Update CI configs to v0.12.1

.golangci.yml

@@ -41,6 +41,7 @@ linters:
     - maintidx         # maintidx measures the maintainability index of each function.
     - makezero         # Finds slice declarations with non-zero initial length
     - misspell         # Finds commonly misspelled English words in comments
+    - modernize        # Replace and suggests simplifications to code
     - nakedret         # Finds naked returns in functions greater than a specified function length
     - nestif           # Reports deeply nested if statements
     - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.

client.go

@@ -40,7 +40,7 @@ type ClientConfig struct {
 	STUNServerAddr string // STUN server address (e.g. "stun.abc.com:3478")
 	TURNServerAddr string // TURN server address (e.g. "turn.abc.com:3478")
 	Username       string
-	Password       string
+	Password       string //nolint:gosec // runtime credential, not hardcoded.
 	Realm          string
 	Software       string
 	RTO            time.Duration

client_test.go

@@ -2,7 +2,6 @@
 // SPDX-License-Identifier: MIT
 
 //go:build !js
-// +build !js
 
 package turn
 
@@ -593,7 +592,7 @@ func TestTCPClientMultipleConns(t *testing.T) {
 		relayAddr, ok := allocation.Addr().(*net.TCPAddr)
 		assert.True(t, ok)
 
-		expectedMsg := []byte{0xDE, 0xAD, 0xBE, 0xEF, byte(i)}
+		expectedMsg := []byte{0xDE, 0xAD, 0xBE, 0xEF, byte(i)} //nolint:gosec // no overflow, test sample.
 		peerConn, peerErr := net.DialTCP("tcp4", nil, relayAddr)
 		assert.NoError(t, peerErr)
 
@@ -612,7 +611,7 @@ func TestTCPClientMultipleConns(t *testing.T) {
 		remotePeerListener, err := net.Listen("tcp4", "127.0.0.1:0") // nolint: noctx
 		assert.NoError(t, err)
 
-		expectedMsg := []byte{0xDE, 0xAD, 0xBE, 0xEF, byte(i)}
+		expectedMsg := []byte{0xDE, 0xAD, 0xBE, 0xEF, byte(i)} //nolint:gosec // no overflow, test sample.
 		wg.Add(1)
 		go func() {
 			defer wg.Done()
@@ -640,7 +639,7 @@ func TestTCPClientMultipleConns(t *testing.T) {
 		dialerConn, err := allocation.Dial("tcp4", remotePeerAddr.String())
 		assert.NoError(t, err)
 
-		expectedMsg := []byte{0xDE, 0xAD, 0xBE, 0xEF, byte(i)}
+		expectedMsg := []byte{0xDE, 0xAD, 0xBE, 0xEF, byte(i)} //nolint:gosec // no overflow, test sample.
 		_, err = dialerConn.Write(expectedMsg)
 		assert.NoError(t, err)
 
@@ -660,7 +659,7 @@ func TestTCPClientMultipleConns(t *testing.T) {
 			acceptorConn, err := allocation.Accept()
 			assert.NoError(t, err)
 
-			expectedMsg := []byte{0xDE, 0xAD, 0xBE, 0xEF, byte(i)}
+			expectedMsg := []byte{0xDE, 0xAD, 0xBE, 0xEF, byte(i)} //nolint:gosec // no overflow, test sample.
 			_, err = acceptorConn.Write(expectedMsg)
 			assert.NoError(t, err)
 
@@ -679,7 +678,7 @@ func TestTCPClientMultipleConns(t *testing.T) {
 	clientConns := []net.Conn{}
 	peerConns := []net.Conn{}
 	peerListeners := []net.Listener{}
-	for i := 0; i < 3; i += 1 {
+	for i := range 3 {
 		// client -> server -> peer
 		peerListener, peerAddr := runPeerAcceptor(ctx, i)
 		time.Sleep(time.Second)
@@ -697,7 +696,7 @@ func TestTCPClientMultipleConns(t *testing.T) {
 	wg.Wait()
 
 	// Shutdown
-	for i := 0; i < 3; i += 1 {
+	for i := range 3 {
 		assert.NoError(t, peerListeners[i].Close())
 		assert.NoError(t, peerConns[i].Close())
 		assert.NoError(t, clientConns[i].Close())

e2e/e2e_test.go

@@ -2,7 +2,6 @@
 // SPDX-License-Identifier: MIT
 
 //go:build !js
-// +build !js
 
 package e2e
 

examples/mutual-tls-auth/turn-client/main.go

@@ -199,7 +199,7 @@ func doPingTest(client *turn.Client, relayConn net.PacketConn) error { //nolint:
 	time.Sleep(500 * time.Millisecond)
 
 	// Send 10 packets from relayConn to the echo server
-	for i := 0; i < 10; i++ {
+	for range 10 {
 		msg := time.Now().Format(time.RFC3339Nano)
 		_, err = pingerConn.WriteTo([]byte(msg), relayConn.LocalAddr())
 		if err != nil {

examples/turn-client/ipv6/main.go

@@ -163,7 +163,7 @@ func doPingTest(client *turn.Client, relayConn net.PacketConn) error { //nolint:
 	time.Sleep(500 * time.Millisecond)
 
 	// Send 10 packets from relayConn to the echo server
-	for i := 0; i < 10; i++ {
+	for range 10 {
 		msg := time.Now().Format(time.RFC3339Nano)
 		_, err = pingerConn.WriteTo([]byte(msg), relayConn.LocalAddr())
 		if err != nil {

examples/turn-client/tcp/main.go

@@ -155,7 +155,7 @@ func doPingTest(client *turn.Client, relayConn net.PacketConn) error { //nolint:
 	time.Sleep(500 * time.Millisecond)
 
 	// Send 10 packets from relayConn to the echo server
-	for i := 0; i < 10; i++ {
+	for range 10 {
 		msg := time.Now().Format(time.RFC3339Nano)
 		_, err = pingerConn.WriteTo([]byte(msg), relayConn.LocalAddr())
 		if err != nil {

examples/turn-client/tls/main.go

@@ -186,7 +186,7 @@ func doPingTest(client *turn.Client, relayConn net.PacketConn) error { //nolint:
 	time.Sleep(500 * time.Millisecond)
 
 	// Send 10 packets from relayConn to the echo server
-	for i := 0; i < 10; i++ {
+	for range 10 {
 		msg := time.Now().Format(time.RFC3339Nano)
 		_, err = pingerConn.WriteTo([]byte(msg), relayConn.LocalAddr())
 		if err != nil {

examples/turn-client/udp/main.go

@@ -159,7 +159,7 @@ func doPingTest(client *turn.Client, relayConn net.PacketConn) error { //nolint:
 	time.Sleep(500 * time.Millisecond)
 
 	// Send 10 packets from relayConn to the echo server
-	for i := 0; i < 10; i++ {
+	for range 10 {
 		msg := time.Now().Format(time.RFC3339Nano)
 		_, err = pingerConn.WriteTo([]byte(msg), relayConn.LocalAddr())
 		if err != nil {

examples/turn-server/add-software-attribute/main.go

@@ -67,7 +67,7 @@ func main() {
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

examples/turn-server/bw-quota/main.go

@@ -136,7 +136,7 @@ func main() { //nolint:cyclop
 
 	// Parse users.
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

examples/turn-server/ipv6/main.go

@@ -46,7 +46,7 @@ func main() { //nolint:gocyclo,cyclop
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) == 2 {
 			usersMap[parts[0]] = turn.GenerateAuthKey(parts[0], *realm, parts[1])

examples/turn-server/log/main.go

@@ -75,7 +75,7 @@ func main() {
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

examples/turn-server/perm-filter/main.go

@@ -44,7 +44,7 @@ func main() {
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

examples/turn-server/port-range/main.go

@@ -42,7 +42,7 @@ func main() {
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

examples/turn-server/simple-multithreaded/main.go

@@ -43,7 +43,7 @@ func main() { //nolint:cyclop
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)
@@ -60,6 +60,7 @@ func main() { //nolint:cyclop
 		Control: func(network, address string, conn syscall.RawConn) error { // nolint: revive
 			var operr error
 			if err = conn.Control(func(fd uintptr) {
+				//nolint:gosec // file descriptors are small ints from the OS.
 				operr = syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, unix.SO_REUSEPORT, 1)
 			}); err != nil {
 				return err

examples/turn-server/simple-quota/main.go

@@ -44,7 +44,7 @@ func main() { // nolint:cyclop
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

examples/turn-server/simple/main.go

@@ -41,7 +41,7 @@ func main() {
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

examples/turn-server/tcp/main.go

@@ -41,7 +41,7 @@ func main() {
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

examples/turn-server/tls/main.go

@@ -56,7 +56,7 @@ func main() {
 	// Cache -users flag for easy lookup later
 	// If passwords are stored they should be saved to your DB hashed using turn.GenerateAuthKey
 	usersMap := map[string][]byte{}
-	for _, userPass := range strings.Split(*users, ",") {
+	for userPass := range strings.SplitSeq(*users, ",") {
 		parts := strings.SplitN(userPass, "=", 2)
 		if len(parts) != 2 {
 			log.Fatalf("Invalid user credential format '%s': expected 'username=password'", userPass)

helpers_unix_test.go

@@ -2,7 +2,6 @@
 // SPDX-License-Identifier: MIT
 
 //go:build unix
-// +build unix
 
 package turn
 

internal/allocation/allocation_manager.go

@@ -320,7 +320,7 @@ func (m *Manager) GetReservation(reservationToken string) (int, bool) {
 
 // GetRandomEvenPort returns a random un-allocated udp4 port.
 func (m *Manager) GetRandomEvenPort() (int, error) {
-	for i := 0; i < 128; i++ {
+	for range 128 {
 		conn, addr, err := m.allocatePacketConn(AllocateListenerConfig{Network: "udp4"})
 		if err != nil {
 			return 0, err

internal/allocation/allocation_manager_test.go

@@ -2,7 +2,6 @@
 // SPDX-License-Identifier: MIT
 
 //go:build !js
-// +build !js
 
 package allocation
 
@@ -269,7 +268,7 @@ func TestCreateTCPConnection(t *testing.T) {
 	acceptErrs := []error{}
 
 	var err error
-	for i := 0; i < 3; i++ {
+	for i := range 3 {
 		lns[i], err = net.Listen("tcp", "127.0.0.1:0") // nolint: noctx
 		assert.NoError(t, err)
 
@@ -303,7 +302,7 @@ func TestCreateTCPConnection(t *testing.T) {
 	assert.NoError(t, err)
 	allocation.RelayAddr = &net.TCPAddr{IP: net.IPv4(127, 0, 0, 1), Port: rand.Intn(60999-32768+1) + 32768} //nolint:gosec
 
-	for i := 0; i < 3; i++ {
+	for i := range 3 {
 		addr, ok := lns[i].Addr().(*net.TCPAddr)
 		assert.True(t, ok)
 		peer := proto.PeerAddress{IP: addr.IP, Port: addr.Port}
@@ -334,7 +333,7 @@ func TestCreateTCPConnection(t *testing.T) {
 
 	assert.NoError(t, turnSocket.Close())
 
-	for i := 0; i < 3; i++ {
+	for i := range 3 {
 		mu.Lock()
 		conn := acceptedConns[i]
 		mu.Unlock()

internal/allocation/allocation_test.go

@@ -2,7 +2,6 @@
 // SPDX-License-Identifier: MIT
 
 //go:build !js
-// +build !js
 
 package allocation
 

internal/client/allocation.go

@@ -147,7 +147,7 @@ func (a *allocation) onRefreshTimers(id int) {
 		lifetime := a.lifetime()
 		// Limit the max retries on errTryAgain to 3
 		// when stale nonce returns, sencond retry should succeed
-		for i := 0; i < maxRetryAttempts; i++ {
+		for range maxRetryAttempts {
 			err = a.refreshAllocation(lifetime, false)
 			if !errors.Is(err, errTryAgain) {
 				break
@@ -158,7 +158,7 @@ func (a *allocation) onRefreshTimers(id int) {
 		}
 	case timerIDRefreshPerms:
 		var err error
-		for i := 0; i < maxRetryAttempts; i++ {
+		for range maxRetryAttempts {
 			err = a.refreshPermissions()
 			if !errors.Is(err, errTryAgain) {
 				break

internal/client/binding_test.go

@@ -14,13 +14,13 @@ func TestBindingManager(t *testing.T) {
 	t.Run("number assignment", func(t *testing.T) {
 		bm := newBindingManager()
 		var chanNum uint16
-		for i := uint16(0); i < 10; i++ {
+		for i := range uint16(10) {
 			chanNum = bm.assignChannelNumber()
 			assert.Equal(t, minChannelNumber+i, chanNum, "should match")
 		}
 
 		bm.next = uint16(0x7ff0)
-		for i := uint16(0); i < 16; i++ {
+		for i := range uint16(16) {
 			chanNum = bm.assignChannelNumber()
 			assert.Equal(t, 0x7ff0+i, chanNum, "should match")
 		}
@@ -34,7 +34,7 @@ func TestBindingManager(t *testing.T) {
 		lo := net.IPv4(127, 0, 0, 1)
 		count := 100
 		bm := newBindingManager()
-		for i := 0; i < count; i++ {
+		for i := range count {
 			addr := &net.UDPAddr{IP: lo, Port: 10000 + i}
 			b0 := bm.create(addr)
 			b1, ok := bm.findByAddr(addr)
@@ -56,7 +56,7 @@ func TestBindingManager(t *testing.T) {
 		assert.Equal(t, count, bm.size(), "should match")
 		assert.Equal(t, count, len(bm.addrMap), "should match")
 
-		for i := 0; i < count; i++ {
+		for i := range count {
 			addr := &net.UDPAddr{IP: lo, Port: 10000 + i}
 			if i%2 == 0 {
 				assert.True(t, bm.deleteByAddr(addr), "should return true")

internal/client/tcp_alloc.go

@@ -204,7 +204,7 @@ func (a *TCPAllocation) DialTCPWithConn(conn net.Conn, _ string, rAddr *net.TCPA
 		a.permMap.insert(rAddr, perm)
 	}
 
-	for i := 0; i < maxRetryAttempts; i++ {
+	for range maxRetryAttempts {
 		if err = a.createPermission(perm, rAddr); !errors.Is(err, errTryAgain) {
 			break
 		}

internal/client/udp_conn.go

@@ -196,7 +196,7 @@ func (c *UDPConn) WriteTo(payload []byte, addr net.Addr) (int, error) { //nolint
 		c.permMap.insert(addr, perm)
 	}
 
-	for i := 0; i < maxRetryAttempts; i++ {
+	for range maxRetryAttempts {
 		// c.createPermission() would block, per destination IP (, or perm),
 		// until the perm state becomes "requested". Purpose of this is to
 		// guarantee the order of packets (within the same perm).
@@ -417,7 +417,7 @@ func (c *UDPConn) FindAddrByChannelNumber(chNum uint16) (net.Addr, bool) {
 func (c *UDPConn) maybeBind(bound *binding) {
 	bind := func() {
 		var err error
-		for i := 0; i < maxRetryAttempts; i++ {
+		for range maxRetryAttempts {
 			if err = c.bind(bound); !errors.Is(err, errTryAgain) {
 				break
 			}

internal/proto/chandata.go

@@ -64,7 +64,7 @@ func (c *ChannelData) Encode() {
 	c.Raw = append(c.Raw, c.Data...)
 	padded := nearestPaddedValueLength(len(c.Raw))
 	if bytesToAdd := padded - len(c.Raw); bytesToAdd > 0 {
-		for i := 0; i < bytesToAdd; i++ {
+		for range bytesToAdd {
 			c.Raw = append(c.Raw, 0)
 		}
 	}

internal/server/turn_test.go

@@ -2,7 +2,6 @@
 // SPDX-License-Identifier: MIT
 
 //go:build !js
-// +build !js
 
 package server