentials correctly, but this is just a guess. (Tracking this down would be much easier if our example codes contained proper logging, which they do not.)

I'm making a call through webrtc's api in the browser, and I'm not quite sure how to look at the client version. I only used the server-related code in the example and did not use the code in the client.

@shanjunmei
Copy link
Author

shanjunmei commented Jan 2, 2024

const configuration = {'iceServers': [{'urls': 'stun:xx.com:3478'}]}
rtcConnObject = new RTCPeerConnection(configuration);

The client code looks like this, it is pure js. In addition, the code I posted is not the latest code. The latest code actually also sets the credentials and turn url.

@rg0now
Copy link
Contributor

rg0now commented Jan 2, 2024

Is your actual ICE server config something like this?

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        password: "my-password"
    }]
};

ps: Please use proper markdown code blocks when copy-pasting code.

@shanjunmei
Copy link
Author

shanjunmei commented Jan 2, 2024

Is your actual ICE server config something like this?

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        password: "my-password"
    }]
};

ps: Please use proper markdown code blocks when copy-pasting code.

Sorry, please correct me, the password field should be credential

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        credential: "my-password",
       credentialType:"password"
    }]
};

@shanjunmei
Copy link
Author

Is your actual ICE server config something like this?

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        password: "my-password"
    }]
};

ps: Please use proper markdown code blocks when copy-pasting code.
Except for password, which is actually credential, everything else is the same.

@shanjunmei
Copy link
Author

Is your actual ICE server config something like this?

const configuration = {
    "iceServers": [{
        urls: "turn:video.staging.robotmanager.com:3478",
        username: "my-username",
        password: "my-password"
    }]
};

ps: Please use proper markdown code blocks when copy-pasting code.

You can reproduce it directly using this tool
https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

@samshdn
Copy link

samshdn commented Jan 11, 2025

I am also using pion and have encountered the same issue. When I run the official server & client example, the client side can get an output: relayed-address=192.168..:62309. However, when testing this server from https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/, the server side shows a runtime message: integrity check failed. I have been investigating this problem for two days and still haven't found the root cause.

@samshdn
Copy link

samshdn commented Jan 11, 2025

Addition: If I provide an incorrect username or password in the official client code, the server code also outputs integrity check failed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

3 participants