From 7811adca66a84bbfc032f95ac6a0863cd5e961ed Mon Sep 17 00:00:00 2001
From: whm <973418690@qq.com>
Date: Wed, 25 Mar 2026 15:00:14 +0800
Subject: [PATCH] =?UTF-8?q?=E7=9B=B4=E6=92=AD=EF=BC=9A=E5=90=8E=E5=8F=B0?=
 =?UTF-8?q?=20JWT=20=E6=8E=A8=E6=B5=81=E3=80=81=E5=89=8D=E5=8F=B0=E7=94=BB?=
 =?UTF-8?q?=E4=B8=AD=E7=94=BB=EF=BC=9BWebRTC=20=E6=9C=8D=E5=8A=A1=E4=B8=8E?=
 =?UTF-8?q?=20Nginx=20WebSocket=20=E4=BB=A3=E7=90=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Made-with: Cursor
---
 admin/src/layouts/AdminLayout.vue             |    3 +-
 admin/src/router/index.js                     |    6 +
 admin/src/utils/liveWebRTC.js                 |  106 +
 admin/src/views/sites/HomepageEdit.vue        |   27 +-
 admin/src/views/sites/LiveBroadcast.vue       |   99 +
 admin/vite.config.js                          |    3 +-
 nginx/nginx.conf                              |   12 +
 nginx/yuheng.docker.conf.tpl                  |   15 +
 nginx/yuheng.yuxindazhineng.com.conf          |   13 +
 server/go.mod                                 |   24 +-
 server/go.sum                                 |   82 +
 server/handlers/auth.go                       |   64 +-
 server/handlers/homepage.go                   |    4 +-
 server/main.go                                |    3 +
 server/models/site.go                         |    4 +
 server/pkg/weblive/config.go                  |   33 +
 server/pkg/weblive/hub.go                     |  176 +
 server/pkg/weblive/ws.go                      |  278 +
 .../vendor/github.com/davecgh/go-spew/LICENSE |   15 +
 .../github.com/davecgh/go-spew/spew/bypass.go |  145 +
 .../davecgh/go-spew/spew/bypasssafe.go        |   38 +
 .../github.com/davecgh/go-spew/spew/common.go |  341 +
 .../github.com/davecgh/go-spew/spew/config.go |  306 +
 .../github.com/davecgh/go-spew/spew/doc.go    |  211 +
 .../github.com/davecgh/go-spew/spew/dump.go   |  509 +
 .../github.com/davecgh/go-spew/spew/format.go |  419 +
 .../github.com/davecgh/go-spew/spew/spew.go   |  148 +
 .../github.com/google/uuid/CHANGELOG.md       |   10 +
 .../github.com/google/uuid/CONTRIBUTING.md    |   26 +
 .../github.com/google/uuid/CONTRIBUTORS       |    9 +
 server/vendor/github.com/google/uuid/LICENSE  |   27 +
 .../vendor/github.com/google/uuid/README.md   |   21 +
 server/vendor/github.com/google/uuid/dce.go   |   80 +
 server/vendor/github.com/google/uuid/doc.go   |   12 +
 server/vendor/github.com/google/uuid/hash.go  |   53 +
 .../vendor/github.com/google/uuid/marshal.go  |   38 +
 server/vendor/github.com/google/uuid/node.go  |   90 +
 .../vendor/github.com/google/uuid/node_js.go  |   12 +
 .../vendor/github.com/google/uuid/node_net.go |   33 +
 server/vendor/github.com/google/uuid/null.go  |  118 +
 server/vendor/github.com/google/uuid/sql.go   |   59 +
 server/vendor/github.com/google/uuid/time.go  |  123 +
 server/vendor/github.com/google/uuid/util.go  |   43 +
 server/vendor/github.com/google/uuid/uuid.go  |  296 +
 .../vendor/github.com/google/uuid/version1.go |   44 +
 .../vendor/github.com/google/uuid/version4.go |   76 +
 .../github.com/gorilla/websocket/.gitignore   |   25 +
 .../github.com/gorilla/websocket/AUTHORS      |    9 +
 .../github.com/gorilla/websocket/LICENSE      |   22 +
 .../github.com/gorilla/websocket/README.md    |   33 +
 .../github.com/gorilla/websocket/client.go    |  434 +
 .../gorilla/websocket/compression.go          |  148 +
 .../github.com/gorilla/websocket/conn.go      | 1238 +++
 .../github.com/gorilla/websocket/doc.go       |  227 +
 .../github.com/gorilla/websocket/join.go      |   42 +
 .../github.com/gorilla/websocket/json.go      |   60 +
 .../github.com/gorilla/websocket/mask.go      |   55 +
 .../github.com/gorilla/websocket/mask_safe.go |   16 +
 .../github.com/gorilla/websocket/prepared.go  |  102 +
 .../github.com/gorilla/websocket/proxy.go     |   77 +
 .../github.com/gorilla/websocket/server.go    |  365 +
 .../gorilla/websocket/tls_handshake.go        |   21 +
 .../gorilla/websocket/tls_handshake_116.go    |   21 +
 .../github.com/gorilla/websocket/util.go      |  298 +
 .../gorilla/websocket/x_net_proxy.go          |  473 +
 .../github.com/pion/datachannel/.gitignore    |   28 +
 .../github.com/pion/datachannel/.golangci.yml |  125 +
 .../pion/datachannel/.goreleaser.yml          |    5 +
 .../github.com/pion/datachannel/LICENSE       |    9 +
 .../github.com/pion/datachannel/README.md     |   34 +
 .../github.com/pion/datachannel/codecov.yml   |   22 +
 .../pion/datachannel/datachannel.go           |  404 +
 .../github.com/pion/datachannel/errors.go     |   27 +
 .../github.com/pion/datachannel/message.go    |   92 +
 .../pion/datachannel/message_channel_ack.go   |   29 +
 .../pion/datachannel/message_channel_open.go  |  147 +
 .../github.com/pion/datachannel/renovate.json |    6 +
 .../github.com/pion/dtls/v2/.editorconfig     |   23 +
 .../vendor/github.com/pion/dtls/v2/.gitignore |   28 +
 .../github.com/pion/dtls/v2/.golangci.yml     |  137 +
 .../github.com/pion/dtls/v2/.goreleaser.yml   |    5 +
 .../github.com/pion/dtls/v2/AUTHORS.txt       |   57 +
 server/vendor/github.com/pion/dtls/v2/LICENSE |    9 +
 .../vendor/github.com/pion/dtls/v2/README.md  |  151 +
 .../github.com/pion/dtls/v2/certificate.go    |  157 +
 .../github.com/pion/dtls/v2/cipher_suite.go   |  276 +
 .../pion/dtls/v2/cipher_suite_go114.go        |   44 +
 .../github.com/pion/dtls/v2/codecov.yml       |   22 +
 .../pion/dtls/v2/compression_method.go        |   12 +
 .../vendor/github.com/pion/dtls/v2/config.go  |  253 +
 server/vendor/github.com/pion/dtls/v2/conn.go | 1057 ++
 .../vendor/github.com/pion/dtls/v2/crypto.go  |  228 +
 server/vendor/github.com/pion/dtls/v2/dtls.go |    5 +
 .../vendor/github.com/pion/dtls/v2/errors.go  |  157 +
 .../github.com/pion/dtls/v2/errors_errno.go   |   22 +
 .../github.com/pion/dtls/v2/errors_noerrno.go |   18 +
 .../vendor/github.com/pion/dtls/v2/flight.go  |  104 +
 .../github.com/pion/dtls/v2/flight0handler.go |  138 +
 .../github.com/pion/dtls/v2/flight1handler.go |  141 +
 .../github.com/pion/dtls/v2/flight2handler.go |   64 +
 .../github.com/pion/dtls/v2/flight3handler.go |  291 +
 .../pion/dtls/v2/flight4bhandler.go           |  144 +
 .../github.com/pion/dtls/v2/flight4handler.go |  402 +
 .../pion/dtls/v2/flight5bhandler.go           |   78 +
 .../github.com/pion/dtls/v2/flight5handler.go |  357 +
 .../github.com/pion/dtls/v2/flight6handler.go |   85 +
 .../github.com/pion/dtls/v2/flighthandler.go  |   68 +
 .../pion/dtls/v2/fragment_buffer.go           |  132 +
 .../pion/dtls/v2/handshake_cache.go           |  172 +
 .../github.com/pion/dtls/v2/handshaker.go     |  350 +
 .../v2/internal/ciphersuite/aes_128_ccm.go    |   33 +
 .../v2/internal/ciphersuite/aes_256_ccm.go    |   33 +
 .../dtls/v2/internal/ciphersuite/aes_ccm.go   |  113 +
 .../v2/internal/ciphersuite/ciphersuite.go    |   98 +
 .../tls_ecdhe_ecdsa_with_aes_128_ccm.go       |   14 +
 .../tls_ecdhe_ecdsa_with_aes_128_ccm8.go      |   14 +
 ...tls_ecdhe_ecdsa_with_aes_128_gcm_sha256.go |  108 +
 .../tls_ecdhe_ecdsa_with_aes_256_cbc_sha.go   |  114 +
 ...tls_ecdhe_ecdsa_with_aes_256_gcm_sha384.go |   39 +
 .../tls_ecdhe_psk_with_aes_128_cbc_sha256.go  |  118 +
 .../tls_ecdhe_rsa_with_aes_128_gcm_sha256.go  |   25 +
 .../tls_ecdhe_rsa_with_aes_256_cbc_sha.go     |   25 +
 .../tls_ecdhe_rsa_with_aes_256_gcm_sha384.go  |   25 +
 .../tls_psk_with_aes_128_cbc_sha256.go        |  113 +
 .../ciphersuite/tls_psk_with_aes_128_ccm.go   |   14 +
 .../ciphersuite/tls_psk_with_aes_128_ccm8.go  |   14 +
 .../tls_psk_with_aes_128_gcm_sha256.go        |   35 +
 .../ciphersuite/tls_psk_with_aes_256_ccm8.go  |   14 +
 .../ciphersuite/types/authentication_type.go  |   14 +
 .../types/key_exchange_algorithm.go           |   20 +
 .../pion/dtls/v2/internal/closer/closer.go    |   48 +
 .../pion/dtls/v2/internal/util/util.go        |   42 +
 .../github.com/pion/dtls/v2/listener.go       |   83 +
 .../vendor/github.com/pion/dtls/v2/packet.go  |   12 +
 .../pion/dtls/v2/pkg/crypto/ccm/ccm.go        |  254 +
 .../dtls/v2/pkg/crypto/ciphersuite/cbc.go     |  177 +
 .../dtls/v2/pkg/crypto/ciphersuite/ccm.go     |  107 +
 .../v2/pkg/crypto/ciphersuite/ciphersuite.go  |   76 +
 .../dtls/v2/pkg/crypto/ciphersuite/gcm.go     |  103 +
 .../clientcertificate/client_certificate.go   |   25 +
 .../dtls/v2/pkg/crypto/elliptic/elliptic.go   |  115 +
 .../v2/pkg/crypto/fingerprint/fingerprint.go  |   53 +
 .../dtls/v2/pkg/crypto/fingerprint/hash.go    |   41 +
 .../pion/dtls/v2/pkg/crypto/hash/hash.go      |  129 +
 .../pion/dtls/v2/pkg/crypto/prf/prf.go        |  255 +
 .../dtls/v2/pkg/crypto/signature/signature.go |   27 +
 .../v2/pkg/crypto/signaturehash/errors.go     |   12 +
 .../pkg/crypto/signaturehash/signaturehash.go |   96 +
 .../pion/dtls/v2/pkg/protocol/alert/alert.go  |  166 +
 .../dtls/v2/pkg/protocol/application_data.go  |   29 +
 .../v2/pkg/protocol/change_cipher_spec.go     |   30 +
 .../v2/pkg/protocol/compression_method.go     |   51 +
 .../pion/dtls/v2/pkg/protocol/content.go      |   24 +
 .../pion/dtls/v2/pkg/protocol/errors.go       |  109 +
 .../dtls/v2/pkg/protocol/extension/alpn.go    |   80 +
 .../dtls/v2/pkg/protocol/extension/errors.go  |   20 +
 .../v2/pkg/protocol/extension/extension.go    |  102 +
 .../protocol/extension/renegotiation_info.go  |   46 +
 .../v2/pkg/protocol/extension/server_name.go  |   81 +
 .../extension/srtp_protection_profile.go      |   32 +
 .../extension/supported_elliptic_curves.go    |   65 +
 .../extension/supported_point_formats.go      |   65 +
 .../supported_signature_algorithms.go         |   73 +
 .../protocol/extension/use_master_secret.go   |   48 +
 .../v2/pkg/protocol/extension/use_srtp.go     |   62 +
 .../v2/pkg/protocol/handshake/cipher_suite.go |   32 +
 .../dtls/v2/pkg/protocol/handshake/errors.go  |   28 +
 .../v2/pkg/protocol/handshake/handshake.go    |  150 +
 .../dtls/v2/pkg/protocol/handshake/header.go  |   53 +
 .../protocol/handshake/message_certificate.go |   69 +
 .../handshake/message_certificate_request.go  |  144 +
 .../handshake/message_certificate_verify.go   |   64 +
 .../handshake/message_client_hello.go         |  141 +
 .../handshake/message_client_key_exchange.go  |   81 +
 .../protocol/handshake/message_finished.go    |   30 +
 .../handshake/message_hello_verify_request.go |   65 +
 .../handshake/message_server_hello.go         |  122 +
 .../handshake/message_server_hello_done.go    |   24 +
 .../handshake/message_server_key_exchange.go  |  148 +
 .../dtls/v2/pkg/protocol/handshake/random.go  |   52 +
 .../v2/pkg/protocol/recordlayer/errors.go     |   21 +
 .../v2/pkg/protocol/recordlayer/header.go     |   64 +
 .../pkg/protocol/recordlayer/recordlayer.go   |  102 +
 .../pion/dtls/v2/pkg/protocol/version.go      |   24 +
 .../github.com/pion/dtls/v2/renovate.json     |    6 +
 .../vendor/github.com/pion/dtls/v2/resume.go  |   26 +
 .../vendor/github.com/pion/dtls/v2/session.go |   24 +
 .../pion/dtls/v2/srtp_protection_profile.go   |   21 +
 .../vendor/github.com/pion/dtls/v2/state.go   |  228 +
 server/vendor/github.com/pion/dtls/v2/util.go |   41 +
 .../vendor/github.com/pion/ice/v2/.gitignore  |   28 +
 .../github.com/pion/ice/v2/.golangci.yml      |  137 +
 .../github.com/pion/ice/v2/.goreleaser.yml    |    5 +
 .../vendor/github.com/pion/ice/v2/AUTHORS.txt |   68 +
 server/vendor/github.com/pion/ice/v2/LICENSE  |    9 +
 .../vendor/github.com/pion/ice/v2/README.md   |   34 +
 .../github.com/pion/ice/v2/active_tcp.go      |  158 +
 server/vendor/github.com/pion/ice/v2/addr.go  |   71 +
 server/vendor/github.com/pion/ice/v2/agent.go | 1303 +++
 .../github.com/pion/ice/v2/agent_config.go    |  305 +
 .../github.com/pion/ice/v2/agent_handlers.go  |  183 +
 .../github.com/pion/ice/v2/agent_stats.go     |  172 +
 .../github.com/pion/ice/v2/candidate.go       |   72 +
 .../github.com/pion/ice/v2/candidate_base.go  |  572 +
 .../github.com/pion/ice/v2/candidate_host.go  |   80 +
 .../pion/ice/v2/candidate_peer_reflexive.go   |   64 +
 .../github.com/pion/ice/v2/candidate_relay.go |  115 +
 .../pion/ice/v2/candidate_server_reflexive.go |   61 +
 .../github.com/pion/ice/v2/candidatepair.go   |  136 +
 .../pion/ice/v2/candidatepair_state.go        |   40 +
 .../pion/ice/v2/candidaterelatedaddress.go    |   33 +
 .../github.com/pion/ice/v2/candidatetype.go   |   65 +
 .../vendor/github.com/pion/ice/v2/codecov.yml |   22 +
 .../vendor/github.com/pion/ice/v2/context.go  |   40 +
 .../vendor/github.com/pion/ice/v2/errors.go   |  140 +
 .../pion/ice/v2/external_ip_mapper.go         |  153 +
 .../vendor/github.com/pion/ice/v2/gather.go   |  720 ++
 server/vendor/github.com/pion/ice/v2/ice.go   |   90 +
 .../github.com/pion/ice/v2/icecontrol.go      |   90 +
 .../pion/ice/v2/internal/atomic/atomic.go     |   23 +
 .../pion/ice/v2/internal/fakenet/mock_conn.go |   23 +
 .../ice/v2/internal/fakenet/packet_conn.go    |   29 +
 .../pion/ice/v2/internal/stun/stun.go         |   72 +
 server/vendor/github.com/pion/ice/v2/mdns.go  |   65 +
 server/vendor/github.com/pion/ice/v2/net.go   |  137 +
 .../github.com/pion/ice/v2/networktype.go     |  137 +
 .../vendor/github.com/pion/ice/v2/priority.go |   36 +
 server/vendor/github.com/pion/ice/v2/rand.go  |   56 +
 .../github.com/pion/ice/v2/renovate.json      |    6 +
 server/vendor/github.com/pion/ice/v2/role.go  |   46 +
 .../github.com/pion/ice/v2/selection.go       |  312 +
 server/vendor/github.com/pion/ice/v2/stats.go |  180 +
 .../vendor/github.com/pion/ice/v2/tcp_mux.go  |  435 +
 .../github.com/pion/ice/v2/tcp_mux_multi.go   |   81 +
 .../github.com/pion/ice/v2/tcp_packet_conn.go |  324 +
 .../vendor/github.com/pion/ice/v2/tcptype.go  |   51 +
 .../github.com/pion/ice/v2/test_utils.go      |   79 +
 .../github.com/pion/ice/v2/transport.go       |  148 +
 .../vendor/github.com/pion/ice/v2/udp_mux.go  |  368 +
 .../github.com/pion/ice/v2/udp_mux_multi.go   |  228 +
 .../pion/ice/v2/udp_mux_universal.go          |  271 +
 .../github.com/pion/ice/v2/udp_muxed_conn.go  |  248 +
 server/vendor/github.com/pion/ice/v2/url.go   |   82 +
 .../github.com/pion/ice/v2/usecandidate.go    |   26 +
 .../github.com/pion/interceptor/.gitignore    |   28 +
 .../github.com/pion/interceptor/.golangci.yml |  125 +
 .../pion/interceptor/.goreleaser.yml          |    5 +
 .../github.com/pion/interceptor/LICENSE       |    9 +
 .../github.com/pion/interceptor/README.md     |   84 +
 .../github.com/pion/interceptor/attributes.go |   68 +
 .../github.com/pion/interceptor/chain.go      |   78 +
 .../github.com/pion/interceptor/codecov.yml   |   22 +
 .../github.com/pion/interceptor/errors.go     |   54 +
 .../pion/interceptor/interceptor.go           |  102 +
 .../pion/interceptor/internal/ntp/ntp.go      |   30 +
 .../internal/sequencenumber/unwrapper.go      |   45 +
 .../github.com/pion/interceptor/noop.go       |   43 +
 .../pion/interceptor/pkg/nack/errors.go       |   15 +
 .../pkg/nack/generator_interceptor.go         |  216 +
 .../interceptor/pkg/nack/generator_option.go  |   56 +
 .../pion/interceptor/pkg/nack/nack.go         |   17 +
 .../pion/interceptor/pkg/nack/receive_log.go  |  138 +
 .../pkg/nack/responder_interceptor.go         |  149 +
 .../interceptor/pkg/nack/responder_option.go  |   35 +
 .../interceptor/pkg/nack/retainable_packet.go |  132 +
 .../pion/interceptor/pkg/nack/send_buffer.go  |  104 +
 .../pkg/report/receiver_interceptor.go        |  184 +
 .../interceptor/pkg/report/receiver_option.go |   37 +
 .../interceptor/pkg/report/receiver_stream.go |  169 +
 .../pion/interceptor/pkg/report/report.go     |    5 +
 .../pkg/report/sender_interceptor.go          |  151 +
 .../interceptor/pkg/report/sender_option.go   |   63 +
 .../interceptor/pkg/report/sender_stream.go   |   65 +
 .../pion/interceptor/pkg/report/ticker.go     |   20 +
 .../interceptor/pkg/twcc/arrival_time_map.go  |  192 +
 .../pkg/twcc/header_extension_interceptor.go  |   66 +
 .../pkg/twcc/sender_interceptor.go            |  207 +
 .../pion/interceptor/pkg/twcc/twcc.go         |  366 +
 .../github.com/pion/interceptor/registry.go   |   33 +
 .../github.com/pion/interceptor/renovate.json |    6 +
 .../github.com/pion/interceptor/streaminfo.go |   37 +
 .../github.com/pion/logging/.golangci.yml     |   13 +
 .../github.com/pion/logging/.travis.yml       |   19 +
 server/vendor/github.com/pion/logging/LICENSE |   21 +
 .../vendor/github.com/pion/logging/README.md  |   41 +
 .../vendor/github.com/pion/logging/logger.go  |  228 +
 .../vendor/github.com/pion/logging/scoped.go  |   72 +
 server/vendor/github.com/pion/mdns/.gitignore |   28 +
 .../vendor/github.com/pion/mdns/.golangci.yml |  126 +
 .../github.com/pion/mdns/.goreleaser.yml      |    5 +
 server/vendor/github.com/pion/mdns/LICENSE    |   21 +
 server/vendor/github.com/pion/mdns/README.md  |   72 +
 .../vendor/github.com/pion/mdns/codecov.yml   |   22 +
 server/vendor/github.com/pion/mdns/config.go  |   41 +
 server/vendor/github.com/pion/mdns/conn.go    |  597 ++
 server/vendor/github.com/pion/mdns/errors.go  |   14 +
 server/vendor/github.com/pion/mdns/mdns.go    |    5 +
 .../vendor/github.com/pion/mdns/renovate.json |    6 +
 .../github.com/pion/randutil/.travis.yml      |  142 +
 .../vendor/github.com/pion/randutil/LICENSE   |   21 +
 .../vendor/github.com/pion/randutil/README.md |   14 +
 .../github.com/pion/randutil/codecov.yml      |   20 +
 .../vendor/github.com/pion/randutil/crypto.go |   30 +
 .../vendor/github.com/pion/randutil/math.go   |   72 +
 .../github.com/pion/randutil/renovate.json    |   15 +
 server/vendor/github.com/pion/rtcp/.gitignore |   28 +
 .../vendor/github.com/pion/rtcp/.golangci.yml |  126 +
 .../github.com/pion/rtcp/.goreleaser.yml      |    5 +
 server/vendor/github.com/pion/rtcp/LICENSE    |    9 +
 server/vendor/github.com/pion/rtcp/README.md  |   37 +
 .../vendor/github.com/pion/rtcp/codecov.yml   |   22 +
 .../github.com/pion/rtcp/compound_packet.go   |  161 +
 server/vendor/github.com/pion/rtcp/doc.go     |   42 +
 server/vendor/github.com/pion/rtcp/errors.go  |   38 +
 .../github.com/pion/rtcp/extended_report.go   |  659 ++
 .../pion/rtcp/full_intra_request.go           |  116 +
 server/vendor/github.com/pion/rtcp/goodbye.go |  159 +
 server/vendor/github.com/pion/rtcp/header.go  |  147 +
 server/vendor/github.com/pion/rtcp/packet.go  |  124 +
 .../github.com/pion/rtcp/packet_buffer.go     |  258 +
 .../pion/rtcp/packet_stringifier.go           |  106 +
 .../pion/rtcp/picture_loss_indication.go      |   93 +
 .../rtcp/rapid_resynchronization_request.go   |   94 +
 .../vendor/github.com/pion/rtcp/raw_packet.go |   50 +
 .../receiver_estimated_maximum_bitrate.go     |  285 +
 .../github.com/pion/rtcp/receiver_report.go   |  195 +
 .../github.com/pion/rtcp/reception_report.go  |  133 +
 .../vendor/github.com/pion/rtcp/renovate.json |    6 +
 server/vendor/github.com/pion/rtcp/rfc8888.go |  340 +
 .../github.com/pion/rtcp/sender_report.go     |  262 +
 .../pion/rtcp/slice_loss_indication.go        |  117 +
 .../pion/rtcp/source_description.go           |  368 +
 .../pion/rtcp/transport_layer_cc.go           |  566 +
 .../pion/rtcp/transport_layer_nack.go         |  181 +
 server/vendor/github.com/pion/rtcp/util.go    |   41 +
 server/vendor/github.com/pion/rtp/.gitignore  |   28 +
 .../vendor/github.com/pion/rtp/.golangci.yml  |  125 +
 .../github.com/pion/rtp/.goreleaser.yml       |    5 +
 server/vendor/github.com/pion/rtp/LICENSE     |    9 +
 server/vendor/github.com/pion/rtp/README.md   |   35 +
 .../pion/rtp/abscapturetimeextension.go       |  106 +
 .../pion/rtp/abssendtimeextension.go          |   81 +
 .../pion/rtp/audiolevelextension.go           |   63 +
 server/vendor/github.com/pion/rtp/codecov.yml |   22 +
 .../pion/rtp/codecs/av1/obu/leb128.go         |   85 +
 .../github.com/pion/rtp/codecs/av1_packet.go  |  204 +
 .../github.com/pion/rtp/codecs/codecs.go      |    5 +
 .../github.com/pion/rtp/codecs/common.go      |   39 +
 .../github.com/pion/rtp/codecs/error.go       |   17 +
 .../github.com/pion/rtp/codecs/g711_packet.go |   25 +
 .../github.com/pion/rtp/codecs/g722_packet.go |   25 +
 .../github.com/pion/rtp/codecs/h264_packet.go |  297 +
 .../github.com/pion/rtp/codecs/h265_packet.go |  828 ++
 .../github.com/pion/rtp/codecs/opus_packet.go |   49 +
 .../github.com/pion/rtp/codecs/vp8_packet.go  |  234 +
 .../github.com/pion/rtp/codecs/vp9/bits.go    |   65 +
 .../github.com/pion/rtp/codecs/vp9/header.go  |  221 +
 .../github.com/pion/rtp/codecs/vp9_packet.go  |  511 +
 .../github.com/pion/rtp/depacketizer.go       |   20 +
 server/vendor/github.com/pion/rtp/error.go    |   26 +
 .../github.com/pion/rtp/header_extension.go   |  353 +
 server/vendor/github.com/pion/rtp/packet.go   |  540 +
 .../vendor/github.com/pion/rtp/packetizer.go  |  138 +
 .../pion/rtp/partitionheadchecker.go          |    9 +
 .../github.com/pion/rtp/payload_types.go      |   68 +
 .../pion/rtp/playoutdelayextension.go         |   50 +
 server/vendor/github.com/pion/rtp/rand.go     |   11 +
 .../vendor/github.com/pion/rtp/renovate.json  |    6 +
 server/vendor/github.com/pion/rtp/rtp.go      |    5 +
 .../vendor/github.com/pion/rtp/sequencer.go   |   60 +
 .../pion/rtp/transportccextension.go          |   42 +
 .../github.com/pion/rtp/vlaextension.go       |  360 +
 server/vendor/github.com/pion/sctp/.gitignore |   28 +
 .../vendor/github.com/pion/sctp/.golangci.yml |  125 +
 .../github.com/pion/sctp/.goreleaser.yml      |    5 +
 server/vendor/github.com/pion/sctp/LICENSE    |    9 +
 server/vendor/github.com/pion/sctp/README.md  |   34 +
 .../vendor/github.com/pion/sctp/ack_timer.go  |  104 +
 .../github.com/pion/sctp/association.go       | 2747 +++++
 .../github.com/pion/sctp/association_stats.go |   94 +
 server/vendor/github.com/pion/sctp/chunk.go   |   12 +
 .../github.com/pion/sctp/chunk_abort.go       |   96 +
 .../github.com/pion/sctp/chunk_cookie_ack.go  |   53 +
 .../github.com/pion/sctp/chunk_cookie_echo.go |   54 +
 .../github.com/pion/sctp/chunk_error.go       |  103 +
 .../github.com/pion/sctp/chunk_forward_tsn.go |  151 +
 .../github.com/pion/sctp/chunk_heartbeat.go   |   86 +
 .../pion/sctp/chunk_heartbeat_ack.go          |   96 +
 .../vendor/github.com/pion/sctp/chunk_init.go |  142 +
 .../github.com/pion/sctp/chunk_init_ack.go    |  140 +
 .../github.com/pion/sctp/chunk_init_common.go |  167 +
 .../pion/sctp/chunk_payload_data.go           |  212 +
 .../github.com/pion/sctp/chunk_reconfig.go    |  108 +
 .../pion/sctp/chunk_selective_ack.go          |  151 +
 .../github.com/pion/sctp/chunk_shutdown.go    |   72 +
 .../pion/sctp/chunk_shutdown_ack.go           |   53 +
 .../pion/sctp/chunk_shutdown_complete.go      |   53 +
 .../github.com/pion/sctp/chunkheader.go       |  100 +
 .../vendor/github.com/pion/sctp/chunktype.go  |   70 +
 .../vendor/github.com/pion/sctp/codecov.yml   |   22 +
 .../github.com/pion/sctp/control_queue.go     |   32 +
 .../github.com/pion/sctp/error_cause.go       |  101 +
 .../pion/sctp/error_cause_header.go           |   57 +
 ...error_cause_invalid_mandatory_parameter.go |   22 +
 .../sctp/error_cause_protocol_violation.go    |   57 +
 .../error_cause_unrecognized_chunk_type.go    |   31 +
 .../sctp/error_cause_user_initiated_abort.go  |   49 +
 server/vendor/github.com/pion/sctp/packet.go  |  227 +
 server/vendor/github.com/pion/sctp/param.go   |   46 +
 .../github.com/pion/sctp/param_chunk_list.go  |   31 +
 .../github.com/pion/sctp/param_ecn_capable.go |   22 +
 .../pion/sctp/param_forward_tsn_supported.go  |   31 +
 .../pion/sctp/param_heartbeat_info.go         |   24 +
 .../pion/sctp/param_outgoing_reset_request.go |   94 +
 .../github.com/pion/sctp/param_random.go      |   24 +
 .../pion/sctp/param_reconfig_response.go      |   98 +
 .../sctp/param_requested_hmac_algorithm.go    |   84 +
 .../pion/sctp/param_state_cookie.go           |   49 +
 .../pion/sctp/param_supported_extensions.go   |   32 +
 .../pion/sctp/param_zero_checksum.go          |   56 +
 .../github.com/pion/sctp/paramheader.go       |  101 +
 .../vendor/github.com/pion/sctp/paramtype.go  |  119 +
 .../github.com/pion/sctp/payload_queue.go     |   73 +
 .../github.com/pion/sctp/pending_queue.go     |  142 +
 server/vendor/github.com/pion/sctp/queue.go   |   70 +
 .../github.com/pion/sctp/reassembly_queue.go  |  366 +
 .../pion/sctp/receive_payload_queue.go        |  186 +
 .../vendor/github.com/pion/sctp/renovate.json |    6 +
 .../vendor/github.com/pion/sctp/rtx_timer.go  |  250 +
 server/vendor/github.com/pion/sctp/sctp.go    |    5 +
 server/vendor/github.com/pion/sctp/stream.go  |  471 +
 server/vendor/github.com/pion/sctp/util.go    |   61 +
 .../vendor/github.com/pion/sdp/v3/.gitignore  |   28 +
 .../github.com/pion/sdp/v3/.golangci.yml      |  126 +
 .../github.com/pion/sdp/v3/.goreleaser.yml    |    5 +
 server/vendor/github.com/pion/sdp/v3/LICENSE  |    9 +
 .../vendor/github.com/pion/sdp/v3/README.md   |   35 +
 .../github.com/pion/sdp/v3/base_lexer.go      |  216 +
 .../vendor/github.com/pion/sdp/v3/codecov.yml |   22 +
 .../pion/sdp/v3/common_description.go         |  188 +
 .../github.com/pion/sdp/v3/direction.go       |   62 +
 .../vendor/github.com/pion/sdp/v3/extmap.go   |  111 +
 server/vendor/github.com/pion/sdp/v3/jsep.go  |  210 +
 .../vendor/github.com/pion/sdp/v3/marshal.go  |  240 +
 .../pion/sdp/v3/media_description.go          |  128 +
 .../github.com/pion/sdp/v3/renovate.json      |    6 +
 server/vendor/github.com/pion/sdp/v3/sdp.go   |    5 +
 .../pion/sdp/v3/session_description.go        |  201 +
 .../pion/sdp/v3/time_description.go           |   75 +
 .../github.com/pion/sdp/v3/unmarshal.go       |  956 ++
 .../github.com/pion/sdp/v3/unmarshal_cache.go |   44 +
 server/vendor/github.com/pion/sdp/v3/util.go  |  360 +
 .../vendor/github.com/pion/srtp/v2/.gitignore |   28 +
 .../github.com/pion/srtp/v2/.golangci.yml     |  137 +
 .../github.com/pion/srtp/v2/.goreleaser.yml   |    5 +
 .../github.com/pion/srtp/v2/AUTHORS.txt       |   37 +
 server/vendor/github.com/pion/srtp/v2/LICENSE |    9 +
 .../vendor/github.com/pion/srtp/v2/README.md  |   35 +
 .../github.com/pion/srtp/v2/codecov.yml       |   22 +
 .../vendor/github.com/pion/srtp/v2/context.go |  293 +
 .../vendor/github.com/pion/srtp/v2/crypto.go  |   45 +
 .../vendor/github.com/pion/srtp/v2/errors.go  |   53 +
 .../github.com/pion/srtp/v2/key_derivation.go |   69 +
 .../vendor/github.com/pion/srtp/v2/keying.go  |   57 +
 .../vendor/github.com/pion/srtp/v2/option.go  |  120 +
 .../pion/srtp/v2/protection_profile.go        |  128 +
 .../github.com/pion/srtp/v2/renovate.json     |    6 +
 .../vendor/github.com/pion/srtp/v2/session.go |  161 +
 .../github.com/pion/srtp/v2/session_srtcp.go  |  190 +
 .../github.com/pion/srtp/v2/session_srtp.go   |  200 +
 .../vendor/github.com/pion/srtp/v2/srtcp.go   |  109 +
 server/vendor/github.com/pion/srtp/v2/srtp.go |  109 +
 .../github.com/pion/srtp/v2/srtp_cipher.go    |   51 +
 .../pion/srtp/v2/srtp_cipher_aead_aes_gcm.go  |  285 +
 .../srtp/v2/srtp_cipher_aes_cm_hmac_sha1.go   |  331 +
 .../vendor/github.com/pion/srtp/v2/stream.go  |   11 +
 .../github.com/pion/srtp/v2/stream_srtcp.go   |  160 +
 .../github.com/pion/srtp/v2/stream_srtp.go    |  157 +
 server/vendor/github.com/pion/srtp/v2/util.go |   36 +
 server/vendor/github.com/pion/stun/.gitignore |   28 +
 .../vendor/github.com/pion/stun/.golangci.yml |  137 +
 .../github.com/pion/stun/.goreleaser.yml      |    5 +
 .../vendor/github.com/pion/stun/AUTHORS.txt   |   40 +
 server/vendor/github.com/pion/stun/LICENSE    |    9 +
 server/vendor/github.com/pion/stun/Makefile   |   39 +
 server/vendor/github.com/pion/stun/README.md  |  186 +
 server/vendor/github.com/pion/stun/addr.go    |  163 +
 server/vendor/github.com/pion/stun/agent.go   |  233 +
 .../vendor/github.com/pion/stun/attributes.go |  254 +
 .../github.com/pion/stun/attributes_debug.go  |   37 +
 server/vendor/github.com/pion/stun/checks.go  |   53 +
 .../github.com/pion/stun/checks_debug.go      |   65 +
 server/vendor/github.com/pion/stun/client.go  |  722 ++
 .../vendor/github.com/pion/stun/codecov.yml   |   22 +
 .../vendor/github.com/pion/stun/errorcode.go  |  162 +
 server/vendor/github.com/pion/stun/errors.go  |   66 +
 .../github.com/pion/stun/fingerprint.go       |   70 +
 .../github.com/pion/stun/fingerprint_debug.go |   22 +
 server/vendor/github.com/pion/stun/helpers.go |  109 +
 .../vendor/github.com/pion/stun/integrity.go  |  126 +
 .../github.com/pion/stun/integrity_debug.go   |   22 +
 .../pion/stun/internal/hmac/hmac.go           |  156 +
 .../pion/stun/internal/hmac/pool.go           |   92 +
 .../pion/stun/internal/hmac/vendor.sh         |    7 +
 server/vendor/github.com/pion/stun/message.go |  622 ++
 .../vendor/github.com/pion/stun/renovate.json |    6 +
 server/vendor/github.com/pion/stun/stun.go    |   54 +
 .../vendor/github.com/pion/stun/textattrs.go  |  132 +
 server/vendor/github.com/pion/stun/uattrs.go  |   66 +
 server/vendor/github.com/pion/stun/uri.go     |  257 +
 server/vendor/github.com/pion/stun/xoraddr.go |  150 +
 .../github.com/pion/transport/v2/.gitignore   |   28 +
 .../pion/transport/v2/.golangci.yml           |  137 +
 .../pion/transport/v2/.goreleaser.yml         |    5 +
 .../github.com/pion/transport/v2/AUTHORS.txt  |   29 +
 .../github.com/pion/transport/v2/LICENSE      |    9 +
 .../github.com/pion/transport/v2/README.md    |   34 +
 .../github.com/pion/transport/v2/codecov.yml  |   22 +
 .../pion/transport/v2/connctx/connctx.go      |  177 +
 .../pion/transport/v2/connctx/pipe.go         |   14 +
 .../pion/transport/v2/deadline/deadline.go    |  124 +
 .../pion/transport/v2/deadline/timer.go       |   13 +
 .../transport/v2/deadline/timer_generic.go    |   15 +
 .../pion/transport/v2/deadline/timer_js.go    |   67 +
 .../github.com/pion/transport/v2/net.go       |  418 +
 .../pion/transport/v2/packetio/buffer.go      |  335 +
 .../pion/transport/v2/packetio/errors.go      |   30 +
 .../pion/transport/v2/packetio/hardlimit.go   |    9 +
 .../transport/v2/packetio/no_hardlimit.go     |    9 +
 .../pion/transport/v2/renovate.json           |    6 +
 .../transport/v2/replaydetector/fixedbig.go   |   81 +
 .../v2/replaydetector/replaydetector.go       |  119 +
 .../pion/transport/v2/stdnet/net.go           |  168 +
 .../pion/transport/v2/udp/batchconn.go        |  170 +
 .../github.com/pion/transport/v2/udp/conn.go  |  406 +
 .../pion/transport/v2/utils/xor/xor_amd64.go  |   29 +
 .../pion/transport/v2/utils/xor/xor_amd64.s   |   56 +
 .../pion/transport/v2/utils/xor/xor_arm.go    |   60 +
 .../pion/transport/v2/utils/xor/xor_arm.s     |  116 +
 .../pion/transport/v2/utils/xor/xor_arm64.go  |   31 +
 .../pion/transport/v2/utils/xor/xor_arm64.s   |   69 +
 .../transport/v2/utils/xor/xor_generic.go     |   78 +
 .../pion/transport/v2/utils/xor/xor_ppc64x.go |   29 +
 .../pion/transport/v2/utils/xor/xor_ppc64x.s  |   87 +
 .../pion/transport/v2/vnet/.gitignore         |    4 +
 .../pion/transport/v2/vnet/README.md          |  231 +
 .../pion/transport/v2/vnet/chunk.go           |  286 +
 .../pion/transport/v2/vnet/chunk_queue.go     |   68 +
 .../github.com/pion/transport/v2/vnet/conn.go |  298 +
 .../pion/transport/v2/vnet/conn_map.go        |  139 +
 .../pion/transport/v2/vnet/delay_filter.go    |   78 +
 .../pion/transport/v2/vnet/errors.go          |   22 +
 .../pion/transport/v2/vnet/loss_filter.go     |   36 +
 .../github.com/pion/transport/v2/vnet/nat.go  |  342 +
 .../github.com/pion/transport/v2/vnet/net.go  |  618 ++
 .../pion/transport/v2/vnet/resolver.go        |   92 +
 .../pion/transport/v2/vnet/router.go          |  621 ++
 .../github.com/pion/transport/v2/vnet/tbf.go  |  167 +
 .../pion/transport/v2/vnet/udpproxy.go        |  223 +
 .../pion/transport/v2/vnet/udpproxy_direct.go |   48 +
 .../github.com/pion/transport/v2/vnet/vnet.go |    5 +
 .../vendor/github.com/pion/turn/v2/.gitignore |   28 +
 .../github.com/pion/turn/v2/.golangci.yml     |  137 +
 .../github.com/pion/turn/v2/.goreleaser.yml   |    5 +
 .../github.com/pion/turn/v2/AUTHORS.txt       |   48 +
 server/vendor/github.com/pion/turn/v2/LICENSE |    9 +
 .../vendor/github.com/pion/turn/v2/README.md  |   93 +
 .../vendor/github.com/pion/turn/v2/client.go  |  685 ++
 .../github.com/pion/turn/v2/codecov.yml       |   22 +
 .../vendor/github.com/pion/turn/v2/errors.go  |   31 +
 .../turn/v2/internal/allocation/allocation.go |  286 +
 .../internal/allocation/allocation_manager.go |  218 +
 .../v2/internal/allocation/channel_bind.go    |   46 +
 .../turn/v2/internal/allocation/errors.go     |   22 +
 .../turn/v2/internal/allocation/five_tuple.go |   63 +
 .../turn/v2/internal/allocation/permission.go |   43 +
 .../turn/v2/internal/client/allocation.go     |  189 +
 .../pion/turn/v2/internal/client/binding.go   |  155 +
 .../pion/turn/v2/internal/client/client.go    |   18 +
 .../pion/turn/v2/internal/client/errors.go    |   43 +
 .../turn/v2/internal/client/periodic_timer.go |   85 +
 .../turn/v2/internal/client/permission.go     |   77 +
 .../pion/turn/v2/internal/client/tcp_alloc.go |  371 +
 .../pion/turn/v2/internal/client/tcp_conn.go  |   49 +
 .../turn/v2/internal/client/transaction.go    |  188 +
 .../pion/turn/v2/internal/client/trylock.go   |   27 +
 .../pion/turn/v2/internal/client/udp_conn.go  |  455 +
 .../pion/turn/v2/internal/ipnet/util.go       |   55 +
 .../pion/turn/v2/internal/proto/addr.go       |   68 +
 .../pion/turn/v2/internal/proto/chandata.go   |  143 +
 .../pion/turn/v2/internal/proto/chann.go      |   70 +
 .../turn/v2/internal/proto/connection_id.go   |   42 +
 .../pion/turn/v2/internal/proto/data.go       |   33 +
 .../pion/turn/v2/internal/proto/dontfrag.go   |   45 +
 .../pion/turn/v2/internal/proto/evenport.go   |   58 +
 .../pion/turn/v2/internal/proto/lifetime.go   |   55 +
 .../pion/turn/v2/internal/proto/peeraddr.go   |   45 +
 .../pion/turn/v2/internal/proto/proto.go      |   31 +
 .../turn/v2/internal/proto/relayedaddr.go     |   43 +
 .../pion/turn/v2/internal/proto/reqfamily.go  |   64 +
 .../pion/turn/v2/internal/proto/reqtrans.go   |   72 +
 .../pion/turn/v2/internal/proto/rsrvtoken.go  |   42 +
 .../pion/turn/v2/internal/server/errors.go    |   29 +
 .../pion/turn/v2/internal/server/nonce.go     |   71 +
 .../pion/turn/v2/internal/server/server.go    |  111 +
 .../pion/turn/v2/internal/server/stun.go      |   25 +
 .../pion/turn/v2/internal/server/turn.go      |  376 +
 .../pion/turn/v2/internal/server/util.go      |  117 +
 .../vendor/github.com/pion/turn/v2/lt_cred.go |   59 +
 .../turn/v2/relay_address_generator_none.go   |   54 +
 .../turn/v2/relay_address_generator_range.go  |  108 +
 .../turn/v2/relay_address_generator_static.go |   68 +
 .../github.com/pion/turn/v2/renovate.json     |    6 +
 .../vendor/github.com/pion/turn/v2/server.go  |  210 +
 .../github.com/pion/turn/v2/server_config.go  |  145 +
 .../github.com/pion/turn/v2/stun_conn.go      |  127 +
 .../github.com/pion/webrtc/v3/.codacy.yaml    |    6 +
 .../github.com/pion/webrtc/v3/.eslintrc.json  |    3 +
 .../github.com/pion/webrtc/v3/.gitignore      |   28 +
 .../github.com/pion/webrtc/v3/.golangci.yml   |  137 +
 .../github.com/pion/webrtc/v3/.goreleaser.yml |    5 +
 .../github.com/pion/webrtc/v3/AUTHORS.txt     |  229 +
 .../github.com/pion/webrtc/v3/DESIGN.md       |   43 +
 .../vendor/github.com/pion/webrtc/v3/LICENSE  |    9 +
 .../github.com/pion/webrtc/v3/README.md       |  129 +
 .../vendor/github.com/pion/webrtc/v3/api.go   |   77 +
 .../github.com/pion/webrtc/v3/api_js.go       |   35 +
 .../github.com/pion/webrtc/v3/atomicbool.go   |   31 +
 .../github.com/pion/webrtc/v3/bundlepolicy.go |   81 +
 .../github.com/pion/webrtc/v3/certificate.go  |  234 +
 .../github.com/pion/webrtc/v3/codecov.yml     |   22 +
 .../pion/webrtc/v3/configuration.go           |   55 +
 .../pion/webrtc/v3/configuration_common.go    |   27 +
 .../pion/webrtc/v3/configuration_js.go        |   39 +
 .../github.com/pion/webrtc/v3/constants.go    |   52 +
 .../github.com/pion/webrtc/v3/datachannel.go  |  695 ++
 .../pion/webrtc/v3/datachannel_js.go          |  323 +
 .../pion/webrtc/v3/datachannel_js_detach.go   |   75 +
 .../pion/webrtc/v3/datachannelinit.go         |   36 +
 .../pion/webrtc/v3/datachannelmessage.go      |   13 +
 .../pion/webrtc/v3/datachannelparameters.go   |   15 +
 .../pion/webrtc/v3/datachannelstate.go        |   75 +
 .../pion/webrtc/v3/dtlsfingerprint.go         |   17 +
 .../pion/webrtc/v3/dtlsparameters.go          |   10 +
 .../github.com/pion/webrtc/v3/dtlsrole.go     |   95 +
 .../pion/webrtc/v3/dtlstransport.go           |  522 +
 .../pion/webrtc/v3/dtlstransport_js.go        |   31 +
 .../pion/webrtc/v3/dtlstransportstate.go      |   85 +
 .../github.com/pion/webrtc/v3/errors.go       |  250 +
 .../webrtc/v3/gathering_complete_promise.go   |   27 +
 .../github.com/pion/webrtc/v3/ice_go.go       |   14 +
 .../github.com/pion/webrtc/v3/icecandidate.go |  172 +
 .../pion/webrtc/v3/icecandidateinit.go        |   12 +
 .../pion/webrtc/v3/icecandidatepair.go        |   32 +
 .../pion/webrtc/v3/icecandidatetype.go        |  109 +
 .../github.com/pion/webrtc/v3/icecomponent.go |   50 +
 .../pion/webrtc/v3/iceconnectionstate.go      |   97 +
 .../pion/webrtc/v3/icecredentialtype.go       |   72 +
 .../github.com/pion/webrtc/v3/icegatherer.go  |  395 +
 .../pion/webrtc/v3/icegathererstate.go        |   51 +
 .../pion/webrtc/v3/icegatheringstate.go       |   56 +
 .../pion/webrtc/v3/icegatheroptions.go        |   10 +
 .../github.com/pion/webrtc/v3/icemux.go       |   30 +
 .../pion/webrtc/v3/iceparameters.go           |   12 +
 .../github.com/pion/webrtc/v3/iceprotocol.go  |   50 +
 .../github.com/pion/webrtc/v3/icerole.go      |   59 +
 .../github.com/pion/webrtc/v3/iceserver.go    |  182 +
 .../github.com/pion/webrtc/v3/iceserver_js.go |   46 +
 .../github.com/pion/webrtc/v3/icetransport.go |  421 +
 .../pion/webrtc/v3/icetransport_js.go         |   30 +
 .../pion/webrtc/v3/icetransportpolicy.go      |   68 +
 .../pion/webrtc/v3/icetransportstate.go       |  110 +
 .../github.com/pion/webrtc/v3/interceptor.go  |  167 +
 .../pion/webrtc/v3/internal/fmtp/av1.go       |   41 +
 .../pion/webrtc/v3/internal/fmtp/fmtp.go      |  112 +
 .../pion/webrtc/v3/internal/fmtp/h264.go      |   84 +
 .../pion/webrtc/v3/internal/fmtp/vp9.go       |   41 +
 .../pion/webrtc/v3/internal/mux/endpoint.go   |   78 +
 .../pion/webrtc/v3/internal/mux/mux.go        |  163 +
 .../pion/webrtc/v3/internal/mux/muxfunc.go    |   65 +
 .../pion/webrtc/v3/internal/util/util.go      |   75 +
 .../github.com/pion/webrtc/v3/js_utils.go     |  172 +
 .../github.com/pion/webrtc/v3/mediaengine.go  |  707 ++
 .../github.com/pion/webrtc/v3/networktype.go  |  107 +
 .../pion/webrtc/v3/oauthcredential.go         |   18 +
 .../pion/webrtc/v3/offeransweroptions.go      |   29 +
 .../github.com/pion/webrtc/v3/operations.go   |  154 +
 .../github.com/pion/webrtc/v3/package.json    |   11 +
 .../pion/webrtc/v3/peerconnection.go          | 2641 +++++
 .../pion/webrtc/v3/peerconnection_js.go       |  774 ++
 .../pion/webrtc/v3/peerconnectionstate.go     |   86 +
 .../pion/webrtc/v3/pkg/media/media.go         |   31 +
 .../pion/webrtc/v3/pkg/rtcerr/errors.go       |  163 +
 .../github.com/pion/webrtc/v3/renovate.json   |    6 +
 .../github.com/pion/webrtc/v3/rtcpfeedback.go |   34 +
 .../pion/webrtc/v3/rtcpmuxpolicy.go           |   69 +
 .../pion/webrtc/v3/rtpcapabilities.go         |   12 +
 .../github.com/pion/webrtc/v3/rtpcodec.go     |  136 +
 .../pion/webrtc/v3/rtpcodingparameters.go     |   20 +
 .../pion/webrtc/v3/rtpdecodingparameters.go   |   11 +
 .../pion/webrtc/v3/rtpencodingparameters.go   |   11 +
 .../pion/webrtc/v3/rtpreceiveparameters.go    |    9 +
 .../github.com/pion/webrtc/v3/rtpreceiver.go  |  538 +
 .../pion/webrtc/v3/rtpreceiver_go.go          |   36 +
 .../pion/webrtc/v3/rtpreceiver_js.go          |   15 +
 .../github.com/pion/webrtc/v3/rtpsender.go    |  460 +
 .../github.com/pion/webrtc/v3/rtpsender_js.go |   15 +
 .../pion/webrtc/v3/rtpsendparameters.go       |   10 +
 .../pion/webrtc/v3/rtptransceiver.go          |  298 +
 .../pion/webrtc/v3/rtptransceiver_js.go       |   42 +
 .../pion/webrtc/v3/rtptransceiverdirection.go |   88 +
 .../pion/webrtc/v3/rtptransceiverinit.go      |   15 +
 .../pion/webrtc/v3/sctpcapabilities.go        |    9 +
 .../pion/webrtc/v3/sctptransport.go           |  451 +
 .../pion/webrtc/v3/sctptransport_js.go        |   27 +
 .../pion/webrtc/v3/sctptransportstate.go      |   57 +
 .../vendor/github.com/pion/webrtc/v3/sdp.go   |  925 ++
 .../github.com/pion/webrtc/v3/sdpsemantics.go |   77 +
 .../github.com/pion/webrtc/v3/sdptype.go      |  103 +
 .../pion/webrtc/v3/sessiondescription.go      |   24 +
 .../pion/webrtc/v3/settingengine.go           |  455 +
 .../pion/webrtc/v3/settingengine_js.go        |   23 +
 .../pion/webrtc/v3/signalingstate.go          |  191 +
 .../pion/webrtc/v3/srtp_writer_future.go      |  141 +
 .../vendor/github.com/pion/webrtc/v3/stats.go | 2077 ++++
 .../github.com/pion/webrtc/v3/stats_go.go     |   97 +
 .../github.com/pion/webrtc/v3/track_local.go  |  114 +
 .../pion/webrtc/v3/track_local_static.go      |  331 +
 .../github.com/pion/webrtc/v3/track_remote.go |  232 +
 .../github.com/pion/webrtc/v3/webrtc.go       |   20 +
 .../github.com/pion/webrtc/v3/yarn.lock       |  797 ++
 .../github.com/pmezard/go-difflib/LICENSE     |   27 +
 .../pmezard/go-difflib/difflib/difflib.go     |  772 ++
 .../github.com/stretchr/testify/LICENSE       |   21 +
 .../testify/assert/assertion_compare.go       |  480 +
 .../testify/assert/assertion_format.go        |  815 ++
 .../testify/assert/assertion_format.go.tmpl   |    5 +
 .../testify/assert/assertion_forward.go       | 1621 +++
 .../testify/assert/assertion_forward.go.tmpl  |    5 +
 .../testify/assert/assertion_order.go         |   81 +
 .../stretchr/testify/assert/assertions.go     | 2105 ++++
 .../github.com/stretchr/testify/assert/doc.go |   46 +
 .../stretchr/testify/assert/errors.go         |   10 +
 .../testify/assert/forward_assertions.go      |   16 +
 .../testify/assert/http_assertions.go         |  165 +
 .../stretchr/testify/require/doc.go           |   29 +
 .../testify/require/forward_requirements.go   |   16 +
 .../stretchr/testify/require/require.go       | 2060 ++++
 .../stretchr/testify/require/require.go.tmpl  |    6 +
 .../testify/require/require_forward.go        | 1622 +++
 .../testify/require/require_forward.go.tmpl   |    5 +
 .../stretchr/testify/require/requirements.go  |   29 +
 .../vendor/github.com/wlynxg/anet/.gitignore  |    1 +
 server/vendor/github.com/wlynxg/anet/LICENSE  |   28 +
 .../vendor/github.com/wlynxg/anet/README.md   |  119 +
 .../github.com/wlynxg/anet/README_zh.md       |   22 +
 .../github.com/wlynxg/anet/interface.go       |   30 +
 .../wlynxg/anet/interface_android.go          |  419 +
 .../github.com/wlynxg/anet/netlink_android.go |  179 +
 .../golang.org/x/crypto/cryptobyte/asn1.go    |  825 ++
 .../x/crypto/cryptobyte/asn1/asn1.go          |   46 +
 .../golang.org/x/crypto/cryptobyte/builder.go |  350 +
 .../golang.org/x/crypto/cryptobyte/string.go  |  183 +
 .../x/crypto/curve25519/curve25519.go         |   90 +
 server/vendor/golang.org/x/net/bpf/asm.go     |   41 +
 .../vendor/golang.org/x/net/bpf/constants.go  |  222 +
 server/vendor/golang.org/x/net/bpf/doc.go     |   80 +
 .../golang.org/x/net/bpf/instructions.go      |  726 ++
 server/vendor/golang.org/x/net/bpf/setter.go  |   10 +
 server/vendor/golang.org/x/net/bpf/vm.go      |  150 +
 .../golang.org/x/net/bpf/vm_instructions.go   |  182 +
 .../x/net/dns/dnsmessage/message.go           | 2712 +++++
 .../golang.org/x/net/http2/transport.go       |    9 +
 .../golang.org/x/net/internal/iana/const.go   |  223 +
 .../x/net/internal/socket/cmsghdr.go          |   11 +
 .../x/net/internal/socket/cmsghdr_bsd.go      |   13 +
 .../internal/socket/cmsghdr_linux_32bit.go    |   13 +
 .../internal/socket/cmsghdr_linux_64bit.go    |   13 +
 .../internal/socket/cmsghdr_solaris_64bit.go  |   13 +
 .../x/net/internal/socket/cmsghdr_stub.go     |   27 +
 .../x/net/internal/socket/cmsghdr_unix.go     |   21 +
 .../net/internal/socket/cmsghdr_zos_s390x.go  |   11 +
 .../net/internal/socket/complete_dontwait.go  |   25 +
 .../internal/socket/complete_nodontwait.go    |   21 +
 .../golang.org/x/net/internal/socket/empty.s  |    7 +
 .../x/net/internal/socket/error_unix.go       |   31 +
 .../x/net/internal/socket/error_windows.go    |   26 +
 .../x/net/internal/socket/iovec_32bit.go      |   18 +
 .../x/net/internal/socket/iovec_64bit.go      |   18 +
 .../internal/socket/iovec_solaris_64bit.go    |   18 +
 .../x/net/internal/socket/iovec_stub.go       |   11 +
 .../x/net/internal/socket/mmsghdr_stub.go     |   21 +
 .../x/net/internal/socket/mmsghdr_unix.go     |  195 +
 .../x/net/internal/socket/msghdr_bsd.go       |   39 +
 .../x/net/internal/socket/msghdr_bsdvar.go    |   16 +
 .../x/net/internal/socket/msghdr_linux.go     |   36 +
 .../net/internal/socket/msghdr_linux_32bit.go |   23 +
 .../net/internal/socket/msghdr_linux_64bit.go |   23 +
 .../x/net/internal/socket/msghdr_openbsd.go   |   14 +
 .../internal/socket/msghdr_solaris_64bit.go   |   35 +
 .../x/net/internal/socket/msghdr_stub.go      |   14 +
 .../x/net/internal/socket/msghdr_zos_s390x.go |   35 +
 .../x/net/internal/socket/norace.go           |   12 +
 .../golang.org/x/net/internal/socket/race.go  |   37 +
 .../x/net/internal/socket/rawconn.go          |   91 +
 .../x/net/internal/socket/rawconn_mmsg.go     |   53 +
 .../x/net/internal/socket/rawconn_msg.go      |   59 +
 .../x/net/internal/socket/rawconn_nommsg.go   |   15 +
 .../x/net/internal/socket/rawconn_nomsg.go    |   15 +
 .../x/net/internal/socket/socket.go           |  280 +
 .../golang.org/x/net/internal/socket/sys.go   |   23 +
 .../x/net/internal/socket/sys_bsd.go          |   15 +
 .../x/net/internal/socket/sys_const_unix.go   |   20 +
 .../x/net/internal/socket/sys_linux.go        |   22 +
 .../x/net/internal/socket/sys_linux_386.go    |   28 +
 .../x/net/internal/socket/sys_linux_386.s     |   11 +
 .../x/net/internal/socket/sys_linux_amd64.go  |   10 +
 .../x/net/internal/socket/sys_linux_arm.go    |   10 +
 .../x/net/internal/socket/sys_linux_arm64.go  |   10 +
 .../net/internal/socket/sys_linux_loong64.go  |   12 +
 .../x/net/internal/socket/sys_linux_mips.go   |   10 +
 .../x/net/internal/socket/sys_linux_mips64.go |   10 +
 .../net/internal/socket/sys_linux_mips64le.go |   10 +
 .../x/net/internal/socket/sys_linux_mipsle.go |   10 +
 .../x/net/internal/socket/sys_linux_ppc.go    |   10 +
 .../x/net/internal/socket/sys_linux_ppc64.go  |   10 +
 .../net/internal/socket/sys_linux_ppc64le.go  |   10 +
 .../net/internal/socket/sys_linux_riscv64.go  |   12 +
 .../x/net/internal/socket/sys_linux_s390x.go  |   28 +
 .../x/net/internal/socket/sys_linux_s390x.s   |   11 +
 .../x/net/internal/socket/sys_netbsd.go       |   25 +
 .../x/net/internal/socket/sys_posix.go        |  184 +
 .../x/net/internal/socket/sys_stub.go         |   52 +
 .../x/net/internal/socket/sys_unix.go         |  121 +
 .../x/net/internal/socket/sys_windows.go      |   55 +
 .../x/net/internal/socket/sys_zos_s390x.go    |   66 +
 .../x/net/internal/socket/sys_zos_s390x.s     |   11 +
 .../x/net/internal/socket/zsys_aix_ppc64.go   |   39 +
 .../net/internal/socket/zsys_darwin_amd64.go  |   32 +
 .../net/internal/socket/zsys_darwin_arm64.go  |   32 +
 .../internal/socket/zsys_dragonfly_amd64.go   |   32 +
 .../x/net/internal/socket/zsys_freebsd_386.go |   30 +
 .../net/internal/socket/zsys_freebsd_amd64.go |   32 +
 .../x/net/internal/socket/zsys_freebsd_arm.go |   30 +
 .../net/internal/socket/zsys_freebsd_arm64.go |   32 +
 .../internal/socket/zsys_freebsd_riscv64.go   |   30 +
 .../x/net/internal/socket/zsys_linux_386.go   |   35 +
 .../x/net/internal/socket/zsys_linux_amd64.go |   38 +
 .../x/net/internal/socket/zsys_linux_arm.go   |   35 +
 .../x/net/internal/socket/zsys_linux_arm64.go |   38 +
 .../net/internal/socket/zsys_linux_loong64.go |   39 +
 .../x/net/internal/socket/zsys_linux_mips.go  |   35 +
 .../net/internal/socket/zsys_linux_mips64.go  |   38 +
 .../internal/socket/zsys_linux_mips64le.go    |   38 +
 .../net/internal/socket/zsys_linux_mipsle.go  |   35 +
 .../x/net/internal/socket/zsys_linux_ppc.go   |   35 +
 .../x/net/internal/socket/zsys_linux_ppc64.go |   38 +
 .../net/internal/socket/zsys_linux_ppc64le.go |   38 +
 .../net/internal/socket/zsys_linux_riscv64.go |   39 +
 .../x/net/internal/socket/zsys_linux_s390x.go |   38 +
 .../x/net/internal/socket/zsys_netbsd_386.go  |   35 +
 .../net/internal/socket/zsys_netbsd_amd64.go  |   38 +
 .../x/net/internal/socket/zsys_netbsd_arm.go  |   35 +
 .../net/internal/socket/zsys_netbsd_arm64.go  |   38 +
 .../x/net/internal/socket/zsys_openbsd_386.go |   30 +
 .../net/internal/socket/zsys_openbsd_amd64.go |   32 +
 .../x/net/internal/socket/zsys_openbsd_arm.go |   30 +
 .../net/internal/socket/zsys_openbsd_arm64.go |   32 +
 .../internal/socket/zsys_openbsd_mips64.go    |   30 +
 .../net/internal/socket/zsys_openbsd_ppc64.go |   30 +
 .../internal/socket/zsys_openbsd_riscv64.go   |   30 +
 .../net/internal/socket/zsys_solaris_amd64.go |   32 +
 .../x/net/internal/socket/zsys_zos_s390x.go   |   28 +
 .../golang.org/x/net/internal/socks/client.go |  168 +
 .../golang.org/x/net/internal/socks/socks.go  |  317 +
 server/vendor/golang.org/x/net/ipv4/batch.go  |  194 +
 .../vendor/golang.org/x/net/ipv4/control.go   |  144 +
 .../golang.org/x/net/ipv4/control_bsd.go      |   43 +
 .../golang.org/x/net/ipv4/control_pktinfo.go  |   41 +
 .../golang.org/x/net/ipv4/control_stub.go     |   13 +
 .../golang.org/x/net/ipv4/control_unix.go     |   75 +
 .../golang.org/x/net/ipv4/control_windows.go  |   12 +
 .../golang.org/x/net/ipv4/control_zos.go      |   88 +
 .../vendor/golang.org/x/net/ipv4/dgramopt.go  |  264 +
 server/vendor/golang.org/x/net/ipv4/doc.go    |  240 +
 .../vendor/golang.org/x/net/ipv4/endpoint.go  |  186 +
 .../golang.org/x/net/ipv4/genericopt.go       |   55 +
 server/vendor/golang.org/x/net/ipv4/header.go |  172 +
 server/vendor/golang.org/x/net/ipv4/helper.go |   77 +
 server/vendor/golang.org/x/net/ipv4/iana.go   |   38 +
 server/vendor/golang.org/x/net/ipv4/icmp.go   |   57 +
 .../golang.org/x/net/ipv4/icmp_linux.go       |   25 +
 .../vendor/golang.org/x/net/ipv4/icmp_stub.go |   25 +
 server/vendor/golang.org/x/net/ipv4/packet.go |  117 +
 .../vendor/golang.org/x/net/ipv4/payload.go   |   23 +
 .../golang.org/x/net/ipv4/payload_cmsg.go     |   84 +
 .../golang.org/x/net/ipv4/payload_nocmsg.go   |   39 +
 .../vendor/golang.org/x/net/ipv4/sockopt.go   |   44 +
 .../golang.org/x/net/ipv4/sockopt_posix.go    |   71 +
 .../golang.org/x/net/ipv4/sockopt_stub.go     |   42 +
 .../vendor/golang.org/x/net/ipv4/sys_aix.go   |   43 +
 .../golang.org/x/net/ipv4/sys_asmreq.go       |  122 +
 .../golang.org/x/net/ipv4/sys_asmreq_stub.go  |   25 +
 .../golang.org/x/net/ipv4/sys_asmreqn.go      |   44 +
 .../golang.org/x/net/ipv4/sys_asmreqn_stub.go |   21 +
 .../vendor/golang.org/x/net/ipv4/sys_bpf.go   |   24 +
 .../golang.org/x/net/ipv4/sys_bpf_stub.go     |   16 +
 .../vendor/golang.org/x/net/ipv4/sys_bsd.go   |   41 +
 .../golang.org/x/net/ipv4/sys_darwin.go       |   69 +
 .../golang.org/x/net/ipv4/sys_dragonfly.go    |   39 +
 .../golang.org/x/net/ipv4/sys_freebsd.go      |   80 +
 .../vendor/golang.org/x/net/ipv4/sys_linux.go |   61 +
 .../golang.org/x/net/ipv4/sys_solaris.go      |   61 +
 .../golang.org/x/net/ipv4/sys_ssmreq.go       |   52 +
 .../golang.org/x/net/ipv4/sys_ssmreq_stub.go  |   21 +
 .../vendor/golang.org/x/net/ipv4/sys_stub.go  |   13 +
 .../golang.org/x/net/ipv4/sys_windows.go      |   44 +
 .../vendor/golang.org/x/net/ipv4/sys_zos.go   |   57 +
 .../golang.org/x/net/ipv4/zsys_aix_ppc64.go   |   16 +
 .../golang.org/x/net/ipv4/zsys_darwin.go      |   59 +
 .../golang.org/x/net/ipv4/zsys_dragonfly.go   |   13 +
 .../golang.org/x/net/ipv4/zsys_freebsd_386.go |   52 +
 .../x/net/ipv4/zsys_freebsd_amd64.go          |   54 +
 .../golang.org/x/net/ipv4/zsys_freebsd_arm.go |   54 +
 .../x/net/ipv4/zsys_freebsd_arm64.go          |   52 +
 .../x/net/ipv4/zsys_freebsd_riscv64.go        |   52 +
 .../golang.org/x/net/ipv4/zsys_linux_386.go   |   72 +
 .../golang.org/x/net/ipv4/zsys_linux_amd64.go |   74 +
 .../golang.org/x/net/ipv4/zsys_linux_arm.go   |   72 +
 .../golang.org/x/net/ipv4/zsys_linux_arm64.go |   74 +
 .../x/net/ipv4/zsys_linux_loong64.go          |   76 +
 .../golang.org/x/net/ipv4/zsys_linux_mips.go  |   72 +
 .../x/net/ipv4/zsys_linux_mips64.go           |   74 +
 .../x/net/ipv4/zsys_linux_mips64le.go         |   74 +
 .../x/net/ipv4/zsys_linux_mipsle.go           |   72 +
 .../golang.org/x/net/ipv4/zsys_linux_ppc.go   |   72 +
 .../golang.org/x/net/ipv4/zsys_linux_ppc64.go |   74 +
 .../x/net/ipv4/zsys_linux_ppc64le.go          |   74 +
 .../x/net/ipv4/zsys_linux_riscv64.go          |   76 +
 .../golang.org/x/net/ipv4/zsys_linux_s390x.go |   74 +
 .../golang.org/x/net/ipv4/zsys_netbsd.go      |   13 +
 .../golang.org/x/net/ipv4/zsys_openbsd.go     |   13 +
 .../golang.org/x/net/ipv4/zsys_solaris.go     |   57 +
 .../golang.org/x/net/ipv4/zsys_zos_s390x.go   |   56 +
 server/vendor/golang.org/x/net/ipv6/batch.go  |  116 +
 .../vendor/golang.org/x/net/ipv6/control.go   |  187 +
 .../x/net/ipv6/control_rfc2292_unix.go        |   50 +
 .../x/net/ipv6/control_rfc3542_unix.go        |   96 +
 .../golang.org/x/net/ipv6/control_stub.go     |   13 +
 .../golang.org/x/net/ipv6/control_unix.go     |   55 +
 .../golang.org/x/net/ipv6/control_windows.go  |   12 +
 .../vendor/golang.org/x/net/ipv6/dgramopt.go  |  301 +
 server/vendor/golang.org/x/net/ipv6/doc.go    |  239 +
 .../vendor/golang.org/x/net/ipv6/endpoint.go  |  127 +
 .../golang.org/x/net/ipv6/genericopt.go       |   56 +
 server/vendor/golang.org/x/net/ipv6/header.go |   55 +
 server/vendor/golang.org/x/net/ipv6/helper.go |   58 +
 server/vendor/golang.org/x/net/ipv6/iana.go   |   86 +
 server/vendor/golang.org/x/net/ipv6/icmp.go   |   60 +
 .../vendor/golang.org/x/net/ipv6/icmp_bsd.go  |   29 +
 .../golang.org/x/net/ipv6/icmp_linux.go       |   27 +
 .../golang.org/x/net/ipv6/icmp_solaris.go     |   27 +
 .../vendor/golang.org/x/net/ipv6/icmp_stub.go |   23 +
 .../golang.org/x/net/ipv6/icmp_windows.go     |   22 +
 .../vendor/golang.org/x/net/ipv6/icmp_zos.go  |   29 +
 .../vendor/golang.org/x/net/ipv6/payload.go   |   23 +
 .../golang.org/x/net/ipv6/payload_cmsg.go     |   70 +
 .../golang.org/x/net/ipv6/payload_nocmsg.go   |   38 +
 .../vendor/golang.org/x/net/ipv6/sockopt.go   |   43 +
 .../golang.org/x/net/ipv6/sockopt_posix.go    |   89 +
 .../golang.org/x/net/ipv6/sockopt_stub.go     |   46 +
 .../vendor/golang.org/x/net/ipv6/sys_aix.go   |   79 +
 .../golang.org/x/net/ipv6/sys_asmreq.go       |   24 +
 .../golang.org/x/net/ipv6/sys_asmreq_stub.go  |   17 +
 .../vendor/golang.org/x/net/ipv6/sys_bpf.go   |   24 +
 .../golang.org/x/net/ipv6/sys_bpf_stub.go     |   16 +
 .../vendor/golang.org/x/net/ipv6/sys_bsd.go   |   59 +
 .../golang.org/x/net/ipv6/sys_darwin.go       |   80 +
 .../golang.org/x/net/ipv6/sys_freebsd.go      |   94 +
 .../vendor/golang.org/x/net/ipv6/sys_linux.go |   76 +
 .../golang.org/x/net/ipv6/sys_solaris.go      |   76 +
 .../golang.org/x/net/ipv6/sys_ssmreq.go       |   54 +
 .../golang.org/x/net/ipv6/sys_ssmreq_stub.go  |   21 +
 .../vendor/golang.org/x/net/ipv6/sys_stub.go  |   13 +
 .../golang.org/x/net/ipv6/sys_windows.go      |   68 +
 .../vendor/golang.org/x/net/ipv6/sys_zos.go   |   72 +
 .../golang.org/x/net/ipv6/zsys_aix_ppc64.go   |   68 +
 .../golang.org/x/net/ipv6/zsys_darwin.go      |   64 +
 .../golang.org/x/net/ipv6/zsys_dragonfly.go   |   42 +
 .../golang.org/x/net/ipv6/zsys_freebsd_386.go |   64 +
 .../x/net/ipv6/zsys_freebsd_amd64.go          |   66 +
 .../golang.org/x/net/ipv6/zsys_freebsd_arm.go |   66 +
 .../x/net/ipv6/zsys_freebsd_arm64.go          |   64 +
 .../x/net/ipv6/zsys_freebsd_riscv64.go        |   64 +
 .../golang.org/x/net/ipv6/zsys_linux_386.go   |   72 +
 .../golang.org/x/net/ipv6/zsys_linux_amd64.go |   74 +
 .../golang.org/x/net/ipv6/zsys_linux_arm.go   |   72 +
 .../golang.org/x/net/ipv6/zsys_linux_arm64.go |   74 +
 .../x/net/ipv6/zsys_linux_loong64.go          |   76 +
 .../golang.org/x/net/ipv6/zsys_linux_mips.go  |   72 +
 .../x/net/ipv6/zsys_linux_mips64.go           |   74 +
 .../x/net/ipv6/zsys_linux_mips64le.go         |   74 +
 .../x/net/ipv6/zsys_linux_mipsle.go           |   72 +
 .../golang.org/x/net/ipv6/zsys_linux_ppc.go   |   72 +
 .../golang.org/x/net/ipv6/zsys_linux_ppc64.go |   74 +
 .../x/net/ipv6/zsys_linux_ppc64le.go          |   74 +
 .../x/net/ipv6/zsys_linux_riscv64.go          |   76 +
 .../golang.org/x/net/ipv6/zsys_linux_s390x.go |   74 +
 .../golang.org/x/net/ipv6/zsys_netbsd.go      |   42 +
 .../golang.org/x/net/ipv6/zsys_openbsd.go     |   42 +
 .../golang.org/x/net/ipv6/zsys_solaris.go     |   63 +
 .../golang.org/x/net/ipv6/zsys_zos_s390x.go   |   62 +
 server/vendor/golang.org/x/net/proxy/dial.go  |   54 +
 .../vendor/golang.org/x/net/proxy/direct.go   |   31 +
 .../vendor/golang.org/x/net/proxy/per_host.go |  155 +
 server/vendor/golang.org/x/net/proxy/proxy.go |  149 +
 .../vendor/golang.org/x/net/proxy/socks5.go   |   42 +
 .../golang.org/x/sys/windows/aliases.go       |   12 +
 .../golang.org/x/sys/windows/dll_windows.go   |  415 +
 .../golang.org/x/sys/windows/env_windows.go   |   57 +
 .../golang.org/x/sys/windows/eventlog.go      |   20 +
 .../golang.org/x/sys/windows/exec_windows.go  |  248 +
 .../x/sys/windows/memory_windows.go           |   48 +
 .../golang.org/x/sys/windows/mkerrors.bash    |   70 +
 .../x/sys/windows/mkknownfolderids.bash       |   27 +
 .../golang.org/x/sys/windows/mksyscall.go     |    9 +
 .../vendor/golang.org/x/sys/windows/race.go   |   30 +
 .../vendor/golang.org/x/sys/windows/race0.go  |   25 +
 .../x/sys/windows/security_windows.go         | 1458 +++
 .../golang.org/x/sys/windows/service.go       |  257 +
 .../x/sys/windows/setupapi_windows.go         | 1425 +++
 server/vendor/golang.org/x/sys/windows/str.go |   22 +
 .../golang.org/x/sys/windows/syscall.go       |  104 +
 .../x/sys/windows/syscall_windows.go          | 1932 ++++
 .../golang.org/x/sys/windows/types_windows.go | 3603 +++++++
 .../x/sys/windows/types_windows_386.go        |   35 +
 .../x/sys/windows/types_windows_amd64.go      |   34 +
 .../x/sys/windows/types_windows_arm.go        |   35 +
 .../x/sys/windows/types_windows_arm64.go      |   34 +
 .../x/sys/windows/zerrors_windows.go          | 9468 +++++++++++++++++
 .../x/sys/windows/zknownfolderids_windows.go  |  149 +
 .../x/sys/windows/zsyscall_windows.go         | 4686 ++++++++
 server/vendor/modules.txt                     |  129 +-
 web/src/App.vue                               |    5 +
 web/src/components/LiveFloatingPlayer.vue     |  216 +
 web/src/router/index.js                       |    6 +
 web/src/utils/liveWebRTC.js                   |  148 +
 web/src/views/Home.vue                        |  105 +-
 web/src/views/LiveRoom.vue                    |  228 +
 web/vite.config.js                            |    3 +-
 1050 files changed, 146524 insertions(+), 37 deletions(-)
 create mode 100644 admin/src/utils/liveWebRTC.js
 create mode 100644 admin/src/views/sites/LiveBroadcast.vue
 create mode 100644 server/pkg/weblive/config.go
 create mode 100644 server/pkg/weblive/hub.go
 create mode 100644 server/pkg/weblive/ws.go
 create mode 100644 server/vendor/github.com/davecgh/go-spew/LICENSE
 create mode 100644 server/vendor/github.com/davecgh/go-spew/spew/bypass.go
 create mode 100644 server/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go
 create mode 100644 server/vendor/github.com/davecgh/go-spew/spew/common.go
 create mode 100644 server/vendor/github.com/davecgh/go-spew/spew/config.go
 create mode 100644 server/vendor/github.com/davecgh/go-spew/spew/doc.go
 create mode 100644 server/vendor/github.com/davecgh/go-spew/spew/dump.go
 create mode 100644 server/vendor/github.com/davecgh/go-spew/spew/format.go
 create mode 100644 server/vendor/github.com/davecgh/go-spew/spew/spew.go
 create mode 100644 server/vendor/github.com/google/uuid/CHANGELOG.md
 create mode 100644 server/vendor/github.com/google/uuid/CONTRIBUTING.md
 create mode 100644 server/vendor/github.com/google/uuid/CONTRIBUTORS
 create mode 100644 server/vendor/github.com/google/uuid/LICENSE
 create mode 100644 server/vendor/github.com/google/uuid/README.md
 create mode 100644 server/vendor/github.com/google/uuid/dce.go
 create mode 100644 server/vendor/github.com/google/uuid/doc.go
 create mode 100644 server/vendor/github.com/google/uuid/hash.go
 create mode 100644 server/vendor/github.com/google/uuid/marshal.go
 create mode 100644 server/vendor/github.com/google/uuid/node.go
 create mode 100644 server/vendor/github.com/google/uuid/node_js.go
 create mode 100644 server/vendor/github.com/google/uuid/node_net.go
 create mode 100644 server/vendor/github.com/google/uuid/null.go
 create mode 100644 server/vendor/github.com/google/uuid/sql.go
 create mode 100644 server/vendor/github.com/google/uuid/time.go
 create mode 100644 server/vendor/github.com/google/uuid/util.go
 create mode 100644 server/vendor/github.com/google/uuid/uuid.go
 create mode 100644 server/vendor/github.com/google/uuid/version1.go
 create mode 100644 server/vendor/github.com/google/uuid/version4.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/.gitignore
 create mode 100644 server/vendor/github.com/gorilla/websocket/AUTHORS
 create mode 100644 server/vendor/github.com/gorilla/websocket/LICENSE
 create mode 100644 server/vendor/github.com/gorilla/websocket/README.md
 create mode 100644 server/vendor/github.com/gorilla/websocket/client.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/compression.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/conn.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/doc.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/join.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/json.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/mask.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/mask_safe.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/prepared.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/proxy.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/server.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/tls_handshake.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/tls_handshake_116.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/util.go
 create mode 100644 server/vendor/github.com/gorilla/websocket/x_net_proxy.go
 create mode 100644 server/vendor/github.com/pion/datachannel/.gitignore
 create mode 100644 server/vendor/github.com/pion/datachannel/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/datachannel/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/datachannel/LICENSE
 create mode 100644 server/vendor/github.com/pion/datachannel/README.md
 create mode 100644 server/vendor/github.com/pion/datachannel/codecov.yml
 create mode 100644 server/vendor/github.com/pion/datachannel/datachannel.go
 create mode 100644 server/vendor/github.com/pion/datachannel/errors.go
 create mode 100644 server/vendor/github.com/pion/datachannel/message.go
 create mode 100644 server/vendor/github.com/pion/datachannel/message_channel_ack.go
 create mode 100644 server/vendor/github.com/pion/datachannel/message_channel_open.go
 create mode 100644 server/vendor/github.com/pion/datachannel/renovate.json
 create mode 100644 server/vendor/github.com/pion/dtls/v2/.editorconfig
 create mode 100644 server/vendor/github.com/pion/dtls/v2/.gitignore
 create mode 100644 server/vendor/github.com/pion/dtls/v2/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/dtls/v2/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/dtls/v2/AUTHORS.txt
 create mode 100644 server/vendor/github.com/pion/dtls/v2/LICENSE
 create mode 100644 server/vendor/github.com/pion/dtls/v2/README.md
 create mode 100644 server/vendor/github.com/pion/dtls/v2/certificate.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/cipher_suite.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/cipher_suite_go114.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/codecov.yml
 create mode 100644 server/vendor/github.com/pion/dtls/v2/compression_method.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/config.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/conn.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/crypto.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/dtls.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/errors.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/errors_errno.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/errors_noerrno.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight0handler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight1handler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight2handler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight3handler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight4bhandler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight4handler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight5bhandler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight5handler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flight6handler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/flighthandler.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/fragment_buffer.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/handshake_cache.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/handshaker.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_128_ccm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_256_ccm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_ccm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/ciphersuite.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_ccm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_ccm8.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_gcm_sha256.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_256_cbc_sha.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_256_gcm_sha384.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_psk_with_aes_128_cbc_sha256.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_128_gcm_sha256.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_256_cbc_sha.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_256_gcm_sha384.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_cbc_sha256.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_ccm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_ccm8.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_gcm_sha256.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_256_ccm8.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/types/authentication_type.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/types/key_exchange_algorithm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/closer/closer.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/internal/util/util.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/listener.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/packet.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/ccm/ccm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/cbc.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/ccm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/ciphersuite.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/gcm.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/clientcertificate/client_certificate.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/elliptic/elliptic.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/fingerprint/fingerprint.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/fingerprint/hash.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/hash/hash.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/prf/prf.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/signature/signature.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/signaturehash/errors.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/crypto/signaturehash/signaturehash.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/alert/alert.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/application_data.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/change_cipher_spec.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/compression_method.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/content.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/errors.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/alpn.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/errors.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/extension.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/renegotiation_info.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/server_name.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/srtp_protection_profile.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_elliptic_curves.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_point_formats.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_signature_algorithms.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_master_secret.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_srtp.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/cipher_suite.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/errors.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/handshake.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/header.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate_request.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate_verify.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_client_hello.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_client_key_exchange.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_finished.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_hello_verify_request.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_hello.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_hello_done.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_key_exchange.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/random.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/errors.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/header.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/recordlayer.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/pkg/protocol/version.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/renovate.json
 create mode 100644 server/vendor/github.com/pion/dtls/v2/resume.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/session.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/srtp_protection_profile.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/state.go
 create mode 100644 server/vendor/github.com/pion/dtls/v2/util.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/.gitignore
 create mode 100644 server/vendor/github.com/pion/ice/v2/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/ice/v2/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/ice/v2/AUTHORS.txt
 create mode 100644 server/vendor/github.com/pion/ice/v2/LICENSE
 create mode 100644 server/vendor/github.com/pion/ice/v2/README.md
 create mode 100644 server/vendor/github.com/pion/ice/v2/active_tcp.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/addr.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/agent.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/agent_config.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/agent_handlers.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/agent_stats.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidate.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidate_base.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidate_host.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidate_peer_reflexive.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidate_relay.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidate_server_reflexive.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidatepair.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidatepair_state.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidaterelatedaddress.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/candidatetype.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/codecov.yml
 create mode 100644 server/vendor/github.com/pion/ice/v2/context.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/errors.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/external_ip_mapper.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/gather.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/ice.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/icecontrol.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/internal/atomic/atomic.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/internal/fakenet/mock_conn.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/internal/fakenet/packet_conn.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/internal/stun/stun.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/mdns.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/net.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/networktype.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/priority.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/rand.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/renovate.json
 create mode 100644 server/vendor/github.com/pion/ice/v2/role.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/selection.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/stats.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/tcp_mux.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/tcp_mux_multi.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/tcp_packet_conn.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/tcptype.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/test_utils.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/transport.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/udp_mux.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/udp_mux_multi.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/udp_mux_universal.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/udp_muxed_conn.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/url.go
 create mode 100644 server/vendor/github.com/pion/ice/v2/usecandidate.go
 create mode 100644 server/vendor/github.com/pion/interceptor/.gitignore
 create mode 100644 server/vendor/github.com/pion/interceptor/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/interceptor/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/interceptor/LICENSE
 create mode 100644 server/vendor/github.com/pion/interceptor/README.md
 create mode 100644 server/vendor/github.com/pion/interceptor/attributes.go
 create mode 100644 server/vendor/github.com/pion/interceptor/chain.go
 create mode 100644 server/vendor/github.com/pion/interceptor/codecov.yml
 create mode 100644 server/vendor/github.com/pion/interceptor/errors.go
 create mode 100644 server/vendor/github.com/pion/interceptor/interceptor.go
 create mode 100644 server/vendor/github.com/pion/interceptor/internal/ntp/ntp.go
 create mode 100644 server/vendor/github.com/pion/interceptor/internal/sequencenumber/unwrapper.go
 create mode 100644 server/vendor/github.com/pion/interceptor/noop.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/errors.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/generator_interceptor.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/generator_option.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/nack.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/receive_log.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/responder_interceptor.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/responder_option.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/retainable_packet.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/nack/send_buffer.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/report/receiver_interceptor.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/report/receiver_option.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/report/receiver_stream.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/report/report.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/report/sender_interceptor.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/report/sender_option.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/report/sender_stream.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/report/ticker.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/twcc/arrival_time_map.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/twcc/header_extension_interceptor.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/twcc/sender_interceptor.go
 create mode 100644 server/vendor/github.com/pion/interceptor/pkg/twcc/twcc.go
 create mode 100644 server/vendor/github.com/pion/interceptor/registry.go
 create mode 100644 server/vendor/github.com/pion/interceptor/renovate.json
 create mode 100644 server/vendor/github.com/pion/interceptor/streaminfo.go
 create mode 100644 server/vendor/github.com/pion/logging/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/logging/.travis.yml
 create mode 100644 server/vendor/github.com/pion/logging/LICENSE
 create mode 100644 server/vendor/github.com/pion/logging/README.md
 create mode 100644 server/vendor/github.com/pion/logging/logger.go
 create mode 100644 server/vendor/github.com/pion/logging/scoped.go
 create mode 100644 server/vendor/github.com/pion/mdns/.gitignore
 create mode 100644 server/vendor/github.com/pion/mdns/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/mdns/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/mdns/LICENSE
 create mode 100644 server/vendor/github.com/pion/mdns/README.md
 create mode 100644 server/vendor/github.com/pion/mdns/codecov.yml
 create mode 100644 server/vendor/github.com/pion/mdns/config.go
 create mode 100644 server/vendor/github.com/pion/mdns/conn.go
 create mode 100644 server/vendor/github.com/pion/mdns/errors.go
 create mode 100644 server/vendor/github.com/pion/mdns/mdns.go
 create mode 100644 server/vendor/github.com/pion/mdns/renovate.json
 create mode 100644 server/vendor/github.com/pion/randutil/.travis.yml
 create mode 100644 server/vendor/github.com/pion/randutil/LICENSE
 create mode 100644 server/vendor/github.com/pion/randutil/README.md
 create mode 100644 server/vendor/github.com/pion/randutil/codecov.yml
 create mode 100644 server/vendor/github.com/pion/randutil/crypto.go
 create mode 100644 server/vendor/github.com/pion/randutil/math.go
 create mode 100644 server/vendor/github.com/pion/randutil/renovate.json
 create mode 100644 server/vendor/github.com/pion/rtcp/.gitignore
 create mode 100644 server/vendor/github.com/pion/rtcp/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/rtcp/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/rtcp/LICENSE
 create mode 100644 server/vendor/github.com/pion/rtcp/README.md
 create mode 100644 server/vendor/github.com/pion/rtcp/codecov.yml
 create mode 100644 server/vendor/github.com/pion/rtcp/compound_packet.go
 create mode 100644 server/vendor/github.com/pion/rtcp/doc.go
 create mode 100644 server/vendor/github.com/pion/rtcp/errors.go
 create mode 100644 server/vendor/github.com/pion/rtcp/extended_report.go
 create mode 100644 server/vendor/github.com/pion/rtcp/full_intra_request.go
 create mode 100644 server/vendor/github.com/pion/rtcp/goodbye.go
 create mode 100644 server/vendor/github.com/pion/rtcp/header.go
 create mode 100644 server/vendor/github.com/pion/rtcp/packet.go
 create mode 100644 server/vendor/github.com/pion/rtcp/packet_buffer.go
 create mode 100644 server/vendor/github.com/pion/rtcp/packet_stringifier.go
 create mode 100644 server/vendor/github.com/pion/rtcp/picture_loss_indication.go
 create mode 100644 server/vendor/github.com/pion/rtcp/rapid_resynchronization_request.go
 create mode 100644 server/vendor/github.com/pion/rtcp/raw_packet.go
 create mode 100644 server/vendor/github.com/pion/rtcp/receiver_estimated_maximum_bitrate.go
 create mode 100644 server/vendor/github.com/pion/rtcp/receiver_report.go
 create mode 100644 server/vendor/github.com/pion/rtcp/reception_report.go
 create mode 100644 server/vendor/github.com/pion/rtcp/renovate.json
 create mode 100644 server/vendor/github.com/pion/rtcp/rfc8888.go
 create mode 100644 server/vendor/github.com/pion/rtcp/sender_report.go
 create mode 100644 server/vendor/github.com/pion/rtcp/slice_loss_indication.go
 create mode 100644 server/vendor/github.com/pion/rtcp/source_description.go
 create mode 100644 server/vendor/github.com/pion/rtcp/transport_layer_cc.go
 create mode 100644 server/vendor/github.com/pion/rtcp/transport_layer_nack.go
 create mode 100644 server/vendor/github.com/pion/rtcp/util.go
 create mode 100644 server/vendor/github.com/pion/rtp/.gitignore
 create mode 100644 server/vendor/github.com/pion/rtp/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/rtp/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/rtp/LICENSE
 create mode 100644 server/vendor/github.com/pion/rtp/README.md
 create mode 100644 server/vendor/github.com/pion/rtp/abscapturetimeextension.go
 create mode 100644 server/vendor/github.com/pion/rtp/abssendtimeextension.go
 create mode 100644 server/vendor/github.com/pion/rtp/audiolevelextension.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecov.yml
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/av1/obu/leb128.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/av1_packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/codecs.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/common.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/error.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/g711_packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/g722_packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/h264_packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/h265_packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/opus_packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/vp8_packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/vp9/bits.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/vp9/header.go
 create mode 100644 server/vendor/github.com/pion/rtp/codecs/vp9_packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/depacketizer.go
 create mode 100644 server/vendor/github.com/pion/rtp/error.go
 create mode 100644 server/vendor/github.com/pion/rtp/header_extension.go
 create mode 100644 server/vendor/github.com/pion/rtp/packet.go
 create mode 100644 server/vendor/github.com/pion/rtp/packetizer.go
 create mode 100644 server/vendor/github.com/pion/rtp/partitionheadchecker.go
 create mode 100644 server/vendor/github.com/pion/rtp/payload_types.go
 create mode 100644 server/vendor/github.com/pion/rtp/playoutdelayextension.go
 create mode 100644 server/vendor/github.com/pion/rtp/rand.go
 create mode 100644 server/vendor/github.com/pion/rtp/renovate.json
 create mode 100644 server/vendor/github.com/pion/rtp/rtp.go
 create mode 100644 server/vendor/github.com/pion/rtp/sequencer.go
 create mode 100644 server/vendor/github.com/pion/rtp/transportccextension.go
 create mode 100644 server/vendor/github.com/pion/rtp/vlaextension.go
 create mode 100644 server/vendor/github.com/pion/sctp/.gitignore
 create mode 100644 server/vendor/github.com/pion/sctp/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/sctp/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/sctp/LICENSE
 create mode 100644 server/vendor/github.com/pion/sctp/README.md
 create mode 100644 server/vendor/github.com/pion/sctp/ack_timer.go
 create mode 100644 server/vendor/github.com/pion/sctp/association.go
 create mode 100644 server/vendor/github.com/pion/sctp/association_stats.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_abort.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_cookie_ack.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_cookie_echo.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_error.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_forward_tsn.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_heartbeat.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_heartbeat_ack.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_init.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_init_ack.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_init_common.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_payload_data.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_reconfig.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_selective_ack.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_shutdown.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_shutdown_ack.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunk_shutdown_complete.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunkheader.go
 create mode 100644 server/vendor/github.com/pion/sctp/chunktype.go
 create mode 100644 server/vendor/github.com/pion/sctp/codecov.yml
 create mode 100644 server/vendor/github.com/pion/sctp/control_queue.go
 create mode 100644 server/vendor/github.com/pion/sctp/error_cause.go
 create mode 100644 server/vendor/github.com/pion/sctp/error_cause_header.go
 create mode 100644 server/vendor/github.com/pion/sctp/error_cause_invalid_mandatory_parameter.go
 create mode 100644 server/vendor/github.com/pion/sctp/error_cause_protocol_violation.go
 create mode 100644 server/vendor/github.com/pion/sctp/error_cause_unrecognized_chunk_type.go
 create mode 100644 server/vendor/github.com/pion/sctp/error_cause_user_initiated_abort.go
 create mode 100644 server/vendor/github.com/pion/sctp/packet.go
 create mode 100644 server/vendor/github.com/pion/sctp/param.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_chunk_list.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_ecn_capable.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_forward_tsn_supported.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_heartbeat_info.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_outgoing_reset_request.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_random.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_reconfig_response.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_requested_hmac_algorithm.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_state_cookie.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_supported_extensions.go
 create mode 100644 server/vendor/github.com/pion/sctp/param_zero_checksum.go
 create mode 100644 server/vendor/github.com/pion/sctp/paramheader.go
 create mode 100644 server/vendor/github.com/pion/sctp/paramtype.go
 create mode 100644 server/vendor/github.com/pion/sctp/payload_queue.go
 create mode 100644 server/vendor/github.com/pion/sctp/pending_queue.go
 create mode 100644 server/vendor/github.com/pion/sctp/queue.go
 create mode 100644 server/vendor/github.com/pion/sctp/reassembly_queue.go
 create mode 100644 server/vendor/github.com/pion/sctp/receive_payload_queue.go
 create mode 100644 server/vendor/github.com/pion/sctp/renovate.json
 create mode 100644 server/vendor/github.com/pion/sctp/rtx_timer.go
 create mode 100644 server/vendor/github.com/pion/sctp/sctp.go
 create mode 100644 server/vendor/github.com/pion/sctp/stream.go
 create mode 100644 server/vendor/github.com/pion/sctp/util.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/.gitignore
 create mode 100644 server/vendor/github.com/pion/sdp/v3/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/sdp/v3/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/sdp/v3/LICENSE
 create mode 100644 server/vendor/github.com/pion/sdp/v3/README.md
 create mode 100644 server/vendor/github.com/pion/sdp/v3/base_lexer.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/codecov.yml
 create mode 100644 server/vendor/github.com/pion/sdp/v3/common_description.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/direction.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/extmap.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/jsep.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/marshal.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/media_description.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/renovate.json
 create mode 100644 server/vendor/github.com/pion/sdp/v3/sdp.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/session_description.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/time_description.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/unmarshal.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/unmarshal_cache.go
 create mode 100644 server/vendor/github.com/pion/sdp/v3/util.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/.gitignore
 create mode 100644 server/vendor/github.com/pion/srtp/v2/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/srtp/v2/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/srtp/v2/AUTHORS.txt
 create mode 100644 server/vendor/github.com/pion/srtp/v2/LICENSE
 create mode 100644 server/vendor/github.com/pion/srtp/v2/README.md
 create mode 100644 server/vendor/github.com/pion/srtp/v2/codecov.yml
 create mode 100644 server/vendor/github.com/pion/srtp/v2/context.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/crypto.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/errors.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/key_derivation.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/keying.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/option.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/protection_profile.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/renovate.json
 create mode 100644 server/vendor/github.com/pion/srtp/v2/session.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/session_srtcp.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/session_srtp.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/srtcp.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/srtp.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/srtp_cipher.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/srtp_cipher_aead_aes_gcm.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/srtp_cipher_aes_cm_hmac_sha1.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/stream.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/stream_srtcp.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/stream_srtp.go
 create mode 100644 server/vendor/github.com/pion/srtp/v2/util.go
 create mode 100644 server/vendor/github.com/pion/stun/.gitignore
 create mode 100644 server/vendor/github.com/pion/stun/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/stun/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/stun/AUTHORS.txt
 create mode 100644 server/vendor/github.com/pion/stun/LICENSE
 create mode 100644 server/vendor/github.com/pion/stun/Makefile
 create mode 100644 server/vendor/github.com/pion/stun/README.md
 create mode 100644 server/vendor/github.com/pion/stun/addr.go
 create mode 100644 server/vendor/github.com/pion/stun/agent.go
 create mode 100644 server/vendor/github.com/pion/stun/attributes.go
 create mode 100644 server/vendor/github.com/pion/stun/attributes_debug.go
 create mode 100644 server/vendor/github.com/pion/stun/checks.go
 create mode 100644 server/vendor/github.com/pion/stun/checks_debug.go
 create mode 100644 server/vendor/github.com/pion/stun/client.go
 create mode 100644 server/vendor/github.com/pion/stun/codecov.yml
 create mode 100644 server/vendor/github.com/pion/stun/errorcode.go
 create mode 100644 server/vendor/github.com/pion/stun/errors.go
 create mode 100644 server/vendor/github.com/pion/stun/fingerprint.go
 create mode 100644 server/vendor/github.com/pion/stun/fingerprint_debug.go
 create mode 100644 server/vendor/github.com/pion/stun/helpers.go
 create mode 100644 server/vendor/github.com/pion/stun/integrity.go
 create mode 100644 server/vendor/github.com/pion/stun/integrity_debug.go
 create mode 100644 server/vendor/github.com/pion/stun/internal/hmac/hmac.go
 create mode 100644 server/vendor/github.com/pion/stun/internal/hmac/pool.go
 create mode 100644 server/vendor/github.com/pion/stun/internal/hmac/vendor.sh
 create mode 100644 server/vendor/github.com/pion/stun/message.go
 create mode 100644 server/vendor/github.com/pion/stun/renovate.json
 create mode 100644 server/vendor/github.com/pion/stun/stun.go
 create mode 100644 server/vendor/github.com/pion/stun/textattrs.go
 create mode 100644 server/vendor/github.com/pion/stun/uattrs.go
 create mode 100644 server/vendor/github.com/pion/stun/uri.go
 create mode 100644 server/vendor/github.com/pion/stun/xoraddr.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/.gitignore
 create mode 100644 server/vendor/github.com/pion/transport/v2/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/transport/v2/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/transport/v2/AUTHORS.txt
 create mode 100644 server/vendor/github.com/pion/transport/v2/LICENSE
 create mode 100644 server/vendor/github.com/pion/transport/v2/README.md
 create mode 100644 server/vendor/github.com/pion/transport/v2/codecov.yml
 create mode 100644 server/vendor/github.com/pion/transport/v2/connctx/connctx.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/connctx/pipe.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/deadline/deadline.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/deadline/timer.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/deadline/timer_generic.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/deadline/timer_js.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/net.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/packetio/buffer.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/packetio/errors.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/packetio/hardlimit.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/packetio/no_hardlimit.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/renovate.json
 create mode 100644 server/vendor/github.com/pion/transport/v2/replaydetector/fixedbig.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/replaydetector/replaydetector.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/stdnet/net.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/udp/batchconn.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/udp/conn.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_amd64.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_amd64.s
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm.s
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm64.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm64.s
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_generic.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_ppc64x.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/utils/xor/xor_ppc64x.s
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/.gitignore
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/README.md
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/chunk.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/chunk_queue.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/conn.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/conn_map.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/delay_filter.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/errors.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/loss_filter.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/nat.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/net.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/resolver.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/router.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/tbf.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/udpproxy.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/udpproxy_direct.go
 create mode 100644 server/vendor/github.com/pion/transport/v2/vnet/vnet.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/.gitignore
 create mode 100644 server/vendor/github.com/pion/turn/v2/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/turn/v2/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/turn/v2/AUTHORS.txt
 create mode 100644 server/vendor/github.com/pion/turn/v2/LICENSE
 create mode 100644 server/vendor/github.com/pion/turn/v2/README.md
 create mode 100644 server/vendor/github.com/pion/turn/v2/client.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/codecov.yml
 create mode 100644 server/vendor/github.com/pion/turn/v2/errors.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/allocation/allocation.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/allocation/allocation_manager.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/allocation/channel_bind.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/allocation/errors.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/allocation/five_tuple.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/allocation/permission.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/allocation.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/binding.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/client.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/errors.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/periodic_timer.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/permission.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/tcp_alloc.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/tcp_conn.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/transaction.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/trylock.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/client/udp_conn.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/ipnet/util.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/addr.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/chandata.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/chann.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/connection_id.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/data.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/dontfrag.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/evenport.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/lifetime.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/peeraddr.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/proto.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/relayedaddr.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/reqfamily.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/reqtrans.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/proto/rsrvtoken.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/server/errors.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/server/nonce.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/server/server.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/server/stun.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/server/turn.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/internal/server/util.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/lt_cred.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/relay_address_generator_none.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/relay_address_generator_range.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/relay_address_generator_static.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/renovate.json
 create mode 100644 server/vendor/github.com/pion/turn/v2/server.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/server_config.go
 create mode 100644 server/vendor/github.com/pion/turn/v2/stun_conn.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/.codacy.yaml
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/.eslintrc.json
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/.gitignore
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/.golangci.yml
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/.goreleaser.yml
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/AUTHORS.txt
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/DESIGN.md
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/LICENSE
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/README.md
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/api.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/api_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/atomicbool.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/bundlepolicy.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/certificate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/codecov.yml
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/configuration.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/configuration_common.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/configuration_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/constants.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/datachannel.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/datachannel_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/datachannel_js_detach.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/datachannelinit.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/datachannelmessage.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/datachannelparameters.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/datachannelstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/dtlsfingerprint.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/dtlsparameters.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/dtlsrole.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/dtlstransport.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/dtlstransport_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/dtlstransportstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/errors.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/gathering_complete_promise.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/ice_go.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icecandidate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icecandidateinit.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icecandidatepair.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icecandidatetype.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icecomponent.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/iceconnectionstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icecredentialtype.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icegatherer.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icegathererstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icegatheringstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icegatheroptions.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icemux.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/iceparameters.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/iceprotocol.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icerole.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/iceserver.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/iceserver_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icetransport.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icetransport_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icetransportpolicy.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/icetransportstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/interceptor.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/internal/fmtp/av1.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/internal/fmtp/fmtp.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/internal/fmtp/h264.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/internal/fmtp/vp9.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/internal/mux/endpoint.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/internal/mux/mux.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/internal/mux/muxfunc.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/internal/util/util.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/js_utils.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/mediaengine.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/networktype.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/oauthcredential.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/offeransweroptions.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/operations.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/package.json
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/peerconnection.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/peerconnection_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/peerconnectionstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/pkg/media/media.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/pkg/rtcerr/errors.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/renovate.json
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtcpfeedback.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtcpmuxpolicy.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpcapabilities.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpcodec.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpcodingparameters.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpdecodingparameters.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpencodingparameters.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpreceiveparameters.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpreceiver.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpreceiver_go.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpreceiver_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpsender.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpsender_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtpsendparameters.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtptransceiver.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtptransceiver_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtptransceiverdirection.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/rtptransceiverinit.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/sctpcapabilities.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/sctptransport.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/sctptransport_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/sctptransportstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/sdp.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/sdpsemantics.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/sdptype.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/sessiondescription.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/settingengine.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/settingengine_js.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/signalingstate.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/srtp_writer_future.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/stats.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/stats_go.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/track_local.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/track_local_static.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/track_remote.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/webrtc.go
 create mode 100644 server/vendor/github.com/pion/webrtc/v3/yarn.lock
 create mode 100644 server/vendor/github.com/pmezard/go-difflib/LICENSE
 create mode 100644 server/vendor/github.com/pmezard/go-difflib/difflib/difflib.go
 create mode 100644 server/vendor/github.com/stretchr/testify/LICENSE
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/assertion_compare.go
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/assertion_format.go
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/assertion_forward.go
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/assertion_order.go
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/assertions.go
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/doc.go
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/errors.go
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/forward_assertions.go
 create mode 100644 server/vendor/github.com/stretchr/testify/assert/http_assertions.go
 create mode 100644 server/vendor/github.com/stretchr/testify/require/doc.go
 create mode 100644 server/vendor/github.com/stretchr/testify/require/forward_requirements.go
 create mode 100644 server/vendor/github.com/stretchr/testify/require/require.go
 create mode 100644 server/vendor/github.com/stretchr/testify/require/require.go.tmpl
 create mode 100644 server/vendor/github.com/stretchr/testify/require/require_forward.go
 create mode 100644 server/vendor/github.com/stretchr/testify/require/require_forward.go.tmpl
 create mode 100644 server/vendor/github.com/stretchr/testify/require/requirements.go
 create mode 100644 server/vendor/github.com/wlynxg/anet/.gitignore
 create mode 100644 server/vendor/github.com/wlynxg/anet/LICENSE
 create mode 100644 server/vendor/github.com/wlynxg/anet/README.md
 create mode 100644 server/vendor/github.com/wlynxg/anet/README_zh.md
 create mode 100644 server/vendor/github.com/wlynxg/anet/interface.go
 create mode 100644 server/vendor/github.com/wlynxg/anet/interface_android.go
 create mode 100644 server/vendor/github.com/wlynxg/anet/netlink_android.go
 create mode 100644 server/vendor/golang.org/x/crypto/cryptobyte/asn1.go
 create mode 100644 server/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
 create mode 100644 server/vendor/golang.org/x/crypto/cryptobyte/builder.go
 create mode 100644 server/vendor/golang.org/x/crypto/cryptobyte/string.go
 create mode 100644 server/vendor/golang.org/x/crypto/curve25519/curve25519.go
 create mode 100644 server/vendor/golang.org/x/net/bpf/asm.go
 create mode 100644 server/vendor/golang.org/x/net/bpf/constants.go
 create mode 100644 server/vendor/golang.org/x/net/bpf/doc.go
 create mode 100644 server/vendor/golang.org/x/net/bpf/instructions.go
 create mode 100644 server/vendor/golang.org/x/net/bpf/setter.go
 create mode 100644 server/vendor/golang.org/x/net/bpf/vm.go
 create mode 100644 server/vendor/golang.org/x/net/bpf/vm_instructions.go
 create mode 100644 server/vendor/golang.org/x/net/dns/dnsmessage/message.go
 create mode 100644 server/vendor/golang.org/x/net/internal/iana/const.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/cmsghdr.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/cmsghdr_bsd.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_32bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_64bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/cmsghdr_solaris_64bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/cmsghdr_stub.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/cmsghdr_unix.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/cmsghdr_zos_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/complete_dontwait.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/complete_nodontwait.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/empty.s
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/error_unix.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/error_windows.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/iovec_32bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/iovec_64bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/iovec_solaris_64bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/iovec_stub.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/mmsghdr_stub.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/mmsghdr_unix.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_bsd.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_bsdvar.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_linux.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_linux_32bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_linux_64bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_openbsd.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_solaris_64bit.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_stub.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/msghdr_zos_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/norace.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/race.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/rawconn.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/rawconn_mmsg.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/rawconn_msg.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/rawconn_nommsg.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/rawconn_nomsg.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/socket.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_bsd.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_const_unix.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_386.s
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_arm.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_loong64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_mips.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_mips64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_mips64le.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_mipsle.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc64le.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_riscv64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.s
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_netbsd.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_posix.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_stub.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_unix.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_windows.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.s
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_riscv64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_loong64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_ppc64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_riscv64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socks/client.go
 create mode 100644 server/vendor/golang.org/x/net/internal/socks/socks.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/batch.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/control.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/control_bsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/control_pktinfo.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/control_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/control_unix.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/control_windows.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/control_zos.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/dgramopt.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/doc.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/endpoint.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/genericopt.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/header.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/helper.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/iana.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/icmp.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/icmp_linux.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/icmp_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/packet.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/payload.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/payload_cmsg.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/payload_nocmsg.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sockopt.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sockopt_posix.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sockopt_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_aix.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_asmreq.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_asmreq_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_asmreqn.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_asmreqn_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_bpf.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_bpf_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_bsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_darwin.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_dragonfly.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_freebsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_linux.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_solaris.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_ssmreq.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_ssmreq_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_windows.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/sys_zos.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_darwin.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_freebsd_riscv64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_386.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_loong64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_netbsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_openbsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_solaris.go
 create mode 100644 server/vendor/golang.org/x/net/ipv4/zsys_zos_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/batch.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/control.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/control_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/control_unix.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/control_windows.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/dgramopt.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/doc.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/endpoint.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/genericopt.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/header.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/helper.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/iana.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/icmp.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/icmp_bsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/icmp_linux.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/icmp_solaris.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/icmp_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/icmp_windows.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/icmp_zos.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/payload.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/payload_cmsg.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/payload_nocmsg.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sockopt.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sockopt_posix.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sockopt_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_aix.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_asmreq.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_asmreq_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_bpf.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_bpf_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_bsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_darwin.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_freebsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_linux.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_solaris.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_ssmreq.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_ssmreq_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_stub.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_windows.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/sys_zos.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_darwin.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_freebsd_riscv64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_386.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_loong64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_netbsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_openbsd.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_solaris.go
 create mode 100644 server/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go
 create mode 100644 server/vendor/golang.org/x/net/proxy/dial.go
 create mode 100644 server/vendor/golang.org/x/net/proxy/direct.go
 create mode 100644 server/vendor/golang.org/x/net/proxy/per_host.go
 create mode 100644 server/vendor/golang.org/x/net/proxy/proxy.go
 create mode 100644 server/vendor/golang.org/x/net/proxy/socks5.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/aliases.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/dll_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/env_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/eventlog.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/exec_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/memory_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/mkerrors.bash
 create mode 100644 server/vendor/golang.org/x/sys/windows/mkknownfolderids.bash
 create mode 100644 server/vendor/golang.org/x/sys/windows/mksyscall.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/race.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/race0.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/security_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/service.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/setupapi_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/str.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/syscall.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/syscall_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/types_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/types_windows_386.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/types_windows_amd64.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/types_windows_arm.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/types_windows_arm64.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/zerrors_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/zknownfolderids_windows.go
 create mode 100644 server/vendor/golang.org/x/sys/windows/zsyscall_windows.go
 create mode 100644 web/src/components/LiveFloatingPlayer.vue
 create mode 100644 web/src/utils/liveWebRTC.js
 create mode 100644 web/src/views/LiveRoom.vue

diff --git a/admin/src/layouts/AdminLayout.vue b/admin/src/layouts/AdminLayout.vue
index c4aa425..32f1830 100644
--- a/admin/src/layouts/AdminLayout.vue
+++ b/admin/src/layouts/AdminLayout.vue
@@ -43,7 +43,7 @@
 <script setup>
 import { computed, onMounted } from 'vue'
 import { useRouter } from 'vue-router'
-import { House, User, Folder, ChatDotRound, Setting, Wallet, Monitor, Document, EditPen, Upload, Key } from '@element-plus/icons-vue'
+import { House, User, Folder, ChatDotRound, Setting, Wallet, Monitor, Document, EditPen, Upload, Key, VideoCamera } from '@element-plus/icons-vue'
 import { useAuthStore } from '../stores/auth'
 import { getMyPermissions } from '../api/admin'
 
@@ -71,6 +71,7 @@ const menuItems = computed(() => {
     { index: '/sites', title: '站点管理', icon: Monitor, permission: 'site:manage' },
     { index: '/pages', title: '网页管理', icon: Document, permission: 'page:manage' },
     { index: '/homepage-edit', title: '首页编辑', icon: EditPen, permission: 'homepage:edit' },
+    { index: '/live-broadcast', title: '视频直播开播', icon: VideoCamera, permission: 'homepage:edit' },
     { index: '/files', title: '文件管理', icon: Folder, permission: null },
     { index: '/role-permissions', title: '角色权限管理', icon: Key, permission: 'role:permission' }
   ]
diff --git a/admin/src/router/index.js b/admin/src/router/index.js
index bf4b8da..fbcfdd9 100644
--- a/admin/src/router/index.js
+++ b/admin/src/router/index.js
@@ -66,6 +66,12 @@ const routes = [
         component: () => import('../views/sites/HomepageEdit.vue'),
         meta: { title: '首页编辑', permission: 'homepage:edit' }
       },
+      {
+        path: 'live-broadcast',
+        name: 'LiveBroadcast',
+        component: () => import('../views/sites/LiveBroadcast.vue'),
+        meta: { title: '视频直播开播', permission: 'homepage:edit' }
+      },
       {
         path: 'files',
         name: 'FileManage',
diff --git a/admin/src/utils/liveWebRTC.js b/admin/src/utils/liveWebRTC.js
new file mode 100644
index 0000000..c217bc6
--- /dev/null
+++ b/admin/src/utils/liveWebRTC.js
@@ -0,0 +1,106 @@
+/**
+ * 管理后台 WebRTC 开播（需登录 token，与 /api/web/live/ws?role=publish&token= 一致）
+ */
+const apiBase = (import.meta.env.VITE_API_BASE || '').replace(/\/$/, '')
+
+function liveWsURLPublish(token) {
+  const path = `/api/web/live/ws?role=publish&token=${encodeURIComponent(token)}`
+  if (apiBase) {
+    const base = apiBase.replace(/\/$/, '')
+    const wsOrigin = base.replace(/^https:/i, 'wss:').replace(/^http:/i, 'ws:')
+    return `${wsOrigin}${path}`
+  }
+  const proto = window.location.protocol === 'https:' ? 'wss:' : 'ws:'
+  return `${proto}//${window.location.host}${path}`
+}
+
+const defaultIce = [{ urls: 'stun:stun.l.google.com:19302' }]
+
+/**
+ * @param {object} opts
+ * @param {string} opts.token 管理员 JWT
+ * @param {(s: string) => void} [opts.onStatus]
+ * @param {(stream: MediaStream) => void} [opts.onLocalStream]
+ */
+export function startPublishing(opts = {}) {
+  const { token = '', onStatus = () => {}, onLocalStream = () => {} } = opts
+  if (!token) {
+    onStatus('未登录，无法开播')
+    return { stop: () => {} }
+  }
+
+  const wsUrl = liveWsURLPublish(token)
+  const ws = new WebSocket(wsUrl)
+  const pc = new RTCPeerConnection({ iceServers: defaultIce })
+  let stream = null
+
+  const send = (o) => {
+    if (ws.readyState === WebSocket.OPEN) ws.send(JSON.stringify(o))
+  }
+
+  pc.onicecandidate = (e) => {
+    if (e.candidate) send({ type: 'ice', candidate: e.candidate.toJSON() })
+  }
+
+  ws.onopen = async () => {
+    onStatus('信令已连接，正在采集摄像头…')
+    try {
+      stream = await navigator.mediaDevices.getUserMedia({
+        video: { facingMode: 'user' },
+        audio: false
+      })
+      onLocalStream(stream)
+      stream.getTracks().forEach((t) => pc.addTrack(t, stream))
+      const offer = await pc.createOffer()
+      await pc.setLocalDescription(offer)
+      send({ type: 'offer', sdp: offer.sdp })
+      onStatus('已发起推流协商，等待服务端应答…')
+    } catch (err) {
+      onStatus(err.message || '无法打开摄像头')
+      stop()
+    }
+  }
+
+  ws.onmessage = async (ev) => {
+    let msg
+    try {
+      msg = JSON.parse(ev.data)
+    } catch {
+      return
+    }
+    if (msg.type === 'answer' && msg.sdp) {
+      try {
+        await pc.setRemoteDescription({ type: 'answer', sdp: msg.sdp })
+        onStatus('直播中（请勿关闭本页；关闭即结束本场）')
+      } catch (e) {
+        onStatus(e.message || '设置远端描述失败')
+      }
+    }
+    if (msg.type === 'ice' && msg.candidate) {
+      try {
+        await pc.addIceCandidate(msg.candidate)
+      } catch (_) {}
+    }
+    if (msg.type === 'error') {
+      onStatus(msg.message || '服务端错误')
+    }
+  }
+
+  ws.onerror = () => onStatus('信令连接失败（请确认已登录且 Nginx 已配置 WebSocket）')
+  ws.onclose = () => onStatus('信令已断开')
+
+  function stop() {
+    try {
+      ws.close()
+    } catch (_) {}
+    pc.getSenders().forEach((s) => {
+      try {
+        s.track?.stop()
+      } catch (_) {}
+    })
+    pc.close()
+    stream?.getTracks().forEach((t) => t.stop())
+  }
+
+  return { pc, ws, stop }
+}
diff --git a/admin/src/views/sites/HomepageEdit.vue b/admin/src/views/sites/HomepageEdit.vue
index 8caf2b0..a64e371 100644
--- a/admin/src/views/sites/HomepageEdit.vue
+++ b/admin/src/views/sites/HomepageEdit.vue
@@ -61,6 +61,23 @@
           <el-input v-model="form.download_android_url" placeholder="/promotion/downloads/yuheng-android.apk" />
         </el-form-item>
 
+        <el-divider content-position="left">直播（前台 /live）</el-divider>
+        <p class="builder-tip" style="margin: -6px 0 12px">
+          <strong>本站 WebRTC 直播</strong>仅在左侧菜单「视频直播开播」由已登录管理员推流，前台首页左上角画中画与「直播」页播放。
+          <strong>外部直播间</strong>：下方地址用于前台「进入外部直播间」跳转；可留空。
+        </p>
+        <el-form-item label="直播间标题">
+          <el-input v-model="form.live_room_title" placeholder="视频直播" style="max-width: 320px" />
+        </el-form-item>
+        <el-form-item label="直播间地址">
+          <el-input
+            v-model="form.live_room_url"
+            type="textarea"
+            :rows="2"
+            placeholder="https://live.example.com/xxx"
+          />
+        </el-form-item>
+
         <el-divider content-position="left">旧版字段（前台 Vue 已不使用轨道路由）</el-divider>
         <el-form-item label="下载按钮文案">
           <el-input v-model="form.download_text" placeholder="下载" />
@@ -167,7 +184,9 @@ const defaultForm = () => ({
     { title: '星际防护', desc: '来自未来的安全加密协议，守护您的数字资产安全' }
   ],
   footer_text: '© 2024 宇恒一号 · 成都宇信达智能科技有限公司',
-  body_builder: ''
+  body_builder: '',
+  live_room_url: '',
+  live_room_title: '视频直播'
 })
 
 const form = reactive(defaultForm())
@@ -208,7 +227,11 @@ const fetchData = async () => {
       platforms: Array.isArray(data.platforms) ? data.platforms : base.platforms,
       features: Array.isArray(data.features) && data.features.length ? data.features : base.features,
       download_windows_url: data.download_windows_url || base.download_windows_url,
-      download_android_url: data.download_android_url || base.download_android_url
+      download_android_url: data.download_android_url || base.download_android_url,
+      live_room_url: typeof data.live_room_url === 'string' ? data.live_room_url : base.live_room_url,
+      live_room_title: (typeof data.live_room_title === 'string' && data.live_room_title.trim())
+        ? data.live_room_title.trim()
+        : base.live_room_title
     })
   } catch (e) {
     ElMessage.error(e.message)
diff --git a/admin/src/views/sites/LiveBroadcast.vue b/admin/src/views/sites/LiveBroadcast.vue
new file mode 100644
index 0000000..1351552
--- /dev/null
+++ b/admin/src/views/sites/LiveBroadcast.vue
@@ -0,0 +1,99 @@
+<template>
+  <div class="live-broadcast">
+    <el-card>
+      <template #header>
+        <span>官网视频直播（WebRTC）</span>
+      </template>
+      <p class="tip">
+        仅后台可开播：推流后，官网首页左上角以<strong>画中画</strong>自动展示，用户也可打开官网「直播」全屏页观看。需站点使用
+        <strong>HTTPS</strong>；公网复杂网络请在服务端配置 <code>LIVE_ICE_SERVERS</code>（含 TURN）。
+      </p>
+      <p class="status">{{ status }}</p>
+      <div class="actions">
+        <el-button v-if="!session" type="primary" :disabled="!token" @click="start">开始直播</el-button>
+        <el-button v-else type="danger" @click="stop">结束直播</el-button>
+      </div>
+      <video ref="previewRef" class="preview" playsinline muted autoplay></video>
+    </el-card>
+  </div>
+</template>
+
+<script setup>
+import { ref, computed, onMounted, onUnmounted } from 'vue'
+import { useAuthStore } from '../../stores/auth'
+import { startPublishing } from '../../utils/liveWebRTC'
+
+const authStore = useAuthStore()
+const token = computed(() => authStore.getToken() || '')
+const previewRef = ref(null)
+const status = ref('就绪')
+const session = ref(null)
+
+function start() {
+  if (!token.value) {
+    status.value = '请先登录'
+    return
+  }
+  status.value = '正在连接…'
+  const { stop } = startPublishing({
+    token: token.value,
+    onStatus: (s) => {
+      status.value = s
+    },
+    onLocalStream: (stream) => {
+      if (previewRef.value) previewRef.value.srcObject = stream
+    }
+  })
+  session.value = { stop }
+}
+
+function stop() {
+  session.value?.stop()
+  session.value = null
+  if (previewRef.value) previewRef.value.srcObject = null
+  status.value = '已停止'
+}
+
+onMounted(() => {
+  document.title = '视频直播开播 - 管理后台'
+})
+
+onUnmounted(() => {
+  stop()
+})
+</script>
+
+<style scoped>
+.live-broadcast {
+  max-width: 720px;
+}
+.tip {
+  font-size: 13px;
+  line-height: 1.7;
+  color: #606266;
+  margin-bottom: 16px;
+}
+.tip code {
+  font-size: 12px;
+  background: #f4f4f5;
+  padding: 2px 6px;
+  border-radius: 4px;
+}
+.status {
+  color: #409eff;
+  margin-bottom: 12px;
+  min-height: 1.5em;
+}
+.actions {
+  margin-bottom: 16px;
+}
+.preview {
+  width: 100%;
+  max-width: 480px;
+  border-radius: 8px;
+  background: #000;
+  aspect-ratio: 4 / 3;
+  object-fit: cover;
+  display: block;
+}
+</style>
diff --git a/admin/vite.config.js b/admin/vite.config.js
index 61e1127..314b951 100644
--- a/admin/vite.config.js
+++ b/admin/vite.config.js
@@ -22,7 +22,8 @@ export default defineConfig({
       '/api': {
         target: 'https://yuheng.yuxindazhineng.com',
         changeOrigin: true,
-        secure: true
+        secure: true,
+        ws: true
       }
     }
   }
diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 42e4c70..8f7cb4a 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -6,6 +6,18 @@ server {
     # ssl_certificate     /etc/nginx/ssl/fullchain.pem;
     # ssl_certificate_key /etc/nginx/ssl/privkey.pem;
 
+    location /api/web/live/ws {
+        proxy_pass http://api:9527;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 86400s;
+    }
+
     location /api/ {
         proxy_pass http://api:9527;
         proxy_http_version 1.1;
diff --git a/nginx/yuheng.docker.conf.tpl b/nginx/yuheng.docker.conf.tpl
index 3c99f13..865ac87 100644
--- a/nginx/yuheng.docker.conf.tpl
+++ b/nginx/yuheng.docker.conf.tpl
@@ -34,6 +34,21 @@ server {
         return 301 /admin/;
     }
 
+    # WebRTC 直播信令（WebSocket）；须 Upgrade，否则握手失败
+    location /api/web/live/ws {
+        set $upstream_api api;
+        proxy_pass http://$upstream_api:8088;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 86400s;
+        proxy_send_timeout 86400s;
+    }
+
     location /api/ {
         set $upstream_api api;
         proxy_pass http://$upstream_api:8088;
diff --git a/nginx/yuheng.yuxindazhineng.com.conf b/nginx/yuheng.yuxindazhineng.com.conf
index 37b5e0e..a9bd51e 100644
--- a/nginx/yuheng.yuxindazhineng.com.conf
+++ b/nginx/yuheng.yuxindazhineng.com.conf
@@ -24,6 +24,19 @@ server {
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
 
+    # 直播 WebSocket 信令（经 compose 内 Nginx 再到 api）
+    location /api/web/live/ws {
+        proxy_pass http://127.0.0.1:8443;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 86400s;
+    }
+
     location / {
         proxy_pass http://127.0.0.1:8443;
         proxy_http_version 1.1;
diff --git a/server/go.mod b/server/go.mod
index fafcd07..febf75b 100644
--- a/server/go.mod
+++ b/server/go.mod
@@ -11,6 +11,7 @@ require (
 require (
 	github.com/bytedance/sonic v1.9.1 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
@@ -18,6 +19,8 @@ require (
 	github.com/go-playground/validator/v10 v10.14.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/golang-jwt/jwt/v5 v5.3.1 // indirect
+	github.com/google/uuid v1.3.1 // indirect
+	github.com/gorilla/websocket v1.5.3 // indirect
 	github.com/joho/godotenv v1.5.1 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/compress v1.17.6 // indirect
@@ -27,15 +30,34 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
+	github.com/pion/datachannel v1.5.8 // indirect
+	github.com/pion/dtls/v2 v2.2.12 // indirect
+	github.com/pion/ice/v2 v2.3.36 // indirect
+	github.com/pion/interceptor v0.1.29 // indirect
+	github.com/pion/logging v0.2.2 // indirect
+	github.com/pion/mdns v0.0.12 // indirect
+	github.com/pion/randutil v0.1.0 // indirect
+	github.com/pion/rtcp v1.2.14 // indirect
+	github.com/pion/rtp v1.8.7 // indirect
+	github.com/pion/sctp v1.8.19 // indirect
+	github.com/pion/sdp/v3 v3.0.9 // indirect
+	github.com/pion/srtp/v2 v2.0.20 // indirect
+	github.com/pion/stun v0.6.1 // indirect
+	github.com/pion/transport/v2 v2.2.10 // indirect
+	github.com/pion/turn/v2 v2.1.6 // indirect
+	github.com/pion/webrtc/v3 v3.3.5 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/stretchr/testify v1.9.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
+	github.com/wlynxg/anet v0.0.3 // indirect
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	github.com/xdg-go/scram v1.2.0 // indirect
 	github.com/xdg-go/stringprep v1.0.4 // indirect
 	github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/crypto v0.33.0 // indirect
-	golang.org/x/net v0.21.0 // indirect
+	golang.org/x/net v0.22.0 // indirect
 	golang.org/x/sync v0.11.0 // indirect
 	golang.org/x/sys v0.30.0 // indirect
 	golang.org/x/text v0.22.0 // indirect
diff --git a/server/go.sum b/server/go.sum
index 0f12dfc..6e1b715 100644
--- a/server/go.sum
+++ b/server/go.sum
@@ -30,6 +30,10 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4=
+github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
@@ -39,6 +43,9 @@ github.com/klauspost/compress v1.17.6/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6K
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk=
 github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q=
 github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
@@ -50,11 +57,52 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
 github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ=
 github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
+github.com/pion/datachannel v1.5.8 h1:ph1P1NsGkazkjrvyMfhRBUAWMxugJjq2HfQifaOoSNo=
+github.com/pion/datachannel v1.5.8/go.mod h1:PgmdpoaNBLX9HNzNClmdki4DYW5JtI7Yibu8QzbL3tI=
+github.com/pion/dtls/v2 v2.2.7/go.mod h1:8WiMkebSHFD0T+dIU+UeBaoV7kDhOW5oDCzZ7WZ/F9s=
+github.com/pion/dtls/v2 v2.2.12 h1:KP7H5/c1EiVAAKUmXyCzPiQe5+bCJrpOeKg/L05dunk=
+github.com/pion/dtls/v2 v2.2.12/go.mod h1:d9SYc9fch0CqK90mRk1dC7AkzzpwJj6u2GU3u+9pqFE=
+github.com/pion/ice/v2 v2.3.36 h1:SopeXiVbbcooUg2EIR8sq4b13RQ8gzrkkldOVg+bBsc=
+github.com/pion/ice/v2 v2.3.36/go.mod h1:mBF7lnigdqgtB+YHkaY/Y6s6tsyRyo4u4rPGRuOjUBQ=
+github.com/pion/interceptor v0.1.29 h1:39fsnlP1U8gw2JzOFWdfCU82vHvhW9o0rZnZF56wF+M=
+github.com/pion/interceptor v0.1.29/go.mod h1:ri+LGNjRUc5xUNtDEPzfdkmSqISixVTBF/z/Zms/6T4=
+github.com/pion/logging v0.2.2 h1:M9+AIj/+pxNsDfAT64+MAVgJO0rsyLnoJKCqf//DoeY=
+github.com/pion/logging v0.2.2/go.mod h1:k0/tDVsRCX2Mb2ZEmTqNa7CWsQPc+YYCB7Q+5pahoms=
+github.com/pion/mdns v0.0.12 h1:CiMYlY+O0azojWDmxdNr7ADGrnZ+V6Ilfner+6mSVK8=
+github.com/pion/mdns v0.0.12/go.mod h1:VExJjv8to/6Wqm1FXK+Ii/Z9tsVk/F5sD/N70cnYFbk=
+github.com/pion/randutil v0.1.0 h1:CFG1UdESneORglEsnimhUjf33Rwjubwj6xfiOXBa3mA=
+github.com/pion/randutil v0.1.0/go.mod h1:XcJrSMMbbMRhASFVOlj/5hQial/Y8oH/HVo7TBZq+j8=
+github.com/pion/rtcp v1.2.12/go.mod h1:sn6qjxvnwyAkkPzPULIbVqSKI5Dv54Rv7VG0kNxh9L4=
+github.com/pion/rtcp v1.2.14 h1:KCkGV3vJ+4DAJmvP0vaQShsb0xkRfWkO540Gy102KyE=
+github.com/pion/rtcp v1.2.14/go.mod h1:sn6qjxvnwyAkkPzPULIbVqSKI5Dv54Rv7VG0kNxh9L4=
+github.com/pion/rtp v1.8.3/go.mod h1:pBGHaFt/yW7bf1jjWAoUjpSNoDnw98KTMg+jWWvziqU=
+github.com/pion/rtp v1.8.7 h1:qslKkG8qxvQ7hqaxkmL7Pl0XcUm+/Er7nMnu6Vq+ZxM=
+github.com/pion/rtp v1.8.7/go.mod h1:pBGHaFt/yW7bf1jjWAoUjpSNoDnw98KTMg+jWWvziqU=
+github.com/pion/sctp v1.8.19 h1:2CYuw+SQ5vkQ9t0HdOPccsCz1GQMDuVy5PglLgKVBW8=
+github.com/pion/sctp v1.8.19/go.mod h1:P6PbDVA++OJMrVNg2AL3XtYHV4uD6dvfyOovCgMs0PE=
+github.com/pion/sdp/v3 v3.0.9 h1:pX++dCHoHUwq43kuwf3PyJfHlwIj4hXA7Vrifiq0IJY=
+github.com/pion/sdp/v3 v3.0.9/go.mod h1:B5xmvENq5IXJimIO4zfp6LAe1fD9N+kFv+V/1lOdz8M=
+github.com/pion/srtp/v2 v2.0.20 h1:HNNny4s+OUmG280ETrCdgFndp4ufx3/uy85EawYEhTk=
+github.com/pion/srtp/v2 v2.0.20/go.mod h1:0KJQjA99A6/a0DOVTu1PhDSw0CXF2jTkqOoMg3ODqdA=
+github.com/pion/stun v0.6.1 h1:8lp6YejULeHBF8NmV8e2787BogQhduZugh5PdhDyyN4=
+github.com/pion/stun v0.6.1/go.mod h1:/hO7APkX4hZKu/D0f2lHzNyvdkTGtIy3NDmLR7kSz/8=
+github.com/pion/transport/v2 v2.2.1/go.mod h1:cXXWavvCnFF6McHTft3DWS9iic2Mftcz1Aq29pGcU5g=
+github.com/pion/transport/v2 v2.2.3/go.mod h1:q2U/tf9FEfnSBGSW6w5Qp5PFWRLRj3NjLhCCgpRK4p0=
+github.com/pion/transport/v2 v2.2.4/go.mod h1:q2U/tf9FEfnSBGSW6w5Qp5PFWRLRj3NjLhCCgpRK4p0=
+github.com/pion/transport/v2 v2.2.10 h1:ucLBLE8nuxiHfvkFKnkDQRYWYfp8ejf4YBOPfaQpw6Q=
+github.com/pion/transport/v2 v2.2.10/go.mod h1:sq1kSLWs+cHW9E+2fJP95QudkzbK7wscs8yYgQToO5E=
+github.com/pion/transport/v3 v3.0.1/go.mod h1:UY7kiITrlMv7/IKgd5eTUcaahZx5oUN3l9SzK5f5xE0=
+github.com/pion/turn/v2 v2.1.3/go.mod h1:huEpByKKHix2/b9kmTAM3YoX6MKP+/D//0ClgUYR2fY=
+github.com/pion/turn/v2 v2.1.6 h1:Xr2niVsiPTB0FPtt+yAWKFUkU1eotQbGgpTIld4x1Gc=
+github.com/pion/turn/v2 v2.1.6/go.mod h1:huEpByKKHix2/b9kmTAM3YoX6MKP+/D//0ClgUYR2fY=
+github.com/pion/webrtc/v3 v3.3.5 h1:ZsSzaMz/i9nblPdiAkZoP+E6Kmjw+jnyq3bEmU3EtRg=
+github.com/pion/webrtc/v3 v3.3.5/go.mod h1:liNa+E1iwyzyXqNUwvoMRNQ10x8h8FOeJKL8RkIbamE=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
@@ -63,10 +111,15 @@ github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
 github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
+github.com/wlynxg/anet v0.0.3 h1:PvR53psxFXstc12jelG6f1Lv4MWqE0tI76/hHGjh9rg=
+github.com/wlynxg/anet v0.0.3/go.mod h1:eay5PRQr7fIVAMbTbchTnO9gG65Hg/uYGdc7mguHxoA=
 github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c=
 github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
 github.com/xdg-go/scram v1.2.0 h1:bYKF2AEwG5rqd1BumT4gAnvwU/M9nBp2pTSxeZw7Wvs=
@@ -85,16 +138,28 @@ golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
 golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE=
+golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
+golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
 golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
+golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
 golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
+golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
 golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -103,20 +168,36 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
 golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
+golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
+golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
+golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
 golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
@@ -124,6 +205,7 @@ google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cn
 google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/server/handlers/auth.go b/server/handlers/auth.go
index cd213af..1fd9079 100644
--- a/server/handlers/auth.go
+++ b/server/handlers/auth.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"net/http"
+	"strings"
 	"time"
 
 	"go.mongodb.org/mongo-driver/v2/bson"
@@ -34,6 +35,37 @@ type Claims struct {
 	jwt.RegisteredClaims
 }
 
+// ParseClaimsFromTokenString 解析 Authorization Bearer 或裸 JWT；失败返回 false
+func ParseClaimsFromTokenString(tokenStr string) (*Claims, bool) {
+	tokenStr = strings.TrimSpace(tokenStr)
+	if len(tokenStr) > 7 && strings.EqualFold(tokenStr[:7], "bearer ") {
+		tokenStr = strings.TrimSpace(tokenStr[7:])
+	}
+	if tokenStr == "" {
+		return nil, false
+	}
+	var claims Claims
+	token, err := jwt.ParseWithClaims(tokenStr, &claims, func(t *jwt.Token) (interface{}, error) {
+		return []byte(jwtSecret), nil
+	})
+	if err != nil || !token.Valid {
+		return nil, false
+	}
+	return &claims, true
+}
+
+// LivePublishAllowed 仅允许已登录后台账号发起 WebRTC 推流（与 AuthRequired 身份范围一致）
+func LivePublishAllowed(tokenStr string) bool {
+	claims, ok := ParseClaimsFromTokenString(tokenStr)
+	if !ok {
+		return false
+	}
+	if claims.RoleID != models.RoleIDSuperAdmin && !(claims.RoleID == models.RoleIDSuperUser && claims.Role == "admin") {
+		return false
+	}
+	return true
+}
+
 // Login 后台登录，仅 role_id=9527 超级管理员可登录
 func Login(c *gin.Context) {
 	var input LoginInput
@@ -122,25 +154,13 @@ func AuthRequired() gin.HandlerFunc {
 		if tokenStr == "" {
 			tokenStr = c.Query("token")
 		}
-		if len(tokenStr) > 7 && tokenStr[:7] == "Bearer " {
-			tokenStr = tokenStr[7:]
-		}
-		if tokenStr == "" {
+		claims, ok := ParseClaimsFromTokenString(tokenStr)
+		if !ok {
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "请先登录"})
 			c.Abort()
 			return
 		}
 
-		var claims Claims
-		token, err := jwt.ParseWithClaims(tokenStr, &claims, func(t *jwt.Token) (interface{}, error) {
-			return []byte(jwtSecret), nil
-		})
-		if err != nil || !token.Valid {
-			c.JSON(http.StatusUnauthorized, gin.H{"error": "登录已过期，请重新登录"})
-			c.Abort()
-			return
-		}
-
 		// 仅超级管理员或超级用户(role_id=0, role=admin)可访问后台
 		if claims.RoleID != models.RoleIDSuperAdmin && !(claims.RoleID == models.RoleIDSuperUser && claims.Role == "admin") {
 			c.JSON(http.StatusForbidden, gin.H{"error": "无后台访问权限"})
@@ -164,25 +184,13 @@ func SuperUserAuthRequired() gin.HandlerFunc {
 		if tokenStr == "" {
 			tokenStr = c.Query("token")
 		}
-		if len(tokenStr) > 7 && tokenStr[:7] == "Bearer " {
-			tokenStr = tokenStr[7:]
-		}
-		if tokenStr == "" {
+		claims, ok := ParseClaimsFromTokenString(tokenStr)
+		if !ok {
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "请先登录"})
 			c.Abort()
 			return
 		}
 
-		var claims Claims
-		token, err := jwt.ParseWithClaims(tokenStr, &claims, func(t *jwt.Token) (interface{}, error) {
-			return []byte(jwtSecret), nil
-		})
-		if err != nil || !token.Valid {
-			c.JSON(http.StatusUnauthorized, gin.H{"error": "登录已过期，请重新登录"})
-			c.Abort()
-			return
-		}
-
 		// 仅 role_id=9527 且 role=admin 可配置短信平台
 		if claims.RoleID != models.RoleIDSuperAdmin || claims.Role != "admin" {
 			c.JSON(http.StatusForbidden, gin.H{"error": "仅超级管理员可配置短信平台"})
diff --git a/server/handlers/homepage.go b/server/handlers/homepage.go
index d2b693f..34e2a4a 100644
--- a/server/handlers/homepage.go
+++ b/server/handlers/homepage.go
@@ -204,7 +204,9 @@ func defaultHomepageData() models.HomepageData {
 			{Title: "量子同步", Desc: "跨维度数据同步技术，您的数据在多宇宙中保持一致"},
 			{Title: "星际防护", Desc: "来自未来的安全加密协议，守护您的数字资产安全"},
 		},
-		FooterText: "© 2024 宇恒一号 · 成都宇信达智能科技有限公司",
+		FooterText:    "© 2024 宇恒一号 · 成都宇信达智能科技有限公司",
+		LiveRoomURL:   "",
+		LiveRoomTitle: "视频直播",
 	}
 }
 
diff --git a/server/main.go b/server/main.go
index 64bc887..41fc6c9 100644
--- a/server/main.go
+++ b/server/main.go
@@ -15,6 +15,7 @@ import (
 	"yh_web/server/models"
 	"yh_web/server/pkg/logger"
 	"yh_web/server/pkg/schema"
+	"yh_web/server/pkg/weblive"
 
 	"github.com/gin-gonic/gin"
 	"github.com/joho/godotenv"
@@ -219,6 +220,8 @@ func main() {
 		web.GET("/sites/:site_id/promotion-media/*filepath", handlers.ServePromotionMedia)
 		// 可下载资源公开下载（首页等链接指向此路径）
 		web.GET("/sites/:site_id/assets/:asset_id/download", handlers.DownloadSiteAsset)
+		// 站内 WebRTC 直播：信令 + 状态（单房间 MVP）
+		weblive.RegisterRoutes(web)
 	}
 
 	port := os.Getenv("PORT")
diff --git a/server/models/site.go b/server/models/site.go
index 338eecc..37480bf 100644
--- a/server/models/site.go
+++ b/server/models/site.go
@@ -45,6 +45,10 @@ type HomepageData struct {
 	DownloadAndroidURL string `json:"download_android_url,omitempty"`
 	// BodyBuilder 首页下方扩展区：与网页积木相同 JSON 字符串 {"version":1,"blocks":[...]}，空则仅展示上方模板
 	BodyBuilder string `json:"body_builder,omitempty"`
+	// 直播：前台 /live 页「进入直播间」跳转的外部地址（抖音/B 站/自建 H5 等）；留空则仅提示在后台配置
+	LiveRoomURL string `json:"live_room_url,omitempty"`
+	// 直播页与首页直播模块主标题
+	LiveRoomTitle string `json:"live_room_title,omitempty"`
 }
 
 type NavLink struct {
diff --git a/server/pkg/weblive/config.go b/server/pkg/weblive/config.go
new file mode 100644
index 0000000..29dc3f7
--- /dev/null
+++ b/server/pkg/weblive/config.go
@@ -0,0 +1,33 @@
+package weblive
+
+import (
+	"encoding/json"
+	"os"
+	"strings"
+
+	"github.com/pion/webrtc/v3"
+)
+
+// MediaEngine 与 API 构建（全局复用，避免重复注册编解码器）
+func buildAPI() (*webrtc.API, error) {
+	m := &webrtc.MediaEngine{}
+	if err := m.RegisterDefaultCodecs(); err != nil {
+		return nil, err
+	}
+	api := webrtc.NewAPI(webrtc.WithMediaEngine(m))
+	return api, nil
+}
+
+func iceServersFromEnv() []webrtc.ICEServer {
+	raw := strings.TrimSpace(os.Getenv("LIVE_ICE_SERVERS"))
+	if raw == "" {
+		return []webrtc.ICEServer{
+			{URLs: []string{"stun:stun.l.google.com:19302"}},
+		}
+	}
+	var servers []webrtc.ICEServer
+	if err := json.Unmarshal([]byte(raw), &servers); err != nil {
+		return []webrtc.ICEServer{{URLs: []string{"stun:stun.l.google.com:19302"}}}
+	}
+	return servers
+}
diff --git a/server/pkg/weblive/hub.go b/server/pkg/weblive/hub.go
new file mode 100644
index 0000000..84920b5
--- /dev/null
+++ b/server/pkg/weblive/hub.go
@@ -0,0 +1,176 @@
+package weblive
+
+import (
+	"sync"
+
+	"github.com/gorilla/websocket"
+	"github.com/pion/rtp"
+	"github.com/pion/webrtc/v3"
+)
+
+// trackForwarder 从主播轨读 RTP，复制到所有观众本地轨
+type trackForwarder struct {
+	remote *webrtc.TrackRemote
+	mu     sync.Mutex
+	locals map[string]*webrtc.TrackLocalStaticRTP
+	stopCh chan struct{}
+}
+
+func newTrackForwarder(track *webrtc.TrackRemote) *trackForwarder {
+	return &trackForwarder{
+		remote: track,
+		locals: make(map[string]*webrtc.TrackLocalStaticRTP),
+		stopCh: make(chan struct{}),
+	}
+}
+
+func (tf *trackForwarder) addViewer(id string, t *webrtc.TrackLocalStaticRTP) {
+	tf.mu.Lock()
+	defer tf.mu.Unlock()
+	tf.locals[id] = t
+}
+
+func (tf *trackForwarder) removeViewer(id string) {
+	tf.mu.Lock()
+	defer tf.mu.Unlock()
+	delete(tf.locals, id)
+}
+
+func (tf *trackForwarder) close() {
+	select {
+	case <-tf.stopCh:
+	default:
+		close(tf.stopCh)
+	}
+}
+
+func (tf *trackForwarder) runReadLoop() {
+	buf := make([]byte, 1500)
+	for {
+		select {
+		case <-tf.stopCh:
+			return
+		default:
+		}
+		n, _, err := tf.remote.Read(buf)
+		if err != nil {
+			return
+		}
+		tf.mu.Lock()
+		for _, lt := range tf.locals {
+			cp := &rtp.Packet{}
+			if err := cp.Unmarshal(buf[:n]); err != nil {
+				continue
+			}
+			_ = lt.WriteRTP(cp)
+		}
+		tf.mu.Unlock()
+	}
+}
+
+// Hub 单房间：一名主播、多名观众（进程内内存态，重启清空）
+type Hub struct {
+	mu sync.RWMutex
+
+	api *webrtc.API
+	cfg webrtc.Configuration
+
+	publishConn *websocket.Conn
+	pubPC       *webrtc.PeerConnection
+	forwarders  []*trackForwarder
+
+	viewers map[string]*viewerSession
+}
+
+type viewerSession struct {
+	id       string
+	ws       *websocket.Conn
+	pc       *webrtc.PeerConnection
+	pending  []webrtc.ICECandidateInit
+	answered bool
+}
+
+func newHub(api *webrtc.API) *Hub {
+	return &Hub{
+		api:     api,
+		cfg:     webrtc.Configuration{ICEServers: iceServersFromEnv()},
+		viewers: make(map[string]*viewerSession),
+	}
+}
+
+var (
+	defaultHub *Hub
+	hubOnce    sync.Once
+	hubInitErr error
+)
+
+func getHub() (*Hub, error) {
+	hubOnce.Do(func() {
+		var api *webrtc.API
+		api, hubInitErr = buildAPI()
+		if hubInitErr != nil {
+			return
+		}
+		defaultHub = newHub(api)
+	})
+	return defaultHub, hubInitErr
+}
+
+func (h *Hub) clearPublisher() {
+	h.mu.Lock()
+	defer h.mu.Unlock()
+	for _, tf := range h.forwarders {
+		tf.close()
+	}
+	h.forwarders = nil
+	if h.pubPC != nil {
+		_ = h.pubPC.Close()
+		h.pubPC = nil
+	}
+	h.publishConn = nil
+}
+
+func (h *Hub) removeViewer(id string) {
+	h.mu.Lock()
+	vs, ok := h.viewers[id]
+	if ok {
+		delete(h.viewers, id)
+	}
+	for _, tf := range h.forwarders {
+		tf.removeViewer(id)
+	}
+	h.mu.Unlock()
+	if ok && vs != nil && vs.pc != nil {
+		_ = vs.pc.Close()
+	}
+}
+
+func (h *Hub) onPublisherTrack(track *webrtc.TrackRemote) {
+	// 仅转发视频轨，降低协商复杂度
+	if track.Kind() != webrtc.RTPCodecTypeVideo {
+		return
+	}
+	tf := newTrackForwarder(track)
+	h.mu.Lock()
+	h.forwarders = append(h.forwarders, tf)
+	h.mu.Unlock()
+	go tf.runReadLoop()
+	// 观众仅在「已开播」后拉流：首次协商时 attachForwardersToViewerPC 会带上当前全部轨，无需在此重协商
+}
+
+func (h *Hub) attachForwardersToViewerPC(v *viewerSession) {
+	h.mu.RLock()
+	fwd := append([]*trackForwarder(nil), h.forwarders...)
+	h.mu.RUnlock()
+	for _, tf := range fwd {
+		cap := tf.remote.Codec().RTPCodecCapability
+		lt, err := webrtc.NewTrackLocalStaticRTP(cap, tf.remote.ID()+"_"+v.id, tf.remote.StreamID())
+		if err != nil {
+			continue
+		}
+		if _, err := v.pc.AddTrack(lt); err != nil {
+			continue
+		}
+		tf.addViewer(v.id, lt)
+	}
+}
diff --git a/server/pkg/weblive/ws.go b/server/pkg/weblive/ws.go
new file mode 100644
index 0000000..914fecb
--- /dev/null
+++ b/server/pkg/weblive/ws.go
@@ -0,0 +1,278 @@
+package weblive
+
+import (
+	"encoding/json"
+	"log"
+	"net/http"
+	"sync"
+
+	"yh_web/server/handlers"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+	"github.com/gorilla/websocket"
+	"github.com/pion/webrtc/v3"
+)
+
+var upgrader = websocket.Upgrader{
+	ReadBufferSize:  1024,
+	WriteBufferSize: 1024,
+	CheckOrigin: func(r *http.Request) bool {
+		return true
+	},
+}
+
+type wsEnvelope struct {
+	Type      string          `json:"type"`
+	SDP       string          `json:"sdp"`
+	Candidate json.RawMessage `json:"candidate"`
+}
+
+func RegisterRoutes(r gin.IRoutes) {
+	r.GET("/live/status", handleLiveStatus)
+	r.GET("/live/ws", handleLiveWS)
+}
+
+func handleLiveStatus(c *gin.Context) {
+	h, err := getHub()
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "live hub unavailable"})
+		return
+	}
+	h.mu.RLock()
+	live := h.publishConn != nil && h.pubPC != nil && len(h.forwarders) > 0
+	h.mu.RUnlock()
+	c.JSON(http.StatusOK, gin.H{"live": live})
+}
+
+func handleLiveWS(c *gin.Context) {
+	role := c.Query("role")
+	h, err := getHub()
+	if err != nil {
+		c.Status(http.StatusInternalServerError)
+		return
+	}
+	switch role {
+	case "publish":
+		if !handlers.LivePublishAllowed(c.Query("token")) {
+			c.JSON(http.StatusForbidden, gin.H{"error": "请使用管理后台登录后的账号开播（URL 参数 token=JWT）"})
+			return
+		}
+		handlePublisherWS(c, h)
+	case "view":
+		handleViewerWS(c, h)
+	default:
+		c.JSON(http.StatusBadRequest, gin.H{"error": "role must be publish or view"})
+	}
+}
+
+func writeJSON(ws *websocket.Conn, v any) error {
+	b, err := json.Marshal(v)
+	if err != nil {
+		return err
+	}
+	return ws.WriteMessage(websocket.TextMessage, b)
+}
+
+func handlePublisherWS(c *gin.Context, h *Hub) {
+	ws, err := upgrader.Upgrade(c.Writer, c.Request, nil)
+	if err != nil {
+		return
+	}
+
+	h.mu.Lock()
+	if h.publishConn != nil {
+		h.mu.Unlock()
+		_ = writeJSON(ws, map[string]string{"type": "error", "message": "已有主播在播，请稍后再试"})
+		_ = ws.Close()
+		return
+	}
+	h.publishConn = ws
+	h.mu.Unlock()
+
+	pc, err := h.api.NewPeerConnection(h.cfg)
+	if err != nil {
+		h.mu.Lock()
+		h.publishConn = nil
+		h.mu.Unlock()
+		_ = ws.Close()
+		return
+	}
+	h.mu.Lock()
+	h.pubPC = pc
+	h.mu.Unlock()
+
+	var iceMu sync.Mutex
+	var iceQueue []webrtc.ICECandidateInit
+
+	sendICE := func(candidate *webrtc.ICECandidate) {
+		if candidate == nil {
+			return
+		}
+		_ = writeJSON(ws, map[string]interface{}{"type": "ice", "candidate": candidate.ToJSON()})
+	}
+
+	pc.OnICECandidate(func(c *webrtc.ICECandidate) { sendICE(c) })
+
+	pc.OnTrack(func(track *webrtc.TrackRemote, _ *webrtc.RTPReceiver) {
+		log.Printf("weblive: publisher track kind=%s", track.Kind().String())
+		h.onPublisherTrack(track)
+	})
+
+	pc.OnConnectionStateChange(func(s webrtc.PeerConnectionState) {
+		if s == webrtc.PeerConnectionStateFailed || s == webrtc.PeerConnectionStateClosed {
+			_ = ws.Close()
+		}
+	})
+
+	defer func() {
+		for _, v := range h.snapshotViewers() {
+			_ = writeJSON(v.ws, map[string]string{"type": "ended", "message": "主播已结束直播"})
+		}
+		h.clearPublisher()
+		_ = ws.Close()
+	}()
+
+	for {
+		_, data, err := ws.ReadMessage()
+		if err != nil {
+			return
+		}
+		var env wsEnvelope
+		if err := json.Unmarshal(data, &env); err != nil {
+			continue
+		}
+		switch env.Type {
+		case "offer":
+			if err := pc.SetRemoteDescription(webrtc.SessionDescription{Type: webrtc.SDPTypeOffer, SDP: env.SDP}); err != nil {
+				_ = writeJSON(ws, map[string]string{"type": "error", "message": "SetRemoteDescription failed"})
+				continue
+			}
+			iceMu.Lock()
+			for _, cand := range iceQueue {
+				_ = pc.AddICECandidate(cand)
+			}
+			iceQueue = nil
+			iceMu.Unlock()
+
+			ans, err := pc.CreateAnswer(nil)
+			if err != nil {
+				continue
+			}
+			if err := pc.SetLocalDescription(ans); err != nil {
+				continue
+			}
+			_ = writeJSON(ws, map[string]string{"type": "answer", "sdp": ans.SDP})
+		case "ice":
+			var init webrtc.ICECandidateInit
+			if err := json.Unmarshal(env.Candidate, &init); err != nil {
+				continue
+			}
+			if pc.RemoteDescription() == nil {
+				iceMu.Lock()
+				iceQueue = append(iceQueue, init)
+				iceMu.Unlock()
+				continue
+			}
+			_ = pc.AddICECandidate(init)
+		}
+	}
+}
+
+func (h *Hub) snapshotViewers() []*viewerSession {
+	h.mu.RLock()
+	defer h.mu.RUnlock()
+	out := make([]*viewerSession, 0, len(h.viewers))
+	for _, v := range h.viewers {
+		out = append(out, v)
+	}
+	return out
+}
+
+func handleViewerWS(c *gin.Context, h *Hub) {
+	ws, err := upgrader.Upgrade(c.Writer, c.Request, nil)
+	if err != nil {
+		return
+	}
+	vid := uuid.New().String()
+	vs := &viewerSession{id: vid, ws: ws}
+
+	h.mu.Lock()
+	h.viewers[vid] = vs
+	h.mu.Unlock()
+
+	defer func() {
+		h.removeViewer(vid)
+		_ = ws.Close()
+	}()
+
+	pc, err := h.api.NewPeerConnection(h.cfg)
+	if err != nil {
+		return
+	}
+	vs.pc = pc
+
+	var iceMu sync.Mutex
+	var iceQueue []webrtc.ICECandidateInit
+
+	pc.OnICECandidate(func(cand *webrtc.ICECandidate) {
+		if cand == nil {
+			return
+		}
+		_ = writeJSON(ws, map[string]interface{}{"type": "ice", "candidate": cand.ToJSON()})
+	})
+
+	pc.OnConnectionStateChange(func(s webrtc.PeerConnectionState) {
+		if s == webrtc.PeerConnectionStateFailed || s == webrtc.PeerConnectionStateClosed {
+			_ = ws.Close()
+		}
+	})
+
+	for {
+		_, data, err := ws.ReadMessage()
+		if err != nil {
+			return
+		}
+		var env wsEnvelope
+		if err := json.Unmarshal(data, &env); err != nil {
+			continue
+		}
+		switch env.Type {
+		case "offer":
+			if err := pc.SetRemoteDescription(webrtc.SessionDescription{Type: webrtc.SDPTypeOffer, SDP: env.SDP}); err != nil {
+				_ = writeJSON(ws, map[string]string{"type": "error", "message": "SetRemoteDescription failed"})
+				continue
+			}
+			iceMu.Lock()
+			for _, cand := range iceQueue {
+				_ = pc.AddICECandidate(cand)
+			}
+			iceQueue = nil
+			iceMu.Unlock()
+
+			h.attachForwardersToViewerPC(vs)
+
+			ans, err := pc.CreateAnswer(nil)
+			if err != nil {
+				continue
+			}
+			if err := pc.SetLocalDescription(ans); err != nil {
+				continue
+			}
+			vs.answered = true
+			_ = writeJSON(ws, map[string]string{"type": "answer", "sdp": ans.SDP})
+		case "ice":
+			var init webrtc.ICECandidateInit
+			if err := json.Unmarshal(env.Candidate, &init); err != nil {
+				continue
+			}
+			if pc.RemoteDescription() == nil {
+				iceMu.Lock()
+				iceQueue = append(iceQueue, init)
+				iceMu.Unlock()
+				continue
+			}
+			_ = pc.AddICECandidate(init)
+		}
+	}
+}
diff --git a/server/vendor/github.com/davecgh/go-spew/LICENSE b/server/vendor/github.com/davecgh/go-spew/LICENSE
new file mode 100644
index 0000000..bc52e96
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/LICENSE
@@ -0,0 +1,15 @@
+ISC License
+
+Copyright (c) 2012-2016 Dave Collins <dave@davec.name>
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
diff --git a/server/vendor/github.com/davecgh/go-spew/spew/bypass.go b/server/vendor/github.com/davecgh/go-spew/spew/bypass.go
new file mode 100644
index 0000000..7929947
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/spew/bypass.go
@@ -0,0 +1,145 @@
+// Copyright (c) 2015-2016 Dave Collins <dave@davec.name>
+//
+// Permission to use, copy, modify, and distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+// NOTE: Due to the following build constraints, this file will only be compiled
+// when the code is not running on Google App Engine, compiled by GopherJS, and
+// "-tags safe" is not added to the go build command line.  The "disableunsafe"
+// tag is deprecated and thus should not be used.
+// Go versions prior to 1.4 are disabled because they use a different layout
+// for interfaces which make the implementation of unsafeReflectValue more complex.
+// +build !js,!appengine,!safe,!disableunsafe,go1.4
+
+package spew
+
+import (
+	"reflect"
+	"unsafe"
+)
+
+const (
+	// UnsafeDisabled is a build-time constant which specifies whether or
+	// not access to the unsafe package is available.
+	UnsafeDisabled = false
+
+	// ptrSize is the size of a pointer on the current arch.
+	ptrSize = unsafe.Sizeof((*byte)(nil))
+)
+
+type flag uintptr
+
+var (
+	// flagRO indicates whether the value field of a reflect.Value
+	// is read-only.
+	flagRO flag
+
+	// flagAddr indicates whether the address of the reflect.Value's
+	// value may be taken.
+	flagAddr flag
+)
+
+// flagKindMask holds the bits that make up the kind
+// part of the flags field. In all the supported versions,
+// it is in the lower 5 bits.
+const flagKindMask = flag(0x1f)
+
+// Different versions of Go have used different
+// bit layouts for the flags type. This table
+// records the known combinations.
+var okFlags = []struct {
+	ro, addr flag
+}{{
+	// From Go 1.4 to 1.5
+	ro:   1 << 5,
+	addr: 1 << 7,
+}, {
+	// Up to Go tip.
+	ro:   1<<5 | 1<<6,
+	addr: 1 << 8,
+}}
+
+var flagValOffset = func() uintptr {
+	field, ok := reflect.TypeOf(reflect.Value{}).FieldByName("flag")
+	if !ok {
+		panic("reflect.Value has no flag field")
+	}
+	return field.Offset
+}()
+
+// flagField returns a pointer to the flag field of a reflect.Value.
+func flagField(v *reflect.Value) *flag {
+	return (*flag)(unsafe.Pointer(uintptr(unsafe.Pointer(v)) + flagValOffset))
+}
+
+// unsafeReflectValue converts the passed reflect.Value into a one that bypasses
+// the typical safety restrictions preventing access to unaddressable and
+// unexported data.  It works by digging the raw pointer to the underlying
+// value out of the protected value and generating a new unprotected (unsafe)
+// reflect.Value to it.
+//
+// This allows us to check for implementations of the Stringer and error
+// interfaces to be used for pretty printing ordinarily unaddressable and
+// inaccessible values such as unexported struct fields.
+func unsafeReflectValue(v reflect.Value) reflect.Value {
+	if !v.IsValid() || (v.CanInterface() && v.CanAddr()) {
+		return v
+	}
+	flagFieldPtr := flagField(&v)
+	*flagFieldPtr &^= flagRO
+	*flagFieldPtr |= flagAddr
+	return v
+}
+
+// Sanity checks against future reflect package changes
+// to the type or semantics of the Value.flag field.
+func init() {
+	field, ok := reflect.TypeOf(reflect.Value{}).FieldByName("flag")
+	if !ok {
+		panic("reflect.Value has no flag field")
+	}
+	if field.Type.Kind() != reflect.TypeOf(flag(0)).Kind() {
+		panic("reflect.Value flag field has changed kind")
+	}
+	type t0 int
+	var t struct {
+		A t0
+		// t0 will have flagEmbedRO set.
+		t0
+		// a will have flagStickyRO set
+		a t0
+	}
+	vA := reflect.ValueOf(t).FieldByName("A")
+	va := reflect.ValueOf(t).FieldByName("a")
+	vt0 := reflect.ValueOf(t).FieldByName("t0")
+
+	// Infer flagRO from the difference between the flags
+	// for the (otherwise identical) fields in t.
+	flagPublic := *flagField(&vA)
+	flagWithRO := *flagField(&va) | *flagField(&vt0)
+	flagRO = flagPublic ^ flagWithRO
+
+	// Infer flagAddr from the difference between a value
+	// taken from a pointer and not.
+	vPtrA := reflect.ValueOf(&t).Elem().FieldByName("A")
+	flagNoPtr := *flagField(&vA)
+	flagPtr := *flagField(&vPtrA)
+	flagAddr = flagNoPtr ^ flagPtr
+
+	// Check that the inferred flags tally with one of the known versions.
+	for _, f := range okFlags {
+		if flagRO == f.ro && flagAddr == f.addr {
+			return
+		}
+	}
+	panic("reflect.Value read-only flag has changed semantics")
+}
diff --git a/server/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go b/server/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go
new file mode 100644
index 0000000..205c28d
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go
@@ -0,0 +1,38 @@
+// Copyright (c) 2015-2016 Dave Collins <dave@davec.name>
+//
+// Permission to use, copy, modify, and distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+// NOTE: Due to the following build constraints, this file will only be compiled
+// when the code is running on Google App Engine, compiled by GopherJS, or
+// "-tags safe" is added to the go build command line.  The "disableunsafe"
+// tag is deprecated and thus should not be used.
+// +build js appengine safe disableunsafe !go1.4
+
+package spew
+
+import "reflect"
+
+const (
+	// UnsafeDisabled is a build-time constant which specifies whether or
+	// not access to the unsafe package is available.
+	UnsafeDisabled = true
+)
+
+// unsafeReflectValue typically converts the passed reflect.Value into a one
+// that bypasses the typical safety restrictions preventing access to
+// unaddressable and unexported data.  However, doing this relies on access to
+// the unsafe package.  This is a stub version which simply returns the passed
+// reflect.Value when the unsafe package is not available.
+func unsafeReflectValue(v reflect.Value) reflect.Value {
+	return v
+}
diff --git a/server/vendor/github.com/davecgh/go-spew/spew/common.go b/server/vendor/github.com/davecgh/go-spew/spew/common.go
new file mode 100644
index 0000000..1be8ce9
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/spew/common.go
@@ -0,0 +1,341 @@
+/*
+ * Copyright (c) 2013-2016 Dave Collins <dave@davec.name>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+package spew
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"reflect"
+	"sort"
+	"strconv"
+)
+
+// Some constants in the form of bytes to avoid string overhead.  This mirrors
+// the technique used in the fmt package.
+var (
+	panicBytes            = []byte("(PANIC=")
+	plusBytes             = []byte("+")
+	iBytes                = []byte("i")
+	trueBytes             = []byte("true")
+	falseBytes            = []byte("false")
+	interfaceBytes        = []byte("(interface {})")
+	commaNewlineBytes     = []byte(",\n")
+	newlineBytes          = []byte("\n")
+	openBraceBytes        = []byte("{")
+	openBraceNewlineBytes = []byte("{\n")
+	closeBraceBytes       = []byte("}")
+	asteriskBytes         = []byte("*")
+	colonBytes            = []byte(":")
+	colonSpaceBytes       = []byte(": ")
+	openParenBytes        = []byte("(")
+	closeParenBytes       = []byte(")")
+	spaceBytes            = []byte(" ")
+	pointerChainBytes     = []byte("->")
+	nilAngleBytes         = []byte("<nil>")
+	maxNewlineBytes       = []byte("<max depth reached>\n")
+	maxShortBytes         = []byte("<max>")
+	circularBytes         = []byte("<already shown>")
+	circularShortBytes    = []byte("<shown>")
+	invalidAngleBytes     = []byte("<invalid>")
+	openBracketBytes      = []byte("[")
+	closeBracketBytes     = []byte("]")
+	percentBytes          = []byte("%")
+	precisionBytes        = []byte(".")
+	openAngleBytes        = []byte("<")
+	closeAngleBytes       = []byte(">")
+	openMapBytes          = []byte("map[")
+	closeMapBytes         = []byte("]")
+	lenEqualsBytes        = []byte("len=")
+	capEqualsBytes        = []byte("cap=")
+)
+
+// hexDigits is used to map a decimal value to a hex digit.
+var hexDigits = "0123456789abcdef"
+
+// catchPanic handles any panics that might occur during the handleMethods
+// calls.
+func catchPanic(w io.Writer, v reflect.Value) {
+	if err := recover(); err != nil {
+		w.Write(panicBytes)
+		fmt.Fprintf(w, "%v", err)
+		w.Write(closeParenBytes)
+	}
+}
+
+// handleMethods attempts to call the Error and String methods on the underlying
+// type the passed reflect.Value represents and outputes the result to Writer w.
+//
+// It handles panics in any called methods by catching and displaying the error
+// as the formatted value.
+func handleMethods(cs *ConfigState, w io.Writer, v reflect.Value) (handled bool) {
+	// We need an interface to check if the type implements the error or
+	// Stringer interface.  However, the reflect package won't give us an
+	// interface on certain things like unexported struct fields in order
+	// to enforce visibility rules.  We use unsafe, when it's available,
+	// to bypass these restrictions since this package does not mutate the
+	// values.
+	if !v.CanInterface() {
+		if UnsafeDisabled {
+			return false
+		}
+
+		v = unsafeReflectValue(v)
+	}
+
+	// Choose whether or not to do error and Stringer interface lookups against
+	// the base type or a pointer to the base type depending on settings.
+	// Technically calling one of these methods with a pointer receiver can
+	// mutate the value, however, types which choose to satisify an error or
+	// Stringer interface with a pointer receiver should not be mutating their
+	// state inside these interface methods.
+	if !cs.DisablePointerMethods && !UnsafeDisabled && !v.CanAddr() {
+		v = unsafeReflectValue(v)
+	}
+	if v.CanAddr() {
+		v = v.Addr()
+	}
+
+	// Is it an error or Stringer?
+	switch iface := v.Interface().(type) {
+	case error:
+		defer catchPanic(w, v)
+		if cs.ContinueOnMethod {
+			w.Write(openParenBytes)
+			w.Write([]byte(iface.Error()))
+			w.Write(closeParenBytes)
+			w.Write(spaceBytes)
+			return false
+		}
+
+		w.Write([]byte(iface.Error()))
+		return true
+
+	case fmt.Stringer:
+		defer catchPanic(w, v)
+		if cs.ContinueOnMethod {
+			w.Write(openParenBytes)
+			w.Write([]byte(iface.String()))
+			w.Write(closeParenBytes)
+			w.Write(spaceBytes)
+			return false
+		}
+		w.Write([]byte(iface.String()))
+		return true
+	}
+	return false
+}
+
+// printBool outputs a boolean value as true or false to Writer w.
+func printBool(w io.Writer, val bool) {
+	if val {
+		w.Write(trueBytes)
+	} else {
+		w.Write(falseBytes)
+	}
+}
+
+// printInt outputs a signed integer value to Writer w.
+func printInt(w io.Writer, val int64, base int) {
+	w.Write([]byte(strconv.FormatInt(val, base)))
+}
+
+// printUint outputs an unsigned integer value to Writer w.
+func printUint(w io.Writer, val uint64, base int) {
+	w.Write([]byte(strconv.FormatUint(val, base)))
+}
+
+// printFloat outputs a floating point value using the specified precision,
+// which is expected to be 32 or 64bit, to Writer w.
+func printFloat(w io.Writer, val float64, precision int) {
+	w.Write([]byte(strconv.FormatFloat(val, 'g', -1, precision)))
+}
+
+// printComplex outputs a complex value using the specified float precision
+// for the real and imaginary parts to Writer w.
+func printComplex(w io.Writer, c complex128, floatPrecision int) {
+	r := real(c)
+	w.Write(openParenBytes)
+	w.Write([]byte(strconv.FormatFloat(r, 'g', -1, floatPrecision)))
+	i := imag(c)
+	if i >= 0 {
+		w.Write(plusBytes)
+	}
+	w.Write([]byte(strconv.FormatFloat(i, 'g', -1, floatPrecision)))
+	w.Write(iBytes)
+	w.Write(closeParenBytes)
+}
+
+// printHexPtr outputs a uintptr formatted as hexadecimal with a leading '0x'
+// prefix to Writer w.
+func printHexPtr(w io.Writer, p uintptr) {
+	// Null pointer.
+	num := uint64(p)
+	if num == 0 {
+		w.Write(nilAngleBytes)
+		return
+	}
+
+	// Max uint64 is 16 bytes in hex + 2 bytes for '0x' prefix
+	buf := make([]byte, 18)
+
+	// It's simpler to construct the hex string right to left.
+	base := uint64(16)
+	i := len(buf) - 1
+	for num >= base {
+		buf[i] = hexDigits[num%base]
+		num /= base
+		i--
+	}
+	buf[i] = hexDigits[num]
+
+	// Add '0x' prefix.
+	i--
+	buf[i] = 'x'
+	i--
+	buf[i] = '0'
+
+	// Strip unused leading bytes.
+	buf = buf[i:]
+	w.Write(buf)
+}
+
+// valuesSorter implements sort.Interface to allow a slice of reflect.Value
+// elements to be sorted.
+type valuesSorter struct {
+	values  []reflect.Value
+	strings []string // either nil or same len and values
+	cs      *ConfigState
+}
+
+// newValuesSorter initializes a valuesSorter instance, which holds a set of
+// surrogate keys on which the data should be sorted.  It uses flags in
+// ConfigState to decide if and how to populate those surrogate keys.
+func newValuesSorter(values []reflect.Value, cs *ConfigState) sort.Interface {
+	vs := &valuesSorter{values: values, cs: cs}
+	if canSortSimply(vs.values[0].Kind()) {
+		return vs
+	}
+	if !cs.DisableMethods {
+		vs.strings = make([]string, len(values))
+		for i := range vs.values {
+			b := bytes.Buffer{}
+			if !handleMethods(cs, &b, vs.values[i]) {
+				vs.strings = nil
+				break
+			}
+			vs.strings[i] = b.String()
+		}
+	}
+	if vs.strings == nil && cs.SpewKeys {
+		vs.strings = make([]string, len(values))
+		for i := range vs.values {
+			vs.strings[i] = Sprintf("%#v", vs.values[i].Interface())
+		}
+	}
+	return vs
+}
+
+// canSortSimply tests whether a reflect.Kind is a primitive that can be sorted
+// directly, or whether it should be considered for sorting by surrogate keys
+// (if the ConfigState allows it).
+func canSortSimply(kind reflect.Kind) bool {
+	// This switch parallels valueSortLess, except for the default case.
+	switch kind {
+	case reflect.Bool:
+		return true
+	case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
+		return true
+	case reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint:
+		return true
+	case reflect.Float32, reflect.Float64:
+		return true
+	case reflect.String:
+		return true
+	case reflect.Uintptr:
+		return true
+	case reflect.Array:
+		return true
+	}
+	return false
+}
+
+// Len returns the number of values in the slice.  It is part of the
+// sort.Interface implementation.
+func (s *valuesSorter) Len() int {
+	return len(s.values)
+}
+
+// Swap swaps the values at the passed indices.  It is part of the
+// sort.Interface implementation.
+func (s *valuesSorter) Swap(i, j int) {
+	s.values[i], s.values[j] = s.values[j], s.values[i]
+	if s.strings != nil {
+		s.strings[i], s.strings[j] = s.strings[j], s.strings[i]
+	}
+}
+
+// valueSortLess returns whether the first value should sort before the second
+// value.  It is used by valueSorter.Less as part of the sort.Interface
+// implementation.
+func valueSortLess(a, b reflect.Value) bool {
+	switch a.Kind() {
+	case reflect.Bool:
+		return !a.Bool() && b.Bool()
+	case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
+		return a.Int() < b.Int()
+	case reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint:
+		return a.Uint() < b.Uint()
+	case reflect.Float32, reflect.Float64:
+		return a.Float() < b.Float()
+	case reflect.String:
+		return a.String() < b.String()
+	case reflect.Uintptr:
+		return a.Uint() < b.Uint()
+	case reflect.Array:
+		// Compare the contents of both arrays.
+		l := a.Len()
+		for i := 0; i < l; i++ {
+			av := a.Index(i)
+			bv := b.Index(i)
+			if av.Interface() == bv.Interface() {
+				continue
+			}
+			return valueSortLess(av, bv)
+		}
+	}
+	return a.String() < b.String()
+}
+
+// Less returns whether the value at index i should sort before the
+// value at index j.  It is part of the sort.Interface implementation.
+func (s *valuesSorter) Less(i, j int) bool {
+	if s.strings == nil {
+		return valueSortLess(s.values[i], s.values[j])
+	}
+	return s.strings[i] < s.strings[j]
+}
+
+// sortValues is a sort function that handles both native types and any type that
+// can be converted to error or Stringer.  Other inputs are sorted according to
+// their Value.String() value to ensure display stability.
+func sortValues(values []reflect.Value, cs *ConfigState) {
+	if len(values) == 0 {
+		return
+	}
+	sort.Sort(newValuesSorter(values, cs))
+}
diff --git a/server/vendor/github.com/davecgh/go-spew/spew/config.go b/server/vendor/github.com/davecgh/go-spew/spew/config.go
new file mode 100644
index 0000000..2e3d22f
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/spew/config.go
@@ -0,0 +1,306 @@
+/*
+ * Copyright (c) 2013-2016 Dave Collins <dave@davec.name>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+package spew
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"os"
+)
+
+// ConfigState houses the configuration options used by spew to format and
+// display values.  There is a global instance, Config, that is used to control
+// all top-level Formatter and Dump functionality.  Each ConfigState instance
+// provides methods equivalent to the top-level functions.
+//
+// The zero value for ConfigState provides no indentation.  You would typically
+// want to set it to a space or a tab.
+//
+// Alternatively, you can use NewDefaultConfig to get a ConfigState instance
+// with default settings.  See the documentation of NewDefaultConfig for default
+// values.
+type ConfigState struct {
+	// Indent specifies the string to use for each indentation level.  The
+	// global config instance that all top-level functions use set this to a
+	// single space by default.  If you would like more indentation, you might
+	// set this to a tab with "\t" or perhaps two spaces with "  ".
+	Indent string
+
+	// MaxDepth controls the maximum number of levels to descend into nested
+	// data structures.  The default, 0, means there is no limit.
+	//
+	// NOTE: Circular data structures are properly detected, so it is not
+	// necessary to set this value unless you specifically want to limit deeply
+	// nested data structures.
+	MaxDepth int
+
+	// DisableMethods specifies whether or not error and Stringer interfaces are
+	// invoked for types that implement them.
+	DisableMethods bool
+
+	// DisablePointerMethods specifies whether or not to check for and invoke
+	// error and Stringer interfaces on types which only accept a pointer
+	// receiver when the current type is not a pointer.
+	//
+	// NOTE: This might be an unsafe action since calling one of these methods
+	// with a pointer receiver could technically mutate the value, however,
+	// in practice, types which choose to satisify an error or Stringer
+	// interface with a pointer receiver should not be mutating their state
+	// inside these interface methods.  As a result, this option relies on
+	// access to the unsafe package, so it will not have any effect when
+	// running in environments without access to the unsafe package such as
+	// Google App Engine or with the "safe" build tag specified.
+	DisablePointerMethods bool
+
+	// DisablePointerAddresses specifies whether to disable the printing of
+	// pointer addresses. This is useful when diffing data structures in tests.
+	DisablePointerAddresses bool
+
+	// DisableCapacities specifies whether to disable the printing of capacities
+	// for arrays, slices, maps and channels. This is useful when diffing
+	// data structures in tests.
+	DisableCapacities bool
+
+	// ContinueOnMethod specifies whether or not recursion should continue once
+	// a custom error or Stringer interface is invoked.  The default, false,
+	// means it will print the results of invoking the custom error or Stringer
+	// interface and return immediately instead of continuing to recurse into
+	// the internals of the data type.
+	//
+	// NOTE: This flag does not have any effect if method invocation is disabled
+	// via the DisableMethods or DisablePointerMethods options.
+	ContinueOnMethod bool
+
+	// SortKeys specifies map keys should be sorted before being printed. Use
+	// this to have a more deterministic, diffable output.  Note that only
+	// native types (bool, int, uint, floats, uintptr and string) and types
+	// that support the error or Stringer interfaces (if methods are
+	// enabled) are supported, with other types sorted according to the
+	// reflect.Value.String() output which guarantees display stability.
+	SortKeys bool
+
+	// SpewKeys specifies that, as a last resort attempt, map keys should
+	// be spewed to strings and sorted by those strings.  This is only
+	// considered if SortKeys is true.
+	SpewKeys bool
+}
+
+// Config is the active configuration of the top-level functions.
+// The configuration can be changed by modifying the contents of spew.Config.
+var Config = ConfigState{Indent: " "}
+
+// Errorf is a wrapper for fmt.Errorf that treats each argument as if it were
+// passed with a Formatter interface returned by c.NewFormatter.  It returns
+// the formatted string as a value that satisfies error.  See NewFormatter
+// for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Errorf(format, c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Errorf(format string, a ...interface{}) (err error) {
+	return fmt.Errorf(format, c.convertArgs(a)...)
+}
+
+// Fprint is a wrapper for fmt.Fprint that treats each argument as if it were
+// passed with a Formatter interface returned by c.NewFormatter.  It returns
+// the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Fprint(w, c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Fprint(w io.Writer, a ...interface{}) (n int, err error) {
+	return fmt.Fprint(w, c.convertArgs(a)...)
+}
+
+// Fprintf is a wrapper for fmt.Fprintf that treats each argument as if it were
+// passed with a Formatter interface returned by c.NewFormatter.  It returns
+// the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Fprintf(w, format, c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Fprintf(w io.Writer, format string, a ...interface{}) (n int, err error) {
+	return fmt.Fprintf(w, format, c.convertArgs(a)...)
+}
+
+// Fprintln is a wrapper for fmt.Fprintln that treats each argument as if it
+// passed with a Formatter interface returned by c.NewFormatter.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Fprintln(w, c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Fprintln(w io.Writer, a ...interface{}) (n int, err error) {
+	return fmt.Fprintln(w, c.convertArgs(a)...)
+}
+
+// Print is a wrapper for fmt.Print that treats each argument as if it were
+// passed with a Formatter interface returned by c.NewFormatter.  It returns
+// the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Print(c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Print(a ...interface{}) (n int, err error) {
+	return fmt.Print(c.convertArgs(a)...)
+}
+
+// Printf is a wrapper for fmt.Printf that treats each argument as if it were
+// passed with a Formatter interface returned by c.NewFormatter.  It returns
+// the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Printf(format, c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Printf(format string, a ...interface{}) (n int, err error) {
+	return fmt.Printf(format, c.convertArgs(a)...)
+}
+
+// Println is a wrapper for fmt.Println that treats each argument as if it were
+// passed with a Formatter interface returned by c.NewFormatter.  It returns
+// the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Println(c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Println(a ...interface{}) (n int, err error) {
+	return fmt.Println(c.convertArgs(a)...)
+}
+
+// Sprint is a wrapper for fmt.Sprint that treats each argument as if it were
+// passed with a Formatter interface returned by c.NewFormatter.  It returns
+// the resulting string.  See NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Sprint(c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Sprint(a ...interface{}) string {
+	return fmt.Sprint(c.convertArgs(a)...)
+}
+
+// Sprintf is a wrapper for fmt.Sprintf that treats each argument as if it were
+// passed with a Formatter interface returned by c.NewFormatter.  It returns
+// the resulting string.  See NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Sprintf(format, c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Sprintf(format string, a ...interface{}) string {
+	return fmt.Sprintf(format, c.convertArgs(a)...)
+}
+
+// Sprintln is a wrapper for fmt.Sprintln that treats each argument as if it
+// were passed with a Formatter interface returned by c.NewFormatter.  It
+// returns the resulting string.  See NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Sprintln(c.NewFormatter(a), c.NewFormatter(b))
+func (c *ConfigState) Sprintln(a ...interface{}) string {
+	return fmt.Sprintln(c.convertArgs(a)...)
+}
+
+/*
+NewFormatter returns a custom formatter that satisfies the fmt.Formatter
+interface.  As a result, it integrates cleanly with standard fmt package
+printing functions.  The formatter is useful for inline printing of smaller data
+types similar to the standard %v format specifier.
+
+The custom formatter only responds to the %v (most compact), %+v (adds pointer
+addresses), %#v (adds types), and %#+v (adds types and pointer addresses) verb
+combinations.  Any other verbs such as %x and %q will be sent to the the
+standard fmt package for formatting.  In addition, the custom formatter ignores
+the width and precision arguments (however they will still work on the format
+specifiers not handled by the custom formatter).
+
+Typically this function shouldn't be called directly.  It is much easier to make
+use of the custom formatter by calling one of the convenience functions such as
+c.Printf, c.Println, or c.Printf.
+*/
+func (c *ConfigState) NewFormatter(v interface{}) fmt.Formatter {
+	return newFormatter(c, v)
+}
+
+// Fdump formats and displays the passed arguments to io.Writer w.  It formats
+// exactly the same as Dump.
+func (c *ConfigState) Fdump(w io.Writer, a ...interface{}) {
+	fdump(c, w, a...)
+}
+
+/*
+Dump displays the passed parameters to standard out with newlines, customizable
+indentation, and additional debug information such as complete types and all
+pointer addresses used to indirect to the final value.  It provides the
+following features over the built-in printing facilities provided by the fmt
+package:
+
+	* Pointers are dereferenced and followed
+	* Circular data structures are detected and handled properly
+	* Custom Stringer/error interfaces are optionally invoked, including
+	  on unexported types
+	* Custom types which only implement the Stringer/error interfaces via
+	  a pointer receiver are optionally invoked when passing non-pointer
+	  variables
+	* Byte arrays and slices are dumped like the hexdump -C command which
+	  includes offsets, byte values in hex, and ASCII output
+
+The configuration options are controlled by modifying the public members
+of c.  See ConfigState for options documentation.
+
+See Fdump if you would prefer dumping to an arbitrary io.Writer or Sdump to
+get the formatted result as a string.
+*/
+func (c *ConfigState) Dump(a ...interface{}) {
+	fdump(c, os.Stdout, a...)
+}
+
+// Sdump returns a string with the passed arguments formatted exactly the same
+// as Dump.
+func (c *ConfigState) Sdump(a ...interface{}) string {
+	var buf bytes.Buffer
+	fdump(c, &buf, a...)
+	return buf.String()
+}
+
+// convertArgs accepts a slice of arguments and returns a slice of the same
+// length with each argument converted to a spew Formatter interface using
+// the ConfigState associated with s.
+func (c *ConfigState) convertArgs(args []interface{}) (formatters []interface{}) {
+	formatters = make([]interface{}, len(args))
+	for index, arg := range args {
+		formatters[index] = newFormatter(c, arg)
+	}
+	return formatters
+}
+
+// NewDefaultConfig returns a ConfigState with the following default settings.
+//
+// 	Indent: " "
+// 	MaxDepth: 0
+// 	DisableMethods: false
+// 	DisablePointerMethods: false
+// 	ContinueOnMethod: false
+// 	SortKeys: false
+func NewDefaultConfig() *ConfigState {
+	return &ConfigState{Indent: " "}
+}
diff --git a/server/vendor/github.com/davecgh/go-spew/spew/doc.go b/server/vendor/github.com/davecgh/go-spew/spew/doc.go
new file mode 100644
index 0000000..aacaac6
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/spew/doc.go
@@ -0,0 +1,211 @@
+/*
+ * Copyright (c) 2013-2016 Dave Collins <dave@davec.name>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+Package spew implements a deep pretty printer for Go data structures to aid in
+debugging.
+
+A quick overview of the additional features spew provides over the built-in
+printing facilities for Go data types are as follows:
+
+	* Pointers are dereferenced and followed
+	* Circular data structures are detected and handled properly
+	* Custom Stringer/error interfaces are optionally invoked, including
+	  on unexported types
+	* Custom types which only implement the Stringer/error interfaces via
+	  a pointer receiver are optionally invoked when passing non-pointer
+	  variables
+	* Byte arrays and slices are dumped like the hexdump -C command which
+	  includes offsets, byte values in hex, and ASCII output (only when using
+	  Dump style)
+
+There are two different approaches spew allows for dumping Go data structures:
+
+	* Dump style which prints with newlines, customizable indentation,
+	  and additional debug information such as types and all pointer addresses
+	  used to indirect to the final value
+	* A custom Formatter interface that integrates cleanly with the standard fmt
+	  package and replaces %v, %+v, %#v, and %#+v to provide inline printing
+	  similar to the default %v while providing the additional functionality
+	  outlined above and passing unsupported format verbs such as %x and %q
+	  along to fmt
+
+Quick Start
+
+This section demonstrates how to quickly get started with spew.  See the
+sections below for further details on formatting and configuration options.
+
+To dump a variable with full newlines, indentation, type, and pointer
+information use Dump, Fdump, or Sdump:
+	spew.Dump(myVar1, myVar2, ...)
+	spew.Fdump(someWriter, myVar1, myVar2, ...)
+	str := spew.Sdump(myVar1, myVar2, ...)
+
+Alternatively, if you would prefer to use format strings with a compacted inline
+printing style, use the convenience wrappers Printf, Fprintf, etc with
+%v (most compact), %+v (adds pointer addresses), %#v (adds types), or
+%#+v (adds types and pointer addresses):
+	spew.Printf("myVar1: %v -- myVar2: %+v", myVar1, myVar2)
+	spew.Printf("myVar3: %#v -- myVar4: %#+v", myVar3, myVar4)
+	spew.Fprintf(someWriter, "myVar1: %v -- myVar2: %+v", myVar1, myVar2)
+	spew.Fprintf(someWriter, "myVar3: %#v -- myVar4: %#+v", myVar3, myVar4)
+
+Configuration Options
+
+Configuration of spew is handled by fields in the ConfigState type.  For
+convenience, all of the top-level functions use a global state available
+via the spew.Config global.
+
+It is also possible to create a ConfigState instance that provides methods
+equivalent to the top-level functions.  This allows concurrent configuration
+options.  See the ConfigState documentation for more details.
+
+The following configuration options are available:
+	* Indent
+		String to use for each indentation level for Dump functions.
+		It is a single space by default.  A popular alternative is "\t".
+
+	* MaxDepth
+		Maximum number of levels to descend into nested data structures.
+		There is no limit by default.
+
+	* DisableMethods
+		Disables invocation of error and Stringer interface methods.
+		Method invocation is enabled by default.
+
+	* DisablePointerMethods
+		Disables invocation of error and Stringer interface methods on types
+		which only accept pointer receivers from non-pointer variables.
+		Pointer method invocation is enabled by default.
+
+	* DisablePointerAddresses
+		DisablePointerAddresses specifies whether to disable the printing of
+		pointer addresses. This is useful when diffing data structures in tests.
+
+	* DisableCapacities
+		DisableCapacities specifies whether to disable the printing of
+		capacities for arrays, slices, maps and channels. This is useful when
+		diffing data structures in tests.
+
+	* ContinueOnMethod
+		Enables recursion into types after invoking error and Stringer interface
+		methods. Recursion after method invocation is disabled by default.
+
+	* SortKeys
+		Specifies map keys should be sorted before being printed. Use
+		this to have a more deterministic, diffable output.  Note that
+		only native types (bool, int, uint, floats, uintptr and string)
+		and types which implement error or Stringer interfaces are
+		supported with other types sorted according to the
+		reflect.Value.String() output which guarantees display
+		stability.  Natural map order is used by default.
+
+	* SpewKeys
+		Specifies that, as a last resort attempt, map keys should be
+		spewed to strings and sorted by those strings.  This is only
+		considered if SortKeys is true.
+
+Dump Usage
+
+Simply call spew.Dump with a list of variables you want to dump:
+
+	spew.Dump(myVar1, myVar2, ...)
+
+You may also call spew.Fdump if you would prefer to output to an arbitrary
+io.Writer.  For example, to dump to standard error:
+
+	spew.Fdump(os.Stderr, myVar1, myVar2, ...)
+
+A third option is to call spew.Sdump to get the formatted output as a string:
+
+	str := spew.Sdump(myVar1, myVar2, ...)
+
+Sample Dump Output
+
+See the Dump example for details on the setup of the types and variables being
+shown here.
+
+	(main.Foo) {
+	 unexportedField: (*main.Bar)(0xf84002e210)({
+	  flag: (main.Flag) flagTwo,
+	  data: (uintptr) <nil>
+	 }),
+	 ExportedField: (map[interface {}]interface {}) (len=1) {
+	  (string) (len=3) "one": (bool) true
+	 }
+	}
+
+Byte (and uint8) arrays and slices are displayed uniquely like the hexdump -C
+command as shown.
+	([]uint8) (len=32 cap=32) {
+	 00000000  11 12 13 14 15 16 17 18  19 1a 1b 1c 1d 1e 1f 20  |............... |
+	 00000010  21 22 23 24 25 26 27 28  29 2a 2b 2c 2d 2e 2f 30  |!"#$%&'()*+,-./0|
+	 00000020  31 32                                             |12|
+	}
+
+Custom Formatter
+
+Spew provides a custom formatter that implements the fmt.Formatter interface
+so that it integrates cleanly with standard fmt package printing functions. The
+formatter is useful for inline printing of smaller data types similar to the
+standard %v format specifier.
+
+The custom formatter only responds to the %v (most compact), %+v (adds pointer
+addresses), %#v (adds types), or %#+v (adds types and pointer addresses) verb
+combinations.  Any other verbs such as %x and %q will be sent to the the
+standard fmt package for formatting.  In addition, the custom formatter ignores
+the width and precision arguments (however they will still work on the format
+specifiers not handled by the custom formatter).
+
+Custom Formatter Usage
+
+The simplest way to make use of the spew custom formatter is to call one of the
+convenience functions such as spew.Printf, spew.Println, or spew.Printf.  The
+functions have syntax you are most likely already familiar with:
+
+	spew.Printf("myVar1: %v -- myVar2: %+v", myVar1, myVar2)
+	spew.Printf("myVar3: %#v -- myVar4: %#+v", myVar3, myVar4)
+	spew.Println(myVar, myVar2)
+	spew.Fprintf(os.Stderr, "myVar1: %v -- myVar2: %+v", myVar1, myVar2)
+	spew.Fprintf(os.Stderr, "myVar3: %#v -- myVar4: %#+v", myVar3, myVar4)
+
+See the Index for the full list convenience functions.
+
+Sample Formatter Output
+
+Double pointer to a uint8:
+	  %v: <**>5
+	 %+v: <**>(0xf8400420d0->0xf8400420c8)5
+	 %#v: (**uint8)5
+	%#+v: (**uint8)(0xf8400420d0->0xf8400420c8)5
+
+Pointer to circular struct with a uint8 field and a pointer to itself:
+	  %v: <*>{1 <*><shown>}
+	 %+v: <*>(0xf84003e260){ui8:1 c:<*>(0xf84003e260)<shown>}
+	 %#v: (*main.circular){ui8:(uint8)1 c:(*main.circular)<shown>}
+	%#+v: (*main.circular)(0xf84003e260){ui8:(uint8)1 c:(*main.circular)(0xf84003e260)<shown>}
+
+See the Printf example for details on the setup of variables being shown
+here.
+
+Errors
+
+Since it is possible for custom Stringer/error interfaces to panic, spew
+detects them and handles them internally by printing the panic information
+inline with the output.  Since spew is intended to provide deep pretty printing
+capabilities on structures, it intentionally does not return any errors.
+*/
+package spew
diff --git a/server/vendor/github.com/davecgh/go-spew/spew/dump.go b/server/vendor/github.com/davecgh/go-spew/spew/dump.go
new file mode 100644
index 0000000..f78d89f
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/spew/dump.go
@@ -0,0 +1,509 @@
+/*
+ * Copyright (c) 2013-2016 Dave Collins <dave@davec.name>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+package spew
+
+import (
+	"bytes"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"os"
+	"reflect"
+	"regexp"
+	"strconv"
+	"strings"
+)
+
+var (
+	// uint8Type is a reflect.Type representing a uint8.  It is used to
+	// convert cgo types to uint8 slices for hexdumping.
+	uint8Type = reflect.TypeOf(uint8(0))
+
+	// cCharRE is a regular expression that matches a cgo char.
+	// It is used to detect character arrays to hexdump them.
+	cCharRE = regexp.MustCompile(`^.*\._Ctype_char$`)
+
+	// cUnsignedCharRE is a regular expression that matches a cgo unsigned
+	// char.  It is used to detect unsigned character arrays to hexdump
+	// them.
+	cUnsignedCharRE = regexp.MustCompile(`^.*\._Ctype_unsignedchar$`)
+
+	// cUint8tCharRE is a regular expression that matches a cgo uint8_t.
+	// It is used to detect uint8_t arrays to hexdump them.
+	cUint8tCharRE = regexp.MustCompile(`^.*\._Ctype_uint8_t$`)
+)
+
+// dumpState contains information about the state of a dump operation.
+type dumpState struct {
+	w                io.Writer
+	depth            int
+	pointers         map[uintptr]int
+	ignoreNextType   bool
+	ignoreNextIndent bool
+	cs               *ConfigState
+}
+
+// indent performs indentation according to the depth level and cs.Indent
+// option.
+func (d *dumpState) indent() {
+	if d.ignoreNextIndent {
+		d.ignoreNextIndent = false
+		return
+	}
+	d.w.Write(bytes.Repeat([]byte(d.cs.Indent), d.depth))
+}
+
+// unpackValue returns values inside of non-nil interfaces when possible.
+// This is useful for data types like structs, arrays, slices, and maps which
+// can contain varying types packed inside an interface.
+func (d *dumpState) unpackValue(v reflect.Value) reflect.Value {
+	if v.Kind() == reflect.Interface && !v.IsNil() {
+		v = v.Elem()
+	}
+	return v
+}
+
+// dumpPtr handles formatting of pointers by indirecting them as necessary.
+func (d *dumpState) dumpPtr(v reflect.Value) {
+	// Remove pointers at or below the current depth from map used to detect
+	// circular refs.
+	for k, depth := range d.pointers {
+		if depth >= d.depth {
+			delete(d.pointers, k)
+		}
+	}
+
+	// Keep list of all dereferenced pointers to show later.
+	pointerChain := make([]uintptr, 0)
+
+	// Figure out how many levels of indirection there are by dereferencing
+	// pointers and unpacking interfaces down the chain while detecting circular
+	// references.
+	nilFound := false
+	cycleFound := false
+	indirects := 0
+	ve := v
+	for ve.Kind() == reflect.Ptr {
+		if ve.IsNil() {
+			nilFound = true
+			break
+		}
+		indirects++
+		addr := ve.Pointer()
+		pointerChain = append(pointerChain, addr)
+		if pd, ok := d.pointers[addr]; ok && pd < d.depth {
+			cycleFound = true
+			indirects--
+			break
+		}
+		d.pointers[addr] = d.depth
+
+		ve = ve.Elem()
+		if ve.Kind() == reflect.Interface {
+			if ve.IsNil() {
+				nilFound = true
+				break
+			}
+			ve = ve.Elem()
+		}
+	}
+
+	// Display type information.
+	d.w.Write(openParenBytes)
+	d.w.Write(bytes.Repeat(asteriskBytes, indirects))
+	d.w.Write([]byte(ve.Type().String()))
+	d.w.Write(closeParenBytes)
+
+	// Display pointer information.
+	if !d.cs.DisablePointerAddresses && len(pointerChain) > 0 {
+		d.w.Write(openParenBytes)
+		for i, addr := range pointerChain {
+			if i > 0 {
+				d.w.Write(pointerChainBytes)
+			}
+			printHexPtr(d.w, addr)
+		}
+		d.w.Write(closeParenBytes)
+	}
+
+	// Display dereferenced value.
+	d.w.Write(openParenBytes)
+	switch {
+	case nilFound:
+		d.w.Write(nilAngleBytes)
+
+	case cycleFound:
+		d.w.Write(circularBytes)
+
+	default:
+		d.ignoreNextType = true
+		d.dump(ve)
+	}
+	d.w.Write(closeParenBytes)
+}
+
+// dumpSlice handles formatting of arrays and slices.  Byte (uint8 under
+// reflection) arrays and slices are dumped in hexdump -C fashion.
+func (d *dumpState) dumpSlice(v reflect.Value) {
+	// Determine whether this type should be hex dumped or not.  Also,
+	// for types which should be hexdumped, try to use the underlying data
+	// first, then fall back to trying to convert them to a uint8 slice.
+	var buf []uint8
+	doConvert := false
+	doHexDump := false
+	numEntries := v.Len()
+	if numEntries > 0 {
+		vt := v.Index(0).Type()
+		vts := vt.String()
+		switch {
+		// C types that need to be converted.
+		case cCharRE.MatchString(vts):
+			fallthrough
+		case cUnsignedCharRE.MatchString(vts):
+			fallthrough
+		case cUint8tCharRE.MatchString(vts):
+			doConvert = true
+
+		// Try to use existing uint8 slices and fall back to converting
+		// and copying if that fails.
+		case vt.Kind() == reflect.Uint8:
+			// We need an addressable interface to convert the type
+			// to a byte slice.  However, the reflect package won't
+			// give us an interface on certain things like
+			// unexported struct fields in order to enforce
+			// visibility rules.  We use unsafe, when available, to
+			// bypass these restrictions since this package does not
+			// mutate the values.
+			vs := v
+			if !vs.CanInterface() || !vs.CanAddr() {
+				vs = unsafeReflectValue(vs)
+			}
+			if !UnsafeDisabled {
+				vs = vs.Slice(0, numEntries)
+
+				// Use the existing uint8 slice if it can be
+				// type asserted.
+				iface := vs.Interface()
+				if slice, ok := iface.([]uint8); ok {
+					buf = slice
+					doHexDump = true
+					break
+				}
+			}
+
+			// The underlying data needs to be converted if it can't
+			// be type asserted to a uint8 slice.
+			doConvert = true
+		}
+
+		// Copy and convert the underlying type if needed.
+		if doConvert && vt.ConvertibleTo(uint8Type) {
+			// Convert and copy each element into a uint8 byte
+			// slice.
+			buf = make([]uint8, numEntries)
+			for i := 0; i < numEntries; i++ {
+				vv := v.Index(i)
+				buf[i] = uint8(vv.Convert(uint8Type).Uint())
+			}
+			doHexDump = true
+		}
+	}
+
+	// Hexdump the entire slice as needed.
+	if doHexDump {
+		indent := strings.Repeat(d.cs.Indent, d.depth)
+		str := indent + hex.Dump(buf)
+		str = strings.Replace(str, "\n", "\n"+indent, -1)
+		str = strings.TrimRight(str, d.cs.Indent)
+		d.w.Write([]byte(str))
+		return
+	}
+
+	// Recursively call dump for each item.
+	for i := 0; i < numEntries; i++ {
+		d.dump(d.unpackValue(v.Index(i)))
+		if i < (numEntries - 1) {
+			d.w.Write(commaNewlineBytes)
+		} else {
+			d.w.Write(newlineBytes)
+		}
+	}
+}
+
+// dump is the main workhorse for dumping a value.  It uses the passed reflect
+// value to figure out what kind of object we are dealing with and formats it
+// appropriately.  It is a recursive function, however circular data structures
+// are detected and handled properly.
+func (d *dumpState) dump(v reflect.Value) {
+	// Handle invalid reflect values immediately.
+	kind := v.Kind()
+	if kind == reflect.Invalid {
+		d.w.Write(invalidAngleBytes)
+		return
+	}
+
+	// Handle pointers specially.
+	if kind == reflect.Ptr {
+		d.indent()
+		d.dumpPtr(v)
+		return
+	}
+
+	// Print type information unless already handled elsewhere.
+	if !d.ignoreNextType {
+		d.indent()
+		d.w.Write(openParenBytes)
+		d.w.Write([]byte(v.Type().String()))
+		d.w.Write(closeParenBytes)
+		d.w.Write(spaceBytes)
+	}
+	d.ignoreNextType = false
+
+	// Display length and capacity if the built-in len and cap functions
+	// work with the value's kind and the len/cap itself is non-zero.
+	valueLen, valueCap := 0, 0
+	switch v.Kind() {
+	case reflect.Array, reflect.Slice, reflect.Chan:
+		valueLen, valueCap = v.Len(), v.Cap()
+	case reflect.Map, reflect.String:
+		valueLen = v.Len()
+	}
+	if valueLen != 0 || !d.cs.DisableCapacities && valueCap != 0 {
+		d.w.Write(openParenBytes)
+		if valueLen != 0 {
+			d.w.Write(lenEqualsBytes)
+			printInt(d.w, int64(valueLen), 10)
+		}
+		if !d.cs.DisableCapacities && valueCap != 0 {
+			if valueLen != 0 {
+				d.w.Write(spaceBytes)
+			}
+			d.w.Write(capEqualsBytes)
+			printInt(d.w, int64(valueCap), 10)
+		}
+		d.w.Write(closeParenBytes)
+		d.w.Write(spaceBytes)
+	}
+
+	// Call Stringer/error interfaces if they exist and the handle methods flag
+	// is enabled
+	if !d.cs.DisableMethods {
+		if (kind != reflect.Invalid) && (kind != reflect.Interface) {
+			if handled := handleMethods(d.cs, d.w, v); handled {
+				return
+			}
+		}
+	}
+
+	switch kind {
+	case reflect.Invalid:
+		// Do nothing.  We should never get here since invalid has already
+		// been handled above.
+
+	case reflect.Bool:
+		printBool(d.w, v.Bool())
+
+	case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
+		printInt(d.w, v.Int(), 10)
+
+	case reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint:
+		printUint(d.w, v.Uint(), 10)
+
+	case reflect.Float32:
+		printFloat(d.w, v.Float(), 32)
+
+	case reflect.Float64:
+		printFloat(d.w, v.Float(), 64)
+
+	case reflect.Complex64:
+		printComplex(d.w, v.Complex(), 32)
+
+	case reflect.Complex128:
+		printComplex(d.w, v.Complex(), 64)
+
+	case reflect.Slice:
+		if v.IsNil() {
+			d.w.Write(nilAngleBytes)
+			break
+		}
+		fallthrough
+
+	case reflect.Array:
+		d.w.Write(openBraceNewlineBytes)
+		d.depth++
+		if (d.cs.MaxDepth != 0) && (d.depth > d.cs.MaxDepth) {
+			d.indent()
+			d.w.Write(maxNewlineBytes)
+		} else {
+			d.dumpSlice(v)
+		}
+		d.depth--
+		d.indent()
+		d.w.Write(closeBraceBytes)
+
+	case reflect.String:
+		d.w.Write([]byte(strconv.Quote(v.String())))
+
+	case reflect.Interface:
+		// The only time we should get here is for nil interfaces due to
+		// unpackValue calls.
+		if v.IsNil() {
+			d.w.Write(nilAngleBytes)
+		}
+
+	case reflect.Ptr:
+		// Do nothing.  We should never get here since pointers have already
+		// been handled above.
+
+	case reflect.Map:
+		// nil maps should be indicated as different than empty maps
+		if v.IsNil() {
+			d.w.Write(nilAngleBytes)
+			break
+		}
+
+		d.w.Write(openBraceNewlineBytes)
+		d.depth++
+		if (d.cs.MaxDepth != 0) && (d.depth > d.cs.MaxDepth) {
+			d.indent()
+			d.w.Write(maxNewlineBytes)
+		} else {
+			numEntries := v.Len()
+			keys := v.MapKeys()
+			if d.cs.SortKeys {
+				sortValues(keys, d.cs)
+			}
+			for i, key := range keys {
+				d.dump(d.unpackValue(key))
+				d.w.Write(colonSpaceBytes)
+				d.ignoreNextIndent = true
+				d.dump(d.unpackValue(v.MapIndex(key)))
+				if i < (numEntries - 1) {
+					d.w.Write(commaNewlineBytes)
+				} else {
+					d.w.Write(newlineBytes)
+				}
+			}
+		}
+		d.depth--
+		d.indent()
+		d.w.Write(closeBraceBytes)
+
+	case reflect.Struct:
+		d.w.Write(openBraceNewlineBytes)
+		d.depth++
+		if (d.cs.MaxDepth != 0) && (d.depth > d.cs.MaxDepth) {
+			d.indent()
+			d.w.Write(maxNewlineBytes)
+		} else {
+			vt := v.Type()
+			numFields := v.NumField()
+			for i := 0; i < numFields; i++ {
+				d.indent()
+				vtf := vt.Field(i)
+				d.w.Write([]byte(vtf.Name))
+				d.w.Write(colonSpaceBytes)
+				d.ignoreNextIndent = true
+				d.dump(d.unpackValue(v.Field(i)))
+				if i < (numFields - 1) {
+					d.w.Write(commaNewlineBytes)
+				} else {
+					d.w.Write(newlineBytes)
+				}
+			}
+		}
+		d.depth--
+		d.indent()
+		d.w.Write(closeBraceBytes)
+
+	case reflect.Uintptr:
+		printHexPtr(d.w, uintptr(v.Uint()))
+
+	case reflect.UnsafePointer, reflect.Chan, reflect.Func:
+		printHexPtr(d.w, v.Pointer())
+
+	// There were not any other types at the time this code was written, but
+	// fall back to letting the default fmt package handle it in case any new
+	// types are added.
+	default:
+		if v.CanInterface() {
+			fmt.Fprintf(d.w, "%v", v.Interface())
+		} else {
+			fmt.Fprintf(d.w, "%v", v.String())
+		}
+	}
+}
+
+// fdump is a helper function to consolidate the logic from the various public
+// methods which take varying writers and config states.
+func fdump(cs *ConfigState, w io.Writer, a ...interface{}) {
+	for _, arg := range a {
+		if arg == nil {
+			w.Write(interfaceBytes)
+			w.Write(spaceBytes)
+			w.Write(nilAngleBytes)
+			w.Write(newlineBytes)
+			continue
+		}
+
+		d := dumpState{w: w, cs: cs}
+		d.pointers = make(map[uintptr]int)
+		d.dump(reflect.ValueOf(arg))
+		d.w.Write(newlineBytes)
+	}
+}
+
+// Fdump formats and displays the passed arguments to io.Writer w.  It formats
+// exactly the same as Dump.
+func Fdump(w io.Writer, a ...interface{}) {
+	fdump(&Config, w, a...)
+}
+
+// Sdump returns a string with the passed arguments formatted exactly the same
+// as Dump.
+func Sdump(a ...interface{}) string {
+	var buf bytes.Buffer
+	fdump(&Config, &buf, a...)
+	return buf.String()
+}
+
+/*
+Dump displays the passed parameters to standard out with newlines, customizable
+indentation, and additional debug information such as complete types and all
+pointer addresses used to indirect to the final value.  It provides the
+following features over the built-in printing facilities provided by the fmt
+package:
+
+	* Pointers are dereferenced and followed
+	* Circular data structures are detected and handled properly
+	* Custom Stringer/error interfaces are optionally invoked, including
+	  on unexported types
+	* Custom types which only implement the Stringer/error interfaces via
+	  a pointer receiver are optionally invoked when passing non-pointer
+	  variables
+	* Byte arrays and slices are dumped like the hexdump -C command which
+	  includes offsets, byte values in hex, and ASCII output
+
+The configuration options are controlled by an exported package global,
+spew.Config.  See ConfigState for options documentation.
+
+See Fdump if you would prefer dumping to an arbitrary io.Writer or Sdump to
+get the formatted result as a string.
+*/
+func Dump(a ...interface{}) {
+	fdump(&Config, os.Stdout, a...)
+}
diff --git a/server/vendor/github.com/davecgh/go-spew/spew/format.go b/server/vendor/github.com/davecgh/go-spew/spew/format.go
new file mode 100644
index 0000000..b04edb7
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/spew/format.go
@@ -0,0 +1,419 @@
+/*
+ * Copyright (c) 2013-2016 Dave Collins <dave@davec.name>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+package spew
+
+import (
+	"bytes"
+	"fmt"
+	"reflect"
+	"strconv"
+	"strings"
+)
+
+// supportedFlags is a list of all the character flags supported by fmt package.
+const supportedFlags = "0-+# "
+
+// formatState implements the fmt.Formatter interface and contains information
+// about the state of a formatting operation.  The NewFormatter function can
+// be used to get a new Formatter which can be used directly as arguments
+// in standard fmt package printing calls.
+type formatState struct {
+	value          interface{}
+	fs             fmt.State
+	depth          int
+	pointers       map[uintptr]int
+	ignoreNextType bool
+	cs             *ConfigState
+}
+
+// buildDefaultFormat recreates the original format string without precision
+// and width information to pass in to fmt.Sprintf in the case of an
+// unrecognized type.  Unless new types are added to the language, this
+// function won't ever be called.
+func (f *formatState) buildDefaultFormat() (format string) {
+	buf := bytes.NewBuffer(percentBytes)
+
+	for _, flag := range supportedFlags {
+		if f.fs.Flag(int(flag)) {
+			buf.WriteRune(flag)
+		}
+	}
+
+	buf.WriteRune('v')
+
+	format = buf.String()
+	return format
+}
+
+// constructOrigFormat recreates the original format string including precision
+// and width information to pass along to the standard fmt package.  This allows
+// automatic deferral of all format strings this package doesn't support.
+func (f *formatState) constructOrigFormat(verb rune) (format string) {
+	buf := bytes.NewBuffer(percentBytes)
+
+	for _, flag := range supportedFlags {
+		if f.fs.Flag(int(flag)) {
+			buf.WriteRune(flag)
+		}
+	}
+
+	if width, ok := f.fs.Width(); ok {
+		buf.WriteString(strconv.Itoa(width))
+	}
+
+	if precision, ok := f.fs.Precision(); ok {
+		buf.Write(precisionBytes)
+		buf.WriteString(strconv.Itoa(precision))
+	}
+
+	buf.WriteRune(verb)
+
+	format = buf.String()
+	return format
+}
+
+// unpackValue returns values inside of non-nil interfaces when possible and
+// ensures that types for values which have been unpacked from an interface
+// are displayed when the show types flag is also set.
+// This is useful for data types like structs, arrays, slices, and maps which
+// can contain varying types packed inside an interface.
+func (f *formatState) unpackValue(v reflect.Value) reflect.Value {
+	if v.Kind() == reflect.Interface {
+		f.ignoreNextType = false
+		if !v.IsNil() {
+			v = v.Elem()
+		}
+	}
+	return v
+}
+
+// formatPtr handles formatting of pointers by indirecting them as necessary.
+func (f *formatState) formatPtr(v reflect.Value) {
+	// Display nil if top level pointer is nil.
+	showTypes := f.fs.Flag('#')
+	if v.IsNil() && (!showTypes || f.ignoreNextType) {
+		f.fs.Write(nilAngleBytes)
+		return
+	}
+
+	// Remove pointers at or below the current depth from map used to detect
+	// circular refs.
+	for k, depth := range f.pointers {
+		if depth >= f.depth {
+			delete(f.pointers, k)
+		}
+	}
+
+	// Keep list of all dereferenced pointers to possibly show later.
+	pointerChain := make([]uintptr, 0)
+
+	// Figure out how many levels of indirection there are by derferencing
+	// pointers and unpacking interfaces down the chain while detecting circular
+	// references.
+	nilFound := false
+	cycleFound := false
+	indirects := 0
+	ve := v
+	for ve.Kind() == reflect.Ptr {
+		if ve.IsNil() {
+			nilFound = true
+			break
+		}
+		indirects++
+		addr := ve.Pointer()
+		pointerChain = append(pointerChain, addr)
+		if pd, ok := f.pointers[addr]; ok && pd < f.depth {
+			cycleFound = true
+			indirects--
+			break
+		}
+		f.pointers[addr] = f.depth
+
+		ve = ve.Elem()
+		if ve.Kind() == reflect.Interface {
+			if ve.IsNil() {
+				nilFound = true
+				break
+			}
+			ve = ve.Elem()
+		}
+	}
+
+	// Display type or indirection level depending on flags.
+	if showTypes && !f.ignoreNextType {
+		f.fs.Write(openParenBytes)
+		f.fs.Write(bytes.Repeat(asteriskBytes, indirects))
+		f.fs.Write([]byte(ve.Type().String()))
+		f.fs.Write(closeParenBytes)
+	} else {
+		if nilFound || cycleFound {
+			indirects += strings.Count(ve.Type().String(), "*")
+		}
+		f.fs.Write(openAngleBytes)
+		f.fs.Write([]byte(strings.Repeat("*", indirects)))
+		f.fs.Write(closeAngleBytes)
+	}
+
+	// Display pointer information depending on flags.
+	if f.fs.Flag('+') && (len(pointerChain) > 0) {
+		f.fs.Write(openParenBytes)
+		for i, addr := range pointerChain {
+			if i > 0 {
+				f.fs.Write(pointerChainBytes)
+			}
+			printHexPtr(f.fs, addr)
+		}
+		f.fs.Write(closeParenBytes)
+	}
+
+	// Display dereferenced value.
+	switch {
+	case nilFound:
+		f.fs.Write(nilAngleBytes)
+
+	case cycleFound:
+		f.fs.Write(circularShortBytes)
+
+	default:
+		f.ignoreNextType = true
+		f.format(ve)
+	}
+}
+
+// format is the main workhorse for providing the Formatter interface.  It
+// uses the passed reflect value to figure out what kind of object we are
+// dealing with and formats it appropriately.  It is a recursive function,
+// however circular data structures are detected and handled properly.
+func (f *formatState) format(v reflect.Value) {
+	// Handle invalid reflect values immediately.
+	kind := v.Kind()
+	if kind == reflect.Invalid {
+		f.fs.Write(invalidAngleBytes)
+		return
+	}
+
+	// Handle pointers specially.
+	if kind == reflect.Ptr {
+		f.formatPtr(v)
+		return
+	}
+
+	// Print type information unless already handled elsewhere.
+	if !f.ignoreNextType && f.fs.Flag('#') {
+		f.fs.Write(openParenBytes)
+		f.fs.Write([]byte(v.Type().String()))
+		f.fs.Write(closeParenBytes)
+	}
+	f.ignoreNextType = false
+
+	// Call Stringer/error interfaces if they exist and the handle methods
+	// flag is enabled.
+	if !f.cs.DisableMethods {
+		if (kind != reflect.Invalid) && (kind != reflect.Interface) {
+			if handled := handleMethods(f.cs, f.fs, v); handled {
+				return
+			}
+		}
+	}
+
+	switch kind {
+	case reflect.Invalid:
+		// Do nothing.  We should never get here since invalid has already
+		// been handled above.
+
+	case reflect.Bool:
+		printBool(f.fs, v.Bool())
+
+	case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
+		printInt(f.fs, v.Int(), 10)
+
+	case reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint:
+		printUint(f.fs, v.Uint(), 10)
+
+	case reflect.Float32:
+		printFloat(f.fs, v.Float(), 32)
+
+	case reflect.Float64:
+		printFloat(f.fs, v.Float(), 64)
+
+	case reflect.Complex64:
+		printComplex(f.fs, v.Complex(), 32)
+
+	case reflect.Complex128:
+		printComplex(f.fs, v.Complex(), 64)
+
+	case reflect.Slice:
+		if v.IsNil() {
+			f.fs.Write(nilAngleBytes)
+			break
+		}
+		fallthrough
+
+	case reflect.Array:
+		f.fs.Write(openBracketBytes)
+		f.depth++
+		if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) {
+			f.fs.Write(maxShortBytes)
+		} else {
+			numEntries := v.Len()
+			for i := 0; i < numEntries; i++ {
+				if i > 0 {
+					f.fs.Write(spaceBytes)
+				}
+				f.ignoreNextType = true
+				f.format(f.unpackValue(v.Index(i)))
+			}
+		}
+		f.depth--
+		f.fs.Write(closeBracketBytes)
+
+	case reflect.String:
+		f.fs.Write([]byte(v.String()))
+
+	case reflect.Interface:
+		// The only time we should get here is for nil interfaces due to
+		// unpackValue calls.
+		if v.IsNil() {
+			f.fs.Write(nilAngleBytes)
+		}
+
+	case reflect.Ptr:
+		// Do nothing.  We should never get here since pointers have already
+		// been handled above.
+
+	case reflect.Map:
+		// nil maps should be indicated as different than empty maps
+		if v.IsNil() {
+			f.fs.Write(nilAngleBytes)
+			break
+		}
+
+		f.fs.Write(openMapBytes)
+		f.depth++
+		if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) {
+			f.fs.Write(maxShortBytes)
+		} else {
+			keys := v.MapKeys()
+			if f.cs.SortKeys {
+				sortValues(keys, f.cs)
+			}
+			for i, key := range keys {
+				if i > 0 {
+					f.fs.Write(spaceBytes)
+				}
+				f.ignoreNextType = true
+				f.format(f.unpackValue(key))
+				f.fs.Write(colonBytes)
+				f.ignoreNextType = true
+				f.format(f.unpackValue(v.MapIndex(key)))
+			}
+		}
+		f.depth--
+		f.fs.Write(closeMapBytes)
+
+	case reflect.Struct:
+		numFields := v.NumField()
+		f.fs.Write(openBraceBytes)
+		f.depth++
+		if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) {
+			f.fs.Write(maxShortBytes)
+		} else {
+			vt := v.Type()
+			for i := 0; i < numFields; i++ {
+				if i > 0 {
+					f.fs.Write(spaceBytes)
+				}
+				vtf := vt.Field(i)
+				if f.fs.Flag('+') || f.fs.Flag('#') {
+					f.fs.Write([]byte(vtf.Name))
+					f.fs.Write(colonBytes)
+				}
+				f.format(f.unpackValue(v.Field(i)))
+			}
+		}
+		f.depth--
+		f.fs.Write(closeBraceBytes)
+
+	case reflect.Uintptr:
+		printHexPtr(f.fs, uintptr(v.Uint()))
+
+	case reflect.UnsafePointer, reflect.Chan, reflect.Func:
+		printHexPtr(f.fs, v.Pointer())
+
+	// There were not any other types at the time this code was written, but
+	// fall back to letting the default fmt package handle it if any get added.
+	default:
+		format := f.buildDefaultFormat()
+		if v.CanInterface() {
+			fmt.Fprintf(f.fs, format, v.Interface())
+		} else {
+			fmt.Fprintf(f.fs, format, v.String())
+		}
+	}
+}
+
+// Format satisfies the fmt.Formatter interface. See NewFormatter for usage
+// details.
+func (f *formatState) Format(fs fmt.State, verb rune) {
+	f.fs = fs
+
+	// Use standard formatting for verbs that are not v.
+	if verb != 'v' {
+		format := f.constructOrigFormat(verb)
+		fmt.Fprintf(fs, format, f.value)
+		return
+	}
+
+	if f.value == nil {
+		if fs.Flag('#') {
+			fs.Write(interfaceBytes)
+		}
+		fs.Write(nilAngleBytes)
+		return
+	}
+
+	f.format(reflect.ValueOf(f.value))
+}
+
+// newFormatter is a helper function to consolidate the logic from the various
+// public methods which take varying config states.
+func newFormatter(cs *ConfigState, v interface{}) fmt.Formatter {
+	fs := &formatState{value: v, cs: cs}
+	fs.pointers = make(map[uintptr]int)
+	return fs
+}
+
+/*
+NewFormatter returns a custom formatter that satisfies the fmt.Formatter
+interface.  As a result, it integrates cleanly with standard fmt package
+printing functions.  The formatter is useful for inline printing of smaller data
+types similar to the standard %v format specifier.
+
+The custom formatter only responds to the %v (most compact), %+v (adds pointer
+addresses), %#v (adds types), or %#+v (adds types and pointer addresses) verb
+combinations.  Any other verbs such as %x and %q will be sent to the the
+standard fmt package for formatting.  In addition, the custom formatter ignores
+the width and precision arguments (however they will still work on the format
+specifiers not handled by the custom formatter).
+
+Typically this function shouldn't be called directly.  It is much easier to make
+use of the custom formatter by calling one of the convenience functions such as
+Printf, Println, or Fprintf.
+*/
+func NewFormatter(v interface{}) fmt.Formatter {
+	return newFormatter(&Config, v)
+}
diff --git a/server/vendor/github.com/davecgh/go-spew/spew/spew.go b/server/vendor/github.com/davecgh/go-spew/spew/spew.go
new file mode 100644
index 0000000..32c0e33
--- /dev/null
+++ b/server/vendor/github.com/davecgh/go-spew/spew/spew.go
@@ -0,0 +1,148 @@
+/*
+ * Copyright (c) 2013-2016 Dave Collins <dave@davec.name>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+package spew
+
+import (
+	"fmt"
+	"io"
+)
+
+// Errorf is a wrapper for fmt.Errorf that treats each argument as if it were
+// passed with a default Formatter interface returned by NewFormatter.  It
+// returns the formatted string as a value that satisfies error.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Errorf(format, spew.NewFormatter(a), spew.NewFormatter(b))
+func Errorf(format string, a ...interface{}) (err error) {
+	return fmt.Errorf(format, convertArgs(a)...)
+}
+
+// Fprint is a wrapper for fmt.Fprint that treats each argument as if it were
+// passed with a default Formatter interface returned by NewFormatter.  It
+// returns the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Fprint(w, spew.NewFormatter(a), spew.NewFormatter(b))
+func Fprint(w io.Writer, a ...interface{}) (n int, err error) {
+	return fmt.Fprint(w, convertArgs(a)...)
+}
+
+// Fprintf is a wrapper for fmt.Fprintf that treats each argument as if it were
+// passed with a default Formatter interface returned by NewFormatter.  It
+// returns the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Fprintf(w, format, spew.NewFormatter(a), spew.NewFormatter(b))
+func Fprintf(w io.Writer, format string, a ...interface{}) (n int, err error) {
+	return fmt.Fprintf(w, format, convertArgs(a)...)
+}
+
+// Fprintln is a wrapper for fmt.Fprintln that treats each argument as if it
+// passed with a default Formatter interface returned by NewFormatter.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Fprintln(w, spew.NewFormatter(a), spew.NewFormatter(b))
+func Fprintln(w io.Writer, a ...interface{}) (n int, err error) {
+	return fmt.Fprintln(w, convertArgs(a)...)
+}
+
+// Print is a wrapper for fmt.Print that treats each argument as if it were
+// passed with a default Formatter interface returned by NewFormatter.  It
+// returns the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Print(spew.NewFormatter(a), spew.NewFormatter(b))
+func Print(a ...interface{}) (n int, err error) {
+	return fmt.Print(convertArgs(a)...)
+}
+
+// Printf is a wrapper for fmt.Printf that treats each argument as if it were
+// passed with a default Formatter interface returned by NewFormatter.  It
+// returns the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Printf(format, spew.NewFormatter(a), spew.NewFormatter(b))
+func Printf(format string, a ...interface{}) (n int, err error) {
+	return fmt.Printf(format, convertArgs(a)...)
+}
+
+// Println is a wrapper for fmt.Println that treats each argument as if it were
+// passed with a default Formatter interface returned by NewFormatter.  It
+// returns the number of bytes written and any write error encountered.  See
+// NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Println(spew.NewFormatter(a), spew.NewFormatter(b))
+func Println(a ...interface{}) (n int, err error) {
+	return fmt.Println(convertArgs(a)...)
+}
+
+// Sprint is a wrapper for fmt.Sprint that treats each argument as if it were
+// passed with a default Formatter interface returned by NewFormatter.  It
+// returns the resulting string.  See NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Sprint(spew.NewFormatter(a), spew.NewFormatter(b))
+func Sprint(a ...interface{}) string {
+	return fmt.Sprint(convertArgs(a)...)
+}
+
+// Sprintf is a wrapper for fmt.Sprintf that treats each argument as if it were
+// passed with a default Formatter interface returned by NewFormatter.  It
+// returns the resulting string.  See NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Sprintf(format, spew.NewFormatter(a), spew.NewFormatter(b))
+func Sprintf(format string, a ...interface{}) string {
+	return fmt.Sprintf(format, convertArgs(a)...)
+}
+
+// Sprintln is a wrapper for fmt.Sprintln that treats each argument as if it
+// were passed with a default Formatter interface returned by NewFormatter.  It
+// returns the resulting string.  See NewFormatter for formatting details.
+//
+// This function is shorthand for the following syntax:
+//
+//	fmt.Sprintln(spew.NewFormatter(a), spew.NewFormatter(b))
+func Sprintln(a ...interface{}) string {
+	return fmt.Sprintln(convertArgs(a)...)
+}
+
+// convertArgs accepts a slice of arguments and returns a slice of the same
+// length with each argument converted to a default spew Formatter interface.
+func convertArgs(args []interface{}) (formatters []interface{}) {
+	formatters = make([]interface{}, len(args))
+	for index, arg := range args {
+		formatters[index] = NewFormatter(arg)
+	}
+	return formatters
+}
diff --git a/server/vendor/github.com/google/uuid/CHANGELOG.md b/server/vendor/github.com/google/uuid/CHANGELOG.md
new file mode 100644
index 0000000..2bd7866
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/CHANGELOG.md
@@ -0,0 +1,10 @@
+# Changelog
+
+## [1.3.1](https://github.com/google/uuid/compare/v1.3.0...v1.3.1) (2023-08-18)
+
+
+### Bug Fixes
+
+* Use .EqualFold() to parse urn prefixed UUIDs ([#118](https://github.com/google/uuid/issues/118)) ([574e687](https://github.com/google/uuid/commit/574e6874943741fb99d41764c705173ada5293f0))
+
+## Changelog
diff --git a/server/vendor/github.com/google/uuid/CONTRIBUTING.md b/server/vendor/github.com/google/uuid/CONTRIBUTING.md
new file mode 100644
index 0000000..5566888
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/CONTRIBUTING.md
@@ -0,0 +1,26 @@
+# How to contribute
+
+We definitely welcome patches and contribution to this project!
+
+### Tips
+
+Commits must be formatted according to the [Conventional Commits Specification](https://www.conventionalcommits.org).
+
+Always try to include a test case! If it is not possible or not necessary,
+please explain why in the pull request description.
+
+### Releasing
+
+Commits that would precipitate a SemVer change, as desrcibed in the Conventional
+Commits Specification, will trigger [`release-please`](https://github.com/google-github-actions/release-please-action)
+to create a release candidate pull request. Once submitted, `release-please`
+will create a release.
+
+For tips on how to work with `release-please`, see its documentation.
+
+### Legal requirements
+
+In order to protect both you and ourselves, you will need to sign the
+[Contributor License Agreement](https://cla.developers.google.com/clas).
+
+You may have already signed it for other Google projects.
diff --git a/server/vendor/github.com/google/uuid/CONTRIBUTORS b/server/vendor/github.com/google/uuid/CONTRIBUTORS
new file mode 100644
index 0000000..b4bb97f
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/CONTRIBUTORS
@@ -0,0 +1,9 @@
+Paul Borman <borman@google.com>
+bmatsuo
+shawnps
+theory
+jboverfelt
+dsymonds
+cd1
+wallclockbuilder
+dansouza
diff --git a/server/vendor/github.com/google/uuid/LICENSE b/server/vendor/github.com/google/uuid/LICENSE
new file mode 100644
index 0000000..5dc6826
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2009,2014 Google Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/server/vendor/github.com/google/uuid/README.md b/server/vendor/github.com/google/uuid/README.md
new file mode 100644
index 0000000..3e9a618
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/README.md
@@ -0,0 +1,21 @@
+# uuid
+The uuid package generates and inspects UUIDs based on
+[RFC 4122](https://datatracker.ietf.org/doc/html/rfc4122)
+and DCE 1.1: Authentication and Security Services. 
+
+This package is based on the github.com/pborman/uuid package (previously named
+code.google.com/p/go-uuid).  It differs from these earlier packages in that
+a UUID is a 16 byte array rather than a byte slice.  One loss due to this
+change is the ability to represent an invalid UUID (vs a NIL UUID).
+
+###### Install
+```sh
+go get github.com/google/uuid
+```
+
+###### Documentation 
+[![Go Reference](https://pkg.go.dev/badge/github.com/google/uuid.svg)](https://pkg.go.dev/github.com/google/uuid)
+
+Full `go doc` style documentation for the package can be viewed online without
+installing this package by using the GoDoc site here: 
+http://pkg.go.dev/github.com/google/uuid
diff --git a/server/vendor/github.com/google/uuid/dce.go b/server/vendor/github.com/google/uuid/dce.go
new file mode 100644
index 0000000..fa820b9
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/dce.go
@@ -0,0 +1,80 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"encoding/binary"
+	"fmt"
+	"os"
+)
+
+// A Domain represents a Version 2 domain
+type Domain byte
+
+// Domain constants for DCE Security (Version 2) UUIDs.
+const (
+	Person = Domain(0)
+	Group  = Domain(1)
+	Org    = Domain(2)
+)
+
+// NewDCESecurity returns a DCE Security (Version 2) UUID.
+//
+// The domain should be one of Person, Group or Org.
+// On a POSIX system the id should be the users UID for the Person
+// domain and the users GID for the Group.  The meaning of id for
+// the domain Org or on non-POSIX systems is site defined.
+//
+// For a given domain/id pair the same token may be returned for up to
+// 7 minutes and 10 seconds.
+func NewDCESecurity(domain Domain, id uint32) (UUID, error) {
+	uuid, err := NewUUID()
+	if err == nil {
+		uuid[6] = (uuid[6] & 0x0f) | 0x20 // Version 2
+		uuid[9] = byte(domain)
+		binary.BigEndian.PutUint32(uuid[0:], id)
+	}
+	return uuid, err
+}
+
+// NewDCEPerson returns a DCE Security (Version 2) UUID in the person
+// domain with the id returned by os.Getuid.
+//
+//  NewDCESecurity(Person, uint32(os.Getuid()))
+func NewDCEPerson() (UUID, error) {
+	return NewDCESecurity(Person, uint32(os.Getuid()))
+}
+
+// NewDCEGroup returns a DCE Security (Version 2) UUID in the group
+// domain with the id returned by os.Getgid.
+//
+//  NewDCESecurity(Group, uint32(os.Getgid()))
+func NewDCEGroup() (UUID, error) {
+	return NewDCESecurity(Group, uint32(os.Getgid()))
+}
+
+// Domain returns the domain for a Version 2 UUID.  Domains are only defined
+// for Version 2 UUIDs.
+func (uuid UUID) Domain() Domain {
+	return Domain(uuid[9])
+}
+
+// ID returns the id for a Version 2 UUID. IDs are only defined for Version 2
+// UUIDs.
+func (uuid UUID) ID() uint32 {
+	return binary.BigEndian.Uint32(uuid[0:4])
+}
+
+func (d Domain) String() string {
+	switch d {
+	case Person:
+		return "Person"
+	case Group:
+		return "Group"
+	case Org:
+		return "Org"
+	}
+	return fmt.Sprintf("Domain%d", int(d))
+}
diff --git a/server/vendor/github.com/google/uuid/doc.go b/server/vendor/github.com/google/uuid/doc.go
new file mode 100644
index 0000000..5b8a4b9
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/doc.go
@@ -0,0 +1,12 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package uuid generates and inspects UUIDs.
+//
+// UUIDs are based on RFC 4122 and DCE 1.1: Authentication and Security
+// Services.
+//
+// A UUID is a 16 byte (128 bit) array.  UUIDs may be used as keys to
+// maps or compared directly.
+package uuid
diff --git a/server/vendor/github.com/google/uuid/hash.go b/server/vendor/github.com/google/uuid/hash.go
new file mode 100644
index 0000000..b404f4b
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/hash.go
@@ -0,0 +1,53 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"crypto/md5"
+	"crypto/sha1"
+	"hash"
+)
+
+// Well known namespace IDs and UUIDs
+var (
+	NameSpaceDNS  = Must(Parse("6ba7b810-9dad-11d1-80b4-00c04fd430c8"))
+	NameSpaceURL  = Must(Parse("6ba7b811-9dad-11d1-80b4-00c04fd430c8"))
+	NameSpaceOID  = Must(Parse("6ba7b812-9dad-11d1-80b4-00c04fd430c8"))
+	NameSpaceX500 = Must(Parse("6ba7b814-9dad-11d1-80b4-00c04fd430c8"))
+	Nil           UUID // empty UUID, all zeros
+)
+
+// NewHash returns a new UUID derived from the hash of space concatenated with
+// data generated by h.  The hash should be at least 16 byte in length.  The
+// first 16 bytes of the hash are used to form the UUID.  The version of the
+// UUID will be the lower 4 bits of version.  NewHash is used to implement
+// NewMD5 and NewSHA1.
+func NewHash(h hash.Hash, space UUID, data []byte, version int) UUID {
+	h.Reset()
+	h.Write(space[:]) //nolint:errcheck
+	h.Write(data)     //nolint:errcheck
+	s := h.Sum(nil)
+	var uuid UUID
+	copy(uuid[:], s)
+	uuid[6] = (uuid[6] & 0x0f) | uint8((version&0xf)<<4)
+	uuid[8] = (uuid[8] & 0x3f) | 0x80 // RFC 4122 variant
+	return uuid
+}
+
+// NewMD5 returns a new MD5 (Version 3) UUID based on the
+// supplied name space and data.  It is the same as calling:
+//
+//  NewHash(md5.New(), space, data, 3)
+func NewMD5(space UUID, data []byte) UUID {
+	return NewHash(md5.New(), space, data, 3)
+}
+
+// NewSHA1 returns a new SHA1 (Version 5) UUID based on the
+// supplied name space and data.  It is the same as calling:
+//
+//  NewHash(sha1.New(), space, data, 5)
+func NewSHA1(space UUID, data []byte) UUID {
+	return NewHash(sha1.New(), space, data, 5)
+}
diff --git a/server/vendor/github.com/google/uuid/marshal.go b/server/vendor/github.com/google/uuid/marshal.go
new file mode 100644
index 0000000..14bd340
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/marshal.go
@@ -0,0 +1,38 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import "fmt"
+
+// MarshalText implements encoding.TextMarshaler.
+func (uuid UUID) MarshalText() ([]byte, error) {
+	var js [36]byte
+	encodeHex(js[:], uuid)
+	return js[:], nil
+}
+
+// UnmarshalText implements encoding.TextUnmarshaler.
+func (uuid *UUID) UnmarshalText(data []byte) error {
+	id, err := ParseBytes(data)
+	if err != nil {
+		return err
+	}
+	*uuid = id
+	return nil
+}
+
+// MarshalBinary implements encoding.BinaryMarshaler.
+func (uuid UUID) MarshalBinary() ([]byte, error) {
+	return uuid[:], nil
+}
+
+// UnmarshalBinary implements encoding.BinaryUnmarshaler.
+func (uuid *UUID) UnmarshalBinary(data []byte) error {
+	if len(data) != 16 {
+		return fmt.Errorf("invalid UUID (got %d bytes)", len(data))
+	}
+	copy(uuid[:], data)
+	return nil
+}
diff --git a/server/vendor/github.com/google/uuid/node.go b/server/vendor/github.com/google/uuid/node.go
new file mode 100644
index 0000000..d651a2b
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/node.go
@@ -0,0 +1,90 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"sync"
+)
+
+var (
+	nodeMu sync.Mutex
+	ifname string  // name of interface being used
+	nodeID [6]byte // hardware for version 1 UUIDs
+	zeroID [6]byte // nodeID with only 0's
+)
+
+// NodeInterface returns the name of the interface from which the NodeID was
+// derived.  The interface "user" is returned if the NodeID was set by
+// SetNodeID.
+func NodeInterface() string {
+	defer nodeMu.Unlock()
+	nodeMu.Lock()
+	return ifname
+}
+
+// SetNodeInterface selects the hardware address to be used for Version 1 UUIDs.
+// If name is "" then the first usable interface found will be used or a random
+// Node ID will be generated.  If a named interface cannot be found then false
+// is returned.
+//
+// SetNodeInterface never fails when name is "".
+func SetNodeInterface(name string) bool {
+	defer nodeMu.Unlock()
+	nodeMu.Lock()
+	return setNodeInterface(name)
+}
+
+func setNodeInterface(name string) bool {
+	iname, addr := getHardwareInterface(name) // null implementation for js
+	if iname != "" && addr != nil {
+		ifname = iname
+		copy(nodeID[:], addr)
+		return true
+	}
+
+	// We found no interfaces with a valid hardware address.  If name
+	// does not specify a specific interface generate a random Node ID
+	// (section 4.1.6)
+	if name == "" {
+		ifname = "random"
+		randomBits(nodeID[:])
+		return true
+	}
+	return false
+}
+
+// NodeID returns a slice of a copy of the current Node ID, setting the Node ID
+// if not already set.
+func NodeID() []byte {
+	defer nodeMu.Unlock()
+	nodeMu.Lock()
+	if nodeID == zeroID {
+		setNodeInterface("")
+	}
+	nid := nodeID
+	return nid[:]
+}
+
+// SetNodeID sets the Node ID to be used for Version 1 UUIDs.  The first 6 bytes
+// of id are used.  If id is less than 6 bytes then false is returned and the
+// Node ID is not set.
+func SetNodeID(id []byte) bool {
+	if len(id) < 6 {
+		return false
+	}
+	defer nodeMu.Unlock()
+	nodeMu.Lock()
+	copy(nodeID[:], id)
+	ifname = "user"
+	return true
+}
+
+// NodeID returns the 6 byte node id encoded in uuid.  It returns nil if uuid is
+// not valid.  The NodeID is only well defined for version 1 and 2 UUIDs.
+func (uuid UUID) NodeID() []byte {
+	var node [6]byte
+	copy(node[:], uuid[10:])
+	return node[:]
+}
diff --git a/server/vendor/github.com/google/uuid/node_js.go b/server/vendor/github.com/google/uuid/node_js.go
new file mode 100644
index 0000000..b2a0bc8
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/node_js.go
@@ -0,0 +1,12 @@
+// Copyright 2017 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build js
+
+package uuid
+
+// getHardwareInterface returns nil values for the JS version of the code.
+// This removes the "net" dependency, because it is not used in the browser.
+// Using the "net" library inflates the size of the transpiled JS code by 673k bytes.
+func getHardwareInterface(name string) (string, []byte) { return "", nil }
diff --git a/server/vendor/github.com/google/uuid/node_net.go b/server/vendor/github.com/google/uuid/node_net.go
new file mode 100644
index 0000000..0cbbcdd
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/node_net.go
@@ -0,0 +1,33 @@
+// Copyright 2017 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build !js
+
+package uuid
+
+import "net"
+
+var interfaces []net.Interface // cached list of interfaces
+
+// getHardwareInterface returns the name and hardware address of interface name.
+// If name is "" then the name and hardware address of one of the system's
+// interfaces is returned.  If no interfaces are found (name does not exist or
+// there are no interfaces) then "", nil is returned.
+//
+// Only addresses of at least 6 bytes are returned.
+func getHardwareInterface(name string) (string, []byte) {
+	if interfaces == nil {
+		var err error
+		interfaces, err = net.Interfaces()
+		if err != nil {
+			return "", nil
+		}
+	}
+	for _, ifs := range interfaces {
+		if len(ifs.HardwareAddr) >= 6 && (name == "" || name == ifs.Name) {
+			return ifs.Name, ifs.HardwareAddr
+		}
+	}
+	return "", nil
+}
diff --git a/server/vendor/github.com/google/uuid/null.go b/server/vendor/github.com/google/uuid/null.go
new file mode 100644
index 0000000..d7fcbf2
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/null.go
@@ -0,0 +1,118 @@
+// Copyright 2021 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"bytes"
+	"database/sql/driver"
+	"encoding/json"
+	"fmt"
+)
+
+var jsonNull = []byte("null")
+
+// NullUUID represents a UUID that may be null.
+// NullUUID implements the SQL driver.Scanner interface so
+// it can be used as a scan destination:
+//
+//  var u uuid.NullUUID
+//  err := db.QueryRow("SELECT name FROM foo WHERE id=?", id).Scan(&u)
+//  ...
+//  if u.Valid {
+//     // use u.UUID
+//  } else {
+//     // NULL value
+//  }
+//
+type NullUUID struct {
+	UUID  UUID
+	Valid bool // Valid is true if UUID is not NULL
+}
+
+// Scan implements the SQL driver.Scanner interface.
+func (nu *NullUUID) Scan(value interface{}) error {
+	if value == nil {
+		nu.UUID, nu.Valid = Nil, false
+		return nil
+	}
+
+	err := nu.UUID.Scan(value)
+	if err != nil {
+		nu.Valid = false
+		return err
+	}
+
+	nu.Valid = true
+	return nil
+}
+
+// Value implements the driver Valuer interface.
+func (nu NullUUID) Value() (driver.Value, error) {
+	if !nu.Valid {
+		return nil, nil
+	}
+	// Delegate to UUID Value function
+	return nu.UUID.Value()
+}
+
+// MarshalBinary implements encoding.BinaryMarshaler.
+func (nu NullUUID) MarshalBinary() ([]byte, error) {
+	if nu.Valid {
+		return nu.UUID[:], nil
+	}
+
+	return []byte(nil), nil
+}
+
+// UnmarshalBinary implements encoding.BinaryUnmarshaler.
+func (nu *NullUUID) UnmarshalBinary(data []byte) error {
+	if len(data) != 16 {
+		return fmt.Errorf("invalid UUID (got %d bytes)", len(data))
+	}
+	copy(nu.UUID[:], data)
+	nu.Valid = true
+	return nil
+}
+
+// MarshalText implements encoding.TextMarshaler.
+func (nu NullUUID) MarshalText() ([]byte, error) {
+	if nu.Valid {
+		return nu.UUID.MarshalText()
+	}
+
+	return jsonNull, nil
+}
+
+// UnmarshalText implements encoding.TextUnmarshaler.
+func (nu *NullUUID) UnmarshalText(data []byte) error {
+	id, err := ParseBytes(data)
+	if err != nil {
+		nu.Valid = false
+		return err
+	}
+	nu.UUID = id
+	nu.Valid = true
+	return nil
+}
+
+// MarshalJSON implements json.Marshaler.
+func (nu NullUUID) MarshalJSON() ([]byte, error) {
+	if nu.Valid {
+		return json.Marshal(nu.UUID)
+	}
+
+	return jsonNull, nil
+}
+
+// UnmarshalJSON implements json.Unmarshaler.
+func (nu *NullUUID) UnmarshalJSON(data []byte) error {
+	if bytes.Equal(data, jsonNull) {
+		*nu = NullUUID{}
+		return nil // valid null UUID
+	}
+	err := json.Unmarshal(data, &nu.UUID)
+	nu.Valid = err == nil
+	return err
+}
diff --git a/server/vendor/github.com/google/uuid/sql.go b/server/vendor/github.com/google/uuid/sql.go
new file mode 100644
index 0000000..2e02ec0
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/sql.go
@@ -0,0 +1,59 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"database/sql/driver"
+	"fmt"
+)
+
+// Scan implements sql.Scanner so UUIDs can be read from databases transparently.
+// Currently, database types that map to string and []byte are supported. Please
+// consult database-specific driver documentation for matching types.
+func (uuid *UUID) Scan(src interface{}) error {
+	switch src := src.(type) {
+	case nil:
+		return nil
+
+	case string:
+		// if an empty UUID comes from a table, we return a null UUID
+		if src == "" {
+			return nil
+		}
+
+		// see Parse for required string format
+		u, err := Parse(src)
+		if err != nil {
+			return fmt.Errorf("Scan: %v", err)
+		}
+
+		*uuid = u
+
+	case []byte:
+		// if an empty UUID comes from a table, we return a null UUID
+		if len(src) == 0 {
+			return nil
+		}
+
+		// assumes a simple slice of bytes if 16 bytes
+		// otherwise attempts to parse
+		if len(src) != 16 {
+			return uuid.Scan(string(src))
+		}
+		copy((*uuid)[:], src)
+
+	default:
+		return fmt.Errorf("Scan: unable to scan type %T into UUID", src)
+	}
+
+	return nil
+}
+
+// Value implements sql.Valuer so that UUIDs can be written to databases
+// transparently. Currently, UUIDs map to strings. Please consult
+// database-specific driver documentation for matching types.
+func (uuid UUID) Value() (driver.Value, error) {
+	return uuid.String(), nil
+}
diff --git a/server/vendor/github.com/google/uuid/time.go b/server/vendor/github.com/google/uuid/time.go
new file mode 100644
index 0000000..e6ef06c
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/time.go
@@ -0,0 +1,123 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"encoding/binary"
+	"sync"
+	"time"
+)
+
+// A Time represents a time as the number of 100's of nanoseconds since 15 Oct
+// 1582.
+type Time int64
+
+const (
+	lillian    = 2299160          // Julian day of 15 Oct 1582
+	unix       = 2440587          // Julian day of 1 Jan 1970
+	epoch      = unix - lillian   // Days between epochs
+	g1582      = epoch * 86400    // seconds between epochs
+	g1582ns100 = g1582 * 10000000 // 100s of a nanoseconds between epochs
+)
+
+var (
+	timeMu   sync.Mutex
+	lasttime uint64 // last time we returned
+	clockSeq uint16 // clock sequence for this run
+
+	timeNow = time.Now // for testing
+)
+
+// UnixTime converts t the number of seconds and nanoseconds using the Unix
+// epoch of 1 Jan 1970.
+func (t Time) UnixTime() (sec, nsec int64) {
+	sec = int64(t - g1582ns100)
+	nsec = (sec % 10000000) * 100
+	sec /= 10000000
+	return sec, nsec
+}
+
+// GetTime returns the current Time (100s of nanoseconds since 15 Oct 1582) and
+// clock sequence as well as adjusting the clock sequence as needed.  An error
+// is returned if the current time cannot be determined.
+func GetTime() (Time, uint16, error) {
+	defer timeMu.Unlock()
+	timeMu.Lock()
+	return getTime()
+}
+
+func getTime() (Time, uint16, error) {
+	t := timeNow()
+
+	// If we don't have a clock sequence already, set one.
+	if clockSeq == 0 {
+		setClockSequence(-1)
+	}
+	now := uint64(t.UnixNano()/100) + g1582ns100
+
+	// If time has gone backwards with this clock sequence then we
+	// increment the clock sequence
+	if now <= lasttime {
+		clockSeq = ((clockSeq + 1) & 0x3fff) | 0x8000
+	}
+	lasttime = now
+	return Time(now), clockSeq, nil
+}
+
+// ClockSequence returns the current clock sequence, generating one if not
+// already set.  The clock sequence is only used for Version 1 UUIDs.
+//
+// The uuid package does not use global static storage for the clock sequence or
+// the last time a UUID was generated.  Unless SetClockSequence is used, a new
+// random clock sequence is generated the first time a clock sequence is
+// requested by ClockSequence, GetTime, or NewUUID.  (section 4.2.1.1)
+func ClockSequence() int {
+	defer timeMu.Unlock()
+	timeMu.Lock()
+	return clockSequence()
+}
+
+func clockSequence() int {
+	if clockSeq == 0 {
+		setClockSequence(-1)
+	}
+	return int(clockSeq & 0x3fff)
+}
+
+// SetClockSequence sets the clock sequence to the lower 14 bits of seq.  Setting to
+// -1 causes a new sequence to be generated.
+func SetClockSequence(seq int) {
+	defer timeMu.Unlock()
+	timeMu.Lock()
+	setClockSequence(seq)
+}
+
+func setClockSequence(seq int) {
+	if seq == -1 {
+		var b [2]byte
+		randomBits(b[:]) // clock sequence
+		seq = int(b[0])<<8 | int(b[1])
+	}
+	oldSeq := clockSeq
+	clockSeq = uint16(seq&0x3fff) | 0x8000 // Set our variant
+	if oldSeq != clockSeq {
+		lasttime = 0
+	}
+}
+
+// Time returns the time in 100s of nanoseconds since 15 Oct 1582 encoded in
+// uuid.  The time is only defined for version 1 and 2 UUIDs.
+func (uuid UUID) Time() Time {
+	time := int64(binary.BigEndian.Uint32(uuid[0:4]))
+	time |= int64(binary.BigEndian.Uint16(uuid[4:6])) << 32
+	time |= int64(binary.BigEndian.Uint16(uuid[6:8])&0xfff) << 48
+	return Time(time)
+}
+
+// ClockSequence returns the clock sequence encoded in uuid.
+// The clock sequence is only well defined for version 1 and 2 UUIDs.
+func (uuid UUID) ClockSequence() int {
+	return int(binary.BigEndian.Uint16(uuid[8:10])) & 0x3fff
+}
diff --git a/server/vendor/github.com/google/uuid/util.go b/server/vendor/github.com/google/uuid/util.go
new file mode 100644
index 0000000..5ea6c73
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/util.go
@@ -0,0 +1,43 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"io"
+)
+
+// randomBits completely fills slice b with random data.
+func randomBits(b []byte) {
+	if _, err := io.ReadFull(rander, b); err != nil {
+		panic(err.Error()) // rand should never fail
+	}
+}
+
+// xvalues returns the value of a byte as a hexadecimal digit or 255.
+var xvalues = [256]byte{
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 255, 255, 255, 255, 255, 255,
+	255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 10, 11, 12, 13, 14, 15, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+	255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
+}
+
+// xtob converts hex characters x1 and x2 into a byte.
+func xtob(x1, x2 byte) (byte, bool) {
+	b1 := xvalues[x1]
+	b2 := xvalues[x2]
+	return (b1 << 4) | b2, b1 != 255 && b2 != 255
+}
diff --git a/server/vendor/github.com/google/uuid/uuid.go b/server/vendor/github.com/google/uuid/uuid.go
new file mode 100644
index 0000000..a56138c
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/uuid.go
@@ -0,0 +1,296 @@
+// Copyright 2018 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"bytes"
+	"crypto/rand"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"io"
+	"strings"
+	"sync"
+)
+
+// A UUID is a 128 bit (16 byte) Universal Unique IDentifier as defined in RFC
+// 4122.
+type UUID [16]byte
+
+// A Version represents a UUID's version.
+type Version byte
+
+// A Variant represents a UUID's variant.
+type Variant byte
+
+// Constants returned by Variant.
+const (
+	Invalid   = Variant(iota) // Invalid UUID
+	RFC4122                   // The variant specified in RFC4122
+	Reserved                  // Reserved, NCS backward compatibility.
+	Microsoft                 // Reserved, Microsoft Corporation backward compatibility.
+	Future                    // Reserved for future definition.
+)
+
+const randPoolSize = 16 * 16
+
+var (
+	rander      = rand.Reader // random function
+	poolEnabled = false
+	poolMu      sync.Mutex
+	poolPos     = randPoolSize     // protected with poolMu
+	pool        [randPoolSize]byte // protected with poolMu
+)
+
+type invalidLengthError struct{ len int }
+
+func (err invalidLengthError) Error() string {
+	return fmt.Sprintf("invalid UUID length: %d", err.len)
+}
+
+// IsInvalidLengthError is matcher function for custom error invalidLengthError
+func IsInvalidLengthError(err error) bool {
+	_, ok := err.(invalidLengthError)
+	return ok
+}
+
+// Parse decodes s into a UUID or returns an error.  Both the standard UUID
+// forms of xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx and
+// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx are decoded as well as the
+// Microsoft encoding {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} and the raw hex
+// encoding: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
+func Parse(s string) (UUID, error) {
+	var uuid UUID
+	switch len(s) {
+	// xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+	case 36:
+
+	// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+	case 36 + 9:
+		if !strings.EqualFold(s[:9], "urn:uuid:") {
+			return uuid, fmt.Errorf("invalid urn prefix: %q", s[:9])
+		}
+		s = s[9:]
+
+	// {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
+	case 36 + 2:
+		s = s[1:]
+
+	// xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+	case 32:
+		var ok bool
+		for i := range uuid {
+			uuid[i], ok = xtob(s[i*2], s[i*2+1])
+			if !ok {
+				return uuid, errors.New("invalid UUID format")
+			}
+		}
+		return uuid, nil
+	default:
+		return uuid, invalidLengthError{len(s)}
+	}
+	// s is now at least 36 bytes long
+	// it must be of the form  xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+	if s[8] != '-' || s[13] != '-' || s[18] != '-' || s[23] != '-' {
+		return uuid, errors.New("invalid UUID format")
+	}
+	for i, x := range [16]int{
+		0, 2, 4, 6,
+		9, 11,
+		14, 16,
+		19, 21,
+		24, 26, 28, 30, 32, 34,
+	} {
+		v, ok := xtob(s[x], s[x+1])
+		if !ok {
+			return uuid, errors.New("invalid UUID format")
+		}
+		uuid[i] = v
+	}
+	return uuid, nil
+}
+
+// ParseBytes is like Parse, except it parses a byte slice instead of a string.
+func ParseBytes(b []byte) (UUID, error) {
+	var uuid UUID
+	switch len(b) {
+	case 36: // xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+	case 36 + 9: // urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+		if !bytes.EqualFold(b[:9], []byte("urn:uuid:")) {
+			return uuid, fmt.Errorf("invalid urn prefix: %q", b[:9])
+		}
+		b = b[9:]
+	case 36 + 2: // {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
+		b = b[1:]
+	case 32: // xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+		var ok bool
+		for i := 0; i < 32; i += 2 {
+			uuid[i/2], ok = xtob(b[i], b[i+1])
+			if !ok {
+				return uuid, errors.New("invalid UUID format")
+			}
+		}
+		return uuid, nil
+	default:
+		return uuid, invalidLengthError{len(b)}
+	}
+	// s is now at least 36 bytes long
+	// it must be of the form  xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+	if b[8] != '-' || b[13] != '-' || b[18] != '-' || b[23] != '-' {
+		return uuid, errors.New("invalid UUID format")
+	}
+	for i, x := range [16]int{
+		0, 2, 4, 6,
+		9, 11,
+		14, 16,
+		19, 21,
+		24, 26, 28, 30, 32, 34,
+	} {
+		v, ok := xtob(b[x], b[x+1])
+		if !ok {
+			return uuid, errors.New("invalid UUID format")
+		}
+		uuid[i] = v
+	}
+	return uuid, nil
+}
+
+// MustParse is like Parse but panics if the string cannot be parsed.
+// It simplifies safe initialization of global variables holding compiled UUIDs.
+func MustParse(s string) UUID {
+	uuid, err := Parse(s)
+	if err != nil {
+		panic(`uuid: Parse(` + s + `): ` + err.Error())
+	}
+	return uuid
+}
+
+// FromBytes creates a new UUID from a byte slice. Returns an error if the slice
+// does not have a length of 16. The bytes are copied from the slice.
+func FromBytes(b []byte) (uuid UUID, err error) {
+	err = uuid.UnmarshalBinary(b)
+	return uuid, err
+}
+
+// Must returns uuid if err is nil and panics otherwise.
+func Must(uuid UUID, err error) UUID {
+	if err != nil {
+		panic(err)
+	}
+	return uuid
+}
+
+// String returns the string form of uuid, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+// , or "" if uuid is invalid.
+func (uuid UUID) String() string {
+	var buf [36]byte
+	encodeHex(buf[:], uuid)
+	return string(buf[:])
+}
+
+// URN returns the RFC 2141 URN form of uuid,
+// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx,  or "" if uuid is invalid.
+func (uuid UUID) URN() string {
+	var buf [36 + 9]byte
+	copy(buf[:], "urn:uuid:")
+	encodeHex(buf[9:], uuid)
+	return string(buf[:])
+}
+
+func encodeHex(dst []byte, uuid UUID) {
+	hex.Encode(dst, uuid[:4])
+	dst[8] = '-'
+	hex.Encode(dst[9:13], uuid[4:6])
+	dst[13] = '-'
+	hex.Encode(dst[14:18], uuid[6:8])
+	dst[18] = '-'
+	hex.Encode(dst[19:23], uuid[8:10])
+	dst[23] = '-'
+	hex.Encode(dst[24:], uuid[10:])
+}
+
+// Variant returns the variant encoded in uuid.
+func (uuid UUID) Variant() Variant {
+	switch {
+	case (uuid[8] & 0xc0) == 0x80:
+		return RFC4122
+	case (uuid[8] & 0xe0) == 0xc0:
+		return Microsoft
+	case (uuid[8] & 0xe0) == 0xe0:
+		return Future
+	default:
+		return Reserved
+	}
+}
+
+// Version returns the version of uuid.
+func (uuid UUID) Version() Version {
+	return Version(uuid[6] >> 4)
+}
+
+func (v Version) String() string {
+	if v > 15 {
+		return fmt.Sprintf("BAD_VERSION_%d", v)
+	}
+	return fmt.Sprintf("VERSION_%d", v)
+}
+
+func (v Variant) String() string {
+	switch v {
+	case RFC4122:
+		return "RFC4122"
+	case Reserved:
+		return "Reserved"
+	case Microsoft:
+		return "Microsoft"
+	case Future:
+		return "Future"
+	case Invalid:
+		return "Invalid"
+	}
+	return fmt.Sprintf("BadVariant%d", int(v))
+}
+
+// SetRand sets the random number generator to r, which implements io.Reader.
+// If r.Read returns an error when the package requests random data then
+// a panic will be issued.
+//
+// Calling SetRand with nil sets the random number generator to the default
+// generator.
+func SetRand(r io.Reader) {
+	if r == nil {
+		rander = rand.Reader
+		return
+	}
+	rander = r
+}
+
+// EnableRandPool enables internal randomness pool used for Random
+// (Version 4) UUID generation. The pool contains random bytes read from
+// the random number generator on demand in batches. Enabling the pool
+// may improve the UUID generation throughput significantly.
+//
+// Since the pool is stored on the Go heap, this feature may be a bad fit
+// for security sensitive applications.
+//
+// Both EnableRandPool and DisableRandPool are not thread-safe and should
+// only be called when there is no possibility that New or any other
+// UUID Version 4 generation function will be called concurrently.
+func EnableRandPool() {
+	poolEnabled = true
+}
+
+// DisableRandPool disables the randomness pool if it was previously
+// enabled with EnableRandPool.
+//
+// Both EnableRandPool and DisableRandPool are not thread-safe and should
+// only be called when there is no possibility that New or any other
+// UUID Version 4 generation function will be called concurrently.
+func DisableRandPool() {
+	poolEnabled = false
+	defer poolMu.Unlock()
+	poolMu.Lock()
+	poolPos = randPoolSize
+}
diff --git a/server/vendor/github.com/google/uuid/version1.go b/server/vendor/github.com/google/uuid/version1.go
new file mode 100644
index 0000000..4631096
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/version1.go
@@ -0,0 +1,44 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+	"encoding/binary"
+)
+
+// NewUUID returns a Version 1 UUID based on the current NodeID and clock
+// sequence, and the current time.  If the NodeID has not been set by SetNodeID
+// or SetNodeInterface then it will be set automatically.  If the NodeID cannot
+// be set NewUUID returns nil.  If clock sequence has not been set by
+// SetClockSequence then it will be set automatically.  If GetTime fails to
+// return the current NewUUID returns nil and an error.
+//
+// In most cases, New should be used.
+func NewUUID() (UUID, error) {
+	var uuid UUID
+	now, seq, err := GetTime()
+	if err != nil {
+		return uuid, err
+	}
+
+	timeLow := uint32(now & 0xffffffff)
+	timeMid := uint16((now >> 32) & 0xffff)
+	timeHi := uint16((now >> 48) & 0x0fff)
+	timeHi |= 0x1000 // Version 1
+
+	binary.BigEndian.PutUint32(uuid[0:], timeLow)
+	binary.BigEndian.PutUint16(uuid[4:], timeMid)
+	binary.BigEndian.PutUint16(uuid[6:], timeHi)
+	binary.BigEndian.PutUint16(uuid[8:], seq)
+
+	nodeMu.Lock()
+	if nodeID == zeroID {
+		setNodeInterface("")
+	}
+	copy(uuid[10:], nodeID[:])
+	nodeMu.Unlock()
+
+	return uuid, nil
+}
diff --git a/server/vendor/github.com/google/uuid/version4.go b/server/vendor/github.com/google/uuid/version4.go
new file mode 100644
index 0000000..7697802
--- /dev/null
+++ b/server/vendor/github.com/google/uuid/version4.go
@@ -0,0 +1,76 @@
+// Copyright 2016 Google Inc.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import "io"
+
+// New creates a new random UUID or panics.  New is equivalent to
+// the expression
+//
+//    uuid.Must(uuid.NewRandom())
+func New() UUID {
+	return Must(NewRandom())
+}
+
+// NewString creates a new random UUID and returns it as a string or panics.
+// NewString is equivalent to the expression
+//
+//    uuid.New().String()
+func NewString() string {
+	return Must(NewRandom()).String()
+}
+
+// NewRandom returns a Random (Version 4) UUID.
+//
+// The strength of the UUIDs is based on the strength of the crypto/rand
+// package.
+//
+// Uses the randomness pool if it was enabled with EnableRandPool.
+//
+// A note about uniqueness derived from the UUID Wikipedia entry:
+//
+//  Randomly generated UUIDs have 122 random bits.  One's annual risk of being
+//  hit by a meteorite is estimated to be one chance in 17 billion, that
+//  means the probability is about 0.00000000006 (6 × 10−11),
+//  equivalent to the odds of creating a few tens of trillions of UUIDs in a
+//  year and having one duplicate.
+func NewRandom() (UUID, error) {
+	if !poolEnabled {
+		return NewRandomFromReader(rander)
+	}
+	return newRandomFromPool()
+}
+
+// NewRandomFromReader returns a UUID based on bytes read from a given io.Reader.
+func NewRandomFromReader(r io.Reader) (UUID, error) {
+	var uuid UUID
+	_, err := io.ReadFull(r, uuid[:])
+	if err != nil {
+		return Nil, err
+	}
+	uuid[6] = (uuid[6] & 0x0f) | 0x40 // Version 4
+	uuid[8] = (uuid[8] & 0x3f) | 0x80 // Variant is 10
+	return uuid, nil
+}
+
+func newRandomFromPool() (UUID, error) {
+	var uuid UUID
+	poolMu.Lock()
+	if poolPos == randPoolSize {
+		_, err := io.ReadFull(rander, pool[:])
+		if err != nil {
+			poolMu.Unlock()
+			return Nil, err
+		}
+		poolPos = 0
+	}
+	copy(uuid[:], pool[poolPos:(poolPos+16)])
+	poolPos += 16
+	poolMu.Unlock()
+
+	uuid[6] = (uuid[6] & 0x0f) | 0x40 // Version 4
+	uuid[8] = (uuid[8] & 0x3f) | 0x80 // Variant is 10
+	return uuid, nil
+}
diff --git a/server/vendor/github.com/gorilla/websocket/.gitignore b/server/vendor/github.com/gorilla/websocket/.gitignore
new file mode 100644
index 0000000..cd3fcd1
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/.gitignore
@@ -0,0 +1,25 @@
+# Compiled Object files, Static and Dynamic libs (Shared Objects)
+*.o
+*.a
+*.so
+
+# Folders
+_obj
+_test
+
+# Architecture specific extensions/prefixes
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.exe
+
+.idea/
+*.iml
diff --git a/server/vendor/github.com/gorilla/websocket/AUTHORS b/server/vendor/github.com/gorilla/websocket/AUTHORS
new file mode 100644
index 0000000..1931f40
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/AUTHORS
@@ -0,0 +1,9 @@
+# This is the official list of Gorilla WebSocket authors for copyright
+# purposes.
+#
+# Please keep the list sorted.
+
+Gary Burd <gary@beagledreams.com>
+Google LLC (https://opensource.google.com/)
+Joachim Bauch <mail@joachim-bauch.de>
+
diff --git a/server/vendor/github.com/gorilla/websocket/LICENSE b/server/vendor/github.com/gorilla/websocket/LICENSE
new file mode 100644
index 0000000..9171c97
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/LICENSE
@@ -0,0 +1,22 @@
+Copyright (c) 2013 The Gorilla WebSocket Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+  Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/server/vendor/github.com/gorilla/websocket/README.md b/server/vendor/github.com/gorilla/websocket/README.md
new file mode 100644
index 0000000..d33ed7f
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/README.md
@@ -0,0 +1,33 @@
+# Gorilla WebSocket
+
+[![GoDoc](https://godoc.org/github.com/gorilla/websocket?status.svg)](https://godoc.org/github.com/gorilla/websocket)
+[![CircleCI](https://circleci.com/gh/gorilla/websocket.svg?style=svg)](https://circleci.com/gh/gorilla/websocket)
+
+Gorilla WebSocket is a [Go](http://golang.org/) implementation of the
+[WebSocket](http://www.rfc-editor.org/rfc/rfc6455.txt) protocol.
+
+
+### Documentation
+
+* [API Reference](https://pkg.go.dev/github.com/gorilla/websocket?tab=doc)
+* [Chat example](https://github.com/gorilla/websocket/tree/master/examples/chat)
+* [Command example](https://github.com/gorilla/websocket/tree/master/examples/command)
+* [Client and server example](https://github.com/gorilla/websocket/tree/master/examples/echo)
+* [File watch example](https://github.com/gorilla/websocket/tree/master/examples/filewatch)
+
+### Status
+
+The Gorilla WebSocket package provides a complete and tested implementation of
+the [WebSocket](http://www.rfc-editor.org/rfc/rfc6455.txt) protocol. The
+package API is stable.
+
+### Installation
+
+    go get github.com/gorilla/websocket
+
+### Protocol Compliance
+
+The Gorilla WebSocket package passes the server tests in the [Autobahn Test
+Suite](https://github.com/crossbario/autobahn-testsuite) using the application in the [examples/autobahn
+subdirectory](https://github.com/gorilla/websocket/tree/master/examples/autobahn).
+
diff --git a/server/vendor/github.com/gorilla/websocket/client.go b/server/vendor/github.com/gorilla/websocket/client.go
new file mode 100644
index 0000000..04fdafe
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/client.go
@@ -0,0 +1,434 @@
+// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"bytes"
+	"context"
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"net/http/httptrace"
+	"net/url"
+	"strings"
+	"time"
+)
+
+// ErrBadHandshake is returned when the server response to opening handshake is
+// invalid.
+var ErrBadHandshake = errors.New("websocket: bad handshake")
+
+var errInvalidCompression = errors.New("websocket: invalid compression negotiation")
+
+// NewClient creates a new client connection using the given net connection.
+// The URL u specifies the host and request URI. Use requestHeader to specify
+// the origin (Origin), subprotocols (Sec-WebSocket-Protocol) and cookies
+// (Cookie). Use the response.Header to get the selected subprotocol
+// (Sec-WebSocket-Protocol) and cookies (Set-Cookie).
+//
+// If the WebSocket handshake fails, ErrBadHandshake is returned along with a
+// non-nil *http.Response so that callers can handle redirects, authentication,
+// etc.
+//
+// Deprecated: Use Dialer instead.
+func NewClient(netConn net.Conn, u *url.URL, requestHeader http.Header, readBufSize, writeBufSize int) (c *Conn, response *http.Response, err error) {
+	d := Dialer{
+		ReadBufferSize:  readBufSize,
+		WriteBufferSize: writeBufSize,
+		NetDial: func(net, addr string) (net.Conn, error) {
+			return netConn, nil
+		},
+	}
+	return d.Dial(u.String(), requestHeader)
+}
+
+// A Dialer contains options for connecting to WebSocket server.
+//
+// It is safe to call Dialer's methods concurrently.
+type Dialer struct {
+	// NetDial specifies the dial function for creating TCP connections. If
+	// NetDial is nil, net.Dial is used.
+	NetDial func(network, addr string) (net.Conn, error)
+
+	// NetDialContext specifies the dial function for creating TCP connections. If
+	// NetDialContext is nil, NetDial is used.
+	NetDialContext func(ctx context.Context, network, addr string) (net.Conn, error)
+
+	// NetDialTLSContext specifies the dial function for creating TLS/TCP connections. If
+	// NetDialTLSContext is nil, NetDialContext is used.
+	// If NetDialTLSContext is set, Dial assumes the TLS handshake is done there and
+	// TLSClientConfig is ignored.
+	NetDialTLSContext func(ctx context.Context, network, addr string) (net.Conn, error)
+
+	// Proxy specifies a function to return a proxy for a given
+	// Request. If the function returns a non-nil error, the
+	// request is aborted with the provided error.
+	// If Proxy is nil or returns a nil *URL, no proxy is used.
+	Proxy func(*http.Request) (*url.URL, error)
+
+	// TLSClientConfig specifies the TLS configuration to use with tls.Client.
+	// If nil, the default configuration is used.
+	// If either NetDialTLS or NetDialTLSContext are set, Dial assumes the TLS handshake
+	// is done there and TLSClientConfig is ignored.
+	TLSClientConfig *tls.Config
+
+	// HandshakeTimeout specifies the duration for the handshake to complete.
+	HandshakeTimeout time.Duration
+
+	// ReadBufferSize and WriteBufferSize specify I/O buffer sizes in bytes. If a buffer
+	// size is zero, then a useful default size is used. The I/O buffer sizes
+	// do not limit the size of the messages that can be sent or received.
+	ReadBufferSize, WriteBufferSize int
+
+	// WriteBufferPool is a pool of buffers for write operations. If the value
+	// is not set, then write buffers are allocated to the connection for the
+	// lifetime of the connection.
+	//
+	// A pool is most useful when the application has a modest volume of writes
+	// across a large number of connections.
+	//
+	// Applications should use a single pool for each unique value of
+	// WriteBufferSize.
+	WriteBufferPool BufferPool
+
+	// Subprotocols specifies the client's requested subprotocols.
+	Subprotocols []string
+
+	// EnableCompression specifies if the client should attempt to negotiate
+	// per message compression (RFC 7692). Setting this value to true does not
+	// guarantee that compression will be supported. Currently only "no context
+	// takeover" modes are supported.
+	EnableCompression bool
+
+	// Jar specifies the cookie jar.
+	// If Jar is nil, cookies are not sent in requests and ignored
+	// in responses.
+	Jar http.CookieJar
+}
+
+// Dial creates a new client connection by calling DialContext with a background context.
+func (d *Dialer) Dial(urlStr string, requestHeader http.Header) (*Conn, *http.Response, error) {
+	return d.DialContext(context.Background(), urlStr, requestHeader)
+}
+
+var errMalformedURL = errors.New("malformed ws or wss URL")
+
+func hostPortNoPort(u *url.URL) (hostPort, hostNoPort string) {
+	hostPort = u.Host
+	hostNoPort = u.Host
+	if i := strings.LastIndex(u.Host, ":"); i > strings.LastIndex(u.Host, "]") {
+		hostNoPort = hostNoPort[:i]
+	} else {
+		switch u.Scheme {
+		case "wss":
+			hostPort += ":443"
+		case "https":
+			hostPort += ":443"
+		default:
+			hostPort += ":80"
+		}
+	}
+	return hostPort, hostNoPort
+}
+
+// DefaultDialer is a dialer with all fields set to the default values.
+var DefaultDialer = &Dialer{
+	Proxy:            http.ProxyFromEnvironment,
+	HandshakeTimeout: 45 * time.Second,
+}
+
+// nilDialer is dialer to use when receiver is nil.
+var nilDialer = *DefaultDialer
+
+// DialContext creates a new client connection. Use requestHeader to specify the
+// origin (Origin), subprotocols (Sec-WebSocket-Protocol) and cookies (Cookie).
+// Use the response.Header to get the selected subprotocol
+// (Sec-WebSocket-Protocol) and cookies (Set-Cookie).
+//
+// The context will be used in the request and in the Dialer.
+//
+// If the WebSocket handshake fails, ErrBadHandshake is returned along with a
+// non-nil *http.Response so that callers can handle redirects, authentication,
+// etcetera. The response body may not contain the entire response and does not
+// need to be closed by the application.
+func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader http.Header) (*Conn, *http.Response, error) {
+	if d == nil {
+		d = &nilDialer
+	}
+
+	challengeKey, err := generateChallengeKey()
+	if err != nil {
+		return nil, nil, err
+	}
+
+	u, err := url.Parse(urlStr)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	switch u.Scheme {
+	case "ws":
+		u.Scheme = "http"
+	case "wss":
+		u.Scheme = "https"
+	default:
+		return nil, nil, errMalformedURL
+	}
+
+	if u.User != nil {
+		// User name and password are not allowed in websocket URIs.
+		return nil, nil, errMalformedURL
+	}
+
+	req := &http.Request{
+		Method:     http.MethodGet,
+		URL:        u,
+		Proto:      "HTTP/1.1",
+		ProtoMajor: 1,
+		ProtoMinor: 1,
+		Header:     make(http.Header),
+		Host:       u.Host,
+	}
+	req = req.WithContext(ctx)
+
+	// Set the cookies present in the cookie jar of the dialer
+	if d.Jar != nil {
+		for _, cookie := range d.Jar.Cookies(u) {
+			req.AddCookie(cookie)
+		}
+	}
+
+	// Set the request headers using the capitalization for names and values in
+	// RFC examples. Although the capitalization shouldn't matter, there are
+	// servers that depend on it. The Header.Set method is not used because the
+	// method canonicalizes the header names.
+	req.Header["Upgrade"] = []string{"websocket"}
+	req.Header["Connection"] = []string{"Upgrade"}
+	req.Header["Sec-WebSocket-Key"] = []string{challengeKey}
+	req.Header["Sec-WebSocket-Version"] = []string{"13"}
+	if len(d.Subprotocols) > 0 {
+		req.Header["Sec-WebSocket-Protocol"] = []string{strings.Join(d.Subprotocols, ", ")}
+	}
+	for k, vs := range requestHeader {
+		switch {
+		case k == "Host":
+			if len(vs) > 0 {
+				req.Host = vs[0]
+			}
+		case k == "Upgrade" ||
+			k == "Connection" ||
+			k == "Sec-Websocket-Key" ||
+			k == "Sec-Websocket-Version" ||
+			k == "Sec-Websocket-Extensions" ||
+			(k == "Sec-Websocket-Protocol" && len(d.Subprotocols) > 0):
+			return nil, nil, errors.New("websocket: duplicate header not allowed: " + k)
+		case k == "Sec-Websocket-Protocol":
+			req.Header["Sec-WebSocket-Protocol"] = vs
+		default:
+			req.Header[k] = vs
+		}
+	}
+
+	if d.EnableCompression {
+		req.Header["Sec-WebSocket-Extensions"] = []string{"permessage-deflate; server_no_context_takeover; client_no_context_takeover"}
+	}
+
+	if d.HandshakeTimeout != 0 {
+		var cancel func()
+		ctx, cancel = context.WithTimeout(ctx, d.HandshakeTimeout)
+		defer cancel()
+	}
+
+	// Get network dial function.
+	var netDial func(network, add string) (net.Conn, error)
+
+	switch u.Scheme {
+	case "http":
+		if d.NetDialContext != nil {
+			netDial = func(network, addr string) (net.Conn, error) {
+				return d.NetDialContext(ctx, network, addr)
+			}
+		} else if d.NetDial != nil {
+			netDial = d.NetDial
+		}
+	case "https":
+		if d.NetDialTLSContext != nil {
+			netDial = func(network, addr string) (net.Conn, error) {
+				return d.NetDialTLSContext(ctx, network, addr)
+			}
+		} else if d.NetDialContext != nil {
+			netDial = func(network, addr string) (net.Conn, error) {
+				return d.NetDialContext(ctx, network, addr)
+			}
+		} else if d.NetDial != nil {
+			netDial = d.NetDial
+		}
+	default:
+		return nil, nil, errMalformedURL
+	}
+
+	if netDial == nil {
+		netDialer := &net.Dialer{}
+		netDial = func(network, addr string) (net.Conn, error) {
+			return netDialer.DialContext(ctx, network, addr)
+		}
+	}
+
+	// If needed, wrap the dial function to set the connection deadline.
+	if deadline, ok := ctx.Deadline(); ok {
+		forwardDial := netDial
+		netDial = func(network, addr string) (net.Conn, error) {
+			c, err := forwardDial(network, addr)
+			if err != nil {
+				return nil, err
+			}
+			err = c.SetDeadline(deadline)
+			if err != nil {
+				c.Close()
+				return nil, err
+			}
+			return c, nil
+		}
+	}
+
+	// If needed, wrap the dial function to connect through a proxy.
+	if d.Proxy != nil {
+		proxyURL, err := d.Proxy(req)
+		if err != nil {
+			return nil, nil, err
+		}
+		if proxyURL != nil {
+			dialer, err := proxy_FromURL(proxyURL, netDialerFunc(netDial))
+			if err != nil {
+				return nil, nil, err
+			}
+			netDial = dialer.Dial
+		}
+	}
+
+	hostPort, hostNoPort := hostPortNoPort(u)
+	trace := httptrace.ContextClientTrace(ctx)
+	if trace != nil && trace.GetConn != nil {
+		trace.GetConn(hostPort)
+	}
+
+	netConn, err := netDial("tcp", hostPort)
+	if err != nil {
+		return nil, nil, err
+	}
+	if trace != nil && trace.GotConn != nil {
+		trace.GotConn(httptrace.GotConnInfo{
+			Conn: netConn,
+		})
+	}
+
+	defer func() {
+		if netConn != nil {
+			netConn.Close()
+		}
+	}()
+
+	if u.Scheme == "https" && d.NetDialTLSContext == nil {
+		// If NetDialTLSContext is set, assume that the TLS handshake has already been done
+
+		cfg := cloneTLSConfig(d.TLSClientConfig)
+		if cfg.ServerName == "" {
+			cfg.ServerName = hostNoPort
+		}
+		tlsConn := tls.Client(netConn, cfg)
+		netConn = tlsConn
+
+		if trace != nil && trace.TLSHandshakeStart != nil {
+			trace.TLSHandshakeStart()
+		}
+		err := doHandshake(ctx, tlsConn, cfg)
+		if trace != nil && trace.TLSHandshakeDone != nil {
+			trace.TLSHandshakeDone(tlsConn.ConnectionState(), err)
+		}
+
+		if err != nil {
+			return nil, nil, err
+		}
+	}
+
+	conn := newConn(netConn, false, d.ReadBufferSize, d.WriteBufferSize, d.WriteBufferPool, nil, nil)
+
+	if err := req.Write(netConn); err != nil {
+		return nil, nil, err
+	}
+
+	if trace != nil && trace.GotFirstResponseByte != nil {
+		if peek, err := conn.br.Peek(1); err == nil && len(peek) == 1 {
+			trace.GotFirstResponseByte()
+		}
+	}
+
+	resp, err := http.ReadResponse(conn.br, req)
+	if err != nil {
+		if d.TLSClientConfig != nil {
+			for _, proto := range d.TLSClientConfig.NextProtos {
+				if proto != "http/1.1" {
+					return nil, nil, fmt.Errorf(
+						"websocket: protocol %q was given but is not supported;"+
+							"sharing tls.Config with net/http Transport can cause this error: %w",
+						proto, err,
+					)
+				}
+			}
+		}
+		return nil, nil, err
+	}
+
+	if d.Jar != nil {
+		if rc := resp.Cookies(); len(rc) > 0 {
+			d.Jar.SetCookies(u, rc)
+		}
+	}
+
+	if resp.StatusCode != 101 ||
+		!tokenListContainsValue(resp.Header, "Upgrade", "websocket") ||
+		!tokenListContainsValue(resp.Header, "Connection", "upgrade") ||
+		resp.Header.Get("Sec-Websocket-Accept") != computeAcceptKey(challengeKey) {
+		// Before closing the network connection on return from this
+		// function, slurp up some of the response to aid application
+		// debugging.
+		buf := make([]byte, 1024)
+		n, _ := io.ReadFull(resp.Body, buf)
+		resp.Body = ioutil.NopCloser(bytes.NewReader(buf[:n]))
+		return nil, resp, ErrBadHandshake
+	}
+
+	for _, ext := range parseExtensions(resp.Header) {
+		if ext[""] != "permessage-deflate" {
+			continue
+		}
+		_, snct := ext["server_no_context_takeover"]
+		_, cnct := ext["client_no_context_takeover"]
+		if !snct || !cnct {
+			return nil, resp, errInvalidCompression
+		}
+		conn.newCompressionWriter = compressNoContextTakeover
+		conn.newDecompressionReader = decompressNoContextTakeover
+		break
+	}
+
+	resp.Body = ioutil.NopCloser(bytes.NewReader([]byte{}))
+	conn.subprotocol = resp.Header.Get("Sec-Websocket-Protocol")
+
+	netConn.SetDeadline(time.Time{})
+	netConn = nil // to avoid close in defer.
+	return conn, resp, nil
+}
+
+func cloneTLSConfig(cfg *tls.Config) *tls.Config {
+	if cfg == nil {
+		return &tls.Config{}
+	}
+	return cfg.Clone()
+}
diff --git a/server/vendor/github.com/gorilla/websocket/compression.go b/server/vendor/github.com/gorilla/websocket/compression.go
new file mode 100644
index 0000000..813ffb1
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/compression.go
@@ -0,0 +1,148 @@
+// Copyright 2017 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"compress/flate"
+	"errors"
+	"io"
+	"strings"
+	"sync"
+)
+
+const (
+	minCompressionLevel     = -2 // flate.HuffmanOnly not defined in Go < 1.6
+	maxCompressionLevel     = flate.BestCompression
+	defaultCompressionLevel = 1
+)
+
+var (
+	flateWriterPools [maxCompressionLevel - minCompressionLevel + 1]sync.Pool
+	flateReaderPool  = sync.Pool{New: func() interface{} {
+		return flate.NewReader(nil)
+	}}
+)
+
+func decompressNoContextTakeover(r io.Reader) io.ReadCloser {
+	const tail =
+	// Add four bytes as specified in RFC
+	"\x00\x00\xff\xff" +
+		// Add final block to squelch unexpected EOF error from flate reader.
+		"\x01\x00\x00\xff\xff"
+
+	fr, _ := flateReaderPool.Get().(io.ReadCloser)
+	fr.(flate.Resetter).Reset(io.MultiReader(r, strings.NewReader(tail)), nil)
+	return &flateReadWrapper{fr}
+}
+
+func isValidCompressionLevel(level int) bool {
+	return minCompressionLevel <= level && level <= maxCompressionLevel
+}
+
+func compressNoContextTakeover(w io.WriteCloser, level int) io.WriteCloser {
+	p := &flateWriterPools[level-minCompressionLevel]
+	tw := &truncWriter{w: w}
+	fw, _ := p.Get().(*flate.Writer)
+	if fw == nil {
+		fw, _ = flate.NewWriter(tw, level)
+	} else {
+		fw.Reset(tw)
+	}
+	return &flateWriteWrapper{fw: fw, tw: tw, p: p}
+}
+
+// truncWriter is an io.Writer that writes all but the last four bytes of the
+// stream to another io.Writer.
+type truncWriter struct {
+	w io.WriteCloser
+	n int
+	p [4]byte
+}
+
+func (w *truncWriter) Write(p []byte) (int, error) {
+	n := 0
+
+	// fill buffer first for simplicity.
+	if w.n < len(w.p) {
+		n = copy(w.p[w.n:], p)
+		p = p[n:]
+		w.n += n
+		if len(p) == 0 {
+			return n, nil
+		}
+	}
+
+	m := len(p)
+	if m > len(w.p) {
+		m = len(w.p)
+	}
+
+	if nn, err := w.w.Write(w.p[:m]); err != nil {
+		return n + nn, err
+	}
+
+	copy(w.p[:], w.p[m:])
+	copy(w.p[len(w.p)-m:], p[len(p)-m:])
+	nn, err := w.w.Write(p[:len(p)-m])
+	return n + nn, err
+}
+
+type flateWriteWrapper struct {
+	fw *flate.Writer
+	tw *truncWriter
+	p  *sync.Pool
+}
+
+func (w *flateWriteWrapper) Write(p []byte) (int, error) {
+	if w.fw == nil {
+		return 0, errWriteClosed
+	}
+	return w.fw.Write(p)
+}
+
+func (w *flateWriteWrapper) Close() error {
+	if w.fw == nil {
+		return errWriteClosed
+	}
+	err1 := w.fw.Flush()
+	w.p.Put(w.fw)
+	w.fw = nil
+	if w.tw.p != [4]byte{0, 0, 0xff, 0xff} {
+		return errors.New("websocket: internal error, unexpected bytes at end of flate stream")
+	}
+	err2 := w.tw.w.Close()
+	if err1 != nil {
+		return err1
+	}
+	return err2
+}
+
+type flateReadWrapper struct {
+	fr io.ReadCloser
+}
+
+func (r *flateReadWrapper) Read(p []byte) (int, error) {
+	if r.fr == nil {
+		return 0, io.ErrClosedPipe
+	}
+	n, err := r.fr.Read(p)
+	if err == io.EOF {
+		// Preemptively place the reader back in the pool. This helps with
+		// scenarios where the application does not call NextReader() soon after
+		// this final read.
+		r.Close()
+	}
+	return n, err
+}
+
+func (r *flateReadWrapper) Close() error {
+	if r.fr == nil {
+		return io.ErrClosedPipe
+	}
+	err := r.fr.Close()
+	flateReaderPool.Put(r.fr)
+	r.fr = nil
+	return err
+}
diff --git a/server/vendor/github.com/gorilla/websocket/conn.go b/server/vendor/github.com/gorilla/websocket/conn.go
new file mode 100644
index 0000000..5161ef8
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/conn.go
@@ -0,0 +1,1238 @@
+// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"bufio"
+	"encoding/binary"
+	"errors"
+	"io"
+	"io/ioutil"
+	"math/rand"
+	"net"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+	"unicode/utf8"
+)
+
+const (
+	// Frame header byte 0 bits from Section 5.2 of RFC 6455
+	finalBit = 1 << 7
+	rsv1Bit  = 1 << 6
+	rsv2Bit  = 1 << 5
+	rsv3Bit  = 1 << 4
+
+	// Frame header byte 1 bits from Section 5.2 of RFC 6455
+	maskBit = 1 << 7
+
+	maxFrameHeaderSize         = 2 + 8 + 4 // Fixed header + length + mask
+	maxControlFramePayloadSize = 125
+
+	writeWait = time.Second
+
+	defaultReadBufferSize  = 4096
+	defaultWriteBufferSize = 4096
+
+	continuationFrame = 0
+	noFrame           = -1
+)
+
+// Close codes defined in RFC 6455, section 11.7.
+const (
+	CloseNormalClosure           = 1000
+	CloseGoingAway               = 1001
+	CloseProtocolError           = 1002
+	CloseUnsupportedData         = 1003
+	CloseNoStatusReceived        = 1005
+	CloseAbnormalClosure         = 1006
+	CloseInvalidFramePayloadData = 1007
+	ClosePolicyViolation         = 1008
+	CloseMessageTooBig           = 1009
+	CloseMandatoryExtension      = 1010
+	CloseInternalServerErr       = 1011
+	CloseServiceRestart          = 1012
+	CloseTryAgainLater           = 1013
+	CloseTLSHandshake            = 1015
+)
+
+// The message types are defined in RFC 6455, section 11.8.
+const (
+	// TextMessage denotes a text data message. The text message payload is
+	// interpreted as UTF-8 encoded text data.
+	TextMessage = 1
+
+	// BinaryMessage denotes a binary data message.
+	BinaryMessage = 2
+
+	// CloseMessage denotes a close control message. The optional message
+	// payload contains a numeric code and text. Use the FormatCloseMessage
+	// function to format a close message payload.
+	CloseMessage = 8
+
+	// PingMessage denotes a ping control message. The optional message payload
+	// is UTF-8 encoded text.
+	PingMessage = 9
+
+	// PongMessage denotes a pong control message. The optional message payload
+	// is UTF-8 encoded text.
+	PongMessage = 10
+)
+
+// ErrCloseSent is returned when the application writes a message to the
+// connection after sending a close message.
+var ErrCloseSent = errors.New("websocket: close sent")
+
+// ErrReadLimit is returned when reading a message that is larger than the
+// read limit set for the connection.
+var ErrReadLimit = errors.New("websocket: read limit exceeded")
+
+// netError satisfies the net Error interface.
+type netError struct {
+	msg       string
+	temporary bool
+	timeout   bool
+}
+
+func (e *netError) Error() string   { return e.msg }
+func (e *netError) Temporary() bool { return e.temporary }
+func (e *netError) Timeout() bool   { return e.timeout }
+
+// CloseError represents a close message.
+type CloseError struct {
+	// Code is defined in RFC 6455, section 11.7.
+	Code int
+
+	// Text is the optional text payload.
+	Text string
+}
+
+func (e *CloseError) Error() string {
+	s := []byte("websocket: close ")
+	s = strconv.AppendInt(s, int64(e.Code), 10)
+	switch e.Code {
+	case CloseNormalClosure:
+		s = append(s, " (normal)"...)
+	case CloseGoingAway:
+		s = append(s, " (going away)"...)
+	case CloseProtocolError:
+		s = append(s, " (protocol error)"...)
+	case CloseUnsupportedData:
+		s = append(s, " (unsupported data)"...)
+	case CloseNoStatusReceived:
+		s = append(s, " (no status)"...)
+	case CloseAbnormalClosure:
+		s = append(s, " (abnormal closure)"...)
+	case CloseInvalidFramePayloadData:
+		s = append(s, " (invalid payload data)"...)
+	case ClosePolicyViolation:
+		s = append(s, " (policy violation)"...)
+	case CloseMessageTooBig:
+		s = append(s, " (message too big)"...)
+	case CloseMandatoryExtension:
+		s = append(s, " (mandatory extension missing)"...)
+	case CloseInternalServerErr:
+		s = append(s, " (internal server error)"...)
+	case CloseTLSHandshake:
+		s = append(s, " (TLS handshake error)"...)
+	}
+	if e.Text != "" {
+		s = append(s, ": "...)
+		s = append(s, e.Text...)
+	}
+	return string(s)
+}
+
+// IsCloseError returns boolean indicating whether the error is a *CloseError
+// with one of the specified codes.
+func IsCloseError(err error, codes ...int) bool {
+	if e, ok := err.(*CloseError); ok {
+		for _, code := range codes {
+			if e.Code == code {
+				return true
+			}
+		}
+	}
+	return false
+}
+
+// IsUnexpectedCloseError returns boolean indicating whether the error is a
+// *CloseError with a code not in the list of expected codes.
+func IsUnexpectedCloseError(err error, expectedCodes ...int) bool {
+	if e, ok := err.(*CloseError); ok {
+		for _, code := range expectedCodes {
+			if e.Code == code {
+				return false
+			}
+		}
+		return true
+	}
+	return false
+}
+
+var (
+	errWriteTimeout        = &netError{msg: "websocket: write timeout", timeout: true, temporary: true}
+	errUnexpectedEOF       = &CloseError{Code: CloseAbnormalClosure, Text: io.ErrUnexpectedEOF.Error()}
+	errBadWriteOpCode      = errors.New("websocket: bad write message type")
+	errWriteClosed         = errors.New("websocket: write closed")
+	errInvalidControlFrame = errors.New("websocket: invalid control frame")
+)
+
+func newMaskKey() [4]byte {
+	n := rand.Uint32()
+	return [4]byte{byte(n), byte(n >> 8), byte(n >> 16), byte(n >> 24)}
+}
+
+func hideTempErr(err error) error {
+	if e, ok := err.(net.Error); ok && e.Temporary() {
+		err = &netError{msg: e.Error(), timeout: e.Timeout()}
+	}
+	return err
+}
+
+func isControl(frameType int) bool {
+	return frameType == CloseMessage || frameType == PingMessage || frameType == PongMessage
+}
+
+func isData(frameType int) bool {
+	return frameType == TextMessage || frameType == BinaryMessage
+}
+
+var validReceivedCloseCodes = map[int]bool{
+	// see http://www.iana.org/assignments/websocket/websocket.xhtml#close-code-number
+
+	CloseNormalClosure:           true,
+	CloseGoingAway:               true,
+	CloseProtocolError:           true,
+	CloseUnsupportedData:         true,
+	CloseNoStatusReceived:        false,
+	CloseAbnormalClosure:         false,
+	CloseInvalidFramePayloadData: true,
+	ClosePolicyViolation:         true,
+	CloseMessageTooBig:           true,
+	CloseMandatoryExtension:      true,
+	CloseInternalServerErr:       true,
+	CloseServiceRestart:          true,
+	CloseTryAgainLater:           true,
+	CloseTLSHandshake:            false,
+}
+
+func isValidReceivedCloseCode(code int) bool {
+	return validReceivedCloseCodes[code] || (code >= 3000 && code <= 4999)
+}
+
+// BufferPool represents a pool of buffers. The *sync.Pool type satisfies this
+// interface.  The type of the value stored in a pool is not specified.
+type BufferPool interface {
+	// Get gets a value from the pool or returns nil if the pool is empty.
+	Get() interface{}
+	// Put adds a value to the pool.
+	Put(interface{})
+}
+
+// writePoolData is the type added to the write buffer pool. This wrapper is
+// used to prevent applications from peeking at and depending on the values
+// added to the pool.
+type writePoolData struct{ buf []byte }
+
+// The Conn type represents a WebSocket connection.
+type Conn struct {
+	conn        net.Conn
+	isServer    bool
+	subprotocol string
+
+	// Write fields
+	mu            chan struct{} // used as mutex to protect write to conn
+	writeBuf      []byte        // frame is constructed in this buffer.
+	writePool     BufferPool
+	writeBufSize  int
+	writeDeadline time.Time
+	writer        io.WriteCloser // the current writer returned to the application
+	isWriting     bool           // for best-effort concurrent write detection
+
+	writeErrMu sync.Mutex
+	writeErr   error
+
+	enableWriteCompression bool
+	compressionLevel       int
+	newCompressionWriter   func(io.WriteCloser, int) io.WriteCloser
+
+	// Read fields
+	reader  io.ReadCloser // the current reader returned to the application
+	readErr error
+	br      *bufio.Reader
+	// bytes remaining in current frame.
+	// set setReadRemaining to safely update this value and prevent overflow
+	readRemaining int64
+	readFinal     bool  // true the current message has more frames.
+	readLength    int64 // Message size.
+	readLimit     int64 // Maximum message size.
+	readMaskPos   int
+	readMaskKey   [4]byte
+	handlePong    func(string) error
+	handlePing    func(string) error
+	handleClose   func(int, string) error
+	readErrCount  int
+	messageReader *messageReader // the current low-level reader
+
+	readDecompress         bool // whether last read frame had RSV1 set
+	newDecompressionReader func(io.Reader) io.ReadCloser
+}
+
+func newConn(conn net.Conn, isServer bool, readBufferSize, writeBufferSize int, writeBufferPool BufferPool, br *bufio.Reader, writeBuf []byte) *Conn {
+
+	if br == nil {
+		if readBufferSize == 0 {
+			readBufferSize = defaultReadBufferSize
+		} else if readBufferSize < maxControlFramePayloadSize {
+			// must be large enough for control frame
+			readBufferSize = maxControlFramePayloadSize
+		}
+		br = bufio.NewReaderSize(conn, readBufferSize)
+	}
+
+	if writeBufferSize <= 0 {
+		writeBufferSize = defaultWriteBufferSize
+	}
+	writeBufferSize += maxFrameHeaderSize
+
+	if writeBuf == nil && writeBufferPool == nil {
+		writeBuf = make([]byte, writeBufferSize)
+	}
+
+	mu := make(chan struct{}, 1)
+	mu <- struct{}{}
+	c := &Conn{
+		isServer:               isServer,
+		br:                     br,
+		conn:                   conn,
+		mu:                     mu,
+		readFinal:              true,
+		writeBuf:               writeBuf,
+		writePool:              writeBufferPool,
+		writeBufSize:           writeBufferSize,
+		enableWriteCompression: true,
+		compressionLevel:       defaultCompressionLevel,
+	}
+	c.SetCloseHandler(nil)
+	c.SetPingHandler(nil)
+	c.SetPongHandler(nil)
+	return c
+}
+
+// setReadRemaining tracks the number of bytes remaining on the connection. If n
+// overflows, an ErrReadLimit is returned.
+func (c *Conn) setReadRemaining(n int64) error {
+	if n < 0 {
+		return ErrReadLimit
+	}
+
+	c.readRemaining = n
+	return nil
+}
+
+// Subprotocol returns the negotiated protocol for the connection.
+func (c *Conn) Subprotocol() string {
+	return c.subprotocol
+}
+
+// Close closes the underlying network connection without sending or waiting
+// for a close message.
+func (c *Conn) Close() error {
+	return c.conn.Close()
+}
+
+// LocalAddr returns the local network address.
+func (c *Conn) LocalAddr() net.Addr {
+	return c.conn.LocalAddr()
+}
+
+// RemoteAddr returns the remote network address.
+func (c *Conn) RemoteAddr() net.Addr {
+	return c.conn.RemoteAddr()
+}
+
+// Write methods
+
+func (c *Conn) writeFatal(err error) error {
+	err = hideTempErr(err)
+	c.writeErrMu.Lock()
+	if c.writeErr == nil {
+		c.writeErr = err
+	}
+	c.writeErrMu.Unlock()
+	return err
+}
+
+func (c *Conn) read(n int) ([]byte, error) {
+	p, err := c.br.Peek(n)
+	if err == io.EOF {
+		err = errUnexpectedEOF
+	}
+	c.br.Discard(len(p))
+	return p, err
+}
+
+func (c *Conn) write(frameType int, deadline time.Time, buf0, buf1 []byte) error {
+	<-c.mu
+	defer func() { c.mu <- struct{}{} }()
+
+	c.writeErrMu.Lock()
+	err := c.writeErr
+	c.writeErrMu.Unlock()
+	if err != nil {
+		return err
+	}
+
+	c.conn.SetWriteDeadline(deadline)
+	if len(buf1) == 0 {
+		_, err = c.conn.Write(buf0)
+	} else {
+		err = c.writeBufs(buf0, buf1)
+	}
+	if err != nil {
+		return c.writeFatal(err)
+	}
+	if frameType == CloseMessage {
+		c.writeFatal(ErrCloseSent)
+	}
+	return nil
+}
+
+func (c *Conn) writeBufs(bufs ...[]byte) error {
+	b := net.Buffers(bufs)
+	_, err := b.WriteTo(c.conn)
+	return err
+}
+
+// WriteControl writes a control message with the given deadline. The allowed
+// message types are CloseMessage, PingMessage and PongMessage.
+func (c *Conn) WriteControl(messageType int, data []byte, deadline time.Time) error {
+	if !isControl(messageType) {
+		return errBadWriteOpCode
+	}
+	if len(data) > maxControlFramePayloadSize {
+		return errInvalidControlFrame
+	}
+
+	b0 := byte(messageType) | finalBit
+	b1 := byte(len(data))
+	if !c.isServer {
+		b1 |= maskBit
+	}
+
+	buf := make([]byte, 0, maxFrameHeaderSize+maxControlFramePayloadSize)
+	buf = append(buf, b0, b1)
+
+	if c.isServer {
+		buf = append(buf, data...)
+	} else {
+		key := newMaskKey()
+		buf = append(buf, key[:]...)
+		buf = append(buf, data...)
+		maskBytes(key, 0, buf[6:])
+	}
+
+	d := 1000 * time.Hour
+	if !deadline.IsZero() {
+		d = deadline.Sub(time.Now())
+		if d < 0 {
+			return errWriteTimeout
+		}
+	}
+
+	timer := time.NewTimer(d)
+	select {
+	case <-c.mu:
+		timer.Stop()
+	case <-timer.C:
+		return errWriteTimeout
+	}
+	defer func() { c.mu <- struct{}{} }()
+
+	c.writeErrMu.Lock()
+	err := c.writeErr
+	c.writeErrMu.Unlock()
+	if err != nil {
+		return err
+	}
+
+	c.conn.SetWriteDeadline(deadline)
+	_, err = c.conn.Write(buf)
+	if err != nil {
+		return c.writeFatal(err)
+	}
+	if messageType == CloseMessage {
+		c.writeFatal(ErrCloseSent)
+	}
+	return err
+}
+
+// beginMessage prepares a connection and message writer for a new message.
+func (c *Conn) beginMessage(mw *messageWriter, messageType int) error {
+	// Close previous writer if not already closed by the application. It's
+	// probably better to return an error in this situation, but we cannot
+	// change this without breaking existing applications.
+	if c.writer != nil {
+		c.writer.Close()
+		c.writer = nil
+	}
+
+	if !isControl(messageType) && !isData(messageType) {
+		return errBadWriteOpCode
+	}
+
+	c.writeErrMu.Lock()
+	err := c.writeErr
+	c.writeErrMu.Unlock()
+	if err != nil {
+		return err
+	}
+
+	mw.c = c
+	mw.frameType = messageType
+	mw.pos = maxFrameHeaderSize
+
+	if c.writeBuf == nil {
+		wpd, ok := c.writePool.Get().(writePoolData)
+		if ok {
+			c.writeBuf = wpd.buf
+		} else {
+			c.writeBuf = make([]byte, c.writeBufSize)
+		}
+	}
+	return nil
+}
+
+// NextWriter returns a writer for the next message to send. The writer's Close
+// method flushes the complete message to the network.
+//
+// There can be at most one open writer on a connection. NextWriter closes the
+// previous writer if the application has not already done so.
+//
+// All message types (TextMessage, BinaryMessage, CloseMessage, PingMessage and
+// PongMessage) are supported.
+func (c *Conn) NextWriter(messageType int) (io.WriteCloser, error) {
+	var mw messageWriter
+	if err := c.beginMessage(&mw, messageType); err != nil {
+		return nil, err
+	}
+	c.writer = &mw
+	if c.newCompressionWriter != nil && c.enableWriteCompression && isData(messageType) {
+		w := c.newCompressionWriter(c.writer, c.compressionLevel)
+		mw.compress = true
+		c.writer = w
+	}
+	return c.writer, nil
+}
+
+type messageWriter struct {
+	c         *Conn
+	compress  bool // whether next call to flushFrame should set RSV1
+	pos       int  // end of data in writeBuf.
+	frameType int  // type of the current frame.
+	err       error
+}
+
+func (w *messageWriter) endMessage(err error) error {
+	if w.err != nil {
+		return err
+	}
+	c := w.c
+	w.err = err
+	c.writer = nil
+	if c.writePool != nil {
+		c.writePool.Put(writePoolData{buf: c.writeBuf})
+		c.writeBuf = nil
+	}
+	return err
+}
+
+// flushFrame writes buffered data and extra as a frame to the network. The
+// final argument indicates that this is the last frame in the message.
+func (w *messageWriter) flushFrame(final bool, extra []byte) error {
+	c := w.c
+	length := w.pos - maxFrameHeaderSize + len(extra)
+
+	// Check for invalid control frames.
+	if isControl(w.frameType) &&
+		(!final || length > maxControlFramePayloadSize) {
+		return w.endMessage(errInvalidControlFrame)
+	}
+
+	b0 := byte(w.frameType)
+	if final {
+		b0 |= finalBit
+	}
+	if w.compress {
+		b0 |= rsv1Bit
+	}
+	w.compress = false
+
+	b1 := byte(0)
+	if !c.isServer {
+		b1 |= maskBit
+	}
+
+	// Assume that the frame starts at beginning of c.writeBuf.
+	framePos := 0
+	if c.isServer {
+		// Adjust up if mask not included in the header.
+		framePos = 4
+	}
+
+	switch {
+	case length >= 65536:
+		c.writeBuf[framePos] = b0
+		c.writeBuf[framePos+1] = b1 | 127
+		binary.BigEndian.PutUint64(c.writeBuf[framePos+2:], uint64(length))
+	case length > 125:
+		framePos += 6
+		c.writeBuf[framePos] = b0
+		c.writeBuf[framePos+1] = b1 | 126
+		binary.BigEndian.PutUint16(c.writeBuf[framePos+2:], uint16(length))
+	default:
+		framePos += 8
+		c.writeBuf[framePos] = b0
+		c.writeBuf[framePos+1] = b1 | byte(length)
+	}
+
+	if !c.isServer {
+		key := newMaskKey()
+		copy(c.writeBuf[maxFrameHeaderSize-4:], key[:])
+		maskBytes(key, 0, c.writeBuf[maxFrameHeaderSize:w.pos])
+		if len(extra) > 0 {
+			return w.endMessage(c.writeFatal(errors.New("websocket: internal error, extra used in client mode")))
+		}
+	}
+
+	// Write the buffers to the connection with best-effort detection of
+	// concurrent writes. See the concurrency section in the package
+	// documentation for more info.
+
+	if c.isWriting {
+		panic("concurrent write to websocket connection")
+	}
+	c.isWriting = true
+
+	err := c.write(w.frameType, c.writeDeadline, c.writeBuf[framePos:w.pos], extra)
+
+	if !c.isWriting {
+		panic("concurrent write to websocket connection")
+	}
+	c.isWriting = false
+
+	if err != nil {
+		return w.endMessage(err)
+	}
+
+	if final {
+		w.endMessage(errWriteClosed)
+		return nil
+	}
+
+	// Setup for next frame.
+	w.pos = maxFrameHeaderSize
+	w.frameType = continuationFrame
+	return nil
+}
+
+func (w *messageWriter) ncopy(max int) (int, error) {
+	n := len(w.c.writeBuf) - w.pos
+	if n <= 0 {
+		if err := w.flushFrame(false, nil); err != nil {
+			return 0, err
+		}
+		n = len(w.c.writeBuf) - w.pos
+	}
+	if n > max {
+		n = max
+	}
+	return n, nil
+}
+
+func (w *messageWriter) Write(p []byte) (int, error) {
+	if w.err != nil {
+		return 0, w.err
+	}
+
+	if len(p) > 2*len(w.c.writeBuf) && w.c.isServer {
+		// Don't buffer large messages.
+		err := w.flushFrame(false, p)
+		if err != nil {
+			return 0, err
+		}
+		return len(p), nil
+	}
+
+	nn := len(p)
+	for len(p) > 0 {
+		n, err := w.ncopy(len(p))
+		if err != nil {
+			return 0, err
+		}
+		copy(w.c.writeBuf[w.pos:], p[:n])
+		w.pos += n
+		p = p[n:]
+	}
+	return nn, nil
+}
+
+func (w *messageWriter) WriteString(p string) (int, error) {
+	if w.err != nil {
+		return 0, w.err
+	}
+
+	nn := len(p)
+	for len(p) > 0 {
+		n, err := w.ncopy(len(p))
+		if err != nil {
+			return 0, err
+		}
+		copy(w.c.writeBuf[w.pos:], p[:n])
+		w.pos += n
+		p = p[n:]
+	}
+	return nn, nil
+}
+
+func (w *messageWriter) ReadFrom(r io.Reader) (nn int64, err error) {
+	if w.err != nil {
+		return 0, w.err
+	}
+	for {
+		if w.pos == len(w.c.writeBuf) {
+			err = w.flushFrame(false, nil)
+			if err != nil {
+				break
+			}
+		}
+		var n int
+		n, err = r.Read(w.c.writeBuf[w.pos:])
+		w.pos += n
+		nn += int64(n)
+		if err != nil {
+			if err == io.EOF {
+				err = nil
+			}
+			break
+		}
+	}
+	return nn, err
+}
+
+func (w *messageWriter) Close() error {
+	if w.err != nil {
+		return w.err
+	}
+	return w.flushFrame(true, nil)
+}
+
+// WritePreparedMessage writes prepared message into connection.
+func (c *Conn) WritePreparedMessage(pm *PreparedMessage) error {
+	frameType, frameData, err := pm.frame(prepareKey{
+		isServer:         c.isServer,
+		compress:         c.newCompressionWriter != nil && c.enableWriteCompression && isData(pm.messageType),
+		compressionLevel: c.compressionLevel,
+	})
+	if err != nil {
+		return err
+	}
+	if c.isWriting {
+		panic("concurrent write to websocket connection")
+	}
+	c.isWriting = true
+	err = c.write(frameType, c.writeDeadline, frameData, nil)
+	if !c.isWriting {
+		panic("concurrent write to websocket connection")
+	}
+	c.isWriting = false
+	return err
+}
+
+// WriteMessage is a helper method for getting a writer using NextWriter,
+// writing the message and closing the writer.
+func (c *Conn) WriteMessage(messageType int, data []byte) error {
+
+	if c.isServer && (c.newCompressionWriter == nil || !c.enableWriteCompression) {
+		// Fast path with no allocations and single frame.
+
+		var mw messageWriter
+		if err := c.beginMessage(&mw, messageType); err != nil {
+			return err
+		}
+		n := copy(c.writeBuf[mw.pos:], data)
+		mw.pos += n
+		data = data[n:]
+		return mw.flushFrame(true, data)
+	}
+
+	w, err := c.NextWriter(messageType)
+	if err != nil {
+		return err
+	}
+	if _, err = w.Write(data); err != nil {
+		return err
+	}
+	return w.Close()
+}
+
+// SetWriteDeadline sets the write deadline on the underlying network
+// connection. After a write has timed out, the websocket state is corrupt and
+// all future writes will return an error. A zero value for t means writes will
+// not time out.
+func (c *Conn) SetWriteDeadline(t time.Time) error {
+	c.writeDeadline = t
+	return nil
+}
+
+// Read methods
+
+func (c *Conn) advanceFrame() (int, error) {
+	// 1. Skip remainder of previous frame.
+
+	if c.readRemaining > 0 {
+		if _, err := io.CopyN(ioutil.Discard, c.br, c.readRemaining); err != nil {
+			return noFrame, err
+		}
+	}
+
+	// 2. Read and parse first two bytes of frame header.
+	// To aid debugging, collect and report all errors in the first two bytes
+	// of the header.
+
+	var errors []string
+
+	p, err := c.read(2)
+	if err != nil {
+		return noFrame, err
+	}
+
+	frameType := int(p[0] & 0xf)
+	final := p[0]&finalBit != 0
+	rsv1 := p[0]&rsv1Bit != 0
+	rsv2 := p[0]&rsv2Bit != 0
+	rsv3 := p[0]&rsv3Bit != 0
+	mask := p[1]&maskBit != 0
+	c.setReadRemaining(int64(p[1] & 0x7f))
+
+	c.readDecompress = false
+	if rsv1 {
+		if c.newDecompressionReader != nil {
+			c.readDecompress = true
+		} else {
+			errors = append(errors, "RSV1 set")
+		}
+	}
+
+	if rsv2 {
+		errors = append(errors, "RSV2 set")
+	}
+
+	if rsv3 {
+		errors = append(errors, "RSV3 set")
+	}
+
+	switch frameType {
+	case CloseMessage, PingMessage, PongMessage:
+		if c.readRemaining > maxControlFramePayloadSize {
+			errors = append(errors, "len > 125 for control")
+		}
+		if !final {
+			errors = append(errors, "FIN not set on control")
+		}
+	case TextMessage, BinaryMessage:
+		if !c.readFinal {
+			errors = append(errors, "data before FIN")
+		}
+		c.readFinal = final
+	case continuationFrame:
+		if c.readFinal {
+			errors = append(errors, "continuation after FIN")
+		}
+		c.readFinal = final
+	default:
+		errors = append(errors, "bad opcode "+strconv.Itoa(frameType))
+	}
+
+	if mask != c.isServer {
+		errors = append(errors, "bad MASK")
+	}
+
+	if len(errors) > 0 {
+		return noFrame, c.handleProtocolError(strings.Join(errors, ", "))
+	}
+
+	// 3. Read and parse frame length as per
+	// https://tools.ietf.org/html/rfc6455#section-5.2
+	//
+	// The length of the "Payload data", in bytes: if 0-125, that is the payload
+	// length.
+	// - If 126, the following 2 bytes interpreted as a 16-bit unsigned
+	// integer are the payload length.
+	// - If 127, the following 8 bytes interpreted as
+	// a 64-bit unsigned integer (the most significant bit MUST be 0) are the
+	// payload length. Multibyte length quantities are expressed in network byte
+	// order.
+
+	switch c.readRemaining {
+	case 126:
+		p, err := c.read(2)
+		if err != nil {
+			return noFrame, err
+		}
+
+		if err := c.setReadRemaining(int64(binary.BigEndian.Uint16(p))); err != nil {
+			return noFrame, err
+		}
+	case 127:
+		p, err := c.read(8)
+		if err != nil {
+			return noFrame, err
+		}
+
+		if err := c.setReadRemaining(int64(binary.BigEndian.Uint64(p))); err != nil {
+			return noFrame, err
+		}
+	}
+
+	// 4. Handle frame masking.
+
+	if mask {
+		c.readMaskPos = 0
+		p, err := c.read(len(c.readMaskKey))
+		if err != nil {
+			return noFrame, err
+		}
+		copy(c.readMaskKey[:], p)
+	}
+
+	// 5. For text and binary messages, enforce read limit and return.
+
+	if frameType == continuationFrame || frameType == TextMessage || frameType == BinaryMessage {
+
+		c.readLength += c.readRemaining
+		// Don't allow readLength to overflow in the presence of a large readRemaining
+		// counter.
+		if c.readLength < 0 {
+			return noFrame, ErrReadLimit
+		}
+
+		if c.readLimit > 0 && c.readLength > c.readLimit {
+			c.WriteControl(CloseMessage, FormatCloseMessage(CloseMessageTooBig, ""), time.Now().Add(writeWait))
+			return noFrame, ErrReadLimit
+		}
+
+		return frameType, nil
+	}
+
+	// 6. Read control frame payload.
+
+	var payload []byte
+	if c.readRemaining > 0 {
+		payload, err = c.read(int(c.readRemaining))
+		c.setReadRemaining(0)
+		if err != nil {
+			return noFrame, err
+		}
+		if c.isServer {
+			maskBytes(c.readMaskKey, 0, payload)
+		}
+	}
+
+	// 7. Process control frame payload.
+
+	switch frameType {
+	case PongMessage:
+		if err := c.handlePong(string(payload)); err != nil {
+			return noFrame, err
+		}
+	case PingMessage:
+		if err := c.handlePing(string(payload)); err != nil {
+			return noFrame, err
+		}
+	case CloseMessage:
+		closeCode := CloseNoStatusReceived
+		closeText := ""
+		if len(payload) >= 2 {
+			closeCode = int(binary.BigEndian.Uint16(payload))
+			if !isValidReceivedCloseCode(closeCode) {
+				return noFrame, c.handleProtocolError("bad close code " + strconv.Itoa(closeCode))
+			}
+			closeText = string(payload[2:])
+			if !utf8.ValidString(closeText) {
+				return noFrame, c.handleProtocolError("invalid utf8 payload in close frame")
+			}
+		}
+		if err := c.handleClose(closeCode, closeText); err != nil {
+			return noFrame, err
+		}
+		return noFrame, &CloseError{Code: closeCode, Text: closeText}
+	}
+
+	return frameType, nil
+}
+
+func (c *Conn) handleProtocolError(message string) error {
+	data := FormatCloseMessage(CloseProtocolError, message)
+	if len(data) > maxControlFramePayloadSize {
+		data = data[:maxControlFramePayloadSize]
+	}
+	c.WriteControl(CloseMessage, data, time.Now().Add(writeWait))
+	return errors.New("websocket: " + message)
+}
+
+// NextReader returns the next data message received from the peer. The
+// returned messageType is either TextMessage or BinaryMessage.
+//
+// There can be at most one open reader on a connection. NextReader discards
+// the previous message if the application has not already consumed it.
+//
+// Applications must break out of the application's read loop when this method
+// returns a non-nil error value. Errors returned from this method are
+// permanent. Once this method returns a non-nil error, all subsequent calls to
+// this method return the same error.
+func (c *Conn) NextReader() (messageType int, r io.Reader, err error) {
+	// Close previous reader, only relevant for decompression.
+	if c.reader != nil {
+		c.reader.Close()
+		c.reader = nil
+	}
+
+	c.messageReader = nil
+	c.readLength = 0
+
+	for c.readErr == nil {
+		frameType, err := c.advanceFrame()
+		if err != nil {
+			c.readErr = hideTempErr(err)
+			break
+		}
+
+		if frameType == TextMessage || frameType == BinaryMessage {
+			c.messageReader = &messageReader{c}
+			c.reader = c.messageReader
+			if c.readDecompress {
+				c.reader = c.newDecompressionReader(c.reader)
+			}
+			return frameType, c.reader, nil
+		}
+	}
+
+	// Applications that do handle the error returned from this method spin in
+	// tight loop on connection failure. To help application developers detect
+	// this error, panic on repeated reads to the failed connection.
+	c.readErrCount++
+	if c.readErrCount >= 1000 {
+		panic("repeated read on failed websocket connection")
+	}
+
+	return noFrame, nil, c.readErr
+}
+
+type messageReader struct{ c *Conn }
+
+func (r *messageReader) Read(b []byte) (int, error) {
+	c := r.c
+	if c.messageReader != r {
+		return 0, io.EOF
+	}
+
+	for c.readErr == nil {
+
+		if c.readRemaining > 0 {
+			if int64(len(b)) > c.readRemaining {
+				b = b[:c.readRemaining]
+			}
+			n, err := c.br.Read(b)
+			c.readErr = hideTempErr(err)
+			if c.isServer {
+				c.readMaskPos = maskBytes(c.readMaskKey, c.readMaskPos, b[:n])
+			}
+			rem := c.readRemaining
+			rem -= int64(n)
+			c.setReadRemaining(rem)
+			if c.readRemaining > 0 && c.readErr == io.EOF {
+				c.readErr = errUnexpectedEOF
+			}
+			return n, c.readErr
+		}
+
+		if c.readFinal {
+			c.messageReader = nil
+			return 0, io.EOF
+		}
+
+		frameType, err := c.advanceFrame()
+		switch {
+		case err != nil:
+			c.readErr = hideTempErr(err)
+		case frameType == TextMessage || frameType == BinaryMessage:
+			c.readErr = errors.New("websocket: internal error, unexpected text or binary in Reader")
+		}
+	}
+
+	err := c.readErr
+	if err == io.EOF && c.messageReader == r {
+		err = errUnexpectedEOF
+	}
+	return 0, err
+}
+
+func (r *messageReader) Close() error {
+	return nil
+}
+
+// ReadMessage is a helper method for getting a reader using NextReader and
+// reading from that reader to a buffer.
+func (c *Conn) ReadMessage() (messageType int, p []byte, err error) {
+	var r io.Reader
+	messageType, r, err = c.NextReader()
+	if err != nil {
+		return messageType, nil, err
+	}
+	p, err = ioutil.ReadAll(r)
+	return messageType, p, err
+}
+
+// SetReadDeadline sets the read deadline on the underlying network connection.
+// After a read has timed out, the websocket connection state is corrupt and
+// all future reads will return an error. A zero value for t means reads will
+// not time out.
+func (c *Conn) SetReadDeadline(t time.Time) error {
+	return c.conn.SetReadDeadline(t)
+}
+
+// SetReadLimit sets the maximum size in bytes for a message read from the peer. If a
+// message exceeds the limit, the connection sends a close message to the peer
+// and returns ErrReadLimit to the application.
+func (c *Conn) SetReadLimit(limit int64) {
+	c.readLimit = limit
+}
+
+// CloseHandler returns the current close handler
+func (c *Conn) CloseHandler() func(code int, text string) error {
+	return c.handleClose
+}
+
+// SetCloseHandler sets the handler for close messages received from the peer.
+// The code argument to h is the received close code or CloseNoStatusReceived
+// if the close message is empty. The default close handler sends a close
+// message back to the peer.
+//
+// The handler function is called from the NextReader, ReadMessage and message
+// reader Read methods. The application must read the connection to process
+// close messages as described in the section on Control Messages above.
+//
+// The connection read methods return a CloseError when a close message is
+// received. Most applications should handle close messages as part of their
+// normal error handling. Applications should only set a close handler when the
+// application must perform some action before sending a close message back to
+// the peer.
+func (c *Conn) SetCloseHandler(h func(code int, text string) error) {
+	if h == nil {
+		h = func(code int, text string) error {
+			message := FormatCloseMessage(code, "")
+			c.WriteControl(CloseMessage, message, time.Now().Add(writeWait))
+			return nil
+		}
+	}
+	c.handleClose = h
+}
+
+// PingHandler returns the current ping handler
+func (c *Conn) PingHandler() func(appData string) error {
+	return c.handlePing
+}
+
+// SetPingHandler sets the handler for ping messages received from the peer.
+// The appData argument to h is the PING message application data. The default
+// ping handler sends a pong to the peer.
+//
+// The handler function is called from the NextReader, ReadMessage and message
+// reader Read methods. The application must read the connection to process
+// ping messages as described in the section on Control Messages above.
+func (c *Conn) SetPingHandler(h func(appData string) error) {
+	if h == nil {
+		h = func(message string) error {
+			err := c.WriteControl(PongMessage, []byte(message), time.Now().Add(writeWait))
+			if err == ErrCloseSent {
+				return nil
+			} else if e, ok := err.(net.Error); ok && e.Temporary() {
+				return nil
+			}
+			return err
+		}
+	}
+	c.handlePing = h
+}
+
+// PongHandler returns the current pong handler
+func (c *Conn) PongHandler() func(appData string) error {
+	return c.handlePong
+}
+
+// SetPongHandler sets the handler for pong messages received from the peer.
+// The appData argument to h is the PONG message application data. The default
+// pong handler does nothing.
+//
+// The handler function is called from the NextReader, ReadMessage and message
+// reader Read methods. The application must read the connection to process
+// pong messages as described in the section on Control Messages above.
+func (c *Conn) SetPongHandler(h func(appData string) error) {
+	if h == nil {
+		h = func(string) error { return nil }
+	}
+	c.handlePong = h
+}
+
+// NetConn returns the underlying connection that is wrapped by c.
+// Note that writing to or reading from this connection directly will corrupt the
+// WebSocket connection.
+func (c *Conn) NetConn() net.Conn {
+	return c.conn
+}
+
+// UnderlyingConn returns the internal net.Conn. This can be used to further
+// modifications to connection specific flags.
+// Deprecated: Use the NetConn method.
+func (c *Conn) UnderlyingConn() net.Conn {
+	return c.conn
+}
+
+// EnableWriteCompression enables and disables write compression of
+// subsequent text and binary messages. This function is a noop if
+// compression was not negotiated with the peer.
+func (c *Conn) EnableWriteCompression(enable bool) {
+	c.enableWriteCompression = enable
+}
+
+// SetCompressionLevel sets the flate compression level for subsequent text and
+// binary messages. This function is a noop if compression was not negotiated
+// with the peer. See the compress/flate package for a description of
+// compression levels.
+func (c *Conn) SetCompressionLevel(level int) error {
+	if !isValidCompressionLevel(level) {
+		return errors.New("websocket: invalid compression level")
+	}
+	c.compressionLevel = level
+	return nil
+}
+
+// FormatCloseMessage formats closeCode and text as a WebSocket close message.
+// An empty message is returned for code CloseNoStatusReceived.
+func FormatCloseMessage(closeCode int, text string) []byte {
+	if closeCode == CloseNoStatusReceived {
+		// Return empty message because it's illegal to send
+		// CloseNoStatusReceived. Return non-nil value in case application
+		// checks for nil.
+		return []byte{}
+	}
+	buf := make([]byte, 2+len(text))
+	binary.BigEndian.PutUint16(buf, uint16(closeCode))
+	copy(buf[2:], text)
+	return buf
+}
diff --git a/server/vendor/github.com/gorilla/websocket/doc.go b/server/vendor/github.com/gorilla/websocket/doc.go
new file mode 100644
index 0000000..8db0cef
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/doc.go
@@ -0,0 +1,227 @@
+// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package websocket implements the WebSocket protocol defined in RFC 6455.
+//
+// Overview
+//
+// The Conn type represents a WebSocket connection. A server application calls
+// the Upgrader.Upgrade method from an HTTP request handler to get a *Conn:
+//
+//  var upgrader = websocket.Upgrader{
+//      ReadBufferSize:  1024,
+//      WriteBufferSize: 1024,
+//  }
+//
+//  func handler(w http.ResponseWriter, r *http.Request) {
+//      conn, err := upgrader.Upgrade(w, r, nil)
+//      if err != nil {
+//          log.Println(err)
+//          return
+//      }
+//      ... Use conn to send and receive messages.
+//  }
+//
+// Call the connection's WriteMessage and ReadMessage methods to send and
+// receive messages as a slice of bytes. This snippet of code shows how to echo
+// messages using these methods:
+//
+//  for {
+//      messageType, p, err := conn.ReadMessage()
+//      if err != nil {
+//          log.Println(err)
+//          return
+//      }
+//      if err := conn.WriteMessage(messageType, p); err != nil {
+//          log.Println(err)
+//          return
+//      }
+//  }
+//
+// In above snippet of code, p is a []byte and messageType is an int with value
+// websocket.BinaryMessage or websocket.TextMessage.
+//
+// An application can also send and receive messages using the io.WriteCloser
+// and io.Reader interfaces. To send a message, call the connection NextWriter
+// method to get an io.WriteCloser, write the message to the writer and close
+// the writer when done. To receive a message, call the connection NextReader
+// method to get an io.Reader and read until io.EOF is returned. This snippet
+// shows how to echo messages using the NextWriter and NextReader methods:
+//
+//  for {
+//      messageType, r, err := conn.NextReader()
+//      if err != nil {
+//          return
+//      }
+//      w, err := conn.NextWriter(messageType)
+//      if err != nil {
+//          return err
+//      }
+//      if _, err := io.Copy(w, r); err != nil {
+//          return err
+//      }
+//      if err := w.Close(); err != nil {
+//          return err
+//      }
+//  }
+//
+// Data Messages
+//
+// The WebSocket protocol distinguishes between text and binary data messages.
+// Text messages are interpreted as UTF-8 encoded text. The interpretation of
+// binary messages is left to the application.
+//
+// This package uses the TextMessage and BinaryMessage integer constants to
+// identify the two data message types. The ReadMessage and NextReader methods
+// return the type of the received message. The messageType argument to the
+// WriteMessage and NextWriter methods specifies the type of a sent message.
+//
+// It is the application's responsibility to ensure that text messages are
+// valid UTF-8 encoded text.
+//
+// Control Messages
+//
+// The WebSocket protocol defines three types of control messages: close, ping
+// and pong. Call the connection WriteControl, WriteMessage or NextWriter
+// methods to send a control message to the peer.
+//
+// Connections handle received close messages by calling the handler function
+// set with the SetCloseHandler method and by returning a *CloseError from the
+// NextReader, ReadMessage or the message Read method. The default close
+// handler sends a close message to the peer.
+//
+// Connections handle received ping messages by calling the handler function
+// set with the SetPingHandler method. The default ping handler sends a pong
+// message to the peer.
+//
+// Connections handle received pong messages by calling the handler function
+// set with the SetPongHandler method. The default pong handler does nothing.
+// If an application sends ping messages, then the application should set a
+// pong handler to receive the corresponding pong.
+//
+// The control message handler functions are called from the NextReader,
+// ReadMessage and message reader Read methods. The default close and ping
+// handlers can block these methods for a short time when the handler writes to
+// the connection.
+//
+// The application must read the connection to process close, ping and pong
+// messages sent from the peer. If the application is not otherwise interested
+// in messages from the peer, then the application should start a goroutine to
+// read and discard messages from the peer. A simple example is:
+//
+//  func readLoop(c *websocket.Conn) {
+//      for {
+//          if _, _, err := c.NextReader(); err != nil {
+//              c.Close()
+//              break
+//          }
+//      }
+//  }
+//
+// Concurrency
+//
+// Connections support one concurrent reader and one concurrent writer.
+//
+// Applications are responsible for ensuring that no more than one goroutine
+// calls the write methods (NextWriter, SetWriteDeadline, WriteMessage,
+// WriteJSON, EnableWriteCompression, SetCompressionLevel) concurrently and
+// that no more than one goroutine calls the read methods (NextReader,
+// SetReadDeadline, ReadMessage, ReadJSON, SetPongHandler, SetPingHandler)
+// concurrently.
+//
+// The Close and WriteControl methods can be called concurrently with all other
+// methods.
+//
+// Origin Considerations
+//
+// Web browsers allow Javascript applications to open a WebSocket connection to
+// any host. It's up to the server to enforce an origin policy using the Origin
+// request header sent by the browser.
+//
+// The Upgrader calls the function specified in the CheckOrigin field to check
+// the origin. If the CheckOrigin function returns false, then the Upgrade
+// method fails the WebSocket handshake with HTTP status 403.
+//
+// If the CheckOrigin field is nil, then the Upgrader uses a safe default: fail
+// the handshake if the Origin request header is present and the Origin host is
+// not equal to the Host request header.
+//
+// The deprecated package-level Upgrade function does not perform origin
+// checking. The application is responsible for checking the Origin header
+// before calling the Upgrade function.
+//
+// Buffers
+//
+// Connections buffer network input and output to reduce the number
+// of system calls when reading or writing messages.
+//
+// Write buffers are also used for constructing WebSocket frames. See RFC 6455,
+// Section 5 for a discussion of message framing. A WebSocket frame header is
+// written to the network each time a write buffer is flushed to the network.
+// Decreasing the size of the write buffer can increase the amount of framing
+// overhead on the connection.
+//
+// The buffer sizes in bytes are specified by the ReadBufferSize and
+// WriteBufferSize fields in the Dialer and Upgrader. The Dialer uses a default
+// size of 4096 when a buffer size field is set to zero. The Upgrader reuses
+// buffers created by the HTTP server when a buffer size field is set to zero.
+// The HTTP server buffers have a size of 4096 at the time of this writing.
+//
+// The buffer sizes do not limit the size of a message that can be read or
+// written by a connection.
+//
+// Buffers are held for the lifetime of the connection by default. If the
+// Dialer or Upgrader WriteBufferPool field is set, then a connection holds the
+// write buffer only when writing a message.
+//
+// Applications should tune the buffer sizes to balance memory use and
+// performance. Increasing the buffer size uses more memory, but can reduce the
+// number of system calls to read or write the network. In the case of writing,
+// increasing the buffer size can reduce the number of frame headers written to
+// the network.
+//
+// Some guidelines for setting buffer parameters are:
+//
+// Limit the buffer sizes to the maximum expected message size. Buffers larger
+// than the largest message do not provide any benefit.
+//
+// Depending on the distribution of message sizes, setting the buffer size to
+// a value less than the maximum expected message size can greatly reduce memory
+// use with a small impact on performance. Here's an example: If 99% of the
+// messages are smaller than 256 bytes and the maximum message size is 512
+// bytes, then a buffer size of 256 bytes will result in 1.01 more system calls
+// than a buffer size of 512 bytes. The memory savings is 50%.
+//
+// A write buffer pool is useful when the application has a modest number
+// writes over a large number of connections. when buffers are pooled, a larger
+// buffer size has a reduced impact on total memory use and has the benefit of
+// reducing system calls and frame overhead.
+//
+// Compression EXPERIMENTAL
+//
+// Per message compression extensions (RFC 7692) are experimentally supported
+// by this package in a limited capacity. Setting the EnableCompression option
+// to true in Dialer or Upgrader will attempt to negotiate per message deflate
+// support.
+//
+//  var upgrader = websocket.Upgrader{
+//      EnableCompression: true,
+//  }
+//
+// If compression was successfully negotiated with the connection's peer, any
+// message received in compressed form will be automatically decompressed.
+// All Read methods will return uncompressed bytes.
+//
+// Per message compression of messages written to a connection can be enabled
+// or disabled by calling the corresponding Conn method:
+//
+//  conn.EnableWriteCompression(false)
+//
+// Currently this package does not support compression with "context takeover".
+// This means that messages must be compressed and decompressed in isolation,
+// without retaining sliding window or dictionary state across messages. For
+// more details refer to RFC 7692.
+//
+// Use of compression is experimental and may result in decreased performance.
+package websocket
diff --git a/server/vendor/github.com/gorilla/websocket/join.go b/server/vendor/github.com/gorilla/websocket/join.go
new file mode 100644
index 0000000..c64f8c8
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/join.go
@@ -0,0 +1,42 @@
+// Copyright 2019 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"io"
+	"strings"
+)
+
+// JoinMessages concatenates received messages to create a single io.Reader.
+// The string term is appended to each message. The returned reader does not
+// support concurrent calls to the Read method.
+func JoinMessages(c *Conn, term string) io.Reader {
+	return &joinReader{c: c, term: term}
+}
+
+type joinReader struct {
+	c    *Conn
+	term string
+	r    io.Reader
+}
+
+func (r *joinReader) Read(p []byte) (int, error) {
+	if r.r == nil {
+		var err error
+		_, r.r, err = r.c.NextReader()
+		if err != nil {
+			return 0, err
+		}
+		if r.term != "" {
+			r.r = io.MultiReader(r.r, strings.NewReader(r.term))
+		}
+	}
+	n, err := r.r.Read(p)
+	if err == io.EOF {
+		err = nil
+		r.r = nil
+	}
+	return n, err
+}
diff --git a/server/vendor/github.com/gorilla/websocket/json.go b/server/vendor/github.com/gorilla/websocket/json.go
new file mode 100644
index 0000000..dc2c1f6
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/json.go
@@ -0,0 +1,60 @@
+// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"encoding/json"
+	"io"
+)
+
+// WriteJSON writes the JSON encoding of v as a message.
+//
+// Deprecated: Use c.WriteJSON instead.
+func WriteJSON(c *Conn, v interface{}) error {
+	return c.WriteJSON(v)
+}
+
+// WriteJSON writes the JSON encoding of v as a message.
+//
+// See the documentation for encoding/json Marshal for details about the
+// conversion of Go values to JSON.
+func (c *Conn) WriteJSON(v interface{}) error {
+	w, err := c.NextWriter(TextMessage)
+	if err != nil {
+		return err
+	}
+	err1 := json.NewEncoder(w).Encode(v)
+	err2 := w.Close()
+	if err1 != nil {
+		return err1
+	}
+	return err2
+}
+
+// ReadJSON reads the next JSON-encoded message from the connection and stores
+// it in the value pointed to by v.
+//
+// Deprecated: Use c.ReadJSON instead.
+func ReadJSON(c *Conn, v interface{}) error {
+	return c.ReadJSON(v)
+}
+
+// ReadJSON reads the next JSON-encoded message from the connection and stores
+// it in the value pointed to by v.
+//
+// See the documentation for the encoding/json Unmarshal function for details
+// about the conversion of JSON to a Go value.
+func (c *Conn) ReadJSON(v interface{}) error {
+	_, r, err := c.NextReader()
+	if err != nil {
+		return err
+	}
+	err = json.NewDecoder(r).Decode(v)
+	if err == io.EOF {
+		// One value is expected in the message.
+		err = io.ErrUnexpectedEOF
+	}
+	return err
+}
diff --git a/server/vendor/github.com/gorilla/websocket/mask.go b/server/vendor/github.com/gorilla/websocket/mask.go
new file mode 100644
index 0000000..d0742bf
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/mask.go
@@ -0,0 +1,55 @@
+// Copyright 2016 The Gorilla WebSocket Authors. All rights reserved.  Use of
+// this source code is governed by a BSD-style license that can be found in the
+// LICENSE file.
+
+//go:build !appengine
+// +build !appengine
+
+package websocket
+
+import "unsafe"
+
+const wordSize = int(unsafe.Sizeof(uintptr(0)))
+
+func maskBytes(key [4]byte, pos int, b []byte) int {
+	// Mask one byte at a time for small buffers.
+	if len(b) < 2*wordSize {
+		for i := range b {
+			b[i] ^= key[pos&3]
+			pos++
+		}
+		return pos & 3
+	}
+
+	// Mask one byte at a time to word boundary.
+	if n := int(uintptr(unsafe.Pointer(&b[0]))) % wordSize; n != 0 {
+		n = wordSize - n
+		for i := range b[:n] {
+			b[i] ^= key[pos&3]
+			pos++
+		}
+		b = b[n:]
+	}
+
+	// Create aligned word size key.
+	var k [wordSize]byte
+	for i := range k {
+		k[i] = key[(pos+i)&3]
+	}
+	kw := *(*uintptr)(unsafe.Pointer(&k))
+
+	// Mask one word at a time.
+	n := (len(b) / wordSize) * wordSize
+	for i := 0; i < n; i += wordSize {
+		*(*uintptr)(unsafe.Pointer(uintptr(unsafe.Pointer(&b[0])) + uintptr(i))) ^= kw
+	}
+
+	// Mask one byte at a time for remaining bytes.
+	b = b[n:]
+	for i := range b {
+		b[i] ^= key[pos&3]
+		pos++
+	}
+
+	return pos & 3
+}
diff --git a/server/vendor/github.com/gorilla/websocket/mask_safe.go b/server/vendor/github.com/gorilla/websocket/mask_safe.go
new file mode 100644
index 0000000..36250ca
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/mask_safe.go
@@ -0,0 +1,16 @@
+// Copyright 2016 The Gorilla WebSocket Authors. All rights reserved.  Use of
+// this source code is governed by a BSD-style license that can be found in the
+// LICENSE file.
+
+//go:build appengine
+// +build appengine
+
+package websocket
+
+func maskBytes(key [4]byte, pos int, b []byte) int {
+	for i := range b {
+		b[i] ^= key[pos&3]
+		pos++
+	}
+	return pos & 3
+}
diff --git a/server/vendor/github.com/gorilla/websocket/prepared.go b/server/vendor/github.com/gorilla/websocket/prepared.go
new file mode 100644
index 0000000..c854225
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/prepared.go
@@ -0,0 +1,102 @@
+// Copyright 2017 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"bytes"
+	"net"
+	"sync"
+	"time"
+)
+
+// PreparedMessage caches on the wire representations of a message payload.
+// Use PreparedMessage to efficiently send a message payload to multiple
+// connections. PreparedMessage is especially useful when compression is used
+// because the CPU and memory expensive compression operation can be executed
+// once for a given set of compression options.
+type PreparedMessage struct {
+	messageType int
+	data        []byte
+	mu          sync.Mutex
+	frames      map[prepareKey]*preparedFrame
+}
+
+// prepareKey defines a unique set of options to cache prepared frames in PreparedMessage.
+type prepareKey struct {
+	isServer         bool
+	compress         bool
+	compressionLevel int
+}
+
+// preparedFrame contains data in wire representation.
+type preparedFrame struct {
+	once sync.Once
+	data []byte
+}
+
+// NewPreparedMessage returns an initialized PreparedMessage. You can then send
+// it to connection using WritePreparedMessage method. Valid wire
+// representation will be calculated lazily only once for a set of current
+// connection options.
+func NewPreparedMessage(messageType int, data []byte) (*PreparedMessage, error) {
+	pm := &PreparedMessage{
+		messageType: messageType,
+		frames:      make(map[prepareKey]*preparedFrame),
+		data:        data,
+	}
+
+	// Prepare a plain server frame.
+	_, frameData, err := pm.frame(prepareKey{isServer: true, compress: false})
+	if err != nil {
+		return nil, err
+	}
+
+	// To protect against caller modifying the data argument, remember the data
+	// copied to the plain server frame.
+	pm.data = frameData[len(frameData)-len(data):]
+	return pm, nil
+}
+
+func (pm *PreparedMessage) frame(key prepareKey) (int, []byte, error) {
+	pm.mu.Lock()
+	frame, ok := pm.frames[key]
+	if !ok {
+		frame = &preparedFrame{}
+		pm.frames[key] = frame
+	}
+	pm.mu.Unlock()
+
+	var err error
+	frame.once.Do(func() {
+		// Prepare a frame using a 'fake' connection.
+		// TODO: Refactor code in conn.go to allow more direct construction of
+		// the frame.
+		mu := make(chan struct{}, 1)
+		mu <- struct{}{}
+		var nc prepareConn
+		c := &Conn{
+			conn:                   &nc,
+			mu:                     mu,
+			isServer:               key.isServer,
+			compressionLevel:       key.compressionLevel,
+			enableWriteCompression: true,
+			writeBuf:               make([]byte, defaultWriteBufferSize+maxFrameHeaderSize),
+		}
+		if key.compress {
+			c.newCompressionWriter = compressNoContextTakeover
+		}
+		err = c.WriteMessage(pm.messageType, pm.data)
+		frame.data = nc.buf.Bytes()
+	})
+	return pm.messageType, frame.data, err
+}
+
+type prepareConn struct {
+	buf bytes.Buffer
+	net.Conn
+}
+
+func (pc *prepareConn) Write(p []byte) (int, error)        { return pc.buf.Write(p) }
+func (pc *prepareConn) SetWriteDeadline(t time.Time) error { return nil }
diff --git a/server/vendor/github.com/gorilla/websocket/proxy.go b/server/vendor/github.com/gorilla/websocket/proxy.go
new file mode 100644
index 0000000..e0f466b
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/proxy.go
@@ -0,0 +1,77 @@
+// Copyright 2017 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"bufio"
+	"encoding/base64"
+	"errors"
+	"net"
+	"net/http"
+	"net/url"
+	"strings"
+)
+
+type netDialerFunc func(network, addr string) (net.Conn, error)
+
+func (fn netDialerFunc) Dial(network, addr string) (net.Conn, error) {
+	return fn(network, addr)
+}
+
+func init() {
+	proxy_RegisterDialerType("http", func(proxyURL *url.URL, forwardDialer proxy_Dialer) (proxy_Dialer, error) {
+		return &httpProxyDialer{proxyURL: proxyURL, forwardDial: forwardDialer.Dial}, nil
+	})
+}
+
+type httpProxyDialer struct {
+	proxyURL    *url.URL
+	forwardDial func(network, addr string) (net.Conn, error)
+}
+
+func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error) {
+	hostPort, _ := hostPortNoPort(hpd.proxyURL)
+	conn, err := hpd.forwardDial(network, hostPort)
+	if err != nil {
+		return nil, err
+	}
+
+	connectHeader := make(http.Header)
+	if user := hpd.proxyURL.User; user != nil {
+		proxyUser := user.Username()
+		if proxyPassword, passwordSet := user.Password(); passwordSet {
+			credential := base64.StdEncoding.EncodeToString([]byte(proxyUser + ":" + proxyPassword))
+			connectHeader.Set("Proxy-Authorization", "Basic "+credential)
+		}
+	}
+
+	connectReq := &http.Request{
+		Method: http.MethodConnect,
+		URL:    &url.URL{Opaque: addr},
+		Host:   addr,
+		Header: connectHeader,
+	}
+
+	if err := connectReq.Write(conn); err != nil {
+		conn.Close()
+		return nil, err
+	}
+
+	// Read response. It's OK to use and discard buffered reader here becaue
+	// the remote server does not speak until spoken to.
+	br := bufio.NewReader(conn)
+	resp, err := http.ReadResponse(br, connectReq)
+	if err != nil {
+		conn.Close()
+		return nil, err
+	}
+
+	if resp.StatusCode != 200 {
+		conn.Close()
+		f := strings.SplitN(resp.Status, " ", 2)
+		return nil, errors.New(f[1])
+	}
+	return conn, nil
+}
diff --git a/server/vendor/github.com/gorilla/websocket/server.go b/server/vendor/github.com/gorilla/websocket/server.go
new file mode 100644
index 0000000..bb33597
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/server.go
@@ -0,0 +1,365 @@
+// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"bufio"
+	"errors"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+)
+
+// HandshakeError describes an error with the handshake from the peer.
+type HandshakeError struct {
+	message string
+}
+
+func (e HandshakeError) Error() string { return e.message }
+
+// Upgrader specifies parameters for upgrading an HTTP connection to a
+// WebSocket connection.
+//
+// It is safe to call Upgrader's methods concurrently.
+type Upgrader struct {
+	// HandshakeTimeout specifies the duration for the handshake to complete.
+	HandshakeTimeout time.Duration
+
+	// ReadBufferSize and WriteBufferSize specify I/O buffer sizes in bytes. If a buffer
+	// size is zero, then buffers allocated by the HTTP server are used. The
+	// I/O buffer sizes do not limit the size of the messages that can be sent
+	// or received.
+	ReadBufferSize, WriteBufferSize int
+
+	// WriteBufferPool is a pool of buffers for write operations. If the value
+	// is not set, then write buffers are allocated to the connection for the
+	// lifetime of the connection.
+	//
+	// A pool is most useful when the application has a modest volume of writes
+	// across a large number of connections.
+	//
+	// Applications should use a single pool for each unique value of
+	// WriteBufferSize.
+	WriteBufferPool BufferPool
+
+	// Subprotocols specifies the server's supported protocols in order of
+	// preference. If this field is not nil, then the Upgrade method negotiates a
+	// subprotocol by selecting the first match in this list with a protocol
+	// requested by the client. If there's no match, then no protocol is
+	// negotiated (the Sec-Websocket-Protocol header is not included in the
+	// handshake response).
+	Subprotocols []string
+
+	// Error specifies the function for generating HTTP error responses. If Error
+	// is nil, then http.Error is used to generate the HTTP response.
+	Error func(w http.ResponseWriter, r *http.Request, status int, reason error)
+
+	// CheckOrigin returns true if the request Origin header is acceptable. If
+	// CheckOrigin is nil, then a safe default is used: return false if the
+	// Origin request header is present and the origin host is not equal to
+	// request Host header.
+	//
+	// A CheckOrigin function should carefully validate the request origin to
+	// prevent cross-site request forgery.
+	CheckOrigin func(r *http.Request) bool
+
+	// EnableCompression specify if the server should attempt to negotiate per
+	// message compression (RFC 7692). Setting this value to true does not
+	// guarantee that compression will be supported. Currently only "no context
+	// takeover" modes are supported.
+	EnableCompression bool
+}
+
+func (u *Upgrader) returnError(w http.ResponseWriter, r *http.Request, status int, reason string) (*Conn, error) {
+	err := HandshakeError{reason}
+	if u.Error != nil {
+		u.Error(w, r, status, err)
+	} else {
+		w.Header().Set("Sec-Websocket-Version", "13")
+		http.Error(w, http.StatusText(status), status)
+	}
+	return nil, err
+}
+
+// checkSameOrigin returns true if the origin is not set or is equal to the request host.
+func checkSameOrigin(r *http.Request) bool {
+	origin := r.Header["Origin"]
+	if len(origin) == 0 {
+		return true
+	}
+	u, err := url.Parse(origin[0])
+	if err != nil {
+		return false
+	}
+	return equalASCIIFold(u.Host, r.Host)
+}
+
+func (u *Upgrader) selectSubprotocol(r *http.Request, responseHeader http.Header) string {
+	if u.Subprotocols != nil {
+		clientProtocols := Subprotocols(r)
+		for _, serverProtocol := range u.Subprotocols {
+			for _, clientProtocol := range clientProtocols {
+				if clientProtocol == serverProtocol {
+					return clientProtocol
+				}
+			}
+		}
+	} else if responseHeader != nil {
+		return responseHeader.Get("Sec-Websocket-Protocol")
+	}
+	return ""
+}
+
+// Upgrade upgrades the HTTP server connection to the WebSocket protocol.
+//
+// The responseHeader is included in the response to the client's upgrade
+// request. Use the responseHeader to specify cookies (Set-Cookie). To specify
+// subprotocols supported by the server, set Upgrader.Subprotocols directly.
+//
+// If the upgrade fails, then Upgrade replies to the client with an HTTP error
+// response.
+func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeader http.Header) (*Conn, error) {
+	const badHandshake = "websocket: the client is not using the websocket protocol: "
+
+	if !tokenListContainsValue(r.Header, "Connection", "upgrade") {
+		return u.returnError(w, r, http.StatusBadRequest, badHandshake+"'upgrade' token not found in 'Connection' header")
+	}
+
+	if !tokenListContainsValue(r.Header, "Upgrade", "websocket") {
+		return u.returnError(w, r, http.StatusBadRequest, badHandshake+"'websocket' token not found in 'Upgrade' header")
+	}
+
+	if r.Method != http.MethodGet {
+		return u.returnError(w, r, http.StatusMethodNotAllowed, badHandshake+"request method is not GET")
+	}
+
+	if !tokenListContainsValue(r.Header, "Sec-Websocket-Version", "13") {
+		return u.returnError(w, r, http.StatusBadRequest, "websocket: unsupported version: 13 not found in 'Sec-Websocket-Version' header")
+	}
+
+	if _, ok := responseHeader["Sec-Websocket-Extensions"]; ok {
+		return u.returnError(w, r, http.StatusInternalServerError, "websocket: application specific 'Sec-WebSocket-Extensions' headers are unsupported")
+	}
+
+	checkOrigin := u.CheckOrigin
+	if checkOrigin == nil {
+		checkOrigin = checkSameOrigin
+	}
+	if !checkOrigin(r) {
+		return u.returnError(w, r, http.StatusForbidden, "websocket: request origin not allowed by Upgrader.CheckOrigin")
+	}
+
+	challengeKey := r.Header.Get("Sec-Websocket-Key")
+	if !isValidChallengeKey(challengeKey) {
+		return u.returnError(w, r, http.StatusBadRequest, "websocket: not a websocket handshake: 'Sec-WebSocket-Key' header must be Base64 encoded value of 16-byte in length")
+	}
+
+	subprotocol := u.selectSubprotocol(r, responseHeader)
+
+	// Negotiate PMCE
+	var compress bool
+	if u.EnableCompression {
+		for _, ext := range parseExtensions(r.Header) {
+			if ext[""] != "permessage-deflate" {
+				continue
+			}
+			compress = true
+			break
+		}
+	}
+
+	h, ok := w.(http.Hijacker)
+	if !ok {
+		return u.returnError(w, r, http.StatusInternalServerError, "websocket: response does not implement http.Hijacker")
+	}
+	var brw *bufio.ReadWriter
+	netConn, brw, err := h.Hijack()
+	if err != nil {
+		return u.returnError(w, r, http.StatusInternalServerError, err.Error())
+	}
+
+	if brw.Reader.Buffered() > 0 {
+		netConn.Close()
+		return nil, errors.New("websocket: client sent data before handshake is complete")
+	}
+
+	var br *bufio.Reader
+	if u.ReadBufferSize == 0 && bufioReaderSize(netConn, brw.Reader) > 256 {
+		// Reuse hijacked buffered reader as connection reader.
+		br = brw.Reader
+	}
+
+	buf := bufioWriterBuffer(netConn, brw.Writer)
+
+	var writeBuf []byte
+	if u.WriteBufferPool == nil && u.WriteBufferSize == 0 && len(buf) >= maxFrameHeaderSize+256 {
+		// Reuse hijacked write buffer as connection buffer.
+		writeBuf = buf
+	}
+
+	c := newConn(netConn, true, u.ReadBufferSize, u.WriteBufferSize, u.WriteBufferPool, br, writeBuf)
+	c.subprotocol = subprotocol
+
+	if compress {
+		c.newCompressionWriter = compressNoContextTakeover
+		c.newDecompressionReader = decompressNoContextTakeover
+	}
+
+	// Use larger of hijacked buffer and connection write buffer for header.
+	p := buf
+	if len(c.writeBuf) > len(p) {
+		p = c.writeBuf
+	}
+	p = p[:0]
+
+	p = append(p, "HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: "...)
+	p = append(p, computeAcceptKey(challengeKey)...)
+	p = append(p, "\r\n"...)
+	if c.subprotocol != "" {
+		p = append(p, "Sec-WebSocket-Protocol: "...)
+		p = append(p, c.subprotocol...)
+		p = append(p, "\r\n"...)
+	}
+	if compress {
+		p = append(p, "Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover\r\n"...)
+	}
+	for k, vs := range responseHeader {
+		if k == "Sec-Websocket-Protocol" {
+			continue
+		}
+		for _, v := range vs {
+			p = append(p, k...)
+			p = append(p, ": "...)
+			for i := 0; i < len(v); i++ {
+				b := v[i]
+				if b <= 31 {
+					// prevent response splitting.
+					b = ' '
+				}
+				p = append(p, b)
+			}
+			p = append(p, "\r\n"...)
+		}
+	}
+	p = append(p, "\r\n"...)
+
+	// Clear deadlines set by HTTP server.
+	netConn.SetDeadline(time.Time{})
+
+	if u.HandshakeTimeout > 0 {
+		netConn.SetWriteDeadline(time.Now().Add(u.HandshakeTimeout))
+	}
+	if _, err = netConn.Write(p); err != nil {
+		netConn.Close()
+		return nil, err
+	}
+	if u.HandshakeTimeout > 0 {
+		netConn.SetWriteDeadline(time.Time{})
+	}
+
+	return c, nil
+}
+
+// Upgrade upgrades the HTTP server connection to the WebSocket protocol.
+//
+// Deprecated: Use websocket.Upgrader instead.
+//
+// Upgrade does not perform origin checking. The application is responsible for
+// checking the Origin header before calling Upgrade. An example implementation
+// of the same origin policy check is:
+//
+//	if req.Header.Get("Origin") != "http://"+req.Host {
+//		http.Error(w, "Origin not allowed", http.StatusForbidden)
+//		return
+//	}
+//
+// If the endpoint supports subprotocols, then the application is responsible
+// for negotiating the protocol used on the connection. Use the Subprotocols()
+// function to get the subprotocols requested by the client. Use the
+// Sec-Websocket-Protocol response header to specify the subprotocol selected
+// by the application.
+//
+// The responseHeader is included in the response to the client's upgrade
+// request. Use the responseHeader to specify cookies (Set-Cookie) and the
+// negotiated subprotocol (Sec-Websocket-Protocol).
+//
+// The connection buffers IO to the underlying network connection. The
+// readBufSize and writeBufSize parameters specify the size of the buffers to
+// use. Messages can be larger than the buffers.
+//
+// If the request is not a valid WebSocket handshake, then Upgrade returns an
+// error of type HandshakeError. Applications should handle this error by
+// replying to the client with an HTTP error response.
+func Upgrade(w http.ResponseWriter, r *http.Request, responseHeader http.Header, readBufSize, writeBufSize int) (*Conn, error) {
+	u := Upgrader{ReadBufferSize: readBufSize, WriteBufferSize: writeBufSize}
+	u.Error = func(w http.ResponseWriter, r *http.Request, status int, reason error) {
+		// don't return errors to maintain backwards compatibility
+	}
+	u.CheckOrigin = func(r *http.Request) bool {
+		// allow all connections by default
+		return true
+	}
+	return u.Upgrade(w, r, responseHeader)
+}
+
+// Subprotocols returns the subprotocols requested by the client in the
+// Sec-Websocket-Protocol header.
+func Subprotocols(r *http.Request) []string {
+	h := strings.TrimSpace(r.Header.Get("Sec-Websocket-Protocol"))
+	if h == "" {
+		return nil
+	}
+	protocols := strings.Split(h, ",")
+	for i := range protocols {
+		protocols[i] = strings.TrimSpace(protocols[i])
+	}
+	return protocols
+}
+
+// IsWebSocketUpgrade returns true if the client requested upgrade to the
+// WebSocket protocol.
+func IsWebSocketUpgrade(r *http.Request) bool {
+	return tokenListContainsValue(r.Header, "Connection", "upgrade") &&
+		tokenListContainsValue(r.Header, "Upgrade", "websocket")
+}
+
+// bufioReaderSize size returns the size of a bufio.Reader.
+func bufioReaderSize(originalReader io.Reader, br *bufio.Reader) int {
+	// This code assumes that peek on a reset reader returns
+	// bufio.Reader.buf[:0].
+	// TODO: Use bufio.Reader.Size() after Go 1.10
+	br.Reset(originalReader)
+	if p, err := br.Peek(0); err == nil {
+		return cap(p)
+	}
+	return 0
+}
+
+// writeHook is an io.Writer that records the last slice passed to it vio
+// io.Writer.Write.
+type writeHook struct {
+	p []byte
+}
+
+func (wh *writeHook) Write(p []byte) (int, error) {
+	wh.p = p
+	return len(p), nil
+}
+
+// bufioWriterBuffer grabs the buffer from a bufio.Writer.
+func bufioWriterBuffer(originalWriter io.Writer, bw *bufio.Writer) []byte {
+	// This code assumes that bufio.Writer.buf[:1] is passed to the
+	// bufio.Writer's underlying writer.
+	var wh writeHook
+	bw.Reset(&wh)
+	bw.WriteByte(0)
+	bw.Flush()
+
+	bw.Reset(originalWriter)
+
+	return wh.p[:cap(wh.p)]
+}
diff --git a/server/vendor/github.com/gorilla/websocket/tls_handshake.go b/server/vendor/github.com/gorilla/websocket/tls_handshake.go
new file mode 100644
index 0000000..a62b68c
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/tls_handshake.go
@@ -0,0 +1,21 @@
+//go:build go1.17
+// +build go1.17
+
+package websocket
+
+import (
+	"context"
+	"crypto/tls"
+)
+
+func doHandshake(ctx context.Context, tlsConn *tls.Conn, cfg *tls.Config) error {
+	if err := tlsConn.HandshakeContext(ctx); err != nil {
+		return err
+	}
+	if !cfg.InsecureSkipVerify {
+		if err := tlsConn.VerifyHostname(cfg.ServerName); err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/gorilla/websocket/tls_handshake_116.go b/server/vendor/github.com/gorilla/websocket/tls_handshake_116.go
new file mode 100644
index 0000000..e1b2b44
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/tls_handshake_116.go
@@ -0,0 +1,21 @@
+//go:build !go1.17
+// +build !go1.17
+
+package websocket
+
+import (
+	"context"
+	"crypto/tls"
+)
+
+func doHandshake(ctx context.Context, tlsConn *tls.Conn, cfg *tls.Config) error {
+	if err := tlsConn.Handshake(); err != nil {
+		return err
+	}
+	if !cfg.InsecureSkipVerify {
+		if err := tlsConn.VerifyHostname(cfg.ServerName); err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/gorilla/websocket/util.go b/server/vendor/github.com/gorilla/websocket/util.go
new file mode 100644
index 0000000..31a5dee
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/util.go
@@ -0,0 +1,298 @@
+// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+	"crypto/rand"
+	"crypto/sha1"
+	"encoding/base64"
+	"io"
+	"net/http"
+	"strings"
+	"unicode/utf8"
+)
+
+var keyGUID = []byte("258EAFA5-E914-47DA-95CA-C5AB0DC85B11")
+
+func computeAcceptKey(challengeKey string) string {
+	h := sha1.New()
+	h.Write([]byte(challengeKey))
+	h.Write(keyGUID)
+	return base64.StdEncoding.EncodeToString(h.Sum(nil))
+}
+
+func generateChallengeKey() (string, error) {
+	p := make([]byte, 16)
+	if _, err := io.ReadFull(rand.Reader, p); err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(p), nil
+}
+
+// Token octets per RFC 2616.
+var isTokenOctet = [256]bool{
+	'!':  true,
+	'#':  true,
+	'$':  true,
+	'%':  true,
+	'&':  true,
+	'\'': true,
+	'*':  true,
+	'+':  true,
+	'-':  true,
+	'.':  true,
+	'0':  true,
+	'1':  true,
+	'2':  true,
+	'3':  true,
+	'4':  true,
+	'5':  true,
+	'6':  true,
+	'7':  true,
+	'8':  true,
+	'9':  true,
+	'A':  true,
+	'B':  true,
+	'C':  true,
+	'D':  true,
+	'E':  true,
+	'F':  true,
+	'G':  true,
+	'H':  true,
+	'I':  true,
+	'J':  true,
+	'K':  true,
+	'L':  true,
+	'M':  true,
+	'N':  true,
+	'O':  true,
+	'P':  true,
+	'Q':  true,
+	'R':  true,
+	'S':  true,
+	'T':  true,
+	'U':  true,
+	'W':  true,
+	'V':  true,
+	'X':  true,
+	'Y':  true,
+	'Z':  true,
+	'^':  true,
+	'_':  true,
+	'`':  true,
+	'a':  true,
+	'b':  true,
+	'c':  true,
+	'd':  true,
+	'e':  true,
+	'f':  true,
+	'g':  true,
+	'h':  true,
+	'i':  true,
+	'j':  true,
+	'k':  true,
+	'l':  true,
+	'm':  true,
+	'n':  true,
+	'o':  true,
+	'p':  true,
+	'q':  true,
+	'r':  true,
+	's':  true,
+	't':  true,
+	'u':  true,
+	'v':  true,
+	'w':  true,
+	'x':  true,
+	'y':  true,
+	'z':  true,
+	'|':  true,
+	'~':  true,
+}
+
+// skipSpace returns a slice of the string s with all leading RFC 2616 linear
+// whitespace removed.
+func skipSpace(s string) (rest string) {
+	i := 0
+	for ; i < len(s); i++ {
+		if b := s[i]; b != ' ' && b != '\t' {
+			break
+		}
+	}
+	return s[i:]
+}
+
+// nextToken returns the leading RFC 2616 token of s and the string following
+// the token.
+func nextToken(s string) (token, rest string) {
+	i := 0
+	for ; i < len(s); i++ {
+		if !isTokenOctet[s[i]] {
+			break
+		}
+	}
+	return s[:i], s[i:]
+}
+
+// nextTokenOrQuoted returns the leading token or quoted string per RFC 2616
+// and the string following the token or quoted string.
+func nextTokenOrQuoted(s string) (value string, rest string) {
+	if !strings.HasPrefix(s, "\"") {
+		return nextToken(s)
+	}
+	s = s[1:]
+	for i := 0; i < len(s); i++ {
+		switch s[i] {
+		case '"':
+			return s[:i], s[i+1:]
+		case '\\':
+			p := make([]byte, len(s)-1)
+			j := copy(p, s[:i])
+			escape := true
+			for i = i + 1; i < len(s); i++ {
+				b := s[i]
+				switch {
+				case escape:
+					escape = false
+					p[j] = b
+					j++
+				case b == '\\':
+					escape = true
+				case b == '"':
+					return string(p[:j]), s[i+1:]
+				default:
+					p[j] = b
+					j++
+				}
+			}
+			return "", ""
+		}
+	}
+	return "", ""
+}
+
+// equalASCIIFold returns true if s is equal to t with ASCII case folding as
+// defined in RFC 4790.
+func equalASCIIFold(s, t string) bool {
+	for s != "" && t != "" {
+		sr, size := utf8.DecodeRuneInString(s)
+		s = s[size:]
+		tr, size := utf8.DecodeRuneInString(t)
+		t = t[size:]
+		if sr == tr {
+			continue
+		}
+		if 'A' <= sr && sr <= 'Z' {
+			sr = sr + 'a' - 'A'
+		}
+		if 'A' <= tr && tr <= 'Z' {
+			tr = tr + 'a' - 'A'
+		}
+		if sr != tr {
+			return false
+		}
+	}
+	return s == t
+}
+
+// tokenListContainsValue returns true if the 1#token header with the given
+// name contains a token equal to value with ASCII case folding.
+func tokenListContainsValue(header http.Header, name string, value string) bool {
+headers:
+	for _, s := range header[name] {
+		for {
+			var t string
+			t, s = nextToken(skipSpace(s))
+			if t == "" {
+				continue headers
+			}
+			s = skipSpace(s)
+			if s != "" && s[0] != ',' {
+				continue headers
+			}
+			if equalASCIIFold(t, value) {
+				return true
+			}
+			if s == "" {
+				continue headers
+			}
+			s = s[1:]
+		}
+	}
+	return false
+}
+
+// parseExtensions parses WebSocket extensions from a header.
+func parseExtensions(header http.Header) []map[string]string {
+	// From RFC 6455:
+	//
+	//  Sec-WebSocket-Extensions = extension-list
+	//  extension-list = 1#extension
+	//  extension = extension-token *( ";" extension-param )
+	//  extension-token = registered-token
+	//  registered-token = token
+	//  extension-param = token [ "=" (token | quoted-string) ]
+	//     ;When using the quoted-string syntax variant, the value
+	//     ;after quoted-string unescaping MUST conform to the
+	//     ;'token' ABNF.
+
+	var result []map[string]string
+headers:
+	for _, s := range header["Sec-Websocket-Extensions"] {
+		for {
+			var t string
+			t, s = nextToken(skipSpace(s))
+			if t == "" {
+				continue headers
+			}
+			ext := map[string]string{"": t}
+			for {
+				s = skipSpace(s)
+				if !strings.HasPrefix(s, ";") {
+					break
+				}
+				var k string
+				k, s = nextToken(skipSpace(s[1:]))
+				if k == "" {
+					continue headers
+				}
+				s = skipSpace(s)
+				var v string
+				if strings.HasPrefix(s, "=") {
+					v, s = nextTokenOrQuoted(skipSpace(s[1:]))
+					s = skipSpace(s)
+				}
+				if s != "" && s[0] != ',' && s[0] != ';' {
+					continue headers
+				}
+				ext[k] = v
+			}
+			if s != "" && s[0] != ',' {
+				continue headers
+			}
+			result = append(result, ext)
+			if s == "" {
+				continue headers
+			}
+			s = s[1:]
+		}
+	}
+	return result
+}
+
+// isValidChallengeKey checks if the argument meets RFC6455 specification.
+func isValidChallengeKey(s string) bool {
+	// From RFC6455:
+	//
+	// A |Sec-WebSocket-Key| header field with a base64-encoded (see
+	// Section 4 of [RFC4648]) value that, when decoded, is 16 bytes in
+	// length.
+
+	if s == "" {
+		return false
+	}
+	decoded, err := base64.StdEncoding.DecodeString(s)
+	return err == nil && len(decoded) == 16
+}
diff --git a/server/vendor/github.com/gorilla/websocket/x_net_proxy.go b/server/vendor/github.com/gorilla/websocket/x_net_proxy.go
new file mode 100644
index 0000000..2e668f6
--- /dev/null
+++ b/server/vendor/github.com/gorilla/websocket/x_net_proxy.go
@@ -0,0 +1,473 @@
+// Code generated by golang.org/x/tools/cmd/bundle. DO NOT EDIT.
+//go:generate bundle -o x_net_proxy.go golang.org/x/net/proxy
+
+// Package proxy provides support for a variety of protocols to proxy network
+// data.
+//
+
+package websocket
+
+import (
+	"errors"
+	"io"
+	"net"
+	"net/url"
+	"os"
+	"strconv"
+	"strings"
+	"sync"
+)
+
+type proxy_direct struct{}
+
+// Direct is a direct proxy: one that makes network connections directly.
+var proxy_Direct = proxy_direct{}
+
+func (proxy_direct) Dial(network, addr string) (net.Conn, error) {
+	return net.Dial(network, addr)
+}
+
+// A PerHost directs connections to a default Dialer unless the host name
+// requested matches one of a number of exceptions.
+type proxy_PerHost struct {
+	def, bypass proxy_Dialer
+
+	bypassNetworks []*net.IPNet
+	bypassIPs      []net.IP
+	bypassZones    []string
+	bypassHosts    []string
+}
+
+// NewPerHost returns a PerHost Dialer that directs connections to either
+// defaultDialer or bypass, depending on whether the connection matches one of
+// the configured rules.
+func proxy_NewPerHost(defaultDialer, bypass proxy_Dialer) *proxy_PerHost {
+	return &proxy_PerHost{
+		def:    defaultDialer,
+		bypass: bypass,
+	}
+}
+
+// Dial connects to the address addr on the given network through either
+// defaultDialer or bypass.
+func (p *proxy_PerHost) Dial(network, addr string) (c net.Conn, err error) {
+	host, _, err := net.SplitHostPort(addr)
+	if err != nil {
+		return nil, err
+	}
+
+	return p.dialerForRequest(host).Dial(network, addr)
+}
+
+func (p *proxy_PerHost) dialerForRequest(host string) proxy_Dialer {
+	if ip := net.ParseIP(host); ip != nil {
+		for _, net := range p.bypassNetworks {
+			if net.Contains(ip) {
+				return p.bypass
+			}
+		}
+		for _, bypassIP := range p.bypassIPs {
+			if bypassIP.Equal(ip) {
+				return p.bypass
+			}
+		}
+		return p.def
+	}
+
+	for _, zone := range p.bypassZones {
+		if strings.HasSuffix(host, zone) {
+			return p.bypass
+		}
+		if host == zone[1:] {
+			// For a zone ".example.com", we match "example.com"
+			// too.
+			return p.bypass
+		}
+	}
+	for _, bypassHost := range p.bypassHosts {
+		if bypassHost == host {
+			return p.bypass
+		}
+	}
+	return p.def
+}
+
+// AddFromString parses a string that contains comma-separated values
+// specifying hosts that should use the bypass proxy. Each value is either an
+// IP address, a CIDR range, a zone (*.example.com) or a host name
+// (localhost). A best effort is made to parse the string and errors are
+// ignored.
+func (p *proxy_PerHost) AddFromString(s string) {
+	hosts := strings.Split(s, ",")
+	for _, host := range hosts {
+		host = strings.TrimSpace(host)
+		if len(host) == 0 {
+			continue
+		}
+		if strings.Contains(host, "/") {
+			// We assume that it's a CIDR address like 127.0.0.0/8
+			if _, net, err := net.ParseCIDR(host); err == nil {
+				p.AddNetwork(net)
+			}
+			continue
+		}
+		if ip := net.ParseIP(host); ip != nil {
+			p.AddIP(ip)
+			continue
+		}
+		if strings.HasPrefix(host, "*.") {
+			p.AddZone(host[1:])
+			continue
+		}
+		p.AddHost(host)
+	}
+}
+
+// AddIP specifies an IP address that will use the bypass proxy. Note that
+// this will only take effect if a literal IP address is dialed. A connection
+// to a named host will never match an IP.
+func (p *proxy_PerHost) AddIP(ip net.IP) {
+	p.bypassIPs = append(p.bypassIPs, ip)
+}
+
+// AddNetwork specifies an IP range that will use the bypass proxy. Note that
+// this will only take effect if a literal IP address is dialed. A connection
+// to a named host will never match.
+func (p *proxy_PerHost) AddNetwork(net *net.IPNet) {
+	p.bypassNetworks = append(p.bypassNetworks, net)
+}
+
+// AddZone specifies a DNS suffix that will use the bypass proxy. A zone of
+// "example.com" matches "example.com" and all of its subdomains.
+func (p *proxy_PerHost) AddZone(zone string) {
+	if strings.HasSuffix(zone, ".") {
+		zone = zone[:len(zone)-1]
+	}
+	if !strings.HasPrefix(zone, ".") {
+		zone = "." + zone
+	}
+	p.bypassZones = append(p.bypassZones, zone)
+}
+
+// AddHost specifies a host name that will use the bypass proxy.
+func (p *proxy_PerHost) AddHost(host string) {
+	if strings.HasSuffix(host, ".") {
+		host = host[:len(host)-1]
+	}
+	p.bypassHosts = append(p.bypassHosts, host)
+}
+
+// A Dialer is a means to establish a connection.
+type proxy_Dialer interface {
+	// Dial connects to the given address via the proxy.
+	Dial(network, addr string) (c net.Conn, err error)
+}
+
+// Auth contains authentication parameters that specific Dialers may require.
+type proxy_Auth struct {
+	User, Password string
+}
+
+// FromEnvironment returns the dialer specified by the proxy related variables in
+// the environment.
+func proxy_FromEnvironment() proxy_Dialer {
+	allProxy := proxy_allProxyEnv.Get()
+	if len(allProxy) == 0 {
+		return proxy_Direct
+	}
+
+	proxyURL, err := url.Parse(allProxy)
+	if err != nil {
+		return proxy_Direct
+	}
+	proxy, err := proxy_FromURL(proxyURL, proxy_Direct)
+	if err != nil {
+		return proxy_Direct
+	}
+
+	noProxy := proxy_noProxyEnv.Get()
+	if len(noProxy) == 0 {
+		return proxy
+	}
+
+	perHost := proxy_NewPerHost(proxy, proxy_Direct)
+	perHost.AddFromString(noProxy)
+	return perHost
+}
+
+// proxySchemes is a map from URL schemes to a function that creates a Dialer
+// from a URL with such a scheme.
+var proxy_proxySchemes map[string]func(*url.URL, proxy_Dialer) (proxy_Dialer, error)
+
+// RegisterDialerType takes a URL scheme and a function to generate Dialers from
+// a URL with that scheme and a forwarding Dialer. Registered schemes are used
+// by FromURL.
+func proxy_RegisterDialerType(scheme string, f func(*url.URL, proxy_Dialer) (proxy_Dialer, error)) {
+	if proxy_proxySchemes == nil {
+		proxy_proxySchemes = make(map[string]func(*url.URL, proxy_Dialer) (proxy_Dialer, error))
+	}
+	proxy_proxySchemes[scheme] = f
+}
+
+// FromURL returns a Dialer given a URL specification and an underlying
+// Dialer for it to make network requests.
+func proxy_FromURL(u *url.URL, forward proxy_Dialer) (proxy_Dialer, error) {
+	var auth *proxy_Auth
+	if u.User != nil {
+		auth = new(proxy_Auth)
+		auth.User = u.User.Username()
+		if p, ok := u.User.Password(); ok {
+			auth.Password = p
+		}
+	}
+
+	switch u.Scheme {
+	case "socks5":
+		return proxy_SOCKS5("tcp", u.Host, auth, forward)
+	}
+
+	// If the scheme doesn't match any of the built-in schemes, see if it
+	// was registered by another package.
+	if proxy_proxySchemes != nil {
+		if f, ok := proxy_proxySchemes[u.Scheme]; ok {
+			return f(u, forward)
+		}
+	}
+
+	return nil, errors.New("proxy: unknown scheme: " + u.Scheme)
+}
+
+var (
+	proxy_allProxyEnv = &proxy_envOnce{
+		names: []string{"ALL_PROXY", "all_proxy"},
+	}
+	proxy_noProxyEnv = &proxy_envOnce{
+		names: []string{"NO_PROXY", "no_proxy"},
+	}
+)
+
+// envOnce looks up an environment variable (optionally by multiple
+// names) once. It mitigates expensive lookups on some platforms
+// (e.g. Windows).
+// (Borrowed from net/http/transport.go)
+type proxy_envOnce struct {
+	names []string
+	once  sync.Once
+	val   string
+}
+
+func (e *proxy_envOnce) Get() string {
+	e.once.Do(e.init)
+	return e.val
+}
+
+func (e *proxy_envOnce) init() {
+	for _, n := range e.names {
+		e.val = os.Getenv(n)
+		if e.val != "" {
+			return
+		}
+	}
+}
+
+// SOCKS5 returns a Dialer that makes SOCKSv5 connections to the given address
+// with an optional username and password. See RFC 1928 and RFC 1929.
+func proxy_SOCKS5(network, addr string, auth *proxy_Auth, forward proxy_Dialer) (proxy_Dialer, error) {
+	s := &proxy_socks5{
+		network: network,
+		addr:    addr,
+		forward: forward,
+	}
+	if auth != nil {
+		s.user = auth.User
+		s.password = auth.Password
+	}
+
+	return s, nil
+}
+
+type proxy_socks5 struct {
+	user, password string
+	network, addr  string
+	forward        proxy_Dialer
+}
+
+const proxy_socks5Version = 5
+
+const (
+	proxy_socks5AuthNone     = 0
+	proxy_socks5AuthPassword = 2
+)
+
+const proxy_socks5Connect = 1
+
+const (
+	proxy_socks5IP4    = 1
+	proxy_socks5Domain = 3
+	proxy_socks5IP6    = 4
+)
+
+var proxy_socks5Errors = []string{
+	"",
+	"general failure",
+	"connection forbidden",
+	"network unreachable",
+	"host unreachable",
+	"connection refused",
+	"TTL expired",
+	"command not supported",
+	"address type not supported",
+}
+
+// Dial connects to the address addr on the given network via the SOCKS5 proxy.
+func (s *proxy_socks5) Dial(network, addr string) (net.Conn, error) {
+	switch network {
+	case "tcp", "tcp6", "tcp4":
+	default:
+		return nil, errors.New("proxy: no support for SOCKS5 proxy connections of type " + network)
+	}
+
+	conn, err := s.forward.Dial(s.network, s.addr)
+	if err != nil {
+		return nil, err
+	}
+	if err := s.connect(conn, addr); err != nil {
+		conn.Close()
+		return nil, err
+	}
+	return conn, nil
+}
+
+// connect takes an existing connection to a socks5 proxy server,
+// and commands the server to extend that connection to target,
+// which must be a canonical address with a host and port.
+func (s *proxy_socks5) connect(conn net.Conn, target string) error {
+	host, portStr, err := net.SplitHostPort(target)
+	if err != nil {
+		return err
+	}
+
+	port, err := strconv.Atoi(portStr)
+	if err != nil {
+		return errors.New("proxy: failed to parse port number: " + portStr)
+	}
+	if port < 1 || port > 0xffff {
+		return errors.New("proxy: port number out of range: " + portStr)
+	}
+
+	// the size here is just an estimate
+	buf := make([]byte, 0, 6+len(host))
+
+	buf = append(buf, proxy_socks5Version)
+	if len(s.user) > 0 && len(s.user) < 256 && len(s.password) < 256 {
+		buf = append(buf, 2 /* num auth methods */, proxy_socks5AuthNone, proxy_socks5AuthPassword)
+	} else {
+		buf = append(buf, 1 /* num auth methods */, proxy_socks5AuthNone)
+	}
+
+	if _, err := conn.Write(buf); err != nil {
+		return errors.New("proxy: failed to write greeting to SOCKS5 proxy at " + s.addr + ": " + err.Error())
+	}
+
+	if _, err := io.ReadFull(conn, buf[:2]); err != nil {
+		return errors.New("proxy: failed to read greeting from SOCKS5 proxy at " + s.addr + ": " + err.Error())
+	}
+	if buf[0] != 5 {
+		return errors.New("proxy: SOCKS5 proxy at " + s.addr + " has unexpected version " + strconv.Itoa(int(buf[0])))
+	}
+	if buf[1] == 0xff {
+		return errors.New("proxy: SOCKS5 proxy at " + s.addr + " requires authentication")
+	}
+
+	// See RFC 1929
+	if buf[1] == proxy_socks5AuthPassword {
+		buf = buf[:0]
+		buf = append(buf, 1 /* password protocol version */)
+		buf = append(buf, uint8(len(s.user)))
+		buf = append(buf, s.user...)
+		buf = append(buf, uint8(len(s.password)))
+		buf = append(buf, s.password...)
+
+		if _, err := conn.Write(buf); err != nil {
+			return errors.New("proxy: failed to write authentication request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
+		}
+
+		if _, err := io.ReadFull(conn, buf[:2]); err != nil {
+			return errors.New("proxy: failed to read authentication reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
+		}
+
+		if buf[1] != 0 {
+			return errors.New("proxy: SOCKS5 proxy at " + s.addr + " rejected username/password")
+		}
+	}
+
+	buf = buf[:0]
+	buf = append(buf, proxy_socks5Version, proxy_socks5Connect, 0 /* reserved */)
+
+	if ip := net.ParseIP(host); ip != nil {
+		if ip4 := ip.To4(); ip4 != nil {
+			buf = append(buf, proxy_socks5IP4)
+			ip = ip4
+		} else {
+			buf = append(buf, proxy_socks5IP6)
+		}
+		buf = append(buf, ip...)
+	} else {
+		if len(host) > 255 {
+			return errors.New("proxy: destination host name too long: " + host)
+		}
+		buf = append(buf, proxy_socks5Domain)
+		buf = append(buf, byte(len(host)))
+		buf = append(buf, host...)
+	}
+	buf = append(buf, byte(port>>8), byte(port))
+
+	if _, err := conn.Write(buf); err != nil {
+		return errors.New("proxy: failed to write connect request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
+	}
+
+	if _, err := io.ReadFull(conn, buf[:4]); err != nil {
+		return errors.New("proxy: failed to read connect reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
+	}
+
+	failure := "unknown error"
+	if int(buf[1]) < len(proxy_socks5Errors) {
+		failure = proxy_socks5Errors[buf[1]]
+	}
+
+	if len(failure) > 0 {
+		return errors.New("proxy: SOCKS5 proxy at " + s.addr + " failed to connect: " + failure)
+	}
+
+	bytesToDiscard := 0
+	switch buf[3] {
+	case proxy_socks5IP4:
+		bytesToDiscard = net.IPv4len
+	case proxy_socks5IP6:
+		bytesToDiscard = net.IPv6len
+	case proxy_socks5Domain:
+		_, err := io.ReadFull(conn, buf[:1])
+		if err != nil {
+			return errors.New("proxy: failed to read domain length from SOCKS5 proxy at " + s.addr + ": " + err.Error())
+		}
+		bytesToDiscard = int(buf[0])
+	default:
+		return errors.New("proxy: got unknown address type " + strconv.Itoa(int(buf[3])) + " from SOCKS5 proxy at " + s.addr)
+	}
+
+	if cap(buf) < bytesToDiscard {
+		buf = make([]byte, bytesToDiscard)
+	} else {
+		buf = buf[:bytesToDiscard]
+	}
+	if _, err := io.ReadFull(conn, buf); err != nil {
+		return errors.New("proxy: failed to read address from SOCKS5 proxy at " + s.addr + ": " + err.Error())
+	}
+
+	// Also need to discard the port number
+	if _, err := io.ReadFull(conn, buf[:2]); err != nil {
+		return errors.New("proxy: failed to read port from SOCKS5 proxy at " + s.addr + ": " + err.Error())
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/datachannel/.gitignore b/server/vendor/github.com/pion/datachannel/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/datachannel/.golangci.yml b/server/vendor/github.com/pion/datachannel/.golangci.yml
new file mode 100644
index 0000000..e06de4d
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/.golangci.yml
@@ -0,0 +1,125 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    enable:
+      - shadow
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-dirs-use-default: false
+  exclude-rules:
+    # Allow complex tests and examples, better to be self contained
+    - path: (examples|main\.go|_test\.go)
+      linters:
+        - forbidigo
+        - gocognit
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
diff --git a/server/vendor/github.com/pion/datachannel/.goreleaser.yml b/server/vendor/github.com/pion/datachannel/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/datachannel/LICENSE b/server/vendor/github.com/pion/datachannel/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/datachannel/README.md b/server/vendor/github.com/pion/datachannel/README.md
new file mode 100644
index 0000000..c68be94
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/README.md
@@ -0,0 +1,34 @@
+<h1 align="center">
+  <br>
+  Pion Data Channels
+  <br>
+</h1>
+<h4 align="center">A Go implementation of WebRTC Data Channels</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-datachannel-gray.svg?longCache=true&colorB=brightgreen" alt="Pion Data Channels"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/datachannel/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/datachannel"><img src="https://pkg.go.dev/badge/github.com/pion/datachannel.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/datachannel"><img src="https://codecov.io/gh/pion/datachannel/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/datachannel"><img src="https://goreportcard.com/badge/github.com/pion/datachannel" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/datachannel/codecov.yml b/server/vendor/github.com/pion/datachannel/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/datachannel/datachannel.go b/server/vendor/github.com/pion/datachannel/datachannel.go
new file mode 100644
index 0000000..0050185
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/datachannel.go
@@ -0,0 +1,404 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package datachannel implements WebRTC Data Channels
+package datachannel
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/sctp"
+)
+
+const receiveMTU = 8192
+
+// Reader is an extended io.Reader
+// that also returns if the message is text.
+type Reader interface {
+	ReadDataChannel([]byte) (int, bool, error)
+}
+
+// ReadDeadliner extends an io.Reader to expose setting a read deadline.
+type ReadDeadliner interface {
+	SetReadDeadline(time.Time) error
+}
+
+// Writer is an extended io.Writer
+// that also allows indicating if a message is text.
+type Writer interface {
+	WriteDataChannel([]byte, bool) (int, error)
+}
+
+// ReadWriteCloser is an extended io.ReadWriteCloser
+// that also implements our Reader and Writer.
+type ReadWriteCloser interface {
+	io.Reader
+	io.Writer
+	Reader
+	Writer
+	io.Closer
+}
+
+// DataChannel represents a data channel
+type DataChannel struct {
+	Config
+
+	// stats
+	messagesSent     uint32
+	messagesReceived uint32
+	bytesSent        uint64
+	bytesReceived    uint64
+
+	mu                      sync.Mutex
+	onOpenCompleteHandler   func()
+	openCompleteHandlerOnce sync.Once
+
+	stream *sctp.Stream
+	log    logging.LeveledLogger
+}
+
+// Config is used to configure the data channel.
+type Config struct {
+	ChannelType          ChannelType
+	Negotiated           bool
+	Priority             uint16
+	ReliabilityParameter uint32
+	Label                string
+	Protocol             string
+	LoggerFactory        logging.LoggerFactory
+}
+
+func newDataChannel(stream *sctp.Stream, config *Config) *DataChannel {
+	return &DataChannel{
+		Config: *config,
+		stream: stream,
+		log:    config.LoggerFactory.NewLogger("datachannel"),
+	}
+}
+
+// Dial opens a data channels over SCTP
+func Dial(a *sctp.Association, id uint16, config *Config) (*DataChannel, error) {
+	stream, err := a.OpenStream(id, sctp.PayloadTypeWebRTCBinary)
+	if err != nil {
+		return nil, err
+	}
+
+	dc, err := Client(stream, config)
+	if err != nil {
+		return nil, err
+	}
+
+	return dc, nil
+}
+
+// Client opens a data channel over an SCTP stream
+func Client(stream *sctp.Stream, config *Config) (*DataChannel, error) {
+	msg := &channelOpen{
+		ChannelType:          config.ChannelType,
+		Priority:             config.Priority,
+		ReliabilityParameter: config.ReliabilityParameter,
+
+		Label:    []byte(config.Label),
+		Protocol: []byte(config.Protocol),
+	}
+
+	if !config.Negotiated {
+		rawMsg, err := msg.Marshal()
+		if err != nil {
+			return nil, fmt.Errorf("failed to marshal ChannelOpen %w", err)
+		}
+
+		if _, err = stream.WriteSCTP(rawMsg, sctp.PayloadTypeWebRTCDCEP); err != nil {
+			return nil, fmt.Errorf("failed to send ChannelOpen %w", err)
+		}
+	}
+	dc := newDataChannel(stream, config)
+
+	if err := dc.commitReliabilityParams(); err != nil {
+		return nil, err
+	}
+	return dc, nil
+}
+
+// Accept is used to accept incoming data channels over SCTP
+func Accept(a *sctp.Association, config *Config, existingChannels ...*DataChannel) (*DataChannel, error) {
+	stream, err := a.AcceptStream()
+	if err != nil {
+		return nil, err
+	}
+	for _, ch := range existingChannels {
+		if ch.StreamIdentifier() == stream.StreamIdentifier() {
+			ch.stream.SetDefaultPayloadType(sctp.PayloadTypeWebRTCBinary)
+			return ch, nil
+		}
+	}
+
+	stream.SetDefaultPayloadType(sctp.PayloadTypeWebRTCBinary)
+
+	dc, err := Server(stream, config)
+	if err != nil {
+		return nil, err
+	}
+
+	return dc, nil
+}
+
+// Server accepts a data channel over an SCTP stream
+func Server(stream *sctp.Stream, config *Config) (*DataChannel, error) {
+	buffer := make([]byte, receiveMTU)
+	n, ppi, err := stream.ReadSCTP(buffer)
+	if err != nil {
+		return nil, err
+	}
+
+	if ppi != sctp.PayloadTypeWebRTCDCEP {
+		return nil, fmt.Errorf("%w %s", ErrInvalidPayloadProtocolIdentifier, ppi)
+	}
+
+	openMsg, err := parseExpectDataChannelOpen(buffer[:n])
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse DataChannelOpen packet %w", err)
+	}
+
+	config.ChannelType = openMsg.ChannelType
+	config.Priority = openMsg.Priority
+	config.ReliabilityParameter = openMsg.ReliabilityParameter
+	config.Label = string(openMsg.Label)
+	config.Protocol = string(openMsg.Protocol)
+
+	dataChannel := newDataChannel(stream, config)
+
+	err = dataChannel.writeDataChannelAck()
+	if err != nil {
+		return nil, err
+	}
+
+	err = dataChannel.commitReliabilityParams()
+	if err != nil {
+		return nil, err
+	}
+	return dataChannel, nil
+}
+
+// Read reads a packet of len(p) bytes as binary data
+func (c *DataChannel) Read(p []byte) (int, error) {
+	n, _, err := c.ReadDataChannel(p)
+	return n, err
+}
+
+// ReadDataChannel reads a packet of len(p) bytes
+func (c *DataChannel) ReadDataChannel(p []byte) (int, bool, error) {
+	for {
+		n, ppi, err := c.stream.ReadSCTP(p)
+		if errors.Is(err, io.EOF) {
+			// When the peer sees that an incoming stream was
+			// reset, it also resets its corresponding outgoing stream.
+			if closeErr := c.stream.Close(); closeErr != nil {
+				return 0, false, closeErr
+			}
+		}
+		if err != nil {
+			return 0, false, err
+		}
+
+		if ppi == sctp.PayloadTypeWebRTCDCEP {
+			if err = c.handleDCEP(p[:n]); err != nil {
+				c.log.Errorf("Failed to handle DCEP: %s", err.Error())
+			}
+			continue
+		} else if ppi == sctp.PayloadTypeWebRTCBinaryEmpty || ppi == sctp.PayloadTypeWebRTCStringEmpty {
+			n = 0
+		}
+
+		atomic.AddUint32(&c.messagesReceived, 1)
+		atomic.AddUint64(&c.bytesReceived, uint64(n))
+
+		isString := ppi == sctp.PayloadTypeWebRTCString || ppi == sctp.PayloadTypeWebRTCStringEmpty
+		return n, isString, err
+	}
+}
+
+// SetReadDeadline sets a deadline for reads to return
+func (c *DataChannel) SetReadDeadline(t time.Time) error {
+	return c.stream.SetReadDeadline(t)
+}
+
+// MessagesSent returns the number of messages sent
+func (c *DataChannel) MessagesSent() uint32 {
+	return atomic.LoadUint32(&c.messagesSent)
+}
+
+// MessagesReceived returns the number of messages received
+func (c *DataChannel) MessagesReceived() uint32 {
+	return atomic.LoadUint32(&c.messagesReceived)
+}
+
+// OnOpen sets an event handler which is invoked when
+// a DATA_CHANNEL_ACK message is received.
+// The handler is called only on thefor the channel opened
+// https://datatracker.ietf.org/doc/html/draft-ietf-rtcweb-data-protocol-09#section-5.2
+func (c *DataChannel) OnOpen(f func()) {
+	c.mu.Lock()
+	c.openCompleteHandlerOnce = sync.Once{}
+	c.onOpenCompleteHandler = f
+	c.mu.Unlock()
+}
+
+func (c *DataChannel) onOpenComplete() {
+	c.mu.Lock()
+	hdlr := c.onOpenCompleteHandler
+	c.mu.Unlock()
+
+	if hdlr != nil {
+		go c.openCompleteHandlerOnce.Do(func() {
+			hdlr()
+		})
+	}
+}
+
+// BytesSent returns the number of bytes sent
+func (c *DataChannel) BytesSent() uint64 {
+	return atomic.LoadUint64(&c.bytesSent)
+}
+
+// BytesReceived returns the number of bytes received
+func (c *DataChannel) BytesReceived() uint64 {
+	return atomic.LoadUint64(&c.bytesReceived)
+}
+
+// StreamIdentifier returns the Stream identifier associated to the stream.
+func (c *DataChannel) StreamIdentifier() uint16 {
+	return c.stream.StreamIdentifier()
+}
+
+func (c *DataChannel) handleDCEP(data []byte) error {
+	msg, err := parse(data)
+	if err != nil {
+		return fmt.Errorf("failed to parse DataChannel packet %w", err)
+	}
+
+	switch msg := msg.(type) {
+	case *channelAck:
+		c.onOpenComplete()
+	default:
+		return fmt.Errorf("%w, wanted ACK got %v", ErrUnexpectedDataChannelType, msg)
+	}
+
+	return nil
+}
+
+// Write writes len(p) bytes from p as binary data
+func (c *DataChannel) Write(p []byte) (n int, err error) {
+	return c.WriteDataChannel(p, false)
+}
+
+// WriteDataChannel writes len(p) bytes from p
+func (c *DataChannel) WriteDataChannel(p []byte, isString bool) (n int, err error) {
+	// https://tools.ietf.org/html/draft-ietf-rtcweb-data-channel-12#section-6.6
+	// SCTP does not support the sending of empty user messages.  Therefore,
+	// if an empty message has to be sent, the appropriate PPID (WebRTC
+	// String Empty or WebRTC Binary Empty) is used and the SCTP user
+	// message of one zero byte is sent.  When receiving an SCTP user
+	// message with one of these PPIDs, the receiver MUST ignore the SCTP
+	// user message and process it as an empty message.
+	var ppi sctp.PayloadProtocolIdentifier
+	switch {
+	case !isString && len(p) > 0:
+		ppi = sctp.PayloadTypeWebRTCBinary
+	case !isString && len(p) == 0:
+		ppi = sctp.PayloadTypeWebRTCBinaryEmpty
+	case isString && len(p) > 0:
+		ppi = sctp.PayloadTypeWebRTCString
+	case isString && len(p) == 0:
+		ppi = sctp.PayloadTypeWebRTCStringEmpty
+	}
+
+	atomic.AddUint32(&c.messagesSent, 1)
+	atomic.AddUint64(&c.bytesSent, uint64(len(p)))
+
+	if len(p) == 0 {
+		_, err := c.stream.WriteSCTP([]byte{0}, ppi)
+		return 0, err
+	}
+	return c.stream.WriteSCTP(p, ppi)
+}
+
+func (c *DataChannel) writeDataChannelAck() error {
+	ack := channelAck{}
+	ackMsg, err := ack.Marshal()
+	if err != nil {
+		return fmt.Errorf("failed to marshal ChannelOpen ACK: %w", err)
+	}
+
+	if _, err = c.stream.WriteSCTP(ackMsg, sctp.PayloadTypeWebRTCDCEP); err != nil {
+		return fmt.Errorf("failed to send ChannelOpen ACK: %w", err)
+	}
+
+	return err
+}
+
+// Close closes the DataChannel and the underlying SCTP stream.
+func (c *DataChannel) Close() error {
+	// https://tools.ietf.org/html/draft-ietf-rtcweb-data-channel-13#section-6.7
+	// Closing of a data channel MUST be signaled by resetting the
+	// corresponding outgoing streams [RFC6525].  This means that if one
+	// side decides to close the data channel, it resets the corresponding
+	// outgoing stream.  When the peer sees that an incoming stream was
+	// reset, it also resets its corresponding outgoing stream.  Once this
+	// is completed, the data channel is closed.  Resetting a stream sets
+	// the Stream Sequence Numbers (SSNs) of the stream back to 'zero' with
+	// a corresponding notification to the application layer that the reset
+	// has been performed.  Streams are available for reuse after a reset
+	// has been performed.
+	return c.stream.Close()
+}
+
+// BufferedAmount returns the number of bytes of data currently queued to be
+// sent over this stream.
+func (c *DataChannel) BufferedAmount() uint64 {
+	return c.stream.BufferedAmount()
+}
+
+// BufferedAmountLowThreshold returns the number of bytes of buffered outgoing
+// data that is considered "low." Defaults to 0.
+func (c *DataChannel) BufferedAmountLowThreshold() uint64 {
+	return c.stream.BufferedAmountLowThreshold()
+}
+
+// SetBufferedAmountLowThreshold is used to update the threshold.
+// See BufferedAmountLowThreshold().
+func (c *DataChannel) SetBufferedAmountLowThreshold(th uint64) {
+	c.stream.SetBufferedAmountLowThreshold(th)
+}
+
+// OnBufferedAmountLow sets the callback handler which would be called when the
+// number of bytes of outgoing data buffered is lower than the threshold.
+func (c *DataChannel) OnBufferedAmountLow(f func()) {
+	c.stream.OnBufferedAmountLow(f)
+}
+
+func (c *DataChannel) commitReliabilityParams() error {
+	switch c.Config.ChannelType {
+	case ChannelTypeReliable:
+		c.stream.SetReliabilityParams(false, sctp.ReliabilityTypeReliable, c.Config.ReliabilityParameter)
+	case ChannelTypeReliableUnordered:
+		c.stream.SetReliabilityParams(true, sctp.ReliabilityTypeReliable, c.Config.ReliabilityParameter)
+	case ChannelTypePartialReliableRexmit:
+		c.stream.SetReliabilityParams(false, sctp.ReliabilityTypeRexmit, c.Config.ReliabilityParameter)
+	case ChannelTypePartialReliableRexmitUnordered:
+		c.stream.SetReliabilityParams(true, sctp.ReliabilityTypeRexmit, c.Config.ReliabilityParameter)
+	case ChannelTypePartialReliableTimed:
+		c.stream.SetReliabilityParams(false, sctp.ReliabilityTypeTimed, c.Config.ReliabilityParameter)
+	case ChannelTypePartialReliableTimedUnordered:
+		c.stream.SetReliabilityParams(true, sctp.ReliabilityTypeTimed, c.Config.ReliabilityParameter)
+	default:
+		return fmt.Errorf("%w %v", ErrInvalidChannelType, c.Config.ChannelType)
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/datachannel/errors.go b/server/vendor/github.com/pion/datachannel/errors.go
new file mode 100644
index 0000000..2f98bf8
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/errors.go
@@ -0,0 +1,27 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package datachannel
+
+import "errors"
+
+var (
+	// ErrDataChannelMessageTooShort means that the data isn't long enough to be a valid DataChannel message
+	ErrDataChannelMessageTooShort = errors.New("DataChannel message is not long enough to determine type")
+
+	// ErrInvalidPayloadProtocolIdentifier means that we got a DataChannel messages with a Payload Protocol Identifier
+	// we don't know how to handle
+	ErrInvalidPayloadProtocolIdentifier = errors.New("DataChannel message Payload Protocol Identifier is value we can't handle")
+
+	// ErrInvalidChannelType means that the remote requested a channel type that we don't support
+	ErrInvalidChannelType = errors.New("invalid Channel Type")
+
+	// ErrInvalidMessageType is returned when a DataChannel Message has a type we don't support
+	ErrInvalidMessageType = errors.New("invalid Message Type")
+
+	// ErrExpectedAndActualLengthMismatch is when the declared length and actual length don't match
+	ErrExpectedAndActualLengthMismatch = errors.New("expected and actual length do not match")
+
+	// ErrUnexpectedDataChannelType is when a message type does not match the expected type
+	ErrUnexpectedDataChannelType = errors.New("expected and actual message type does not match")
+)
diff --git a/server/vendor/github.com/pion/datachannel/message.go b/server/vendor/github.com/pion/datachannel/message.go
new file mode 100644
index 0000000..f71ce7b
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/message.go
@@ -0,0 +1,92 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package datachannel
+
+import (
+	"fmt"
+)
+
+// message is a parsed DataChannel message
+type message interface {
+	Marshal() ([]byte, error)
+	Unmarshal([]byte) error
+	String() string
+}
+
+// messageType is the first byte in a DataChannel message that specifies type
+type messageType byte
+
+// DataChannel Message Types
+const (
+	dataChannelAck  messageType = 0x02
+	dataChannelOpen messageType = 0x03
+)
+
+func (t messageType) String() string {
+	switch t {
+	case dataChannelAck:
+		return "DataChannelAck"
+	case dataChannelOpen:
+		return "DataChannelOpen"
+	default:
+		return fmt.Sprintf("Unknown MessageType: %d", t)
+	}
+}
+
+// parse accepts raw input and returns a DataChannel message
+func parse(raw []byte) (message, error) {
+	if len(raw) == 0 {
+		return nil, ErrDataChannelMessageTooShort
+	}
+
+	var msg message
+	switch messageType(raw[0]) {
+	case dataChannelOpen:
+		msg = &channelOpen{}
+	case dataChannelAck:
+		msg = &channelAck{}
+	default:
+		return nil, fmt.Errorf("%w %v", ErrInvalidMessageType, messageType(raw[0]))
+	}
+
+	if err := msg.Unmarshal(raw); err != nil {
+		return nil, err
+	}
+
+	return msg, nil
+}
+
+// parseExpectDataChannelOpen parses a DataChannelOpen message
+// or throws an error
+func parseExpectDataChannelOpen(raw []byte) (*channelOpen, error) {
+	if len(raw) == 0 {
+		return nil, ErrDataChannelMessageTooShort
+	}
+
+	if actualTyp := messageType(raw[0]); actualTyp != dataChannelOpen {
+		return nil, fmt.Errorf("%w expected(%s) actual(%s)", ErrUnexpectedDataChannelType, actualTyp, dataChannelOpen)
+	}
+
+	msg := &channelOpen{}
+	if err := msg.Unmarshal(raw); err != nil {
+		return nil, err
+	}
+
+	return msg, nil
+}
+
+// TryMarshalUnmarshal attempts to marshal and unmarshal a message. Added for fuzzing.
+func TryMarshalUnmarshal(msg []byte) int {
+	message, err := parse(msg)
+	if err != nil {
+		return 0
+	}
+
+	_, err = message.Marshal()
+	if err != nil {
+		return 0
+	}
+
+	return 1
+}
diff --git a/server/vendor/github.com/pion/datachannel/message_channel_ack.go b/server/vendor/github.com/pion/datachannel/message_channel_ack.go
new file mode 100644
index 0000000..8fe396f
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/message_channel_ack.go
@@ -0,0 +1,29 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package datachannel
+
+// channelAck is used to ACK a DataChannel open
+type channelAck struct{}
+
+const (
+	channelOpenAckLength = 4
+)
+
+// Marshal returns raw bytes for the given message
+func (c *channelAck) Marshal() ([]byte, error) {
+	raw := make([]byte, channelOpenAckLength)
+	raw[0] = uint8(dataChannelAck)
+
+	return raw, nil
+}
+
+// Unmarshal populates the struct with the given raw data
+func (c *channelAck) Unmarshal(_ []byte) error {
+	// Message type already checked in Parse and there is no further data
+	return nil
+}
+
+func (c channelAck) String() string {
+	return "ACK"
+}
diff --git a/server/vendor/github.com/pion/datachannel/message_channel_open.go b/server/vendor/github.com/pion/datachannel/message_channel_open.go
new file mode 100644
index 0000000..dac58ff
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/message_channel_open.go
@@ -0,0 +1,147 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package datachannel
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+/*
+channelOpen represents a DATA_CHANNEL_OPEN Message
+
+	0                   1                   2                   3
+	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|  Message Type |  Channel Type |            Priority           |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                    Reliability Parameter                      |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|         Label Length          |       Protocol Length         |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                                                               |
+|                             Label                             |
+|                                                               |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                                                               |
+|                            Protocol                           |
+|                                                               |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type channelOpen struct {
+	ChannelType          ChannelType
+	Priority             uint16
+	ReliabilityParameter uint32
+
+	Label    []byte
+	Protocol []byte
+}
+
+const (
+	channelOpenHeaderLength = 12
+)
+
+// ChannelType determines the reliability of the WebRTC DataChannel
+type ChannelType byte
+
+// ChannelType enums
+const (
+	// ChannelTypeReliable determines the Data Channel provides a
+	// reliable in-order bi-directional communication.
+	ChannelTypeReliable ChannelType = 0x00
+	// ChannelTypeReliableUnordered determines the Data Channel
+	// provides a reliable unordered bi-directional communication.
+	ChannelTypeReliableUnordered ChannelType = 0x80
+	// ChannelTypePartialReliableRexmit determines the Data Channel
+	// provides a partially-reliable in-order bi-directional communication.
+	// User messages will not be retransmitted more times than specified in the Reliability Parameter.
+	ChannelTypePartialReliableRexmit ChannelType = 0x01
+	// ChannelTypePartialReliableRexmitUnordered determines
+	//  the Data Channel provides a partial reliable unordered bi-directional communication.
+	// User messages will not be retransmitted more times than specified in the Reliability Parameter.
+	ChannelTypePartialReliableRexmitUnordered ChannelType = 0x81
+	// ChannelTypePartialReliableTimed determines the Data Channel
+	// provides a partial reliable in-order bi-directional communication.
+	// User messages might not be transmitted or retransmitted after
+	// a specified life-time given in milli- seconds in the Reliability Parameter.
+	// This life-time starts when providing the user message to the protocol stack.
+	ChannelTypePartialReliableTimed ChannelType = 0x02
+	// The Data Channel provides a partial reliable unordered bi-directional
+	// communication.  User messages might not be transmitted or retransmitted
+	// after a specified life-time given in milli- seconds in the Reliability Parameter.
+	// This life-time starts when providing the user message to the protocol stack.
+	ChannelTypePartialReliableTimedUnordered ChannelType = 0x82
+)
+
+func (c ChannelType) String() string {
+	switch c {
+	case ChannelTypeReliable:
+	case ChannelTypeReliableUnordered:
+		return "ReliableUnordered"
+	case ChannelTypePartialReliableRexmit:
+		return "PartialReliableRexmit"
+	case ChannelTypePartialReliableRexmitUnordered:
+		return "PartialReliableRexmitUnordered"
+	case ChannelTypePartialReliableTimed:
+		return "PartialReliableTimed"
+	case ChannelTypePartialReliableTimedUnordered:
+		return "PartialReliableTimedUnordered"
+	}
+	return "Unknown"
+}
+
+// ChannelPriority enums
+const (
+	ChannelPriorityBelowNormal uint16 = 128
+	ChannelPriorityNormal      uint16 = 256
+	ChannelPriorityHigh        uint16 = 512
+	ChannelPriorityExtraHigh   uint16 = 1024
+)
+
+// Marshal returns raw bytes for the given message
+func (c *channelOpen) Marshal() ([]byte, error) {
+	labelLength := len(c.Label)
+	protocolLength := len(c.Protocol)
+
+	totalLen := channelOpenHeaderLength + labelLength + protocolLength
+	raw := make([]byte, totalLen)
+
+	raw[0] = uint8(dataChannelOpen)
+	raw[1] = byte(c.ChannelType)
+	binary.BigEndian.PutUint16(raw[2:], c.Priority)
+	binary.BigEndian.PutUint32(raw[4:], c.ReliabilityParameter)
+	binary.BigEndian.PutUint16(raw[8:], uint16(labelLength))
+	binary.BigEndian.PutUint16(raw[10:], uint16(protocolLength))
+	endLabel := channelOpenHeaderLength + labelLength
+	copy(raw[channelOpenHeaderLength:endLabel], c.Label)
+	copy(raw[endLabel:endLabel+protocolLength], c.Protocol)
+
+	return raw, nil
+}
+
+// Unmarshal populates the struct with the given raw data
+func (c *channelOpen) Unmarshal(raw []byte) error {
+	if len(raw) < channelOpenHeaderLength {
+		return fmt.Errorf("%w expected(%d) actual(%d)", ErrExpectedAndActualLengthMismatch, channelOpenHeaderLength, len(raw))
+	}
+	c.ChannelType = ChannelType(raw[1])
+	c.Priority = binary.BigEndian.Uint16(raw[2:])
+	c.ReliabilityParameter = binary.BigEndian.Uint32(raw[4:])
+
+	labelLength := binary.BigEndian.Uint16(raw[8:])
+	protocolLength := binary.BigEndian.Uint16(raw[10:])
+
+	if expectedLen := channelOpenHeaderLength + int(labelLength) + int(protocolLength); len(raw) != expectedLen {
+		return fmt.Errorf("%w expected(%d) actual(%d)", ErrExpectedAndActualLengthMismatch, expectedLen, len(raw))
+	}
+
+	c.Label = raw[channelOpenHeaderLength : channelOpenHeaderLength+labelLength]
+	c.Protocol = raw[channelOpenHeaderLength+labelLength : channelOpenHeaderLength+labelLength+protocolLength]
+	return nil
+}
+
+func (c channelOpen) String() string {
+	return fmt.Sprintf("Open ChannelType(%s) Priority(%v) ReliabilityParameter(%d) Label(%s) Protocol(%s)", c.ChannelType, c.Priority, c.ReliabilityParameter, string(c.Label), string(c.Protocol))
+}
diff --git a/server/vendor/github.com/pion/datachannel/renovate.json b/server/vendor/github.com/pion/datachannel/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/datachannel/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/.editorconfig b/server/vendor/github.com/pion/dtls/v2/.editorconfig
new file mode 100644
index 0000000..1dca00f
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/.editorconfig
@@ -0,0 +1,23 @@
+# http://editorconfig.org/
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+root = true
+
+[*]
+charset = utf-8
+insert_final_newline = true
+trim_trailing_whitespace = true
+end_of_line = lf
+
+[*.go]
+indent_style = tab
+indent_size = 4
+
+[{*.yml,*.yaml}]
+indent_style = space
+indent_size = 2
+
+# Makefiles always use tabs for indentation
+[Makefile]
+indent_style = tab
diff --git a/server/vendor/github.com/pion/dtls/v2/.gitignore b/server/vendor/github.com/pion/dtls/v2/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/dtls/v2/.golangci.yml b/server/vendor/github.com/pion/dtls/v2/.golangci.yml
new file mode 100644
index 0000000..4e3eddf
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/.golangci.yml
@@ -0,0 +1,137 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests, better to be self contained
+    - path: _test\.go
+      linters:
+        - gocognit
+        - forbidigo
+
+    # Allow complex main function in examples
+    - path: examples
+      text: "of func `main` is high"
+      linters:
+        - gocognit
+    
+    # Allow forbidden identifiers in examples
+    - path: examples
+      linters:
+        - forbidigo
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/dtls/v2/.goreleaser.yml b/server/vendor/github.com/pion/dtls/v2/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/dtls/v2/AUTHORS.txt b/server/vendor/github.com/pion/dtls/v2/AUTHORS.txt
new file mode 100644
index 0000000..e14fae4
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/AUTHORS.txt
@@ -0,0 +1,57 @@
+# Thank you to everyone that made Pion possible. If you are interested in contributing
+# we would love to have you https://github.com/pion/webrtc/wiki/Contributing
+#
+# This file is auto generated, using git to list all individuals contributors.
+# see https://github.com/pion/.goassets/blob/master/scripts/generate-authors.sh for the scripting
+Aleksandr Razumov <ar@gortc.io>
+alvarowolfx <alvarowolfx@gmail.com>
+Arlo Breault <arlolra@gmail.com>
+Atsushi Watanabe <atsushi.w@ieee.org>
+backkem <mail@backkem.me>
+bjdgyc <bjdgyc@163.com>
+boks1971 <raja.gobi@tutanota.com>
+Bragadeesh <bragboy@gmail.com>
+Carson Hoffman <c@rsonhoffman.com>
+Cecylia Bocovich <cohosh@torproject.org>
+Chris Hiszpanski <thinkski@users.noreply.github.com>
+cnderrauber <zengjie9004@gmail.com>
+Daniele Sluijters <daenney@users.noreply.github.com>
+folbrich <frank.olbricht@gmail.com>
+Hayden James <hayden.james@gmail.com>
+Hugo Arregui <hugo.arregui@gmail.com>
+Hugo Arregui <hugo@decentraland.org>
+igolaizola <11333576+igolaizola@users.noreply.github.com>
+Jeffrey Stoke <me@arhat.dev>
+Jeroen de Bruijn <vidavidorra+jdbruijn@gmail.com>
+Jeroen de Bruijn <vidavidorra@gmail.com>
+Jim Wert <jimwert@gmail.com>
+jinleileiking <jinleileiking@gmail.com>
+Jozef Kralik <jojo.lwin@gmail.com>
+Julien Salleyron <julien.salleyron@gmail.com>
+Juliusz Chroboczek <jch@irif.fr>
+Kegan Dougal <kegan@matrix.org>
+Kevin Wang <kevmo314@gmail.com>
+Lander Noterman <lander.noterman@basalte.be>
+Len <len@hpcnt.com>
+Lukas Lihotzki <lukas@lihotzki.de>
+ManuelBk <26275612+ManuelBk@users.noreply.github.com>
+Michael Zabka <zabka.michael@gmail.com>
+Michiel De Backker <mail@backkem.me>
+Rachel Chen <rachel@chens.email>
+Robert Eperjesi <eperjesi@uber.com>
+Ryan Gordon <ryan.gordon@getcruise.com>
+Sam Lancia <sam.lancia@motorolasolutions.com>
+Sean DuBois <duboisea@justin.tv>
+Sean DuBois <seaduboi@amazon.com>
+Sean DuBois <sean@siobud.com>
+Shelikhoo <xiaokangwang@outlook.com>
+Stefan Tatschner <stefan@rumpelsepp.org>
+Steffen Vogel <post@steffenvogel.de>
+Vadim <fffilimonov@yandex.ru>
+Vadim Filimonov <fffilimonov@yandex.ru>
+wmiao <wu.miao@viasat.com>
+ZHENK <chengzhenyang@gmail.com>
+吕海涛 <hi@taoshu.in>
+
+# List of contributors not appearing in Git history
+
diff --git a/server/vendor/github.com/pion/dtls/v2/LICENSE b/server/vendor/github.com/pion/dtls/v2/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/dtls/v2/README.md b/server/vendor/github.com/pion/dtls/v2/README.md
new file mode 100644
index 0000000..0c06595
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/README.md
@@ -0,0 +1,151 @@
+<h1 align="center">
+  <br>
+  Pion DTLS
+  <br>
+</h1>
+<h4 align="center">A Go implementation of DTLS</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-dtls-gray.svg?longCache=true&colorB=brightgreen" alt="Pion DTLS"></a>
+  <a href="https://sourcegraph.com/github.com/pion/dtls"><img src="https://sourcegraph.com/github.com/pion/dtls/-/badge.svg" alt="Sourcegraph Widget"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/dtls/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/dtls/v2"><img src="https://pkg.go.dev/badge/github.com/pion/dtls/v2.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/dtls"><img src="https://codecov.io/gh/pion/dtls/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/dtls/v2"><img src="https://goreportcard.com/badge/github.com/pion/dtls/v2" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+Native [DTLS 1.2][rfc6347] implementation in the Go programming language.
+
+A long term goal is a professional security review, and maybe an inclusion in stdlib.
+
+### RFCs
+#### Implemented
+- **RFC 6347**: [Datagram Transport Layer Security Version 1.2][rfc6347]
+- **RFC 5705**: [Keying Material Exporters for Transport Layer Security (TLS)][rfc5705]
+- **RFC 7627**: [Transport Layer Security (TLS) - Session Hash and Extended Master Secret Extension][rfc7627]
+- **RFC 7301**: [Transport Layer Security (TLS) - Application-Layer Protocol Negotiation Extension][rfc7301]
+
+[rfc5289]: https://tools.ietf.org/html/rfc5289
+[rfc5487]: https://tools.ietf.org/html/rfc5487
+[rfc5489]: https://tools.ietf.org/html/rfc5489
+[rfc5705]: https://tools.ietf.org/html/rfc5705
+[rfc6347]: https://tools.ietf.org/html/rfc6347
+[rfc6655]: https://tools.ietf.org/html/rfc6655
+[rfc7301]: https://tools.ietf.org/html/rfc7301
+[rfc7627]: https://tools.ietf.org/html/rfc7627
+[rfc8422]: https://tools.ietf.org/html/rfc8422
+
+### Goals/Progress
+This will only be targeting DTLS 1.2, and the most modern/common cipher suites.
+We would love contributions that fall under the 'Planned Features' and any bug fixes!
+
+#### Current features
+* DTLS 1.2 Client/Server
+* Key Exchange via ECDHE(curve25519, nistp256, nistp384) and PSK
+* Packet loss and re-ordering is handled during handshaking
+* Key export ([RFC 5705][rfc5705])
+* Serialization and Resumption of sessions
+* Extended Master Secret extension ([RFC 7627][rfc7627])
+* ALPN extension ([RFC 7301][rfc7301])
+
+#### Supported ciphers
+
+##### ECDHE
+
+* TLS_ECDHE_ECDSA_WITH_AES_128_CCM ([RFC 6655][rfc6655])
+* TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 ([RFC 6655][rfc6655])
+* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ([RFC 5289][rfc5289])
+* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ([RFC 5289][rfc5289])
+* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ([RFC 5289][rfc5289])
+* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ([RFC 5289][rfc5289])
+* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ([RFC 8422][rfc8422])
+* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ([RFC 8422][rfc8422])
+
+##### PSK
+
+* TLS_PSK_WITH_AES_128_CCM ([RFC 6655][rfc6655])
+* TLS_PSK_WITH_AES_128_CCM_8 ([RFC 6655][rfc6655])
+* TLS_PSK_WITH_AES_256_CCM_8 ([RFC 6655][rfc6655])
+* TLS_PSK_WITH_AES_128_GCM_SHA256 ([RFC 5487][rfc5487])
+* TLS_PSK_WITH_AES_128_CBC_SHA256 ([RFC 5487][rfc5487])
+
+##### ECDHE & PSK
+
+* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 ([RFC 5489][rfc5489])
+
+#### Planned Features
+* Chacha20Poly1305
+
+#### Excluded Features
+* DTLS 1.0
+* Renegotiation
+* Compression
+
+### Using
+
+This library needs at least Go 1.13, and you should have [Go modules
+enabled](https://github.com/golang/go/wiki/Modules).
+
+#### Pion DTLS
+For a DTLS 1.2 Server that listens on 127.0.0.1:4444
+```sh
+go run examples/listen/selfsign/main.go
+```
+
+For a DTLS 1.2 Client that connects to 127.0.0.1:4444
+```sh
+go run examples/dial/selfsign/main.go
+```
+
+#### OpenSSL
+Pion DTLS can connect to itself and OpenSSL.
+```
+  // Generate a certificate
+  openssl ecparam -out key.pem -name prime256v1 -genkey
+  openssl req -new -sha256 -key key.pem -out server.csr
+  openssl x509 -req -sha256 -days 365 -in server.csr -signkey key.pem -out cert.pem
+
+  // Use with examples/dial/selfsign/main.go
+  openssl s_server -dtls1_2 -cert cert.pem -key key.pem -accept 4444
+
+  // Use with examples/listen/selfsign/main.go
+  openssl s_client -dtls1_2 -connect 127.0.0.1:4444 -debug -cert cert.pem -key key.pem
+```
+
+### Using with PSK
+Pion DTLS also comes with examples that do key exchange via PSK
+
+#### Pion DTLS
+```sh
+go run examples/listen/psk/main.go
+```
+
+```sh
+go run examples/dial/psk/main.go
+```
+
+#### OpenSSL
+```
+  // Use with examples/dial/psk/main.go
+  openssl s_server -dtls1_2 -accept 4444 -nocert -psk abc123 -cipher PSK-AES128-CCM8
+
+  // Use with examples/listen/psk/main.go
+  openssl s_client -dtls1_2 -connect 127.0.0.1:4444 -psk abc123 -cipher PSK-AES128-CCM8
+```
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible: [AUTHORS.txt](./AUTHORS.txt)
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/dtls/v2/certificate.go b/server/vendor/github.com/pion/dtls/v2/certificate.go
new file mode 100644
index 0000000..519fc87
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/certificate.go
@@ -0,0 +1,157 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"bytes"
+	"crypto/tls"
+	"crypto/x509"
+	"fmt"
+	"strings"
+)
+
+// ClientHelloInfo contains information from a ClientHello message in order to
+// guide application logic in the GetCertificate.
+type ClientHelloInfo struct {
+	// ServerName indicates the name of the server requested by the client
+	// in order to support virtual hosting. ServerName is only set if the
+	// client is using SNI (see RFC 4366, Section 3.1).
+	ServerName string
+
+	// CipherSuites lists the CipherSuites supported by the client (e.g.
+	// TLS_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256).
+	CipherSuites []CipherSuiteID
+}
+
+// CertificateRequestInfo contains information from a server's
+// CertificateRequest message, which is used to demand a certificate and proof
+// of control from a client.
+type CertificateRequestInfo struct {
+	// AcceptableCAs contains zero or more, DER-encoded, X.501
+	// Distinguished Names. These are the names of root or intermediate CAs
+	// that the server wishes the returned certificate to be signed by. An
+	// empty slice indicates that the server has no preference.
+	AcceptableCAs [][]byte
+}
+
+// SupportsCertificate returns nil if the provided certificate is supported by
+// the server that sent the CertificateRequest. Otherwise, it returns an error
+// describing the reason for the incompatibility.
+// NOTE: original src: https://github.com/golang/go/blob/29b9a328d268d53833d2cc063d1d8b4bf6852675/src/crypto/tls/common.go#L1273
+func (cri *CertificateRequestInfo) SupportsCertificate(c *tls.Certificate) error {
+	if len(cri.AcceptableCAs) == 0 {
+		return nil
+	}
+
+	for j, cert := range c.Certificate {
+		x509Cert := c.Leaf
+		// Parse the certificate if this isn't the leaf node, or if
+		// chain.Leaf was nil.
+		if j != 0 || x509Cert == nil {
+			var err error
+			if x509Cert, err = x509.ParseCertificate(cert); err != nil {
+				return fmt.Errorf("failed to parse certificate #%d in the chain: %w", j, err)
+			}
+		}
+
+		for _, ca := range cri.AcceptableCAs {
+			if bytes.Equal(x509Cert.RawIssuer, ca) {
+				return nil
+			}
+		}
+	}
+	return errNotAcceptableCertificateChain
+}
+
+func (c *handshakeConfig) setNameToCertificateLocked() {
+	nameToCertificate := make(map[string]*tls.Certificate)
+	for i := range c.localCertificates {
+		cert := &c.localCertificates[i]
+		x509Cert := cert.Leaf
+		if x509Cert == nil {
+			var parseErr error
+			x509Cert, parseErr = x509.ParseCertificate(cert.Certificate[0])
+			if parseErr != nil {
+				continue
+			}
+		}
+		if len(x509Cert.Subject.CommonName) > 0 {
+			nameToCertificate[strings.ToLower(x509Cert.Subject.CommonName)] = cert
+		}
+		for _, san := range x509Cert.DNSNames {
+			nameToCertificate[strings.ToLower(san)] = cert
+		}
+	}
+	c.nameToCertificate = nameToCertificate
+}
+
+func (c *handshakeConfig) getCertificate(clientHelloInfo *ClientHelloInfo) (*tls.Certificate, error) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if c.localGetCertificate != nil &&
+		(len(c.localCertificates) == 0 || len(clientHelloInfo.ServerName) > 0) {
+		cert, err := c.localGetCertificate(clientHelloInfo)
+		if cert != nil || err != nil {
+			return cert, err
+		}
+	}
+
+	if c.nameToCertificate == nil {
+		c.setNameToCertificateLocked()
+	}
+
+	if len(c.localCertificates) == 0 {
+		return nil, errNoCertificates
+	}
+
+	if len(c.localCertificates) == 1 {
+		// There's only one choice, so no point doing any work.
+		return &c.localCertificates[0], nil
+	}
+
+	if len(clientHelloInfo.ServerName) == 0 {
+		return &c.localCertificates[0], nil
+	}
+
+	name := strings.TrimRight(strings.ToLower(clientHelloInfo.ServerName), ".")
+
+	if cert, ok := c.nameToCertificate[name]; ok {
+		return cert, nil
+	}
+
+	// try replacing labels in the name with wildcards until we get a
+	// match.
+	labels := strings.Split(name, ".")
+	for i := range labels {
+		labels[i] = "*"
+		candidate := strings.Join(labels, ".")
+		if cert, ok := c.nameToCertificate[candidate]; ok {
+			return cert, nil
+		}
+	}
+
+	// If nothing matches, return the first certificate.
+	return &c.localCertificates[0], nil
+}
+
+// NOTE: original src: https://github.com/golang/go/blob/29b9a328d268d53833d2cc063d1d8b4bf6852675/src/crypto/tls/handshake_client.go#L974
+func (c *handshakeConfig) getClientCertificate(cri *CertificateRequestInfo) (*tls.Certificate, error) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	if c.localGetClientCertificate != nil {
+		return c.localGetClientCertificate(cri)
+	}
+
+	for i := range c.localCertificates {
+		chain := c.localCertificates[i]
+		if err := cri.SupportsCertificate(&chain); err != nil {
+			continue
+		}
+		return &chain, nil
+	}
+
+	// No acceptable certificate found. Don't send a certificate.
+	return new(tls.Certificate), nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/cipher_suite.go b/server/vendor/github.com/pion/dtls/v2/cipher_suite.go
new file mode 100644
index 0000000..7a5bb4a
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/cipher_suite.go
@@ -0,0 +1,276 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"crypto/ecdsa"
+	"crypto/ed25519"
+	"crypto/rsa"
+	"crypto/tls"
+	"fmt"
+	"hash"
+
+	"github.com/pion/dtls/v2/internal/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// CipherSuiteID is an ID for our supported CipherSuites
+type CipherSuiteID = ciphersuite.ID
+
+// Supported Cipher Suites
+const (
+	// AES-128-CCM
+	TLS_ECDHE_ECDSA_WITH_AES_128_CCM   CipherSuiteID = ciphersuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM   //nolint:revive,stylecheck
+	TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 CipherSuiteID = ciphersuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 //nolint:revive,stylecheck
+
+	// AES-128-GCM-SHA256
+	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 CipherSuiteID = ciphersuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 //nolint:revive,stylecheck
+	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   CipherSuiteID = ciphersuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   //nolint:revive,stylecheck
+
+	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 CipherSuiteID = ciphersuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 //nolint:revive,stylecheck
+	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   CipherSuiteID = ciphersuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   //nolint:revive,stylecheck
+
+	// AES-256-CBC-SHA
+	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA CipherSuiteID = ciphersuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA //nolint:revive,stylecheck
+	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   CipherSuiteID = ciphersuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   //nolint:revive,stylecheck
+
+	TLS_PSK_WITH_AES_128_CCM        CipherSuiteID = ciphersuite.TLS_PSK_WITH_AES_128_CCM        //nolint:revive,stylecheck
+	TLS_PSK_WITH_AES_128_CCM_8      CipherSuiteID = ciphersuite.TLS_PSK_WITH_AES_128_CCM_8      //nolint:revive,stylecheck
+	TLS_PSK_WITH_AES_256_CCM_8      CipherSuiteID = ciphersuite.TLS_PSK_WITH_AES_256_CCM_8      //nolint:revive,stylecheck
+	TLS_PSK_WITH_AES_128_GCM_SHA256 CipherSuiteID = ciphersuite.TLS_PSK_WITH_AES_128_GCM_SHA256 //nolint:revive,stylecheck
+	TLS_PSK_WITH_AES_128_CBC_SHA256 CipherSuiteID = ciphersuite.TLS_PSK_WITH_AES_128_CBC_SHA256 //nolint:revive,stylecheck
+
+	TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 CipherSuiteID = ciphersuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 //nolint:revive,stylecheck
+)
+
+// CipherSuiteAuthenticationType controls what authentication method is using during the handshake for a CipherSuite
+type CipherSuiteAuthenticationType = ciphersuite.AuthenticationType
+
+// AuthenticationType Enums
+const (
+	CipherSuiteAuthenticationTypeCertificate  CipherSuiteAuthenticationType = ciphersuite.AuthenticationTypeCertificate
+	CipherSuiteAuthenticationTypePreSharedKey CipherSuiteAuthenticationType = ciphersuite.AuthenticationTypePreSharedKey
+	CipherSuiteAuthenticationTypeAnonymous    CipherSuiteAuthenticationType = ciphersuite.AuthenticationTypeAnonymous
+)
+
+// CipherSuiteKeyExchangeAlgorithm controls what exchange algorithm is using during the handshake for a CipherSuite
+type CipherSuiteKeyExchangeAlgorithm = ciphersuite.KeyExchangeAlgorithm
+
+// CipherSuiteKeyExchangeAlgorithm Bitmask
+const (
+	CipherSuiteKeyExchangeAlgorithmNone  CipherSuiteKeyExchangeAlgorithm = ciphersuite.KeyExchangeAlgorithmNone
+	CipherSuiteKeyExchangeAlgorithmPsk   CipherSuiteKeyExchangeAlgorithm = ciphersuite.KeyExchangeAlgorithmPsk
+	CipherSuiteKeyExchangeAlgorithmEcdhe CipherSuiteKeyExchangeAlgorithm = ciphersuite.KeyExchangeAlgorithmEcdhe
+)
+
+var _ = allCipherSuites() // Necessary until this function isn't only used by Go 1.14
+
+// CipherSuite is an interface that all DTLS CipherSuites must satisfy
+type CipherSuite interface {
+	// String of CipherSuite, only used for logging
+	String() string
+
+	// ID of CipherSuite.
+	ID() CipherSuiteID
+
+	// What type of Certificate does this CipherSuite use
+	CertificateType() clientcertificate.Type
+
+	// What Hash function is used during verification
+	HashFunc() func() hash.Hash
+
+	// AuthenticationType controls what authentication method is using during the handshake
+	AuthenticationType() CipherSuiteAuthenticationType
+
+	// KeyExchangeAlgorithm controls what exchange algorithm is using during the handshake
+	KeyExchangeAlgorithm() CipherSuiteKeyExchangeAlgorithm
+
+	// ECC (Elliptic Curve Cryptography) determines whether ECC extesions will be send during handshake.
+	// https://datatracker.ietf.org/doc/html/rfc4492#page-10
+	ECC() bool
+
+	// Called when keying material has been generated, should initialize the internal cipher
+	Init(masterSecret, clientRandom, serverRandom []byte, isClient bool) error
+	IsInitialized() bool
+	Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error)
+	Decrypt(in []byte) ([]byte, error)
+}
+
+// CipherSuiteName provides the same functionality as tls.CipherSuiteName
+// that appeared first in Go 1.14.
+//
+// Our implementation differs slightly in that it takes in a CiperSuiteID,
+// like the rest of our library, instead of a uint16 like crypto/tls.
+func CipherSuiteName(id CipherSuiteID) string {
+	suite := cipherSuiteForID(id, nil)
+	if suite != nil {
+		return suite.String()
+	}
+	return fmt.Sprintf("0x%04X", uint16(id))
+}
+
+// Taken from https://www.iana.org/assignments/tls-parameters/tls-parameters.xml
+// A cipherSuite is a specific combination of key agreement, cipher and MAC
+// function.
+func cipherSuiteForID(id CipherSuiteID, customCiphers func() []CipherSuite) CipherSuite {
+	switch id { //nolint:exhaustive
+	case TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
+		return ciphersuite.NewTLSEcdheEcdsaWithAes128Ccm()
+	case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+		return ciphersuite.NewTLSEcdheEcdsaWithAes128Ccm8()
+	case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+		return &ciphersuite.TLSEcdheEcdsaWithAes128GcmSha256{}
+	case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+		return &ciphersuite.TLSEcdheRsaWithAes128GcmSha256{}
+	case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+		return &ciphersuite.TLSEcdheEcdsaWithAes256CbcSha{}
+	case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+		return &ciphersuite.TLSEcdheRsaWithAes256CbcSha{}
+	case TLS_PSK_WITH_AES_128_CCM:
+		return ciphersuite.NewTLSPskWithAes128Ccm()
+	case TLS_PSK_WITH_AES_128_CCM_8:
+		return ciphersuite.NewTLSPskWithAes128Ccm8()
+	case TLS_PSK_WITH_AES_256_CCM_8:
+		return ciphersuite.NewTLSPskWithAes256Ccm8()
+	case TLS_PSK_WITH_AES_128_GCM_SHA256:
+		return &ciphersuite.TLSPskWithAes128GcmSha256{}
+	case TLS_PSK_WITH_AES_128_CBC_SHA256:
+		return &ciphersuite.TLSPskWithAes128CbcSha256{}
+	case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+		return &ciphersuite.TLSEcdheEcdsaWithAes256GcmSha384{}
+	case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+		return &ciphersuite.TLSEcdheRsaWithAes256GcmSha384{}
+	case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
+		return ciphersuite.NewTLSEcdhePskWithAes128CbcSha256()
+	}
+
+	if customCiphers != nil {
+		for _, c := range customCiphers() {
+			if c.ID() == id {
+				return c
+			}
+		}
+	}
+
+	return nil
+}
+
+// CipherSuites we support in order of preference
+func defaultCipherSuites() []CipherSuite {
+	return []CipherSuite{
+		&ciphersuite.TLSEcdheEcdsaWithAes128GcmSha256{},
+		&ciphersuite.TLSEcdheRsaWithAes128GcmSha256{},
+		&ciphersuite.TLSEcdheEcdsaWithAes256CbcSha{},
+		&ciphersuite.TLSEcdheRsaWithAes256CbcSha{},
+		&ciphersuite.TLSEcdheEcdsaWithAes256GcmSha384{},
+		&ciphersuite.TLSEcdheRsaWithAes256GcmSha384{},
+	}
+}
+
+func allCipherSuites() []CipherSuite {
+	return []CipherSuite{
+		ciphersuite.NewTLSEcdheEcdsaWithAes128Ccm(),
+		ciphersuite.NewTLSEcdheEcdsaWithAes128Ccm8(),
+		&ciphersuite.TLSEcdheEcdsaWithAes128GcmSha256{},
+		&ciphersuite.TLSEcdheRsaWithAes128GcmSha256{},
+		&ciphersuite.TLSEcdheEcdsaWithAes256CbcSha{},
+		&ciphersuite.TLSEcdheRsaWithAes256CbcSha{},
+		ciphersuite.NewTLSPskWithAes128Ccm(),
+		ciphersuite.NewTLSPskWithAes128Ccm8(),
+		ciphersuite.NewTLSPskWithAes256Ccm8(),
+		&ciphersuite.TLSPskWithAes128GcmSha256{},
+		&ciphersuite.TLSEcdheEcdsaWithAes256GcmSha384{},
+		&ciphersuite.TLSEcdheRsaWithAes256GcmSha384{},
+	}
+}
+
+func cipherSuiteIDs(cipherSuites []CipherSuite) []uint16 {
+	rtrn := []uint16{}
+	for _, c := range cipherSuites {
+		rtrn = append(rtrn, uint16(c.ID()))
+	}
+	return rtrn
+}
+
+func parseCipherSuites(userSelectedSuites []CipherSuiteID, customCipherSuites func() []CipherSuite, includeCertificateSuites, includePSKSuites bool) ([]CipherSuite, error) {
+	cipherSuitesForIDs := func(ids []CipherSuiteID) ([]CipherSuite, error) {
+		cipherSuites := []CipherSuite{}
+		for _, id := range ids {
+			c := cipherSuiteForID(id, nil)
+			if c == nil {
+				return nil, &invalidCipherSuiteError{id}
+			}
+			cipherSuites = append(cipherSuites, c)
+		}
+		return cipherSuites, nil
+	}
+
+	var (
+		cipherSuites []CipherSuite
+		err          error
+		i            int
+	)
+	if userSelectedSuites != nil {
+		cipherSuites, err = cipherSuitesForIDs(userSelectedSuites)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		cipherSuites = defaultCipherSuites()
+	}
+
+	// Put CustomCipherSuites before ID selected suites
+	if customCipherSuites != nil {
+		cipherSuites = append(customCipherSuites(), cipherSuites...)
+	}
+
+	var foundCertificateSuite, foundPSKSuite, foundAnonymousSuite bool
+	for _, c := range cipherSuites {
+		switch {
+		case includeCertificateSuites && c.AuthenticationType() == CipherSuiteAuthenticationTypeCertificate:
+			foundCertificateSuite = true
+		case includePSKSuites && c.AuthenticationType() == CipherSuiteAuthenticationTypePreSharedKey:
+			foundPSKSuite = true
+		case c.AuthenticationType() == CipherSuiteAuthenticationTypeAnonymous:
+			foundAnonymousSuite = true
+		default:
+			continue
+		}
+		cipherSuites[i] = c
+		i++
+	}
+
+	switch {
+	case includeCertificateSuites && !foundCertificateSuite && !foundAnonymousSuite:
+		return nil, errNoAvailableCertificateCipherSuite
+	case includePSKSuites && !foundPSKSuite:
+		return nil, errNoAvailablePSKCipherSuite
+	case i == 0:
+		return nil, errNoAvailableCipherSuites
+	}
+
+	return cipherSuites[:i], nil
+}
+
+func filterCipherSuitesForCertificate(cert *tls.Certificate, cipherSuites []CipherSuite) []CipherSuite {
+	if cert == nil || cert.PrivateKey == nil {
+		return cipherSuites
+	}
+	var certType clientcertificate.Type
+	switch cert.PrivateKey.(type) {
+	case ed25519.PrivateKey, *ecdsa.PrivateKey:
+		certType = clientcertificate.ECDSASign
+	case *rsa.PrivateKey:
+		certType = clientcertificate.RSASign
+	}
+
+	filtered := []CipherSuite{}
+	for _, c := range cipherSuites {
+		if c.AuthenticationType() != CipherSuiteAuthenticationTypeCertificate || certType == c.CertificateType() {
+			filtered = append(filtered, c)
+		}
+	}
+	return filtered
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/cipher_suite_go114.go b/server/vendor/github.com/pion/dtls/v2/cipher_suite_go114.go
new file mode 100644
index 0000000..fd46d7b
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/cipher_suite_go114.go
@@ -0,0 +1,44 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build go1.14
+// +build go1.14
+
+package dtls
+
+import (
+	"crypto/tls"
+)
+
+// VersionDTLS12 is the DTLS version in the same style as
+// VersionTLSXX from crypto/tls
+const VersionDTLS12 = 0xfefd
+
+// Convert from our cipherSuite interface to a tls.CipherSuite struct
+func toTLSCipherSuite(c CipherSuite) *tls.CipherSuite {
+	return &tls.CipherSuite{
+		ID:                uint16(c.ID()),
+		Name:              c.String(),
+		SupportedVersions: []uint16{VersionDTLS12},
+		Insecure:          false,
+	}
+}
+
+// CipherSuites returns a list of cipher suites currently implemented by this
+// package, excluding those with security issues, which are returned by
+// InsecureCipherSuites.
+func CipherSuites() []*tls.CipherSuite {
+	suites := allCipherSuites()
+	res := make([]*tls.CipherSuite, len(suites))
+	for i, c := range suites {
+		res[i] = toTLSCipherSuite(c)
+	}
+	return res
+}
+
+// InsecureCipherSuites returns a list of cipher suites currently implemented by
+// this package and which have security issues.
+func InsecureCipherSuites() []*tls.CipherSuite {
+	var res []*tls.CipherSuite
+	return res
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/codecov.yml b/server/vendor/github.com/pion/dtls/v2/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/dtls/v2/compression_method.go b/server/vendor/github.com/pion/dtls/v2/compression_method.go
new file mode 100644
index 0000000..7e44de0
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/compression_method.go
@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import "github.com/pion/dtls/v2/pkg/protocol"
+
+func defaultCompressionMethods() []*protocol.CompressionMethod {
+	return []*protocol.CompressionMethod{
+		{},
+	}
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/config.go b/server/vendor/github.com/pion/dtls/v2/config.go
new file mode 100644
index 0000000..fbc3ee2
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/config.go
@@ -0,0 +1,253 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+	"crypto/ecdsa"
+	"crypto/ed25519"
+	"crypto/rsa"
+	"crypto/tls"
+	"crypto/x509"
+	"io"
+	"time"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/logging"
+)
+
+const keyLogLabelTLS12 = "CLIENT_RANDOM"
+
+// Config is used to configure a DTLS client or server.
+// After a Config is passed to a DTLS function it must not be modified.
+type Config struct {
+	// Certificates contains certificate chain to present to the other side of the connection.
+	// Server MUST set this if PSK is non-nil
+	// client SHOULD sets this so CertificateRequests can be handled if PSK is non-nil
+	Certificates []tls.Certificate
+
+	// CipherSuites is a list of supported cipher suites.
+	// If CipherSuites is nil, a default list is used
+	CipherSuites []CipherSuiteID
+
+	// CustomCipherSuites is a list of CipherSuites that can be
+	// provided by the user. This allow users to user Ciphers that are reserved
+	// for private usage.
+	CustomCipherSuites func() []CipherSuite
+
+	// SignatureSchemes contains the signature and hash schemes that the peer requests to verify.
+	SignatureSchemes []tls.SignatureScheme
+
+	// SRTPProtectionProfiles are the supported protection profiles
+	// Clients will send this via use_srtp and assert that the server properly responds
+	// Servers will assert that clients send one of these profiles and will respond as needed
+	SRTPProtectionProfiles []SRTPProtectionProfile
+
+	// ClientAuth determines the server's policy for
+	// TLS Client Authentication. The default is NoClientCert.
+	ClientAuth ClientAuthType
+
+	// RequireExtendedMasterSecret determines if the "Extended Master Secret" extension
+	// should be disabled, requested, or required (default requested).
+	ExtendedMasterSecret ExtendedMasterSecretType
+
+	// FlightInterval controls how often we send outbound handshake messages
+	// defaults to time.Second
+	FlightInterval time.Duration
+
+	// PSK sets the pre-shared key used by this DTLS connection
+	// If PSK is non-nil only PSK CipherSuites will be used
+	PSK             PSKCallback
+	PSKIdentityHint []byte
+
+	// InsecureSkipVerify controls whether a client verifies the
+	// server's certificate chain and host name.
+	// If InsecureSkipVerify is true, TLS accepts any certificate
+	// presented by the server and any host name in that certificate.
+	// In this mode, TLS is susceptible to man-in-the-middle attacks.
+	// This should be used only for testing.
+	InsecureSkipVerify bool
+
+	// InsecureHashes allows the use of hashing algorithms that are known
+	// to be vulnerable.
+	InsecureHashes bool
+
+	// VerifyPeerCertificate, if not nil, is called after normal
+	// certificate verification by either a client or server. It
+	// receives the certificate provided by the peer and also a flag
+	// that tells if normal verification has succeedded. If it returns a
+	// non-nil error, the handshake is aborted and that error results.
+	//
+	// If normal verification fails then the handshake will abort before
+	// considering this callback. If normal verification is disabled by
+	// setting InsecureSkipVerify, or (for a server) when ClientAuth is
+	// RequestClientCert or RequireAnyClientCert, then this callback will
+	// be considered but the verifiedChains will always be nil.
+	VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
+
+	// VerifyConnection, if not nil, is called after normal certificate
+	// verification/PSK and after VerifyPeerCertificate by either a TLS client
+	// or server. If it returns a non-nil error, the handshake is aborted
+	// and that error results.
+	//
+	// If normal verification fails then the handshake will abort before
+	// considering this callback. This callback will run for all connections
+	// regardless of InsecureSkipVerify or ClientAuth settings.
+	VerifyConnection func(*State) error
+
+	// RootCAs defines the set of root certificate authorities
+	// that one peer uses when verifying the other peer's certificates.
+	// If RootCAs is nil, TLS uses the host's root CA set.
+	RootCAs *x509.CertPool
+
+	// ClientCAs defines the set of root certificate authorities
+	// that servers use if required to verify a client certificate
+	// by the policy in ClientAuth.
+	ClientCAs *x509.CertPool
+
+	// ServerName is used to verify the hostname on the returned
+	// certificates unless InsecureSkipVerify is given.
+	ServerName string
+
+	LoggerFactory logging.LoggerFactory
+
+	// ConnectContextMaker is a function to make a context used in Dial(),
+	// Client(), Server(), and Accept(). If nil, the default ConnectContextMaker
+	// is used. It can be implemented as following.
+	//
+	// 	func ConnectContextMaker() (context.Context, func()) {
+	// 		return context.WithTimeout(context.Background(), 30*time.Second)
+	// 	}
+	ConnectContextMaker func() (context.Context, func())
+
+	// MTU is the length at which handshake messages will be fragmented to
+	// fit within the maximum transmission unit (default is 1200 bytes)
+	MTU int
+
+	// ReplayProtectionWindow is the size of the replay attack protection window.
+	// Duplication of the sequence number is checked in this window size.
+	// Packet with sequence number older than this value compared to the latest
+	// accepted packet will be discarded. (default is 64)
+	ReplayProtectionWindow int
+
+	// KeyLogWriter optionally specifies a destination for TLS master secrets
+	// in NSS key log format that can be used to allow external programs
+	// such as Wireshark to decrypt TLS connections.
+	// See https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format.
+	// Use of KeyLogWriter compromises security and should only be
+	// used for debugging.
+	KeyLogWriter io.Writer
+
+	// SessionStore is the container to store session for resumption.
+	SessionStore SessionStore
+
+	// List of application protocols the peer supports, for ALPN
+	SupportedProtocols []string
+
+	// List of Elliptic Curves to use
+	//
+	// If an ECC ciphersuite is configured and EllipticCurves is empty
+	// it will default to X25519, P-256, P-384 in this specific order.
+	EllipticCurves []elliptic.Curve
+
+	// GetCertificate returns a Certificate based on the given
+	// ClientHelloInfo. It will only be called if the client supplies SNI
+	// information or if Certificates is empty.
+	//
+	// If GetCertificate is nil or returns nil, then the certificate is
+	// retrieved from NameToCertificate. If NameToCertificate is nil, the
+	// best element of Certificates will be used.
+	GetCertificate func(*ClientHelloInfo) (*tls.Certificate, error)
+
+	// GetClientCertificate, if not nil, is called when a server requests a
+	// certificate from a client. If set, the contents of Certificates will
+	// be ignored.
+	//
+	// If GetClientCertificate returns an error, the handshake will be
+	// aborted and that error will be returned. Otherwise
+	// GetClientCertificate must return a non-nil Certificate. If
+	// Certificate.Certificate is empty then no certificate will be sent to
+	// the server. If this is unacceptable to the server then it may abort
+	// the handshake.
+	GetClientCertificate func(*CertificateRequestInfo) (*tls.Certificate, error)
+
+	// InsecureSkipVerifyHello, if true and when acting as server, allow client to
+	// skip hello verify phase and receive ServerHello after initial ClientHello.
+	// This have implication on DoS attack resistance.
+	InsecureSkipVerifyHello bool
+}
+
+func defaultConnectContextMaker() (context.Context, func()) {
+	return context.WithTimeout(context.Background(), 30*time.Second)
+}
+
+func (c *Config) connectContextMaker() (context.Context, func()) {
+	if c.ConnectContextMaker == nil {
+		return defaultConnectContextMaker()
+	}
+	return c.ConnectContextMaker()
+}
+
+func (c *Config) includeCertificateSuites() bool {
+	return c.PSK == nil || len(c.Certificates) > 0 || c.GetCertificate != nil || c.GetClientCertificate != nil
+}
+
+const defaultMTU = 1200 // bytes
+
+var defaultCurves = []elliptic.Curve{elliptic.X25519, elliptic.P256, elliptic.P384} //nolint:gochecknoglobals
+
+// PSKCallback is called once we have the remote's PSKIdentityHint.
+// If the remote provided none it will be nil
+type PSKCallback func([]byte) ([]byte, error)
+
+// ClientAuthType declares the policy the server will follow for
+// TLS Client Authentication.
+type ClientAuthType int
+
+// ClientAuthType enums
+const (
+	NoClientCert ClientAuthType = iota
+	RequestClientCert
+	RequireAnyClientCert
+	VerifyClientCertIfGiven
+	RequireAndVerifyClientCert
+)
+
+// ExtendedMasterSecretType declares the policy the client and server
+// will follow for the Extended Master Secret extension
+type ExtendedMasterSecretType int
+
+// ExtendedMasterSecretType enums
+const (
+	RequestExtendedMasterSecret ExtendedMasterSecretType = iota
+	RequireExtendedMasterSecret
+	DisableExtendedMasterSecret
+)
+
+func validateConfig(config *Config) error {
+	switch {
+	case config == nil:
+		return errNoConfigProvided
+	case config.PSKIdentityHint != nil && config.PSK == nil:
+		return errIdentityNoPSK
+	}
+
+	for _, cert := range config.Certificates {
+		if cert.Certificate == nil {
+			return errInvalidCertificate
+		}
+		if cert.PrivateKey != nil {
+			switch cert.PrivateKey.(type) {
+			case ed25519.PrivateKey:
+			case *ecdsa.PrivateKey:
+			case *rsa.PrivateKey:
+			default:
+				return errInvalidPrivateKey
+			}
+		}
+	}
+
+	_, err := parseCipherSuites(config.CipherSuites, config.CustomCipherSuites, config.includeCertificateSuites(), config.PSK != nil)
+	return err
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/conn.go b/server/vendor/github.com/pion/dtls/v2/conn.go
new file mode 100644
index 0000000..ccea999
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/conn.go
@@ -0,0 +1,1057 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/dtls/v2/internal/closer"
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/crypto/signaturehash"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2/connctx"
+	"github.com/pion/transport/v2/deadline"
+	"github.com/pion/transport/v2/replaydetector"
+)
+
+const (
+	initialTickerInterval = time.Second
+	cookieLength          = 20
+	sessionLength         = 32
+	defaultNamedCurve     = elliptic.X25519
+	inboundBufferSize     = 8192
+	// Default replay protection window is specified by RFC 6347 Section 4.1.2.6
+	defaultReplayProtectionWindow = 64
+	// maxAppDataPacketQueueSize is the maximum number of app data packets we will
+	// enqueue before the handshake is completed
+	maxAppDataPacketQueueSize = 100
+)
+
+func invalidKeyingLabels() map[string]bool {
+	return map[string]bool{
+		"client finished": true,
+		"server finished": true,
+		"master secret":   true,
+		"key expansion":   true,
+	}
+}
+
+// Conn represents a DTLS connection
+type Conn struct {
+	lock           sync.RWMutex     // Internal lock (must not be public)
+	nextConn       connctx.ConnCtx  // Embedded Conn, typically a udpconn we read/write from
+	fragmentBuffer *fragmentBuffer  // out-of-order and missing fragment handling
+	handshakeCache *handshakeCache  // caching of handshake messages for verifyData generation
+	decrypted      chan interface{} // Decrypted Application Data or error, pull by calling `Read`
+
+	state State // Internal state
+
+	maximumTransmissionUnit int
+
+	handshakeCompletedSuccessfully atomic.Value
+
+	encryptedPackets [][]byte
+
+	connectionClosedByUser bool
+	closeLock              sync.Mutex
+	closed                 *closer.Closer
+	handshakeLoopsFinished sync.WaitGroup
+
+	readDeadline  *deadline.Deadline
+	writeDeadline *deadline.Deadline
+
+	log logging.LeveledLogger
+
+	reading               chan struct{}
+	handshakeRecv         chan chan struct{}
+	cancelHandshaker      func()
+	cancelHandshakeReader func()
+
+	fsm *handshakeFSM
+
+	replayProtectionWindow uint
+}
+
+func createConn(nextConn net.Conn, config *Config, isClient bool) (*Conn, error) {
+	err := validateConfig(config)
+	if err != nil {
+		return nil, err
+	}
+
+	if nextConn == nil {
+		return nil, errNilNextConn
+	}
+
+	loggerFactory := config.LoggerFactory
+	if loggerFactory == nil {
+		loggerFactory = logging.NewDefaultLoggerFactory()
+	}
+
+	logger := loggerFactory.NewLogger("dtls")
+
+	mtu := config.MTU
+	if mtu <= 0 {
+		mtu = defaultMTU
+	}
+
+	replayProtectionWindow := config.ReplayProtectionWindow
+	if replayProtectionWindow <= 0 {
+		replayProtectionWindow = defaultReplayProtectionWindow
+	}
+
+	c := &Conn{
+		nextConn:                connctx.New(nextConn),
+		fragmentBuffer:          newFragmentBuffer(),
+		handshakeCache:          newHandshakeCache(),
+		maximumTransmissionUnit: mtu,
+
+		decrypted: make(chan interface{}, 1),
+		log:       logger,
+
+		readDeadline:  deadline.New(),
+		writeDeadline: deadline.New(),
+
+		reading:          make(chan struct{}, 1),
+		handshakeRecv:    make(chan chan struct{}),
+		closed:           closer.NewCloser(),
+		cancelHandshaker: func() {},
+
+		replayProtectionWindow: uint(replayProtectionWindow),
+
+		state: State{
+			isClient: isClient,
+		},
+	}
+
+	c.setRemoteEpoch(0)
+	c.setLocalEpoch(0)
+	return c, nil
+}
+
+func handshakeConn(ctx context.Context, conn *Conn, config *Config, isClient bool, initialState *State) (*Conn, error) {
+	if conn == nil {
+		return nil, errNilNextConn
+	}
+
+	cipherSuites, err := parseCipherSuites(config.CipherSuites, config.CustomCipherSuites, config.includeCertificateSuites(), config.PSK != nil)
+	if err != nil {
+		return nil, err
+	}
+
+	signatureSchemes, err := signaturehash.ParseSignatureSchemes(config.SignatureSchemes, config.InsecureHashes)
+	if err != nil {
+		return nil, err
+	}
+
+	workerInterval := initialTickerInterval
+	if config.FlightInterval != 0 {
+		workerInterval = config.FlightInterval
+	}
+
+	serverName := config.ServerName
+	// Do not allow the use of an IP address literal as an SNI value.
+	// See RFC 6066, Section 3.
+	if net.ParseIP(serverName) != nil {
+		serverName = ""
+	}
+
+	curves := config.EllipticCurves
+	if len(curves) == 0 {
+		curves = defaultCurves
+	}
+
+	hsCfg := &handshakeConfig{
+		localPSKCallback:            config.PSK,
+		localPSKIdentityHint:        config.PSKIdentityHint,
+		localCipherSuites:           cipherSuites,
+		localSignatureSchemes:       signatureSchemes,
+		extendedMasterSecret:        config.ExtendedMasterSecret,
+		localSRTPProtectionProfiles: config.SRTPProtectionProfiles,
+		serverName:                  serverName,
+		supportedProtocols:          config.SupportedProtocols,
+		clientAuth:                  config.ClientAuth,
+		localCertificates:           config.Certificates,
+		insecureSkipVerify:          config.InsecureSkipVerify,
+		verifyPeerCertificate:       config.VerifyPeerCertificate,
+		verifyConnection:            config.VerifyConnection,
+		rootCAs:                     config.RootCAs,
+		clientCAs:                   config.ClientCAs,
+		customCipherSuites:          config.CustomCipherSuites,
+		retransmitInterval:          workerInterval,
+		log:                         conn.log,
+		initialEpoch:                0,
+		keyLogWriter:                config.KeyLogWriter,
+		sessionStore:                config.SessionStore,
+		ellipticCurves:              curves,
+		localGetCertificate:         config.GetCertificate,
+		localGetClientCertificate:   config.GetClientCertificate,
+		insecureSkipHelloVerify:     config.InsecureSkipVerifyHello,
+	}
+
+	// rfc5246#section-7.4.3
+	// In addition, the hash and signature algorithms MUST be compatible
+	// with the key in the server's end-entity certificate.
+	if !isClient {
+		cert, err := hsCfg.getCertificate(&ClientHelloInfo{})
+		if err != nil && !errors.Is(err, errNoCertificates) {
+			return nil, err
+		}
+		hsCfg.localCipherSuites = filterCipherSuitesForCertificate(cert, cipherSuites)
+	}
+
+	var initialFlight flightVal
+	var initialFSMState handshakeState
+
+	if initialState != nil {
+		if conn.state.isClient {
+			initialFlight = flight5
+		} else {
+			initialFlight = flight6
+		}
+		initialFSMState = handshakeFinished
+
+		conn.state = *initialState
+	} else {
+		if conn.state.isClient {
+			initialFlight = flight1
+		} else {
+			initialFlight = flight0
+		}
+		initialFSMState = handshakePreparing
+	}
+	// Do handshake
+	if err := conn.handshake(ctx, hsCfg, initialFlight, initialFSMState); err != nil {
+		return nil, err
+	}
+
+	conn.log.Trace("Handshake Completed")
+
+	return conn, nil
+}
+
+// Dial connects to the given network address and establishes a DTLS connection on top.
+// Connection handshake will timeout using ConnectContextMaker in the Config.
+// If you want to specify the timeout duration, use DialWithContext() instead.
+func Dial(network string, raddr *net.UDPAddr, config *Config) (*Conn, error) {
+	ctx, cancel := config.connectContextMaker()
+	defer cancel()
+
+	return DialWithContext(ctx, network, raddr, config)
+}
+
+// Client establishes a DTLS connection over an existing connection.
+// Connection handshake will timeout using ConnectContextMaker in the Config.
+// If you want to specify the timeout duration, use ClientWithContext() instead.
+func Client(conn net.Conn, config *Config) (*Conn, error) {
+	ctx, cancel := config.connectContextMaker()
+	defer cancel()
+
+	return ClientWithContext(ctx, conn, config)
+}
+
+// Server listens for incoming DTLS connections.
+// Connection handshake will timeout using ConnectContextMaker in the Config.
+// If you want to specify the timeout duration, use ServerWithContext() instead.
+func Server(conn net.Conn, config *Config) (*Conn, error) {
+	ctx, cancel := config.connectContextMaker()
+	defer cancel()
+
+	return ServerWithContext(ctx, conn, config)
+}
+
+// DialWithContext connects to the given network address and establishes a DTLS connection on top.
+func DialWithContext(ctx context.Context, network string, raddr *net.UDPAddr, config *Config) (*Conn, error) {
+	pConn, err := net.DialUDP(network, nil, raddr)
+	if err != nil {
+		return nil, err
+	}
+	return ClientWithContext(ctx, pConn, config)
+}
+
+// ClientWithContext establishes a DTLS connection over an existing connection.
+func ClientWithContext(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) {
+	switch {
+	case config == nil:
+		return nil, errNoConfigProvided
+	case config.PSK != nil && config.PSKIdentityHint == nil:
+		return nil, errPSKAndIdentityMustBeSetForClient
+	}
+
+	dconn, err := createConn(conn, config, true)
+	if err != nil {
+		return nil, err
+	}
+
+	return handshakeConn(ctx, dconn, config, true, nil)
+}
+
+// ServerWithContext listens for incoming DTLS connections.
+func ServerWithContext(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) {
+	if config == nil {
+		return nil, errNoConfigProvided
+	}
+	dconn, err := createConn(conn, config, false)
+	if err != nil {
+		return nil, err
+	}
+	return handshakeConn(ctx, dconn, config, false, nil)
+}
+
+// Read reads data from the connection.
+func (c *Conn) Read(p []byte) (n int, err error) {
+	if !c.isHandshakeCompletedSuccessfully() {
+		return 0, errHandshakeInProgress
+	}
+
+	select {
+	case <-c.readDeadline.Done():
+		return 0, errDeadlineExceeded
+	default:
+	}
+
+	for {
+		select {
+		case <-c.readDeadline.Done():
+			return 0, errDeadlineExceeded
+		case out, ok := <-c.decrypted:
+			if !ok {
+				return 0, io.EOF
+			}
+			switch val := out.(type) {
+			case ([]byte):
+				if len(p) < len(val) {
+					return 0, errBufferTooSmall
+				}
+				copy(p, val)
+				return len(val), nil
+			case (error):
+				return 0, val
+			}
+		}
+	}
+}
+
+// Write writes len(p) bytes from p to the DTLS connection
+func (c *Conn) Write(p []byte) (int, error) {
+	if c.isConnectionClosed() {
+		return 0, ErrConnClosed
+	}
+
+	select {
+	case <-c.writeDeadline.Done():
+		return 0, errDeadlineExceeded
+	default:
+	}
+
+	if !c.isHandshakeCompletedSuccessfully() {
+		return 0, errHandshakeInProgress
+	}
+
+	return len(p), c.writePackets(c.writeDeadline, []*packet{
+		{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Epoch:   c.state.getLocalEpoch(),
+					Version: protocol.Version1_2,
+				},
+				Content: &protocol.ApplicationData{
+					Data: p,
+				},
+			},
+			shouldEncrypt: true,
+		},
+	})
+}
+
+// Close closes the connection.
+func (c *Conn) Close() error {
+	err := c.close(true) //nolint:contextcheck
+	c.handshakeLoopsFinished.Wait()
+	return err
+}
+
+// ConnectionState returns basic DTLS details about the connection.
+// Note that this replaced the `Export` function of v1.
+func (c *Conn) ConnectionState() State {
+	c.lock.RLock()
+	defer c.lock.RUnlock()
+	return *c.state.clone()
+}
+
+// SelectedSRTPProtectionProfile returns the selected SRTPProtectionProfile
+func (c *Conn) SelectedSRTPProtectionProfile() (SRTPProtectionProfile, bool) {
+	profile := c.state.getSRTPProtectionProfile()
+	if profile == 0 {
+		return 0, false
+	}
+
+	return profile, true
+}
+
+func (c *Conn) writePackets(ctx context.Context, pkts []*packet) error {
+	c.lock.Lock()
+	defer c.lock.Unlock()
+
+	var rawPackets [][]byte
+
+	for _, p := range pkts {
+		if h, ok := p.record.Content.(*handshake.Handshake); ok {
+			handshakeRaw, err := p.record.Marshal()
+			if err != nil {
+				return err
+			}
+
+			c.log.Tracef("[handshake:%v] -> %s (epoch: %d, seq: %d)",
+				srvCliStr(c.state.isClient), h.Header.Type.String(),
+				p.record.Header.Epoch, h.Header.MessageSequence)
+			c.handshakeCache.push(handshakeRaw[recordlayer.HeaderSize:], p.record.Header.Epoch, h.Header.MessageSequence, h.Header.Type, c.state.isClient)
+
+			rawHandshakePackets, err := c.processHandshakePacket(p, h)
+			if err != nil {
+				return err
+			}
+			rawPackets = append(rawPackets, rawHandshakePackets...)
+		} else {
+			rawPacket, err := c.processPacket(p)
+			if err != nil {
+				return err
+			}
+			rawPackets = append(rawPackets, rawPacket)
+		}
+	}
+	if len(rawPackets) == 0 {
+		return nil
+	}
+	compactedRawPackets := c.compactRawPackets(rawPackets)
+
+	for _, compactedRawPackets := range compactedRawPackets {
+		if _, err := c.nextConn.WriteContext(ctx, compactedRawPackets); err != nil {
+			return netError(err)
+		}
+	}
+
+	return nil
+}
+
+func (c *Conn) compactRawPackets(rawPackets [][]byte) [][]byte {
+	// avoid a useless copy in the common case
+	if len(rawPackets) == 1 {
+		return rawPackets
+	}
+
+	combinedRawPackets := make([][]byte, 0)
+	currentCombinedRawPacket := make([]byte, 0)
+
+	for _, rawPacket := range rawPackets {
+		if len(currentCombinedRawPacket) > 0 && len(currentCombinedRawPacket)+len(rawPacket) >= c.maximumTransmissionUnit {
+			combinedRawPackets = append(combinedRawPackets, currentCombinedRawPacket)
+			currentCombinedRawPacket = []byte{}
+		}
+		currentCombinedRawPacket = append(currentCombinedRawPacket, rawPacket...)
+	}
+
+	combinedRawPackets = append(combinedRawPackets, currentCombinedRawPacket)
+
+	return combinedRawPackets
+}
+
+func (c *Conn) processPacket(p *packet) ([]byte, error) {
+	epoch := p.record.Header.Epoch
+	for len(c.state.localSequenceNumber) <= int(epoch) {
+		c.state.localSequenceNumber = append(c.state.localSequenceNumber, uint64(0))
+	}
+	seq := atomic.AddUint64(&c.state.localSequenceNumber[epoch], 1) - 1
+	if seq > recordlayer.MaxSequenceNumber {
+		// RFC 6347 Section 4.1.0
+		// The implementation must either abandon an association or rehandshake
+		// prior to allowing the sequence number to wrap.
+		return nil, errSequenceNumberOverflow
+	}
+	p.record.Header.SequenceNumber = seq
+
+	rawPacket, err := p.record.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	if p.shouldEncrypt {
+		var err error
+		rawPacket, err = c.state.cipherSuite.Encrypt(p.record, rawPacket)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return rawPacket, nil
+}
+
+func (c *Conn) processHandshakePacket(p *packet, h *handshake.Handshake) ([][]byte, error) {
+	rawPackets := make([][]byte, 0)
+
+	handshakeFragments, err := c.fragmentHandshake(h)
+	if err != nil {
+		return nil, err
+	}
+	epoch := p.record.Header.Epoch
+	for len(c.state.localSequenceNumber) <= int(epoch) {
+		c.state.localSequenceNumber = append(c.state.localSequenceNumber, uint64(0))
+	}
+
+	for _, handshakeFragment := range handshakeFragments {
+		seq := atomic.AddUint64(&c.state.localSequenceNumber[epoch], 1) - 1
+		if seq > recordlayer.MaxSequenceNumber {
+			return nil, errSequenceNumberOverflow
+		}
+
+		recordlayerHeader := &recordlayer.Header{
+			Version:        p.record.Header.Version,
+			ContentType:    p.record.Header.ContentType,
+			ContentLen:     uint16(len(handshakeFragment)),
+			Epoch:          p.record.Header.Epoch,
+			SequenceNumber: seq,
+		}
+
+		rawPacket, err := recordlayerHeader.Marshal()
+		if err != nil {
+			return nil, err
+		}
+
+		p.record.Header = *recordlayerHeader
+
+		rawPacket = append(rawPacket, handshakeFragment...)
+		if p.shouldEncrypt {
+			var err error
+			rawPacket, err = c.state.cipherSuite.Encrypt(p.record, rawPacket)
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		rawPackets = append(rawPackets, rawPacket)
+	}
+
+	return rawPackets, nil
+}
+
+func (c *Conn) fragmentHandshake(h *handshake.Handshake) ([][]byte, error) {
+	content, err := h.Message.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	fragmentedHandshakes := make([][]byte, 0)
+
+	contentFragments := splitBytes(content, c.maximumTransmissionUnit)
+	if len(contentFragments) == 0 {
+		contentFragments = [][]byte{
+			{},
+		}
+	}
+
+	offset := 0
+	for _, contentFragment := range contentFragments {
+		contentFragmentLen := len(contentFragment)
+
+		headerFragment := &handshake.Header{
+			Type:            h.Header.Type,
+			Length:          h.Header.Length,
+			MessageSequence: h.Header.MessageSequence,
+			FragmentOffset:  uint32(offset),
+			FragmentLength:  uint32(contentFragmentLen),
+		}
+
+		offset += contentFragmentLen
+
+		fragmentedHandshake, err := headerFragment.Marshal()
+		if err != nil {
+			return nil, err
+		}
+
+		fragmentedHandshake = append(fragmentedHandshake, contentFragment...)
+		fragmentedHandshakes = append(fragmentedHandshakes, fragmentedHandshake)
+	}
+
+	return fragmentedHandshakes, nil
+}
+
+var poolReadBuffer = sync.Pool{ //nolint:gochecknoglobals
+	New: func() interface{} {
+		b := make([]byte, inboundBufferSize)
+		return &b
+	},
+}
+
+func (c *Conn) readAndBuffer(ctx context.Context) error {
+	bufptr, ok := poolReadBuffer.Get().(*[]byte)
+	if !ok {
+		return errFailedToAccessPoolReadBuffer
+	}
+	defer poolReadBuffer.Put(bufptr)
+
+	b := *bufptr
+	i, err := c.nextConn.ReadContext(ctx, b)
+	if err != nil {
+		return netError(err)
+	}
+
+	pkts, err := recordlayer.UnpackDatagram(b[:i])
+	if err != nil {
+		return err
+	}
+
+	var hasHandshake bool
+	for _, p := range pkts {
+		hs, alert, err := c.handleIncomingPacket(ctx, p, true)
+		if alert != nil {
+			if alertErr := c.notify(ctx, alert.Level, alert.Description); alertErr != nil {
+				if err == nil {
+					err = alertErr
+				}
+			}
+		}
+		if hs {
+			hasHandshake = true
+		}
+
+		if err != nil {
+			return err
+		}
+	}
+	if hasHandshake {
+		done := make(chan struct{})
+		select {
+		case c.handshakeRecv <- done:
+			// If the other party may retransmit the flight,
+			// we should respond even if it not a new message.
+			<-done
+		case <-c.fsm.Done():
+		}
+	}
+	return nil
+}
+
+func (c *Conn) handleQueuedPackets(ctx context.Context) error {
+	pkts := c.encryptedPackets
+	c.encryptedPackets = nil
+
+	for _, p := range pkts {
+		_, alert, err := c.handleIncomingPacket(ctx, p, false) // don't re-enqueue
+		if alert != nil {
+			if alertErr := c.notify(ctx, alert.Level, alert.Description); alertErr != nil {
+				if err == nil {
+					err = alertErr
+				}
+			}
+		}
+		var e *alertError
+		if errors.As(err, &e) {
+			if e.IsFatalOrCloseNotify() {
+				return e
+			}
+		} else if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (c *Conn) enqueueEncryptedPackets(packet []byte) bool {
+	if len(c.encryptedPackets) < maxAppDataPacketQueueSize {
+		c.encryptedPackets = append(c.encryptedPackets, packet)
+		return true
+	}
+	return false
+}
+
+func (c *Conn) handleIncomingPacket(ctx context.Context, buf []byte, enqueue bool) (bool, *alert.Alert, error) { //nolint:gocognit
+	h := &recordlayer.Header{}
+	if err := h.Unmarshal(buf); err != nil {
+		// Decode error must be silently discarded
+		// [RFC6347 Section-4.1.2.7]
+		c.log.Debugf("discarded broken packet: %v", err)
+		return false, nil, nil
+	}
+	// Validate epoch
+	remoteEpoch := c.state.getRemoteEpoch()
+	if h.Epoch > remoteEpoch {
+		if h.Epoch > remoteEpoch+1 {
+			c.log.Debugf("discarded future packet (epoch: %d, seq: %d)",
+				h.Epoch, h.SequenceNumber,
+			)
+			return false, nil, nil
+		}
+		if enqueue {
+			if ok := c.enqueueEncryptedPackets(buf); ok {
+				c.log.Debug("received packet of next epoch, queuing packet")
+			}
+		}
+		return false, nil, nil
+	}
+
+	// Anti-replay protection
+	for len(c.state.replayDetector) <= int(h.Epoch) {
+		c.state.replayDetector = append(c.state.replayDetector,
+			replaydetector.New(c.replayProtectionWindow, recordlayer.MaxSequenceNumber),
+		)
+	}
+	markPacketAsValid, ok := c.state.replayDetector[int(h.Epoch)].Check(h.SequenceNumber)
+	if !ok {
+		c.log.Debugf("discarded duplicated packet (epoch: %d, seq: %d)",
+			h.Epoch, h.SequenceNumber,
+		)
+		return false, nil, nil
+	}
+
+	// Decrypt
+	if h.Epoch != 0 {
+		if c.state.cipherSuite == nil || !c.state.cipherSuite.IsInitialized() {
+			if enqueue {
+				if ok := c.enqueueEncryptedPackets(buf); ok {
+					c.log.Debug("handshake not finished, queuing packet")
+				}
+			}
+			return false, nil, nil
+		}
+
+		var err error
+		buf, err = c.state.cipherSuite.Decrypt(buf)
+		if err != nil {
+			c.log.Debugf("%s: decrypt failed: %s", srvCliStr(c.state.isClient), err)
+			return false, nil, nil
+		}
+	}
+
+	isHandshake, err := c.fragmentBuffer.push(append([]byte{}, buf...))
+	if err != nil {
+		// Decode error must be silently discarded
+		// [RFC6347 Section-4.1.2.7]
+		c.log.Debugf("defragment failed: %s", err)
+		return false, nil, nil
+	} else if isHandshake {
+		markPacketAsValid()
+		for out, epoch := c.fragmentBuffer.pop(); out != nil; out, epoch = c.fragmentBuffer.pop() {
+			header := &handshake.Header{}
+			if err := header.Unmarshal(out); err != nil {
+				c.log.Debugf("%s: handshake parse failed: %s", srvCliStr(c.state.isClient), err)
+				continue
+			}
+			c.handshakeCache.push(out, epoch, header.MessageSequence, header.Type, !c.state.isClient)
+		}
+
+		return true, nil, nil
+	}
+
+	r := &recordlayer.RecordLayer{}
+	if err := r.Unmarshal(buf); err != nil {
+		return false, &alert.Alert{Level: alert.Fatal, Description: alert.DecodeError}, err
+	}
+
+	switch content := r.Content.(type) {
+	case *alert.Alert:
+		c.log.Tracef("%s: <- %s", srvCliStr(c.state.isClient), content.String())
+		var a *alert.Alert
+		if content.Description == alert.CloseNotify {
+			// Respond with a close_notify [RFC5246 Section 7.2.1]
+			a = &alert.Alert{Level: alert.Warning, Description: alert.CloseNotify}
+		}
+		markPacketAsValid()
+		return false, a, &alertError{content}
+	case *protocol.ChangeCipherSpec:
+		if c.state.cipherSuite == nil || !c.state.cipherSuite.IsInitialized() {
+			if enqueue {
+				if ok := c.enqueueEncryptedPackets(buf); ok {
+					c.log.Debugf("CipherSuite not initialized, queuing packet")
+				}
+			}
+			return false, nil, nil
+		}
+
+		newRemoteEpoch := h.Epoch + 1
+		c.log.Tracef("%s: <- ChangeCipherSpec (epoch: %d)", srvCliStr(c.state.isClient), newRemoteEpoch)
+
+		if c.state.getRemoteEpoch()+1 == newRemoteEpoch {
+			c.setRemoteEpoch(newRemoteEpoch)
+			markPacketAsValid()
+		}
+	case *protocol.ApplicationData:
+		if h.Epoch == 0 {
+			return false, &alert.Alert{Level: alert.Fatal, Description: alert.UnexpectedMessage}, errApplicationDataEpochZero
+		}
+
+		markPacketAsValid()
+
+		select {
+		case c.decrypted <- content.Data:
+		case <-c.closed.Done():
+		case <-ctx.Done():
+		}
+
+	default:
+		return false, &alert.Alert{Level: alert.Fatal, Description: alert.UnexpectedMessage}, fmt.Errorf("%w: %d", errUnhandledContextType, content.ContentType())
+	}
+	return false, nil, nil
+}
+
+func (c *Conn) recvHandshake() <-chan chan struct{} {
+	return c.handshakeRecv
+}
+
+func (c *Conn) notify(ctx context.Context, level alert.Level, desc alert.Description) error {
+	if level == alert.Fatal && len(c.state.SessionID) > 0 {
+		// According to the RFC, we need to delete the stored session.
+		// https://datatracker.ietf.org/doc/html/rfc5246#section-7.2
+		if ss := c.fsm.cfg.sessionStore; ss != nil {
+			c.log.Tracef("clean invalid session: %s", c.state.SessionID)
+			if err := ss.Del(c.sessionKey()); err != nil {
+				return err
+			}
+		}
+	}
+	return c.writePackets(ctx, []*packet{
+		{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Epoch:   c.state.getLocalEpoch(),
+					Version: protocol.Version1_2,
+				},
+				Content: &alert.Alert{
+					Level:       level,
+					Description: desc,
+				},
+			},
+			shouldEncrypt: c.isHandshakeCompletedSuccessfully(),
+		},
+	})
+}
+
+func (c *Conn) setHandshakeCompletedSuccessfully() {
+	c.handshakeCompletedSuccessfully.Store(struct{ bool }{true})
+}
+
+func (c *Conn) isHandshakeCompletedSuccessfully() bool {
+	boolean, _ := c.handshakeCompletedSuccessfully.Load().(struct{ bool })
+	return boolean.bool
+}
+
+func (c *Conn) handshake(ctx context.Context, cfg *handshakeConfig, initialFlight flightVal, initialState handshakeState) error { //nolint:gocognit
+	c.fsm = newHandshakeFSM(&c.state, c.handshakeCache, cfg, initialFlight)
+
+	done := make(chan struct{})
+	ctxRead, cancelRead := context.WithCancel(context.Background())
+	c.cancelHandshakeReader = cancelRead
+	cfg.onFlightState = func(f flightVal, s handshakeState) {
+		if s == handshakeFinished && !c.isHandshakeCompletedSuccessfully() {
+			c.setHandshakeCompletedSuccessfully()
+			close(done)
+		}
+	}
+
+	ctxHs, cancel := context.WithCancel(context.Background())
+	c.cancelHandshaker = cancel
+
+	firstErr := make(chan error, 1)
+
+	c.handshakeLoopsFinished.Add(2)
+
+	// Handshake routine should be live until close.
+	// The other party may request retransmission of the last flight to cope with packet drop.
+	go func() {
+		defer c.handshakeLoopsFinished.Done()
+		err := c.fsm.Run(ctxHs, c, initialState)
+		if !errors.Is(err, context.Canceled) {
+			select {
+			case firstErr <- err:
+			default:
+			}
+		}
+	}()
+	go func() {
+		defer func() {
+			// Escaping read loop.
+			// It's safe to close decrypted channnel now.
+			close(c.decrypted)
+
+			// Force stop handshaker when the underlying connection is closed.
+			cancel()
+		}()
+		defer c.handshakeLoopsFinished.Done()
+		for {
+			if err := c.readAndBuffer(ctxRead); err != nil {
+				var e *alertError
+				if errors.As(err, &e) {
+					if !e.IsFatalOrCloseNotify() {
+						if c.isHandshakeCompletedSuccessfully() {
+							// Pass the error to Read()
+							select {
+							case c.decrypted <- err:
+							case <-c.closed.Done():
+							case <-ctxRead.Done():
+							}
+						}
+						continue // non-fatal alert must not stop read loop
+					}
+				} else {
+					switch {
+					case errors.Is(err, context.DeadlineExceeded), errors.Is(err, context.Canceled), errors.Is(err, io.EOF), errors.Is(err, net.ErrClosed):
+					case errors.Is(err, recordlayer.ErrInvalidPacketLength):
+						// Decode error must be silently discarded
+						// [RFC6347 Section-4.1.2.7]
+						continue
+					default:
+						if c.isHandshakeCompletedSuccessfully() {
+							// Keep read loop and pass the read error to Read()
+							select {
+							case c.decrypted <- err:
+							case <-c.closed.Done():
+							case <-ctxRead.Done():
+							}
+							continue // non-fatal alert must not stop read loop
+						}
+					}
+				}
+
+				select {
+				case firstErr <- err:
+				default:
+				}
+
+				if e != nil {
+					if e.IsFatalOrCloseNotify() {
+						_ = c.close(false) //nolint:contextcheck
+					}
+				}
+				if !c.isConnectionClosed() && errors.Is(err, context.Canceled) {
+					c.log.Trace("handshake timeouts - closing underline connection")
+					_ = c.close(false) //nolint:contextcheck
+				}
+				return
+			}
+		}
+	}()
+
+	select {
+	case err := <-firstErr:
+		cancelRead()
+		cancel()
+		c.handshakeLoopsFinished.Wait()
+		return c.translateHandshakeCtxError(err)
+	case <-ctx.Done():
+		cancelRead()
+		cancel()
+		c.handshakeLoopsFinished.Wait()
+		return c.translateHandshakeCtxError(ctx.Err())
+	case <-done:
+		return nil
+	}
+}
+
+func (c *Conn) translateHandshakeCtxError(err error) error {
+	if err == nil {
+		return nil
+	}
+	if errors.Is(err, context.Canceled) && c.isHandshakeCompletedSuccessfully() {
+		return nil
+	}
+	return &HandshakeError{Err: err}
+}
+
+func (c *Conn) close(byUser bool) error {
+	c.cancelHandshaker()
+	c.cancelHandshakeReader()
+
+	if c.isHandshakeCompletedSuccessfully() && byUser {
+		// Discard error from notify() to return non-error on the first user call of Close()
+		// even if the underlying connection is already closed.
+		_ = c.notify(context.Background(), alert.Warning, alert.CloseNotify)
+	}
+
+	c.closeLock.Lock()
+	// Don't return ErrConnClosed at the first time of the call from user.
+	closedByUser := c.connectionClosedByUser
+	if byUser {
+		c.connectionClosedByUser = true
+	}
+	isClosed := c.isConnectionClosed()
+	c.closed.Close()
+	c.closeLock.Unlock()
+
+	if closedByUser {
+		return ErrConnClosed
+	}
+
+	if isClosed {
+		return nil
+	}
+
+	return c.nextConn.Close()
+}
+
+func (c *Conn) isConnectionClosed() bool {
+	select {
+	case <-c.closed.Done():
+		return true
+	default:
+		return false
+	}
+}
+
+func (c *Conn) setLocalEpoch(epoch uint16) {
+	c.state.localEpoch.Store(epoch)
+}
+
+func (c *Conn) setRemoteEpoch(epoch uint16) {
+	c.state.remoteEpoch.Store(epoch)
+}
+
+// LocalAddr implements net.Conn.LocalAddr
+func (c *Conn) LocalAddr() net.Addr {
+	return c.nextConn.LocalAddr()
+}
+
+// RemoteAddr implements net.Conn.RemoteAddr
+func (c *Conn) RemoteAddr() net.Addr {
+	return c.nextConn.RemoteAddr()
+}
+
+func (c *Conn) sessionKey() []byte {
+	if c.state.isClient {
+		// As ServerName can be like 0.example.com, it's better to add
+		// delimiter character which is not allowed to be in
+		// neither address or domain name.
+		return []byte(c.nextConn.RemoteAddr().String() + "_" + c.fsm.cfg.serverName)
+	}
+	return c.state.SessionID
+}
+
+// SetDeadline implements net.Conn.SetDeadline
+func (c *Conn) SetDeadline(t time.Time) error {
+	c.readDeadline.Set(t)
+	return c.SetWriteDeadline(t)
+}
+
+// SetReadDeadline implements net.Conn.SetReadDeadline
+func (c *Conn) SetReadDeadline(t time.Time) error {
+	c.readDeadline.Set(t)
+	// Read deadline is fully managed by this layer.
+	// Don't set read deadline to underlying connection.
+	return nil
+}
+
+// SetWriteDeadline implements net.Conn.SetWriteDeadline
+func (c *Conn) SetWriteDeadline(t time.Time) error {
+	c.writeDeadline.Set(t)
+	// Write deadline is also fully managed by this layer.
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/crypto.go b/server/vendor/github.com/pion/dtls/v2/crypto.go
new file mode 100644
index 0000000..968910c
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/crypto.go
@@ -0,0 +1,228 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/ed25519"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/asn1"
+	"encoding/binary"
+	"math/big"
+	"time"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/crypto/hash"
+)
+
+type ecdsaSignature struct {
+	R, S *big.Int
+}
+
+func valueKeyMessage(clientRandom, serverRandom, publicKey []byte, namedCurve elliptic.Curve) []byte {
+	serverECDHParams := make([]byte, 4)
+	serverECDHParams[0] = 3 // named curve
+	binary.BigEndian.PutUint16(serverECDHParams[1:], uint16(namedCurve))
+	serverECDHParams[3] = byte(len(publicKey))
+
+	plaintext := []byte{}
+	plaintext = append(plaintext, clientRandom...)
+	plaintext = append(plaintext, serverRandom...)
+	plaintext = append(plaintext, serverECDHParams...)
+	plaintext = append(plaintext, publicKey...)
+
+	return plaintext
+}
+
+// If the client provided a "signature_algorithms" extension, then all
+// certificates provided by the server MUST be signed by a
+// hash/signature algorithm pair that appears in that extension
+//
+// https://tools.ietf.org/html/rfc5246#section-7.4.2
+func generateKeySignature(clientRandom, serverRandom, publicKey []byte, namedCurve elliptic.Curve, privateKey crypto.PrivateKey, hashAlgorithm hash.Algorithm) ([]byte, error) {
+	msg := valueKeyMessage(clientRandom, serverRandom, publicKey, namedCurve)
+	switch p := privateKey.(type) {
+	case ed25519.PrivateKey:
+		// https://crypto.stackexchange.com/a/55483
+		return p.Sign(rand.Reader, msg, crypto.Hash(0))
+	case *ecdsa.PrivateKey:
+		hashed := hashAlgorithm.Digest(msg)
+		return p.Sign(rand.Reader, hashed, hashAlgorithm.CryptoHash())
+	case *rsa.PrivateKey:
+		hashed := hashAlgorithm.Digest(msg)
+		return p.Sign(rand.Reader, hashed, hashAlgorithm.CryptoHash())
+	}
+
+	return nil, errKeySignatureGenerateUnimplemented
+}
+
+func verifyKeySignature(message, remoteKeySignature []byte, hashAlgorithm hash.Algorithm, rawCertificates [][]byte) error { //nolint:dupl
+	if len(rawCertificates) == 0 {
+		return errLengthMismatch
+	}
+	certificate, err := x509.ParseCertificate(rawCertificates[0])
+	if err != nil {
+		return err
+	}
+
+	switch p := certificate.PublicKey.(type) {
+	case ed25519.PublicKey:
+		if ok := ed25519.Verify(p, message, remoteKeySignature); !ok {
+			return errKeySignatureMismatch
+		}
+		return nil
+	case *ecdsa.PublicKey:
+		ecdsaSig := &ecdsaSignature{}
+		if _, err := asn1.Unmarshal(remoteKeySignature, ecdsaSig); err != nil {
+			return err
+		}
+		if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 {
+			return errInvalidECDSASignature
+		}
+		hashed := hashAlgorithm.Digest(message)
+		if !ecdsa.Verify(p, hashed, ecdsaSig.R, ecdsaSig.S) {
+			return errKeySignatureMismatch
+		}
+		return nil
+	case *rsa.PublicKey:
+		switch certificate.SignatureAlgorithm {
+		case x509.SHA1WithRSA, x509.SHA256WithRSA, x509.SHA384WithRSA, x509.SHA512WithRSA:
+			hashed := hashAlgorithm.Digest(message)
+			return rsa.VerifyPKCS1v15(p, hashAlgorithm.CryptoHash(), hashed, remoteKeySignature)
+		default:
+			return errKeySignatureVerifyUnimplemented
+		}
+	}
+
+	return errKeySignatureVerifyUnimplemented
+}
+
+// If the server has sent a CertificateRequest message, the client MUST send the Certificate
+// message.  The ClientKeyExchange message is now sent, and the content
+// of that message will depend on the public key algorithm selected
+// between the ClientHello and the ServerHello.  If the client has sent
+// a certificate with signing ability, a digitally-signed
+// CertificateVerify message is sent to explicitly verify possession of
+// the private key in the certificate.
+// https://tools.ietf.org/html/rfc5246#section-7.3
+func generateCertificateVerify(handshakeBodies []byte, privateKey crypto.PrivateKey, hashAlgorithm hash.Algorithm) ([]byte, error) {
+	if p, ok := privateKey.(ed25519.PrivateKey); ok {
+		// https://pkg.go.dev/crypto/ed25519#PrivateKey.Sign
+		// Sign signs the given message with priv. Ed25519 performs two passes over
+		// messages to be signed and therefore cannot handle pre-hashed messages.
+		return p.Sign(rand.Reader, handshakeBodies, crypto.Hash(0))
+	}
+
+	h := sha256.New()
+	if _, err := h.Write(handshakeBodies); err != nil {
+		return nil, err
+	}
+	hashed := h.Sum(nil)
+
+	switch p := privateKey.(type) {
+	case *ecdsa.PrivateKey:
+		return p.Sign(rand.Reader, hashed, hashAlgorithm.CryptoHash())
+	case *rsa.PrivateKey:
+		return p.Sign(rand.Reader, hashed, hashAlgorithm.CryptoHash())
+	}
+
+	return nil, errInvalidSignatureAlgorithm
+}
+
+func verifyCertificateVerify(handshakeBodies []byte, hashAlgorithm hash.Algorithm, remoteKeySignature []byte, rawCertificates [][]byte) error { //nolint:dupl
+	if len(rawCertificates) == 0 {
+		return errLengthMismatch
+	}
+	certificate, err := x509.ParseCertificate(rawCertificates[0])
+	if err != nil {
+		return err
+	}
+
+	switch p := certificate.PublicKey.(type) {
+	case ed25519.PublicKey:
+		if ok := ed25519.Verify(p, handshakeBodies, remoteKeySignature); !ok {
+			return errKeySignatureMismatch
+		}
+		return nil
+	case *ecdsa.PublicKey:
+		ecdsaSig := &ecdsaSignature{}
+		if _, err := asn1.Unmarshal(remoteKeySignature, ecdsaSig); err != nil {
+			return err
+		}
+		if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 {
+			return errInvalidECDSASignature
+		}
+		hash := hashAlgorithm.Digest(handshakeBodies)
+		if !ecdsa.Verify(p, hash, ecdsaSig.R, ecdsaSig.S) {
+			return errKeySignatureMismatch
+		}
+		return nil
+	case *rsa.PublicKey:
+		switch certificate.SignatureAlgorithm {
+		case x509.SHA1WithRSA, x509.SHA256WithRSA, x509.SHA384WithRSA, x509.SHA512WithRSA:
+			hash := hashAlgorithm.Digest(handshakeBodies)
+			return rsa.VerifyPKCS1v15(p, hashAlgorithm.CryptoHash(), hash, remoteKeySignature)
+		default:
+			return errKeySignatureVerifyUnimplemented
+		}
+	}
+
+	return errKeySignatureVerifyUnimplemented
+}
+
+func loadCerts(rawCertificates [][]byte) ([]*x509.Certificate, error) {
+	if len(rawCertificates) == 0 {
+		return nil, errLengthMismatch
+	}
+
+	certs := make([]*x509.Certificate, 0, len(rawCertificates))
+	for _, rawCert := range rawCertificates {
+		cert, err := x509.ParseCertificate(rawCert)
+		if err != nil {
+			return nil, err
+		}
+		certs = append(certs, cert)
+	}
+	return certs, nil
+}
+
+func verifyClientCert(rawCertificates [][]byte, roots *x509.CertPool) (chains [][]*x509.Certificate, err error) {
+	certificate, err := loadCerts(rawCertificates)
+	if err != nil {
+		return nil, err
+	}
+	intermediateCAPool := x509.NewCertPool()
+	for _, cert := range certificate[1:] {
+		intermediateCAPool.AddCert(cert)
+	}
+	opts := x509.VerifyOptions{
+		Roots:         roots,
+		CurrentTime:   time.Now(),
+		Intermediates: intermediateCAPool,
+		KeyUsages:     []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
+	}
+	return certificate[0].Verify(opts)
+}
+
+func verifyServerCert(rawCertificates [][]byte, roots *x509.CertPool, serverName string) (chains [][]*x509.Certificate, err error) {
+	certificate, err := loadCerts(rawCertificates)
+	if err != nil {
+		return nil, err
+	}
+	intermediateCAPool := x509.NewCertPool()
+	for _, cert := range certificate[1:] {
+		intermediateCAPool.AddCert(cert)
+	}
+	opts := x509.VerifyOptions{
+		Roots:         roots,
+		CurrentTime:   time.Now(),
+		DNSName:       serverName,
+		Intermediates: intermediateCAPool,
+	}
+	return certificate[0].Verify(opts)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/dtls.go b/server/vendor/github.com/pion/dtls/v2/dtls.go
new file mode 100644
index 0000000..b799770
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/dtls.go
@@ -0,0 +1,5 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package dtls implements Datagram Transport Layer Security (DTLS) 1.2
+package dtls
diff --git a/server/vendor/github.com/pion/dtls/v2/errors.go b/server/vendor/github.com/pion/dtls/v2/errors.go
new file mode 100644
index 0000000..025d864
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/errors.go
@@ -0,0 +1,157 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"os"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+)
+
+// Typed errors
+var (
+	ErrConnClosed = &FatalError{Err: errors.New("conn is closed")} //nolint:goerr113
+
+	errDeadlineExceeded   = &TimeoutError{Err: fmt.Errorf("read/write timeout: %w", context.DeadlineExceeded)}
+	errInvalidContentType = &TemporaryError{Err: errors.New("invalid content type")} //nolint:goerr113
+
+	errBufferTooSmall               = &TemporaryError{Err: errors.New("buffer is too small")}                                        //nolint:goerr113
+	errContextUnsupported           = &TemporaryError{Err: errors.New("context is not supported for ExportKeyingMaterial")}          //nolint:goerr113
+	errHandshakeInProgress          = &TemporaryError{Err: errors.New("handshake is in progress")}                                   //nolint:goerr113
+	errReservedExportKeyingMaterial = &TemporaryError{Err: errors.New("ExportKeyingMaterial can not be used with a reserved label")} //nolint:goerr113
+	errApplicationDataEpochZero     = &TemporaryError{Err: errors.New("ApplicationData with epoch of 0")}                            //nolint:goerr113
+	errUnhandledContextType         = &TemporaryError{Err: errors.New("unhandled contentType")}                                      //nolint:goerr113
+
+	errCertificateVerifyNoCertificate    = &FatalError{Err: errors.New("client sent certificate verify but we have no certificate to verify")}                      //nolint:goerr113
+	errCipherSuiteNoIntersection         = &FatalError{Err: errors.New("client+server do not support any shared cipher suites")}                                    //nolint:goerr113
+	errClientCertificateNotVerified      = &FatalError{Err: errors.New("client sent certificate but did not verify it")}                                            //nolint:goerr113
+	errClientCertificateRequired         = &FatalError{Err: errors.New("server required client verification, but got none")}                                        //nolint:goerr113
+	errClientNoMatchingSRTPProfile       = &FatalError{Err: errors.New("server responded with SRTP Profile we do not support")}                                     //nolint:goerr113
+	errClientRequiredButNoServerEMS      = &FatalError{Err: errors.New("client required Extended Master Secret extension, but server does not support it")}         //nolint:goerr113
+	errCookieMismatch                    = &FatalError{Err: errors.New("client+server cookie does not match")}                                                      //nolint:goerr113
+	errIdentityNoPSK                     = &FatalError{Err: errors.New("PSK Identity Hint provided but PSK is nil")}                                                //nolint:goerr113
+	errInvalidCertificate                = &FatalError{Err: errors.New("no certificate provided")}                                                                  //nolint:goerr113
+	errInvalidCipherSuite                = &FatalError{Err: errors.New("invalid or unknown cipher suite")}                                                          //nolint:goerr113
+	errInvalidECDSASignature             = &FatalError{Err: errors.New("ECDSA signature contained zero or negative values")}                                        //nolint:goerr113
+	errInvalidPrivateKey                 = &FatalError{Err: errors.New("invalid private key type")}                                                                 //nolint:goerr113
+	errInvalidSignatureAlgorithm         = &FatalError{Err: errors.New("invalid signature algorithm")}                                                              //nolint:goerr113
+	errKeySignatureMismatch              = &FatalError{Err: errors.New("expected and actual key signature do not match")}                                           //nolint:goerr113
+	errNilNextConn                       = &FatalError{Err: errors.New("Conn can not be created with a nil nextConn")}                                              //nolint:goerr113
+	errNoAvailableCipherSuites           = &FatalError{Err: errors.New("connection can not be created, no CipherSuites satisfy this Config")}                       //nolint:goerr113
+	errNoAvailablePSKCipherSuite         = &FatalError{Err: errors.New("connection can not be created, pre-shared key present but no compatible CipherSuite")}      //nolint:goerr113
+	errNoAvailableCertificateCipherSuite = &FatalError{Err: errors.New("connection can not be created, certificate present but no compatible CipherSuite")}         //nolint:goerr113
+	errNoAvailableSignatureSchemes       = &FatalError{Err: errors.New("connection can not be created, no SignatureScheme satisfy this Config")}                    //nolint:goerr113
+	errNoCertificates                    = &FatalError{Err: errors.New("no certificates configured")}                                                               //nolint:goerr113
+	errNoConfigProvided                  = &FatalError{Err: errors.New("no config provided")}                                                                       //nolint:goerr113
+	errNoSupportedEllipticCurves         = &FatalError{Err: errors.New("client requested zero or more elliptic curves that are not supported by the server")}       //nolint:goerr113
+	errUnsupportedProtocolVersion        = &FatalError{Err: errors.New("unsupported protocol version")}                                                             //nolint:goerr113
+	errPSKAndIdentityMustBeSetForClient  = &FatalError{Err: errors.New("PSK and PSK Identity Hint must both be set for client")}                                    //nolint:goerr113
+	errRequestedButNoSRTPExtension       = &FatalError{Err: errors.New("SRTP support was requested but server did not respond with use_srtp extension")}            //nolint:goerr113
+	errServerNoMatchingSRTPProfile       = &FatalError{Err: errors.New("client requested SRTP but we have no matching profiles")}                                   //nolint:goerr113
+	errServerRequiredButNoClientEMS      = &FatalError{Err: errors.New("server requires the Extended Master Secret extension, but the client does not support it")} //nolint:goerr113
+	errVerifyDataMismatch                = &FatalError{Err: errors.New("expected and actual verify data does not match")}                                           //nolint:goerr113
+	errNotAcceptableCertificateChain     = &FatalError{Err: errors.New("certificate chain is not signed by an acceptable CA")}                                      //nolint:goerr113
+
+	errInvalidFlight                     = &InternalError{Err: errors.New("invalid flight number")}                           //nolint:goerr113
+	errKeySignatureGenerateUnimplemented = &InternalError{Err: errors.New("unable to generate key signature, unimplemented")} //nolint:goerr113
+	errKeySignatureVerifyUnimplemented   = &InternalError{Err: errors.New("unable to verify key signature, unimplemented")}   //nolint:goerr113
+	errLengthMismatch                    = &InternalError{Err: errors.New("data length and declared length do not match")}    //nolint:goerr113
+	errSequenceNumberOverflow            = &InternalError{Err: errors.New("sequence number overflow")}                        //nolint:goerr113
+	errInvalidFSMTransition              = &InternalError{Err: errors.New("invalid state machine transition")}                //nolint:goerr113
+	errFailedToAccessPoolReadBuffer      = &InternalError{Err: errors.New("failed to access pool read buffer")}               //nolint:goerr113
+	errFragmentBufferOverflow            = &InternalError{Err: errors.New("fragment buffer overflow")}                        //nolint:goerr113
+)
+
+// FatalError indicates that the DTLS connection is no longer available.
+// It is mainly caused by wrong configuration of server or client.
+type FatalError = protocol.FatalError
+
+// InternalError indicates and internal error caused by the implementation, and the DTLS connection is no longer available.
+// It is mainly caused by bugs or tried to use unimplemented features.
+type InternalError = protocol.InternalError
+
+// TemporaryError indicates that the DTLS connection is still available, but the request was failed temporary.
+type TemporaryError = protocol.TemporaryError
+
+// TimeoutError indicates that the request was timed out.
+type TimeoutError = protocol.TimeoutError
+
+// HandshakeError indicates that the handshake failed.
+type HandshakeError = protocol.HandshakeError
+
+// errInvalidCipherSuite indicates an attempt at using an unsupported cipher suite.
+type invalidCipherSuiteError struct {
+	id CipherSuiteID
+}
+
+func (e *invalidCipherSuiteError) Error() string {
+	return fmt.Sprintf("CipherSuite with id(%d) is not valid", e.id)
+}
+
+func (e *invalidCipherSuiteError) Is(err error) bool {
+	var other *invalidCipherSuiteError
+	if errors.As(err, &other) {
+		return e.id == other.id
+	}
+	return false
+}
+
+// errAlert wraps DTLS alert notification as an error
+type alertError struct {
+	*alert.Alert
+}
+
+func (e *alertError) Error() string {
+	return fmt.Sprintf("alert: %s", e.Alert.String())
+}
+
+func (e *alertError) IsFatalOrCloseNotify() bool {
+	return e.Level == alert.Fatal || e.Description == alert.CloseNotify
+}
+
+func (e *alertError) Is(err error) bool {
+	var other *alertError
+	if errors.As(err, &other) {
+		return e.Level == other.Level && e.Description == other.Description
+	}
+	return false
+}
+
+// netError translates an error from underlying Conn to corresponding net.Error.
+func netError(err error) error {
+	switch {
+	case errors.Is(err, io.EOF), errors.Is(err, context.Canceled), errors.Is(err, context.DeadlineExceeded):
+		// Return io.EOF and context errors as is.
+		return err
+	}
+
+	var (
+		ne      net.Error
+		opError *net.OpError
+		se      *os.SyscallError
+	)
+
+	if errors.As(err, &opError) {
+		if errors.As(opError, &se) {
+			if se.Timeout() {
+				return &TimeoutError{Err: err}
+			}
+			if isOpErrorTemporary(se) {
+				return &TemporaryError{Err: err}
+			}
+		}
+	}
+
+	if errors.As(err, &ne) {
+		return err
+	}
+
+	return &FatalError{Err: err}
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/errors_errno.go b/server/vendor/github.com/pion/dtls/v2/errors_errno.go
new file mode 100644
index 0000000..f8e424e
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/errors_errno.go
@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build aix || darwin || dragonfly || freebsd || linux || nacl || nacljs || netbsd || openbsd || solaris || windows
+// +build aix darwin dragonfly freebsd linux nacl nacljs netbsd openbsd solaris windows
+
+// For systems having syscall.Errno.
+// Update build targets by following command:
+// $ grep -R ECONN $(go env GOROOT)/src/syscall/zerrors_*.go \
+//     | tr "." "_" | cut -d"_" -f"2" | sort | uniq
+
+package dtls
+
+import (
+	"errors"
+	"os"
+	"syscall"
+)
+
+func isOpErrorTemporary(err *os.SyscallError) bool {
+	return errors.Is(err.Err, syscall.ECONNREFUSED)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/errors_noerrno.go b/server/vendor/github.com/pion/dtls/v2/errors_noerrno.go
new file mode 100644
index 0000000..844ff1e
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/errors_noerrno.go
@@ -0,0 +1,18 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !nacl && !nacljs && !netbsd && !openbsd && !solaris && !windows
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!nacl,!nacljs,!netbsd,!openbsd,!solaris,!windows
+
+// For systems without syscall.Errno.
+// Build targets must be inverse of errors_errno.go
+
+package dtls
+
+import (
+	"os"
+)
+
+func isOpErrorTemporary(err *os.SyscallError) bool {
+	return false
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight.go b/server/vendor/github.com/pion/dtls/v2/flight.go
new file mode 100644
index 0000000..cfa58c5
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight.go
@@ -0,0 +1,104 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+/*
+  DTLS messages are grouped into a series of message flights, according
+  to the diagrams below.  Although each flight of messages may consist
+  of a number of messages, they should be viewed as monolithic for the
+  purpose of timeout and retransmission.
+  https://tools.ietf.org/html/rfc4347#section-4.2.4
+
+  Message flights for full handshake:
+
+  Client                                          Server
+  ------                                          ------
+                                      Waiting                 Flight 0
+
+  ClientHello             -------->                           Flight 1
+
+                          <-------    HelloVerifyRequest      Flight 2
+
+  ClientHello              -------->                           Flight 3
+
+                                             ServerHello    \
+                                            Certificate*     \
+                                      ServerKeyExchange*      Flight 4
+                                     CertificateRequest*     /
+                          <--------      ServerHelloDone    /
+
+  Certificate*                                              \
+  ClientKeyExchange                                          \
+  CertificateVerify*                                          Flight 5
+  [ChangeCipherSpec]                                         /
+  Finished                -------->                         /
+
+                                      [ChangeCipherSpec]    \ Flight 6
+                          <--------             Finished    /
+
+  Message flights for session-resuming handshake (no cookie exchange):
+
+  Client                                          Server
+  ------                                          ------
+                                      Waiting                 Flight 0
+
+  ClientHello             -------->                           Flight 1
+
+                                             ServerHello    \
+                                      [ChangeCipherSpec]      Flight 4b
+                          <--------             Finished    /
+
+  [ChangeCipherSpec]                                        \ Flight 5b
+  Finished                -------->                         /
+
+                                      [ChangeCipherSpec]    \ Flight 6
+                          <--------             Finished    /
+*/
+
+type flightVal uint8
+
+const (
+	flight0 flightVal = iota + 1
+	flight1
+	flight2
+	flight3
+	flight4
+	flight4b
+	flight5
+	flight5b
+	flight6
+)
+
+func (f flightVal) String() string {
+	switch f {
+	case flight0:
+		return "Flight 0"
+	case flight1:
+		return "Flight 1"
+	case flight2:
+		return "Flight 2"
+	case flight3:
+		return "Flight 3"
+	case flight4:
+		return "Flight 4"
+	case flight4b:
+		return "Flight 4b"
+	case flight5:
+		return "Flight 5"
+	case flight5b:
+		return "Flight 5b"
+	case flight6:
+		return "Flight 6"
+	default:
+		return "Invalid Flight"
+	}
+}
+
+func (f flightVal) isLastSendFlight() bool {
+	return f == flight6 || f == flight5b
+}
+
+func (f flightVal) isLastRecvFlight() bool {
+	return f == flight5 || f == flight4b
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight0handler.go b/server/vendor/github.com/pion/dtls/v2/flight0handler.go
new file mode 100644
index 0000000..a061995
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight0handler.go
@@ -0,0 +1,138 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+	"crypto/rand"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/extension"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+)
+
+func flight0Parse(_ context.Context, _ flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	seq, msgs, ok := cache.fullPullMap(0, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+	state.handshakeRecvSequence = seq
+
+	var clientHello *handshake.MessageClientHello
+
+	// Validate type
+	if clientHello, ok = msgs[handshake.TypeClientHello].(*handshake.MessageClientHello); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+
+	if !clientHello.Version.Equal(protocol.Version1_2) {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.ProtocolVersion}, errUnsupportedProtocolVersion
+	}
+
+	state.remoteRandom = clientHello.Random
+
+	cipherSuites := []CipherSuite{}
+	for _, id := range clientHello.CipherSuiteIDs {
+		if c := cipherSuiteForID(CipherSuiteID(id), cfg.customCipherSuites); c != nil {
+			cipherSuites = append(cipherSuites, c)
+		}
+	}
+
+	if state.cipherSuite, ok = findMatchingCipherSuite(cipherSuites, cfg.localCipherSuites); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errCipherSuiteNoIntersection
+	}
+
+	for _, val := range clientHello.Extensions {
+		switch e := val.(type) {
+		case *extension.SupportedEllipticCurves:
+			if len(e.EllipticCurves) == 0 {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errNoSupportedEllipticCurves
+			}
+			state.namedCurve = e.EllipticCurves[0]
+		case *extension.UseSRTP:
+			profile, ok := findMatchingSRTPProfile(e.ProtectionProfiles, cfg.localSRTPProtectionProfiles)
+			if !ok {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errServerNoMatchingSRTPProfile
+			}
+			state.setSRTPProtectionProfile(profile)
+		case *extension.UseExtendedMasterSecret:
+			if cfg.extendedMasterSecret != DisableExtendedMasterSecret {
+				state.extendedMasterSecret = true
+			}
+		case *extension.ServerName:
+			state.serverName = e.ServerName // remote server name
+		case *extension.ALPN:
+			state.peerSupportedProtocols = e.ProtocolNameList
+		}
+	}
+
+	if cfg.extendedMasterSecret == RequireExtendedMasterSecret && !state.extendedMasterSecret {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errServerRequiredButNoClientEMS
+	}
+
+	if state.localKeypair == nil {
+		var err error
+		state.localKeypair, err = elliptic.GenerateKeypair(state.namedCurve)
+		if err != nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.IllegalParameter}, err
+		}
+	}
+
+	nextFlight := flight2
+
+	if cfg.insecureSkipHelloVerify {
+		nextFlight = flight4
+	}
+
+	return handleHelloResume(clientHello.SessionID, state, cfg, nextFlight)
+}
+
+func handleHelloResume(sessionID []byte, state *State, cfg *handshakeConfig, next flightVal) (flightVal, *alert.Alert, error) {
+	if len(sessionID) > 0 && cfg.sessionStore != nil {
+		if s, err := cfg.sessionStore.Get(sessionID); err != nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		} else if s.ID != nil {
+			cfg.log.Tracef("[handshake] resume session: %x", sessionID)
+
+			state.SessionID = sessionID
+			state.masterSecret = s.Secret
+
+			if err := state.initCipherSuite(); err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+			}
+
+			clientRandom := state.localRandom.MarshalFixed()
+			cfg.writeKeyLog(keyLogLabelTLS12, clientRandom[:], state.masterSecret)
+
+			return flight4b, nil, nil
+		}
+	}
+	return next, nil, nil
+}
+
+func flight0Generate(_ flightConn, state *State, _ *handshakeCache, cfg *handshakeConfig) ([]*packet, *alert.Alert, error) {
+	// Initialize
+	if !cfg.insecureSkipHelloVerify {
+		state.cookie = make([]byte, cookieLength)
+		if _, err := rand.Read(state.cookie); err != nil {
+			return nil, nil, err
+		}
+	}
+
+	var zeroEpoch uint16
+	state.localEpoch.Store(zeroEpoch)
+	state.remoteEpoch.Store(zeroEpoch)
+	state.namedCurve = defaultNamedCurve
+
+	if err := state.localRandom.Populate(); err != nil {
+		return nil, nil, err
+	}
+
+	return nil, nil, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight1handler.go b/server/vendor/github.com/pion/dtls/v2/flight1handler.go
new file mode 100644
index 0000000..94fdc22
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight1handler.go
@@ -0,0 +1,141 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/extension"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+func flight1Parse(ctx context.Context, c flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	// HelloVerifyRequest can be skipped by the server,
+	// so allow ServerHello during flight1 also
+	seq, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeHelloVerifyRequest, cfg.initialEpoch, false, true},
+		handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, true},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+
+	if _, ok := msgs[handshake.TypeServerHello]; ok {
+		// Flight1 and flight2 were skipped.
+		// Parse as flight3.
+		return flight3Parse(ctx, c, state, cache, cfg)
+	}
+
+	if h, ok := msgs[handshake.TypeHelloVerifyRequest].(*handshake.MessageHelloVerifyRequest); ok {
+		// DTLS 1.2 clients must not assume that the server will use the protocol version
+		// specified in HelloVerifyRequest message. RFC 6347 Section 4.2.1
+		if !h.Version.Equal(protocol.Version1_0) && !h.Version.Equal(protocol.Version1_2) {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.ProtocolVersion}, errUnsupportedProtocolVersion
+		}
+		state.cookie = append([]byte{}, h.Cookie...)
+		state.handshakeRecvSequence = seq
+		return flight3, nil, nil
+	}
+
+	return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+}
+
+func flight1Generate(c flightConn, state *State, _ *handshakeCache, cfg *handshakeConfig) ([]*packet, *alert.Alert, error) {
+	var zeroEpoch uint16
+	state.localEpoch.Store(zeroEpoch)
+	state.remoteEpoch.Store(zeroEpoch)
+	state.namedCurve = defaultNamedCurve
+	state.cookie = nil
+
+	if err := state.localRandom.Populate(); err != nil {
+		return nil, nil, err
+	}
+
+	extensions := []extension.Extension{
+		&extension.SupportedSignatureAlgorithms{
+			SignatureHashAlgorithms: cfg.localSignatureSchemes,
+		},
+		&extension.RenegotiationInfo{
+			RenegotiatedConnection: 0,
+		},
+	}
+
+	var setEllipticCurveCryptographyClientHelloExtensions bool
+	for _, c := range cfg.localCipherSuites {
+		if c.ECC() {
+			setEllipticCurveCryptographyClientHelloExtensions = true
+			break
+		}
+	}
+
+	if setEllipticCurveCryptographyClientHelloExtensions {
+		extensions = append(extensions, []extension.Extension{
+			&extension.SupportedEllipticCurves{
+				EllipticCurves: cfg.ellipticCurves,
+			},
+			&extension.SupportedPointFormats{
+				PointFormats: []elliptic.CurvePointFormat{elliptic.CurvePointFormatUncompressed},
+			},
+		}...)
+	}
+
+	if len(cfg.localSRTPProtectionProfiles) > 0 {
+		extensions = append(extensions, &extension.UseSRTP{
+			ProtectionProfiles: cfg.localSRTPProtectionProfiles,
+		})
+	}
+
+	if cfg.extendedMasterSecret == RequestExtendedMasterSecret ||
+		cfg.extendedMasterSecret == RequireExtendedMasterSecret {
+		extensions = append(extensions, &extension.UseExtendedMasterSecret{
+			Supported: true,
+		})
+	}
+
+	if len(cfg.serverName) > 0 {
+		extensions = append(extensions, &extension.ServerName{ServerName: cfg.serverName})
+	}
+
+	if len(cfg.supportedProtocols) > 0 {
+		extensions = append(extensions, &extension.ALPN{ProtocolNameList: cfg.supportedProtocols})
+	}
+
+	if cfg.sessionStore != nil {
+		cfg.log.Tracef("[handshake] try to resume session")
+		if s, err := cfg.sessionStore.Get(c.sessionKey()); err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		} else if s.ID != nil {
+			cfg.log.Tracef("[handshake] get saved session: %x", s.ID)
+
+			state.SessionID = s.ID
+			state.masterSecret = s.Secret
+		}
+	}
+
+	return []*packet{
+		{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageClientHello{
+						Version:            protocol.Version1_2,
+						SessionID:          state.SessionID,
+						Cookie:             state.cookie,
+						Random:             state.localRandom,
+						CipherSuiteIDs:     cipherSuiteIDs(cfg.localCipherSuites),
+						CompressionMethods: defaultCompressionMethods(),
+						Extensions:         extensions,
+					},
+				},
+			},
+		},
+	}, nil, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight2handler.go b/server/vendor/github.com/pion/dtls/v2/flight2handler.go
new file mode 100644
index 0000000..26e57d2
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight2handler.go
@@ -0,0 +1,64 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"bytes"
+	"context"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+func flight2Parse(ctx context.Context, c flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	seq, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+	)
+	if !ok {
+		// Client may retransmit the first ClientHello when HelloVerifyRequest is dropped.
+		// Parse as flight 0 in this case.
+		return flight0Parse(ctx, c, state, cache, cfg)
+	}
+	state.handshakeRecvSequence = seq
+
+	var clientHello *handshake.MessageClientHello
+
+	// Validate type
+	if clientHello, ok = msgs[handshake.TypeClientHello].(*handshake.MessageClientHello); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+
+	if !clientHello.Version.Equal(protocol.Version1_2) {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.ProtocolVersion}, errUnsupportedProtocolVersion
+	}
+
+	if len(clientHello.Cookie) == 0 {
+		return 0, nil, nil
+	}
+	if !bytes.Equal(state.cookie, clientHello.Cookie) {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.AccessDenied}, errCookieMismatch
+	}
+	return flight4, nil, nil
+}
+
+func flight2Generate(_ flightConn, state *State, _ *handshakeCache, _ *handshakeConfig) ([]*packet, *alert.Alert, error) {
+	state.handshakeSendSequence = 0
+	return []*packet{
+		{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageHelloVerifyRequest{
+						Version: protocol.Version1_2,
+						Cookie:  state.cookie,
+					},
+				},
+			},
+		},
+	}, nil, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight3handler.go b/server/vendor/github.com/pion/dtls/v2/flight3handler.go
new file mode 100644
index 0000000..ab4e730
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight3handler.go
@@ -0,0 +1,291 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"bytes"
+	"context"
+
+	"github.com/pion/dtls/v2/internal/ciphersuite/types"
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/extension"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+func flight3Parse(ctx context.Context, c flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) { //nolint:gocognit
+	// Clients may receive multiple HelloVerifyRequest messages with different cookies.
+	// Clients SHOULD handle this by sending a new ClientHello with a cookie in response
+	// to the new HelloVerifyRequest. RFC 6347 Section 4.2.1
+	seq, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeHelloVerifyRequest, cfg.initialEpoch, false, true},
+	)
+	if ok {
+		if h, msgOk := msgs[handshake.TypeHelloVerifyRequest].(*handshake.MessageHelloVerifyRequest); msgOk {
+			// DTLS 1.2 clients must not assume that the server will use the protocol version
+			// specified in HelloVerifyRequest message. RFC 6347 Section 4.2.1
+			if !h.Version.Equal(protocol.Version1_0) && !h.Version.Equal(protocol.Version1_2) {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.ProtocolVersion}, errUnsupportedProtocolVersion
+			}
+			state.cookie = append([]byte{}, h.Cookie...)
+			state.handshakeRecvSequence = seq
+			return flight3, nil, nil
+		}
+	}
+
+	_, msgs, ok = cache.fullPullMap(state.handshakeRecvSequence, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+	)
+	if !ok {
+		// Don't have enough messages. Keep reading
+		return 0, nil, nil
+	}
+
+	if h, msgOk := msgs[handshake.TypeServerHello].(*handshake.MessageServerHello); msgOk {
+		if !h.Version.Equal(protocol.Version1_2) {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.ProtocolVersion}, errUnsupportedProtocolVersion
+		}
+		for _, v := range h.Extensions {
+			switch e := v.(type) {
+			case *extension.UseSRTP:
+				profile, found := findMatchingSRTPProfile(e.ProtectionProfiles, cfg.localSRTPProtectionProfiles)
+				if !found {
+					return 0, &alert.Alert{Level: alert.Fatal, Description: alert.IllegalParameter}, errClientNoMatchingSRTPProfile
+				}
+				state.setSRTPProtectionProfile(profile)
+			case *extension.UseExtendedMasterSecret:
+				if cfg.extendedMasterSecret != DisableExtendedMasterSecret {
+					state.extendedMasterSecret = true
+				}
+			case *extension.ALPN:
+				if len(e.ProtocolNameList) > 1 { // This should be exactly 1, the zero case is handle when unmarshalling
+					return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, extension.ErrALPNInvalidFormat // Meh, internal error?
+				}
+				state.NegotiatedProtocol = e.ProtocolNameList[0]
+			}
+		}
+		if cfg.extendedMasterSecret == RequireExtendedMasterSecret && !state.extendedMasterSecret {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errClientRequiredButNoServerEMS
+		}
+		if len(cfg.localSRTPProtectionProfiles) > 0 && state.getSRTPProtectionProfile() == 0 {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errRequestedButNoSRTPExtension
+		}
+
+		remoteCipherSuite := cipherSuiteForID(CipherSuiteID(*h.CipherSuiteID), cfg.customCipherSuites)
+		if remoteCipherSuite == nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errCipherSuiteNoIntersection
+		}
+
+		selectedCipherSuite, found := findMatchingCipherSuite([]CipherSuite{remoteCipherSuite}, cfg.localCipherSuites)
+		if !found {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errInvalidCipherSuite
+		}
+
+		state.cipherSuite = selectedCipherSuite
+		state.remoteRandom = h.Random
+		cfg.log.Tracef("[handshake] use cipher suite: %s", selectedCipherSuite.String())
+
+		if len(h.SessionID) > 0 && bytes.Equal(state.SessionID, h.SessionID) {
+			return handleResumption(ctx, c, state, cache, cfg)
+		}
+
+		if len(state.SessionID) > 0 {
+			cfg.log.Tracef("[handshake] clean old session : %s", state.SessionID)
+			if err := cfg.sessionStore.Del(state.SessionID); err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+			}
+		}
+
+		if cfg.sessionStore == nil {
+			state.SessionID = []byte{}
+		} else {
+			state.SessionID = h.SessionID
+		}
+
+		state.masterSecret = []byte{}
+	}
+
+	if cfg.localPSKCallback != nil {
+		seq, msgs, ok = cache.fullPullMap(state.handshakeRecvSequence+1, state.cipherSuite,
+			handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, true},
+			handshakeCachePullRule{handshake.TypeServerHelloDone, cfg.initialEpoch, false, false},
+		)
+	} else {
+		seq, msgs, ok = cache.fullPullMap(state.handshakeRecvSequence+1, state.cipherSuite,
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, false, true},
+			handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificateRequest, cfg.initialEpoch, false, true},
+			handshakeCachePullRule{handshake.TypeServerHelloDone, cfg.initialEpoch, false, false},
+		)
+	}
+	if !ok {
+		// Don't have enough messages. Keep reading
+		return 0, nil, nil
+	}
+	state.handshakeRecvSequence = seq
+
+	if h, ok := msgs[handshake.TypeCertificate].(*handshake.MessageCertificate); ok {
+		state.PeerCertificates = h.Certificate
+	} else if state.cipherSuite.AuthenticationType() == CipherSuiteAuthenticationTypeCertificate {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.NoCertificate}, errInvalidCertificate
+	}
+
+	if h, ok := msgs[handshake.TypeServerKeyExchange].(*handshake.MessageServerKeyExchange); ok {
+		alertPtr, err := handleServerKeyExchange(c, state, cfg, h)
+		if err != nil {
+			return 0, alertPtr, err
+		}
+	}
+
+	if _, ok := msgs[handshake.TypeCertificateRequest].(*handshake.MessageCertificateRequest); ok {
+		state.remoteRequestedCertificate = true
+	}
+
+	return flight5, nil, nil
+}
+
+func handleResumption(ctx context.Context, c flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	if err := state.initCipherSuite(); err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+
+	// Now, encrypted packets can be handled
+	if err := c.handleQueuedPackets(ctx); err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+
+	_, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence+1, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, false, false},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+
+	var finished *handshake.MessageFinished
+	if finished, ok = msgs[handshake.TypeFinished].(*handshake.MessageFinished); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+	plainText := cache.pullAndMerge(
+		handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+		handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+	)
+
+	expectedVerifyData, err := prf.VerifyDataServer(state.masterSecret, plainText, state.cipherSuite.HashFunc())
+	if err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+	if !bytes.Equal(expectedVerifyData, finished.VerifyData) {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, errVerifyDataMismatch
+	}
+
+	clientRandom := state.localRandom.MarshalFixed()
+	cfg.writeKeyLog(keyLogLabelTLS12, clientRandom[:], state.masterSecret)
+
+	return flight5b, nil, nil
+}
+
+func handleServerKeyExchange(_ flightConn, state *State, cfg *handshakeConfig, h *handshake.MessageServerKeyExchange) (*alert.Alert, error) {
+	var err error
+	if state.cipherSuite == nil {
+		return &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errInvalidCipherSuite
+	}
+	if cfg.localPSKCallback != nil {
+		var psk []byte
+		if psk, err = cfg.localPSKCallback(h.IdentityHint); err != nil {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+		state.IdentityHint = h.IdentityHint
+		switch state.cipherSuite.KeyExchangeAlgorithm() {
+		case types.KeyExchangeAlgorithmPsk:
+			state.preMasterSecret = prf.PSKPreMasterSecret(psk)
+		case (types.KeyExchangeAlgorithmEcdhe | types.KeyExchangeAlgorithmPsk):
+			if state.localKeypair, err = elliptic.GenerateKeypair(h.NamedCurve); err != nil {
+				return &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+			}
+			state.preMasterSecret, err = prf.EcdhePSKPreMasterSecret(psk, h.PublicKey, state.localKeypair.PrivateKey, state.localKeypair.Curve)
+			if err != nil {
+				return &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+			}
+		default:
+			return &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errInvalidCipherSuite
+		}
+	} else {
+		if state.localKeypair, err = elliptic.GenerateKeypair(h.NamedCurve); err != nil {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+
+		if state.preMasterSecret, err = prf.PreMasterSecret(h.PublicKey, state.localKeypair.PrivateKey, state.localKeypair.Curve); err != nil {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	return nil, nil //nolint:nilnil
+}
+
+func flight3Generate(_ flightConn, state *State, _ *handshakeCache, cfg *handshakeConfig) ([]*packet, *alert.Alert, error) {
+	extensions := []extension.Extension{
+		&extension.SupportedSignatureAlgorithms{
+			SignatureHashAlgorithms: cfg.localSignatureSchemes,
+		},
+		&extension.RenegotiationInfo{
+			RenegotiatedConnection: 0,
+		},
+	}
+	if state.namedCurve != 0 {
+		extensions = append(extensions, []extension.Extension{
+			&extension.SupportedEllipticCurves{
+				EllipticCurves: []elliptic.Curve{elliptic.X25519, elliptic.P256, elliptic.P384},
+			},
+			&extension.SupportedPointFormats{
+				PointFormats: []elliptic.CurvePointFormat{elliptic.CurvePointFormatUncompressed},
+			},
+		}...)
+	}
+
+	if len(cfg.localSRTPProtectionProfiles) > 0 {
+		extensions = append(extensions, &extension.UseSRTP{
+			ProtectionProfiles: cfg.localSRTPProtectionProfiles,
+		})
+	}
+
+	if cfg.extendedMasterSecret == RequestExtendedMasterSecret ||
+		cfg.extendedMasterSecret == RequireExtendedMasterSecret {
+		extensions = append(extensions, &extension.UseExtendedMasterSecret{
+			Supported: true,
+		})
+	}
+
+	if len(cfg.serverName) > 0 {
+		extensions = append(extensions, &extension.ServerName{ServerName: cfg.serverName})
+	}
+
+	if len(cfg.supportedProtocols) > 0 {
+		extensions = append(extensions, &extension.ALPN{ProtocolNameList: cfg.supportedProtocols})
+	}
+
+	return []*packet{
+		{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageClientHello{
+						Version:            protocol.Version1_2,
+						SessionID:          state.SessionID,
+						Cookie:             state.cookie,
+						Random:             state.localRandom,
+						CipherSuiteIDs:     cipherSuiteIDs(cfg.localCipherSuites),
+						CompressionMethods: defaultCompressionMethods(),
+						Extensions:         extensions,
+					},
+				},
+			},
+		},
+	}, nil, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight4bhandler.go b/server/vendor/github.com/pion/dtls/v2/flight4bhandler.go
new file mode 100644
index 0000000..6b1b904
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight4bhandler.go
@@ -0,0 +1,144 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"bytes"
+	"context"
+
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/extension"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+func flight4bParse(_ context.Context, _ flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	_, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, true, false},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+
+	var finished *handshake.MessageFinished
+	if finished, ok = msgs[handshake.TypeFinished].(*handshake.MessageFinished); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+
+	plainText := cache.pullAndMerge(
+		handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+		handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, false, false},
+	)
+
+	expectedVerifyData, err := prf.VerifyDataClient(state.masterSecret, plainText, state.cipherSuite.HashFunc())
+	if err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+	if !bytes.Equal(expectedVerifyData, finished.VerifyData) {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, errVerifyDataMismatch
+	}
+
+	// Other party may re-transmit the last flight. Keep state to be flight4b.
+	return flight4b, nil, nil
+}
+
+func flight4bGenerate(_ flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) ([]*packet, *alert.Alert, error) {
+	var pkts []*packet
+
+	extensions := []extension.Extension{&extension.RenegotiationInfo{
+		RenegotiatedConnection: 0,
+	}}
+	if (cfg.extendedMasterSecret == RequestExtendedMasterSecret ||
+		cfg.extendedMasterSecret == RequireExtendedMasterSecret) && state.extendedMasterSecret {
+		extensions = append(extensions, &extension.UseExtendedMasterSecret{
+			Supported: true,
+		})
+	}
+	if state.getSRTPProtectionProfile() != 0 {
+		extensions = append(extensions, &extension.UseSRTP{
+			ProtectionProfiles: []SRTPProtectionProfile{state.getSRTPProtectionProfile()},
+		})
+	}
+
+	selectedProto, err := extension.ALPNProtocolSelection(cfg.supportedProtocols, state.peerSupportedProtocols)
+	if err != nil {
+		return nil, &alert.Alert{Level: alert.Fatal, Description: alert.NoApplicationProtocol}, err
+	}
+	if selectedProto != "" {
+		extensions = append(extensions, &extension.ALPN{
+			ProtocolNameList: []string{selectedProto},
+		})
+		state.NegotiatedProtocol = selectedProto
+	}
+
+	cipherSuiteID := uint16(state.cipherSuite.ID())
+	serverHello := &handshake.Handshake{
+		Message: &handshake.MessageServerHello{
+			Version:           protocol.Version1_2,
+			Random:            state.localRandom,
+			SessionID:         state.SessionID,
+			CipherSuiteID:     &cipherSuiteID,
+			CompressionMethod: defaultCompressionMethods()[0],
+			Extensions:        extensions,
+		},
+	}
+
+	serverHello.Header.MessageSequence = uint16(state.handshakeSendSequence)
+
+	if len(state.localVerifyData) == 0 {
+		plainText := cache.pullAndMerge(
+			handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+		)
+		raw, err := serverHello.Marshal()
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+		plainText = append(plainText, raw...)
+
+		state.localVerifyData, err = prf.VerifyDataServer(state.masterSecret, plainText, state.cipherSuite.HashFunc())
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	pkts = append(pkts,
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: serverHello,
+			},
+		},
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &protocol.ChangeCipherSpec{},
+			},
+		},
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+					Epoch:   1,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageFinished{
+						VerifyData: state.localVerifyData,
+					},
+				},
+			},
+			shouldEncrypt:            true,
+			resetLocalSequenceNumber: true,
+		},
+	)
+
+	return pkts, nil, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight4handler.go b/server/vendor/github.com/pion/dtls/v2/flight4handler.go
new file mode 100644
index 0000000..404f7d1
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight4handler.go
@@ -0,0 +1,402 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+	"crypto/rand"
+	"crypto/x509"
+
+	"github.com/pion/dtls/v2/internal/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/crypto/signaturehash"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/extension"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+func flight4Parse(ctx context.Context, c flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) { //nolint:gocognit
+	seq, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, true, true},
+		handshakeCachePullRule{handshake.TypeClientKeyExchange, cfg.initialEpoch, true, false},
+		handshakeCachePullRule{handshake.TypeCertificateVerify, cfg.initialEpoch, true, true},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+
+	// Validate type
+	var clientKeyExchange *handshake.MessageClientKeyExchange
+	if clientKeyExchange, ok = msgs[handshake.TypeClientKeyExchange].(*handshake.MessageClientKeyExchange); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+
+	if h, hasCert := msgs[handshake.TypeCertificate].(*handshake.MessageCertificate); hasCert {
+		state.PeerCertificates = h.Certificate
+		// If the client offer its certificate, just disable session resumption.
+		// Otherwise, we have to store the certificate identitfication and expire time.
+		// And we have to check whether this certificate expired, revoked or changed.
+		//
+		// https://curl.se/docs/CVE-2016-5419.html
+		state.SessionID = nil
+	}
+
+	if h, hasCertVerify := msgs[handshake.TypeCertificateVerify].(*handshake.MessageCertificateVerify); hasCertVerify {
+		if state.PeerCertificates == nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.NoCertificate}, errCertificateVerifyNoCertificate
+		}
+
+		plainText := cache.pullAndMerge(
+			handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificateRequest, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeServerHelloDone, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeClientKeyExchange, cfg.initialEpoch, true, false},
+		)
+
+		// Verify that the pair of hash algorithm and signiture is listed.
+		var validSignatureScheme bool
+		for _, ss := range cfg.localSignatureSchemes {
+			if ss.Hash == h.HashAlgorithm && ss.Signature == h.SignatureAlgorithm {
+				validSignatureScheme = true
+				break
+			}
+		}
+		if !validSignatureScheme {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errNoAvailableSignatureSchemes
+		}
+
+		if err := verifyCertificateVerify(plainText, h.HashAlgorithm, h.Signature, state.PeerCertificates); err != nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+		}
+		var chains [][]*x509.Certificate
+		var err error
+		var verified bool
+		if cfg.clientAuth >= VerifyClientCertIfGiven {
+			if chains, err = verifyClientCert(state.PeerCertificates, cfg.clientCAs); err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+			}
+			verified = true
+		}
+		if cfg.verifyPeerCertificate != nil {
+			if err := cfg.verifyPeerCertificate(state.PeerCertificates, chains); err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+			}
+		}
+		state.peerCertificatesVerified = verified
+	} else if state.PeerCertificates != nil {
+		// A certificate was received, but we haven't seen a CertificateVerify
+		// keep reading until we receive one
+		return 0, nil, nil
+	}
+
+	if !state.cipherSuite.IsInitialized() {
+		serverRandom := state.localRandom.MarshalFixed()
+		clientRandom := state.remoteRandom.MarshalFixed()
+
+		var err error
+		var preMasterSecret []byte
+		if state.cipherSuite.AuthenticationType() == CipherSuiteAuthenticationTypePreSharedKey {
+			var psk []byte
+			if psk, err = cfg.localPSKCallback(clientKeyExchange.IdentityHint); err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+			}
+			state.IdentityHint = clientKeyExchange.IdentityHint
+			switch state.cipherSuite.KeyExchangeAlgorithm() {
+			case CipherSuiteKeyExchangeAlgorithmPsk:
+				preMasterSecret = prf.PSKPreMasterSecret(psk)
+			case (CipherSuiteKeyExchangeAlgorithmPsk | CipherSuiteKeyExchangeAlgorithmEcdhe):
+				if preMasterSecret, err = prf.EcdhePSKPreMasterSecret(psk, clientKeyExchange.PublicKey, state.localKeypair.PrivateKey, state.localKeypair.Curve); err != nil {
+					return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+				}
+			default:
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, errInvalidCipherSuite
+			}
+		} else {
+			preMasterSecret, err = prf.PreMasterSecret(clientKeyExchange.PublicKey, state.localKeypair.PrivateKey, state.localKeypair.Curve)
+			if err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.IllegalParameter}, err
+			}
+		}
+
+		if state.extendedMasterSecret {
+			var sessionHash []byte
+			sessionHash, err = cache.sessionHash(state.cipherSuite.HashFunc(), cfg.initialEpoch)
+			if err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+			}
+
+			state.masterSecret, err = prf.ExtendedMasterSecret(preMasterSecret, sessionHash, state.cipherSuite.HashFunc())
+			if err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+			}
+		} else {
+			state.masterSecret, err = prf.MasterSecret(preMasterSecret, clientRandom[:], serverRandom[:], state.cipherSuite.HashFunc())
+			if err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+			}
+		}
+
+		if err := state.cipherSuite.Init(state.masterSecret, clientRandom[:], serverRandom[:], false); err != nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+		cfg.writeKeyLog(keyLogLabelTLS12, clientRandom[:], state.masterSecret)
+	}
+
+	if len(state.SessionID) > 0 {
+		s := Session{
+			ID:     state.SessionID,
+			Secret: state.masterSecret,
+		}
+		cfg.log.Tracef("[handshake] save new session: %x", s.ID)
+		if err := cfg.sessionStore.Set(state.SessionID, s); err != nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	// Now, encrypted packets can be handled
+	if err := c.handleQueuedPackets(ctx); err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+
+	seq, msgs, ok = cache.fullPullMap(seq, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, true, false},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+	state.handshakeRecvSequence = seq
+
+	if _, ok = msgs[handshake.TypeFinished].(*handshake.MessageFinished); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+
+	if state.cipherSuite.AuthenticationType() == CipherSuiteAuthenticationTypeAnonymous {
+		if cfg.verifyConnection != nil {
+			if err := cfg.verifyConnection(state.clone()); err != nil {
+				return 0, &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+			}
+		}
+		return flight6, nil, nil
+	}
+
+	switch cfg.clientAuth {
+	case RequireAnyClientCert:
+		if state.PeerCertificates == nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.NoCertificate}, errClientCertificateRequired
+		}
+	case VerifyClientCertIfGiven:
+		if state.PeerCertificates != nil && !state.peerCertificatesVerified {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, errClientCertificateNotVerified
+		}
+	case RequireAndVerifyClientCert:
+		if state.PeerCertificates == nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.NoCertificate}, errClientCertificateRequired
+		}
+		if !state.peerCertificatesVerified {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, errClientCertificateNotVerified
+		}
+	case NoClientCert, RequestClientCert:
+		// go to flight6
+	}
+	if cfg.verifyConnection != nil {
+		if err := cfg.verifyConnection(state.clone()); err != nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+		}
+	}
+
+	return flight6, nil, nil
+}
+
+func flight4Generate(_ flightConn, state *State, _ *handshakeCache, cfg *handshakeConfig) ([]*packet, *alert.Alert, error) {
+	extensions := []extension.Extension{&extension.RenegotiationInfo{
+		RenegotiatedConnection: 0,
+	}}
+	if (cfg.extendedMasterSecret == RequestExtendedMasterSecret ||
+		cfg.extendedMasterSecret == RequireExtendedMasterSecret) && state.extendedMasterSecret {
+		extensions = append(extensions, &extension.UseExtendedMasterSecret{
+			Supported: true,
+		})
+	}
+	if state.getSRTPProtectionProfile() != 0 {
+		extensions = append(extensions, &extension.UseSRTP{
+			ProtectionProfiles: []SRTPProtectionProfile{state.getSRTPProtectionProfile()},
+		})
+	}
+	if state.cipherSuite.AuthenticationType() == CipherSuiteAuthenticationTypeCertificate {
+		extensions = append(extensions, &extension.SupportedPointFormats{
+			PointFormats: []elliptic.CurvePointFormat{elliptic.CurvePointFormatUncompressed},
+		})
+	}
+
+	selectedProto, err := extension.ALPNProtocolSelection(cfg.supportedProtocols, state.peerSupportedProtocols)
+	if err != nil {
+		return nil, &alert.Alert{Level: alert.Fatal, Description: alert.NoApplicationProtocol}, err
+	}
+	if selectedProto != "" {
+		extensions = append(extensions, &extension.ALPN{
+			ProtocolNameList: []string{selectedProto},
+		})
+		state.NegotiatedProtocol = selectedProto
+	}
+
+	var pkts []*packet
+	cipherSuiteID := uint16(state.cipherSuite.ID())
+
+	if cfg.sessionStore != nil {
+		state.SessionID = make([]byte, sessionLength)
+		if _, err := rand.Read(state.SessionID); err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	pkts = append(pkts, &packet{
+		record: &recordlayer.RecordLayer{
+			Header: recordlayer.Header{
+				Version: protocol.Version1_2,
+			},
+			Content: &handshake.Handshake{
+				Message: &handshake.MessageServerHello{
+					Version:           protocol.Version1_2,
+					Random:            state.localRandom,
+					SessionID:         state.SessionID,
+					CipherSuiteID:     &cipherSuiteID,
+					CompressionMethod: defaultCompressionMethods()[0],
+					Extensions:        extensions,
+				},
+			},
+		},
+	})
+
+	switch {
+	case state.cipherSuite.AuthenticationType() == CipherSuiteAuthenticationTypeCertificate:
+		certificate, err := cfg.getCertificate(&ClientHelloInfo{
+			ServerName:   state.serverName,
+			CipherSuites: []ciphersuite.ID{state.cipherSuite.ID()},
+		})
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, err
+		}
+
+		pkts = append(pkts, &packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageCertificate{
+						Certificate: certificate.Certificate,
+					},
+				},
+			},
+		})
+
+		serverRandom := state.localRandom.MarshalFixed()
+		clientRandom := state.remoteRandom.MarshalFixed()
+
+		// Find compatible signature scheme
+		signatureHashAlgo, err := signaturehash.SelectSignatureScheme(cfg.localSignatureSchemes, certificate.PrivateKey)
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, err
+		}
+
+		signature, err := generateKeySignature(clientRandom[:], serverRandom[:], state.localKeypair.PublicKey, state.namedCurve, certificate.PrivateKey, signatureHashAlgo.Hash)
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+		state.localKeySignature = signature
+
+		pkts = append(pkts, &packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageServerKeyExchange{
+						EllipticCurveType:  elliptic.CurveTypeNamedCurve,
+						NamedCurve:         state.namedCurve,
+						PublicKey:          state.localKeypair.PublicKey,
+						HashAlgorithm:      signatureHashAlgo.Hash,
+						SignatureAlgorithm: signatureHashAlgo.Signature,
+						Signature:          state.localKeySignature,
+					},
+				},
+			},
+		})
+
+		if cfg.clientAuth > NoClientCert {
+			// An empty list of certificateAuthorities signals to
+			// the client that it may send any certificate in response
+			// to our request. When we know the CAs we trust, then
+			// we can send them down, so that the client can choose
+			// an appropriate certificate to give to us.
+			var certificateAuthorities [][]byte
+			if cfg.clientCAs != nil {
+				// nolint:staticcheck // ignoring tlsCert.RootCAs.Subjects is deprecated ERR because cert does not come from SystemCertPool and it's ok if certificate authorities is empty.
+				certificateAuthorities = cfg.clientCAs.Subjects()
+			}
+			pkts = append(pkts, &packet{
+				record: &recordlayer.RecordLayer{
+					Header: recordlayer.Header{
+						Version: protocol.Version1_2,
+					},
+					Content: &handshake.Handshake{
+						Message: &handshake.MessageCertificateRequest{
+							CertificateTypes:            []clientcertificate.Type{clientcertificate.RSASign, clientcertificate.ECDSASign},
+							SignatureHashAlgorithms:     cfg.localSignatureSchemes,
+							CertificateAuthoritiesNames: certificateAuthorities,
+						},
+					},
+				},
+			})
+		}
+	case cfg.localPSKIdentityHint != nil || state.cipherSuite.KeyExchangeAlgorithm().Has(CipherSuiteKeyExchangeAlgorithmEcdhe):
+		// To help the client in selecting which identity to use, the server
+		// can provide a "PSK identity hint" in the ServerKeyExchange message.
+		// If no hint is provided and cipher suite doesn't use elliptic curve,
+		// the ServerKeyExchange message is omitted.
+		//
+		// https://tools.ietf.org/html/rfc4279#section-2
+		srvExchange := &handshake.MessageServerKeyExchange{
+			IdentityHint: cfg.localPSKIdentityHint,
+		}
+		if state.cipherSuite.KeyExchangeAlgorithm().Has(CipherSuiteKeyExchangeAlgorithmEcdhe) {
+			srvExchange.EllipticCurveType = elliptic.CurveTypeNamedCurve
+			srvExchange.NamedCurve = state.namedCurve
+			srvExchange.PublicKey = state.localKeypair.PublicKey
+		}
+		pkts = append(pkts, &packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &handshake.Handshake{
+					Message: srvExchange,
+				},
+			},
+		})
+	}
+
+	pkts = append(pkts, &packet{
+		record: &recordlayer.RecordLayer{
+			Header: recordlayer.Header{
+				Version: protocol.Version1_2,
+			},
+			Content: &handshake.Handshake{
+				Message: &handshake.MessageServerHelloDone{},
+			},
+		},
+	})
+
+	return pkts, nil, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight5bhandler.go b/server/vendor/github.com/pion/dtls/v2/flight5bhandler.go
new file mode 100644
index 0000000..ddd3732
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight5bhandler.go
@@ -0,0 +1,78 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+func flight5bParse(_ context.Context, _ flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	_, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence-1, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, false, false},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+
+	if _, ok = msgs[handshake.TypeFinished].(*handshake.MessageFinished); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+
+	// Other party may re-transmit the last flight. Keep state to be flight5b.
+	return flight5b, nil, nil
+}
+
+func flight5bGenerate(_ flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) ([]*packet, *alert.Alert, error) { //nolint:gocognit
+	var pkts []*packet
+
+	pkts = append(pkts,
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &protocol.ChangeCipherSpec{},
+			},
+		})
+
+	if len(state.localVerifyData) == 0 {
+		plainText := cache.pullAndMerge(
+			handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, false, false},
+		)
+
+		var err error
+		state.localVerifyData, err = prf.VerifyDataClient(state.masterSecret, plainText, state.cipherSuite.HashFunc())
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	pkts = append(pkts,
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+					Epoch:   1,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageFinished{
+						VerifyData: state.localVerifyData,
+					},
+				},
+			},
+			shouldEncrypt:            true,
+			resetLocalSequenceNumber: true,
+		})
+
+	return pkts, nil, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight5handler.go b/server/vendor/github.com/pion/dtls/v2/flight5handler.go
new file mode 100644
index 0000000..e8adf4f
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight5handler.go
@@ -0,0 +1,357 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"bytes"
+	"context"
+	"crypto"
+	"crypto/x509"
+
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/crypto/signaturehash"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+func flight5Parse(_ context.Context, c flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	_, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, false, false},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+
+	var finished *handshake.MessageFinished
+	if finished, ok = msgs[handshake.TypeFinished].(*handshake.MessageFinished); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+	plainText := cache.pullAndMerge(
+		handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+		handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+		handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, false, false},
+		handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, false},
+		handshakeCachePullRule{handshake.TypeCertificateRequest, cfg.initialEpoch, false, false},
+		handshakeCachePullRule{handshake.TypeServerHelloDone, cfg.initialEpoch, false, false},
+		handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, true, false},
+		handshakeCachePullRule{handshake.TypeClientKeyExchange, cfg.initialEpoch, true, false},
+		handshakeCachePullRule{handshake.TypeCertificateVerify, cfg.initialEpoch, true, false},
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, true, false},
+	)
+
+	expectedVerifyData, err := prf.VerifyDataServer(state.masterSecret, plainText, state.cipherSuite.HashFunc())
+	if err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+	if !bytes.Equal(expectedVerifyData, finished.VerifyData) {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, errVerifyDataMismatch
+	}
+
+	if len(state.SessionID) > 0 {
+		s := Session{
+			ID:     state.SessionID,
+			Secret: state.masterSecret,
+		}
+		cfg.log.Tracef("[handshake] save new session: %x", s.ID)
+		if err := cfg.sessionStore.Set(c.sessionKey(), s); err != nil {
+			return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	return flight5, nil, nil
+}
+
+func flight5Generate(c flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) ([]*packet, *alert.Alert, error) { //nolint:gocognit
+	var privateKey crypto.PrivateKey
+	var pkts []*packet
+	if state.remoteRequestedCertificate {
+		_, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence-2, state.cipherSuite,
+			handshakeCachePullRule{handshake.TypeCertificateRequest, cfg.initialEpoch, false, false})
+		if !ok {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, errClientCertificateRequired
+		}
+		reqInfo := CertificateRequestInfo{}
+		if r, ok := msgs[handshake.TypeCertificateRequest].(*handshake.MessageCertificateRequest); ok {
+			reqInfo.AcceptableCAs = r.CertificateAuthoritiesNames
+		} else {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, errClientCertificateRequired
+		}
+		certificate, err := cfg.getClientCertificate(&reqInfo)
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, err
+		}
+		if certificate == nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, errNotAcceptableCertificateChain
+		}
+		if certificate.Certificate != nil {
+			privateKey = certificate.PrivateKey
+		}
+		pkts = append(pkts,
+			&packet{
+				record: &recordlayer.RecordLayer{
+					Header: recordlayer.Header{
+						Version: protocol.Version1_2,
+					},
+					Content: &handshake.Handshake{
+						Message: &handshake.MessageCertificate{
+							Certificate: certificate.Certificate,
+						},
+					},
+				},
+			})
+	}
+
+	clientKeyExchange := &handshake.MessageClientKeyExchange{}
+	if cfg.localPSKCallback == nil {
+		clientKeyExchange.PublicKey = state.localKeypair.PublicKey
+	} else {
+		clientKeyExchange.IdentityHint = cfg.localPSKIdentityHint
+	}
+	if state != nil && state.localKeypair != nil && len(state.localKeypair.PublicKey) > 0 {
+		clientKeyExchange.PublicKey = state.localKeypair.PublicKey
+	}
+
+	pkts = append(pkts,
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &handshake.Handshake{
+					Message: clientKeyExchange,
+				},
+			},
+		})
+
+	serverKeyExchangeData := cache.pullAndMerge(
+		handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, false},
+	)
+
+	serverKeyExchange := &handshake.MessageServerKeyExchange{}
+
+	// handshakeMessageServerKeyExchange is optional for PSK
+	if len(serverKeyExchangeData) == 0 {
+		alertPtr, err := handleServerKeyExchange(c, state, cfg, &handshake.MessageServerKeyExchange{})
+		if err != nil {
+			return nil, alertPtr, err
+		}
+	} else {
+		rawHandshake := &handshake.Handshake{
+			KeyExchangeAlgorithm: state.cipherSuite.KeyExchangeAlgorithm(),
+		}
+		err := rawHandshake.Unmarshal(serverKeyExchangeData)
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.UnexpectedMessage}, err
+		}
+
+		switch h := rawHandshake.Message.(type) {
+		case *handshake.MessageServerKeyExchange:
+			serverKeyExchange = h
+		default:
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.UnexpectedMessage}, errInvalidContentType
+		}
+	}
+
+	// Append not-yet-sent packets
+	merged := []byte{}
+	seqPred := uint16(state.handshakeSendSequence)
+	for _, p := range pkts {
+		h, ok := p.record.Content.(*handshake.Handshake)
+		if !ok {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, errInvalidContentType
+		}
+		h.Header.MessageSequence = seqPred
+		seqPred++
+		raw, err := h.Marshal()
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+		merged = append(merged, raw...)
+	}
+
+	if alertPtr, err := initalizeCipherSuite(state, cache, cfg, serverKeyExchange, merged); err != nil {
+		return nil, alertPtr, err
+	}
+
+	// If the client has sent a certificate with signing ability, a digitally-signed
+	// CertificateVerify message is sent to explicitly verify possession of the
+	// private key in the certificate.
+	if state.remoteRequestedCertificate && privateKey != nil {
+		plainText := append(cache.pullAndMerge(
+			handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificateRequest, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeServerHelloDone, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeClientKeyExchange, cfg.initialEpoch, true, false},
+		), merged...)
+
+		// Find compatible signature scheme
+		signatureHashAlgo, err := signaturehash.SelectSignatureScheme(cfg.localSignatureSchemes, privateKey)
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, err
+		}
+
+		certVerify, err := generateCertificateVerify(plainText, privateKey, signatureHashAlgo.Hash)
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+		state.localCertificatesVerify = certVerify
+
+		p := &packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageCertificateVerify{
+						HashAlgorithm:      signatureHashAlgo.Hash,
+						SignatureAlgorithm: signatureHashAlgo.Signature,
+						Signature:          state.localCertificatesVerify,
+					},
+				},
+			},
+		}
+		pkts = append(pkts, p)
+
+		h, ok := p.record.Content.(*handshake.Handshake)
+		if !ok {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, errInvalidContentType
+		}
+		h.Header.MessageSequence = seqPred
+		// seqPred++ // this is the last use of seqPred
+		raw, err := h.Marshal()
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+		merged = append(merged, raw...)
+	}
+
+	pkts = append(pkts,
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &protocol.ChangeCipherSpec{},
+			},
+		})
+
+	if len(state.localVerifyData) == 0 {
+		plainText := cache.pullAndMerge(
+			handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificateRequest, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeServerHelloDone, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeClientKeyExchange, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeCertificateVerify, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, true, false},
+		)
+
+		var err error
+		state.localVerifyData, err = prf.VerifyDataClient(state.masterSecret, append(plainText, merged...), state.cipherSuite.HashFunc())
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	pkts = append(pkts,
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+					Epoch:   1,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageFinished{
+						VerifyData: state.localVerifyData,
+					},
+				},
+			},
+			shouldEncrypt:            true,
+			resetLocalSequenceNumber: true,
+		})
+
+	return pkts, nil, nil
+}
+
+func initalizeCipherSuite(state *State, cache *handshakeCache, cfg *handshakeConfig, h *handshake.MessageServerKeyExchange, sendingPlainText []byte) (*alert.Alert, error) { //nolint:gocognit
+	if state.cipherSuite.IsInitialized() {
+		return nil, nil //nolint
+	}
+
+	clientRandom := state.localRandom.MarshalFixed()
+	serverRandom := state.remoteRandom.MarshalFixed()
+
+	var err error
+
+	if state.extendedMasterSecret {
+		var sessionHash []byte
+		sessionHash, err = cache.sessionHash(state.cipherSuite.HashFunc(), cfg.initialEpoch, sendingPlainText)
+		if err != nil {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+
+		state.masterSecret, err = prf.ExtendedMasterSecret(state.preMasterSecret, sessionHash, state.cipherSuite.HashFunc())
+		if err != nil {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.IllegalParameter}, err
+		}
+	} else {
+		state.masterSecret, err = prf.MasterSecret(state.preMasterSecret, clientRandom[:], serverRandom[:], state.cipherSuite.HashFunc())
+		if err != nil {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	if state.cipherSuite.AuthenticationType() == CipherSuiteAuthenticationTypeCertificate {
+		// Verify that the pair of hash algorithm and signiture is listed.
+		var validSignatureScheme bool
+		for _, ss := range cfg.localSignatureSchemes {
+			if ss.Hash == h.HashAlgorithm && ss.Signature == h.SignatureAlgorithm {
+				validSignatureScheme = true
+				break
+			}
+		}
+		if !validSignatureScheme {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.InsufficientSecurity}, errNoAvailableSignatureSchemes
+		}
+
+		expectedMsg := valueKeyMessage(clientRandom[:], serverRandom[:], h.PublicKey, h.NamedCurve)
+		if err = verifyKeySignature(expectedMsg, h.Signature, h.HashAlgorithm, state.PeerCertificates); err != nil {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+		}
+		var chains [][]*x509.Certificate
+		if !cfg.insecureSkipVerify {
+			if chains, err = verifyServerCert(state.PeerCertificates, cfg.rootCAs, cfg.serverName); err != nil {
+				return &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+			}
+		}
+		if cfg.verifyPeerCertificate != nil {
+			if err = cfg.verifyPeerCertificate(state.PeerCertificates, chains); err != nil {
+				return &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+			}
+		}
+	}
+	if cfg.verifyConnection != nil {
+		if err = cfg.verifyConnection(state.clone()); err != nil {
+			return &alert.Alert{Level: alert.Fatal, Description: alert.BadCertificate}, err
+		}
+	}
+
+	if err = state.cipherSuite.Init(state.masterSecret, clientRandom[:], serverRandom[:], true); err != nil {
+		return &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+
+	cfg.writeKeyLog(keyLogLabelTLS12, clientRandom[:], state.masterSecret)
+
+	return nil, nil //nolint
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flight6handler.go b/server/vendor/github.com/pion/dtls/v2/flight6handler.go
new file mode 100644
index 0000000..57ac143
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flight6handler.go
@@ -0,0 +1,85 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+func flight6Parse(_ context.Context, _ flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	_, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence-1, state.cipherSuite,
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, true, false},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+
+	if _, ok = msgs[handshake.TypeFinished].(*handshake.MessageFinished); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+
+	// Other party may re-transmit the last flight. Keep state to be flight6.
+	return flight6, nil, nil
+}
+
+func flight6Generate(_ flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) ([]*packet, *alert.Alert, error) {
+	var pkts []*packet
+
+	pkts = append(pkts,
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+				},
+				Content: &protocol.ChangeCipherSpec{},
+			},
+		})
+
+	if len(state.localVerifyData) == 0 {
+		plainText := cache.pullAndMerge(
+			handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificateRequest, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeServerHelloDone, cfg.initialEpoch, false, false},
+			handshakeCachePullRule{handshake.TypeCertificate, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeClientKeyExchange, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeCertificateVerify, cfg.initialEpoch, true, false},
+			handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, true, false},
+		)
+
+		var err error
+		state.localVerifyData, err = prf.VerifyDataServer(state.masterSecret, plainText, state.cipherSuite.HashFunc())
+		if err != nil {
+			return nil, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+		}
+	}
+
+	pkts = append(pkts,
+		&packet{
+			record: &recordlayer.RecordLayer{
+				Header: recordlayer.Header{
+					Version: protocol.Version1_2,
+					Epoch:   1,
+				},
+				Content: &handshake.Handshake{
+					Message: &handshake.MessageFinished{
+						VerifyData: state.localVerifyData,
+					},
+				},
+			},
+			shouldEncrypt:            true,
+			resetLocalSequenceNumber: true,
+		},
+	)
+	return pkts, nil, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/flighthandler.go b/server/vendor/github.com/pion/dtls/v2/flighthandler.go
new file mode 100644
index 0000000..ceb4a99
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/flighthandler.go
@@ -0,0 +1,68 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+)
+
+// Parse received handshakes and return next flightVal
+type flightParser func(context.Context, flightConn, *State, *handshakeCache, *handshakeConfig) (flightVal, *alert.Alert, error)
+
+// Generate flights
+type flightGenerator func(flightConn, *State, *handshakeCache, *handshakeConfig) ([]*packet, *alert.Alert, error)
+
+func (f flightVal) getFlightParser() (flightParser, error) {
+	switch f {
+	case flight0:
+		return flight0Parse, nil
+	case flight1:
+		return flight1Parse, nil
+	case flight2:
+		return flight2Parse, nil
+	case flight3:
+		return flight3Parse, nil
+	case flight4:
+		return flight4Parse, nil
+	case flight4b:
+		return flight4bParse, nil
+	case flight5:
+		return flight5Parse, nil
+	case flight5b:
+		return flight5bParse, nil
+	case flight6:
+		return flight6Parse, nil
+	default:
+		return nil, errInvalidFlight
+	}
+}
+
+func (f flightVal) getFlightGenerator() (gen flightGenerator, retransmit bool, err error) {
+	switch f {
+	case flight0:
+		return flight0Generate, true, nil
+	case flight1:
+		return flight1Generate, true, nil
+	case flight2:
+		// https://tools.ietf.org/html/rfc6347#section-3.2.1
+		// HelloVerifyRequests must not be retransmitted.
+		return flight2Generate, false, nil
+	case flight3:
+		return flight3Generate, true, nil
+	case flight4:
+		return flight4Generate, true, nil
+	case flight4b:
+		return flight4bGenerate, true, nil
+	case flight5:
+		return flight5Generate, true, nil
+	case flight5b:
+		return flight5bGenerate, true, nil
+	case flight6:
+		return flight6Generate, true, nil
+	default:
+		return nil, false, errInvalidFlight
+	}
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/fragment_buffer.go b/server/vendor/github.com/pion/dtls/v2/fragment_buffer.go
new file mode 100644
index 0000000..f200337
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/fragment_buffer.go
@@ -0,0 +1,132 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// 2 megabytes
+const fragmentBufferMaxSize = 2000000
+
+type fragment struct {
+	recordLayerHeader recordlayer.Header
+	handshakeHeader   handshake.Header
+	data              []byte
+}
+
+type fragmentBuffer struct {
+	// map of MessageSequenceNumbers that hold slices of fragments
+	cache map[uint16][]*fragment
+
+	currentMessageSequenceNumber uint16
+}
+
+func newFragmentBuffer() *fragmentBuffer {
+	return &fragmentBuffer{cache: map[uint16][]*fragment{}}
+}
+
+// current total size of buffer
+func (f *fragmentBuffer) size() int {
+	size := 0
+	for i := range f.cache {
+		for j := range f.cache[i] {
+			size += len(f.cache[i][j].data)
+		}
+	}
+	return size
+}
+
+// Attempts to push a DTLS packet to the fragmentBuffer
+// when it returns true it means the fragmentBuffer has inserted and the buffer shouldn't be handled
+// when an error returns it is fatal, and the DTLS connection should be stopped
+func (f *fragmentBuffer) push(buf []byte) (bool, error) {
+	if f.size()+len(buf) >= fragmentBufferMaxSize {
+		return false, errFragmentBufferOverflow
+	}
+
+	frag := new(fragment)
+	if err := frag.recordLayerHeader.Unmarshal(buf); err != nil {
+		return false, err
+	}
+
+	// fragment isn't a handshake, we don't need to handle it
+	if frag.recordLayerHeader.ContentType != protocol.ContentTypeHandshake {
+		return false, nil
+	}
+
+	for buf = buf[recordlayer.HeaderSize:]; len(buf) != 0; frag = new(fragment) {
+		if err := frag.handshakeHeader.Unmarshal(buf); err != nil {
+			return false, err
+		}
+
+		if _, ok := f.cache[frag.handshakeHeader.MessageSequence]; !ok {
+			f.cache[frag.handshakeHeader.MessageSequence] = []*fragment{}
+		}
+
+		// end index should be the length of handshake header but if the handshake
+		// was fragmented, we should keep them all
+		end := int(handshake.HeaderLength + frag.handshakeHeader.Length)
+		if size := len(buf); end > size {
+			end = size
+		}
+
+		// Discard all headers, when rebuilding the packet we will re-build
+		frag.data = append([]byte{}, buf[handshake.HeaderLength:end]...)
+		f.cache[frag.handshakeHeader.MessageSequence] = append(f.cache[frag.handshakeHeader.MessageSequence], frag)
+		buf = buf[end:]
+	}
+
+	return true, nil
+}
+
+func (f *fragmentBuffer) pop() (content []byte, epoch uint16) {
+	frags, ok := f.cache[f.currentMessageSequenceNumber]
+	if !ok {
+		return nil, 0
+	}
+
+	// Go doesn't support recursive lambdas
+	var appendMessage func(targetOffset uint32) bool
+
+	rawMessage := []byte{}
+	appendMessage = func(targetOffset uint32) bool {
+		for _, f := range frags {
+			if f.handshakeHeader.FragmentOffset == targetOffset {
+				fragmentEnd := (f.handshakeHeader.FragmentOffset + f.handshakeHeader.FragmentLength)
+				if fragmentEnd != f.handshakeHeader.Length && f.handshakeHeader.FragmentLength != 0 {
+					if !appendMessage(fragmentEnd) {
+						return false
+					}
+				}
+
+				rawMessage = append(f.data, rawMessage...)
+				return true
+			}
+		}
+		return false
+	}
+
+	// Recursively collect up
+	if !appendMessage(0) {
+		return nil, 0
+	}
+
+	firstHeader := frags[0].handshakeHeader
+	firstHeader.FragmentOffset = 0
+	firstHeader.FragmentLength = firstHeader.Length
+
+	rawHeader, err := firstHeader.Marshal()
+	if err != nil {
+		return nil, 0
+	}
+
+	messageEpoch := frags[0].recordLayerHeader.Epoch
+
+	delete(f.cache, f.currentMessageSequenceNumber)
+	f.currentMessageSequenceNumber++
+	return append(rawHeader, rawMessage...), messageEpoch
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/handshake_cache.go b/server/vendor/github.com/pion/dtls/v2/handshake_cache.go
new file mode 100644
index 0000000..8d59605
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/handshake_cache.go
@@ -0,0 +1,172 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"sync"
+
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+)
+
+type handshakeCacheItem struct {
+	typ             handshake.Type
+	isClient        bool
+	epoch           uint16
+	messageSequence uint16
+	data            []byte
+}
+
+type handshakeCachePullRule struct {
+	typ      handshake.Type
+	epoch    uint16
+	isClient bool
+	optional bool
+}
+
+type handshakeCache struct {
+	cache []*handshakeCacheItem
+	mu    sync.Mutex
+}
+
+func newHandshakeCache() *handshakeCache {
+	return &handshakeCache{}
+}
+
+func (h *handshakeCache) push(data []byte, epoch, messageSequence uint16, typ handshake.Type, isClient bool) {
+	h.mu.Lock()
+	defer h.mu.Unlock()
+
+	h.cache = append(h.cache, &handshakeCacheItem{
+		data:            append([]byte{}, data...),
+		epoch:           epoch,
+		messageSequence: messageSequence,
+		typ:             typ,
+		isClient:        isClient,
+	})
+}
+
+// returns a list handshakes that match the requested rules
+// the list will contain null entries for rules that can't be satisfied
+// multiple entries may match a rule, but only the last match is returned (ie ClientHello with cookies)
+func (h *handshakeCache) pull(rules ...handshakeCachePullRule) []*handshakeCacheItem {
+	h.mu.Lock()
+	defer h.mu.Unlock()
+
+	out := make([]*handshakeCacheItem, len(rules))
+	for i, r := range rules {
+		for _, c := range h.cache {
+			if c.typ == r.typ && c.isClient == r.isClient && c.epoch == r.epoch {
+				switch {
+				case out[i] == nil:
+					out[i] = c
+				case out[i].messageSequence < c.messageSequence:
+					out[i] = c
+				}
+			}
+		}
+	}
+
+	return out
+}
+
+// fullPullMap pulls all handshakes between rules[0] to rules[len(rules)-1] as map.
+func (h *handshakeCache) fullPullMap(startSeq int, cipherSuite CipherSuite, rules ...handshakeCachePullRule) (int, map[handshake.Type]handshake.Message, bool) {
+	h.mu.Lock()
+	defer h.mu.Unlock()
+
+	ci := make(map[handshake.Type]*handshakeCacheItem)
+	for _, r := range rules {
+		var item *handshakeCacheItem
+		for _, c := range h.cache {
+			if c.typ == r.typ && c.isClient == r.isClient && c.epoch == r.epoch {
+				switch {
+				case item == nil:
+					item = c
+				case item.messageSequence < c.messageSequence:
+					item = c
+				}
+			}
+		}
+		if !r.optional && item == nil {
+			// Missing mandatory message.
+			return startSeq, nil, false
+		}
+		ci[r.typ] = item
+	}
+	out := make(map[handshake.Type]handshake.Message)
+	seq := startSeq
+	for _, r := range rules {
+		t := r.typ
+		i := ci[t]
+		if i == nil {
+			continue
+		}
+		var keyExchangeAlgorithm CipherSuiteKeyExchangeAlgorithm
+		if cipherSuite != nil {
+			keyExchangeAlgorithm = cipherSuite.KeyExchangeAlgorithm()
+		}
+		rawHandshake := &handshake.Handshake{
+			KeyExchangeAlgorithm: keyExchangeAlgorithm,
+		}
+		if err := rawHandshake.Unmarshal(i.data); err != nil {
+			return startSeq, nil, false
+		}
+		if uint16(seq) != rawHandshake.Header.MessageSequence {
+			// There is a gap. Some messages are not arrived.
+			return startSeq, nil, false
+		}
+		seq++
+		out[t] = rawHandshake.Message
+	}
+	return seq, out, true
+}
+
+// pullAndMerge calls pull and then merges the results, ignoring any null entries
+func (h *handshakeCache) pullAndMerge(rules ...handshakeCachePullRule) []byte {
+	merged := []byte{}
+
+	for _, p := range h.pull(rules...) {
+		if p != nil {
+			merged = append(merged, p.data...)
+		}
+	}
+	return merged
+}
+
+// sessionHash returns the session hash for Extended Master Secret support
+// https://tools.ietf.org/html/draft-ietf-tls-session-hash-06#section-4
+func (h *handshakeCache) sessionHash(hf prf.HashFunc, epoch uint16, additional ...[]byte) ([]byte, error) {
+	merged := []byte{}
+
+	// Order defined by https://tools.ietf.org/html/rfc5246#section-7.3
+	handshakeBuffer := h.pull(
+		handshakeCachePullRule{handshake.TypeClientHello, epoch, true, false},
+		handshakeCachePullRule{handshake.TypeServerHello, epoch, false, false},
+		handshakeCachePullRule{handshake.TypeCertificate, epoch, false, false},
+		handshakeCachePullRule{handshake.TypeServerKeyExchange, epoch, false, false},
+		handshakeCachePullRule{handshake.TypeCertificateRequest, epoch, false, false},
+		handshakeCachePullRule{handshake.TypeServerHelloDone, epoch, false, false},
+		handshakeCachePullRule{handshake.TypeCertificate, epoch, true, false},
+		handshakeCachePullRule{handshake.TypeClientKeyExchange, epoch, true, false},
+	)
+
+	for _, p := range handshakeBuffer {
+		if p == nil {
+			continue
+		}
+
+		merged = append(merged, p.data...)
+	}
+	for _, a := range additional {
+		merged = append(merged, a...)
+	}
+
+	hash := hf()
+	if _, err := hash.Write(merged); err != nil {
+		return []byte{}, err
+	}
+
+	return hash.Sum(nil), nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/handshaker.go b/server/vendor/github.com/pion/dtls/v2/handshaker.go
new file mode 100644
index 0000000..1c6d58f
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/handshaker.go
@@ -0,0 +1,350 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"fmt"
+	"io"
+	"sync"
+	"time"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/crypto/signaturehash"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/logging"
+)
+
+// [RFC6347 Section-4.2.4]
+//                      +-----------+
+//                +---> | PREPARING | <--------------------+
+//                |     +-----------+                      |
+//                |           |                            |
+//                |           | Buffer next flight         |
+//                |           |                            |
+//                |          \|/                           |
+//                |     +-----------+                      |
+//                |     |  SENDING  |<------------------+  | Send
+//                |     +-----------+                   |  | HelloRequest
+//        Receive |           |                         |  |
+//           next |           | Send flight             |  | or
+//         flight |  +--------+                         |  |
+//                |  |        | Set retransmit timer    |  | Receive
+//                |  |       \|/                        |  | HelloRequest
+//                |  |  +-----------+                   |  | Send
+//                +--)--|  WAITING  |-------------------+  | ClientHello
+//                |  |  +-----------+   Timer expires   |  |
+//                |  |         |                        |  |
+//                |  |         +------------------------+  |
+//        Receive |  | Send           Read retransmit      |
+//           last |  | last                                |
+//         flight |  | flight                              |
+//                |  |                                     |
+//               \|/\|/                                    |
+//            +-----------+                                |
+//            | FINISHED  | -------------------------------+
+//            +-----------+
+//                 |  /|\
+//                 |   |
+//                 +---+
+//              Read retransmit
+//           Retransmit last flight
+
+type handshakeState uint8
+
+const (
+	handshakeErrored handshakeState = iota
+	handshakePreparing
+	handshakeSending
+	handshakeWaiting
+	handshakeFinished
+)
+
+func (s handshakeState) String() string {
+	switch s {
+	case handshakeErrored:
+		return "Errored"
+	case handshakePreparing:
+		return "Preparing"
+	case handshakeSending:
+		return "Sending"
+	case handshakeWaiting:
+		return "Waiting"
+	case handshakeFinished:
+		return "Finished"
+	default:
+		return "Unknown"
+	}
+}
+
+type handshakeFSM struct {
+	currentFlight flightVal
+	flights       []*packet
+	retransmit    bool
+	state         *State
+	cache         *handshakeCache
+	cfg           *handshakeConfig
+	closed        chan struct{}
+}
+
+type handshakeConfig struct {
+	localPSKCallback            PSKCallback
+	localPSKIdentityHint        []byte
+	localCipherSuites           []CipherSuite             // Available CipherSuites
+	localSignatureSchemes       []signaturehash.Algorithm // Available signature schemes
+	extendedMasterSecret        ExtendedMasterSecretType  // Policy for the Extended Master Support extension
+	localSRTPProtectionProfiles []SRTPProtectionProfile   // Available SRTPProtectionProfiles, if empty no SRTP support
+	serverName                  string
+	supportedProtocols          []string
+	clientAuth                  ClientAuthType // If we are a client should we request a client certificate
+	localCertificates           []tls.Certificate
+	nameToCertificate           map[string]*tls.Certificate
+	insecureSkipVerify          bool
+	verifyPeerCertificate       func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
+	verifyConnection            func(*State) error
+	sessionStore                SessionStore
+	rootCAs                     *x509.CertPool
+	clientCAs                   *x509.CertPool
+	retransmitInterval          time.Duration
+	customCipherSuites          func() []CipherSuite
+	ellipticCurves              []elliptic.Curve
+	insecureSkipHelloVerify     bool
+
+	onFlightState func(flightVal, handshakeState)
+	log           logging.LeveledLogger
+	keyLogWriter  io.Writer
+
+	localGetCertificate       func(*ClientHelloInfo) (*tls.Certificate, error)
+	localGetClientCertificate func(*CertificateRequestInfo) (*tls.Certificate, error)
+
+	initialEpoch uint16
+
+	mu sync.Mutex
+}
+
+type flightConn interface {
+	notify(ctx context.Context, level alert.Level, desc alert.Description) error
+	writePackets(context.Context, []*packet) error
+	recvHandshake() <-chan chan struct{}
+	setLocalEpoch(epoch uint16)
+	handleQueuedPackets(context.Context) error
+	sessionKey() []byte
+}
+
+func (c *handshakeConfig) writeKeyLog(label string, clientRandom, secret []byte) {
+	if c.keyLogWriter == nil {
+		return
+	}
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	_, err := c.keyLogWriter.Write([]byte(fmt.Sprintf("%s %x %x\n", label, clientRandom, secret)))
+	if err != nil {
+		c.log.Debugf("failed to write key log file: %s", err)
+	}
+}
+
+func srvCliStr(isClient bool) string {
+	if isClient {
+		return "client"
+	}
+	return "server"
+}
+
+func newHandshakeFSM(
+	s *State, cache *handshakeCache, cfg *handshakeConfig,
+	initialFlight flightVal,
+) *handshakeFSM {
+	return &handshakeFSM{
+		currentFlight: initialFlight,
+		state:         s,
+		cache:         cache,
+		cfg:           cfg,
+		closed:        make(chan struct{}),
+	}
+}
+
+func (s *handshakeFSM) Run(ctx context.Context, c flightConn, initialState handshakeState) error {
+	state := initialState
+	defer func() {
+		close(s.closed)
+	}()
+	for {
+		s.cfg.log.Tracef("[handshake:%s] %s: %s", srvCliStr(s.state.isClient), s.currentFlight.String(), state.String())
+		if s.cfg.onFlightState != nil {
+			s.cfg.onFlightState(s.currentFlight, state)
+		}
+		var err error
+		switch state {
+		case handshakePreparing:
+			state, err = s.prepare(ctx, c)
+		case handshakeSending:
+			state, err = s.send(ctx, c)
+		case handshakeWaiting:
+			state, err = s.wait(ctx, c)
+		case handshakeFinished:
+			state, err = s.finish(ctx, c)
+		default:
+			return errInvalidFSMTransition
+		}
+		if err != nil {
+			return err
+		}
+	}
+}
+
+func (s *handshakeFSM) Done() <-chan struct{} {
+	return s.closed
+}
+
+func (s *handshakeFSM) prepare(ctx context.Context, c flightConn) (handshakeState, error) {
+	s.flights = nil
+	// Prepare flights
+	var (
+		a    *alert.Alert
+		err  error
+		pkts []*packet
+	)
+	gen, retransmit, errFlight := s.currentFlight.getFlightGenerator()
+	if errFlight != nil {
+		err = errFlight
+		a = &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}
+	} else {
+		pkts, a, err = gen(c, s.state, s.cache, s.cfg)
+		s.retransmit = retransmit
+	}
+	if a != nil {
+		if alertErr := c.notify(ctx, a.Level, a.Description); alertErr != nil {
+			if err != nil {
+				err = alertErr
+			}
+		}
+	}
+	if err != nil {
+		return handshakeErrored, err
+	}
+
+	s.flights = pkts
+	epoch := s.cfg.initialEpoch
+	nextEpoch := epoch
+	for _, p := range s.flights {
+		p.record.Header.Epoch += epoch
+		if p.record.Header.Epoch > nextEpoch {
+			nextEpoch = p.record.Header.Epoch
+		}
+		if h, ok := p.record.Content.(*handshake.Handshake); ok {
+			h.Header.MessageSequence = uint16(s.state.handshakeSendSequence)
+			s.state.handshakeSendSequence++
+		}
+	}
+	if epoch != nextEpoch {
+		s.cfg.log.Tracef("[handshake:%s] -> changeCipherSpec (epoch: %d)", srvCliStr(s.state.isClient), nextEpoch)
+		c.setLocalEpoch(nextEpoch)
+	}
+	return handshakeSending, nil
+}
+
+func (s *handshakeFSM) send(ctx context.Context, c flightConn) (handshakeState, error) {
+	// Send flights
+	if err := c.writePackets(ctx, s.flights); err != nil {
+		return handshakeErrored, err
+	}
+
+	if s.currentFlight.isLastSendFlight() {
+		return handshakeFinished, nil
+	}
+	return handshakeWaiting, nil
+}
+
+func (s *handshakeFSM) wait(ctx context.Context, c flightConn) (handshakeState, error) { //nolint:gocognit
+	parse, errFlight := s.currentFlight.getFlightParser()
+	if errFlight != nil {
+		if alertErr := c.notify(ctx, alert.Fatal, alert.InternalError); alertErr != nil {
+			if errFlight != nil {
+				return handshakeErrored, alertErr
+			}
+		}
+		return handshakeErrored, errFlight
+	}
+
+	retransmitTimer := time.NewTimer(s.cfg.retransmitInterval)
+	for {
+		select {
+		case done := <-c.recvHandshake():
+			nextFlight, alert, err := parse(ctx, c, s.state, s.cache, s.cfg)
+			close(done)
+			if alert != nil {
+				if alertErr := c.notify(ctx, alert.Level, alert.Description); alertErr != nil {
+					if err != nil {
+						err = alertErr
+					}
+				}
+			}
+			if err != nil {
+				return handshakeErrored, err
+			}
+			if nextFlight == 0 {
+				break
+			}
+			s.cfg.log.Tracef("[handshake:%s] %s -> %s", srvCliStr(s.state.isClient), s.currentFlight.String(), nextFlight.String())
+			if nextFlight.isLastRecvFlight() && s.currentFlight == nextFlight {
+				return handshakeFinished, nil
+			}
+			s.currentFlight = nextFlight
+			return handshakePreparing, nil
+
+		case <-retransmitTimer.C:
+			if !s.retransmit {
+				return handshakeWaiting, nil
+			}
+			return handshakeSending, nil
+		case <-ctx.Done():
+			return handshakeErrored, ctx.Err()
+		}
+	}
+}
+
+func (s *handshakeFSM) finish(ctx context.Context, c flightConn) (handshakeState, error) {
+	parse, errFlight := s.currentFlight.getFlightParser()
+	if errFlight != nil {
+		if alertErr := c.notify(ctx, alert.Fatal, alert.InternalError); alertErr != nil {
+			if errFlight != nil {
+				return handshakeErrored, alertErr
+			}
+		}
+		return handshakeErrored, errFlight
+	}
+
+	retransmitTimer := time.NewTimer(s.cfg.retransmitInterval)
+	select {
+	case done := <-c.recvHandshake():
+		nextFlight, alert, err := parse(ctx, c, s.state, s.cache, s.cfg)
+		close(done)
+		if alert != nil {
+			if alertErr := c.notify(ctx, alert.Level, alert.Description); alertErr != nil {
+				if err != nil {
+					err = alertErr
+				}
+			}
+		}
+		if err != nil {
+			return handshakeErrored, err
+		}
+		if nextFlight == 0 {
+			break
+		}
+		if nextFlight.isLastRecvFlight() && s.currentFlight == nextFlight {
+			return handshakeFinished, nil
+		}
+		<-retransmitTimer.C
+		// Retransmit last flight
+		return handshakeSending, nil
+
+	case <-ctx.Done():
+		return handshakeErrored, ctx.Err()
+	}
+	return handshakeFinished, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_128_ccm.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_128_ccm.go
new file mode 100644
index 0000000..f78b6dc
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_128_ccm.go
@@ -0,0 +1,33 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+)
+
+// Aes128Ccm is a base class used by multiple AES-CCM Ciphers
+type Aes128Ccm struct {
+	AesCcm
+}
+
+func newAes128Ccm(clientCertificateType clientcertificate.Type, id ID, psk bool, cryptoCCMTagLen ciphersuite.CCMTagLen, keyExchangeAlgorithm KeyExchangeAlgorithm, ecc bool) *Aes128Ccm {
+	return &Aes128Ccm{
+		AesCcm: AesCcm{
+			clientCertificateType: clientCertificateType,
+			id:                    id,
+			psk:                   psk,
+			cryptoCCMTagLen:       cryptoCCMTagLen,
+			keyExchangeAlgorithm:  keyExchangeAlgorithm,
+			ecc:                   ecc,
+		},
+	}
+}
+
+// Init initializes the internal Cipher with keying material
+func (c *Aes128Ccm) Init(masterSecret, clientRandom, serverRandom []byte, isClient bool) error {
+	const prfKeyLen = 16
+	return c.AesCcm.Init(masterSecret, clientRandom, serverRandom, isClient, prfKeyLen)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_256_ccm.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_256_ccm.go
new file mode 100644
index 0000000..bb81286
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_256_ccm.go
@@ -0,0 +1,33 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+)
+
+// Aes256Ccm is a base class used by multiple AES-CCM Ciphers
+type Aes256Ccm struct {
+	AesCcm
+}
+
+func newAes256Ccm(clientCertificateType clientcertificate.Type, id ID, psk bool, cryptoCCMTagLen ciphersuite.CCMTagLen, keyExchangeAlgorithm KeyExchangeAlgorithm, ecc bool) *Aes256Ccm {
+	return &Aes256Ccm{
+		AesCcm: AesCcm{
+			clientCertificateType: clientCertificateType,
+			id:                    id,
+			psk:                   psk,
+			cryptoCCMTagLen:       cryptoCCMTagLen,
+			keyExchangeAlgorithm:  keyExchangeAlgorithm,
+			ecc:                   ecc,
+		},
+	}
+}
+
+// Init initializes the internal Cipher with keying material
+func (c *Aes256Ccm) Init(masterSecret, clientRandom, serverRandom []byte, isClient bool) error {
+	const prfKeyLen = 32
+	return c.AesCcm.Init(masterSecret, clientRandom, serverRandom, isClient, prfKeyLen)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_ccm.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_ccm.go
new file mode 100644
index 0000000..dc51198
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/aes_ccm.go
@@ -0,0 +1,113 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"crypto/sha256"
+	"fmt"
+	"hash"
+	"sync/atomic"
+
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// AesCcm is a base class used by multiple AES-CCM Ciphers
+type AesCcm struct {
+	ccm                   atomic.Value // *cryptoCCM
+	clientCertificateType clientcertificate.Type
+	id                    ID
+	psk                   bool
+	keyExchangeAlgorithm  KeyExchangeAlgorithm
+	cryptoCCMTagLen       ciphersuite.CCMTagLen
+	ecc                   bool
+}
+
+// CertificateType returns what type of certificate this CipherSuite exchanges
+func (c *AesCcm) CertificateType() clientcertificate.Type {
+	return c.clientCertificateType
+}
+
+// ID returns the ID of the CipherSuite
+func (c *AesCcm) ID() ID {
+	return c.id
+}
+
+func (c *AesCcm) String() string {
+	return c.id.String()
+}
+
+// ECC uses Elliptic Curve Cryptography
+func (c *AesCcm) ECC() bool {
+	return c.ecc
+}
+
+// KeyExchangeAlgorithm controls what key exchange algorithm is using during the handshake
+func (c *AesCcm) KeyExchangeAlgorithm() KeyExchangeAlgorithm {
+	return c.keyExchangeAlgorithm
+}
+
+// HashFunc returns the hashing func for this CipherSuite
+func (c *AesCcm) HashFunc() func() hash.Hash {
+	return sha256.New
+}
+
+// AuthenticationType controls what authentication method is using during the handshake
+func (c *AesCcm) AuthenticationType() AuthenticationType {
+	if c.psk {
+		return AuthenticationTypePreSharedKey
+	}
+	return AuthenticationTypeCertificate
+}
+
+// IsInitialized returns if the CipherSuite has keying material and can
+// encrypt/decrypt packets
+func (c *AesCcm) IsInitialized() bool {
+	return c.ccm.Load() != nil
+}
+
+// Init initializes the internal Cipher with keying material
+func (c *AesCcm) Init(masterSecret, clientRandom, serverRandom []byte, isClient bool, prfKeyLen int) error {
+	const (
+		prfMacLen = 0
+		prfIvLen  = 4
+	)
+
+	keys, err := prf.GenerateEncryptionKeys(masterSecret, clientRandom, serverRandom, prfMacLen, prfKeyLen, prfIvLen, c.HashFunc())
+	if err != nil {
+		return err
+	}
+
+	var ccm *ciphersuite.CCM
+	if isClient {
+		ccm, err = ciphersuite.NewCCM(c.cryptoCCMTagLen, keys.ClientWriteKey, keys.ClientWriteIV, keys.ServerWriteKey, keys.ServerWriteIV)
+	} else {
+		ccm, err = ciphersuite.NewCCM(c.cryptoCCMTagLen, keys.ServerWriteKey, keys.ServerWriteIV, keys.ClientWriteKey, keys.ClientWriteIV)
+	}
+	c.ccm.Store(ccm)
+
+	return err
+}
+
+// Encrypt encrypts a single TLS RecordLayer
+func (c *AesCcm) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.ccm.Load().(*ciphersuite.CCM)
+	if !ok {
+		return nil, fmt.Errorf("%w, unable to encrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Encrypt(pkt, raw)
+}
+
+// Decrypt decrypts a single TLS RecordLayer
+func (c *AesCcm) Decrypt(raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.ccm.Load().(*ciphersuite.CCM)
+	if !ok {
+		return nil, fmt.Errorf("%w, unable to decrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Decrypt(raw)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/ciphersuite.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/ciphersuite.go
new file mode 100644
index 0000000..f44f29f
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/ciphersuite.go
@@ -0,0 +1,98 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package ciphersuite provides TLS Ciphers as registered with the IANA  https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
+package ciphersuite
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/pion/dtls/v2/internal/ciphersuite/types"
+	"github.com/pion/dtls/v2/pkg/protocol"
+)
+
+var errCipherSuiteNotInit = &protocol.TemporaryError{Err: errors.New("CipherSuite has not been initialized")} //nolint:goerr113
+
+// ID is an ID for our supported CipherSuites
+type ID uint16
+
+func (i ID) String() string {
+	switch i {
+	case TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
+		return "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"
+	case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+		return "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"
+	case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+		return "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
+	case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+		return "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
+	case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+		return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+	case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+		return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+	case TLS_PSK_WITH_AES_128_CCM:
+		return "TLS_PSK_WITH_AES_128_CCM"
+	case TLS_PSK_WITH_AES_128_CCM_8:
+		return "TLS_PSK_WITH_AES_128_CCM_8"
+	case TLS_PSK_WITH_AES_256_CCM_8:
+		return "TLS_PSK_WITH_AES_256_CCM_8"
+	case TLS_PSK_WITH_AES_128_GCM_SHA256:
+		return "TLS_PSK_WITH_AES_128_GCM_SHA256"
+	case TLS_PSK_WITH_AES_128_CBC_SHA256:
+		return "TLS_PSK_WITH_AES_128_CBC_SHA256"
+	case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+		return "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
+	case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+		return "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
+	case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
+		return "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
+	default:
+		return fmt.Sprintf("unknown(%v)", uint16(i))
+	}
+}
+
+// Supported Cipher Suites
+const (
+	// AES-128-CCM
+	TLS_ECDHE_ECDSA_WITH_AES_128_CCM   ID = 0xc0ac //nolint:revive,stylecheck
+	TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 ID = 0xc0ae //nolint:revive,stylecheck
+
+	// AES-128-GCM-SHA256
+	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ID = 0xc02b //nolint:revive,stylecheck
+	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ID = 0xc02f //nolint:revive,stylecheck
+
+	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ID = 0xc02c //nolint:revive,stylecheck
+	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ID = 0xc030 //nolint:revive,stylecheck
+	// AES-256-CBC-SHA
+	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ID = 0xc00a //nolint:revive,stylecheck
+	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ID = 0xc014 //nolint:revive,stylecheck
+
+	TLS_PSK_WITH_AES_128_CCM        ID = 0xc0a4 //nolint:revive,stylecheck
+	TLS_PSK_WITH_AES_128_CCM_8      ID = 0xc0a8 //nolint:revive,stylecheck
+	TLS_PSK_WITH_AES_256_CCM_8      ID = 0xc0a9 //nolint:revive,stylecheck
+	TLS_PSK_WITH_AES_128_GCM_SHA256 ID = 0x00a8 //nolint:revive,stylecheck
+	TLS_PSK_WITH_AES_128_CBC_SHA256 ID = 0x00ae //nolint:revive,stylecheck
+
+	TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 ID = 0xC037 //nolint:revive,stylecheck
+)
+
+// AuthenticationType controls what authentication method is using during the handshake
+type AuthenticationType = types.AuthenticationType
+
+// AuthenticationType Enums
+const (
+	AuthenticationTypeCertificate  AuthenticationType = types.AuthenticationTypeCertificate
+	AuthenticationTypePreSharedKey AuthenticationType = types.AuthenticationTypePreSharedKey
+	AuthenticationTypeAnonymous    AuthenticationType = types.AuthenticationTypeAnonymous
+)
+
+// KeyExchangeAlgorithm controls what exchange algorithm was chosen.
+type KeyExchangeAlgorithm = types.KeyExchangeAlgorithm
+
+// KeyExchangeAlgorithm Bitmask
+const (
+	KeyExchangeAlgorithmNone  KeyExchangeAlgorithm = types.KeyExchangeAlgorithmNone
+	KeyExchangeAlgorithmPsk   KeyExchangeAlgorithm = types.KeyExchangeAlgorithmPsk
+	KeyExchangeAlgorithmEcdhe KeyExchangeAlgorithm = types.KeyExchangeAlgorithmEcdhe
+)
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_ccm.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_ccm.go
new file mode 100644
index 0000000..8367b2c
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_ccm.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+)
+
+// NewTLSEcdheEcdsaWithAes128Ccm constructs a TLS_ECDHE_ECDSA_WITH_AES_128_CCM Cipher
+func NewTLSEcdheEcdsaWithAes128Ccm() *Aes128Ccm {
+	return newAes128Ccm(clientcertificate.ECDSASign, TLS_ECDHE_ECDSA_WITH_AES_128_CCM, false, ciphersuite.CCMTagLength, KeyExchangeAlgorithmEcdhe, true)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_ccm8.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_ccm8.go
new file mode 100644
index 0000000..11b6873
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_ccm8.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+)
+
+// NewTLSEcdheEcdsaWithAes128Ccm8 creates a new TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 CipherSuite
+func NewTLSEcdheEcdsaWithAes128Ccm8() *Aes128Ccm {
+	return newAes128Ccm(clientcertificate.ECDSASign, TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, false, ciphersuite.CCMTagLength8, KeyExchangeAlgorithmEcdhe, true)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_gcm_sha256.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_gcm_sha256.go
new file mode 100644
index 0000000..0c919fe
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_128_gcm_sha256.go
@@ -0,0 +1,108 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"crypto/sha256"
+	"fmt"
+	"hash"
+	"sync/atomic"
+
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// TLSEcdheEcdsaWithAes128GcmSha256  represents a TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 CipherSuite
+type TLSEcdheEcdsaWithAes128GcmSha256 struct {
+	gcm atomic.Value // *cryptoGCM
+}
+
+// CertificateType returns what type of certficate this CipherSuite exchanges
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) CertificateType() clientcertificate.Type {
+	return clientcertificate.ECDSASign
+}
+
+// KeyExchangeAlgorithm controls what key exchange algorithm is using during the handshake
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) KeyExchangeAlgorithm() KeyExchangeAlgorithm {
+	return KeyExchangeAlgorithmEcdhe
+}
+
+// ECC uses Elliptic Curve Cryptography
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) ECC() bool {
+	return true
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) ID() ID {
+	return TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+}
+
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) String() string {
+	return "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
+}
+
+// HashFunc returns the hashing func for this CipherSuite
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) HashFunc() func() hash.Hash {
+	return sha256.New
+}
+
+// AuthenticationType controls what authentication method is using during the handshake
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) AuthenticationType() AuthenticationType {
+	return AuthenticationTypeCertificate
+}
+
+// IsInitialized returns if the CipherSuite has keying material and can
+// encrypt/decrypt packets
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) IsInitialized() bool {
+	return c.gcm.Load() != nil
+}
+
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) init(masterSecret, clientRandom, serverRandom []byte, isClient bool, prfMacLen, prfKeyLen, prfIvLen int, hashFunc func() hash.Hash) error {
+	keys, err := prf.GenerateEncryptionKeys(masterSecret, clientRandom, serverRandom, prfMacLen, prfKeyLen, prfIvLen, hashFunc)
+	if err != nil {
+		return err
+	}
+
+	var gcm *ciphersuite.GCM
+	if isClient {
+		gcm, err = ciphersuite.NewGCM(keys.ClientWriteKey, keys.ClientWriteIV, keys.ServerWriteKey, keys.ServerWriteIV)
+	} else {
+		gcm, err = ciphersuite.NewGCM(keys.ServerWriteKey, keys.ServerWriteIV, keys.ClientWriteKey, keys.ClientWriteIV)
+	}
+	c.gcm.Store(gcm)
+	return err
+}
+
+// Init initializes the internal Cipher with keying material
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) Init(masterSecret, clientRandom, serverRandom []byte, isClient bool) error {
+	const (
+		prfMacLen = 0
+		prfKeyLen = 16
+		prfIvLen  = 4
+	)
+
+	return c.init(masterSecret, clientRandom, serverRandom, isClient, prfMacLen, prfKeyLen, prfIvLen, c.HashFunc())
+}
+
+// Encrypt encrypts a single TLS RecordLayer
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.gcm.Load().(*ciphersuite.GCM)
+	if !ok {
+		return nil, fmt.Errorf("%w, unable to encrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Encrypt(pkt, raw)
+}
+
+// Decrypt decrypts a single TLS RecordLayer
+func (c *TLSEcdheEcdsaWithAes128GcmSha256) Decrypt(raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.gcm.Load().(*ciphersuite.GCM)
+	if !ok {
+		return nil, fmt.Errorf("%w, unable to decrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Decrypt(raw)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_256_cbc_sha.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_256_cbc_sha.go
new file mode 100644
index 0000000..577192c
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_256_cbc_sha.go
@@ -0,0 +1,114 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"crypto/sha1" //nolint: gosec,gci
+	"crypto/sha256"
+	"fmt"
+	"hash"
+	"sync/atomic"
+
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// TLSEcdheEcdsaWithAes256CbcSha represents a TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA CipherSuite
+type TLSEcdheEcdsaWithAes256CbcSha struct {
+	cbc atomic.Value // *cryptoCBC
+}
+
+// CertificateType returns what type of certficate this CipherSuite exchanges
+func (c *TLSEcdheEcdsaWithAes256CbcSha) CertificateType() clientcertificate.Type {
+	return clientcertificate.ECDSASign
+}
+
+// KeyExchangeAlgorithm controls what key exchange algorithm is using during the handshake
+func (c *TLSEcdheEcdsaWithAes256CbcSha) KeyExchangeAlgorithm() KeyExchangeAlgorithm {
+	return KeyExchangeAlgorithmEcdhe
+}
+
+// ECC uses Elliptic Curve Cryptography
+func (c *TLSEcdheEcdsaWithAes256CbcSha) ECC() bool {
+	return true
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSEcdheEcdsaWithAes256CbcSha) ID() ID {
+	return TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+}
+
+func (c *TLSEcdheEcdsaWithAes256CbcSha) String() string {
+	return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+}
+
+// HashFunc returns the hashing func for this CipherSuite
+func (c *TLSEcdheEcdsaWithAes256CbcSha) HashFunc() func() hash.Hash {
+	return sha256.New
+}
+
+// AuthenticationType controls what authentication method is using during the handshake
+func (c *TLSEcdheEcdsaWithAes256CbcSha) AuthenticationType() AuthenticationType {
+	return AuthenticationTypeCertificate
+}
+
+// IsInitialized returns if the CipherSuite has keying material and can
+// encrypt/decrypt packets
+func (c *TLSEcdheEcdsaWithAes256CbcSha) IsInitialized() bool {
+	return c.cbc.Load() != nil
+}
+
+// Init initializes the internal Cipher with keying material
+func (c *TLSEcdheEcdsaWithAes256CbcSha) Init(masterSecret, clientRandom, serverRandom []byte, isClient bool) error {
+	const (
+		prfMacLen = 20
+		prfKeyLen = 32
+		prfIvLen  = 16
+	)
+
+	keys, err := prf.GenerateEncryptionKeys(masterSecret, clientRandom, serverRandom, prfMacLen, prfKeyLen, prfIvLen, c.HashFunc())
+	if err != nil {
+		return err
+	}
+
+	var cbc *ciphersuite.CBC
+	if isClient {
+		cbc, err = ciphersuite.NewCBC(
+			keys.ClientWriteKey, keys.ClientWriteIV, keys.ClientMACKey,
+			keys.ServerWriteKey, keys.ServerWriteIV, keys.ServerMACKey,
+			sha1.New,
+		)
+	} else {
+		cbc, err = ciphersuite.NewCBC(
+			keys.ServerWriteKey, keys.ServerWriteIV, keys.ServerMACKey,
+			keys.ClientWriteKey, keys.ClientWriteIV, keys.ClientMACKey,
+			sha1.New,
+		)
+	}
+	c.cbc.Store(cbc)
+
+	return err
+}
+
+// Encrypt encrypts a single TLS RecordLayer
+func (c *TLSEcdheEcdsaWithAes256CbcSha) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.cbc.Load().(*ciphersuite.CBC)
+	if !ok {
+		return nil, fmt.Errorf("%w, unable to encrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Encrypt(pkt, raw)
+}
+
+// Decrypt decrypts a single TLS RecordLayer
+func (c *TLSEcdheEcdsaWithAes256CbcSha) Decrypt(raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.cbc.Load().(*ciphersuite.CBC)
+	if !ok {
+		return nil, fmt.Errorf("%w, unable to decrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Decrypt(raw)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_256_gcm_sha384.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_256_gcm_sha384.go
new file mode 100644
index 0000000..2a3cfa4
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_ecdsa_with_aes_256_gcm_sha384.go
@@ -0,0 +1,39 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"crypto/sha512"
+	"hash"
+)
+
+// TLSEcdheEcdsaWithAes256GcmSha384  represents a TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 CipherSuite
+type TLSEcdheEcdsaWithAes256GcmSha384 struct {
+	TLSEcdheEcdsaWithAes128GcmSha256
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSEcdheEcdsaWithAes256GcmSha384) ID() ID {
+	return TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+}
+
+func (c *TLSEcdheEcdsaWithAes256GcmSha384) String() string {
+	return "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
+}
+
+// HashFunc returns the hashing func for this CipherSuite
+func (c *TLSEcdheEcdsaWithAes256GcmSha384) HashFunc() func() hash.Hash {
+	return sha512.New384
+}
+
+// Init initializes the internal Cipher with keying material
+func (c *TLSEcdheEcdsaWithAes256GcmSha384) Init(masterSecret, clientRandom, serverRandom []byte, isClient bool) error {
+	const (
+		prfMacLen = 0
+		prfKeyLen = 32
+		prfIvLen  = 4
+	)
+
+	return c.init(masterSecret, clientRandom, serverRandom, isClient, prfMacLen, prfKeyLen, prfIvLen, c.HashFunc())
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_psk_with_aes_128_cbc_sha256.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_psk_with_aes_128_cbc_sha256.go
new file mode 100644
index 0000000..75a2563
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_psk_with_aes_128_cbc_sha256.go
@@ -0,0 +1,118 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"crypto/sha256"
+	"fmt"
+	"hash"
+	"sync/atomic"
+
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// TLSEcdhePskWithAes128CbcSha256 implements the TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 CipherSuite
+type TLSEcdhePskWithAes128CbcSha256 struct {
+	cbc atomic.Value // *cryptoCBC
+}
+
+// NewTLSEcdhePskWithAes128CbcSha256 creates TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 cipher.
+func NewTLSEcdhePskWithAes128CbcSha256() *TLSEcdhePskWithAes128CbcSha256 {
+	return &TLSEcdhePskWithAes128CbcSha256{}
+}
+
+// CertificateType returns what type of certificate this CipherSuite exchanges
+func (c *TLSEcdhePskWithAes128CbcSha256) CertificateType() clientcertificate.Type {
+	return clientcertificate.Type(0)
+}
+
+// KeyExchangeAlgorithm controls what key exchange algorithm is using during the handshake
+func (c *TLSEcdhePskWithAes128CbcSha256) KeyExchangeAlgorithm() KeyExchangeAlgorithm {
+	return (KeyExchangeAlgorithmPsk | KeyExchangeAlgorithmEcdhe)
+}
+
+// ECC uses Elliptic Curve Cryptography
+func (c *TLSEcdhePskWithAes128CbcSha256) ECC() bool {
+	return true
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSEcdhePskWithAes128CbcSha256) ID() ID {
+	return TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+}
+
+func (c *TLSEcdhePskWithAes128CbcSha256) String() string {
+	return "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256"
+}
+
+// HashFunc returns the hashing func for this CipherSuite
+func (c *TLSEcdhePskWithAes128CbcSha256) HashFunc() func() hash.Hash {
+	return sha256.New
+}
+
+// AuthenticationType controls what authentication method is using during the handshake
+func (c *TLSEcdhePskWithAes128CbcSha256) AuthenticationType() AuthenticationType {
+	return AuthenticationTypePreSharedKey
+}
+
+// IsInitialized returns if the CipherSuite has keying material and can
+// encrypt/decrypt packets
+func (c *TLSEcdhePskWithAes128CbcSha256) IsInitialized() bool {
+	return c.cbc.Load() != nil
+}
+
+// Init initializes the internal Cipher with keying material
+func (c *TLSEcdhePskWithAes128CbcSha256) Init(masterSecret, clientRandom, serverRandom []byte, isClient bool) error {
+	const (
+		prfMacLen = 32
+		prfKeyLen = 16
+		prfIvLen  = 16
+	)
+
+	keys, err := prf.GenerateEncryptionKeys(masterSecret, clientRandom, serverRandom, prfMacLen, prfKeyLen, prfIvLen, c.HashFunc())
+	if err != nil {
+		return err
+	}
+
+	var cbc *ciphersuite.CBC
+	if isClient {
+		cbc, err = ciphersuite.NewCBC(
+			keys.ClientWriteKey, keys.ClientWriteIV, keys.ClientMACKey,
+			keys.ServerWriteKey, keys.ServerWriteIV, keys.ServerMACKey,
+			c.HashFunc(),
+		)
+	} else {
+		cbc, err = ciphersuite.NewCBC(
+			keys.ServerWriteKey, keys.ServerWriteIV, keys.ServerMACKey,
+			keys.ClientWriteKey, keys.ClientWriteIV, keys.ClientMACKey,
+			c.HashFunc(),
+		)
+	}
+	c.cbc.Store(cbc)
+
+	return err
+}
+
+// Encrypt encrypts a single TLS RecordLayer
+func (c *TLSEcdhePskWithAes128CbcSha256) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.cbc.Load().(*ciphersuite.CBC)
+	if !ok { // !c.isInitialized()
+		return nil, fmt.Errorf("%w, unable to encrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Encrypt(pkt, raw)
+}
+
+// Decrypt decrypts a single TLS RecordLayer
+func (c *TLSEcdhePskWithAes128CbcSha256) Decrypt(raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.cbc.Load().(*ciphersuite.CBC)
+	if !ok { // !c.isInitialized()
+		return nil, fmt.Errorf("%w, unable to decrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Decrypt(raw)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_128_gcm_sha256.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_128_gcm_sha256.go
new file mode 100644
index 0000000..478a2e0
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_128_gcm_sha256.go
@@ -0,0 +1,25 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import "github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+
+// TLSEcdheRsaWithAes128GcmSha256 implements the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 CipherSuite
+type TLSEcdheRsaWithAes128GcmSha256 struct {
+	TLSEcdheEcdsaWithAes128GcmSha256
+}
+
+// CertificateType returns what type of certificate this CipherSuite exchanges
+func (c *TLSEcdheRsaWithAes128GcmSha256) CertificateType() clientcertificate.Type {
+	return clientcertificate.RSASign
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSEcdheRsaWithAes128GcmSha256) ID() ID {
+	return TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+}
+
+func (c *TLSEcdheRsaWithAes128GcmSha256) String() string {
+	return "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_256_cbc_sha.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_256_cbc_sha.go
new file mode 100644
index 0000000..8e88ee6
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_256_cbc_sha.go
@@ -0,0 +1,25 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import "github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+
+// TLSEcdheRsaWithAes256CbcSha implements the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA CipherSuite
+type TLSEcdheRsaWithAes256CbcSha struct {
+	TLSEcdheEcdsaWithAes256CbcSha
+}
+
+// CertificateType returns what type of certificate this CipherSuite exchanges
+func (c *TLSEcdheRsaWithAes256CbcSha) CertificateType() clientcertificate.Type {
+	return clientcertificate.RSASign
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSEcdheRsaWithAes256CbcSha) ID() ID {
+	return TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+}
+
+func (c *TLSEcdheRsaWithAes256CbcSha) String() string {
+	return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_256_gcm_sha384.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_256_gcm_sha384.go
new file mode 100644
index 0000000..752fb52
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_ecdhe_rsa_with_aes_256_gcm_sha384.go
@@ -0,0 +1,25 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import "github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+
+// TLSEcdheRsaWithAes256GcmSha384 implements the TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 CipherSuite
+type TLSEcdheRsaWithAes256GcmSha384 struct {
+	TLSEcdheEcdsaWithAes256GcmSha384
+}
+
+// CertificateType returns what type of certificate this CipherSuite exchanges
+func (c *TLSEcdheRsaWithAes256GcmSha384) CertificateType() clientcertificate.Type {
+	return clientcertificate.RSASign
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSEcdheRsaWithAes256GcmSha384) ID() ID {
+	return TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+}
+
+func (c *TLSEcdheRsaWithAes256GcmSha384) String() string {
+	return "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_cbc_sha256.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_cbc_sha256.go
new file mode 100644
index 0000000..7336ad9
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_cbc_sha256.go
@@ -0,0 +1,113 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"crypto/sha256"
+	"fmt"
+	"hash"
+	"sync/atomic"
+
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// TLSPskWithAes128CbcSha256 implements the TLS_PSK_WITH_AES_128_CBC_SHA256 CipherSuite
+type TLSPskWithAes128CbcSha256 struct {
+	cbc atomic.Value // *cryptoCBC
+}
+
+// CertificateType returns what type of certificate this CipherSuite exchanges
+func (c *TLSPskWithAes128CbcSha256) CertificateType() clientcertificate.Type {
+	return clientcertificate.Type(0)
+}
+
+// KeyExchangeAlgorithm controls what key exchange algorithm is using during the handshake
+func (c *TLSPskWithAes128CbcSha256) KeyExchangeAlgorithm() KeyExchangeAlgorithm {
+	return KeyExchangeAlgorithmPsk
+}
+
+// ECC uses Elliptic Curve Cryptography
+func (c *TLSPskWithAes128CbcSha256) ECC() bool {
+	return false
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSPskWithAes128CbcSha256) ID() ID {
+	return TLS_PSK_WITH_AES_128_CBC_SHA256
+}
+
+func (c *TLSPskWithAes128CbcSha256) String() string {
+	return "TLS_PSK_WITH_AES_128_CBC_SHA256"
+}
+
+// HashFunc returns the hashing func for this CipherSuite
+func (c *TLSPskWithAes128CbcSha256) HashFunc() func() hash.Hash {
+	return sha256.New
+}
+
+// AuthenticationType controls what authentication method is using during the handshake
+func (c *TLSPskWithAes128CbcSha256) AuthenticationType() AuthenticationType {
+	return AuthenticationTypePreSharedKey
+}
+
+// IsInitialized returns if the CipherSuite has keying material and can
+// encrypt/decrypt packets
+func (c *TLSPskWithAes128CbcSha256) IsInitialized() bool {
+	return c.cbc.Load() != nil
+}
+
+// Init initializes the internal Cipher with keying material
+func (c *TLSPskWithAes128CbcSha256) Init(masterSecret, clientRandom, serverRandom []byte, isClient bool) error {
+	const (
+		prfMacLen = 32
+		prfKeyLen = 16
+		prfIvLen  = 16
+	)
+
+	keys, err := prf.GenerateEncryptionKeys(masterSecret, clientRandom, serverRandom, prfMacLen, prfKeyLen, prfIvLen, c.HashFunc())
+	if err != nil {
+		return err
+	}
+
+	var cbc *ciphersuite.CBC
+	if isClient {
+		cbc, err = ciphersuite.NewCBC(
+			keys.ClientWriteKey, keys.ClientWriteIV, keys.ClientMACKey,
+			keys.ServerWriteKey, keys.ServerWriteIV, keys.ServerMACKey,
+			c.HashFunc(),
+		)
+	} else {
+		cbc, err = ciphersuite.NewCBC(
+			keys.ServerWriteKey, keys.ServerWriteIV, keys.ServerMACKey,
+			keys.ClientWriteKey, keys.ClientWriteIV, keys.ClientMACKey,
+			c.HashFunc(),
+		)
+	}
+	c.cbc.Store(cbc)
+
+	return err
+}
+
+// Encrypt encrypts a single TLS RecordLayer
+func (c *TLSPskWithAes128CbcSha256) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.cbc.Load().(*ciphersuite.CBC)
+	if !ok {
+		return nil, fmt.Errorf("%w, unable to encrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Encrypt(pkt, raw)
+}
+
+// Decrypt decrypts a single TLS RecordLayer
+func (c *TLSPskWithAes128CbcSha256) Decrypt(raw []byte) ([]byte, error) {
+	cipherSuite, ok := c.cbc.Load().(*ciphersuite.CBC)
+	if !ok {
+		return nil, fmt.Errorf("%w, unable to decrypt", errCipherSuiteNotInit)
+	}
+
+	return cipherSuite.Decrypt(raw)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_ccm.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_ccm.go
new file mode 100644
index 0000000..1ded09b
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_ccm.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+)
+
+// NewTLSPskWithAes128Ccm returns the TLS_PSK_WITH_AES_128_CCM CipherSuite
+func NewTLSPskWithAes128Ccm() *Aes128Ccm {
+	return newAes128Ccm(clientcertificate.Type(0), TLS_PSK_WITH_AES_128_CCM, true, ciphersuite.CCMTagLength, KeyExchangeAlgorithmPsk, false)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_ccm8.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_ccm8.go
new file mode 100644
index 0000000..4781970
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_ccm8.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+)
+
+// NewTLSPskWithAes128Ccm8 returns the TLS_PSK_WITH_AES_128_CCM_8 CipherSuite
+func NewTLSPskWithAes128Ccm8() *Aes128Ccm {
+	return newAes128Ccm(clientcertificate.Type(0), TLS_PSK_WITH_AES_128_CCM_8, true, ciphersuite.CCMTagLength8, KeyExchangeAlgorithmPsk, false)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_gcm_sha256.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_gcm_sha256.go
new file mode 100644
index 0000000..8ab5b89
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_128_gcm_sha256.go
@@ -0,0 +1,35 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import "github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+
+// TLSPskWithAes128GcmSha256 implements the TLS_PSK_WITH_AES_128_GCM_SHA256 CipherSuite
+type TLSPskWithAes128GcmSha256 struct {
+	TLSEcdheEcdsaWithAes128GcmSha256
+}
+
+// CertificateType returns what type of certificate this CipherSuite exchanges
+func (c *TLSPskWithAes128GcmSha256) CertificateType() clientcertificate.Type {
+	return clientcertificate.Type(0)
+}
+
+// KeyExchangeAlgorithm controls what key exchange algorithm is using during the handshake
+func (c *TLSPskWithAes128GcmSha256) KeyExchangeAlgorithm() KeyExchangeAlgorithm {
+	return KeyExchangeAlgorithmPsk
+}
+
+// ID returns the ID of the CipherSuite
+func (c *TLSPskWithAes128GcmSha256) ID() ID {
+	return TLS_PSK_WITH_AES_128_GCM_SHA256
+}
+
+func (c *TLSPskWithAes128GcmSha256) String() string {
+	return "TLS_PSK_WITH_AES_128_GCM_SHA256"
+}
+
+// AuthenticationType controls what authentication method is using during the handshake
+func (c *TLSPskWithAes128GcmSha256) AuthenticationType() AuthenticationType {
+	return AuthenticationTypePreSharedKey
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_256_ccm8.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_256_ccm8.go
new file mode 100644
index 0000000..32d5030
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/tls_psk_with_aes_256_ccm8.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"github.com/pion/dtls/v2/pkg/crypto/ciphersuite"
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+)
+
+// NewTLSPskWithAes256Ccm8 returns the TLS_PSK_WITH_AES_256_CCM_8 CipherSuite
+func NewTLSPskWithAes256Ccm8() *Aes256Ccm {
+	return newAes256Ccm(clientcertificate.Type(0), TLS_PSK_WITH_AES_256_CCM_8, true, ciphersuite.CCMTagLength8, KeyExchangeAlgorithmPsk, false)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/types/authentication_type.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/types/authentication_type.go
new file mode 100644
index 0000000..2da21e6
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/types/authentication_type.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package types
+
+// AuthenticationType controls what authentication method is using during the handshake
+type AuthenticationType int
+
+// AuthenticationType Enums
+const (
+	AuthenticationTypeCertificate AuthenticationType = iota + 1
+	AuthenticationTypePreSharedKey
+	AuthenticationTypeAnonymous
+)
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/types/key_exchange_algorithm.go b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/types/key_exchange_algorithm.go
new file mode 100644
index 0000000..c2c3911
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/ciphersuite/types/key_exchange_algorithm.go
@@ -0,0 +1,20 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package types provides types for TLS Ciphers
+package types
+
+// KeyExchangeAlgorithm controls what exchange algorithm was chosen.
+type KeyExchangeAlgorithm int
+
+// KeyExchangeAlgorithm Bitmask
+const (
+	KeyExchangeAlgorithmNone KeyExchangeAlgorithm = 0
+	KeyExchangeAlgorithmPsk  KeyExchangeAlgorithm = iota << 1
+	KeyExchangeAlgorithmEcdhe
+)
+
+// Has check if keyExchangeAlgorithm is supported.
+func (a KeyExchangeAlgorithm) Has(v KeyExchangeAlgorithm) bool {
+	return (a & v) == v
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/closer/closer.go b/server/vendor/github.com/pion/dtls/v2/internal/closer/closer.go
new file mode 100644
index 0000000..bfa171c
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/closer/closer.go
@@ -0,0 +1,48 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package closer provides signaling channel for shutdown
+package closer
+
+import (
+	"context"
+)
+
+// Closer allows for each signaling a channel for shutdown
+type Closer struct {
+	ctx       context.Context
+	closeFunc func()
+}
+
+// NewCloser creates a new instance of Closer
+func NewCloser() *Closer {
+	ctx, closeFunc := context.WithCancel(context.Background())
+	return &Closer{
+		ctx:       ctx,
+		closeFunc: closeFunc,
+	}
+}
+
+// NewCloserWithParent creates a new instance of Closer with a parent context
+func NewCloserWithParent(ctx context.Context) *Closer {
+	ctx, closeFunc := context.WithCancel(ctx)
+	return &Closer{
+		ctx:       ctx,
+		closeFunc: closeFunc,
+	}
+}
+
+// Done returns a channel signaling when it is done
+func (c *Closer) Done() <-chan struct{} {
+	return c.ctx.Done()
+}
+
+// Err returns an error of the context
+func (c *Closer) Err() error {
+	return c.ctx.Err()
+}
+
+// Close sends a signal to trigger the ctx done channel
+func (c *Closer) Close() {
+	c.closeFunc()
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/internal/util/util.go b/server/vendor/github.com/pion/dtls/v2/internal/util/util.go
new file mode 100644
index 0000000..685910f
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/internal/util/util.go
@@ -0,0 +1,42 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package util contains small helpers used across the repo
+package util
+
+import (
+	"encoding/binary"
+)
+
+// BigEndianUint24 returns the value of a big endian uint24
+func BigEndianUint24(raw []byte) uint32 {
+	if len(raw) < 3 {
+		return 0
+	}
+
+	rawCopy := make([]byte, 4)
+	copy(rawCopy[1:], raw)
+	return binary.BigEndian.Uint32(rawCopy)
+}
+
+// PutBigEndianUint24 encodes a uint24 and places into out
+func PutBigEndianUint24(out []byte, in uint32) {
+	tmp := make([]byte, 4)
+	binary.BigEndian.PutUint32(tmp, in)
+	copy(out, tmp[1:])
+}
+
+// PutBigEndianUint48 encodes a uint64 and places into out
+func PutBigEndianUint48(out []byte, in uint64) {
+	tmp := make([]byte, 8)
+	binary.BigEndian.PutUint64(tmp, in)
+	copy(out, tmp[2:])
+}
+
+// Max returns the larger value
+func Max(a, b int) int {
+	if a > b {
+		return a
+	}
+	return b
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/listener.go b/server/vendor/github.com/pion/dtls/v2/listener.go
new file mode 100644
index 0000000..190d236
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/listener.go
@@ -0,0 +1,83 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"net"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+	"github.com/pion/transport/v2/udp"
+)
+
+// Listen creates a DTLS listener
+func Listen(network string, laddr *net.UDPAddr, config *Config) (net.Listener, error) {
+	if err := validateConfig(config); err != nil {
+		return nil, err
+	}
+
+	lc := udp.ListenConfig{
+		AcceptFilter: func(packet []byte) bool {
+			pkts, err := recordlayer.UnpackDatagram(packet)
+			if err != nil || len(pkts) < 1 {
+				return false
+			}
+			h := &recordlayer.Header{}
+			if err := h.Unmarshal(pkts[0]); err != nil {
+				return false
+			}
+			return h.ContentType == protocol.ContentTypeHandshake
+		},
+	}
+	parent, err := lc.Listen(network, laddr)
+	if err != nil {
+		return nil, err
+	}
+	return &listener{
+		config: config,
+		parent: parent,
+	}, nil
+}
+
+// NewListener creates a DTLS listener which accepts connections from an inner Listener.
+func NewListener(inner net.Listener, config *Config) (net.Listener, error) {
+	if err := validateConfig(config); err != nil {
+		return nil, err
+	}
+
+	return &listener{
+		config: config,
+		parent: inner,
+	}, nil
+}
+
+// listener represents a DTLS listener
+type listener struct {
+	config *Config
+	parent net.Listener
+}
+
+// Accept waits for and returns the next connection to the listener.
+// You have to either close or read on all connection that are created.
+// Connection handshake will timeout using ConnectContextMaker in the Config.
+// If you want to specify the timeout duration, set ConnectContextMaker.
+func (l *listener) Accept() (net.Conn, error) {
+	c, err := l.parent.Accept()
+	if err != nil {
+		return nil, err
+	}
+	return Server(c, l.config)
+}
+
+// Close closes the listener.
+// Any blocked Accept operations will be unblocked and return errors.
+// Already Accepted connections are not closed.
+func (l *listener) Close() error {
+	return l.parent.Close()
+}
+
+// Addr returns the listener's network address.
+func (l *listener) Addr() net.Addr {
+	return l.parent.Addr()
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/packet.go b/server/vendor/github.com/pion/dtls/v2/packet.go
new file mode 100644
index 0000000..55d6272
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/packet.go
@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import "github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+
+type packet struct {
+	record                   *recordlayer.RecordLayer
+	shouldEncrypt            bool
+	resetLocalSequenceNumber bool
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ccm/ccm.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ccm/ccm.go
new file mode 100644
index 0000000..d6e6fc4
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ccm/ccm.go
@@ -0,0 +1,254 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package ccm implements a CCM, Counter with CBC-MAC
+// as per RFC 3610.
+//
+// See https://tools.ietf.org/html/rfc3610
+//
+// This code was lifted from https://github.com/bocajim/dtls/blob/a3300364a283fcb490d28a93d7fcfa7ba437fbbe/ccm/ccm.go
+// and as such was not written by the Pions authors. Like Pions this
+// code is licensed under MIT.
+//
+// A request for including CCM into the Go standard library
+// can be found as issue #27484 on the https://github.com/golang/go/
+// repository.
+package ccm
+
+import (
+	"crypto/cipher"
+	"crypto/subtle"
+	"encoding/binary"
+	"errors"
+	"math"
+)
+
+// ccm represents a Counter with CBC-MAC with a specific key.
+type ccm struct {
+	b cipher.Block
+	M uint8
+	L uint8
+}
+
+const ccmBlockSize = 16
+
+// CCM is a block cipher in Counter with CBC-MAC mode.
+// Providing authenticated encryption with associated data via the cipher.AEAD interface.
+type CCM interface {
+	cipher.AEAD
+	// MaxLength returns the maxium length of plaintext in calls to Seal.
+	// The maximum length of ciphertext in calls to Open is MaxLength()+Overhead().
+	// The maximum length is related to CCM's `L` parameter (15-noncesize) and
+	// is 1<<(8*L) - 1 (but also limited by the maxium size of an int).
+	MaxLength() int
+}
+
+var (
+	errInvalidBlockSize = errors.New("ccm: NewCCM requires 128-bit block cipher")
+	errInvalidTagSize   = errors.New("ccm: tagsize must be 4, 6, 8, 10, 12, 14, or 16")
+	errInvalidNonceSize = errors.New("ccm: invalid nonce size")
+)
+
+// NewCCM returns the given 128-bit block cipher wrapped in CCM.
+// The tagsize must be an even integer between 4 and 16 inclusive
+// and is used as CCM's `M` parameter.
+// The noncesize must be an integer between 7 and 13 inclusive,
+// 15-noncesize is used as CCM's `L` parameter.
+func NewCCM(b cipher.Block, tagsize, noncesize int) (CCM, error) {
+	if b.BlockSize() != ccmBlockSize {
+		return nil, errInvalidBlockSize
+	}
+	if tagsize < 4 || tagsize > 16 || tagsize&1 != 0 {
+		return nil, errInvalidTagSize
+	}
+	lensize := 15 - noncesize
+	if lensize < 2 || lensize > 8 {
+		return nil, errInvalidNonceSize
+	}
+	c := &ccm{b: b, M: uint8(tagsize), L: uint8(lensize)}
+	return c, nil
+}
+
+func (c *ccm) NonceSize() int { return 15 - int(c.L) }
+func (c *ccm) Overhead() int  { return int(c.M) }
+func (c *ccm) MaxLength() int { return maxlen(c.L, c.Overhead()) }
+
+func maxlen(l uint8, tagsize int) int {
+	max := (uint64(1) << (8 * l)) - 1
+	if m64 := uint64(math.MaxInt64) - uint64(tagsize); l > 8 || max > m64 {
+		max = m64 // The maximum lentgh on a 64bit arch
+	}
+	if max != uint64(int(max)) {
+		return math.MaxInt32 - tagsize // We have only 32bit int's
+	}
+	return int(max)
+}
+
+// MaxNonceLength returns the maximum nonce length for a given plaintext length.
+// A return value <= 0 indicates that plaintext length is too large for
+// any nonce length.
+func MaxNonceLength(pdatalen int) int {
+	const tagsize = 16
+	for L := 2; L <= 8; L++ {
+		if maxlen(uint8(L), tagsize) >= pdatalen {
+			return 15 - L
+		}
+	}
+	return 0
+}
+
+func (c *ccm) cbcRound(mac, data []byte) {
+	for i := 0; i < ccmBlockSize; i++ {
+		mac[i] ^= data[i]
+	}
+	c.b.Encrypt(mac, mac)
+}
+
+func (c *ccm) cbcData(mac, data []byte) {
+	for len(data) >= ccmBlockSize {
+		c.cbcRound(mac, data[:ccmBlockSize])
+		data = data[ccmBlockSize:]
+	}
+	if len(data) > 0 {
+		var block [ccmBlockSize]byte
+		copy(block[:], data)
+		c.cbcRound(mac, block[:])
+	}
+}
+
+var errPlaintextTooLong = errors.New("ccm: plaintext too large")
+
+func (c *ccm) tag(nonce, plaintext, adata []byte) ([]byte, error) {
+	var mac [ccmBlockSize]byte
+
+	if len(adata) > 0 {
+		mac[0] |= 1 << 6
+	}
+	mac[0] |= (c.M - 2) << 2
+	mac[0] |= c.L - 1
+	if len(nonce) != c.NonceSize() {
+		return nil, errInvalidNonceSize
+	}
+	if len(plaintext) > c.MaxLength() {
+		return nil, errPlaintextTooLong
+	}
+	binary.BigEndian.PutUint64(mac[ccmBlockSize-8:], uint64(len(plaintext)))
+	copy(mac[1:ccmBlockSize-c.L], nonce)
+	c.b.Encrypt(mac[:], mac[:])
+
+	var block [ccmBlockSize]byte
+	if n := uint64(len(adata)); n > 0 {
+		// First adata block includes adata length
+		i := 2
+		if n <= 0xfeff {
+			binary.BigEndian.PutUint16(block[:i], uint16(n))
+		} else {
+			block[0] = 0xfe
+			block[1] = 0xff
+			if n < uint64(1<<32) {
+				i = 2 + 4
+				binary.BigEndian.PutUint32(block[2:i], uint32(n))
+			} else {
+				i = 2 + 8
+				binary.BigEndian.PutUint64(block[2:i], n)
+			}
+		}
+		i = copy(block[i:], adata)
+		c.cbcRound(mac[:], block[:])
+		c.cbcData(mac[:], adata[i:])
+	}
+
+	if len(plaintext) > 0 {
+		c.cbcData(mac[:], plaintext)
+	}
+
+	return mac[:c.M], nil
+}
+
+// sliceForAppend takes a slice and a requested number of bytes. It returns a
+// slice with the contents of the given slice followed by that many bytes and a
+// second slice that aliases into it and contains only the extra bytes. If the
+// original slice has sufficient capacity then no allocation is performed.
+// From crypto/cipher/gcm.go
+func sliceForAppend(in []byte, n int) (head, tail []byte) {
+	if total := len(in) + n; cap(in) >= total {
+		head = in[:total]
+	} else {
+		head = make([]byte, total)
+		copy(head, in)
+	}
+	tail = head[len(in):]
+	return
+}
+
+// Seal encrypts and authenticates plaintext, authenticates the
+// additional data and appends the result to dst, returning the updated
+// slice. The nonce must be NonceSize() bytes long and unique for all
+// time, for a given key.
+// The plaintext must be no longer than MaxLength() bytes long.
+//
+// The plaintext and dst may alias exactly or not at all.
+func (c *ccm) Seal(dst, nonce, plaintext, adata []byte) []byte {
+	tag, err := c.tag(nonce, plaintext, adata)
+	if err != nil {
+		// The cipher.AEAD interface doesn't allow for an error return.
+		panic(err) // nolint
+	}
+
+	var iv, s0 [ccmBlockSize]byte
+	iv[0] = c.L - 1
+	copy(iv[1:ccmBlockSize-c.L], nonce)
+	c.b.Encrypt(s0[:], iv[:])
+	for i := 0; i < int(c.M); i++ {
+		tag[i] ^= s0[i]
+	}
+	iv[len(iv)-1] |= 1
+	stream := cipher.NewCTR(c.b, iv[:])
+	ret, out := sliceForAppend(dst, len(plaintext)+int(c.M))
+	stream.XORKeyStream(out, plaintext)
+	copy(out[len(plaintext):], tag)
+	return ret
+}
+
+var (
+	errOpen               = errors.New("ccm: message authentication failed")
+	errCiphertextTooShort = errors.New("ccm: ciphertext too short")
+	errCiphertextTooLong  = errors.New("ccm: ciphertext too long")
+)
+
+func (c *ccm) Open(dst, nonce, ciphertext, adata []byte) ([]byte, error) {
+	if len(ciphertext) < int(c.M) {
+		return nil, errCiphertextTooShort
+	}
+	if len(ciphertext) > c.MaxLength()+c.Overhead() {
+		return nil, errCiphertextTooLong
+	}
+
+	tag := make([]byte, int(c.M))
+	copy(tag, ciphertext[len(ciphertext)-int(c.M):])
+	ciphertextWithoutTag := ciphertext[:len(ciphertext)-int(c.M)]
+
+	var iv, s0 [ccmBlockSize]byte
+	iv[0] = c.L - 1
+	copy(iv[1:ccmBlockSize-c.L], nonce)
+	c.b.Encrypt(s0[:], iv[:])
+	for i := 0; i < int(c.M); i++ {
+		tag[i] ^= s0[i]
+	}
+	iv[len(iv)-1] |= 1
+	stream := cipher.NewCTR(c.b, iv[:])
+
+	// Cannot decrypt directly to dst since we're not supposed to
+	// reveal the plaintext to the caller if authentication fails.
+	plaintext := make([]byte, len(ciphertextWithoutTag))
+	stream.XORKeyStream(plaintext, ciphertextWithoutTag)
+	expectedTag, err := c.tag(nonce, plaintext, adata)
+	if err != nil {
+		return nil, err
+	}
+
+	if subtle.ConstantTimeCompare(tag, expectedTag) != 1 {
+		return nil, errOpen
+	}
+	return append(dst, plaintext...), nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/cbc.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/cbc.go
new file mode 100644
index 0000000..460fb14
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/cbc.go
@@ -0,0 +1,177 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import ( //nolint:gci
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/hmac"
+	"crypto/rand"
+	"encoding/binary"
+	"hash"
+
+	"github.com/pion/dtls/v2/internal/util"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// block ciphers using cipher block chaining.
+type cbcMode interface {
+	cipher.BlockMode
+	SetIV([]byte)
+}
+
+// CBC Provides an API to Encrypt/Decrypt DTLS 1.2 Packets
+type CBC struct {
+	writeCBC, readCBC cbcMode
+	writeMac, readMac []byte
+	h                 prf.HashFunc
+}
+
+// NewCBC creates a DTLS CBC Cipher
+func NewCBC(localKey, localWriteIV, localMac, remoteKey, remoteWriteIV, remoteMac []byte, h prf.HashFunc) (*CBC, error) {
+	writeBlock, err := aes.NewCipher(localKey)
+	if err != nil {
+		return nil, err
+	}
+
+	readBlock, err := aes.NewCipher(remoteKey)
+	if err != nil {
+		return nil, err
+	}
+
+	writeCBC, ok := cipher.NewCBCEncrypter(writeBlock, localWriteIV).(cbcMode)
+	if !ok {
+		return nil, errFailedToCast
+	}
+
+	readCBC, ok := cipher.NewCBCDecrypter(readBlock, remoteWriteIV).(cbcMode)
+	if !ok {
+		return nil, errFailedToCast
+	}
+
+	return &CBC{
+		writeCBC: writeCBC,
+		writeMac: localMac,
+
+		readCBC: readCBC,
+		readMac: remoteMac,
+		h:       h,
+	}, nil
+}
+
+// Encrypt encrypt a DTLS RecordLayer message
+func (c *CBC) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error) {
+	payload := raw[recordlayer.HeaderSize:]
+	raw = raw[:recordlayer.HeaderSize]
+	blockSize := c.writeCBC.BlockSize()
+
+	// Generate + Append MAC
+	h := pkt.Header
+
+	MAC, err := c.hmac(h.Epoch, h.SequenceNumber, h.ContentType, h.Version, payload, c.writeMac, c.h)
+	if err != nil {
+		return nil, err
+	}
+	payload = append(payload, MAC...)
+
+	// Generate + Append padding
+	padding := make([]byte, blockSize-len(payload)%blockSize)
+	paddingLen := len(padding)
+	for i := 0; i < paddingLen; i++ {
+		padding[i] = byte(paddingLen - 1)
+	}
+	payload = append(payload, padding...)
+
+	// Generate IV
+	iv := make([]byte, blockSize)
+	if _, err := rand.Read(iv); err != nil {
+		return nil, err
+	}
+
+	// Set IV + Encrypt + Prepend IV
+	c.writeCBC.SetIV(iv)
+	c.writeCBC.CryptBlocks(payload, payload)
+	payload = append(iv, payload...)
+
+	// Prepend unencrypte header with encrypted payload
+	raw = append(raw, payload...)
+
+	// Update recordLayer size to include IV+MAC+Padding
+	binary.BigEndian.PutUint16(raw[recordlayer.HeaderSize-2:], uint16(len(raw)-recordlayer.HeaderSize))
+
+	return raw, nil
+}
+
+// Decrypt decrypts a DTLS RecordLayer message
+func (c *CBC) Decrypt(in []byte) ([]byte, error) {
+	body := in[recordlayer.HeaderSize:]
+	blockSize := c.readCBC.BlockSize()
+	mac := c.h()
+
+	var h recordlayer.Header
+	err := h.Unmarshal(in)
+	switch {
+	case err != nil:
+		return nil, err
+	case h.ContentType == protocol.ContentTypeChangeCipherSpec:
+		// Nothing to encrypt with ChangeCipherSpec
+		return in, nil
+	case len(body)%blockSize != 0 || len(body) < blockSize+util.Max(mac.Size()+1, blockSize):
+		return nil, errNotEnoughRoomForNonce
+	}
+
+	// Set + remove per record IV
+	c.readCBC.SetIV(body[:blockSize])
+	body = body[blockSize:]
+
+	// Decrypt
+	c.readCBC.CryptBlocks(body, body)
+
+	// Padding+MAC needs to be checked in constant time
+	// Otherwise we reveal information about the level of correctness
+	paddingLen, paddingGood := examinePadding(body)
+	if paddingGood != 255 {
+		return nil, errInvalidMAC
+	}
+
+	macSize := mac.Size()
+	if len(body) < macSize {
+		return nil, errInvalidMAC
+	}
+
+	dataEnd := len(body) - macSize - paddingLen
+
+	expectedMAC := body[dataEnd : dataEnd+macSize]
+	actualMAC, err := c.hmac(h.Epoch, h.SequenceNumber, h.ContentType, h.Version, body[:dataEnd], c.readMac, c.h)
+
+	// Compute Local MAC and compare
+	if err != nil || !hmac.Equal(actualMAC, expectedMAC) {
+		return nil, errInvalidMAC
+	}
+
+	return append(in[:recordlayer.HeaderSize], body[:dataEnd]...), nil
+}
+
+func (c *CBC) hmac(epoch uint16, sequenceNumber uint64, contentType protocol.ContentType, protocolVersion protocol.Version, payload []byte, key []byte, hf func() hash.Hash) ([]byte, error) {
+	h := hmac.New(hf, key)
+
+	msg := make([]byte, 13)
+
+	binary.BigEndian.PutUint16(msg, epoch)
+	util.PutBigEndianUint48(msg[2:], sequenceNumber)
+	msg[8] = byte(contentType)
+	msg[9] = protocolVersion.Major
+	msg[10] = protocolVersion.Minor
+	binary.BigEndian.PutUint16(msg[11:], uint16(len(payload)))
+
+	if _, err := h.Write(msg); err != nil {
+		return nil, err
+	} else if _, err := h.Write(payload); err != nil {
+		return nil, err
+	}
+
+	return h.Sum(nil), nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/ccm.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/ccm.go
new file mode 100644
index 0000000..24050dc
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/ccm.go
@@ -0,0 +1,107 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"crypto/aes"
+	"crypto/rand"
+	"encoding/binary"
+	"fmt"
+
+	"github.com/pion/dtls/v2/pkg/crypto/ccm"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+// CCMTagLen is the length of Authentication Tag
+type CCMTagLen int
+
+// CCM Enums
+const (
+	CCMTagLength8  CCMTagLen = 8
+	CCMTagLength   CCMTagLen = 16
+	ccmNonceLength           = 12
+)
+
+// CCM Provides an API to Encrypt/Decrypt DTLS 1.2 Packets
+type CCM struct {
+	localCCM, remoteCCM         ccm.CCM
+	localWriteIV, remoteWriteIV []byte
+	tagLen                      CCMTagLen
+}
+
+// NewCCM creates a DTLS GCM Cipher
+func NewCCM(tagLen CCMTagLen, localKey, localWriteIV, remoteKey, remoteWriteIV []byte) (*CCM, error) {
+	localBlock, err := aes.NewCipher(localKey)
+	if err != nil {
+		return nil, err
+	}
+	localCCM, err := ccm.NewCCM(localBlock, int(tagLen), ccmNonceLength)
+	if err != nil {
+		return nil, err
+	}
+
+	remoteBlock, err := aes.NewCipher(remoteKey)
+	if err != nil {
+		return nil, err
+	}
+	remoteCCM, err := ccm.NewCCM(remoteBlock, int(tagLen), ccmNonceLength)
+	if err != nil {
+		return nil, err
+	}
+
+	return &CCM{
+		localCCM:      localCCM,
+		localWriteIV:  localWriteIV,
+		remoteCCM:     remoteCCM,
+		remoteWriteIV: remoteWriteIV,
+		tagLen:        tagLen,
+	}, nil
+}
+
+// Encrypt encrypt a DTLS RecordLayer message
+func (c *CCM) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error) {
+	payload := raw[recordlayer.HeaderSize:]
+	raw = raw[:recordlayer.HeaderSize]
+
+	nonce := append(append([]byte{}, c.localWriteIV[:4]...), make([]byte, 8)...)
+	if _, err := rand.Read(nonce[4:]); err != nil {
+		return nil, err
+	}
+
+	additionalData := generateAEADAdditionalData(&pkt.Header, len(payload))
+	encryptedPayload := c.localCCM.Seal(nil, nonce, payload, additionalData)
+
+	encryptedPayload = append(nonce[4:], encryptedPayload...)
+	raw = append(raw, encryptedPayload...)
+
+	// Update recordLayer size to include explicit nonce
+	binary.BigEndian.PutUint16(raw[recordlayer.HeaderSize-2:], uint16(len(raw)-recordlayer.HeaderSize))
+	return raw, nil
+}
+
+// Decrypt decrypts a DTLS RecordLayer message
+func (c *CCM) Decrypt(in []byte) ([]byte, error) {
+	var h recordlayer.Header
+	err := h.Unmarshal(in)
+	switch {
+	case err != nil:
+		return nil, err
+	case h.ContentType == protocol.ContentTypeChangeCipherSpec:
+		// Nothing to encrypt with ChangeCipherSpec
+		return in, nil
+	case len(in) <= (8 + recordlayer.HeaderSize):
+		return nil, errNotEnoughRoomForNonce
+	}
+
+	nonce := append(append([]byte{}, c.remoteWriteIV[:4]...), in[recordlayer.HeaderSize:recordlayer.HeaderSize+8]...)
+	out := in[recordlayer.HeaderSize+8:]
+
+	additionalData := generateAEADAdditionalData(&h, len(out)-int(c.tagLen))
+	out, err = c.remoteCCM.Open(out[:0], nonce, out, additionalData)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", errDecryptPacket, err) //nolint:errorlint
+	}
+	return append(in[:recordlayer.HeaderSize], out...), nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/ciphersuite.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/ciphersuite.go
new file mode 100644
index 0000000..9d9fb74
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/ciphersuite.go
@@ -0,0 +1,76 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package ciphersuite provides the crypto operations needed for a DTLS CipherSuite
+package ciphersuite
+
+import (
+	"encoding/binary"
+	"errors"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+var (
+	errNotEnoughRoomForNonce = &protocol.InternalError{Err: errors.New("buffer not long enough to contain nonce")} //nolint:goerr113
+	errDecryptPacket         = &protocol.TemporaryError{Err: errors.New("failed to decrypt packet")}               //nolint:goerr113
+	errInvalidMAC            = &protocol.TemporaryError{Err: errors.New("invalid mac")}                            //nolint:goerr113
+	errFailedToCast          = &protocol.FatalError{Err: errors.New("failed to cast")}                             //nolint:goerr113
+)
+
+func generateAEADAdditionalData(h *recordlayer.Header, payloadLen int) []byte {
+	var additionalData [13]byte
+	// SequenceNumber MUST be set first
+	// we only want uint48, clobbering an extra 2 (using uint64, Golang doesn't have uint48)
+	binary.BigEndian.PutUint64(additionalData[:], h.SequenceNumber)
+	binary.BigEndian.PutUint16(additionalData[:], h.Epoch)
+	additionalData[8] = byte(h.ContentType)
+	additionalData[9] = h.Version.Major
+	additionalData[10] = h.Version.Minor
+	binary.BigEndian.PutUint16(additionalData[len(additionalData)-2:], uint16(payloadLen))
+
+	return additionalData[:]
+}
+
+// examinePadding returns, in constant time, the length of the padding to remove
+// from the end of payload. It also returns a byte which is equal to 255 if the
+// padding was valid and 0 otherwise. See RFC 2246, Section 6.2.3.2.
+//
+// https://github.com/golang/go/blob/039c2081d1178f90a8fa2f4e6958693129f8de33/src/crypto/tls/conn.go#L245
+func examinePadding(payload []byte) (toRemove int, good byte) {
+	if len(payload) < 1 {
+		return 0, 0
+	}
+
+	paddingLen := payload[len(payload)-1]
+	t := uint(len(payload)-1) - uint(paddingLen)
+	// if len(payload) >= (paddingLen - 1) then the MSB of t is zero
+	good = byte(int32(^t) >> 31)
+
+	// The maximum possible padding length plus the actual length field
+	toCheck := 256
+	// The length of the padded data is public, so we can use an if here
+	if toCheck > len(payload) {
+		toCheck = len(payload)
+	}
+
+	for i := 0; i < toCheck; i++ {
+		t := uint(paddingLen) - uint(i)
+		// if i <= paddingLen then the MSB of t is zero
+		mask := byte(int32(^t) >> 31)
+		b := payload[len(payload)-1-i]
+		good &^= mask&paddingLen ^ mask&b
+	}
+
+	// We AND together the bits of good and replicate the result across
+	// all the bits.
+	good &= good << 4
+	good &= good << 2
+	good &= good << 1
+	good = uint8(int8(good) >> 7)
+
+	toRemove = int(paddingLen) + 1
+
+	return toRemove, good
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/gcm.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/gcm.go
new file mode 100644
index 0000000..c0fd1f7
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/ciphersuite/gcm.go
@@ -0,0 +1,103 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ciphersuite
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"encoding/binary"
+	"fmt"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/recordlayer"
+)
+
+const (
+	gcmTagLength   = 16
+	gcmNonceLength = 12
+)
+
+// GCM Provides an API to Encrypt/Decrypt DTLS 1.2 Packets
+type GCM struct {
+	localGCM, remoteGCM         cipher.AEAD
+	localWriteIV, remoteWriteIV []byte
+}
+
+// NewGCM creates a DTLS GCM Cipher
+func NewGCM(localKey, localWriteIV, remoteKey, remoteWriteIV []byte) (*GCM, error) {
+	localBlock, err := aes.NewCipher(localKey)
+	if err != nil {
+		return nil, err
+	}
+	localGCM, err := cipher.NewGCM(localBlock)
+	if err != nil {
+		return nil, err
+	}
+
+	remoteBlock, err := aes.NewCipher(remoteKey)
+	if err != nil {
+		return nil, err
+	}
+	remoteGCM, err := cipher.NewGCM(remoteBlock)
+	if err != nil {
+		return nil, err
+	}
+
+	return &GCM{
+		localGCM:      localGCM,
+		localWriteIV:  localWriteIV,
+		remoteGCM:     remoteGCM,
+		remoteWriteIV: remoteWriteIV,
+	}, nil
+}
+
+// Encrypt encrypt a DTLS RecordLayer message
+func (g *GCM) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error) {
+	payload := raw[recordlayer.HeaderSize:]
+	raw = raw[:recordlayer.HeaderSize]
+
+	nonce := make([]byte, gcmNonceLength)
+	copy(nonce, g.localWriteIV[:4])
+	if _, err := rand.Read(nonce[4:]); err != nil {
+		return nil, err
+	}
+
+	additionalData := generateAEADAdditionalData(&pkt.Header, len(payload))
+	encryptedPayload := g.localGCM.Seal(nil, nonce, payload, additionalData)
+	r := make([]byte, len(raw)+len(nonce[4:])+len(encryptedPayload))
+	copy(r, raw)
+	copy(r[len(raw):], nonce[4:])
+	copy(r[len(raw)+len(nonce[4:]):], encryptedPayload)
+
+	// Update recordLayer size to include explicit nonce
+	binary.BigEndian.PutUint16(r[recordlayer.HeaderSize-2:], uint16(len(r)-recordlayer.HeaderSize))
+	return r, nil
+}
+
+// Decrypt decrypts a DTLS RecordLayer message
+func (g *GCM) Decrypt(in []byte) ([]byte, error) {
+	var h recordlayer.Header
+	err := h.Unmarshal(in)
+	switch {
+	case err != nil:
+		return nil, err
+	case h.ContentType == protocol.ContentTypeChangeCipherSpec:
+		// Nothing to encrypt with ChangeCipherSpec
+		return in, nil
+	case len(in) <= (8 + recordlayer.HeaderSize):
+		return nil, errNotEnoughRoomForNonce
+	}
+
+	nonce := make([]byte, 0, gcmNonceLength)
+	nonce = append(append(nonce, g.remoteWriteIV[:4]...), in[recordlayer.HeaderSize:recordlayer.HeaderSize+8]...)
+	out := in[recordlayer.HeaderSize+8:]
+
+	additionalData := generateAEADAdditionalData(&h, len(out)-gcmTagLength)
+	out, err = g.remoteGCM.Open(out[:0], nonce, out, additionalData)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", errDecryptPacket, err) //nolint:errorlint
+	}
+	return append(in[:recordlayer.HeaderSize], out...), nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/clientcertificate/client_certificate.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/clientcertificate/client_certificate.go
new file mode 100644
index 0000000..ddfa39e
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/clientcertificate/client_certificate.go
@@ -0,0 +1,25 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package clientcertificate provides all the support Client Certificate types
+package clientcertificate
+
+// Type is used to communicate what
+// type of certificate is being transported
+//
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-2
+type Type byte
+
+// ClientCertificateType enums
+const (
+	RSASign   Type = 1
+	ECDSASign Type = 64
+)
+
+// Types returns all valid ClientCertificate Types
+func Types() map[Type]bool {
+	return map[Type]bool{
+		RSASign:   true,
+		ECDSASign: true,
+	}
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/elliptic/elliptic.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/elliptic/elliptic.go
new file mode 100644
index 0000000..1265238
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/elliptic/elliptic.go
@@ -0,0 +1,115 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package elliptic provides elliptic curve cryptography for DTLS
+package elliptic
+
+import (
+	"crypto/elliptic"
+	"crypto/rand"
+	"errors"
+	"fmt"
+
+	"golang.org/x/crypto/curve25519"
+)
+
+var errInvalidNamedCurve = errors.New("invalid named curve")
+
+// CurvePointFormat is used to represent the IANA registered curve points
+//
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9
+type CurvePointFormat byte
+
+// CurvePointFormat enums
+const (
+	CurvePointFormatUncompressed CurvePointFormat = 0
+)
+
+// Keypair is a Curve with a Private/Public Keypair
+type Keypair struct {
+	Curve      Curve
+	PublicKey  []byte
+	PrivateKey []byte
+}
+
+// CurveType is used to represent the IANA registered curve types for TLS
+//
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-10
+type CurveType byte
+
+// CurveType enums
+const (
+	CurveTypeNamedCurve CurveType = 0x03
+)
+
+// CurveTypes returns all known curves
+func CurveTypes() map[CurveType]struct{} {
+	return map[CurveType]struct{}{
+		CurveTypeNamedCurve: {},
+	}
+}
+
+// Curve is used to represent the IANA registered curves for TLS
+//
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
+type Curve uint16
+
+// Curve enums
+const (
+	P256   Curve = 0x0017
+	P384   Curve = 0x0018
+	X25519 Curve = 0x001d
+)
+
+func (c Curve) String() string {
+	switch c {
+	case P256:
+		return "P-256"
+	case P384:
+		return "P-384"
+	case X25519:
+		return "X25519"
+	}
+	return fmt.Sprintf("%#x", uint16(c))
+}
+
+// Curves returns all curves we implement
+func Curves() map[Curve]bool {
+	return map[Curve]bool{
+		X25519: true,
+		P256:   true,
+		P384:   true,
+	}
+}
+
+// GenerateKeypair generates a keypair for the given Curve
+func GenerateKeypair(c Curve) (*Keypair, error) {
+	switch c { //nolint:revive
+	case X25519:
+		tmp := make([]byte, 32)
+		if _, err := rand.Read(tmp); err != nil {
+			return nil, err
+		}
+
+		var public, private [32]byte
+		copy(private[:], tmp)
+
+		curve25519.ScalarBaseMult(&public, &private)
+		return &Keypair{X25519, public[:], private[:]}, nil
+	case P256:
+		return ellipticCurveKeypair(P256, elliptic.P256(), elliptic.P256())
+	case P384:
+		return ellipticCurveKeypair(P384, elliptic.P384(), elliptic.P384())
+	default:
+		return nil, errInvalidNamedCurve
+	}
+}
+
+func ellipticCurveKeypair(nc Curve, c1, c2 elliptic.Curve) (*Keypair, error) {
+	privateKey, x, y, err := elliptic.GenerateKey(c1, rand.Reader)
+	if err != nil {
+		return nil, err
+	}
+
+	return &Keypair{nc, elliptic.Marshal(c2, x, y), privateKey}, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/fingerprint/fingerprint.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/fingerprint/fingerprint.go
new file mode 100644
index 0000000..7c66265
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/fingerprint/fingerprint.go
@@ -0,0 +1,53 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package fingerprint provides a helper to create fingerprint string from certificate
+package fingerprint
+
+import (
+	"crypto"
+	"crypto/x509"
+	"errors"
+	"fmt"
+)
+
+var (
+	errHashUnavailable          = errors.New("fingerprint: hash algorithm is not linked into the binary")
+	errInvalidFingerprintLength = errors.New("fingerprint: invalid fingerprint length")
+)
+
+// Fingerprint creates a fingerprint for a certificate using the specified hash algorithm
+func Fingerprint(cert *x509.Certificate, algo crypto.Hash) (string, error) {
+	if !algo.Available() {
+		return "", errHashUnavailable
+	}
+	h := algo.New()
+	for i := 0; i < len(cert.Raw); {
+		n, _ := h.Write(cert.Raw[i:])
+		// Hash.Writer is specified to be never returning an error.
+		// https://golang.org/pkg/hash/#Hash
+		i += n
+	}
+	digest := []byte(fmt.Sprintf("%x", h.Sum(nil)))
+
+	digestlen := len(digest)
+	if digestlen == 0 {
+		return "", nil
+	}
+	if digestlen%2 != 0 {
+		return "", errInvalidFingerprintLength
+	}
+	res := make([]byte, digestlen>>1+digestlen-1)
+
+	pos := 0
+	for i, c := range digest {
+		res[pos] = c
+		pos++
+		if (i)%2 != 0 && i < digestlen-1 {
+			res[pos] = byte(':')
+			pos++
+		}
+	}
+
+	return string(res), nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/fingerprint/hash.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/fingerprint/hash.go
new file mode 100644
index 0000000..3f988ff
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/fingerprint/hash.go
@@ -0,0 +1,41 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package fingerprint
+
+import (
+	"crypto"
+	"errors"
+	"strings"
+)
+
+var errInvalidHashAlgorithm = errors.New("fingerprint: invalid hash algorithm")
+
+func nameToHash() map[string]crypto.Hash {
+	return map[string]crypto.Hash{
+		"md5":     crypto.MD5,    // [RFC3279]
+		"sha-1":   crypto.SHA1,   // [RFC3279]
+		"sha-224": crypto.SHA224, // [RFC4055]
+		"sha-256": crypto.SHA256, // [RFC4055]
+		"sha-384": crypto.SHA384, // [RFC4055]
+		"sha-512": crypto.SHA512, // [RFC4055]
+	}
+}
+
+// HashFromString allows looking up a hash algorithm by it's string representation
+func HashFromString(s string) (crypto.Hash, error) {
+	if h, ok := nameToHash()[strings.ToLower(s)]; ok {
+		return h, nil
+	}
+	return 0, errInvalidHashAlgorithm
+}
+
+// StringFromHash allows looking up a string representation of the crypto.Hash.
+func StringFromHash(hash crypto.Hash) (string, error) {
+	for s, h := range nameToHash() {
+		if h == hash {
+			return s, nil
+		}
+	}
+	return "", errInvalidHashAlgorithm
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/hash/hash.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/hash/hash.go
new file mode 100644
index 0000000..9966626
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/hash/hash.go
@@ -0,0 +1,129 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package hash provides TLS HashAlgorithm as defined in TLS 1.2
+package hash
+
+import ( //nolint:gci
+	"crypto"
+	"crypto/md5"  //nolint:gosec
+	"crypto/sha1" //nolint:gosec
+	"crypto/sha256"
+	"crypto/sha512"
+)
+
+// Algorithm is used to indicate the hash algorithm used
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
+type Algorithm uint16
+
+// Supported hash algorithms
+const (
+	None    Algorithm = 0 // Blacklisted
+	MD5     Algorithm = 1 // Blacklisted
+	SHA1    Algorithm = 2 // Blacklisted
+	SHA224  Algorithm = 3
+	SHA256  Algorithm = 4
+	SHA384  Algorithm = 5
+	SHA512  Algorithm = 6
+	Ed25519 Algorithm = 8
+)
+
+// String makes hashAlgorithm printable
+func (a Algorithm) String() string {
+	switch a {
+	case None:
+		return "none"
+	case MD5:
+		return "md5" // [RFC3279]
+	case SHA1:
+		return "sha-1" // [RFC3279]
+	case SHA224:
+		return "sha-224" // [RFC4055]
+	case SHA256:
+		return "sha-256" // [RFC4055]
+	case SHA384:
+		return "sha-384" // [RFC4055]
+	case SHA512:
+		return "sha-512" // [RFC4055]
+	case Ed25519:
+		return "null"
+	default:
+		return "unknown or unsupported hash algorithm"
+	}
+}
+
+// Digest performs a digest on the passed value
+func (a Algorithm) Digest(b []byte) []byte {
+	switch a {
+	case None:
+		return nil
+	case MD5:
+		hash := md5.Sum(b) // #nosec
+		return hash[:]
+	case SHA1:
+		hash := sha1.Sum(b) // #nosec
+		return hash[:]
+	case SHA224:
+		hash := sha256.Sum224(b)
+		return hash[:]
+	case SHA256:
+		hash := sha256.Sum256(b)
+		return hash[:]
+	case SHA384:
+		hash := sha512.Sum384(b)
+		return hash[:]
+	case SHA512:
+		hash := sha512.Sum512(b)
+		return hash[:]
+	default:
+		return nil
+	}
+}
+
+// Insecure returns if the given HashAlgorithm is considered secure in DTLS 1.2
+func (a Algorithm) Insecure() bool {
+	switch a {
+	case None, MD5, SHA1:
+		return true
+	default:
+		return false
+	}
+}
+
+// CryptoHash returns the crypto.Hash implementation for the given HashAlgorithm
+func (a Algorithm) CryptoHash() crypto.Hash {
+	switch a {
+	case None:
+		return crypto.Hash(0)
+	case MD5:
+		return crypto.MD5
+	case SHA1:
+		return crypto.SHA1
+	case SHA224:
+		return crypto.SHA224
+	case SHA256:
+		return crypto.SHA256
+	case SHA384:
+		return crypto.SHA384
+	case SHA512:
+		return crypto.SHA512
+	case Ed25519:
+		return crypto.Hash(0)
+	default:
+		return crypto.Hash(0)
+	}
+}
+
+// Algorithms returns all the supported Hash Algorithms
+func Algorithms() map[Algorithm]struct{} {
+	return map[Algorithm]struct{}{
+		None:    {},
+		MD5:     {},
+		SHA1:    {},
+		SHA224:  {},
+		SHA256:  {},
+		SHA384:  {},
+		SHA512:  {},
+		Ed25519: {},
+	}
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/prf/prf.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/prf/prf.go
new file mode 100644
index 0000000..6e7b3ec
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/prf/prf.go
@@ -0,0 +1,255 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package prf implements TLS 1.2 Pseudorandom functions
+package prf
+
+import ( //nolint:gci
+	ellipticStdlib "crypto/elliptic"
+	"crypto/hmac"
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"hash"
+	"math"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"golang.org/x/crypto/curve25519"
+)
+
+const (
+	masterSecretLabel         = "master secret"
+	extendedMasterSecretLabel = "extended master secret"
+	keyExpansionLabel         = "key expansion"
+	verifyDataClientLabel     = "client finished"
+	verifyDataServerLabel     = "server finished"
+)
+
+// HashFunc allows callers to decide what hash is used in PRF
+type HashFunc func() hash.Hash
+
+// EncryptionKeys is all the state needed for a TLS CipherSuite
+type EncryptionKeys struct {
+	MasterSecret   []byte
+	ClientMACKey   []byte
+	ServerMACKey   []byte
+	ClientWriteKey []byte
+	ServerWriteKey []byte
+	ClientWriteIV  []byte
+	ServerWriteIV  []byte
+}
+
+var errInvalidNamedCurve = &protocol.FatalError{Err: errors.New("invalid named curve")} //nolint:goerr113
+
+func (e *EncryptionKeys) String() string {
+	return fmt.Sprintf(`encryptionKeys:
+- masterSecret: %#v
+- clientMACKey: %#v
+- serverMACKey: %#v
+- clientWriteKey: %#v
+- serverWriteKey: %#v
+- clientWriteIV: %#v
+- serverWriteIV: %#v
+`,
+		e.MasterSecret,
+		e.ClientMACKey,
+		e.ServerMACKey,
+		e.ClientWriteKey,
+		e.ServerWriteKey,
+		e.ClientWriteIV,
+		e.ServerWriteIV)
+}
+
+// PSKPreMasterSecret generates the PSK Premaster Secret
+// The premaster secret is formed as follows: if the PSK is N octets
+// long, concatenate a uint16 with the value N, N zero octets, a second
+// uint16 with the value N, and the PSK itself.
+//
+// https://tools.ietf.org/html/rfc4279#section-2
+func PSKPreMasterSecret(psk []byte) []byte {
+	pskLen := uint16(len(psk))
+
+	out := append(make([]byte, 2+pskLen+2), psk...)
+	binary.BigEndian.PutUint16(out, pskLen)
+	binary.BigEndian.PutUint16(out[2+pskLen:], pskLen)
+
+	return out
+}
+
+// EcdhePSKPreMasterSecret implements TLS 1.2 Premaster Secret generation given a psk, a keypair and a curve
+//
+// https://datatracker.ietf.org/doc/html/rfc5489#section-2
+func EcdhePSKPreMasterSecret(psk, publicKey, privateKey []byte, curve elliptic.Curve) ([]byte, error) {
+	preMasterSecret, err := PreMasterSecret(publicKey, privateKey, curve)
+	if err != nil {
+		return nil, err
+	}
+	out := make([]byte, 2+len(preMasterSecret)+2+len(psk))
+
+	// write preMasterSecret length
+	offset := 0
+	binary.BigEndian.PutUint16(out[offset:], uint16(len(preMasterSecret)))
+	offset += 2
+
+	// write preMasterSecret
+	copy(out[offset:], preMasterSecret)
+	offset += len(preMasterSecret)
+
+	// write psk length
+	binary.BigEndian.PutUint16(out[offset:], uint16(len(psk)))
+	offset += 2
+
+	// write psk
+	copy(out[offset:], psk)
+	return out, nil
+}
+
+// PreMasterSecret implements TLS 1.2 Premaster Secret generation given a keypair and a curve
+func PreMasterSecret(publicKey, privateKey []byte, curve elliptic.Curve) ([]byte, error) {
+	switch curve {
+	case elliptic.X25519:
+		return curve25519.X25519(privateKey, publicKey)
+	case elliptic.P256:
+		return ellipticCurvePreMasterSecret(publicKey, privateKey, ellipticStdlib.P256(), ellipticStdlib.P256())
+	case elliptic.P384:
+		return ellipticCurvePreMasterSecret(publicKey, privateKey, ellipticStdlib.P384(), ellipticStdlib.P384())
+	default:
+		return nil, errInvalidNamedCurve
+	}
+}
+
+func ellipticCurvePreMasterSecret(publicKey, privateKey []byte, c1, c2 ellipticStdlib.Curve) ([]byte, error) {
+	x, y := ellipticStdlib.Unmarshal(c1, publicKey)
+	if x == nil || y == nil {
+		return nil, errInvalidNamedCurve
+	}
+
+	result, _ := c2.ScalarMult(x, y, privateKey)
+	preMasterSecret := make([]byte, (c2.Params().BitSize+7)>>3)
+	resultBytes := result.Bytes()
+	copy(preMasterSecret[len(preMasterSecret)-len(resultBytes):], resultBytes)
+	return preMasterSecret, nil
+}
+
+// PHash is PRF is the SHA-256 hash function is used for all cipher suites
+// defined in this TLS 1.2 document and in TLS documents published prior to this
+// document when TLS 1.2 is negotiated.  New cipher suites MUST explicitly
+// specify a PRF and, in general, SHOULD use the TLS PRF with SHA-256 or a
+// stronger standard hash function.
+//
+//	P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +
+//	                       HMAC_hash(secret, A(2) + seed) +
+//	                       HMAC_hash(secret, A(3) + seed) + ...
+//
+// A() is defined as:
+//
+//	A(0) = seed
+//	A(i) = HMAC_hash(secret, A(i-1))
+//
+// P_hash can be iterated as many times as necessary to produce the
+// required quantity of data.  For example, if P_SHA256 is being used to
+// create 80 bytes of data, it will have to be iterated three times
+// (through A(3)), creating 96 bytes of output data; the last 16 bytes
+// of the final iteration will then be discarded, leaving 80 bytes of
+// output data.
+//
+// https://tools.ietf.org/html/rfc4346w
+func PHash(secret, seed []byte, requestedLength int, h HashFunc) ([]byte, error) {
+	hmacSHA256 := func(key, data []byte) ([]byte, error) {
+		mac := hmac.New(h, key)
+		if _, err := mac.Write(data); err != nil {
+			return nil, err
+		}
+		return mac.Sum(nil), nil
+	}
+
+	var err error
+	lastRound := seed
+	out := []byte{}
+
+	iterations := int(math.Ceil(float64(requestedLength) / float64(h().Size())))
+	for i := 0; i < iterations; i++ {
+		lastRound, err = hmacSHA256(secret, lastRound)
+		if err != nil {
+			return nil, err
+		}
+		withSecret, err := hmacSHA256(secret, append(lastRound, seed...))
+		if err != nil {
+			return nil, err
+		}
+		out = append(out, withSecret...)
+	}
+
+	return out[:requestedLength], nil
+}
+
+// ExtendedMasterSecret generates a Extended MasterSecret as defined in
+// https://tools.ietf.org/html/rfc7627
+func ExtendedMasterSecret(preMasterSecret, sessionHash []byte, h HashFunc) ([]byte, error) {
+	seed := append([]byte(extendedMasterSecretLabel), sessionHash...)
+	return PHash(preMasterSecret, seed, 48, h)
+}
+
+// MasterSecret generates a TLS 1.2 MasterSecret
+func MasterSecret(preMasterSecret, clientRandom, serverRandom []byte, h HashFunc) ([]byte, error) {
+	seed := append(append([]byte(masterSecretLabel), clientRandom...), serverRandom...)
+	return PHash(preMasterSecret, seed, 48, h)
+}
+
+// GenerateEncryptionKeys is the final step TLS 1.2 PRF. Given all state generated so far generates
+// the final keys need for encryption
+func GenerateEncryptionKeys(masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int, h HashFunc) (*EncryptionKeys, error) {
+	seed := append(append([]byte(keyExpansionLabel), serverRandom...), clientRandom...)
+	keyMaterial, err := PHash(masterSecret, seed, (2*macLen)+(2*keyLen)+(2*ivLen), h)
+	if err != nil {
+		return nil, err
+	}
+
+	clientMACKey := keyMaterial[:macLen]
+	keyMaterial = keyMaterial[macLen:]
+
+	serverMACKey := keyMaterial[:macLen]
+	keyMaterial = keyMaterial[macLen:]
+
+	clientWriteKey := keyMaterial[:keyLen]
+	keyMaterial = keyMaterial[keyLen:]
+
+	serverWriteKey := keyMaterial[:keyLen]
+	keyMaterial = keyMaterial[keyLen:]
+
+	clientWriteIV := keyMaterial[:ivLen]
+	keyMaterial = keyMaterial[ivLen:]
+
+	serverWriteIV := keyMaterial[:ivLen]
+
+	return &EncryptionKeys{
+		MasterSecret:   masterSecret,
+		ClientMACKey:   clientMACKey,
+		ServerMACKey:   serverMACKey,
+		ClientWriteKey: clientWriteKey,
+		ServerWriteKey: serverWriteKey,
+		ClientWriteIV:  clientWriteIV,
+		ServerWriteIV:  serverWriteIV,
+	}, nil
+}
+
+func prfVerifyData(masterSecret, handshakeBodies []byte, label string, hashFunc HashFunc) ([]byte, error) {
+	h := hashFunc()
+	if _, err := h.Write(handshakeBodies); err != nil {
+		return nil, err
+	}
+
+	seed := append([]byte(label), h.Sum(nil)...)
+	return PHash(masterSecret, seed, 12, hashFunc)
+}
+
+// VerifyDataClient is caled on the Client Side to either verify or generate the VerifyData message
+func VerifyDataClient(masterSecret, handshakeBodies []byte, h HashFunc) ([]byte, error) {
+	return prfVerifyData(masterSecret, handshakeBodies, verifyDataClientLabel, h)
+}
+
+// VerifyDataServer is caled on the Server Side to either verify or generate the VerifyData message
+func VerifyDataServer(masterSecret, handshakeBodies []byte, h HashFunc) ([]byte, error) {
+	return prfVerifyData(masterSecret, handshakeBodies, verifyDataServerLabel, h)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signature/signature.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signature/signature.go
new file mode 100644
index 0000000..fec7fba
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signature/signature.go
@@ -0,0 +1,27 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package signature provides our implemented Signature Algorithms
+package signature
+
+// Algorithm as defined in TLS 1.2
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16
+type Algorithm uint16
+
+// SignatureAlgorithm enums
+const (
+	Anonymous Algorithm = 0
+	RSA       Algorithm = 1
+	ECDSA     Algorithm = 3
+	Ed25519   Algorithm = 7
+)
+
+// Algorithms returns all implemented Signature Algorithms
+func Algorithms() map[Algorithm]struct{} {
+	return map[Algorithm]struct{}{
+		Anonymous: {},
+		RSA:       {},
+		ECDSA:     {},
+		Ed25519:   {},
+	}
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signaturehash/errors.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signaturehash/errors.go
new file mode 100644
index 0000000..4aeb3e4
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signaturehash/errors.go
@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package signaturehash
+
+import "errors"
+
+var (
+	errNoAvailableSignatureSchemes = errors.New("connection can not be created, no SignatureScheme satisfy this Config")
+	errInvalidSignatureAlgorithm   = errors.New("invalid signature algorithm")
+	errInvalidHashAlgorithm        = errors.New("invalid hash algorithm")
+)
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signaturehash/signaturehash.go b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signaturehash/signaturehash.go
new file mode 100644
index 0000000..2561acc
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/crypto/signaturehash/signaturehash.go
@@ -0,0 +1,96 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package signaturehash provides the SignatureHashAlgorithm as defined in TLS 1.2
+package signaturehash
+
+import (
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/ed25519"
+	"crypto/rsa"
+	"crypto/tls"
+	"fmt"
+
+	"github.com/pion/dtls/v2/pkg/crypto/hash"
+	"github.com/pion/dtls/v2/pkg/crypto/signature"
+)
+
+// Algorithm is a signature/hash algorithm pairs which may be used in
+// digital signatures.
+//
+// https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
+type Algorithm struct {
+	Hash      hash.Algorithm
+	Signature signature.Algorithm
+}
+
+// Algorithms are all the know SignatureHash Algorithms
+func Algorithms() []Algorithm {
+	return []Algorithm{
+		{hash.SHA256, signature.ECDSA},
+		{hash.SHA384, signature.ECDSA},
+		{hash.SHA512, signature.ECDSA},
+		{hash.SHA256, signature.RSA},
+		{hash.SHA384, signature.RSA},
+		{hash.SHA512, signature.RSA},
+		{hash.Ed25519, signature.Ed25519},
+	}
+}
+
+// SelectSignatureScheme returns most preferred and compatible scheme.
+func SelectSignatureScheme(sigs []Algorithm, privateKey crypto.PrivateKey) (Algorithm, error) {
+	for _, ss := range sigs {
+		if ss.isCompatible(privateKey) {
+			return ss, nil
+		}
+	}
+	return Algorithm{}, errNoAvailableSignatureSchemes
+}
+
+// isCompatible checks that given private key is compatible with the signature scheme.
+func (a *Algorithm) isCompatible(privateKey crypto.PrivateKey) bool {
+	switch privateKey.(type) {
+	case ed25519.PrivateKey:
+		return a.Signature == signature.Ed25519
+	case *ecdsa.PrivateKey:
+		return a.Signature == signature.ECDSA
+	case *rsa.PrivateKey:
+		return a.Signature == signature.RSA
+	default:
+		return false
+	}
+}
+
+// ParseSignatureSchemes translates []tls.SignatureScheme to []signatureHashAlgorithm.
+// It returns default signature scheme list if no SignatureScheme is passed.
+func ParseSignatureSchemes(sigs []tls.SignatureScheme, insecureHashes bool) ([]Algorithm, error) {
+	if len(sigs) == 0 {
+		return Algorithms(), nil
+	}
+	out := []Algorithm{}
+	for _, ss := range sigs {
+		sig := signature.Algorithm(ss & 0xFF)
+		if _, ok := signature.Algorithms()[sig]; !ok {
+			return nil,
+				fmt.Errorf("SignatureScheme %04x: %w", ss, errInvalidSignatureAlgorithm)
+		}
+		h := hash.Algorithm(ss >> 8)
+		if _, ok := hash.Algorithms()[h]; !ok || (ok && h == hash.None) {
+			return nil, fmt.Errorf("SignatureScheme %04x: %w", ss, errInvalidHashAlgorithm)
+		}
+		if h.Insecure() && !insecureHashes {
+			continue
+		}
+		out = append(out, Algorithm{
+			Hash:      h,
+			Signature: sig,
+		})
+	}
+
+	if len(out) == 0 {
+		return nil, errNoAvailableSignatureSchemes
+	}
+
+	return out, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/alert/alert.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/alert/alert.go
new file mode 100644
index 0000000..91e9f4d
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/alert/alert.go
@@ -0,0 +1,166 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package alert implements TLS alert protocol https://tools.ietf.org/html/rfc5246#section-7.2
+package alert
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+)
+
+var errBufferTooSmall = &protocol.TemporaryError{Err: errors.New("buffer is too small")} //nolint:goerr113
+
+// Level is the level of the TLS Alert
+type Level byte
+
+// Level enums
+const (
+	Warning Level = 1
+	Fatal   Level = 2
+)
+
+func (l Level) String() string {
+	switch l {
+	case Warning:
+		return "Warning"
+	case Fatal:
+		return "Fatal"
+	default:
+		return "Invalid alert level"
+	}
+}
+
+// Description is the extended info of the TLS Alert
+type Description byte
+
+// Description enums
+const (
+	CloseNotify            Description = 0
+	UnexpectedMessage      Description = 10
+	BadRecordMac           Description = 20
+	DecryptionFailed       Description = 21
+	RecordOverflow         Description = 22
+	DecompressionFailure   Description = 30
+	HandshakeFailure       Description = 40
+	NoCertificate          Description = 41
+	BadCertificate         Description = 42
+	UnsupportedCertificate Description = 43
+	CertificateRevoked     Description = 44
+	CertificateExpired     Description = 45
+	CertificateUnknown     Description = 46
+	IllegalParameter       Description = 47
+	UnknownCA              Description = 48
+	AccessDenied           Description = 49
+	DecodeError            Description = 50
+	DecryptError           Description = 51
+	ExportRestriction      Description = 60
+	ProtocolVersion        Description = 70
+	InsufficientSecurity   Description = 71
+	InternalError          Description = 80
+	UserCanceled           Description = 90
+	NoRenegotiation        Description = 100
+	UnsupportedExtension   Description = 110
+	NoApplicationProtocol  Description = 120
+)
+
+func (d Description) String() string {
+	switch d {
+	case CloseNotify:
+		return "CloseNotify"
+	case UnexpectedMessage:
+		return "UnexpectedMessage"
+	case BadRecordMac:
+		return "BadRecordMac"
+	case DecryptionFailed:
+		return "DecryptionFailed"
+	case RecordOverflow:
+		return "RecordOverflow"
+	case DecompressionFailure:
+		return "DecompressionFailure"
+	case HandshakeFailure:
+		return "HandshakeFailure"
+	case NoCertificate:
+		return "NoCertificate"
+	case BadCertificate:
+		return "BadCertificate"
+	case UnsupportedCertificate:
+		return "UnsupportedCertificate"
+	case CertificateRevoked:
+		return "CertificateRevoked"
+	case CertificateExpired:
+		return "CertificateExpired"
+	case CertificateUnknown:
+		return "CertificateUnknown"
+	case IllegalParameter:
+		return "IllegalParameter"
+	case UnknownCA:
+		return "UnknownCA"
+	case AccessDenied:
+		return "AccessDenied"
+	case DecodeError:
+		return "DecodeError"
+	case DecryptError:
+		return "DecryptError"
+	case ExportRestriction:
+		return "ExportRestriction"
+	case ProtocolVersion:
+		return "ProtocolVersion"
+	case InsufficientSecurity:
+		return "InsufficientSecurity"
+	case InternalError:
+		return "InternalError"
+	case UserCanceled:
+		return "UserCanceled"
+	case NoRenegotiation:
+		return "NoRenegotiation"
+	case UnsupportedExtension:
+		return "UnsupportedExtension"
+	case NoApplicationProtocol:
+		return "NoApplicationProtocol"
+	default:
+		return "Invalid alert description"
+	}
+}
+
+// Alert is one of the content types supported by the TLS record layer.
+// Alert messages convey the severity of the message
+// (warning or fatal) and a description of the alert.  Alert messages
+// with a level of fatal result in the immediate termination of the
+// connection.  In this case, other connections corresponding to the
+// session may continue, but the session identifier MUST be invalidated,
+// preventing the failed session from being used to establish new
+// connections.  Like other messages, alert messages are encrypted and
+// compressed, as specified by the current connection state.
+// https://tools.ietf.org/html/rfc5246#section-7.2
+type Alert struct {
+	Level       Level
+	Description Description
+}
+
+// ContentType returns the ContentType of this Content
+func (a Alert) ContentType() protocol.ContentType {
+	return protocol.ContentTypeAlert
+}
+
+// Marshal returns the encoded alert
+func (a *Alert) Marshal() ([]byte, error) {
+	return []byte{byte(a.Level), byte(a.Description)}, nil
+}
+
+// Unmarshal populates the alert from binary data
+func (a *Alert) Unmarshal(data []byte) error {
+	if len(data) != 2 {
+		return errBufferTooSmall
+	}
+
+	a.Level = Level(data[0])
+	a.Description = Description(data[1])
+	return nil
+}
+
+func (a *Alert) String() string {
+	return fmt.Sprintf("Alert %s: %s", a.Level, a.Description)
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/application_data.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/application_data.go
new file mode 100644
index 0000000..f422115
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/application_data.go
@@ -0,0 +1,29 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package protocol
+
+// ApplicationData messages are carried by the record layer and are
+// fragmented, compressed, and encrypted based on the current connection
+// state.  The messages are treated as transparent data to the record
+// layer.
+// https://tools.ietf.org/html/rfc5246#section-10
+type ApplicationData struct {
+	Data []byte
+}
+
+// ContentType returns the ContentType of this content
+func (a ApplicationData) ContentType() ContentType {
+	return ContentTypeApplicationData
+}
+
+// Marshal encodes the ApplicationData to binary
+func (a *ApplicationData) Marshal() ([]byte, error) {
+	return append([]byte{}, a.Data...), nil
+}
+
+// Unmarshal populates the ApplicationData from binary
+func (a *ApplicationData) Unmarshal(data []byte) error {
+	a.Data = append([]byte{}, data...)
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/change_cipher_spec.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/change_cipher_spec.go
new file mode 100644
index 0000000..87f28bc
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/change_cipher_spec.go
@@ -0,0 +1,30 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package protocol
+
+// ChangeCipherSpec protocol exists to signal transitions in
+// ciphering strategies.  The protocol consists of a single message,
+// which is encrypted and compressed under the current (not the pending)
+// connection state.  The message consists of a single byte of value 1.
+// https://tools.ietf.org/html/rfc5246#section-7.1
+type ChangeCipherSpec struct{}
+
+// ContentType returns the ContentType of this content
+func (c ChangeCipherSpec) ContentType() ContentType {
+	return ContentTypeChangeCipherSpec
+}
+
+// Marshal encodes the ChangeCipherSpec to binary
+func (c *ChangeCipherSpec) Marshal() ([]byte, error) {
+	return []byte{0x01}, nil
+}
+
+// Unmarshal populates the ChangeCipherSpec from binary
+func (c *ChangeCipherSpec) Unmarshal(data []byte) error {
+	if len(data) == 1 && data[0] == 0x01 {
+		return nil
+	}
+
+	return errInvalidCipherSpec
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/compression_method.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/compression_method.go
new file mode 100644
index 0000000..3478ee3
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/compression_method.go
@@ -0,0 +1,51 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package protocol
+
+// CompressionMethodID is the ID for a CompressionMethod
+type CompressionMethodID byte
+
+const (
+	compressionMethodNull CompressionMethodID = 0
+)
+
+// CompressionMethod represents a TLS Compression Method
+type CompressionMethod struct {
+	ID CompressionMethodID
+}
+
+// CompressionMethods returns all supported CompressionMethods
+func CompressionMethods() map[CompressionMethodID]*CompressionMethod {
+	return map[CompressionMethodID]*CompressionMethod{
+		compressionMethodNull: {ID: compressionMethodNull},
+	}
+}
+
+// DecodeCompressionMethods the given compression methods
+func DecodeCompressionMethods(buf []byte) ([]*CompressionMethod, error) {
+	if len(buf) < 1 {
+		return nil, errBufferTooSmall
+	}
+	compressionMethodsCount := int(buf[0])
+	c := []*CompressionMethod{}
+	for i := 0; i < compressionMethodsCount; i++ {
+		if len(buf) <= i+1 {
+			return nil, errBufferTooSmall
+		}
+		id := CompressionMethodID(buf[i+1])
+		if compressionMethod, ok := CompressionMethods()[id]; ok {
+			c = append(c, compressionMethod)
+		}
+	}
+	return c, nil
+}
+
+// EncodeCompressionMethods the given compression methods
+func EncodeCompressionMethods(c []*CompressionMethod) []byte {
+	out := []byte{byte(len(c))}
+	for i := len(c); i > 0; i-- {
+		out = append(out, byte(c[i-1].ID))
+	}
+	return out
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/content.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/content.go
new file mode 100644
index 0000000..92c9db2
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/content.go
@@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package protocol
+
+// ContentType represents the IANA Registered ContentTypes
+//
+// https://tools.ietf.org/html/rfc4346#section-6.2.1
+type ContentType uint8
+
+// ContentType enums
+const (
+	ContentTypeChangeCipherSpec ContentType = 20
+	ContentTypeAlert            ContentType = 21
+	ContentTypeHandshake        ContentType = 22
+	ContentTypeApplicationData  ContentType = 23
+)
+
+// Content is the top level distinguisher for a DTLS Datagram
+type Content interface {
+	ContentType() ContentType
+	Marshal() ([]byte, error)
+	Unmarshal(data []byte) error
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/errors.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/errors.go
new file mode 100644
index 0000000..d87aff7
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/errors.go
@@ -0,0 +1,109 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package protocol
+
+import (
+	"errors"
+	"fmt"
+	"net"
+)
+
+var (
+	errBufferTooSmall    = &TemporaryError{Err: errors.New("buffer is too small")} //nolint:goerr113
+	errInvalidCipherSpec = &FatalError{Err: errors.New("cipher spec invalid")}     //nolint:goerr113
+)
+
+// FatalError indicates that the DTLS connection is no longer available.
+// It is mainly caused by wrong configuration of server or client.
+type FatalError struct {
+	Err error
+}
+
+// InternalError indicates and internal error caused by the implementation, and the DTLS connection is no longer available.
+// It is mainly caused by bugs or tried to use unimplemented features.
+type InternalError struct {
+	Err error
+}
+
+// TemporaryError indicates that the DTLS connection is still available, but the request was failed temporary.
+type TemporaryError struct {
+	Err error
+}
+
+// TimeoutError indicates that the request was timed out.
+type TimeoutError struct {
+	Err error
+}
+
+// HandshakeError indicates that the handshake failed.
+type HandshakeError struct {
+	Err error
+}
+
+// Timeout implements net.Error.Timeout()
+func (*FatalError) Timeout() bool { return false }
+
+// Temporary implements net.Error.Temporary()
+func (*FatalError) Temporary() bool { return false }
+
+// Unwrap implements Go1.13 error unwrapper.
+func (e *FatalError) Unwrap() error { return e.Err }
+
+func (e *FatalError) Error() string { return fmt.Sprintf("dtls fatal: %v", e.Err) }
+
+// Timeout implements net.Error.Timeout()
+func (*InternalError) Timeout() bool { return false }
+
+// Temporary implements net.Error.Temporary()
+func (*InternalError) Temporary() bool { return false }
+
+// Unwrap implements Go1.13 error unwrapper.
+func (e *InternalError) Unwrap() error { return e.Err }
+
+func (e *InternalError) Error() string { return fmt.Sprintf("dtls internal: %v", e.Err) }
+
+// Timeout implements net.Error.Timeout()
+func (*TemporaryError) Timeout() bool { return false }
+
+// Temporary implements net.Error.Temporary()
+func (*TemporaryError) Temporary() bool { return true }
+
+// Unwrap implements Go1.13 error unwrapper.
+func (e *TemporaryError) Unwrap() error { return e.Err }
+
+func (e *TemporaryError) Error() string { return fmt.Sprintf("dtls temporary: %v", e.Err) }
+
+// Timeout implements net.Error.Timeout()
+func (*TimeoutError) Timeout() bool { return true }
+
+// Temporary implements net.Error.Temporary()
+func (*TimeoutError) Temporary() bool { return true }
+
+// Unwrap implements Go1.13 error unwrapper.
+func (e *TimeoutError) Unwrap() error { return e.Err }
+
+func (e *TimeoutError) Error() string { return fmt.Sprintf("dtls timeout: %v", e.Err) }
+
+// Timeout implements net.Error.Timeout()
+func (e *HandshakeError) Timeout() bool {
+	var netErr net.Error
+	if errors.As(e.Err, &netErr) {
+		return netErr.Timeout()
+	}
+	return false
+}
+
+// Temporary implements net.Error.Temporary()
+func (e *HandshakeError) Temporary() bool {
+	var netErr net.Error
+	if errors.As(e.Err, &netErr) {
+		return netErr.Temporary() //nolint
+	}
+	return false
+}
+
+// Unwrap implements Go1.13 error unwrapper.
+func (e *HandshakeError) Unwrap() error { return e.Err }
+
+func (e *HandshakeError) Error() string { return fmt.Sprintf("handshake error: %v", e.Err) }
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/alpn.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/alpn.go
new file mode 100644
index 0000000..e780dc9
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/alpn.go
@@ -0,0 +1,80 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import (
+	"golang.org/x/crypto/cryptobyte"
+)
+
+// ALPN is a TLS extension for application-layer protocol negotiation within
+// the TLS handshake.
+//
+// https://tools.ietf.org/html/rfc7301
+type ALPN struct {
+	ProtocolNameList []string
+}
+
+// TypeValue returns the extension TypeValue
+func (a ALPN) TypeValue() TypeValue {
+	return ALPNTypeValue
+}
+
+// Marshal encodes the extension
+func (a *ALPN) Marshal() ([]byte, error) {
+	var b cryptobyte.Builder
+	b.AddUint16(uint16(a.TypeValue()))
+	b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+		b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+			for _, proto := range a.ProtocolNameList {
+				p := proto // Satisfy range scope lint
+				b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+					b.AddBytes([]byte(p))
+				})
+			}
+		})
+	})
+	return b.Bytes()
+}
+
+// Unmarshal populates the extension from encoded data
+func (a *ALPN) Unmarshal(data []byte) error {
+	val := cryptobyte.String(data)
+
+	var extension uint16
+	val.ReadUint16(&extension)
+	if TypeValue(extension) != a.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	var extData cryptobyte.String
+	val.ReadUint16LengthPrefixed(&extData)
+
+	var protoList cryptobyte.String
+	if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+		return ErrALPNInvalidFormat
+	}
+	for !protoList.Empty() {
+		var proto cryptobyte.String
+		if !protoList.ReadUint8LengthPrefixed(&proto) || proto.Empty() {
+			return ErrALPNInvalidFormat
+		}
+		a.ProtocolNameList = append(a.ProtocolNameList, string(proto))
+	}
+	return nil
+}
+
+// ALPNProtocolSelection negotiates a shared protocol according to #3.2 of rfc7301
+func ALPNProtocolSelection(supportedProtocols, peerSupportedProtocols []string) (string, error) {
+	if len(supportedProtocols) == 0 || len(peerSupportedProtocols) == 0 {
+		return "", nil
+	}
+	for _, s := range supportedProtocols {
+		for _, c := range peerSupportedProtocols {
+			if s == c {
+				return s, nil
+			}
+		}
+	}
+	return "", errALPNNoAppProto
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/errors.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/errors.go
new file mode 100644
index 0000000..c5e954c
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/errors.go
@@ -0,0 +1,20 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import (
+	"errors"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+)
+
+var (
+	// ErrALPNInvalidFormat is raised when the ALPN format is invalid
+	ErrALPNInvalidFormat    = &protocol.FatalError{Err: errors.New("invalid alpn format")}                             //nolint:goerr113
+	errALPNNoAppProto       = &protocol.FatalError{Err: errors.New("no application protocol")}                         //nolint:goerr113
+	errBufferTooSmall       = &protocol.TemporaryError{Err: errors.New("buffer is too small")}                         //nolint:goerr113
+	errInvalidExtensionType = &protocol.FatalError{Err: errors.New("invalid extension type")}                          //nolint:goerr113
+	errInvalidSNIFormat     = &protocol.FatalError{Err: errors.New("invalid server name format")}                      //nolint:goerr113
+	errLengthMismatch       = &protocol.InternalError{Err: errors.New("data length and declared length do not match")} //nolint:goerr113
+)
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/extension.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/extension.go
new file mode 100644
index 0000000..5173a58
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/extension.go
@@ -0,0 +1,102 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package extension implements the extension values in the ClientHello/ServerHello
+package extension
+
+import "encoding/binary"
+
+// TypeValue is the 2 byte value for a TLS Extension as registered in the IANA
+//
+// https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
+type TypeValue uint16
+
+// TypeValue constants
+const (
+	ServerNameTypeValue                   TypeValue = 0
+	SupportedEllipticCurvesTypeValue      TypeValue = 10
+	SupportedPointFormatsTypeValue        TypeValue = 11
+	SupportedSignatureAlgorithmsTypeValue TypeValue = 13
+	UseSRTPTypeValue                      TypeValue = 14
+	ALPNTypeValue                         TypeValue = 16
+	UseExtendedMasterSecretTypeValue      TypeValue = 23
+	RenegotiationInfoTypeValue            TypeValue = 65281
+)
+
+// Extension represents a single TLS extension
+type Extension interface {
+	Marshal() ([]byte, error)
+	Unmarshal(data []byte) error
+	TypeValue() TypeValue
+}
+
+// Unmarshal many extensions at once
+func Unmarshal(buf []byte) ([]Extension, error) {
+	switch {
+	case len(buf) == 0:
+		return []Extension{}, nil
+	case len(buf) < 2:
+		return nil, errBufferTooSmall
+	}
+
+	declaredLen := binary.BigEndian.Uint16(buf)
+	if len(buf)-2 != int(declaredLen) {
+		return nil, errLengthMismatch
+	}
+
+	extensions := []Extension{}
+	unmarshalAndAppend := func(data []byte, e Extension) error {
+		err := e.Unmarshal(data)
+		if err != nil {
+			return err
+		}
+		extensions = append(extensions, e)
+		return nil
+	}
+
+	for offset := 2; offset < len(buf); {
+		if len(buf) < (offset + 2) {
+			return nil, errBufferTooSmall
+		}
+		var err error
+		switch TypeValue(binary.BigEndian.Uint16(buf[offset:])) {
+		case ServerNameTypeValue:
+			err = unmarshalAndAppend(buf[offset:], &ServerName{})
+		case SupportedEllipticCurvesTypeValue:
+			err = unmarshalAndAppend(buf[offset:], &SupportedEllipticCurves{})
+		case UseSRTPTypeValue:
+			err = unmarshalAndAppend(buf[offset:], &UseSRTP{})
+		case ALPNTypeValue:
+			err = unmarshalAndAppend(buf[offset:], &ALPN{})
+		case UseExtendedMasterSecretTypeValue:
+			err = unmarshalAndAppend(buf[offset:], &UseExtendedMasterSecret{})
+		case RenegotiationInfoTypeValue:
+			err = unmarshalAndAppend(buf[offset:], &RenegotiationInfo{})
+		default:
+		}
+		if err != nil {
+			return nil, err
+		}
+		if len(buf) < (offset + 4) {
+			return nil, errBufferTooSmall
+		}
+		extensionLength := binary.BigEndian.Uint16(buf[offset+2:])
+		offset += (4 + int(extensionLength))
+	}
+	return extensions, nil
+}
+
+// Marshal many extensions at once
+func Marshal(e []Extension) ([]byte, error) {
+	extensions := []byte{}
+	for _, e := range e {
+		raw, err := e.Marshal()
+		if err != nil {
+			return nil, err
+		}
+		extensions = append(extensions, raw...)
+	}
+	out := []byte{0x00, 0x00}
+	binary.BigEndian.PutUint16(out, uint16(len(extensions)))
+	return append(out, extensions...), nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/renegotiation_info.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/renegotiation_info.go
new file mode 100644
index 0000000..c5092a7
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/renegotiation_info.go
@@ -0,0 +1,46 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import "encoding/binary"
+
+const (
+	renegotiationInfoHeaderSize = 5
+)
+
+// RenegotiationInfo allows a Client/Server to
+// communicate their renegotation support
+//
+// https://tools.ietf.org/html/rfc5746
+type RenegotiationInfo struct {
+	RenegotiatedConnection uint8
+}
+
+// TypeValue returns the extension TypeValue
+func (r RenegotiationInfo) TypeValue() TypeValue {
+	return RenegotiationInfoTypeValue
+}
+
+// Marshal encodes the extension
+func (r *RenegotiationInfo) Marshal() ([]byte, error) {
+	out := make([]byte, renegotiationInfoHeaderSize)
+
+	binary.BigEndian.PutUint16(out, uint16(r.TypeValue()))
+	binary.BigEndian.PutUint16(out[2:], uint16(1)) // length
+	out[4] = r.RenegotiatedConnection
+	return out, nil
+}
+
+// Unmarshal populates the extension from encoded data
+func (r *RenegotiationInfo) Unmarshal(data []byte) error {
+	if len(data) < renegotiationInfoHeaderSize {
+		return errBufferTooSmall
+	} else if TypeValue(binary.BigEndian.Uint16(data)) != r.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	r.RenegotiatedConnection = data[4]
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/server_name.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/server_name.go
new file mode 100644
index 0000000..183e08e
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/server_name.go
@@ -0,0 +1,81 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import (
+	"strings"
+
+	"golang.org/x/crypto/cryptobyte"
+)
+
+const serverNameTypeDNSHostName = 0
+
+// ServerName allows the client to inform the server the specific
+// name it wishes to contact. Useful if multiple DNS names resolve
+// to one IP
+//
+// https://tools.ietf.org/html/rfc6066#section-3
+type ServerName struct {
+	ServerName string
+}
+
+// TypeValue returns the extension TypeValue
+func (s ServerName) TypeValue() TypeValue {
+	return ServerNameTypeValue
+}
+
+// Marshal encodes the extension
+func (s *ServerName) Marshal() ([]byte, error) {
+	var b cryptobyte.Builder
+	b.AddUint16(uint16(s.TypeValue()))
+	b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+		b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+			b.AddUint8(serverNameTypeDNSHostName)
+			b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+				b.AddBytes([]byte(s.ServerName))
+			})
+		})
+	})
+	return b.Bytes()
+}
+
+// Unmarshal populates the extension from encoded data
+func (s *ServerName) Unmarshal(data []byte) error {
+	val := cryptobyte.String(data)
+	var extension uint16
+	val.ReadUint16(&extension)
+	if TypeValue(extension) != s.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	var extData cryptobyte.String
+	val.ReadUint16LengthPrefixed(&extData)
+
+	var nameList cryptobyte.String
+	if !extData.ReadUint16LengthPrefixed(&nameList) || nameList.Empty() {
+		return errInvalidSNIFormat
+	}
+	for !nameList.Empty() {
+		var nameType uint8
+		var serverName cryptobyte.String
+		if !nameList.ReadUint8(&nameType) ||
+			!nameList.ReadUint16LengthPrefixed(&serverName) ||
+			serverName.Empty() {
+			return errInvalidSNIFormat
+		}
+		if nameType != serverNameTypeDNSHostName {
+			continue
+		}
+		if len(s.ServerName) != 0 {
+			// Multiple names of the same name_type are prohibited.
+			return errInvalidSNIFormat
+		}
+		s.ServerName = string(serverName)
+		// An SNI value may not include a trailing dot.
+		if strings.HasSuffix(s.ServerName, ".") {
+			return errInvalidSNIFormat
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/srtp_protection_profile.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/srtp_protection_profile.go
new file mode 100644
index 0000000..75a8c2e
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/srtp_protection_profile.go
@@ -0,0 +1,32 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+// SRTPProtectionProfile defines the parameters and options that are in effect for the SRTP processing
+// https://tools.ietf.org/html/rfc5764#section-4.1.2
+type SRTPProtectionProfile uint16
+
+const (
+	SRTP_AES128_CM_HMAC_SHA1_80 SRTPProtectionProfile = 0x0001 // nolint
+	SRTP_AES128_CM_HMAC_SHA1_32 SRTPProtectionProfile = 0x0002 // nolint
+	SRTP_AES256_CM_SHA1_80      SRTPProtectionProfile = 0x0003 // nolint
+	SRTP_AES256_CM_SHA1_32      SRTPProtectionProfile = 0x0004 // nolint
+	SRTP_NULL_HMAC_SHA1_80      SRTPProtectionProfile = 0x0005 // nolint
+	SRTP_NULL_HMAC_SHA1_32      SRTPProtectionProfile = 0x0006 // nolint
+	SRTP_AEAD_AES_128_GCM       SRTPProtectionProfile = 0x0007 // nolint
+	SRTP_AEAD_AES_256_GCM       SRTPProtectionProfile = 0x0008 // nolint
+)
+
+func srtpProtectionProfiles() map[SRTPProtectionProfile]bool {
+	return map[SRTPProtectionProfile]bool{
+		SRTP_AES128_CM_HMAC_SHA1_80: true,
+		SRTP_AES128_CM_HMAC_SHA1_32: true,
+		SRTP_AES256_CM_SHA1_80:      true,
+		SRTP_AES256_CM_SHA1_32:      true,
+		SRTP_NULL_HMAC_SHA1_80:      true,
+		SRTP_NULL_HMAC_SHA1_32:      true,
+		SRTP_AEAD_AES_128_GCM:       true,
+		SRTP_AEAD_AES_256_GCM:       true,
+	}
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_elliptic_curves.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_elliptic_curves.go
new file mode 100644
index 0000000..dd9b54f
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_elliptic_curves.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+)
+
+const (
+	supportedGroupsHeaderSize = 6
+)
+
+// SupportedEllipticCurves allows a Client/Server to communicate
+// what curves they both support
+//
+// https://tools.ietf.org/html/rfc8422#section-5.1.1
+type SupportedEllipticCurves struct {
+	EllipticCurves []elliptic.Curve
+}
+
+// TypeValue returns the extension TypeValue
+func (s SupportedEllipticCurves) TypeValue() TypeValue {
+	return SupportedEllipticCurvesTypeValue
+}
+
+// Marshal encodes the extension
+func (s *SupportedEllipticCurves) Marshal() ([]byte, error) {
+	out := make([]byte, supportedGroupsHeaderSize)
+
+	binary.BigEndian.PutUint16(out, uint16(s.TypeValue()))
+	binary.BigEndian.PutUint16(out[2:], uint16(2+(len(s.EllipticCurves)*2)))
+	binary.BigEndian.PutUint16(out[4:], uint16(len(s.EllipticCurves)*2))
+
+	for _, v := range s.EllipticCurves {
+		out = append(out, []byte{0x00, 0x00}...)
+		binary.BigEndian.PutUint16(out[len(out)-2:], uint16(v))
+	}
+
+	return out, nil
+}
+
+// Unmarshal populates the extension from encoded data
+func (s *SupportedEllipticCurves) Unmarshal(data []byte) error {
+	if len(data) <= supportedGroupsHeaderSize {
+		return errBufferTooSmall
+	} else if TypeValue(binary.BigEndian.Uint16(data)) != s.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	groupCount := int(binary.BigEndian.Uint16(data[4:]) / 2)
+	if supportedGroupsHeaderSize+(groupCount*2) > len(data) {
+		return errLengthMismatch
+	}
+
+	for i := 0; i < groupCount; i++ {
+		supportedGroupID := elliptic.Curve(binary.BigEndian.Uint16(data[(supportedGroupsHeaderSize + (i * 2)):]))
+		if _, ok := elliptic.Curves()[supportedGroupID]; ok {
+			s.EllipticCurves = append(s.EllipticCurves, supportedGroupID)
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_point_formats.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_point_formats.go
new file mode 100644
index 0000000..9c2543e
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_point_formats.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+)
+
+const (
+	supportedPointFormatsSize = 5
+)
+
+// SupportedPointFormats allows a Client/Server to negotiate
+// the EllipticCurvePointFormats
+//
+// https://tools.ietf.org/html/rfc4492#section-5.1.2
+type SupportedPointFormats struct {
+	PointFormats []elliptic.CurvePointFormat
+}
+
+// TypeValue returns the extension TypeValue
+func (s SupportedPointFormats) TypeValue() TypeValue {
+	return SupportedPointFormatsTypeValue
+}
+
+// Marshal encodes the extension
+func (s *SupportedPointFormats) Marshal() ([]byte, error) {
+	out := make([]byte, supportedPointFormatsSize)
+
+	binary.BigEndian.PutUint16(out, uint16(s.TypeValue()))
+	binary.BigEndian.PutUint16(out[2:], uint16(1+(len(s.PointFormats))))
+	out[4] = byte(len(s.PointFormats))
+
+	for _, v := range s.PointFormats {
+		out = append(out, byte(v))
+	}
+	return out, nil
+}
+
+// Unmarshal populates the extension from encoded data
+func (s *SupportedPointFormats) Unmarshal(data []byte) error {
+	if len(data) <= supportedPointFormatsSize {
+		return errBufferTooSmall
+	} else if TypeValue(binary.BigEndian.Uint16(data)) != s.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	pointFormatCount := int(binary.BigEndian.Uint16(data[4:]))
+	if supportedGroupsHeaderSize+(pointFormatCount) > len(data) {
+		return errLengthMismatch
+	}
+
+	for i := 0; i < pointFormatCount; i++ {
+		p := elliptic.CurvePointFormat(data[supportedPointFormatsSize+i])
+		switch p {
+		case elliptic.CurvePointFormatUncompressed:
+			s.PointFormats = append(s.PointFormats, p)
+		default:
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_signature_algorithms.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_signature_algorithms.go
new file mode 100644
index 0000000..2ff4b90
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/supported_signature_algorithms.go
@@ -0,0 +1,73 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/pkg/crypto/hash"
+	"github.com/pion/dtls/v2/pkg/crypto/signature"
+	"github.com/pion/dtls/v2/pkg/crypto/signaturehash"
+)
+
+const (
+	supportedSignatureAlgorithmsHeaderSize = 6
+)
+
+// SupportedSignatureAlgorithms allows a Client/Server to
+// negotiate what SignatureHash Algorithms they both support
+//
+// https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
+type SupportedSignatureAlgorithms struct {
+	SignatureHashAlgorithms []signaturehash.Algorithm
+}
+
+// TypeValue returns the extension TypeValue
+func (s SupportedSignatureAlgorithms) TypeValue() TypeValue {
+	return SupportedSignatureAlgorithmsTypeValue
+}
+
+// Marshal encodes the extension
+func (s *SupportedSignatureAlgorithms) Marshal() ([]byte, error) {
+	out := make([]byte, supportedSignatureAlgorithmsHeaderSize)
+
+	binary.BigEndian.PutUint16(out, uint16(s.TypeValue()))
+	binary.BigEndian.PutUint16(out[2:], uint16(2+(len(s.SignatureHashAlgorithms)*2)))
+	binary.BigEndian.PutUint16(out[4:], uint16(len(s.SignatureHashAlgorithms)*2))
+	for _, v := range s.SignatureHashAlgorithms {
+		out = append(out, []byte{0x00, 0x00}...)
+		out[len(out)-2] = byte(v.Hash)
+		out[len(out)-1] = byte(v.Signature)
+	}
+
+	return out, nil
+}
+
+// Unmarshal populates the extension from encoded data
+func (s *SupportedSignatureAlgorithms) Unmarshal(data []byte) error {
+	if len(data) <= supportedSignatureAlgorithmsHeaderSize {
+		return errBufferTooSmall
+	} else if TypeValue(binary.BigEndian.Uint16(data)) != s.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	algorithmCount := int(binary.BigEndian.Uint16(data[4:]) / 2)
+	if supportedSignatureAlgorithmsHeaderSize+(algorithmCount*2) > len(data) {
+		return errLengthMismatch
+	}
+	for i := 0; i < algorithmCount; i++ {
+		supportedHashAlgorithm := hash.Algorithm(data[supportedSignatureAlgorithmsHeaderSize+(i*2)])
+		supportedSignatureAlgorithm := signature.Algorithm(data[supportedSignatureAlgorithmsHeaderSize+(i*2)+1])
+		if _, ok := hash.Algorithms()[supportedHashAlgorithm]; ok {
+			if _, ok := signature.Algorithms()[supportedSignatureAlgorithm]; ok {
+				s.SignatureHashAlgorithms = append(s.SignatureHashAlgorithms, signaturehash.Algorithm{
+					Hash:      supportedHashAlgorithm,
+					Signature: supportedSignatureAlgorithm,
+				})
+			}
+		}
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_master_secret.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_master_secret.go
new file mode 100644
index 0000000..d0b70ca
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_master_secret.go
@@ -0,0 +1,48 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import "encoding/binary"
+
+const (
+	useExtendedMasterSecretHeaderSize = 4
+)
+
+// UseExtendedMasterSecret defines a TLS extension that contextually binds the
+// master secret to a log of the full handshake that computes it, thus
+// preventing MITM attacks.
+type UseExtendedMasterSecret struct {
+	Supported bool
+}
+
+// TypeValue returns the extension TypeValue
+func (u UseExtendedMasterSecret) TypeValue() TypeValue {
+	return UseExtendedMasterSecretTypeValue
+}
+
+// Marshal encodes the extension
+func (u *UseExtendedMasterSecret) Marshal() ([]byte, error) {
+	if !u.Supported {
+		return []byte{}, nil
+	}
+
+	out := make([]byte, useExtendedMasterSecretHeaderSize)
+
+	binary.BigEndian.PutUint16(out, uint16(u.TypeValue()))
+	binary.BigEndian.PutUint16(out[2:], uint16(0)) // length
+	return out, nil
+}
+
+// Unmarshal populates the extension from encoded data
+func (u *UseExtendedMasterSecret) Unmarshal(data []byte) error {
+	if len(data) < useExtendedMasterSecretHeaderSize {
+		return errBufferTooSmall
+	} else if TypeValue(binary.BigEndian.Uint16(data)) != u.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	u.Supported = true
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_srtp.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_srtp.go
new file mode 100644
index 0000000..ea9f108
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_srtp.go
@@ -0,0 +1,62 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package extension
+
+import "encoding/binary"
+
+const (
+	useSRTPHeaderSize = 6
+)
+
+// UseSRTP allows a Client/Server to negotiate what SRTPProtectionProfiles
+// they both support
+//
+// https://tools.ietf.org/html/rfc8422
+type UseSRTP struct {
+	ProtectionProfiles []SRTPProtectionProfile
+}
+
+// TypeValue returns the extension TypeValue
+func (u UseSRTP) TypeValue() TypeValue {
+	return UseSRTPTypeValue
+}
+
+// Marshal encodes the extension
+func (u *UseSRTP) Marshal() ([]byte, error) {
+	out := make([]byte, useSRTPHeaderSize)
+
+	binary.BigEndian.PutUint16(out, uint16(u.TypeValue()))
+	binary.BigEndian.PutUint16(out[2:], uint16(2+(len(u.ProtectionProfiles)*2)+ /* MKI Length */ 1))
+	binary.BigEndian.PutUint16(out[4:], uint16(len(u.ProtectionProfiles)*2))
+
+	for _, v := range u.ProtectionProfiles {
+		out = append(out, []byte{0x00, 0x00}...)
+		binary.BigEndian.PutUint16(out[len(out)-2:], uint16(v))
+	}
+
+	out = append(out, 0x00) /* MKI Length */
+	return out, nil
+}
+
+// Unmarshal populates the extension from encoded data
+func (u *UseSRTP) Unmarshal(data []byte) error {
+	if len(data) <= useSRTPHeaderSize {
+		return errBufferTooSmall
+	} else if TypeValue(binary.BigEndian.Uint16(data)) != u.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	profileCount := int(binary.BigEndian.Uint16(data[4:]) / 2)
+	if supportedGroupsHeaderSize+(profileCount*2) > len(data) {
+		return errLengthMismatch
+	}
+
+	for i := 0; i < profileCount; i++ {
+		supportedProfile := SRTPProtectionProfile(binary.BigEndian.Uint16(data[(useSRTPHeaderSize + (i * 2)):]))
+		if _, ok := srtpProtectionProfiles()[supportedProfile]; ok {
+			u.ProtectionProfiles = append(u.ProtectionProfiles, supportedProfile)
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/cipher_suite.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/cipher_suite.go
new file mode 100644
index 0000000..b296297
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/cipher_suite.go
@@ -0,0 +1,32 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import "encoding/binary"
+
+func decodeCipherSuiteIDs(buf []byte) ([]uint16, error) {
+	if len(buf) < 2 {
+		return nil, errBufferTooSmall
+	}
+	cipherSuitesCount := int(binary.BigEndian.Uint16(buf[0:])) / 2
+	rtrn := make([]uint16, cipherSuitesCount)
+	for i := 0; i < cipherSuitesCount; i++ {
+		if len(buf) < (i*2 + 4) {
+			return nil, errBufferTooSmall
+		}
+
+		rtrn[i] = binary.BigEndian.Uint16(buf[(i*2)+2:])
+	}
+	return rtrn, nil
+}
+
+func encodeCipherSuiteIDs(cipherSuiteIDs []uint16) []byte {
+	out := []byte{0x00, 0x00}
+	binary.BigEndian.PutUint16(out[len(out)-2:], uint16(len(cipherSuiteIDs)*2))
+	for _, id := range cipherSuiteIDs {
+		out = append(out, []byte{0x00, 0x00}...)
+		binary.BigEndian.PutUint16(out[len(out)-2:], id)
+	}
+	return out
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/errors.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/errors.go
new file mode 100644
index 0000000..1354300
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/errors.go
@@ -0,0 +1,28 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"errors"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+)
+
+// Typed errors
+var (
+	errUnableToMarshalFragmented = &protocol.InternalError{Err: errors.New("unable to marshal fragmented handshakes")}                               //nolint:goerr113
+	errHandshakeMessageUnset     = &protocol.InternalError{Err: errors.New("handshake message unset, unable to marshal")}                            //nolint:goerr113
+	errBufferTooSmall            = &protocol.TemporaryError{Err: errors.New("buffer is too small")}                                                  //nolint:goerr113
+	errLengthMismatch            = &protocol.InternalError{Err: errors.New("data length and declared length do not match")}                          //nolint:goerr113
+	errInvalidClientKeyExchange  = &protocol.FatalError{Err: errors.New("unable to determine if ClientKeyExchange is a public key or PSK Identity")} //nolint:goerr113
+	errInvalidHashAlgorithm      = &protocol.FatalError{Err: errors.New("invalid hash algorithm")}                                                   //nolint:goerr113
+	errInvalidSignatureAlgorithm = &protocol.FatalError{Err: errors.New("invalid signature algorithm")}                                              //nolint:goerr113
+	errCookieTooLong             = &protocol.FatalError{Err: errors.New("cookie must not be longer then 255 bytes")}                                 //nolint:goerr113
+	errInvalidEllipticCurveType  = &protocol.FatalError{Err: errors.New("invalid or unknown elliptic curve type")}                                   //nolint:goerr113
+	errInvalidNamedCurve         = &protocol.FatalError{Err: errors.New("invalid named curve")}                                                      //nolint:goerr113
+	errCipherSuiteUnset          = &protocol.FatalError{Err: errors.New("server hello can not be created without a cipher suite")}                   //nolint:goerr113
+	errCompressionMethodUnset    = &protocol.FatalError{Err: errors.New("server hello can not be created without a compression method")}             //nolint:goerr113
+	errInvalidCompressionMethod  = &protocol.FatalError{Err: errors.New("invalid or unknown compression method")}                                    //nolint:goerr113
+	errNotImplemented            = &protocol.InternalError{Err: errors.New("feature has not been implemented yet")}                                  //nolint:goerr113
+)
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/handshake.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/handshake.go
new file mode 100644
index 0000000..b1f682b
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/handshake.go
@@ -0,0 +1,150 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package handshake provides the DTLS wire protocol for handshakes
+package handshake
+
+import (
+	"github.com/pion/dtls/v2/internal/ciphersuite/types"
+	"github.com/pion/dtls/v2/internal/util"
+	"github.com/pion/dtls/v2/pkg/protocol"
+)
+
+// Type is the unique identifier for each handshake message
+// https://tools.ietf.org/html/rfc5246#section-7.4
+type Type uint8
+
+// Types of DTLS Handshake messages we know about
+const (
+	TypeHelloRequest       Type = 0
+	TypeClientHello        Type = 1
+	TypeServerHello        Type = 2
+	TypeHelloVerifyRequest Type = 3
+	TypeCertificate        Type = 11
+	TypeServerKeyExchange  Type = 12
+	TypeCertificateRequest Type = 13
+	TypeServerHelloDone    Type = 14
+	TypeCertificateVerify  Type = 15
+	TypeClientKeyExchange  Type = 16
+	TypeFinished           Type = 20
+)
+
+// String returns the string representation of this type
+func (t Type) String() string {
+	switch t {
+	case TypeHelloRequest:
+		return "HelloRequest"
+	case TypeClientHello:
+		return "ClientHello"
+	case TypeServerHello:
+		return "ServerHello"
+	case TypeHelloVerifyRequest:
+		return "HelloVerifyRequest"
+	case TypeCertificate:
+		return "TypeCertificate"
+	case TypeServerKeyExchange:
+		return "ServerKeyExchange"
+	case TypeCertificateRequest:
+		return "CertificateRequest"
+	case TypeServerHelloDone:
+		return "ServerHelloDone"
+	case TypeCertificateVerify:
+		return "CertificateVerify"
+	case TypeClientKeyExchange:
+		return "ClientKeyExchange"
+	case TypeFinished:
+		return "Finished"
+	}
+	return ""
+}
+
+// Message is the body of a Handshake datagram
+type Message interface {
+	Marshal() ([]byte, error)
+	Unmarshal(data []byte) error
+	Type() Type
+}
+
+// Handshake protocol is responsible for selecting a cipher spec and
+// generating a master secret, which together comprise the primary
+// cryptographic parameters associated with a secure session.  The
+// handshake protocol can also optionally authenticate parties who have
+// certificates signed by a trusted certificate authority.
+// https://tools.ietf.org/html/rfc5246#section-7.3
+type Handshake struct {
+	Header  Header
+	Message Message
+
+	KeyExchangeAlgorithm types.KeyExchangeAlgorithm
+}
+
+// ContentType returns what kind of content this message is carying
+func (h Handshake) ContentType() protocol.ContentType {
+	return protocol.ContentTypeHandshake
+}
+
+// Marshal encodes a handshake into a binary message
+func (h *Handshake) Marshal() ([]byte, error) {
+	if h.Message == nil {
+		return nil, errHandshakeMessageUnset
+	} else if h.Header.FragmentOffset != 0 {
+		return nil, errUnableToMarshalFragmented
+	}
+
+	msg, err := h.Message.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	h.Header.Length = uint32(len(msg))
+	h.Header.FragmentLength = h.Header.Length
+	h.Header.Type = h.Message.Type()
+	header, err := h.Header.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	return append(header, msg...), nil
+}
+
+// Unmarshal decodes a handshake from a binary message
+func (h *Handshake) Unmarshal(data []byte) error {
+	if err := h.Header.Unmarshal(data); err != nil {
+		return err
+	}
+
+	reportedLen := util.BigEndianUint24(data[1:])
+	if uint32(len(data)-HeaderLength) != reportedLen {
+		return errLengthMismatch
+	} else if reportedLen != h.Header.FragmentLength {
+		return errLengthMismatch
+	}
+
+	switch Type(data[0]) {
+	case TypeHelloRequest:
+		return errNotImplemented
+	case TypeClientHello:
+		h.Message = &MessageClientHello{}
+	case TypeHelloVerifyRequest:
+		h.Message = &MessageHelloVerifyRequest{}
+	case TypeServerHello:
+		h.Message = &MessageServerHello{}
+	case TypeCertificate:
+		h.Message = &MessageCertificate{}
+	case TypeServerKeyExchange:
+		h.Message = &MessageServerKeyExchange{KeyExchangeAlgorithm: h.KeyExchangeAlgorithm}
+	case TypeCertificateRequest:
+		h.Message = &MessageCertificateRequest{}
+	case TypeServerHelloDone:
+		h.Message = &MessageServerHelloDone{}
+	case TypeClientKeyExchange:
+		h.Message = &MessageClientKeyExchange{KeyExchangeAlgorithm: h.KeyExchangeAlgorithm}
+	case TypeFinished:
+		h.Message = &MessageFinished{}
+	case TypeCertificateVerify:
+		h.Message = &MessageCertificateVerify{}
+	default:
+		return errNotImplemented
+	}
+	return h.Message.Unmarshal(data[HeaderLength:])
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/header.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/header.go
new file mode 100644
index 0000000..4f9a962
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/header.go
@@ -0,0 +1,53 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/internal/util"
+)
+
+// HeaderLength msg_len for Handshake messages assumes an extra
+// 12 bytes for sequence, fragment and version information vs TLS
+const HeaderLength = 12
+
+// Header is the static first 12 bytes of each RecordLayer
+// of type Handshake. These fields allow us to support message loss, reordering, and
+// message fragmentation,
+//
+// https://tools.ietf.org/html/rfc6347#section-4.2.2
+type Header struct {
+	Type            Type
+	Length          uint32 // uint24 in spec
+	MessageSequence uint16
+	FragmentOffset  uint32 // uint24 in spec
+	FragmentLength  uint32 // uint24 in spec
+}
+
+// Marshal encodes the Header
+func (h *Header) Marshal() ([]byte, error) {
+	out := make([]byte, HeaderLength)
+
+	out[0] = byte(h.Type)
+	util.PutBigEndianUint24(out[1:], h.Length)
+	binary.BigEndian.PutUint16(out[4:], h.MessageSequence)
+	util.PutBigEndianUint24(out[6:], h.FragmentOffset)
+	util.PutBigEndianUint24(out[9:], h.FragmentLength)
+	return out, nil
+}
+
+// Unmarshal populates the header from encoded data
+func (h *Header) Unmarshal(data []byte) error {
+	if len(data) < HeaderLength {
+		return errBufferTooSmall
+	}
+
+	h.Type = Type(data[0])
+	h.Length = util.BigEndianUint24(data[1:])
+	h.MessageSequence = binary.BigEndian.Uint16(data[4:])
+	h.FragmentOffset = util.BigEndianUint24(data[6:])
+	h.FragmentLength = util.BigEndianUint24(data[9:])
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate.go
new file mode 100644
index 0000000..d5c861d
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate.go
@@ -0,0 +1,69 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"github.com/pion/dtls/v2/internal/util"
+)
+
+// MessageCertificate is a DTLS Handshake Message
+// it can contain either a Client or Server Certificate
+//
+// https://tools.ietf.org/html/rfc5246#section-7.4.2
+type MessageCertificate struct {
+	Certificate [][]byte
+}
+
+// Type returns the Handshake Type
+func (m MessageCertificate) Type() Type {
+	return TypeCertificate
+}
+
+const (
+	handshakeMessageCertificateLengthFieldSize = 3
+)
+
+// Marshal encodes the Handshake
+func (m *MessageCertificate) Marshal() ([]byte, error) {
+	out := make([]byte, handshakeMessageCertificateLengthFieldSize)
+
+	for _, r := range m.Certificate {
+		// Certificate Length
+		out = append(out, make([]byte, handshakeMessageCertificateLengthFieldSize)...)
+		util.PutBigEndianUint24(out[len(out)-handshakeMessageCertificateLengthFieldSize:], uint32(len(r)))
+
+		// Certificate body
+		out = append(out, append([]byte{}, r...)...)
+	}
+
+	// Total Payload Size
+	util.PutBigEndianUint24(out[0:], uint32(len(out[handshakeMessageCertificateLengthFieldSize:])))
+	return out, nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageCertificate) Unmarshal(data []byte) error {
+	if len(data) < handshakeMessageCertificateLengthFieldSize {
+		return errBufferTooSmall
+	}
+
+	if certificateBodyLen := int(util.BigEndianUint24(data)); certificateBodyLen+handshakeMessageCertificateLengthFieldSize != len(data) {
+		return errLengthMismatch
+	}
+
+	offset := handshakeMessageCertificateLengthFieldSize
+	for offset < len(data) {
+		certificateLen := int(util.BigEndianUint24(data[offset:]))
+		offset += handshakeMessageCertificateLengthFieldSize
+
+		if offset+certificateLen > len(data) {
+			return errLengthMismatch
+		}
+
+		m.Certificate = append(m.Certificate, append([]byte{}, data[offset:offset+certificateLen]...))
+		offset += certificateLen
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate_request.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate_request.go
new file mode 100644
index 0000000..11a44d4
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate_request.go
@@ -0,0 +1,144 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/pkg/crypto/clientcertificate"
+	"github.com/pion/dtls/v2/pkg/crypto/hash"
+	"github.com/pion/dtls/v2/pkg/crypto/signature"
+	"github.com/pion/dtls/v2/pkg/crypto/signaturehash"
+)
+
+/*
+MessageCertificateRequest is so a non-anonymous server can optionally
+request a certificate from the client, if appropriate for the selected cipher
+suite.  This message, if sent, will immediately follow the ServerKeyExchange
+message (if it is sent; otherwise, this message follows the
+server's Certificate message).
+
+https://tools.ietf.org/html/rfc5246#section-7.4.4
+*/
+type MessageCertificateRequest struct {
+	CertificateTypes            []clientcertificate.Type
+	SignatureHashAlgorithms     []signaturehash.Algorithm
+	CertificateAuthoritiesNames [][]byte
+}
+
+const (
+	messageCertificateRequestMinLength = 5
+)
+
+// Type returns the Handshake Type
+func (m MessageCertificateRequest) Type() Type {
+	return TypeCertificateRequest
+}
+
+// Marshal encodes the Handshake
+func (m *MessageCertificateRequest) Marshal() ([]byte, error) {
+	out := []byte{byte(len(m.CertificateTypes))}
+	for _, v := range m.CertificateTypes {
+		out = append(out, byte(v))
+	}
+
+	out = append(out, []byte{0x00, 0x00}...)
+	binary.BigEndian.PutUint16(out[len(out)-2:], uint16(len(m.SignatureHashAlgorithms)*2))
+	for _, v := range m.SignatureHashAlgorithms {
+		out = append(out, byte(v.Hash))
+		out = append(out, byte(v.Signature))
+	}
+
+	// Distinguished Names
+	casLength := 0
+	for _, ca := range m.CertificateAuthoritiesNames {
+		casLength += len(ca) + 2
+	}
+	out = append(out, []byte{0x00, 0x00}...)
+	binary.BigEndian.PutUint16(out[len(out)-2:], uint16(casLength))
+	if casLength > 0 {
+		for _, ca := range m.CertificateAuthoritiesNames {
+			out = append(out, []byte{0x00, 0x00}...)
+			binary.BigEndian.PutUint16(out[len(out)-2:], uint16(len(ca)))
+			out = append(out, ca...)
+		}
+	}
+	return out, nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageCertificateRequest) Unmarshal(data []byte) error {
+	if len(data) < messageCertificateRequestMinLength {
+		return errBufferTooSmall
+	}
+
+	offset := 0
+	certificateTypesLength := int(data[0])
+	offset++
+
+	if (offset + certificateTypesLength) > len(data) {
+		return errBufferTooSmall
+	}
+
+	for i := 0; i < certificateTypesLength; i++ {
+		certType := clientcertificate.Type(data[offset+i])
+		if _, ok := clientcertificate.Types()[certType]; ok {
+			m.CertificateTypes = append(m.CertificateTypes, certType)
+		}
+	}
+	offset += certificateTypesLength
+	if len(data) < offset+2 {
+		return errBufferTooSmall
+	}
+	signatureHashAlgorithmsLength := int(binary.BigEndian.Uint16(data[offset:]))
+	offset += 2
+
+	if (offset + signatureHashAlgorithmsLength) > len(data) {
+		return errBufferTooSmall
+	}
+
+	for i := 0; i < signatureHashAlgorithmsLength; i += 2 {
+		if len(data) < (offset + i + 2) {
+			return errBufferTooSmall
+		}
+		h := hash.Algorithm(data[offset+i])
+		s := signature.Algorithm(data[offset+i+1])
+
+		if _, ok := hash.Algorithms()[h]; !ok {
+			continue
+		} else if _, ok := signature.Algorithms()[s]; !ok {
+			continue
+		}
+		m.SignatureHashAlgorithms = append(m.SignatureHashAlgorithms, signaturehash.Algorithm{Signature: s, Hash: h})
+	}
+
+	offset += signatureHashAlgorithmsLength
+	if len(data) < offset+2 {
+		return errBufferTooSmall
+	}
+	casLength := int(binary.BigEndian.Uint16(data[offset:]))
+	offset += 2
+	if (offset + casLength) > len(data) {
+		return errBufferTooSmall
+	}
+	cas := make([]byte, casLength)
+	copy(cas, data[offset:offset+casLength])
+	m.CertificateAuthoritiesNames = nil
+	for len(cas) > 0 {
+		if len(cas) < 2 {
+			return errBufferTooSmall
+		}
+		caLen := binary.BigEndian.Uint16(cas)
+		cas = cas[2:]
+
+		if len(cas) < int(caLen) {
+			return errBufferTooSmall
+		}
+
+		m.CertificateAuthoritiesNames = append(m.CertificateAuthoritiesNames, cas[:caLen])
+		cas = cas[caLen:]
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate_verify.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate_verify.go
new file mode 100644
index 0000000..9e02a9c
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_certificate_verify.go
@@ -0,0 +1,64 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/pkg/crypto/hash"
+	"github.com/pion/dtls/v2/pkg/crypto/signature"
+)
+
+// MessageCertificateVerify provide explicit verification of a
+// client certificate.
+//
+// https://tools.ietf.org/html/rfc5246#section-7.4.8
+type MessageCertificateVerify struct {
+	HashAlgorithm      hash.Algorithm
+	SignatureAlgorithm signature.Algorithm
+	Signature          []byte
+}
+
+const handshakeMessageCertificateVerifyMinLength = 4
+
+// Type returns the Handshake Type
+func (m MessageCertificateVerify) Type() Type {
+	return TypeCertificateVerify
+}
+
+// Marshal encodes the Handshake
+func (m *MessageCertificateVerify) Marshal() ([]byte, error) {
+	out := make([]byte, 1+1+2+len(m.Signature))
+
+	out[0] = byte(m.HashAlgorithm)
+	out[1] = byte(m.SignatureAlgorithm)
+	binary.BigEndian.PutUint16(out[2:], uint16(len(m.Signature)))
+	copy(out[4:], m.Signature)
+	return out, nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageCertificateVerify) Unmarshal(data []byte) error {
+	if len(data) < handshakeMessageCertificateVerifyMinLength {
+		return errBufferTooSmall
+	}
+
+	m.HashAlgorithm = hash.Algorithm(data[0])
+	if _, ok := hash.Algorithms()[m.HashAlgorithm]; !ok {
+		return errInvalidHashAlgorithm
+	}
+
+	m.SignatureAlgorithm = signature.Algorithm(data[1])
+	if _, ok := signature.Algorithms()[m.SignatureAlgorithm]; !ok {
+		return errInvalidSignatureAlgorithm
+	}
+
+	signatureLength := int(binary.BigEndian.Uint16(data[2:]))
+	if (signatureLength + 4) != len(data) {
+		return errBufferTooSmall
+	}
+
+	m.Signature = append([]byte{}, data[4:]...)
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_client_hello.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_client_hello.go
new file mode 100644
index 0000000..bea6dd9
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_client_hello.go
@@ -0,0 +1,141 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/extension"
+)
+
+/*
+MessageClientHello is for when a client first connects to a server it is
+required to send the client hello as its first message.  The client can also send a
+client hello in response to a hello request or on its own
+initiative in order to renegotiate the security parameters in an
+existing connection.
+*/
+type MessageClientHello struct {
+	Version protocol.Version
+	Random  Random
+	Cookie  []byte
+
+	SessionID []byte
+
+	CipherSuiteIDs     []uint16
+	CompressionMethods []*protocol.CompressionMethod
+	Extensions         []extension.Extension
+}
+
+const handshakeMessageClientHelloVariableWidthStart = 34
+
+// Type returns the Handshake Type
+func (m MessageClientHello) Type() Type {
+	return TypeClientHello
+}
+
+// Marshal encodes the Handshake
+func (m *MessageClientHello) Marshal() ([]byte, error) {
+	if len(m.Cookie) > 255 {
+		return nil, errCookieTooLong
+	}
+
+	out := make([]byte, handshakeMessageClientHelloVariableWidthStart)
+	out[0] = m.Version.Major
+	out[1] = m.Version.Minor
+
+	rand := m.Random.MarshalFixed()
+	copy(out[2:], rand[:])
+
+	out = append(out, byte(len(m.SessionID)))
+	out = append(out, m.SessionID...)
+
+	out = append(out, byte(len(m.Cookie)))
+	out = append(out, m.Cookie...)
+	out = append(out, encodeCipherSuiteIDs(m.CipherSuiteIDs)...)
+	out = append(out, protocol.EncodeCompressionMethods(m.CompressionMethods)...)
+
+	extensions, err := extension.Marshal(m.Extensions)
+	if err != nil {
+		return nil, err
+	}
+
+	return append(out, extensions...), nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageClientHello) Unmarshal(data []byte) error {
+	if len(data) < 2+RandomLength {
+		return errBufferTooSmall
+	}
+
+	m.Version.Major = data[0]
+	m.Version.Minor = data[1]
+
+	var random [RandomLength]byte
+	copy(random[:], data[2:])
+	m.Random.UnmarshalFixed(random)
+
+	// rest of packet has variable width sections
+	currOffset := handshakeMessageClientHelloVariableWidthStart
+
+	currOffset++
+	if len(data) <= currOffset {
+		return errBufferTooSmall
+	}
+	n := int(data[currOffset-1])
+	if len(data) <= currOffset+n {
+		return errBufferTooSmall
+	}
+	m.SessionID = append([]byte{}, data[currOffset:currOffset+n]...)
+	currOffset += len(m.SessionID)
+
+	currOffset++
+	if len(data) <= currOffset {
+		return errBufferTooSmall
+	}
+	n = int(data[currOffset-1])
+	if len(data) <= currOffset+n {
+		return errBufferTooSmall
+	}
+	m.Cookie = append([]byte{}, data[currOffset:currOffset+n]...)
+	currOffset += len(m.Cookie)
+
+	// Cipher Suites
+	if len(data) < currOffset {
+		return errBufferTooSmall
+	}
+	cipherSuiteIDs, err := decodeCipherSuiteIDs(data[currOffset:])
+	if err != nil {
+		return err
+	}
+	m.CipherSuiteIDs = cipherSuiteIDs
+	if len(data) < currOffset+2 {
+		return errBufferTooSmall
+	}
+	currOffset += int(binary.BigEndian.Uint16(data[currOffset:])) + 2
+
+	// Compression Methods
+	if len(data) < currOffset {
+		return errBufferTooSmall
+	}
+	compressionMethods, err := protocol.DecodeCompressionMethods(data[currOffset:])
+	if err != nil {
+		return err
+	}
+	m.CompressionMethods = compressionMethods
+	if len(data) < currOffset {
+		return errBufferTooSmall
+	}
+	currOffset += int(data[currOffset]) + 1
+
+	// Extensions
+	extensions, err := extension.Unmarshal(data[currOffset:])
+	if err != nil {
+		return err
+	}
+	m.Extensions = extensions
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_client_key_exchange.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_client_key_exchange.go
new file mode 100644
index 0000000..2abcd5b
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_client_key_exchange.go
@@ -0,0 +1,81 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/internal/ciphersuite/types"
+)
+
+// MessageClientKeyExchange is a DTLS Handshake Message
+// With this message, the premaster secret is set, either by direct
+// transmission of the RSA-encrypted secret or by the transmission of
+// Diffie-Hellman parameters that will allow each side to agree upon
+// the same premaster secret.
+//
+// https://tools.ietf.org/html/rfc5246#section-7.4.7
+type MessageClientKeyExchange struct {
+	IdentityHint []byte
+	PublicKey    []byte
+
+	// for unmarshaling
+	KeyExchangeAlgorithm types.KeyExchangeAlgorithm
+}
+
+// Type returns the Handshake Type
+func (m MessageClientKeyExchange) Type() Type {
+	return TypeClientKeyExchange
+}
+
+// Marshal encodes the Handshake
+func (m *MessageClientKeyExchange) Marshal() (out []byte, err error) {
+	if m.IdentityHint == nil && m.PublicKey == nil {
+		return nil, errInvalidClientKeyExchange
+	}
+
+	if m.IdentityHint != nil {
+		out = append([]byte{0x00, 0x00}, m.IdentityHint...)
+		binary.BigEndian.PutUint16(out, uint16(len(out)-2))
+	}
+
+	if m.PublicKey != nil {
+		out = append(out, byte(len(m.PublicKey)))
+		out = append(out, m.PublicKey...)
+	}
+
+	return out, nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageClientKeyExchange) Unmarshal(data []byte) error {
+	switch {
+	case len(data) < 2:
+		return errBufferTooSmall
+	case m.KeyExchangeAlgorithm == types.KeyExchangeAlgorithmNone:
+		return errCipherSuiteUnset
+	}
+
+	offset := 0
+	if m.KeyExchangeAlgorithm.Has(types.KeyExchangeAlgorithmPsk) {
+		pskLength := int(binary.BigEndian.Uint16(data))
+		if pskLength > len(data)-2 {
+			return errBufferTooSmall
+		}
+
+		m.IdentityHint = append([]byte{}, data[2:pskLength+2]...)
+		offset += pskLength + 2
+	}
+
+	if m.KeyExchangeAlgorithm.Has(types.KeyExchangeAlgorithmEcdhe) {
+		publicKeyLength := int(data[offset])
+		if publicKeyLength > len(data)-1-offset {
+			return errBufferTooSmall
+		}
+
+		m.PublicKey = append([]byte{}, data[offset+1:]...)
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_finished.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_finished.go
new file mode 100644
index 0000000..255aedd
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_finished.go
@@ -0,0 +1,30 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+// MessageFinished is a DTLS Handshake Message
+// this message is the first one protected with the just
+// negotiated algorithms, keys, and secrets.  Recipients of Finished
+// messages MUST verify that the contents are correct.
+//
+// https://tools.ietf.org/html/rfc5246#section-7.4.9
+type MessageFinished struct {
+	VerifyData []byte
+}
+
+// Type returns the Handshake Type
+func (m MessageFinished) Type() Type {
+	return TypeFinished
+}
+
+// Marshal encodes the Handshake
+func (m *MessageFinished) Marshal() ([]byte, error) {
+	return append([]byte{}, m.VerifyData...), nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageFinished) Unmarshal(data []byte) error {
+	m.VerifyData = append([]byte{}, data...)
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_hello_verify_request.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_hello_verify_request.go
new file mode 100644
index 0000000..398e59c
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_hello_verify_request.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"github.com/pion/dtls/v2/pkg/protocol"
+)
+
+// MessageHelloVerifyRequest is as follows:
+//
+//	struct {
+//	  ProtocolVersion server_version;
+//	  opaque cookie<0..2^8-1>;
+//	} HelloVerifyRequest;
+//
+//	The HelloVerifyRequest message type is hello_verify_request(3).
+//
+//	When the client sends its ClientHello message to the server, the server
+//	MAY respond with a HelloVerifyRequest message.  This message contains
+//	a stateless cookie generated using the technique of [PHOTURIS].  The
+//	client MUST retransmit the ClientHello with the cookie added.
+//
+//	https://tools.ietf.org/html/rfc6347#section-4.2.1
+type MessageHelloVerifyRequest struct {
+	Version protocol.Version
+	Cookie  []byte
+}
+
+// Type returns the Handshake Type
+func (m MessageHelloVerifyRequest) Type() Type {
+	return TypeHelloVerifyRequest
+}
+
+// Marshal encodes the Handshake
+func (m *MessageHelloVerifyRequest) Marshal() ([]byte, error) {
+	if len(m.Cookie) > 255 {
+		return nil, errCookieTooLong
+	}
+
+	out := make([]byte, 3+len(m.Cookie))
+	out[0] = m.Version.Major
+	out[1] = m.Version.Minor
+	out[2] = byte(len(m.Cookie))
+	copy(out[3:], m.Cookie)
+
+	return out, nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageHelloVerifyRequest) Unmarshal(data []byte) error {
+	if len(data) < 3 {
+		return errBufferTooSmall
+	}
+	m.Version.Major = data[0]
+	m.Version.Minor = data[1]
+	cookieLength := int(data[2])
+	if len(data) < cookieLength+3 {
+		return errBufferTooSmall
+	}
+	m.Cookie = make([]byte, cookieLength)
+
+	copy(m.Cookie, data[3:3+cookieLength])
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_hello.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_hello.go
new file mode 100644
index 0000000..caf186d
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_hello.go
@@ -0,0 +1,122 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/extension"
+)
+
+// MessageServerHello is sent in response to a ClientHello
+// message when it was able to find an acceptable set of algorithms.
+// If it cannot find such a match, it will respond with a handshake
+// failure alert.
+//
+// https://tools.ietf.org/html/rfc5246#section-7.4.1.3
+type MessageServerHello struct {
+	Version protocol.Version
+	Random  Random
+
+	SessionID []byte
+
+	CipherSuiteID     *uint16
+	CompressionMethod *protocol.CompressionMethod
+	Extensions        []extension.Extension
+}
+
+const messageServerHelloVariableWidthStart = 2 + RandomLength
+
+// Type returns the Handshake Type
+func (m MessageServerHello) Type() Type {
+	return TypeServerHello
+}
+
+// Marshal encodes the Handshake
+func (m *MessageServerHello) Marshal() ([]byte, error) {
+	if m.CipherSuiteID == nil {
+		return nil, errCipherSuiteUnset
+	} else if m.CompressionMethod == nil {
+		return nil, errCompressionMethodUnset
+	}
+
+	out := make([]byte, messageServerHelloVariableWidthStart)
+	out[0] = m.Version.Major
+	out[1] = m.Version.Minor
+
+	rand := m.Random.MarshalFixed()
+	copy(out[2:], rand[:])
+
+	out = append(out, byte(len(m.SessionID)))
+	out = append(out, m.SessionID...)
+
+	out = append(out, []byte{0x00, 0x00}...)
+	binary.BigEndian.PutUint16(out[len(out)-2:], *m.CipherSuiteID)
+
+	out = append(out, byte(m.CompressionMethod.ID))
+
+	extensions, err := extension.Marshal(m.Extensions)
+	if err != nil {
+		return nil, err
+	}
+
+	return append(out, extensions...), nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageServerHello) Unmarshal(data []byte) error {
+	if len(data) < 2+RandomLength {
+		return errBufferTooSmall
+	}
+
+	m.Version.Major = data[0]
+	m.Version.Minor = data[1]
+
+	var random [RandomLength]byte
+	copy(random[:], data[2:])
+	m.Random.UnmarshalFixed(random)
+
+	currOffset := messageServerHelloVariableWidthStart
+	currOffset++
+	if len(data) <= currOffset {
+		return errBufferTooSmall
+	}
+
+	n := int(data[currOffset-1])
+	if len(data) <= currOffset+n {
+		return errBufferTooSmall
+	}
+	m.SessionID = append([]byte{}, data[currOffset:currOffset+n]...)
+	currOffset += len(m.SessionID)
+
+	if len(data) < currOffset+2 {
+		return errBufferTooSmall
+	}
+	m.CipherSuiteID = new(uint16)
+	*m.CipherSuiteID = binary.BigEndian.Uint16(data[currOffset:])
+	currOffset += 2
+
+	if len(data) <= currOffset {
+		return errBufferTooSmall
+	}
+	if compressionMethod, ok := protocol.CompressionMethods()[protocol.CompressionMethodID(data[currOffset])]; ok {
+		m.CompressionMethod = compressionMethod
+		currOffset++
+	} else {
+		return errInvalidCompressionMethod
+	}
+
+	if len(data) <= currOffset {
+		m.Extensions = []extension.Extension{}
+		return nil
+	}
+
+	extensions, err := extension.Unmarshal(data[currOffset:])
+	if err != nil {
+		return err
+	}
+	m.Extensions = extensions
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_hello_done.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_hello_done.go
new file mode 100644
index 0000000..b187dd4
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_hello_done.go
@@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+// MessageServerHelloDone is final non-encrypted message from server
+// this communicates server has sent all its handshake messages and next
+// should be MessageFinished
+type MessageServerHelloDone struct{}
+
+// Type returns the Handshake Type
+func (m MessageServerHelloDone) Type() Type {
+	return TypeServerHelloDone
+}
+
+// Marshal encodes the Handshake
+func (m *MessageServerHelloDone) Marshal() ([]byte, error) {
+	return []byte{}, nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageServerHelloDone) Unmarshal([]byte) error {
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_key_exchange.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_key_exchange.go
new file mode 100644
index 0000000..82abbe0
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/message_server_key_exchange.go
@@ -0,0 +1,148 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/internal/ciphersuite/types"
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/crypto/hash"
+	"github.com/pion/dtls/v2/pkg/crypto/signature"
+)
+
+// MessageServerKeyExchange supports ECDH and PSK
+type MessageServerKeyExchange struct {
+	IdentityHint []byte
+
+	EllipticCurveType  elliptic.CurveType
+	NamedCurve         elliptic.Curve
+	PublicKey          []byte
+	HashAlgorithm      hash.Algorithm
+	SignatureAlgorithm signature.Algorithm
+	Signature          []byte
+
+	// for unmarshaling
+	KeyExchangeAlgorithm types.KeyExchangeAlgorithm
+}
+
+// Type returns the Handshake Type
+func (m MessageServerKeyExchange) Type() Type {
+	return TypeServerKeyExchange
+}
+
+// Marshal encodes the Handshake
+func (m *MessageServerKeyExchange) Marshal() ([]byte, error) {
+	var out []byte
+	if m.IdentityHint != nil {
+		out = append([]byte{0x00, 0x00}, m.IdentityHint...)
+		binary.BigEndian.PutUint16(out, uint16(len(out)-2))
+	}
+
+	if m.EllipticCurveType == 0 || len(m.PublicKey) == 0 {
+		return out, nil
+	}
+	out = append(out, byte(m.EllipticCurveType), 0x00, 0x00)
+	binary.BigEndian.PutUint16(out[len(out)-2:], uint16(m.NamedCurve))
+
+	out = append(out, byte(len(m.PublicKey)))
+	out = append(out, m.PublicKey...)
+	switch {
+	case m.HashAlgorithm != hash.None && len(m.Signature) == 0:
+		return nil, errInvalidHashAlgorithm
+	case m.HashAlgorithm == hash.None && len(m.Signature) > 0:
+		return nil, errInvalidHashAlgorithm
+	case m.SignatureAlgorithm == signature.Anonymous && (m.HashAlgorithm != hash.None || len(m.Signature) > 0):
+		return nil, errInvalidSignatureAlgorithm
+	case m.SignatureAlgorithm == signature.Anonymous:
+		return out, nil
+	}
+
+	out = append(out, []byte{byte(m.HashAlgorithm), byte(m.SignatureAlgorithm), 0x00, 0x00}...)
+	binary.BigEndian.PutUint16(out[len(out)-2:], uint16(len(m.Signature)))
+	out = append(out, m.Signature...)
+
+	return out, nil
+}
+
+// Unmarshal populates the message from encoded data
+func (m *MessageServerKeyExchange) Unmarshal(data []byte) error {
+	switch {
+	case len(data) < 2:
+		return errBufferTooSmall
+	case m.KeyExchangeAlgorithm == types.KeyExchangeAlgorithmNone:
+		return errCipherSuiteUnset
+	}
+
+	hintLength := binary.BigEndian.Uint16(data)
+	if int(hintLength) <= len(data)-2 && m.KeyExchangeAlgorithm.Has(types.KeyExchangeAlgorithmPsk) {
+		m.IdentityHint = append([]byte{}, data[2:2+hintLength]...)
+		data = data[2+hintLength:]
+	}
+	if m.KeyExchangeAlgorithm == types.KeyExchangeAlgorithmPsk {
+		if len(data) == 0 {
+			return nil
+		}
+		return errLengthMismatch
+	}
+
+	if !m.KeyExchangeAlgorithm.Has(types.KeyExchangeAlgorithmEcdhe) {
+		return errLengthMismatch
+	}
+
+	if _, ok := elliptic.CurveTypes()[elliptic.CurveType(data[0])]; ok {
+		m.EllipticCurveType = elliptic.CurveType(data[0])
+	} else {
+		return errInvalidEllipticCurveType
+	}
+
+	if len(data[1:]) < 2 {
+		return errBufferTooSmall
+	}
+	m.NamedCurve = elliptic.Curve(binary.BigEndian.Uint16(data[1:3]))
+	if _, ok := elliptic.Curves()[m.NamedCurve]; !ok {
+		return errInvalidNamedCurve
+	}
+	if len(data) < 4 {
+		return errBufferTooSmall
+	}
+
+	publicKeyLength := int(data[3])
+	offset := 4 + publicKeyLength
+	if len(data) < offset {
+		return errBufferTooSmall
+	}
+	m.PublicKey = append([]byte{}, data[4:offset]...)
+
+	// Anon connection doesn't contains hashAlgorithm, signatureAlgorithm, signature
+	if len(data) == offset {
+		return nil
+	} else if len(data) <= offset {
+		return errBufferTooSmall
+	}
+
+	m.HashAlgorithm = hash.Algorithm(data[offset])
+	if _, ok := hash.Algorithms()[m.HashAlgorithm]; !ok {
+		return errInvalidHashAlgorithm
+	}
+	offset++
+	if len(data) <= offset {
+		return errBufferTooSmall
+	}
+	m.SignatureAlgorithm = signature.Algorithm(data[offset])
+	if _, ok := signature.Algorithms()[m.SignatureAlgorithm]; !ok {
+		return errInvalidSignatureAlgorithm
+	}
+	offset++
+	if len(data) < offset+2 {
+		return errBufferTooSmall
+	}
+	signatureLength := int(binary.BigEndian.Uint16(data[offset:]))
+	offset += 2
+	if len(data) < offset+signatureLength {
+		return errBufferTooSmall
+	}
+	m.Signature = append([]byte{}, data[offset:offset+signatureLength]...)
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/random.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/random.go
new file mode 100644
index 0000000..56f3756
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/handshake/random.go
@@ -0,0 +1,52 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package handshake
+
+import (
+	"crypto/rand"
+	"encoding/binary"
+	"time"
+)
+
+// Consts for Random in Handshake
+const (
+	RandomBytesLength = 28
+	RandomLength      = RandomBytesLength + 4
+)
+
+// Random value that is used in ClientHello and ServerHello
+//
+// https://tools.ietf.org/html/rfc4346#section-7.4.1.2
+type Random struct {
+	GMTUnixTime time.Time
+	RandomBytes [RandomBytesLength]byte
+}
+
+// MarshalFixed encodes the Handshake
+func (r *Random) MarshalFixed() [RandomLength]byte {
+	var out [RandomLength]byte
+
+	binary.BigEndian.PutUint32(out[0:], uint32(r.GMTUnixTime.Unix()))
+	copy(out[4:], r.RandomBytes[:])
+
+	return out
+}
+
+// UnmarshalFixed populates the message from encoded data
+func (r *Random) UnmarshalFixed(data [RandomLength]byte) {
+	r.GMTUnixTime = time.Unix(int64(binary.BigEndian.Uint32(data[0:])), 0)
+	copy(r.RandomBytes[:], data[4:])
+}
+
+// Populate fills the handshakeRandom with random values
+// may be called multiple times
+func (r *Random) Populate() error {
+	r.GMTUnixTime = time.Now()
+
+	tmp := make([]byte, RandomBytesLength)
+	_, err := rand.Read(tmp)
+	copy(r.RandomBytes[:], tmp)
+
+	return err
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/errors.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/errors.go
new file mode 100644
index 0000000..1c18988
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/errors.go
@@ -0,0 +1,21 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package recordlayer implements the TLS Record Layer https://tools.ietf.org/html/rfc5246#section-6
+package recordlayer
+
+import (
+	"errors"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+)
+
+var (
+	// ErrInvalidPacketLength is returned when the packet length too small or declared length do not match
+	ErrInvalidPacketLength = &protocol.TemporaryError{Err: errors.New("packet length and declared length do not match")} //nolint:goerr113
+
+	errBufferTooSmall             = &protocol.TemporaryError{Err: errors.New("buffer is too small")}      //nolint:goerr113
+	errSequenceNumberOverflow     = &protocol.InternalError{Err: errors.New("sequence number overflow")}  //nolint:goerr113
+	errUnsupportedProtocolVersion = &protocol.FatalError{Err: errors.New("unsupported protocol version")} //nolint:goerr113
+	errInvalidContentType         = &protocol.TemporaryError{Err: errors.New("invalid content type")}     //nolint:goerr113
+)
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/header.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/header.go
new file mode 100644
index 0000000..9225250
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/header.go
@@ -0,0 +1,64 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package recordlayer
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/internal/util"
+	"github.com/pion/dtls/v2/pkg/protocol"
+)
+
+// Header implements a TLS RecordLayer header
+type Header struct {
+	ContentType    protocol.ContentType
+	ContentLen     uint16
+	Version        protocol.Version
+	Epoch          uint16
+	SequenceNumber uint64 // uint48 in spec
+}
+
+// RecordLayer enums
+const (
+	HeaderSize        = 13
+	MaxSequenceNumber = 0x0000FFFFFFFFFFFF
+)
+
+// Marshal encodes a TLS RecordLayer Header to binary
+func (h *Header) Marshal() ([]byte, error) {
+	if h.SequenceNumber > MaxSequenceNumber {
+		return nil, errSequenceNumberOverflow
+	}
+
+	out := make([]byte, HeaderSize)
+	out[0] = byte(h.ContentType)
+	out[1] = h.Version.Major
+	out[2] = h.Version.Minor
+	binary.BigEndian.PutUint16(out[3:], h.Epoch)
+	util.PutBigEndianUint48(out[5:], h.SequenceNumber)
+	binary.BigEndian.PutUint16(out[HeaderSize-2:], h.ContentLen)
+	return out, nil
+}
+
+// Unmarshal populates a TLS RecordLayer Header from binary
+func (h *Header) Unmarshal(data []byte) error {
+	if len(data) < HeaderSize {
+		return errBufferTooSmall
+	}
+	h.ContentType = protocol.ContentType(data[0])
+	h.Version.Major = data[1]
+	h.Version.Minor = data[2]
+	h.Epoch = binary.BigEndian.Uint16(data[3:])
+
+	// SequenceNumber is stored as uint48, make into uint64
+	seqCopy := make([]byte, 8)
+	copy(seqCopy[2:], data[5:11])
+	h.SequenceNumber = binary.BigEndian.Uint64(seqCopy)
+
+	if !h.Version.Equal(protocol.Version1_0) && !h.Version.Equal(protocol.Version1_2) {
+		return errUnsupportedProtocolVersion
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/recordlayer.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/recordlayer.go
new file mode 100644
index 0000000..a570f74
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/recordlayer/recordlayer.go
@@ -0,0 +1,102 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package recordlayer
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/dtls/v2/pkg/protocol"
+	"github.com/pion/dtls/v2/pkg/protocol/alert"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+)
+
+// RecordLayer which handles all data transport.
+// The record layer is assumed to sit directly on top of some
+// reliable transport such as TCP. The record layer can carry four types of content:
+//
+// 1. Handshake messages—used for algorithm negotiation and key establishment.
+// 2. ChangeCipherSpec messages—really part of the handshake but technically a separate kind of message.
+// 3. Alert messages—used to signal that errors have occurred
+// 4. Application layer data
+//
+// The DTLS record layer is extremely similar to that of TLS 1.1.  The
+// only change is the inclusion of an explicit sequence number in the
+// record.  This sequence number allows the recipient to correctly
+// verify the TLS MAC.
+//
+// https://tools.ietf.org/html/rfc4347#section-4.1
+type RecordLayer struct {
+	Header  Header
+	Content protocol.Content
+}
+
+// Marshal encodes the RecordLayer to binary
+func (r *RecordLayer) Marshal() ([]byte, error) {
+	contentRaw, err := r.Content.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	r.Header.ContentLen = uint16(len(contentRaw))
+	r.Header.ContentType = r.Content.ContentType()
+
+	headerRaw, err := r.Header.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	return append(headerRaw, contentRaw...), nil
+}
+
+// Unmarshal populates the RecordLayer from binary
+func (r *RecordLayer) Unmarshal(data []byte) error {
+	if len(data) < HeaderSize {
+		return errBufferTooSmall
+	}
+	if err := r.Header.Unmarshal(data); err != nil {
+		return err
+	}
+
+	switch protocol.ContentType(data[0]) {
+	case protocol.ContentTypeChangeCipherSpec:
+		r.Content = &protocol.ChangeCipherSpec{}
+	case protocol.ContentTypeAlert:
+		r.Content = &alert.Alert{}
+	case protocol.ContentTypeHandshake:
+		r.Content = &handshake.Handshake{}
+	case protocol.ContentTypeApplicationData:
+		r.Content = &protocol.ApplicationData{}
+	default:
+		return errInvalidContentType
+	}
+
+	return r.Content.Unmarshal(data[HeaderSize:])
+}
+
+// UnpackDatagram extracts all RecordLayer messages from a single datagram.
+// Note that as with TLS, multiple handshake messages may be placed in
+// the same DTLS record, provided that there is room and that they are
+// part of the same flight.  Thus, there are two acceptable ways to pack
+// two DTLS messages into the same datagram: in the same record or in
+// separate records.
+// https://tools.ietf.org/html/rfc6347#section-4.2.3
+func UnpackDatagram(buf []byte) ([][]byte, error) {
+	out := [][]byte{}
+
+	for offset := 0; len(buf) != offset; {
+		if len(buf)-offset <= HeaderSize {
+			return nil, ErrInvalidPacketLength
+		}
+
+		pktLen := (HeaderSize + int(binary.BigEndian.Uint16(buf[offset+11:])))
+		if offset+pktLen > len(buf) {
+			return nil, ErrInvalidPacketLength
+		}
+
+		out = append(out, buf[offset:offset+pktLen])
+		offset += pktLen
+	}
+
+	return out, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/pkg/protocol/version.go b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/version.go
new file mode 100644
index 0000000..c4d94ac
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/pkg/protocol/version.go
@@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package protocol provides the DTLS wire format
+package protocol
+
+// Version enums
+var (
+	Version1_0 = Version{Major: 0xfe, Minor: 0xff} //nolint:gochecknoglobals
+	Version1_2 = Version{Major: 0xfe, Minor: 0xfd} //nolint:gochecknoglobals
+)
+
+// Version is the minor/major value in the RecordLayer
+// and ClientHello/ServerHello
+//
+// https://tools.ietf.org/html/rfc4346#section-6.2.1
+type Version struct {
+	Major, Minor uint8
+}
+
+// Equal determines if two protocol versions are equal
+func (v Version) Equal(x Version) bool {
+	return v.Major == x.Major && v.Minor == x.Minor
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/renovate.json b/server/vendor/github.com/pion/dtls/v2/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/resume.go b/server/vendor/github.com/pion/dtls/v2/resume.go
new file mode 100644
index 0000000..f070d75
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/resume.go
@@ -0,0 +1,26 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"context"
+	"net"
+)
+
+// Resume imports an already established dtls connection using a specific dtls state
+func Resume(state *State, conn net.Conn, config *Config) (*Conn, error) {
+	if err := state.initCipherSuite(); err != nil {
+		return nil, err
+	}
+	dconn, err := createConn(conn, config, state.isClient)
+	if err != nil {
+		return nil, err
+	}
+	c, err := handshakeConn(context.Background(), dconn, config, state.isClient, state)
+	if err != nil {
+		return nil, err
+	}
+
+	return c, nil
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/session.go b/server/vendor/github.com/pion/dtls/v2/session.go
new file mode 100644
index 0000000..99bf5a4
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/session.go
@@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+// Session store data needed in resumption
+type Session struct {
+	// ID store session id
+	ID []byte
+	// Secret store session master secret
+	Secret []byte
+}
+
+// SessionStore defines methods needed for session resumption.
+type SessionStore interface {
+	// Set save a session.
+	// For client, use server name as key.
+	// For server, use session id.
+	Set(key []byte, s Session) error
+	// Get fetch a session.
+	Get(key []byte) (Session, error)
+	// Del clean saved session.
+	Del(key []byte) error
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/srtp_protection_profile.go b/server/vendor/github.com/pion/dtls/v2/srtp_protection_profile.go
new file mode 100644
index 0000000..8b7e471
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/srtp_protection_profile.go
@@ -0,0 +1,21 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import "github.com/pion/dtls/v2/pkg/protocol/extension"
+
+// SRTPProtectionProfile defines the parameters and options that are in effect for the SRTP processing
+// https://tools.ietf.org/html/rfc5764#section-4.1.2
+type SRTPProtectionProfile = extension.SRTPProtectionProfile
+
+const (
+	SRTP_AES128_CM_HMAC_SHA1_80 SRTPProtectionProfile = extension.SRTP_AES128_CM_HMAC_SHA1_80 // nolint:revive,stylecheck
+	SRTP_AES128_CM_HMAC_SHA1_32 SRTPProtectionProfile = extension.SRTP_AES128_CM_HMAC_SHA1_32 // nolint:revive,stylecheck
+	SRTP_AES256_CM_SHA1_80      SRTPProtectionProfile = extension.SRTP_AES256_CM_SHA1_80      // nolint:revive,stylecheck
+	SRTP_AES256_CM_SHA1_32      SRTPProtectionProfile = extension.SRTP_AES256_CM_SHA1_32      // nolint:revive,stylecheck
+	SRTP_NULL_HMAC_SHA1_80      SRTPProtectionProfile = extension.SRTP_NULL_HMAC_SHA1_80      // nolint:revive,stylecheck
+	SRTP_NULL_HMAC_SHA1_32      SRTPProtectionProfile = extension.SRTP_NULL_HMAC_SHA1_32      // nolint:revive,stylecheck
+	SRTP_AEAD_AES_128_GCM       SRTPProtectionProfile = extension.SRTP_AEAD_AES_128_GCM       // nolint:revive,stylecheck
+	SRTP_AEAD_AES_256_GCM       SRTPProtectionProfile = extension.SRTP_AEAD_AES_256_GCM       // nolint:revive,stylecheck
+)
diff --git a/server/vendor/github.com/pion/dtls/v2/state.go b/server/vendor/github.com/pion/dtls/v2/state.go
new file mode 100644
index 0000000..9f26d43
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/state.go
@@ -0,0 +1,228 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+import (
+	"bytes"
+	"encoding/gob"
+	"sync/atomic"
+
+	"github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/dtls/v2/pkg/crypto/prf"
+	"github.com/pion/dtls/v2/pkg/protocol/handshake"
+	"github.com/pion/transport/v2/replaydetector"
+)
+
+// State holds the dtls connection state and implements both encoding.BinaryMarshaler and encoding.BinaryUnmarshaler
+type State struct {
+	localEpoch, remoteEpoch   atomic.Value
+	localSequenceNumber       []uint64 // uint48
+	localRandom, remoteRandom handshake.Random
+	masterSecret              []byte
+	cipherSuite               CipherSuite // nil if a cipherSuite hasn't been chosen
+
+	srtpProtectionProfile atomic.Value // Negotiated SRTPProtectionProfile
+	PeerCertificates      [][]byte
+	IdentityHint          []byte
+	SessionID             []byte
+
+	isClient bool
+
+	preMasterSecret      []byte
+	extendedMasterSecret bool
+
+	namedCurve                 elliptic.Curve
+	localKeypair               *elliptic.Keypair
+	cookie                     []byte
+	handshakeSendSequence      int
+	handshakeRecvSequence      int
+	serverName                 string
+	remoteRequestedCertificate bool   // Did we get a CertificateRequest
+	localCertificatesVerify    []byte // cache CertificateVerify
+	localVerifyData            []byte // cached VerifyData
+	localKeySignature          []byte // cached keySignature
+	peerCertificatesVerified   bool
+
+	replayDetector []replaydetector.ReplayDetector
+
+	peerSupportedProtocols []string
+	NegotiatedProtocol     string
+}
+
+type serializedState struct {
+	LocalEpoch            uint16
+	RemoteEpoch           uint16
+	LocalRandom           [handshake.RandomLength]byte
+	RemoteRandom          [handshake.RandomLength]byte
+	CipherSuiteID         uint16
+	MasterSecret          []byte
+	SequenceNumber        uint64
+	SRTPProtectionProfile uint16
+	PeerCertificates      [][]byte
+	IdentityHint          []byte
+	SessionID             []byte
+	IsClient              bool
+}
+
+func (s *State) clone() *State {
+	serialized := s.serialize()
+	state := &State{}
+	state.deserialize(*serialized)
+
+	return state
+}
+
+func (s *State) serialize() *serializedState {
+	// Marshal random values
+	localRnd := s.localRandom.MarshalFixed()
+	remoteRnd := s.remoteRandom.MarshalFixed()
+
+	epoch := s.getLocalEpoch()
+	return &serializedState{
+		LocalEpoch:            s.getLocalEpoch(),
+		RemoteEpoch:           s.getRemoteEpoch(),
+		CipherSuiteID:         uint16(s.cipherSuite.ID()),
+		MasterSecret:          s.masterSecret,
+		SequenceNumber:        atomic.LoadUint64(&s.localSequenceNumber[epoch]),
+		LocalRandom:           localRnd,
+		RemoteRandom:          remoteRnd,
+		SRTPProtectionProfile: uint16(s.getSRTPProtectionProfile()),
+		PeerCertificates:      s.PeerCertificates,
+		IdentityHint:          s.IdentityHint,
+		SessionID:             s.SessionID,
+		IsClient:              s.isClient,
+	}
+}
+
+func (s *State) deserialize(serialized serializedState) {
+	// Set epoch values
+	epoch := serialized.LocalEpoch
+	s.localEpoch.Store(serialized.LocalEpoch)
+	s.remoteEpoch.Store(serialized.RemoteEpoch)
+
+	for len(s.localSequenceNumber) <= int(epoch) {
+		s.localSequenceNumber = append(s.localSequenceNumber, uint64(0))
+	}
+
+	// Set random values
+	localRandom := &handshake.Random{}
+	localRandom.UnmarshalFixed(serialized.LocalRandom)
+	s.localRandom = *localRandom
+
+	remoteRandom := &handshake.Random{}
+	remoteRandom.UnmarshalFixed(serialized.RemoteRandom)
+	s.remoteRandom = *remoteRandom
+
+	s.isClient = serialized.IsClient
+
+	// Set master secret
+	s.masterSecret = serialized.MasterSecret
+
+	// Set cipher suite
+	s.cipherSuite = cipherSuiteForID(CipherSuiteID(serialized.CipherSuiteID), nil)
+
+	atomic.StoreUint64(&s.localSequenceNumber[epoch], serialized.SequenceNumber)
+	s.setSRTPProtectionProfile(SRTPProtectionProfile(serialized.SRTPProtectionProfile))
+
+	// Set remote certificate
+	s.PeerCertificates = serialized.PeerCertificates
+	s.IdentityHint = serialized.IdentityHint
+	s.SessionID = serialized.SessionID
+}
+
+func (s *State) initCipherSuite() error {
+	if s.cipherSuite.IsInitialized() {
+		return nil
+	}
+
+	localRandom := s.localRandom.MarshalFixed()
+	remoteRandom := s.remoteRandom.MarshalFixed()
+
+	var err error
+	if s.isClient {
+		err = s.cipherSuite.Init(s.masterSecret, localRandom[:], remoteRandom[:], true)
+	} else {
+		err = s.cipherSuite.Init(s.masterSecret, remoteRandom[:], localRandom[:], false)
+	}
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// MarshalBinary is a binary.BinaryMarshaler.MarshalBinary implementation
+func (s *State) MarshalBinary() ([]byte, error) {
+	serialized := s.serialize()
+
+	var buf bytes.Buffer
+	enc := gob.NewEncoder(&buf)
+	if err := enc.Encode(*serialized); err != nil {
+		return nil, err
+	}
+	return buf.Bytes(), nil
+}
+
+// UnmarshalBinary is a binary.BinaryUnmarshaler.UnmarshalBinary implementation
+func (s *State) UnmarshalBinary(data []byte) error {
+	enc := gob.NewDecoder(bytes.NewBuffer(data))
+	var serialized serializedState
+	if err := enc.Decode(&serialized); err != nil {
+		return err
+	}
+
+	s.deserialize(serialized)
+
+	return s.initCipherSuite()
+}
+
+// ExportKeyingMaterial returns length bytes of exported key material in a new
+// slice as defined in RFC 5705.
+// This allows protocols to use DTLS for key establishment, but
+// then use some of the keying material for their own purposes
+func (s *State) ExportKeyingMaterial(label string, context []byte, length int) ([]byte, error) {
+	if s.getLocalEpoch() == 0 {
+		return nil, errHandshakeInProgress
+	} else if len(context) != 0 {
+		return nil, errContextUnsupported
+	} else if _, ok := invalidKeyingLabels()[label]; ok {
+		return nil, errReservedExportKeyingMaterial
+	}
+
+	localRandom := s.localRandom.MarshalFixed()
+	remoteRandom := s.remoteRandom.MarshalFixed()
+
+	seed := []byte(label)
+	if s.isClient {
+		seed = append(append(seed, localRandom[:]...), remoteRandom[:]...)
+	} else {
+		seed = append(append(seed, remoteRandom[:]...), localRandom[:]...)
+	}
+	return prf.PHash(s.masterSecret, seed, length, s.cipherSuite.HashFunc())
+}
+
+func (s *State) getRemoteEpoch() uint16 {
+	if remoteEpoch, ok := s.remoteEpoch.Load().(uint16); ok {
+		return remoteEpoch
+	}
+	return 0
+}
+
+func (s *State) getLocalEpoch() uint16 {
+	if localEpoch, ok := s.localEpoch.Load().(uint16); ok {
+		return localEpoch
+	}
+	return 0
+}
+
+func (s *State) setSRTPProtectionProfile(profile SRTPProtectionProfile) {
+	s.srtpProtectionProfile.Store(profile)
+}
+
+func (s *State) getSRTPProtectionProfile() SRTPProtectionProfile {
+	if val, ok := s.srtpProtectionProfile.Load().(SRTPProtectionProfile); ok {
+		return val
+	}
+
+	return 0
+}
diff --git a/server/vendor/github.com/pion/dtls/v2/util.go b/server/vendor/github.com/pion/dtls/v2/util.go
new file mode 100644
index 0000000..663c443
--- /dev/null
+++ b/server/vendor/github.com/pion/dtls/v2/util.go
@@ -0,0 +1,41 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package dtls
+
+func findMatchingSRTPProfile(a, b []SRTPProtectionProfile) (SRTPProtectionProfile, bool) {
+	for _, aProfile := range a {
+		for _, bProfile := range b {
+			if aProfile == bProfile {
+				return aProfile, true
+			}
+		}
+	}
+	return 0, false
+}
+
+func findMatchingCipherSuite(a, b []CipherSuite) (CipherSuite, bool) {
+	for _, aSuite := range a {
+		for _, bSuite := range b {
+			if aSuite.ID() == bSuite.ID() {
+				return aSuite, true
+			}
+		}
+	}
+	return nil, false
+}
+
+func splitBytes(bytes []byte, splitLen int) [][]byte {
+	splitBytes := make([][]byte, 0)
+	numBytes := len(bytes)
+	for i := 0; i < numBytes; i += splitLen {
+		j := i + splitLen
+		if j > numBytes {
+			j = numBytes
+		}
+
+		splitBytes = append(splitBytes, bytes[i:j])
+	}
+
+	return splitBytes
+}
diff --git a/server/vendor/github.com/pion/ice/v2/.gitignore b/server/vendor/github.com/pion/ice/v2/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/ice/v2/.golangci.yml b/server/vendor/github.com/pion/ice/v2/.golangci.yml
new file mode 100644
index 0000000..4e3eddf
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/.golangci.yml
@@ -0,0 +1,137 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests, better to be self contained
+    - path: _test\.go
+      linters:
+        - gocognit
+        - forbidigo
+
+    # Allow complex main function in examples
+    - path: examples
+      text: "of func `main` is high"
+      linters:
+        - gocognit
+    
+    # Allow forbidden identifiers in examples
+    - path: examples
+      linters:
+        - forbidigo
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/ice/v2/.goreleaser.yml b/server/vendor/github.com/pion/ice/v2/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/ice/v2/AUTHORS.txt b/server/vendor/github.com/pion/ice/v2/AUTHORS.txt
new file mode 100644
index 0000000..56269cc
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/AUTHORS.txt
@@ -0,0 +1,68 @@
+# Thank you to everyone that made Pion possible. If you are interested in contributing
+# we would love to have you https://github.com/pion/webrtc/wiki/Contributing
+#
+# This file is auto generated, using git to list all individuals contributors.
+# see https://github.com/pion/.goassets/blob/master/scripts/generate-authors.sh for the scripting
+Aaron France <aaron.l.france@gmail.com>
+Adam Kiss <masterada@gmail.com>
+adwpc <adwpc@hotmail.com>
+Aleksandr Razumov <ar@gortc.io>
+aler9 <46489434+aler9@users.noreply.github.com>
+Anshul <malikanshul29@gmail.com>
+Antoine Baché <antoine@tenten.app>
+ar-hosseinkhani <alireza.8096@chmail.ir>
+Artur Shellunts <shellunts.artur@gmail.com>
+Assad Obaid <assad@lap5cg901003r.se.axis.com>
+Atsushi Watanabe <atsushi.w@ieee.org>
+backkem <mail@backkem.me>
+boks1971 <raja.gobi@tutanota.com>
+buptczq <czq@qq.com>
+cgojin <gongjin21@hotmail.com>
+Chao Yuan <yuanchao0310@163.com>
+cnderrauber <zengjie9004@gmail.com>
+David Hamilton <davidhamiltron@gmail.com>
+David Zhao <david@davidzhao.com>
+David Zhao <dz@livekit.io>
+Eric Daniels <eric@erdaniels.com>
+Genteure <github@genteure.com>
+Henry <cryptix@riseup.net>
+hexiang <hexiang.zhang@chukong-inc.com>
+hn8 <10730886+hn8@users.noreply.github.com>
+Hugo Arregui <hugo.arregui@gmail.com>
+Hugo Arregui <hugo@decentraland.org>
+Jason Maldonis <jason.maldonis@i3pd.com>
+Jerko Steiner <jerko.steiner@gmail.com>
+JooYoung <qkdlql@naver.com>
+Juliusz Chroboczek <jch@irif.fr>
+Kacper Bąk <56700396+53jk1@users.noreply.github.com>
+Kevin Caffrey <kcaffrey@gmail.com>
+Konstantin Itskov <konstantin.itskov@kovits.com>
+korymiller1489 <kmiller@unwiredrevolution.com>
+Kyle Carberry <kyle@carberry.com>
+Lander Noterman <lander.noterman@basalte.be>
+Luke Curley <kixelated@gmail.com>
+Meelap Shah <meelapshah@gmail.com>
+Michael MacDonald <github@macdonald.cx>
+Michael MacDonald <mike.macdonald@savantsystems.com>
+Mikhail Bragin <misha@wiretrustee.com>
+Miroslav Šedivý <sedivy.miro@gmail.com>
+Nevio Vesic <nevio@subspace.com>
+Ori Bernstein <ori@eigenstate.org>
+Rasmus Hanning <rasmus@hanning.se>
+Robert Eperjesi <eperjesi@uber.com>
+Sam Lancia <sam@gpsm.co.uk>
+Sam Lancia <sam@vaion.com>
+San9H0 <lucian@hpcnt.com>
+Sean DuBois <seaduboi@amazon.com>
+Sean DuBois <sean@siobud.com>
+Sebastian Waisbrot <seppo0010@gmail.com>
+Sidney San Martín <sidney@s4y.us>
+Steffen Vogel <post@steffenvogel.de>
+Will Forcey <wsforc3y@gmail.com>
+Woodrow Douglass <wdouglass@carnegierobotics.com>
+Yutaka Takeda <yt0916@gmail.com>
+ZHENK <chengzhenyang@gmail.com>
+Zizheng Tai <me@zizheng.me>
+
+# List of contributors not appearing in Git history
+
diff --git a/server/vendor/github.com/pion/ice/v2/LICENSE b/server/vendor/github.com/pion/ice/v2/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/ice/v2/README.md b/server/vendor/github.com/pion/ice/v2/README.md
new file mode 100644
index 0000000..111ca70
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/README.md
@@ -0,0 +1,34 @@
+<h1 align="center">
+  <br>
+  Pion ICE
+  <br>
+</h1>
+<h4 align="center">A Go implementation of ICE</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-ice-gray.svg?longCache=true&colorB=brightgreen" alt="Pion ICE"></a>
+  <a href="http://gophers.slack.com/messages/pion"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/ice/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/ice/v2"><img src="https://pkg.go.dev/badge/github.com/pion/ice/v2.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/ice"><img src="https://codecov.io/gh/pion/ice/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/ice"><img src="https://goreportcard.com/badge/github.com/pion/ice" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible: [AUTHORS.txt](./AUTHORS.txt)
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/ice/v2/active_tcp.go b/server/vendor/github.com/pion/ice/v2/active_tcp.go
new file mode 100644
index 0000000..024e6e7
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/active_tcp.go
@@ -0,0 +1,158 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"context"
+	"io"
+	"net"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2/packetio"
+)
+
+type activeTCPConn struct {
+	readBuffer, writeBuffer *packetio.Buffer
+	localAddr, remoteAddr   atomic.Value
+	closed                  int32
+}
+
+func newActiveTCPConn(ctx context.Context, localAddress, remoteAddress string, log logging.LeveledLogger) (a *activeTCPConn) {
+	a = &activeTCPConn{
+		readBuffer:  packetio.NewBuffer(),
+		writeBuffer: packetio.NewBuffer(),
+	}
+
+	laddr, err := getTCPAddrOnInterface(localAddress)
+	if err != nil {
+		atomic.StoreInt32(&a.closed, 1)
+		log.Infof("Failed to dial TCP address %s: %v", remoteAddress, err)
+		return
+	}
+	a.localAddr.Store(laddr)
+
+	go func() {
+		defer func() {
+			atomic.StoreInt32(&a.closed, 1)
+		}()
+
+		dialer := &net.Dialer{
+			LocalAddr: laddr,
+		}
+		conn, err := dialer.DialContext(ctx, "tcp", remoteAddress)
+		if err != nil {
+			log.Infof("Failed to dial TCP address %s: %v", remoteAddress, err)
+			return
+		}
+
+		a.remoteAddr.Store(conn.RemoteAddr())
+
+		go func() {
+			buff := make([]byte, receiveMTU)
+
+			for atomic.LoadInt32(&a.closed) == 0 {
+				n, err := readStreamingPacket(conn, buff)
+				if err != nil {
+					log.Infof("Failed to read streaming packet: %s", err)
+					break
+				}
+
+				if _, err := a.readBuffer.Write(buff[:n]); err != nil {
+					log.Infof("Failed to write to buffer: %s", err)
+					break
+				}
+			}
+		}()
+
+		buff := make([]byte, receiveMTU)
+
+		for atomic.LoadInt32(&a.closed) == 0 {
+			n, err := a.writeBuffer.Read(buff)
+			if err != nil {
+				log.Infof("Failed to read from buffer: %s", err)
+				break
+			}
+
+			if _, err = writeStreamingPacket(conn, buff[:n]); err != nil {
+				log.Infof("Failed to write streaming packet: %s", err)
+				break
+			}
+		}
+
+		if err := conn.Close(); err != nil {
+			log.Infof("Failed to close connection: %s", err)
+		}
+	}()
+
+	return a
+}
+
+func (a *activeTCPConn) ReadFrom(buff []byte) (n int, srcAddr net.Addr, err error) {
+	if atomic.LoadInt32(&a.closed) == 1 {
+		return 0, nil, io.ErrClosedPipe
+	}
+
+	srcAddr = a.RemoteAddr()
+	n, err = a.readBuffer.Read(buff)
+	return
+}
+
+func (a *activeTCPConn) WriteTo(buff []byte, _ net.Addr) (n int, err error) {
+	if atomic.LoadInt32(&a.closed) == 1 {
+		return 0, io.ErrClosedPipe
+	}
+
+	return a.writeBuffer.Write(buff)
+}
+
+func (a *activeTCPConn) Close() error {
+	atomic.StoreInt32(&a.closed, 1)
+	_ = a.readBuffer.Close()
+	_ = a.writeBuffer.Close()
+	return nil
+}
+
+func (a *activeTCPConn) LocalAddr() net.Addr {
+	if v, ok := a.localAddr.Load().(*net.TCPAddr); ok {
+		return v
+	}
+
+	return &net.TCPAddr{}
+}
+
+func (a *activeTCPConn) RemoteAddr() net.Addr {
+	if v, ok := a.remoteAddr.Load().(*net.TCPAddr); ok {
+		return v
+	}
+
+	return &net.TCPAddr{}
+}
+
+func (a *activeTCPConn) SetDeadline(time.Time) error      { return io.EOF }
+func (a *activeTCPConn) SetReadDeadline(time.Time) error  { return io.EOF }
+func (a *activeTCPConn) SetWriteDeadline(time.Time) error { return io.EOF }
+
+func getTCPAddrOnInterface(address string) (*net.TCPAddr, error) {
+	addr, err := net.ResolveTCPAddr("tcp", address)
+	if err != nil {
+		return nil, err
+	}
+
+	l, err := net.ListenTCP("tcp", addr)
+	if err != nil {
+		return nil, err
+	}
+	defer func() {
+		_ = l.Close()
+	}()
+
+	tcpAddr, ok := l.Addr().(*net.TCPAddr)
+	if !ok {
+		return nil, errInvalidAddress
+	}
+
+	return tcpAddr, nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/addr.go b/server/vendor/github.com/pion/ice/v2/addr.go
new file mode 100644
index 0000000..1d70025
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/addr.go
@@ -0,0 +1,71 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"net"
+)
+
+func parseMulticastAnswerAddr(in net.Addr) (net.IP, bool) {
+	switch addr := in.(type) {
+	case *net.IPAddr:
+		return addr.IP, true
+	case *net.UDPAddr:
+		return addr.IP, true
+	case *net.TCPAddr:
+		return addr.IP, true
+	}
+	return nil, false
+}
+
+func parseAddr(in net.Addr) (net.IP, int, NetworkType, bool) {
+	switch addr := in.(type) {
+	case *net.UDPAddr:
+		return addr.IP, addr.Port, NetworkTypeUDP4, true
+	case *net.TCPAddr:
+		return addr.IP, addr.Port, NetworkTypeTCP4, true
+	}
+	return nil, 0, 0, false
+}
+
+func createAddr(network NetworkType, ip net.IP, port int) net.Addr {
+	switch {
+	case network.IsTCP():
+		return &net.TCPAddr{IP: ip, Port: port}
+	default:
+		return &net.UDPAddr{IP: ip, Port: port}
+	}
+}
+
+func addrEqual(a, b net.Addr) bool {
+	aIP, aPort, aType, aOk := parseAddr(a)
+	if !aOk {
+		return false
+	}
+
+	bIP, bPort, bType, bOk := parseAddr(b)
+	if !bOk {
+		return false
+	}
+
+	return aType == bType && aIP.Equal(bIP) && aPort == bPort
+}
+
+// AddrPort is  an IP and a port number.
+type AddrPort [18]byte
+
+func toAddrPort(addr net.Addr) AddrPort {
+	var ap AddrPort
+	switch addr := addr.(type) {
+	case *net.UDPAddr:
+		copy(ap[:16], addr.IP.To16())
+		ap[16] = uint8(addr.Port >> 8)
+		ap[17] = uint8(addr.Port)
+	case *net.TCPAddr:
+		copy(ap[:16], addr.IP.To16())
+		ap[16] = uint8(addr.Port >> 8)
+		ap[17] = uint8(addr.Port)
+	}
+	return ap
+}
diff --git a/server/vendor/github.com/pion/ice/v2/agent.go b/server/vendor/github.com/pion/ice/v2/agent.go
new file mode 100644
index 0000000..c2718fc
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/agent.go
@@ -0,0 +1,1303 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package ice implements the Interactive Connectivity Establishment (ICE)
+// protocol defined in rfc5245.
+package ice
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"math"
+	"net"
+	"strconv"
+	"strings"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	atomicx "github.com/pion/ice/v2/internal/atomic"
+	stunx "github.com/pion/ice/v2/internal/stun"
+	"github.com/pion/logging"
+	"github.com/pion/mdns"
+	"github.com/pion/stun"
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/packetio"
+	"github.com/pion/transport/v2/stdnet"
+	"github.com/pion/transport/v2/vnet"
+	"golang.org/x/net/proxy"
+)
+
+type bindingRequest struct {
+	timestamp      time.Time
+	transactionID  [stun.TransactionIDSize]byte
+	destination    net.Addr
+	isUseCandidate bool
+}
+
+// Agent represents the ICE agent
+type Agent struct {
+	chanTask   chan task
+	afterRunFn []func(ctx context.Context)
+	muAfterRun sync.Mutex
+
+	onConnectionStateChangeHdlr       atomic.Value // func(ConnectionState)
+	onSelectedCandidatePairChangeHdlr atomic.Value // func(Candidate, Candidate)
+	onCandidateHdlr                   atomic.Value // func(Candidate)
+
+	// State owned by the taskLoop
+	onConnected     chan struct{}
+	onConnectedOnce sync.Once
+
+	// Force candidate to be contacted immediately (instead of waiting for task ticker)
+	forceCandidateContact chan bool
+
+	tieBreaker uint64
+	lite       bool
+
+	connectionState ConnectionState
+	gatheringState  GatheringState
+
+	mDNSMode MulticastDNSMode
+	mDNSName string
+	mDNSConn *mdns.Conn
+
+	muHaveStarted sync.Mutex
+	startedCh     <-chan struct{}
+	startedFn     func()
+	isControlling bool
+
+	maxBindingRequests uint16
+
+	hostAcceptanceMinWait  time.Duration
+	srflxAcceptanceMinWait time.Duration
+	prflxAcceptanceMinWait time.Duration
+	relayAcceptanceMinWait time.Duration
+
+	tcpPriorityOffset uint16
+	disableActiveTCP  bool
+
+	portMin uint16
+	portMax uint16
+
+	candidateTypes []CandidateType
+
+	// How long connectivity checks can fail before the ICE Agent
+	// goes to disconnected
+	disconnectedTimeout time.Duration
+
+	// How long connectivity checks can fail before the ICE Agent
+	// goes to failed
+	failedTimeout time.Duration
+
+	// How often should we send keepalive packets?
+	// 0 means never
+	keepaliveInterval time.Duration
+
+	// How often should we run our internal taskLoop to check for state changes when connecting
+	checkInterval time.Duration
+
+	localUfrag      string
+	localPwd        string
+	localCandidates map[NetworkType][]Candidate
+
+	remoteUfrag      string
+	remotePwd        string
+	remoteCandidates map[NetworkType][]Candidate
+
+	checklist []*CandidatePair
+	selector  pairCandidateSelector
+
+	selectedPair atomic.Value // *CandidatePair
+
+	urls         []*stun.URI
+	networkTypes []NetworkType
+
+	buf *packetio.Buffer
+
+	// LRU of outbound Binding request Transaction IDs
+	pendingBindingRequests []bindingRequest
+
+	// 1:1 D-NAT IP address mapping
+	extIPMapper *externalIPMapper
+
+	// State for closing
+	done         chan struct{}
+	taskLoopDone chan struct{}
+	err          atomicx.Error
+
+	// Callback that allows user to implement custom behavior
+	// for STUN Binding Requests
+	userBindingRequestHandler func(m *stun.Message, local, remote Candidate, pair *CandidatePair) bool
+
+	gatherCandidateCancel func()
+	gatherCandidateDone   chan struct{}
+
+	connectionStateNotifier       *handlerNotifier
+	candidateNotifier             *handlerNotifier
+	selectedCandidatePairNotifier *handlerNotifier
+
+	loggerFactory logging.LoggerFactory
+	log           logging.LeveledLogger
+
+	net         transport.Net
+	tcpMux      TCPMux
+	udpMux      UDPMux
+	udpMuxSrflx UniversalUDPMux
+
+	interfaceFilter func(string) bool
+	ipFilter        func(net.IP) bool
+	includeLoopback bool
+
+	insecureSkipVerify bool
+
+	proxyDialer proxy.Dialer
+}
+
+type task struct {
+	fn   func(context.Context, *Agent)
+	done chan struct{}
+}
+
+// afterRun registers function to be run after the task.
+func (a *Agent) afterRun(f func(context.Context)) {
+	a.muAfterRun.Lock()
+	a.afterRunFn = append(a.afterRunFn, f)
+	a.muAfterRun.Unlock()
+}
+
+func (a *Agent) getAfterRunFn() []func(context.Context) {
+	a.muAfterRun.Lock()
+	defer a.muAfterRun.Unlock()
+	fns := a.afterRunFn
+	a.afterRunFn = nil
+	return fns
+}
+
+func (a *Agent) ok() error {
+	select {
+	case <-a.done:
+		return a.getErr()
+	default:
+	}
+	return nil
+}
+
+func (a *Agent) getErr() error {
+	if err := a.err.Load(); err != nil {
+		return err
+	}
+	return ErrClosed
+}
+
+// Run task in serial. Blocking tasks must be cancelable by context.
+func (a *Agent) run(ctx context.Context, t func(context.Context, *Agent)) error {
+	if err := a.ok(); err != nil {
+		return err
+	}
+	done := make(chan struct{})
+	select {
+	case <-ctx.Done():
+		return ctx.Err()
+	case a.chanTask <- task{t, done}:
+		<-done
+		return nil
+	}
+}
+
+// taskLoop handles registered tasks and agent close.
+func (a *Agent) taskLoop() {
+	after := func() {
+		for {
+			// Get and run func registered by afterRun().
+			fns := a.getAfterRunFn()
+			if len(fns) == 0 {
+				break
+			}
+			for _, fn := range fns {
+				fn(a.context())
+			}
+		}
+	}
+	defer func() {
+		a.deleteAllCandidates()
+		a.startedFn()
+
+		if err := a.buf.Close(); err != nil {
+			a.log.Warnf("Failed to close buffer: %v", err)
+		}
+
+		a.closeMulticastConn()
+		a.updateConnectionState(ConnectionStateClosed)
+
+		after()
+
+		close(a.taskLoopDone)
+	}()
+
+	for {
+		select {
+		case <-a.done:
+			return
+		case t := <-a.chanTask:
+			t.fn(a.context(), a)
+			close(t.done)
+			after()
+		}
+	}
+}
+
+// NewAgent creates a new Agent
+func NewAgent(config *AgentConfig) (*Agent, error) { //nolint:gocognit
+	var err error
+	if config.PortMax < config.PortMin {
+		return nil, ErrPort
+	}
+
+	mDNSName := config.MulticastDNSHostName
+	if mDNSName == "" {
+		if mDNSName, err = generateMulticastDNSName(); err != nil {
+			return nil, err
+		}
+	}
+
+	if !strings.HasSuffix(mDNSName, ".local") || len(strings.Split(mDNSName, ".")) != 2 {
+		return nil, ErrInvalidMulticastDNSHostName
+	}
+
+	mDNSMode := config.MulticastDNSMode
+	if mDNSMode == 0 {
+		mDNSMode = MulticastDNSModeQueryOnly
+	}
+
+	loggerFactory := config.LoggerFactory
+	if loggerFactory == nil {
+		loggerFactory = logging.NewDefaultLoggerFactory()
+	}
+	log := loggerFactory.NewLogger("ice")
+
+	startedCtx, startedFn := context.WithCancel(context.Background())
+
+	a := &Agent{
+		chanTask:         make(chan task),
+		tieBreaker:       globalMathRandomGenerator.Uint64(),
+		lite:             config.Lite,
+		gatheringState:   GatheringStateNew,
+		connectionState:  ConnectionStateNew,
+		localCandidates:  make(map[NetworkType][]Candidate),
+		remoteCandidates: make(map[NetworkType][]Candidate),
+		urls:             config.Urls,
+		networkTypes:     config.NetworkTypes,
+		onConnected:      make(chan struct{}),
+		buf:              packetio.NewBuffer(),
+		done:             make(chan struct{}),
+		taskLoopDone:     make(chan struct{}),
+		startedCh:        startedCtx.Done(),
+		startedFn:        startedFn,
+		portMin:          config.PortMin,
+		portMax:          config.PortMax,
+		loggerFactory:    loggerFactory,
+		log:              log,
+		net:              config.Net,
+		proxyDialer:      config.ProxyDialer,
+		tcpMux:           config.TCPMux,
+		udpMux:           config.UDPMux,
+		udpMuxSrflx:      config.UDPMuxSrflx,
+
+		mDNSMode: mDNSMode,
+		mDNSName: mDNSName,
+
+		gatherCandidateCancel: func() {},
+
+		forceCandidateContact: make(chan bool, 1),
+
+		interfaceFilter: config.InterfaceFilter,
+
+		ipFilter: config.IPFilter,
+
+		insecureSkipVerify: config.InsecureSkipVerify,
+
+		includeLoopback: config.IncludeLoopback,
+
+		disableActiveTCP: config.DisableActiveTCP,
+
+		userBindingRequestHandler: config.BindingRequestHandler,
+	}
+	a.connectionStateNotifier = &handlerNotifier{connectionStateFunc: a.onConnectionStateChange, done: make(chan struct{})}
+	a.candidateNotifier = &handlerNotifier{candidateFunc: a.onCandidate, done: make(chan struct{})}
+	a.selectedCandidatePairNotifier = &handlerNotifier{candidatePairFunc: a.onSelectedCandidatePairChange, done: make(chan struct{})}
+
+	if a.net == nil {
+		a.net, err = stdnet.NewNet()
+		if err != nil {
+			return nil, fmt.Errorf("failed to create network: %w", err)
+		}
+	} else if _, isVirtual := a.net.(*vnet.Net); isVirtual {
+		a.log.Warn("Virtual network is enabled")
+		if a.mDNSMode != MulticastDNSModeDisabled {
+			a.log.Warn("Virtual network does not support mDNS yet")
+		}
+	}
+
+	// Opportunistic mDNS: If we can't open the connection, that's ok: we
+	// can continue without it.
+	if a.mDNSConn, a.mDNSMode, err = createMulticastDNS(a.net, mDNSMode, mDNSName, log); err != nil {
+		log.Warnf("Failed to initialize mDNS %s: %v", mDNSName, err)
+	}
+
+	config.initWithDefaults(a)
+
+	// Make sure the buffer doesn't grow indefinitely.
+	// NOTE: We actually won't get anywhere close to this limit.
+	// SRTP will constantly read from the endpoint and drop packets if it's full.
+	a.buf.SetLimitSize(maxBufferSize)
+
+	if a.lite && (len(a.candidateTypes) != 1 || a.candidateTypes[0] != CandidateTypeHost) {
+		a.closeMulticastConn()
+		return nil, ErrLiteUsingNonHostCandidates
+	}
+
+	if config.Urls != nil && len(config.Urls) > 0 && !containsCandidateType(CandidateTypeServerReflexive, a.candidateTypes) && !containsCandidateType(CandidateTypeRelay, a.candidateTypes) {
+		a.closeMulticastConn()
+		return nil, ErrUselessUrlsProvided
+	}
+
+	if err = config.initExtIPMapping(a); err != nil {
+		a.closeMulticastConn()
+		return nil, err
+	}
+
+	go a.taskLoop()
+
+	// Restart is also used to initialize the agent for the first time
+	if err := a.Restart(config.LocalUfrag, config.LocalPwd); err != nil {
+		a.closeMulticastConn()
+		_ = a.Close()
+		return nil, err
+	}
+
+	return a, nil
+}
+
+func (a *Agent) startConnectivityChecks(isControlling bool, remoteUfrag, remotePwd string) error {
+	a.muHaveStarted.Lock()
+	defer a.muHaveStarted.Unlock()
+	select {
+	case <-a.startedCh:
+		return ErrMultipleStart
+	default:
+	}
+	if err := a.SetRemoteCredentials(remoteUfrag, remotePwd); err != nil { //nolint:contextcheck
+		return err
+	}
+
+	a.log.Debugf("Started agent: isControlling? %t, remoteUfrag: %q, remotePwd: %q", isControlling, remoteUfrag, remotePwd)
+
+	return a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		agent.isControlling = isControlling
+		agent.remoteUfrag = remoteUfrag
+		agent.remotePwd = remotePwd
+
+		if isControlling {
+			a.selector = &controllingSelector{agent: a, log: a.log}
+		} else {
+			a.selector = &controlledSelector{agent: a, log: a.log}
+		}
+
+		if a.lite {
+			a.selector = &liteSelector{pairCandidateSelector: a.selector}
+		}
+
+		a.selector.Start()
+		a.startedFn()
+
+		agent.updateConnectionState(ConnectionStateChecking)
+
+		a.requestConnectivityCheck()
+		go a.connectivityChecks() //nolint:contextcheck
+	})
+}
+
+func (a *Agent) connectivityChecks() {
+	lastConnectionState := ConnectionState(0)
+	checkingDuration := time.Time{}
+
+	contact := func() {
+		if err := a.run(a.context(), func(ctx context.Context, a *Agent) {
+			defer func() {
+				lastConnectionState = a.connectionState
+			}()
+
+			switch a.connectionState {
+			case ConnectionStateFailed:
+				// The connection is currently failed so don't send any checks
+				// In the future it may be restarted though
+				return
+			case ConnectionStateChecking:
+				// We have just entered checking for the first time so update our checking timer
+				if lastConnectionState != a.connectionState {
+					checkingDuration = time.Now()
+				}
+
+				// We have been in checking longer then Disconnect+Failed timeout, set the connection to Failed
+				if time.Since(checkingDuration) > a.disconnectedTimeout+a.failedTimeout {
+					a.updateConnectionState(ConnectionStateFailed)
+					return
+				}
+			default:
+			}
+
+			a.selector.ContactCandidates()
+		}); err != nil {
+			a.log.Warnf("Failed to start connectivity checks: %v", err)
+		}
+	}
+
+	t := time.NewTimer(math.MaxInt64)
+	t.Stop()
+
+	for {
+		interval := defaultKeepaliveInterval
+
+		updateInterval := func(x time.Duration) {
+			if x != 0 && (interval == 0 || interval > x) {
+				interval = x
+			}
+		}
+
+		switch lastConnectionState {
+		case ConnectionStateNew, ConnectionStateChecking: // While connecting, check candidates more frequently
+			updateInterval(a.checkInterval)
+		case ConnectionStateConnected, ConnectionStateDisconnected:
+			updateInterval(a.keepaliveInterval)
+		default:
+		}
+		// Ensure we run our task loop as quickly as the minimum of our various configured timeouts
+		updateInterval(a.disconnectedTimeout)
+		updateInterval(a.failedTimeout)
+
+		t.Reset(interval)
+
+		select {
+		case <-a.forceCandidateContact:
+			if !t.Stop() {
+				<-t.C
+			}
+			contact()
+		case <-t.C:
+			contact()
+		case <-a.done:
+			t.Stop()
+			return
+		}
+	}
+}
+
+func (a *Agent) updateConnectionState(newState ConnectionState) {
+	if a.connectionState != newState {
+		// Connection has gone to failed, release all gathered candidates
+		if newState == ConnectionStateFailed {
+			a.removeUfragFromMux()
+			a.checklist = make([]*CandidatePair, 0)
+			a.pendingBindingRequests = make([]bindingRequest, 0)
+			a.setSelectedPair(nil)
+			a.deleteAllCandidates()
+		}
+
+		a.log.Infof("Setting new connection state: %s", newState)
+		a.connectionState = newState
+		a.connectionStateNotifier.EnqueueConnectionState(newState)
+	}
+}
+
+func (a *Agent) setSelectedPair(p *CandidatePair) {
+	if p == nil {
+		var nilPair *CandidatePair
+		a.selectedPair.Store(nilPair)
+		a.log.Tracef("Unset selected candidate pair")
+		return
+	}
+
+	p.nominated = true
+	a.selectedPair.Store(p)
+	a.log.Tracef("Set selected candidate pair: %s", p)
+
+	a.updateConnectionState(ConnectionStateConnected)
+
+	// Notify when the selected pair changes
+	a.selectedCandidatePairNotifier.EnqueueSelectedCandidatePair(p)
+
+	// Signal connected
+	a.onConnectedOnce.Do(func() { close(a.onConnected) })
+}
+
+func (a *Agent) pingAllCandidates() {
+	a.log.Trace("Pinging all candidates")
+
+	if len(a.checklist) == 0 {
+		a.log.Warn("Failed to ping without candidate pairs. Connection is not possible yet.")
+	}
+
+	for _, p := range a.checklist {
+		if p.state == CandidatePairStateWaiting {
+			p.state = CandidatePairStateInProgress
+		} else if p.state != CandidatePairStateInProgress {
+			continue
+		}
+
+		if p.bindingRequestCount > a.maxBindingRequests {
+			a.log.Tracef("Maximum requests reached for pair %s, marking it as failed", p)
+			p.state = CandidatePairStateFailed
+		} else {
+			a.selector.PingCandidate(p.Local, p.Remote)
+			p.bindingRequestCount++
+		}
+	}
+}
+
+func (a *Agent) getBestAvailableCandidatePair() *CandidatePair {
+	var best *CandidatePair
+	for _, p := range a.checklist {
+		if p.state == CandidatePairStateFailed {
+			continue
+		}
+
+		if best == nil {
+			best = p
+		} else if best.priority() < p.priority() {
+			best = p
+		}
+	}
+	return best
+}
+
+func (a *Agent) getBestValidCandidatePair() *CandidatePair {
+	var best *CandidatePair
+	for _, p := range a.checklist {
+		if p.state != CandidatePairStateSucceeded {
+			continue
+		}
+
+		if best == nil {
+			best = p
+		} else if best.priority() < p.priority() {
+			best = p
+		}
+	}
+	return best
+}
+
+func (a *Agent) addPair(local, remote Candidate) *CandidatePair {
+	p := newCandidatePair(local, remote, a.isControlling)
+	a.checklist = append(a.checklist, p)
+	return p
+}
+
+func (a *Agent) findPair(local, remote Candidate) *CandidatePair {
+	for _, p := range a.checklist {
+		if p.Local.Equal(local) && p.Remote.Equal(remote) {
+			return p
+		}
+	}
+	return nil
+}
+
+// validateSelectedPair checks if the selected pair is (still) valid
+// Note: the caller should hold the agent lock.
+func (a *Agent) validateSelectedPair() bool {
+	selectedPair := a.getSelectedPair()
+	if selectedPair == nil {
+		return false
+	}
+
+	disconnectedTime := time.Since(selectedPair.Remote.LastReceived())
+
+	// Only allow transitions to failed if a.failedTimeout is non-zero
+	totalTimeToFailure := a.failedTimeout
+	if totalTimeToFailure != 0 {
+		totalTimeToFailure += a.disconnectedTimeout
+	}
+
+	switch {
+	case totalTimeToFailure != 0 && disconnectedTime > totalTimeToFailure:
+		a.updateConnectionState(ConnectionStateFailed)
+	case a.disconnectedTimeout != 0 && disconnectedTime > a.disconnectedTimeout:
+		a.updateConnectionState(ConnectionStateDisconnected)
+	default:
+		a.updateConnectionState(ConnectionStateConnected)
+	}
+
+	return true
+}
+
+// checkKeepalive sends STUN Binding Indications to the selected pair
+// if no packet has been sent on that pair in the last keepaliveInterval
+// Note: the caller should hold the agent lock.
+func (a *Agent) checkKeepalive() {
+	selectedPair := a.getSelectedPair()
+	if selectedPair == nil {
+		return
+	}
+
+	if (a.keepaliveInterval != 0) &&
+		((time.Since(selectedPair.Local.LastSent()) > a.keepaliveInterval) ||
+			(time.Since(selectedPair.Remote.LastReceived()) > a.keepaliveInterval)) {
+		// We use binding request instead of indication to support refresh consent schemas
+		// see https://tools.ietf.org/html/rfc7675
+		a.selector.PingCandidate(selectedPair.Local, selectedPair.Remote)
+	}
+}
+
+// AddRemoteCandidate adds a new remote candidate
+func (a *Agent) AddRemoteCandidate(c Candidate) error {
+	if c == nil {
+		return nil
+	}
+
+	// TCP Candidates with TCP type active will probe server passive ones, so
+	// no need to do anything with them.
+	if c.TCPType() == TCPTypeActive {
+		a.log.Infof("Ignoring remote candidate with tcpType active: %s", c)
+		return nil
+	}
+
+	// If we have a mDNS Candidate lets fully resolve it before adding it locally
+	if c.Type() == CandidateTypeHost && strings.HasSuffix(c.Address(), ".local") {
+		if a.mDNSMode == MulticastDNSModeDisabled {
+			a.log.Warnf("Remote mDNS candidate added, but mDNS is disabled: (%s)", c.Address())
+			return nil
+		}
+
+		hostCandidate, ok := c.(*CandidateHost)
+		if !ok {
+			return ErrAddressParseFailed
+		}
+
+		go a.resolveAndAddMulticastCandidate(hostCandidate)
+		return nil
+	}
+
+	go func() {
+		if err := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+			// nolint: contextcheck
+			agent.addRemoteCandidate(c)
+		}); err != nil {
+			a.log.Warnf("Failed to add remote candidate %s: %v", c.Address(), err)
+			return
+		}
+	}()
+	return nil
+}
+
+func (a *Agent) resolveAndAddMulticastCandidate(c *CandidateHost) {
+	if a.mDNSConn == nil {
+		return
+	}
+	_, src, err := a.mDNSConn.Query(c.context(), c.Address())
+	if err != nil {
+		a.log.Warnf("Failed to discover mDNS candidate %s: %v", c.Address(), err)
+		return
+	}
+
+	ip, ipOk := parseMulticastAnswerAddr(src)
+	if !ipOk {
+		a.log.Warnf("Failed to discover mDNS candidate %s: failed to parse IP", c.Address())
+		return
+	}
+
+	if err = c.setIP(ip); err != nil {
+		a.log.Warnf("Failed to discover mDNS candidate %s: %v", c.Address(), err)
+		return
+	}
+
+	if err = a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		// nolint: contextcheck
+		agent.addRemoteCandidate(c)
+	}); err != nil {
+		a.log.Warnf("Failed to add mDNS candidate %s: %v", c.Address(), err)
+		return
+	}
+}
+
+func (a *Agent) requestConnectivityCheck() {
+	select {
+	case a.forceCandidateContact <- true:
+	default:
+	}
+}
+
+func (a *Agent) addRemotePassiveTCPCandidate(remoteCandidate Candidate) {
+	localIPs, err := localInterfaces(a.net, a.interfaceFilter, a.ipFilter, []NetworkType{remoteCandidate.NetworkType()}, a.includeLoopback)
+	if err != nil {
+		a.log.Warnf("Failed to iterate local interfaces, host candidates will not be gathered %s", err)
+		return
+	}
+
+	for i := range localIPs {
+		conn := newActiveTCPConn(
+			a.context(),
+			net.JoinHostPort(localIPs[i].String(), "0"),
+			net.JoinHostPort(remoteCandidate.Address(), strconv.Itoa(remoteCandidate.Port())),
+			a.log,
+		)
+
+		tcpAddr, ok := conn.LocalAddr().(*net.TCPAddr)
+		if !ok {
+			closeConnAndLog(conn, a.log, "Failed to create Active ICE-TCP Candidate: %v", errInvalidAddress)
+			continue
+		}
+
+		localCandidate, err := NewCandidateHost(&CandidateHostConfig{
+			Network:   remoteCandidate.NetworkType().String(),
+			Address:   localIPs[i].String(),
+			Port:      tcpAddr.Port,
+			Component: ComponentRTP,
+			TCPType:   TCPTypeActive,
+		})
+		if err != nil {
+			closeConnAndLog(conn, a.log, "Failed to create Active ICE-TCP Candidate: %v", err)
+			continue
+		}
+
+		localCandidate.start(a, conn, a.startedCh)
+		a.localCandidates[localCandidate.NetworkType()] = append(a.localCandidates[localCandidate.NetworkType()], localCandidate)
+		a.candidateNotifier.EnqueueCandidate(localCandidate)
+
+		a.addPair(localCandidate, remoteCandidate)
+	}
+}
+
+// addRemoteCandidate assumes you are holding the lock (must be execute using a.run)
+func (a *Agent) addRemoteCandidate(c Candidate) {
+	set := a.remoteCandidates[c.NetworkType()]
+
+	for _, candidate := range set {
+		if candidate.Equal(c) {
+			return
+		}
+	}
+
+	tcpNetworkTypeFound := false
+	for _, networkType := range a.networkTypes {
+		if networkType.IsTCP() {
+			tcpNetworkTypeFound = true
+		}
+	}
+
+	if !a.disableActiveTCP && tcpNetworkTypeFound && c.TCPType() == TCPTypePassive {
+		a.addRemotePassiveTCPCandidate(c)
+	}
+
+	set = append(set, c)
+	a.remoteCandidates[c.NetworkType()] = set
+
+	if c.TCPType() != TCPTypePassive {
+		if localCandidates, ok := a.localCandidates[c.NetworkType()]; ok {
+			for _, localCandidate := range localCandidates {
+				a.addPair(localCandidate, c)
+			}
+		}
+	}
+
+	a.requestConnectivityCheck()
+}
+
+func (a *Agent) addCandidate(ctx context.Context, c Candidate, candidateConn net.PacketConn) error {
+	return a.run(ctx, func(ctx context.Context, agent *Agent) {
+		set := a.localCandidates[c.NetworkType()]
+		for _, candidate := range set {
+			if candidate.Equal(c) {
+				a.log.Debugf("Ignore duplicate candidate: %s", c)
+				if err := c.close(); err != nil {
+					a.log.Warnf("Failed to close duplicate candidate: %v", err)
+				}
+				if err := candidateConn.Close(); err != nil {
+					a.log.Warnf("Failed to close duplicate candidate connection: %v", err)
+				}
+				return
+			}
+		}
+
+		c.start(a, candidateConn, a.startedCh)
+
+		set = append(set, c)
+		a.localCandidates[c.NetworkType()] = set
+
+		if remoteCandidates, ok := a.remoteCandidates[c.NetworkType()]; ok {
+			for _, remoteCandidate := range remoteCandidates {
+				a.addPair(c, remoteCandidate)
+			}
+		}
+
+		a.requestConnectivityCheck()
+
+		a.candidateNotifier.EnqueueCandidate(c)
+	})
+}
+
+// GetRemoteCandidates returns the remote candidates
+func (a *Agent) GetRemoteCandidates() ([]Candidate, error) {
+	var res []Candidate
+
+	err := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		var candidates []Candidate
+		for _, set := range agent.remoteCandidates {
+			candidates = append(candidates, set...)
+		}
+		res = candidates
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return res, nil
+}
+
+// GetLocalCandidates returns the local candidates
+func (a *Agent) GetLocalCandidates() ([]Candidate, error) {
+	var res []Candidate
+
+	err := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		var candidates []Candidate
+		for _, set := range agent.localCandidates {
+			candidates = append(candidates, set...)
+		}
+		res = candidates
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return res, nil
+}
+
+// GetLocalUserCredentials returns the local user credentials
+func (a *Agent) GetLocalUserCredentials() (frag string, pwd string, err error) {
+	valSet := make(chan struct{})
+	err = a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		frag = agent.localUfrag
+		pwd = agent.localPwd
+		close(valSet)
+	})
+
+	if err == nil {
+		<-valSet
+	}
+	return
+}
+
+// GetRemoteUserCredentials returns the remote user credentials
+func (a *Agent) GetRemoteUserCredentials() (frag string, pwd string, err error) {
+	valSet := make(chan struct{})
+	err = a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		frag = agent.remoteUfrag
+		pwd = agent.remotePwd
+		close(valSet)
+	})
+
+	if err == nil {
+		<-valSet
+	}
+	return
+}
+
+func (a *Agent) removeUfragFromMux() {
+	if a.tcpMux != nil {
+		a.tcpMux.RemoveConnByUfrag(a.localUfrag)
+	}
+	if a.udpMux != nil {
+		a.udpMux.RemoveConnByUfrag(a.localUfrag)
+	}
+	if a.udpMuxSrflx != nil {
+		a.udpMuxSrflx.RemoveConnByUfrag(a.localUfrag)
+	}
+}
+
+// Close cleans up the Agent
+func (a *Agent) Close() error {
+	return a.close(false)
+}
+
+// GracefulClose cleans up the Agent and waits for any goroutines it started
+// to complete. This is only safe to call outside of Agent callbacks or if in a callback,
+// in its own goroutine.
+func (a *Agent) GracefulClose() error {
+	return a.close(true)
+}
+
+func (a *Agent) close(graceful bool) error {
+	if err := a.ok(); err != nil {
+		if errors.Is(err, ErrClosed) {
+			return nil
+		}
+		return err
+	}
+
+	a.afterRun(func(context.Context) {
+		a.gatherCandidateCancel()
+		if a.gatherCandidateDone != nil {
+			<-a.gatherCandidateDone
+		}
+	})
+	a.err.Store(ErrClosed)
+
+	a.removeUfragFromMux()
+
+	close(a.done)
+	// the loop is safe to wait on no matter what
+	<-a.taskLoopDone
+
+	// but we are in less control of the notifiers, so we will
+	// pass through `graceful`.
+	a.connectionStateNotifier.Close(graceful)
+	a.candidateNotifier.Close(graceful)
+	a.selectedCandidatePairNotifier.Close(graceful)
+	return nil
+}
+
+// Remove all candidates. This closes any listening sockets
+// and removes both the local and remote candidate lists.
+//
+// This is used for restarts, failures and on close
+func (a *Agent) deleteAllCandidates() {
+	for net, cs := range a.localCandidates {
+		for _, c := range cs {
+			if err := c.close(); err != nil {
+				a.log.Warnf("Failed to close candidate %s: %v", c, err)
+			}
+		}
+		delete(a.localCandidates, net)
+	}
+	for net, cs := range a.remoteCandidates {
+		for _, c := range cs {
+			if err := c.close(); err != nil {
+				a.log.Warnf("Failed to close candidate %s: %v", c, err)
+			}
+		}
+		delete(a.remoteCandidates, net)
+	}
+}
+
+func (a *Agent) findRemoteCandidate(networkType NetworkType, addr net.Addr) Candidate {
+	ip, port, _, ok := parseAddr(addr)
+	if !ok {
+		a.log.Warnf("Failed to parse address: %s", addr)
+		return nil
+	}
+
+	set := a.remoteCandidates[networkType]
+	for _, c := range set {
+		if c.Address() == ip.String() && c.Port() == port {
+			return c
+		}
+	}
+	return nil
+}
+
+func (a *Agent) sendBindingRequest(m *stun.Message, local, remote Candidate) {
+	a.log.Tracef("Ping STUN from %s to %s", local, remote)
+
+	a.invalidatePendingBindingRequests(time.Now())
+	a.pendingBindingRequests = append(a.pendingBindingRequests, bindingRequest{
+		timestamp:      time.Now(),
+		transactionID:  m.TransactionID,
+		destination:    remote.addr(),
+		isUseCandidate: m.Contains(stun.AttrUseCandidate),
+	})
+
+	a.sendSTUN(m, local, remote)
+}
+
+func (a *Agent) sendBindingSuccess(m *stun.Message, local, remote Candidate) {
+	base := remote
+
+	ip, port, _, ok := parseAddr(base.addr())
+	if !ok {
+		a.log.Warnf("Failed to parse address: %s", base.addr())
+		return
+	}
+
+	if out, err := stun.Build(m, stun.BindingSuccess,
+		&stun.XORMappedAddress{
+			IP:   ip,
+			Port: port,
+		},
+		stun.NewShortTermIntegrity(a.localPwd),
+		stun.Fingerprint,
+	); err != nil {
+		a.log.Warnf("Failed to handle inbound ICE from: %s to: %s error: %s", local, remote, err)
+	} else {
+		a.sendSTUN(out, local, remote)
+	}
+}
+
+// Removes pending binding requests that are over maxBindingRequestTimeout old
+//
+// Let HTO be the transaction timeout, which SHOULD be 2*RTT if
+// RTT is known or 500 ms otherwise.
+// https://tools.ietf.org/html/rfc8445#appendix-B.1
+func (a *Agent) invalidatePendingBindingRequests(filterTime time.Time) {
+	initialSize := len(a.pendingBindingRequests)
+
+	temp := a.pendingBindingRequests[:0]
+	for _, bindingRequest := range a.pendingBindingRequests {
+		if filterTime.Sub(bindingRequest.timestamp) < maxBindingRequestTimeout {
+			temp = append(temp, bindingRequest)
+		}
+	}
+
+	a.pendingBindingRequests = temp
+	if bindRequestsRemoved := initialSize - len(a.pendingBindingRequests); bindRequestsRemoved > 0 {
+		a.log.Tracef("Discarded %d binding requests because they expired", bindRequestsRemoved)
+	}
+}
+
+// Assert that the passed TransactionID is in our pendingBindingRequests and returns the destination
+// If the bindingRequest was valid remove it from our pending cache
+func (a *Agent) handleInboundBindingSuccess(id [stun.TransactionIDSize]byte) (bool, *bindingRequest, time.Duration) {
+	a.invalidatePendingBindingRequests(time.Now())
+	for i := range a.pendingBindingRequests {
+		if a.pendingBindingRequests[i].transactionID == id {
+			validBindingRequest := a.pendingBindingRequests[i]
+			a.pendingBindingRequests = append(a.pendingBindingRequests[:i], a.pendingBindingRequests[i+1:]...)
+			return true, &validBindingRequest, time.Since(validBindingRequest.timestamp)
+		}
+	}
+	return false, nil, 0
+}
+
+// handleInbound processes STUN traffic from a remote candidate
+func (a *Agent) handleInbound(m *stun.Message, local Candidate, remote net.Addr) { //nolint:gocognit
+	var err error
+	if m == nil || local == nil {
+		return
+	}
+
+	if m.Type.Method != stun.MethodBinding ||
+		!(m.Type.Class == stun.ClassSuccessResponse ||
+			m.Type.Class == stun.ClassRequest ||
+			m.Type.Class == stun.ClassIndication) {
+		a.log.Tracef("Unhandled STUN from %s to %s class(%s) method(%s)", remote, local, m.Type.Class, m.Type.Method)
+		return
+	}
+
+	if a.isControlling {
+		if m.Contains(stun.AttrICEControlling) {
+			a.log.Debug("Inbound STUN message: isControlling && a.isControlling == true")
+			return
+		} else if m.Contains(stun.AttrUseCandidate) {
+			a.log.Debug("Inbound STUN message: useCandidate && a.isControlling == true")
+			return
+		}
+	} else {
+		if m.Contains(stun.AttrICEControlled) {
+			a.log.Debug("Inbound STUN message: isControlled && a.isControlling == false")
+			return
+		}
+	}
+
+	remoteCandidate := a.findRemoteCandidate(local.NetworkType(), remote)
+	if m.Type.Class == stun.ClassSuccessResponse {
+		if err = stun.MessageIntegrity([]byte(a.remotePwd)).Check(m); err != nil {
+			a.log.Warnf("Discard message from (%s), %v", remote, err)
+			return
+		}
+
+		if remoteCandidate == nil {
+			a.log.Warnf("Discard success message from (%s), no such remote", remote)
+			return
+		}
+
+		a.selector.HandleSuccessResponse(m, local, remoteCandidate, remote)
+	} else if m.Type.Class == stun.ClassRequest {
+		a.log.Tracef("Inbound STUN (Request) from %s to %s, useCandidate: %v", remote, local, m.Contains(stun.AttrUseCandidate))
+
+		if err = stunx.AssertUsername(m, a.localUfrag+":"+a.remoteUfrag); err != nil {
+			a.log.Warnf("Discard message from (%s), %v", remote, err)
+			return
+		} else if err = stun.MessageIntegrity([]byte(a.localPwd)).Check(m); err != nil {
+			a.log.Warnf("Discard message from (%s), %v", remote, err)
+			return
+		}
+
+		if remoteCandidate == nil {
+			ip, port, networkType, ok := parseAddr(remote)
+			if !ok {
+				a.log.Errorf("Failed to create parse remote net.Addr when creating remote prflx candidate")
+				return
+			}
+
+			prflxCandidateConfig := CandidatePeerReflexiveConfig{
+				Network:   networkType.String(),
+				Address:   ip.String(),
+				Port:      port,
+				Component: local.Component(),
+				RelAddr:   "",
+				RelPort:   0,
+			}
+
+			prflxCandidate, err := NewCandidatePeerReflexive(&prflxCandidateConfig)
+			if err != nil {
+				a.log.Errorf("Failed to create new remote prflx candidate (%s)", err)
+				return
+			}
+			remoteCandidate = prflxCandidate
+
+			a.log.Debugf("Adding a new peer-reflexive candidate: %s ", remote)
+			a.addRemoteCandidate(remoteCandidate)
+		}
+
+		a.selector.HandleBindingRequest(m, local, remoteCandidate)
+	}
+
+	if remoteCandidate != nil {
+		remoteCandidate.seen(false)
+	}
+}
+
+// validateNonSTUNTraffic processes non STUN traffic from a remote candidate,
+// and returns true if it is an actual remote candidate
+func (a *Agent) validateNonSTUNTraffic(local Candidate, remote net.Addr) (Candidate, bool) {
+	var remoteCandidate Candidate
+	if err := a.run(local.context(), func(ctx context.Context, agent *Agent) {
+		remoteCandidate = a.findRemoteCandidate(local.NetworkType(), remote)
+		if remoteCandidate != nil {
+			remoteCandidate.seen(false)
+		}
+	}); err != nil {
+		a.log.Warnf("Failed to validate remote candidate: %v", err)
+	}
+
+	return remoteCandidate, remoteCandidate != nil
+}
+
+// GetSelectedCandidatePair returns the selected pair or nil if there is none
+func (a *Agent) GetSelectedCandidatePair() (*CandidatePair, error) {
+	selectedPair := a.getSelectedPair()
+	if selectedPair == nil {
+		return nil, nil //nolint:nilnil
+	}
+
+	local, err := selectedPair.Local.copy()
+	if err != nil {
+		return nil, err
+	}
+
+	remote, err := selectedPair.Remote.copy()
+	if err != nil {
+		return nil, err
+	}
+
+	return &CandidatePair{Local: local, Remote: remote}, nil
+}
+
+func (a *Agent) getSelectedPair() *CandidatePair {
+	if selectedPair, ok := a.selectedPair.Load().(*CandidatePair); ok {
+		return selectedPair
+	}
+
+	return nil
+}
+
+func (a *Agent) closeMulticastConn() {
+	if a.mDNSConn != nil {
+		if err := a.mDNSConn.Close(); err != nil {
+			a.log.Warnf("Failed to close mDNS Conn: %v", err)
+		}
+	}
+}
+
+// SetRemoteCredentials sets the credentials of the remote agent
+func (a *Agent) SetRemoteCredentials(remoteUfrag, remotePwd string) error {
+	switch {
+	case remoteUfrag == "":
+		return ErrRemoteUfragEmpty
+	case remotePwd == "":
+		return ErrRemotePwdEmpty
+	}
+
+	return a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		agent.remoteUfrag = remoteUfrag
+		agent.remotePwd = remotePwd
+	})
+}
+
+// Restart restarts the ICE Agent with the provided ufrag/pwd
+// If no ufrag/pwd is provided the Agent will generate one itself
+//
+// If there is a gatherer routine currently running, Restart will
+// cancel it.
+// After a Restart, the user must then call GatherCandidates explicitly
+// to start generating new ones.
+func (a *Agent) Restart(ufrag, pwd string) error {
+	if ufrag == "" {
+		var err error
+		ufrag, err = generateUFrag()
+		if err != nil {
+			return err
+		}
+	}
+	if pwd == "" {
+		var err error
+		pwd, err = generatePwd()
+		if err != nil {
+			return err
+		}
+	}
+
+	if len([]rune(ufrag))*8 < 24 {
+		return ErrLocalUfragInsufficientBits
+	}
+	if len([]rune(pwd))*8 < 128 {
+		return ErrLocalPwdInsufficientBits
+	}
+
+	var err error
+	if runErr := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		if agent.gatheringState == GatheringStateGathering {
+			agent.gatherCandidateCancel()
+		}
+
+		// Clear all agent needed to take back to fresh state
+		a.removeUfragFromMux()
+		agent.localUfrag = ufrag
+		agent.localPwd = pwd
+		agent.remoteUfrag = ""
+		agent.remotePwd = ""
+		a.gatheringState = GatheringStateNew
+		a.checklist = make([]*CandidatePair, 0)
+		a.pendingBindingRequests = make([]bindingRequest, 0)
+		a.setSelectedPair(nil)
+		a.deleteAllCandidates()
+		if a.selector != nil {
+			a.selector.Start()
+		}
+
+		// Restart is used by NewAgent. Accept/Connect should be used to move to checking
+		// for new Agents
+		if a.connectionState != ConnectionStateNew {
+			a.updateConnectionState(ConnectionStateChecking)
+		}
+	}); runErr != nil {
+		return runErr
+	}
+	return err
+}
+
+func (a *Agent) setGatheringState(newState GatheringState) error {
+	done := make(chan struct{})
+	if err := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		if a.gatheringState != newState && newState == GatheringStateComplete {
+			a.candidateNotifier.EnqueueCandidate(nil)
+		}
+
+		a.gatheringState = newState
+		close(done)
+	}); err != nil {
+		return err
+	}
+
+	<-done
+	return nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/agent_config.go b/server/vendor/github.com/pion/ice/v2/agent_config.go
new file mode 100644
index 0000000..7f7b67a
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/agent_config.go
@@ -0,0 +1,305 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/transport/v2"
+	"golang.org/x/net/proxy"
+)
+
+const (
+	// defaultCheckInterval is the interval at which the agent performs candidate checks in the connecting phase
+	defaultCheckInterval = 200 * time.Millisecond
+
+	// keepaliveInterval used to keep candidates alive
+	defaultKeepaliveInterval = 2 * time.Second
+
+	// defaultDisconnectedTimeout is the default time till an Agent transitions disconnected
+	defaultDisconnectedTimeout = 5 * time.Second
+
+	// defaultFailedTimeout is the default time till an Agent transitions to failed after disconnected
+	defaultFailedTimeout = 25 * time.Second
+
+	// defaultHostAcceptanceMinWait is the wait time before nominating a host candidate
+	defaultHostAcceptanceMinWait = 0
+
+	// defaultSrflxAcceptanceMinWait is the wait time before nominating a srflx candidate
+	defaultSrflxAcceptanceMinWait = 500 * time.Millisecond
+
+	// defaultPrflxAcceptanceMinWait is the wait time before nominating a prflx candidate
+	defaultPrflxAcceptanceMinWait = 1000 * time.Millisecond
+
+	// defaultRelayAcceptanceMinWait is the wait time before nominating a relay candidate
+	defaultRelayAcceptanceMinWait = 2000 * time.Millisecond
+
+	// defaultMaxBindingRequests is the maximum number of binding requests before considering a pair failed
+	defaultMaxBindingRequests = 7
+
+	// TCPPriorityOffset is a number which is subtracted from the default (UDP) candidate type preference
+	// for host, srflx and prfx candidate types.
+	defaultTCPPriorityOffset = 27
+
+	// maxBufferSize is the number of bytes that can be buffered before we start to error
+	maxBufferSize = 1000 * 1000 // 1MB
+
+	// maxBindingRequestTimeout is the wait time before binding requests can be deleted
+	maxBindingRequestTimeout = 4000 * time.Millisecond
+)
+
+func defaultCandidateTypes() []CandidateType {
+	return []CandidateType{CandidateTypeHost, CandidateTypeServerReflexive, CandidateTypeRelay}
+}
+
+// AgentConfig collects the arguments to ice.Agent construction into
+// a single structure, for future-proofness of the interface
+type AgentConfig struct {
+	Urls []*stun.URI
+
+	// PortMin and PortMax are optional. Leave them 0 for the default UDP port allocation strategy.
+	PortMin uint16
+	PortMax uint16
+
+	// LocalUfrag and LocalPwd values used to perform connectivity
+	// checks.  The values MUST be unguessable, with at least 128 bits of
+	// random number generator output used to generate the password, and
+	// at least 24 bits of output to generate the username fragment.
+	LocalUfrag string
+	LocalPwd   string
+
+	// MulticastDNSMode controls mDNS behavior for the ICE agent
+	MulticastDNSMode MulticastDNSMode
+
+	// MulticastDNSHostName controls the hostname for this agent. If none is specified a random one will be generated
+	MulticastDNSHostName string
+
+	// DisconnectedTimeout defaults to 5 seconds when this property is nil.
+	// If the duration is 0, the ICE Agent will never go to disconnected
+	DisconnectedTimeout *time.Duration
+
+	// FailedTimeout defaults to 25 seconds when this property is nil.
+	// If the duration is 0, we will never go to failed.
+	FailedTimeout *time.Duration
+
+	// KeepaliveInterval determines how often should we send ICE
+	// keepalives (should be less then connectiontimeout above)
+	// when this is nil, it defaults to 10 seconds.
+	// A keepalive interval of 0 means we never send keepalive packets
+	KeepaliveInterval *time.Duration
+
+	// CheckInterval controls how often our task loop runs when in the
+	// connecting state.
+	CheckInterval *time.Duration
+
+	// NetworkTypes is an optional configuration for disabling or enabling
+	// support for specific network types.
+	NetworkTypes []NetworkType
+
+	// CandidateTypes is an optional configuration for disabling or enabling
+	// support for specific candidate types.
+	CandidateTypes []CandidateType
+
+	LoggerFactory logging.LoggerFactory
+
+	// MaxBindingRequests is the max amount of binding requests the agent will send
+	// over a candidate pair for validation or nomination, if after MaxBindingRequests
+	// the candidate is yet to answer a binding request or a nomination we set the pair as failed
+	MaxBindingRequests *uint16
+
+	// Lite agents do not perform connectivity check and only provide host candidates.
+	Lite bool
+
+	// NAT1To1IPCandidateType is used along with NAT1To1IPs to specify which candidate type
+	// the 1:1 NAT IP addresses should be mapped to.
+	// If unspecified or CandidateTypeHost, NAT1To1IPs are used to replace host candidate IPs.
+	// If CandidateTypeServerReflexive, it will insert a srflx candidate (as if it was derived
+	// from a STUN server) with its port number being the one for the actual host candidate.
+	// Other values will result in an error.
+	NAT1To1IPCandidateType CandidateType
+
+	// NAT1To1IPs contains a list of public IP addresses that are to be used as a host
+	// candidate or srflx candidate. This is used typically for servers that are behind
+	// 1:1 D-NAT (e.g. AWS EC2 instances) and to eliminate the need of server reflexive
+	// candidate gathering.
+	NAT1To1IPs []string
+
+	// HostAcceptanceMinWait specify a minimum wait time before selecting host candidates
+	HostAcceptanceMinWait *time.Duration
+	// HostAcceptanceMinWait specify a minimum wait time before selecting srflx candidates
+	SrflxAcceptanceMinWait *time.Duration
+	// HostAcceptanceMinWait specify a minimum wait time before selecting prflx candidates
+	PrflxAcceptanceMinWait *time.Duration
+	// HostAcceptanceMinWait specify a minimum wait time before selecting relay candidates
+	RelayAcceptanceMinWait *time.Duration
+
+	// Net is the our abstracted network interface for internal development purpose only
+	// (see https://github.com/pion/transport)
+	Net transport.Net
+
+	// InterfaceFilter is a function that you can use in order to whitelist or blacklist
+	// the interfaces which are used to gather ICE candidates.
+	InterfaceFilter func(string) bool
+
+	// IPFilter is a function that you can use in order to whitelist or blacklist
+	// the ips which are used to gather ICE candidates.
+	IPFilter func(net.IP) bool
+
+	// InsecureSkipVerify controls if self-signed certificates are accepted when connecting
+	// to TURN servers via TLS or DTLS
+	InsecureSkipVerify bool
+
+	// TCPMux will be used for multiplexing incoming TCP connections for ICE TCP.
+	// Currently only passive candidates are supported. This functionality is
+	// experimental and the API might change in the future.
+	TCPMux TCPMux
+
+	// UDPMux is used for multiplexing multiple incoming UDP connections on a single port
+	// when this is set, the agent ignores PortMin and PortMax configurations and will
+	// defer to UDPMux for incoming connections
+	UDPMux UDPMux
+
+	// UDPMuxSrflx is used for multiplexing multiple incoming UDP connections of server reflexive candidates
+	// on a single port when this is set, the agent ignores PortMin and PortMax configurations and will
+	// defer to UDPMuxSrflx for incoming connections
+	// It embeds UDPMux to do the actual connection multiplexing
+	UDPMuxSrflx UniversalUDPMux
+
+	// Proxy Dialer is a dialer that should be implemented by the user based on golang.org/x/net/proxy
+	// dial interface in order to support corporate proxies
+	ProxyDialer proxy.Dialer
+
+	// Deprecated: AcceptAggressiveNomination always enabled.
+	AcceptAggressiveNomination bool
+
+	// Include loopback addresses in the candidate list.
+	IncludeLoopback bool
+
+	// TCPPriorityOffset is a number which is subtracted from the default (UDP) candidate type preference
+	// for host, srflx and prfx candidate types. It helps to configure relative preference of UDP candidates
+	// against TCP ones. Relay candidates for TCP and UDP are always 0 and not affected by this setting.
+	// When this is nil, defaultTCPPriorityOffset is used.
+	TCPPriorityOffset *uint16
+
+	// DisableActiveTCP can be used to disable Active TCP candidates. Otherwise when TCP is enabled
+	// Active TCP candidates will be created when a new passive TCP remote candidate is added.
+	DisableActiveTCP bool
+
+	// BindingRequestHandler allows applications to perform logic on incoming STUN Binding Requests
+	// This was implemented to allow users to
+	// * Log incoming Binding Requests for debugging
+	// * Implement draft-thatcher-ice-renomination
+	// * Implement custom CandidatePair switching logic
+	BindingRequestHandler func(m *stun.Message, local, remote Candidate, pair *CandidatePair) bool
+}
+
+// initWithDefaults populates an agent and falls back to defaults if fields are unset
+func (config *AgentConfig) initWithDefaults(a *Agent) {
+	if config.MaxBindingRequests == nil {
+		a.maxBindingRequests = defaultMaxBindingRequests
+	} else {
+		a.maxBindingRequests = *config.MaxBindingRequests
+	}
+
+	if config.HostAcceptanceMinWait == nil {
+		a.hostAcceptanceMinWait = defaultHostAcceptanceMinWait
+	} else {
+		a.hostAcceptanceMinWait = *config.HostAcceptanceMinWait
+	}
+
+	if config.SrflxAcceptanceMinWait == nil {
+		a.srflxAcceptanceMinWait = defaultSrflxAcceptanceMinWait
+	} else {
+		a.srflxAcceptanceMinWait = *config.SrflxAcceptanceMinWait
+	}
+
+	if config.PrflxAcceptanceMinWait == nil {
+		a.prflxAcceptanceMinWait = defaultPrflxAcceptanceMinWait
+	} else {
+		a.prflxAcceptanceMinWait = *config.PrflxAcceptanceMinWait
+	}
+
+	if config.RelayAcceptanceMinWait == nil {
+		a.relayAcceptanceMinWait = defaultRelayAcceptanceMinWait
+	} else {
+		a.relayAcceptanceMinWait = *config.RelayAcceptanceMinWait
+	}
+
+	if config.TCPPriorityOffset == nil {
+		a.tcpPriorityOffset = defaultTCPPriorityOffset
+	} else {
+		a.tcpPriorityOffset = *config.TCPPriorityOffset
+	}
+
+	if config.DisconnectedTimeout == nil {
+		a.disconnectedTimeout = defaultDisconnectedTimeout
+	} else {
+		a.disconnectedTimeout = *config.DisconnectedTimeout
+	}
+
+	if config.FailedTimeout == nil {
+		a.failedTimeout = defaultFailedTimeout
+	} else {
+		a.failedTimeout = *config.FailedTimeout
+	}
+
+	if config.KeepaliveInterval == nil {
+		a.keepaliveInterval = defaultKeepaliveInterval
+	} else {
+		a.keepaliveInterval = *config.KeepaliveInterval
+	}
+
+	if config.CheckInterval == nil {
+		a.checkInterval = defaultCheckInterval
+	} else {
+		a.checkInterval = *config.CheckInterval
+	}
+
+	if config.CandidateTypes == nil || len(config.CandidateTypes) == 0 {
+		a.candidateTypes = defaultCandidateTypes()
+	} else {
+		a.candidateTypes = config.CandidateTypes
+	}
+}
+
+func (config *AgentConfig) initExtIPMapping(a *Agent) error {
+	var err error
+	a.extIPMapper, err = newExternalIPMapper(config.NAT1To1IPCandidateType, config.NAT1To1IPs)
+	if err != nil {
+		return err
+	}
+	if a.extIPMapper == nil {
+		return nil // This may happen when config.NAT1To1IPs is an empty array
+	}
+	if a.extIPMapper.candidateType == CandidateTypeHost {
+		if a.mDNSMode == MulticastDNSModeQueryAndGather {
+			return ErrMulticastDNSWithNAT1To1IPMapping
+		}
+		candiHostEnabled := false
+		for _, candiType := range a.candidateTypes {
+			if candiType == CandidateTypeHost {
+				candiHostEnabled = true
+				break
+			}
+		}
+		if !candiHostEnabled {
+			return ErrIneffectiveNAT1To1IPMappingHost
+		}
+	} else if a.extIPMapper.candidateType == CandidateTypeServerReflexive {
+		candiSrflxEnabled := false
+		for _, candiType := range a.candidateTypes {
+			if candiType == CandidateTypeServerReflexive {
+				candiSrflxEnabled = true
+				break
+			}
+		}
+		if !candiSrflxEnabled {
+			return ErrIneffectiveNAT1To1IPMappingSrflx
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/agent_handlers.go b/server/vendor/github.com/pion/ice/v2/agent_handlers.go
new file mode 100644
index 0000000..0c02277
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/agent_handlers.go
@@ -0,0 +1,183 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "sync"
+
+// OnConnectionStateChange sets a handler that is fired when the connection state changes
+func (a *Agent) OnConnectionStateChange(f func(ConnectionState)) error {
+	a.onConnectionStateChangeHdlr.Store(f)
+	return nil
+}
+
+// OnSelectedCandidatePairChange sets a handler that is fired when the final candidate
+// pair is selected
+func (a *Agent) OnSelectedCandidatePairChange(f func(Candidate, Candidate)) error {
+	a.onSelectedCandidatePairChangeHdlr.Store(f)
+	return nil
+}
+
+// OnCandidate sets a handler that is fired when new candidates gathered. When
+// the gathering process complete the last candidate is nil.
+func (a *Agent) OnCandidate(f func(Candidate)) error {
+	a.onCandidateHdlr.Store(f)
+	return nil
+}
+
+func (a *Agent) onSelectedCandidatePairChange(p *CandidatePair) {
+	if h, ok := a.onSelectedCandidatePairChangeHdlr.Load().(func(Candidate, Candidate)); ok {
+		h(p.Local, p.Remote)
+	}
+}
+
+func (a *Agent) onCandidate(c Candidate) {
+	if onCandidateHdlr, ok := a.onCandidateHdlr.Load().(func(Candidate)); ok {
+		onCandidateHdlr(c)
+	}
+}
+
+func (a *Agent) onConnectionStateChange(s ConnectionState) {
+	if hdlr, ok := a.onConnectionStateChangeHdlr.Load().(func(ConnectionState)); ok {
+		hdlr(s)
+	}
+}
+
+type handlerNotifier struct {
+	sync.Mutex
+	running   bool
+	notifiers sync.WaitGroup
+
+	connectionStates    []ConnectionState
+	connectionStateFunc func(ConnectionState)
+
+	candidates    []Candidate
+	candidateFunc func(Candidate)
+
+	selectedCandidatePairs []*CandidatePair
+	candidatePairFunc      func(*CandidatePair)
+
+	// State for closing
+	done chan struct{}
+}
+
+func (h *handlerNotifier) Close(graceful bool) {
+	if graceful {
+		// if we were closed ungracefully before, we now
+		// want ot wait.
+		defer h.notifiers.Wait()
+	}
+
+	h.Lock()
+
+	select {
+	case <-h.done:
+		h.Unlock()
+		return
+	default:
+	}
+	close(h.done)
+	h.Unlock()
+}
+
+func (h *handlerNotifier) EnqueueConnectionState(s ConnectionState) {
+	h.Lock()
+	defer h.Unlock()
+
+	select {
+	case <-h.done:
+		return
+	default:
+	}
+
+	notify := func() {
+		defer h.notifiers.Done()
+		for {
+			h.Lock()
+			if len(h.connectionStates) == 0 {
+				h.running = false
+				h.Unlock()
+				return
+			}
+			notification := h.connectionStates[0]
+			h.connectionStates = h.connectionStates[1:]
+			h.Unlock()
+			h.connectionStateFunc(notification)
+		}
+	}
+
+	h.connectionStates = append(h.connectionStates, s)
+	if !h.running {
+		h.running = true
+		h.notifiers.Add(1)
+		go notify()
+	}
+}
+
+func (h *handlerNotifier) EnqueueCandidate(c Candidate) {
+	h.Lock()
+	defer h.Unlock()
+
+	select {
+	case <-h.done:
+		return
+	default:
+	}
+
+	notify := func() {
+		defer h.notifiers.Done()
+		for {
+			h.Lock()
+			if len(h.candidates) == 0 {
+				h.running = false
+				h.Unlock()
+				return
+			}
+			notification := h.candidates[0]
+			h.candidates = h.candidates[1:]
+			h.Unlock()
+			h.candidateFunc(notification)
+		}
+	}
+
+	h.candidates = append(h.candidates, c)
+	if !h.running {
+		h.running = true
+		h.notifiers.Add(1)
+		go notify()
+	}
+}
+
+func (h *handlerNotifier) EnqueueSelectedCandidatePair(p *CandidatePair) {
+	h.Lock()
+	defer h.Unlock()
+
+	select {
+	case <-h.done:
+		return
+	default:
+	}
+
+	notify := func() {
+		defer h.notifiers.Done()
+		for {
+			h.Lock()
+			if len(h.selectedCandidatePairs) == 0 {
+				h.running = false
+				h.Unlock()
+				return
+			}
+			notification := h.selectedCandidatePairs[0]
+			h.selectedCandidatePairs = h.selectedCandidatePairs[1:]
+			h.Unlock()
+			h.candidatePairFunc(notification)
+		}
+	}
+
+	h.selectedCandidatePairs = append(h.selectedCandidatePairs, p)
+	if !h.running {
+		h.running = true
+		h.notifiers.Add(1)
+		go notify()
+	}
+}
diff --git a/server/vendor/github.com/pion/ice/v2/agent_stats.go b/server/vendor/github.com/pion/ice/v2/agent_stats.go
new file mode 100644
index 0000000..9344ec3
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/agent_stats.go
@@ -0,0 +1,172 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"context"
+	"time"
+)
+
+// GetCandidatePairsStats returns a list of candidate pair stats
+func (a *Agent) GetCandidatePairsStats() []CandidatePairStats {
+	var res []CandidatePairStats
+	err := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		result := make([]CandidatePairStats, 0, len(agent.checklist))
+		for _, cp := range agent.checklist {
+			stat := CandidatePairStats{
+				Timestamp:         time.Now(),
+				LocalCandidateID:  cp.Local.ID(),
+				RemoteCandidateID: cp.Remote.ID(),
+				State:             cp.state,
+				Nominated:         cp.nominated,
+				// PacketsSent uint32
+				// PacketsReceived uint32
+				// BytesSent uint64
+				// BytesReceived uint64
+				// LastPacketSentTimestamp time.Time
+				// LastPacketReceivedTimestamp time.Time
+				// FirstRequestTimestamp time.Time
+				// LastRequestTimestamp time.Time
+				// LastResponseTimestamp time.Time
+				TotalRoundTripTime:   cp.TotalRoundTripTime(),
+				CurrentRoundTripTime: cp.CurrentRoundTripTime(),
+				// AvailableOutgoingBitrate float64
+				// AvailableIncomingBitrate float64
+				// CircuitBreakerTriggerCount uint32
+				// RequestsReceived uint64
+				// RequestsSent uint64
+				ResponsesReceived: cp.ResponsesReceived(),
+				// ResponsesSent uint64
+				// RetransmissionsReceived uint64
+				// RetransmissionsSent uint64
+				// ConsentRequestsSent uint64
+				// ConsentExpiredTimestamp time.Time
+			}
+			result = append(result, stat)
+		}
+		res = result
+	})
+	if err != nil {
+		a.log.Errorf("Failed to get candidate pairs stats: %v", err)
+		return []CandidatePairStats{}
+	}
+	return res
+}
+
+// GetSelectedCandidatePairStats returns a candidate pair stats for selected candidate pair.
+// Returns false if there is no selected pair
+func (a *Agent) GetSelectedCandidatePairStats() (CandidatePairStats, bool) {
+	isAvailable := false
+	var res CandidatePairStats
+	err := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		sp := agent.getSelectedPair()
+		if sp == nil {
+			return
+		}
+
+		isAvailable = true
+		res = CandidatePairStats{
+			Timestamp:         time.Now(),
+			LocalCandidateID:  sp.Local.ID(),
+			RemoteCandidateID: sp.Remote.ID(),
+			State:             sp.state,
+			Nominated:         sp.nominated,
+			// PacketsSent uint32
+			// PacketsReceived uint32
+			// BytesSent uint64
+			// BytesReceived uint64
+			// LastPacketSentTimestamp time.Time
+			// LastPacketReceivedTimestamp time.Time
+			// FirstRequestTimestamp time.Time
+			// LastRequestTimestamp time.Time
+			// LastResponseTimestamp time.Time
+			TotalRoundTripTime:   sp.TotalRoundTripTime(),
+			CurrentRoundTripTime: sp.CurrentRoundTripTime(),
+			// AvailableOutgoingBitrate float64
+			// AvailableIncomingBitrate float64
+			// CircuitBreakerTriggerCount uint32
+			// RequestsReceived uint64
+			// RequestsSent uint64
+			ResponsesReceived: sp.ResponsesReceived(),
+			// ResponsesSent uint64
+			// RetransmissionsReceived uint64
+			// RetransmissionsSent uint64
+			// ConsentRequestsSent uint64
+			// ConsentExpiredTimestamp time.Time
+		}
+	})
+	if err != nil {
+		a.log.Errorf("Failed to get selected candidate pair stats: %v", err)
+		return CandidatePairStats{}, false
+	}
+
+	return res, isAvailable
+}
+
+// GetLocalCandidatesStats returns a list of local candidates stats
+func (a *Agent) GetLocalCandidatesStats() []CandidateStats {
+	var res []CandidateStats
+	err := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		result := make([]CandidateStats, 0, len(agent.localCandidates))
+		for networkType, localCandidates := range agent.localCandidates {
+			for _, c := range localCandidates {
+				relayProtocol := ""
+				if c.Type() == CandidateTypeRelay {
+					if cRelay, ok := c.(*CandidateRelay); ok {
+						relayProtocol = cRelay.RelayProtocol()
+					}
+				}
+				stat := CandidateStats{
+					Timestamp:     time.Now(),
+					ID:            c.ID(),
+					NetworkType:   networkType,
+					IP:            c.Address(),
+					Port:          c.Port(),
+					CandidateType: c.Type(),
+					Priority:      c.Priority(),
+					// URL string
+					RelayProtocol: relayProtocol,
+					// Deleted bool
+				}
+				result = append(result, stat)
+			}
+		}
+		res = result
+	})
+	if err != nil {
+		a.log.Errorf("Failed to get candidate pair stats: %v", err)
+		return []CandidateStats{}
+	}
+	return res
+}
+
+// GetRemoteCandidatesStats returns a list of remote candidates stats
+func (a *Agent) GetRemoteCandidatesStats() []CandidateStats {
+	var res []CandidateStats
+	err := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		result := make([]CandidateStats, 0, len(agent.remoteCandidates))
+		for networkType, remoteCandidates := range agent.remoteCandidates {
+			for _, c := range remoteCandidates {
+				stat := CandidateStats{
+					Timestamp:     time.Now(),
+					ID:            c.ID(),
+					NetworkType:   networkType,
+					IP:            c.Address(),
+					Port:          c.Port(),
+					CandidateType: c.Type(),
+					Priority:      c.Priority(),
+					// URL string
+					RelayProtocol: "",
+				}
+				result = append(result, stat)
+			}
+		}
+		res = result
+	})
+	if err != nil {
+		a.log.Errorf("Failed to get candidate pair stats: %v", err)
+		return []CandidateStats{}
+	}
+	return res
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidate.go b/server/vendor/github.com/pion/ice/v2/candidate.go
new file mode 100644
index 0000000..92a0076
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidate.go
@@ -0,0 +1,72 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"context"
+	"net"
+	"time"
+)
+
+const (
+	receiveMTU             = 8192
+	defaultLocalPreference = 65535
+
+	// ComponentRTP indicates that the candidate is used for RTP
+	ComponentRTP uint16 = 1
+	// ComponentRTCP indicates that the candidate is used for RTCP
+	ComponentRTCP
+)
+
+// Candidate represents an ICE candidate
+type Candidate interface {
+	// An arbitrary string used in the freezing algorithm to
+	// group similar candidates.  It is the same for two candidates that
+	// have the same type, base IP address, protocol (UDP, TCP, etc.),
+	// and STUN or TURN server.
+	Foundation() string
+
+	// ID is a unique identifier for just this candidate
+	// Unlike the foundation this is different for each candidate
+	ID() string
+
+	// A component is a piece of a data stream.
+	// An example is one for RTP, and one for RTCP
+	Component() uint16
+	SetComponent(uint16)
+
+	// The last time this candidate received traffic
+	LastReceived() time.Time
+
+	// The last time this candidate sent traffic
+	LastSent() time.Time
+
+	NetworkType() NetworkType
+	Address() string
+	Port() int
+
+	Priority() uint32
+
+	// A transport address related to a
+	//  candidate, which is useful for diagnostics and other purposes
+	RelatedAddress() *CandidateRelatedAddress
+
+	String() string
+	Type() CandidateType
+	TCPType() TCPType
+
+	Equal(other Candidate) bool
+
+	Marshal() string
+
+	addr() net.Addr
+	agent() *Agent
+	context() context.Context
+
+	close() error
+	copy() (Candidate, error)
+	seen(outbound bool)
+	start(a *Agent, conn net.PacketConn, initializedCh <-chan struct{})
+	writeTo(raw []byte, dst Candidate) (int, error)
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidate_base.go b/server/vendor/github.com/pion/ice/v2/candidate_base.go
new file mode 100644
index 0000000..f725985
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidate_base.go
@@ -0,0 +1,572 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"hash/crc32"
+	"io"
+	"net"
+	"strconv"
+	"strings"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/stun"
+)
+
+type candidateBase struct {
+	id            string
+	networkType   NetworkType
+	candidateType CandidateType
+
+	component      uint16
+	address        string
+	port           int
+	relatedAddress *CandidateRelatedAddress
+	tcpType        TCPType
+
+	resolvedAddr net.Addr
+
+	lastSent     atomic.Value
+	lastReceived atomic.Value
+	conn         net.PacketConn
+
+	currAgent *Agent
+	closeCh   chan struct{}
+	closedCh  chan struct{}
+
+	foundationOverride string
+	priorityOverride   uint32
+
+	remoteCandidateCaches map[AddrPort]Candidate
+}
+
+// Done implements context.Context
+func (c *candidateBase) Done() <-chan struct{} {
+	return c.closeCh
+}
+
+// Err implements context.Context
+func (c *candidateBase) Err() error {
+	select {
+	case <-c.closedCh:
+		return ErrRunCanceled
+	default:
+		return nil
+	}
+}
+
+// Deadline implements context.Context
+func (c *candidateBase) Deadline() (deadline time.Time, ok bool) {
+	return time.Time{}, false
+}
+
+// Value implements context.Context
+func (c *candidateBase) Value(interface{}) interface{} {
+	return nil
+}
+
+// ID returns Candidate ID
+func (c *candidateBase) ID() string {
+	return c.id
+}
+
+func (c *candidateBase) Foundation() string {
+	if c.foundationOverride != "" {
+		return c.foundationOverride
+	}
+
+	return fmt.Sprintf("%d", crc32.ChecksumIEEE([]byte(c.Type().String()+c.address+c.networkType.String())))
+}
+
+// Address returns Candidate Address
+func (c *candidateBase) Address() string {
+	return c.address
+}
+
+// Port returns Candidate Port
+func (c *candidateBase) Port() int {
+	return c.port
+}
+
+// Type returns candidate type
+func (c *candidateBase) Type() CandidateType {
+	return c.candidateType
+}
+
+// NetworkType returns candidate NetworkType
+func (c *candidateBase) NetworkType() NetworkType {
+	return c.networkType
+}
+
+// Component returns candidate component
+func (c *candidateBase) Component() uint16 {
+	return c.component
+}
+
+func (c *candidateBase) SetComponent(component uint16) {
+	c.component = component
+}
+
+// LocalPreference returns the local preference for this candidate
+func (c *candidateBase) LocalPreference() uint16 {
+	if c.NetworkType().IsTCP() {
+		// RFC 6544, section 4.2
+		//
+		// In Section 4.1.2.1 of [RFC5245], a recommended formula for UDP ICE
+		// candidate prioritization is defined.  For TCP candidates, the same
+		// formula and candidate type preferences SHOULD be used, and the
+		// RECOMMENDED type preferences for the new candidate types defined in
+		// this document (see Section 5) are 105 for NAT-assisted candidates and
+		// 75 for UDP-tunneled candidates.
+		//
+		// (...)
+		//
+		// With TCP candidates, the local preference part of the recommended
+		// priority formula is updated to also include the directionality
+		// (active, passive, or simultaneous-open) of the TCP connection.  The
+		// RECOMMENDED local preference is then defined as:
+		//
+		//     local preference = (2^13) * direction-pref + other-pref
+		//
+		// The direction-pref MUST be between 0 and 7 (both inclusive), with 7
+		// being the most preferred.  The other-pref MUST be between 0 and 8191
+		// (both inclusive), with 8191 being the most preferred.  It is
+		// RECOMMENDED that the host, UDP-tunneled, and relayed TCP candidates
+		// have the direction-pref assigned as follows: 6 for active, 4 for
+		// passive, and 2 for S-O.  For the NAT-assisted and server reflexive
+		// candidates, the RECOMMENDED values are: 6 for S-O, 4 for active, and
+		// 2 for passive.
+		//
+		// (...)
+		//
+		// If any two candidates have the same type-preference and direction-
+		// pref, they MUST have a unique other-pref.  With this specification,
+		// this usually only happens with multi-homed hosts, in which case
+		// other-pref is the preference for the particular IP address from which
+		// the candidate was obtained.  When there is only a single IP address,
+		// this value SHOULD be set to the maximum allowed value (8191).
+		var otherPref uint16 = 8191
+
+		directionPref := func() uint16 {
+			switch c.Type() {
+			case CandidateTypeHost, CandidateTypeRelay:
+				switch c.tcpType {
+				case TCPTypeActive:
+					return 6
+				case TCPTypePassive:
+					return 4
+				case TCPTypeSimultaneousOpen:
+					return 2
+				case TCPTypeUnspecified:
+					return 0
+				}
+			case CandidateTypePeerReflexive, CandidateTypeServerReflexive:
+				switch c.tcpType {
+				case TCPTypeSimultaneousOpen:
+					return 6
+				case TCPTypeActive:
+					return 4
+				case TCPTypePassive:
+					return 2
+				case TCPTypeUnspecified:
+					return 0
+				}
+			case CandidateTypeUnspecified:
+				return 0
+			}
+			return 0
+		}()
+
+		return (1<<13)*directionPref + otherPref
+	}
+
+	return defaultLocalPreference
+}
+
+// RelatedAddress returns *CandidateRelatedAddress
+func (c *candidateBase) RelatedAddress() *CandidateRelatedAddress {
+	return c.relatedAddress
+}
+
+func (c *candidateBase) TCPType() TCPType {
+	return c.tcpType
+}
+
+// start runs the candidate using the provided connection
+func (c *candidateBase) start(a *Agent, conn net.PacketConn, initializedCh <-chan struct{}) {
+	if c.conn != nil {
+		c.agent().log.Warn("Can't start already started candidateBase")
+		return
+	}
+	c.currAgent = a
+	c.conn = conn
+	c.closeCh = make(chan struct{})
+	c.closedCh = make(chan struct{})
+
+	go c.recvLoop(initializedCh)
+}
+
+func (c *candidateBase) recvLoop(initializedCh <-chan struct{}) {
+	a := c.agent()
+
+	defer close(c.closedCh)
+
+	select {
+	case <-initializedCh:
+	case <-c.closeCh:
+		return
+	}
+
+	buf := make([]byte, receiveMTU)
+	for {
+		n, srcAddr, err := c.conn.ReadFrom(buf)
+		if err != nil {
+			if !(errors.Is(err, io.EOF) || errors.Is(err, net.ErrClosed)) {
+				a.log.Warnf("Failed to read from candidate %s: %v", c, err)
+			}
+			return
+		}
+
+		c.handleInboundPacket(buf[:n], srcAddr)
+	}
+}
+
+func (c *candidateBase) validateSTUNTrafficCache(addr net.Addr) bool {
+	if candidate, ok := c.remoteCandidateCaches[toAddrPort(addr)]; ok {
+		candidate.seen(false)
+		return true
+	}
+	return false
+}
+
+func (c *candidateBase) addRemoteCandidateCache(candidate Candidate, srcAddr net.Addr) {
+	if c.validateSTUNTrafficCache(srcAddr) {
+		return
+	}
+	c.remoteCandidateCaches[toAddrPort(srcAddr)] = candidate
+}
+
+func (c *candidateBase) handleInboundPacket(buf []byte, srcAddr net.Addr) {
+	a := c.agent()
+
+	if stun.IsMessage(buf) {
+		m := &stun.Message{
+			Raw: make([]byte, len(buf)),
+		}
+
+		// Explicitly copy raw buffer so Message can own the memory.
+		copy(m.Raw, buf)
+
+		if err := m.Decode(); err != nil {
+			a.log.Warnf("Failed to handle decode ICE from %s to %s: %v", c.addr(), srcAddr, err)
+			return
+		}
+
+		if err := a.run(c, func(ctx context.Context, a *Agent) {
+			// nolint: contextcheck
+			a.handleInbound(m, c, srcAddr)
+		}); err != nil {
+			a.log.Warnf("Failed to handle message: %v", err)
+		}
+
+		return
+	}
+
+	if !c.validateSTUNTrafficCache(srcAddr) {
+		remoteCandidate, valid := a.validateNonSTUNTraffic(c, srcAddr) //nolint:contextcheck
+		if !valid {
+			a.log.Warnf("Discarded message from %s, not a valid remote candidate", c.addr())
+			return
+		}
+		c.addRemoteCandidateCache(remoteCandidate, srcAddr)
+	}
+
+	// Note: This will return packetio.ErrFull if the buffer ever manages to fill up.
+	if _, err := a.buf.Write(buf); err != nil {
+		a.log.Warnf("Failed to write packet: %s", err)
+		return
+	}
+}
+
+// close stops the recvLoop
+func (c *candidateBase) close() error {
+	// If conn has never been started will be nil
+	if c.Done() == nil {
+		return nil
+	}
+
+	// Assert that conn has not already been closed
+	select {
+	case <-c.Done():
+		return nil
+	default:
+	}
+
+	var firstErr error
+
+	// Unblock recvLoop
+	close(c.closeCh)
+	if err := c.conn.SetDeadline(time.Now()); err != nil {
+		firstErr = err
+	}
+
+	// Close the conn
+	if err := c.conn.Close(); err != nil && firstErr == nil {
+		firstErr = err
+	}
+
+	if firstErr != nil {
+		return firstErr
+	}
+
+	// Wait until the recvLoop is closed
+	<-c.closedCh
+
+	return nil
+}
+
+func (c *candidateBase) writeTo(raw []byte, dst Candidate) (int, error) {
+	n, err := c.conn.WriteTo(raw, dst.addr())
+	if err != nil {
+		// If the connection is closed, we should return the error
+		if errors.Is(err, io.ErrClosedPipe) {
+			return n, err
+		}
+		c.agent().log.Infof("Failed to send packet: %v", err)
+		return n, nil
+	}
+	c.seen(true)
+	return n, nil
+}
+
+// TypePreference returns the type preference for this candidate
+func (c *candidateBase) TypePreference() uint16 {
+	pref := c.Type().Preference()
+	if pref == 0 {
+		return 0
+	}
+
+	if c.NetworkType().IsTCP() {
+		var tcpPriorityOffset uint16 = defaultTCPPriorityOffset
+		if c.agent() != nil {
+			tcpPriorityOffset = c.agent().tcpPriorityOffset
+		}
+
+		pref -= tcpPriorityOffset
+	}
+
+	return pref
+}
+
+// Priority computes the priority for this ICE Candidate
+// See: https://www.rfc-editor.org/rfc/rfc8445#section-5.1.2.1
+func (c *candidateBase) Priority() uint32 {
+	if c.priorityOverride != 0 {
+		return c.priorityOverride
+	}
+
+	// The local preference MUST be an integer from 0 (lowest preference) to
+	// 65535 (highest preference) inclusive.  When there is only a single IP
+	// address, this value SHOULD be set to 65535.  If there are multiple
+	// candidates for a particular component for a particular data stream
+	// that have the same type, the local preference MUST be unique for each
+	// one.
+
+	return (1<<24)*uint32(c.TypePreference()) +
+		(1<<8)*uint32(c.LocalPreference()) +
+		(1<<0)*uint32(256-c.Component())
+}
+
+// Equal is used to compare two candidateBases
+func (c *candidateBase) Equal(other Candidate) bool {
+	return c.NetworkType() == other.NetworkType() &&
+		c.Type() == other.Type() &&
+		c.Address() == other.Address() &&
+		c.Port() == other.Port() &&
+		c.TCPType() == other.TCPType() &&
+		c.RelatedAddress().Equal(other.RelatedAddress())
+}
+
+// String makes the candidateBase printable
+func (c *candidateBase) String() string {
+	return fmt.Sprintf("%s %s %s%s", c.NetworkType(), c.Type(), net.JoinHostPort(c.Address(), strconv.Itoa(c.Port())), c.relatedAddress)
+}
+
+// LastReceived returns a time.Time indicating the last time
+// this candidate was received
+func (c *candidateBase) LastReceived() time.Time {
+	if lastReceived, ok := c.lastReceived.Load().(time.Time); ok {
+		return lastReceived
+	}
+	return time.Time{}
+}
+
+func (c *candidateBase) setLastReceived(t time.Time) {
+	c.lastReceived.Store(t)
+}
+
+// LastSent returns a time.Time indicating the last time
+// this candidate was sent
+func (c *candidateBase) LastSent() time.Time {
+	if lastSent, ok := c.lastSent.Load().(time.Time); ok {
+		return lastSent
+	}
+	return time.Time{}
+}
+
+func (c *candidateBase) setLastSent(t time.Time) {
+	c.lastSent.Store(t)
+}
+
+func (c *candidateBase) seen(outbound bool) {
+	if outbound {
+		c.setLastSent(time.Now())
+	} else {
+		c.setLastReceived(time.Now())
+	}
+}
+
+func (c *candidateBase) addr() net.Addr {
+	return c.resolvedAddr
+}
+
+func (c *candidateBase) agent() *Agent {
+	return c.currAgent
+}
+
+func (c *candidateBase) context() context.Context {
+	return c
+}
+
+func (c *candidateBase) copy() (Candidate, error) {
+	return UnmarshalCandidate(c.Marshal())
+}
+
+func removeZoneIDFromAddress(addr string) string {
+	if i := strings.Index(addr, "%"); i != -1 {
+		return addr[:i]
+	}
+	return addr
+}
+
+// Marshal returns the string representation of the ICECandidate
+func (c *candidateBase) Marshal() string {
+	val := c.Foundation()
+	if val == " " {
+		val = ""
+	}
+
+	val = fmt.Sprintf("%s %d %s %d %s %d typ %s",
+		val,
+		c.Component(),
+		c.NetworkType().NetworkShort(),
+		c.Priority(),
+		removeZoneIDFromAddress(c.Address()),
+		c.Port(),
+		c.Type())
+
+	if c.tcpType != TCPTypeUnspecified {
+		val += fmt.Sprintf(" tcptype %s", c.tcpType.String())
+	}
+
+	if r := c.RelatedAddress(); r != nil && r.Address != "" && r.Port != 0 {
+		val = fmt.Sprintf("%s raddr %s rport %d",
+			val,
+			r.Address,
+			r.Port)
+	}
+
+	return val
+}
+
+// UnmarshalCandidate creates a Candidate from its string representation
+func UnmarshalCandidate(raw string) (Candidate, error) {
+	split := strings.Fields(raw)
+	// Foundation not specified: not RFC 8445 compliant but seen in the wild
+	if len(raw) != 0 && raw[0] == ' ' {
+		split = append([]string{" "}, split...)
+	}
+	if len(split) < 8 {
+		return nil, fmt.Errorf("%w (%d)", errAttributeTooShortICECandidate, len(split))
+	}
+
+	// Foundation
+	foundation := split[0]
+
+	// Component
+	rawComponent, err := strconv.ParseUint(split[1], 10, 16)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", errParseComponent, err) //nolint:errorlint
+	}
+	component := uint16(rawComponent)
+
+	// Protocol
+	protocol := split[2]
+
+	// Priority
+	priorityRaw, err := strconv.ParseUint(split[3], 10, 32)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", errParsePriority, err) //nolint:errorlint
+	}
+	priority := uint32(priorityRaw)
+
+	// Address
+	address := removeZoneIDFromAddress(split[4])
+
+	// Port
+	rawPort, err := strconv.ParseUint(split[5], 10, 16)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", errParsePort, err) //nolint:errorlint
+	}
+	port := int(rawPort)
+	typ := split[7]
+
+	relatedAddress := ""
+	relatedPort := 0
+	tcpType := TCPTypeUnspecified
+
+	if len(split) > 8 {
+		split = split[8:]
+
+		if split[0] == "raddr" {
+			if len(split) < 4 {
+				return nil, fmt.Errorf("%w: incorrect length", errParseRelatedAddr)
+			}
+
+			// RelatedAddress
+			relatedAddress = split[1]
+
+			// RelatedPort
+			rawRelatedPort, parseErr := strconv.ParseUint(split[3], 10, 16)
+			if parseErr != nil {
+				return nil, fmt.Errorf("%w: %v", errParsePort, parseErr) //nolint:errorlint
+			}
+			relatedPort = int(rawRelatedPort)
+		} else if split[0] == "tcptype" {
+			if len(split) < 2 {
+				return nil, fmt.Errorf("%w: incorrect length", errParseTCPType)
+			}
+
+			tcpType = NewTCPType(split[1])
+		}
+	}
+
+	switch typ {
+	case "host":
+		return NewCandidateHost(&CandidateHostConfig{"", protocol, address, port, component, priority, foundation, tcpType})
+	case "srflx":
+		return NewCandidateServerReflexive(&CandidateServerReflexiveConfig{"", protocol, address, port, component, priority, foundation, relatedAddress, relatedPort})
+	case "prflx":
+		return NewCandidatePeerReflexive(&CandidatePeerReflexiveConfig{"", protocol, address, port, component, priority, foundation, relatedAddress, relatedPort})
+	case "relay":
+		return NewCandidateRelay(&CandidateRelayConfig{"", protocol, address, port, component, priority, foundation, relatedAddress, relatedPort, "", nil})
+	default:
+	}
+
+	return nil, fmt.Errorf("%w (%s)", ErrUnknownCandidateTyp, typ)
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidate_host.go b/server/vendor/github.com/pion/ice/v2/candidate_host.go
new file mode 100644
index 0000000..5d207dd
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidate_host.go
@@ -0,0 +1,80 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"net"
+	"strings"
+)
+
+// CandidateHost is a candidate of type host
+type CandidateHost struct {
+	candidateBase
+
+	network string
+}
+
+// CandidateHostConfig is the config required to create a new CandidateHost
+type CandidateHostConfig struct {
+	CandidateID string
+	Network     string
+	Address     string
+	Port        int
+	Component   uint16
+	Priority    uint32
+	Foundation  string
+	TCPType     TCPType
+}
+
+// NewCandidateHost creates a new host candidate
+func NewCandidateHost(config *CandidateHostConfig) (*CandidateHost, error) {
+	candidateID := config.CandidateID
+
+	if candidateID == "" {
+		candidateID = globalCandidateIDGenerator.Generate()
+	}
+
+	c := &CandidateHost{
+		candidateBase: candidateBase{
+			id:                    candidateID,
+			address:               config.Address,
+			candidateType:         CandidateTypeHost,
+			component:             config.Component,
+			port:                  config.Port,
+			tcpType:               config.TCPType,
+			foundationOverride:    config.Foundation,
+			priorityOverride:      config.Priority,
+			remoteCandidateCaches: map[AddrPort]Candidate{},
+		},
+		network: config.Network,
+	}
+
+	if !strings.HasSuffix(config.Address, ".local") {
+		ip := net.ParseIP(config.Address)
+		if ip == nil {
+			return nil, ErrAddressParseFailed
+		}
+
+		if err := c.setIP(ip); err != nil {
+			return nil, err
+		}
+	} else {
+		// Until mDNS candidate is resolved assume it is UDPv4
+		c.candidateBase.networkType = NetworkTypeUDP4
+	}
+
+	return c, nil
+}
+
+func (c *CandidateHost) setIP(ip net.IP) error {
+	networkType, err := determineNetworkType(c.network, ip)
+	if err != nil {
+		return err
+	}
+
+	c.candidateBase.networkType = networkType
+	c.candidateBase.resolvedAddr = createAddr(networkType, ip, c.port)
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidate_peer_reflexive.go b/server/vendor/github.com/pion/ice/v2/candidate_peer_reflexive.go
new file mode 100644
index 0000000..bbcfe33
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidate_peer_reflexive.go
@@ -0,0 +1,64 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package ice ...
+//
+//nolint:dupl
+package ice
+
+import "net"
+
+// CandidatePeerReflexive ...
+type CandidatePeerReflexive struct {
+	candidateBase
+}
+
+// CandidatePeerReflexiveConfig is the config required to create a new CandidatePeerReflexive
+type CandidatePeerReflexiveConfig struct {
+	CandidateID string
+	Network     string
+	Address     string
+	Port        int
+	Component   uint16
+	Priority    uint32
+	Foundation  string
+	RelAddr     string
+	RelPort     int
+}
+
+// NewCandidatePeerReflexive creates a new peer reflective candidate
+func NewCandidatePeerReflexive(config *CandidatePeerReflexiveConfig) (*CandidatePeerReflexive, error) {
+	ip := net.ParseIP(config.Address)
+	if ip == nil {
+		return nil, ErrAddressParseFailed
+	}
+
+	networkType, err := determineNetworkType(config.Network, ip)
+	if err != nil {
+		return nil, err
+	}
+
+	candidateID := config.CandidateID
+	if candidateID == "" {
+		candidateID = globalCandidateIDGenerator.Generate()
+	}
+
+	return &CandidatePeerReflexive{
+		candidateBase: candidateBase{
+			id:                 candidateID,
+			networkType:        networkType,
+			candidateType:      CandidateTypePeerReflexive,
+			address:            config.Address,
+			port:               config.Port,
+			resolvedAddr:       createAddr(networkType, ip, config.Port),
+			component:          config.Component,
+			foundationOverride: config.Foundation,
+			priorityOverride:   config.Priority,
+			relatedAddress: &CandidateRelatedAddress{
+				Address: config.RelAddr,
+				Port:    config.RelPort,
+			},
+			remoteCandidateCaches: map[AddrPort]Candidate{},
+		},
+	}, nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidate_relay.go b/server/vendor/github.com/pion/ice/v2/candidate_relay.go
new file mode 100644
index 0000000..fa5297b
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidate_relay.go
@@ -0,0 +1,115 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"net"
+)
+
+// CandidateRelay ...
+type CandidateRelay struct {
+	candidateBase
+
+	relayProtocol string
+	onClose       func() error
+}
+
+// CandidateRelayConfig is the config required to create a new CandidateRelay
+type CandidateRelayConfig struct {
+	CandidateID   string
+	Network       string
+	Address       string
+	Port          int
+	Component     uint16
+	Priority      uint32
+	Foundation    string
+	RelAddr       string
+	RelPort       int
+	RelayProtocol string
+	OnClose       func() error
+}
+
+// NewCandidateRelay creates a new relay candidate
+func NewCandidateRelay(config *CandidateRelayConfig) (*CandidateRelay, error) {
+	candidateID := config.CandidateID
+
+	if candidateID == "" {
+		candidateID = globalCandidateIDGenerator.Generate()
+	}
+
+	ip := net.ParseIP(config.Address)
+	if ip == nil {
+		return nil, ErrAddressParseFailed
+	}
+
+	networkType, err := determineNetworkType(config.Network, ip)
+	if err != nil {
+		return nil, err
+	}
+
+	return &CandidateRelay{
+		candidateBase: candidateBase{
+			id:                 candidateID,
+			networkType:        networkType,
+			candidateType:      CandidateTypeRelay,
+			address:            config.Address,
+			port:               config.Port,
+			resolvedAddr:       &net.UDPAddr{IP: ip, Port: config.Port},
+			component:          config.Component,
+			foundationOverride: config.Foundation,
+			priorityOverride:   config.Priority,
+			relatedAddress: &CandidateRelatedAddress{
+				Address: config.RelAddr,
+				Port:    config.RelPort,
+			},
+			remoteCandidateCaches: map[AddrPort]Candidate{},
+		},
+		relayProtocol: config.RelayProtocol,
+		onClose:       config.OnClose,
+	}, nil
+}
+
+// LocalPreference returns the local preference for this candidate
+func (c *CandidateRelay) LocalPreference() uint16 {
+	// These preference values come from libwebrtc
+	// https://github.com/mozilla/libwebrtc/blob/1389c76d9c79839a2ca069df1db48aa3f2e6a1ac/p2p/base/turn_port.cc#L61
+	var relayPreference uint16
+	switch c.relayProtocol {
+	case relayProtocolTLS, relayProtocolDTLS:
+		relayPreference = 2
+	case tcp:
+		relayPreference = 1
+	default:
+		relayPreference = 0
+	}
+
+	return c.candidateBase.LocalPreference() + relayPreference
+}
+
+// RelayProtocol returns the protocol used between the endpoint and the relay server.
+func (c *CandidateRelay) RelayProtocol() string {
+	return c.relayProtocol
+}
+
+func (c *CandidateRelay) close() error {
+	err := c.candidateBase.close()
+	if c.onClose != nil {
+		err = c.onClose()
+		c.onClose = nil
+	}
+	return err
+}
+
+func (c *CandidateRelay) copy() (Candidate, error) {
+	cc, err := c.candidateBase.copy()
+	if err != nil {
+		return nil, err
+	}
+
+	if ccr, ok := cc.(*CandidateRelay); ok {
+		ccr.relayProtocol = c.relayProtocol
+	}
+
+	return cc, nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidate_server_reflexive.go b/server/vendor/github.com/pion/ice/v2/candidate_server_reflexive.go
new file mode 100644
index 0000000..3a8ac0f
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidate_server_reflexive.go
@@ -0,0 +1,61 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "net"
+
+// CandidateServerReflexive ...
+type CandidateServerReflexive struct {
+	candidateBase
+}
+
+// CandidateServerReflexiveConfig is the config required to create a new CandidateServerReflexive
+type CandidateServerReflexiveConfig struct {
+	CandidateID string
+	Network     string
+	Address     string
+	Port        int
+	Component   uint16
+	Priority    uint32
+	Foundation  string
+	RelAddr     string
+	RelPort     int
+}
+
+// NewCandidateServerReflexive creates a new server reflective candidate
+func NewCandidateServerReflexive(config *CandidateServerReflexiveConfig) (*CandidateServerReflexive, error) {
+	ip := net.ParseIP(config.Address)
+	if ip == nil {
+		return nil, ErrAddressParseFailed
+	}
+
+	networkType, err := determineNetworkType(config.Network, ip)
+	if err != nil {
+		return nil, err
+	}
+
+	candidateID := config.CandidateID
+	if candidateID == "" {
+		candidateID = globalCandidateIDGenerator.Generate()
+	}
+
+	return &CandidateServerReflexive{
+		candidateBase: candidateBase{
+			id:                 candidateID,
+			networkType:        networkType,
+			candidateType:      CandidateTypeServerReflexive,
+			address:            config.Address,
+			port:               config.Port,
+			resolvedAddr:       &net.UDPAddr{IP: ip, Port: config.Port},
+			component:          config.Component,
+			foundationOverride: config.Foundation,
+			priorityOverride:   config.Priority,
+			relatedAddress: &CandidateRelatedAddress{
+				Address: config.RelAddr,
+				Port:    config.RelPort,
+			},
+			remoteCandidateCaches: map[AddrPort]Candidate{},
+		},
+	}, nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidatepair.go b/server/vendor/github.com/pion/ice/v2/candidatepair.go
new file mode 100644
index 0000000..38f8ccb
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidatepair.go
@@ -0,0 +1,136 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"fmt"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/stun"
+)
+
+func newCandidatePair(local, remote Candidate, controlling bool) *CandidatePair {
+	return &CandidatePair{
+		iceRoleControlling: controlling,
+		Remote:             remote,
+		Local:              local,
+		state:              CandidatePairStateWaiting,
+	}
+}
+
+// CandidatePair is a combination of a
+// local and remote candidate
+type CandidatePair struct {
+	iceRoleControlling       bool
+	Remote                   Candidate
+	Local                    Candidate
+	bindingRequestCount      uint16
+	state                    CandidatePairState
+	nominated                bool
+	nominateOnBindingSuccess bool
+
+	// stats
+	currentRoundTripTime int64 // in ns
+	totalRoundTripTime   int64 // in ns
+	responsesReceived    uint64
+}
+
+func (p *CandidatePair) String() string {
+	if p == nil {
+		return ""
+	}
+
+	return fmt.Sprintf("prio %d (local, prio %d) %s <-> %s (remote, prio %d), state: %s, nominated: %v, nominateOnBindingSuccess: %v",
+		p.priority(), p.Local.Priority(), p.Local, p.Remote, p.Remote.Priority(), p.state, p.nominated, p.nominateOnBindingSuccess)
+}
+
+func (p *CandidatePair) equal(other *CandidatePair) bool {
+	if p == nil && other == nil {
+		return true
+	}
+	if p == nil || other == nil {
+		return false
+	}
+	return p.Local.Equal(other.Local) && p.Remote.Equal(other.Remote)
+}
+
+// RFC 5245 - 5.7.2.  Computing Pair Priority and Ordering Pairs
+// Let G be the priority for the candidate provided by the controlling
+// agent.  Let D be the priority for the candidate provided by the
+// controlled agent.
+// pair priority = 2^32*MIN(G,D) + 2*MAX(G,D) + (G>D?1:0)
+func (p *CandidatePair) priority() uint64 {
+	var g, d uint32
+	if p.iceRoleControlling {
+		g = p.Local.Priority()
+		d = p.Remote.Priority()
+	} else {
+		g = p.Remote.Priority()
+		d = p.Local.Priority()
+	}
+
+	// Just implement these here rather
+	// than fooling around with the math package
+	min := func(x, y uint32) uint64 {
+		if x < y {
+			return uint64(x)
+		}
+		return uint64(y)
+	}
+	max := func(x, y uint32) uint64 {
+		if x > y {
+			return uint64(x)
+		}
+		return uint64(y)
+	}
+	cmp := func(x, y uint32) uint64 {
+		if x > y {
+			return uint64(1)
+		}
+		return uint64(0)
+	}
+
+	// 1<<32 overflows uint32; and if both g && d are
+	// maxUint32, this result would overflow uint64
+	return (1<<32-1)*min(g, d) + 2*max(g, d) + cmp(g, d)
+}
+
+func (p *CandidatePair) Write(b []byte) (int, error) {
+	return p.Local.writeTo(b, p.Remote)
+}
+
+func (a *Agent) sendSTUN(msg *stun.Message, local, remote Candidate) {
+	_, err := local.writeTo(msg.Raw, remote)
+	if err != nil {
+		a.log.Tracef("Failed to send STUN message: %s", err)
+	}
+}
+
+// UpdateRoundTripTime sets the current round time of this pair and
+// accumulates total round trip time and responses received
+func (p *CandidatePair) UpdateRoundTripTime(rtt time.Duration) {
+	rttNs := rtt.Nanoseconds()
+	atomic.StoreInt64(&p.currentRoundTripTime, rttNs)
+	atomic.AddInt64(&p.totalRoundTripTime, rttNs)
+	atomic.AddUint64(&p.responsesReceived, 1)
+}
+
+// CurrentRoundTripTime returns the current round trip time in seconds
+// https://www.w3.org/TR/webrtc-stats/#dom-rtcicecandidatepairstats-currentroundtriptime
+func (p *CandidatePair) CurrentRoundTripTime() float64 {
+	return time.Duration(atomic.LoadInt64(&p.currentRoundTripTime)).Seconds()
+}
+
+// TotalRoundTripTime returns the current round trip time in seconds
+// https://www.w3.org/TR/webrtc-stats/#dom-rtcicecandidatepairstats-totalroundtriptime
+func (p *CandidatePair) TotalRoundTripTime() float64 {
+	return time.Duration(atomic.LoadInt64(&p.totalRoundTripTime)).Seconds()
+}
+
+// ResponsesReceived returns the total number of connectivity responses received
+// https://www.w3.org/TR/webrtc-stats/#dom-rtcicecandidatepairstats-responsesreceived
+func (p *CandidatePair) ResponsesReceived() uint64 {
+	return atomic.LoadUint64(&p.responsesReceived)
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidatepair_state.go b/server/vendor/github.com/pion/ice/v2/candidatepair_state.go
new file mode 100644
index 0000000..1a1e827
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidatepair_state.go
@@ -0,0 +1,40 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+// CandidatePairState represent the ICE candidate pair state
+type CandidatePairState int
+
+const (
+	// CandidatePairStateWaiting means a check has not been performed for
+	// this pair
+	CandidatePairStateWaiting = iota + 1
+
+	// CandidatePairStateInProgress means a check has been sent for this pair,
+	// but the transaction is in progress.
+	CandidatePairStateInProgress
+
+	// CandidatePairStateFailed means a check for this pair was already done
+	// and failed, either never producing any response or producing an unrecoverable
+	// failure response.
+	CandidatePairStateFailed
+
+	// CandidatePairStateSucceeded means a check for this pair was already
+	// done and produced a successful result.
+	CandidatePairStateSucceeded
+)
+
+func (c CandidatePairState) String() string {
+	switch c {
+	case CandidatePairStateWaiting:
+		return "waiting"
+	case CandidatePairStateInProgress:
+		return "in-progress"
+	case CandidatePairStateFailed:
+		return "failed"
+	case CandidatePairStateSucceeded:
+		return "succeeded"
+	}
+	return "Unknown candidate pair state"
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidaterelatedaddress.go b/server/vendor/github.com/pion/ice/v2/candidaterelatedaddress.go
new file mode 100644
index 0000000..e87c705
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidaterelatedaddress.go
@@ -0,0 +1,33 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "fmt"
+
+// CandidateRelatedAddress convey transport addresses related to the
+// candidate, useful for diagnostics and other purposes.
+type CandidateRelatedAddress struct {
+	Address string
+	Port    int
+}
+
+// String makes CandidateRelatedAddress printable
+func (c *CandidateRelatedAddress) String() string {
+	if c == nil {
+		return ""
+	}
+
+	return fmt.Sprintf(" related %s:%d", c.Address, c.Port)
+}
+
+// Equal allows comparing two CandidateRelatedAddresses.
+// The CandidateRelatedAddress are allowed to be nil.
+func (c *CandidateRelatedAddress) Equal(other *CandidateRelatedAddress) bool {
+	if c == nil && other == nil {
+		return true
+	}
+	return c != nil && other != nil &&
+		c.Address == other.Address &&
+		c.Port == other.Port
+}
diff --git a/server/vendor/github.com/pion/ice/v2/candidatetype.go b/server/vendor/github.com/pion/ice/v2/candidatetype.go
new file mode 100644
index 0000000..3972934
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/candidatetype.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+// CandidateType represents the type of candidate
+type CandidateType byte
+
+// CandidateType enum
+const (
+	CandidateTypeUnspecified CandidateType = iota
+	CandidateTypeHost
+	CandidateTypeServerReflexive
+	CandidateTypePeerReflexive
+	CandidateTypeRelay
+)
+
+// String makes CandidateType printable
+func (c CandidateType) String() string {
+	switch c {
+	case CandidateTypeHost:
+		return "host"
+	case CandidateTypeServerReflexive:
+		return "srflx"
+	case CandidateTypePeerReflexive:
+		return "prflx"
+	case CandidateTypeRelay:
+		return "relay"
+	case CandidateTypeUnspecified:
+		return "Unknown candidate type"
+	}
+	return "Unknown candidate type"
+}
+
+// Preference returns the preference weight of a CandidateType
+//
+// 4.1.2.2.  Guidelines for Choosing Type and Local Preferences
+// The RECOMMENDED values are 126 for host candidates, 100
+// for server reflexive candidates, 110 for peer reflexive candidates,
+// and 0 for relayed candidates.
+func (c CandidateType) Preference() uint16 {
+	switch c {
+	case CandidateTypeHost:
+		return 126
+	case CandidateTypePeerReflexive:
+		return 110
+	case CandidateTypeServerReflexive:
+		return 100
+	case CandidateTypeRelay, CandidateTypeUnspecified:
+		return 0
+	}
+	return 0
+}
+
+func containsCandidateType(candidateType CandidateType, candidateTypeList []CandidateType) bool {
+	if candidateTypeList == nil {
+		return false
+	}
+	for _, ct := range candidateTypeList {
+		if ct == candidateType {
+			return true
+		}
+	}
+	return false
+}
diff --git a/server/vendor/github.com/pion/ice/v2/codecov.yml b/server/vendor/github.com/pion/ice/v2/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/ice/v2/context.go b/server/vendor/github.com/pion/ice/v2/context.go
new file mode 100644
index 0000000..3645445
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/context.go
@@ -0,0 +1,40 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"context"
+	"time"
+)
+
+func (a *Agent) context() context.Context {
+	return agentContext(a.done)
+}
+
+type agentContext chan struct{}
+
+// Done implements context.Context
+func (a agentContext) Done() <-chan struct{} {
+	return (chan struct{})(a)
+}
+
+// Err implements context.Context
+func (a agentContext) Err() error {
+	select {
+	case <-(chan struct{})(a):
+		return ErrRunCanceled
+	default:
+		return nil
+	}
+}
+
+// Deadline implements context.Context
+func (a agentContext) Deadline() (deadline time.Time, ok bool) {
+	return time.Time{}, false
+}
+
+// Value implements context.Context
+func (a agentContext) Value(interface{}) interface{} {
+	return nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/errors.go b/server/vendor/github.com/pion/ice/v2/errors.go
new file mode 100644
index 0000000..46785ed
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/errors.go
@@ -0,0 +1,140 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "errors"
+
+var (
+	// ErrUnknownType indicates an error with Unknown info.
+	ErrUnknownType = errors.New("Unknown")
+
+	// ErrSchemeType indicates the scheme type could not be parsed.
+	ErrSchemeType = errors.New("unknown scheme type")
+
+	// ErrSTUNQuery indicates query arguments are provided in a STUN URL.
+	ErrSTUNQuery = errors.New("queries not supported in STUN address")
+
+	// ErrInvalidQuery indicates an malformed query is provided.
+	ErrInvalidQuery = errors.New("invalid query")
+
+	// ErrHost indicates malformed hostname is provided.
+	ErrHost = errors.New("invalid hostname")
+
+	// ErrPort indicates malformed port is provided.
+	ErrPort = errors.New("invalid port")
+
+	// ErrLocalUfragInsufficientBits indicates local username fragment insufficient bits are provided.
+	// Have to be at least 24 bits long
+	ErrLocalUfragInsufficientBits = errors.New("local username fragment is less than 24 bits long")
+
+	// ErrLocalPwdInsufficientBits indicates local password insufficient bits are provided.
+	// Have to be at least 128 bits long
+	ErrLocalPwdInsufficientBits = errors.New("local password is less than 128 bits long")
+
+	// ErrProtoType indicates an unsupported transport type was provided.
+	ErrProtoType = errors.New("invalid transport protocol type")
+
+	// ErrClosed indicates the agent is closed
+	ErrClosed = errors.New("the agent is closed")
+
+	// ErrNoCandidatePairs indicates agent does not have a valid candidate pair
+	ErrNoCandidatePairs = errors.New("no candidate pairs available")
+
+	// ErrCanceledByCaller indicates agent connection was canceled by the caller
+	ErrCanceledByCaller = errors.New("connecting canceled by caller")
+
+	// ErrMultipleStart indicates agent was started twice
+	ErrMultipleStart = errors.New("attempted to start agent twice")
+
+	// ErrRemoteUfragEmpty indicates agent was started with an empty remote ufrag
+	ErrRemoteUfragEmpty = errors.New("remote ufrag is empty")
+
+	// ErrRemotePwdEmpty indicates agent was started with an empty remote pwd
+	ErrRemotePwdEmpty = errors.New("remote pwd is empty")
+
+	// ErrNoOnCandidateHandler indicates agent was started without OnCandidate
+	ErrNoOnCandidateHandler = errors.New("no OnCandidate provided")
+
+	// ErrMultipleGatherAttempted indicates GatherCandidates has been called multiple times
+	ErrMultipleGatherAttempted = errors.New("attempting to gather candidates during gathering state")
+
+	// ErrUsernameEmpty indicates agent was give TURN URL with an empty Username
+	ErrUsernameEmpty = errors.New("username is empty")
+
+	// ErrPasswordEmpty indicates agent was give TURN URL with an empty Password
+	ErrPasswordEmpty = errors.New("password is empty")
+
+	// ErrAddressParseFailed indicates we were unable to parse a candidate address
+	ErrAddressParseFailed = errors.New("failed to parse address")
+
+	// ErrLiteUsingNonHostCandidates indicates non host candidates were selected for a lite agent
+	ErrLiteUsingNonHostCandidates = errors.New("lite agents must only use host candidates")
+
+	// ErrUselessUrlsProvided indicates that one or more URL was provided to the agent but no host
+	// candidate required them
+	ErrUselessUrlsProvided = errors.New("agent does not need URL with selected candidate types")
+
+	// ErrUnsupportedNAT1To1IPCandidateType indicates that the specified NAT1To1IPCandidateType is
+	// unsupported
+	ErrUnsupportedNAT1To1IPCandidateType = errors.New("unsupported 1:1 NAT IP candidate type")
+
+	// ErrInvalidNAT1To1IPMapping indicates that the given 1:1 NAT IP mapping is invalid
+	ErrInvalidNAT1To1IPMapping = errors.New("invalid 1:1 NAT IP mapping")
+
+	// ErrExternalMappedIPNotFound in NAT1To1IPMapping
+	ErrExternalMappedIPNotFound = errors.New("external mapped IP not found")
+
+	// ErrMulticastDNSWithNAT1To1IPMapping indicates that the mDNS gathering cannot be used along
+	// with 1:1 NAT IP mapping for host candidate.
+	ErrMulticastDNSWithNAT1To1IPMapping = errors.New("mDNS gathering cannot be used with 1:1 NAT IP mapping for host candidate")
+
+	// ErrIneffectiveNAT1To1IPMappingHost indicates that 1:1 NAT IP mapping for host candidate is
+	// requested, but the host candidate type is disabled.
+	ErrIneffectiveNAT1To1IPMappingHost = errors.New("1:1 NAT IP mapping for host candidate ineffective")
+
+	// ErrIneffectiveNAT1To1IPMappingSrflx indicates that 1:1 NAT IP mapping for srflx candidate is
+	// requested, but the srflx candidate type is disabled.
+	ErrIneffectiveNAT1To1IPMappingSrflx = errors.New("1:1 NAT IP mapping for srflx candidate ineffective")
+
+	// ErrInvalidMulticastDNSHostName indicates an invalid MulticastDNSHostName
+	ErrInvalidMulticastDNSHostName = errors.New("invalid mDNS HostName, must end with .local and can only contain a single '.'")
+
+	// ErrRunCanceled indicates a run operation was canceled by its individual done
+	ErrRunCanceled = errors.New("run was canceled by done")
+
+	// ErrTCPRemoteAddrAlreadyExists indicates we already have the connection with same remote addr.
+	ErrTCPRemoteAddrAlreadyExists = errors.New("conn with same remote addr already exists")
+
+	// ErrUnknownCandidateTyp indicates that a candidate had a unknown type value.
+	ErrUnknownCandidateTyp = errors.New("unknown candidate typ")
+
+	// ErrDetermineNetworkType indicates that the NetworkType was not able to be parsed
+	ErrDetermineNetworkType = errors.New("unable to determine networkType")
+
+	errAttributeTooShortICECandidate = errors.New("attribute not long enough to be ICE candidate")
+	errClosingConnection             = errors.New("failed to close connection")
+	errConnectionAddrAlreadyExist    = errors.New("connection with same remote address already exists")
+	errGetXorMappedAddrResponse      = errors.New("failed to get XOR-MAPPED-ADDRESS response")
+	errInvalidAddress                = errors.New("invalid address")
+	errNoTCPMuxAvailable             = errors.New("no TCP mux is available")
+	errNotImplemented                = errors.New("not implemented yet")
+	errNoUDPMuxAvailable             = errors.New("no UDP mux is available")
+	errNoXorAddrMapping              = errors.New("no address mapping")
+	errParseComponent                = errors.New("failed to parse component")
+	errParsePort                     = errors.New("failed to parse port")
+	errParsePriority                 = errors.New("failed to parse priority")
+	errParseRelatedAddr              = errors.New("failed to parse related addresses")
+	errParseTCPType                  = errors.New("failed to parse TCP type")
+	errRead                          = errors.New("failed to read")
+	errUDPMuxDisabled                = errors.New("UDPMux is not enabled")
+	errUnknownRole                   = errors.New("unknown role")
+	errWrite                         = errors.New("failed to write")
+	errWriteSTUNMessage              = errors.New("failed to send STUN message")
+	errWriteSTUNMessageToIceConn     = errors.New("failed to write STUN message to ICE connection")
+	errXORMappedAddrTimeout          = errors.New("timeout while waiting for XORMappedAddr")
+
+	// UDPMuxDefault should not listen on unspecified address, but to keep backward compatibility, don't return error now.
+	// will be used in the future.
+	// errListenUnspecified             = errors.New("can't listen on unspecified address")
+)
diff --git a/server/vendor/github.com/pion/ice/v2/external_ip_mapper.go b/server/vendor/github.com/pion/ice/v2/external_ip_mapper.go
new file mode 100644
index 0000000..3d542fb
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/external_ip_mapper.go
@@ -0,0 +1,153 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"net"
+	"strings"
+)
+
+func validateIPString(ipStr string) (net.IP, bool, error) {
+	ip := net.ParseIP(ipStr)
+	if ip == nil {
+		return nil, false, ErrInvalidNAT1To1IPMapping
+	}
+	return ip, (ip.To4() != nil), nil
+}
+
+// ipMapping holds the mapping of local and external IP address for a particular IP family
+type ipMapping struct {
+	ipSole net.IP            // When non-nil, this is the sole external IP for one local IP assumed
+	ipMap  map[string]net.IP // Local-to-external IP mapping (k: local, v: external)
+	valid  bool              // If not set any external IP, valid is false
+}
+
+func (m *ipMapping) setSoleIP(ip net.IP) error {
+	if m.ipSole != nil || len(m.ipMap) > 0 {
+		return ErrInvalidNAT1To1IPMapping
+	}
+
+	m.ipSole = ip
+	m.valid = true
+
+	return nil
+}
+
+func (m *ipMapping) addIPMapping(locIP, extIP net.IP) error {
+	if m.ipSole != nil {
+		return ErrInvalidNAT1To1IPMapping
+	}
+
+	locIPStr := locIP.String()
+
+	// Check if dup of local IP
+	if _, ok := m.ipMap[locIPStr]; ok {
+		return ErrInvalidNAT1To1IPMapping
+	}
+
+	m.ipMap[locIPStr] = extIP
+	m.valid = true
+
+	return nil
+}
+
+func (m *ipMapping) findExternalIP(locIP net.IP) (net.IP, error) {
+	if !m.valid {
+		return locIP, nil
+	}
+
+	if m.ipSole != nil {
+		return m.ipSole, nil
+	}
+
+	extIP, ok := m.ipMap[locIP.String()]
+	if !ok {
+		return nil, ErrExternalMappedIPNotFound
+	}
+
+	return extIP, nil
+}
+
+type externalIPMapper struct {
+	ipv4Mapping   ipMapping
+	ipv6Mapping   ipMapping
+	candidateType CandidateType
+}
+
+func newExternalIPMapper(candidateType CandidateType, ips []string) (*externalIPMapper, error) { //nolint:gocognit
+	if len(ips) == 0 {
+		return nil, nil //nolint:nilnil
+	}
+	if candidateType == CandidateTypeUnspecified {
+		candidateType = CandidateTypeHost // Defaults to host
+	} else if candidateType != CandidateTypeHost && candidateType != CandidateTypeServerReflexive {
+		return nil, ErrUnsupportedNAT1To1IPCandidateType
+	}
+
+	m := &externalIPMapper{
+		ipv4Mapping:   ipMapping{ipMap: map[string]net.IP{}},
+		ipv6Mapping:   ipMapping{ipMap: map[string]net.IP{}},
+		candidateType: candidateType,
+	}
+
+	for _, extIPStr := range ips {
+		ipPair := strings.Split(extIPStr, "/")
+		if len(ipPair) == 0 || len(ipPair) > 2 {
+			return nil, ErrInvalidNAT1To1IPMapping
+		}
+
+		extIP, isExtIPv4, err := validateIPString(ipPair[0])
+		if err != nil {
+			return nil, err
+		}
+		if len(ipPair) == 1 {
+			if isExtIPv4 {
+				if err := m.ipv4Mapping.setSoleIP(extIP); err != nil {
+					return nil, err
+				}
+			} else {
+				if err := m.ipv6Mapping.setSoleIP(extIP); err != nil {
+					return nil, err
+				}
+			}
+		} else {
+			locIP, isLocIPv4, err := validateIPString(ipPair[1])
+			if err != nil {
+				return nil, err
+			}
+			if isExtIPv4 {
+				if !isLocIPv4 {
+					return nil, ErrInvalidNAT1To1IPMapping
+				}
+
+				if err := m.ipv4Mapping.addIPMapping(locIP, extIP); err != nil {
+					return nil, err
+				}
+			} else {
+				if isLocIPv4 {
+					return nil, ErrInvalidNAT1To1IPMapping
+				}
+
+				if err := m.ipv6Mapping.addIPMapping(locIP, extIP); err != nil {
+					return nil, err
+				}
+			}
+		}
+	}
+
+	return m, nil
+}
+
+func (m *externalIPMapper) findExternalIP(localIPStr string) (net.IP, error) {
+	locIP, isLocIPv4, err := validateIPString(localIPStr)
+	if err != nil {
+		return nil, err
+	}
+
+	if isLocIPv4 {
+		return m.ipv4Mapping.findExternalIP(locIP)
+	}
+
+	return m.ipv6Mapping.findExternalIP(locIP)
+}
diff --git a/server/vendor/github.com/pion/ice/v2/gather.go b/server/vendor/github.com/pion/ice/v2/gather.go
new file mode 100644
index 0000000..3ca8086
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/gather.go
@@ -0,0 +1,720 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"context"
+	"crypto/tls"
+	"fmt"
+	"io"
+	"net"
+	"reflect"
+	"sync"
+	"time"
+
+	"github.com/pion/dtls/v2"
+	"github.com/pion/ice/v2/internal/fakenet"
+	stunx "github.com/pion/ice/v2/internal/stun"
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/turn/v2"
+)
+
+const (
+	stunGatherTimeout = time.Second * 5
+)
+
+// Close a net.Conn and log if we have a failure
+func closeConnAndLog(c io.Closer, log logging.LeveledLogger, msg string, args ...interface{}) {
+	if c == nil || (reflect.ValueOf(c).Kind() == reflect.Ptr && reflect.ValueOf(c).IsNil()) {
+		log.Warnf("Connection is not allocated: "+msg, args...)
+		return
+	}
+
+	log.Warnf(msg, args...)
+	if err := c.Close(); err != nil {
+		log.Warnf("Failed to close connection: %v", err)
+	}
+}
+
+// GatherCandidates initiates the trickle based gathering process.
+func (a *Agent) GatherCandidates() error {
+	var gatherErr error
+
+	if runErr := a.run(a.context(), func(ctx context.Context, agent *Agent) {
+		if a.gatheringState != GatheringStateNew {
+			gatherErr = ErrMultipleGatherAttempted
+			return
+		} else if a.onCandidateHdlr.Load() == nil {
+			gatherErr = ErrNoOnCandidateHandler
+			return
+		}
+
+		a.gatherCandidateCancel() // Cancel previous gathering routine
+		ctx, cancel := context.WithCancel(ctx)
+		a.gatherCandidateCancel = cancel
+		done := make(chan struct{})
+		a.gatherCandidateDone = done
+
+		go a.gatherCandidates(ctx, done)
+	}); runErr != nil {
+		return runErr
+	}
+	return gatherErr
+}
+
+func (a *Agent) gatherCandidates(ctx context.Context, done chan struct{}) {
+	defer close(done)
+	if err := a.setGatheringState(GatheringStateGathering); err != nil { //nolint:contextcheck
+		a.log.Warnf("Failed to set gatheringState to GatheringStateGathering: %v", err)
+		return
+	}
+
+	var wg sync.WaitGroup
+	for _, t := range a.candidateTypes {
+		switch t {
+		case CandidateTypeHost:
+			wg.Add(1)
+			go func() {
+				a.gatherCandidatesLocal(ctx, a.networkTypes)
+				wg.Done()
+			}()
+		case CandidateTypeServerReflexive:
+			wg.Add(1)
+			go func() {
+				if a.udpMuxSrflx != nil {
+					a.gatherCandidatesSrflxUDPMux(ctx, a.urls, a.networkTypes)
+				} else {
+					a.gatherCandidatesSrflx(ctx, a.urls, a.networkTypes)
+				}
+				wg.Done()
+			}()
+			if a.extIPMapper != nil && a.extIPMapper.candidateType == CandidateTypeServerReflexive {
+				wg.Add(1)
+				go func() {
+					a.gatherCandidatesSrflxMapped(ctx, a.networkTypes)
+					wg.Done()
+				}()
+			}
+		case CandidateTypeRelay:
+			wg.Add(1)
+			go func() {
+				a.gatherCandidatesRelay(ctx, a.urls)
+				wg.Done()
+			}()
+		case CandidateTypePeerReflexive, CandidateTypeUnspecified:
+		}
+	}
+
+	// Block until all STUN and TURN URLs have been gathered (or timed out)
+	wg.Wait()
+
+	if err := a.setGatheringState(GatheringStateComplete); err != nil { //nolint:contextcheck
+		a.log.Warnf("Failed to set gatheringState to GatheringStateComplete: %v", err)
+	}
+}
+
+func (a *Agent) gatherCandidatesLocal(ctx context.Context, networkTypes []NetworkType) { //nolint:gocognit
+	networks := map[string]struct{}{}
+	for _, networkType := range networkTypes {
+		if networkType.IsTCP() {
+			networks[tcp] = struct{}{}
+		} else {
+			networks[udp] = struct{}{}
+		}
+	}
+
+	// When UDPMux is enabled, skip other UDP candidates
+	if a.udpMux != nil {
+		if err := a.gatherCandidatesLocalUDPMux(ctx); err != nil {
+			a.log.Warnf("Failed to create host candidate for UDPMux: %s", err)
+		}
+		delete(networks, udp)
+	}
+
+	localIPs, err := localInterfaces(a.net, a.interfaceFilter, a.ipFilter, networkTypes, a.includeLoopback)
+	if err != nil {
+		a.log.Warnf("Failed to iterate local interfaces, host candidates will not be gathered %s", err)
+		return
+	}
+
+	for _, ip := range localIPs {
+		mappedIP := ip
+		if a.mDNSMode != MulticastDNSModeQueryAndGather && a.extIPMapper != nil && a.extIPMapper.candidateType == CandidateTypeHost {
+			if _mappedIP, innerErr := a.extIPMapper.findExternalIP(ip.String()); innerErr == nil {
+				mappedIP = _mappedIP
+			} else {
+				a.log.Warnf("1:1 NAT mapping is enabled but no external IP is found for %s", ip.String())
+			}
+		}
+
+		address := mappedIP.String()
+		if a.mDNSMode == MulticastDNSModeQueryAndGather {
+			address = a.mDNSName
+		}
+
+		for network := range networks {
+			type connAndPort struct {
+				conn net.PacketConn
+				port int
+			}
+			var (
+				conns   []connAndPort
+				tcpType TCPType
+			)
+
+			switch network {
+			case tcp:
+				if a.tcpMux == nil {
+					continue
+				}
+
+				// Handle ICE TCP passive mode
+				var muxConns []net.PacketConn
+				if multi, ok := a.tcpMux.(AllConnsGetter); ok {
+					a.log.Debugf("GetAllConns by ufrag: %s", a.localUfrag)
+					muxConns, err = multi.GetAllConns(a.localUfrag, mappedIP.To4() == nil, ip)
+					if err != nil {
+						a.log.Warnf("Failed to get all TCP connections by ufrag: %s %s %s", network, ip, a.localUfrag)
+						continue
+					}
+				} else {
+					a.log.Debugf("GetConn by ufrag: %s", a.localUfrag)
+					conn, err := a.tcpMux.GetConnByUfrag(a.localUfrag, mappedIP.To4() == nil, ip)
+					if err != nil {
+						a.log.Warnf("Failed to get TCP connections by ufrag: %s %s %s", network, ip, a.localUfrag)
+						continue
+					}
+					muxConns = []net.PacketConn{conn}
+				}
+
+				// Extract the port for each PacketConn we got.
+				for _, conn := range muxConns {
+					if tcpConn, ok := conn.LocalAddr().(*net.TCPAddr); ok {
+						conns = append(conns, connAndPort{conn, tcpConn.Port})
+					} else {
+						a.log.Warnf("Failed to get port of connection from TCPMux: %s %s %s", network, ip, a.localUfrag)
+					}
+				}
+				if len(conns) == 0 {
+					// Didn't succeed with any, try the next network.
+					continue
+				}
+				tcpType = TCPTypePassive
+				// Is there a way to verify that the listen address is even
+				// accessible from the current interface.
+			case udp:
+				conn, err := listenUDPInPortRange(a.net, a.log, int(a.portMax), int(a.portMin), network, &net.UDPAddr{IP: ip, Port: 0})
+				if err != nil {
+					a.log.Warnf("Failed to listen %s %s", network, ip)
+					continue
+				}
+
+				if udpConn, ok := conn.LocalAddr().(*net.UDPAddr); ok {
+					conns = append(conns, connAndPort{conn, udpConn.Port})
+				} else {
+					a.log.Warnf("Failed to get port of UDPAddr from ListenUDPInPortRange: %s %s %s", network, ip, a.localUfrag)
+					continue
+				}
+			}
+
+			for _, connAndPort := range conns {
+				hostConfig := CandidateHostConfig{
+					Network:   network,
+					Address:   address,
+					Port:      connAndPort.port,
+					Component: ComponentRTP,
+					TCPType:   tcpType,
+				}
+
+				c, err := NewCandidateHost(&hostConfig)
+				if err != nil {
+					closeConnAndLog(connAndPort.conn, a.log, "failed to create host candidate: %s %s %d: %v", network, mappedIP, connAndPort.port, err)
+					continue
+				}
+
+				if a.mDNSMode == MulticastDNSModeQueryAndGather {
+					if err = c.setIP(ip); err != nil {
+						closeConnAndLog(connAndPort.conn, a.log, "failed to create host candidate: %s %s %d: %v", network, mappedIP, connAndPort.port, err)
+						continue
+					}
+				}
+
+				if err := a.addCandidate(ctx, c, connAndPort.conn); err != nil {
+					if closeErr := c.close(); closeErr != nil {
+						a.log.Warnf("Failed to close candidate: %v", closeErr)
+					}
+					a.log.Warnf("Failed to append to localCandidates and run onCandidateHdlr: %v", err)
+				}
+			}
+		}
+	}
+}
+
+func (a *Agent) gatherCandidatesLocalUDPMux(ctx context.Context) error { //nolint:gocognit
+	if a.udpMux == nil {
+		return errUDPMuxDisabled
+	}
+
+	localAddresses := a.udpMux.GetListenAddresses()
+	existingConfigs := make(map[CandidateHostConfig]struct{})
+
+	for _, addr := range localAddresses {
+		udpAddr, ok := addr.(*net.UDPAddr)
+		if !ok {
+			return errInvalidAddress
+		}
+		candidateIP := udpAddr.IP
+		if a.extIPMapper != nil && a.extIPMapper.candidateType == CandidateTypeHost {
+			mappedIP, err := a.extIPMapper.findExternalIP(candidateIP.String())
+			if err != nil {
+				a.log.Warnf("1:1 NAT mapping is enabled but no external IP is found for %s", candidateIP.String())
+				continue
+			}
+
+			candidateIP = mappedIP
+		}
+
+		hostConfig := CandidateHostConfig{
+			Network:   udp,
+			Address:   candidateIP.String(),
+			Port:      udpAddr.Port,
+			Component: ComponentRTP,
+		}
+
+		// Detect a duplicate candidate before calling addCandidate().
+		// otherwise, addCandidate() detects the duplicate candidate
+		// and close its connection, invalidating all candidates
+		// that share the same connection.
+		if _, ok := existingConfigs[hostConfig]; ok {
+			continue
+		}
+
+		conn, err := a.udpMux.GetConn(a.localUfrag, udpAddr)
+		if err != nil {
+			return err
+		}
+
+		c, err := NewCandidateHost(&hostConfig)
+		if err != nil {
+			closeConnAndLog(conn, a.log, "failed to create host mux candidate: %s %d: %v", candidateIP, udpAddr.Port, err)
+			continue
+		}
+
+		if err := a.addCandidate(ctx, c, conn); err != nil {
+			if closeErr := c.close(); closeErr != nil {
+				a.log.Warnf("Failed to close candidate: %v", closeErr)
+			}
+
+			closeConnAndLog(conn, a.log, "failed to add candidate: %s %d: %v", candidateIP, udpAddr.Port, err)
+			continue
+		}
+
+		existingConfigs[hostConfig] = struct{}{}
+	}
+
+	return nil
+}
+
+func (a *Agent) gatherCandidatesSrflxMapped(ctx context.Context, networkTypes []NetworkType) {
+	var wg sync.WaitGroup
+	defer wg.Wait()
+
+	for _, networkType := range networkTypes {
+		if networkType.IsTCP() {
+			continue
+		}
+
+		network := networkType.String()
+		wg.Add(1)
+		go func() {
+			defer wg.Done()
+
+			conn, err := listenUDPInPortRange(a.net, a.log, int(a.portMax), int(a.portMin), network, &net.UDPAddr{IP: nil, Port: 0})
+			if err != nil {
+				a.log.Warnf("Failed to listen %s: %v", network, err)
+				return
+			}
+
+			lAddr, ok := conn.LocalAddr().(*net.UDPAddr)
+			if !ok {
+				closeConnAndLog(conn, a.log, "1:1 NAT mapping is enabled but LocalAddr is not a UDPAddr")
+				return
+			}
+
+			mappedIP, err := a.extIPMapper.findExternalIP(lAddr.IP.String())
+			if err != nil {
+				closeConnAndLog(conn, a.log, "1:1 NAT mapping is enabled but no external IP is found for %s", lAddr.IP.String())
+				return
+			}
+
+			srflxConfig := CandidateServerReflexiveConfig{
+				Network:   network,
+				Address:   mappedIP.String(),
+				Port:      lAddr.Port,
+				Component: ComponentRTP,
+				RelAddr:   lAddr.IP.String(),
+				RelPort:   lAddr.Port,
+			}
+			c, err := NewCandidateServerReflexive(&srflxConfig)
+			if err != nil {
+				closeConnAndLog(conn, a.log, "failed to create server reflexive candidate: %s %s %d: %v",
+					network,
+					mappedIP.String(),
+					lAddr.Port,
+					err)
+				return
+			}
+
+			if err := a.addCandidate(ctx, c, conn); err != nil {
+				if closeErr := c.close(); closeErr != nil {
+					a.log.Warnf("Failed to close candidate: %v", closeErr)
+				}
+				a.log.Warnf("Failed to append to localCandidates and run onCandidateHdlr: %v", err)
+			}
+		}()
+	}
+}
+
+func (a *Agent) gatherCandidatesSrflxUDPMux(ctx context.Context, urls []*stun.URI, networkTypes []NetworkType) { //nolint:gocognit
+	var wg sync.WaitGroup
+	defer wg.Wait()
+
+	for _, networkType := range networkTypes {
+		if networkType.IsTCP() {
+			continue
+		}
+
+		for i := range urls {
+			for _, listenAddr := range a.udpMuxSrflx.GetListenAddresses() {
+				udpAddr, ok := listenAddr.(*net.UDPAddr)
+				if !ok {
+					a.log.Warn("Failed to cast udpMuxSrflx listen address to UDPAddr")
+					continue
+				}
+				wg.Add(1)
+				go func(url stun.URI, network string, localAddr *net.UDPAddr) {
+					defer wg.Done()
+
+					hostPort := fmt.Sprintf("%s:%d", url.Host, url.Port)
+					serverAddr, err := a.net.ResolveUDPAddr(network, hostPort)
+					if err != nil {
+						a.log.Debugf("Failed to resolve STUN host: %s %s: %v", network, hostPort, err)
+						return
+					}
+
+					xorAddr, err := a.udpMuxSrflx.GetXORMappedAddr(serverAddr, stunGatherTimeout)
+					if err != nil {
+						a.log.Warnf("Failed get server reflexive address %s %s: %v", network, url, err)
+						return
+					}
+
+					conn, err := a.udpMuxSrflx.GetConnForURL(a.localUfrag, url.String(), localAddr)
+					if err != nil {
+						a.log.Warnf("Failed to find connection in UDPMuxSrflx %s %s: %v", network, url, err)
+						return
+					}
+
+					ip := xorAddr.IP
+					port := xorAddr.Port
+
+					srflxConfig := CandidateServerReflexiveConfig{
+						Network:   network,
+						Address:   ip.String(),
+						Port:      port,
+						Component: ComponentRTP,
+						RelAddr:   localAddr.IP.String(),
+						RelPort:   localAddr.Port,
+					}
+					c, err := NewCandidateServerReflexive(&srflxConfig)
+					if err != nil {
+						closeConnAndLog(conn, a.log, "failed to create server reflexive candidate: %s %s %d: %v", network, ip, port, err)
+						return
+					}
+
+					if err := a.addCandidate(ctx, c, conn); err != nil {
+						if closeErr := c.close(); closeErr != nil {
+							a.log.Warnf("Failed to close candidate: %v", closeErr)
+						}
+						a.log.Warnf("Failed to append to localCandidates and run onCandidateHdlr: %v", err)
+					}
+				}(*urls[i], networkType.String(), udpAddr)
+			}
+		}
+	}
+}
+
+func (a *Agent) gatherCandidatesSrflx(ctx context.Context, urls []*stun.URI, networkTypes []NetworkType) { //nolint:gocognit
+	var wg sync.WaitGroup
+	defer wg.Wait()
+
+	for _, networkType := range networkTypes {
+		if networkType.IsTCP() {
+			continue
+		}
+
+		for i := range urls {
+			wg.Add(1)
+			go func(url stun.URI, network string) {
+				defer wg.Done()
+
+				hostPort := fmt.Sprintf("%s:%d", url.Host, url.Port)
+				serverAddr, err := a.net.ResolveUDPAddr(network, hostPort)
+				if err != nil {
+					a.log.Debugf("Failed to resolve STUN host: %s %s: %v", network, hostPort, err)
+					return
+				}
+
+				conn, err := listenUDPInPortRange(a.net, a.log, int(a.portMax), int(a.portMin), network, &net.UDPAddr{IP: nil, Port: 0})
+				if err != nil {
+					closeConnAndLog(conn, a.log, "failed to listen for %s: %v", serverAddr.String(), err)
+					return
+				}
+				// If the agent closes midway through the connection
+				// we end it early to prevent close delay.
+				cancelCtx, cancelFunc := context.WithCancel(ctx)
+				defer cancelFunc()
+				go func() {
+					select {
+					case <-cancelCtx.Done():
+						return
+					case <-a.done:
+						_ = conn.Close()
+					}
+				}()
+
+				xorAddr, err := stunx.GetXORMappedAddr(conn, serverAddr, stunGatherTimeout)
+				if err != nil {
+					closeConnAndLog(conn, a.log, "failed to get server reflexive address %s %s: %v", network, url, err)
+					return
+				}
+
+				ip := xorAddr.IP
+				port := xorAddr.Port
+
+				lAddr := conn.LocalAddr().(*net.UDPAddr) //nolint:forcetypeassert
+				srflxConfig := CandidateServerReflexiveConfig{
+					Network:   network,
+					Address:   ip.String(),
+					Port:      port,
+					Component: ComponentRTP,
+					RelAddr:   lAddr.IP.String(),
+					RelPort:   lAddr.Port,
+				}
+				c, err := NewCandidateServerReflexive(&srflxConfig)
+				if err != nil {
+					closeConnAndLog(conn, a.log, "failed to create server reflexive candidate: %s %s %d: %v", network, ip, port, err)
+					return
+				}
+
+				if err := a.addCandidate(ctx, c, conn); err != nil {
+					if closeErr := c.close(); closeErr != nil {
+						a.log.Warnf("Failed to close candidate: %v", closeErr)
+					}
+					a.log.Warnf("Failed to append to localCandidates and run onCandidateHdlr: %v", err)
+				}
+			}(*urls[i], networkType.String())
+		}
+	}
+}
+
+func (a *Agent) gatherCandidatesRelay(ctx context.Context, urls []*stun.URI) { //nolint:gocognit
+	var wg sync.WaitGroup
+	defer wg.Wait()
+
+	network := NetworkTypeUDP4.String()
+	for i := range urls {
+		switch {
+		case urls[i].Scheme != stun.SchemeTypeTURN && urls[i].Scheme != stun.SchemeTypeTURNS:
+			continue
+		case urls[i].Username == "":
+			a.log.Errorf("Failed to gather relay candidates: %v", ErrUsernameEmpty)
+			return
+		case urls[i].Password == "":
+			a.log.Errorf("Failed to gather relay candidates: %v", ErrPasswordEmpty)
+			return
+		}
+
+		wg.Add(1)
+		go func(url stun.URI) {
+			defer wg.Done()
+			turnServerAddr := fmt.Sprintf("%s:%d", url.Host, url.Port)
+			var (
+				locConn       net.PacketConn
+				err           error
+				relAddr       string
+				relPort       int
+				relayProtocol string
+			)
+
+			switch {
+			case url.Proto == stun.ProtoTypeUDP && url.Scheme == stun.SchemeTypeTURN:
+				if locConn, err = a.net.ListenPacket(network, "0.0.0.0:0"); err != nil {
+					a.log.Warnf("Failed to listen %s: %v", network, err)
+					return
+				}
+
+				relAddr = locConn.LocalAddr().(*net.UDPAddr).IP.String() //nolint:forcetypeassert
+				relPort = locConn.LocalAddr().(*net.UDPAddr).Port        //nolint:forcetypeassert
+				relayProtocol = udp
+			case a.proxyDialer != nil && url.Proto == stun.ProtoTypeTCP &&
+				(url.Scheme == stun.SchemeTypeTURN || url.Scheme == stun.SchemeTypeTURNS):
+				conn, connectErr := a.proxyDialer.Dial(NetworkTypeTCP4.String(), turnServerAddr)
+				if connectErr != nil {
+					a.log.Warnf("Failed to dial TCP address %s via proxy dialer: %v", turnServerAddr, connectErr)
+					return
+				}
+
+				relAddr = conn.LocalAddr().(*net.TCPAddr).IP.String() //nolint:forcetypeassert
+				relPort = conn.LocalAddr().(*net.TCPAddr).Port        //nolint:forcetypeassert
+				if url.Scheme == stun.SchemeTypeTURN {
+					relayProtocol = tcp
+				} else if url.Scheme == stun.SchemeTypeTURNS {
+					relayProtocol = "tls"
+				}
+				locConn = turn.NewSTUNConn(conn)
+
+			case url.Proto == stun.ProtoTypeTCP && url.Scheme == stun.SchemeTypeTURN:
+				tcpAddr, connectErr := a.net.ResolveTCPAddr(NetworkTypeTCP4.String(), turnServerAddr)
+				if connectErr != nil {
+					a.log.Warnf("Failed to resolve TCP address %s: %v", turnServerAddr, connectErr)
+					return
+				}
+
+				conn, connectErr := a.net.DialTCP(NetworkTypeTCP4.String(), nil, tcpAddr)
+				if connectErr != nil {
+					a.log.Warnf("Failed to dial TCP address %s: %v", turnServerAddr, connectErr)
+					return
+				}
+
+				relAddr = conn.LocalAddr().(*net.TCPAddr).IP.String() //nolint:forcetypeassert
+				relPort = conn.LocalAddr().(*net.TCPAddr).Port        //nolint:forcetypeassert
+				relayProtocol = tcp
+				locConn = turn.NewSTUNConn(conn)
+			case url.Proto == stun.ProtoTypeUDP && url.Scheme == stun.SchemeTypeTURNS:
+				udpAddr, connectErr := a.net.ResolveUDPAddr(network, turnServerAddr)
+				if connectErr != nil {
+					a.log.Warnf("Failed to resolve UDP address %s: %v", turnServerAddr, connectErr)
+					return
+				}
+
+				udpConn, dialErr := a.net.DialUDP("udp", nil, udpAddr)
+				if dialErr != nil {
+					a.log.Warnf("Failed to dial DTLS address %s: %v", turnServerAddr, dialErr)
+					return
+				}
+
+				conn, connectErr := dtls.ClientWithContext(ctx, udpConn, &dtls.Config{
+					ServerName:         url.Host,
+					InsecureSkipVerify: a.insecureSkipVerify, //nolint:gosec
+				})
+				if connectErr != nil {
+					a.log.Warnf("Failed to create DTLS client: %v", turnServerAddr, connectErr)
+					return
+				}
+
+				relAddr = conn.LocalAddr().(*net.UDPAddr).IP.String() //nolint:forcetypeassert
+				relPort = conn.LocalAddr().(*net.UDPAddr).Port        //nolint:forcetypeassert
+				relayProtocol = relayProtocolDTLS
+				locConn = &fakenet.PacketConn{Conn: conn}
+			case url.Proto == stun.ProtoTypeTCP && url.Scheme == stun.SchemeTypeTURNS:
+				tcpAddr, resolvErr := a.net.ResolveTCPAddr(NetworkTypeTCP4.String(), turnServerAddr)
+				if resolvErr != nil {
+					a.log.Warnf("Failed to resolve relay address %s: %v", turnServerAddr, resolvErr)
+					return
+				}
+
+				tcpConn, dialErr := a.net.DialTCP(NetworkTypeTCP4.String(), nil, tcpAddr)
+				if dialErr != nil {
+					a.log.Warnf("Failed to connect to relay: %v", dialErr)
+					return
+				}
+
+				conn := tls.Client(tcpConn, &tls.Config{
+					ServerName:         url.Host,
+					InsecureSkipVerify: a.insecureSkipVerify, //nolint:gosec
+				})
+
+				if hsErr := conn.HandshakeContext(ctx); hsErr != nil {
+					if closeErr := tcpConn.Close(); closeErr != nil {
+						a.log.Errorf("Failed to close relay connection: %v", closeErr)
+					}
+					a.log.Warnf("Failed to connect to relay: %v", hsErr)
+					return
+				}
+
+				relAddr = conn.LocalAddr().(*net.TCPAddr).IP.String() //nolint:forcetypeassert
+				relPort = conn.LocalAddr().(*net.TCPAddr).Port        //nolint:forcetypeassert
+				relayProtocol = relayProtocolTLS
+				locConn = turn.NewSTUNConn(conn)
+			default:
+				a.log.Warnf("Unable to handle URL in gatherCandidatesRelay %v", url)
+				return
+			}
+
+			client, err := turn.NewClient(&turn.ClientConfig{
+				TURNServerAddr: turnServerAddr,
+				Conn:           locConn,
+				Username:       url.Username,
+				Password:       url.Password,
+				LoggerFactory:  a.loggerFactory,
+				Net:            a.net,
+			})
+			if err != nil {
+				closeConnAndLog(locConn, a.log, "failed to create new TURN client %s %s", turnServerAddr, err)
+				return
+			}
+
+			if err = client.Listen(); err != nil {
+				client.Close()
+				closeConnAndLog(locConn, a.log, "failed to listen on TURN client %s %s", turnServerAddr, err)
+				return
+			}
+
+			relayConn, err := client.Allocate()
+			if err != nil {
+				client.Close()
+				closeConnAndLog(locConn, a.log, "failed to allocate on TURN client %s %s", turnServerAddr, err)
+				return
+			}
+
+			rAddr := relayConn.LocalAddr().(*net.UDPAddr) //nolint:forcetypeassert
+			relayConfig := CandidateRelayConfig{
+				Network:       network,
+				Component:     ComponentRTP,
+				Address:       rAddr.IP.String(),
+				Port:          rAddr.Port,
+				RelAddr:       relAddr,
+				RelPort:       relPort,
+				RelayProtocol: relayProtocol,
+				OnClose: func() error {
+					client.Close()
+					return locConn.Close()
+				},
+			}
+			relayConnClose := func() {
+				if relayConErr := relayConn.Close(); relayConErr != nil {
+					a.log.Warnf("Failed to close relay %v", relayConErr)
+				}
+			}
+			candidate, err := NewCandidateRelay(&relayConfig)
+			if err != nil {
+				relayConnClose()
+
+				client.Close()
+				closeConnAndLog(locConn, a.log, "failed to create relay candidate: %s %s: %v", network, rAddr.String(), err)
+				return
+			}
+
+			if err := a.addCandidate(ctx, candidate, relayConn); err != nil {
+				relayConnClose()
+
+				if closeErr := candidate.close(); closeErr != nil {
+					a.log.Warnf("Failed to close candidate: %v", closeErr)
+				}
+				a.log.Warnf("Failed to append to localCandidates and run onCandidateHdlr: %v", err)
+			}
+		}(*urls[i])
+	}
+}
diff --git a/server/vendor/github.com/pion/ice/v2/ice.go b/server/vendor/github.com/pion/ice/v2/ice.go
new file mode 100644
index 0000000..73262dd
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/ice.go
@@ -0,0 +1,90 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+// ConnectionState is an enum showing the state of a ICE Connection
+type ConnectionState int
+
+// List of supported States
+const (
+	// ConnectionStateUnknown represents an unknown state
+	ConnectionStateUnknown ConnectionState = iota
+
+	// ConnectionStateNew ICE agent is gathering addresses
+	ConnectionStateNew
+
+	// ConnectionStateChecking ICE agent has been given local and remote candidates, and is attempting to find a match
+	ConnectionStateChecking
+
+	// ConnectionStateConnected ICE agent has a pairing, but is still checking other pairs
+	ConnectionStateConnected
+
+	// ConnectionStateCompleted ICE agent has finished
+	ConnectionStateCompleted
+
+	// ConnectionStateFailed ICE agent never could successfully connect
+	ConnectionStateFailed
+
+	// ConnectionStateDisconnected ICE agent connected successfully, but has entered a failed state
+	ConnectionStateDisconnected
+
+	// ConnectionStateClosed ICE agent has finished and is no longer handling requests
+	ConnectionStateClosed
+)
+
+func (c ConnectionState) String() string {
+	switch c {
+	case ConnectionStateNew:
+		return "New"
+	case ConnectionStateChecking:
+		return "Checking"
+	case ConnectionStateConnected:
+		return "Connected"
+	case ConnectionStateCompleted:
+		return "Completed"
+	case ConnectionStateFailed:
+		return "Failed"
+	case ConnectionStateDisconnected:
+		return "Disconnected"
+	case ConnectionStateClosed:
+		return "Closed"
+	default:
+		return "Invalid"
+	}
+}
+
+// GatheringState describes the state of the candidate gathering process
+type GatheringState int
+
+const (
+	// GatheringStateUnknown represents an unknown state
+	GatheringStateUnknown GatheringState = iota
+
+	// GatheringStateNew indicates candidate gathering is not yet started
+	GatheringStateNew
+
+	// GatheringStateGathering indicates candidate gathering is ongoing
+	GatheringStateGathering
+
+	// GatheringStateComplete indicates candidate gathering has been completed
+	GatheringStateComplete
+)
+
+func (t GatheringState) String() string {
+	switch t {
+	case GatheringStateNew:
+		return "new"
+	case GatheringStateGathering:
+		return "gathering"
+	case GatheringStateComplete:
+		return "complete"
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+const (
+	relayProtocolDTLS = "dtls"
+	relayProtocolTLS  = "tls"
+)
diff --git a/server/vendor/github.com/pion/ice/v2/icecontrol.go b/server/vendor/github.com/pion/ice/v2/icecontrol.go
new file mode 100644
index 0000000..b086bd8
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/icecontrol.go
@@ -0,0 +1,90 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/stun"
+)
+
+// tiebreaker is common helper for ICE-{CONTROLLED,CONTROLLING}
+// and represents the so-called tiebreaker number.
+type tiebreaker uint64
+
+const tiebreakerSize = 8 // 64 bit
+
+// AddToAs adds tiebreaker value to m as t attribute.
+func (a tiebreaker) AddToAs(m *stun.Message, t stun.AttrType) error {
+	v := make([]byte, tiebreakerSize)
+	binary.BigEndian.PutUint64(v, uint64(a))
+	m.Add(t, v)
+	return nil
+}
+
+// GetFromAs decodes tiebreaker value in message getting it as for t type.
+func (a *tiebreaker) GetFromAs(m *stun.Message, t stun.AttrType) error {
+	v, err := m.Get(t)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(t, len(v), tiebreakerSize); err != nil {
+		return err
+	}
+	*a = tiebreaker(binary.BigEndian.Uint64(v))
+	return nil
+}
+
+// AttrControlled represents ICE-CONTROLLED attribute.
+type AttrControlled uint64
+
+// AddTo adds ICE-CONTROLLED to message.
+func (c AttrControlled) AddTo(m *stun.Message) error {
+	return tiebreaker(c).AddToAs(m, stun.AttrICEControlled)
+}
+
+// GetFrom decodes ICE-CONTROLLED from message.
+func (c *AttrControlled) GetFrom(m *stun.Message) error {
+	return (*tiebreaker)(c).GetFromAs(m, stun.AttrICEControlled)
+}
+
+// AttrControlling represents ICE-CONTROLLING attribute.
+type AttrControlling uint64
+
+// AddTo adds ICE-CONTROLLING to message.
+func (c AttrControlling) AddTo(m *stun.Message) error {
+	return tiebreaker(c).AddToAs(m, stun.AttrICEControlling)
+}
+
+// GetFrom decodes ICE-CONTROLLING from message.
+func (c *AttrControlling) GetFrom(m *stun.Message) error {
+	return (*tiebreaker)(c).GetFromAs(m, stun.AttrICEControlling)
+}
+
+// AttrControl is helper that wraps ICE-{CONTROLLED,CONTROLLING}.
+type AttrControl struct {
+	Role       Role
+	Tiebreaker uint64
+}
+
+// AddTo adds ICE-CONTROLLED or ICE-CONTROLLING attribute depending on Role.
+func (c AttrControl) AddTo(m *stun.Message) error {
+	if c.Role == Controlling {
+		return tiebreaker(c.Tiebreaker).AddToAs(m, stun.AttrICEControlling)
+	}
+	return tiebreaker(c.Tiebreaker).AddToAs(m, stun.AttrICEControlled)
+}
+
+// GetFrom decodes Role and Tiebreaker value from message.
+func (c *AttrControl) GetFrom(m *stun.Message) error {
+	if m.Contains(stun.AttrICEControlling) {
+		c.Role = Controlling
+		return (*tiebreaker)(&c.Tiebreaker).GetFromAs(m, stun.AttrICEControlling)
+	}
+	if m.Contains(stun.AttrICEControlled) {
+		c.Role = Controlled
+		return (*tiebreaker)(&c.Tiebreaker).GetFromAs(m, stun.AttrICEControlled)
+	}
+	return stun.ErrAttributeNotFound
+}
diff --git a/server/vendor/github.com/pion/ice/v2/internal/atomic/atomic.go b/server/vendor/github.com/pion/ice/v2/internal/atomic/atomic.go
new file mode 100644
index 0000000..f8caf5a
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/internal/atomic/atomic.go
@@ -0,0 +1,23 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package atomic contains custom atomic types
+package atomic
+
+import "sync/atomic"
+
+// Error is an atomic error
+type Error struct {
+	v atomic.Value
+}
+
+// Store updates the value of the atomic variable
+func (a *Error) Store(err error) {
+	a.v.Store(struct{ error }{err})
+}
+
+// Load retrieves the current value of the atomic variable
+func (a *Error) Load() error {
+	err, _ := a.v.Load().(struct{ error })
+	return err.error
+}
diff --git a/server/vendor/github.com/pion/ice/v2/internal/fakenet/mock_conn.go b/server/vendor/github.com/pion/ice/v2/internal/fakenet/mock_conn.go
new file mode 100644
index 0000000..cc98849
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/internal/fakenet/mock_conn.go
@@ -0,0 +1,23 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package fakenet
+
+import (
+	"net"
+	"time"
+)
+
+// MockPacketConn for tests
+type MockPacketConn struct{}
+
+func (m *MockPacketConn) ReadFrom([]byte) (n int, addr net.Addr, err error) { return 0, nil, nil } //nolint:revive
+func (m *MockPacketConn) WriteTo([]byte, net.Addr) (n int, err error)       { return 0, nil }      //nolint:revive
+func (m *MockPacketConn) Close() error                                      { return nil }         //nolint:revive
+func (m *MockPacketConn) LocalAddr() net.Addr                               { return nil }         //nolint:revive
+func (m *MockPacketConn) SetDeadline(time.Time) error                       { return nil }         //nolint:revive
+func (m *MockPacketConn) SetReadDeadline(time.Time) error                   { return nil }         //nolint:revive
+func (m *MockPacketConn) SetWriteDeadline(time.Time) error                  { return nil }         //nolint:revive
diff --git a/server/vendor/github.com/pion/ice/v2/internal/fakenet/packet_conn.go b/server/vendor/github.com/pion/ice/v2/internal/fakenet/packet_conn.go
new file mode 100644
index 0000000..0b9faaa
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/internal/fakenet/packet_conn.go
@@ -0,0 +1,29 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package fakenet contains fake network abstractions
+package fakenet
+
+import (
+	"net"
+)
+
+// Compile-time assertion
+var _ net.PacketConn = (*PacketConn)(nil)
+
+// PacketConn wraps a net.Conn and emulates net.PacketConn
+type PacketConn struct {
+	net.Conn
+}
+
+// ReadFrom reads a packet from the connection,
+func (f *PacketConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
+	n, err = f.Conn.Read(p)
+	addr = f.Conn.RemoteAddr()
+	return
+}
+
+// WriteTo writes a packet with payload p to addr.
+func (f *PacketConn) WriteTo(p []byte, _ net.Addr) (int, error) {
+	return f.Conn.Write(p)
+}
diff --git a/server/vendor/github.com/pion/ice/v2/internal/stun/stun.go b/server/vendor/github.com/pion/ice/v2/internal/stun/stun.go
new file mode 100644
index 0000000..230cf85
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/internal/stun/stun.go
@@ -0,0 +1,72 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package stun contains ICE specific STUN code
+package stun
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"time"
+
+	"github.com/pion/stun"
+)
+
+var (
+	errGetXorMappedAddrResponse = errors.New("failed to get XOR-MAPPED-ADDRESS response")
+	errMismatchUsername         = errors.New("username mismatch")
+)
+
+// GetXORMappedAddr initiates a STUN requests to serverAddr using conn, reads the response and returns
+// the XORMappedAddress returned by the STUN server.
+func GetXORMappedAddr(conn net.PacketConn, serverAddr net.Addr, timeout time.Duration) (*stun.XORMappedAddress, error) {
+	if timeout > 0 {
+		if err := conn.SetReadDeadline(time.Now().Add(timeout)); err != nil {
+			return nil, err
+		}
+
+		// Reset timeout after completion
+		defer conn.SetReadDeadline(time.Time{}) //nolint:errcheck
+	}
+
+	req, err := stun.Build(stun.BindingRequest, stun.TransactionID)
+	if err != nil {
+		return nil, err
+	}
+
+	if _, err = conn.WriteTo(req.Raw, serverAddr); err != nil {
+		return nil, err
+	}
+
+	const maxMessageSize = 1280
+	buf := make([]byte, maxMessageSize)
+	n, _, err := conn.ReadFrom(buf)
+	if err != nil {
+		return nil, err
+	}
+
+	res := &stun.Message{Raw: buf[:n]}
+	if err = res.Decode(); err != nil {
+		return nil, err
+	}
+
+	var addr stun.XORMappedAddress
+	if err = addr.GetFrom(res); err != nil {
+		return nil, fmt.Errorf("%w: %v", errGetXorMappedAddrResponse, err) //nolint:errorlint
+	}
+
+	return &addr, nil
+}
+
+// AssertUsername checks that the given STUN message m has a USERNAME attribute with a given value
+func AssertUsername(m *stun.Message, expectedUsername string) error {
+	var username stun.Username
+	if err := username.GetFrom(m); err != nil {
+		return err
+	} else if string(username) != expectedUsername {
+		return fmt.Errorf("%w expected(%x) actual(%x)", errMismatchUsername, expectedUsername, string(username))
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/mdns.go b/server/vendor/github.com/pion/ice/v2/mdns.go
new file mode 100644
index 0000000..aa82316
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/mdns.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"github.com/google/uuid"
+	"github.com/pion/logging"
+	"github.com/pion/mdns"
+	"github.com/pion/transport/v2"
+	"golang.org/x/net/ipv4"
+)
+
+// MulticastDNSMode represents the different Multicast modes ICE can run in
+type MulticastDNSMode byte
+
+// MulticastDNSMode enum
+const (
+	// MulticastDNSModeDisabled means remote mDNS candidates will be discarded, and local host candidates will use IPs
+	MulticastDNSModeDisabled MulticastDNSMode = iota + 1
+
+	// MulticastDNSModeQueryOnly means remote mDNS candidates will be accepted, and local host candidates will use IPs
+	MulticastDNSModeQueryOnly
+
+	// MulticastDNSModeQueryAndGather means remote mDNS candidates will be accepted, and local host candidates will use mDNS
+	MulticastDNSModeQueryAndGather
+)
+
+func generateMulticastDNSName() (string, error) {
+	// https://tools.ietf.org/id/draft-ietf-rtcweb-mdns-ice-candidates-02.html#gathering
+	// The unique name MUST consist of a version 4 UUID as defined in [RFC4122], followed by “.local”.
+	u, err := uuid.NewRandom()
+	return u.String() + ".local", err
+}
+
+func createMulticastDNS(n transport.Net, mDNSMode MulticastDNSMode, mDNSName string, log logging.LeveledLogger) (*mdns.Conn, MulticastDNSMode, error) {
+	if mDNSMode == MulticastDNSModeDisabled {
+		return nil, mDNSMode, nil
+	}
+
+	addr, mdnsErr := n.ResolveUDPAddr("udp4", mdns.DefaultAddress)
+	if mdnsErr != nil {
+		return nil, mDNSMode, mdnsErr
+	}
+
+	l, mdnsErr := n.ListenUDP("udp4", addr)
+	if mdnsErr != nil {
+		// If ICE fails to start MulticastDNS server just warn the user and continue
+		log.Errorf("Failed to enable mDNS, continuing in mDNS disabled mode: (%s)", mdnsErr)
+		return nil, MulticastDNSModeDisabled, nil
+	}
+
+	switch mDNSMode {
+	case MulticastDNSModeQueryOnly:
+		conn, err := mdns.Server(ipv4.NewPacketConn(l), &mdns.Config{})
+		return conn, mDNSMode, err
+	case MulticastDNSModeQueryAndGather:
+		conn, err := mdns.Server(ipv4.NewPacketConn(l), &mdns.Config{
+			LocalNames: []string{mDNSName},
+		})
+		return conn, mDNSMode, err
+	default:
+		return nil, mDNSMode, nil
+	}
+}
diff --git a/server/vendor/github.com/pion/ice/v2/net.go b/server/vendor/github.com/pion/ice/v2/net.go
new file mode 100644
index 0000000..d716bc1
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/net.go
@@ -0,0 +1,137 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"net"
+
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2"
+)
+
+// The conditions of invalidation written below are defined in
+// https://tools.ietf.org/html/rfc8445#section-5.1.1.1
+func isSupportedIPv6(ip net.IP) bool {
+	if len(ip) != net.IPv6len ||
+		isZeros(ip[0:12]) || // !(IPv4-compatible IPv6)
+		ip[0] == 0xfe && ip[1]&0xc0 == 0xc0 || // !(IPv6 site-local unicast)
+		ip.IsLinkLocalUnicast() ||
+		ip.IsLinkLocalMulticast() {
+		return false
+	}
+	return true
+}
+
+func isZeros(ip net.IP) bool {
+	for i := 0; i < len(ip); i++ {
+		if ip[i] != 0 {
+			return false
+		}
+	}
+	return true
+}
+
+func localInterfaces(n transport.Net, interfaceFilter func(string) bool, ipFilter func(net.IP) bool, networkTypes []NetworkType, includeLoopback bool) ([]net.IP, error) { //nolint:gocognit
+	ips := []net.IP{}
+	ifaces, err := n.Interfaces()
+	if err != nil {
+		return ips, err
+	}
+
+	var IPv4Requested, IPv6Requested bool
+	for _, typ := range networkTypes {
+		if typ.IsIPv4() {
+			IPv4Requested = true
+		}
+
+		if typ.IsIPv6() {
+			IPv6Requested = true
+		}
+	}
+
+	for _, iface := range ifaces {
+		if iface.Flags&net.FlagUp == 0 {
+			continue // Interface down
+		}
+		if (iface.Flags&net.FlagLoopback != 0) && !includeLoopback {
+			continue // Loopback interface
+		}
+
+		if interfaceFilter != nil && !interfaceFilter(iface.Name) {
+			continue
+		}
+
+		addrs, err := iface.Addrs()
+		if err != nil {
+			continue
+		}
+
+		for _, addr := range addrs {
+			var ip net.IP
+			switch addr := addr.(type) {
+			case *net.IPNet:
+				ip = addr.IP
+			case *net.IPAddr:
+				ip = addr.IP
+			}
+			if ip == nil || (ip.IsLoopback() && !includeLoopback) {
+				continue
+			}
+
+			if ipv4 := ip.To4(); ipv4 == nil {
+				if !IPv6Requested {
+					continue
+				} else if !isSupportedIPv6(ip) {
+					continue
+				}
+			} else if !IPv4Requested {
+				continue
+			}
+
+			if ipFilter != nil && !ipFilter(ip) {
+				continue
+			}
+
+			ips = append(ips, ip)
+		}
+	}
+	return ips, nil
+}
+
+func listenUDPInPortRange(n transport.Net, log logging.LeveledLogger, portMax, portMin int, network string, lAddr *net.UDPAddr) (transport.UDPConn, error) {
+	if (lAddr.Port != 0) || ((portMin == 0) && (portMax == 0)) {
+		return n.ListenUDP(network, lAddr)
+	}
+	var i, j int
+	i = portMin
+	if i == 0 {
+		i = 1
+	}
+	j = portMax
+	if j == 0 {
+		j = 0xFFFF
+	}
+	if i > j {
+		return nil, ErrPort
+	}
+
+	portStart := globalMathRandomGenerator.Intn(j-i+1) + i
+	portCurrent := portStart
+	for {
+		lAddr = &net.UDPAddr{IP: lAddr.IP, Port: portCurrent}
+		c, e := n.ListenUDP(network, lAddr)
+		if e == nil {
+			return c, e //nolint:nilerr
+		}
+		log.Debugf("Failed to listen %s: %v", lAddr.String(), e)
+		portCurrent++
+		if portCurrent > j {
+			portCurrent = i
+		}
+		if portCurrent == portStart {
+			break
+		}
+	}
+	return nil, ErrPort
+}
diff --git a/server/vendor/github.com/pion/ice/v2/networktype.go b/server/vendor/github.com/pion/ice/v2/networktype.go
new file mode 100644
index 0000000..57df186
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/networktype.go
@@ -0,0 +1,137 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"fmt"
+	"net"
+	"strings"
+)
+
+const (
+	udp  = "udp"
+	tcp  = "tcp"
+	udp4 = "udp4"
+	udp6 = "udp6"
+	tcp4 = "tcp4"
+	tcp6 = "tcp6"
+)
+
+func supportedNetworkTypes() []NetworkType {
+	return []NetworkType{
+		NetworkTypeUDP4,
+		NetworkTypeUDP6,
+		NetworkTypeTCP4,
+		NetworkTypeTCP6,
+	}
+}
+
+// NetworkType represents the type of network
+type NetworkType int
+
+const (
+	// NetworkTypeUDP4 indicates UDP over IPv4.
+	NetworkTypeUDP4 NetworkType = iota + 1
+
+	// NetworkTypeUDP6 indicates UDP over IPv6.
+	NetworkTypeUDP6
+
+	// NetworkTypeTCP4 indicates TCP over IPv4.
+	NetworkTypeTCP4
+
+	// NetworkTypeTCP6 indicates TCP over IPv6.
+	NetworkTypeTCP6
+)
+
+func (t NetworkType) String() string {
+	switch t {
+	case NetworkTypeUDP4:
+		return udp4
+	case NetworkTypeUDP6:
+		return udp6
+	case NetworkTypeTCP4:
+		return tcp4
+	case NetworkTypeTCP6:
+		return tcp6
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// IsUDP returns true when network is UDP4 or UDP6.
+func (t NetworkType) IsUDP() bool {
+	return t == NetworkTypeUDP4 || t == NetworkTypeUDP6
+}
+
+// IsTCP returns true when network is TCP4 or TCP6.
+func (t NetworkType) IsTCP() bool {
+	return t == NetworkTypeTCP4 || t == NetworkTypeTCP6
+}
+
+// NetworkShort returns the short network description
+func (t NetworkType) NetworkShort() string {
+	switch t {
+	case NetworkTypeUDP4, NetworkTypeUDP6:
+		return udp
+	case NetworkTypeTCP4, NetworkTypeTCP6:
+		return tcp
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// IsReliable returns true if the network is reliable
+func (t NetworkType) IsReliable() bool {
+	switch t {
+	case NetworkTypeUDP4, NetworkTypeUDP6:
+		return false
+	case NetworkTypeTCP4, NetworkTypeTCP6:
+		return true
+	}
+	return false
+}
+
+// IsIPv4 returns whether the network type is IPv4 or not.
+func (t NetworkType) IsIPv4() bool {
+	switch t {
+	case NetworkTypeUDP4, NetworkTypeTCP4:
+		return true
+	case NetworkTypeUDP6, NetworkTypeTCP6:
+		return false
+	}
+	return false
+}
+
+// IsIPv6 returns whether the network type is IPv6 or not.
+func (t NetworkType) IsIPv6() bool {
+	switch t {
+	case NetworkTypeUDP4, NetworkTypeTCP4:
+		return false
+	case NetworkTypeUDP6, NetworkTypeTCP6:
+		return true
+	}
+	return false
+}
+
+// determineNetworkType determines the type of network based on
+// the short network string and an IP address.
+func determineNetworkType(network string, ip net.IP) (NetworkType, error) {
+	ipv4 := ip.To4() != nil
+
+	switch {
+	case strings.HasPrefix(strings.ToLower(network), udp):
+		if ipv4 {
+			return NetworkTypeUDP4, nil
+		}
+		return NetworkTypeUDP6, nil
+
+	case strings.HasPrefix(strings.ToLower(network), tcp):
+		if ipv4 {
+			return NetworkTypeTCP4, nil
+		}
+		return NetworkTypeTCP6, nil
+	}
+
+	return NetworkType(0), fmt.Errorf("%w from %s %s", ErrDetermineNetworkType, network, ip)
+}
diff --git a/server/vendor/github.com/pion/ice/v2/priority.go b/server/vendor/github.com/pion/ice/v2/priority.go
new file mode 100644
index 0000000..16ac5cc
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/priority.go
@@ -0,0 +1,36 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/stun"
+)
+
+// PriorityAttr represents PRIORITY attribute.
+type PriorityAttr uint32
+
+const prioritySize = 4 // 32 bit
+
+// AddTo adds PRIORITY attribute to message.
+func (p PriorityAttr) AddTo(m *stun.Message) error {
+	v := make([]byte, prioritySize)
+	binary.BigEndian.PutUint32(v, uint32(p))
+	m.Add(stun.AttrPriority, v)
+	return nil
+}
+
+// GetFrom decodes PRIORITY attribute from message.
+func (p *PriorityAttr) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrPriority)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(stun.AttrPriority, len(v), prioritySize); err != nil {
+		return err
+	}
+	*p = PriorityAttr(binary.BigEndian.Uint32(v))
+	return nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/rand.go b/server/vendor/github.com/pion/ice/v2/rand.go
new file mode 100644
index 0000000..3de1f04
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/rand.go
@@ -0,0 +1,56 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "github.com/pion/randutil"
+
+const (
+	runesAlpha                 = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	runesDigit                 = "0123456789"
+	runesCandidateIDFoundation = runesAlpha + runesDigit + "+/"
+
+	lenUFrag = 16
+	lenPwd   = 32
+)
+
+// Seeding random generator each time limits number of generated sequence to 31-bits,
+// and causes collision on low time accuracy environments.
+// Use global random generator seeded by crypto grade random.
+var (
+	globalMathRandomGenerator  = randutil.NewMathRandomGenerator()               //nolint:gochecknoglobals
+	globalCandidateIDGenerator = candidateIDGenerator{globalMathRandomGenerator} //nolint:gochecknoglobals
+)
+
+// candidateIDGenerator is a random candidate ID generator.
+// Candidate ID is used in SDP and always shared to the other peer.
+// It doesn't require cryptographic random.
+type candidateIDGenerator struct {
+	randutil.MathRandomGenerator
+}
+
+func newCandidateIDGenerator() *candidateIDGenerator {
+	return &candidateIDGenerator{
+		randutil.NewMathRandomGenerator(),
+	}
+}
+
+func (g *candidateIDGenerator) Generate() string {
+	// https://tools.ietf.org/html/rfc5245#section-15.1
+	// candidate-id = "candidate" ":" foundation
+	// foundation   = 1*32ice-char
+	// ice-char     = ALPHA / DIGIT / "+" / "/"
+	return "candidate:" + g.MathRandomGenerator.GenerateString(32, runesCandidateIDFoundation)
+}
+
+// generatePwd generates ICE pwd.
+// This internally uses generateCryptoRandomString.
+func generatePwd() (string, error) {
+	return randutil.GenerateCryptoRandomString(lenPwd, runesAlpha)
+}
+
+// generateUFrag generates ICE user fragment.
+// This internally uses generateCryptoRandomString.
+func generateUFrag() (string, error) {
+	return randutil.GenerateCryptoRandomString(lenUFrag, runesAlpha)
+}
diff --git a/server/vendor/github.com/pion/ice/v2/renovate.json b/server/vendor/github.com/pion/ice/v2/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/ice/v2/role.go b/server/vendor/github.com/pion/ice/v2/role.go
new file mode 100644
index 0000000..e9a7bda
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/role.go
@@ -0,0 +1,46 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"fmt"
+)
+
+// Role represents ICE agent role, which can be controlling or controlled.
+type Role byte
+
+// Possible ICE agent roles.
+const (
+	Controlling Role = iota
+	Controlled
+)
+
+// UnmarshalText implements TextUnmarshaler.
+func (r *Role) UnmarshalText(text []byte) error {
+	switch string(text) {
+	case "controlling":
+		*r = Controlling
+	case "controlled":
+		*r = Controlled
+	default:
+		return fmt.Errorf("%w %q", errUnknownRole, text)
+	}
+	return nil
+}
+
+// MarshalText implements TextMarshaler.
+func (r Role) MarshalText() (text []byte, err error) {
+	return []byte(r.String()), nil
+}
+
+func (r Role) String() string {
+	switch r {
+	case Controlling:
+		return "controlling"
+	case Controlled:
+		return "controlled"
+	default:
+		return "unknown"
+	}
+}
diff --git a/server/vendor/github.com/pion/ice/v2/selection.go b/server/vendor/github.com/pion/ice/v2/selection.go
new file mode 100644
index 0000000..538eb0f
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/selection.go
@@ -0,0 +1,312 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+)
+
+type pairCandidateSelector interface {
+	Start()
+	ContactCandidates()
+	PingCandidate(local, remote Candidate)
+	HandleSuccessResponse(m *stun.Message, local, remote Candidate, remoteAddr net.Addr)
+	HandleBindingRequest(m *stun.Message, local, remote Candidate)
+}
+
+type controllingSelector struct {
+	startTime     time.Time
+	agent         *Agent
+	nominatedPair *CandidatePair
+	log           logging.LeveledLogger
+}
+
+func (s *controllingSelector) Start() {
+	s.startTime = time.Now()
+	s.nominatedPair = nil
+}
+
+func (s *controllingSelector) isNominatable(c Candidate) bool {
+	switch {
+	case c.Type() == CandidateTypeHost:
+		return time.Since(s.startTime).Nanoseconds() > s.agent.hostAcceptanceMinWait.Nanoseconds()
+	case c.Type() == CandidateTypeServerReflexive:
+		return time.Since(s.startTime).Nanoseconds() > s.agent.srflxAcceptanceMinWait.Nanoseconds()
+	case c.Type() == CandidateTypePeerReflexive:
+		return time.Since(s.startTime).Nanoseconds() > s.agent.prflxAcceptanceMinWait.Nanoseconds()
+	case c.Type() == CandidateTypeRelay:
+		return time.Since(s.startTime).Nanoseconds() > s.agent.relayAcceptanceMinWait.Nanoseconds()
+	}
+
+	s.log.Errorf("Invalid candidate type: %s", c.Type())
+	return false
+}
+
+func (s *controllingSelector) ContactCandidates() {
+	switch {
+	case s.agent.getSelectedPair() != nil:
+		if s.agent.validateSelectedPair() {
+			s.log.Trace("Checking keepalive")
+			s.agent.checkKeepalive()
+		}
+	case s.nominatedPair != nil:
+		s.nominatePair(s.nominatedPair)
+	default:
+		p := s.agent.getBestValidCandidatePair()
+		if p != nil && s.isNominatable(p.Local) && s.isNominatable(p.Remote) {
+			s.log.Tracef("Nominatable pair found, nominating (%s, %s)", p.Local, p.Remote)
+			p.nominated = true
+			s.nominatedPair = p
+			s.nominatePair(p)
+			return
+		}
+		s.agent.pingAllCandidates()
+	}
+}
+
+func (s *controllingSelector) nominatePair(pair *CandidatePair) {
+	// The controlling agent MUST include the USE-CANDIDATE attribute in
+	// order to nominate a candidate pair (Section 8.1.1).  The controlled
+	// agent MUST NOT include the USE-CANDIDATE attribute in a Binding
+	// request.
+	msg, err := stun.Build(stun.BindingRequest, stun.TransactionID,
+		stun.NewUsername(s.agent.remoteUfrag+":"+s.agent.localUfrag),
+		UseCandidate(),
+		AttrControlling(s.agent.tieBreaker),
+		PriorityAttr(pair.Local.Priority()),
+		stun.NewShortTermIntegrity(s.agent.remotePwd),
+		stun.Fingerprint,
+	)
+	if err != nil {
+		s.log.Error(err.Error())
+		return
+	}
+
+	s.log.Tracef("Ping STUN (nominate candidate pair) from %s to %s", pair.Local, pair.Remote)
+	s.agent.sendBindingRequest(msg, pair.Local, pair.Remote)
+}
+
+func (s *controllingSelector) HandleBindingRequest(m *stun.Message, local, remote Candidate) {
+	s.agent.sendBindingSuccess(m, local, remote)
+
+	p := s.agent.findPair(local, remote)
+
+	if p == nil {
+		s.agent.addPair(local, remote)
+		return
+	}
+
+	if p.state == CandidatePairStateSucceeded && s.nominatedPair == nil && s.agent.getSelectedPair() == nil {
+		bestPair := s.agent.getBestAvailableCandidatePair()
+		if bestPair == nil {
+			s.log.Tracef("No best pair available")
+		} else if bestPair.equal(p) && s.isNominatable(p.Local) && s.isNominatable(p.Remote) {
+			s.log.Tracef("The candidate (%s, %s) is the best candidate available, marking it as nominated", p.Local, p.Remote)
+			s.nominatedPair = p
+			s.nominatePair(p)
+		}
+	}
+
+	if s.agent.userBindingRequestHandler != nil {
+		if shouldSwitch := s.agent.userBindingRequestHandler(m, local, remote, p); shouldSwitch {
+			s.agent.setSelectedPair(p)
+		}
+	}
+}
+
+func (s *controllingSelector) HandleSuccessResponse(m *stun.Message, local, remote Candidate, remoteAddr net.Addr) {
+	ok, pendingRequest, rtt := s.agent.handleInboundBindingSuccess(m.TransactionID)
+	if !ok {
+		s.log.Warnf("Discard message from (%s), unknown TransactionID 0x%x", remote, m.TransactionID)
+		return
+	}
+
+	transactionAddr := pendingRequest.destination
+
+	// Assert that NAT is not symmetric
+	// https://tools.ietf.org/html/rfc8445#section-7.2.5.2.1
+	if !addrEqual(transactionAddr, remoteAddr) {
+		s.log.Debugf("Discard message: transaction source and destination does not match expected(%s), actual(%s)", transactionAddr, remote)
+		return
+	}
+
+	s.log.Tracef("Inbound STUN (SuccessResponse) from %s to %s", remote, local)
+	p := s.agent.findPair(local, remote)
+
+	if p == nil {
+		// This shouldn't happen
+		s.log.Error("Success response from invalid candidate pair")
+		return
+	}
+
+	p.state = CandidatePairStateSucceeded
+	s.log.Tracef("Found valid candidate pair: %s", p)
+	if pendingRequest.isUseCandidate && s.agent.getSelectedPair() == nil {
+		s.agent.setSelectedPair(p)
+	}
+
+	p.UpdateRoundTripTime(rtt)
+}
+
+func (s *controllingSelector) PingCandidate(local, remote Candidate) {
+	msg, err := stun.Build(stun.BindingRequest, stun.TransactionID,
+		stun.NewUsername(s.agent.remoteUfrag+":"+s.agent.localUfrag),
+		AttrControlling(s.agent.tieBreaker),
+		PriorityAttr(local.Priority()),
+		stun.NewShortTermIntegrity(s.agent.remotePwd),
+		stun.Fingerprint,
+	)
+	if err != nil {
+		s.log.Error(err.Error())
+		return
+	}
+
+	s.agent.sendBindingRequest(msg, local, remote)
+}
+
+type controlledSelector struct {
+	agent *Agent
+	log   logging.LeveledLogger
+}
+
+func (s *controlledSelector) Start() {
+}
+
+func (s *controlledSelector) ContactCandidates() {
+	if s.agent.getSelectedPair() != nil {
+		if s.agent.validateSelectedPair() {
+			s.log.Trace("Checking keepalive")
+			s.agent.checkKeepalive()
+		}
+	} else {
+		s.agent.pingAllCandidates()
+	}
+}
+
+func (s *controlledSelector) PingCandidate(local, remote Candidate) {
+	msg, err := stun.Build(stun.BindingRequest, stun.TransactionID,
+		stun.NewUsername(s.agent.remoteUfrag+":"+s.agent.localUfrag),
+		AttrControlled(s.agent.tieBreaker),
+		PriorityAttr(local.Priority()),
+		stun.NewShortTermIntegrity(s.agent.remotePwd),
+		stun.Fingerprint,
+	)
+	if err != nil {
+		s.log.Error(err.Error())
+		return
+	}
+
+	s.agent.sendBindingRequest(msg, local, remote)
+}
+
+func (s *controlledSelector) HandleSuccessResponse(m *stun.Message, local, remote Candidate, remoteAddr net.Addr) {
+	//nolint:godox
+	// TODO according to the standard we should specifically answer a failed nomination:
+	// https://tools.ietf.org/html/rfc8445#section-7.3.1.5
+	// If the controlled agent does not accept the request from the
+	// controlling agent, the controlled agent MUST reject the nomination
+	// request with an appropriate error code response (e.g., 400)
+	// [RFC5389].
+
+	ok, pendingRequest, rtt := s.agent.handleInboundBindingSuccess(m.TransactionID)
+	if !ok {
+		s.log.Warnf("Discard message from (%s), unknown TransactionID 0x%x", remote, m.TransactionID)
+		return
+	}
+
+	transactionAddr := pendingRequest.destination
+
+	// Assert that NAT is not symmetric
+	// https://tools.ietf.org/html/rfc8445#section-7.2.5.2.1
+	if !addrEqual(transactionAddr, remoteAddr) {
+		s.log.Debugf("Discard message: transaction source and destination does not match expected(%s), actual(%s)", transactionAddr, remote)
+		return
+	}
+
+	s.log.Tracef("Inbound STUN (SuccessResponse) from %s to %s", remote, local)
+
+	p := s.agent.findPair(local, remote)
+	if p == nil {
+		// This shouldn't happen
+		s.log.Error("Success response from invalid candidate pair")
+		return
+	}
+
+	p.state = CandidatePairStateSucceeded
+	s.log.Tracef("Found valid candidate pair: %s", p)
+	if p.nominateOnBindingSuccess {
+		if selectedPair := s.agent.getSelectedPair(); selectedPair == nil ||
+			(selectedPair != p && selectedPair.priority() <= p.priority()) {
+			s.agent.setSelectedPair(p)
+		} else if selectedPair != p {
+			s.log.Tracef("Ignore nominate new pair %s, already nominated pair %s", p, selectedPair)
+		}
+	}
+
+	p.UpdateRoundTripTime(rtt)
+}
+
+func (s *controlledSelector) HandleBindingRequest(m *stun.Message, local, remote Candidate) {
+	p := s.agent.findPair(local, remote)
+	if p == nil {
+		p = s.agent.addPair(local, remote)
+	}
+
+	if m.Contains(stun.AttrUseCandidate) {
+		// https://tools.ietf.org/html/rfc8445#section-7.3.1.5
+
+		if p.state == CandidatePairStateSucceeded {
+			// If the state of this pair is Succeeded, it means that the check
+			// previously sent by this pair produced a successful response and
+			// generated a valid pair (Section 7.2.5.3.2).  The agent sets the
+			// nominated flag value of the valid pair to true.
+			selectedPair := s.agent.getSelectedPair()
+			if selectedPair == nil || (selectedPair != p && selectedPair.priority() <= p.priority()) {
+				s.agent.setSelectedPair(p)
+			} else if selectedPair != p {
+				s.log.Tracef("Ignore nominate new pair %s, already nominated pair %s", p, selectedPair)
+			}
+		} else {
+			// If the received Binding request triggered a new check to be
+			// enqueued in the triggered-check queue (Section 7.3.1.4), once the
+			// check is sent and if it generates a successful response, and
+			// generates a valid pair, the agent sets the nominated flag of the
+			// pair to true.  If the request fails (Section 7.2.5.2), the agent
+			// MUST remove the candidate pair from the valid list, set the
+			// candidate pair state to Failed, and set the checklist state to
+			// Failed.
+			p.nominateOnBindingSuccess = true
+		}
+	}
+
+	s.agent.sendBindingSuccess(m, local, remote)
+	s.PingCandidate(local, remote)
+
+	if s.agent.userBindingRequestHandler != nil {
+		if shouldSwitch := s.agent.userBindingRequestHandler(m, local, remote, p); shouldSwitch {
+			s.agent.setSelectedPair(p)
+		}
+	}
+}
+
+type liteSelector struct {
+	pairCandidateSelector
+}
+
+// A lite selector should not contact candidates
+func (s *liteSelector) ContactCandidates() {
+	if _, ok := s.pairCandidateSelector.(*controllingSelector); ok {
+		//nolint:godox
+		// https://github.com/pion/ice/issues/96
+		// TODO: implement lite controlling agent. For now falling back to full agent.
+		// This only happens if both peers are lite. See RFC 8445 S6.1.1 and S6.2
+		s.pairCandidateSelector.ContactCandidates()
+	} else if v, ok := s.pairCandidateSelector.(*controlledSelector); ok {
+		v.agent.validateSelectedPair()
+	}
+}
diff --git a/server/vendor/github.com/pion/ice/v2/stats.go b/server/vendor/github.com/pion/ice/v2/stats.go
new file mode 100644
index 0000000..9b83bea
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/stats.go
@@ -0,0 +1,180 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"time"
+)
+
+// CandidatePairStats contains ICE candidate pair statistics
+type CandidatePairStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp time.Time
+
+	// LocalCandidateID is the ID of the local candidate
+	LocalCandidateID string
+
+	// RemoteCandidateID is the ID of the remote candidate
+	RemoteCandidateID string
+
+	// State represents the state of the checklist for the local and remote
+	// candidates in a pair.
+	State CandidatePairState
+
+	// Nominated is true when this valid pair that should be used for media
+	// if it is the highest-priority one amongst those whose nominated flag is set
+	Nominated bool
+
+	// PacketsSent represents the total number of packets sent on this candidate pair.
+	PacketsSent uint32
+
+	// PacketsReceived represents the total number of packets received on this candidate pair.
+	PacketsReceived uint32
+
+	// BytesSent represents the total number of payload bytes sent on this candidate pair
+	// not including headers or padding.
+	BytesSent uint64
+
+	// BytesReceived represents the total number of payload bytes received on this candidate pair
+	// not including headers or padding.
+	BytesReceived uint64
+
+	// LastPacketSentTimestamp represents the timestamp at which the last packet was
+	// sent on this particular candidate pair, excluding STUN packets.
+	LastPacketSentTimestamp time.Time
+
+	// LastPacketReceivedTimestamp represents the timestamp at which the last packet
+	// was received on this particular candidate pair, excluding STUN packets.
+	LastPacketReceivedTimestamp time.Time
+
+	// FirstRequestTimestamp represents the timestamp at which the first STUN request
+	// was sent on this particular candidate pair.
+	FirstRequestTimestamp time.Time
+
+	// LastRequestTimestamp represents the timestamp at which the last STUN request
+	// was sent on this particular candidate pair. The average interval between two
+	// consecutive connectivity checks sent can be calculated with
+	// (LastRequestTimestamp - FirstRequestTimestamp) / RequestsSent.
+	LastRequestTimestamp time.Time
+
+	// LastResponseTimestamp represents the timestamp at which the last STUN response
+	// was received on this particular candidate pair.
+	LastResponseTimestamp time.Time
+
+	// TotalRoundTripTime represents the sum of all round trip time measurements
+	// in seconds since the beginning of the session, based on STUN connectivity
+	// check responses (ResponsesReceived), including those that reply to requests
+	// that are sent in order to verify consent. The average round trip time can
+	// be computed from TotalRoundTripTime by dividing it by ResponsesReceived.
+	TotalRoundTripTime float64
+
+	// CurrentRoundTripTime represents the latest round trip time measured in seconds,
+	// computed from both STUN connectivity checks, including those that are sent
+	// for consent verification.
+	CurrentRoundTripTime float64
+
+	// AvailableOutgoingBitrate is calculated by the underlying congestion control
+	// by combining the available bitrate for all the outgoing RTP streams using
+	// this candidate pair. The bitrate measurement does not count the size of the
+	// IP or other transport layers like TCP or UDP. It is similar to the TIAS defined
+	// in RFC 3890, i.e., it is measured in bits per second and the bitrate is calculated
+	// over a 1 second window.
+	AvailableOutgoingBitrate float64
+
+	// AvailableIncomingBitrate is calculated by the underlying congestion control
+	// by combining the available bitrate for all the incoming RTP streams using
+	// this candidate pair. The bitrate measurement does not count the size of the
+	// IP or other transport layers like TCP or UDP. It is similar to the TIAS defined
+	// in  RFC 3890, i.e., it is measured in bits per second and the bitrate is
+	// calculated over a 1 second window.
+	AvailableIncomingBitrate float64
+
+	// CircuitBreakerTriggerCount represents the number of times the circuit breaker
+	// is triggered for this particular 5-tuple, ceasing transmission.
+	CircuitBreakerTriggerCount uint32
+
+	// RequestsReceived represents the total number of connectivity check requests
+	// received (including retransmissions). It is impossible for the receiver to
+	// tell whether the request was sent in order to check connectivity or check
+	// consent, so all connectivity checks requests are counted here.
+	RequestsReceived uint64
+
+	// RequestsSent represents the total number of connectivity check requests
+	// sent (not including retransmissions).
+	RequestsSent uint64
+
+	// ResponsesReceived represents the total number of connectivity check responses received.
+	ResponsesReceived uint64
+
+	// ResponsesSent represents the total number of connectivity check responses sent.
+	// Since we cannot distinguish connectivity check requests and consent requests,
+	// all responses are counted.
+	ResponsesSent uint64
+
+	// RetransmissionsReceived represents the total number of connectivity check
+	// request retransmissions received.
+	RetransmissionsReceived uint64
+
+	// RetransmissionsSent represents the total number of connectivity check
+	// request retransmissions sent.
+	RetransmissionsSent uint64
+
+	// ConsentRequestsSent represents the total number of consent requests sent.
+	ConsentRequestsSent uint64
+
+	// ConsentExpiredTimestamp represents the timestamp at which the latest valid
+	// STUN binding response expired.
+	ConsentExpiredTimestamp time.Time
+}
+
+// CandidateStats contains ICE candidate statistics related to the ICETransport objects.
+type CandidateStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp time.Time
+
+	// ID is the candidate ID
+	ID string
+
+	// NetworkType represents the type of network interface used by the base of a
+	// local candidate (the address the ICE agent sends from). Only present for
+	// local candidates; it's not possible to know what type of network interface
+	// a remote candidate is using.
+	//
+	// Note:
+	// This stat only tells you about the network interface used by the first "hop";
+	// it's possible that a connection will be bottlenecked by another type of network.
+	// For example, when using Wi-Fi tethering, the networkType of the relevant candidate
+	// would be "wifi", even when the next hop is over a cellular connection.
+	NetworkType NetworkType
+
+	// IP is the IP address of the candidate, allowing for IPv4 addresses and
+	// IPv6 addresses, but fully qualified domain names (FQDNs) are not allowed.
+	IP string
+
+	// Port is the port number of the candidate.
+	Port int
+
+	// CandidateType is the "Type" field of the ICECandidate.
+	CandidateType CandidateType
+
+	// Priority is the "Priority" field of the ICECandidate.
+	Priority uint32
+
+	// URL is the URL of the TURN or STUN server indicated in the that translated
+	// this IP address. It is the URL address surfaced in an PeerConnectionICEEvent.
+	URL string
+
+	// RelayProtocol is the protocol used by the endpoint to communicate with the
+	// TURN server. This is only present for local candidates. Valid values for
+	// the TURN URL protocol is one of UDP, TCP, or TLS.
+	RelayProtocol string
+
+	// Deleted is true if the candidate has been deleted/freed. For host candidates,
+	// this means that any network resources (typically a socket) associated with the
+	// candidate have been released. For TURN candidates, this means the TURN allocation
+	// is no longer active.
+	//
+	// Only defined for local candidates. For remote candidates, this property is not applicable.
+	Deleted bool
+}
diff --git a/server/vendor/github.com/pion/ice/v2/tcp_mux.go b/server/vendor/github.com/pion/ice/v2/tcp_mux.go
new file mode 100644
index 0000000..ff3afed
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/tcp_mux.go
@@ -0,0 +1,435 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"encoding/binary"
+	"errors"
+	"io"
+	"net"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+)
+
+// ErrGetTransportAddress can't convert net.Addr to underlying type (UDPAddr or TCPAddr).
+var ErrGetTransportAddress = errors.New("failed to get local transport address")
+
+// TCPMux is allows grouping multiple TCP net.Conns and using them like UDP
+// net.PacketConns. The main implementation of this is TCPMuxDefault, and this
+// interface exists to allow mocking in tests.
+type TCPMux interface {
+	io.Closer
+	GetConnByUfrag(ufrag string, isIPv6 bool, local net.IP) (net.PacketConn, error)
+	RemoveConnByUfrag(ufrag string)
+}
+
+type ipAddr string
+
+// TCPMuxDefault muxes TCP net.Conns into net.PacketConns and groups them by
+// Ufrag. It is a default implementation of TCPMux interface.
+type TCPMuxDefault struct {
+	params *TCPMuxParams
+	closed bool
+
+	// connsIPv4 and connsIPv6 are maps of all tcpPacketConns indexed by ufrag and local address
+	connsIPv4, connsIPv6 map[string]map[ipAddr]*tcpPacketConn
+
+	mu sync.Mutex
+	wg sync.WaitGroup
+}
+
+// TCPMuxParams are parameters for TCPMux.
+type TCPMuxParams struct {
+	Listener       net.Listener
+	Logger         logging.LeveledLogger
+	ReadBufferSize int
+
+	// Maximum buffer size for write op. 0 means no write buffer, the write op will block until the whole packet is written
+	// if the write buffer is full, the subsequent write packet will be dropped until it has enough space.
+	// a default 4MB is recommended.
+	WriteBufferSize int
+
+	// A new established connection will be removed if the first STUN binding request is not received within this timeout,
+	// avoiding the client with bad network or attacker to create a lot of empty connections.
+	// Default 30s timeout will be used if not set.
+	FirstStunBindTimeout time.Duration
+
+	// TCPMux will create connection from STUN binding request with an unknown username, if
+	// the connection is not used in the timeout, it will be removed to avoid resource leak / attack.
+	// Default 30s timeout will be used if not set.
+	AliveDurationForConnFromStun time.Duration
+}
+
+// NewTCPMuxDefault creates a new instance of TCPMuxDefault.
+func NewTCPMuxDefault(params TCPMuxParams) *TCPMuxDefault {
+	if params.Logger == nil {
+		params.Logger = logging.NewDefaultLoggerFactory().NewLogger("ice")
+	}
+
+	if params.FirstStunBindTimeout == 0 {
+		params.FirstStunBindTimeout = 30 * time.Second
+	}
+
+	if params.AliveDurationForConnFromStun == 0 {
+		params.AliveDurationForConnFromStun = 30 * time.Second
+	}
+
+	m := &TCPMuxDefault{
+		params: &params,
+
+		connsIPv4: map[string]map[ipAddr]*tcpPacketConn{},
+		connsIPv6: map[string]map[ipAddr]*tcpPacketConn{},
+	}
+
+	m.wg.Add(1)
+	go func() {
+		defer m.wg.Done()
+		m.start()
+	}()
+
+	return m
+}
+
+func (m *TCPMuxDefault) start() {
+	m.params.Logger.Infof("Listening TCP on %s", m.params.Listener.Addr())
+	for {
+		conn, err := m.params.Listener.Accept()
+		if err != nil {
+			m.params.Logger.Infof("Error accepting connection: %s", err)
+			return
+		}
+
+		m.params.Logger.Debugf("Accepted connection from: %s to %s", conn.RemoteAddr(), conn.LocalAddr())
+
+		m.wg.Add(1)
+		go func() {
+			defer m.wg.Done()
+			m.handleConn(conn)
+		}()
+	}
+}
+
+// LocalAddr returns the listening address of this TCPMuxDefault.
+func (m *TCPMuxDefault) LocalAddr() net.Addr {
+	return m.params.Listener.Addr()
+}
+
+// GetConnByUfrag retrieves an existing or creates a new net.PacketConn.
+func (m *TCPMuxDefault) GetConnByUfrag(ufrag string, isIPv6 bool, local net.IP) (net.PacketConn, error) {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+
+	if m.closed {
+		return nil, io.ErrClosedPipe
+	}
+
+	if conn, ok := m.getConn(ufrag, isIPv6, local); ok {
+		conn.ClearAliveTimer()
+		return conn, nil
+	}
+
+	return m.createConn(ufrag, isIPv6, local, false)
+}
+
+func (m *TCPMuxDefault) createConn(ufrag string, isIPv6 bool, local net.IP, fromStun bool) (*tcpPacketConn, error) {
+	addr, ok := m.LocalAddr().(*net.TCPAddr)
+	if !ok {
+		return nil, ErrGetTransportAddress
+	}
+	localAddr := *addr
+	localAddr.IP = local
+
+	var alive time.Duration
+	if fromStun {
+		alive = m.params.AliveDurationForConnFromStun
+	}
+
+	conn := newTCPPacketConn(tcpPacketParams{
+		ReadBuffer:    m.params.ReadBufferSize,
+		WriteBuffer:   m.params.WriteBufferSize,
+		LocalAddr:     &localAddr,
+		Logger:        m.params.Logger,
+		AliveDuration: alive,
+	})
+
+	var conns map[ipAddr]*tcpPacketConn
+	if isIPv6 {
+		if conns, ok = m.connsIPv6[ufrag]; !ok {
+			conns = make(map[ipAddr]*tcpPacketConn)
+			m.connsIPv6[ufrag] = conns
+		}
+	} else {
+		if conns, ok = m.connsIPv4[ufrag]; !ok {
+			conns = make(map[ipAddr]*tcpPacketConn)
+			m.connsIPv4[ufrag] = conns
+		}
+	}
+	conns[ipAddr(local.String())] = conn
+
+	m.wg.Add(1)
+	go func() {
+		defer m.wg.Done()
+		<-conn.CloseChannel()
+		m.removeConnByUfragAndLocalHost(ufrag, local)
+	}()
+
+	return conn, nil
+}
+
+func (m *TCPMuxDefault) closeAndLogError(closer io.Closer) {
+	err := closer.Close()
+	if err != nil {
+		m.params.Logger.Warnf("Error closing connection: %s", err)
+	}
+}
+
+func (m *TCPMuxDefault) handleConn(conn net.Conn) {
+	buf := make([]byte, 512)
+
+	if m.params.FirstStunBindTimeout > 0 {
+		if err := conn.SetReadDeadline(time.Now().Add(m.params.FirstStunBindTimeout)); err != nil {
+			m.params.Logger.Warnf("Failed to set read deadline for first STUN message: %s to %s , err: %s", conn.RemoteAddr(), conn.LocalAddr(), err)
+		}
+	}
+	n, err := readStreamingPacket(conn, buf)
+	if err != nil {
+		if errors.Is(err, io.ErrShortBuffer) {
+			m.params.Logger.Warnf("Buffer too small for first packet from %s: %s", conn.RemoteAddr(), err)
+		} else {
+			m.params.Logger.Warnf("Error reading first packet from %s: %s", conn.RemoteAddr(), err)
+		}
+		m.closeAndLogError(conn)
+		return
+	}
+	if err = conn.SetReadDeadline(time.Time{}); err != nil {
+		m.params.Logger.Warnf("Failed to reset read deadline from %s: %s", conn.RemoteAddr(), err)
+	}
+
+	buf = buf[:n]
+
+	msg := &stun.Message{
+		Raw: make([]byte, len(buf)),
+	}
+	// Explicitly copy raw buffer so Message can own the memory.
+	copy(msg.Raw, buf)
+	if err = msg.Decode(); err != nil {
+		m.closeAndLogError(conn)
+		m.params.Logger.Warnf("Failed to handle decode ICE from %s to %s: %v", conn.RemoteAddr(), conn.LocalAddr(), err)
+		return
+	}
+
+	if m == nil || msg.Type.Method != stun.MethodBinding { // Not a STUN
+		m.closeAndLogError(conn)
+		m.params.Logger.Warnf("Not a STUN message from %s to %s", conn.RemoteAddr(), conn.LocalAddr())
+		return
+	}
+
+	for _, attr := range msg.Attributes {
+		m.params.Logger.Debugf("Message attribute: %s", attr.String())
+	}
+
+	attr, err := msg.Get(stun.AttrUsername)
+	if err != nil {
+		m.closeAndLogError(conn)
+		m.params.Logger.Warnf("No Username attribute in STUN message from %s to %s", conn.RemoteAddr(), conn.LocalAddr())
+		return
+	}
+
+	ufrag := strings.Split(string(attr), ":")[0]
+	m.params.Logger.Debugf("Ufrag: %s", ufrag)
+
+	host, _, err := net.SplitHostPort(conn.RemoteAddr().String())
+	if err != nil {
+		m.closeAndLogError(conn)
+		m.params.Logger.Warnf("Failed to get host in STUN message from %s to %s", conn.RemoteAddr(), conn.LocalAddr())
+		return
+	}
+
+	isIPv6 := net.ParseIP(host).To4() == nil
+
+	localAddr, ok := conn.LocalAddr().(*net.TCPAddr)
+	if !ok {
+		m.closeAndLogError(conn)
+		m.params.Logger.Warnf("Failed to get local tcp address in STUN message from %s to %s", conn.RemoteAddr(), conn.LocalAddr())
+		return
+	}
+	m.mu.Lock()
+	packetConn, ok := m.getConn(ufrag, isIPv6, localAddr.IP)
+	if !ok {
+		packetConn, err = m.createConn(ufrag, isIPv6, localAddr.IP, true)
+		if err != nil {
+			m.mu.Unlock()
+			m.closeAndLogError(conn)
+			m.params.Logger.Warnf("Failed to create packetConn for STUN message from %s to %s", conn.RemoteAddr(), conn.LocalAddr())
+			return
+		}
+	}
+	m.mu.Unlock()
+
+	if err := packetConn.AddConn(conn, buf); err != nil {
+		m.closeAndLogError(conn)
+		m.params.Logger.Warnf("Error adding conn to tcpPacketConn from %s to %s: %s", conn.RemoteAddr(), conn.LocalAddr(), err)
+		return
+	}
+}
+
+// Close closes the listener and waits for all goroutines to exit.
+func (m *TCPMuxDefault) Close() error {
+	m.mu.Lock()
+	m.closed = true
+
+	for _, conns := range m.connsIPv4 {
+		for _, conn := range conns {
+			m.closeAndLogError(conn)
+		}
+	}
+	for _, conns := range m.connsIPv6 {
+		for _, conn := range conns {
+			m.closeAndLogError(conn)
+		}
+	}
+
+	m.connsIPv4 = map[string]map[ipAddr]*tcpPacketConn{}
+	m.connsIPv6 = map[string]map[ipAddr]*tcpPacketConn{}
+
+	err := m.params.Listener.Close()
+
+	m.mu.Unlock()
+
+	m.wg.Wait()
+
+	return err
+}
+
+// RemoveConnByUfrag closes and removes a net.PacketConn by Ufrag.
+func (m *TCPMuxDefault) RemoveConnByUfrag(ufrag string) {
+	removedConns := make([]*tcpPacketConn, 0, 4)
+
+	// Keep lock section small to avoid deadlock with conn lock
+	m.mu.Lock()
+	if conns, ok := m.connsIPv4[ufrag]; ok {
+		delete(m.connsIPv4, ufrag)
+		for _, conn := range conns {
+			removedConns = append(removedConns, conn)
+		}
+	}
+	if conns, ok := m.connsIPv6[ufrag]; ok {
+		delete(m.connsIPv6, ufrag)
+		for _, conn := range conns {
+			removedConns = append(removedConns, conn)
+		}
+	}
+
+	m.mu.Unlock()
+
+	// Close the connections outside the critical section to avoid
+	// deadlocking TCP mux if (*tcpPacketConn).Close() blocks.
+	for _, conn := range removedConns {
+		m.closeAndLogError(conn)
+	}
+}
+
+func (m *TCPMuxDefault) removeConnByUfragAndLocalHost(ufrag string, local net.IP) {
+	removedConns := make([]*tcpPacketConn, 0, 4)
+
+	localIP := ipAddr(local.String())
+	// Keep lock section small to avoid deadlock with conn lock
+	m.mu.Lock()
+	if conns, ok := m.connsIPv4[ufrag]; ok {
+		if conn, ok := conns[localIP]; ok {
+			delete(conns, localIP)
+			if len(conns) == 0 {
+				delete(m.connsIPv4, ufrag)
+			}
+			removedConns = append(removedConns, conn)
+		}
+	}
+	if conns, ok := m.connsIPv6[ufrag]; ok {
+		if conn, ok := conns[localIP]; ok {
+			delete(conns, localIP)
+			if len(conns) == 0 {
+				delete(m.connsIPv6, ufrag)
+			}
+			removedConns = append(removedConns, conn)
+		}
+	}
+	m.mu.Unlock()
+
+	// Close the connections outside the critical section to avoid
+	// deadlocking TCP mux if (*tcpPacketConn).Close() blocks.
+	for _, conn := range removedConns {
+		m.closeAndLogError(conn)
+	}
+}
+
+func (m *TCPMuxDefault) getConn(ufrag string, isIPv6 bool, local net.IP) (val *tcpPacketConn, ok bool) {
+	var conns map[ipAddr]*tcpPacketConn
+	if isIPv6 {
+		conns, ok = m.connsIPv6[ufrag]
+	} else {
+		conns, ok = m.connsIPv4[ufrag]
+	}
+	if conns != nil {
+		val, ok = conns[ipAddr(local.String())]
+	}
+
+	return
+}
+
+const streamingPacketHeaderLen = 2
+
+// readStreamingPacket reads 1 packet from stream
+// read packet  bytes https://tools.ietf.org/html/rfc4571#section-2
+// 2-byte length header prepends each packet:
+//
+//	 0                   1                   2                   3
+//	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//	-----------------------------------------------------------------
+//	|             LENGTH            |  RTP or RTCP packet ...       |
+//	-----------------------------------------------------------------
+func readStreamingPacket(conn net.Conn, buf []byte) (int, error) {
+	header := make([]byte, streamingPacketHeaderLen)
+	var bytesRead, n int
+	var err error
+
+	for bytesRead < streamingPacketHeaderLen {
+		if n, err = conn.Read(header[bytesRead:streamingPacketHeaderLen]); err != nil {
+			return 0, err
+		}
+		bytesRead += n
+	}
+
+	length := int(binary.BigEndian.Uint16(header))
+
+	if length > cap(buf) {
+		return length, io.ErrShortBuffer
+	}
+
+	bytesRead = 0
+	for bytesRead < length {
+		if n, err = conn.Read(buf[bytesRead:length]); err != nil {
+			return 0, err
+		}
+		bytesRead += n
+	}
+
+	return bytesRead, nil
+}
+
+func writeStreamingPacket(conn net.Conn, buf []byte) (int, error) {
+	bufCopy := make([]byte, streamingPacketHeaderLen+len(buf))
+	binary.BigEndian.PutUint16(bufCopy, uint16(len(buf)))
+	copy(bufCopy[2:], buf)
+
+	n, err := conn.Write(bufCopy)
+	if err != nil {
+		return 0, err
+	}
+
+	return n - streamingPacketHeaderLen, nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/tcp_mux_multi.go b/server/vendor/github.com/pion/ice/v2/tcp_mux_multi.go
new file mode 100644
index 0000000..e32acbf
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/tcp_mux_multi.go
@@ -0,0 +1,81 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "net"
+
+// AllConnsGetter allows multiple fixed TCP ports to be used,
+// each of which is multiplexed like TCPMux. AllConnsGetter also acts as
+// a TCPMux, in which case it will return a single connection for one
+// of the ports.
+type AllConnsGetter interface {
+	GetAllConns(ufrag string, isIPv6 bool, localIP net.IP) ([]net.PacketConn, error)
+}
+
+// MultiTCPMuxDefault implements both TCPMux and AllConnsGetter,
+// allowing users to pass multiple TCPMux instances to the ICE agent
+// configuration.
+type MultiTCPMuxDefault struct {
+	muxes []TCPMux
+}
+
+// NewMultiTCPMuxDefault creates an instance of MultiTCPMuxDefault that
+// uses the provided TCPMux instances.
+func NewMultiTCPMuxDefault(muxes ...TCPMux) *MultiTCPMuxDefault {
+	return &MultiTCPMuxDefault{
+		muxes: muxes,
+	}
+}
+
+// GetConnByUfrag returns a PacketConn given the connection's ufrag, network and local address
+// creates the connection if an existing one can't be found. This, unlike
+// GetAllConns, will only return a single PacketConn from the first mux that was
+// passed in to NewMultiTCPMuxDefault.
+func (m *MultiTCPMuxDefault) GetConnByUfrag(ufrag string, isIPv6 bool, local net.IP) (net.PacketConn, error) {
+	// NOTE: We always use the first element here in order to maintain the
+	// behavior of using an existing connection if one exists.
+	if len(m.muxes) == 0 {
+		return nil, errNoTCPMuxAvailable
+	}
+	return m.muxes[0].GetConnByUfrag(ufrag, isIPv6, local)
+}
+
+// RemoveConnByUfrag stops and removes the muxed packet connection
+// from all underlying TCPMux instances.
+func (m *MultiTCPMuxDefault) RemoveConnByUfrag(ufrag string) {
+	for _, mux := range m.muxes {
+		mux.RemoveConnByUfrag(ufrag)
+	}
+}
+
+// GetAllConns returns a PacketConn for each underlying TCPMux
+func (m *MultiTCPMuxDefault) GetAllConns(ufrag string, isIPv6 bool, local net.IP) ([]net.PacketConn, error) {
+	if len(m.muxes) == 0 {
+		// Make sure that we either return at least one connection or an error.
+		return nil, errNoTCPMuxAvailable
+	}
+	var conns []net.PacketConn
+	for _, mux := range m.muxes {
+		conn, err := mux.GetConnByUfrag(ufrag, isIPv6, local)
+		if err != nil {
+			// For now, this implementation is all or none.
+			return nil, err
+		}
+		if conn != nil {
+			conns = append(conns, conn)
+		}
+	}
+	return conns, nil
+}
+
+// Close the multi mux, no further connections could be created
+func (m *MultiTCPMuxDefault) Close() error {
+	var err error
+	for _, mux := range m.muxes {
+		if e := mux.Close(); e != nil {
+			err = e
+		}
+	}
+	return err
+}
diff --git a/server/vendor/github.com/pion/ice/v2/tcp_packet_conn.go b/server/vendor/github.com/pion/ice/v2/tcp_packet_conn.go
new file mode 100644
index 0000000..60ea2c8
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/tcp_packet_conn.go
@@ -0,0 +1,324 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2/packetio"
+)
+
+type bufferedConn struct {
+	net.Conn
+	buf    *packetio.Buffer
+	logger logging.LeveledLogger
+	closed int32
+}
+
+func newBufferedConn(conn net.Conn, bufSize int, logger logging.LeveledLogger) net.Conn {
+	buf := packetio.NewBuffer()
+	if bufSize > 0 {
+		buf.SetLimitSize(bufSize)
+	}
+
+	bc := &bufferedConn{
+		Conn:   conn,
+		buf:    buf,
+		logger: logger,
+	}
+
+	go bc.writeProcess()
+	return bc
+}
+
+func (bc *bufferedConn) Write(b []byte) (int, error) {
+	n, err := bc.buf.Write(b)
+	if err != nil {
+		return n, err
+	}
+	return n, nil
+}
+
+func (bc *bufferedConn) writeProcess() {
+	pktBuf := make([]byte, receiveMTU)
+	for atomic.LoadInt32(&bc.closed) == 0 {
+		n, err := bc.buf.Read(pktBuf)
+		if errors.Is(err, io.EOF) {
+			return
+		}
+
+		if err != nil {
+			bc.logger.Warnf("Failed to read from buffer: %s", err)
+			continue
+		}
+
+		if _, err := bc.Conn.Write(pktBuf[:n]); err != nil {
+			bc.logger.Warnf("Failed to write: %s", err)
+			continue
+		}
+	}
+}
+
+func (bc *bufferedConn) Close() error {
+	atomic.StoreInt32(&bc.closed, 1)
+	_ = bc.buf.Close()
+	return bc.Conn.Close()
+}
+
+type tcpPacketConn struct {
+	params *tcpPacketParams
+
+	// conns is a map of net.Conns indexed by remote net.Addr.String()
+	conns map[string]net.Conn
+
+	recvChan chan streamingPacket
+
+	mu         sync.Mutex
+	wg         sync.WaitGroup
+	closedChan chan struct{}
+	closeOnce  sync.Once
+	aliveTimer *time.Timer
+}
+
+type streamingPacket struct {
+	Data  []byte
+	RAddr net.Addr
+	Err   error
+}
+
+type tcpPacketParams struct {
+	ReadBuffer    int
+	LocalAddr     net.Addr
+	Logger        logging.LeveledLogger
+	WriteBuffer   int
+	AliveDuration time.Duration
+}
+
+func newTCPPacketConn(params tcpPacketParams) *tcpPacketConn {
+	p := &tcpPacketConn{
+		params: &params,
+
+		conns: map[string]net.Conn{},
+
+		recvChan:   make(chan streamingPacket, params.ReadBuffer),
+		closedChan: make(chan struct{}),
+	}
+
+	if params.AliveDuration > 0 {
+		p.aliveTimer = time.AfterFunc(params.AliveDuration, func() {
+			p.params.Logger.Warn("close tcp packet conn by alive timeout")
+			_ = p.Close()
+		})
+	}
+
+	return p
+}
+
+func (t *tcpPacketConn) ClearAliveTimer() {
+	t.mu.Lock()
+	if t.aliveTimer != nil {
+		t.aliveTimer.Stop()
+	}
+	t.mu.Unlock()
+}
+
+func (t *tcpPacketConn) AddConn(conn net.Conn, firstPacketData []byte) error {
+	t.params.Logger.Infof("Added connection: %s remote %s to local %s", conn.RemoteAddr().Network(), conn.RemoteAddr(), conn.LocalAddr())
+
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	select {
+	case <-t.closedChan:
+		return io.ErrClosedPipe
+	default:
+	}
+
+	if _, ok := t.conns[conn.RemoteAddr().String()]; ok {
+		return fmt.Errorf("%w: %s", errConnectionAddrAlreadyExist, conn.RemoteAddr().String())
+	}
+
+	if t.params.WriteBuffer > 0 {
+		conn = newBufferedConn(conn, t.params.WriteBuffer, t.params.Logger)
+	}
+	t.conns[conn.RemoteAddr().String()] = conn
+
+	t.wg.Add(1)
+	go func() {
+		defer t.wg.Done()
+		if firstPacketData != nil {
+			select {
+			case <-t.closedChan:
+				// NOTE: recvChan can fill up and never drain in edge
+				// cases while closing a connection, which can cause the
+				// packetConn to never finish closing. Bail out early
+				// here to prevent that.
+				return
+			case t.recvChan <- streamingPacket{firstPacketData, conn.RemoteAddr(), nil}:
+			}
+		}
+		t.startReading(conn)
+	}()
+
+	return nil
+}
+
+func (t *tcpPacketConn) startReading(conn net.Conn) {
+	buf := make([]byte, receiveMTU)
+
+	for {
+		n, err := readStreamingPacket(conn, buf)
+		if err != nil {
+			t.params.Logger.Warnf("Failed to read streaming packet: %s", err)
+			t.handleRecv(streamingPacket{nil, conn.RemoteAddr(), err})
+			t.removeConn(conn)
+			return
+		}
+
+		data := make([]byte, n)
+		copy(data, buf[:n])
+
+		t.handleRecv(streamingPacket{data, conn.RemoteAddr(), nil})
+	}
+}
+
+func (t *tcpPacketConn) handleRecv(pkt streamingPacket) {
+	t.mu.Lock()
+
+	recvChan := t.recvChan
+	if t.isClosed() {
+		recvChan = nil
+	}
+
+	t.mu.Unlock()
+
+	select {
+	case recvChan <- pkt:
+	case <-t.closedChan:
+	}
+}
+
+func (t *tcpPacketConn) isClosed() bool {
+	select {
+	case <-t.closedChan:
+		return true
+	default:
+		return false
+	}
+}
+
+// WriteTo is for passive and s-o candidates.
+func (t *tcpPacketConn) ReadFrom(b []byte) (n int, rAddr net.Addr, err error) {
+	pkt, ok := <-t.recvChan
+
+	if !ok {
+		return 0, nil, io.ErrClosedPipe
+	}
+
+	if pkt.Err != nil {
+		return 0, pkt.RAddr, pkt.Err
+	}
+
+	if cap(b) < len(pkt.Data) {
+		return 0, pkt.RAddr, io.ErrShortBuffer
+	}
+
+	n = len(pkt.Data)
+	copy(b, pkt.Data[:n])
+	return n, pkt.RAddr, err
+}
+
+// WriteTo is for active and s-o candidates.
+func (t *tcpPacketConn) WriteTo(buf []byte, rAddr net.Addr) (n int, err error) {
+	t.mu.Lock()
+	conn, ok := t.conns[rAddr.String()]
+	t.mu.Unlock()
+
+	if !ok {
+		return 0, io.ErrClosedPipe
+	}
+
+	n, err = writeStreamingPacket(conn, buf)
+	if err != nil {
+		t.params.Logger.Tracef("%w %s", errWrite, rAddr)
+		return n, err
+	}
+
+	return n, err
+}
+
+func (t *tcpPacketConn) closeAndLogError(closer io.Closer) {
+	err := closer.Close()
+	if err != nil {
+		t.params.Logger.Warnf("%v: %s", errClosingConnection, err)
+	}
+}
+
+func (t *tcpPacketConn) removeConn(conn net.Conn) {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	t.closeAndLogError(conn)
+
+	delete(t.conns, conn.RemoteAddr().String())
+}
+
+func (t *tcpPacketConn) Close() error {
+	t.mu.Lock()
+
+	var shouldCloseRecvChan bool
+	t.closeOnce.Do(func() {
+		close(t.closedChan)
+		shouldCloseRecvChan = true
+		if t.aliveTimer != nil {
+			t.aliveTimer.Stop()
+		}
+	})
+
+	for _, conn := range t.conns {
+		t.closeAndLogError(conn)
+		delete(t.conns, conn.RemoteAddr().String())
+	}
+
+	t.mu.Unlock()
+
+	t.wg.Wait()
+
+	if shouldCloseRecvChan {
+		close(t.recvChan)
+	}
+
+	return nil
+}
+
+func (t *tcpPacketConn) LocalAddr() net.Addr {
+	return t.params.LocalAddr
+}
+
+func (t *tcpPacketConn) SetDeadline(time.Time) error {
+	return nil
+}
+
+func (t *tcpPacketConn) SetReadDeadline(time.Time) error {
+	return nil
+}
+
+func (t *tcpPacketConn) SetWriteDeadline(time.Time) error {
+	return nil
+}
+
+func (t *tcpPacketConn) CloseChannel() <-chan struct{} {
+	return t.closedChan
+}
+
+func (t *tcpPacketConn) String() string {
+	return fmt.Sprintf("tcpPacketConn{LocalAddr: %s}", t.params.LocalAddr)
+}
diff --git a/server/vendor/github.com/pion/ice/v2/tcptype.go b/server/vendor/github.com/pion/ice/v2/tcptype.go
new file mode 100644
index 0000000..e500e57
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/tcptype.go
@@ -0,0 +1,51 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "strings"
+
+// TCPType is the type of ICE TCP candidate as described in
+// https://tools.ietf.org/html/rfc6544#section-4.5
+type TCPType int
+
+const (
+	// TCPTypeUnspecified is the default value. For example UDP candidates do not
+	// need this field.
+	TCPTypeUnspecified TCPType = iota
+	// TCPTypeActive is active TCP candidate, which initiates TCP connections.
+	TCPTypeActive
+	// TCPTypePassive is passive TCP candidate, only accepts TCP connections.
+	TCPTypePassive
+	// TCPTypeSimultaneousOpen is like active and passive at the same time.
+	TCPTypeSimultaneousOpen
+)
+
+// NewTCPType creates a new TCPType from string.
+func NewTCPType(value string) TCPType {
+	switch strings.ToLower(value) {
+	case "active":
+		return TCPTypeActive
+	case "passive":
+		return TCPTypePassive
+	case "so":
+		return TCPTypeSimultaneousOpen
+	default:
+		return TCPTypeUnspecified
+	}
+}
+
+func (t TCPType) String() string {
+	switch t {
+	case TCPTypeUnspecified:
+		return ""
+	case TCPTypeActive:
+		return "active"
+	case TCPTypePassive:
+		return "passive"
+	case TCPTypeSimultaneousOpen:
+		return "so"
+	default:
+		return ErrUnknownType.Error()
+	}
+}
diff --git a/server/vendor/github.com/pion/ice/v2/test_utils.go b/server/vendor/github.com/pion/ice/v2/test_utils.go
new file mode 100644
index 0000000..235fda3
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/test_utils.go
@@ -0,0 +1,79 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package ice
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func newHostRemote(t *testing.T) *CandidateHost {
+	remoteHostConfig := &CandidateHostConfig{
+		Network:   "udp",
+		Address:   "1.2.3.5",
+		Port:      12350,
+		Component: 1,
+	}
+	hostRemote, err := NewCandidateHost(remoteHostConfig)
+	require.NoError(t, err)
+	return hostRemote
+}
+
+func newPrflxRemote(t *testing.T) *CandidatePeerReflexive {
+	prflxConfig := &CandidatePeerReflexiveConfig{
+		Network:   "udp",
+		Address:   "10.10.10.2",
+		Port:      19217,
+		Component: 1,
+		RelAddr:   "4.3.2.1",
+		RelPort:   43211,
+	}
+	prflxRemote, err := NewCandidatePeerReflexive(prflxConfig)
+	require.NoError(t, err)
+	return prflxRemote
+}
+
+func newSrflxRemote(t *testing.T) *CandidateServerReflexive {
+	srflxConfig := &CandidateServerReflexiveConfig{
+		Network:   "udp",
+		Address:   "10.10.10.2",
+		Port:      19218,
+		Component: 1,
+		RelAddr:   "4.3.2.1",
+		RelPort:   43212,
+	}
+	srflxRemote, err := NewCandidateServerReflexive(srflxConfig)
+	require.NoError(t, err)
+	return srflxRemote
+}
+
+func newRelayRemote(t *testing.T) *CandidateRelay {
+	relayConfig := &CandidateRelayConfig{
+		Network:   "udp",
+		Address:   "1.2.3.4",
+		Port:      12340,
+		Component: 1,
+		RelAddr:   "4.3.2.1",
+		RelPort:   43210,
+	}
+	relayRemote, err := NewCandidateRelay(relayConfig)
+	require.NoError(t, err)
+	return relayRemote
+}
+
+func newHostLocal(t *testing.T) *CandidateHost {
+	localHostConfig := &CandidateHostConfig{
+		Network:   "udp",
+		Address:   "192.168.1.1",
+		Port:      19216,
+		Component: 1,
+	}
+	hostLocal, err := NewCandidateHost(localHostConfig)
+	require.NoError(t, err)
+	return hostLocal
+}
diff --git a/server/vendor/github.com/pion/ice/v2/transport.go b/server/vendor/github.com/pion/ice/v2/transport.go
new file mode 100644
index 0000000..93dc719
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/transport.go
@@ -0,0 +1,148 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"context"
+	"net"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/stun"
+)
+
+// Dial connects to the remote agent, acting as the controlling ice agent.
+// Dial blocks until at least one ice candidate pair has successfully connected.
+func (a *Agent) Dial(ctx context.Context, remoteUfrag, remotePwd string) (*Conn, error) {
+	return a.connect(ctx, true, remoteUfrag, remotePwd)
+}
+
+// Accept connects to the remote agent, acting as the controlled ice agent.
+// Accept blocks until at least one ice candidate pair has successfully connected.
+func (a *Agent) Accept(ctx context.Context, remoteUfrag, remotePwd string) (*Conn, error) {
+	return a.connect(ctx, false, remoteUfrag, remotePwd)
+}
+
+// Conn represents the ICE connection.
+// At the moment the lifetime of the Conn is equal to the Agent.
+type Conn struct {
+	bytesReceived uint64
+	bytesSent     uint64
+	agent         *Agent
+}
+
+// BytesSent returns the number of bytes sent
+func (c *Conn) BytesSent() uint64 {
+	return atomic.LoadUint64(&c.bytesSent)
+}
+
+// BytesReceived returns the number of bytes received
+func (c *Conn) BytesReceived() uint64 {
+	return atomic.LoadUint64(&c.bytesReceived)
+}
+
+func (a *Agent) connect(ctx context.Context, isControlling bool, remoteUfrag, remotePwd string) (*Conn, error) {
+	err := a.ok()
+	if err != nil {
+		return nil, err
+	}
+	err = a.startConnectivityChecks(isControlling, remoteUfrag, remotePwd) //nolint:contextcheck
+	if err != nil {
+		return nil, err
+	}
+
+	// Block until pair selected
+	select {
+	case <-a.done:
+		return nil, a.getErr()
+	case <-ctx.Done():
+		return nil, ErrCanceledByCaller
+	case <-a.onConnected:
+	}
+
+	return &Conn{
+		agent: a,
+	}, nil
+}
+
+// Read implements the Conn Read method.
+func (c *Conn) Read(p []byte) (int, error) {
+	err := c.agent.ok()
+	if err != nil {
+		return 0, err
+	}
+
+	n, err := c.agent.buf.Read(p)
+	atomic.AddUint64(&c.bytesReceived, uint64(n))
+	return n, err
+}
+
+// Write implements the Conn Write method.
+func (c *Conn) Write(p []byte) (int, error) {
+	err := c.agent.ok()
+	if err != nil {
+		return 0, err
+	}
+
+	if stun.IsMessage(p) {
+		return 0, errWriteSTUNMessageToIceConn
+	}
+
+	pair := c.agent.getSelectedPair()
+	if pair == nil {
+		if err = c.agent.run(c.agent.context(), func(ctx context.Context, a *Agent) {
+			pair = a.getBestValidCandidatePair()
+		}); err != nil {
+			return 0, err
+		}
+
+		if pair == nil {
+			return 0, err
+		}
+	}
+
+	atomic.AddUint64(&c.bytesSent, uint64(len(p)))
+	return pair.Write(p)
+}
+
+// Close implements the Conn Close method. It is used to close
+// the connection. Any calls to Read and Write will be unblocked and return an error.
+func (c *Conn) Close() error {
+	return c.agent.Close()
+}
+
+// LocalAddr returns the local address of the current selected pair or nil if there is none.
+func (c *Conn) LocalAddr() net.Addr {
+	pair := c.agent.getSelectedPair()
+	if pair == nil {
+		return nil
+	}
+
+	return pair.Local.addr()
+}
+
+// RemoteAddr returns the remote address of the current selected pair or nil if there is none.
+func (c *Conn) RemoteAddr() net.Addr {
+	pair := c.agent.getSelectedPair()
+	if pair == nil {
+		return nil
+	}
+
+	return pair.Remote.addr()
+}
+
+// SetDeadline is a stub
+func (c *Conn) SetDeadline(time.Time) error {
+	return nil
+}
+
+// SetReadDeadline is a stub
+func (c *Conn) SetReadDeadline(time.Time) error {
+	return nil
+}
+
+// SetWriteDeadline is a stub
+func (c *Conn) SetWriteDeadline(time.Time) error {
+	return nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/udp_mux.go b/server/vendor/github.com/pion/ice/v2/udp_mux.go
new file mode 100644
index 0000000..ba2a7e3
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/udp_mux.go
@@ -0,0 +1,368 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"errors"
+	"io"
+	"net"
+	"os"
+	"strings"
+	"sync"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/stdnet"
+)
+
+// UDPMux allows multiple connections to go over a single UDP port
+type UDPMux interface {
+	io.Closer
+	GetConn(ufrag string, addr net.Addr) (net.PacketConn, error)
+	RemoveConnByUfrag(ufrag string)
+	GetListenAddresses() []net.Addr
+}
+
+// UDPMuxDefault is an implementation of the interface
+type UDPMuxDefault struct {
+	params UDPMuxParams
+
+	closedChan chan struct{}
+	closeOnce  sync.Once
+
+	// connsIPv4 and connsIPv6 are maps of all udpMuxedConn indexed by ufrag|network|candidateType
+	connsIPv4, connsIPv6 map[string]*udpMuxedConn
+
+	addressMapMu sync.RWMutex
+	addressMap   map[udpMuxedConnAddr]*udpMuxedConn
+
+	// Buffer pool to recycle buffers for net.UDPAddr encodes/decodes
+	pool *sync.Pool
+
+	mu sync.Mutex
+
+	// For UDP connection listen at unspecified address
+	localAddrsForUnspecified []net.Addr
+}
+
+// UDPMuxParams are parameters for UDPMux.
+type UDPMuxParams struct {
+	Logger  logging.LeveledLogger
+	UDPConn net.PacketConn
+
+	// Required for gathering local addresses
+	// in case a un UDPConn is passed which does not
+	// bind to a specific local address.
+	Net transport.Net
+}
+
+// NewUDPMuxDefault creates an implementation of UDPMux
+func NewUDPMuxDefault(params UDPMuxParams) *UDPMuxDefault {
+	if params.Logger == nil {
+		params.Logger = logging.NewDefaultLoggerFactory().NewLogger("ice")
+	}
+
+	var localAddrsForUnspecified []net.Addr
+	if addr, ok := params.UDPConn.LocalAddr().(*net.UDPAddr); !ok {
+		params.Logger.Errorf("LocalAddr is not a net.UDPAddr, got %T", params.UDPConn.LocalAddr())
+	} else if ok && addr.IP.IsUnspecified() {
+		// For unspecified addresses, the correct behavior is to return errListenUnspecified, but
+		// it will break the applications that are already using unspecified UDP connection
+		// with UDPMuxDefault, so print a warn log and create a local address list for mux.
+		params.Logger.Warn("UDPMuxDefault should not listening on unspecified address, use NewMultiUDPMuxFromPort instead")
+		var networks []NetworkType
+		switch {
+		case addr.IP.To4() != nil:
+			networks = []NetworkType{NetworkTypeUDP4}
+
+		case addr.IP.To16() != nil:
+			networks = []NetworkType{NetworkTypeUDP4, NetworkTypeUDP6}
+
+		default:
+			params.Logger.Errorf("LocalAddr expected IPV4 or IPV6, got %T", params.UDPConn.LocalAddr())
+		}
+		if len(networks) > 0 {
+			if params.Net == nil {
+				var err error
+				if params.Net, err = stdnet.NewNet(); err != nil {
+					params.Logger.Errorf("Failed to get create network: %v", err)
+				}
+			}
+
+			ips, err := localInterfaces(params.Net, nil, nil, networks, true)
+			if err == nil {
+				for _, ip := range ips {
+					localAddrsForUnspecified = append(localAddrsForUnspecified, &net.UDPAddr{IP: ip, Port: addr.Port})
+				}
+			} else {
+				params.Logger.Errorf("Failed to get local interfaces for unspecified addr: %v", err)
+			}
+		}
+	}
+
+	m := &UDPMuxDefault{
+		addressMap: map[udpMuxedConnAddr]*udpMuxedConn{},
+		params:     params,
+		connsIPv4:  make(map[string]*udpMuxedConn),
+		connsIPv6:  make(map[string]*udpMuxedConn),
+		closedChan: make(chan struct{}, 1),
+		pool: &sync.Pool{
+			New: func() interface{} {
+				// Big enough buffer to fit both packet and address
+				return newBufferHolder(receiveMTU)
+			},
+		},
+		localAddrsForUnspecified: localAddrsForUnspecified,
+	}
+
+	go m.connWorker()
+
+	return m
+}
+
+// LocalAddr returns the listening address of this UDPMuxDefault
+func (m *UDPMuxDefault) LocalAddr() net.Addr {
+	return m.params.UDPConn.LocalAddr()
+}
+
+// GetListenAddresses returns the list of addresses that this mux is listening on
+func (m *UDPMuxDefault) GetListenAddresses() []net.Addr {
+	if len(m.localAddrsForUnspecified) > 0 {
+		return m.localAddrsForUnspecified
+	}
+
+	return []net.Addr{m.LocalAddr()}
+}
+
+// GetConn returns a PacketConn given the connection's ufrag and network address
+// creates the connection if an existing one can't be found
+func (m *UDPMuxDefault) GetConn(ufrag string, addr net.Addr) (net.PacketConn, error) {
+	// don't check addr for mux using unspecified address
+	if len(m.localAddrsForUnspecified) == 0 && m.params.UDPConn.LocalAddr().String() != addr.String() {
+		return nil, errInvalidAddress
+	}
+
+	var isIPv6 bool
+	if udpAddr, _ := addr.(*net.UDPAddr); udpAddr != nil && udpAddr.IP.To4() == nil {
+		isIPv6 = true
+	}
+	m.mu.Lock()
+	defer m.mu.Unlock()
+
+	if m.IsClosed() {
+		return nil, io.ErrClosedPipe
+	}
+
+	if conn, ok := m.getConn(ufrag, isIPv6); ok {
+		return conn, nil
+	}
+
+	c := m.createMuxedConn(ufrag)
+	go func() {
+		<-c.CloseChannel()
+		m.RemoveConnByUfrag(ufrag)
+	}()
+
+	if isIPv6 {
+		m.connsIPv6[ufrag] = c
+	} else {
+		m.connsIPv4[ufrag] = c
+	}
+
+	return c, nil
+}
+
+// RemoveConnByUfrag stops and removes the muxed packet connection
+func (m *UDPMuxDefault) RemoveConnByUfrag(ufrag string) {
+	removedConns := make([]*udpMuxedConn, 0, 2)
+
+	// Keep lock section small to avoid deadlock with conn lock
+	m.mu.Lock()
+	if c, ok := m.connsIPv4[ufrag]; ok {
+		delete(m.connsIPv4, ufrag)
+		removedConns = append(removedConns, c)
+	}
+	if c, ok := m.connsIPv6[ufrag]; ok {
+		delete(m.connsIPv6, ufrag)
+		removedConns = append(removedConns, c)
+	}
+	m.mu.Unlock()
+
+	if len(removedConns) == 0 {
+		// No need to lock if no connection was found
+		return
+	}
+
+	m.addressMapMu.Lock()
+	defer m.addressMapMu.Unlock()
+
+	for _, c := range removedConns {
+		addresses := c.getAddresses()
+		for _, addr := range addresses {
+			delete(m.addressMap, addr)
+		}
+	}
+}
+
+// IsClosed returns true if the mux had been closed
+func (m *UDPMuxDefault) IsClosed() bool {
+	select {
+	case <-m.closedChan:
+		return true
+	default:
+		return false
+	}
+}
+
+// Close the mux, no further connections could be created
+func (m *UDPMuxDefault) Close() error {
+	var err error
+	m.closeOnce.Do(func() {
+		m.mu.Lock()
+		defer m.mu.Unlock()
+
+		for _, c := range m.connsIPv4 {
+			_ = c.Close()
+		}
+		for _, c := range m.connsIPv6 {
+			_ = c.Close()
+		}
+
+		m.connsIPv4 = make(map[string]*udpMuxedConn)
+		m.connsIPv6 = make(map[string]*udpMuxedConn)
+
+		close(m.closedChan)
+
+		_ = m.params.UDPConn.Close()
+	})
+	return err
+}
+
+func (m *UDPMuxDefault) writeTo(buf []byte, rAddr net.Addr) (n int, err error) {
+	return m.params.UDPConn.WriteTo(buf, rAddr)
+}
+
+func (m *UDPMuxDefault) registerConnForAddress(conn *udpMuxedConn, addr udpMuxedConnAddr) {
+	if m.IsClosed() {
+		return
+	}
+
+	m.addressMapMu.Lock()
+	defer m.addressMapMu.Unlock()
+
+	existing, ok := m.addressMap[addr]
+	if ok {
+		existing.removeAddress(addr)
+	}
+	m.addressMap[addr] = conn
+
+	m.params.Logger.Debugf("Registered %s for %s", addr, conn.params.Key)
+}
+
+func (m *UDPMuxDefault) createMuxedConn(key string) *udpMuxedConn {
+	c := newUDPMuxedConn(&udpMuxedConnParams{
+		Mux:       m,
+		Key:       key,
+		AddrPool:  m.pool,
+		LocalAddr: m.LocalAddr(),
+		Logger:    m.params.Logger,
+	})
+	return c
+}
+
+func (m *UDPMuxDefault) connWorker() {
+	logger := m.params.Logger
+
+	defer func() {
+		_ = m.Close()
+	}()
+
+	buf := make([]byte, receiveMTU)
+	for {
+		n, addr, err := m.params.UDPConn.ReadFrom(buf)
+		if m.IsClosed() {
+			return
+		} else if err != nil {
+			if os.IsTimeout(err) {
+				continue
+			} else if !errors.Is(err, io.EOF) {
+				logger.Errorf("Failed to read UDP packet: %v", err)
+			}
+
+			return
+		}
+
+		udpAddr, ok := addr.(*net.UDPAddr)
+		if !ok {
+			logger.Errorf("Underlying PacketConn did not return a UDPAddr")
+			return
+		}
+
+		// If we have already seen this address dispatch to the appropriate destination
+		m.addressMapMu.Lock()
+		destinationConn := m.addressMap[newUDPMuxedConnAddr(udpAddr)]
+		m.addressMapMu.Unlock()
+
+		// If we haven't seen this address before but is a STUN packet lookup by ufrag
+		if destinationConn == nil && stun.IsMessage(buf[:n]) {
+			msg := &stun.Message{
+				Raw: append([]byte{}, buf[:n]...),
+			}
+
+			if err = msg.Decode(); err != nil {
+				m.params.Logger.Warnf("Failed to handle decode ICE from %s: %v", addr.String(), err)
+				continue
+			}
+
+			attr, stunAttrErr := msg.Get(stun.AttrUsername)
+			if stunAttrErr != nil {
+				m.params.Logger.Warnf("No Username attribute in STUN message from %s", addr.String())
+				continue
+			}
+
+			ufrag := strings.Split(string(attr), ":")[0]
+			isIPv6 := udpAddr.IP.To4() == nil
+
+			m.mu.Lock()
+			destinationConn, _ = m.getConn(ufrag, isIPv6)
+			m.mu.Unlock()
+		}
+
+		if destinationConn == nil {
+			m.params.Logger.Tracef("Dropping packet from %s, addr: %s", udpAddr, addr)
+			continue
+		}
+
+		if err = destinationConn.writePacket(buf[:n], udpAddr); err != nil {
+			m.params.Logger.Errorf("Failed to write packet: %v", err)
+		}
+	}
+}
+
+func (m *UDPMuxDefault) getConn(ufrag string, isIPv6 bool) (val *udpMuxedConn, ok bool) {
+	if isIPv6 {
+		val, ok = m.connsIPv6[ufrag]
+	} else {
+		val, ok = m.connsIPv4[ufrag]
+	}
+	return
+}
+
+type bufferHolder struct {
+	next *bufferHolder
+	buf  []byte
+	addr *net.UDPAddr
+}
+
+func newBufferHolder(size int) *bufferHolder {
+	return &bufferHolder{
+		buf: make([]byte, size),
+	}
+}
+
+func (b *bufferHolder) reset() {
+	b.next = nil
+	b.addr = nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/udp_mux_multi.go b/server/vendor/github.com/pion/ice/v2/udp_mux_multi.go
new file mode 100644
index 0000000..158cbc3
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/udp_mux_multi.go
@@ -0,0 +1,228 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/stdnet"
+)
+
+// MultiUDPMuxDefault implements both UDPMux and AllConnsGetter,
+// allowing users to pass multiple UDPMux instances to the ICE agent
+// configuration.
+type MultiUDPMuxDefault struct {
+	muxes          []UDPMux
+	localAddrToMux map[string]UDPMux
+}
+
+// NewMultiUDPMuxDefault creates an instance of MultiUDPMuxDefault that
+// uses the provided UDPMux instances.
+func NewMultiUDPMuxDefault(muxes ...UDPMux) *MultiUDPMuxDefault {
+	addrToMux := make(map[string]UDPMux)
+	for _, mux := range muxes {
+		for _, addr := range mux.GetListenAddresses() {
+			addrToMux[addr.String()] = mux
+		}
+	}
+	return &MultiUDPMuxDefault{
+		muxes:          muxes,
+		localAddrToMux: addrToMux,
+	}
+}
+
+// GetConn returns a PacketConn given the connection's ufrag and network
+// creates the connection if an existing one can't be found.
+func (m *MultiUDPMuxDefault) GetConn(ufrag string, addr net.Addr) (net.PacketConn, error) {
+	mux, ok := m.localAddrToMux[addr.String()]
+	if !ok {
+		return nil, errNoUDPMuxAvailable
+	}
+	return mux.GetConn(ufrag, addr)
+}
+
+// RemoveConnByUfrag stops and removes the muxed packet connection
+// from all underlying UDPMux instances.
+func (m *MultiUDPMuxDefault) RemoveConnByUfrag(ufrag string) {
+	for _, mux := range m.muxes {
+		mux.RemoveConnByUfrag(ufrag)
+	}
+}
+
+// Close the multi mux, no further connections could be created
+func (m *MultiUDPMuxDefault) Close() error {
+	var err error
+	for _, mux := range m.muxes {
+		if e := mux.Close(); e != nil {
+			err = e
+		}
+	}
+	return err
+}
+
+// GetListenAddresses returns the list of addresses that this mux is listening on
+func (m *MultiUDPMuxDefault) GetListenAddresses() []net.Addr {
+	addrs := make([]net.Addr, 0, len(m.localAddrToMux))
+	for _, mux := range m.muxes {
+		addrs = append(addrs, mux.GetListenAddresses()...)
+	}
+	return addrs
+}
+
+// NewMultiUDPMuxFromPort creates an instance of MultiUDPMuxDefault that
+// listen all interfaces on the provided port.
+func NewMultiUDPMuxFromPort(port int, opts ...UDPMuxFromPortOption) (*MultiUDPMuxDefault, error) {
+	params := multiUDPMuxFromPortParam{
+		networks: []NetworkType{NetworkTypeUDP4, NetworkTypeUDP6},
+	}
+	for _, opt := range opts {
+		opt.apply(&params)
+	}
+
+	if params.net == nil {
+		var err error
+		if params.net, err = stdnet.NewNet(); err != nil {
+			return nil, fmt.Errorf("failed to get create network: %w", err)
+		}
+	}
+
+	ips, err := localInterfaces(params.net, params.ifFilter, params.ipFilter, params.networks, params.includeLoopback)
+	if err != nil {
+		return nil, err
+	}
+
+	conns := make([]net.PacketConn, 0, len(ips))
+	for _, ip := range ips {
+		conn, listenErr := params.net.ListenUDP("udp", &net.UDPAddr{IP: ip, Port: port})
+		if listenErr != nil {
+			err = listenErr
+			break
+		}
+		if params.readBufferSize > 0 {
+			_ = conn.SetReadBuffer(params.readBufferSize)
+		}
+		if params.writeBufferSize > 0 {
+			_ = conn.SetWriteBuffer(params.writeBufferSize)
+		}
+		conns = append(conns, conn)
+	}
+
+	if err != nil {
+		for _, conn := range conns {
+			_ = conn.Close()
+		}
+		return nil, err
+	}
+
+	muxes := make([]UDPMux, 0, len(conns))
+	for _, conn := range conns {
+		mux := NewUDPMuxDefault(UDPMuxParams{
+			Logger:  params.logger,
+			UDPConn: conn,
+			Net:     params.net,
+		})
+		muxes = append(muxes, mux)
+	}
+
+	return NewMultiUDPMuxDefault(muxes...), nil
+}
+
+// UDPMuxFromPortOption provide options for NewMultiUDPMuxFromPort
+type UDPMuxFromPortOption interface {
+	apply(*multiUDPMuxFromPortParam)
+}
+
+type multiUDPMuxFromPortParam struct {
+	ifFilter        func(string) bool
+	ipFilter        func(ip net.IP) bool
+	networks        []NetworkType
+	readBufferSize  int
+	writeBufferSize int
+	logger          logging.LeveledLogger
+	includeLoopback bool
+	net             transport.Net
+}
+
+type udpMuxFromPortOption struct {
+	f func(*multiUDPMuxFromPortParam)
+}
+
+func (o *udpMuxFromPortOption) apply(p *multiUDPMuxFromPortParam) {
+	o.f(p)
+}
+
+// UDPMuxFromPortWithInterfaceFilter set the filter to filter out interfaces that should not be used
+func UDPMuxFromPortWithInterfaceFilter(f func(string) bool) UDPMuxFromPortOption {
+	return &udpMuxFromPortOption{
+		f: func(p *multiUDPMuxFromPortParam) {
+			p.ifFilter = f
+		},
+	}
+}
+
+// UDPMuxFromPortWithIPFilter set the filter to filter out IP addresses that should not be used
+func UDPMuxFromPortWithIPFilter(f func(ip net.IP) bool) UDPMuxFromPortOption {
+	return &udpMuxFromPortOption{
+		f: func(p *multiUDPMuxFromPortParam) {
+			p.ipFilter = f
+		},
+	}
+}
+
+// UDPMuxFromPortWithNetworks set the networks that should be used. default is both IPv4 and IPv6
+func UDPMuxFromPortWithNetworks(networks ...NetworkType) UDPMuxFromPortOption {
+	return &udpMuxFromPortOption{
+		f: func(p *multiUDPMuxFromPortParam) {
+			p.networks = networks
+		},
+	}
+}
+
+// UDPMuxFromPortWithReadBufferSize set the UDP connection read buffer size
+func UDPMuxFromPortWithReadBufferSize(size int) UDPMuxFromPortOption {
+	return &udpMuxFromPortOption{
+		f: func(p *multiUDPMuxFromPortParam) {
+			p.readBufferSize = size
+		},
+	}
+}
+
+// UDPMuxFromPortWithWriteBufferSize set the UDP connection write buffer size
+func UDPMuxFromPortWithWriteBufferSize(size int) UDPMuxFromPortOption {
+	return &udpMuxFromPortOption{
+		f: func(p *multiUDPMuxFromPortParam) {
+			p.writeBufferSize = size
+		},
+	}
+}
+
+// UDPMuxFromPortWithLogger set the logger for the created UDPMux
+func UDPMuxFromPortWithLogger(logger logging.LeveledLogger) UDPMuxFromPortOption {
+	return &udpMuxFromPortOption{
+		f: func(p *multiUDPMuxFromPortParam) {
+			p.logger = logger
+		},
+	}
+}
+
+// UDPMuxFromPortWithLoopback set loopback interface should be included
+func UDPMuxFromPortWithLoopback() UDPMuxFromPortOption {
+	return &udpMuxFromPortOption{
+		f: func(p *multiUDPMuxFromPortParam) {
+			p.includeLoopback = true
+		},
+	}
+}
+
+// UDPMuxFromPortWithNet sets the network transport to use.
+func UDPMuxFromPortWithNet(n transport.Net) UDPMuxFromPortOption {
+	return &udpMuxFromPortOption{
+		f: func(p *multiUDPMuxFromPortParam) {
+			p.net = n
+		},
+	}
+}
diff --git a/server/vendor/github.com/pion/ice/v2/udp_mux_universal.go b/server/vendor/github.com/pion/ice/v2/udp_mux_universal.go
new file mode 100644
index 0000000..0a648af
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/udp_mux_universal.go
@@ -0,0 +1,271 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"fmt"
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/transport/v2"
+)
+
+// UniversalUDPMux allows multiple connections to go over a single UDP port for
+// host, server reflexive and relayed candidates.
+// Actual connection muxing is happening in the UDPMux.
+type UniversalUDPMux interface {
+	UDPMux
+	GetXORMappedAddr(stunAddr net.Addr, deadline time.Duration) (*stun.XORMappedAddress, error)
+	GetRelayedAddr(turnAddr net.Addr, deadline time.Duration) (*net.Addr, error)
+	GetConnForURL(ufrag string, url string, addr net.Addr) (net.PacketConn, error)
+}
+
+// UniversalUDPMuxDefault handles STUN and TURN servers packets by wrapping the original UDPConn overriding ReadFrom.
+// It the passes packets to the UDPMux that does the actual connection muxing.
+type UniversalUDPMuxDefault struct {
+	*UDPMuxDefault
+	params UniversalUDPMuxParams
+
+	// Since we have a shared socket, for srflx candidates it makes sense to have a shared mapped address across all the agents
+	// stun.XORMappedAddress indexed by the STUN server addr
+	xorMappedMap map[string]*xorMapped
+}
+
+// UniversalUDPMuxParams are parameters for UniversalUDPMux server reflexive.
+type UniversalUDPMuxParams struct {
+	Logger                logging.LeveledLogger
+	UDPConn               net.PacketConn
+	XORMappedAddrCacheTTL time.Duration
+	Net                   transport.Net
+}
+
+// NewUniversalUDPMuxDefault creates an implementation of UniversalUDPMux embedding UDPMux
+func NewUniversalUDPMuxDefault(params UniversalUDPMuxParams) *UniversalUDPMuxDefault {
+	if params.Logger == nil {
+		params.Logger = logging.NewDefaultLoggerFactory().NewLogger("ice")
+	}
+	if params.XORMappedAddrCacheTTL == 0 {
+		params.XORMappedAddrCacheTTL = time.Second * 25
+	}
+
+	m := &UniversalUDPMuxDefault{
+		params:       params,
+		xorMappedMap: make(map[string]*xorMapped),
+	}
+
+	// Wrap UDP connection, process server reflexive messages
+	// before they are passed to the UDPMux connection handler (connWorker)
+	m.params.UDPConn = &udpConn{
+		PacketConn: params.UDPConn,
+		mux:        m,
+		logger:     params.Logger,
+	}
+
+	// Embed UDPMux
+	udpMuxParams := UDPMuxParams{
+		Logger:  params.Logger,
+		UDPConn: m.params.UDPConn,
+		Net:     m.params.Net,
+	}
+	m.UDPMuxDefault = NewUDPMuxDefault(udpMuxParams)
+
+	return m
+}
+
+// udpConn is a wrapper around UDPMux conn that overrides ReadFrom and handles STUN/TURN packets
+type udpConn struct {
+	net.PacketConn
+	mux    *UniversalUDPMuxDefault
+	logger logging.LeveledLogger
+}
+
+// GetRelayedAddr creates relayed connection to the given TURN service and returns the relayed addr.
+// Not implemented yet.
+func (m *UniversalUDPMuxDefault) GetRelayedAddr(net.Addr, time.Duration) (*net.Addr, error) {
+	return nil, errNotImplemented
+}
+
+// GetConnForURL add uniques to the muxed connection by concatenating ufrag and URL (e.g. STUN URL) to be able to support multiple STUN/TURN servers
+// and return a unique connection per server.
+func (m *UniversalUDPMuxDefault) GetConnForURL(ufrag string, url string, addr net.Addr) (net.PacketConn, error) {
+	return m.UDPMuxDefault.GetConn(fmt.Sprintf("%s%s", ufrag, url), addr)
+}
+
+// ReadFrom is called by UDPMux connWorker and handles packets coming from the STUN server discovering a mapped address.
+// It passes processed packets further to the UDPMux (maybe this is not really necessary).
+func (c *udpConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
+	n, addr, err = c.PacketConn.ReadFrom(p)
+	if err != nil {
+		return
+	}
+
+	if stun.IsMessage(p[:n]) {
+		msg := &stun.Message{
+			Raw: append([]byte{}, p[:n]...),
+		}
+
+		if err = msg.Decode(); err != nil {
+			c.logger.Warnf("Failed to handle decode ICE from %s: %v", addr.String(), err)
+			err = nil
+			return
+		}
+
+		udpAddr, ok := addr.(*net.UDPAddr)
+		if !ok {
+			// Message about this err will be logged in the UDPMux
+			return
+		}
+
+		if c.mux.isXORMappedResponse(msg, udpAddr.String()) {
+			err = c.mux.handleXORMappedResponse(udpAddr, msg)
+			if err != nil {
+				c.logger.Debugf("%w: %v", errGetXorMappedAddrResponse, err)
+				err = nil
+			}
+			return
+		}
+	}
+	return n, addr, err
+}
+
+// isXORMappedResponse indicates whether the message is a XORMappedAddress and is coming from the known STUN server.
+func (m *UniversalUDPMuxDefault) isXORMappedResponse(msg *stun.Message, stunAddr string) bool {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	// Check first if it is a STUN server address because remote peer can also send similar messages but as a BindingSuccess
+	_, ok := m.xorMappedMap[stunAddr]
+	_, err := msg.Get(stun.AttrXORMappedAddress)
+	return err == nil && ok
+}
+
+// handleXORMappedResponse parses response from the STUN server, extracts XORMappedAddress attribute
+// and set the mapped address for the server
+func (m *UniversalUDPMuxDefault) handleXORMappedResponse(stunAddr *net.UDPAddr, msg *stun.Message) error {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+
+	mappedAddr, ok := m.xorMappedMap[stunAddr.String()]
+	if !ok {
+		return errNoXorAddrMapping
+	}
+
+	var addr stun.XORMappedAddress
+	if err := addr.GetFrom(msg); err != nil {
+		return err
+	}
+
+	m.xorMappedMap[stunAddr.String()] = mappedAddr
+	mappedAddr.SetAddr(&addr)
+
+	return nil
+}
+
+// GetXORMappedAddr returns *stun.XORMappedAddress if already present for a given STUN server.
+// Makes a STUN binding request to discover mapped address otherwise.
+// Blocks until the stun.XORMappedAddress has been discovered or deadline.
+// Method is safe for concurrent use.
+func (m *UniversalUDPMuxDefault) GetXORMappedAddr(serverAddr net.Addr, deadline time.Duration) (*stun.XORMappedAddress, error) {
+	m.mu.Lock()
+	mappedAddr, ok := m.xorMappedMap[serverAddr.String()]
+	// If we already have a mapping for this STUN server (address already received)
+	// and if it is not too old we return it without making a new request to STUN server
+	if ok {
+		if mappedAddr.expired() {
+			mappedAddr.closeWaiters()
+			delete(m.xorMappedMap, serverAddr.String())
+			ok = false
+		} else if mappedAddr.pending() {
+			ok = false
+		}
+	}
+	m.mu.Unlock()
+	if ok {
+		return mappedAddr.addr, nil
+	}
+
+	// Otherwise, make a STUN request to discover the address
+	// or wait for already sent request to complete
+	waitAddrReceived, err := m.writeSTUN(serverAddr)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %s", errWriteSTUNMessage, err) //nolint:errorlint
+	}
+
+	// Block until response was handled by the connWorker routine and XORMappedAddress was updated
+	select {
+	case <-waitAddrReceived:
+		// When channel closed, addr was obtained
+		m.mu.Lock()
+		mappedAddr := *m.xorMappedMap[serverAddr.String()]
+		m.mu.Unlock()
+		if mappedAddr.addr == nil {
+			return nil, errNoXorAddrMapping
+		}
+		return mappedAddr.addr, nil
+	case <-time.After(deadline):
+		return nil, errXORMappedAddrTimeout
+	}
+}
+
+// writeSTUN sends a STUN request via UDP conn.
+//
+// The returned channel is closed when the STUN response has been received.
+// Method is safe for concurrent use.
+func (m *UniversalUDPMuxDefault) writeSTUN(serverAddr net.Addr) (chan struct{}, error) {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+
+	// If record present in the map, we already sent a STUN request,
+	// just wait when waitAddrReceived will be closed
+	addrMap, ok := m.xorMappedMap[serverAddr.String()]
+	if !ok {
+		addrMap = &xorMapped{
+			expiresAt:        time.Now().Add(m.params.XORMappedAddrCacheTTL),
+			waitAddrReceived: make(chan struct{}),
+		}
+		m.xorMappedMap[serverAddr.String()] = addrMap
+	}
+
+	req, err := stun.Build(stun.BindingRequest, stun.TransactionID)
+	if err != nil {
+		return nil, err
+	}
+
+	if _, err = m.params.UDPConn.WriteTo(req.Raw, serverAddr); err != nil {
+		return nil, err
+	}
+
+	return addrMap.waitAddrReceived, nil
+}
+
+type xorMapped struct {
+	addr             *stun.XORMappedAddress
+	waitAddrReceived chan struct{}
+	expiresAt        time.Time
+}
+
+func (a *xorMapped) closeWaiters() {
+	select {
+	case <-a.waitAddrReceived:
+		// Notify was close, ok, that means we received duplicate response just exit
+		break
+	default:
+		// Notify tha twe have a new addr
+		close(a.waitAddrReceived)
+	}
+}
+
+func (a *xorMapped) pending() bool {
+	return a.addr == nil
+}
+
+func (a *xorMapped) expired() bool {
+	return a.expiresAt.Before(time.Now())
+}
+
+func (a *xorMapped) SetAddr(addr *stun.XORMappedAddress) {
+	a.addr = addr
+	a.closeWaiters()
+}
diff --git a/server/vendor/github.com/pion/ice/v2/udp_muxed_conn.go b/server/vendor/github.com/pion/ice/v2/udp_muxed_conn.go
new file mode 100644
index 0000000..322d020
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/udp_muxed_conn.go
@@ -0,0 +1,248 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import (
+	"io"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+type udpMuxedConnState int
+
+const (
+	udpMuxedConnOpen udpMuxedConnState = iota
+	udpMuxedConnWaiting
+	udpMuxedConnClosed
+)
+
+type udpMuxedConnAddr struct {
+	ip   [16]byte
+	port uint16
+}
+
+func newUDPMuxedConnAddr(addr *net.UDPAddr) (a udpMuxedConnAddr) {
+	copy(a.ip[:], addr.IP.To16())
+	a.port = uint16(addr.Port)
+	return a
+}
+
+type udpMuxedConnParams struct {
+	Mux       *UDPMuxDefault
+	AddrPool  *sync.Pool
+	Key       string
+	LocalAddr net.Addr
+	Logger    logging.LeveledLogger
+}
+
+// udpMuxedConn represents a logical packet conn for a single remote as identified by ufrag
+type udpMuxedConn struct {
+	params *udpMuxedConnParams
+	// Remote addresses that we have sent to on this conn
+	addresses []udpMuxedConnAddr
+
+	// FIFO queue holding incoming packets
+	bufHead, bufTail *bufferHolder
+	notify           chan struct{}
+	closedChan       chan struct{}
+	state            udpMuxedConnState
+	mu               sync.Mutex
+}
+
+func newUDPMuxedConn(params *udpMuxedConnParams) *udpMuxedConn {
+	return &udpMuxedConn{
+		params:     params,
+		notify:     make(chan struct{}, 1),
+		closedChan: make(chan struct{}),
+	}
+}
+
+func (c *udpMuxedConn) ReadFrom(b []byte) (n int, rAddr net.Addr, err error) {
+	for {
+		c.mu.Lock()
+		if c.bufTail != nil {
+			pkt := c.bufTail
+			c.bufTail = pkt.next
+
+			if pkt == c.bufHead {
+				c.bufHead = nil
+			}
+			c.mu.Unlock()
+
+			if len(b) < len(pkt.buf) {
+				err = io.ErrShortBuffer
+			} else {
+				n = copy(b, pkt.buf)
+				rAddr = pkt.addr
+			}
+
+			pkt.reset()
+			c.params.AddrPool.Put(pkt)
+
+			return
+		}
+
+		if c.state == udpMuxedConnClosed {
+			c.mu.Unlock()
+			return 0, nil, io.EOF
+		}
+
+		c.state = udpMuxedConnWaiting
+		c.mu.Unlock()
+
+		select {
+		case <-c.notify:
+		case <-c.closedChan:
+			return 0, nil, io.EOF
+		}
+	}
+}
+
+func (c *udpMuxedConn) WriteTo(buf []byte, rAddr net.Addr) (n int, err error) {
+	if c.isClosed() {
+		return 0, io.ErrClosedPipe
+	}
+	// Each time we write to a new address, we'll register it with the mux
+	addr := newUDPMuxedConnAddr(rAddr.(*net.UDPAddr))
+	if !c.containsAddress(addr) {
+		c.addAddress(addr)
+	}
+
+	return c.params.Mux.writeTo(buf, rAddr)
+}
+
+func (c *udpMuxedConn) LocalAddr() net.Addr {
+	return c.params.LocalAddr
+}
+
+func (c *udpMuxedConn) SetDeadline(time.Time) error {
+	return nil
+}
+
+func (c *udpMuxedConn) SetReadDeadline(time.Time) error {
+	return nil
+}
+
+func (c *udpMuxedConn) SetWriteDeadline(time.Time) error {
+	return nil
+}
+
+func (c *udpMuxedConn) CloseChannel() <-chan struct{} {
+	return c.closedChan
+}
+
+func (c *udpMuxedConn) Close() error {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	if c.state != udpMuxedConnClosed {
+		for pkt := c.bufTail; pkt != nil; {
+			next := pkt.next
+
+			pkt.reset()
+			c.params.AddrPool.Put(pkt)
+
+			pkt = next
+		}
+		c.bufHead = nil
+		c.bufTail = nil
+
+		c.state = udpMuxedConnClosed
+		close(c.closedChan)
+	}
+	return nil
+}
+
+func (c *udpMuxedConn) isClosed() bool {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	return c.state == udpMuxedConnClosed
+}
+
+func (c *udpMuxedConn) getAddresses() []udpMuxedConnAddr {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	addresses := make([]udpMuxedConnAddr, len(c.addresses))
+	copy(addresses, c.addresses)
+	return addresses
+}
+
+func (c *udpMuxedConn) addAddress(addr udpMuxedConnAddr) {
+	c.mu.Lock()
+	c.addresses = append(c.addresses, addr)
+	c.mu.Unlock()
+
+	// Map it on mux
+	c.params.Mux.registerConnForAddress(c, addr)
+}
+
+func (c *udpMuxedConn) removeAddress(addr udpMuxedConnAddr) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	newAddresses := make([]udpMuxedConnAddr, 0, len(c.addresses))
+	for _, a := range c.addresses {
+		if a != addr {
+			newAddresses = append(newAddresses, a)
+		}
+	}
+
+	c.addresses = newAddresses
+}
+
+func (c *udpMuxedConn) containsAddress(addr udpMuxedConnAddr) bool {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	for _, a := range c.addresses {
+		if addr == a {
+			return true
+		}
+	}
+	return false
+}
+
+func (c *udpMuxedConn) writePacket(data []byte, addr *net.UDPAddr) error {
+	pkt := c.params.AddrPool.Get().(*bufferHolder) //nolint:forcetypeassert
+	if cap(pkt.buf) < len(data) {
+		c.params.AddrPool.Put(pkt)
+		return io.ErrShortBuffer
+	}
+
+	pkt.buf = append(pkt.buf[:0], data...)
+	pkt.addr = addr
+
+	c.mu.Lock()
+	if c.state == udpMuxedConnClosed {
+		c.mu.Unlock()
+
+		pkt.reset()
+		c.params.AddrPool.Put(pkt)
+
+		return io.ErrClosedPipe
+	}
+
+	if c.bufHead != nil {
+		c.bufHead.next = pkt
+	}
+	c.bufHead = pkt
+
+	if c.bufTail == nil {
+		c.bufTail = pkt
+	}
+
+	state := c.state
+	c.state = udpMuxedConnOpen
+	c.mu.Unlock()
+
+	if state == udpMuxedConnWaiting {
+		select {
+		case c.notify <- struct{}{}:
+		default:
+		}
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/ice/v2/url.go b/server/vendor/github.com/pion/ice/v2/url.go
new file mode 100644
index 0000000..b2b9f8b
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/url.go
@@ -0,0 +1,82 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "github.com/pion/stun"
+
+type (
+	// URL represents a STUN (rfc7064) or TURN (rfc7065) URI
+	//
+	// Deprecated: Please use pion/stun.URI
+	URL = stun.URI
+
+	// ProtoType indicates the transport protocol type that is used in the ice.URL
+	// structure.
+	//
+	// Deprecated: TPlease use pion/stun.ProtoType
+	ProtoType = stun.ProtoType
+
+	// SchemeType indicates the type of server used in the ice.URL structure.
+	//
+	// Deprecated: Please use pion/stun.SchemeType
+	SchemeType = stun.SchemeType
+)
+
+const (
+	// SchemeTypeSTUN indicates the URL represents a STUN server.
+	//
+	// Deprecated: Please use pion/stun.SchemeTypeSTUN
+	SchemeTypeSTUN = stun.SchemeTypeSTUN
+
+	// SchemeTypeSTUNS indicates the URL represents a STUNS (secure) server.
+	//
+	// Deprecated: Please use pion/stun.SchemeTypeSTUNS
+	SchemeTypeSTUNS = stun.SchemeTypeSTUNS
+
+	// SchemeTypeTURN indicates the URL represents a TURN server.
+	//
+	// Deprecated: Please use pion/stun.SchemeTypeTURN
+	SchemeTypeTURN = stun.SchemeTypeTURN
+
+	// SchemeTypeTURNS indicates the URL represents a TURNS (secure) server.
+	//
+	// Deprecated: Please use pion/stun.SchemeTypeTURNS
+	SchemeTypeTURNS = stun.SchemeTypeTURNS
+)
+
+const (
+	// ProtoTypeUDP indicates the URL uses a UDP transport.
+	//
+	// Deprecated: Please use pion/stun.ProtoTypeUDP
+	ProtoTypeUDP = stun.ProtoTypeUDP
+
+	// ProtoTypeTCP indicates the URL uses a TCP transport.
+	//
+	// Deprecated: Please use pion/stun.ProtoTypeTCP
+	ProtoTypeTCP = stun.ProtoTypeTCP
+)
+
+// Unknown represents and unknown ProtoType or SchemeType
+//
+// Deprecated: Please use pion/stun.SchemeTypeUnknown or pion/stun.ProtoTypeUnknown
+const Unknown = 0
+
+// ParseURL parses a STUN or TURN urls following the ABNF syntax described in
+// https://tools.ietf.org/html/rfc7064 and https://tools.ietf.org/html/rfc7065
+// respectively.
+//
+// Deprecated: Please use pion/stun.ParseURI
+var ParseURL = stun.ParseURI //nolint:gochecknoglobals
+
+// NewSchemeType defines a procedure for creating a new SchemeType from a raw
+// string naming the scheme type.
+//
+// Deprecated: Please use pion/stun.NewSchemeType
+var NewSchemeType = stun.NewSchemeType //nolint:gochecknoglobals
+
+// NewProtoType defines a procedure for creating a new ProtoType from a raw
+// string naming the transport protocol type.
+//
+// Deprecated: Please use pion/stun.NewProtoType
+var NewProtoType = stun.NewProtoType //nolint:gochecknoglobals
diff --git a/server/vendor/github.com/pion/ice/v2/usecandidate.go b/server/vendor/github.com/pion/ice/v2/usecandidate.go
new file mode 100644
index 0000000..6fc7ed5
--- /dev/null
+++ b/server/vendor/github.com/pion/ice/v2/usecandidate.go
@@ -0,0 +1,26 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package ice
+
+import "github.com/pion/stun"
+
+// UseCandidateAttr represents USE-CANDIDATE attribute.
+type UseCandidateAttr struct{}
+
+// AddTo adds USE-CANDIDATE attribute to message.
+func (UseCandidateAttr) AddTo(m *stun.Message) error {
+	m.Add(stun.AttrUseCandidate, nil)
+	return nil
+}
+
+// IsSet returns true if USE-CANDIDATE attribute is set.
+func (UseCandidateAttr) IsSet(m *stun.Message) bool {
+	_, err := m.Get(stun.AttrUseCandidate)
+	return err == nil
+}
+
+// UseCandidate is shorthand for UseCandidateAttr.
+func UseCandidate() UseCandidateAttr {
+	return UseCandidateAttr{}
+}
diff --git a/server/vendor/github.com/pion/interceptor/.gitignore b/server/vendor/github.com/pion/interceptor/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/interceptor/.golangci.yml b/server/vendor/github.com/pion/interceptor/.golangci.yml
new file mode 100644
index 0000000..e06de4d
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/.golangci.yml
@@ -0,0 +1,125 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    enable:
+      - shadow
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-dirs-use-default: false
+  exclude-rules:
+    # Allow complex tests and examples, better to be self contained
+    - path: (examples|main\.go|_test\.go)
+      linters:
+        - forbidigo
+        - gocognit
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
diff --git a/server/vendor/github.com/pion/interceptor/.goreleaser.yml b/server/vendor/github.com/pion/interceptor/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/interceptor/LICENSE b/server/vendor/github.com/pion/interceptor/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/interceptor/README.md b/server/vendor/github.com/pion/interceptor/README.md
new file mode 100644
index 0000000..5db5d44
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/README.md
@@ -0,0 +1,84 @@
+<h1 align="center">
+  <br>
+  Pion Interceptor
+  <br>
+</h1>
+<h4 align="center">RTCP and RTCP processors for building real time communications</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-interceptor-gray.svg?longCache=true&colorB=brightgreen" alt="Pion Interceptor"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/interceptor/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/interceptor"><img src="https://pkg.go.dev/badge/github.com/pion/interceptor.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/interceptor"><img src="https://codecov.io/gh/pion/interceptor/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/interceptor"><img src="https://goreportcard.com/badge/github.com/pion/interceptor" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+Interceptor is a framework for building RTP/RTCP communication software. This framework defines
+a interface that each interceptor must satisfy. These interceptors are then run sequentially. We
+also then provide common interceptors that will be useful for building RTC software.
+
+This package was built for [pion/webrtc](https://github.com/pion/webrtc), but we designed it to be consumable
+by anyone. With the following tenets in mind.
+
+* Useful defaults. Each interceptor will be configured to give you a good default experience.
+* Unblock unique use cases. New use cases are what is driving WebRTC, we want to empower them.
+* Encourage modification. Add your own interceptors without forking. Mixing with the ones we provide.
+* Empower learning. This code base should be useful to read and learn even if you aren't using Pion.
+
+### Current Interceptors
+* [NACK Generator/Responder](https://github.com/pion/interceptor/tree/master/pkg/nack)
+* [Sender and Receiver Reports](https://github.com/pion/interceptor/tree/master/pkg/report)
+* [Transport Wide Congestion Control Feedback](https://github.com/pion/interceptor/tree/master/pkg/twcc)
+* [Packet Dump](https://github.com/pion/interceptor/tree/master/pkg/packetdump)
+* [Google Congestion Control](https://github.com/pion/interceptor/tree/master/pkg/gcc)
+* [Stats](https://github.com/pion/interceptor/tree/master/pkg/stats) A [webrtc-stats](https://www.w3.org/TR/webrtc-stats/) compliant statistics generation
+* [Interval PLI](https://github.com/pion/interceptor/tree/master/pkg/intervalpli) Generate PLI on a interval. Useful when no decoder is available.
+
+### Planned Interceptors
+* Bandwidth Estimation
+  - [NADA](https://tools.ietf.org/html/rfc8698)
+* JitterBuffer, re-order packets and wait for arrival
+* [FlexFec](https://tools.ietf.org/html/draft-ietf-payload-flexible-fec-scheme-20)
+* [RTCP Feedback for Congestion Control](https://datatracker.ietf.org/doc/html/rfc8888) the standardized alternative to TWCC.
+
+### Interceptor Public API
+The public interface is defined in [interceptor.go](https://github.com/pion/interceptor/blob/master/interceptor.go).
+The methods you need to satisy are broken up into 4 groups.
+
+* `BindRTCPWriter` and `BindRTCPReader` allow you to inspect/modify RTCP traffic.
+* `BindLocalStream` and `BindRemoteStream` notify you of a new SSRC stream and allow you to inspect/modify.
+* `UnbindLocalStream` and `UnbindRemoteStream` notify you when a SSRC stream has been removed
+* `Close` called when the interceptor is closed.
+
+Interceptors also pass Attributes between each other. These are a collection of key/value pairs and are useful for storing metadata
+or caching.
+
+[noop.go](https://github.com/pion/interceptor/blob/master/noop.go) is an interceptor that satisfies this interface, but does nothing.
+You can embed this interceptor as a starting point so you only need to define exactly what you need.
+
+[chain.go]( https://github.com/pion/interceptor/blob/master/chain.go) is used to combine multiple interceptors into one. They are called
+sequentially as the packet moves through them.
+
+### Examples
+The [examples](https://github.com/pion/interceptor/blob/master/examples) directory provides some basic examples. If you need more please file an issue!
+You should also look in [pion/webrtc](https://github.com/pion/webrtc) for real world examples.
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/interceptor/attributes.go b/server/vendor/github.com/pion/interceptor/attributes.go
new file mode 100644
index 0000000..d7936d5
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/attributes.go
@@ -0,0 +1,68 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package interceptor
+
+import (
+	"errors"
+
+	"github.com/pion/rtcp"
+	"github.com/pion/rtp"
+)
+
+type unmarshaledDataKeyType int
+
+const (
+	rtpHeaderKey unmarshaledDataKeyType = iota
+	rtcpPacketsKey
+)
+
+var errInvalidType = errors.New("found value of invalid type in attributes map")
+
+// Attributes are a generic key/value store used by interceptors
+type Attributes map[interface{}]interface{}
+
+// Get returns the attribute associated with key.
+func (a Attributes) Get(key interface{}) interface{} {
+	return a[key]
+}
+
+// Set sets the attribute associated with key to the given value.
+func (a Attributes) Set(key interface{}, val interface{}) {
+	a[key] = val
+}
+
+// GetRTPHeader gets the RTP header if present. If it is not present, it will be
+// unmarshalled from the raw byte slice and stored in the attribtues.
+func (a Attributes) GetRTPHeader(raw []byte) (*rtp.Header, error) {
+	if val, ok := a[rtpHeaderKey]; ok {
+		if header, ok := val.(*rtp.Header); ok {
+			return header, nil
+		}
+		return nil, errInvalidType
+	}
+	header := &rtp.Header{}
+	if _, err := header.Unmarshal(raw); err != nil {
+		return nil, err
+	}
+	a[rtpHeaderKey] = header
+	return header, nil
+}
+
+// GetRTCPPackets gets the RTCP packets if present. If the packet slice is not
+// present, it will be unmarshaled from the raw byte slice and stored in the
+// attributes.
+func (a Attributes) GetRTCPPackets(raw []byte) ([]rtcp.Packet, error) {
+	if val, ok := a[rtcpPacketsKey]; ok {
+		if packets, ok := val.([]rtcp.Packet); ok {
+			return packets, nil
+		}
+		return nil, errInvalidType
+	}
+	pkts, err := rtcp.Unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	a[rtcpPacketsKey] = pkts
+	return pkts, nil
+}
diff --git a/server/vendor/github.com/pion/interceptor/chain.go b/server/vendor/github.com/pion/interceptor/chain.go
new file mode 100644
index 0000000..267f366
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/chain.go
@@ -0,0 +1,78 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package interceptor
+
+// Chain is an interceptor that runs all child interceptors in order.
+type Chain struct {
+	interceptors []Interceptor
+}
+
+// NewChain returns a new Chain interceptor.
+func NewChain(interceptors []Interceptor) *Chain {
+	return &Chain{interceptors: interceptors}
+}
+
+// BindRTCPReader lets you modify any incoming RTCP packets. It is called once per sender/receiver, however this might
+// change in the future. The returned method will be called once per packet batch.
+func (i *Chain) BindRTCPReader(reader RTCPReader) RTCPReader {
+	for _, interceptor := range i.interceptors {
+		reader = interceptor.BindRTCPReader(reader)
+	}
+
+	return reader
+}
+
+// BindRTCPWriter lets you modify any outgoing RTCP packets. It is called once per PeerConnection. The returned method
+// will be called once per packet batch.
+func (i *Chain) BindRTCPWriter(writer RTCPWriter) RTCPWriter {
+	for _, interceptor := range i.interceptors {
+		writer = interceptor.BindRTCPWriter(writer)
+	}
+
+	return writer
+}
+
+// BindLocalStream lets you modify any outgoing RTP packets. It is called once for per LocalStream. The returned method
+// will be called once per rtp packet.
+func (i *Chain) BindLocalStream(ctx *StreamInfo, writer RTPWriter) RTPWriter {
+	for _, interceptor := range i.interceptors {
+		writer = interceptor.BindLocalStream(ctx, writer)
+	}
+
+	return writer
+}
+
+// UnbindLocalStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+func (i *Chain) UnbindLocalStream(ctx *StreamInfo) {
+	for _, interceptor := range i.interceptors {
+		interceptor.UnbindLocalStream(ctx)
+	}
+}
+
+// BindRemoteStream lets you modify any incoming RTP packets. It is called once for per RemoteStream. The returned method
+// will be called once per rtp packet.
+func (i *Chain) BindRemoteStream(ctx *StreamInfo, reader RTPReader) RTPReader {
+	for _, interceptor := range i.interceptors {
+		reader = interceptor.BindRemoteStream(ctx, reader)
+	}
+
+	return reader
+}
+
+// UnbindRemoteStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+func (i *Chain) UnbindRemoteStream(ctx *StreamInfo) {
+	for _, interceptor := range i.interceptors {
+		interceptor.UnbindRemoteStream(ctx)
+	}
+}
+
+// Close closes the Interceptor, cleaning up any data if necessary.
+func (i *Chain) Close() error {
+	var errs []error
+	for _, interceptor := range i.interceptors {
+		errs = append(errs, interceptor.Close())
+	}
+
+	return flattenErrs(errs)
+}
diff --git a/server/vendor/github.com/pion/interceptor/codecov.yml b/server/vendor/github.com/pion/interceptor/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/interceptor/errors.go b/server/vendor/github.com/pion/interceptor/errors.go
new file mode 100644
index 0000000..3dafee3
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/errors.go
@@ -0,0 +1,54 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package interceptor
+
+import (
+	"errors"
+	"strings"
+)
+
+func flattenErrs(errs []error) error {
+	errs2 := []error{}
+	for _, e := range errs {
+		if e != nil {
+			errs2 = append(errs2, e)
+		}
+	}
+	if len(errs2) == 0 {
+		return nil
+	}
+	return multiError(errs2)
+}
+
+type multiError []error //nolint
+
+func (me multiError) Error() string {
+	var errstrings []string
+
+	for _, err := range me {
+		if err != nil {
+			errstrings = append(errstrings, err.Error())
+		}
+	}
+
+	if len(errstrings) == 0 {
+		return "multiError must contain multiple error but is empty"
+	}
+
+	return strings.Join(errstrings, "\n")
+}
+
+func (me multiError) Is(err error) bool {
+	for _, e := range me {
+		if errors.Is(e, err) {
+			return true
+		}
+		if me2, ok := e.(multiError); ok { //nolint
+			if me2.Is(err) {
+				return true
+			}
+		}
+	}
+	return false
+}
diff --git a/server/vendor/github.com/pion/interceptor/interceptor.go b/server/vendor/github.com/pion/interceptor/interceptor.go
new file mode 100644
index 0000000..c6ba532
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/interceptor.go
@@ -0,0 +1,102 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package interceptor contains the Interceptor interface, with some useful interceptors that should be safe to use
+// in most cases.
+package interceptor
+
+import (
+	"io"
+
+	"github.com/pion/rtcp"
+	"github.com/pion/rtp"
+)
+
+// Factory provides an interface for constructing interceptors
+type Factory interface {
+	NewInterceptor(id string) (Interceptor, error)
+}
+
+// Interceptor can be used to add functionality to you PeerConnections by modifying any incoming/outgoing rtp/rtcp
+// packets, or sending your own packets as needed.
+type Interceptor interface {
+	// BindRTCPReader lets you modify any incoming RTCP packets. It is called once per sender/receiver, however this might
+	// change in the future. The returned method will be called once per packet batch.
+	BindRTCPReader(reader RTCPReader) RTCPReader
+
+	// BindRTCPWriter lets you modify any outgoing RTCP packets. It is called once per PeerConnection. The returned method
+	// will be called once per packet batch.
+	BindRTCPWriter(writer RTCPWriter) RTCPWriter
+
+	// BindLocalStream lets you modify any outgoing RTP packets. It is called once for per LocalStream. The returned method
+	// will be called once per rtp packet.
+	BindLocalStream(info *StreamInfo, writer RTPWriter) RTPWriter
+
+	// UnbindLocalStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+	UnbindLocalStream(info *StreamInfo)
+
+	// BindRemoteStream lets you modify any incoming RTP packets. It is called once for per RemoteStream. The returned method
+	// will be called once per rtp packet.
+	BindRemoteStream(info *StreamInfo, reader RTPReader) RTPReader
+
+	// UnbindRemoteStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+	UnbindRemoteStream(info *StreamInfo)
+
+	io.Closer
+}
+
+// RTPWriter is used by Interceptor.BindLocalStream.
+type RTPWriter interface {
+	// Write a rtp packet
+	Write(header *rtp.Header, payload []byte, attributes Attributes) (int, error)
+}
+
+// RTPReader is used by Interceptor.BindRemoteStream.
+type RTPReader interface {
+	// Read a rtp packet
+	Read([]byte, Attributes) (int, Attributes, error)
+}
+
+// RTCPWriter is used by Interceptor.BindRTCPWriter.
+type RTCPWriter interface {
+	// Write a batch of rtcp packets
+	Write(pkts []rtcp.Packet, attributes Attributes) (int, error)
+}
+
+// RTCPReader is used by Interceptor.BindRTCPReader.
+type RTCPReader interface {
+	// Read a batch of rtcp packets
+	Read([]byte, Attributes) (int, Attributes, error)
+}
+
+// RTPWriterFunc is an adapter for RTPWrite interface
+type RTPWriterFunc func(header *rtp.Header, payload []byte, attributes Attributes) (int, error)
+
+// RTPReaderFunc is an adapter for RTPReader interface
+type RTPReaderFunc func([]byte, Attributes) (int, Attributes, error)
+
+// RTCPWriterFunc is an adapter for RTCPWriter interface
+type RTCPWriterFunc func(pkts []rtcp.Packet, attributes Attributes) (int, error)
+
+// RTCPReaderFunc is an adapter for RTCPReader interface
+type RTCPReaderFunc func([]byte, Attributes) (int, Attributes, error)
+
+// Write a rtp packet
+func (f RTPWriterFunc) Write(header *rtp.Header, payload []byte, attributes Attributes) (int, error) {
+	return f(header, payload, attributes)
+}
+
+// Read a rtp packet
+func (f RTPReaderFunc) Read(b []byte, a Attributes) (int, Attributes, error) {
+	return f(b, a)
+}
+
+// Write a batch of rtcp packets
+func (f RTCPWriterFunc) Write(pkts []rtcp.Packet, attributes Attributes) (int, error) {
+	return f(pkts, attributes)
+}
+
+// Read a batch of rtcp packets
+func (f RTCPReaderFunc) Read(b []byte, a Attributes) (int, Attributes, error) {
+	return f(b, a)
+}
diff --git a/server/vendor/github.com/pion/interceptor/internal/ntp/ntp.go b/server/vendor/github.com/pion/interceptor/internal/ntp/ntp.go
new file mode 100644
index 0000000..69f98d6
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/internal/ntp/ntp.go
@@ -0,0 +1,30 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package ntp provides conversion methods between time.Time and NTP timestamps
+// stored in uint64
+package ntp
+
+import (
+	"time"
+)
+
+// ToNTP converts a time.Time oboject to an uint64 NTP timestamp
+func ToNTP(t time.Time) uint64 {
+	// seconds since 1st January 1900
+	s := (float64(t.UnixNano()) / 1000000000) + 2208988800
+
+	// higher 32 bits are the integer part, lower 32 bits are the fractional part
+	integerPart := uint32(s)
+	fractionalPart := uint32((s - float64(integerPart)) * 0xFFFFFFFF)
+	return uint64(integerPart)<<32 | uint64(fractionalPart)
+}
+
+// ToTime converts a uint64 NTP timestamps to a time.Time object
+func ToTime(t uint64) time.Time {
+	seconds := (t & 0xFFFFFFFF00000000) >> 32
+	fractional := float64(t&0x00000000FFFFFFFF) / float64(0xFFFFFFFF)
+	d := time.Duration(seconds)*time.Second + time.Duration(fractional*1e9)*time.Nanosecond
+
+	return time.Unix(0, 0).Add(-2208988800 * time.Second).Add(d)
+}
diff --git a/server/vendor/github.com/pion/interceptor/internal/sequencenumber/unwrapper.go b/server/vendor/github.com/pion/interceptor/internal/sequencenumber/unwrapper.go
new file mode 100644
index 0000000..311ff09
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/internal/sequencenumber/unwrapper.go
@@ -0,0 +1,45 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package sequencenumber provides a sequence number unwrapper
+package sequencenumber
+
+const (
+	maxSequenceNumberPlusOne = int64(65536)
+	breakpoint               = 32768 // half of max uint16
+)
+
+// Unwrapper stores an unwrapped sequence number
+type Unwrapper struct {
+	init          bool
+	lastUnwrapped int64
+}
+
+func isNewer(value, previous uint16) bool {
+	if value-previous == breakpoint {
+		return value > previous
+	}
+	return value != previous && (value-previous) < breakpoint
+}
+
+// Unwrap unwraps the next sequencenumber
+func (u *Unwrapper) Unwrap(i uint16) int64 {
+	if !u.init {
+		u.init = true
+		u.lastUnwrapped = int64(i)
+		return u.lastUnwrapped
+	}
+
+	lastWrapped := uint16(u.lastUnwrapped)
+	delta := int64(i - lastWrapped)
+	if isNewer(i, lastWrapped) {
+		if delta < 0 {
+			delta += maxSequenceNumberPlusOne
+		}
+	} else if delta > 0 && u.lastUnwrapped+delta-maxSequenceNumberPlusOne >= 0 {
+		delta -= maxSequenceNumberPlusOne
+	}
+
+	u.lastUnwrapped += delta
+	return u.lastUnwrapped
+}
diff --git a/server/vendor/github.com/pion/interceptor/noop.go b/server/vendor/github.com/pion/interceptor/noop.go
new file mode 100644
index 0000000..b0fc2a6
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/noop.go
@@ -0,0 +1,43 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package interceptor
+
+// NoOp is an Interceptor that does not modify any packets. It can embedded in other interceptors, so it's
+// possible to implement only a subset of the methods.
+type NoOp struct{}
+
+// BindRTCPReader lets you modify any incoming RTCP packets. It is called once per sender/receiver, however this might
+// change in the future. The returned method will be called once per packet batch.
+func (i *NoOp) BindRTCPReader(reader RTCPReader) RTCPReader {
+	return reader
+}
+
+// BindRTCPWriter lets you modify any outgoing RTCP packets. It is called once per PeerConnection. The returned method
+// will be called once per packet batch.
+func (i *NoOp) BindRTCPWriter(writer RTCPWriter) RTCPWriter {
+	return writer
+}
+
+// BindLocalStream lets you modify any outgoing RTP packets. It is called once for per LocalStream. The returned method
+// will be called once per rtp packet.
+func (i *NoOp) BindLocalStream(_ *StreamInfo, writer RTPWriter) RTPWriter {
+	return writer
+}
+
+// UnbindLocalStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+func (i *NoOp) UnbindLocalStream(_ *StreamInfo) {}
+
+// BindRemoteStream lets you modify any incoming RTP packets. It is called once for per RemoteStream. The returned method
+// will be called once per rtp packet.
+func (i *NoOp) BindRemoteStream(_ *StreamInfo, reader RTPReader) RTPReader {
+	return reader
+}
+
+// UnbindRemoteStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+func (i *NoOp) UnbindRemoteStream(_ *StreamInfo) {}
+
+// Close closes the Interceptor, cleaning up any data if necessary.
+func (i *NoOp) Close() error {
+	return nil
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/errors.go b/server/vendor/github.com/pion/interceptor/pkg/nack/errors.go
new file mode 100644
index 0000000..b47ec39
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/errors.go
@@ -0,0 +1,15 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package nack
+
+import "errors"
+
+// ErrInvalidSize is returned by newReceiveLog/newSendBuffer, when an incorrect buffer size is supplied.
+var ErrInvalidSize = errors.New("invalid buffer size")
+
+var (
+	errPacketReleased          = errors.New("could not retain packet, already released")
+	errFailedToCastHeaderPool  = errors.New("could not access header pool, failed cast")
+	errFailedToCastPayloadPool = errors.New("could not access payload pool, failed cast")
+)
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/generator_interceptor.go b/server/vendor/github.com/pion/interceptor/pkg/nack/generator_interceptor.go
new file mode 100644
index 0000000..051e424
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/generator_interceptor.go
@@ -0,0 +1,216 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package nack
+
+import (
+	"math/rand"
+	"sync"
+	"time"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/logging"
+	"github.com/pion/rtcp"
+)
+
+// GeneratorInterceptorFactory is a interceptor.Factory for a GeneratorInterceptor
+type GeneratorInterceptorFactory struct {
+	opts []GeneratorOption
+}
+
+// NewInterceptor constructs a new ReceiverInterceptor
+func (g *GeneratorInterceptorFactory) NewInterceptor(_ string) (interceptor.Interceptor, error) {
+	i := &GeneratorInterceptor{
+		size:              512,
+		skipLastN:         0,
+		maxNacksPerPacket: 0,
+		interval:          time.Millisecond * 100,
+		receiveLogs:       map[uint32]*receiveLog{},
+		nackCountLogs:     map[uint32]map[uint16]uint16{},
+		close:             make(chan struct{}),
+		log:               logging.NewDefaultLoggerFactory().NewLogger("nack_generator"),
+	}
+
+	for _, opt := range g.opts {
+		if err := opt(i); err != nil {
+			return nil, err
+		}
+	}
+
+	if _, err := newReceiveLog(i.size); err != nil {
+		return nil, err
+	}
+
+	return i, nil
+}
+
+// GeneratorInterceptor interceptor generates nack feedback messages.
+type GeneratorInterceptor struct {
+	interceptor.NoOp
+	size              uint16
+	skipLastN         uint16
+	maxNacksPerPacket uint16
+	interval          time.Duration
+	m                 sync.Mutex
+	wg                sync.WaitGroup
+	close             chan struct{}
+	log               logging.LeveledLogger
+	nackCountLogs     map[uint32]map[uint16]uint16
+
+	receiveLogs   map[uint32]*receiveLog
+	receiveLogsMu sync.Mutex
+}
+
+// NewGeneratorInterceptor returns a new GeneratorInterceptorFactory
+func NewGeneratorInterceptor(opts ...GeneratorOption) (*GeneratorInterceptorFactory, error) {
+	return &GeneratorInterceptorFactory{opts}, nil
+}
+
+// BindRTCPWriter lets you modify any outgoing RTCP packets. It is called once per PeerConnection. The returned method
+// will be called once per packet batch.
+func (n *GeneratorInterceptor) BindRTCPWriter(writer interceptor.RTCPWriter) interceptor.RTCPWriter {
+	n.m.Lock()
+	defer n.m.Unlock()
+
+	if n.isClosed() {
+		return writer
+	}
+
+	n.wg.Add(1)
+
+	go n.loop(writer)
+
+	return writer
+}
+
+// BindRemoteStream lets you modify any incoming RTP packets. It is called once for per RemoteStream. The returned method
+// will be called once per rtp packet.
+func (n *GeneratorInterceptor) BindRemoteStream(info *interceptor.StreamInfo, reader interceptor.RTPReader) interceptor.RTPReader {
+	if !streamSupportNack(info) {
+		return reader
+	}
+
+	// error is already checked in NewGeneratorInterceptor
+	receiveLog, _ := newReceiveLog(n.size)
+	n.receiveLogsMu.Lock()
+	n.receiveLogs[info.SSRC] = receiveLog
+	n.receiveLogsMu.Unlock()
+
+	return interceptor.RTPReaderFunc(func(b []byte, a interceptor.Attributes) (int, interceptor.Attributes, error) {
+		i, attr, err := reader.Read(b, a)
+		if err != nil {
+			return 0, nil, err
+		}
+
+		if attr == nil {
+			attr = make(interceptor.Attributes)
+		}
+		header, err := attr.GetRTPHeader(b[:i])
+		if err != nil {
+			return 0, nil, err
+		}
+		receiveLog.add(header.SequenceNumber)
+
+		return i, attr, nil
+	})
+}
+
+// UnbindRemoteStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+func (n *GeneratorInterceptor) UnbindRemoteStream(info *interceptor.StreamInfo) {
+	n.receiveLogsMu.Lock()
+	delete(n.receiveLogs, info.SSRC)
+	n.receiveLogsMu.Unlock()
+}
+
+// Close closes the interceptor
+func (n *GeneratorInterceptor) Close() error {
+	defer n.wg.Wait()
+	n.m.Lock()
+	defer n.m.Unlock()
+
+	if !n.isClosed() {
+		close(n.close)
+	}
+
+	return nil
+}
+
+// nolint:gocognit
+func (n *GeneratorInterceptor) loop(rtcpWriter interceptor.RTCPWriter) {
+	defer n.wg.Done()
+
+	senderSSRC := rand.Uint32() // #nosec
+
+	ticker := time.NewTicker(n.interval)
+	defer ticker.Stop()
+	for {
+		select {
+		case <-ticker.C:
+			func() {
+				n.receiveLogsMu.Lock()
+				defer n.receiveLogsMu.Unlock()
+
+				for ssrc, receiveLog := range n.receiveLogs {
+					missing := receiveLog.missingSeqNumbers(n.skipLastN)
+
+					if len(missing) == 0 || n.nackCountLogs[ssrc] == nil {
+						n.nackCountLogs[ssrc] = map[uint16]uint16{}
+					}
+					if len(missing) == 0 {
+						continue
+					}
+
+					filteredMissing := []uint16{}
+					if n.maxNacksPerPacket > 0 {
+						for _, missingSeq := range missing {
+							if n.nackCountLogs[ssrc][missingSeq] < n.maxNacksPerPacket {
+								filteredMissing = append(filteredMissing, missingSeq)
+							}
+							n.nackCountLogs[ssrc][missingSeq]++
+						}
+					} else {
+						filteredMissing = missing
+					}
+
+					nack := &rtcp.TransportLayerNack{
+						SenderSSRC: senderSSRC,
+						MediaSSRC:  ssrc,
+						Nacks:      rtcp.NackPairsFromSequenceNumbers(filteredMissing),
+					}
+
+					for nackSeq := range n.nackCountLogs[ssrc] {
+						isMissing := false
+						for _, missingSeq := range missing {
+							if missingSeq == nackSeq {
+								isMissing = true
+								break
+							}
+						}
+						if !isMissing {
+							delete(n.nackCountLogs[ssrc], nackSeq)
+						}
+					}
+
+					if len(filteredMissing) == 0 {
+						continue
+					}
+
+					if _, err := rtcpWriter.Write([]rtcp.Packet{nack}, interceptor.Attributes{}); err != nil {
+						n.log.Warnf("failed sending nack: %+v", err)
+					}
+				}
+			}()
+		case <-n.close:
+			return
+		}
+	}
+}
+
+func (n *GeneratorInterceptor) isClosed() bool {
+	select {
+	case <-n.close:
+		return true
+	default:
+		return false
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/generator_option.go b/server/vendor/github.com/pion/interceptor/pkg/nack/generator_option.go
new file mode 100644
index 0000000..346bc99
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/generator_option.go
@@ -0,0 +1,56 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package nack
+
+import (
+	"time"
+
+	"github.com/pion/logging"
+)
+
+// GeneratorOption can be used to configure GeneratorInterceptor
+type GeneratorOption func(r *GeneratorInterceptor) error
+
+// GeneratorSize sets the size of the interceptor.
+// Size must be one of: 64, 128, 256, 512, 1024, 2048, 4096, 8192, 16384, 32768
+func GeneratorSize(size uint16) GeneratorOption {
+	return func(r *GeneratorInterceptor) error {
+		r.size = size
+		return nil
+	}
+}
+
+// GeneratorSkipLastN sets the number of packets (n-1 packets before the last received packets) to ignore when generating
+// nack requests.
+func GeneratorSkipLastN(skipLastN uint16) GeneratorOption {
+	return func(r *GeneratorInterceptor) error {
+		r.skipLastN = skipLastN
+		return nil
+	}
+}
+
+// GeneratorMaxNacksPerPacket sets the maximum number of NACKs sent per missing packet, e.g. if set to 2, a missing
+// packet will only be NACKed at most twice. If set to 0 (default), max number of NACKs is unlimited
+func GeneratorMaxNacksPerPacket(maxNacks uint16) GeneratorOption {
+	return func(r *GeneratorInterceptor) error {
+		r.maxNacksPerPacket = maxNacks
+		return nil
+	}
+}
+
+// GeneratorLog sets a logger for the interceptor
+func GeneratorLog(log logging.LeveledLogger) GeneratorOption {
+	return func(r *GeneratorInterceptor) error {
+		r.log = log
+		return nil
+	}
+}
+
+// GeneratorInterval sets the nack send interval for the interceptor
+func GeneratorInterval(interval time.Duration) GeneratorOption {
+	return func(r *GeneratorInterceptor) error {
+		r.interval = interval
+		return nil
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/nack.go b/server/vendor/github.com/pion/interceptor/pkg/nack/nack.go
new file mode 100644
index 0000000..b7589eb
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/nack.go
@@ -0,0 +1,17 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package nack provides interceptors to implement sending and receiving negative acknowledgements
+package nack
+
+import "github.com/pion/interceptor"
+
+func streamSupportNack(info *interceptor.StreamInfo) bool {
+	for _, fb := range info.RTCPFeedback {
+		if fb.Type == "nack" && fb.Parameter == "" {
+			return true
+		}
+	}
+
+	return false
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/receive_log.go b/server/vendor/github.com/pion/interceptor/pkg/nack/receive_log.go
new file mode 100644
index 0000000..6a19996
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/receive_log.go
@@ -0,0 +1,138 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package nack
+
+import (
+	"fmt"
+	"sync"
+)
+
+type receiveLog struct {
+	packets         []uint64
+	size            uint16
+	end             uint16
+	started         bool
+	lastConsecutive uint16
+	m               sync.RWMutex
+}
+
+func newReceiveLog(size uint16) (*receiveLog, error) {
+	allowedSizes := make([]uint16, 0)
+	correctSize := false
+	for i := 6; i < 16; i++ {
+		if size == 1<<i {
+			correctSize = true
+			break
+		}
+		allowedSizes = append(allowedSizes, 1<<i)
+	}
+
+	if !correctSize {
+		return nil, fmt.Errorf("%w: %d is not a valid size, allowed sizes: %v", ErrInvalidSize, size, allowedSizes)
+	}
+
+	return &receiveLog{
+		packets: make([]uint64, size/64),
+		size:    size,
+	}, nil
+}
+
+func (s *receiveLog) add(seq uint16) {
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	if !s.started {
+		s.setReceived(seq)
+		s.end = seq
+		s.started = true
+		s.lastConsecutive = seq
+		return
+	}
+
+	diff := seq - s.end
+	switch {
+	case diff == 0:
+		return
+	case diff < uint16SizeHalf:
+		// this means a positive diff, in other words seq > end (with counting for rollovers)
+		for i := s.end + 1; i != seq; i++ {
+			// clear packets between end and seq (these may contain packets from a "size" ago)
+			s.delReceived(i)
+		}
+		s.end = seq
+
+		if s.lastConsecutive+1 == seq {
+			s.lastConsecutive = seq
+		} else if seq-s.lastConsecutive > s.size {
+			s.lastConsecutive = seq - s.size
+			s.fixLastConsecutive() // there might be valid packets at the beginning of the buffer now
+		}
+	case s.lastConsecutive+1 == seq:
+		// negative diff, seq < end (with counting for rollovers)
+		s.lastConsecutive = seq
+		s.fixLastConsecutive() // there might be other valid packets after seq
+	}
+
+	s.setReceived(seq)
+}
+
+func (s *receiveLog) get(seq uint16) bool {
+	s.m.RLock()
+	defer s.m.RUnlock()
+
+	diff := s.end - seq
+	if diff >= uint16SizeHalf {
+		return false
+	}
+
+	if diff >= s.size {
+		return false
+	}
+
+	return s.getReceived(seq)
+}
+
+func (s *receiveLog) missingSeqNumbers(skipLastN uint16) []uint16 {
+	s.m.RLock()
+	defer s.m.RUnlock()
+
+	until := s.end - skipLastN
+	if until-s.lastConsecutive >= uint16SizeHalf {
+		// until < s.lastConsecutive (counting for rollover)
+		return nil
+	}
+
+	missingPacketSeqNums := make([]uint16, 0)
+	for i := s.lastConsecutive + 1; i != until+1; i++ {
+		if !s.getReceived(i) {
+			missingPacketSeqNums = append(missingPacketSeqNums, i)
+		}
+	}
+
+	return missingPacketSeqNums
+}
+
+func (s *receiveLog) setReceived(seq uint16) {
+	pos := seq % s.size
+	s.packets[pos/64] |= 1 << (pos % 64)
+}
+
+func (s *receiveLog) delReceived(seq uint16) {
+	pos := seq % s.size
+	s.packets[pos/64] &^= 1 << (pos % 64)
+}
+
+func (s *receiveLog) getReceived(seq uint16) bool {
+	pos := seq % s.size
+	return (s.packets[pos/64] & (1 << (pos % 64))) != 0
+}
+
+func (s *receiveLog) fixLastConsecutive() {
+	i := s.lastConsecutive + 1
+	for ; i != s.end+1 && s.getReceived(i); i++ { //nolint:revive
+		// find all consecutive packets
+	}
+
+	s.lastConsecutive = i - 1
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/responder_interceptor.go b/server/vendor/github.com/pion/interceptor/pkg/nack/responder_interceptor.go
new file mode 100644
index 0000000..8f74952
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/responder_interceptor.go
@@ -0,0 +1,149 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package nack
+
+import (
+	"sync"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/logging"
+	"github.com/pion/rtcp"
+	"github.com/pion/rtp"
+)
+
+// ResponderInterceptorFactory is a interceptor.Factory for a ResponderInterceptor
+type ResponderInterceptorFactory struct {
+	opts []ResponderOption
+}
+
+type packetFactory interface {
+	NewPacket(header *rtp.Header, payload []byte) (*retainablePacket, error)
+}
+
+// NewInterceptor constructs a new ResponderInterceptor
+func (r *ResponderInterceptorFactory) NewInterceptor(_ string) (interceptor.Interceptor, error) {
+	i := &ResponderInterceptor{
+		size:    1024,
+		log:     logging.NewDefaultLoggerFactory().NewLogger("nack_responder"),
+		streams: map[uint32]*localStream{},
+	}
+
+	for _, opt := range r.opts {
+		if err := opt(i); err != nil {
+			return nil, err
+		}
+	}
+
+	if i.packetFactory == nil {
+		i.packetFactory = newPacketManager()
+	}
+
+	if _, err := newSendBuffer(i.size); err != nil {
+		return nil, err
+	}
+
+	return i, nil
+}
+
+// ResponderInterceptor responds to nack feedback messages
+type ResponderInterceptor struct {
+	interceptor.NoOp
+	size          uint16
+	log           logging.LeveledLogger
+	packetFactory packetFactory
+
+	streams   map[uint32]*localStream
+	streamsMu sync.Mutex
+}
+
+type localStream struct {
+	sendBuffer *sendBuffer
+	rtpWriter  interceptor.RTPWriter
+}
+
+// NewResponderInterceptor returns a new ResponderInterceptorFactor
+func NewResponderInterceptor(opts ...ResponderOption) (*ResponderInterceptorFactory, error) {
+	return &ResponderInterceptorFactory{opts}, nil
+}
+
+// BindRTCPReader lets you modify any incoming RTCP packets. It is called once per sender/receiver, however this might
+// change in the future. The returned method will be called once per packet batch.
+func (n *ResponderInterceptor) BindRTCPReader(reader interceptor.RTCPReader) interceptor.RTCPReader {
+	return interceptor.RTCPReaderFunc(func(b []byte, a interceptor.Attributes) (int, interceptor.Attributes, error) {
+		i, attr, err := reader.Read(b, a)
+		if err != nil {
+			return 0, nil, err
+		}
+
+		if attr == nil {
+			attr = make(interceptor.Attributes)
+		}
+		pkts, err := attr.GetRTCPPackets(b[:i])
+		if err != nil {
+			return 0, nil, err
+		}
+		for _, rtcpPacket := range pkts {
+			nack, ok := rtcpPacket.(*rtcp.TransportLayerNack)
+			if !ok {
+				continue
+			}
+
+			go n.resendPackets(nack)
+		}
+
+		return i, attr, err
+	})
+}
+
+// BindLocalStream lets you modify any outgoing RTP packets. It is called once for per LocalStream. The returned method
+// will be called once per rtp packet.
+func (n *ResponderInterceptor) BindLocalStream(info *interceptor.StreamInfo, writer interceptor.RTPWriter) interceptor.RTPWriter {
+	if !streamSupportNack(info) {
+		return writer
+	}
+
+	// error is already checked in NewGeneratorInterceptor
+	sendBuffer, _ := newSendBuffer(n.size)
+	n.streamsMu.Lock()
+	n.streams[info.SSRC] = &localStream{sendBuffer: sendBuffer, rtpWriter: writer}
+	n.streamsMu.Unlock()
+
+	return interceptor.RTPWriterFunc(func(header *rtp.Header, payload []byte, attributes interceptor.Attributes) (int, error) {
+		pkt, err := n.packetFactory.NewPacket(header, payload)
+		if err != nil {
+			return 0, err
+		}
+		sendBuffer.add(pkt)
+		return writer.Write(header, payload, attributes)
+	})
+}
+
+// UnbindLocalStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+func (n *ResponderInterceptor) UnbindLocalStream(info *interceptor.StreamInfo) {
+	n.streamsMu.Lock()
+	delete(n.streams, info.SSRC)
+	n.streamsMu.Unlock()
+}
+
+func (n *ResponderInterceptor) resendPackets(nack *rtcp.TransportLayerNack) {
+	n.streamsMu.Lock()
+	stream, ok := n.streams[nack.MediaSSRC]
+	n.streamsMu.Unlock()
+	if !ok {
+		return
+	}
+
+	for i := range nack.Nacks {
+		nack.Nacks[i].Range(func(seq uint16) bool {
+			if p := stream.sendBuffer.get(seq); p != nil {
+				if _, err := stream.rtpWriter.Write(p.Header(), p.Payload(), interceptor.Attributes{}); err != nil {
+					n.log.Warnf("failed resending nacked packet: %+v", err)
+				}
+				p.Release()
+			}
+
+			return true
+		})
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/responder_option.go b/server/vendor/github.com/pion/interceptor/pkg/nack/responder_option.go
new file mode 100644
index 0000000..0aaa757
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/responder_option.go
@@ -0,0 +1,35 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package nack
+
+import "github.com/pion/logging"
+
+// ResponderOption can be used to configure ResponderInterceptor
+type ResponderOption func(s *ResponderInterceptor) error
+
+// ResponderSize sets the size of the interceptor.
+// Size must be one of: 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1024, 2048, 4096, 8192, 16384, 32768
+func ResponderSize(size uint16) ResponderOption {
+	return func(r *ResponderInterceptor) error {
+		r.size = size
+		return nil
+	}
+}
+
+// ResponderLog sets a logger for the interceptor
+func ResponderLog(log logging.LeveledLogger) ResponderOption {
+	return func(r *ResponderInterceptor) error {
+		r.log = log
+		return nil
+	}
+}
+
+// DisableCopy bypasses copy of underlying packets. It should be used when
+// you are not re-using underlying buffers of packets that have been written
+func DisableCopy() ResponderOption {
+	return func(s *ResponderInterceptor) error {
+		s.packetFactory = &noOpPacketFactory{}
+		return nil
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/retainable_packet.go b/server/vendor/github.com/pion/interceptor/pkg/nack/retainable_packet.go
new file mode 100644
index 0000000..31e9d83
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/retainable_packet.go
@@ -0,0 +1,132 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package nack
+
+import (
+	"io"
+	"sync"
+
+	"github.com/pion/rtp"
+)
+
+const maxPayloadLen = 1460
+
+type packetManager struct {
+	headerPool  *sync.Pool
+	payloadPool *sync.Pool
+}
+
+func newPacketManager() *packetManager {
+	return &packetManager{
+		headerPool: &sync.Pool{
+			New: func() interface{} {
+				return &rtp.Header{}
+			},
+		},
+		payloadPool: &sync.Pool{
+			New: func() interface{} {
+				buf := make([]byte, maxPayloadLen)
+				return &buf
+			},
+		},
+	}
+}
+
+func (m *packetManager) NewPacket(header *rtp.Header, payload []byte) (*retainablePacket, error) {
+	if len(payload) > maxPayloadLen {
+		return nil, io.ErrShortBuffer
+	}
+
+	p := &retainablePacket{
+		onRelease: m.releasePacket,
+		// new packets have retain count of 1
+		count: 1,
+	}
+
+	var ok bool
+	p.header, ok = m.headerPool.Get().(*rtp.Header)
+	if !ok {
+		return nil, errFailedToCastHeaderPool
+	}
+
+	*p.header = header.Clone()
+
+	if payload != nil {
+		p.buffer, ok = m.payloadPool.Get().(*[]byte)
+		if !ok {
+			return nil, errFailedToCastPayloadPool
+		}
+
+		size := copy(*p.buffer, payload)
+		p.payload = (*p.buffer)[:size]
+	}
+
+	return p, nil
+}
+
+func (m *packetManager) releasePacket(header *rtp.Header, payload *[]byte) {
+	m.headerPool.Put(header)
+	if payload != nil {
+		m.payloadPool.Put(payload)
+	}
+}
+
+type noOpPacketFactory struct{}
+
+func (f *noOpPacketFactory) NewPacket(header *rtp.Header, payload []byte) (*retainablePacket, error) {
+	return &retainablePacket{
+		onRelease: f.releasePacket,
+		count:     1,
+		header:    header,
+		payload:   payload,
+	}, nil
+}
+
+func (f *noOpPacketFactory) releasePacket(_ *rtp.Header, _ *[]byte) {
+	// no-op
+}
+
+type retainablePacket struct {
+	onRelease func(*rtp.Header, *[]byte)
+
+	countMu sync.Mutex
+	count   int
+
+	header  *rtp.Header
+	buffer  *[]byte
+	payload []byte
+}
+
+func (p *retainablePacket) Header() *rtp.Header {
+	return p.header
+}
+
+func (p *retainablePacket) Payload() []byte {
+	return p.payload
+}
+
+func (p *retainablePacket) Retain() error {
+	p.countMu.Lock()
+	defer p.countMu.Unlock()
+	if p.count == 0 {
+		// already released
+		return errPacketReleased
+	}
+	p.count++
+	return nil
+}
+
+func (p *retainablePacket) Release() {
+	p.countMu.Lock()
+	defer p.countMu.Unlock()
+	p.count--
+
+	if p.count == 0 {
+		// release back to pool
+		p.onRelease(p.header, p.buffer)
+		p.header = nil
+		p.buffer = nil
+		p.payload = nil
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/nack/send_buffer.go b/server/vendor/github.com/pion/interceptor/pkg/nack/send_buffer.go
new file mode 100644
index 0000000..e8e816f
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/nack/send_buffer.go
@@ -0,0 +1,104 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package nack
+
+import (
+	"fmt"
+	"sync"
+)
+
+const (
+	uint16SizeHalf = 1 << 15
+)
+
+type sendBuffer struct {
+	packets   []*retainablePacket
+	size      uint16
+	lastAdded uint16
+	started   bool
+
+	m sync.RWMutex
+}
+
+func newSendBuffer(size uint16) (*sendBuffer, error) {
+	allowedSizes := make([]uint16, 0)
+	correctSize := false
+	for i := 0; i < 16; i++ {
+		if size == 1<<i {
+			correctSize = true
+			break
+		}
+		allowedSizes = append(allowedSizes, 1<<i)
+	}
+
+	if !correctSize {
+		return nil, fmt.Errorf("%w: %d is not a valid size, allowed sizes: %v", ErrInvalidSize, size, allowedSizes)
+	}
+
+	return &sendBuffer{
+		packets: make([]*retainablePacket, size),
+		size:    size,
+	}, nil
+}
+
+func (s *sendBuffer) add(packet *retainablePacket) {
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	seq := packet.Header().SequenceNumber
+	if !s.started {
+		s.packets[seq%s.size] = packet
+		s.lastAdded = seq
+		s.started = true
+		return
+	}
+
+	diff := seq - s.lastAdded
+	if diff == 0 {
+		return
+	} else if diff < uint16SizeHalf {
+		for i := s.lastAdded + 1; i != seq; i++ {
+			idx := i % s.size
+			prevPacket := s.packets[idx]
+			if prevPacket != nil {
+				prevPacket.Release()
+			}
+			s.packets[idx] = nil
+		}
+	}
+
+	idx := seq % s.size
+	prevPacket := s.packets[idx]
+	if prevPacket != nil {
+		prevPacket.Release()
+	}
+	s.packets[idx] = packet
+	s.lastAdded = seq
+}
+
+func (s *sendBuffer) get(seq uint16) *retainablePacket {
+	s.m.RLock()
+	defer s.m.RUnlock()
+
+	diff := s.lastAdded - seq
+	if diff >= uint16SizeHalf {
+		return nil
+	}
+
+	if diff >= s.size {
+		return nil
+	}
+
+	pkt := s.packets[seq%s.size]
+	if pkt != nil {
+		if pkt.Header().SequenceNumber != seq {
+			return nil
+		}
+		// already released
+		if err := pkt.Retain(); err != nil {
+			return nil
+		}
+	}
+	return pkt
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/report/receiver_interceptor.go b/server/vendor/github.com/pion/interceptor/pkg/report/receiver_interceptor.go
new file mode 100644
index 0000000..0afbd08
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/report/receiver_interceptor.go
@@ -0,0 +1,184 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package report
+
+import (
+	"sync"
+	"time"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/logging"
+	"github.com/pion/rtcp"
+)
+
+// ReceiverInterceptorFactory is a interceptor.Factory for a ReceiverInterceptor
+type ReceiverInterceptorFactory struct {
+	opts []ReceiverOption
+}
+
+// NewInterceptor constructs a new ReceiverInterceptor
+func (r *ReceiverInterceptorFactory) NewInterceptor(_ string) (interceptor.Interceptor, error) {
+	i := &ReceiverInterceptor{
+		interval: 1 * time.Second,
+		now:      time.Now,
+		log:      logging.NewDefaultLoggerFactory().NewLogger("receiver_interceptor"),
+		close:    make(chan struct{}),
+	}
+
+	for _, opt := range r.opts {
+		if err := opt(i); err != nil {
+			return nil, err
+		}
+	}
+
+	return i, nil
+}
+
+// NewReceiverInterceptor returns a new ReceiverInterceptorFactory
+func NewReceiverInterceptor(opts ...ReceiverOption) (*ReceiverInterceptorFactory, error) {
+	return &ReceiverInterceptorFactory{opts}, nil
+}
+
+// ReceiverInterceptor interceptor generates receiver reports.
+type ReceiverInterceptor struct {
+	interceptor.NoOp
+	interval time.Duration
+	now      func() time.Time
+	streams  sync.Map
+	log      logging.LeveledLogger
+	m        sync.Mutex
+	wg       sync.WaitGroup
+	close    chan struct{}
+}
+
+func (r *ReceiverInterceptor) isClosed() bool {
+	select {
+	case <-r.close:
+		return true
+	default:
+		return false
+	}
+}
+
+// Close closes the interceptor.
+func (r *ReceiverInterceptor) Close() error {
+	defer r.wg.Wait()
+	r.m.Lock()
+	defer r.m.Unlock()
+
+	if !r.isClosed() {
+		close(r.close)
+	}
+
+	return nil
+}
+
+// BindRTCPWriter lets you modify any outgoing RTCP packets. It is called once per PeerConnection. The returned method
+// will be called once per packet batch.
+func (r *ReceiverInterceptor) BindRTCPWriter(writer interceptor.RTCPWriter) interceptor.RTCPWriter {
+	r.m.Lock()
+	defer r.m.Unlock()
+
+	if r.isClosed() {
+		return writer
+	}
+
+	r.wg.Add(1)
+
+	go r.loop(writer)
+
+	return writer
+}
+
+func (r *ReceiverInterceptor) loop(rtcpWriter interceptor.RTCPWriter) {
+	defer r.wg.Done()
+
+	ticker := time.NewTicker(r.interval)
+	defer ticker.Stop()
+	for {
+		select {
+		case <-ticker.C:
+			now := r.now()
+			r.streams.Range(func(_, value interface{}) bool {
+				if stream, ok := value.(*receiverStream); !ok {
+					r.log.Warnf("failed to cast ReceiverInterceptor stream")
+				} else if _, err := rtcpWriter.Write([]rtcp.Packet{stream.generateReport(now)}, interceptor.Attributes{}); err != nil {
+					r.log.Warnf("failed sending: %+v", err)
+				}
+
+				return true
+			})
+
+		case <-r.close:
+			return
+		}
+	}
+}
+
+// BindRemoteStream lets you modify any incoming RTP packets. It is called once for per RemoteStream. The returned method
+// will be called once per rtp packet.
+func (r *ReceiverInterceptor) BindRemoteStream(info *interceptor.StreamInfo, reader interceptor.RTPReader) interceptor.RTPReader {
+	stream := newReceiverStream(info.SSRC, info.ClockRate)
+	r.streams.Store(info.SSRC, stream)
+
+	return interceptor.RTPReaderFunc(func(b []byte, a interceptor.Attributes) (int, interceptor.Attributes, error) {
+		i, attr, err := reader.Read(b, a)
+		if err != nil {
+			return 0, nil, err
+		}
+
+		if attr == nil {
+			attr = make(interceptor.Attributes)
+		}
+		header, err := attr.GetRTPHeader(b[:i])
+		if err != nil {
+			return 0, nil, err
+		}
+
+		stream.processRTP(r.now(), header)
+
+		return i, attr, nil
+	})
+}
+
+// UnbindRemoteStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+func (r *ReceiverInterceptor) UnbindRemoteStream(info *interceptor.StreamInfo) {
+	r.streams.Delete(info.SSRC)
+}
+
+// BindRTCPReader lets you modify any incoming RTCP packets. It is called once per sender/receiver, however this might
+// change in the future. The returned method will be called once per packet batch.
+func (r *ReceiverInterceptor) BindRTCPReader(reader interceptor.RTCPReader) interceptor.RTCPReader {
+	return interceptor.RTCPReaderFunc(func(b []byte, a interceptor.Attributes) (int, interceptor.Attributes, error) {
+		i, attr, err := reader.Read(b, a)
+		if err != nil {
+			return 0, nil, err
+		}
+
+		if attr == nil {
+			attr = make(interceptor.Attributes)
+		}
+		pkts, err := attr.GetRTCPPackets(b[:i])
+		if err != nil {
+			return 0, nil, err
+		}
+
+		for _, pkt := range pkts {
+			if sr, ok := (pkt).(*rtcp.SenderReport); ok {
+				value, ok := r.streams.Load(sr.SSRC)
+				if !ok {
+					continue
+				}
+
+				if stream, ok := value.(*receiverStream); !ok {
+					r.log.Warnf("failed to cast ReceiverInterceptor stream")
+				} else {
+					stream.processSenderReport(r.now(), sr)
+				}
+			}
+		}
+
+		return i, attr, nil
+	})
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/report/receiver_option.go b/server/vendor/github.com/pion/interceptor/pkg/report/receiver_option.go
new file mode 100644
index 0000000..337a341
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/report/receiver_option.go
@@ -0,0 +1,37 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package report
+
+import (
+	"time"
+
+	"github.com/pion/logging"
+)
+
+// ReceiverOption can be used to configure ReceiverInterceptor.
+type ReceiverOption func(r *ReceiverInterceptor) error
+
+// ReceiverLog sets a logger for the interceptor.
+func ReceiverLog(log logging.LeveledLogger) ReceiverOption {
+	return func(r *ReceiverInterceptor) error {
+		r.log = log
+		return nil
+	}
+}
+
+// ReceiverInterval sets send interval for the interceptor.
+func ReceiverInterval(interval time.Duration) ReceiverOption {
+	return func(r *ReceiverInterceptor) error {
+		r.interval = interval
+		return nil
+	}
+}
+
+// ReceiverNow sets an alternative for the time.Now function.
+func ReceiverNow(f func() time.Time) ReceiverOption {
+	return func(r *ReceiverInterceptor) error {
+		r.now = f
+		return nil
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/report/receiver_stream.go b/server/vendor/github.com/pion/interceptor/pkg/report/receiver_stream.go
new file mode 100644
index 0000000..ebe0847
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/report/receiver_stream.go
@@ -0,0 +1,169 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package report
+
+import (
+	"math/rand"
+	"sync"
+	"time"
+
+	"github.com/pion/rtcp"
+	"github.com/pion/rtp"
+)
+
+const (
+	// packetsPerHistoryEntry represents how many packets are in the bitmask for
+	// each entry in the `packets` slice in the receiver stream. Because we use
+	// a uint64, we can keep track of 64 packets per entry.
+	packetsPerHistoryEntry = 64
+)
+
+type receiverStream struct {
+	ssrc         uint32
+	receiverSSRC uint32
+	clockRate    float64
+
+	m                    sync.Mutex
+	size                 uint16
+	packets              []uint64
+	started              bool
+	seqnumCycles         uint16
+	lastSeqnum           uint16
+	lastReportSeqnum     uint16
+	lastRTPTimeRTP       uint32
+	lastRTPTimeTime      time.Time
+	jitter               float64
+	lastSenderReport     uint32
+	lastSenderReportTime time.Time
+	totalLost            uint32
+}
+
+func newReceiverStream(ssrc uint32, clockRate uint32) *receiverStream {
+	receiverSSRC := rand.Uint32() // #nosec
+	return &receiverStream{
+		ssrc:         ssrc,
+		receiverSSRC: receiverSSRC,
+		clockRate:    float64(clockRate),
+		size:         128,
+		packets:      make([]uint64, 128),
+	}
+}
+
+func (stream *receiverStream) processRTP(now time.Time, pktHeader *rtp.Header) {
+	stream.m.Lock()
+	defer stream.m.Unlock()
+
+	if !stream.started { // first frame
+		stream.started = true
+		stream.setReceived(pktHeader.SequenceNumber)
+		stream.lastSeqnum = pktHeader.SequenceNumber
+		stream.lastReportSeqnum = pktHeader.SequenceNumber - 1
+		stream.lastRTPTimeRTP = pktHeader.Timestamp
+		stream.lastRTPTimeTime = now
+	} else { // following frames
+		stream.setReceived(pktHeader.SequenceNumber)
+
+		diff := pktHeader.SequenceNumber - stream.lastSeqnum
+		if diff > 0 && diff < (1<<15) {
+			// wrap around
+			if pktHeader.SequenceNumber < stream.lastSeqnum {
+				stream.seqnumCycles++
+			}
+
+			// set missing packets as missing
+			for i := stream.lastSeqnum + 1; i != pktHeader.SequenceNumber; i++ {
+				stream.delReceived(i)
+			}
+
+			stream.lastSeqnum = pktHeader.SequenceNumber
+		}
+
+		// compute jitter
+		// https://tools.ietf.org/html/rfc3550#page-39
+		D := now.Sub(stream.lastRTPTimeTime).Seconds()*stream.clockRate -
+			(float64(pktHeader.Timestamp) - float64(stream.lastRTPTimeRTP))
+		if D < 0 {
+			D = -D
+		}
+		stream.jitter += (D - stream.jitter) / 16
+		stream.lastRTPTimeRTP = pktHeader.Timestamp
+		stream.lastRTPTimeTime = now
+	}
+}
+
+func (stream *receiverStream) setReceived(seq uint16) {
+	pos := seq % (stream.size * packetsPerHistoryEntry)
+	stream.packets[pos/packetsPerHistoryEntry] |= 1 << (pos % packetsPerHistoryEntry)
+}
+
+func (stream *receiverStream) delReceived(seq uint16) {
+	pos := seq % (stream.size * packetsPerHistoryEntry)
+	stream.packets[pos/packetsPerHistoryEntry] &^= 1 << (pos % packetsPerHistoryEntry)
+}
+
+func (stream *receiverStream) getReceived(seq uint16) bool {
+	pos := seq % (stream.size * packetsPerHistoryEntry)
+	return (stream.packets[pos/packetsPerHistoryEntry] & (1 << (pos % packetsPerHistoryEntry))) != 0
+}
+
+func (stream *receiverStream) processSenderReport(now time.Time, sr *rtcp.SenderReport) {
+	stream.m.Lock()
+	defer stream.m.Unlock()
+
+	stream.lastSenderReport = uint32(sr.NTPTime >> 16)
+	stream.lastSenderReportTime = now
+}
+
+func (stream *receiverStream) generateReport(now time.Time) *rtcp.ReceiverReport {
+	stream.m.Lock()
+	defer stream.m.Unlock()
+
+	totalSinceReport := stream.lastSeqnum - stream.lastReportSeqnum
+	totalLostSinceReport := func() uint32 {
+		if stream.lastSeqnum == stream.lastReportSeqnum {
+			return 0
+		}
+
+		ret := uint32(0)
+		for i := stream.lastReportSeqnum + 1; i != stream.lastSeqnum; i++ {
+			if !stream.getReceived(i) {
+				ret++
+			}
+		}
+		return ret
+	}()
+	stream.totalLost += totalLostSinceReport
+
+	// allow up to 24 bits
+	if totalLostSinceReport > 0xFFFFFF {
+		totalLostSinceReport = 0xFFFFFF
+	}
+	if stream.totalLost > 0xFFFFFF {
+		stream.totalLost = 0xFFFFFF
+	}
+
+	r := &rtcp.ReceiverReport{
+		SSRC: stream.receiverSSRC,
+		Reports: []rtcp.ReceptionReport{
+			{
+				SSRC:               stream.ssrc,
+				LastSequenceNumber: uint32(stream.seqnumCycles)<<16 | uint32(stream.lastSeqnum),
+				LastSenderReport:   stream.lastSenderReport,
+				FractionLost:       uint8(float64(totalLostSinceReport*256) / float64(totalSinceReport)),
+				TotalLost:          stream.totalLost,
+				Delay: func() uint32 {
+					if stream.lastSenderReportTime.IsZero() {
+						return 0
+					}
+					return uint32(now.Sub(stream.lastSenderReportTime).Seconds() * 65536)
+				}(),
+				Jitter: uint32(stream.jitter),
+			},
+		},
+	}
+
+	stream.lastReportSeqnum = stream.lastSeqnum
+
+	return r
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/report/report.go b/server/vendor/github.com/pion/interceptor/pkg/report/report.go
new file mode 100644
index 0000000..e4d2e64
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/report/report.go
@@ -0,0 +1,5 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package report provides interceptors to implement sending sender and receiver reports.
+package report
diff --git a/server/vendor/github.com/pion/interceptor/pkg/report/sender_interceptor.go b/server/vendor/github.com/pion/interceptor/pkg/report/sender_interceptor.go
new file mode 100644
index 0000000..1b6f4b2
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/report/sender_interceptor.go
@@ -0,0 +1,151 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package report
+
+import (
+	"sync"
+	"time"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/logging"
+	"github.com/pion/rtcp"
+	"github.com/pion/rtp"
+)
+
+// TickerFactory is a factory to create new tickers
+type TickerFactory func(d time.Duration) Ticker
+
+// SenderInterceptorFactory is a interceptor.Factory for a SenderInterceptor
+type SenderInterceptorFactory struct {
+	opts []SenderOption
+}
+
+// NewInterceptor constructs a new SenderInterceptor
+func (s *SenderInterceptorFactory) NewInterceptor(_ string) (interceptor.Interceptor, error) {
+	i := &SenderInterceptor{
+		interval: 1 * time.Second,
+		now:      time.Now,
+		newTicker: func(d time.Duration) Ticker {
+			return &timeTicker{time.NewTicker(d)}
+		},
+		log:   logging.NewDefaultLoggerFactory().NewLogger("sender_interceptor"),
+		close: make(chan struct{}),
+	}
+
+	for _, opt := range s.opts {
+		if err := opt(i); err != nil {
+			return nil, err
+		}
+	}
+
+	return i, nil
+}
+
+// NewSenderInterceptor returns a new SenderInterceptorFactory
+func NewSenderInterceptor(opts ...SenderOption) (*SenderInterceptorFactory, error) {
+	return &SenderInterceptorFactory{opts}, nil
+}
+
+// SenderInterceptor interceptor generates sender reports.
+type SenderInterceptor struct {
+	interceptor.NoOp
+	interval  time.Duration
+	now       func() time.Time
+	newTicker TickerFactory
+	streams   sync.Map
+	log       logging.LeveledLogger
+	m         sync.Mutex
+	wg        sync.WaitGroup
+	close     chan struct{}
+	started   chan struct{}
+
+	useLatestPacket bool
+}
+
+func (s *SenderInterceptor) isClosed() bool {
+	select {
+	case <-s.close:
+		return true
+	default:
+		return false
+	}
+}
+
+// Close closes the interceptor.
+func (s *SenderInterceptor) Close() error {
+	defer s.wg.Wait()
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	if !s.isClosed() {
+		close(s.close)
+	}
+
+	return nil
+}
+
+// BindRTCPWriter lets you modify any outgoing RTCP packets. It is called once per PeerConnection. The returned method
+// will be called once per packet batch.
+func (s *SenderInterceptor) BindRTCPWriter(writer interceptor.RTCPWriter) interceptor.RTCPWriter {
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	if s.isClosed() {
+		return writer
+	}
+
+	s.wg.Add(1)
+
+	go s.loop(writer)
+
+	return writer
+}
+
+func (s *SenderInterceptor) loop(rtcpWriter interceptor.RTCPWriter) {
+	defer s.wg.Done()
+
+	ticker := s.newTicker(s.interval)
+	defer ticker.Stop()
+	if s.started != nil {
+		// This lets us synchronize in tests to know whether the loop has begun or not.
+		// It only happens if started was initialized, which should not occur in non-tests.
+		close(s.started)
+	}
+	for {
+		select {
+		case <-ticker.Ch():
+			now := s.now()
+			s.streams.Range(func(_, value interface{}) bool {
+				if stream, ok := value.(*senderStream); !ok {
+					s.log.Warnf("failed to cast SenderInterceptor stream")
+				} else if _, err := rtcpWriter.Write([]rtcp.Packet{stream.generateReport(now)}, interceptor.Attributes{}); err != nil {
+					s.log.Warnf("failed sending: %+v", err)
+				}
+
+				return true
+			})
+
+		case <-s.close:
+			return
+		}
+	}
+}
+
+// BindLocalStream lets you modify any outgoing RTP packets. It is called once for per LocalStream. The returned method
+// will be called once per rtp packet.
+func (s *SenderInterceptor) BindLocalStream(info *interceptor.StreamInfo, writer interceptor.RTPWriter) interceptor.RTPWriter {
+	stream := newSenderStream(info.SSRC, info.ClockRate, s.useLatestPacket)
+	s.streams.Store(info.SSRC, stream)
+
+	return interceptor.RTPWriterFunc(func(header *rtp.Header, payload []byte, a interceptor.Attributes) (int, error) {
+		stream.processRTP(s.now(), header, payload)
+
+		return writer.Write(header, payload, a)
+	})
+}
+
+// UnbindLocalStream is called when the Stream is removed. It can be used to clean up any data related to that track.
+func (s *SenderInterceptor) UnbindLocalStream(info *interceptor.StreamInfo) {
+	s.streams.Delete(info.SSRC)
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/report/sender_option.go b/server/vendor/github.com/pion/interceptor/pkg/report/sender_option.go
new file mode 100644
index 0000000..1e489b0
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/report/sender_option.go
@@ -0,0 +1,63 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package report
+
+import (
+	"time"
+
+	"github.com/pion/logging"
+)
+
+// SenderOption can be used to configure SenderInterceptor.
+type SenderOption func(r *SenderInterceptor) error
+
+// SenderLog sets a logger for the interceptor.
+func SenderLog(log logging.LeveledLogger) SenderOption {
+	return func(r *SenderInterceptor) error {
+		r.log = log
+		return nil
+	}
+}
+
+// SenderInterval sets send interval for the interceptor.
+func SenderInterval(interval time.Duration) SenderOption {
+	return func(r *SenderInterceptor) error {
+		r.interval = interval
+		return nil
+	}
+}
+
+// SenderNow sets an alternative for the time.Now function.
+func SenderNow(f func() time.Time) SenderOption {
+	return func(r *SenderInterceptor) error {
+		r.now = f
+		return nil
+	}
+}
+
+// SenderTicker sets an alternative for the time.NewTicker function.
+func SenderTicker(f TickerFactory) SenderOption {
+	return func(r *SenderInterceptor) error {
+		r.newTicker = f
+		return nil
+	}
+}
+
+// SenderUseLatestPacket sets the interceptor to always use the latest packet, even
+// if it appears to be out-of-order.
+func SenderUseLatestPacket() SenderOption {
+	return func(r *SenderInterceptor) error {
+		r.useLatestPacket = true
+		return nil
+	}
+}
+
+// enableStartTracking is used by tests to synchronize whether the loop() has begun
+// and it's safe to start sending ticks to the ticker.
+func enableStartTracking(startedCh chan struct{}) SenderOption {
+	return func(r *SenderInterceptor) error {
+		r.started = startedCh
+		return nil
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/report/sender_stream.go b/server/vendor/github.com/pion/interceptor/pkg/report/sender_stream.go
new file mode 100644
index 0000000..44658e2
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/report/sender_stream.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package report
+
+import (
+	"sync"
+	"time"
+
+	"github.com/pion/interceptor/internal/ntp"
+	"github.com/pion/rtcp"
+	"github.com/pion/rtp"
+)
+
+type senderStream struct {
+	ssrc      uint32
+	clockRate float64
+	m         sync.Mutex
+
+	useLatestPacket bool
+
+	// data from rtp packets
+	lastRTPTimeRTP  uint32
+	lastRTPTimeTime time.Time
+	lastRTPSN       uint16
+	packetCount     uint32
+	octetCount      uint32
+}
+
+func newSenderStream(ssrc uint32, clockRate uint32, useLatestPacket bool) *senderStream {
+	return &senderStream{
+		ssrc:            ssrc,
+		clockRate:       float64(clockRate),
+		useLatestPacket: useLatestPacket,
+	}
+}
+
+func (stream *senderStream) processRTP(now time.Time, header *rtp.Header, payload []byte) {
+	stream.m.Lock()
+	defer stream.m.Unlock()
+
+	diff := header.SequenceNumber - stream.lastRTPSN
+	if stream.useLatestPacket || stream.packetCount == 0 || (diff > 0 && diff < (1<<15)) {
+		// Told to consider every packet, or this was the first packet, or it's in-order
+		stream.lastRTPSN = header.SequenceNumber
+		stream.lastRTPTimeRTP = header.Timestamp
+		stream.lastRTPTimeTime = now
+	}
+
+	stream.packetCount++
+	stream.octetCount += uint32(len(payload))
+}
+
+func (stream *senderStream) generateReport(now time.Time) *rtcp.SenderReport {
+	stream.m.Lock()
+	defer stream.m.Unlock()
+
+	return &rtcp.SenderReport{
+		SSRC:        stream.ssrc,
+		NTPTime:     ntp.ToNTP(now),
+		RTPTime:     stream.lastRTPTimeRTP + uint32(now.Sub(stream.lastRTPTimeTime).Seconds()*stream.clockRate),
+		PacketCount: stream.packetCount,
+		OctetCount:  stream.octetCount,
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/report/ticker.go b/server/vendor/github.com/pion/interceptor/pkg/report/ticker.go
new file mode 100644
index 0000000..59a8c6c
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/report/ticker.go
@@ -0,0 +1,20 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package report
+
+import "time"
+
+// Ticker is an interface for *time.Ticker for use with the SenderTicker option.
+type Ticker interface {
+	Ch() <-chan time.Time
+	Stop()
+}
+
+type timeTicker struct {
+	*time.Ticker
+}
+
+func (t *timeTicker) Ch() <-chan time.Time {
+	return t.C
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/twcc/arrival_time_map.go b/server/vendor/github.com/pion/interceptor/pkg/twcc/arrival_time_map.go
new file mode 100644
index 0000000..abca1ff
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/twcc/arrival_time_map.go
@@ -0,0 +1,192 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package twcc
+
+const (
+	minCapacity        = 128
+	maxNumberOfPackets = 1 << 15
+)
+
+// packetArrivalTimeMap is adapted from Chrome's implementation of TWCC, and keeps track
+// of the arrival times of packets. It is used by the TWCC interceptor to build feedback
+// packets.
+// See https://source.chromium.org/chromium/chromium/src/+/refs/heads/main:third_party/webrtc/modules/remote_bitrate_estimator/packet_arrival_map.h;drc=b5cd13bb6d5d157a5fbe3628b2dd1c1e106203c6
+type packetArrivalTimeMap struct {
+	// arrivalTimes is a circular buffer, where the packet with sequence number sn is stored
+	// in slot sn % len(arrivalTimes)
+	arrivalTimes []int64
+
+	// The unwrapped sequence numbers for the range of valid sequence numbers in arrivalTimes.
+	// beginSequenceNumber is inclusive, and endSequenceNumber is exclusive.
+	beginSequenceNumber, endSequenceNumber int64
+}
+
+// AddPacket records the fact that the packet with sequence number sequenceNumber arrived
+// at arrivalTime.
+func (m *packetArrivalTimeMap) AddPacket(sequenceNumber int64, arrivalTime int64) {
+	if m.arrivalTimes == nil {
+		// First packet
+		m.reallocate(minCapacity)
+		m.beginSequenceNumber = sequenceNumber
+		m.endSequenceNumber = sequenceNumber + 1
+		m.arrivalTimes[m.index(sequenceNumber)] = arrivalTime
+		return
+	}
+
+	if sequenceNumber >= m.beginSequenceNumber && sequenceNumber < m.endSequenceNumber {
+		// The packet is within the buffer, no need to resize.
+		m.arrivalTimes[m.index(sequenceNumber)] = arrivalTime
+		return
+	}
+
+	if sequenceNumber < m.beginSequenceNumber {
+		// The packet goes before the current buffer. Expand to add packet,
+		// but only if it fits within the maximum number of packets.
+		newSize := int(m.endSequenceNumber - sequenceNumber)
+		if newSize > maxNumberOfPackets {
+			// Don't expand the buffer back for this packet, as it would remove newer received
+			// packets.
+			return
+		}
+		m.adjustToSize(newSize)
+		m.arrivalTimes[m.index(sequenceNumber)] = arrivalTime
+		m.setNotReceived(sequenceNumber+1, m.beginSequenceNumber)
+		m.beginSequenceNumber = sequenceNumber
+		return
+	}
+
+	// The packet goes after the buffer.
+	newEndSequenceNumber := sequenceNumber + 1
+
+	if newEndSequenceNumber >= m.endSequenceNumber+maxNumberOfPackets {
+		// All old packets have to be removed.
+		m.beginSequenceNumber = sequenceNumber
+		m.endSequenceNumber = newEndSequenceNumber
+		m.arrivalTimes[m.index(sequenceNumber)] = arrivalTime
+		return
+	}
+
+	if m.beginSequenceNumber < newEndSequenceNumber-maxNumberOfPackets {
+		// Remove oldest entries.
+		m.beginSequenceNumber = newEndSequenceNumber - maxNumberOfPackets
+	}
+
+	m.adjustToSize(int(newEndSequenceNumber - m.beginSequenceNumber))
+
+	// Packets can be received out of order. If this isn't the next expected packet,
+	// add enough placeholders to fill the gap.
+	m.setNotReceived(m.endSequenceNumber, sequenceNumber)
+	m.endSequenceNumber = newEndSequenceNumber
+	m.arrivalTimes[m.index(sequenceNumber)] = arrivalTime
+}
+
+func (m *packetArrivalTimeMap) setNotReceived(startInclusive, endExclusive int64) {
+	for sn := startInclusive; sn < endExclusive; sn++ {
+		m.arrivalTimes[m.index(sn)] = -1
+	}
+}
+
+// BeginSequenceNumber returns the first valid sequence number in the map.
+func (m *packetArrivalTimeMap) BeginSequenceNumber() int64 {
+	return m.beginSequenceNumber
+}
+
+// EndSequenceNumber returns the first sequence number after the last valid sequence number in the map.
+func (m *packetArrivalTimeMap) EndSequenceNumber() int64 {
+	return m.endSequenceNumber
+}
+
+// FindNextAtOrAfter returns the sequence number and timestamp of the first received packet that has a sequence number
+// greator or equal to sequenceNumber.
+func (m *packetArrivalTimeMap) FindNextAtOrAfter(sequenceNumber int64) (foundSequenceNumber int64, arrivalTime int64, ok bool) {
+	for sequenceNumber = m.Clamp(sequenceNumber); sequenceNumber < m.endSequenceNumber; sequenceNumber++ {
+		if t := m.get(sequenceNumber); t >= 0 {
+			return sequenceNumber, t, true
+		}
+	}
+	return -1, -1, false
+}
+
+// EraseTo erases all elements from the beginning of the map until sequenceNumber.
+func (m *packetArrivalTimeMap) EraseTo(sequenceNumber int64) {
+	if sequenceNumber < m.beginSequenceNumber {
+		return
+	}
+	if sequenceNumber >= m.endSequenceNumber {
+		// Erase all.
+		m.beginSequenceNumber = m.endSequenceNumber
+		return
+	}
+	// Remove some
+	m.beginSequenceNumber = sequenceNumber
+	m.adjustToSize(int(m.endSequenceNumber - m.beginSequenceNumber))
+}
+
+// RemoveOldPackets removes packets from the beginning of the map as long as they are before
+// sequenceNumber and with an age older than arrivalTimeLimit.
+func (m *packetArrivalTimeMap) RemoveOldPackets(sequenceNumber int64, arrivalTimeLimit int64) {
+	checkTo := min64(sequenceNumber, m.endSequenceNumber)
+	for m.beginSequenceNumber < checkTo && m.get(m.beginSequenceNumber) <= arrivalTimeLimit {
+		m.beginSequenceNumber++
+	}
+	m.adjustToSize(int(m.endSequenceNumber - m.beginSequenceNumber))
+}
+
+// HasReceived returns whether a packet with the sequence number has been received.
+func (m *packetArrivalTimeMap) HasReceived(sequenceNumber int64) bool {
+	return m.get(sequenceNumber) >= 0
+}
+
+// Clamp returns sequenceNumber clamped to [beginSequenceNumber, endSequenceNumber]
+func (m *packetArrivalTimeMap) Clamp(sequenceNumber int64) int64 {
+	if sequenceNumber < m.beginSequenceNumber {
+		return m.beginSequenceNumber
+	}
+	if m.endSequenceNumber < sequenceNumber {
+		return m.endSequenceNumber
+	}
+	return sequenceNumber
+}
+
+func (m *packetArrivalTimeMap) get(sequenceNumber int64) int64 {
+	if sequenceNumber < m.beginSequenceNumber || sequenceNumber >= m.endSequenceNumber {
+		return -1
+	}
+	return m.arrivalTimes[m.index(sequenceNumber)]
+}
+
+func (m *packetArrivalTimeMap) index(sequenceNumber int64) int {
+	// Sequence number might be negative, and we always guarantee that arrivalTimes
+	// length is a power of 2, so it's easier to use "&" instead of "%"
+	return int(sequenceNumber & int64(m.capacity()-1))
+}
+
+func (m *packetArrivalTimeMap) adjustToSize(newSize int) {
+	if newSize > m.capacity() {
+		newCapacity := m.capacity()
+		for newCapacity < newSize {
+			newCapacity *= 2
+		}
+		m.reallocate(newCapacity)
+	}
+	if m.capacity() > max(minCapacity, newSize*4) {
+		newCapacity := m.capacity()
+		for newCapacity >= 2*max(newSize, minCapacity) {
+			newCapacity /= 2
+		}
+		m.reallocate(newCapacity)
+	}
+}
+
+func (m *packetArrivalTimeMap) capacity() int {
+	return len(m.arrivalTimes)
+}
+
+func (m *packetArrivalTimeMap) reallocate(newCapacity int) {
+	newBuffer := make([]int64, newCapacity)
+	for sn := m.beginSequenceNumber; sn < m.endSequenceNumber; sn++ {
+		newBuffer[int(sn&(int64(newCapacity-1)))] = m.get(sn)
+	}
+	m.arrivalTimes = newBuffer
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/twcc/header_extension_interceptor.go b/server/vendor/github.com/pion/interceptor/pkg/twcc/header_extension_interceptor.go
new file mode 100644
index 0000000..791b145
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/twcc/header_extension_interceptor.go
@@ -0,0 +1,66 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package twcc
+
+import (
+	"errors"
+	"sync/atomic"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/rtp"
+)
+
+var errHeaderIsNil = errors.New("header is nil")
+
+// HeaderExtensionInterceptorFactory is a interceptor.Factory for a HeaderExtensionInterceptor
+type HeaderExtensionInterceptorFactory struct{}
+
+// NewInterceptor constructs a new HeaderExtensionInterceptor
+func (h *HeaderExtensionInterceptorFactory) NewInterceptor(_ string) (interceptor.Interceptor, error) {
+	return &HeaderExtensionInterceptor{}, nil
+}
+
+// NewHeaderExtensionInterceptor returns a HeaderExtensionInterceptorFactory
+func NewHeaderExtensionInterceptor() (*HeaderExtensionInterceptorFactory, error) {
+	return &HeaderExtensionInterceptorFactory{}, nil
+}
+
+// HeaderExtensionInterceptor adds transport wide sequence numbers as header extension to each RTP packet
+type HeaderExtensionInterceptor struct {
+	interceptor.NoOp
+	nextSequenceNr uint32
+}
+
+const transportCCURI = "http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01"
+
+// BindLocalStream returns a writer that adds a rtp.TransportCCExtension
+// header with increasing sequence numbers to each outgoing packet.
+func (h *HeaderExtensionInterceptor) BindLocalStream(info *interceptor.StreamInfo, writer interceptor.RTPWriter) interceptor.RTPWriter {
+	var hdrExtID uint8
+	for _, e := range info.RTPHeaderExtensions {
+		if e.URI == transportCCURI {
+			hdrExtID = uint8(e.ID)
+			break
+		}
+	}
+	if hdrExtID == 0 { // Don't add header extension if ID is 0, because 0 is an invalid extension ID
+		return writer
+	}
+	return interceptor.RTPWriterFunc(func(header *rtp.Header, payload []byte, attributes interceptor.Attributes) (int, error) {
+		sequenceNumber := atomic.AddUint32(&h.nextSequenceNr, 1) - 1
+
+		tcc, err := (&rtp.TransportCCExtension{TransportSequence: uint16(sequenceNumber)}).Marshal()
+		if err != nil {
+			return 0, err
+		}
+		if header == nil {
+			return 0, errHeaderIsNil
+		}
+		err = header.SetExtension(hdrExtID, tcc)
+		if err != nil {
+			return 0, err
+		}
+		return writer.Write(header, payload, attributes)
+	})
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/twcc/sender_interceptor.go b/server/vendor/github.com/pion/interceptor/pkg/twcc/sender_interceptor.go
new file mode 100644
index 0000000..d7906fc
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/twcc/sender_interceptor.go
@@ -0,0 +1,207 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package twcc
+
+import (
+	"errors"
+	"math/rand"
+	"sync"
+	"time"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/logging"
+	"github.com/pion/rtp"
+)
+
+// SenderInterceptorFactory is a interceptor.Factory for a SenderInterceptor
+type SenderInterceptorFactory struct {
+	opts []Option
+}
+
+var errClosed = errors.New("interceptor is closed")
+
+// NewInterceptor constructs a new SenderInterceptor
+func (s *SenderInterceptorFactory) NewInterceptor(_ string) (interceptor.Interceptor, error) {
+	i := &SenderInterceptor{
+		log:        logging.NewDefaultLoggerFactory().NewLogger("twcc_sender_interceptor"),
+		packetChan: make(chan packet),
+		close:      make(chan struct{}),
+		interval:   100 * time.Millisecond,
+		startTime:  time.Now(),
+	}
+
+	for _, opt := range s.opts {
+		err := opt(i)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return i, nil
+}
+
+// NewSenderInterceptor returns a new SenderInterceptorFactory configured with the given options.
+func NewSenderInterceptor(opts ...Option) (*SenderInterceptorFactory, error) {
+	return &SenderInterceptorFactory{opts: opts}, nil
+}
+
+// SenderInterceptor sends transport wide congestion control reports as specified in:
+// https://datatracker.ietf.org/doc/html/draft-holmer-rmcat-transport-wide-cc-extensions-01
+type SenderInterceptor struct {
+	interceptor.NoOp
+
+	log logging.LeveledLogger
+
+	m     sync.Mutex
+	wg    sync.WaitGroup
+	close chan struct{}
+
+	interval  time.Duration
+	startTime time.Time
+
+	recorder   *Recorder
+	packetChan chan packet
+}
+
+// An Option is a function that can be used to configure a SenderInterceptor
+type Option func(*SenderInterceptor) error
+
+// SendInterval sets the interval at which the interceptor
+// will send new feedback reports.
+func SendInterval(interval time.Duration) Option {
+	return func(s *SenderInterceptor) error {
+		s.interval = interval
+		return nil
+	}
+}
+
+// BindRTCPWriter lets you modify any outgoing RTCP packets. It is called once per PeerConnection. The returned method
+// will be called once per packet batch.
+func (s *SenderInterceptor) BindRTCPWriter(writer interceptor.RTCPWriter) interceptor.RTCPWriter {
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	s.recorder = NewRecorder(rand.Uint32()) // #nosec
+
+	if s.isClosed() {
+		return writer
+	}
+
+	s.wg.Add(1)
+
+	go s.loop(writer)
+
+	return writer
+}
+
+type packet struct {
+	hdr            *rtp.Header
+	sequenceNumber uint16
+	arrivalTime    int64
+	ssrc           uint32
+}
+
+// BindRemoteStream lets you modify any incoming RTP packets. It is called once for per RemoteStream. The returned method
+// will be called once per rtp packet.
+func (s *SenderInterceptor) BindRemoteStream(info *interceptor.StreamInfo, reader interceptor.RTPReader) interceptor.RTPReader {
+	var hdrExtID uint8
+	for _, e := range info.RTPHeaderExtensions {
+		if e.URI == transportCCURI {
+			hdrExtID = uint8(e.ID)
+			break
+		}
+	}
+	if hdrExtID == 0 { // Don't try to read header extension if ID is 0, because 0 is an invalid extension ID
+		return reader
+	}
+	return interceptor.RTPReaderFunc(func(buf []byte, attributes interceptor.Attributes) (int, interceptor.Attributes, error) {
+		i, attr, err := reader.Read(buf, attributes)
+		if err != nil {
+			return 0, nil, err
+		}
+
+		if attr == nil {
+			attr = make(interceptor.Attributes)
+		}
+		header, err := attr.GetRTPHeader(buf[:i])
+		if err != nil {
+			return 0, nil, err
+		}
+		var tccExt rtp.TransportCCExtension
+		if ext := header.GetExtension(hdrExtID); ext != nil {
+			err = tccExt.Unmarshal(ext)
+			if err != nil {
+				return 0, nil, err
+			}
+
+			p := packet{
+				hdr:            header,
+				sequenceNumber: tccExt.TransportSequence,
+				arrivalTime:    time.Since(s.startTime).Microseconds(),
+				ssrc:           info.SSRC,
+			}
+			select {
+			case <-s.close:
+				return 0, nil, errClosed
+			case s.packetChan <- p:
+			}
+		}
+
+		return i, attr, nil
+	})
+}
+
+// Close closes the interceptor.
+func (s *SenderInterceptor) Close() error {
+	defer s.wg.Wait()
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	if !s.isClosed() {
+		close(s.close)
+	}
+
+	return nil
+}
+
+func (s *SenderInterceptor) isClosed() bool {
+	select {
+	case <-s.close:
+		return true
+	default:
+		return false
+	}
+}
+
+func (s *SenderInterceptor) loop(w interceptor.RTCPWriter) {
+	defer s.wg.Done()
+
+	select {
+	case <-s.close:
+		return
+	case p := <-s.packetChan:
+		s.recorder.Record(p.ssrc, p.sequenceNumber, p.arrivalTime)
+	}
+
+	ticker := time.NewTicker(s.interval)
+	for {
+		select {
+		case <-s.close:
+			ticker.Stop()
+			return
+		case p := <-s.packetChan:
+			s.recorder.Record(p.ssrc, p.sequenceNumber, p.arrivalTime)
+
+		case <-ticker.C:
+			// build and send twcc
+			pkts := s.recorder.BuildFeedbackPacket()
+			if len(pkts) == 0 {
+				continue
+			}
+			if _, err := w.Write(pkts, nil); err != nil {
+				s.log.Error(err.Error())
+			}
+		}
+	}
+}
diff --git a/server/vendor/github.com/pion/interceptor/pkg/twcc/twcc.go b/server/vendor/github.com/pion/interceptor/pkg/twcc/twcc.go
new file mode 100644
index 0000000..c7246f3
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/pkg/twcc/twcc.go
@@ -0,0 +1,366 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package twcc provides interceptors to implement transport wide congestion control.
+package twcc
+
+import (
+	"math"
+
+	"github.com/pion/interceptor/internal/sequencenumber"
+	"github.com/pion/rtcp"
+)
+
+const (
+	packetWindowMicroseconds  = 500_000
+	maxMissingSequenceNumbers = 0x7FFE
+)
+
+// Recorder records incoming RTP packets and their delays and creates
+// transport wide congestion control feedback reports as specified in
+// https://datatracker.ietf.org/doc/html/draft-holmer-rmcat-transport-wide-cc-extensions-01
+type Recorder struct {
+	arrivalTimeMap packetArrivalTimeMap
+
+	sequenceUnwrapper sequencenumber.Unwrapper
+
+	// startSequenceNumber is the first sequence number that will be included in the the
+	// next feedback packet.
+	startSequenceNumber *int64
+
+	senderSSRC uint32
+	mediaSSRC  uint32
+	fbPktCnt   uint8
+
+	packetsHeld int
+}
+
+// NewRecorder creates a new Recorder which uses the given senderSSRC in the created
+// feedback packets.
+func NewRecorder(senderSSRC uint32) *Recorder {
+	return &Recorder{
+		senderSSRC: senderSSRC,
+	}
+}
+
+// Record marks a packet with mediaSSRC and a transport wide sequence number sequenceNumber as received at arrivalTime.
+func (r *Recorder) Record(mediaSSRC uint32, sequenceNumber uint16, arrivalTime int64) {
+	r.mediaSSRC = mediaSSRC
+
+	// "Unwrap" the sequence number to get a monotonically increasing sequence number that
+	// won't wrap around after math.MaxUint16.
+	unwrappedSN := r.sequenceUnwrapper.Unwrap(sequenceNumber)
+	r.maybeCullOldPackets(unwrappedSN, arrivalTime)
+	if r.startSequenceNumber == nil || unwrappedSN < *r.startSequenceNumber {
+		r.startSequenceNumber = &unwrappedSN
+	}
+
+	// We are only interested in the first time a packet is received.
+	if r.arrivalTimeMap.HasReceived(unwrappedSN) {
+		return
+	}
+
+	r.arrivalTimeMap.AddPacket(unwrappedSN, arrivalTime)
+	r.packetsHeld++
+
+	// Limit the range of sequence numbers to send feedback for.
+	if *r.startSequenceNumber < r.arrivalTimeMap.BeginSequenceNumber() {
+		sn := r.arrivalTimeMap.BeginSequenceNumber()
+		r.startSequenceNumber = &sn
+	}
+}
+
+func (r *Recorder) maybeCullOldPackets(sequenceNumber int64, arrivalTime int64) {
+	if r.startSequenceNumber != nil && *r.startSequenceNumber >= r.arrivalTimeMap.EndSequenceNumber() && arrivalTime >= packetWindowMicroseconds {
+		r.arrivalTimeMap.RemoveOldPackets(sequenceNumber, arrivalTime-packetWindowMicroseconds)
+	}
+}
+
+// PacketsHeld returns the number of received packets currently held by the recorder
+func (r *Recorder) PacketsHeld() int {
+	return r.packetsHeld
+}
+
+// BuildFeedbackPacket creates a new RTCP packet containing a TWCC feedback report.
+func (r *Recorder) BuildFeedbackPacket() []rtcp.Packet {
+	if r.startSequenceNumber == nil {
+		return nil
+	}
+
+	endSN := r.arrivalTimeMap.EndSequenceNumber()
+	var feedbacks []rtcp.Packet
+	for *r.startSequenceNumber < endSN {
+		feedback := r.maybeBuildFeedbackPacket(*r.startSequenceNumber, endSN)
+		if feedback == nil {
+			break
+		}
+		feedbacks = append(feedbacks, feedback.getRTCP())
+
+		// NOTE: we don't erase packets from the history in case they need to be resent
+		// after a reordering. They will be removed instead in Record when they get too
+		// old.
+	}
+	r.packetsHeld = 0
+	return feedbacks
+}
+
+// maybeBuildFeedbackPacket builds a feedback packet starting from startSN (inclusive) until
+// endSN (exclusive).
+func (r *Recorder) maybeBuildFeedbackPacket(beginSeqNumInclusive, endSeqNumExclusive int64) *feedback {
+	// NOTE: The logic of this method is inspired by the implementation in Chrome.
+	// See https://source.chromium.org/chromium/chromium/src/+/refs/heads/main:third_party/webrtc/modules/remote_bitrate_estimator/remote_estimator_proxy.cc;l=276;drc=b5cd13bb6d5d157a5fbe3628b2dd1c1e106203c6
+	startSNInclusive, endSNExclusive := r.arrivalTimeMap.Clamp(beginSeqNumInclusive), r.arrivalTimeMap.Clamp(endSeqNumExclusive)
+
+	// Create feedback on demand, as we don't yet know if there are packets in the range that have been
+	// received.
+	var fb *feedback
+
+	nextSequenceNumber := beginSeqNumInclusive
+
+	for seq := startSNInclusive; seq < endSNExclusive; seq++ {
+		foundSeq, arrivalTime, ok := r.arrivalTimeMap.FindNextAtOrAfter(seq)
+		seq = foundSeq
+		if !ok || seq >= endSNExclusive {
+			break
+		}
+
+		if fb == nil {
+			fb = newFeedback(r.senderSSRC, r.mediaSSRC, r.fbPktCnt)
+			r.fbPktCnt++
+
+			// It should be possible to add seq to this new packet.
+			// If the difference between seq and beginSeqNumInclusive is too large, discard
+			// reporting too old missing packets.
+			baseSequenceNumber := max64(beginSeqNumInclusive, seq-maxMissingSequenceNumbers)
+
+			// baseSequenceNumber is the expected first sequence number. This is known,
+			// but we may not have actually received it, so the base time should be the time
+			// of the first received packet in the feedback.
+			fb.setBase(uint16(baseSequenceNumber), arrivalTime)
+
+			if !fb.addReceived(uint16(seq), arrivalTime) {
+				// Could not add a single received packet to the feedback.
+				// This is unexpected to actually occur, but if it does, we'll
+				// try again after skipping any missing packets.
+				// NOTE: It's fine that we already incremented fbPktCnt, as in essence
+				// we did actually "skip" a feedback (and this matches Chrome's behavior).
+				r.startSequenceNumber = &seq
+				return nil
+			}
+		} else if !fb.addReceived(uint16(seq), arrivalTime) {
+			// Could not add timestamp. Packet may be full. Return
+			// and try again with a fresh packet.
+			break
+		}
+
+		nextSequenceNumber = seq + 1
+	}
+
+	r.startSequenceNumber = &nextSequenceNumber
+	return fb
+}
+
+type feedback struct {
+	rtcp                *rtcp.TransportLayerCC
+	baseSequenceNumber  uint16
+	refTimestamp64MS    int64
+	lastTimestampUS     int64
+	nextSequenceNumber  uint16
+	sequenceNumberCount uint16
+	len                 int
+	lastChunk           chunk
+	chunks              []rtcp.PacketStatusChunk
+	deltas              []*rtcp.RecvDelta
+}
+
+func newFeedback(senderSSRC, mediaSSRC uint32, count uint8) *feedback {
+	return &feedback{
+		rtcp: &rtcp.TransportLayerCC{
+			SenderSSRC: senderSSRC,
+			MediaSSRC:  mediaSSRC,
+			FbPktCount: count,
+		},
+	}
+}
+
+func (f *feedback) setBase(sequenceNumber uint16, timeUS int64) {
+	f.baseSequenceNumber = sequenceNumber
+	f.nextSequenceNumber = f.baseSequenceNumber
+	f.refTimestamp64MS = timeUS / 64e3
+	f.lastTimestampUS = f.refTimestamp64MS * 64e3
+}
+
+func (f *feedback) getRTCP() *rtcp.TransportLayerCC {
+	f.rtcp.PacketStatusCount = f.sequenceNumberCount
+	f.rtcp.ReferenceTime = uint32(f.refTimestamp64MS)
+	f.rtcp.BaseSequenceNumber = f.baseSequenceNumber
+	for len(f.lastChunk.deltas) > 0 {
+		f.chunks = append(f.chunks, f.lastChunk.encode())
+	}
+	f.rtcp.PacketChunks = append(f.rtcp.PacketChunks, f.chunks...)
+	f.rtcp.RecvDeltas = f.deltas
+
+	padLen := 20 + len(f.rtcp.PacketChunks)*2 + f.len // 4 bytes header + 16 bytes twcc header + 2 bytes for each chunk + length of deltas
+	padding := padLen%4 != 0
+	for padLen%4 != 0 {
+		padLen++
+	}
+	f.rtcp.Header = rtcp.Header{
+		Count:   rtcp.FormatTCC,
+		Type:    rtcp.TypeTransportSpecificFeedback,
+		Padding: padding,
+		Length:  uint16((padLen / 4) - 1),
+	}
+
+	return f.rtcp
+}
+
+func (f *feedback) addReceived(sequenceNumber uint16, timestampUS int64) bool {
+	deltaUS := timestampUS - f.lastTimestampUS
+	var delta250US int64
+	if deltaUS >= 0 {
+		delta250US = (deltaUS + rtcp.TypeTCCDeltaScaleFactor/2) / rtcp.TypeTCCDeltaScaleFactor
+	} else {
+		delta250US = (deltaUS - rtcp.TypeTCCDeltaScaleFactor/2) / rtcp.TypeTCCDeltaScaleFactor
+	}
+	if delta250US < math.MinInt16 || delta250US > math.MaxInt16 { // delta doesn't fit into 16 bit, need to create new packet
+		return false
+	}
+	deltaUSRounded := delta250US * rtcp.TypeTCCDeltaScaleFactor
+
+	for ; f.nextSequenceNumber != sequenceNumber; f.nextSequenceNumber++ {
+		if !f.lastChunk.canAdd(rtcp.TypeTCCPacketNotReceived) {
+			f.chunks = append(f.chunks, f.lastChunk.encode())
+		}
+		f.lastChunk.add(rtcp.TypeTCCPacketNotReceived)
+		f.sequenceNumberCount++
+	}
+
+	var recvDelta uint16
+	switch {
+	case delta250US >= 0 && delta250US <= 0xff:
+		f.len++
+		recvDelta = rtcp.TypeTCCPacketReceivedSmallDelta
+	default:
+		f.len += 2
+		recvDelta = rtcp.TypeTCCPacketReceivedLargeDelta
+	}
+
+	if !f.lastChunk.canAdd(recvDelta) {
+		f.chunks = append(f.chunks, f.lastChunk.encode())
+	}
+	f.lastChunk.add(recvDelta)
+	f.deltas = append(f.deltas, &rtcp.RecvDelta{
+		Type:  recvDelta,
+		Delta: deltaUSRounded,
+	})
+	f.lastTimestampUS += deltaUSRounded
+	f.sequenceNumberCount++
+	f.nextSequenceNumber++
+	return true
+}
+
+const (
+	maxRunLengthCap = 0x1fff // 13 bits
+	maxOneBitCap    = 14     // bits
+	maxTwoBitCap    = 7      // bits
+)
+
+type chunk struct {
+	hasLargeDelta     bool
+	hasDifferentTypes bool
+	deltas            []uint16
+}
+
+func (c *chunk) canAdd(delta uint16) bool {
+	if len(c.deltas) < maxTwoBitCap {
+		return true
+	}
+	if len(c.deltas) < maxOneBitCap && !c.hasLargeDelta && delta != rtcp.TypeTCCPacketReceivedLargeDelta {
+		return true
+	}
+	if len(c.deltas) < maxRunLengthCap && !c.hasDifferentTypes && delta == c.deltas[0] {
+		return true
+	}
+	return false
+}
+
+func (c *chunk) add(delta uint16) {
+	c.deltas = append(c.deltas, delta)
+	c.hasLargeDelta = c.hasLargeDelta || delta == rtcp.TypeTCCPacketReceivedLargeDelta
+	c.hasDifferentTypes = c.hasDifferentTypes || delta != c.deltas[0]
+}
+
+func (c *chunk) encode() rtcp.PacketStatusChunk {
+	if !c.hasDifferentTypes {
+		defer c.reset()
+		return &rtcp.RunLengthChunk{
+			PacketStatusSymbol: c.deltas[0],
+			RunLength:          uint16(len(c.deltas)),
+		}
+	}
+	if len(c.deltas) == maxOneBitCap {
+		defer c.reset()
+		return &rtcp.StatusVectorChunk{
+			SymbolSize: rtcp.TypeTCCSymbolSizeOneBit,
+			SymbolList: c.deltas,
+		}
+	}
+
+	minCap := min(maxTwoBitCap, len(c.deltas))
+	svc := &rtcp.StatusVectorChunk{
+		SymbolSize: rtcp.TypeTCCSymbolSizeTwoBit,
+		SymbolList: c.deltas[:minCap],
+	}
+	c.deltas = c.deltas[minCap:]
+	c.hasDifferentTypes = false
+	c.hasLargeDelta = false
+
+	if len(c.deltas) > 0 {
+		tmp := c.deltas[0]
+		for _, d := range c.deltas {
+			if tmp != d {
+				c.hasDifferentTypes = true
+			}
+			if d == rtcp.TypeTCCPacketReceivedLargeDelta {
+				c.hasLargeDelta = true
+			}
+		}
+	}
+
+	return svc
+}
+
+func (c *chunk) reset() {
+	c.deltas = []uint16{}
+	c.hasLargeDelta = false
+	c.hasDifferentTypes = false
+}
+
+func max(a, b int) int {
+	if a > b {
+		return a
+	}
+	return b
+}
+
+func min(a, b int) int {
+	if a < b {
+		return a
+	}
+	return b
+}
+
+func max64(a, b int64) int64 {
+	if a > b {
+		return a
+	}
+	return b
+}
+
+func min64(a, b int64) int64 {
+	if a < b {
+		return a
+	}
+	return b
+}
diff --git a/server/vendor/github.com/pion/interceptor/registry.go b/server/vendor/github.com/pion/interceptor/registry.go
new file mode 100644
index 0000000..e36ef6b
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/registry.go
@@ -0,0 +1,33 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package interceptor
+
+// Registry is a collector for interceptors.
+type Registry struct {
+	factories []Factory
+}
+
+// Add adds a new Interceptor to the registry.
+func (r *Registry) Add(f Factory) {
+	r.factories = append(r.factories, f)
+}
+
+// Build constructs a single Interceptor from a InterceptorRegistry
+func (r *Registry) Build(id string) (Interceptor, error) {
+	if len(r.factories) == 0 {
+		return &NoOp{}, nil
+	}
+
+	interceptors := []Interceptor{}
+	for _, f := range r.factories {
+		i, err := f.NewInterceptor(id)
+		if err != nil {
+			return nil, err
+		}
+
+		interceptors = append(interceptors, i)
+	}
+
+	return NewChain(interceptors), nil
+}
diff --git a/server/vendor/github.com/pion/interceptor/renovate.json b/server/vendor/github.com/pion/interceptor/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/interceptor/streaminfo.go b/server/vendor/github.com/pion/interceptor/streaminfo.go
new file mode 100644
index 0000000..4108159
--- /dev/null
+++ b/server/vendor/github.com/pion/interceptor/streaminfo.go
@@ -0,0 +1,37 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package interceptor
+
+// RTPHeaderExtension represents a negotiated RFC5285 RTP header extension.
+type RTPHeaderExtension struct {
+	URI string
+	ID  int
+}
+
+// StreamInfo is the Context passed when a StreamLocal or StreamRemote has been Binded or Unbinded
+type StreamInfo struct {
+	ID                  string
+	Attributes          Attributes
+	SSRC                uint32
+	PayloadType         uint8
+	RTPHeaderExtensions []RTPHeaderExtension
+	MimeType            string
+	ClockRate           uint32
+	Channels            uint16
+	SDPFmtpLine         string
+	RTCPFeedback        []RTCPFeedback
+}
+
+// RTCPFeedback signals the connection to use additional RTCP packet types.
+// https://draft.ortc.org/#dom-rtcrtcpfeedback
+type RTCPFeedback struct {
+	// Type is the type of feedback.
+	// see: https://draft.ortc.org/#dom-rtcrtcpfeedback
+	// valid: ack, ccm, nack, goog-remb, transport-cc
+	Type string
+
+	// The parameter value depends on the type.
+	// For example, type="nack" parameter="pli" will send Picture Loss Indicator packets.
+	Parameter string
+}
diff --git a/server/vendor/github.com/pion/logging/.golangci.yml b/server/vendor/github.com/pion/logging/.golangci.yml
new file mode 100644
index 0000000..ffb0058
--- /dev/null
+++ b/server/vendor/github.com/pion/logging/.golangci.yml
@@ -0,0 +1,13 @@
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+
+linters:
+  enable-all: true
+
+issues:
+  exclude-use-default: false
+  max-per-linter: 0
+  max-same-issues: 50
diff --git a/server/vendor/github.com/pion/logging/.travis.yml b/server/vendor/github.com/pion/logging/.travis.yml
new file mode 100644
index 0000000..b96a1ed
--- /dev/null
+++ b/server/vendor/github.com/pion/logging/.travis.yml
@@ -0,0 +1,19 @@
+language: go
+
+go:
+  - "1.x" # use the latest Go release
+
+env:
+  - GO111MODULE=on
+
+before_script:
+  - curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | bash -s -- -b $GOPATH/bin v1.15.0
+
+script:
+  - golangci-lint run ./...
+#  - rm -rf examples # Remove examples, no test coverage for them
+  - go test -coverpkg=$(go list ./... | tr '\n' ',') -coverprofile=cover.out -v -race -covermode=atomic ./...
+  - bash <(curl -s https://codecov.io/bash)
+  - bash .github/assert-contributors.sh
+  - bash .github/lint-disallowed-functions-in-library.sh
+  - bash .github/lint-commit-message.sh
diff --git a/server/vendor/github.com/pion/logging/LICENSE b/server/vendor/github.com/pion/logging/LICENSE
new file mode 100644
index 0000000..ab60297
--- /dev/null
+++ b/server/vendor/github.com/pion/logging/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2018 
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/server/vendor/github.com/pion/logging/README.md b/server/vendor/github.com/pion/logging/README.md
new file mode 100644
index 0000000..c15471d
--- /dev/null
+++ b/server/vendor/github.com/pion/logging/README.md
@@ -0,0 +1,41 @@
+<h1 align="center">
+  <br>
+  Pion Logging
+  <br>
+</h1>
+<h4 align="center">The Pion logging library</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-logging-gray.svg?longCache=true&colorB=brightgreen" alt="Pion transport"></a>
+  <a href="http://gophers.slack.com/messages/pion"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <a href="https://travis-ci.org/pion/logging"><img src="https://travis-ci.org/pion/logging.svg?branch=master" alt="Build Status"></a>
+  <a href="https://godoc.org/github.com/pion/logging"><img src="https://godoc.org/github.com/pion/logging?status.svg" alt="GoDoc"></a>
+  <a href="https://codecov.io/gh/pion/logging"><img src="https://codecov.io/gh/pion/logging/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/logging"><img src="https://goreportcard.com/badge/github.com/pion/logging" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Golang Slack](https://invite.slack.golangbridge.org/). Sign up and join the **#pion** channel for discussions and support. You can also use [Pion mailing list](https://groups.google.com/forum/#!forum/pion).
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the **[contributing wiki](https://github.com/pion/webrtc/wiki/Contributing)** to join the group of amazing people making this project possible:
+
+* [John Bradley](https://github.com/kc5nra) - *Original Author*
+* [Sean DuBois](https://github.com/Sean-Der) - *Original Author*
+* [Michael MacDonald](https://github.com/mjmac) - *Original Author*
+* [Woodrow Douglass](https://github.com/wdouglass) - *Test coverage*
+* [Michiel De Backker](https://github.com/backkem) - *Docs*
+* [Hugo Arregui](https://github.com/hugoArregui) - *Custom Logs*
+* [Justin Okamoto](https://github.com/justinokamoto) - *Disabled Logs Update*
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/logging/logger.go b/server/vendor/github.com/pion/logging/logger.go
new file mode 100644
index 0000000..35f6505
--- /dev/null
+++ b/server/vendor/github.com/pion/logging/logger.go
@@ -0,0 +1,228 @@
+package logging
+
+import (
+	"fmt"
+	"io"
+	"log"
+	"os"
+	"strings"
+	"sync"
+)
+
+// Use this abstraction to ensure thread-safe access to the logger's io.Writer
+// (which could change at runtime)
+type loggerWriter struct {
+	sync.RWMutex
+	output io.Writer
+}
+
+func (lw *loggerWriter) SetOutput(output io.Writer) {
+	lw.Lock()
+	defer lw.Unlock()
+	lw.output = output
+}
+
+func (lw *loggerWriter) Write(data []byte) (int, error) {
+	lw.RLock()
+	defer lw.RUnlock()
+	return lw.output.Write(data)
+}
+
+// DefaultLeveledLogger encapsulates functionality for providing logging at
+// user-defined levels
+type DefaultLeveledLogger struct {
+	level  LogLevel
+	writer *loggerWriter
+	trace  *log.Logger
+	debug  *log.Logger
+	info   *log.Logger
+	warn   *log.Logger
+	err    *log.Logger
+}
+
+// WithTraceLogger is a chainable configuration function which sets the
+// Trace-level logger
+func (ll *DefaultLeveledLogger) WithTraceLogger(log *log.Logger) *DefaultLeveledLogger {
+	ll.trace = log
+	return ll
+}
+
+// WithDebugLogger is a chainable configuration function which sets the
+// Debug-level logger
+func (ll *DefaultLeveledLogger) WithDebugLogger(log *log.Logger) *DefaultLeveledLogger {
+	ll.debug = log
+	return ll
+}
+
+// WithInfoLogger is a chainable configuration function which sets the
+// Info-level logger
+func (ll *DefaultLeveledLogger) WithInfoLogger(log *log.Logger) *DefaultLeveledLogger {
+	ll.info = log
+	return ll
+}
+
+// WithWarnLogger is a chainable configuration function which sets the
+// Warn-level logger
+func (ll *DefaultLeveledLogger) WithWarnLogger(log *log.Logger) *DefaultLeveledLogger {
+	ll.warn = log
+	return ll
+}
+
+// WithErrorLogger is a chainable configuration function which sets the
+// Error-level logger
+func (ll *DefaultLeveledLogger) WithErrorLogger(log *log.Logger) *DefaultLeveledLogger {
+	ll.err = log
+	return ll
+}
+
+// WithOutput is a chainable configuration function which sets the logger's
+// logging output to the supplied io.Writer
+func (ll *DefaultLeveledLogger) WithOutput(output io.Writer) *DefaultLeveledLogger {
+	ll.writer.SetOutput(output)
+	return ll
+}
+
+func (ll *DefaultLeveledLogger) logf(logger *log.Logger, level LogLevel, format string, args ...interface{}) {
+	if ll.level.Get() < level {
+		return
+	}
+
+	callDepth := 3 // this frame + wrapper func + caller
+	msg := fmt.Sprintf(format, args...)
+	if err := logger.Output(callDepth, msg); err != nil {
+		fmt.Fprintf(os.Stderr, "Unable to log: %s", err)
+	}
+}
+
+// SetLevel sets the logger's logging level
+func (ll *DefaultLeveledLogger) SetLevel(newLevel LogLevel) {
+	ll.level.Set(newLevel)
+}
+
+// Trace emits the preformatted message if the logger is at or below LogLevelTrace
+func (ll *DefaultLeveledLogger) Trace(msg string) {
+	ll.logf(ll.trace, LogLevelTrace, msg)
+}
+
+// Tracef formats and emits a message if the logger is at or below LogLevelTrace
+func (ll *DefaultLeveledLogger) Tracef(format string, args ...interface{}) {
+	ll.logf(ll.trace, LogLevelTrace, format, args...)
+}
+
+// Debug emits the preformatted message if the logger is at or below LogLevelDebug
+func (ll *DefaultLeveledLogger) Debug(msg string) {
+	ll.logf(ll.debug, LogLevelDebug, msg)
+}
+
+// Debugf formats and emits a message if the logger is at or below LogLevelDebug
+func (ll *DefaultLeveledLogger) Debugf(format string, args ...interface{}) {
+	ll.logf(ll.debug, LogLevelDebug, format, args...)
+}
+
+// Info emits the preformatted message if the logger is at or below LogLevelInfo
+func (ll *DefaultLeveledLogger) Info(msg string) {
+	ll.logf(ll.info, LogLevelInfo, msg)
+}
+
+// Infof formats and emits a message if the logger is at or below LogLevelInfo
+func (ll *DefaultLeveledLogger) Infof(format string, args ...interface{}) {
+	ll.logf(ll.info, LogLevelInfo, format, args...)
+}
+
+// Warn emits the preformatted message if the logger is at or below LogLevelWarn
+func (ll *DefaultLeveledLogger) Warn(msg string) {
+	ll.logf(ll.warn, LogLevelWarn, msg)
+}
+
+// Warnf formats and emits a message if the logger is at or below LogLevelWarn
+func (ll *DefaultLeveledLogger) Warnf(format string, args ...interface{}) {
+	ll.logf(ll.warn, LogLevelWarn, format, args...)
+}
+
+// Error emits the preformatted message if the logger is at or below LogLevelError
+func (ll *DefaultLeveledLogger) Error(msg string) {
+	ll.logf(ll.err, LogLevelError, msg)
+}
+
+// Errorf formats and emits a message if the logger is at or below LogLevelError
+func (ll *DefaultLeveledLogger) Errorf(format string, args ...interface{}) {
+	ll.logf(ll.err, LogLevelError, format, args...)
+}
+
+// NewDefaultLeveledLoggerForScope returns a configured LeveledLogger
+func NewDefaultLeveledLoggerForScope(scope string, level LogLevel, writer io.Writer) *DefaultLeveledLogger {
+	if writer == nil {
+		writer = os.Stdout
+	}
+	logger := &DefaultLeveledLogger{
+		writer: &loggerWriter{output: writer},
+		level:  level,
+	}
+	return logger.
+		WithTraceLogger(log.New(logger.writer, fmt.Sprintf("%s TRACE: ", scope), log.Lmicroseconds|log.Lshortfile)).
+		WithDebugLogger(log.New(logger.writer, fmt.Sprintf("%s DEBUG: ", scope), log.Lmicroseconds|log.Lshortfile)).
+		WithInfoLogger(log.New(logger.writer, fmt.Sprintf("%s INFO: ", scope), log.LstdFlags)).
+		WithWarnLogger(log.New(logger.writer, fmt.Sprintf("%s WARNING: ", scope), log.LstdFlags)).
+		WithErrorLogger(log.New(logger.writer, fmt.Sprintf("%s ERROR: ", scope), log.LstdFlags))
+}
+
+// DefaultLoggerFactory define levels by scopes and creates new DefaultLeveledLogger
+type DefaultLoggerFactory struct {
+	Writer          io.Writer
+	DefaultLogLevel LogLevel
+	ScopeLevels     map[string]LogLevel
+}
+
+// NewDefaultLoggerFactory creates a new DefaultLoggerFactory
+func NewDefaultLoggerFactory() *DefaultLoggerFactory {
+	factory := DefaultLoggerFactory{}
+	factory.DefaultLogLevel = LogLevelError
+	factory.ScopeLevels = make(map[string]LogLevel)
+	factory.Writer = os.Stdout
+
+	logLevels := map[string]LogLevel{
+		"DISABLE": LogLevelDisabled,
+		"ERROR":   LogLevelError,
+		"WARN":    LogLevelWarn,
+		"INFO":    LogLevelInfo,
+		"DEBUG":   LogLevelDebug,
+		"TRACE":   LogLevelTrace,
+	}
+
+	for name, level := range logLevels {
+		env := os.Getenv(fmt.Sprintf("PION_LOG_%s", name))
+
+		if env == "" {
+			env = os.Getenv(fmt.Sprintf("PIONS_LOG_%s", name))
+		}
+
+		if env == "" {
+			continue
+		}
+
+		if strings.ToLower(env) == "all" {
+			factory.DefaultLogLevel = level
+			continue
+		}
+
+		scopes := strings.Split(strings.ToLower(env), ",")
+		for _, scope := range scopes {
+			factory.ScopeLevels[scope] = level
+		}
+	}
+
+	return &factory
+}
+
+// NewLogger returns a configured LeveledLogger for the given , argsscope
+func (f *DefaultLoggerFactory) NewLogger(scope string) LeveledLogger {
+	logLevel := f.DefaultLogLevel
+	if f.ScopeLevels != nil {
+		scopeLevel, found := f.ScopeLevels[scope]
+
+		if found {
+			logLevel = scopeLevel
+		}
+	}
+	return NewDefaultLeveledLoggerForScope(scope, logLevel, f.Writer)
+}
diff --git a/server/vendor/github.com/pion/logging/scoped.go b/server/vendor/github.com/pion/logging/scoped.go
new file mode 100644
index 0000000..678bab4
--- /dev/null
+++ b/server/vendor/github.com/pion/logging/scoped.go
@@ -0,0 +1,72 @@
+package logging
+
+import (
+	"sync/atomic"
+)
+
+// LogLevel represents the level at which the logger will emit log messages
+type LogLevel int32
+
+// Set updates the LogLevel to the supplied value
+func (ll *LogLevel) Set(newLevel LogLevel) {
+	atomic.StoreInt32((*int32)(ll), int32(newLevel))
+}
+
+// Get retrieves the current LogLevel value
+func (ll *LogLevel) Get() LogLevel {
+	return LogLevel(atomic.LoadInt32((*int32)(ll)))
+}
+
+func (ll LogLevel) String() string {
+	switch ll {
+	case LogLevelDisabled:
+		return "Disabled"
+	case LogLevelError:
+		return "Error"
+	case LogLevelWarn:
+		return "Warn"
+	case LogLevelInfo:
+		return "Info"
+	case LogLevelDebug:
+		return "Debug"
+	case LogLevelTrace:
+		return "Trace"
+	default:
+		return "UNKNOWN"
+	}
+}
+
+const (
+	// LogLevelDisabled completely disables logging of any events
+	LogLevelDisabled LogLevel = iota
+	// LogLevelError is for fatal errors which should be handled by user code,
+	// but are logged to ensure that they are seen
+	LogLevelError
+	// LogLevelWarn is for logging abnormal, but non-fatal library operation
+	LogLevelWarn
+	// LogLevelInfo is for logging normal library operation (e.g. state transitions, etc.)
+	LogLevelInfo
+	// LogLevelDebug is for logging low-level library information (e.g. internal operations)
+	LogLevelDebug
+	// LogLevelTrace is for logging very low-level library information (e.g. network traces)
+	LogLevelTrace
+)
+
+// LeveledLogger is the basic pion Logger interface
+type LeveledLogger interface {
+	Trace(msg string)
+	Tracef(format string, args ...interface{})
+	Debug(msg string)
+	Debugf(format string, args ...interface{})
+	Info(msg string)
+	Infof(format string, args ...interface{})
+	Warn(msg string)
+	Warnf(format string, args ...interface{})
+	Error(msg string)
+	Errorf(format string, args ...interface{})
+}
+
+// LoggerFactory is the basic pion LoggerFactory interface
+type LoggerFactory interface {
+	NewLogger(scope string) LeveledLogger
+}
diff --git a/server/vendor/github.com/pion/mdns/.gitignore b/server/vendor/github.com/pion/mdns/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/mdns/.golangci.yml b/server/vendor/github.com/pion/mdns/.golangci.yml
new file mode 100644
index 0000000..6dd80c8
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/.golangci.yml
@@ -0,0 +1,126 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests and examples, better to be self contained
+    - path: (examples|main\.go|_test\.go)
+      linters:
+        - forbidigo
+        - gocognit
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/mdns/.goreleaser.yml b/server/vendor/github.com/pion/mdns/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/mdns/LICENSE b/server/vendor/github.com/pion/mdns/LICENSE
new file mode 100644
index 0000000..ab60297
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2018 
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/server/vendor/github.com/pion/mdns/README.md b/server/vendor/github.com/pion/mdns/README.md
new file mode 100644
index 0000000..70b4881
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/README.md
@@ -0,0 +1,72 @@
+<h1 align="center">
+  <br>
+  Pion mDNS
+  <br>
+</h1>
+<h4 align="center">A Go implementation of mDNS</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-mdns-gray.svg?longCache=true&colorB=brightgreen" alt="Pion mDNS"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/mdns/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/mdns"><img src="https://pkg.go.dev/badge/github.com/pion/mdsn.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/mdns"><img src="https://codecov.io/gh/pion/mdns/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/mdns"><img src="https://goreportcard.com/badge/github.com/pion/mdns" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+Go mDNS implementation. The original user is Pion WebRTC, but we would love to see it work for everyone.
+
+### Running Server
+For a mDNS server that responds to queries for `pion-test.local`
+```sh
+go run examples/server/main.go
+```
+
+For a mDNS server that responds to queries for `pion-test.local` with a given address
+```sh
+go run examples/server/publish_ip/main.go -ip=[IP]
+```
+If you don't set the `ip` parameter, "1.2.3.4" will be used instead.
+
+
+### Running Client
+To query using Pion you can run the `query` example
+```sh
+go run examples/query/main.go
+```
+
+You can use the macOS client
+```
+dns-sd -q pion-test.local
+```
+
+Or the avahi client
+```
+avahi-resolve -a pion-test.local
+```
+
+### RFCs
+#### Implemented
+- **RFC 6762** [Multicast DNS][rfc6762]
+- **draft-ietf-rtcweb-mdns-ice-candidates-02** [Using Multicast DNS to protect privacy when exposing ICE candidates](https://datatracker.ietf.org/doc/html/draft-ietf-rtcweb-mdns-ice-candidates-02.html)
+
+[rfc6762]: https://tools.ietf.org/html/rfc6762
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
\ No newline at end of file
diff --git a/server/vendor/github.com/pion/mdns/codecov.yml b/server/vendor/github.com/pion/mdns/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/mdns/config.go b/server/vendor/github.com/pion/mdns/config.go
new file mode 100644
index 0000000..34fc8fe
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/config.go
@@ -0,0 +1,41 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package mdns
+
+import (
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+const (
+	// DefaultAddress is the default used by mDNS
+	// and in most cases should be the address that the
+	// net.Conn passed to Server is bound to
+	DefaultAddress = "224.0.0.0:5353"
+)
+
+// Config is used to configure a mDNS client or server.
+type Config struct {
+	// QueryInterval controls how often we sends Queries until we
+	// get a response for the requested name
+	QueryInterval time.Duration
+
+	// LocalNames are the names that we will generate answers for
+	// when we get questions
+	LocalNames []string
+
+	// LocalAddress will override the published address with the given IP
+	// when set. Otherwise, the automatically determined address will be used.
+	LocalAddress net.IP
+
+	LoggerFactory logging.LoggerFactory
+
+	// IncludeLoopback will include loopback interfaces to be eligble for queries and answers.
+	IncludeLoopback bool
+
+	// Interfaces will override the interfaces used for queries and answers.
+	Interfaces []net.Interface
+}
diff --git a/server/vendor/github.com/pion/mdns/conn.go b/server/vendor/github.com/pion/mdns/conn.go
new file mode 100644
index 0000000..1f14607
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/conn.go
@@ -0,0 +1,597 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package mdns
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+	"golang.org/x/net/dns/dnsmessage"
+	"golang.org/x/net/ipv4"
+)
+
+// Conn represents a mDNS Server
+type Conn struct {
+	mu  sync.RWMutex
+	log logging.LeveledLogger
+
+	socket  *ipv4.PacketConn
+	dstAddr *net.UDPAddr
+
+	queryInterval time.Duration
+	localNames    []string
+	queries       []*query
+	ifaces        []net.Interface
+
+	closed chan interface{}
+}
+
+type query struct {
+	nameWithSuffix  string
+	queryResultChan chan queryResult
+}
+
+type queryResult struct {
+	answer dnsmessage.ResourceHeader
+	addr   net.Addr
+}
+
+const (
+	defaultQueryInterval = time.Second
+	destinationAddress   = "224.0.0.251:5353"
+	maxMessageRecords    = 3
+	responseTTL          = 120
+	// maxPacketSize is the maximum size of a mdns packet.
+	// From RFC 6762:
+	// Even when fragmentation is used, a Multicast DNS packet, including IP
+	// and UDP headers, MUST NOT exceed 9000 bytes.
+	// https://datatracker.ietf.org/doc/html/rfc6762#section-17
+	maxPacketSize = 9000
+)
+
+var errNoPositiveMTUFound = errors.New("no positive MTU found")
+
+// Server establishes a mDNS connection over an existing conn.
+//
+// Currently, the server only supports listening on an IPv4 connection, but internally
+// it supports answering with IPv6 AAAA records if this were ever to change.
+func Server(conn *ipv4.PacketConn, config *Config) (*Conn, error) {
+	if config == nil {
+		return nil, errNilConfig
+	}
+
+	ifaces := config.Interfaces
+	if ifaces == nil {
+		var err error
+		ifaces, err = net.Interfaces()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	inboundBufferSize := 0
+	joinErrCount := 0
+	ifacesToUse := make([]net.Interface, 0, len(ifaces))
+	for i, ifc := range ifaces {
+		if !config.IncludeLoopback && ifc.Flags&net.FlagLoopback == net.FlagLoopback {
+			continue
+		}
+		if err := conn.JoinGroup(&ifaces[i], &net.UDPAddr{IP: net.IPv4(224, 0, 0, 251)}); err != nil {
+			joinErrCount++
+			continue
+		}
+
+		ifcCopy := ifc
+		ifacesToUse = append(ifacesToUse, ifcCopy)
+		if ifaces[i].MTU > inboundBufferSize {
+			inboundBufferSize = ifaces[i].MTU
+		}
+	}
+
+	if inboundBufferSize == 0 {
+		return nil, errNoPositiveMTUFound
+	}
+	if inboundBufferSize > maxPacketSize {
+		inboundBufferSize = maxPacketSize
+	}
+	if joinErrCount >= len(ifaces) {
+		return nil, errJoiningMulticastGroup
+	}
+
+	dstAddr, err := net.ResolveUDPAddr("udp", destinationAddress)
+	if err != nil {
+		return nil, err
+	}
+
+	loggerFactory := config.LoggerFactory
+	if loggerFactory == nil {
+		loggerFactory = logging.NewDefaultLoggerFactory()
+	}
+
+	localNames := []string{}
+	for _, l := range config.LocalNames {
+		localNames = append(localNames, l+".")
+	}
+
+	c := &Conn{
+		queryInterval: defaultQueryInterval,
+		queries:       []*query{},
+		socket:        conn,
+		dstAddr:       dstAddr,
+		localNames:    localNames,
+		ifaces:        ifacesToUse,
+		log:           loggerFactory.NewLogger("mdns"),
+		closed:        make(chan interface{}),
+	}
+	if config.QueryInterval != 0 {
+		c.queryInterval = config.QueryInterval
+	}
+
+	if err := conn.SetControlMessage(ipv4.FlagInterface, true); err != nil {
+		c.log.Warnf("Failed to SetControlMessage on PacketConn %v", err)
+	}
+
+	if config.IncludeLoopback {
+		// this is an efficient way for us to send ourselves a message faster instead of it going
+		// further out into the network stack.
+		if err := conn.SetMulticastLoopback(true); err != nil {
+			c.log.Warnf("Failed to SetMulticastLoopback(true) on PacketConn %v; this may cause inefficient network path communications", err)
+		}
+	}
+
+	// https://www.rfc-editor.org/rfc/rfc6762.html#section-17
+	// Multicast DNS messages carried by UDP may be up to the IP MTU of the
+	// physical interface, less the space required for the IP header (20
+	// bytes for IPv4; 40 bytes for IPv6) and the UDP header (8 bytes).
+	go c.start(inboundBufferSize-20-8, config)
+	return c, nil
+}
+
+// Close closes the mDNS Conn
+func (c *Conn) Close() error {
+	select {
+	case <-c.closed:
+		return nil
+	default:
+	}
+
+	if err := c.socket.Close(); err != nil {
+		return err
+	}
+
+	<-c.closed
+	return nil
+}
+
+// Query sends mDNS Queries for the following name until
+// either the Context is canceled/expires or we get a result
+func (c *Conn) Query(ctx context.Context, name string) (dnsmessage.ResourceHeader, net.Addr, error) {
+	select {
+	case <-c.closed:
+		return dnsmessage.ResourceHeader{}, nil, errConnectionClosed
+	default:
+	}
+
+	nameWithSuffix := name + "."
+
+	queryChan := make(chan queryResult, 1)
+	query := &query{nameWithSuffix, queryChan}
+	c.mu.Lock()
+	c.queries = append(c.queries, query)
+	c.mu.Unlock()
+
+	defer func() {
+		c.mu.Lock()
+		defer c.mu.Unlock()
+		for i := len(c.queries) - 1; i >= 0; i-- {
+			if c.queries[i] == query {
+				c.queries = append(c.queries[:i], c.queries[i+1:]...)
+			}
+		}
+	}()
+
+	ticker := time.NewTicker(c.queryInterval)
+	defer ticker.Stop()
+
+	c.sendQuestion(nameWithSuffix)
+	for {
+		select {
+		case <-ticker.C:
+			c.sendQuestion(nameWithSuffix)
+		case <-c.closed:
+			return dnsmessage.ResourceHeader{}, nil, errConnectionClosed
+		case res := <-queryChan:
+			// Given https://datatracker.ietf.org/doc/html/draft-ietf-mmusic-mdns-ice-candidates#section-3.2.2-2
+			// An ICE agent SHOULD ignore candidates where the hostname resolution returns more than one IP address.
+			//
+			// We will take the first we receive which could result in a race between two suitable addresses where
+			// one is better than the other (e.g. localhost vs LAN).
+			return res.answer, res.addr, nil
+		case <-ctx.Done():
+			return dnsmessage.ResourceHeader{}, nil, errContextElapsed
+		}
+	}
+}
+
+type ipToBytesError struct {
+	ip           net.IP
+	expectedType string
+}
+
+func (err ipToBytesError) Error() string {
+	return fmt.Sprintf("ip (%s) is not %s", err.ip, err.expectedType)
+}
+
+func ipv4ToBytes(ip net.IP) ([4]byte, error) {
+	rawIP := ip.To4()
+	if rawIP == nil {
+		return [4]byte{}, ipToBytesError{ip, "IPv4"}
+	}
+
+	// net.IPs are stored in big endian / network byte order
+	var out [4]byte
+	copy(out[:], rawIP[:])
+	return out, nil
+}
+
+func ipv6ToBytes(ip net.IP) ([16]byte, error) {
+	rawIP := ip.To16()
+	if rawIP == nil {
+		return [16]byte{}, ipToBytesError{ip, "IPv6"}
+	}
+
+	// net.IPs are stored in big endian / network byte order
+	var out [16]byte
+	copy(out[:], rawIP[:])
+	return out, nil
+}
+
+func interfaceForRemote(remote string) (net.IP, error) {
+	conn, err := net.Dial("udp", remote)
+	if err != nil {
+		return nil, err
+	}
+
+	localAddr, ok := conn.LocalAddr().(*net.UDPAddr)
+	if !ok {
+		return nil, errFailedCast
+	}
+
+	if err := conn.Close(); err != nil {
+		return nil, err
+	}
+
+	return localAddr.IP, nil
+}
+
+func (c *Conn) sendQuestion(name string) {
+	packedName, err := dnsmessage.NewName(name)
+	if err != nil {
+		c.log.Warnf("Failed to construct mDNS packet %v", err)
+		return
+	}
+
+	msg := dnsmessage.Message{
+		Header: dnsmessage.Header{},
+		Questions: []dnsmessage.Question{
+			{
+				Type:  dnsmessage.TypeA,
+				Class: dnsmessage.ClassINET,
+				Name:  packedName,
+			},
+		},
+	}
+
+	rawQuery, err := msg.Pack()
+	if err != nil {
+		c.log.Warnf("Failed to construct mDNS packet %v", err)
+		return
+	}
+
+	c.writeToSocket(0, rawQuery, false)
+}
+
+func (c *Conn) writeToSocket(ifIndex int, b []byte, srcIfcIsLoopback bool) {
+	if ifIndex != 0 {
+		ifc, err := net.InterfaceByIndex(ifIndex)
+		if err != nil {
+			c.log.Warnf("Failed to get interface for %d: %v", ifIndex, err)
+			return
+		}
+		if srcIfcIsLoopback && ifc.Flags&net.FlagLoopback == 0 {
+			// avoid accidentally tricking the destination that itself is the same as us
+			c.log.Warnf("Interface is not loopback %d", ifIndex)
+			return
+		}
+		if err := c.socket.SetMulticastInterface(ifc); err != nil {
+			c.log.Warnf("Failed to set multicast interface for %d: %v", ifIndex, err)
+		} else {
+			if _, err := c.socket.WriteTo(b, nil, c.dstAddr); err != nil {
+				c.log.Warnf("Failed to send mDNS packet on interface %d: %v", ifIndex, err)
+			}
+		}
+		return
+	}
+	for ifcIdx := range c.ifaces {
+		if srcIfcIsLoopback && c.ifaces[ifcIdx].Flags&net.FlagLoopback == 0 {
+			// avoid accidentally tricking the destination that itself is the same as us
+			continue
+		}
+		if err := c.socket.SetMulticastInterface(&c.ifaces[ifcIdx]); err != nil {
+			c.log.Warnf("Failed to set multicast interface for %d: %v", c.ifaces[ifcIdx].Index, err)
+		} else {
+			if _, err := c.socket.WriteTo(b, nil, c.dstAddr); err != nil {
+				c.log.Warnf("Failed to send mDNS packet on interface %d: %v", c.ifaces[ifcIdx].Index, err)
+			}
+		}
+	}
+}
+
+func createAnswer(name string, addr net.IP) (dnsmessage.Message, error) {
+	packedName, err := dnsmessage.NewName(name)
+	if err != nil {
+		return dnsmessage.Message{}, err
+	}
+
+	msg := dnsmessage.Message{
+		Header: dnsmessage.Header{
+			Response:      true,
+			Authoritative: true,
+		},
+		Answers: []dnsmessage.Resource{
+			{
+				Header: dnsmessage.ResourceHeader{
+					Type:  dnsmessage.TypeA,
+					Class: dnsmessage.ClassINET,
+					Name:  packedName,
+					TTL:   responseTTL,
+				},
+			},
+		},
+	}
+
+	if ip4 := addr.To4(); ip4 != nil {
+		ipBuf, err := ipv4ToBytes(addr)
+		if err != nil {
+			return dnsmessage.Message{}, err
+		}
+		msg.Answers[0].Body = &dnsmessage.AResource{
+			A: ipBuf,
+		}
+	} else {
+		ipBuf, err := ipv6ToBytes(addr)
+		if err != nil {
+			return dnsmessage.Message{}, err
+		}
+		msg.Answers[0].Body = &dnsmessage.AAAAResource{
+			AAAA: ipBuf,
+		}
+	}
+
+	return msg, nil
+}
+
+func (c *Conn) sendAnswer(name string, ifIndex int, addr net.IP) {
+	answer, err := createAnswer(name, addr)
+	if err != nil {
+		c.log.Warnf("Failed to create mDNS answer %v", err)
+		return
+	}
+
+	rawAnswer, err := answer.Pack()
+	if err != nil {
+		c.log.Warnf("Failed to construct mDNS packet %v", err)
+		return
+	}
+
+	c.writeToSocket(ifIndex, rawAnswer, addr.IsLoopback())
+}
+
+func (c *Conn) start(inboundBufferSize int, config *Config) { //nolint gocognit
+	defer func() {
+		c.mu.Lock()
+		defer c.mu.Unlock()
+		close(c.closed)
+	}()
+
+	b := make([]byte, inboundBufferSize)
+	p := dnsmessage.Parser{}
+
+	for {
+		n, cm, src, err := c.socket.ReadFrom(b)
+		if err != nil {
+			if errors.Is(err, net.ErrClosed) {
+				return
+			}
+			c.log.Warnf("Failed to ReadFrom %q %v", src, err)
+			continue
+		}
+		var ifIndex int
+		if cm != nil {
+			ifIndex = cm.IfIndex
+		}
+		var srcIP net.IP
+		switch addr := src.(type) {
+		case *net.UDPAddr:
+			srcIP = addr.IP
+		case *net.TCPAddr:
+			srcIP = addr.IP
+		default:
+			c.log.Warnf("Failed to determine address type %T for source address %s", src, src)
+			continue
+		}
+		srcIsIPv4 := srcIP.To4() != nil
+
+		func() {
+			c.mu.RLock()
+			defer c.mu.RUnlock()
+
+			if _, err := p.Start(b[:n]); err != nil {
+				c.log.Warnf("Failed to parse mDNS packet %v", err)
+				return
+			}
+
+			for i := 0; i <= maxMessageRecords; i++ {
+				q, err := p.Question()
+				if errors.Is(err, dnsmessage.ErrSectionDone) {
+					break
+				} else if err != nil {
+					c.log.Warnf("Failed to parse mDNS packet %v", err)
+					return
+				}
+
+				for _, localName := range c.localNames {
+					if localName == q.Name.String() {
+						if config.LocalAddress != nil {
+							c.sendAnswer(q.Name.String(), ifIndex, config.LocalAddress)
+						} else {
+							var localAddress net.IP
+
+							// prefer the address of the interface if we know its index, but otherwise
+							// derive it from the address we read from. We do this because even if
+							// multicast loopback is in use or we send from a loopback interface,
+							// there are still cases where the IP packet will contain the wrong
+							// source IP (e.g. a LAN interface).
+							// For example, we can have a packet that has:
+							// Source: 192.168.65.3
+							// Destination: 224.0.0.251
+							// Interface Index: 1
+							// Interface Addresses @ 1: [127.0.0.1/8 ::1/128]
+							if ifIndex != 0 {
+								ifc, netErr := net.InterfaceByIndex(ifIndex)
+								if netErr != nil {
+									c.log.Warnf("Failed to get interface for %d: %v", ifIndex, netErr)
+									continue
+								}
+								addrs, addrsErr := ifc.Addrs()
+								if addrsErr != nil {
+									c.log.Warnf("Failed to get addresses for interface %d: %v", ifIndex, addrsErr)
+									continue
+								}
+								if len(addrs) == 0 {
+									c.log.Warnf("Expected more than one address for interface %d", ifIndex)
+									continue
+								}
+								var selectedIP net.IP
+								for _, addr := range addrs {
+									var ip net.IP
+									switch addr := addr.(type) {
+									case *net.IPNet:
+										ip = addr.IP
+									case *net.IPAddr:
+										ip = addr.IP
+									default:
+										c.log.Warnf("Failed to determine address type %T from interface %d", addr, ifIndex)
+										continue
+									}
+
+									// match up respective IP types
+									if ipv4 := ip.To4(); ipv4 == nil {
+										if srcIsIPv4 {
+											continue
+										} else if !isSupportedIPv6(ip) {
+											continue
+										}
+									} else if !srcIsIPv4 {
+										continue
+									}
+									selectedIP = ip
+									break
+								}
+								if selectedIP == nil {
+									c.log.Warnf("Failed to find suitable IP for interface %d; deriving address from source address instead", ifIndex)
+								} else {
+									localAddress = selectedIP
+								}
+							} else if ifIndex == 0 || localAddress == nil {
+								localAddress, err = interfaceForRemote(src.String())
+								if err != nil {
+									c.log.Warnf("Failed to get local interface to communicate with %s: %v", src.String(), err)
+									continue
+								}
+							}
+
+							c.sendAnswer(q.Name.String(), ifIndex, localAddress)
+						}
+					}
+				}
+			}
+
+			for i := 0; i <= maxMessageRecords; i++ {
+				a, err := p.AnswerHeader()
+				if errors.Is(err, dnsmessage.ErrSectionDone) {
+					return
+				}
+				if err != nil {
+					c.log.Warnf("Failed to parse mDNS packet %v", err)
+					return
+				}
+
+				if a.Type != dnsmessage.TypeA && a.Type != dnsmessage.TypeAAAA {
+					continue
+				}
+
+				for i := len(c.queries) - 1; i >= 0; i-- {
+					if c.queries[i].nameWithSuffix == a.Name.String() {
+						ip, err := ipFromAnswerHeader(a, p)
+						if err != nil {
+							c.log.Warnf("Failed to parse mDNS answer %v", err)
+							return
+						}
+
+						c.queries[i].queryResultChan <- queryResult{a, &net.IPAddr{
+							IP: ip,
+						}}
+						c.queries = append(c.queries[:i], c.queries[i+1:]...)
+					}
+				}
+			}
+		}()
+	}
+}
+
+func ipFromAnswerHeader(a dnsmessage.ResourceHeader, p dnsmessage.Parser) (ip []byte, err error) {
+	if a.Type == dnsmessage.TypeA {
+		resource, err := p.AResource()
+		if err != nil {
+			return nil, err
+		}
+		ip = resource.A[:]
+	} else {
+		resource, err := p.AAAAResource()
+		if err != nil {
+			return nil, err
+		}
+		ip = resource.AAAA[:]
+	}
+
+	return
+}
+
+// The conditions of invalidation written below are defined in
+// https://tools.ietf.org/html/rfc8445#section-5.1.1.1
+func isSupportedIPv6(ip net.IP) bool {
+	if len(ip) != net.IPv6len ||
+		isZeros(ip[0:12]) || // !(IPv4-compatible IPv6)
+		ip[0] == 0xfe && ip[1]&0xc0 == 0xc0 || // !(IPv6 site-local unicast)
+		ip.IsLinkLocalUnicast() ||
+		ip.IsLinkLocalMulticast() {
+		return false
+	}
+	return true
+}
+
+func isZeros(ip net.IP) bool {
+	for i := 0; i < len(ip); i++ {
+		if ip[i] != 0 {
+			return false
+		}
+	}
+	return true
+}
diff --git a/server/vendor/github.com/pion/mdns/errors.go b/server/vendor/github.com/pion/mdns/errors.go
new file mode 100644
index 0000000..f065e16
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/errors.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package mdns
+
+import "errors"
+
+var (
+	errJoiningMulticastGroup = errors.New("mDNS: failed to join multicast group")
+	errConnectionClosed      = errors.New("mDNS: connection is closed")
+	errContextElapsed        = errors.New("mDNS: context has elapsed")
+	errNilConfig             = errors.New("mDNS: config must not be nil")
+	errFailedCast            = errors.New("mDNS: failed to cast listener to UDPAddr")
+)
diff --git a/server/vendor/github.com/pion/mdns/mdns.go b/server/vendor/github.com/pion/mdns/mdns.go
new file mode 100644
index 0000000..a76b16b
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/mdns.go
@@ -0,0 +1,5 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package mdns implements mDNS (multicast DNS)
+package mdns
diff --git a/server/vendor/github.com/pion/mdns/renovate.json b/server/vendor/github.com/pion/mdns/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/mdns/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/randutil/.travis.yml b/server/vendor/github.com/pion/randutil/.travis.yml
new file mode 100644
index 0000000..f04a896
--- /dev/null
+++ b/server/vendor/github.com/pion/randutil/.travis.yml
@@ -0,0 +1,142 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+# If this repository should have package specific CI config,
+# remove the repository name from .goassets/.github/workflows/assets-sync.yml.
+#
+# If you want to update the shared CI config, send a PR to
+# https://github.com/pion/.goassets instead of this repository.
+#
+
+dist: bionic
+language: go
+
+
+branches:
+  only:
+  - master
+
+env:
+  global:
+    - GO111MODULE=on
+    - GOLANGCI_LINT_VERSION=1.19.1
+
+cache:
+  directories:
+    - ${HOME}/.cache/go-build
+    - ${GOPATH}/pkg/mod
+  npm: true
+  yarn: true
+
+_lint_job: &lint_job
+  env: CACHE_NAME=lint
+  before_install:
+    - if [ -f .github/.ci.conf ]; then . .github/.ci.conf; fi
+  install: skip
+  before_script:
+    - |
+      curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh \
+        | bash -s - -b $GOPATH/bin v${GOLANGCI_LINT_VERSION}
+  script:
+    - bash .github/assert-contributors.sh
+    - bash .github/lint-disallowed-functions-in-library.sh
+    - bash .github/lint-commit-message.sh
+    - bash .github/lint-filename.sh
+    - golangci-lint run ./...
+_test_job: &test_job
+  env: CACHE_NAME=test
+  before_install:
+    - if [ -f .github/.ci.conf ]; then . .github/.ci.conf; fi
+    - go mod download
+  install:
+    - go build ./...
+  script:
+    # If you want to specify repository specific test packages rule,
+    # add `TEST_PACKAGES=$(command to list test target packages)` to .github/.ci.conf
+    - testpkgs=${TEST_PACKAGES:-$(go list ./... | grep -v examples)}
+    - coverpkgs=$(echo "${testpkgs}" | paste -s -d ',')
+    - |
+      go test \
+        -coverpkg=${coverpkgs} -coverprofile=cover.out -covermode=atomic \
+        ${TEST_EXTRA_ARGS:-} \
+        -v -race ${testpkgs}
+    - if [ -n "${TEST_HOOK}" ]; then ${TEST_HOOK}; fi
+  after_success:
+    - travis_retry bash <(curl -s https://codecov.io/bash) -c -F go
+_test_i386_job: &test_i386_job
+  env: CACHE_NAME=test386
+  services: docker
+  before_install:
+    - if [ -f .github/.ci.conf ]; then . .github/.ci.conf; fi
+  script:
+    - testpkgs=${TEST_PACKAGES:-$(go list ./... | grep -v examples)}
+    - |
+      docker run \
+        -u $(id -u):$(id -g) \
+        -e "GO111MODULE=on" \
+        -e "CGO_ENABLED=0" \
+        -v ${PWD}:/go/src/github.com/pion/$(basename ${PWD}) \
+        -v ${HOME}/gopath/pkg/mod:/go/pkg/mod \
+        -v ${HOME}/.cache/go-build:/.cache/go-build \
+        -w /go/src/github.com/pion/$(basename ${PWD}) \
+        -it i386/golang:${GO_VERSION}-alpine \
+        /usr/local/go/bin/go test \
+          ${TEST_EXTRA_ARGS:-} \
+          -v ${testpkgs}
+_test_wasm_job: &test_wasm_job
+  env: CACHE_NAME=wasm
+  language: node_js
+  node_js: 12
+  before_install:
+    - if [ -f .github/.ci.conf ]; then . .github/.ci.conf; fi
+    - if ${SKIP_WASM_TEST:-false}; then exit 0; fi
+  install:
+    # Manually download and install Go instead of using gimme.
+    # It looks like gimme Go causes some errors on go-test for Wasm.
+    - curl -sSfL https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz | tar -C ~ -xzf -
+    - export GOROOT=${HOME}/go
+    - export PATH=${GOROOT}/bin:${PATH}
+    - yarn install
+    - export GO_JS_WASM_EXEC=${GO_JS_WASM_EXEC:-${GOROOT}/misc/wasm/go_js_wasm_exec}
+  script:
+    - testpkgs=${TEST_PACKAGES:-$(go list ./... | grep -v examples)}
+    - coverpkgs=$(echo "${testpkgs}" | paste -s -d ',')
+    - |
+      GOOS=js GOARCH=wasm go test \
+        -coverpkg=${coverpkgs} -coverprofile=cover.out -covermode=atomic \
+        -exec="${GO_JS_WASM_EXEC}" \
+        -v ${testpkgs}
+  after_success:
+    - travis_retry bash <(curl -s https://codecov.io/bash) -c -F wasm
+
+jobs:
+  include:
+    - <<: *lint_job
+      name: Lint 1.14
+      go: 1.14
+    - <<: *test_job
+      name: Test 1.13
+      go: 1.13
+    - <<: *test_job
+      name: Test 1.14
+      go: 1.14
+    - <<: *test_i386_job
+      name: Test i386 1.13
+      env: GO_VERSION=1.13
+      go: 1.14  # Go version for host environment only for `go list`.
+                # All tests are done on the version specified by GO_VERSION.
+    - <<: *test_i386_job
+      name: Test i386 1.14
+      env: GO_VERSION=1.14
+      go: 1.14  # Go version for host environment only for `go list`.
+                # All tests are done on the version specified by GO_VERSION.
+    - <<: *test_wasm_job
+      name: Test WASM 1.13
+      env: GO_VERSION=1.13
+    - <<: *test_wasm_job
+      name: Test WASM 1.14
+      env: GO_VERSION=1.14
+
+notifications:
+  email: false
diff --git a/server/vendor/github.com/pion/randutil/LICENSE b/server/vendor/github.com/pion/randutil/LICENSE
new file mode 100644
index 0000000..5b5a394
--- /dev/null
+++ b/server/vendor/github.com/pion/randutil/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Pion
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/server/vendor/github.com/pion/randutil/README.md b/server/vendor/github.com/pion/randutil/README.md
new file mode 100644
index 0000000..94baf77
--- /dev/null
+++ b/server/vendor/github.com/pion/randutil/README.md
@@ -0,0 +1,14 @@
+# randutil
+Helper library for cryptographic and mathmatical randoms
+
+### Community
+Pion has an active community on the [Golang Slack](https://invite.slack.golangbridge.org/). Sign up and join the **#pion** channel for discussions and support. You can also use [Pion mailing list](https://groups.google.com/forum/#!forum/pion).
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the **[contributing wiki](https://github.com/pion/webrtc/wiki/Contributing)** to join the group of amazing people making this project possible:
+
+* [Atsushi Watanabe](https://github.com/at-wat) - *Original Author*
diff --git a/server/vendor/github.com/pion/randutil/codecov.yml b/server/vendor/github.com/pion/randutil/codecov.yml
new file mode 100644
index 0000000..085200a
--- /dev/null
+++ b/server/vendor/github.com/pion/randutil/codecov.yml
@@ -0,0 +1,20 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/randutil/crypto.go b/server/vendor/github.com/pion/randutil/crypto.go
new file mode 100644
index 0000000..d10df98
--- /dev/null
+++ b/server/vendor/github.com/pion/randutil/crypto.go
@@ -0,0 +1,30 @@
+package randutil
+
+import (
+	crand "crypto/rand"
+	"encoding/binary"
+	"math/big"
+)
+
+// GenerateCryptoRandomString generates a random string for cryptographic usage.
+func GenerateCryptoRandomString(n int, runes string) (string, error) {
+	letters := []rune(runes)
+	b := make([]rune, n)
+	for i := range b {
+		v, err := crand.Int(crand.Reader, big.NewInt(int64(len(letters))))
+		if err != nil {
+			return "", err
+		}
+		b[i] = letters[v.Int64()]
+	}
+	return string(b), nil
+}
+
+// CryptoUint64 returns cryptographic random uint64.
+func CryptoUint64() (uint64, error) {
+	var v uint64
+	if err := binary.Read(crand.Reader, binary.LittleEndian, &v); err != nil {
+		return 0, err
+	}
+	return v, nil
+}
diff --git a/server/vendor/github.com/pion/randutil/math.go b/server/vendor/github.com/pion/randutil/math.go
new file mode 100644
index 0000000..fbbf460
--- /dev/null
+++ b/server/vendor/github.com/pion/randutil/math.go
@@ -0,0 +1,72 @@
+package randutil
+
+import (
+	mrand "math/rand" // used for non-crypto unique ID and random port selection
+	"sync"
+	"time"
+)
+
+// MathRandomGenerator is a random generator for non-crypto usage.
+type MathRandomGenerator interface {
+	// Intn returns random integer within [0:n).
+	Intn(n int) int
+
+	// Uint32 returns random 32-bit unsigned integer.
+	Uint32() uint32
+
+	// Uint64 returns random 64-bit unsigned integer.
+	Uint64() uint64
+
+	// GenerateString returns ranom string using given set of runes.
+	// It can be used for generating unique ID to avoid name collision.
+	//
+	// Caution: DO NOT use this for cryptographic usage.
+	GenerateString(n int, runes string) string
+}
+
+type mathRandomGenerator struct {
+	r  *mrand.Rand
+	mu sync.Mutex
+}
+
+// NewMathRandomGenerator creates new mathmatical random generator.
+// Random generator is seeded by crypto random.
+func NewMathRandomGenerator() MathRandomGenerator {
+	seed, err := CryptoUint64()
+	if err != nil {
+		// crypto/rand is unavailable. Fallback to seed by time.
+		seed = uint64(time.Now().UnixNano())
+	}
+
+	return &mathRandomGenerator{r: mrand.New(mrand.NewSource(int64(seed)))}
+}
+
+func (g *mathRandomGenerator) Intn(n int) int {
+	g.mu.Lock()
+	v := g.r.Intn(n)
+	g.mu.Unlock()
+	return v
+}
+
+func (g *mathRandomGenerator) Uint32() uint32 {
+	g.mu.Lock()
+	v := g.r.Uint32()
+	g.mu.Unlock()
+	return v
+}
+
+func (g *mathRandomGenerator) Uint64() uint64 {
+	g.mu.Lock()
+	v := g.r.Uint64()
+	g.mu.Unlock()
+	return v
+}
+
+func (g *mathRandomGenerator) GenerateString(n int, runes string) string {
+	letters := []rune(runes)
+	b := make([]rune, n)
+	for i := range b {
+		b[i] = letters[g.Intn(len(letters))]
+	}
+	return string(b)
+}
diff --git a/server/vendor/github.com/pion/randutil/renovate.json b/server/vendor/github.com/pion/randutil/renovate.json
new file mode 100644
index 0000000..4400fd9
--- /dev/null
+++ b/server/vendor/github.com/pion/randutil/renovate.json
@@ -0,0 +1,15 @@
+{
+  "extends": [
+    "config:base"
+  ],
+  "postUpdateOptions": [
+    "gomodTidy"
+  ],
+  "commitBody": "Generated by renovateBot",
+  "packageRules": [
+    {
+      "packagePatterns": ["^golang.org/x/"],
+      "schedule": ["on the first day of the month"]
+    }
+  ]
+}
diff --git a/server/vendor/github.com/pion/rtcp/.gitignore b/server/vendor/github.com/pion/rtcp/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/rtcp/.golangci.yml b/server/vendor/github.com/pion/rtcp/.golangci.yml
new file mode 100644
index 0000000..6dd80c8
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/.golangci.yml
@@ -0,0 +1,126 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests and examples, better to be self contained
+    - path: (examples|main\.go|_test\.go)
+      linters:
+        - forbidigo
+        - gocognit
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/rtcp/.goreleaser.yml b/server/vendor/github.com/pion/rtcp/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/rtcp/LICENSE b/server/vendor/github.com/pion/rtcp/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/rtcp/README.md b/server/vendor/github.com/pion/rtcp/README.md
new file mode 100644
index 0000000..063574a
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/README.md
@@ -0,0 +1,37 @@
+<h1 align="center">
+  <br>
+  Pion RTCP
+  <br>
+</h1>
+<h4 align="center">A Go implementation of RTCP</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-rtcp-gray.svg?longCache=true&colorB=brightgreen" alt="Pion RTCP"></a>
+  <a href="https://sourcegraph.com/github.com/pion/rtcp?badge"><img src="https://sourcegraph.com/github.com/pion/rtcp/-/badge.svg" alt="Sourcegraph Widget"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/rtcp/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/rtcp"><img src="https://pkg.go.dev/badge/github.com/pion/rtcp.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/rtcp"><img src="https://codecov.io/gh/pion/rtcp/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/rtcp"><img src="https://goreportcard.com/badge/github.com/pion/rtcp" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+See [DESIGN.md](DESIGN.md) for an overview of features and future goals.
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/rtcp/codecov.yml b/server/vendor/github.com/pion/rtcp/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/rtcp/compound_packet.go b/server/vendor/github.com/pion/rtcp/compound_packet.go
new file mode 100644
index 0000000..a621c61
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/compound_packet.go
@@ -0,0 +1,161 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"fmt"
+	"strings"
+)
+
+// A CompoundPacket is a collection of RTCP packets transmitted as a single packet with
+// the underlying protocol (for example UDP).
+//
+// To maximize the resolution of receiption statistics, the first Packet in a CompoundPacket
+// must always be either a SenderReport or a ReceiverReport.  This is true even if no data
+// has been sent or received, in which case an empty ReceiverReport must be sent, and even
+// if the only other RTCP packet in the compound packet is a Goodbye.
+//
+// Next, a SourceDescription containing a CNAME item must be included in each CompoundPacket
+// to identify the source and to begin associating media for purposes such as lip-sync.
+//
+// Other RTCP packet types may follow in any order. Packet types may appear more than once.
+type CompoundPacket []Packet
+
+// Validate returns an error if this is not an RFC-compliant CompoundPacket.
+func (c CompoundPacket) Validate() error {
+	if len(c) == 0 {
+		return errEmptyCompound
+	}
+
+	// SenderReport and ReceiverReport are the only types that
+	// are allowed to be the first packet in a compound datagram
+	switch c[0].(type) {
+	case *SenderReport, *ReceiverReport:
+		// ok
+	default:
+		return errBadFirstPacket
+	}
+
+	for _, pkt := range c[1:] {
+		switch p := pkt.(type) {
+		// If the number of RecetpionReports exceeds 31 additional ReceiverReports
+		// can be included here.
+		case *ReceiverReport:
+			continue
+
+		// A SourceDescription containing a CNAME must be included in every
+		// CompoundPacket.
+		case *SourceDescription:
+			var hasCNAME bool
+			for _, c := range p.Chunks {
+				for _, it := range c.Items {
+					if it.Type == SDESCNAME {
+						hasCNAME = true
+					}
+				}
+			}
+
+			if !hasCNAME {
+				return errMissingCNAME
+			}
+
+			return nil
+
+		// Other packets are not permitted before the CNAME
+		default:
+			return errPacketBeforeCNAME
+		}
+	}
+
+	// CNAME never reached
+	return errMissingCNAME
+}
+
+// CNAME returns the CNAME that *must* be present in every CompoundPacket
+func (c CompoundPacket) CNAME() (string, error) {
+	var err error
+
+	if len(c) < 1 {
+		return "", errEmptyCompound
+	}
+
+	for _, pkt := range c[1:] {
+		sdes, ok := pkt.(*SourceDescription)
+		if ok {
+			for _, c := range sdes.Chunks {
+				for _, it := range c.Items {
+					if it.Type == SDESCNAME {
+						return it.Text, err
+					}
+				}
+			}
+		} else {
+			_, ok := pkt.(*ReceiverReport)
+			if !ok {
+				err = errPacketBeforeCNAME
+			}
+		}
+	}
+	return "", errMissingCNAME
+}
+
+// Marshal encodes the CompoundPacket as binary.
+func (c CompoundPacket) Marshal() ([]byte, error) {
+	if err := c.Validate(); err != nil {
+		return nil, err
+	}
+
+	p := []Packet(c)
+	return Marshal(p)
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (c CompoundPacket) MarshalSize() int {
+	l := 0
+	for _, p := range c {
+		l += p.MarshalSize()
+	}
+	return l
+}
+
+// Unmarshal decodes a CompoundPacket from binary.
+func (c *CompoundPacket) Unmarshal(rawData []byte) error {
+	out := make(CompoundPacket, 0)
+	for len(rawData) != 0 {
+		p, processed, err := unmarshal(rawData)
+		if err != nil {
+			return err
+		}
+
+		out = append(out, p)
+		rawData = rawData[processed:]
+	}
+	*c = out
+
+	return c.Validate()
+}
+
+// DestinationSSRC returns the synchronization sources associated with this
+// CompoundPacket's reception report.
+func (c CompoundPacket) DestinationSSRC() []uint32 {
+	if len(c) == 0 {
+		return nil
+	}
+
+	return c[0].DestinationSSRC()
+}
+
+func (c CompoundPacket) String() string {
+	out := "CompoundPacket\n"
+	for _, p := range c {
+		stringer, canString := p.(fmt.Stringer)
+		if canString {
+			out += stringer.String()
+		} else {
+			out += stringify(p)
+		}
+	}
+	out = strings.TrimSuffix(strings.ReplaceAll(out, "\n", "\n\t"), "\t")
+	return out
+}
diff --git a/server/vendor/github.com/pion/rtcp/doc.go b/server/vendor/github.com/pion/rtcp/doc.go
new file mode 100644
index 0000000..22f06cc
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/doc.go
@@ -0,0 +1,42 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+/*
+Package rtcp implements encoding and decoding of RTCP packets according to RFCs 3550 and 5506.
+
+RTCP is a sister protocol of the Real-time Transport Protocol (RTP). Its basic functionality
+and packet structure is defined in RFC 3550. RTCP provides out-of-band statistics and control
+information for an RTP session. It partners with RTP in the delivery and packaging of multimedia data,
+but does not transport any media data itself.
+
+The primary function of RTCP is to provide feedback on the quality of service (QoS)
+in media distribution by periodically sending statistics information such as transmitted octet
+and packet counts, packet loss, packet delay variation, and round-trip delay time to participants
+in a streaming multimedia session. An application may use this information to control quality of
+service parameters, perhaps by limiting flow, or using a different codec.
+
+Decoding RTCP packets:
+
+	pkts, err := rtcp.Unmarshal(rtcpData)
+	// ...
+	for _, pkt := range pkts {
+		switch p := pkt.(type) {
+		case *rtcp.CompoundPacket:
+			...
+		case *rtcp.PictureLossIndication:
+			...
+		default:
+			...
+		}
+	}
+
+Encoding RTCP packets:
+
+	pkt := &rtcp.PictureLossIndication{
+		SenderSSRC: senderSSRC,
+		MediaSSRC: mediaSSRC
+	}
+	pliData, err := pkt.Marshal()
+	// ...
+*/
+package rtcp
diff --git a/server/vendor/github.com/pion/rtcp/errors.go b/server/vendor/github.com/pion/rtcp/errors.go
new file mode 100644
index 0000000..d2477af
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/errors.go
@@ -0,0 +1,38 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import "errors"
+
+var (
+	errWrongMarshalSize         = errors.New("rtcp: wrong marshal size")
+	errInvalidTotalLost         = errors.New("rtcp: invalid total lost count")
+	errInvalidHeader            = errors.New("rtcp: invalid header")
+	errEmptyCompound            = errors.New("rtcp: empty compound packet")
+	errBadFirstPacket           = errors.New("rtcp: first packet in compound must be SR or RR")
+	errMissingCNAME             = errors.New("rtcp: compound missing SourceDescription with CNAME")
+	errPacketBeforeCNAME        = errors.New("rtcp: feedback packet seen before CNAME")
+	errTooManyReports           = errors.New("rtcp: too many reports")
+	errTooManyChunks            = errors.New("rtcp: too many chunks")
+	errTooManySources           = errors.New("rtcp: too many sources")
+	errPacketTooShort           = errors.New("rtcp: packet too short")
+	errWrongType                = errors.New("rtcp: wrong packet type")
+	errSDESTextTooLong          = errors.New("rtcp: sdes must be < 255 octets long")
+	errSDESMissingType          = errors.New("rtcp: sdes item missing type")
+	errReasonTooLong            = errors.New("rtcp: reason must be < 255 octets long")
+	errBadVersion               = errors.New("rtcp: invalid packet version")
+	errBadLength                = errors.New("rtcp: invalid packet length")
+	errWrongPadding             = errors.New("rtcp: invalid padding value")
+	errWrongFeedbackType        = errors.New("rtcp: wrong feedback message type")
+	errWrongPayloadType         = errors.New("rtcp: wrong payload type")
+	errHeaderTooSmall           = errors.New("rtcp: header length is too small")
+	errSSRCMustBeZero           = errors.New("rtcp: media SSRC must be 0")
+	errMissingREMBidentifier    = errors.New("missing REMB identifier")
+	errSSRCNumAndLengthMismatch = errors.New("SSRC num and length do not match")
+	errInvalidSizeOrStartIndex  = errors.New("invalid size or startIndex")
+	errInvalidBitrate           = errors.New("invalid bitrate")
+	errWrongChunkType           = errors.New("rtcp: wrong chunk type")
+	errBadStructMemberType      = errors.New("rtcp: struct contains unexpected member type")
+	errBadReadParameter         = errors.New("rtcp: cannot read into non-pointer")
+)
diff --git a/server/vendor/github.com/pion/rtcp/extended_report.go b/server/vendor/github.com/pion/rtcp/extended_report.go
new file mode 100644
index 0000000..0f9ee2c
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/extended_report.go
@@ -0,0 +1,659 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"fmt"
+)
+
+// The ExtendedReport packet is an Implementation of RTCP Extended
+// Reports defined in RFC 3611. It is used to convey detailed
+// information about an RTP stream. Each packet contains one or
+// more report blocks, each of which conveys a different kind of
+// information.
+//
+//	0                   1                   2                   3
+//	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |V=2|P|reserved |   PT=XR=207   |             length            |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                              SSRC                             |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// :                         report blocks                         :
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type ExtendedReport struct {
+	SenderSSRC uint32 `fmt:"0x%X"`
+	Reports    []ReportBlock
+}
+
+// ReportBlock represents a single report within an ExtendedReport
+// packet
+type ReportBlock interface {
+	DestinationSSRC() []uint32
+	setupBlockHeader()
+	unpackBlockHeader()
+}
+
+// TypeSpecificField as described in RFC 3611 section 4.5. In typical
+// cases, users of ExtendedReports shouldn't need to access this,
+// and should instead use the corresponding fields in the actual
+// report blocks themselves.
+type TypeSpecificField uint8
+
+// XRHeader defines the common fields that must appear at the start
+// of each report block. In typical cases, users of ExtendedReports
+// shouldn't need to access this. For locally-constructed report
+// blocks, these values will not be accurate until the corresponding
+// packet is marshaled.
+type XRHeader struct {
+	BlockType    BlockTypeType
+	TypeSpecific TypeSpecificField `fmt:"0x%X"`
+	BlockLength  uint16
+}
+
+// BlockTypeType specifies the type of report in a report block
+type BlockTypeType uint8
+
+// Extended Report block types from RFC 3611.
+const (
+	LossRLEReportBlockType               = 1 // RFC 3611, section 4.1
+	DuplicateRLEReportBlockType          = 2 // RFC 3611, section 4.2
+	PacketReceiptTimesReportBlockType    = 3 // RFC 3611, section 4.3
+	ReceiverReferenceTimeReportBlockType = 4 // RFC 3611, section 4.4
+	DLRRReportBlockType                  = 5 // RFC 3611, section 4.5
+	StatisticsSummaryReportBlockType     = 6 // RFC 3611, section 4.6
+	VoIPMetricsReportBlockType           = 7 // RFC 3611, section 4.7
+)
+
+// String converts the Extended report block types into readable strings
+func (t BlockTypeType) String() string {
+	switch t {
+	case LossRLEReportBlockType:
+		return "LossRLEReportBlockType"
+	case DuplicateRLEReportBlockType:
+		return "DuplicateRLEReportBlockType"
+	case PacketReceiptTimesReportBlockType:
+		return "PacketReceiptTimesReportBlockType"
+	case ReceiverReferenceTimeReportBlockType:
+		return "ReceiverReferenceTimeReportBlockType"
+	case DLRRReportBlockType:
+		return "DLRRReportBlockType"
+	case StatisticsSummaryReportBlockType:
+		return "StatisticsSummaryReportBlockType"
+	case VoIPMetricsReportBlockType:
+		return "VoIPMetricsReportBlockType"
+	}
+	return fmt.Sprintf("invalid value %d", t)
+}
+
+// rleReportBlock defines the common structure used by both
+// Loss RLE report blocks (RFC 3611 §4.1) and Duplicate RLE
+// report blocks (RFC 3611 §4.2).
+//
+//	0                   1                   2                   3
+//	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |  BT = 1 or 2  | rsvd. |   T   |         block length          |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                        SSRC of source                         |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          begin_seq            |             end_seq           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          chunk 1              |             chunk 2           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// :                              ...                              :
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          chunk n-1            |             chunk n           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type rleReportBlock struct {
+	XRHeader
+	T        uint8  `encoding:"omit"`
+	SSRC     uint32 `fmt:"0x%X"`
+	BeginSeq uint16
+	EndSeq   uint16
+	Chunks   []Chunk
+}
+
+// Chunk as defined in RFC 3611, section 4.1. These represent information
+// about packet losses and packet duplication. They have three representations:
+//
+// Run Length Chunk:
+//
+//	 0                   1
+//	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+//	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//	|C|R|        run length         |
+//	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+// Bit Vector Chunk:
+//
+//	 0                   1
+//	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+//	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//	|C|        bit vector           |
+//	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+// Terminating Null Chunk:
+//
+//	 0                   1
+//	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+//	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//	|0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0|
+//	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type Chunk uint16
+
+// LossRLEReportBlock is used to report information about packet
+// losses, as described in RFC 3611, section 4.1
+type LossRLEReportBlock rleReportBlock
+
+// DestinationSSRC returns an array of SSRC values that this report block refers to.
+func (b *LossRLEReportBlock) DestinationSSRC() []uint32 {
+	return []uint32{b.SSRC}
+}
+
+func (b *LossRLEReportBlock) setupBlockHeader() {
+	b.XRHeader.BlockType = LossRLEReportBlockType
+	b.XRHeader.TypeSpecific = TypeSpecificField(b.T & 0x0F)
+	b.XRHeader.BlockLength = uint16(wireSize(b)/4 - 1)
+}
+
+func (b *LossRLEReportBlock) unpackBlockHeader() {
+	b.T = uint8(b.XRHeader.TypeSpecific) & 0x0F
+}
+
+// DuplicateRLEReportBlock is used to report information about packet
+// duplication, as described in RFC 3611, section 4.1
+type DuplicateRLEReportBlock rleReportBlock
+
+// DestinationSSRC returns an array of SSRC values that this report block refers to.
+func (b *DuplicateRLEReportBlock) DestinationSSRC() []uint32 {
+	return []uint32{b.SSRC}
+}
+
+func (b *DuplicateRLEReportBlock) setupBlockHeader() {
+	b.XRHeader.BlockType = DuplicateRLEReportBlockType
+	b.XRHeader.TypeSpecific = TypeSpecificField(b.T & 0x0F)
+	b.XRHeader.BlockLength = uint16(wireSize(b)/4 - 1)
+}
+
+func (b *DuplicateRLEReportBlock) unpackBlockHeader() {
+	b.T = uint8(b.XRHeader.TypeSpecific) & 0x0F
+}
+
+// ChunkType enumerates the three kinds of chunks described in RFC 3611 section 4.1.
+type ChunkType uint8
+
+// These are the valid values that ChunkType can assume
+const (
+	RunLengthChunkType       = 0
+	BitVectorChunkType       = 1
+	TerminatingNullChunkType = 2
+)
+
+func (c Chunk) String() string {
+	switch c.Type() {
+	case RunLengthChunkType:
+		runType, _ := c.RunType()
+		return fmt.Sprintf("[RunLength type=%d, length=%d]", runType, c.Value())
+	case BitVectorChunkType:
+		return fmt.Sprintf("[BitVector 0b%015b]", c.Value())
+	case TerminatingNullChunkType:
+		return "[TerminatingNull]"
+	}
+	return fmt.Sprintf("[0x%X]", uint16(c))
+}
+
+// Type returns the ChunkType that this Chunk represents
+func (c Chunk) Type() ChunkType {
+	if c == 0 {
+		return TerminatingNullChunkType
+	}
+	return ChunkType(c >> 15)
+}
+
+// RunType returns the RunType that this Chunk represents. It is
+// only valid if ChunkType is RunLengthChunkType.
+func (c Chunk) RunType() (uint, error) {
+	if c.Type() != RunLengthChunkType {
+		return 0, errWrongChunkType
+	}
+	return uint((c >> 14) & 0x01), nil
+}
+
+// Value returns the value represented in this Chunk
+func (c Chunk) Value() uint {
+	switch c.Type() {
+	case RunLengthChunkType:
+		return uint(c & 0x3FFF)
+	case BitVectorChunkType:
+		return uint(c & 0x7FFF)
+	case TerminatingNullChunkType:
+		return 0
+	}
+	return uint(c)
+}
+
+// PacketReceiptTimesReportBlock represents a Packet Receipt Times
+// report block, as described in RFC 3611 section 4.3.
+//
+//	0                   1                   2                   3
+//	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |     BT=3      | rsvd. |   T   |         block length          |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                        SSRC of source                         |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          begin_seq            |             end_seq           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |       Receipt time of packet begin_seq                        |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |       Receipt time of packet (begin_seq + 1) mod 65536        |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// :                              ...                              :
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |       Receipt time of packet (end_seq - 1) mod 65536          |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type PacketReceiptTimesReportBlock struct {
+	XRHeader
+	T           uint8  `encoding:"omit"`
+	SSRC        uint32 `fmt:"0x%X"`
+	BeginSeq    uint16
+	EndSeq      uint16
+	ReceiptTime []uint32
+}
+
+// DestinationSSRC returns an array of SSRC values that this report block refers to.
+func (b *PacketReceiptTimesReportBlock) DestinationSSRC() []uint32 {
+	return []uint32{b.SSRC}
+}
+
+func (b *PacketReceiptTimesReportBlock) setupBlockHeader() {
+	b.XRHeader.BlockType = PacketReceiptTimesReportBlockType
+	b.XRHeader.TypeSpecific = TypeSpecificField(b.T & 0x0F)
+	b.XRHeader.BlockLength = uint16(wireSize(b)/4 - 1)
+}
+
+func (b *PacketReceiptTimesReportBlock) unpackBlockHeader() {
+	b.T = uint8(b.XRHeader.TypeSpecific) & 0x0F
+}
+
+// ReceiverReferenceTimeReportBlock encodes a Receiver Reference Time
+// report block as described in RFC 3611 section 4.4.
+//
+//	0                   1                   2                   3
+//	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |     BT=4      |   reserved    |       block length = 2        |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |              NTP timestamp, most significant word             |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |             NTP timestamp, least significant word             |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type ReceiverReferenceTimeReportBlock struct {
+	XRHeader
+	NTPTimestamp uint64
+}
+
+// DestinationSSRC returns an array of SSRC values that this report block refers to.
+func (b *ReceiverReferenceTimeReportBlock) DestinationSSRC() []uint32 {
+	return []uint32{}
+}
+
+func (b *ReceiverReferenceTimeReportBlock) setupBlockHeader() {
+	b.XRHeader.BlockType = ReceiverReferenceTimeReportBlockType
+	b.XRHeader.TypeSpecific = 0
+	b.XRHeader.BlockLength = uint16(wireSize(b)/4 - 1)
+}
+
+func (b *ReceiverReferenceTimeReportBlock) unpackBlockHeader() {
+}
+
+// DLRRReportBlock encodes a DLRR Report Block as described in
+// RFC 3611 section 4.5.
+//
+//	0                   1                   2                   3
+//	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |     BT=5      |   reserved    |         block length          |
+// +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+// |                 SSRC_1 (SSRC of first receiver)               | sub-
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ block
+// |                         last RR (LRR)                         |   1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                   delay since last RR (DLRR)                  |
+// +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+// |                 SSRC_2 (SSRC of second receiver)              | sub-
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ block
+// :                               ...                             :   2
+// +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+type DLRRReportBlock struct {
+	XRHeader
+	Reports []DLRRReport
+}
+
+// DLRRReport encodes a single report inside a DLRRReportBlock.
+type DLRRReport struct {
+	SSRC   uint32 `fmt:"0x%X"`
+	LastRR uint32
+	DLRR   uint32
+}
+
+// DestinationSSRC returns an array of SSRC values that this report block refers to.
+func (b *DLRRReportBlock) DestinationSSRC() []uint32 {
+	ssrc := make([]uint32, len(b.Reports))
+	for i, r := range b.Reports {
+		ssrc[i] = r.SSRC
+	}
+	return ssrc
+}
+
+func (b *DLRRReportBlock) setupBlockHeader() {
+	b.XRHeader.BlockType = DLRRReportBlockType
+	b.XRHeader.TypeSpecific = 0
+	b.XRHeader.BlockLength = uint16(wireSize(b)/4 - 1)
+}
+
+func (b *DLRRReportBlock) unpackBlockHeader() {
+}
+
+// StatisticsSummaryReportBlock encodes a Statistics Summary Report
+// Block as described in RFC 3611, section 4.6.
+//
+//	0                   1                   2                   3
+//	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |     BT=6      |L|D|J|ToH|rsvd.|       block length = 9        |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                        SSRC of source                         |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          begin_seq            |             end_seq           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                        lost_packets                           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                        dup_packets                            |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                         min_jitter                            |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                         max_jitter                            |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                         mean_jitter                           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                         dev_jitter                            |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// | min_ttl_or_hl | max_ttl_or_hl |mean_ttl_or_hl | dev_ttl_or_hl |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type StatisticsSummaryReportBlock struct {
+	XRHeader
+	LossReports      bool              `encoding:"omit"`
+	DuplicateReports bool              `encoding:"omit"`
+	JitterReports    bool              `encoding:"omit"`
+	TTLorHopLimit    TTLorHopLimitType `encoding:"omit"`
+	SSRC             uint32            `fmt:"0x%X"`
+	BeginSeq         uint16
+	EndSeq           uint16
+	LostPackets      uint32
+	DupPackets       uint32
+	MinJitter        uint32
+	MaxJitter        uint32
+	MeanJitter       uint32
+	DevJitter        uint32
+	MinTTLOrHL       uint8
+	MaxTTLOrHL       uint8
+	MeanTTLOrHL      uint8
+	DevTTLOrHL       uint8
+}
+
+// TTLorHopLimitType encodes values for the ToH field in
+// a StatisticsSummaryReportBlock
+type TTLorHopLimitType uint8
+
+// Values for TTLorHopLimitType
+const (
+	ToHMissing = 0
+	ToHIPv4    = 1
+	ToHIPv6    = 2
+)
+
+func (t TTLorHopLimitType) String() string {
+	switch t {
+	case ToHMissing:
+		return "[ToH Missing]"
+	case ToHIPv4:
+		return "[ToH = IPv4]"
+	case ToHIPv6:
+		return "[ToH = IPv6]"
+	}
+	return "[ToH Flag is Invalid]"
+}
+
+// DestinationSSRC returns an array of SSRC values that this report block refers to.
+func (b *StatisticsSummaryReportBlock) DestinationSSRC() []uint32 {
+	return []uint32{b.SSRC}
+}
+
+func (b *StatisticsSummaryReportBlock) setupBlockHeader() {
+	b.XRHeader.BlockType = StatisticsSummaryReportBlockType
+	b.XRHeader.TypeSpecific = 0x00
+	if b.LossReports {
+		b.XRHeader.TypeSpecific |= 0x80
+	}
+	if b.DuplicateReports {
+		b.XRHeader.TypeSpecific |= 0x40
+	}
+	if b.JitterReports {
+		b.XRHeader.TypeSpecific |= 0x20
+	}
+	b.XRHeader.TypeSpecific |= TypeSpecificField((b.TTLorHopLimit & 0x03) << 3)
+	b.XRHeader.BlockLength = uint16(wireSize(b)/4 - 1)
+}
+
+func (b *StatisticsSummaryReportBlock) unpackBlockHeader() {
+	b.LossReports = b.XRHeader.TypeSpecific&0x80 != 0
+	b.DuplicateReports = b.XRHeader.TypeSpecific&0x40 != 0
+	b.JitterReports = b.XRHeader.TypeSpecific&0x20 != 0
+	b.TTLorHopLimit = TTLorHopLimitType((b.XRHeader.TypeSpecific & 0x18) >> 3)
+}
+
+// VoIPMetricsReportBlock encodes a VoIP Metrics Report Block as described
+// in RFC 3611, section 4.7.
+//
+//	0                   1                   2                   3
+//	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |     BT=7      |   reserved    |       block length = 8        |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                        SSRC of source                         |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |   loss rate   | discard rate  | burst density |  gap density  |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |       burst duration          |         gap duration          |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |     round trip delay          |       end system delay        |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// | signal level  |  noise level  |     RERL      |     Gmin      |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |   R factor    | ext. R factor |    MOS-LQ     |    MOS-CQ     |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |   RX config   |   reserved    |          JB nominal           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          JB maximum           |          JB abs max           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type VoIPMetricsReportBlock struct {
+	XRHeader
+	SSRC           uint32 `fmt:"0x%X"`
+	LossRate       uint8
+	DiscardRate    uint8
+	BurstDensity   uint8
+	GapDensity     uint8
+	BurstDuration  uint16
+	GapDuration    uint16
+	RoundTripDelay uint16
+	EndSystemDelay uint16
+	SignalLevel    uint8
+	NoiseLevel     uint8
+	RERL           uint8
+	Gmin           uint8
+	RFactor        uint8
+	ExtRFactor     uint8
+	MOSLQ          uint8
+	MOSCQ          uint8
+	RXConfig       uint8
+	_              uint8
+	JBNominal      uint16
+	JBMaximum      uint16
+	JBAbsMax       uint16
+}
+
+// DestinationSSRC returns an array of SSRC values that this report block refers to.
+func (b *VoIPMetricsReportBlock) DestinationSSRC() []uint32 {
+	return []uint32{b.SSRC}
+}
+
+func (b *VoIPMetricsReportBlock) setupBlockHeader() {
+	b.XRHeader.BlockType = VoIPMetricsReportBlockType
+	b.XRHeader.TypeSpecific = 0
+	b.XRHeader.BlockLength = uint16(wireSize(b)/4 - 1)
+}
+
+func (b *VoIPMetricsReportBlock) unpackBlockHeader() {
+}
+
+// UnknownReportBlock is used to store bytes for any report block
+// that has an unknown Report Block Type.
+type UnknownReportBlock struct {
+	XRHeader
+	Bytes []byte
+}
+
+// DestinationSSRC returns an array of SSRC values that this report block refers to.
+func (b *UnknownReportBlock) DestinationSSRC() []uint32 {
+	return []uint32{}
+}
+
+func (b *UnknownReportBlock) setupBlockHeader() {
+	b.XRHeader.BlockLength = uint16(wireSize(b)/4 - 1)
+}
+
+func (b *UnknownReportBlock) unpackBlockHeader() {
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (x ExtendedReport) MarshalSize() int {
+	return wireSize(x)
+}
+
+// Marshal encodes the ExtendedReport in binary
+func (x ExtendedReport) Marshal() ([]byte, error) {
+	for _, p := range x.Reports {
+		p.setupBlockHeader()
+	}
+
+	length := wireSize(x)
+
+	// RTCP Header
+	header := Header{
+		Type:   TypeExtendedReport,
+		Length: uint16(length / 4),
+	}
+	headerBuffer, err := header.Marshal()
+	if err != nil {
+		return []byte{}, err
+	}
+	length += len(headerBuffer)
+
+	rawPacket := make([]byte, length)
+	buffer := packetBuffer{bytes: rawPacket}
+
+	err = buffer.write(headerBuffer)
+	if err != nil {
+		return []byte{}, err
+	}
+	err = buffer.write(x)
+	if err != nil {
+		return []byte{}, err
+	}
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the ExtendedReport from binary
+func (x *ExtendedReport) Unmarshal(b []byte) error {
+	var header Header
+	if err := header.Unmarshal(b); err != nil {
+		return err
+	}
+	if header.Type != TypeExtendedReport {
+		return errWrongType
+	}
+
+	buffer := packetBuffer{bytes: b[headerLength:]}
+	err := buffer.read(&x.SenderSSRC)
+	if err != nil {
+		return err
+	}
+
+	for len(buffer.bytes) > 0 {
+		var block ReportBlock
+
+		headerBuffer := buffer
+		xrHeader := XRHeader{}
+		err = headerBuffer.read(&xrHeader)
+		if err != nil {
+			return err
+		}
+
+		switch xrHeader.BlockType {
+		case LossRLEReportBlockType:
+			block = new(LossRLEReportBlock)
+		case DuplicateRLEReportBlockType:
+			block = new(DuplicateRLEReportBlock)
+		case PacketReceiptTimesReportBlockType:
+			block = new(PacketReceiptTimesReportBlock)
+		case ReceiverReferenceTimeReportBlockType:
+			block = new(ReceiverReferenceTimeReportBlock)
+		case DLRRReportBlockType:
+			block = new(DLRRReportBlock)
+		case StatisticsSummaryReportBlockType:
+			block = new(StatisticsSummaryReportBlock)
+		case VoIPMetricsReportBlockType:
+			block = new(VoIPMetricsReportBlock)
+		default:
+			block = new(UnknownReportBlock)
+		}
+
+		// We need to limit the amount of data available to
+		// this block to the actual length of the block
+		blockLength := (int(xrHeader.BlockLength) + 1) * 4
+		blockBuffer := buffer.split(blockLength)
+		err = blockBuffer.read(block)
+		if err != nil {
+			return err
+		}
+		block.unpackBlockHeader()
+		x.Reports = append(x.Reports, block)
+	}
+
+	return nil
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (x *ExtendedReport) DestinationSSRC() []uint32 {
+	ssrc := make([]uint32, 0, len(x.Reports)+1)
+	ssrc = append(ssrc, x.SenderSSRC)
+	for _, p := range x.Reports {
+		ssrc = append(ssrc, p.DestinationSSRC()...)
+	}
+	return ssrc
+}
+
+func (x *ExtendedReport) String() string {
+	return stringify(x)
+}
diff --git a/server/vendor/github.com/pion/rtcp/full_intra_request.go b/server/vendor/github.com/pion/rtcp/full_intra_request.go
new file mode 100644
index 0000000..7c67c50
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/full_intra_request.go
@@ -0,0 +1,116 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+// A FIREntry is a (SSRC, seqno) pair, as carried by FullIntraRequest.
+type FIREntry struct {
+	SSRC           uint32
+	SequenceNumber uint8
+}
+
+// The FullIntraRequest packet is used to reliably request an Intra frame
+// in a video stream.  See RFC 5104 Section 3.5.1.  This is not for loss
+// recovery, which should use PictureLossIndication (PLI) instead.
+type FullIntraRequest struct {
+	SenderSSRC uint32
+	MediaSSRC  uint32
+
+	FIR []FIREntry
+}
+
+const (
+	firOffset = 8
+)
+
+var _ Packet = (*FullIntraRequest)(nil)
+
+// Marshal encodes the FullIntraRequest
+func (p FullIntraRequest) Marshal() ([]byte, error) {
+	rawPacket := make([]byte, firOffset+(len(p.FIR)*8))
+	binary.BigEndian.PutUint32(rawPacket, p.SenderSSRC)
+	binary.BigEndian.PutUint32(rawPacket[4:], p.MediaSSRC)
+	for i, fir := range p.FIR {
+		binary.BigEndian.PutUint32(rawPacket[firOffset+8*i:], fir.SSRC)
+		rawPacket[firOffset+8*i+4] = fir.SequenceNumber
+	}
+	h := p.Header()
+	hData, err := h.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	return append(hData, rawPacket...), nil
+}
+
+// Unmarshal decodes the TransportLayerNack
+func (p *FullIntraRequest) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < (headerLength + ssrcLength) {
+		return errPacketTooShort
+	}
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if len(rawPacket) < (headerLength + int(4*h.Length)) {
+		return errPacketTooShort
+	}
+
+	if h.Type != TypePayloadSpecificFeedback || h.Count != FormatFIR {
+		return errWrongType
+	}
+
+	// The FCI field MUST contain one or more FIR entries
+	if 4*h.Length-firOffset <= 0 || (4*h.Length)%8 != 0 {
+		return errBadLength
+	}
+
+	p.SenderSSRC = binary.BigEndian.Uint32(rawPacket[headerLength:])
+	p.MediaSSRC = binary.BigEndian.Uint32(rawPacket[headerLength+ssrcLength:])
+	for i := headerLength + firOffset; i < (headerLength + int(h.Length*4)); i += 8 {
+		p.FIR = append(p.FIR, FIREntry{
+			binary.BigEndian.Uint32(rawPacket[i:]),
+			rawPacket[i+4],
+		})
+	}
+	return nil
+}
+
+// Header returns the Header associated with this packet.
+func (p *FullIntraRequest) Header() Header {
+	return Header{
+		Count:  FormatFIR,
+		Type:   TypePayloadSpecificFeedback,
+		Length: uint16((p.MarshalSize() / 4) - 1),
+	}
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (p *FullIntraRequest) MarshalSize() int {
+	return headerLength + firOffset + len(p.FIR)*8
+}
+
+func (p *FullIntraRequest) String() string {
+	out := fmt.Sprintf("FullIntraRequest %x %x",
+		p.SenderSSRC, p.MediaSSRC)
+	for _, e := range p.FIR {
+		out += fmt.Sprintf(" (%x %v)", e.SSRC, e.SequenceNumber)
+	}
+	return out
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (p *FullIntraRequest) DestinationSSRC() []uint32 {
+	ssrcs := make([]uint32, 0, len(p.FIR))
+	for _, entry := range p.FIR {
+		ssrcs = append(ssrcs, entry.SSRC)
+	}
+	return ssrcs
+}
diff --git a/server/vendor/github.com/pion/rtcp/goodbye.go b/server/vendor/github.com/pion/rtcp/goodbye.go
new file mode 100644
index 0000000..bda1785
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/goodbye.go
@@ -0,0 +1,159 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+// The Goodbye packet indicates that one or more sources are no longer active.
+type Goodbye struct {
+	// The SSRC/CSRC identifiers that are no longer active
+	Sources []uint32
+	// Optional text indicating the reason for leaving, e.g., "camera malfunction" or "RTP loop detected"
+	Reason string
+}
+
+// Marshal encodes the Goodbye packet in binary
+func (g Goodbye) Marshal() ([]byte, error) {
+	/*
+	 *        0                   1                   2                   3
+	 *        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *       |V=2|P|    SC   |   PT=BYE=203  |             length            |
+	 *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *       |                           SSRC/CSRC                           |
+	 *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *       :                              ...                              :
+	 *       +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * (opt) |     length    |               reason for leaving            ...
+	 *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	rawPacket := make([]byte, g.MarshalSize())
+	packetBody := rawPacket[headerLength:]
+
+	if len(g.Sources) > countMax {
+		return nil, errTooManySources
+	}
+
+	for i, s := range g.Sources {
+		binary.BigEndian.PutUint32(packetBody[i*ssrcLength:], s)
+	}
+
+	if g.Reason != "" {
+		reason := []byte(g.Reason)
+
+		if len(reason) > sdesMaxOctetCount {
+			return nil, errReasonTooLong
+		}
+
+		reasonOffset := len(g.Sources) * ssrcLength
+		packetBody[reasonOffset] = uint8(len(reason))
+		copy(packetBody[reasonOffset+1:], reason)
+	}
+
+	hData, err := g.Header().Marshal()
+	if err != nil {
+		return nil, err
+	}
+	copy(rawPacket, hData)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the Goodbye packet from binary
+func (g *Goodbye) Unmarshal(rawPacket []byte) error {
+	/*
+	 *        0                   1                   2                   3
+	 *        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *       |V=2|P|    SC   |   PT=BYE=203  |             length            |
+	 *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *       |                           SSRC/CSRC                           |
+	 *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *       :                              ...                              :
+	 *       +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * (opt) |     length    |               reason for leaving            ...
+	 *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	var header Header
+	if err := header.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if header.Type != TypeGoodbye {
+		return errWrongType
+	}
+
+	if getPadding(len(rawPacket)) != 0 {
+		return errPacketTooShort
+	}
+
+	g.Sources = make([]uint32, header.Count)
+
+	reasonOffset := int(headerLength + header.Count*ssrcLength)
+	if reasonOffset > len(rawPacket) {
+		return errPacketTooShort
+	}
+
+	for i := 0; i < int(header.Count); i++ {
+		offset := headerLength + i*ssrcLength
+
+		g.Sources[i] = binary.BigEndian.Uint32(rawPacket[offset:])
+	}
+
+	if reasonOffset < len(rawPacket) {
+		reasonLen := int(rawPacket[reasonOffset])
+		reasonEnd := reasonOffset + 1 + reasonLen
+
+		if reasonEnd > len(rawPacket) {
+			return errPacketTooShort
+		}
+
+		g.Reason = string(rawPacket[reasonOffset+1 : reasonEnd])
+	}
+
+	return nil
+}
+
+// Header returns the Header associated with this packet.
+func (g *Goodbye) Header() Header {
+	return Header{
+		Padding: false,
+		Count:   uint8(len(g.Sources)),
+		Type:    TypeGoodbye,
+		Length:  uint16((g.MarshalSize() / 4) - 1),
+	}
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (g *Goodbye) MarshalSize() int {
+	srcsLength := len(g.Sources) * ssrcLength
+	reasonLength := len(g.Reason) + 1
+
+	l := headerLength + srcsLength + reasonLength
+
+	// align to 32-bit boundary
+	return l + getPadding(l)
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (g *Goodbye) DestinationSSRC() []uint32 {
+	out := make([]uint32, len(g.Sources))
+	copy(out, g.Sources)
+	return out
+}
+
+func (g Goodbye) String() string {
+	out := "Goodbye\n"
+	for i, s := range g.Sources {
+		out += fmt.Sprintf("\tSource %d: %x\n", i, s)
+	}
+	out += fmt.Sprintf("\tReason: %s\n", g.Reason)
+
+	return out
+}
diff --git a/server/vendor/github.com/pion/rtcp/header.go b/server/vendor/github.com/pion/rtcp/header.go
new file mode 100644
index 0000000..534c82f
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/header.go
@@ -0,0 +1,147 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+)
+
+// PacketType specifies the type of an RTCP packet
+type PacketType uint8
+
+// RTCP packet types registered with IANA. See: https://www.iana.org/assignments/rtp-parameters/rtp-parameters.xhtml#rtp-parameters-4
+const (
+	TypeSenderReport              PacketType = 200 // RFC 3550, 6.4.1
+	TypeReceiverReport            PacketType = 201 // RFC 3550, 6.4.2
+	TypeSourceDescription         PacketType = 202 // RFC 3550, 6.5
+	TypeGoodbye                   PacketType = 203 // RFC 3550, 6.6
+	TypeApplicationDefined        PacketType = 204 // RFC 3550, 6.7 (unimplemented)
+	TypeTransportSpecificFeedback PacketType = 205 // RFC 4585, 6051
+	TypePayloadSpecificFeedback   PacketType = 206 // RFC 4585, 6.3
+	TypeExtendedReport            PacketType = 207 // RFC 3611
+
+)
+
+// Transport and Payload specific feedback messages overload the count field to act as a message type. those are listed here
+const (
+	FormatSLI  uint8 = 2
+	FormatPLI  uint8 = 1
+	FormatFIR  uint8 = 4
+	FormatTLN  uint8 = 1
+	FormatRRR  uint8 = 5
+	FormatCCFB uint8 = 11
+	FormatREMB uint8 = 15
+
+	// https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#page-5
+	FormatTCC uint8 = 15
+)
+
+func (p PacketType) String() string {
+	switch p {
+	case TypeSenderReport:
+		return "SR"
+	case TypeReceiverReport:
+		return "RR"
+	case TypeSourceDescription:
+		return "SDES"
+	case TypeGoodbye:
+		return "BYE"
+	case TypeApplicationDefined:
+		return "APP"
+	case TypeTransportSpecificFeedback:
+		return "TSFB"
+	case TypePayloadSpecificFeedback:
+		return "PSFB"
+	case TypeExtendedReport:
+		return "XR"
+	default:
+		return string(p)
+	}
+}
+
+const rtpVersion = 2
+
+// A Header is the common header shared by all RTCP packets
+type Header struct {
+	// If the padding bit is set, this individual RTCP packet contains
+	// some additional padding octets at the end which are not part of
+	// the control information but are included in the length field.
+	Padding bool
+	// The number of reception reports, sources contained or FMT in this packet (depending on the Type)
+	Count uint8
+	// The RTCP packet type for this packet
+	Type PacketType
+	// The length of this RTCP packet in 32-bit words minus one,
+	// including the header and any padding.
+	Length uint16
+}
+
+const (
+	headerLength = 4
+	versionShift = 6
+	versionMask  = 0x3
+	paddingShift = 5
+	paddingMask  = 0x1
+	countShift   = 0
+	countMask    = 0x1f
+	countMax     = (1 << 5) - 1
+)
+
+// Marshal encodes the Header in binary
+func (h Header) Marshal() ([]byte, error) {
+	/*
+	 *  0                   1                   2                   3
+	 *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |V=2|P|    RC   |   PT=SR=200   |             length            |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+	rawPacket := make([]byte, headerLength)
+
+	rawPacket[0] |= rtpVersion << versionShift
+
+	if h.Padding {
+		rawPacket[0] |= 1 << paddingShift
+	}
+
+	if h.Count > 31 {
+		return nil, errInvalidHeader
+	}
+	rawPacket[0] |= h.Count << countShift
+
+	rawPacket[1] = uint8(h.Type)
+
+	binary.BigEndian.PutUint16(rawPacket[2:], h.Length)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the Header from binary
+func (h *Header) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < headerLength {
+		return errPacketTooShort
+	}
+
+	/*
+	 *  0                   1                   2                   3
+	 *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |V=2|P|    RC   |      PT       |             length            |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	version := rawPacket[0] >> versionShift & versionMask
+	if version != rtpVersion {
+		return errBadVersion
+	}
+
+	h.Padding = (rawPacket[0] >> paddingShift & paddingMask) > 0
+	h.Count = rawPacket[0] >> countShift & countMask
+
+	h.Type = PacketType(rawPacket[1])
+
+	h.Length = binary.BigEndian.Uint16(rawPacket[2:])
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/rtcp/packet.go b/server/vendor/github.com/pion/rtcp/packet.go
new file mode 100644
index 0000000..cdb83c0
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/packet.go
@@ -0,0 +1,124 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+// Packet represents an RTCP packet, a protocol used for out-of-band statistics and control information for an RTP session
+type Packet interface {
+	// DestinationSSRC returns an array of SSRC values that this packet refers to.
+	DestinationSSRC() []uint32
+
+	Marshal() ([]byte, error)
+	Unmarshal(rawPacket []byte) error
+	MarshalSize() int
+}
+
+// Unmarshal takes an entire udp datagram (which may consist of multiple RTCP packets) and
+// returns the unmarshaled packets it contains.
+//
+// If this is a reduced-size RTCP packet a feedback packet (Goodbye, SliceLossIndication, etc)
+// will be returned. Otherwise, the underlying type of the returned packet will be
+// CompoundPacket.
+func Unmarshal(rawData []byte) ([]Packet, error) {
+	var packets []Packet
+	for len(rawData) != 0 {
+		p, processed, err := unmarshal(rawData)
+		if err != nil {
+			return nil, err
+		}
+
+		packets = append(packets, p)
+		rawData = rawData[processed:]
+	}
+
+	switch len(packets) {
+	// Empty packet
+	case 0:
+		return nil, errInvalidHeader
+	// Multiple Packets
+	default:
+		return packets, nil
+	}
+}
+
+// Marshal takes an array of Packets and serializes them to a single buffer
+func Marshal(packets []Packet) ([]byte, error) {
+	out := make([]byte, 0)
+	for _, p := range packets {
+		data, err := p.Marshal()
+		if err != nil {
+			return nil, err
+		}
+		out = append(out, data...)
+	}
+	return out, nil
+}
+
+// unmarshal is a factory which pulls the first RTCP packet from a bytestream,
+// and returns it's parsed representation, and the amount of data that was processed.
+func unmarshal(rawData []byte) (packet Packet, bytesprocessed int, err error) {
+	var h Header
+
+	err = h.Unmarshal(rawData)
+	if err != nil {
+		return nil, 0, err
+	}
+
+	bytesprocessed = int(h.Length+1) * 4
+	if bytesprocessed > len(rawData) {
+		return nil, 0, errPacketTooShort
+	}
+	inPacket := rawData[:bytesprocessed]
+
+	switch h.Type {
+	case TypeSenderReport:
+		packet = new(SenderReport)
+
+	case TypeReceiverReport:
+		packet = new(ReceiverReport)
+
+	case TypeSourceDescription:
+		packet = new(SourceDescription)
+
+	case TypeGoodbye:
+		packet = new(Goodbye)
+
+	case TypeTransportSpecificFeedback:
+		switch h.Count {
+		case FormatTLN:
+			packet = new(TransportLayerNack)
+		case FormatRRR:
+			packet = new(RapidResynchronizationRequest)
+		case FormatTCC:
+			packet = new(TransportLayerCC)
+		case FormatCCFB:
+			packet = new(CCFeedbackReport)
+		default:
+			packet = new(RawPacket)
+		}
+
+	case TypePayloadSpecificFeedback:
+		switch h.Count {
+		case FormatPLI:
+			packet = new(PictureLossIndication)
+		case FormatSLI:
+			packet = new(SliceLossIndication)
+		case FormatREMB:
+			packet = new(ReceiverEstimatedMaximumBitrate)
+		case FormatFIR:
+			packet = new(FullIntraRequest)
+		default:
+			packet = new(RawPacket)
+		}
+
+	case TypeExtendedReport:
+		packet = new(ExtendedReport)
+
+	default:
+		packet = new(RawPacket)
+	}
+
+	err = packet.Unmarshal(inPacket)
+
+	return packet, bytesprocessed, err
+}
diff --git a/server/vendor/github.com/pion/rtcp/packet_buffer.go b/server/vendor/github.com/pion/rtcp/packet_buffer.go
new file mode 100644
index 0000000..f6c7eaa
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/packet_buffer.go
@@ -0,0 +1,258 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"reflect"
+	"unsafe"
+)
+
+// These functions implement an introspective structure
+// serializer/deserializer, designed to allow RTCP packet
+// Structs to be self-describing. They currently work with
+// fields of type uint8, uint16, uint32, and uint64 (and
+// types derived from them).
+//
+// - Unexported fields will take up space in the encoded
+//   array, but wil be set to zero when written, and ignore
+//   when read.
+//
+// - Fields that are marked with the tag `encoding:"omit"`
+//   will be ignored when reading and writing data.
+//
+// For example:
+//
+//   type Example struct {
+//     A uint32
+//     B bool   `encoding:"omit"`
+//     _ uint64
+//     C uint16
+//   }
+//
+// "A" will be encoded as four bytes, in network order. "B"
+// will not be encoded at all. The anonymous uint64 will
+// encode as 8 bytes of value "0", followed by two bytes
+// encoding "C" in network order.
+
+type packetBuffer struct {
+	bytes []byte
+}
+
+const omit = "omit"
+
+// Writes the structure passed to into the buffer that
+// PacketBuffer is initialized with. This function will
+// modify the PacketBuffer.bytes slice to exclude those
+// bytes that have been written into.
+func (b *packetBuffer) write(v interface{}) error { //nolint:gocognit
+	value := reflect.ValueOf(v)
+
+	// Indirect is safe to call on non-pointers, and
+	// will simply return the same value in such cases
+	value = reflect.Indirect(value)
+
+	switch value.Kind() {
+	case reflect.Uint8:
+		if len(b.bytes) < 1 {
+			return errWrongMarshalSize
+		}
+		if value.CanInterface() {
+			b.bytes[0] = byte(value.Uint())
+		}
+		b.bytes = b.bytes[1:]
+	case reflect.Uint16:
+		if len(b.bytes) < 2 {
+			return errWrongMarshalSize
+		}
+		if value.CanInterface() {
+			binary.BigEndian.PutUint16(b.bytes, uint16(value.Uint()))
+		}
+		b.bytes = b.bytes[2:]
+	case reflect.Uint32:
+		if len(b.bytes) < 4 {
+			return errWrongMarshalSize
+		}
+		if value.CanInterface() {
+			binary.BigEndian.PutUint32(b.bytes, uint32(value.Uint()))
+		}
+		b.bytes = b.bytes[4:]
+	case reflect.Uint64:
+		if len(b.bytes) < 8 {
+			return errWrongMarshalSize
+		}
+		if value.CanInterface() {
+			binary.BigEndian.PutUint64(b.bytes, value.Uint())
+		}
+		b.bytes = b.bytes[8:]
+	case reflect.Slice:
+		for i := 0; i < value.Len(); i++ {
+			if value.Index(i).CanInterface() {
+				if err := b.write(value.Index(i).Interface()); err != nil {
+					return err
+				}
+			} else {
+				b.bytes = b.bytes[value.Index(i).Type().Size():]
+			}
+		}
+	case reflect.Struct:
+		for i := 0; i < value.NumField(); i++ {
+			encoding := value.Type().Field(i).Tag.Get("encoding")
+			if encoding == omit {
+				continue
+			}
+			if value.Field(i).CanInterface() {
+				if err := b.write(value.Field(i).Interface()); err != nil {
+					return err
+				}
+			} else {
+				advance := int(value.Field(i).Type().Size())
+				if len(b.bytes) < advance {
+					return errWrongMarshalSize
+				}
+				b.bytes = b.bytes[advance:]
+			}
+		}
+	default:
+		return errBadStructMemberType
+	}
+	return nil
+}
+
+// Reads bytes from the buffer as necessary to populate
+// the structure passed as a parameter. This function will
+// modify the PacketBuffer.bytes slice to exclude those
+// bytes that have already been read.
+func (b *packetBuffer) read(v interface{}) error { //nolint:gocognit
+	ptr := reflect.ValueOf(v)
+	if ptr.Kind() != reflect.Ptr {
+		return errBadReadParameter
+	}
+	value := reflect.Indirect(ptr)
+
+	// If this is an interface, we need to make it concrete before using it
+	if value.Kind() == reflect.Interface {
+		value = reflect.ValueOf(value.Interface())
+	}
+	value = reflect.Indirect(value)
+
+	switch value.Kind() {
+	case reflect.Uint8:
+		if len(b.bytes) < 1 {
+			return errWrongMarshalSize
+		}
+		value.SetUint(uint64(b.bytes[0]))
+		b.bytes = b.bytes[1:]
+
+	case reflect.Uint16:
+		if len(b.bytes) < 2 {
+			return errWrongMarshalSize
+		}
+		value.SetUint(uint64(binary.BigEndian.Uint16(b.bytes)))
+		b.bytes = b.bytes[2:]
+
+	case reflect.Uint32:
+		if len(b.bytes) < 4 {
+			return errWrongMarshalSize
+		}
+		value.SetUint(uint64(binary.BigEndian.Uint32(b.bytes)))
+		b.bytes = b.bytes[4:]
+
+	case reflect.Uint64:
+		if len(b.bytes) < 8 {
+			return errWrongMarshalSize
+		}
+		value.SetUint(binary.BigEndian.Uint64(b.bytes))
+		b.bytes = b.bytes[8:]
+
+	case reflect.Slice:
+		// If we encounter a slice, we consume the rest of the data
+		// in the buffer and load it into the slice.
+		for len(b.bytes) > 0 {
+			newElementPtr := reflect.New(value.Type().Elem())
+			if err := b.read(newElementPtr.Interface()); err != nil {
+				return err
+			}
+			if value.CanSet() {
+				value.Set(reflect.Append(value, reflect.Indirect(newElementPtr)))
+			}
+		}
+
+	case reflect.Struct:
+		for i := 0; i < value.NumField(); i++ {
+			encoding := value.Type().Field(i).Tag.Get("encoding")
+			if encoding == omit {
+				continue
+			}
+			if value.Field(i).CanInterface() {
+				field := value.Field(i)
+				newFieldPtr := reflect.NewAt(field.Type(), unsafe.Pointer(field.UnsafeAddr())) //nolint:gosec // This is the only way to get a typed pointer to a structure's field
+				if err := b.read(newFieldPtr.Interface()); err != nil {
+					return err
+				}
+			} else {
+				advance := int(value.Field(i).Type().Size())
+				if len(b.bytes) < advance {
+					return errWrongMarshalSize
+				}
+				b.bytes = b.bytes[advance:]
+			}
+		}
+
+	default:
+		return errBadStructMemberType
+	}
+	return nil
+}
+
+// Consumes `size` bytes and returns them as an
+// independent PacketBuffer
+func (b *packetBuffer) split(size int) packetBuffer {
+	if size > len(b.bytes) {
+		size = len(b.bytes)
+	}
+	newBuffer := packetBuffer{bytes: b.bytes[:size]}
+	b.bytes = b.bytes[size:]
+	return newBuffer
+}
+
+// Returns the size that a structure will encode into.
+// This fuction doesn't check that Write() will succeed,
+// and may return unexpectedly large results for those
+// structures that Write() will fail on
+func wireSize(v interface{}) int {
+	value := reflect.ValueOf(v)
+	// Indirect is safe to call on non-pointers, and
+	// will simply return the same value in such cases
+	value = reflect.Indirect(value)
+	size := int(0)
+
+	switch value.Kind() {
+	case reflect.Slice:
+		for i := 0; i < value.Len(); i++ {
+			if value.Index(i).CanInterface() {
+				size += wireSize(value.Index(i).Interface())
+			} else {
+				size += int(value.Index(i).Type().Size())
+			}
+		}
+
+	case reflect.Struct:
+		for i := 0; i < value.NumField(); i++ {
+			encoding := value.Type().Field(i).Tag.Get("encoding")
+			if encoding == omit {
+				continue
+			}
+			if value.Field(i).CanInterface() {
+				size += wireSize(value.Field(i).Interface())
+			} else {
+				size += int(value.Field(i).Type().Size())
+			}
+		}
+
+	default:
+		size = int(value.Type().Size())
+	}
+	return size
+}
diff --git a/server/vendor/github.com/pion/rtcp/packet_stringifier.go b/server/vendor/github.com/pion/rtcp/packet_stringifier.go
new file mode 100644
index 0000000..dd7c01f
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/packet_stringifier.go
@@ -0,0 +1,106 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"fmt"
+	"reflect"
+)
+
+/*
+Converts an RTCP Packet into a human-readable format. The Packets
+themselves can control the presentation as follows:
+
+  - Fields of a type that have a String() method will be formatted
+    with that String method (which should not emit '\n' characters)
+
+  - Otherwise, fields with a tag containing a "fmt" string will use that
+    format when serializing the value. For example, to format an SSRC
+    value as base 16 insted of base 10:
+
+    type ExamplePacket struct {
+    LocalSSRC   uint32   `fmt:"0x%X"`
+    RemotsSSRCs []uint32 `fmt:"%X"`
+    }
+
+- If no fmt string is present, "%+v" is used by default
+
+The intention of this stringify() function is to simplify creation
+of String() methods on new packet types, as it provides a simple
+baseline implementation that works well in the majority of cases.
+*/
+func stringify(p Packet) string {
+	value := reflect.Indirect(reflect.ValueOf(p))
+	return formatField(value.Type().String(), "", p, "")
+}
+
+func formatField(name string, format string, f interface{}, indent string) string { //nolint:gocognit
+	out := indent
+	value := reflect.ValueOf(f)
+
+	if !value.IsValid() {
+		return fmt.Sprintf("%s%s: <nil>\n", out, name)
+	}
+
+	isPacket := reflect.TypeOf(f).Implements(reflect.TypeOf((*Packet)(nil)).Elem())
+
+	// Resolve pointers to their underlying values
+	if value.Type().Kind() == reflect.Ptr && !value.IsNil() {
+		underlying := reflect.Indirect(value)
+		if underlying.IsValid() {
+			value = underlying
+		}
+	}
+
+	// If the field type has a custom String method, use that
+	// (unless we're a packet, since we want to avoid recursing
+	// back into this function if the Packet's String() method
+	// uses it)
+	if stringMethod := value.MethodByName("String"); !isPacket && stringMethod.IsValid() {
+		out += fmt.Sprintf("%s: %s\n", name, stringMethod.Call([]reflect.Value{}))
+		return out
+	}
+
+	switch value.Kind() {
+	case reflect.Struct:
+		out += fmt.Sprintf("%s:\n", name)
+		for i := 0; i < value.NumField(); i++ {
+			if value.Field(i).CanInterface() {
+				format = value.Type().Field(i).Tag.Get("fmt")
+				if format == "" {
+					format = "%+v"
+				}
+				out += formatField(value.Type().Field(i).Name, format, value.Field(i).Interface(), indent+"\t")
+			}
+		}
+	case reflect.Slice:
+		childKind := value.Type().Elem().Kind()
+		_, hasStringMethod := value.Type().Elem().MethodByName("String")
+		if hasStringMethod || childKind == reflect.Struct || childKind == reflect.Ptr || childKind == reflect.Interface || childKind == reflect.Slice {
+			out += fmt.Sprintf("%s:\n", name)
+			for i := 0; i < value.Len(); i++ {
+				childName := fmt.Sprint(i)
+				// Since interfaces can hold different types of things, we add the
+				// most specific type name to the name to make it clear what the
+				// subsequent fields represent.
+				if value.Index(i).Kind() == reflect.Interface {
+					childName += fmt.Sprintf(" (%s)", reflect.Indirect(reflect.ValueOf(value.Index(i).Interface())).Type())
+				}
+				if value.Index(i).CanInterface() {
+					out += formatField(childName, format, value.Index(i).Interface(), indent+"\t")
+				}
+			}
+			return out
+		}
+
+		// If we didn't take care of stringing the value already, we fall through to the
+		// generic case. This will print slices of basic types on a single line.
+		fallthrough
+	default:
+		if value.CanInterface() {
+			out += fmt.Sprintf("%s: "+format+"\n", name, value.Interface())
+		}
+	}
+	return out
+}
diff --git a/server/vendor/github.com/pion/rtcp/picture_loss_indication.go b/server/vendor/github.com/pion/rtcp/picture_loss_indication.go
new file mode 100644
index 0000000..56a7de2
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/picture_loss_indication.go
@@ -0,0 +1,93 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+// The PictureLossIndication packet informs the encoder about the loss of an undefined amount of coded video data belonging to one or more pictures
+type PictureLossIndication struct {
+	// SSRC of sender
+	SenderSSRC uint32
+
+	// SSRC where the loss was experienced
+	MediaSSRC uint32
+}
+
+const (
+	pliLength = 2
+)
+
+// Marshal encodes the PictureLossIndication in binary
+func (p PictureLossIndication) Marshal() ([]byte, error) {
+	/*
+	 * PLI does not require parameters.  Therefore, the length field MUST be
+	 * 2, and there MUST NOT be any Feedback Control Information.
+	 *
+	 * The semantics of this FB message is independent of the payload type.
+	 */
+	rawPacket := make([]byte, p.MarshalSize())
+	packetBody := rawPacket[headerLength:]
+
+	binary.BigEndian.PutUint32(packetBody, p.SenderSSRC)
+	binary.BigEndian.PutUint32(packetBody[4:], p.MediaSSRC)
+
+	h := Header{
+		Count:  FormatPLI,
+		Type:   TypePayloadSpecificFeedback,
+		Length: pliLength,
+	}
+	hData, err := h.Marshal()
+	if err != nil {
+		return nil, err
+	}
+	copy(rawPacket, hData)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the PictureLossIndication from binary
+func (p *PictureLossIndication) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < (headerLength + (ssrcLength * 2)) {
+		return errPacketTooShort
+	}
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if h.Type != TypePayloadSpecificFeedback || h.Count != FormatPLI {
+		return errWrongType
+	}
+
+	p.SenderSSRC = binary.BigEndian.Uint32(rawPacket[headerLength:])
+	p.MediaSSRC = binary.BigEndian.Uint32(rawPacket[headerLength+ssrcLength:])
+	return nil
+}
+
+// Header returns the Header associated with this packet.
+func (p *PictureLossIndication) Header() Header {
+	return Header{
+		Count:  FormatPLI,
+		Type:   TypePayloadSpecificFeedback,
+		Length: pliLength,
+	}
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (p *PictureLossIndication) MarshalSize() int {
+	return headerLength + ssrcLength*2
+}
+
+func (p *PictureLossIndication) String() string {
+	return fmt.Sprintf("PictureLossIndication %x %x", p.SenderSSRC, p.MediaSSRC)
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (p *PictureLossIndication) DestinationSSRC() []uint32 {
+	return []uint32{p.MediaSSRC}
+}
diff --git a/server/vendor/github.com/pion/rtcp/rapid_resynchronization_request.go b/server/vendor/github.com/pion/rtcp/rapid_resynchronization_request.go
new file mode 100644
index 0000000..dc67d49
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/rapid_resynchronization_request.go
@@ -0,0 +1,94 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+// The RapidResynchronizationRequest packet informs the encoder about the loss of an undefined amount of coded video data belonging to one or more pictures
+type RapidResynchronizationRequest struct {
+	// SSRC of sender
+	SenderSSRC uint32
+
+	// SSRC of the media source
+	MediaSSRC uint32
+}
+
+// RapidResynchronisationRequest is provided as RFC 6051 spells resynchronization with an s.
+// We provide both names to be consistent with other RFCs which spell resynchronization with a z.
+type RapidResynchronisationRequest = RapidResynchronizationRequest
+
+const (
+	rrrLength       = 2
+	rrrHeaderLength = ssrcLength * 2
+	rrrMediaOffset  = 4
+)
+
+// Marshal encodes the RapidResynchronizationRequest in binary
+func (p RapidResynchronizationRequest) Marshal() ([]byte, error) {
+	/*
+	 * RRR does not require parameters.  Therefore, the length field MUST be
+	 * 2, and there MUST NOT be any Feedback Control Information.
+	 *
+	 * The semantics of this FB message is independent of the payload type.
+	 */
+	rawPacket := make([]byte, p.MarshalSize())
+	packetBody := rawPacket[headerLength:]
+
+	binary.BigEndian.PutUint32(packetBody, p.SenderSSRC)
+	binary.BigEndian.PutUint32(packetBody[rrrMediaOffset:], p.MediaSSRC)
+
+	hData, err := p.Header().Marshal()
+	if err != nil {
+		return nil, err
+	}
+	copy(rawPacket, hData)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the RapidResynchronizationRequest from binary
+func (p *RapidResynchronizationRequest) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < (headerLength + (ssrcLength * 2)) {
+		return errPacketTooShort
+	}
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if h.Type != TypeTransportSpecificFeedback || h.Count != FormatRRR {
+		return errWrongType
+	}
+
+	p.SenderSSRC = binary.BigEndian.Uint32(rawPacket[headerLength:])
+	p.MediaSSRC = binary.BigEndian.Uint32(rawPacket[headerLength+ssrcLength:])
+	return nil
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (p *RapidResynchronizationRequest) MarshalSize() int {
+	return headerLength + rrrHeaderLength
+}
+
+// Header returns the Header associated with this packet.
+func (p *RapidResynchronizationRequest) Header() Header {
+	return Header{
+		Count:  FormatRRR,
+		Type:   TypeTransportSpecificFeedback,
+		Length: rrrLength,
+	}
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (p *RapidResynchronizationRequest) DestinationSSRC() []uint32 {
+	return []uint32{p.MediaSSRC}
+}
+
+func (p *RapidResynchronizationRequest) String() string {
+	return fmt.Sprintf("RapidResynchronizationRequest %x %x", p.SenderSSRC, p.MediaSSRC)
+}
diff --git a/server/vendor/github.com/pion/rtcp/raw_packet.go b/server/vendor/github.com/pion/rtcp/raw_packet.go
new file mode 100644
index 0000000..eafb034
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/raw_packet.go
@@ -0,0 +1,50 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import "fmt"
+
+// RawPacket represents an unparsed RTCP packet. It's returned by Unmarshal when
+// a packet with an unknown type is encountered.
+type RawPacket []byte
+
+// Marshal encodes the packet in binary.
+func (r RawPacket) Marshal() ([]byte, error) {
+	return r, nil
+}
+
+// Unmarshal decodes the packet from binary.
+func (r *RawPacket) Unmarshal(b []byte) error {
+	if len(b) < (headerLength) {
+		return errPacketTooShort
+	}
+	*r = b
+
+	var h Header
+	return h.Unmarshal(b)
+}
+
+// Header returns the Header associated with this packet.
+func (r RawPacket) Header() Header {
+	var h Header
+	if err := h.Unmarshal(r); err != nil {
+		return Header{}
+	}
+	return h
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (r *RawPacket) DestinationSSRC() []uint32 {
+	return []uint32{}
+}
+
+func (r RawPacket) String() string {
+	out := fmt.Sprintf("RawPacket: %v", ([]byte)(r))
+	return out
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (r RawPacket) MarshalSize() int {
+	return len(r)
+}
diff --git a/server/vendor/github.com/pion/rtcp/receiver_estimated_maximum_bitrate.go b/server/vendor/github.com/pion/rtcp/receiver_estimated_maximum_bitrate.go
new file mode 100644
index 0000000..7be57e6
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/receiver_estimated_maximum_bitrate.go
@@ -0,0 +1,285 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"bytes"
+	"encoding/binary"
+	"fmt"
+	"math"
+)
+
+// ReceiverEstimatedMaximumBitrate contains the receiver's estimated maximum bitrate.
+// see: https://tools.ietf.org/html/draft-alvestrand-rmcat-remb-03
+type ReceiverEstimatedMaximumBitrate struct {
+	// SSRC of sender
+	SenderSSRC uint32
+
+	// Estimated maximum bitrate
+	Bitrate float32
+
+	// SSRC entries which this packet applies to
+	SSRCs []uint32
+}
+
+// Marshal serializes the packet and returns a byte slice.
+func (p ReceiverEstimatedMaximumBitrate) Marshal() (buf []byte, err error) {
+	// Allocate a buffer of the exact output size.
+	buf = make([]byte, p.MarshalSize())
+
+	// Write to our buffer.
+	n, err := p.MarshalTo(buf)
+	if err != nil {
+		return nil, err
+	}
+
+	// This will always be true but just to be safe.
+	if n != len(buf) {
+		return nil, errWrongMarshalSize
+	}
+
+	return buf, nil
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (p ReceiverEstimatedMaximumBitrate) MarshalSize() int {
+	return 20 + 4*len(p.SSRCs)
+}
+
+// MarshalTo serializes the packet to the given byte slice.
+func (p ReceiverEstimatedMaximumBitrate) MarshalTo(buf []byte) (n int, err error) {
+	const bitratemax = 0x3FFFFp+63
+	/*
+	    0                   1                   2                   3
+	    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |V=2|P| FMT=15  |   PT=206      |             length            |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |                  SSRC of packet sender                        |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |                  SSRC of media source                         |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |  Unique identifier 'R' 'E' 'M' 'B'                            |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |  Num SSRC     | BR Exp    |  BR Mantissa                      |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |   SSRC feedback                                               |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |  ...                                                          |
+	*/
+
+	size := p.MarshalSize()
+	if len(buf) < size {
+		return 0, errPacketTooShort
+	}
+
+	buf[0] = 143 // v=2, p=0, fmt=15
+	buf[1] = 206
+
+	// Length of this packet in 32-bit words minus one.
+	length := uint16((p.MarshalSize() / 4) - 1)
+	binary.BigEndian.PutUint16(buf[2:4], length)
+
+	binary.BigEndian.PutUint32(buf[4:8], p.SenderSSRC)
+	binary.BigEndian.PutUint32(buf[8:12], 0) // always zero
+
+	// ALL HAIL REMB
+	buf[12] = 'R'
+	buf[13] = 'E'
+	buf[14] = 'M'
+	buf[15] = 'B'
+
+	// Write the length of the ssrcs to follow at the end
+	buf[16] = byte(len(p.SSRCs))
+
+	exp := 0
+	bitrate := p.Bitrate
+
+	if bitrate >= bitratemax {
+		bitrate = bitratemax
+	}
+
+	if bitrate < 0 {
+		return 0, errInvalidBitrate
+	}
+
+	for bitrate >= (1 << 18) {
+		bitrate /= 2.0
+		exp++
+	}
+
+	if exp >= (1 << 6) {
+		return 0, errInvalidBitrate
+	}
+
+	mantissa := uint(math.Floor(float64(bitrate)))
+
+	// We can't quite use the binary package because
+	// a) it's a uint24 and b) the exponent is only 6-bits
+	// Just trust me; this is big-endian encoding.
+	buf[17] = byte(exp<<2) | byte(mantissa>>16)
+	buf[18] = byte(mantissa >> 8)
+	buf[19] = byte(mantissa)
+
+	// Write the SSRCs at the very end.
+	n = 20
+	for _, ssrc := range p.SSRCs {
+		binary.BigEndian.PutUint32(buf[n:n+4], ssrc)
+		n += 4
+	}
+
+	return n, nil
+}
+
+// Unmarshal reads a REMB packet from the given byte slice.
+func (p *ReceiverEstimatedMaximumBitrate) Unmarshal(buf []byte) (err error) {
+	const mantissamax = 0x7FFFFF
+	/*
+	    0                   1                   2                   3
+	    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |V=2|P| FMT=15  |   PT=206      |             length            |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |                  SSRC of packet sender                        |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |                  SSRC of media source                         |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |  Unique identifier 'R' 'E' 'M' 'B'                            |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |  Num SSRC     | BR Exp    |  BR Mantissa                      |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |   SSRC feedback                                               |
+	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	   |  ...                                                          |
+	*/
+
+	// 20 bytes is the size of the packet with no SSRCs
+	if len(buf) < 20 {
+		return errPacketTooShort
+	}
+
+	// version  must be 2
+	version := buf[0] >> 6
+	if version != 2 {
+		return fmt.Errorf("%w expected(2) actual(%d)", errBadVersion, version)
+	}
+
+	// padding must be unset
+	padding := (buf[0] >> 5) & 1
+	if padding != 0 {
+		return fmt.Errorf("%w expected(0) actual(%d)", errWrongPadding, padding)
+	}
+
+	// fmt must be 15
+	fmtVal := buf[0] & 31
+	if fmtVal != 15 {
+		return fmt.Errorf("%w expected(15) actual(%d)", errWrongFeedbackType, fmtVal)
+	}
+
+	// Must be payload specific feedback
+	if buf[1] != 206 {
+		return fmt.Errorf("%w expected(206) actual(%d)", errWrongPayloadType, buf[1])
+	}
+
+	// length is the number of 32-bit words, minus 1
+	length := binary.BigEndian.Uint16(buf[2:4])
+	size := int((length + 1) * 4)
+
+	// There's not way this could be legit
+	if size < 20 {
+		return errHeaderTooSmall
+	}
+
+	// Make sure the buffer is large enough.
+	if len(buf) < size {
+		return errPacketTooShort
+	}
+
+	// The sender SSRC is 32-bits
+	p.SenderSSRC = binary.BigEndian.Uint32(buf[4:8])
+
+	// The destination SSRC must be 0
+	media := binary.BigEndian.Uint32(buf[8:12])
+	if media != 0 {
+		return errSSRCMustBeZero
+	}
+
+	// REMB rules all around me
+	if !bytes.Equal(buf[12:16], []byte{'R', 'E', 'M', 'B'}) {
+		return errMissingREMBidentifier
+	}
+
+	// The next byte is the number of SSRC entries at the end.
+	num := int(buf[16])
+
+	// Now we know the expected size, make sure they match.
+	if size != 20+4*num {
+		return errSSRCNumAndLengthMismatch
+	}
+
+	// Get the 6-bit exponent value.
+	exp := buf[17] >> 2
+	exp += 127 // bias for IEEE754
+	exp += 23  // IEEE754 biases the decimal to the left, abs-send-time biases it to the right
+
+	// The remaining 2-bits plus the next 16-bits are the mantissa.
+	mantissa := uint32(buf[17]&3)<<16 | uint32(buf[18])<<8 | uint32(buf[19])
+
+	if mantissa != 0 {
+		// ieee754 requires an implicit leading bit
+		for (mantissa & (mantissamax + 1)) == 0 {
+			exp--
+			mantissa *= 2
+		}
+	}
+
+	// bitrate = mantissa * 2^exp
+	p.Bitrate = math.Float32frombits((uint32(exp) << 23) | (mantissa & mantissamax))
+
+	// Clear any existing SSRCs
+	p.SSRCs = nil
+
+	// Loop over and parse the SSRC entires at the end.
+	// We already verified that size == num * 4
+	for n := 20; n < size; n += 4 {
+		ssrc := binary.BigEndian.Uint32(buf[n : n+4])
+		p.SSRCs = append(p.SSRCs, ssrc)
+	}
+
+	return nil
+}
+
+// Header returns the Header associated with this packet.
+func (p *ReceiverEstimatedMaximumBitrate) Header() Header {
+	return Header{
+		Count:  FormatREMB,
+		Type:   TypePayloadSpecificFeedback,
+		Length: uint16((p.MarshalSize() / 4) - 1),
+	}
+}
+
+// String prints the REMB packet in a human-readable format.
+func (p *ReceiverEstimatedMaximumBitrate) String() string {
+	// Keep a table of powers to units for fast conversion.
+	bitUnits := []string{"b", "Kb", "Mb", "Gb", "Tb", "Pb", "Eb"}
+
+	// Do some unit conversions because b/s is far too difficult to read.
+	bitrate := p.Bitrate
+	powers := 0
+
+	// Keep dividing the bitrate until it's under 1000
+	for bitrate >= 1000.0 && powers < len(bitUnits) {
+		bitrate /= 1000.0
+		powers++
+	}
+
+	unit := bitUnits[powers]
+
+	return fmt.Sprintf("ReceiverEstimatedMaximumBitrate %x %.2f %s/s", p.SenderSSRC, bitrate, unit)
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (p *ReceiverEstimatedMaximumBitrate) DestinationSSRC() []uint32 {
+	return p.SSRCs
+}
diff --git a/server/vendor/github.com/pion/rtcp/receiver_report.go b/server/vendor/github.com/pion/rtcp/receiver_report.go
new file mode 100644
index 0000000..e917702
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/receiver_report.go
@@ -0,0 +1,195 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+// A ReceiverReport (RR) packet provides reception quality feedback for an RTP stream
+type ReceiverReport struct {
+	// The synchronization source identifier for the originator of this RR packet.
+	SSRC uint32
+	// Zero or more reception report blocks depending on the number of other
+	// sources heard by this sender since the last report. Each reception report
+	// block conveys statistics on the reception of RTP packets from a
+	// single synchronization source.
+	Reports []ReceptionReport
+	// Extension contains additional, payload-specific information that needs to
+	// be reported regularly about the receiver.
+	ProfileExtensions []byte
+}
+
+const (
+	ssrcLength     = 4
+	rrSSRCOffset   = headerLength
+	rrReportOffset = rrSSRCOffset + ssrcLength
+)
+
+// Marshal encodes the ReceiverReport in binary
+func (r ReceiverReport) Marshal() ([]byte, error) {
+	/*
+	 *         0                   1                   2                   3
+	 *         0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * header |V=2|P|    RC   |   PT=RR=201   |             length            |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                     SSRC of packet sender                     |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * report |                 SSRC_1 (SSRC of first source)                 |
+	 * block  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *   1    | fraction lost |       cumulative number of packets lost       |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |           extended highest sequence number received           |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                      interarrival jitter                      |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                         last SR (LSR)                         |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                   delay since last SR (DLSR)                  |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * report |                 SSRC_2 (SSRC of second source)                |
+	 * block  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *   2    :                               ...                             :
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 *        |                  profile-specific extensions                  |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	rawPacket := make([]byte, r.MarshalSize())
+	packetBody := rawPacket[headerLength:]
+
+	binary.BigEndian.PutUint32(packetBody, r.SSRC)
+
+	for i, rp := range r.Reports {
+		data, err := rp.Marshal()
+		if err != nil {
+			return nil, err
+		}
+		offset := ssrcLength + receptionReportLength*i
+		copy(packetBody[offset:], data)
+	}
+
+	if len(r.Reports) > countMax {
+		return nil, errTooManyReports
+	}
+
+	pe := make([]byte, len(r.ProfileExtensions))
+	copy(pe, r.ProfileExtensions)
+
+	// if the length of the profile extensions isn't devisible
+	// by 4, we need to pad the end.
+	for (len(pe) & 0x3) != 0 {
+		pe = append(pe, 0)
+	}
+
+	rawPacket = append(rawPacket, pe...)
+
+	hData, err := r.Header().Marshal()
+	if err != nil {
+		return nil, err
+	}
+	copy(rawPacket, hData)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the ReceiverReport from binary
+func (r *ReceiverReport) Unmarshal(rawPacket []byte) error {
+	/*
+	 *         0                   1                   2                   3
+	 *         0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * header |V=2|P|    RC   |   PT=RR=201   |             length            |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                     SSRC of packet sender                     |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * report |                 SSRC_1 (SSRC of first source)                 |
+	 * block  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *   1    | fraction lost |       cumulative number of packets lost       |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |           extended highest sequence number received           |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                      interarrival jitter                      |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                         last SR (LSR)                         |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                   delay since last SR (DLSR)                  |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * report |                 SSRC_2 (SSRC of second source)                |
+	 * block  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *   2    :                               ...                             :
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 *        |                  profile-specific extensions                  |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	if len(rawPacket) < (headerLength + ssrcLength) {
+		return errPacketTooShort
+	}
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if h.Type != TypeReceiverReport {
+		return errWrongType
+	}
+
+	r.SSRC = binary.BigEndian.Uint32(rawPacket[rrSSRCOffset:])
+
+	for i := rrReportOffset; i < len(rawPacket) && len(r.Reports) < int(h.Count); i += receptionReportLength {
+		var rr ReceptionReport
+		if err := rr.Unmarshal(rawPacket[i:]); err != nil {
+			return err
+		}
+		r.Reports = append(r.Reports, rr)
+	}
+	r.ProfileExtensions = rawPacket[rrReportOffset+(len(r.Reports)*receptionReportLength):]
+
+	if uint8(len(r.Reports)) != h.Count {
+		return errInvalidHeader
+	}
+
+	return nil
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (r *ReceiverReport) MarshalSize() int {
+	repsLength := 0
+	for _, rep := range r.Reports {
+		repsLength += rep.len()
+	}
+	return headerLength + ssrcLength + repsLength
+}
+
+// Header returns the Header associated with this packet.
+func (r *ReceiverReport) Header() Header {
+	return Header{
+		Count:  uint8(len(r.Reports)),
+		Type:   TypeReceiverReport,
+		Length: uint16((r.MarshalSize()/4)-1) + uint16(getPadding(len(r.ProfileExtensions))),
+	}
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (r *ReceiverReport) DestinationSSRC() []uint32 {
+	out := make([]uint32, len(r.Reports))
+	for i, v := range r.Reports {
+		out[i] = v.SSRC
+	}
+	return out
+}
+
+func (r ReceiverReport) String() string {
+	out := fmt.Sprintf("ReceiverReport from %x\n", r.SSRC)
+	out += "\tSSRC    \tLost\tLastSequence\n"
+	for _, i := range r.Reports {
+		out += fmt.Sprintf("\t%x\t%d/%d\t%d\n", i.SSRC, i.FractionLost, i.TotalLost, i.LastSequenceNumber)
+	}
+	out += fmt.Sprintf("\tProfile Extension Data: %v\n", r.ProfileExtensions)
+	return out
+}
diff --git a/server/vendor/github.com/pion/rtcp/reception_report.go b/server/vendor/github.com/pion/rtcp/reception_report.go
new file mode 100644
index 0000000..c0b0605
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/reception_report.go
@@ -0,0 +1,133 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import "encoding/binary"
+
+// A ReceptionReport block conveys statistics on the reception of RTP packets
+// from a single synchronization source.
+type ReceptionReport struct {
+	// The SSRC identifier of the source to which the information in this
+	// reception report block pertains.
+	SSRC uint32
+	// The fraction of RTP data packets from source SSRC lost since the
+	// previous SR or RR packet was sent, expressed as a fixed point
+	// number with the binary point at the left edge of the field.
+	FractionLost uint8
+	// The total number of RTP data packets from source SSRC that have
+	// been lost since the beginning of reception.
+	TotalLost uint32
+	// The low 16 bits contain the highest sequence number received in an
+	// RTP data packet from source SSRC, and the most significant 16
+	// bits extend that sequence number with the corresponding count of
+	// sequence number cycles.
+	LastSequenceNumber uint32
+	// An estimate of the statistical variance of the RTP data packet
+	// interarrival time, measured in timestamp units and expressed as an
+	// unsigned integer.
+	Jitter uint32
+	// The middle 32 bits out of 64 in the NTP timestamp received as part of
+	// the most recent RTCP sender report (SR) packet from source SSRC. If no
+	// SR has been received yet, the field is set to zero.
+	LastSenderReport uint32
+	// The delay, expressed in units of 1/65536 seconds, between receiving the
+	// last SR packet from source SSRC and sending this reception report block.
+	// If no SR packet has been received yet from SSRC, the field is set to zero.
+	Delay uint32
+}
+
+const (
+	receptionReportLength = 24
+	fractionLostOffset    = 4
+	totalLostOffset       = 5
+	lastSeqOffset         = 8
+	jitterOffset          = 12
+	lastSROffset          = 16
+	delayOffset           = 20
+)
+
+// Marshal encodes the ReceptionReport in binary
+func (r ReceptionReport) Marshal() ([]byte, error) {
+	/*
+	 *  0                   1                   2                   3
+	 *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 * +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * |                              SSRC                             |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * | fraction lost |       cumulative number of packets lost       |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |           extended highest sequence number received           |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |                      interarrival jitter                      |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |                         last SR (LSR)                         |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |                   delay since last SR (DLSR)                  |
+	 * +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 */
+
+	rawPacket := make([]byte, receptionReportLength)
+
+	binary.BigEndian.PutUint32(rawPacket, r.SSRC)
+
+	rawPacket[fractionLostOffset] = r.FractionLost
+
+	// pack TotalLost into 24 bits
+	if r.TotalLost >= (1 << 25) {
+		return nil, errInvalidTotalLost
+	}
+	tlBytes := rawPacket[totalLostOffset:]
+	tlBytes[0] = byte(r.TotalLost >> 16)
+	tlBytes[1] = byte(r.TotalLost >> 8)
+	tlBytes[2] = byte(r.TotalLost)
+
+	binary.BigEndian.PutUint32(rawPacket[lastSeqOffset:], r.LastSequenceNumber)
+	binary.BigEndian.PutUint32(rawPacket[jitterOffset:], r.Jitter)
+	binary.BigEndian.PutUint32(rawPacket[lastSROffset:], r.LastSenderReport)
+	binary.BigEndian.PutUint32(rawPacket[delayOffset:], r.Delay)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the ReceptionReport from binary
+func (r *ReceptionReport) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < receptionReportLength {
+		return errPacketTooShort
+	}
+
+	/*
+	 *  0                   1                   2                   3
+	 *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 * +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * |                              SSRC                             |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * | fraction lost |       cumulative number of packets lost       |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |           extended highest sequence number received           |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |                      interarrival jitter                      |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |                         last SR (LSR)                         |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |                   delay since last SR (DLSR)                  |
+	 * +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 */
+
+	r.SSRC = binary.BigEndian.Uint32(rawPacket)
+	r.FractionLost = rawPacket[fractionLostOffset]
+
+	tlBytes := rawPacket[totalLostOffset:]
+	r.TotalLost = uint32(tlBytes[2]) | uint32(tlBytes[1])<<8 | uint32(tlBytes[0])<<16
+
+	r.LastSequenceNumber = binary.BigEndian.Uint32(rawPacket[lastSeqOffset:])
+	r.Jitter = binary.BigEndian.Uint32(rawPacket[jitterOffset:])
+	r.LastSenderReport = binary.BigEndian.Uint32(rawPacket[lastSROffset:])
+	r.Delay = binary.BigEndian.Uint32(rawPacket[delayOffset:])
+
+	return nil
+}
+
+func (r *ReceptionReport) len() int {
+	return receptionReportLength
+}
diff --git a/server/vendor/github.com/pion/rtcp/renovate.json b/server/vendor/github.com/pion/rtcp/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/rtcp/rfc8888.go b/server/vendor/github.com/pion/rtcp/rfc8888.go
new file mode 100644
index 0000000..544c6e3
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/rfc8888.go
@@ -0,0 +1,340 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"math"
+)
+
+// https://www.rfc-editor.org/rfc/rfc8888.html#name-rtcp-congestion-control-fee
+//  0                   1                   2                   3
+//  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |V=2|P| FMT=11  |   PT = 205    |          length               |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                 SSRC of RTCP packet sender                    |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                   SSRC of 1st RTP Stream                      |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          begin_seq            |          num_reports          |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |R|ECN|  Arrival time offset    | ...                           .
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// .                                                               .
+// .                                                               .
+// .                                                               .
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                   SSRC of nth RTP Stream                      |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          begin_seq            |          num_reports          |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |R|ECN|  Arrival time offset    | ...                           |
+// .                                                               .
+// .                                                               .
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                 Report Timestamp (32 bits)                    |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+var (
+	errReportBlockLength   = errors.New("feedback report blocks must be at least 8 bytes")
+	errIncorrectNumReports = errors.New("feedback report block contains less reports than num_reports")
+	errMetricBlockLength   = errors.New("feedback report metric blocks must be exactly 2 bytes")
+)
+
+// ECN represents the two ECN bits
+type ECN uint8
+
+const (
+	//nolint:misspell
+	// ECNNonECT signals Non ECN-Capable Transport, Non-ECT
+	ECNNonECT ECN = iota // 00
+
+	//nolint:misspell
+	// ECNECT1 signals ECN Capable Transport, ECT(0)
+	ECNECT1 // 01
+
+	//nolint:misspell
+	// ECNECT0 signals ECN Capable Transport, ECT(1)
+	ECNECT0 // 10
+
+	// ECNCE signals ECN Congestion Encountered, CE
+	ECNCE // 11
+)
+
+const (
+	reportTimestampLength = 4
+	reportBlockOffset     = 8
+)
+
+// CCFeedbackReport is a Congestion Control Feedback Report as defined in
+// https://www.rfc-editor.org/rfc/rfc8888.html#name-rtcp-congestion-control-fee
+type CCFeedbackReport struct {
+	// SSRC of sender
+	SenderSSRC uint32
+
+	// Report Blocks
+	ReportBlocks []CCFeedbackReportBlock
+
+	// Basetime
+	ReportTimestamp uint32
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (b CCFeedbackReport) DestinationSSRC() []uint32 {
+	ssrcs := make([]uint32, len(b.ReportBlocks))
+	for i, block := range b.ReportBlocks {
+		ssrcs[i] = block.MediaSSRC
+	}
+	return ssrcs
+}
+
+// Len returns the length of the report in bytes
+func (b *CCFeedbackReport) Len() int {
+	return b.MarshalSize()
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (b *CCFeedbackReport) MarshalSize() int {
+	n := 0
+	for _, block := range b.ReportBlocks {
+		n += block.len()
+	}
+	return reportBlockOffset + n + reportTimestampLength
+}
+
+// Header returns the Header associated with this packet.
+func (b *CCFeedbackReport) Header() Header {
+	return Header{
+		Padding: false,
+		Count:   FormatCCFB,
+		Type:    TypeTransportSpecificFeedback,
+		Length:  uint16(b.MarshalSize()/4 - 1),
+	}
+}
+
+// Marshal encodes the Congestion Control Feedback Report in binary
+func (b CCFeedbackReport) Marshal() ([]byte, error) {
+	header := b.Header()
+	headerBuf, err := header.Marshal()
+	if err != nil {
+		return nil, err
+	}
+	length := 4 * (header.Length + 1)
+	buf := make([]byte, length)
+	copy(buf[:headerLength], headerBuf)
+	binary.BigEndian.PutUint32(buf[headerLength:], b.SenderSSRC)
+	offset := reportBlockOffset
+	for _, block := range b.ReportBlocks {
+		b, err := block.marshal()
+		if err != nil {
+			return nil, err
+		}
+		copy(buf[offset:], b)
+		offset += block.len()
+	}
+
+	binary.BigEndian.PutUint32(buf[offset:], b.ReportTimestamp)
+	return buf, nil
+}
+
+func (b CCFeedbackReport) String() string {
+	out := fmt.Sprintf("CCFB:\n\tHeader %v\n", b.Header())
+	out += fmt.Sprintf("CCFB:\n\tSender SSRC %d\n", b.SenderSSRC)
+	out += fmt.Sprintf("\tReport Timestamp %d\n", b.ReportTimestamp)
+	out += "\tFeedback Reports \n"
+	for _, report := range b.ReportBlocks {
+		out += fmt.Sprintf("%v ", report)
+	}
+	out += "\n"
+	return out
+}
+
+// Unmarshal decodes the Congestion Control Feedback Report from binary
+func (b *CCFeedbackReport) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < headerLength+ssrcLength+reportTimestampLength {
+		return errPacketTooShort
+	}
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+	if h.Type != TypeTransportSpecificFeedback {
+		return errWrongType
+	}
+
+	b.SenderSSRC = binary.BigEndian.Uint32(rawPacket[headerLength:])
+
+	reportTimestampOffset := len(rawPacket) - reportTimestampLength
+	b.ReportTimestamp = binary.BigEndian.Uint32(rawPacket[reportTimestampOffset:])
+
+	offset := reportBlockOffset
+	b.ReportBlocks = []CCFeedbackReportBlock{}
+	for offset < reportTimestampOffset {
+		var block CCFeedbackReportBlock
+		if err := block.unmarshal(rawPacket[offset:]); err != nil {
+			return err
+		}
+		b.ReportBlocks = append(b.ReportBlocks, block)
+		offset += block.len()
+	}
+
+	return nil
+}
+
+const (
+	ssrcOffset          = 0
+	beginSequenceOffset = 4
+	numReportsOffset    = 6
+	reportsOffset       = 8
+
+	maxMetricBlocks = 16384
+)
+
+// CCFeedbackReportBlock is a Feedback Report Block
+type CCFeedbackReportBlock struct {
+	// SSRC of the RTP stream on which this block is reporting
+	MediaSSRC     uint32
+	BeginSequence uint16
+	MetricBlocks  []CCFeedbackMetricBlock
+}
+
+// len returns the length of the report block in bytes
+func (b *CCFeedbackReportBlock) len() int {
+	n := len(b.MetricBlocks)
+	if n%2 != 0 {
+		n++
+	}
+	return reportsOffset + 2*n
+}
+
+func (b CCFeedbackReportBlock) String() string {
+	out := fmt.Sprintf("\tReport Block Media SSRC %d\n", b.MediaSSRC)
+	out += fmt.Sprintf("\tReport Begin Sequence Nr %d\n", b.BeginSequence)
+	out += fmt.Sprintf("\tReport length %d\n\t", len(b.MetricBlocks))
+	for i, block := range b.MetricBlocks {
+		out += fmt.Sprintf("{nr: %d, rx: %v, ts: %v} ", b.BeginSequence+uint16(i), block.Received, block.ArrivalTimeOffset)
+	}
+	out += "\n"
+	return out
+}
+
+// marshal encodes the Congestion Control Feedback Report Block in binary
+func (b CCFeedbackReportBlock) marshal() ([]byte, error) {
+	if len(b.MetricBlocks) > maxMetricBlocks {
+		return nil, errTooManyReports
+	}
+
+	buf := make([]byte, b.len())
+	binary.BigEndian.PutUint32(buf[ssrcOffset:], b.MediaSSRC)
+	binary.BigEndian.PutUint16(buf[beginSequenceOffset:], b.BeginSequence)
+
+	length := uint16(len(b.MetricBlocks))
+	if length > 0 {
+		length--
+	}
+
+	binary.BigEndian.PutUint16(buf[numReportsOffset:], length)
+
+	for i, block := range b.MetricBlocks {
+		b, err := block.marshal()
+		if err != nil {
+			return nil, err
+		}
+		copy(buf[reportsOffset+i*2:], b)
+	}
+
+	return buf, nil
+}
+
+// Unmarshal decodes the Congestion Control Feedback Report Block from binary
+func (b *CCFeedbackReportBlock) unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < reportsOffset {
+		return errReportBlockLength
+	}
+	b.MediaSSRC = binary.BigEndian.Uint32(rawPacket[:beginSequenceOffset])
+	b.BeginSequence = binary.BigEndian.Uint16(rawPacket[beginSequenceOffset:numReportsOffset])
+	numReportsField := binary.BigEndian.Uint16(rawPacket[numReportsOffset:])
+	if numReportsField == 0 {
+		return nil
+	}
+
+	if int(b.BeginSequence)+int(numReportsField) > math.MaxUint16 {
+		return errIncorrectNumReports
+	}
+
+	endSequence := b.BeginSequence + numReportsField
+	numReports := int(endSequence - b.BeginSequence + 1)
+
+	if len(rawPacket) < reportsOffset+numReports*2 {
+		return errIncorrectNumReports
+	}
+
+	b.MetricBlocks = make([]CCFeedbackMetricBlock, numReports)
+	for i := int(0); i < numReports; i++ {
+		var mb CCFeedbackMetricBlock
+		offset := reportsOffset + 2*i
+		if err := mb.unmarshal(rawPacket[offset : offset+2]); err != nil {
+			return err
+		}
+		b.MetricBlocks[i] = mb
+	}
+	return nil
+}
+
+const (
+	metricBlockLength = 2
+)
+
+// CCFeedbackMetricBlock is a Feedback Metric Block
+type CCFeedbackMetricBlock struct {
+	Received bool
+	ECN      ECN
+
+	// Offset in 1/1024 seconds before Report Timestamp
+	ArrivalTimeOffset uint16
+}
+
+// Marshal encodes the Congestion Control Feedback Metric Block in binary
+func (b CCFeedbackMetricBlock) marshal() ([]byte, error) {
+	buf := make([]byte, 2)
+	r := uint16(0)
+	if b.Received {
+		r = 1
+	}
+	dst, err := setNBitsOfUint16(0, 1, 0, r)
+	if err != nil {
+		return nil, err
+	}
+	dst, err = setNBitsOfUint16(dst, 2, 1, uint16(b.ECN))
+	if err != nil {
+		return nil, err
+	}
+	dst, err = setNBitsOfUint16(dst, 13, 3, b.ArrivalTimeOffset)
+	if err != nil {
+		return nil, err
+	}
+
+	binary.BigEndian.PutUint16(buf, dst)
+	return buf, nil
+}
+
+// Unmarshal decodes the Congestion Control Feedback Metric Block from binary
+func (b *CCFeedbackMetricBlock) unmarshal(rawPacket []byte) error {
+	if len(rawPacket) != metricBlockLength {
+		return errMetricBlockLength
+	}
+	b.Received = rawPacket[0]&0x80 != 0
+	if !b.Received {
+		b.ECN = ECNNonECT
+		b.ArrivalTimeOffset = 0
+		return nil
+	}
+	b.ECN = ECN(rawPacket[0] >> 5 & 0x03)
+	b.ArrivalTimeOffset = binary.BigEndian.Uint16(rawPacket) & 0x1FFF
+	return nil
+}
diff --git a/server/vendor/github.com/pion/rtcp/sender_report.go b/server/vendor/github.com/pion/rtcp/sender_report.go
new file mode 100644
index 0000000..aaee0ee
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/sender_report.go
@@ -0,0 +1,262 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+// A SenderReport (SR) packet provides reception quality feedback for an RTP stream
+type SenderReport struct {
+	// The synchronization source identifier for the originator of this SR packet.
+	SSRC uint32
+	// The wallclock time when this report was sent so that it may be used in
+	// combination with timestamps returned in reception reports from other
+	// receivers to measure round-trip propagation to those receivers.
+	NTPTime uint64
+	// Corresponds to the same time as the NTP timestamp (above), but in
+	// the same units and with the same random offset as the RTP
+	// timestamps in data packets. This correspondence may be used for
+	// intra- and inter-media synchronization for sources whose NTP
+	// timestamps are synchronized, and may be used by media-independent
+	// receivers to estimate the nominal RTP clock frequency.
+	RTPTime uint32
+	// The total number of RTP data packets transmitted by the sender
+	// since starting transmission up until the time this SR packet was
+	// generated.
+	PacketCount uint32
+	// The total number of payload octets (i.e., not including header or
+	// padding) transmitted in RTP data packets by the sender since
+	// starting transmission up until the time this SR packet was
+	// generated.
+	OctetCount uint32
+	// Zero or more reception report blocks depending on the number of other
+	// sources heard by this sender since the last report. Each reception report
+	// block conveys statistics on the reception of RTP packets from a
+	// single synchronization source.
+	Reports []ReceptionReport
+	// ProfileExtensions contains additional, payload-specific information that needs to
+	// be reported regularly about the sender.
+	ProfileExtensions []byte
+}
+
+const (
+	srHeaderLength      = 24
+	srSSRCOffset        = 0
+	srNTPOffset         = srSSRCOffset + ssrcLength
+	ntpTimeLength       = 8
+	srRTPOffset         = srNTPOffset + ntpTimeLength
+	rtpTimeLength       = 4
+	srPacketCountOffset = srRTPOffset + rtpTimeLength
+	srPacketCountLength = 4
+	srOctetCountOffset  = srPacketCountOffset + srPacketCountLength
+	srOctetCountLength  = 4
+	srReportOffset      = srOctetCountOffset + srOctetCountLength
+)
+
+// Marshal encodes the SenderReport in binary
+func (r SenderReport) Marshal() ([]byte, error) {
+	/*
+	 *         0                   1                   2                   3
+	 *         0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * header |V=2|P|    RC   |   PT=SR=200   |             length            |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                         SSRC of sender                        |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * sender |              NTP timestamp, most significant word             |
+	 * info   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |             NTP timestamp, least significant word             |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                         RTP timestamp                         |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                     sender's packet count                     |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                      sender's octet count                     |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * report |                 SSRC_1 (SSRC of first source)                 |
+	 * block  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *   1    | fraction lost |       cumulative number of packets lost       |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |           extended highest sequence number received           |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                      interarrival jitter                      |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                         last SR (LSR)                         |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                   delay since last SR (DLSR)                  |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * report |                 SSRC_2 (SSRC of second source)                |
+	 * block  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *   2    :                               ...                             :
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 *        |                  profile-specific extensions                  |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	rawPacket := make([]byte, r.MarshalSize())
+	packetBody := rawPacket[headerLength:]
+
+	binary.BigEndian.PutUint32(packetBody[srSSRCOffset:], r.SSRC)
+	binary.BigEndian.PutUint64(packetBody[srNTPOffset:], r.NTPTime)
+	binary.BigEndian.PutUint32(packetBody[srRTPOffset:], r.RTPTime)
+	binary.BigEndian.PutUint32(packetBody[srPacketCountOffset:], r.PacketCount)
+	binary.BigEndian.PutUint32(packetBody[srOctetCountOffset:], r.OctetCount)
+
+	offset := srHeaderLength
+	for _, rp := range r.Reports {
+		data, err := rp.Marshal()
+		if err != nil {
+			return nil, err
+		}
+		copy(packetBody[offset:], data)
+		offset += receptionReportLength
+	}
+
+	if len(r.Reports) > countMax {
+		return nil, errTooManyReports
+	}
+
+	copy(packetBody[offset:], r.ProfileExtensions)
+
+	hData, err := r.Header().Marshal()
+	if err != nil {
+		return nil, err
+	}
+	copy(rawPacket, hData)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the SenderReport from binary
+func (r *SenderReport) Unmarshal(rawPacket []byte) error {
+	/*
+	 *         0                   1                   2                   3
+	 *         0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * header |V=2|P|    RC   |   PT=SR=200   |             length            |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                         SSRC of sender                        |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * sender |              NTP timestamp, most significant word             |
+	 * info   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |             NTP timestamp, least significant word             |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                         RTP timestamp                         |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                     sender's packet count                     |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                      sender's octet count                     |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * report |                 SSRC_1 (SSRC of first source)                 |
+	 * block  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *   1    | fraction lost |       cumulative number of packets lost       |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |           extended highest sequence number received           |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                      interarrival jitter                      |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                         last SR (LSR)                         |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                   delay since last SR (DLSR)                  |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * report |                 SSRC_2 (SSRC of second source)                |
+	 * block  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *   2    :                               ...                             :
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 *        |                  profile-specific extensions                  |
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	if len(rawPacket) < (headerLength + srHeaderLength) {
+		return errPacketTooShort
+	}
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if h.Type != TypeSenderReport {
+		return errWrongType
+	}
+
+	packetBody := rawPacket[headerLength:]
+
+	r.SSRC = binary.BigEndian.Uint32(packetBody[srSSRCOffset:])
+	r.NTPTime = binary.BigEndian.Uint64(packetBody[srNTPOffset:])
+	r.RTPTime = binary.BigEndian.Uint32(packetBody[srRTPOffset:])
+	r.PacketCount = binary.BigEndian.Uint32(packetBody[srPacketCountOffset:])
+	r.OctetCount = binary.BigEndian.Uint32(packetBody[srOctetCountOffset:])
+
+	offset := srReportOffset
+	for i := 0; i < int(h.Count); i++ {
+		rrEnd := offset + receptionReportLength
+		if rrEnd > len(packetBody) {
+			return errPacketTooShort
+		}
+		rrBody := packetBody[offset : offset+receptionReportLength]
+		offset = rrEnd
+
+		var rr ReceptionReport
+		if err := rr.Unmarshal(rrBody); err != nil {
+			return err
+		}
+		r.Reports = append(r.Reports, rr)
+	}
+
+	if offset < len(packetBody) {
+		r.ProfileExtensions = packetBody[offset:]
+	}
+
+	if uint8(len(r.Reports)) != h.Count {
+		return errInvalidHeader
+	}
+
+	return nil
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (r *SenderReport) DestinationSSRC() []uint32 {
+	out := make([]uint32, len(r.Reports)+1)
+	for i, v := range r.Reports {
+		out[i] = v.SSRC
+	}
+	out[len(r.Reports)] = r.SSRC
+	return out
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (r *SenderReport) MarshalSize() int {
+	repsLength := 0
+	for _, rep := range r.Reports {
+		repsLength += rep.len()
+	}
+	return headerLength + srHeaderLength + repsLength + len(r.ProfileExtensions)
+}
+
+// Header returns the Header associated with this packet.
+func (r *SenderReport) Header() Header {
+	return Header{
+		Count:  uint8(len(r.Reports)),
+		Type:   TypeSenderReport,
+		Length: uint16((r.MarshalSize() / 4) - 1),
+	}
+}
+
+func (r SenderReport) String() string {
+	out := fmt.Sprintf("SenderReport from %x\n", r.SSRC)
+	out += fmt.Sprintf("\tNTPTime:\t%d\n", r.NTPTime)
+	out += fmt.Sprintf("\tRTPTIme:\t%d\n", r.RTPTime)
+	out += fmt.Sprintf("\tPacketCount:\t%d\n", r.PacketCount)
+	out += fmt.Sprintf("\tOctetCount:\t%d\n", r.OctetCount)
+
+	out += "\tSSRC    \tLost\tLastSequence\n"
+	for _, i := range r.Reports {
+		out += fmt.Sprintf("\t%x\t%d/%d\t%d\n", i.SSRC, i.FractionLost, i.TotalLost, i.LastSequenceNumber)
+	}
+	out += fmt.Sprintf("\tProfile Extension Data: %v\n", r.ProfileExtensions)
+	return out
+}
diff --git a/server/vendor/github.com/pion/rtcp/slice_loss_indication.go b/server/vendor/github.com/pion/rtcp/slice_loss_indication.go
new file mode 100644
index 0000000..014fcb7
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/slice_loss_indication.go
@@ -0,0 +1,117 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+	"math"
+)
+
+// SLIEntry represents a single entry to the SLI packet's
+// list of lost slices.
+type SLIEntry struct {
+	// ID of first lost slice
+	First uint16
+
+	// Number of lost slices
+	Number uint16
+
+	// ID of related picture
+	Picture uint8
+}
+
+// The SliceLossIndication packet informs the encoder about the loss of a picture slice
+type SliceLossIndication struct {
+	// SSRC of sender
+	SenderSSRC uint32
+
+	// SSRC of the media source
+	MediaSSRC uint32
+
+	SLI []SLIEntry
+}
+
+const (
+	sliLength = 2
+	sliOffset = 8
+)
+
+// Marshal encodes the SliceLossIndication in binary
+func (p SliceLossIndication) Marshal() ([]byte, error) {
+	if len(p.SLI)+sliLength > math.MaxUint8 {
+		return nil, errTooManyReports
+	}
+
+	rawPacket := make([]byte, sliOffset+(len(p.SLI)*4))
+	binary.BigEndian.PutUint32(rawPacket, p.SenderSSRC)
+	binary.BigEndian.PutUint32(rawPacket[4:], p.MediaSSRC)
+	for i, s := range p.SLI {
+		sli := ((uint32(s.First) & 0x1FFF) << 19) |
+			((uint32(s.Number) & 0x1FFF) << 6) |
+			(uint32(s.Picture) & 0x3F)
+		binary.BigEndian.PutUint32(rawPacket[sliOffset+(4*i):], sli)
+	}
+	hData, err := p.Header().Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	return append(hData, rawPacket...), nil
+}
+
+// Unmarshal decodes the SliceLossIndication from binary
+func (p *SliceLossIndication) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < (headerLength + ssrcLength) {
+		return errPacketTooShort
+	}
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if len(rawPacket) < (headerLength + int(4*h.Length)) {
+		return errPacketTooShort
+	}
+
+	if h.Type != TypeTransportSpecificFeedback || h.Count != FormatSLI {
+		return errWrongType
+	}
+
+	p.SenderSSRC = binary.BigEndian.Uint32(rawPacket[headerLength:])
+	p.MediaSSRC = binary.BigEndian.Uint32(rawPacket[headerLength+ssrcLength:])
+	for i := headerLength + sliOffset; i < (headerLength + int(h.Length*4)); i += 4 {
+		sli := binary.BigEndian.Uint32(rawPacket[i:])
+		p.SLI = append(p.SLI, SLIEntry{
+			First:   uint16((sli >> 19) & 0x1FFF),
+			Number:  uint16((sli >> 6) & 0x1FFF),
+			Picture: uint8(sli & 0x3F),
+		})
+	}
+	return nil
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (p *SliceLossIndication) MarshalSize() int {
+	return headerLength + sliOffset + (len(p.SLI) * 4)
+}
+
+// Header returns the Header associated with this packet.
+func (p *SliceLossIndication) Header() Header {
+	return Header{
+		Count:  FormatSLI,
+		Type:   TypeTransportSpecificFeedback,
+		Length: uint16((p.MarshalSize() / 4) - 1),
+	}
+}
+
+func (p *SliceLossIndication) String() string {
+	return fmt.Sprintf("SliceLossIndication %x %x %+v", p.SenderSSRC, p.MediaSSRC, p.SLI)
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (p *SliceLossIndication) DestinationSSRC() []uint32 {
+	return []uint32{p.MediaSSRC}
+}
diff --git a/server/vendor/github.com/pion/rtcp/source_description.go b/server/vendor/github.com/pion/rtcp/source_description.go
new file mode 100644
index 0000000..fc29d8e
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/source_description.go
@@ -0,0 +1,368 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+// SDESType is the item type used in the RTCP SDES control packet.
+type SDESType uint8
+
+// RTP SDES item types registered with IANA. See: https://www.iana.org/assignments/rtp-parameters/rtp-parameters.xhtml#rtp-parameters-5
+const (
+	SDESEnd      SDESType = iota // end of SDES list                RFC 3550, 6.5
+	SDESCNAME                    // canonical name                  RFC 3550, 6.5.1
+	SDESName                     // user name                       RFC 3550, 6.5.2
+	SDESEmail                    // user's electronic mail address  RFC 3550, 6.5.3
+	SDESPhone                    // user's phone number             RFC 3550, 6.5.4
+	SDESLocation                 // geographic user location        RFC 3550, 6.5.5
+	SDESTool                     // name of application or tool     RFC 3550, 6.5.6
+	SDESNote                     // notice about the source         RFC 3550, 6.5.7
+	SDESPrivate                  // private extensions              RFC 3550, 6.5.8  (not implemented)
+)
+
+func (s SDESType) String() string {
+	switch s {
+	case SDESEnd:
+		return "END"
+	case SDESCNAME:
+		return "CNAME"
+	case SDESName:
+		return "NAME"
+	case SDESEmail:
+		return "EMAIL"
+	case SDESPhone:
+		return "PHONE"
+	case SDESLocation:
+		return "LOC"
+	case SDESTool:
+		return "TOOL"
+	case SDESNote:
+		return "NOTE"
+	case SDESPrivate:
+		return "PRIV"
+	default:
+		return string(s)
+	}
+}
+
+const (
+	sdesSourceLen        = 4
+	sdesTypeLen          = 1
+	sdesTypeOffset       = 0
+	sdesOctetCountLen    = 1
+	sdesOctetCountOffset = 1
+	sdesMaxOctetCount    = (1 << 8) - 1
+	sdesTextOffset       = 2
+)
+
+// A SourceDescription (SDES) packet describes the sources in an RTP stream.
+type SourceDescription struct {
+	Chunks []SourceDescriptionChunk
+}
+
+// NewCNAMESourceDescription creates a new SourceDescription with a single CNAME item.
+func NewCNAMESourceDescription(ssrc uint32, cname string) *SourceDescription {
+	return &SourceDescription{
+		Chunks: []SourceDescriptionChunk{{
+			Source: ssrc,
+			Items: []SourceDescriptionItem{{
+				Type: SDESCNAME,
+				Text: cname,
+			}},
+		}},
+	}
+}
+
+// Marshal encodes the SourceDescription in binary
+func (s SourceDescription) Marshal() ([]byte, error) {
+	/*
+	 *         0                   1                   2                   3
+	 *         0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * header |V=2|P|    SC   |  PT=SDES=202  |             length            |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * chunk  |                          SSRC/CSRC_1                          |
+	 *   1    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                           SDES items                          |
+	 *        |                              ...                              |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * chunk  |                          SSRC/CSRC_2                          |
+	 *   2    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                           SDES items                          |
+	 *        |                              ...                              |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 */
+
+	rawPacket := make([]byte, s.MarshalSize())
+	packetBody := rawPacket[headerLength:]
+
+	chunkOffset := 0
+	for _, c := range s.Chunks {
+		data, err := c.Marshal()
+		if err != nil {
+			return nil, err
+		}
+		copy(packetBody[chunkOffset:], data)
+		chunkOffset += len(data)
+	}
+
+	if len(s.Chunks) > countMax {
+		return nil, errTooManyChunks
+	}
+
+	hData, err := s.Header().Marshal()
+	if err != nil {
+		return nil, err
+	}
+	copy(rawPacket, hData)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the SourceDescription from binary
+func (s *SourceDescription) Unmarshal(rawPacket []byte) error {
+	/*
+	 *         0                   1                   2                   3
+	 *         0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *        +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * header |V=2|P|    SC   |  PT=SDES=202  |             length            |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * chunk  |                          SSRC/CSRC_1                          |
+	 *   1    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                           SDES items                          |
+	 *        |                              ...                              |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * chunk  |                          SSRC/CSRC_2                          |
+	 *   2    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *        |                           SDES items                          |
+	 *        |                              ...                              |
+	 *        +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 */
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if h.Type != TypeSourceDescription {
+		return errWrongType
+	}
+
+	for i := headerLength; i < len(rawPacket); {
+		var chunk SourceDescriptionChunk
+		if err := chunk.Unmarshal(rawPacket[i:]); err != nil {
+			return err
+		}
+		s.Chunks = append(s.Chunks, chunk)
+
+		i += chunk.len()
+	}
+
+	if len(s.Chunks) != int(h.Count) {
+		return errInvalidHeader
+	}
+
+	return nil
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (s *SourceDescription) MarshalSize() int {
+	chunksLength := 0
+	for _, c := range s.Chunks {
+		chunksLength += c.len()
+	}
+	return headerLength + chunksLength
+}
+
+// Header returns the Header associated with this packet.
+func (s *SourceDescription) Header() Header {
+	return Header{
+		Count:  uint8(len(s.Chunks)),
+		Type:   TypeSourceDescription,
+		Length: uint16((s.MarshalSize() / 4) - 1),
+	}
+}
+
+// A SourceDescriptionChunk contains items describing a single RTP source
+type SourceDescriptionChunk struct {
+	// The source (ssrc) or contributing source (csrc) identifier this packet describes
+	Source uint32
+	Items  []SourceDescriptionItem
+}
+
+// Marshal encodes the SourceDescriptionChunk in binary
+func (s SourceDescriptionChunk) Marshal() ([]byte, error) {
+	/*
+	 *  +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 *  |                          SSRC/CSRC_1                          |
+	 *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *  |                           SDES items                          |
+	 *  |                              ...                              |
+	 *  +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 */
+
+	rawPacket := make([]byte, sdesSourceLen)
+	binary.BigEndian.PutUint32(rawPacket, s.Source)
+
+	for _, it := range s.Items {
+		data, err := it.Marshal()
+		if err != nil {
+			return nil, err
+		}
+		rawPacket = append(rawPacket, data...)
+	}
+
+	// The list of items in each chunk MUST be terminated by one or more null octets
+	rawPacket = append(rawPacket, uint8(SDESEnd))
+
+	// additional null octets MUST be included if needed to pad until the next 32-bit boundary
+	rawPacket = append(rawPacket, make([]byte, getPadding(len(rawPacket)))...)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the SourceDescriptionChunk from binary
+func (s *SourceDescriptionChunk) Unmarshal(rawPacket []byte) error {
+	/*
+	 *  +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 *  |                          SSRC/CSRC_1                          |
+	 *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *  |                           SDES items                          |
+	 *  |                              ...                              |
+	 *  +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 */
+
+	if len(rawPacket) < (sdesSourceLen + sdesTypeLen) {
+		return errPacketTooShort
+	}
+
+	s.Source = binary.BigEndian.Uint32(rawPacket)
+
+	for i := 4; i < len(rawPacket); {
+		if pktType := SDESType(rawPacket[i]); pktType == SDESEnd {
+			return nil
+		}
+
+		var it SourceDescriptionItem
+		if err := it.Unmarshal(rawPacket[i:]); err != nil {
+			return err
+		}
+		s.Items = append(s.Items, it)
+		i += it.Len()
+	}
+
+	return errPacketTooShort
+}
+
+func (s SourceDescriptionChunk) len() int {
+	chunkLen := sdesSourceLen
+	for _, it := range s.Items {
+		chunkLen += it.Len()
+	}
+	chunkLen += sdesTypeLen // for terminating null octet
+
+	// align to 32-bit boundary
+	chunkLen += getPadding(chunkLen)
+
+	return chunkLen
+}
+
+// A SourceDescriptionItem is a part of a SourceDescription that describes a stream.
+type SourceDescriptionItem struct {
+	// The type identifier for this item. eg, SDESCNAME for canonical name description.
+	//
+	// Type zero or SDESEnd is interpreted as the end of an item list and cannot be used.
+	Type SDESType
+	// Text is a unicode text blob associated with the item. Its meaning varies based on the item's Type.
+	Text string
+}
+
+// Len returns the length of the SourceDescriptionItem when encoded as binary.
+func (s SourceDescriptionItem) Len() int {
+	/*
+	 *   0                   1                   2                   3
+	 *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *  |    CNAME=1    |     length    | user and domain name        ...
+	 *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+	return sdesTypeLen + sdesOctetCountLen + len([]byte(s.Text))
+}
+
+// Marshal encodes the SourceDescriptionItem in binary
+func (s SourceDescriptionItem) Marshal() ([]byte, error) {
+	/*
+	 *   0                   1                   2                   3
+	 *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *  |    CNAME=1    |     length    | user and domain name        ...
+	 *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	if s.Type == SDESEnd {
+		return nil, errSDESMissingType
+	}
+
+	rawPacket := make([]byte, sdesTypeLen+sdesOctetCountLen)
+
+	rawPacket[sdesTypeOffset] = uint8(s.Type)
+
+	txtBytes := []byte(s.Text)
+	octetCount := len(txtBytes)
+	if octetCount > sdesMaxOctetCount {
+		return nil, errSDESTextTooLong
+	}
+	rawPacket[sdesOctetCountOffset] = uint8(octetCount)
+
+	rawPacket = append(rawPacket, txtBytes...)
+
+	return rawPacket, nil
+}
+
+// Unmarshal decodes the SourceDescriptionItem from binary
+func (s *SourceDescriptionItem) Unmarshal(rawPacket []byte) error {
+	/*
+	 *   0                   1                   2                   3
+	 *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 *  |    CNAME=1    |     length    | user and domain name        ...
+	 *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	if len(rawPacket) < (sdesTypeLen + sdesOctetCountLen) {
+		return errPacketTooShort
+	}
+
+	s.Type = SDESType(rawPacket[sdesTypeOffset])
+
+	octetCount := int(rawPacket[sdesOctetCountOffset])
+	if sdesTextOffset+octetCount > len(rawPacket) {
+		return errPacketTooShort
+	}
+
+	txtBytes := rawPacket[sdesTextOffset : sdesTextOffset+octetCount]
+	s.Text = string(txtBytes)
+
+	return nil
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (s *SourceDescription) DestinationSSRC() []uint32 {
+	out := make([]uint32, len(s.Chunks))
+	for i, v := range s.Chunks {
+		out[i] = v.Source
+	}
+	return out
+}
+
+func (s *SourceDescription) String() string {
+	out := "Source Description:\n"
+	for _, c := range s.Chunks {
+		out += fmt.Sprintf("\t%x: %s\n", c.Source, c.Items)
+	}
+	return out
+}
diff --git a/server/vendor/github.com/pion/rtcp/transport_layer_cc.go b/server/vendor/github.com/pion/rtcp/transport_layer_cc.go
new file mode 100644
index 0000000..55b2162
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/transport_layer_cc.go
@@ -0,0 +1,566 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+// Author: adwpc
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"math"
+)
+
+// https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#page-5
+// 0                   1                   2                   3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |V=2|P|  FMT=15 |    PT=205     |           length              |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                     SSRC of packet sender                     |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                      SSRC of media source                     |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |      base sequence number     |      packet status count      |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                 reference time                | fb pkt. count |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |          packet chunk         |         packet chunk          |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// .                                                               .
+// .                                                               .
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |         packet chunk          |  recv delta   |  recv delta   |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// .                                                               .
+// .                                                               .
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |           recv delta          |  recv delta   | zero padding  |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+// for packet status chunk
+const (
+	// type of packet status chunk
+	TypeTCCRunLengthChunk    = 0
+	TypeTCCStatusVectorChunk = 1
+
+	// len of packet status chunk
+	packetStatusChunkLength = 2
+)
+
+// type of packet status symbol and recv delta
+const (
+	// https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#section-3.1.1
+	TypeTCCPacketNotReceived = uint16(iota)
+	TypeTCCPacketReceivedSmallDelta
+	TypeTCCPacketReceivedLargeDelta
+	// https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#page-7
+	// see Example 2: "packet received, w/o recv delta"
+	TypeTCCPacketReceivedWithoutDelta
+)
+
+// for status vector chunk
+const (
+	// https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#section-3.1.4
+	TypeTCCSymbolSizeOneBit = 0
+	TypeTCCSymbolSizeTwoBit = 1
+
+	// Notice: RFC is wrong: "packet received" (0) and "packet not received" (1)
+	// if S == TypeTCCSymbolSizeOneBit, symbol list will be: TypeTCCPacketNotReceived TypeTCCPacketReceivedSmallDelta
+	// if S == TypeTCCSymbolSizeTwoBit, symbol list will be same as above:
+)
+
+func numOfBitsOfSymbolSize() map[uint16]uint16 {
+	return map[uint16]uint16{
+		TypeTCCSymbolSizeOneBit: 1,
+		TypeTCCSymbolSizeTwoBit: 2,
+	}
+}
+
+var (
+	errPacketStatusChunkLength = errors.New("packet status chunk must be 2 bytes")
+	errDeltaExceedLimit        = errors.New("delta exceed limit")
+)
+
+// PacketStatusChunk has two kinds:
+// RunLengthChunk and StatusVectorChunk
+type PacketStatusChunk interface {
+	Marshal() ([]byte, error)
+	Unmarshal(rawPacket []byte) error
+}
+
+// RunLengthChunk T=TypeTCCRunLengthChunk
+// 0                   1
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |T| S |       Run Length        |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type RunLengthChunk struct {
+	PacketStatusChunk
+
+	// T = TypeTCCRunLengthChunk
+	Type uint16
+
+	// S: type of packet status
+	// kind: TypeTCCPacketNotReceived or...
+	PacketStatusSymbol uint16
+
+	// RunLength: count of S
+	RunLength uint16
+}
+
+// Marshal ..
+func (r RunLengthChunk) Marshal() ([]byte, error) {
+	chunk := make([]byte, 2)
+
+	// append 1 bit '0'
+	dst, err := setNBitsOfUint16(0, 1, 0, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	// append 2 bit PacketStatusSymbol
+	dst, err = setNBitsOfUint16(dst, 2, 1, r.PacketStatusSymbol)
+	if err != nil {
+		return nil, err
+	}
+
+	// append 13 bit RunLength
+	dst, err = setNBitsOfUint16(dst, 13, 3, r.RunLength)
+	if err != nil {
+		return nil, err
+	}
+
+	binary.BigEndian.PutUint16(chunk, dst)
+	return chunk, nil
+}
+
+// Unmarshal ..
+func (r *RunLengthChunk) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) != packetStatusChunkLength {
+		return errPacketStatusChunkLength
+	}
+
+	// record type
+	r.Type = TypeTCCRunLengthChunk
+
+	// get PacketStatusSymbol
+	// r.PacketStatusSymbol = uint16(rawPacket[0] >> 5 & 0x03)
+	r.PacketStatusSymbol = getNBitsFromByte(rawPacket[0], 1, 2)
+
+	// get RunLength
+	// r.RunLength = uint16(rawPacket[0]&0x1F)*256 + uint16(rawPacket[1])
+	r.RunLength = getNBitsFromByte(rawPacket[0], 3, 5)<<8 + uint16(rawPacket[1])
+	return nil
+}
+
+// StatusVectorChunk T=typeStatusVecotrChunk
+// 0                   1
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |T|S|       symbol list         |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type StatusVectorChunk struct {
+	PacketStatusChunk
+	// T = TypeTCCRunLengthChunk
+	Type uint16
+
+	// TypeTCCSymbolSizeOneBit or TypeTCCSymbolSizeTwoBit
+	SymbolSize uint16
+
+	// when SymbolSize = TypeTCCSymbolSizeOneBit, SymbolList is 14*1bit:
+	// TypeTCCSymbolListPacketReceived or TypeTCCSymbolListPacketNotReceived
+	// when SymbolSize = TypeTCCSymbolSizeTwoBit, SymbolList is 7*2bit:
+	// TypeTCCPacketNotReceived TypeTCCPacketReceivedSmallDelta TypeTCCPacketReceivedLargeDelta or typePacketReserved
+	SymbolList []uint16
+}
+
+// Marshal ..
+func (r StatusVectorChunk) Marshal() ([]byte, error) {
+	chunk := make([]byte, 2)
+
+	// set first bit '1'
+	dst, err := setNBitsOfUint16(0, 1, 0, 1)
+	if err != nil {
+		return nil, err
+	}
+
+	// set second bit SymbolSize
+	dst, err = setNBitsOfUint16(dst, 1, 1, r.SymbolSize)
+	if err != nil {
+		return nil, err
+	}
+
+	numOfBits := numOfBitsOfSymbolSize()[r.SymbolSize]
+	// append 14 bit SymbolList
+	for i, s := range r.SymbolList {
+		index := numOfBits*uint16(i) + 2
+		dst, err = setNBitsOfUint16(dst, numOfBits, index, s)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	binary.BigEndian.PutUint16(chunk, dst)
+	// set SymbolList(bit8-15)
+	// chunk[1] = uint8(r.SymbolList) & 0x0f
+	return chunk, nil
+}
+
+// Unmarshal ..
+func (r *StatusVectorChunk) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) != packetStatusChunkLength {
+		return errPacketStatusChunkLength
+	}
+
+	r.Type = TypeTCCStatusVectorChunk
+	r.SymbolSize = getNBitsFromByte(rawPacket[0], 1, 1)
+
+	if r.SymbolSize == TypeTCCSymbolSizeOneBit {
+		for i := uint16(0); i < 6; i++ {
+			r.SymbolList = append(r.SymbolList, getNBitsFromByte(rawPacket[0], 2+i, 1))
+		}
+		for i := uint16(0); i < 8; i++ {
+			r.SymbolList = append(r.SymbolList, getNBitsFromByte(rawPacket[1], i, 1))
+		}
+		return nil
+	}
+	if r.SymbolSize == TypeTCCSymbolSizeTwoBit {
+		for i := uint16(0); i < 3; i++ {
+			r.SymbolList = append(r.SymbolList, getNBitsFromByte(rawPacket[0], 2+i*2, 2))
+		}
+		for i := uint16(0); i < 4; i++ {
+			r.SymbolList = append(r.SymbolList, getNBitsFromByte(rawPacket[1], i*2, 2))
+		}
+		return nil
+	}
+
+	r.SymbolSize = getNBitsFromByte(rawPacket[0], 2, 6)<<8 + uint16(rawPacket[1])
+	return nil
+}
+
+const (
+	// TypeTCCDeltaScaleFactor https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#section-3.1.5
+	TypeTCCDeltaScaleFactor = 250
+)
+
+// RecvDelta are represented as multiples of 250us
+// small delta is 1 byte: [0，63.75]ms = [0, 63750]us = [0, 255]*250us
+// big delta is 2 bytes: [-8192.0, 8191.75]ms = [-8192000, 8191750]us = [-32768, 32767]*250us
+// https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#section-3.1.5
+type RecvDelta struct {
+	Type uint16
+	// us
+	Delta int64
+}
+
+// Marshal ..
+func (r RecvDelta) Marshal() ([]byte, error) {
+	delta := r.Delta / TypeTCCDeltaScaleFactor
+
+	// small delta
+	if r.Type == TypeTCCPacketReceivedSmallDelta && delta >= 0 && delta <= math.MaxUint8 {
+		deltaChunk := make([]byte, 1)
+		deltaChunk[0] = byte(delta)
+		return deltaChunk, nil
+	}
+
+	// big delta
+	if r.Type == TypeTCCPacketReceivedLargeDelta && delta >= math.MinInt16 && delta <= math.MaxInt16 {
+		deltaChunk := make([]byte, 2)
+		binary.BigEndian.PutUint16(deltaChunk, uint16(delta))
+		return deltaChunk, nil
+	}
+
+	// overflow
+	return nil, errDeltaExceedLimit
+}
+
+// Unmarshal ..
+func (r *RecvDelta) Unmarshal(rawPacket []byte) error {
+	chunkLen := len(rawPacket)
+
+	// must be 1 or 2 bytes
+	if chunkLen != 1 && chunkLen != 2 {
+		return errDeltaExceedLimit
+	}
+
+	if chunkLen == 1 {
+		r.Type = TypeTCCPacketReceivedSmallDelta
+		r.Delta = TypeTCCDeltaScaleFactor * int64(rawPacket[0])
+		return nil
+	}
+
+	r.Type = TypeTCCPacketReceivedLargeDelta
+	r.Delta = TypeTCCDeltaScaleFactor * int64(int16(binary.BigEndian.Uint16(rawPacket)))
+	return nil
+}
+
+const (
+	// the offset after header
+	baseSequenceNumberOffset = 8
+	packetStatusCountOffset  = 10
+	referenceTimeOffset      = 12
+	fbPktCountOffset         = 15
+	packetChunkOffset        = 16
+)
+
+// TransportLayerCC for sender-BWE
+// https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#page-5
+type TransportLayerCC struct {
+	// header
+	Header Header
+
+	// SSRC of sender
+	SenderSSRC uint32
+
+	// SSRC of the media source
+	MediaSSRC uint32
+
+	// Transport wide sequence of rtp extension
+	BaseSequenceNumber uint16
+
+	// PacketStatusCount
+	PacketStatusCount uint16
+
+	// ReferenceTime
+	ReferenceTime uint32
+
+	// FbPktCount
+	FbPktCount uint8
+
+	// PacketChunks
+	PacketChunks []PacketStatusChunk
+
+	// RecvDeltas
+	RecvDeltas []*RecvDelta
+}
+
+// Header returns the Header associated with this packet.
+// func (t *TransportLayerCC) Header() Header {
+// return t.Header
+// return Header{
+// Padding: true,
+// Count:   FormatTCC,
+// Type:    TypeTCCTransportSpecificFeedback,
+// // https://tools.ietf.org/html/rfc4585#page-33
+// Length: uint16((t.len() / 4) - 1),
+// }
+// }
+
+func (t *TransportLayerCC) packetLen() uint16 {
+	n := uint16(headerLength + packetChunkOffset + len(t.PacketChunks)*2)
+	for _, d := range t.RecvDeltas {
+		if d.Type == TypeTCCPacketReceivedSmallDelta {
+			n++
+		} else {
+			n += 2
+		}
+	}
+	return n
+}
+
+// Len return total bytes with padding
+func (t *TransportLayerCC) Len() uint16 {
+	return uint16(t.MarshalSize())
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (t *TransportLayerCC) MarshalSize() int {
+	n := t.packetLen()
+	// has padding
+	if n%4 != 0 {
+		n = (n/4 + 1) * 4
+	}
+
+	return int(n)
+}
+
+func (t TransportLayerCC) String() string {
+	out := fmt.Sprintf("TransportLayerCC:\n\tHeader %v\n", t.Header)
+	out += fmt.Sprintf("TransportLayerCC:\n\tSender Ssrc %d\n", t.SenderSSRC)
+	out += fmt.Sprintf("\tMedia Ssrc %d\n", t.MediaSSRC)
+	out += fmt.Sprintf("\tBase Sequence Number %d\n", t.BaseSequenceNumber)
+	out += fmt.Sprintf("\tStatus Count %d\n", t.PacketStatusCount)
+	out += fmt.Sprintf("\tReference Time %d\n", t.ReferenceTime)
+	out += fmt.Sprintf("\tFeedback Packet Count %d\n", t.FbPktCount)
+	out += "\tPacketChunks "
+	for _, chunk := range t.PacketChunks {
+		out += fmt.Sprintf("%+v ", chunk)
+	}
+	out += "\n\tRecvDeltas "
+	for _, delta := range t.RecvDeltas {
+		out += fmt.Sprintf("%+v ", delta)
+	}
+	out += "\n"
+	return out
+}
+
+// Marshal encodes the TransportLayerCC in binary
+func (t TransportLayerCC) Marshal() ([]byte, error) {
+	header, err := t.Header.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	payload := make([]byte, t.MarshalSize()-headerLength)
+	binary.BigEndian.PutUint32(payload, t.SenderSSRC)
+	binary.BigEndian.PutUint32(payload[4:], t.MediaSSRC)
+	binary.BigEndian.PutUint16(payload[baseSequenceNumberOffset:], t.BaseSequenceNumber)
+	binary.BigEndian.PutUint16(payload[packetStatusCountOffset:], t.PacketStatusCount)
+	ReferenceTimeAndFbPktCount := appendNBitsToUint32(0, 24, t.ReferenceTime)
+	ReferenceTimeAndFbPktCount = appendNBitsToUint32(ReferenceTimeAndFbPktCount, 8, uint32(t.FbPktCount))
+	binary.BigEndian.PutUint32(payload[referenceTimeOffset:], ReferenceTimeAndFbPktCount)
+
+	for i, chunk := range t.PacketChunks {
+		b, err := chunk.Marshal()
+		if err != nil {
+			return nil, err
+		}
+		copy(payload[packetChunkOffset+i*2:], b)
+	}
+
+	recvDeltaOffset := packetChunkOffset + len(t.PacketChunks)*2
+	var i int
+	for _, delta := range t.RecvDeltas {
+		b, err := delta.Marshal()
+		if err == nil {
+			copy(payload[recvDeltaOffset+i:], b)
+			i++
+			if delta.Type == TypeTCCPacketReceivedLargeDelta {
+				i++
+			}
+		}
+	}
+
+	if t.Header.Padding {
+		payload[len(payload)-1] = uint8(t.MarshalSize() - int(t.packetLen()))
+	}
+
+	return append(header, payload...), nil
+}
+
+// Unmarshal ..
+func (t *TransportLayerCC) Unmarshal(rawPacket []byte) error { //nolint:gocognit
+	if len(rawPacket) < (headerLength + ssrcLength) {
+		return errPacketTooShort
+	}
+
+	if err := t.Header.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	// https://tools.ietf.org/html/rfc4585#page-33
+	// header's length + payload's length
+	totalLength := 4 * (t.Header.Length + 1)
+
+	if totalLength < headerLength+packetChunkOffset {
+		return errPacketTooShort
+	}
+
+	if len(rawPacket) < int(totalLength) {
+		return errPacketTooShort
+	}
+
+	if t.Header.Type != TypeTransportSpecificFeedback || t.Header.Count != FormatTCC {
+		return errWrongType
+	}
+
+	t.SenderSSRC = binary.BigEndian.Uint32(rawPacket[headerLength:])
+	t.MediaSSRC = binary.BigEndian.Uint32(rawPacket[headerLength+ssrcLength:])
+	t.BaseSequenceNumber = binary.BigEndian.Uint16(rawPacket[headerLength+baseSequenceNumberOffset:])
+	t.PacketStatusCount = binary.BigEndian.Uint16(rawPacket[headerLength+packetStatusCountOffset:])
+	t.ReferenceTime = get24BitsFromBytes(rawPacket[headerLength+referenceTimeOffset : headerLength+referenceTimeOffset+3])
+	t.FbPktCount = rawPacket[headerLength+fbPktCountOffset]
+
+	packetStatusPos := uint16(headerLength + packetChunkOffset)
+	var processedPacketNum uint16
+	for processedPacketNum < t.PacketStatusCount {
+		if packetStatusPos+packetStatusChunkLength >= totalLength {
+			return errPacketTooShort
+		}
+		typ := getNBitsFromByte(rawPacket[packetStatusPos : packetStatusPos+1][0], 0, 1)
+		var iPacketStatus PacketStatusChunk
+		switch typ {
+		case TypeTCCRunLengthChunk:
+			packetStatus := &RunLengthChunk{Type: typ}
+			iPacketStatus = packetStatus
+			err := packetStatus.Unmarshal(rawPacket[packetStatusPos : packetStatusPos+2])
+			if err != nil {
+				return err
+			}
+
+			packetNumberToProcess := min(t.PacketStatusCount-processedPacketNum, packetStatus.RunLength)
+			if packetStatus.PacketStatusSymbol == TypeTCCPacketReceivedSmallDelta ||
+				packetStatus.PacketStatusSymbol == TypeTCCPacketReceivedLargeDelta {
+				for j := uint16(0); j < packetNumberToProcess; j++ {
+					t.RecvDeltas = append(t.RecvDeltas, &RecvDelta{Type: packetStatus.PacketStatusSymbol})
+				}
+			}
+			processedPacketNum += packetNumberToProcess
+		case TypeTCCStatusVectorChunk:
+			packetStatus := &StatusVectorChunk{Type: typ}
+			iPacketStatus = packetStatus
+			err := packetStatus.Unmarshal(rawPacket[packetStatusPos : packetStatusPos+2])
+			if err != nil {
+				return err
+			}
+			if packetStatus.SymbolSize == TypeTCCSymbolSizeOneBit {
+				for j := 0; j < len(packetStatus.SymbolList); j++ {
+					if packetStatus.SymbolList[j] == TypeTCCPacketReceivedSmallDelta {
+						t.RecvDeltas = append(t.RecvDeltas, &RecvDelta{Type: TypeTCCPacketReceivedSmallDelta})
+					}
+				}
+			}
+			if packetStatus.SymbolSize == TypeTCCSymbolSizeTwoBit {
+				for j := 0; j < len(packetStatus.SymbolList); j++ {
+					if packetStatus.SymbolList[j] == TypeTCCPacketReceivedSmallDelta || packetStatus.SymbolList[j] == TypeTCCPacketReceivedLargeDelta {
+						t.RecvDeltas = append(t.RecvDeltas, &RecvDelta{Type: packetStatus.SymbolList[j]})
+					}
+				}
+			}
+			processedPacketNum += uint16(len(packetStatus.SymbolList))
+		}
+		packetStatusPos += packetStatusChunkLength
+		t.PacketChunks = append(t.PacketChunks, iPacketStatus)
+	}
+
+	recvDeltasPos := packetStatusPos
+	for _, delta := range t.RecvDeltas {
+		if delta.Type == TypeTCCPacketReceivedSmallDelta {
+			if recvDeltasPos+1 > totalLength {
+				return errPacketTooShort
+			}
+			err := delta.Unmarshal(rawPacket[recvDeltasPos : recvDeltasPos+1])
+			if err != nil {
+				return err
+			}
+			recvDeltasPos++
+		}
+		if delta.Type == TypeTCCPacketReceivedLargeDelta {
+			if recvDeltasPos+2 > totalLength {
+				return errPacketTooShort
+			}
+			err := delta.Unmarshal(rawPacket[recvDeltasPos : recvDeltasPos+2])
+			if err != nil {
+				return err
+			}
+			recvDeltasPos += 2
+		}
+	}
+
+	return nil
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (t TransportLayerCC) DestinationSSRC() []uint32 {
+	return []uint32{t.MediaSSRC}
+}
+
+func min(x, y uint16) uint16 {
+	if x < y {
+		return x
+	}
+	return y
+}
diff --git a/server/vendor/github.com/pion/rtcp/transport_layer_nack.go b/server/vendor/github.com/pion/rtcp/transport_layer_nack.go
new file mode 100644
index 0000000..802b915
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/transport_layer_nack.go
@@ -0,0 +1,181 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+import (
+	"encoding/binary"
+	"fmt"
+	"math"
+)
+
+// PacketBitmap shouldn't be used like a normal integral,
+// so it's type is masked here. Access it with PacketList().
+type PacketBitmap uint16
+
+// NackPair is a wire-representation of a collection of
+// Lost RTP packets
+type NackPair struct {
+	// ID of lost packets
+	PacketID uint16
+
+	// Bitmask of following lost packets
+	LostPackets PacketBitmap
+}
+
+// The TransportLayerNack packet informs the encoder about the loss of a transport packet
+// IETF RFC 4585, Section 6.2.1
+// https://tools.ietf.org/html/rfc4585#section-6.2.1
+type TransportLayerNack struct {
+	// SSRC of sender
+	SenderSSRC uint32
+
+	// SSRC of the media source
+	MediaSSRC uint32
+
+	Nacks []NackPair
+}
+
+// NackPairsFromSequenceNumbers generates a slice of NackPair from a list of SequenceNumbers
+// This handles generating the proper values for PacketID/LostPackets
+func NackPairsFromSequenceNumbers(sequenceNumbers []uint16) (pairs []NackPair) {
+	if len(sequenceNumbers) == 0 {
+		return []NackPair{}
+	}
+
+	nackPair := &NackPair{PacketID: sequenceNumbers[0]}
+	for i := 1; i < len(sequenceNumbers); i++ {
+		m := sequenceNumbers[i]
+
+		if m-nackPair.PacketID > 16 {
+			pairs = append(pairs, *nackPair)
+			nackPair = &NackPair{PacketID: m}
+			continue
+		}
+
+		nackPair.LostPackets |= 1 << (m - nackPair.PacketID - 1)
+	}
+	pairs = append(pairs, *nackPair)
+	return
+}
+
+// Range calls f sequentially for each sequence number covered by n.
+// If f returns false, Range stops the iteration.
+func (n *NackPair) Range(f func(seqno uint16) bool) {
+	more := f(n.PacketID)
+	if !more {
+		return
+	}
+
+	b := n.LostPackets
+	for i := uint16(0); b != 0; i++ {
+		if (b & (1 << i)) != 0 {
+			b &^= (1 << i)
+			more = f(n.PacketID + i + 1)
+			if !more {
+				return
+			}
+		}
+	}
+}
+
+// PacketList returns a list of Nack'd packets that's referenced by a NackPair
+func (n *NackPair) PacketList() []uint16 {
+	out := make([]uint16, 0, 17)
+	n.Range(func(seqno uint16) bool {
+		out = append(out, seqno)
+		return true
+	})
+	return out
+}
+
+const (
+	tlnLength  = 2
+	nackOffset = 8
+)
+
+// Marshal encodes the TransportLayerNack in binary
+func (p TransportLayerNack) Marshal() ([]byte, error) {
+	if len(p.Nacks)+tlnLength > math.MaxUint8 {
+		return nil, errTooManyReports
+	}
+
+	rawPacket := make([]byte, nackOffset+(len(p.Nacks)*4))
+	binary.BigEndian.PutUint32(rawPacket, p.SenderSSRC)
+	binary.BigEndian.PutUint32(rawPacket[4:], p.MediaSSRC)
+	for i := 0; i < len(p.Nacks); i++ {
+		binary.BigEndian.PutUint16(rawPacket[nackOffset+(4*i):], p.Nacks[i].PacketID)
+		binary.BigEndian.PutUint16(rawPacket[nackOffset+(4*i)+2:], uint16(p.Nacks[i].LostPackets))
+	}
+	h := p.Header()
+	hData, err := h.Marshal()
+	if err != nil {
+		return nil, err
+	}
+
+	return append(hData, rawPacket...), nil
+}
+
+// Unmarshal decodes the TransportLayerNack from binary
+func (p *TransportLayerNack) Unmarshal(rawPacket []byte) error {
+	if len(rawPacket) < (headerLength + ssrcLength) {
+		return errPacketTooShort
+	}
+
+	var h Header
+	if err := h.Unmarshal(rawPacket); err != nil {
+		return err
+	}
+
+	if len(rawPacket) < (headerLength + int(4*h.Length)) {
+		return errPacketTooShort
+	}
+
+	if h.Type != TypeTransportSpecificFeedback || h.Count != FormatTLN {
+		return errWrongType
+	}
+
+	// The FCI field MUST contain at least one and MAY contain more than one Generic NACK
+	if 4*h.Length <= nackOffset {
+		return errBadLength
+	}
+
+	p.SenderSSRC = binary.BigEndian.Uint32(rawPacket[headerLength:])
+	p.MediaSSRC = binary.BigEndian.Uint32(rawPacket[headerLength+ssrcLength:])
+	for i := headerLength + nackOffset; i < (headerLength + int(h.Length*4)); i += 4 {
+		p.Nacks = append(p.Nacks, NackPair{
+			binary.BigEndian.Uint16(rawPacket[i:]),
+			PacketBitmap(binary.BigEndian.Uint16(rawPacket[i+2:])),
+		})
+	}
+	return nil
+}
+
+// MarshalSize returns the size of the packet once marshaled
+func (p *TransportLayerNack) MarshalSize() int {
+	return headerLength + nackOffset + (len(p.Nacks) * 4)
+}
+
+// Header returns the Header associated with this packet.
+func (p *TransportLayerNack) Header() Header {
+	return Header{
+		Count:  FormatTLN,
+		Type:   TypeTransportSpecificFeedback,
+		Length: uint16((p.MarshalSize() / 4) - 1),
+	}
+}
+
+func (p TransportLayerNack) String() string {
+	out := fmt.Sprintf("TransportLayerNack from %x\n", p.SenderSSRC)
+	out += fmt.Sprintf("\tMedia Ssrc %x\n", p.MediaSSRC)
+	out += "\tID\tLostPackets\n"
+	for _, i := range p.Nacks {
+		out += fmt.Sprintf("\t%d\t%b\n", i.PacketID, i.LostPackets)
+	}
+	return out
+}
+
+// DestinationSSRC returns an array of SSRC values that this packet refers to.
+func (p *TransportLayerNack) DestinationSSRC() []uint32 {
+	return []uint32{p.MediaSSRC}
+}
diff --git a/server/vendor/github.com/pion/rtcp/util.go b/server/vendor/github.com/pion/rtcp/util.go
new file mode 100644
index 0000000..c68cebe
--- /dev/null
+++ b/server/vendor/github.com/pion/rtcp/util.go
@@ -0,0 +1,41 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtcp
+
+// getPadding Returns the padding required to make the length a multiple of 4
+func getPadding(packetLen int) int {
+	if packetLen%4 == 0 {
+		return 0
+	}
+	return 4 - (packetLen % 4)
+}
+
+// setNBitsOfUint16 will truncate the value to size, left-shift to startIndex position and set
+func setNBitsOfUint16(src, size, startIndex, val uint16) (uint16, error) {
+	if startIndex+size > 16 {
+		return 0, errInvalidSizeOrStartIndex
+	}
+
+	// truncate val to size bits
+	val &= (1 << size) - 1
+
+	return src | (val << (16 - size - startIndex)), nil
+}
+
+// appendBit32 will left-shift and append n bits of val
+func appendNBitsToUint32(src, n, val uint32) uint32 {
+	return (src << n) | (val & (0xFFFFFFFF >> (32 - n)))
+}
+
+// getNBit get n bits from 1 byte, begin with a position
+func getNBitsFromByte(b byte, begin, n uint16) uint16 {
+	endShift := 8 - (begin + n)
+	mask := (0xFF >> begin) & uint8(0xFF<<endShift)
+	return uint16(b&mask) >> endShift
+}
+
+// get24BitFromBytes get 24bits from `[3]byte` slice
+func get24BitsFromBytes(b []byte) uint32 {
+	return uint32(b[0])<<16 + uint32(b[1])<<8 + uint32(b[2])
+}
diff --git a/server/vendor/github.com/pion/rtp/.gitignore b/server/vendor/github.com/pion/rtp/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/rtp/.golangci.yml b/server/vendor/github.com/pion/rtp/.golangci.yml
new file mode 100644
index 0000000..e06de4d
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/.golangci.yml
@@ -0,0 +1,125 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    enable:
+      - shadow
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-dirs-use-default: false
+  exclude-rules:
+    # Allow complex tests and examples, better to be self contained
+    - path: (examples|main\.go|_test\.go)
+      linters:
+        - forbidigo
+        - gocognit
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
diff --git a/server/vendor/github.com/pion/rtp/.goreleaser.yml b/server/vendor/github.com/pion/rtp/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/rtp/LICENSE b/server/vendor/github.com/pion/rtp/LICENSE
new file mode 100644
index 0000000..2071b23
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) <year> <copyright holders>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/rtp/README.md b/server/vendor/github.com/pion/rtp/README.md
new file mode 100644
index 0000000..c84621c
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/README.md
@@ -0,0 +1,35 @@
+<h1 align="center">
+  <br>
+  Pion RTP
+  <br>
+</h1>
+<h4 align="center">A Go implementation of RTP</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-rtp-gray.svg?longCache=true&colorB=brightgreen" alt="Pion RTP"></a>
+  <a href="https://sourcegraph.com/github.com/pion/rtp?badge"><img src="https://sourcegraph.com/github.com/pion/rtp/-/badge.svg" alt="Sourcegraph Widget"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/rtp/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/rtp"><img src="https://pkg.go.dev/badge/github.com/pion/rtp.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/rtp"><img src="https://codecov.io/gh/pion/rtp/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/rtp"><img src="https://goreportcard.com/badge/github.com/pion/rtp" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/rtp/abscapturetimeextension.go b/server/vendor/github.com/pion/rtp/abscapturetimeextension.go
new file mode 100644
index 0000000..5e96cff
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/abscapturetimeextension.go
@@ -0,0 +1,106 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"encoding/binary"
+	"time"
+)
+
+const (
+	absCaptureTimeExtensionSize         = 8
+	absCaptureTimeExtendedExtensionSize = 16
+)
+
+// AbsCaptureTimeExtension is a extension payload format in
+// http://www.webrtc.org/experiments/rtp-hdrext/abs-capture-time
+// 0                   1                   2                   3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |  ID   | len=7 |     absolute capture timestamp (bit 0-23)     |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |             absolute capture timestamp (bit 24-55)            |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |  ... (56-63)  |
+// +-+-+-+-+-+-+-+-+
+type AbsCaptureTimeExtension struct {
+	Timestamp                   uint64
+	EstimatedCaptureClockOffset *int64
+}
+
+// Marshal serializes the members to buffer.
+func (t AbsCaptureTimeExtension) Marshal() ([]byte, error) {
+	if t.EstimatedCaptureClockOffset != nil {
+		buf := make([]byte, 16)
+		binary.BigEndian.PutUint64(buf[0:8], t.Timestamp)
+		binary.BigEndian.PutUint64(buf[8:16], uint64(*t.EstimatedCaptureClockOffset))
+		return buf, nil
+	}
+	buf := make([]byte, 8)
+	binary.BigEndian.PutUint64(buf[0:8], t.Timestamp)
+	return buf, nil
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the members.
+func (t *AbsCaptureTimeExtension) Unmarshal(rawData []byte) error {
+	if len(rawData) < absCaptureTimeExtensionSize {
+		return errTooSmall
+	}
+	t.Timestamp = binary.BigEndian.Uint64(rawData[0:8])
+	if len(rawData) >= absCaptureTimeExtendedExtensionSize {
+		offset := int64(binary.BigEndian.Uint64(rawData[8:16]))
+		t.EstimatedCaptureClockOffset = &offset
+	}
+	return nil
+}
+
+// CaptureTime produces the estimated time.Time represented by this extension.
+func (t AbsCaptureTimeExtension) CaptureTime() time.Time {
+	return toTime(t.Timestamp)
+}
+
+// EstimatedCaptureClockOffsetDuration produces the estimated time.Duration represented by this extension.
+func (t AbsCaptureTimeExtension) EstimatedCaptureClockOffsetDuration() *time.Duration {
+	if t.EstimatedCaptureClockOffset == nil {
+		return nil
+	}
+	offset := *t.EstimatedCaptureClockOffset
+	negative := false
+	if offset < 0 {
+		offset = -offset
+		negative = true
+	}
+	duration := time.Duration(offset/(1<<32))*time.Second + time.Duration((offset&0xFFFFFFFF)*1e9/(1<<32))*time.Nanosecond
+	if negative {
+		duration = -duration
+	}
+	return &duration
+}
+
+// NewAbsCaptureTimeExtension makes new AbsCaptureTimeExtension from time.Time.
+func NewAbsCaptureTimeExtension(captureTime time.Time) *AbsCaptureTimeExtension {
+	return &AbsCaptureTimeExtension{
+		Timestamp: toNtpTime(captureTime),
+	}
+}
+
+// NewAbsCaptureTimeExtensionWithCaptureClockOffset makes new AbsCaptureTimeExtension from time.Time and a clock offset.
+func NewAbsCaptureTimeExtensionWithCaptureClockOffset(captureTime time.Time, captureClockOffset time.Duration) *AbsCaptureTimeExtension {
+	ns := captureClockOffset.Nanoseconds()
+	negative := false
+	if ns < 0 {
+		ns = -ns
+		negative = true
+	}
+	lsb := (ns / 1e9) & 0xFFFFFFFF
+	msb := (((ns % 1e9) * (1 << 32)) / 1e9) & 0xFFFFFFFF
+	offset := (lsb << 32) | msb
+	if negative {
+		offset = -offset
+	}
+	return &AbsCaptureTimeExtension{
+		Timestamp:                   toNtpTime(captureTime),
+		EstimatedCaptureClockOffset: &offset,
+	}
+}
diff --git a/server/vendor/github.com/pion/rtp/abssendtimeextension.go b/server/vendor/github.com/pion/rtp/abssendtimeextension.go
new file mode 100644
index 0000000..fff38e9
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/abssendtimeextension.go
@@ -0,0 +1,81 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"time"
+)
+
+const (
+	absSendTimeExtensionSize = 3
+)
+
+// AbsSendTimeExtension is a extension payload format in
+// http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
+type AbsSendTimeExtension struct {
+	Timestamp uint64
+}
+
+// Marshal serializes the members to buffer.
+func (t AbsSendTimeExtension) Marshal() ([]byte, error) {
+	return []byte{
+		byte(t.Timestamp & 0xFF0000 >> 16),
+		byte(t.Timestamp & 0xFF00 >> 8),
+		byte(t.Timestamp & 0xFF),
+	}, nil
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the members.
+func (t *AbsSendTimeExtension) Unmarshal(rawData []byte) error {
+	if len(rawData) < absSendTimeExtensionSize {
+		return errTooSmall
+	}
+	t.Timestamp = uint64(rawData[0])<<16 | uint64(rawData[1])<<8 | uint64(rawData[2])
+	return nil
+}
+
+// Estimate absolute send time according to the receive time.
+// Note that if the transmission delay is larger than 64 seconds, estimated time will be wrong.
+func (t *AbsSendTimeExtension) Estimate(receive time.Time) time.Time {
+	receiveNTP := toNtpTime(receive)
+	ntp := receiveNTP&0xFFFFFFC000000000 | (t.Timestamp&0xFFFFFF)<<14
+	if receiveNTP < ntp {
+		// Receive time must be always later than send time
+		ntp -= 0x1000000 << 14
+	}
+
+	return toTime(ntp)
+}
+
+// NewAbsSendTimeExtension makes new AbsSendTimeExtension from time.Time.
+func NewAbsSendTimeExtension(sendTime time.Time) *AbsSendTimeExtension {
+	return &AbsSendTimeExtension{
+		Timestamp: toNtpTime(sendTime) >> 14,
+	}
+}
+
+func toNtpTime(t time.Time) uint64 {
+	var s uint64
+	var f uint64
+	u := uint64(t.UnixNano())
+	s = u / 1e9
+	s += 0x83AA7E80 // offset in seconds between unix epoch and ntp epoch
+	f = u % 1e9
+	f <<= 32
+	f /= 1e9
+	s <<= 32
+
+	return s | f
+}
+
+func toTime(t uint64) time.Time {
+	s := t >> 32
+	f := t & 0xFFFFFFFF
+	f *= 1e9
+	f >>= 32
+	s -= 0x83AA7E80
+	u := s*1e9 + f
+
+	return time.Unix(0, int64(u))
+}
diff --git a/server/vendor/github.com/pion/rtp/audiolevelextension.go b/server/vendor/github.com/pion/rtp/audiolevelextension.go
new file mode 100644
index 0000000..f180c8d
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/audiolevelextension.go
@@ -0,0 +1,63 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"errors"
+)
+
+const (
+	// audioLevelExtensionSize One byte header size
+	audioLevelExtensionSize = 1
+)
+
+var errAudioLevelOverflow = errors.New("audio level overflow")
+
+// AudioLevelExtension is a extension payload format described in
+// https://tools.ietf.org/html/rfc6464
+//
+// Implementation based on:
+// https://chromium.googlesource.com/external/webrtc/+/e2a017725570ead5946a4ca8235af27470ca0df9/webrtc/modules/rtp_rtcp/source/rtp_header_extensions.cc#49
+//
+// One byte format:
+// 0                   1
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |  ID   | len=0 |V| level       |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//
+// Two byte format:
+// 0                   1                   2                   3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |      ID       |     len=1     |V|    level    |    0 (pad)    |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type AudioLevelExtension struct {
+	Level uint8
+	Voice bool
+}
+
+// Marshal serializes the members to buffer
+func (a AudioLevelExtension) Marshal() ([]byte, error) {
+	if a.Level > 127 {
+		return nil, errAudioLevelOverflow
+	}
+	voice := uint8(0x00)
+	if a.Voice {
+		voice = 0x80
+	}
+	buf := make([]byte, audioLevelExtensionSize)
+	buf[0] = voice | a.Level
+	return buf, nil
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the members
+func (a *AudioLevelExtension) Unmarshal(rawData []byte) error {
+	if len(rawData) < audioLevelExtensionSize {
+		return errTooSmall
+	}
+	a.Level = rawData[0] & 0x7F
+	a.Voice = rawData[0]&0x80 != 0
+	return nil
+}
diff --git a/server/vendor/github.com/pion/rtp/codecov.yml b/server/vendor/github.com/pion/rtp/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/rtp/codecs/av1/obu/leb128.go b/server/vendor/github.com/pion/rtp/codecs/av1/obu/leb128.go
new file mode 100644
index 0000000..f5fcbf6
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/av1/obu/leb128.go
@@ -0,0 +1,85 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package obu implements tools for working with the Open Bitstream Unit.
+package obu
+
+import "errors"
+
+const (
+	sevenLsbBitmask = uint(0b01111111)
+	msbBitmask      = uint(0b10000000)
+)
+
+// ErrFailedToReadLEB128 indicates that a buffer ended before a LEB128 value could be successfully read
+var ErrFailedToReadLEB128 = errors.New("payload ended before LEB128 was finished")
+
+// EncodeLEB128 encodes a uint as LEB128
+func EncodeLEB128(in uint) (out uint) {
+	for {
+		// Copy seven bits from in and discard
+		// what we have copied from in
+		out |= (in & sevenLsbBitmask)
+		in >>= 7
+
+		// If we have more bits to encode set MSB
+		// otherwise we are done
+		if in != 0 {
+			out |= msbBitmask
+			out <<= 8
+		} else {
+			return out
+		}
+	}
+}
+
+func decodeLEB128(in uint) (out uint) {
+	for {
+		// Take 7 LSB from in
+		out |= (in & sevenLsbBitmask)
+
+		// Discard the MSB
+		in >>= 8
+		if in == 0 {
+			return out
+		}
+
+		out <<= 7
+	}
+}
+
+// ReadLeb128 scans an buffer and decodes a Leb128 value.
+// If the end of the buffer is reached and all MSB are set
+// an error is returned
+func ReadLeb128(in []byte) (uint, uint, error) {
+	var encodedLength uint
+
+	for i := range in {
+		encodedLength |= uint(in[i])
+
+		if in[i]&byte(msbBitmask) == 0 {
+			return decodeLEB128(encodedLength), uint(i + 1), nil
+		}
+
+		// Make more room for next read
+		encodedLength <<= 8
+	}
+
+	return 0, 0, ErrFailedToReadLEB128
+}
+
+// WriteToLeb128 writes a uint to a LEB128 encoded byte slice.
+func WriteToLeb128(in uint) []byte {
+	b := make([]byte, 10)
+
+	for i := 0; i < len(b); i++ {
+		b[i] = byte(in & 0x7f)
+		in >>= 7
+		if in == 0 {
+			return b[:i+1]
+		}
+		b[i] |= 0x80
+	}
+
+	return b // unreachable
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/av1_packet.go b/server/vendor/github.com/pion/rtp/codecs/av1_packet.go
new file mode 100644
index 0000000..bcea690
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/av1_packet.go
@@ -0,0 +1,204 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+import (
+	"github.com/pion/rtp/codecs/av1/obu"
+)
+
+const (
+	zMask     = byte(0b10000000)
+	zBitshift = 7
+
+	yMask     = byte(0b01000000)
+	yBitshift = 6
+
+	wMask     = byte(0b00110000)
+	wBitshift = 4
+
+	nMask     = byte(0b00001000)
+	nBitshift = 3
+
+	obuFrameTypeMask     = byte(0b01111000)
+	obuFrameTypeBitshift = 3
+
+	obuFameTypeSequenceHeader = 1
+
+	av1PayloaderHeadersize = 1
+
+	leb128Size = 1
+)
+
+// AV1Payloader payloads AV1 packets
+type AV1Payloader struct {
+	sequenceHeader []byte
+}
+
+// Payload fragments a AV1 packet across one or more byte arrays
+// See AV1Packet for description of AV1 Payload Header
+func (p *AV1Payloader) Payload(mtu uint16, payload []byte) (payloads [][]byte) {
+	payloadDataIndex := 0
+	payloadDataRemaining := len(payload)
+
+	// Payload Data and MTU is non-zero
+	if mtu <= 0 || payloadDataRemaining <= 0 {
+		return payloads
+	}
+
+	// Cache Sequence Header and packetize with next payload
+	frameType := (payload[0] & obuFrameTypeMask) >> obuFrameTypeBitshift
+	if frameType == obuFameTypeSequenceHeader {
+		p.sequenceHeader = payload
+		return
+	}
+
+	for payloadDataRemaining > 0 {
+		obuCount := byte(1)
+		metadataSize := av1PayloaderHeadersize
+		if len(p.sequenceHeader) != 0 {
+			obuCount++
+			metadataSize += leb128Size + len(p.sequenceHeader)
+		}
+
+		out := make([]byte, min(int(mtu), payloadDataRemaining+metadataSize))
+		outOffset := av1PayloaderHeadersize
+		out[0] = obuCount << wBitshift
+
+		if obuCount == 2 {
+			// This Payload contain the start of a Coded Video Sequence
+			out[0] ^= nMask
+
+			out[1] = byte(obu.EncodeLEB128(uint(len(p.sequenceHeader))))
+			copy(out[2:], p.sequenceHeader)
+
+			outOffset += leb128Size + len(p.sequenceHeader)
+
+			p.sequenceHeader = nil
+		}
+
+		outBufferRemaining := len(out) - outOffset
+		copy(out[outOffset:], payload[payloadDataIndex:payloadDataIndex+outBufferRemaining])
+		payloadDataRemaining -= outBufferRemaining
+		payloadDataIndex += outBufferRemaining
+
+		// Does this Fragment contain an OBU that started in a previous payload
+		if len(payloads) > 0 {
+			out[0] ^= zMask
+		}
+
+		// This OBU will be continued in next Payload
+		if payloadDataRemaining != 0 {
+			out[0] ^= yMask
+		}
+
+		payloads = append(payloads, out)
+	}
+
+	return payloads
+}
+
+// AV1Packet represents a depacketized AV1 RTP Packet
+/*
+*  0 1 2 3 4 5 6 7
+* +-+-+-+-+-+-+-+-+
+* |Z|Y| W |N|-|-|-|
+* +-+-+-+-+-+-+-+-+
+**/
+// https://aomediacodec.github.io/av1-rtp-spec/#44-av1-aggregation-header
+type AV1Packet struct {
+	// Z: MUST be set to 1 if the first OBU element is an
+	//    OBU fragment that is a continuation of an OBU fragment
+	//    from the previous packet, and MUST be set to 0 otherwise.
+	Z bool
+
+	// Y: MUST be set to 1 if the last OBU element is an OBU fragment
+	//    that will continue in the next packet, and MUST be set to 0 otherwise.
+	Y bool
+
+	// W: two bit field that describes the number of OBU elements in the packet.
+	//    This field MUST be set equal to 0 or equal to the number of OBU elements
+	//    contained in the packet. If set to 0, each OBU element MUST be preceded by
+	//    a length field. If not set to 0 (i.e., W = 1, 2 or 3) the last OBU element
+	//    MUST NOT be preceded by a length field. Instead, the length of the last OBU
+	//    element contained in the packet can be calculated as follows:
+	// Length of the last OBU element =
+	//    length of the RTP payload
+	//  - length of aggregation header
+	//  - length of previous OBU elements including length fields
+	W byte
+
+	// N: MUST be set to 1 if the packet is the first packet of a coded video sequence, and MUST be set to 0 otherwise.
+	N bool
+
+	// Each AV1 RTP Packet is a collection of OBU Elements. Each OBU Element may be a full OBU, or just a fragment of one.
+	// AV1Frame provides the tools to construct a collection of OBUs from a collection of OBU Elements
+	OBUElements [][]byte
+
+	videoDepacketizer
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the AV1Packet this method is called upon
+func (p *AV1Packet) Unmarshal(payload []byte) ([]byte, error) {
+	if payload == nil {
+		return nil, errNilPacket
+	} else if len(payload) < 2 {
+		return nil, errShortPacket
+	}
+
+	p.Z = ((payload[0] & zMask) >> zBitshift) != 0
+	p.Y = ((payload[0] & yMask) >> yBitshift) != 0
+	p.N = ((payload[0] & nMask) >> nBitshift) != 0
+	p.W = (payload[0] & wMask) >> wBitshift
+
+	if p.Z && p.N {
+		return nil, errIsKeyframeAndFragment
+	}
+
+	if !p.zeroAllocation {
+		obuElements, err := p.parseBody(payload[1:])
+		if err != nil {
+			return nil, err
+		}
+		p.OBUElements = obuElements
+	}
+
+	return payload[1:], nil
+}
+
+func (p *AV1Packet) parseBody(payload []byte) ([][]byte, error) {
+	if p.OBUElements != nil {
+		return p.OBUElements, nil
+	}
+
+	obuElements := [][]byte{}
+
+	var obuElementLength, bytesRead uint
+	currentIndex := uint(0)
+	for i := 1; ; i++ {
+		if currentIndex == uint(len(payload)) {
+			break
+		}
+
+		// If W bit is set the last OBU Element will have no length header
+		if byte(i) == p.W {
+			bytesRead = 0
+			obuElementLength = uint(len(payload)) - currentIndex
+		} else {
+			var err error
+			obuElementLength, bytesRead, err = obu.ReadLeb128(payload[currentIndex:])
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		currentIndex += bytesRead
+		if uint(len(payload)) < currentIndex+obuElementLength {
+			return nil, errShortPacket
+		}
+		obuElements = append(obuElements, payload[currentIndex:currentIndex+obuElementLength])
+		currentIndex += obuElementLength
+	}
+
+	return obuElements, nil
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/codecs.go b/server/vendor/github.com/pion/rtp/codecs/codecs.go
new file mode 100644
index 0000000..cd1c891
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/codecs.go
@@ -0,0 +1,5 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package codecs implements codec specific RTP payloader/depayloaders
+package codecs
diff --git a/server/vendor/github.com/pion/rtp/codecs/common.go b/server/vendor/github.com/pion/rtp/codecs/common.go
new file mode 100644
index 0000000..e807a0a
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/common.go
@@ -0,0 +1,39 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+func min(a, b int) int {
+	if a < b {
+		return a
+	}
+	return b
+}
+
+// audioDepacketizer is a mixin for audio codec depacketizers
+type audioDepacketizer struct{}
+
+func (d *audioDepacketizer) IsPartitionTail(_ bool, _ []byte) bool {
+	return true
+}
+
+func (d *audioDepacketizer) IsPartitionHead(_ []byte) bool {
+	return true
+}
+
+// videoDepacketizer is a mixin for video codec depacketizers
+type videoDepacketizer struct {
+	zeroAllocation bool
+}
+
+func (d *videoDepacketizer) IsPartitionTail(marker bool, _ []byte) bool {
+	return marker
+}
+
+// SetZeroAllocation enables Zero Allocation mode for the depacketizer
+// By default the Depacketizers will allocate as they parse. These allocations
+// are needed for Metadata and other optional values. If you don't need this information
+// enabling SetZeroAllocation gives you higher performance at a reduced feature set.
+func (d *videoDepacketizer) SetZeroAllocation(zeroAllocation bool) {
+	d.zeroAllocation = zeroAllocation
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/error.go b/server/vendor/github.com/pion/rtp/codecs/error.go
new file mode 100644
index 0000000..2083ef4
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/error.go
@@ -0,0 +1,17 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+import "errors"
+
+var (
+	errShortPacket          = errors.New("packet is not large enough")
+	errNilPacket            = errors.New("invalid nil packet")
+	errTooManyPDiff         = errors.New("too many PDiff")
+	errTooManySpatialLayers = errors.New("too many spatial layers")
+	errUnhandledNALUType    = errors.New("NALU Type is unhandled")
+
+	// AV1 Errors
+	errIsKeyframeAndFragment = errors.New("bits Z and N are set. Not possible to have OBU be tail fragment and be keyframe")
+)
diff --git a/server/vendor/github.com/pion/rtp/codecs/g711_packet.go b/server/vendor/github.com/pion/rtp/codecs/g711_packet.go
new file mode 100644
index 0000000..4afda55
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/g711_packet.go
@@ -0,0 +1,25 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+// G711Payloader payloads G711 packets
+type G711Payloader struct{}
+
+// Payload fragments an G711 packet across one or more byte arrays
+func (p *G711Payloader) Payload(mtu uint16, payload []byte) [][]byte {
+	var out [][]byte
+	if payload == nil || mtu == 0 {
+		return out
+	}
+
+	for len(payload) > int(mtu) {
+		o := make([]byte, mtu)
+		copy(o, payload[:mtu])
+		payload = payload[mtu:]
+		out = append(out, o)
+	}
+	o := make([]byte, len(payload))
+	copy(o, payload)
+	return append(out, o)
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/g722_packet.go b/server/vendor/github.com/pion/rtp/codecs/g722_packet.go
new file mode 100644
index 0000000..ae6672d
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/g722_packet.go
@@ -0,0 +1,25 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+// G722Payloader payloads G722 packets
+type G722Payloader struct{}
+
+// Payload fragments an G722 packet across one or more byte arrays
+func (p *G722Payloader) Payload(mtu uint16, payload []byte) [][]byte {
+	var out [][]byte
+	if payload == nil || mtu == 0 {
+		return out
+	}
+
+	for len(payload) > int(mtu) {
+		o := make([]byte, mtu)
+		copy(o, payload[:mtu])
+		payload = payload[mtu:]
+		out = append(out, o)
+	}
+	o := make([]byte, len(payload))
+	copy(o, payload)
+	return append(out, o)
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/h264_packet.go b/server/vendor/github.com/pion/rtp/codecs/h264_packet.go
new file mode 100644
index 0000000..3021fc0
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/h264_packet.go
@@ -0,0 +1,297 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+import (
+	"bytes"
+	"encoding/binary"
+	"fmt"
+)
+
+// H264Payloader payloads H264 packets
+type H264Payloader struct {
+	spsNalu, ppsNalu []byte
+}
+
+const (
+	stapaNALUType  = 24
+	fuaNALUType    = 28
+	fubNALUType    = 29
+	spsNALUType    = 7
+	ppsNALUType    = 8
+	audNALUType    = 9
+	fillerNALUType = 12
+
+	fuaHeaderSize       = 2
+	stapaHeaderSize     = 1
+	stapaNALULengthSize = 2
+
+	naluTypeBitmask   = 0x1F
+	naluRefIdcBitmask = 0x60
+	fuStartBitmask    = 0x80
+	fuEndBitmask      = 0x40
+
+	outputStapAHeader = 0x78
+)
+
+// nolint:gochecknoglobals
+var (
+	naluStartCode       = []byte{0x00, 0x00, 0x01}
+	annexbNALUStartCode = []byte{0x00, 0x00, 0x00, 0x01}
+)
+
+func emitNalus(nals []byte, emit func([]byte)) {
+	start := 0
+	length := len(nals)
+
+	for start < length {
+		end := bytes.Index(nals[start:], annexbNALUStartCode)
+		offset := 4
+		if end == -1 {
+			end = bytes.Index(nals[start:], naluStartCode)
+			offset = 3
+		}
+		if end == -1 {
+			emit(nals[start:])
+			break
+		}
+
+		emit(nals[start : start+end])
+
+		// next NAL start position
+		start += end + offset
+	}
+}
+
+// Payload fragments a H264 packet across one or more byte arrays
+func (p *H264Payloader) Payload(mtu uint16, payload []byte) [][]byte {
+	var payloads [][]byte
+	if len(payload) == 0 {
+		return payloads
+	}
+
+	emitNalus(payload, func(nalu []byte) {
+		if len(nalu) == 0 {
+			return
+		}
+
+		naluType := nalu[0] & naluTypeBitmask
+		naluRefIdc := nalu[0] & naluRefIdcBitmask
+
+		switch {
+		case naluType == audNALUType || naluType == fillerNALUType:
+			return
+		case naluType == spsNALUType:
+			p.spsNalu = nalu
+			return
+		case naluType == ppsNALUType:
+			p.ppsNalu = nalu
+			return
+		case p.spsNalu != nil && p.ppsNalu != nil:
+			// Pack current NALU with SPS and PPS as STAP-A
+			spsLen := make([]byte, 2)
+			binary.BigEndian.PutUint16(spsLen, uint16(len(p.spsNalu)))
+
+			ppsLen := make([]byte, 2)
+			binary.BigEndian.PutUint16(ppsLen, uint16(len(p.ppsNalu)))
+
+			stapANalu := []byte{outputStapAHeader}
+			stapANalu = append(stapANalu, spsLen...)
+			stapANalu = append(stapANalu, p.spsNalu...)
+			stapANalu = append(stapANalu, ppsLen...)
+			stapANalu = append(stapANalu, p.ppsNalu...)
+			if len(stapANalu) <= int(mtu) {
+				out := make([]byte, len(stapANalu))
+				copy(out, stapANalu)
+				payloads = append(payloads, out)
+			}
+
+			p.spsNalu = nil
+			p.ppsNalu = nil
+		}
+
+		// Single NALU
+		if len(nalu) <= int(mtu) {
+			out := make([]byte, len(nalu))
+			copy(out, nalu)
+			payloads = append(payloads, out)
+			return
+		}
+
+		// FU-A
+		maxFragmentSize := int(mtu) - fuaHeaderSize
+
+		// The FU payload consists of fragments of the payload of the fragmented
+		// NAL unit so that if the fragmentation unit payloads of consecutive
+		// FUs are sequentially concatenated, the payload of the fragmented NAL
+		// unit can be reconstructed.  The NAL unit type octet of the fragmented
+		// NAL unit is not included as such in the fragmentation unit payload,
+		// 	but rather the information of the NAL unit type octet of the
+		// fragmented NAL unit is conveyed in the F and NRI fields of the FU
+		// indicator octet of the fragmentation unit and in the type field of
+		// the FU header.  An FU payload MAY have any number of octets and MAY
+		// be empty.
+
+		// According to the RFC, the first octet is skipped due to redundant information
+		naluIndex := 1
+		naluLength := len(nalu) - naluIndex
+		naluRemaining := naluLength
+
+		if min(maxFragmentSize, naluRemaining) <= 0 {
+			return
+		}
+
+		for naluRemaining > 0 {
+			currentFragmentSize := min(maxFragmentSize, naluRemaining)
+			out := make([]byte, fuaHeaderSize+currentFragmentSize)
+
+			// +---------------+
+			// |0|1|2|3|4|5|6|7|
+			// +-+-+-+-+-+-+-+-+
+			// |F|NRI|  Type   |
+			// +---------------+
+			out[0] = fuaNALUType
+			out[0] |= naluRefIdc
+
+			// +---------------+
+			// |0|1|2|3|4|5|6|7|
+			// +-+-+-+-+-+-+-+-+
+			// |S|E|R|  Type   |
+			// +---------------+
+
+			out[1] = naluType
+			if naluRemaining == naluLength {
+				// Set start bit
+				out[1] |= 1 << 7
+			} else if naluRemaining-currentFragmentSize == 0 {
+				// Set end bit
+				out[1] |= 1 << 6
+			}
+
+			copy(out[fuaHeaderSize:], nalu[naluIndex:naluIndex+currentFragmentSize])
+			payloads = append(payloads, out)
+
+			naluRemaining -= currentFragmentSize
+			naluIndex += currentFragmentSize
+		}
+	})
+
+	return payloads
+}
+
+// H264Packet represents the H264 header that is stored in the payload of an RTP Packet
+type H264Packet struct {
+	IsAVC     bool
+	fuaBuffer []byte
+
+	videoDepacketizer
+}
+
+func (p *H264Packet) doPackaging(buf, nalu []byte) []byte {
+	if p.IsAVC {
+		buf = binary.BigEndian.AppendUint32(buf, uint32(len(nalu)))
+		buf = append(buf, nalu...)
+		return buf
+	}
+
+	buf = append(buf, annexbNALUStartCode...)
+	buf = append(buf, nalu...)
+	return buf
+}
+
+// IsDetectedFinalPacketInSequence returns true of the packet passed in has the
+// marker bit set indicated the end of a packet sequence
+func (p *H264Packet) IsDetectedFinalPacketInSequence(rtpPacketMarketBit bool) bool {
+	return rtpPacketMarketBit
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the H264Packet this method is called upon
+func (p *H264Packet) Unmarshal(payload []byte) ([]byte, error) {
+	if p.zeroAllocation {
+		return payload, nil
+	}
+
+	return p.parseBody(payload)
+}
+
+func (p *H264Packet) parseBody(payload []byte) ([]byte, error) {
+	if len(payload) == 0 {
+		return nil, fmt.Errorf("%w: %d <=0", errShortPacket, len(payload))
+	}
+
+	// NALU Types
+	// https://tools.ietf.org/html/rfc6184#section-5.4
+	naluType := payload[0] & naluTypeBitmask
+	switch {
+	case naluType > 0 && naluType < 24:
+		return p.doPackaging(nil, payload), nil
+
+	case naluType == stapaNALUType:
+		currOffset := int(stapaHeaderSize)
+		result := []byte{}
+		for currOffset < len(payload) {
+			naluSize := int(binary.BigEndian.Uint16(payload[currOffset:]))
+			currOffset += stapaNALULengthSize
+
+			if len(payload) < currOffset+naluSize {
+				return nil, fmt.Errorf("%w STAP-A declared size(%d) is larger than buffer(%d)", errShortPacket, naluSize, len(payload)-currOffset)
+			}
+
+			result = p.doPackaging(result, payload[currOffset:currOffset+naluSize])
+			currOffset += naluSize
+		}
+		return result, nil
+
+	case naluType == fuaNALUType:
+		if len(payload) < fuaHeaderSize {
+			return nil, errShortPacket
+		}
+
+		if p.fuaBuffer == nil {
+			p.fuaBuffer = []byte{}
+		}
+
+		p.fuaBuffer = append(p.fuaBuffer, payload[fuaHeaderSize:]...)
+
+		if payload[1]&fuEndBitmask != 0 {
+			naluRefIdc := payload[0] & naluRefIdcBitmask
+			fragmentedNaluType := payload[1] & naluTypeBitmask
+
+			nalu := append([]byte{}, naluRefIdc|fragmentedNaluType)
+			nalu = append(nalu, p.fuaBuffer...)
+			p.fuaBuffer = nil
+			return p.doPackaging(nil, nalu), nil
+		}
+
+		return []byte{}, nil
+	}
+
+	return nil, fmt.Errorf("%w: %d", errUnhandledNALUType, naluType)
+}
+
+// H264PartitionHeadChecker checks H264 partition head.
+//
+// Deprecated: replaced by H264Packet.IsPartitionHead()
+type H264PartitionHeadChecker struct{}
+
+// IsPartitionHead checks if this is the head of a packetized nalu stream.
+//
+// Deprecated: replaced by H264Packet.IsPartitionHead()
+func (*H264PartitionHeadChecker) IsPartitionHead(packet []byte) bool {
+	return (&H264Packet{}).IsPartitionHead(packet)
+}
+
+// IsPartitionHead checks if this is the head of a packetized nalu stream.
+func (*H264Packet) IsPartitionHead(payload []byte) bool {
+	if len(payload) < 2 {
+		return false
+	}
+
+	if payload[0]&naluTypeBitmask == fuaNALUType ||
+		payload[0]&naluTypeBitmask == fubNALUType {
+		return payload[1]&fuStartBitmask != 0
+	}
+
+	return true
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/h265_packet.go b/server/vendor/github.com/pion/rtp/codecs/h265_packet.go
new file mode 100644
index 0000000..2a194fd
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/h265_packet.go
@@ -0,0 +1,828 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+//
+// Errors
+//
+
+var (
+	errH265CorruptedPacket   = errors.New("corrupted h265 packet")
+	errInvalidH265PacketType = errors.New("invalid h265 packet type")
+)
+
+//
+// Network Abstraction Unit Header implementation
+//
+
+const (
+	// sizeof(uint16)
+	h265NaluHeaderSize = 2
+	// https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.2
+	h265NaluAggregationPacketType = 48
+	// https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.3
+	h265NaluFragmentationUnitType = 49
+	// https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.4
+	h265NaluPACIPacketType = 50
+)
+
+// H265NALUHeader is a H265 NAL Unit Header
+// https://datatracker.ietf.org/doc/html/rfc7798#section-1.1.4
+/*
+* +---------------+---------------+
+* |0|1|2|3|4|5|6|7|0|1|2|3|4|5|6|7|
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |F|   Type    |  LayerID  | TID |
+* +-------------+-----------------+
+**/
+type H265NALUHeader uint16
+
+func newH265NALUHeader(highByte, lowByte uint8) H265NALUHeader {
+	return H265NALUHeader((uint16(highByte) << 8) | uint16(lowByte))
+}
+
+// F is the forbidden bit, should always be 0.
+func (h H265NALUHeader) F() bool {
+	return (uint16(h) >> 15) != 0
+}
+
+// Type of NAL Unit.
+func (h H265NALUHeader) Type() uint8 {
+	// 01111110 00000000
+	const mask = 0b01111110 << 8
+	return uint8((uint16(h) & mask) >> (8 + 1))
+}
+
+// IsTypeVCLUnit returns whether or not the NAL Unit type is a VCL NAL unit.
+func (h H265NALUHeader) IsTypeVCLUnit() bool {
+	// Type is coded on 6 bits
+	const msbMask = 0b00100000
+	return (h.Type() & msbMask) == 0
+}
+
+// LayerID should always be 0 in non-3D HEVC context.
+func (h H265NALUHeader) LayerID() uint8 {
+	// 00000001 11111000
+	const mask = (0b00000001 << 8) | 0b11111000
+	return uint8((uint16(h) & mask) >> 3)
+}
+
+// TID is the temporal identifier of the NAL unit +1.
+func (h H265NALUHeader) TID() uint8 {
+	const mask = 0b00000111
+	return uint8(uint16(h) & mask)
+}
+
+// IsAggregationPacket returns whether or not the packet is an Aggregation packet.
+func (h H265NALUHeader) IsAggregationPacket() bool {
+	return h.Type() == h265NaluAggregationPacketType
+}
+
+// IsFragmentationUnit returns whether or not the packet is a Fragmentation Unit packet.
+func (h H265NALUHeader) IsFragmentationUnit() bool {
+	return h.Type() == h265NaluFragmentationUnitType
+}
+
+// IsPACIPacket returns whether or not the packet is a PACI packet.
+func (h H265NALUHeader) IsPACIPacket() bool {
+	return h.Type() == h265NaluPACIPacketType
+}
+
+//
+// Single NAL Unit Packet implementation
+//
+
+// H265SingleNALUnitPacket represents a NALU packet, containing exactly one NAL unit.
+/*
+*  0                   1                   2                   3
+*  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |           PayloadHdr          |      DONL (conditional)       |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |                                                               |
+* |                  NAL unit payload data                        |
+* |                                                               |
+* |                               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |                               :...OPTIONAL RTP padding        |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+**/
+// Reference: https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.1
+type H265SingleNALUnitPacket struct {
+	// payloadHeader is the header of the H265 packet.
+	payloadHeader H265NALUHeader
+	// donl is a 16-bit field, that may or may not be present.
+	donl *uint16
+	// payload of the fragmentation unit.
+	payload []byte
+
+	mightNeedDONL bool
+}
+
+// WithDONL can be called to specify whether or not DONL might be parsed.
+// DONL may need to be parsed if `sprop-max-don-diff` is greater than 0 on the RTP stream.
+func (p *H265SingleNALUnitPacket) WithDONL(value bool) {
+	p.mightNeedDONL = value
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the H265SingleNALUnitPacket this method is called upon.
+func (p *H265SingleNALUnitPacket) Unmarshal(payload []byte) ([]byte, error) {
+	// sizeof(headers)
+	const totalHeaderSize = h265NaluHeaderSize
+	if payload == nil {
+		return nil, errNilPacket
+	} else if len(payload) <= totalHeaderSize {
+		return nil, fmt.Errorf("%w: %d <= %v", errShortPacket, len(payload), totalHeaderSize)
+	}
+
+	payloadHeader := newH265NALUHeader(payload[0], payload[1])
+	if payloadHeader.F() {
+		return nil, errH265CorruptedPacket
+	}
+	if payloadHeader.IsFragmentationUnit() || payloadHeader.IsPACIPacket() || payloadHeader.IsAggregationPacket() {
+		return nil, errInvalidH265PacketType
+	}
+
+	payload = payload[2:]
+
+	if p.mightNeedDONL {
+		// sizeof(uint16)
+		if len(payload) <= 2 {
+			return nil, errShortPacket
+		}
+
+		donl := (uint16(payload[0]) << 8) | uint16(payload[1])
+		p.donl = &donl
+		payload = payload[2:]
+	}
+
+	p.payloadHeader = payloadHeader
+	p.payload = payload
+
+	return nil, nil
+}
+
+// PayloadHeader returns the NALU header of the packet.
+func (p *H265SingleNALUnitPacket) PayloadHeader() H265NALUHeader {
+	return p.payloadHeader
+}
+
+// DONL returns the DONL of the packet.
+func (p *H265SingleNALUnitPacket) DONL() *uint16 {
+	return p.donl
+}
+
+// Payload returns the Fragmentation Unit packet payload.
+func (p *H265SingleNALUnitPacket) Payload() []byte {
+	return p.payload
+}
+
+func (p *H265SingleNALUnitPacket) isH265Packet() {}
+
+//
+// Aggregation Packets implementation
+//
+
+// H265AggregationUnitFirst represent the First Aggregation Unit in an AP.
+/*
+*  0                   1                   2                   3
+*  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* :       DONL (conditional)      |   NALU size   |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |   NALU size   |                                               |
+* +-+-+-+-+-+-+-+-+         NAL unit                              |
+* |                                                               |
+* |                               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |                               :
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+**/
+// Reference: https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.2
+type H265AggregationUnitFirst struct {
+	donl        *uint16
+	nalUnitSize uint16
+	nalUnit     []byte
+}
+
+// DONL field, when present, specifies the value of the 16 least
+// significant bits of the decoding order number of the aggregated NAL
+// unit.
+func (u H265AggregationUnitFirst) DONL() *uint16 {
+	return u.donl
+}
+
+// NALUSize represents the size, in bytes, of the NalUnit.
+func (u H265AggregationUnitFirst) NALUSize() uint16 {
+	return u.nalUnitSize
+}
+
+// NalUnit payload.
+func (u H265AggregationUnitFirst) NalUnit() []byte {
+	return u.nalUnit
+}
+
+// H265AggregationUnit represent the an Aggregation Unit in an AP, which is not the first one.
+/*
+*  0                   1                   2                   3
+*  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* : DOND (cond)   |          NALU size            |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |                                                               |
+* |                       NAL unit                                |
+* |                               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |                               :
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+**/
+// Reference: https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.2
+type H265AggregationUnit struct {
+	dond        *uint8
+	nalUnitSize uint16
+	nalUnit     []byte
+}
+
+// DOND field plus 1 specifies the difference between
+// the decoding order number values of the current aggregated NAL unit
+// and the preceding aggregated NAL unit in the same AP.
+func (u H265AggregationUnit) DOND() *uint8 {
+	return u.dond
+}
+
+// NALUSize represents the size, in bytes, of the NalUnit.
+func (u H265AggregationUnit) NALUSize() uint16 {
+	return u.nalUnitSize
+}
+
+// NalUnit payload.
+func (u H265AggregationUnit) NalUnit() []byte {
+	return u.nalUnit
+}
+
+// H265AggregationPacket represents an Aggregation packet.
+/*
+*  0                   1                   2                   3
+*  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |    PayloadHdr (Type=48)       |                               |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               |
+* |                                                               |
+* |             two or more aggregation units                     |
+* |                                                               |
+* |                               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |                               :...OPTIONAL RTP padding        |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+**/
+// Reference: https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.2
+type H265AggregationPacket struct {
+	firstUnit  *H265AggregationUnitFirst
+	otherUnits []H265AggregationUnit
+
+	mightNeedDONL bool
+}
+
+// WithDONL can be called to specify whether or not DONL might be parsed.
+// DONL may need to be parsed if `sprop-max-don-diff` is greater than 0 on the RTP stream.
+func (p *H265AggregationPacket) WithDONL(value bool) {
+	p.mightNeedDONL = value
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the H265AggregationPacket this method is called upon.
+func (p *H265AggregationPacket) Unmarshal(payload []byte) ([]byte, error) {
+	// sizeof(headers)
+	const totalHeaderSize = h265NaluHeaderSize
+	if payload == nil {
+		return nil, errNilPacket
+	} else if len(payload) <= totalHeaderSize {
+		return nil, fmt.Errorf("%w: %d <= %v", errShortPacket, len(payload), totalHeaderSize)
+	}
+
+	payloadHeader := newH265NALUHeader(payload[0], payload[1])
+	if payloadHeader.F() {
+		return nil, errH265CorruptedPacket
+	}
+	if !payloadHeader.IsAggregationPacket() {
+		return nil, errInvalidH265PacketType
+	}
+
+	// First parse the first aggregation unit
+	payload = payload[2:]
+	firstUnit := &H265AggregationUnitFirst{}
+
+	if p.mightNeedDONL {
+		if len(payload) < 2 {
+			return nil, errShortPacket
+		}
+
+		donl := (uint16(payload[0]) << 8) | uint16(payload[1])
+		firstUnit.donl = &donl
+
+		payload = payload[2:]
+	}
+	if len(payload) < 2 {
+		return nil, errShortPacket
+	}
+	firstUnit.nalUnitSize = (uint16(payload[0]) << 8) | uint16(payload[1])
+	payload = payload[2:]
+
+	if len(payload) < int(firstUnit.nalUnitSize) {
+		return nil, errShortPacket
+	}
+
+	firstUnit.nalUnit = payload[:firstUnit.nalUnitSize]
+	payload = payload[firstUnit.nalUnitSize:]
+
+	// Parse remaining Aggregation Units
+	var units []H265AggregationUnit
+	for {
+		unit := H265AggregationUnit{}
+
+		if p.mightNeedDONL {
+			if len(payload) < 1 {
+				break
+			}
+
+			dond := payload[0]
+			unit.dond = &dond
+
+			payload = payload[1:]
+		}
+
+		if len(payload) < 2 {
+			break
+		}
+		unit.nalUnitSize = (uint16(payload[0]) << 8) | uint16(payload[1])
+		payload = payload[2:]
+
+		if len(payload) < int(unit.nalUnitSize) {
+			break
+		}
+
+		unit.nalUnit = payload[:unit.nalUnitSize]
+		payload = payload[unit.nalUnitSize:]
+
+		units = append(units, unit)
+	}
+
+	// There need to be **at least** two Aggregation Units (first + another one)
+	if len(units) == 0 {
+		return nil, errShortPacket
+	}
+
+	p.firstUnit = firstUnit
+	p.otherUnits = units
+
+	return nil, nil
+}
+
+// FirstUnit returns the first Aggregated Unit of the packet.
+func (p *H265AggregationPacket) FirstUnit() *H265AggregationUnitFirst {
+	return p.firstUnit
+}
+
+// OtherUnits returns the all the other Aggregated Unit of the packet (excluding the first one).
+func (p *H265AggregationPacket) OtherUnits() []H265AggregationUnit {
+	return p.otherUnits
+}
+
+func (p *H265AggregationPacket) isH265Packet() {}
+
+//
+// Fragmentation Unit implementation
+//
+
+const (
+	// sizeof(uint8)
+	h265FragmentationUnitHeaderSize = 1
+)
+
+// H265FragmentationUnitHeader is a H265 FU Header
+/*
+* +---------------+
+* |0|1|2|3|4|5|6|7|
+* +-+-+-+-+-+-+-+-+
+* |S|E|  FuType   |
+* +---------------+
+**/
+type H265FragmentationUnitHeader uint8
+
+// S represents the start of a fragmented NAL unit.
+func (h H265FragmentationUnitHeader) S() bool {
+	const mask = 0b10000000
+	return ((h & mask) >> 7) != 0
+}
+
+// E represents the end of a fragmented NAL unit.
+func (h H265FragmentationUnitHeader) E() bool {
+	const mask = 0b01000000
+	return ((h & mask) >> 6) != 0
+}
+
+// FuType MUST be equal to the field Type of the fragmented NAL unit.
+func (h H265FragmentationUnitHeader) FuType() uint8 {
+	const mask = 0b00111111
+	return uint8(h) & mask
+}
+
+// H265FragmentationUnitPacket represents a single Fragmentation Unit packet.
+/*
+*  0                   1                   2                   3
+*  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |    PayloadHdr (Type=49)       |   FU header   | DONL (cond)   |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
+* | DONL (cond)   |                                               |
+* |-+-+-+-+-+-+-+-+                                               |
+* |                         FU payload                            |
+* |                                                               |
+* |                               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |                               :...OPTIONAL RTP padding        |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+**/
+// Reference: https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.3
+type H265FragmentationUnitPacket struct {
+	// payloadHeader is the header of the H265 packet.
+	payloadHeader H265NALUHeader
+	// fuHeader is the header of the fragmentation unit
+	fuHeader H265FragmentationUnitHeader
+	// donl is a 16-bit field, that may or may not be present.
+	donl *uint16
+	// payload of the fragmentation unit.
+	payload []byte
+
+	mightNeedDONL bool
+}
+
+// WithDONL can be called to specify whether or not DONL might be parsed.
+// DONL may need to be parsed if `sprop-max-don-diff` is greater than 0 on the RTP stream.
+func (p *H265FragmentationUnitPacket) WithDONL(value bool) {
+	p.mightNeedDONL = value
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the H265FragmentationUnitPacket this method is called upon.
+func (p *H265FragmentationUnitPacket) Unmarshal(payload []byte) ([]byte, error) {
+	// sizeof(headers)
+	const totalHeaderSize = h265NaluHeaderSize + h265FragmentationUnitHeaderSize
+	if payload == nil {
+		return nil, errNilPacket
+	} else if len(payload) <= totalHeaderSize {
+		return nil, fmt.Errorf("%w: %d <= %v", errShortPacket, len(payload), totalHeaderSize)
+	}
+
+	payloadHeader := newH265NALUHeader(payload[0], payload[1])
+	if payloadHeader.F() {
+		return nil, errH265CorruptedPacket
+	}
+	if !payloadHeader.IsFragmentationUnit() {
+		return nil, errInvalidH265PacketType
+	}
+
+	fuHeader := H265FragmentationUnitHeader(payload[2])
+	payload = payload[3:]
+
+	if fuHeader.S() && p.mightNeedDONL {
+		// sizeof(uint16)
+		if len(payload) <= 2 {
+			return nil, errShortPacket
+		}
+
+		donl := (uint16(payload[0]) << 8) | uint16(payload[1])
+		p.donl = &donl
+		payload = payload[2:]
+	}
+
+	p.payloadHeader = payloadHeader
+	p.fuHeader = fuHeader
+	p.payload = payload
+
+	return nil, nil
+}
+
+// PayloadHeader returns the NALU header of the packet.
+func (p *H265FragmentationUnitPacket) PayloadHeader() H265NALUHeader {
+	return p.payloadHeader
+}
+
+// FuHeader returns the Fragmentation Unit Header of the packet.
+func (p *H265FragmentationUnitPacket) FuHeader() H265FragmentationUnitHeader {
+	return p.fuHeader
+}
+
+// DONL returns the DONL of the packet.
+func (p *H265FragmentationUnitPacket) DONL() *uint16 {
+	return p.donl
+}
+
+// Payload returns the Fragmentation Unit packet payload.
+func (p *H265FragmentationUnitPacket) Payload() []byte {
+	return p.payload
+}
+
+func (p *H265FragmentationUnitPacket) isH265Packet() {}
+
+//
+// PACI implementation
+//
+
+// H265PACIPacket represents a single H265 PACI packet.
+/*
+*  0                   1                   2                   3
+*  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |    PayloadHdr (Type=50)       |A|   cType   | PHSsize |F0..2|Y|
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |        Payload Header Extension Structure (PHES)              |
+* |=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=|
+* |                                                               |
+* |                  PACI payload: NAL unit                       |
+* |                   . . .                                       |
+* |                                                               |
+* |                               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+* |                               :...OPTIONAL RTP padding        |
+* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+**/
+// Reference: https://datatracker.ietf.org/doc/html/rfc7798#section-4.4.4
+type H265PACIPacket struct {
+	// payloadHeader is the header of the H265 packet.
+	payloadHeader H265NALUHeader
+
+	// Field which holds value for `A`, `cType`, `PHSsize`, `F0`, `F1`, `F2` and `Y` fields.
+	paciHeaderFields uint16
+
+	// phes is a header extension, of byte length `PHSsize`
+	phes []byte
+
+	// Payload contains NAL units & optional padding
+	payload []byte
+}
+
+// PayloadHeader returns the NAL Unit Header.
+func (p *H265PACIPacket) PayloadHeader() H265NALUHeader {
+	return p.payloadHeader
+}
+
+// A copies the F bit of the PACI payload NALU.
+func (p *H265PACIPacket) A() bool {
+	const mask = 0b10000000 << 8
+	return (p.paciHeaderFields & mask) != 0
+}
+
+// CType copies the Type field of the PACI payload NALU.
+func (p *H265PACIPacket) CType() uint8 {
+	const mask = 0b01111110 << 8
+	return uint8((p.paciHeaderFields & mask) >> (8 + 1))
+}
+
+// PHSsize indicates the size of the PHES field.
+func (p *H265PACIPacket) PHSsize() uint8 {
+	const mask = (0b00000001 << 8) | 0b11110000
+	return uint8((p.paciHeaderFields & mask) >> 4)
+}
+
+// F0 indicates the presence of a Temporal Scalability support extension in the PHES.
+func (p *H265PACIPacket) F0() bool {
+	const mask = 0b00001000
+	return (p.paciHeaderFields & mask) != 0
+}
+
+// F1 must be zero, reserved for future extensions.
+func (p *H265PACIPacket) F1() bool {
+	const mask = 0b00000100
+	return (p.paciHeaderFields & mask) != 0
+}
+
+// F2 must be zero, reserved for future extensions.
+func (p *H265PACIPacket) F2() bool {
+	const mask = 0b00000010
+	return (p.paciHeaderFields & mask) != 0
+}
+
+// Y must be zero, reserved for future extensions.
+func (p *H265PACIPacket) Y() bool {
+	const mask = 0b00000001
+	return (p.paciHeaderFields & mask) != 0
+}
+
+// PHES contains header extensions. Its size is indicated by PHSsize.
+func (p *H265PACIPacket) PHES() []byte {
+	return p.phes
+}
+
+// Payload is a single NALU or NALU-like struct, not including the first two octets (header).
+func (p *H265PACIPacket) Payload() []byte {
+	return p.payload
+}
+
+// TSCI returns the Temporal Scalability Control Information extension, if present.
+func (p *H265PACIPacket) TSCI() *H265TSCI {
+	if !p.F0() || p.PHSsize() < 3 {
+		return nil
+	}
+
+	tsci := H265TSCI((uint32(p.phes[0]) << 16) | (uint32(p.phes[1]) << 8) | uint32(p.phes[0]))
+	return &tsci
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the H265PACIPacket this method is called upon.
+func (p *H265PACIPacket) Unmarshal(payload []byte) ([]byte, error) {
+	// sizeof(headers)
+	const totalHeaderSize = h265NaluHeaderSize + 2
+	if payload == nil {
+		return nil, errNilPacket
+	} else if len(payload) <= totalHeaderSize {
+		return nil, fmt.Errorf("%w: %d <= %v", errShortPacket, len(payload), totalHeaderSize)
+	}
+
+	payloadHeader := newH265NALUHeader(payload[0], payload[1])
+	if payloadHeader.F() {
+		return nil, errH265CorruptedPacket
+	}
+	if !payloadHeader.IsPACIPacket() {
+		return nil, errInvalidH265PacketType
+	}
+
+	paciHeaderFields := (uint16(payload[2]) << 8) | uint16(payload[3])
+	payload = payload[4:]
+
+	p.paciHeaderFields = paciHeaderFields
+	headerExtensionSize := p.PHSsize()
+
+	if len(payload) < int(headerExtensionSize)+1 {
+		p.paciHeaderFields = 0
+		return nil, errShortPacket
+	}
+
+	p.payloadHeader = payloadHeader
+
+	if headerExtensionSize > 0 {
+		p.phes = payload[:headerExtensionSize]
+	}
+
+	payload = payload[headerExtensionSize:]
+	p.payload = payload
+
+	return nil, nil
+}
+
+func (p *H265PACIPacket) isH265Packet() {}
+
+//
+// Temporal Scalability Control Information
+//
+
+// H265TSCI is a Temporal Scalability Control Information header extension.
+// Reference: https://datatracker.ietf.org/doc/html/rfc7798#section-4.5
+type H265TSCI uint32
+
+// TL0PICIDX see RFC7798 for more details.
+func (h H265TSCI) TL0PICIDX() uint8 {
+	const m1 = 0xFFFF0000
+	const m2 = 0xFF00
+	return uint8((((h & m1) >> 16) & m2) >> 8)
+}
+
+// IrapPicID see RFC7798 for more details.
+func (h H265TSCI) IrapPicID() uint8 {
+	const m1 = 0xFFFF0000
+	const m2 = 0x00FF
+	return uint8(((h & m1) >> 16) & m2)
+}
+
+// S see RFC7798 for more details.
+func (h H265TSCI) S() bool {
+	const m1 = 0xFF00
+	const m2 = 0b10000000
+	return (uint8((h&m1)>>8) & m2) != 0
+}
+
+// E see RFC7798 for more details.
+func (h H265TSCI) E() bool {
+	const m1 = 0xFF00
+	const m2 = 0b01000000
+	return (uint8((h&m1)>>8) & m2) != 0
+}
+
+// RES see RFC7798 for more details.
+func (h H265TSCI) RES() uint8 {
+	const m1 = 0xFF00
+	const m2 = 0b00111111
+	return uint8((h&m1)>>8) & m2
+}
+
+//
+// H265 Packet interface
+//
+
+type isH265Packet interface {
+	isH265Packet()
+}
+
+var (
+	_ isH265Packet = (*H265FragmentationUnitPacket)(nil)
+	_ isH265Packet = (*H265PACIPacket)(nil)
+	_ isH265Packet = (*H265SingleNALUnitPacket)(nil)
+	_ isH265Packet = (*H265AggregationPacket)(nil)
+)
+
+//
+// Packet implementation
+//
+
+// H265Packet represents a H265 packet, stored in the payload of an RTP packet.
+type H265Packet struct {
+	packet        isH265Packet
+	mightNeedDONL bool
+
+	videoDepacketizer
+}
+
+// WithDONL can be called to specify whether or not DONL might be parsed.
+// DONL may need to be parsed if `sprop-max-don-diff` is greater than 0 on the RTP stream.
+func (p *H265Packet) WithDONL(value bool) {
+	p.mightNeedDONL = value
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the H265Packet this method is called upon
+func (p *H265Packet) Unmarshal(payload []byte) ([]byte, error) {
+	if payload == nil {
+		return nil, errNilPacket
+	} else if len(payload) <= h265NaluHeaderSize {
+		return nil, fmt.Errorf("%w: %d <= %v", errShortPacket, len(payload), h265NaluHeaderSize)
+	}
+
+	payloadHeader := newH265NALUHeader(payload[0], payload[1])
+	if payloadHeader.F() {
+		return nil, errH265CorruptedPacket
+	}
+
+	switch {
+	case payloadHeader.IsPACIPacket():
+		decoded := &H265PACIPacket{}
+		if _, err := decoded.Unmarshal(payload); err != nil {
+			return nil, err
+		}
+
+		p.packet = decoded
+
+	case payloadHeader.IsFragmentationUnit():
+		decoded := &H265FragmentationUnitPacket{}
+		decoded.WithDONL(p.mightNeedDONL)
+
+		if _, err := decoded.Unmarshal(payload); err != nil {
+			return nil, err
+		}
+
+		p.packet = decoded
+
+	case payloadHeader.IsAggregationPacket():
+		decoded := &H265AggregationPacket{}
+		decoded.WithDONL(p.mightNeedDONL)
+
+		if _, err := decoded.Unmarshal(payload); err != nil {
+			return nil, err
+		}
+
+		p.packet = decoded
+
+	default:
+		decoded := &H265SingleNALUnitPacket{}
+		decoded.WithDONL(p.mightNeedDONL)
+
+		if _, err := decoded.Unmarshal(payload); err != nil {
+			return nil, err
+		}
+
+		p.packet = decoded
+	}
+
+	return nil, nil
+}
+
+// Packet returns the populated packet.
+// Must be casted to one of:
+// - *H265SingleNALUnitPacket
+// - *H265FragmentationUnitPacket
+// - *H265AggregationPacket
+// - *H265PACIPacket
+// nolint:golint
+func (p *H265Packet) Packet() isH265Packet {
+	return p.packet
+}
+
+// IsPartitionHead checks if this is the head of a packetized nalu stream.
+func (*H265Packet) IsPartitionHead(payload []byte) bool {
+	if len(payload) < 3 {
+		return false
+	}
+
+	if H265NALUHeader(binary.BigEndian.Uint16(payload[0:2])).Type() == h265NaluFragmentationUnitType {
+		return H265FragmentationUnitHeader(payload[2]).S()
+	}
+
+	return true
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/opus_packet.go b/server/vendor/github.com/pion/rtp/codecs/opus_packet.go
new file mode 100644
index 0000000..00ee903
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/opus_packet.go
@@ -0,0 +1,49 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+// OpusPayloader payloads Opus packets
+type OpusPayloader struct{}
+
+// Payload fragments an Opus packet across one or more byte arrays
+func (p *OpusPayloader) Payload(_ uint16, payload []byte) [][]byte {
+	if payload == nil {
+		return [][]byte{}
+	}
+
+	out := make([]byte, len(payload))
+	copy(out, payload)
+	return [][]byte{out}
+}
+
+// OpusPacket represents the Opus header that is stored in the payload of an RTP Packet
+type OpusPacket struct {
+	Payload []byte
+
+	audioDepacketizer
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the OpusPacket this method is called upon
+func (p *OpusPacket) Unmarshal(packet []byte) ([]byte, error) {
+	if packet == nil {
+		return nil, errNilPacket
+	} else if len(packet) == 0 {
+		return nil, errShortPacket
+	}
+
+	p.Payload = packet
+	return packet, nil
+}
+
+// OpusPartitionHeadChecker checks Opus partition head.
+//
+// Deprecated: replaced by OpusPacket.IsPartitionHead()
+type OpusPartitionHeadChecker struct{}
+
+// IsPartitionHead checks whether if this is a head of the Opus partition.
+//
+// Deprecated: replaced by OpusPacket.IsPartitionHead()
+func (*OpusPartitionHeadChecker) IsPartitionHead(packet []byte) bool {
+	return (&OpusPacket{}).IsPartitionHead(packet)
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/vp8_packet.go b/server/vendor/github.com/pion/rtp/codecs/vp8_packet.go
new file mode 100644
index 0000000..4ddd15b
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/vp8_packet.go
@@ -0,0 +1,234 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+// VP8Payloader payloads VP8 packets
+type VP8Payloader struct {
+	EnablePictureID bool
+	pictureID       uint16
+}
+
+const (
+	vp8HeaderSize = 1
+)
+
+// Payload fragments a VP8 packet across one or more byte arrays
+func (p *VP8Payloader) Payload(mtu uint16, payload []byte) [][]byte {
+	/*
+	 * https://tools.ietf.org/html/rfc7741#section-4.2
+	 *
+	 *       0 1 2 3 4 5 6 7
+	 *      +-+-+-+-+-+-+-+-+
+	 *      |X|R|N|S|R| PID | (REQUIRED)
+	 *      +-+-+-+-+-+-+-+-+
+	 * X:   |I|L|T|K| RSV   | (OPTIONAL)
+	 *      +-+-+-+-+-+-+-+-+
+	 * I:   |M| PictureID   | (OPTIONAL)
+	 *      +-+-+-+-+-+-+-+-+
+	 * L:   |   TL0PICIDX   | (OPTIONAL)
+	 *      +-+-+-+-+-+-+-+-+
+	 * T/K: |TID|Y| KEYIDX  | (OPTIONAL)
+	 *      +-+-+-+-+-+-+-+-+
+	 *  S: Start of VP8 partition.  SHOULD be set to 1 when the first payload
+	 *     octet of the RTP packet is the beginning of a new VP8 partition,
+	 *     and MUST NOT be 1 otherwise.  The S bit MUST be set to 1 for the
+	 *     first packet of each encoded frame.
+	 */
+
+	usingHeaderSize := vp8HeaderSize
+	if p.EnablePictureID {
+		switch {
+		case p.pictureID == 0:
+		case p.pictureID < 128:
+			usingHeaderSize = vp8HeaderSize + 2
+		default:
+			usingHeaderSize = vp8HeaderSize + 3
+		}
+	}
+
+	maxFragmentSize := int(mtu) - usingHeaderSize
+
+	payloadData := payload
+	payloadDataRemaining := len(payload)
+
+	payloadDataIndex := 0
+	var payloads [][]byte
+
+	// Make sure the fragment/payload size is correct
+	if min(maxFragmentSize, payloadDataRemaining) <= 0 {
+		return payloads
+	}
+	first := true
+	for payloadDataRemaining > 0 {
+		currentFragmentSize := min(maxFragmentSize, payloadDataRemaining)
+		out := make([]byte, usingHeaderSize+currentFragmentSize)
+
+		if first {
+			out[0] = 0x10
+			first = false
+		}
+		if p.EnablePictureID {
+			switch usingHeaderSize {
+			case vp8HeaderSize:
+			case vp8HeaderSize + 2:
+				out[0] |= 0x80
+				out[1] |= 0x80
+				out[2] |= uint8(p.pictureID & 0x7F)
+			case vp8HeaderSize + 3:
+				out[0] |= 0x80
+				out[1] |= 0x80
+				out[2] |= 0x80 | uint8((p.pictureID>>8)&0x7F)
+				out[3] |= uint8(p.pictureID & 0xFF)
+			}
+		}
+
+		copy(out[usingHeaderSize:], payloadData[payloadDataIndex:payloadDataIndex+currentFragmentSize])
+		payloads = append(payloads, out)
+
+		payloadDataRemaining -= currentFragmentSize
+		payloadDataIndex += currentFragmentSize
+	}
+
+	p.pictureID++
+	p.pictureID &= 0x7FFF
+
+	return payloads
+}
+
+// VP8Packet represents the VP8 header that is stored in the payload of an RTP Packet
+type VP8Packet struct {
+	// Required Header
+	X   uint8 /* extended control bits present */
+	N   uint8 /* when set to 1 this frame can be discarded */
+	S   uint8 /* start of VP8 partition */
+	PID uint8 /* partition index */
+
+	// Extended control bits
+	I uint8 /* 1 if PictureID is present */
+	L uint8 /* 1 if TL0PICIDX is present */
+	T uint8 /* 1 if TID is present */
+	K uint8 /* 1 if KEYIDX is present */
+
+	// Optional extension
+	PictureID uint16 /* 8 or 16 bits, picture ID */
+	TL0PICIDX uint8  /* 8 bits temporal level zero index */
+	TID       uint8  /* 2 bits temporal layer index */
+	Y         uint8  /* 1 bit layer sync bit */
+	KEYIDX    uint8  /* 5 bits temporal key frame index */
+
+	Payload []byte
+
+	videoDepacketizer
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the VP8Packet this method is called upon
+func (p *VP8Packet) Unmarshal(payload []byte) ([]byte, error) { //nolint: gocognit
+	if payload == nil {
+		return nil, errNilPacket
+	}
+
+	payloadLen := len(payload)
+
+	payloadIndex := 0
+
+	if payloadIndex >= payloadLen {
+		return nil, errShortPacket
+	}
+	p.X = (payload[payloadIndex] & 0x80) >> 7
+	p.N = (payload[payloadIndex] & 0x20) >> 5
+	p.S = (payload[payloadIndex] & 0x10) >> 4
+	p.PID = payload[payloadIndex] & 0x07
+
+	payloadIndex++
+
+	if p.X == 1 {
+		if payloadIndex >= payloadLen {
+			return nil, errShortPacket
+		}
+		p.I = (payload[payloadIndex] & 0x80) >> 7
+		p.L = (payload[payloadIndex] & 0x40) >> 6
+		p.T = (payload[payloadIndex] & 0x20) >> 5
+		p.K = (payload[payloadIndex] & 0x10) >> 4
+		payloadIndex++
+	} else {
+		p.I = 0
+		p.L = 0
+		p.T = 0
+		p.K = 0
+	}
+
+	if p.I == 1 { // PID present?
+		if payloadIndex >= payloadLen {
+			return nil, errShortPacket
+		}
+		if payload[payloadIndex]&0x80 > 0 { // M == 1, PID is 16bit
+			if payloadIndex+1 >= payloadLen {
+				return nil, errShortPacket
+			}
+			p.PictureID = (uint16(payload[payloadIndex]&0x7F) << 8) | uint16(payload[payloadIndex+1])
+			payloadIndex += 2
+		} else {
+			p.PictureID = uint16(payload[payloadIndex])
+			payloadIndex++
+		}
+	} else {
+		p.PictureID = 0
+	}
+
+	if p.L == 1 {
+		if payloadIndex >= payloadLen {
+			return nil, errShortPacket
+		}
+		p.TL0PICIDX = payload[payloadIndex]
+		payloadIndex++
+	} else {
+		p.TL0PICIDX = 0
+	}
+
+	if p.T == 1 || p.K == 1 {
+		if payloadIndex >= payloadLen {
+			return nil, errShortPacket
+		}
+		if p.T == 1 {
+			p.TID = payload[payloadIndex] >> 6
+			p.Y = (payload[payloadIndex] >> 5) & 0x1
+		} else {
+			p.TID = 0
+			p.Y = 0
+		}
+		if p.K == 1 {
+			p.KEYIDX = payload[payloadIndex] & 0x1F
+		} else {
+			p.KEYIDX = 0
+		}
+		payloadIndex++
+	} else {
+		p.TID = 0
+		p.Y = 0
+		p.KEYIDX = 0
+	}
+
+	p.Payload = payload[payloadIndex:]
+	return p.Payload, nil
+}
+
+// VP8PartitionHeadChecker checks VP8 partition head
+//
+// Deprecated: replaced by VP8Packet.IsPartitionHead()
+type VP8PartitionHeadChecker struct{}
+
+// IsPartitionHead checks whether if this is a head of the VP8 partition.
+//
+// Deprecated: replaced by VP8Packet.IsPartitionHead()
+func (*VP8PartitionHeadChecker) IsPartitionHead(packet []byte) bool {
+	return (&VP8Packet{}).IsPartitionHead(packet)
+}
+
+// IsPartitionHead checks whether if this is a head of the VP8 partition
+func (*VP8Packet) IsPartitionHead(payload []byte) bool {
+	if len(payload) < 1 {
+		return false
+	}
+	return (payload[0] & 0x10) != 0
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/vp9/bits.go b/server/vendor/github.com/pion/rtp/codecs/vp9/bits.go
new file mode 100644
index 0000000..a6a3c1f
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/vp9/bits.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vp9
+
+import "errors"
+
+var errNotEnoughBits = errors.New("not enough bits")
+
+func hasSpace(buf []byte, pos int, n int) error {
+	if n > ((len(buf) * 8) - pos) {
+		return errNotEnoughBits
+	}
+	return nil
+}
+
+func readFlag(buf []byte, pos *int) (bool, error) {
+	err := hasSpace(buf, *pos, 1)
+	if err != nil {
+		return false, err
+	}
+
+	return readFlagUnsafe(buf, pos), nil
+}
+
+func readFlagUnsafe(buf []byte, pos *int) bool {
+	b := (buf[*pos>>0x03] >> (7 - (*pos & 0x07))) & 0x01
+	*pos++
+	return b == 1
+}
+
+func readBits(buf []byte, pos *int, n int) (uint64, error) {
+	err := hasSpace(buf, *pos, n)
+	if err != nil {
+		return 0, err
+	}
+
+	return readBitsUnsafe(buf, pos, n), nil
+}
+
+func readBitsUnsafe(buf []byte, pos *int, n int) uint64 {
+	res := 8 - (*pos & 0x07)
+	if n < res {
+		v := uint64((buf[*pos>>0x03] >> (res - n)) & (1<<n - 1))
+		*pos += n
+		return v
+	}
+
+	v := uint64(buf[*pos>>0x03] & (1<<res - 1))
+	*pos += res
+	n -= res
+
+	for n >= 8 {
+		v = (v << 8) | uint64(buf[*pos>>0x03])
+		*pos += 8
+		n -= 8
+	}
+
+	if n > 0 {
+		v = (v << n) | uint64(buf[*pos>>0x03]>>(8-n))
+		*pos += n
+	}
+
+	return v
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/vp9/header.go b/server/vendor/github.com/pion/rtp/codecs/vp9/header.go
new file mode 100644
index 0000000..30e15bc
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/vp9/header.go
@@ -0,0 +1,221 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package vp9 contains a VP9 header parser.
+package vp9
+
+import (
+	"errors"
+)
+
+var (
+	errInvalidFrameMarker  = errors.New("invalid frame marker")
+	errWrongFrameSyncByte0 = errors.New("wrong frame_sync_byte_0")
+	errWrongFrameSyncByte1 = errors.New("wrong frame_sync_byte_1")
+	errWrongFrameSyncByte2 = errors.New("wrong frame_sync_byte_2")
+)
+
+// HeaderColorConfig is the color_config member of an header.
+type HeaderColorConfig struct {
+	TenOrTwelveBit bool
+	BitDepth       uint8
+	ColorSpace     uint8
+	ColorRange     bool
+	SubsamplingX   bool
+	SubsamplingY   bool
+}
+
+func (c *HeaderColorConfig) unmarshal(profile uint8, buf []byte, pos *int) error {
+	if profile >= 2 {
+		var err error
+		c.TenOrTwelveBit, err = readFlag(buf, pos)
+		if err != nil {
+			return err
+		}
+
+		if c.TenOrTwelveBit {
+			c.BitDepth = 12
+		} else {
+			c.BitDepth = 10
+		}
+	} else {
+		c.BitDepth = 8
+	}
+
+	tmp, err := readBits(buf, pos, 3)
+	if err != nil {
+		return err
+	}
+	c.ColorSpace = uint8(tmp)
+
+	if c.ColorSpace != 7 {
+		var err error
+		c.ColorRange, err = readFlag(buf, pos)
+		if err != nil {
+			return err
+		}
+
+		if profile == 1 || profile == 3 {
+			err := hasSpace(buf, *pos, 3)
+			if err != nil {
+				return err
+			}
+
+			c.SubsamplingX = readFlagUnsafe(buf, pos)
+			c.SubsamplingY = readFlagUnsafe(buf, pos)
+			*pos++
+		} else {
+			c.SubsamplingX = true
+			c.SubsamplingY = true
+		}
+	} else {
+		c.ColorRange = true
+
+		if profile == 1 || profile == 3 {
+			c.SubsamplingX = false
+			c.SubsamplingY = false
+
+			err := hasSpace(buf, *pos, 1)
+			if err != nil {
+				return err
+			}
+			*pos++
+		}
+	}
+
+	return nil
+}
+
+// HeaderFrameSize is the frame_size member of an header.
+type HeaderFrameSize struct {
+	FrameWidthMinus1  uint16
+	FrameHeightMinus1 uint16
+}
+
+func (s *HeaderFrameSize) unmarshal(buf []byte, pos *int) error {
+	err := hasSpace(buf, *pos, 32)
+	if err != nil {
+		return err
+	}
+
+	s.FrameWidthMinus1 = uint16(readBitsUnsafe(buf, pos, 16))
+	s.FrameHeightMinus1 = uint16(readBitsUnsafe(buf, pos, 16))
+	return nil
+}
+
+// Header is a VP9 Frame header.
+// Specification:
+// https://storage.googleapis.com/downloads.webmproject.org/docs/vp9/vp9-bitstream-specification-v0.6-20160331-draft.pdf
+type Header struct {
+	Profile            uint8
+	ShowExistingFrame  bool
+	FrameToShowMapIdx  uint8
+	NonKeyFrame        bool
+	ShowFrame          bool
+	ErrorResilientMode bool
+	ColorConfig        *HeaderColorConfig
+	FrameSize          *HeaderFrameSize
+}
+
+// Unmarshal decodes a Header.
+func (h *Header) Unmarshal(buf []byte) error {
+	pos := 0
+
+	err := hasSpace(buf, pos, 4)
+	if err != nil {
+		return err
+	}
+
+	frameMarker := readBitsUnsafe(buf, &pos, 2)
+	if frameMarker != 2 {
+		return errInvalidFrameMarker
+	}
+
+	profileLowBit := uint8(readBitsUnsafe(buf, &pos, 1))
+	profileHighBit := uint8(readBitsUnsafe(buf, &pos, 1))
+	h.Profile = profileHighBit<<1 + profileLowBit
+
+	if h.Profile == 3 {
+		err = hasSpace(buf, pos, 1)
+		if err != nil {
+			return err
+		}
+		pos++
+	}
+
+	h.ShowExistingFrame, err = readFlag(buf, &pos)
+	if err != nil {
+		return err
+	}
+
+	if h.ShowExistingFrame {
+		var tmp uint64
+		tmp, err = readBits(buf, &pos, 3)
+		if err != nil {
+			return err
+		}
+		h.FrameToShowMapIdx = uint8(tmp)
+		return nil
+	}
+
+	err = hasSpace(buf, pos, 3)
+	if err != nil {
+		return err
+	}
+
+	h.NonKeyFrame = readFlagUnsafe(buf, &pos)
+	h.ShowFrame = readFlagUnsafe(buf, &pos)
+	h.ErrorResilientMode = readFlagUnsafe(buf, &pos)
+
+	if !h.NonKeyFrame {
+		err := hasSpace(buf, pos, 24)
+		if err != nil {
+			return err
+		}
+
+		frameSyncByte0 := uint8(readBitsUnsafe(buf, &pos, 8))
+		if frameSyncByte0 != 0x49 {
+			return errWrongFrameSyncByte0
+		}
+
+		frameSyncByte1 := uint8(readBitsUnsafe(buf, &pos, 8))
+		if frameSyncByte1 != 0x83 {
+			return errWrongFrameSyncByte1
+		}
+
+		frameSyncByte2 := uint8(readBitsUnsafe(buf, &pos, 8))
+		if frameSyncByte2 != 0x42 {
+			return errWrongFrameSyncByte2
+		}
+
+		h.ColorConfig = &HeaderColorConfig{}
+		err = h.ColorConfig.unmarshal(h.Profile, buf, &pos)
+		if err != nil {
+			return err
+		}
+
+		h.FrameSize = &HeaderFrameSize{}
+		err = h.FrameSize.unmarshal(buf, &pos)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// Width returns the video width.
+func (h Header) Width() uint16 {
+	if h.FrameSize == nil {
+		return 0
+	}
+	return h.FrameSize.FrameWidthMinus1 + 1
+}
+
+// Height returns the video height.
+func (h Header) Height() uint16 {
+	if h.FrameSize == nil {
+		return 0
+	}
+	return h.FrameSize.FrameHeightMinus1 + 1
+}
diff --git a/server/vendor/github.com/pion/rtp/codecs/vp9_packet.go b/server/vendor/github.com/pion/rtp/codecs/vp9_packet.go
new file mode 100644
index 0000000..98920be
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/codecs/vp9_packet.go
@@ -0,0 +1,511 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package codecs
+
+import (
+	"github.com/pion/randutil"
+	"github.com/pion/rtp/codecs/vp9"
+)
+
+// Use global random generator to properly seed by crypto grade random.
+var globalMathRandomGenerator = randutil.NewMathRandomGenerator() // nolint:gochecknoglobals
+
+// VP9Payloader payloads VP9 packets
+type VP9Payloader struct {
+	// whether to use flexible mode or non-flexible mode.
+	FlexibleMode bool
+
+	// InitialPictureIDFn is a function that returns random initial picture ID.
+	InitialPictureIDFn func() uint16
+
+	pictureID   uint16
+	initialized bool
+}
+
+const (
+	maxSpatialLayers = 5
+	maxVP9RefPics    = 3
+)
+
+// Payload fragments an VP9 packet across one or more byte arrays
+func (p *VP9Payloader) Payload(mtu uint16, payload []byte) [][]byte {
+	if !p.initialized {
+		if p.InitialPictureIDFn == nil {
+			p.InitialPictureIDFn = func() uint16 {
+				return uint16(globalMathRandomGenerator.Intn(0x7FFF))
+			}
+		}
+		p.pictureID = p.InitialPictureIDFn() & 0x7FFF
+		p.initialized = true
+	}
+
+	var payloads [][]byte
+	if p.FlexibleMode {
+		payloads = p.payloadFlexible(mtu, payload)
+	} else {
+		payloads = p.payloadNonFlexible(mtu, payload)
+	}
+
+	p.pictureID++
+	if p.pictureID >= 0x8000 {
+		p.pictureID = 0
+	}
+
+	return payloads
+}
+
+func (p *VP9Payloader) payloadFlexible(mtu uint16, payload []byte) [][]byte {
+	/*
+	 * Flexible mode (F=1)
+	 *        0 1 2 3 4 5 6 7
+	 *       +-+-+-+-+-+-+-+-+
+	 *       |I|P|L|F|B|E|V|Z| (REQUIRED)
+	 *       +-+-+-+-+-+-+-+-+
+	 *  I:   |M| PICTURE ID  | (REQUIRED)
+	 *       +-+-+-+-+-+-+-+-+
+	 *  M:   | EXTENDED PID  | (RECOMMENDED)
+	 *       +-+-+-+-+-+-+-+-+
+	 *  L:   | TID |U| SID |D| (CONDITIONALLY RECOMMENDED)
+	 *       +-+-+-+-+-+-+-+-+                             -\
+	 *  P,F: | P_DIFF      |N| (CONDITIONALLY REQUIRED)    - up to 3 times
+	 *       +-+-+-+-+-+-+-+-+                             -/
+	 *  V:   | SS            |
+	 *       | ..            |
+	 *       +-+-+-+-+-+-+-+-+
+	 */
+
+	headerSize := 3
+	maxFragmentSize := int(mtu) - headerSize
+	payloadDataRemaining := len(payload)
+	payloadDataIndex := 0
+	var payloads [][]byte
+
+	if min(maxFragmentSize, payloadDataRemaining) <= 0 {
+		return [][]byte{}
+	}
+
+	for payloadDataRemaining > 0 {
+		currentFragmentSize := min(maxFragmentSize, payloadDataRemaining)
+		out := make([]byte, headerSize+currentFragmentSize)
+
+		out[0] = 0x90 // F=1, I=1
+		if payloadDataIndex == 0 {
+			out[0] |= 0x08 // B=1
+		}
+		if payloadDataRemaining == currentFragmentSize {
+			out[0] |= 0x04 // E=1
+		}
+
+		out[1] = byte(p.pictureID>>8) | 0x80
+		out[2] = byte(p.pictureID)
+
+		copy(out[headerSize:], payload[payloadDataIndex:payloadDataIndex+currentFragmentSize])
+		payloads = append(payloads, out)
+
+		payloadDataRemaining -= currentFragmentSize
+		payloadDataIndex += currentFragmentSize
+	}
+
+	return payloads
+}
+
+func (p *VP9Payloader) payloadNonFlexible(mtu uint16, payload []byte) [][]byte {
+	/*
+	 * Non-flexible mode (F=0)
+	 *        0 1 2 3 4 5 6 7
+	 *       +-+-+-+-+-+-+-+-+
+	 *       |I|P|L|F|B|E|V|Z| (REQUIRED)
+	 *       +-+-+-+-+-+-+-+-+
+	 *  I:   |M| PICTURE ID  | (RECOMMENDED)
+	 *       +-+-+-+-+-+-+-+-+
+	 *  M:   | EXTENDED PID  | (RECOMMENDED)
+	 *       +-+-+-+-+-+-+-+-+
+	 *  L:   | TID |U| SID |D| (CONDITIONALLY RECOMMENDED)
+	 *       +-+-+-+-+-+-+-+-+
+	 *       |   TL0PICIDX   | (CONDITIONALLY REQUIRED)
+	 *       +-+-+-+-+-+-+-+-+
+	 *  V:   | SS            |
+	 *       | ..            |
+	 *       +-+-+-+-+-+-+-+-+
+	 */
+
+	var h vp9.Header
+	err := h.Unmarshal(payload)
+	if err != nil {
+		return [][]byte{}
+	}
+
+	payloadDataRemaining := len(payload)
+	payloadDataIndex := 0
+	var payloads [][]byte
+
+	for payloadDataRemaining > 0 {
+		var headerSize int
+		if !h.NonKeyFrame && payloadDataIndex == 0 {
+			headerSize = 3 + 8
+		} else {
+			headerSize = 3
+		}
+
+		maxFragmentSize := int(mtu) - headerSize
+		currentFragmentSize := min(maxFragmentSize, payloadDataRemaining)
+		if currentFragmentSize <= 0 {
+			return [][]byte{}
+		}
+
+		out := make([]byte, headerSize+currentFragmentSize)
+
+		out[0] = 0x80 | 0x01 // I=1, Z=1
+
+		if h.NonKeyFrame {
+			out[0] |= 0x40 // P=1
+		}
+		if payloadDataIndex == 0 {
+			out[0] |= 0x08 // B=1
+		}
+		if payloadDataRemaining == currentFragmentSize {
+			out[0] |= 0x04 // E=1
+		}
+
+		out[1] = byte(p.pictureID>>8) | 0x80
+		out[2] = byte(p.pictureID)
+		off := 3
+
+		if !h.NonKeyFrame && payloadDataIndex == 0 {
+			out[0] |= 0x02         // V=1
+			out[off] = 0x10 | 0x08 // N_S=0, Y=1, G=1
+			off++
+
+			width := h.Width()
+			out[off] = byte(width >> 8)
+			off++
+			out[off] = byte(width & 0xFF)
+			off++
+
+			height := h.Height()
+			out[off] = byte(height >> 8)
+			off++
+			out[off] = byte(height & 0xFF)
+			off++
+
+			out[off] = 0x01 // N_G=1
+			off++
+
+			out[off] = 1<<4 | 1<<2 // TID=0, U=1, R=1
+			off++
+
+			out[off] = 0x01 // P_DIFF=1
+		}
+
+		copy(out[headerSize:], payload[payloadDataIndex:payloadDataIndex+currentFragmentSize])
+		payloads = append(payloads, out)
+
+		payloadDataRemaining -= currentFragmentSize
+		payloadDataIndex += currentFragmentSize
+	}
+
+	return payloads
+}
+
+// VP9Packet represents the VP9 header that is stored in the payload of an RTP Packet
+type VP9Packet struct {
+	// Required header
+	I bool // PictureID is present
+	P bool // Inter-picture predicted frame
+	L bool // Layer indices is present
+	F bool // Flexible mode
+	B bool // Start of a frame
+	E bool // End of a frame
+	V bool // Scalability structure (SS) data present
+	Z bool // Not a reference frame for upper spatial layers
+
+	// Recommended headers
+	PictureID uint16 // 7 or 16 bits, picture ID
+
+	// Conditionally recommended headers
+	TID uint8 // Temporal layer ID
+	U   bool  // Switching up point
+	SID uint8 // Spatial layer ID
+	D   bool  // Inter-layer dependency used
+
+	// Conditionally required headers
+	PDiff     []uint8 // Reference index (F=1)
+	TL0PICIDX uint8   // Temporal layer zero index (F=0)
+
+	// Scalability structure headers
+	NS      uint8 // N_S + 1 indicates the number of spatial layers present in the VP9 stream
+	Y       bool  // Each spatial layer's frame resolution present
+	G       bool  // PG description present flag.
+	NG      uint8 // N_G indicates the number of pictures in a Picture Group (PG)
+	Width   []uint16
+	Height  []uint16
+	PGTID   []uint8   // Temporal layer ID of pictures in a Picture Group
+	PGU     []bool    // Switching up point of pictures in a Picture Group
+	PGPDiff [][]uint8 // Reference indecies of pictures in a Picture Group
+
+	Payload []byte
+
+	videoDepacketizer
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the VP9Packet this method is called upon
+func (p *VP9Packet) Unmarshal(packet []byte) ([]byte, error) {
+	if packet == nil {
+		return nil, errNilPacket
+	}
+	if len(packet) < 1 {
+		return nil, errShortPacket
+	}
+
+	p.I = packet[0]&0x80 != 0
+	p.P = packet[0]&0x40 != 0
+	p.L = packet[0]&0x20 != 0
+	p.F = packet[0]&0x10 != 0
+	p.B = packet[0]&0x08 != 0
+	p.E = packet[0]&0x04 != 0
+	p.V = packet[0]&0x02 != 0
+	p.Z = packet[0]&0x01 != 0
+
+	pos := 1
+	var err error
+
+	if p.I {
+		pos, err = p.parsePictureID(packet, pos)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if p.L {
+		pos, err = p.parseLayerInfo(packet, pos)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if p.F && p.P {
+		pos, err = p.parseRefIndices(packet, pos)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if p.V {
+		pos, err = p.parseSSData(packet, pos)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	p.Payload = packet[pos:]
+	return p.Payload, nil
+}
+
+// Picture ID:
+/*
+*      +-+-+-+-+-+-+-+-+
+* I:   |M| PICTURE ID  |   M:0 => picture id is 7 bits.
+*      +-+-+-+-+-+-+-+-+   M:1 => picture id is 15 bits.
+* M:   | EXTENDED PID  |
+*      +-+-+-+-+-+-+-+-+
+**/
+func (p *VP9Packet) parsePictureID(packet []byte, pos int) (int, error) {
+	if len(packet) <= pos {
+		return pos, errShortPacket
+	}
+
+	p.PictureID = uint16(packet[pos] & 0x7F)
+	if packet[pos]&0x80 != 0 {
+		pos++
+		if len(packet) <= pos {
+			return pos, errShortPacket
+		}
+		p.PictureID = p.PictureID<<8 | uint16(packet[pos])
+	}
+	pos++
+	return pos, nil
+}
+
+func (p *VP9Packet) parseLayerInfo(packet []byte, pos int) (int, error) {
+	pos, err := p.parseLayerInfoCommon(packet, pos)
+	if err != nil {
+		return pos, err
+	}
+
+	if p.F {
+		return pos, nil
+	}
+
+	return p.parseLayerInfoNonFlexibleMode(packet, pos)
+}
+
+// Layer indices (flexible mode):
+/*
+*      +-+-+-+-+-+-+-+-+
+* L:   |  T  |U|  S  |D|
+*      +-+-+-+-+-+-+-+-+
+**/
+func (p *VP9Packet) parseLayerInfoCommon(packet []byte, pos int) (int, error) {
+	if len(packet) <= pos {
+		return pos, errShortPacket
+	}
+
+	p.TID = packet[pos] >> 5
+	p.U = packet[pos]&0x10 != 0
+	p.SID = (packet[pos] >> 1) & 0x7
+	p.D = packet[pos]&0x01 != 0
+
+	if p.SID >= maxSpatialLayers {
+		return pos, errTooManySpatialLayers
+	}
+
+	pos++
+	return pos, nil
+}
+
+// Layer indices (non-flexible mode):
+/*
+*      +-+-+-+-+-+-+-+-+
+* L:   |  T  |U|  S  |D|
+*      +-+-+-+-+-+-+-+-+
+*      |   TL0PICIDX   |
+*      +-+-+-+-+-+-+-+-+
+**/
+func (p *VP9Packet) parseLayerInfoNonFlexibleMode(packet []byte, pos int) (int, error) {
+	if len(packet) <= pos {
+		return pos, errShortPacket
+	}
+
+	p.TL0PICIDX = packet[pos]
+	pos++
+	return pos, nil
+}
+
+// Reference indices:
+/*
+*      +-+-+-+-+-+-+-+-+                P=1,F=1: At least one reference index
+* P,F: | P_DIFF      |N|  up to 3 times          has to be specified.
+*      +-+-+-+-+-+-+-+-+                    N=1: An additional P_DIFF follows
+*                                              current P_DIFF.
+**/
+func (p *VP9Packet) parseRefIndices(packet []byte, pos int) (int, error) {
+	for {
+		if len(packet) <= pos {
+			return pos, errShortPacket
+		}
+		p.PDiff = append(p.PDiff, packet[pos]>>1)
+		if packet[pos]&0x01 == 0 {
+			break
+		}
+		if len(p.PDiff) >= maxVP9RefPics {
+			return pos, errTooManyPDiff
+		}
+		pos++
+	}
+	pos++
+
+	return pos, nil
+}
+
+// Scalability structure (SS):
+/*
+*      +-+-+-+-+-+-+-+-+
+* V:   | N_S |Y|G|-|-|-|
+*      +-+-+-+-+-+-+-+-+              -|
+* Y:   |     WIDTH     | (OPTIONAL)    .
+*      +               .
+*      |               | (OPTIONAL)    .
+*      +-+-+-+-+-+-+-+-+               . N_S + 1 times
+*      |     HEIGHT    | (OPTIONAL)    .
+*      +               .
+*      |               | (OPTIONAL)    .
+*      +-+-+-+-+-+-+-+-+              -|
+* G:   |      N_G      | (OPTIONAL)
+*      +-+-+-+-+-+-+-+-+                           -|
+* N_G: |  T  |U| R |-|-| (OPTIONAL)                 .
+*      +-+-+-+-+-+-+-+-+              -|            . N_G times
+*      |    P_DIFF     | (OPTIONAL)    . R times    .
+*      +-+-+-+-+-+-+-+-+              -|           -|
+**/
+func (p *VP9Packet) parseSSData(packet []byte, pos int) (int, error) {
+	if len(packet) <= pos {
+		return pos, errShortPacket
+	}
+
+	p.NS = packet[pos] >> 5
+	p.Y = packet[pos]&0x10 != 0
+	p.G = (packet[pos]>>1)&0x7 != 0
+	pos++
+
+	NS := p.NS + 1
+	p.NG = 0
+
+	if p.Y {
+		p.Width = make([]uint16, NS)
+		p.Height = make([]uint16, NS)
+		for i := 0; i < int(NS); i++ {
+			if len(packet) <= (pos + 3) {
+				return pos, errShortPacket
+			}
+
+			p.Width[i] = uint16(packet[pos])<<8 | uint16(packet[pos+1])
+			pos += 2
+			p.Height[i] = uint16(packet[pos])<<8 | uint16(packet[pos+1])
+			pos += 2
+		}
+	}
+
+	if p.G {
+		if len(packet) <= pos {
+			return pos, errShortPacket
+		}
+
+		p.NG = packet[pos]
+		pos++
+	}
+
+	for i := 0; i < int(p.NG); i++ {
+		if len(packet) <= pos {
+			return pos, errShortPacket
+		}
+
+		p.PGTID = append(p.PGTID, packet[pos]>>5)
+		p.PGU = append(p.PGU, packet[pos]&0x10 != 0)
+		R := (packet[pos] >> 2) & 0x3
+		pos++
+
+		p.PGPDiff = append(p.PGPDiff, []uint8{})
+
+		if len(packet) <= (pos + int(R) - 1) {
+			return pos, errShortPacket
+		}
+
+		for j := 0; j < int(R); j++ {
+			p.PGPDiff[i] = append(p.PGPDiff[i], packet[pos])
+			pos++
+		}
+	}
+
+	return pos, nil
+}
+
+// VP9PartitionHeadChecker checks VP9 partition head.
+//
+// Deprecated: replaced by VP9Packet.IsPartitionHead()
+type VP9PartitionHeadChecker struct{}
+
+// IsPartitionHead checks whether if this is a head of the VP9 partition.
+//
+// Deprecated: replaced by VP9Packet.IsPartitionHead()
+func (*VP9PartitionHeadChecker) IsPartitionHead(packet []byte) bool {
+	return (&VP9Packet{}).IsPartitionHead(packet)
+}
+
+// IsPartitionHead checks whether if this is a head of the VP9 partition
+func (*VP9Packet) IsPartitionHead(payload []byte) bool {
+	if len(payload) < 1 {
+		return false
+	}
+	return (payload[0] & 0x08) != 0
+}
diff --git a/server/vendor/github.com/pion/rtp/depacketizer.go b/server/vendor/github.com/pion/rtp/depacketizer.go
new file mode 100644
index 0000000..d10ad89
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/depacketizer.go
@@ -0,0 +1,20 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+// Depacketizer depacketizes a RTP payload, removing any RTP specific data from the payload
+type Depacketizer interface {
+	// Unmarshal parses the RTP payload and returns media.
+	// Metadata may be stored on the Depacketizer itself
+	Unmarshal(packet []byte) ([]byte, error)
+
+	// Checks if the packet is at the beginning of a partition.  This
+	// should return false if the result could not be determined, in
+	// which case the caller will detect timestamp discontinuities.
+	IsPartitionHead(payload []byte) bool
+
+	// Checks if the packet is at the end of a partition.  This should
+	// return false if the result could not be determined.
+	IsPartitionTail(marker bool, payload []byte) bool
+}
diff --git a/server/vendor/github.com/pion/rtp/error.go b/server/vendor/github.com/pion/rtp/error.go
new file mode 100644
index 0000000..ac3ece4
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/error.go
@@ -0,0 +1,26 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"errors"
+)
+
+var (
+	errHeaderSizeInsufficient             = errors.New("RTP header size insufficient")
+	errHeaderSizeInsufficientForExtension = errors.New("RTP header size insufficient for extension")
+	errTooSmall                           = errors.New("buffer too small")
+	errHeaderExtensionsNotEnabled         = errors.New("h.Extension not enabled")
+	errHeaderExtensionNotFound            = errors.New("extension not found")
+
+	errRFC8285OneByteHeaderIDRange = errors.New("header extension id must be between 1 and 14 for RFC 5285 one byte extensions")
+	errRFC8285OneByteHeaderSize    = errors.New("header extension payload must be 16bytes or less for RFC 5285 one byte extensions")
+
+	errRFC8285TwoByteHeaderIDRange = errors.New("header extension id must be between 1 and 255 for RFC 5285 two byte extensions")
+	errRFC8285TwoByteHeaderSize    = errors.New("header extension payload must be 255bytes or less for RFC 5285 two byte extensions")
+
+	errRFC3550HeaderIDRange = errors.New("header extension id must be 0 for non-RFC 5285 extensions")
+
+	errInvalidRTPPadding = errors.New("invalid RTP padding")
+)
diff --git a/server/vendor/github.com/pion/rtp/header_extension.go b/server/vendor/github.com/pion/rtp/header_extension.go
new file mode 100644
index 0000000..fe54215
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/header_extension.go
@@ -0,0 +1,353 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"encoding/binary"
+	"fmt"
+	"io"
+)
+
+const (
+	headerExtensionProfileOneByte = 0xBEDE
+	headerExtensionProfileTwoByte = 0x1000
+	headerExtensionIDReserved     = 0xF
+)
+
+// HeaderExtension represents an RTP extension header.
+type HeaderExtension interface {
+	Set(id uint8, payload []byte) error
+	GetIDs() []uint8
+	Get(id uint8) []byte
+	Del(id uint8) error
+
+	Unmarshal(buf []byte) (int, error)
+	Marshal() ([]byte, error)
+	MarshalTo(buf []byte) (int, error)
+	MarshalSize() int
+}
+
+// OneByteHeaderExtension is an RFC8285 one-byte header extension.
+type OneByteHeaderExtension struct {
+	payload []byte
+}
+
+// Set sets the extension payload for the specified ID.
+func (e *OneByteHeaderExtension) Set(id uint8, buf []byte) error {
+	if id < 1 || id > 14 {
+		return fmt.Errorf("%w actual(%d)", errRFC8285OneByteHeaderIDRange, id)
+	}
+	if len(buf) > 16 {
+		return fmt.Errorf("%w actual(%d)", errRFC8285OneByteHeaderSize, len(buf))
+	}
+
+	for n := 4; n < len(e.payload); {
+		if e.payload[n] == 0x00 { // padding
+			n++
+			continue
+		}
+
+		extid := e.payload[n] >> 4
+		payloadLen := int(e.payload[n]&^0xF0 + 1)
+		n++
+
+		if extid == id {
+			e.payload = append(e.payload[:n+1], append(buf, e.payload[n+1+payloadLen:]...)...)
+			return nil
+		}
+		n += payloadLen
+	}
+	e.payload = append(e.payload, (id<<4 | uint8(len(buf)-1)))
+	e.payload = append(e.payload, buf...)
+	binary.BigEndian.PutUint16(e.payload[2:4], binary.BigEndian.Uint16(e.payload[2:4])+1)
+	return nil
+}
+
+// GetIDs returns the available IDs.
+func (e *OneByteHeaderExtension) GetIDs() []uint8 {
+	ids := make([]uint8, 0, binary.BigEndian.Uint16(e.payload[2:4]))
+	for n := 4; n < len(e.payload); {
+		if e.payload[n] == 0x00 { // padding
+			n++
+			continue
+		}
+
+		extid := e.payload[n] >> 4
+		payloadLen := int(e.payload[n]&^0xF0 + 1)
+		n++
+
+		if extid == headerExtensionIDReserved {
+			break
+		}
+
+		ids = append(ids, extid)
+		n += payloadLen
+	}
+	return ids
+}
+
+// Get returns the payload of the extension with the given ID.
+func (e *OneByteHeaderExtension) Get(id uint8) []byte {
+	for n := 4; n < len(e.payload); {
+		if e.payload[n] == 0x00 { // padding
+			n++
+			continue
+		}
+
+		extid := e.payload[n] >> 4
+		payloadLen := int(e.payload[n]&^0xF0 + 1)
+		n++
+
+		if extid == id {
+			return e.payload[n : n+payloadLen]
+		}
+		n += payloadLen
+	}
+	return nil
+}
+
+// Del deletes the extension with the specified ID.
+func (e *OneByteHeaderExtension) Del(id uint8) error {
+	for n := 4; n < len(e.payload); {
+		if e.payload[n] == 0x00 { // padding
+			n++
+			continue
+		}
+
+		extid := e.payload[n] >> 4
+		payloadLen := int(e.payload[n]&^0xF0 + 1)
+
+		if extid == id {
+			e.payload = append(e.payload[:n], e.payload[n+1+payloadLen:]...)
+			return nil
+		}
+		n += payloadLen + 1
+	}
+	return errHeaderExtensionNotFound
+}
+
+// Unmarshal parses the extension payload.
+func (e *OneByteHeaderExtension) Unmarshal(buf []byte) (int, error) {
+	profile := binary.BigEndian.Uint16(buf[0:2])
+	if profile != headerExtensionProfileOneByte {
+		return 0, fmt.Errorf("%w actual(%x)", errHeaderExtensionNotFound, buf[0:2])
+	}
+	e.payload = buf
+	return len(buf), nil
+}
+
+// Marshal returns the extension payload.
+func (e OneByteHeaderExtension) Marshal() ([]byte, error) {
+	return e.payload, nil
+}
+
+// MarshalTo writes the extension payload to the given buffer.
+func (e OneByteHeaderExtension) MarshalTo(buf []byte) (int, error) {
+	size := e.MarshalSize()
+	if size > len(buf) {
+		return 0, io.ErrShortBuffer
+	}
+	return copy(buf, e.payload), nil
+}
+
+// MarshalSize returns the size of the extension payload.
+func (e OneByteHeaderExtension) MarshalSize() int {
+	return len(e.payload)
+}
+
+// TwoByteHeaderExtension is an RFC8285 two-byte header extension.
+type TwoByteHeaderExtension struct {
+	payload []byte
+}
+
+// Set sets the extension payload for the specified ID.
+func (e *TwoByteHeaderExtension) Set(id uint8, buf []byte) error {
+	if id < 1 || id > 255 {
+		return fmt.Errorf("%w actual(%d)", errRFC8285TwoByteHeaderIDRange, id)
+	}
+	if len(buf) > 255 {
+		return fmt.Errorf("%w actual(%d)", errRFC8285TwoByteHeaderSize, len(buf))
+	}
+
+	for n := 4; n < len(e.payload); {
+		if e.payload[n] == 0x00 { // padding
+			n++
+			continue
+		}
+
+		extid := e.payload[n]
+		n++
+
+		payloadLen := int(e.payload[n])
+		n++
+
+		if extid == id {
+			e.payload = append(e.payload[:n+2], append(buf, e.payload[n+2+payloadLen:]...)...)
+			return nil
+		}
+		n += payloadLen
+	}
+	e.payload = append(e.payload, id, uint8(len(buf)))
+	e.payload = append(e.payload, buf...)
+	binary.BigEndian.PutUint16(e.payload[2:4], binary.BigEndian.Uint16(e.payload[2:4])+1)
+	return nil
+}
+
+// GetIDs returns the available IDs.
+func (e *TwoByteHeaderExtension) GetIDs() []uint8 {
+	ids := make([]uint8, 0, binary.BigEndian.Uint16(e.payload[2:4]))
+	for n := 4; n < len(e.payload); {
+		if e.payload[n] == 0x00 { // padding
+			n++
+			continue
+		}
+
+		extid := e.payload[n]
+		n++
+
+		payloadLen := int(e.payload[n])
+		n++
+
+		ids = append(ids, extid)
+		n += payloadLen
+	}
+	return ids
+}
+
+// Get returns the payload of the extension with the given ID.
+func (e *TwoByteHeaderExtension) Get(id uint8) []byte {
+	for n := 4; n < len(e.payload); {
+		if e.payload[n] == 0x00 { // padding
+			n++
+			continue
+		}
+
+		extid := e.payload[n]
+		n++
+
+		payloadLen := int(e.payload[n])
+		n++
+
+		if extid == id {
+			return e.payload[n : n+payloadLen]
+		}
+		n += payloadLen
+	}
+	return nil
+}
+
+// Del deletes the extension with the specified ID.
+func (e *TwoByteHeaderExtension) Del(id uint8) error {
+	for n := 4; n < len(e.payload); {
+		if e.payload[n] == 0x00 { // padding
+			n++
+			continue
+		}
+
+		extid := e.payload[n]
+
+		payloadLen := int(e.payload[n+1])
+
+		if extid == id {
+			e.payload = append(e.payload[:n], e.payload[n+2+payloadLen:]...)
+			return nil
+		}
+		n += payloadLen + 2
+	}
+	return errHeaderExtensionNotFound
+}
+
+// Unmarshal parses the extension payload.
+func (e *TwoByteHeaderExtension) Unmarshal(buf []byte) (int, error) {
+	profile := binary.BigEndian.Uint16(buf[0:2])
+	if profile != headerExtensionProfileTwoByte {
+		return 0, fmt.Errorf("%w actual(%x)", errHeaderExtensionNotFound, buf[0:2])
+	}
+	e.payload = buf
+	return len(buf), nil
+}
+
+// Marshal returns the extension payload.
+func (e TwoByteHeaderExtension) Marshal() ([]byte, error) {
+	return e.payload, nil
+}
+
+// MarshalTo marshals the extension to the given buffer.
+func (e TwoByteHeaderExtension) MarshalTo(buf []byte) (int, error) {
+	size := e.MarshalSize()
+	if size > len(buf) {
+		return 0, io.ErrShortBuffer
+	}
+	return copy(buf, e.payload), nil
+}
+
+// MarshalSize returns the size of the extension payload.
+func (e TwoByteHeaderExtension) MarshalSize() int {
+	return len(e.payload)
+}
+
+// RawExtension represents an RFC3550 header extension.
+type RawExtension struct {
+	payload []byte
+}
+
+// Set sets the extension payload for the specified ID.
+func (e *RawExtension) Set(id uint8, payload []byte) error {
+	if id != 0 {
+		return fmt.Errorf("%w actual(%d)", errRFC3550HeaderIDRange, id)
+	}
+	e.payload = payload
+	return nil
+}
+
+// GetIDs returns the available IDs.
+func (e *RawExtension) GetIDs() []uint8 {
+	return []uint8{0}
+}
+
+// Get returns the payload of the extension with the given ID.
+func (e *RawExtension) Get(id uint8) []byte {
+	if id == 0 {
+		return e.payload
+	}
+	return nil
+}
+
+// Del deletes the extension with the specified ID.
+func (e *RawExtension) Del(id uint8) error {
+	if id == 0 {
+		e.payload = nil
+		return nil
+	}
+	return fmt.Errorf("%w actual(%d)", errRFC3550HeaderIDRange, id)
+}
+
+// Unmarshal parses the extension from the given buffer.
+func (e *RawExtension) Unmarshal(buf []byte) (int, error) {
+	profile := binary.BigEndian.Uint16(buf[0:2])
+	if profile == headerExtensionProfileOneByte || profile == headerExtensionProfileTwoByte {
+		return 0, fmt.Errorf("%w actual(%x)", errHeaderExtensionNotFound, buf[0:2])
+	}
+	e.payload = buf
+	return len(buf), nil
+}
+
+// Marshal returns the raw extension payload.
+func (e RawExtension) Marshal() ([]byte, error) {
+	return e.payload, nil
+}
+
+// MarshalTo marshals the extension to the given buffer.
+func (e RawExtension) MarshalTo(buf []byte) (int, error) {
+	size := e.MarshalSize()
+	if size > len(buf) {
+		return 0, io.ErrShortBuffer
+	}
+	return copy(buf, e.payload), nil
+}
+
+// MarshalSize returns the size of the extension when marshaled.
+func (e RawExtension) MarshalSize() int {
+	return len(e.payload)
+}
diff --git a/server/vendor/github.com/pion/rtp/packet.go b/server/vendor/github.com/pion/rtp/packet.go
new file mode 100644
index 0000000..61d341d
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/packet.go
@@ -0,0 +1,540 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"encoding/binary"
+	"fmt"
+	"io"
+)
+
+// Extension RTP Header extension
+type Extension struct {
+	id      uint8
+	payload []byte
+}
+
+// Header represents an RTP packet header
+type Header struct {
+	Version          uint8
+	Padding          bool
+	Extension        bool
+	Marker           bool
+	PayloadType      uint8
+	SequenceNumber   uint16
+	Timestamp        uint32
+	SSRC             uint32
+	CSRC             []uint32
+	ExtensionProfile uint16
+	Extensions       []Extension
+
+	// Deprecated: will be removed in a future version.
+	PayloadOffset int
+}
+
+// Packet represents an RTP Packet
+type Packet struct {
+	Header
+	Payload     []byte
+	PaddingSize byte
+
+	// Deprecated: will be removed in a future version.
+	Raw []byte
+}
+
+const (
+	headerLength            = 4
+	versionShift            = 6
+	versionMask             = 0x3
+	paddingShift            = 5
+	paddingMask             = 0x1
+	extensionShift          = 4
+	extensionMask           = 0x1
+	extensionProfileOneByte = 0xBEDE
+	extensionProfileTwoByte = 0x1000
+	extensionIDReserved     = 0xF
+	ccMask                  = 0xF
+	markerShift             = 7
+	markerMask              = 0x1
+	ptMask                  = 0x7F
+	seqNumOffset            = 2
+	seqNumLength            = 2
+	timestampOffset         = 4
+	timestampLength         = 4
+	ssrcOffset              = 8
+	ssrcLength              = 4
+	csrcOffset              = 12
+	csrcLength              = 4
+)
+
+// String helps with debugging by printing packet information in a readable way
+func (p Packet) String() string {
+	out := "RTP PACKET:\n"
+
+	out += fmt.Sprintf("\tVersion: %v\n", p.Version)
+	out += fmt.Sprintf("\tMarker: %v\n", p.Marker)
+	out += fmt.Sprintf("\tPayload Type: %d\n", p.PayloadType)
+	out += fmt.Sprintf("\tSequence Number: %d\n", p.SequenceNumber)
+	out += fmt.Sprintf("\tTimestamp: %d\n", p.Timestamp)
+	out += fmt.Sprintf("\tSSRC: %d (%x)\n", p.SSRC, p.SSRC)
+	out += fmt.Sprintf("\tPayload Length: %d\n", len(p.Payload))
+
+	return out
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the Header.
+// It returns the number of bytes read n and any error.
+func (h *Header) Unmarshal(buf []byte) (n int, err error) { //nolint:gocognit
+	if len(buf) < headerLength {
+		return 0, fmt.Errorf("%w: %d < %d", errHeaderSizeInsufficient, len(buf), headerLength)
+	}
+
+	/*
+	 *  0                   1                   2                   3
+	 *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |V=2|P|X|  CC   |M|     PT      |       sequence number         |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |                           timestamp                           |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |           synchronization source (SSRC) identifier            |
+	 * +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * |            contributing source (CSRC) identifiers             |
+	 * |                             ....                              |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	h.Version = buf[0] >> versionShift & versionMask
+	h.Padding = (buf[0] >> paddingShift & paddingMask) > 0
+	h.Extension = (buf[0] >> extensionShift & extensionMask) > 0
+	nCSRC := int(buf[0] & ccMask)
+	if cap(h.CSRC) < nCSRC || h.CSRC == nil {
+		h.CSRC = make([]uint32, nCSRC)
+	} else {
+		h.CSRC = h.CSRC[:nCSRC]
+	}
+
+	n = csrcOffset + (nCSRC * csrcLength)
+	if len(buf) < n {
+		return n, fmt.Errorf("size %d < %d: %w", len(buf), n,
+			errHeaderSizeInsufficient)
+	}
+
+	h.Marker = (buf[1] >> markerShift & markerMask) > 0
+	h.PayloadType = buf[1] & ptMask
+
+	h.SequenceNumber = binary.BigEndian.Uint16(buf[seqNumOffset : seqNumOffset+seqNumLength])
+	h.Timestamp = binary.BigEndian.Uint32(buf[timestampOffset : timestampOffset+timestampLength])
+	h.SSRC = binary.BigEndian.Uint32(buf[ssrcOffset : ssrcOffset+ssrcLength])
+
+	for i := range h.CSRC {
+		offset := csrcOffset + (i * csrcLength)
+		h.CSRC[i] = binary.BigEndian.Uint32(buf[offset:])
+	}
+
+	if h.Extensions != nil {
+		h.Extensions = h.Extensions[:0]
+	}
+
+	if h.Extension {
+		if expected := n + 4; len(buf) < expected {
+			return n, fmt.Errorf("size %d < %d: %w",
+				len(buf), expected,
+				errHeaderSizeInsufficientForExtension,
+			)
+		}
+
+		h.ExtensionProfile = binary.BigEndian.Uint16(buf[n:])
+		n += 2
+		extensionLength := int(binary.BigEndian.Uint16(buf[n:])) * 4
+		n += 2
+		extensionEnd := n + extensionLength
+
+		if len(buf) < extensionEnd {
+			return n, fmt.Errorf("size %d < %d: %w", len(buf), extensionEnd, errHeaderSizeInsufficientForExtension)
+		}
+
+		if h.ExtensionProfile == extensionProfileOneByte || h.ExtensionProfile == extensionProfileTwoByte {
+			var (
+				extid      uint8
+				payloadLen int
+			)
+
+			for n < extensionEnd {
+				if buf[n] == 0x00 { // padding
+					n++
+					continue
+				}
+
+				if h.ExtensionProfile == extensionProfileOneByte {
+					extid = buf[n] >> 4
+					payloadLen = int(buf[n]&^0xF0 + 1)
+					n++
+
+					if extid == extensionIDReserved {
+						break
+					}
+				} else {
+					extid = buf[n]
+					n++
+
+					if len(buf) <= n {
+						return n, fmt.Errorf("size %d < %d: %w", len(buf), n, errHeaderSizeInsufficientForExtension)
+					}
+
+					payloadLen = int(buf[n])
+					n++
+				}
+
+				if extensionPayloadEnd := n + payloadLen; len(buf) <= extensionPayloadEnd {
+					return n, fmt.Errorf("size %d < %d: %w", len(buf), extensionPayloadEnd, errHeaderSizeInsufficientForExtension)
+				}
+
+				extension := Extension{id: extid, payload: buf[n : n+payloadLen]}
+				h.Extensions = append(h.Extensions, extension)
+				n += payloadLen
+			}
+		} else {
+			// RFC3550 Extension
+			extension := Extension{id: 0, payload: buf[n:extensionEnd]}
+			h.Extensions = append(h.Extensions, extension)
+			n += len(h.Extensions[0].payload)
+		}
+	}
+
+	return n, nil
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the Packet.
+func (p *Packet) Unmarshal(buf []byte) error {
+	n, err := p.Header.Unmarshal(buf)
+	if err != nil {
+		return err
+	}
+
+	end := len(buf)
+	if p.Header.Padding {
+		if end <= n {
+			return errTooSmall
+		}
+		p.PaddingSize = buf[end-1]
+		end -= int(p.PaddingSize)
+	}
+	if end < n {
+		return errTooSmall
+	}
+
+	p.Payload = buf[n:end]
+
+	return nil
+}
+
+// Marshal serializes the header into bytes.
+func (h Header) Marshal() (buf []byte, err error) {
+	buf = make([]byte, h.MarshalSize())
+
+	n, err := h.MarshalTo(buf)
+	if err != nil {
+		return nil, err
+	}
+
+	return buf[:n], nil
+}
+
+// MarshalTo serializes the header and writes to the buffer.
+func (h Header) MarshalTo(buf []byte) (n int, err error) {
+	/*
+	 *  0                   1                   2                   3
+	 *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |V=2|P|X|  CC   |M|     PT      |       sequence number         |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |                           timestamp                           |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 * |           synchronization source (SSRC) identifier            |
+	 * +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+	 * |            contributing source (CSRC) identifiers             |
+	 * |                             ....                              |
+	 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	 */
+
+	size := h.MarshalSize()
+	if size > len(buf) {
+		return 0, io.ErrShortBuffer
+	}
+
+	// The first byte contains the version, padding bit, extension bit,
+	// and csrc size.
+	buf[0] = (h.Version << versionShift) | uint8(len(h.CSRC))
+	if h.Padding {
+		buf[0] |= 1 << paddingShift
+	}
+
+	if h.Extension {
+		buf[0] |= 1 << extensionShift
+	}
+
+	// The second byte contains the marker bit and payload type.
+	buf[1] = h.PayloadType
+	if h.Marker {
+		buf[1] |= 1 << markerShift
+	}
+
+	binary.BigEndian.PutUint16(buf[2:4], h.SequenceNumber)
+	binary.BigEndian.PutUint32(buf[4:8], h.Timestamp)
+	binary.BigEndian.PutUint32(buf[8:12], h.SSRC)
+
+	n = 12
+	for _, csrc := range h.CSRC {
+		binary.BigEndian.PutUint32(buf[n:n+4], csrc)
+		n += 4
+	}
+
+	if h.Extension {
+		extHeaderPos := n
+		binary.BigEndian.PutUint16(buf[n+0:n+2], h.ExtensionProfile)
+		n += 4
+		startExtensionsPos := n
+
+		switch h.ExtensionProfile {
+		// RFC 8285 RTP One Byte Header Extension
+		case extensionProfileOneByte:
+			for _, extension := range h.Extensions {
+				buf[n] = extension.id<<4 | (uint8(len(extension.payload)) - 1)
+				n++
+				n += copy(buf[n:], extension.payload)
+			}
+		// RFC 8285 RTP Two Byte Header Extension
+		case extensionProfileTwoByte:
+			for _, extension := range h.Extensions {
+				buf[n] = extension.id
+				n++
+				buf[n] = uint8(len(extension.payload))
+				n++
+				n += copy(buf[n:], extension.payload)
+			}
+		default: // RFC3550 Extension
+			extlen := len(h.Extensions[0].payload)
+			if extlen%4 != 0 {
+				// the payload must be in 32-bit words.
+				return 0, io.ErrShortBuffer
+			}
+			n += copy(buf[n:], h.Extensions[0].payload)
+		}
+
+		// calculate extensions size and round to 4 bytes boundaries
+		extSize := n - startExtensionsPos
+		roundedExtSize := ((extSize + 3) / 4) * 4
+
+		binary.BigEndian.PutUint16(buf[extHeaderPos+2:extHeaderPos+4], uint16(roundedExtSize/4))
+
+		// add padding to reach 4 bytes boundaries
+		for i := 0; i < roundedExtSize-extSize; i++ {
+			buf[n] = 0
+			n++
+		}
+	}
+
+	return n, nil
+}
+
+// MarshalSize returns the size of the header once marshaled.
+func (h Header) MarshalSize() int {
+	// NOTE: Be careful to match the MarshalTo() method.
+	size := 12 + (len(h.CSRC) * csrcLength)
+
+	if h.Extension {
+		extSize := 4
+
+		switch h.ExtensionProfile {
+		// RFC 8285 RTP One Byte Header Extension
+		case extensionProfileOneByte:
+			for _, extension := range h.Extensions {
+				extSize += 1 + len(extension.payload)
+			}
+		// RFC 8285 RTP Two Byte Header Extension
+		case extensionProfileTwoByte:
+			for _, extension := range h.Extensions {
+				extSize += 2 + len(extension.payload)
+			}
+		default:
+			extSize += len(h.Extensions[0].payload)
+		}
+
+		// extensions size must have 4 bytes boundaries
+		size += ((extSize + 3) / 4) * 4
+	}
+
+	return size
+}
+
+// SetExtension sets an RTP header extension
+func (h *Header) SetExtension(id uint8, payload []byte) error { //nolint:gocognit
+	if h.Extension {
+		switch h.ExtensionProfile {
+		// RFC 8285 RTP One Byte Header Extension
+		case extensionProfileOneByte:
+			if id < 1 || id > 14 {
+				return fmt.Errorf("%w actual(%d)", errRFC8285OneByteHeaderIDRange, id)
+			}
+			if len(payload) > 16 {
+				return fmt.Errorf("%w actual(%d)", errRFC8285OneByteHeaderSize, len(payload))
+			}
+		// RFC 8285 RTP Two Byte Header Extension
+		case extensionProfileTwoByte:
+			if id < 1 || id > 255 {
+				return fmt.Errorf("%w actual(%d)", errRFC8285TwoByteHeaderIDRange, id)
+			}
+			if len(payload) > 255 {
+				return fmt.Errorf("%w actual(%d)", errRFC8285TwoByteHeaderSize, len(payload))
+			}
+		default: // RFC3550 Extension
+			if id != 0 {
+				return fmt.Errorf("%w actual(%d)", errRFC3550HeaderIDRange, id)
+			}
+		}
+
+		// Update existing if it exists else add new extension
+		for i, extension := range h.Extensions {
+			if extension.id == id {
+				h.Extensions[i].payload = payload
+				return nil
+			}
+		}
+		h.Extensions = append(h.Extensions, Extension{id: id, payload: payload})
+		return nil
+	}
+
+	// No existing header extensions
+	h.Extension = true
+
+	switch payloadLen := len(payload); {
+	case payloadLen <= 16:
+		h.ExtensionProfile = extensionProfileOneByte
+	case payloadLen > 16 && payloadLen < 256:
+		h.ExtensionProfile = extensionProfileTwoByte
+	}
+
+	h.Extensions = append(h.Extensions, Extension{id: id, payload: payload})
+	return nil
+}
+
+// GetExtensionIDs returns an extension id array
+func (h *Header) GetExtensionIDs() []uint8 {
+	if !h.Extension {
+		return nil
+	}
+
+	if len(h.Extensions) == 0 {
+		return nil
+	}
+
+	ids := make([]uint8, 0, len(h.Extensions))
+	for _, extension := range h.Extensions {
+		ids = append(ids, extension.id)
+	}
+	return ids
+}
+
+// GetExtension returns an RTP header extension
+func (h *Header) GetExtension(id uint8) []byte {
+	if !h.Extension {
+		return nil
+	}
+	for _, extension := range h.Extensions {
+		if extension.id == id {
+			return extension.payload
+		}
+	}
+	return nil
+}
+
+// DelExtension Removes an RTP Header extension
+func (h *Header) DelExtension(id uint8) error {
+	if !h.Extension {
+		return errHeaderExtensionsNotEnabled
+	}
+	for i, extension := range h.Extensions {
+		if extension.id == id {
+			h.Extensions = append(h.Extensions[:i], h.Extensions[i+1:]...)
+			return nil
+		}
+	}
+	return errHeaderExtensionNotFound
+}
+
+// Marshal serializes the packet into bytes.
+func (p Packet) Marshal() (buf []byte, err error) {
+	buf = make([]byte, p.MarshalSize())
+
+	n, err := p.MarshalTo(buf)
+	if err != nil {
+		return nil, err
+	}
+
+	return buf[:n], nil
+}
+
+// MarshalTo serializes the packet and writes to the buffer.
+func (p *Packet) MarshalTo(buf []byte) (n int, err error) {
+	if p.Header.Padding && p.PaddingSize == 0 {
+		return 0, errInvalidRTPPadding
+	}
+
+	n, err = p.Header.MarshalTo(buf)
+	if err != nil {
+		return 0, err
+	}
+
+	// Make sure the buffer is large enough to hold the packet.
+	if n+len(p.Payload)+int(p.PaddingSize) > len(buf) {
+		return 0, io.ErrShortBuffer
+	}
+
+	m := copy(buf[n:], p.Payload)
+
+	if p.Header.Padding {
+		buf[n+m+int(p.PaddingSize-1)] = p.PaddingSize
+	}
+
+	return n + m + int(p.PaddingSize), nil
+}
+
+// MarshalSize returns the size of the packet once marshaled.
+func (p Packet) MarshalSize() int {
+	return p.Header.MarshalSize() + len(p.Payload) + int(p.PaddingSize)
+}
+
+// Clone returns a deep copy of p.
+func (p Packet) Clone() *Packet {
+	clone := &Packet{}
+	clone.Header = p.Header.Clone()
+	if p.Payload != nil {
+		clone.Payload = make([]byte, len(p.Payload))
+		copy(clone.Payload, p.Payload)
+	}
+	clone.PaddingSize = p.PaddingSize
+	return clone
+}
+
+// Clone returns a deep copy h.
+func (h Header) Clone() Header {
+	clone := h
+	if h.CSRC != nil {
+		clone.CSRC = make([]uint32, len(h.CSRC))
+		copy(clone.CSRC, h.CSRC)
+	}
+	if h.Extensions != nil {
+		ext := make([]Extension, len(h.Extensions))
+		for i, e := range h.Extensions {
+			ext[i] = e
+			if e.payload != nil {
+				ext[i].payload = make([]byte, len(e.payload))
+				copy(ext[i].payload, e.payload)
+			}
+		}
+		clone.Extensions = ext
+	}
+	return clone
+}
diff --git a/server/vendor/github.com/pion/rtp/packetizer.go b/server/vendor/github.com/pion/rtp/packetizer.go
new file mode 100644
index 0000000..7a6a46d
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/packetizer.go
@@ -0,0 +1,138 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"time"
+)
+
+// Payloader payloads a byte array for use as rtp.Packet payloads
+type Payloader interface {
+	Payload(mtu uint16, payload []byte) [][]byte
+}
+
+// Packetizer packetizes a payload
+type Packetizer interface {
+	Packetize(payload []byte, samples uint32) []*Packet
+	GeneratePadding(samples uint32) []*Packet
+	EnableAbsSendTime(value int)
+	SkipSamples(skippedSamples uint32)
+}
+
+type packetizer struct {
+	MTU         uint16
+	PayloadType uint8
+	SSRC        uint32
+	Payloader   Payloader
+	Sequencer   Sequencer
+	Timestamp   uint32
+
+	// Deprecated: will be removed in a future version.
+	ClockRate uint32
+
+	extensionNumbers struct { // put extension numbers in here. If they're 0, the extension is disabled (0 is not a legal extension number)
+		AbsSendTime int // http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
+	}
+	timegen func() time.Time
+}
+
+// NewPacketizer returns a new instance of a Packetizer for a specific payloader
+func NewPacketizer(mtu uint16, pt uint8, ssrc uint32, payloader Payloader, sequencer Sequencer, clockRate uint32) Packetizer {
+	return &packetizer{
+		MTU:         mtu,
+		PayloadType: pt,
+		SSRC:        ssrc,
+		Payloader:   payloader,
+		Sequencer:   sequencer,
+		Timestamp:   globalMathRandomGenerator.Uint32(),
+		ClockRate:   clockRate,
+		timegen:     time.Now,
+	}
+}
+
+func (p *packetizer) EnableAbsSendTime(value int) {
+	p.extensionNumbers.AbsSendTime = value
+}
+
+// Packetize packetizes the payload of an RTP packet and returns one or more RTP packets
+func (p *packetizer) Packetize(payload []byte, samples uint32) []*Packet {
+	// Guard against an empty payload
+	if len(payload) == 0 {
+		return nil
+	}
+
+	payloads := p.Payloader.Payload(p.MTU-12, payload)
+	packets := make([]*Packet, len(payloads))
+
+	for i, pp := range payloads {
+		packets[i] = &Packet{
+			Header: Header{
+				Version:        2,
+				Padding:        false,
+				Extension:      false,
+				Marker:         i == len(payloads)-1,
+				PayloadType:    p.PayloadType,
+				SequenceNumber: p.Sequencer.NextSequenceNumber(),
+				Timestamp:      p.Timestamp, // Figure out how to do timestamps
+				SSRC:           p.SSRC,
+				CSRC:           []uint32{},
+			},
+			Payload: pp,
+		}
+	}
+	p.Timestamp += samples
+
+	if len(packets) != 0 && p.extensionNumbers.AbsSendTime != 0 {
+		sendTime := NewAbsSendTimeExtension(p.timegen())
+		// apply http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
+		b, err := sendTime.Marshal()
+		if err != nil {
+			return nil // never happens
+		}
+		err = packets[len(packets)-1].SetExtension(uint8(p.extensionNumbers.AbsSendTime), b)
+		if err != nil {
+			return nil // never happens
+		}
+	}
+
+	return packets
+}
+
+// GeneratePadding returns required padding-only packages
+func (p *packetizer) GeneratePadding(samples uint32) []*Packet {
+	// Guard against an empty payload
+	if samples == 0 {
+		return nil
+	}
+
+	packets := make([]*Packet, samples)
+
+	for i := 0; i < int(samples); i++ {
+		pp := make([]byte, 255)
+		pp[254] = 255
+
+		packets[i] = &Packet{
+			Header: Header{
+				Version:        2,
+				Padding:        true,
+				Extension:      false,
+				Marker:         false,
+				PayloadType:    p.PayloadType,
+				SequenceNumber: p.Sequencer.NextSequenceNumber(),
+				Timestamp:      p.Timestamp, // Use latest timestamp
+				SSRC:           p.SSRC,
+				CSRC:           []uint32{},
+			},
+			Payload: pp,
+		}
+	}
+
+	return packets
+}
+
+// SkipSamples causes a gap in sample count between Packetize requests so the
+// RTP payloads produced have a gap in timestamps
+func (p *packetizer) SkipSamples(skippedSamples uint32) {
+	p.Timestamp += skippedSamples
+}
diff --git a/server/vendor/github.com/pion/rtp/partitionheadchecker.go b/server/vendor/github.com/pion/rtp/partitionheadchecker.go
new file mode 100644
index 0000000..6f05aa5
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/partitionheadchecker.go
@@ -0,0 +1,9 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+// PartitionHeadChecker is the interface that checks whether the packet is keyframe or not
+type PartitionHeadChecker interface {
+	IsPartitionHead([]byte) bool
+}
diff --git a/server/vendor/github.com/pion/rtp/payload_types.go b/server/vendor/github.com/pion/rtp/payload_types.go
new file mode 100644
index 0000000..a9bf227
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/payload_types.go
@@ -0,0 +1,68 @@
+// SPDX-FileCopyrightText: 2024 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+// https://www.iana.org/assignments/rtp-parameters/rtp-parameters.xhtml
+// https://en.wikipedia.org/wiki/RTP_payload_formats
+
+// Audio Payload Types as defined in https://www.iana.org/assignments/rtp-parameters/rtp-parameters.xhtml
+const (
+	// PayloadTypePCMU is a payload type for ITU-T G.711 PCM μ-Law audio 64 kbit/s (RFC 3551).
+	PayloadTypePCMU = 0
+	// PayloadTypeGSM is a payload type for European GSM Full Rate audio 13 kbit/s (GSM 06.10).
+	PayloadTypeGSM = 3
+	// PayloadTypeG723 is a payload type for ITU-T G.723.1 audio (RFC 3551).
+	PayloadTypeG723 = 4
+	// PayloadTypeDVI4_8000 is a payload type for IMA ADPCM audio 32 kbit/s (RFC 3551).
+	PayloadTypeDVI4_8000 = 5
+	// PayloadTypeDVI4_16000 is a payload type for IMA ADPCM audio 64 kbit/s (RFC 3551).
+	PayloadTypeDVI4_16000 = 6
+	// PayloadTypeLPC is a payload type for Experimental Linear Predictive Coding audio 5.6 kbit/s (RFC 3551).
+	PayloadTypeLPC = 7
+	// PayloadTypePCMA is a payload type for ITU-T G.711 PCM A-Law audio 64 kbit/s (RFC 3551).
+	PayloadTypePCMA = 8
+	// PayloadTypeG722 is a payload type for ITU-T G.722 audio 64 kbit/s (RFC 3551).
+	PayloadTypeG722 = 9
+	// PayloadTypeL16Stereo is a payload type for Linear PCM 16-bit Stereo audio 1411.2 kbit/s, uncompressed (RFC 3551).
+	PayloadTypeL16Stereo = 10
+	// PayloadTypeL16Mono is a payload type for Linear PCM 16-bit audio 705.6 kbit/s, uncompressed (RFC 3551).
+	PayloadTypeL16Mono = 11
+	// PayloadTypeQCELP is a payload type for Qualcomm Code Excited Linear Prediction (RFC 2658, RFC 3551).
+	PayloadTypeQCELP = 12
+	// PayloadTypeCN is a payload type for Comfort noise (RFC 3389).
+	PayloadTypeCN = 13
+	// PayloadTypeMPA is a payload type for MPEG-1 or MPEG-2 audio only (RFC 3551, RFC 2250).
+	PayloadTypeMPA = 14
+	// PayloadTypeG728 is a payload type for ITU-T G.728 audio 16 kbit/s (RFC 3551).
+	PayloadTypeG728 = 15
+	// PayloadTypeDVI4_11025 is a payload type for IMA ADPCM audio 44.1 kbit/s (RFC 3551).
+	PayloadTypeDVI4_11025 = 16
+	// PayloadTypeDVI4_22050 is a payload type for IMA ADPCM audio 88.2 kbit/s (RFC 3551).
+	PayloadTypeDVI4_22050 = 17
+	// PayloadTypeG729 is a payload type for ITU-T G.729 and G.729a audio 8 kbit/s (RFC 3551, RFC 3555).
+	PayloadTypeG729 = 18
+)
+
+// Video Payload Types as defined in https://www.iana.org/assignments/rtp-parameters/rtp-parameters.xhtml
+const (
+	// PayloadTypeCELLB is a payload type for Sun CellB video (RFC 2029).
+	PayloadTypeCELLB = 25
+	// PayloadTypeJPEG is a payload type for JPEG video (RFC 2435).
+	PayloadTypeJPEG = 26
+	// PayloadTypeNV is a payload type for Xerox PARC's Network Video (nv, RFC 3551).
+	PayloadTypeNV = 28
+	// PayloadTypeH261 is a payload type for ITU-T H.261 video (RFC 4587).
+	PayloadTypeH261 = 31
+	// PayloadTypeMPV is a payload type for MPEG-1 and MPEG-2 video (RFC 2250).
+	PayloadTypeMPV = 32
+	// PayloadTypeMP2T is a payload type for MPEG-2 transport stream (RFC 2250).
+	PayloadTypeMP2T = 33
+	// PayloadTypeH263 is a payload type for H.263 video, first version (1996, RFC 3551, RFC 2190).
+	PayloadTypeH263 = 34
+)
+
+const (
+	// PayloadTypeFirstDynamic is a first non-static payload type.
+	PayloadTypeFirstDynamic = 35
+)
diff --git a/server/vendor/github.com/pion/rtp/playoutdelayextension.go b/server/vendor/github.com/pion/rtp/playoutdelayextension.go
new file mode 100644
index 0000000..3882731
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/playoutdelayextension.go
@@ -0,0 +1,50 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"encoding/binary"
+	"errors"
+)
+
+const (
+	playoutDelayExtensionSize = 3
+	playoutDelayMaxValue      = (1 << 12) - 1
+)
+
+var errPlayoutDelayInvalidValue = errors.New("invalid playout delay value")
+
+// PlayoutDelayExtension is a extension payload format in
+// http://www.webrtc.org/experiments/rtp-hdrext/playout-delay
+// 0                   1                   2                   3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |  ID   | len=2 |       MIN delay       |       MAX delay       |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type PlayoutDelayExtension struct {
+	minDelay, maxDelay uint16
+}
+
+// Marshal serializes the members to buffer
+func (p PlayoutDelayExtension) Marshal() ([]byte, error) {
+	if p.minDelay > playoutDelayMaxValue || p.maxDelay > playoutDelayMaxValue {
+		return nil, errPlayoutDelayInvalidValue
+	}
+
+	return []byte{
+		byte(p.minDelay >> 4),
+		byte(p.minDelay<<4) | byte(p.maxDelay>>8),
+		byte(p.maxDelay),
+	}, nil
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the members
+func (p *PlayoutDelayExtension) Unmarshal(rawData []byte) error {
+	if len(rawData) < playoutDelayExtensionSize {
+		return errTooSmall
+	}
+	p.minDelay = binary.BigEndian.Uint16(rawData[0:2]) >> 4
+	p.maxDelay = binary.BigEndian.Uint16(rawData[1:3]) & 0x0FFF
+	return nil
+}
diff --git a/server/vendor/github.com/pion/rtp/rand.go b/server/vendor/github.com/pion/rtp/rand.go
new file mode 100644
index 0000000..3ddddd1
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/rand.go
@@ -0,0 +1,11 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"github.com/pion/randutil"
+)
+
+// Use global random generator to properly seed by crypto grade random.
+var globalMathRandomGenerator = randutil.NewMathRandomGenerator() // nolint:gochecknoglobals
diff --git a/server/vendor/github.com/pion/rtp/renovate.json b/server/vendor/github.com/pion/rtp/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/rtp/rtp.go b/server/vendor/github.com/pion/rtp/rtp.go
new file mode 100644
index 0000000..5487232
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/rtp.go
@@ -0,0 +1,5 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package rtp provides RTP packetizer and depacketizer
+package rtp
diff --git a/server/vendor/github.com/pion/rtp/sequencer.go b/server/vendor/github.com/pion/rtp/sequencer.go
new file mode 100644
index 0000000..8ad2cfd
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/sequencer.go
@@ -0,0 +1,60 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"math"
+	"sync"
+)
+
+// Sequencer generates sequential sequence numbers for building RTP packets
+type Sequencer interface {
+	NextSequenceNumber() uint16
+	RollOverCount() uint64
+}
+
+// NewRandomSequencer returns a new sequencer starting from a random sequence
+// number
+func NewRandomSequencer() Sequencer {
+	return &sequencer{
+		sequenceNumber: uint16(globalMathRandomGenerator.Intn(math.MaxUint16)),
+	}
+}
+
+// NewFixedSequencer returns a new sequencer starting from a specific
+// sequence number
+func NewFixedSequencer(s uint16) Sequencer {
+	return &sequencer{
+		sequenceNumber: s - 1, // -1 because the first sequence number prepends 1
+	}
+}
+
+type sequencer struct {
+	sequenceNumber uint16
+	rollOverCount  uint64
+	mutex          sync.Mutex
+}
+
+// NextSequenceNumber increment and returns a new sequence number for
+// building RTP packets
+func (s *sequencer) NextSequenceNumber() uint16 {
+	s.mutex.Lock()
+	defer s.mutex.Unlock()
+
+	s.sequenceNumber++
+	if s.sequenceNumber == 0 {
+		s.rollOverCount++
+	}
+
+	return s.sequenceNumber
+}
+
+// RollOverCount returns the amount of times the 16bit sequence number
+// has wrapped
+func (s *sequencer) RollOverCount() uint64 {
+	s.mutex.Lock()
+	defer s.mutex.Unlock()
+
+	return s.rollOverCount
+}
diff --git a/server/vendor/github.com/pion/rtp/transportccextension.go b/server/vendor/github.com/pion/rtp/transportccextension.go
new file mode 100644
index 0000000..c2a998c
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/transportccextension.go
@@ -0,0 +1,42 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"encoding/binary"
+)
+
+const (
+	// transport-wide sequence
+	transportCCExtensionSize = 2
+)
+
+// TransportCCExtension is a extension payload format in
+// https://tools.ietf.org/html/draft-holmer-rmcat-transport-wide-cc-extensions-01
+// 0                   1                   2                   3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |       0xBE    |    0xDE       |           length=1            |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |  ID   | L=1   |transport-wide sequence number | zero padding  |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+type TransportCCExtension struct {
+	TransportSequence uint16
+}
+
+// Marshal serializes the members to buffer
+func (t TransportCCExtension) Marshal() ([]byte, error) {
+	buf := make([]byte, transportCCExtensionSize)
+	binary.BigEndian.PutUint16(buf[0:2], t.TransportSequence)
+	return buf, nil
+}
+
+// Unmarshal parses the passed byte slice and stores the result in the members
+func (t *TransportCCExtension) Unmarshal(rawData []byte) error {
+	if len(rawData) < transportCCExtensionSize {
+		return errTooSmall
+	}
+	t.TransportSequence = binary.BigEndian.Uint16(rawData[0:2])
+	return nil
+}
diff --git a/server/vendor/github.com/pion/rtp/vlaextension.go b/server/vendor/github.com/pion/rtp/vlaextension.go
new file mode 100644
index 0000000..e10820a
--- /dev/null
+++ b/server/vendor/github.com/pion/rtp/vlaextension.go
@@ -0,0 +1,360 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package rtp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"strings"
+
+	"github.com/pion/rtp/codecs/av1/obu"
+)
+
+var (
+	ErrVLATooShort             = errors.New("VLA payload too short")           // ErrVLATooShort is returned when payload is too short
+	ErrVLAInvalidStreamCount   = errors.New("invalid RTP stream count in VLA") // ErrVLAInvalidStreamCount is returned when RTP stream count is invalid
+	ErrVLAInvalidStreamID      = errors.New("invalid RTP stream ID in VLA")    // ErrVLAInvalidStreamID is returned when RTP stream ID is invalid
+	ErrVLAInvalidSpatialID     = errors.New("invalid spatial ID in VLA")       // ErrVLAInvalidSpatialID is returned when spatial ID is invalid
+	ErrVLADuplicateSpatialID   = errors.New("duplicate spatial ID in VLA")     // ErrVLADuplicateSpatialID is returned when spatial ID is invalid
+	ErrVLAInvalidTemporalLayer = errors.New("invalid temporal layer in VLA")   // ErrVLAInvalidTemporalLayer is returned when temporal layer is invalid
+)
+
+// SpatialLayer is a spatial layer in VLA.
+type SpatialLayer struct {
+	RTPStreamID    int
+	SpatialID      int
+	TargetBitrates []int // target bitrates per temporal layer
+
+	// Following members are valid only when HasResolutionAndFramerate is true
+	Width     int
+	Height    int
+	Framerate int
+}
+
+// VLA is a Video Layer Allocation (VLA) extension.
+// See https://webrtc.googlesource.com/src/+/refs/heads/main/docs/native-code/rtp-hdrext/video-layers-allocation00
+type VLA struct {
+	RTPStreamID               int // 0-origin RTP stream ID (RID) this allocation is sent on (0..3)
+	RTPStreamCount            int // Number of RTP streams (1..4)
+	ActiveSpatialLayer        []SpatialLayer
+	HasResolutionAndFramerate bool
+}
+
+type vlaMarshalingContext struct {
+	slMBs                 [4]uint8
+	sls                   [4][4]*SpatialLayer
+	commonSLBM            uint8
+	encodedTargetBitrates [][]byte
+	requiredLen           int
+}
+
+func (v VLA) preprocessForMashaling(ctx *vlaMarshalingContext) error {
+	for i := 0; i < len(v.ActiveSpatialLayer); i++ {
+		sl := v.ActiveSpatialLayer[i]
+		if sl.RTPStreamID < 0 || sl.RTPStreamID >= v.RTPStreamCount {
+			return fmt.Errorf("invalid RTP streamID %d:%w", sl.RTPStreamID, ErrVLAInvalidStreamID)
+		}
+		if sl.SpatialID < 0 || sl.SpatialID >= 4 {
+			return fmt.Errorf("invalid spatial ID %d: %w", sl.SpatialID, ErrVLAInvalidSpatialID)
+		}
+		if len(sl.TargetBitrates) == 0 || len(sl.TargetBitrates) > 4 {
+			return fmt.Errorf("invalid temporal layer count %d: %w", len(sl.TargetBitrates), ErrVLAInvalidTemporalLayer)
+		}
+		ctx.slMBs[sl.RTPStreamID] |= 1 << sl.SpatialID
+		if ctx.sls[sl.RTPStreamID][sl.SpatialID] != nil {
+			return fmt.Errorf("duplicate spatial layer: %w", ErrVLADuplicateSpatialID)
+		}
+		ctx.sls[sl.RTPStreamID][sl.SpatialID] = &sl
+	}
+	return nil
+}
+
+func (v VLA) encodeTargetBitrates(ctx *vlaMarshalingContext) {
+	for rtpStreamID := 0; rtpStreamID < v.RTPStreamCount; rtpStreamID++ {
+		for spatialID := 0; spatialID < 4; spatialID++ {
+			if sl := ctx.sls[rtpStreamID][spatialID]; sl != nil {
+				for _, kbps := range sl.TargetBitrates {
+					leb128 := obu.WriteToLeb128(uint(kbps))
+					ctx.encodedTargetBitrates = append(ctx.encodedTargetBitrates, leb128)
+					ctx.requiredLen += len(leb128)
+				}
+			}
+		}
+	}
+}
+
+func (v VLA) analyzeVLAForMarshaling() (*vlaMarshalingContext, error) {
+	// Validate RTPStreamCount
+	if v.RTPStreamCount <= 0 || v.RTPStreamCount > 4 {
+		return nil, ErrVLAInvalidStreamCount
+	}
+	// Validate RTPStreamID
+	if v.RTPStreamID < 0 || v.RTPStreamID >= v.RTPStreamCount {
+		return nil, ErrVLAInvalidStreamID
+	}
+
+	ctx := &vlaMarshalingContext{}
+	err := v.preprocessForMashaling(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	ctx.commonSLBM = commonSLBMValues(ctx.slMBs[:])
+
+	// RID, NS, sl_bm fields
+	if ctx.commonSLBM != 0 {
+		ctx.requiredLen = 1
+	} else {
+		ctx.requiredLen = 3
+	}
+
+	// #tl fields
+	ctx.requiredLen += (len(v.ActiveSpatialLayer)-1)/4 + 1
+
+	v.encodeTargetBitrates(ctx)
+
+	if v.HasResolutionAndFramerate {
+		ctx.requiredLen += len(v.ActiveSpatialLayer) * 5
+	}
+
+	return ctx, nil
+}
+
+// Marshal encodes VLA into a byte slice.
+func (v VLA) Marshal() ([]byte, error) {
+	ctx, err := v.analyzeVLAForMarshaling()
+	if err != nil {
+		return nil, err
+	}
+
+	payload := make([]byte, ctx.requiredLen)
+	offset := 0
+
+	// RID, NS, sl_bm fields
+	payload[offset] = byte(v.RTPStreamID<<6) | byte(v.RTPStreamCount-1)<<4 | ctx.commonSLBM
+
+	if ctx.commonSLBM == 0 {
+		offset++
+		for streamID := 0; streamID < v.RTPStreamCount; streamID++ {
+			if streamID%2 == 0 {
+				payload[offset+streamID/2] |= ctx.slMBs[streamID] << 4
+			} else {
+				payload[offset+streamID/2] |= ctx.slMBs[streamID]
+			}
+		}
+		offset += (v.RTPStreamCount - 1) / 2
+	}
+
+	// #tl fields
+	offset++
+	var temporalLayerIndex int
+	for rtpStreamID := 0; rtpStreamID < v.RTPStreamCount; rtpStreamID++ {
+		for spatialID := 0; spatialID < 4; spatialID++ {
+			if sl := ctx.sls[rtpStreamID][spatialID]; sl != nil {
+				if temporalLayerIndex >= 4 {
+					temporalLayerIndex = 0
+					offset++
+				}
+				payload[offset] |= byte(len(sl.TargetBitrates)-1) << (2 * (3 - temporalLayerIndex))
+				temporalLayerIndex++
+			}
+		}
+	}
+
+	// Target bitrate fields
+	offset++
+	for _, encodedKbps := range ctx.encodedTargetBitrates {
+		encodedSize := len(encodedKbps)
+		copy(payload[offset:], encodedKbps)
+		offset += encodedSize
+	}
+
+	// Resolution & framerate fields
+	if v.HasResolutionAndFramerate {
+		for _, sl := range v.ActiveSpatialLayer {
+			binary.BigEndian.PutUint16(payload[offset+0:], uint16(sl.Width-1))
+			binary.BigEndian.PutUint16(payload[offset+2:], uint16(sl.Height-1))
+			payload[offset+4] = byte(sl.Framerate)
+			offset += 5
+		}
+	}
+
+	return payload, nil
+}
+
+func commonSLBMValues(slMBs []uint8) uint8 {
+	var common uint8
+	for i := 0; i < len(slMBs); i++ {
+		if slMBs[i] == 0 {
+			continue
+		}
+		if common == 0 {
+			common = slMBs[i]
+			continue
+		}
+		if slMBs[i] != common {
+			return 0
+		}
+	}
+	return common
+}
+
+type vlaUnmarshalingContext struct {
+	payload   []byte
+	offset    int
+	slBMField uint8
+	slBMs     [4]uint8
+}
+
+func (ctx *vlaUnmarshalingContext) checkRemainingLen(requiredLen int) bool {
+	return len(ctx.payload)-ctx.offset >= requiredLen
+}
+
+func (v *VLA) unmarshalSpatialLayers(ctx *vlaUnmarshalingContext) error {
+	if !ctx.checkRemainingLen(1) {
+		return fmt.Errorf("failed to unmarshal VLA (offset=%d): %w", ctx.offset, ErrVLATooShort)
+	}
+	v.RTPStreamID = int(ctx.payload[ctx.offset] >> 6 & 0b11)
+	v.RTPStreamCount = int(ctx.payload[ctx.offset]>>4&0b11) + 1
+
+	// sl_bm fields
+	ctx.slBMField = ctx.payload[ctx.offset] & 0b1111
+	ctx.offset++
+
+	if ctx.slBMField != 0 {
+		for streamID := 0; streamID < v.RTPStreamCount; streamID++ {
+			ctx.slBMs[streamID] = ctx.slBMField
+		}
+	} else {
+		if !ctx.checkRemainingLen((v.RTPStreamCount-1)/2 + 1) {
+			return fmt.Errorf("failed to unmarshal VLA (offset=%d): %w", ctx.offset, ErrVLATooShort)
+		}
+		// slX_bm fields
+		for streamID := 0; streamID < v.RTPStreamCount; streamID++ {
+			var bm uint8
+			if streamID%2 == 0 {
+				bm = ctx.payload[ctx.offset+streamID/2] >> 4 & 0b1111
+			} else {
+				bm = ctx.payload[ctx.offset+streamID/2] & 0b1111
+			}
+			ctx.slBMs[streamID] = bm
+		}
+		ctx.offset += 1 + (v.RTPStreamCount-1)/2
+	}
+
+	return nil
+}
+
+func (v *VLA) unmarshalTemporalLayers(ctx *vlaUnmarshalingContext) error {
+	if !ctx.checkRemainingLen(1) {
+		return fmt.Errorf("failed to unmarshal VLA (offset=%d): %w", ctx.offset, ErrVLATooShort)
+	}
+
+	var temporalLayerIndex int
+	for streamID := 0; streamID < v.RTPStreamCount; streamID++ {
+		for spatialID := 0; spatialID < 4; spatialID++ {
+			if ctx.slBMs[streamID]&(1<<spatialID) == 0 {
+				continue
+			}
+			if temporalLayerIndex >= 4 {
+				temporalLayerIndex = 0
+				ctx.offset++
+				if !ctx.checkRemainingLen(1) {
+					return fmt.Errorf("failed to unmarshal VLA (offset=%d): %w", ctx.offset, ErrVLATooShort)
+				}
+			}
+			tlCount := int(ctx.payload[ctx.offset]>>(2*(3-temporalLayerIndex))&0b11) + 1
+			temporalLayerIndex++
+			sl := SpatialLayer{
+				RTPStreamID:    streamID,
+				SpatialID:      spatialID,
+				TargetBitrates: make([]int, tlCount),
+			}
+			v.ActiveSpatialLayer = append(v.ActiveSpatialLayer, sl)
+		}
+	}
+	ctx.offset++
+
+	// target bitrates
+	for i, sl := range v.ActiveSpatialLayer {
+		for j := range sl.TargetBitrates {
+			kbps, n, err := obu.ReadLeb128(ctx.payload[ctx.offset:])
+			if err != nil {
+				return err
+			}
+			if !ctx.checkRemainingLen(int(n)) {
+				return fmt.Errorf("failed to unmarshal VLA (offset=%d): %w", ctx.offset, ErrVLATooShort)
+			}
+			v.ActiveSpatialLayer[i].TargetBitrates[j] = int(kbps)
+			ctx.offset += int(n)
+		}
+	}
+
+	return nil
+}
+
+func (v *VLA) unmarshalResolutionAndFramerate(ctx *vlaUnmarshalingContext) error {
+	if !ctx.checkRemainingLen(len(v.ActiveSpatialLayer) * 5) {
+		return fmt.Errorf("failed to unmarshal VLA (offset=%d): %w", ctx.offset, ErrVLATooShort)
+	}
+
+	v.HasResolutionAndFramerate = true
+
+	for i := range v.ActiveSpatialLayer {
+		v.ActiveSpatialLayer[i].Width = int(binary.BigEndian.Uint16(ctx.payload[ctx.offset+0:])) + 1
+		v.ActiveSpatialLayer[i].Height = int(binary.BigEndian.Uint16(ctx.payload[ctx.offset+2:])) + 1
+		v.ActiveSpatialLayer[i].Framerate = int(ctx.payload[ctx.offset+4])
+		ctx.offset += 5
+	}
+
+	return nil
+}
+
+// Unmarshal decodes VLA from a byte slice.
+func (v *VLA) Unmarshal(payload []byte) (int, error) {
+	ctx := &vlaUnmarshalingContext{
+		payload: payload,
+	}
+
+	err := v.unmarshalSpatialLayers(ctx)
+	if err != nil {
+		return ctx.offset, err
+	}
+
+	// #tl fields (build the list ActiveSpatialLayer at the same time)
+	err = v.unmarshalTemporalLayers(ctx)
+	if err != nil {
+		return ctx.offset, err
+	}
+
+	if len(ctx.payload) == ctx.offset {
+		return ctx.offset, nil
+	}
+
+	// resolution & framerate (optional)
+	err = v.unmarshalResolutionAndFramerate(ctx)
+	if err != nil {
+		return ctx.offset, err
+	}
+
+	return ctx.offset, nil
+}
+
+// String makes VLA printable.
+func (v VLA) String() string {
+	out := fmt.Sprintf("RID:%d,RTPStreamCount:%d", v.RTPStreamID, v.RTPStreamCount)
+	var slOut []string
+	for _, sl := range v.ActiveSpatialLayer {
+		out2 := fmt.Sprintf("RTPStreamID:%d", sl.RTPStreamID)
+		out2 += fmt.Sprintf(",TargetBitrates:%v", sl.TargetBitrates)
+		if v.HasResolutionAndFramerate {
+			out2 += fmt.Sprintf(",Resolution:(%d,%d)", sl.Width, sl.Height)
+			out2 += fmt.Sprintf(",Framerate:%d", sl.Framerate)
+		}
+		slOut = append(slOut, out2)
+	}
+	out += fmt.Sprintf(",ActiveSpatialLayers:{%s}", strings.Join(slOut, ","))
+	return out
+}
diff --git a/server/vendor/github.com/pion/sctp/.gitignore b/server/vendor/github.com/pion/sctp/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/sctp/.golangci.yml b/server/vendor/github.com/pion/sctp/.golangci.yml
new file mode 100644
index 0000000..e06de4d
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/.golangci.yml
@@ -0,0 +1,125 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    enable:
+      - shadow
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-dirs-use-default: false
+  exclude-rules:
+    # Allow complex tests and examples, better to be self contained
+    - path: (examples|main\.go|_test\.go)
+      linters:
+        - forbidigo
+        - gocognit
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
diff --git a/server/vendor/github.com/pion/sctp/.goreleaser.yml b/server/vendor/github.com/pion/sctp/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/sctp/LICENSE b/server/vendor/github.com/pion/sctp/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/sctp/README.md b/server/vendor/github.com/pion/sctp/README.md
new file mode 100644
index 0000000..a407c46
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/README.md
@@ -0,0 +1,34 @@
+<h1 align="center">
+  <br>
+  Pion SCTP
+  <br>
+</h1>
+<h4 align="center">A Go implementation of SCTP</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-sctp-gray.svg?longCache=true&colorB=brightgreen" alt="Pion SCTP"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/sctp/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/sctp"><img src="https://pkg.go.dev/badge/github.com/pion/sctp.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/sctp"><img src="https://codecov.io/gh/pion/sctp/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/sctp"><img src="https://goreportcard.com/badge/github.com/pion/sctp" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/sctp/ack_timer.go b/server/vendor/github.com/pion/sctp/ack_timer.go
new file mode 100644
index 0000000..b6008d1
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/ack_timer.go
@@ -0,0 +1,104 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"math"
+	"sync"
+	"time"
+)
+
+const (
+	ackInterval time.Duration = 200 * time.Millisecond
+)
+
+// ackTimerObserver is the inteface to an ack timer observer.
+type ackTimerObserver interface {
+	onAckTimeout()
+}
+
+type ackTimerState uint8
+
+const (
+	ackTimerStopped ackTimerState = iota
+	ackTimerStarted
+	ackTimerClosed
+)
+
+// ackTimer provides the retnransmission timer conforms with RFC 4960 Sec 6.3.1
+type ackTimer struct {
+	timer    *time.Timer
+	observer ackTimerObserver
+	mutex    sync.Mutex
+	state    ackTimerState
+	pending  uint8
+}
+
+// newAckTimer creates a new acknowledgement timer used to enable delayed ack.
+func newAckTimer(observer ackTimerObserver) *ackTimer {
+	t := &ackTimer{observer: observer}
+	t.timer = time.AfterFunc(math.MaxInt64, t.timeout)
+	t.timer.Stop()
+	return t
+}
+
+func (t *ackTimer) timeout() {
+	t.mutex.Lock()
+	if t.pending--; t.pending == 0 && t.state == ackTimerStarted {
+		t.state = ackTimerStopped
+		defer t.observer.onAckTimeout()
+	}
+	t.mutex.Unlock()
+}
+
+// start starts the timer.
+func (t *ackTimer) start() bool {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	// this timer is already closed or already running
+	if t.state != ackTimerStopped {
+		return false
+	}
+
+	t.state = ackTimerStarted
+	t.pending++
+	t.timer.Reset(ackInterval)
+	return true
+}
+
+// stops the timer. this is similar to stop() but subsequent start() call
+// will fail (the timer is no longer usable)
+func (t *ackTimer) stop() {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	if t.state == ackTimerStarted {
+		if t.timer.Stop() {
+			t.pending--
+		}
+		t.state = ackTimerStopped
+	}
+}
+
+// closes the timer. this is similar to stop() but subsequent start() call
+// will fail (the timer is no longer usable)
+func (t *ackTimer) close() {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	if t.state == ackTimerStarted && t.timer.Stop() {
+		t.pending--
+	}
+	t.state = ackTimerClosed
+}
+
+// isRunning tests if the timer is running.
+// Debug purpose only
+func (t *ackTimer) isRunning() bool {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	return t.state == ackTimerStarted
+}
diff --git a/server/vendor/github.com/pion/sctp/association.go b/server/vendor/github.com/pion/sctp/association.go
new file mode 100644
index 0000000..2198fc6
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/association.go
@@ -0,0 +1,2747 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"bytes"
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"math"
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/randutil"
+)
+
+// Port 5000 shows up in examples for SDPs used by WebRTC. Since this implementation
+// assumes it will be used by DTLS over UDP, the port is only meaningful for de-multiplexing
+// but more-so verification.
+// Example usage: https://www.rfc-editor.org/rfc/rfc8841.html#section-13.1-2
+const defaultSCTPSrcDstPort = 5000
+
+// Use global random generator to properly seed by crypto grade random.
+var globalMathRandomGenerator = randutil.NewMathRandomGenerator() // nolint:gochecknoglobals
+
+// Association errors
+var (
+	ErrChunk                         = errors.New("abort chunk, with following errors")
+	ErrShutdownNonEstablished        = errors.New("shutdown called in non-established state")
+	ErrAssociationClosedBeforeConn   = errors.New("association closed before connecting")
+	ErrSilentlyDiscard               = errors.New("silently discard")
+	ErrInitNotStoredToSend           = errors.New("the init not stored to send")
+	ErrCookieEchoNotStoredToSend     = errors.New("cookieEcho not stored to send")
+	ErrSCTPPacketSourcePortZero      = errors.New("sctp packet must not have a source port of 0")
+	ErrSCTPPacketDestinationPortZero = errors.New("sctp packet must not have a destination port of 0")
+	ErrInitChunkBundled              = errors.New("init chunk must not be bundled with any other chunk")
+	ErrInitChunkVerifyTagNotZero     = errors.New("init chunk expects a verification tag of 0 on the packet when out-of-the-blue")
+	ErrHandleInitState               = errors.New("todo: handle Init when in state")
+	ErrInitAckNoCookie               = errors.New("no cookie in InitAck")
+	ErrInflightQueueTSNPop           = errors.New("unable to be popped from inflight queue TSN")
+	ErrTSNRequestNotExist            = errors.New("requested non-existent TSN")
+	ErrResetPacketInStateNotExist    = errors.New("sending reset packet in non-established state")
+	ErrParamterType                  = errors.New("unexpected parameter type")
+	ErrPayloadDataStateNotExist      = errors.New("sending payload data in non-established state")
+	ErrChunkTypeUnhandled            = errors.New("unhandled chunk type")
+	ErrHandshakeInitAck              = errors.New("handshake failed (INIT ACK)")
+	ErrHandshakeCookieEcho           = errors.New("handshake failed (COOKIE ECHO)")
+	ErrTooManyReconfigRequests       = errors.New("too many outstanding reconfig requests")
+)
+
+const (
+	receiveMTU            uint32 = 8192 // MTU for inbound packet (from DTLS)
+	initialMTU            uint32 = 1228 // initial MTU for outgoing packets (to DTLS)
+	initialRecvBufSize    uint32 = 1024 * 1024
+	commonHeaderSize      uint32 = 12
+	dataChunkHeaderSize   uint32 = 16
+	defaultMaxMessageSize uint32 = 65536
+)
+
+// association state enums
+const (
+	closed uint32 = iota
+	cookieWait
+	cookieEchoed
+	established
+	shutdownAckSent
+	shutdownPending
+	shutdownReceived
+	shutdownSent
+)
+
+// retransmission timer IDs
+const (
+	timerT1Init int = iota
+	timerT1Cookie
+	timerT2Shutdown
+	timerT3RTX
+	timerReconfig
+)
+
+// ack mode (for testing)
+const (
+	ackModeNormal int = iota
+	ackModeNoDelay
+	ackModeAlwaysDelay
+)
+
+// ack transmission state
+const (
+	ackStateIdle      int = iota // ack timer is off
+	ackStateImmediate            // will send ack immediately
+	ackStateDelay                // ack timer is on (ack is being delayed)
+)
+
+// other constants
+const (
+	acceptChSize = 16
+	// avgChunkSize is an estimate of the average chunk size. There is no theory behind
+	// this estimate.
+	avgChunkSize = 500
+	// minTSNOffset is the minimum offset over the cummulative TSN that we will enqueue
+	// irrespective of the receive buffer size
+	// see getMaxTSNOffset
+	minTSNOffset = 2000
+	// maxTSNOffset is the maximum offset over the cummulative TSN that we will enqueue
+	// irrespective of the receive buffer size
+	// see getMaxTSNOffset
+	maxTSNOffset = 40000
+	// maxReconfigRequests is the maximum number of reconfig requests we will keep outstanding
+	maxReconfigRequests = 1000
+)
+
+func getAssociationStateString(a uint32) string {
+	switch a {
+	case closed:
+		return "Closed"
+	case cookieWait:
+		return "CookieWait"
+	case cookieEchoed:
+		return "CookieEchoed"
+	case established:
+		return "Established"
+	case shutdownPending:
+		return "ShutdownPending"
+	case shutdownSent:
+		return "ShutdownSent"
+	case shutdownReceived:
+		return "ShutdownReceived"
+	case shutdownAckSent:
+		return "ShutdownAckSent"
+	default:
+		return fmt.Sprintf("Invalid association state %d", a)
+	}
+}
+
+// Association represents an SCTP association
+// 13.2.  Parameters Necessary per Association (i.e., the TCB)
+//
+//	Peer        : Tag value to be sent in every packet and is received
+//	Verification: in the INIT or INIT ACK chunk.
+//	Tag         :
+//	State       : A state variable indicating what state the association
+//	            : is in, i.e., COOKIE-WAIT, COOKIE-ECHOED, ESTABLISHED,
+//	            : SHUTDOWN-PENDING, SHUTDOWN-SENT, SHUTDOWN-RECEIVED,
+//	            : SHUTDOWN-ACK-SENT.
+//
+// Note: No "CLOSED" state is illustrated since if a
+// association is "CLOSED" its TCB SHOULD be removed.
+// Note: By nature of an Association being constructed with one net.Conn,
+// it is not a multi-home supporting implementation of SCTP.
+type Association struct {
+	bytesReceived uint64
+	bytesSent     uint64
+
+	lock sync.RWMutex
+
+	netConn net.Conn
+
+	peerVerificationTag    uint32
+	myVerificationTag      uint32
+	state                  uint32
+	initialTSN             uint32
+	myNextTSN              uint32 // nextTSN
+	minTSN2MeasureRTT      uint32 // for RTT measurement
+	willSendForwardTSN     bool
+	willRetransmitFast     bool
+	willRetransmitReconfig bool
+
+	willSendShutdown         bool
+	willSendShutdownAck      bool
+	willSendShutdownComplete bool
+
+	willSendAbort      bool
+	willSendAbortCause errorCause
+
+	// Reconfig
+	myNextRSN        uint32
+	reconfigs        map[uint32]*chunkReconfig
+	reconfigRequests map[uint32]*paramOutgoingResetRequest
+
+	// Non-RFC internal data
+	sourcePort              uint16
+	destinationPort         uint16
+	myMaxNumInboundStreams  uint16
+	myMaxNumOutboundStreams uint16
+	myCookie                *paramStateCookie
+	payloadQueue            *receivePayloadQueue
+	inflightQueue           *payloadQueue
+	pendingQueue            *pendingQueue
+	controlQueue            *controlQueue
+	mtu                     uint32
+	maxPayloadSize          uint32       // max DATA chunk payload size
+	srtt                    atomic.Value // type float64
+	cumulativeTSNAckPoint   uint32
+	advancedPeerTSNAckPoint uint32
+	useForwardTSN           bool
+	sendZeroChecksum        bool
+	recvZeroChecksum        bool
+
+	// Congestion control parameters
+	maxReceiveBufferSize uint32
+	maxMessageSize       uint32
+	cwnd                 uint32 // my congestion window size
+	rwnd                 uint32 // calculated peer's receiver windows size
+	ssthresh             uint32 // slow start threshold
+	partialBytesAcked    uint32
+	inFastRecovery       bool
+	fastRecoverExitPoint uint32
+
+	// RTX & Ack timer
+	rtoMgr     *rtoManager
+	t1Init     *rtxTimer
+	t1Cookie   *rtxTimer
+	t2Shutdown *rtxTimer
+	t3RTX      *rtxTimer
+	tReconfig  *rtxTimer
+	ackTimer   *ackTimer
+
+	// Chunks stored for retransmission
+	storedInit       *chunkInit
+	storedCookieEcho *chunkCookieEcho
+
+	streams              map[uint16]*Stream
+	acceptCh             chan *Stream
+	readLoopCloseCh      chan struct{}
+	awakeWriteLoopCh     chan struct{}
+	closeWriteLoopCh     chan struct{}
+	handshakeCompletedCh chan error
+
+	closeWriteLoopOnce sync.Once
+
+	// local error
+	silentError error
+
+	ackState int
+	ackMode  int // for testing
+
+	// stats
+	stats *associationStats
+
+	// per inbound packet context
+	delayedAckTriggered   bool
+	immediateAckTriggered bool
+
+	name string
+	log  logging.LeveledLogger
+}
+
+// Config collects the arguments to createAssociation construction into
+// a single structure
+type Config struct {
+	Name                 string
+	NetConn              net.Conn
+	MaxReceiveBufferSize uint32
+	MaxMessageSize       uint32
+	EnableZeroChecksum   bool
+	LoggerFactory        logging.LoggerFactory
+	// RTOMax is the maximum retransmission timeout in milliseconds
+	RTOMax float64
+}
+
+// Server accepts a SCTP stream over a conn
+func Server(config Config) (*Association, error) {
+	a := createAssociation(config)
+	a.init(false)
+
+	select {
+	case err := <-a.handshakeCompletedCh:
+		if err != nil {
+			return nil, err
+		}
+		return a, nil
+	case <-a.readLoopCloseCh:
+		return nil, ErrAssociationClosedBeforeConn
+	}
+}
+
+// Client opens a SCTP stream over a conn
+func Client(config Config) (*Association, error) {
+	return createClientWithContext(context.Background(), config)
+}
+
+func createClientWithContext(ctx context.Context, config Config) (*Association, error) {
+	a := createAssociation(config)
+	a.init(true)
+
+	select {
+	case <-ctx.Done():
+		a.log.Errorf("[%s] client handshake canceled: state=%s", a.name, getAssociationStateString(a.getState()))
+		a.Close() // nolint:errcheck,gosec
+		return nil, ctx.Err()
+	case err := <-a.handshakeCompletedCh:
+		if err != nil {
+			return nil, err
+		}
+		return a, nil
+	case <-a.readLoopCloseCh:
+		return nil, ErrAssociationClosedBeforeConn
+	}
+}
+
+func createAssociation(config Config) *Association {
+	var maxReceiveBufferSize uint32
+	if config.MaxReceiveBufferSize == 0 {
+		maxReceiveBufferSize = initialRecvBufSize
+	} else {
+		maxReceiveBufferSize = config.MaxReceiveBufferSize
+	}
+
+	var maxMessageSize uint32
+	if config.MaxMessageSize == 0 {
+		maxMessageSize = defaultMaxMessageSize
+	} else {
+		maxMessageSize = config.MaxMessageSize
+	}
+
+	tsn := globalMathRandomGenerator.Uint32()
+	a := &Association{
+		netConn:              config.NetConn,
+		maxReceiveBufferSize: maxReceiveBufferSize,
+		maxMessageSize:       maxMessageSize,
+
+		// These two max values have us not need to follow
+		// 5.1.1 where this peer may be incapable of supporting
+		// the requested amount of outbound streams from the other
+		// peer.
+		myMaxNumOutboundStreams: math.MaxUint16,
+		myMaxNumInboundStreams:  math.MaxUint16,
+
+		payloadQueue:            newReceivePayloadQueue(getMaxTSNOffset(maxReceiveBufferSize)),
+		inflightQueue:           newPayloadQueue(),
+		pendingQueue:            newPendingQueue(),
+		controlQueue:            newControlQueue(),
+		mtu:                     initialMTU,
+		maxPayloadSize:          initialMTU - (commonHeaderSize + dataChunkHeaderSize),
+		myVerificationTag:       globalMathRandomGenerator.Uint32(),
+		initialTSN:              tsn,
+		myNextTSN:               tsn,
+		myNextRSN:               tsn,
+		minTSN2MeasureRTT:       tsn,
+		state:                   closed,
+		rtoMgr:                  newRTOManager(config.RTOMax),
+		streams:                 map[uint16]*Stream{},
+		reconfigs:               map[uint32]*chunkReconfig{},
+		reconfigRequests:        map[uint32]*paramOutgoingResetRequest{},
+		acceptCh:                make(chan *Stream, acceptChSize),
+		readLoopCloseCh:         make(chan struct{}),
+		awakeWriteLoopCh:        make(chan struct{}, 1),
+		closeWriteLoopCh:        make(chan struct{}),
+		handshakeCompletedCh:    make(chan error),
+		cumulativeTSNAckPoint:   tsn - 1,
+		advancedPeerTSNAckPoint: tsn - 1,
+		recvZeroChecksum:        config.EnableZeroChecksum,
+		silentError:             ErrSilentlyDiscard,
+		stats:                   &associationStats{},
+		log:                     config.LoggerFactory.NewLogger("sctp"),
+		name:                    config.Name,
+	}
+
+	if a.name == "" {
+		a.name = fmt.Sprintf("%p", a)
+	}
+
+	// RFC 4690 Sec 7.2.1
+	//  o  The initial cwnd before DATA transmission or after a sufficiently
+	//     long idle period MUST be set to min(4*MTU, max (2*MTU, 4380
+	//     bytes)).
+	a.setCWND(min32(4*a.MTU(), max32(2*a.MTU(), 4380)))
+	a.log.Tracef("[%s] updated cwnd=%d ssthresh=%d inflight=%d (INI)",
+		a.name, a.CWND(), a.ssthresh, a.inflightQueue.getNumBytes())
+
+	a.srtt.Store(float64(0))
+	a.t1Init = newRTXTimer(timerT1Init, a, maxInitRetrans, config.RTOMax)
+	a.t1Cookie = newRTXTimer(timerT1Cookie, a, maxInitRetrans, config.RTOMax)
+	a.t2Shutdown = newRTXTimer(timerT2Shutdown, a, noMaxRetrans, config.RTOMax)
+	a.t3RTX = newRTXTimer(timerT3RTX, a, noMaxRetrans, config.RTOMax)
+	a.tReconfig = newRTXTimer(timerReconfig, a, noMaxRetrans, config.RTOMax)
+	a.ackTimer = newAckTimer(a)
+
+	return a
+}
+
+func (a *Association) init(isClient bool) {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	go a.readLoop()
+	go a.writeLoop()
+
+	if isClient {
+		init := &chunkInit{}
+		init.initialTSN = a.myNextTSN
+		init.numOutboundStreams = a.myMaxNumOutboundStreams
+		init.numInboundStreams = a.myMaxNumInboundStreams
+		init.initiateTag = a.myVerificationTag
+		init.advertisedReceiverWindowCredit = a.maxReceiveBufferSize
+		setSupportedExtensions(&init.chunkInitCommon)
+
+		if a.recvZeroChecksum {
+			init.params = append(init.params, &paramZeroChecksumAcceptable{edmid: dtlsErrorDetectionMethod})
+		}
+
+		a.storedInit = init
+
+		err := a.sendInit()
+		if err != nil {
+			a.log.Errorf("[%s] failed to send init: %s", a.name, err.Error())
+		}
+
+		// After sending the INIT chunk, "A" starts the T1-init timer and enters the COOKIE-WAIT state.
+		// Note: ideally we would set state after the timer starts but since we don't do this in an atomic
+		// set + timer-start, it's safer to just set the state first so that we don't have a timer expiration
+		// race.
+		a.setState(cookieWait)
+		a.t1Init.start(a.rtoMgr.getRTO())
+	}
+}
+
+// caller must hold a.lock
+func (a *Association) sendInit() error {
+	a.log.Debugf("[%s] sending INIT", a.name)
+	if a.storedInit == nil {
+		return ErrInitNotStoredToSend
+	}
+
+	outbound := &packet{}
+	outbound.verificationTag = a.peerVerificationTag
+	a.sourcePort = defaultSCTPSrcDstPort
+	a.destinationPort = defaultSCTPSrcDstPort
+	outbound.sourcePort = a.sourcePort
+	outbound.destinationPort = a.destinationPort
+
+	outbound.chunks = []chunk{a.storedInit}
+
+	a.controlQueue.push(outbound)
+	a.awakeWriteLoop()
+
+	return nil
+}
+
+// caller must hold a.lock
+func (a *Association) sendCookieEcho() error {
+	if a.storedCookieEcho == nil {
+		return ErrCookieEchoNotStoredToSend
+	}
+
+	a.log.Debugf("[%s] sending COOKIE-ECHO", a.name)
+
+	outbound := &packet{}
+	outbound.verificationTag = a.peerVerificationTag
+	outbound.sourcePort = a.sourcePort
+	outbound.destinationPort = a.destinationPort
+	outbound.chunks = []chunk{a.storedCookieEcho}
+
+	a.controlQueue.push(outbound)
+	a.awakeWriteLoop()
+
+	return nil
+}
+
+// Shutdown initiates the shutdown sequence. The method blocks until the
+// shutdown sequence is completed and the connection is closed, or until the
+// passed context is done, in which case the context's error is returned.
+func (a *Association) Shutdown(ctx context.Context) error {
+	a.log.Debugf("[%s] closing association..", a.name)
+
+	state := a.getState()
+
+	if state != established {
+		return fmt.Errorf("%w: shutdown %s", ErrShutdownNonEstablished, a.name)
+	}
+
+	// Attempt a graceful shutdown.
+	a.setState(shutdownPending)
+
+	a.lock.Lock()
+
+	if a.inflightQueue.size() == 0 {
+		// No more outstanding, send shutdown.
+		a.willSendShutdown = true
+		a.awakeWriteLoop()
+		a.setState(shutdownSent)
+	}
+
+	a.lock.Unlock()
+
+	select {
+	case <-a.closeWriteLoopCh:
+		return nil
+	case <-ctx.Done():
+		return ctx.Err()
+	}
+}
+
+// Close ends the SCTP Association and cleans up any state
+func (a *Association) Close() error {
+	a.log.Debugf("[%s] closing association..", a.name)
+
+	err := a.close()
+
+	// Wait for readLoop to end
+	<-a.readLoopCloseCh
+
+	a.log.Debugf("[%s] association closed", a.name)
+	a.log.Debugf("[%s] stats nPackets (in) : %d", a.name, a.stats.getNumPacketsReceived())
+	a.log.Debugf("[%s] stats nPackets (out) : %d", a.name, a.stats.getNumPacketsSent())
+	a.log.Debugf("[%s] stats nDATAs (in) : %d", a.name, a.stats.getNumDATAs())
+	a.log.Debugf("[%s] stats nSACKs (in) : %d", a.name, a.stats.getNumSACKsReceived())
+	a.log.Debugf("[%s] stats nSACKs (out) : %d\n", a.name, a.stats.getNumSACKsSent())
+	a.log.Debugf("[%s] stats nT3Timeouts : %d", a.name, a.stats.getNumT3Timeouts())
+	a.log.Debugf("[%s] stats nAckTimeouts: %d", a.name, a.stats.getNumAckTimeouts())
+	a.log.Debugf("[%s] stats nFastRetrans: %d", a.name, a.stats.getNumFastRetrans())
+
+	return err
+}
+
+func (a *Association) close() error {
+	a.log.Debugf("[%s] closing association..", a.name)
+
+	a.setState(closed)
+
+	err := a.netConn.Close()
+
+	a.closeAllTimers()
+
+	// awake writeLoop to exit
+	a.closeWriteLoopOnce.Do(func() { close(a.closeWriteLoopCh) })
+
+	return err
+}
+
+// Abort sends the abort packet with user initiated abort and immediately
+// closes the connection.
+func (a *Association) Abort(reason string) {
+	a.log.Debugf("[%s] aborting association: %s", a.name, reason)
+
+	a.lock.Lock()
+
+	a.willSendAbort = true
+	a.willSendAbortCause = &errorCauseUserInitiatedAbort{
+		upperLayerAbortReason: []byte(reason),
+	}
+
+	a.lock.Unlock()
+
+	a.awakeWriteLoop()
+
+	// Wait for readLoop to end
+	<-a.readLoopCloseCh
+}
+
+func (a *Association) closeAllTimers() {
+	// Close all retransmission & ack timers
+	a.t1Init.close()
+	a.t1Cookie.close()
+	a.t2Shutdown.close()
+	a.t3RTX.close()
+	a.tReconfig.close()
+	a.ackTimer.close()
+}
+
+func (a *Association) readLoop() {
+	var closeErr error
+	defer func() {
+		// also stop writeLoop, otherwise writeLoop can be leaked
+		// if connection is lost when there is no writing packet.
+		a.closeWriteLoopOnce.Do(func() { close(a.closeWriteLoopCh) })
+
+		a.lock.Lock()
+		for _, s := range a.streams {
+			a.unregisterStream(s, closeErr)
+		}
+		a.lock.Unlock()
+		close(a.acceptCh)
+		close(a.readLoopCloseCh)
+
+		a.log.Debugf("[%s] association closed", a.name)
+		a.log.Debugf("[%s] stats nDATAs (in) : %d", a.name, a.stats.getNumDATAs())
+		a.log.Debugf("[%s] stats nSACKs (in) : %d", a.name, a.stats.getNumSACKsReceived())
+		a.log.Debugf("[%s] stats nT3Timeouts : %d", a.name, a.stats.getNumT3Timeouts())
+		a.log.Debugf("[%s] stats nAckTimeouts: %d", a.name, a.stats.getNumAckTimeouts())
+		a.log.Debugf("[%s] stats nFastRetrans: %d", a.name, a.stats.getNumFastRetrans())
+	}()
+
+	a.log.Debugf("[%s] readLoop entered", a.name)
+	buffer := make([]byte, receiveMTU)
+
+	for {
+		n, err := a.netConn.Read(buffer)
+		if err != nil {
+			closeErr = err
+			break
+		}
+		// Make a buffer sized to what we read, then copy the data we
+		// read from the underlying transport. We do this because the
+		// user data is passed to the reassembly queue without
+		// copying.
+		inbound := make([]byte, n)
+		copy(inbound, buffer[:n])
+		atomic.AddUint64(&a.bytesReceived, uint64(n))
+		if err = a.handleInbound(inbound); err != nil {
+			closeErr = err
+			break
+		}
+	}
+
+	a.log.Debugf("[%s] readLoop exited %s", a.name, closeErr)
+}
+
+func (a *Association) writeLoop() {
+	a.log.Debugf("[%s] writeLoop entered", a.name)
+	defer a.log.Debugf("[%s] writeLoop exited", a.name)
+
+loop:
+	for {
+		rawPackets, ok := a.gatherOutbound()
+
+		for _, raw := range rawPackets {
+			_, err := a.netConn.Write(raw)
+			if err != nil {
+				if !errors.Is(err, io.EOF) {
+					a.log.Warnf("[%s] failed to write packets on netConn: %v", a.name, err)
+				}
+				a.log.Debugf("[%s] writeLoop ended", a.name)
+				break loop
+			}
+			atomic.AddUint64(&a.bytesSent, uint64(len(raw)))
+			a.stats.incPacketsSent()
+		}
+
+		if !ok {
+			if err := a.close(); err != nil {
+				a.log.Warnf("[%s] failed to close association: %v", a.name, err)
+			}
+
+			return
+		}
+
+		select {
+		case <-a.awakeWriteLoopCh:
+		case <-a.closeWriteLoopCh:
+			break loop
+		}
+	}
+
+	a.setState(closed)
+	a.closeAllTimers()
+}
+
+func (a *Association) awakeWriteLoop() {
+	select {
+	case a.awakeWriteLoopCh <- struct{}{}:
+	default:
+	}
+}
+
+// unregisterStream un-registers a stream from the association
+// The caller should hold the association write lock.
+func (a *Association) unregisterStream(s *Stream, err error) {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	delete(a.streams, s.streamIdentifier)
+	s.readErr = err
+	s.readNotifier.Broadcast()
+}
+
+func chunkMandatoryChecksum(cc []chunk) bool {
+	for _, c := range cc {
+		switch c.(type) {
+		case *chunkInit, *chunkCookieEcho:
+			return true
+		}
+	}
+	return false
+}
+
+func (a *Association) marshalPacket(p *packet) ([]byte, error) {
+	return p.marshal(!a.sendZeroChecksum || chunkMandatoryChecksum(p.chunks))
+}
+
+func (a *Association) unmarshalPacket(raw []byte) (*packet, error) {
+	p := &packet{}
+	if err := p.unmarshal(!a.recvZeroChecksum, raw); err != nil {
+		return nil, err
+	}
+	return p, nil
+}
+
+// handleInbound parses incoming raw packets
+func (a *Association) handleInbound(raw []byte) error {
+	p, err := a.unmarshalPacket(raw)
+	if err != nil {
+		a.log.Warnf("[%s] unable to parse SCTP packet %s", a.name, err)
+		return nil
+	}
+
+	if err := checkPacket(p); err != nil {
+		a.log.Warnf("[%s] failed validating packet %s", a.name, err)
+		return nil
+	}
+
+	a.handleChunksStart()
+
+	for _, c := range p.chunks {
+		if err := a.handleChunk(p, c); err != nil {
+			return err
+		}
+	}
+
+	a.handleChunksEnd()
+
+	return nil
+}
+
+// The caller should hold the lock
+func (a *Association) gatherDataPacketsToRetransmit(rawPackets [][]byte) [][]byte {
+	for _, p := range a.getDataPacketsToRetransmit() {
+		raw, err := a.marshalPacket(p)
+		if err != nil {
+			a.log.Warnf("[%s] failed to serialize a DATA packet to be retransmitted", a.name)
+			continue
+		}
+		rawPackets = append(rawPackets, raw)
+	}
+
+	return rawPackets
+}
+
+// The caller should hold the lock
+func (a *Association) gatherOutboundDataAndReconfigPackets(rawPackets [][]byte) [][]byte {
+	// Pop unsent data chunks from the pending queue to send as much as
+	// cwnd and rwnd allow.
+	chunks, sisToReset := a.popPendingDataChunksToSend()
+	if len(chunks) > 0 {
+		// Start timer. (noop if already started)
+		a.log.Tracef("[%s] T3-rtx timer start (pt1)", a.name)
+		a.t3RTX.start(a.rtoMgr.getRTO())
+		for _, p := range a.bundleDataChunksIntoPackets(chunks) {
+			raw, err := a.marshalPacket(p)
+			if err != nil {
+				a.log.Warnf("[%s] failed to serialize a DATA packet", a.name)
+				continue
+			}
+			rawPackets = append(rawPackets, raw)
+		}
+	}
+
+	if len(sisToReset) > 0 || a.willRetransmitReconfig {
+		if a.willRetransmitReconfig {
+			a.willRetransmitReconfig = false
+			a.log.Debugf("[%s] retransmit %d RECONFIG chunk(s)", a.name, len(a.reconfigs))
+			for _, c := range a.reconfigs {
+				p := a.createPacket([]chunk{c})
+				raw, err := a.marshalPacket(p)
+				if err != nil {
+					a.log.Warnf("[%s] failed to serialize a RECONFIG packet to be retransmitted", a.name)
+				} else {
+					rawPackets = append(rawPackets, raw)
+				}
+			}
+		}
+
+		if len(sisToReset) > 0 {
+			rsn := a.generateNextRSN()
+			tsn := a.myNextTSN - 1
+			c := &chunkReconfig{
+				paramA: &paramOutgoingResetRequest{
+					reconfigRequestSequenceNumber: rsn,
+					senderLastTSN:                 tsn,
+					streamIdentifiers:             sisToReset,
+				},
+			}
+			a.reconfigs[rsn] = c // store in the map for retransmission
+			a.log.Debugf("[%s] sending RECONFIG: rsn=%d tsn=%d streams=%v",
+				a.name, rsn, a.myNextTSN-1, sisToReset)
+			p := a.createPacket([]chunk{c})
+			raw, err := a.marshalPacket(p)
+			if err != nil {
+				a.log.Warnf("[%s] failed to serialize a RECONFIG packet to be transmitted", a.name)
+			} else {
+				rawPackets = append(rawPackets, raw)
+			}
+		}
+
+		if len(a.reconfigs) > 0 {
+			a.tReconfig.start(a.rtoMgr.getRTO())
+		}
+	}
+
+	return rawPackets
+}
+
+// The caller should hold the lock
+func (a *Association) gatherOutboundFastRetransmissionPackets(rawPackets [][]byte) [][]byte {
+	if a.willRetransmitFast {
+		a.willRetransmitFast = false
+
+		toFastRetrans := []chunk{}
+		fastRetransSize := commonHeaderSize
+
+		for i := 0; ; i++ {
+			c, ok := a.inflightQueue.get(a.cumulativeTSNAckPoint + uint32(i) + 1)
+			if !ok {
+				break // end of pending data
+			}
+
+			if c.acked || c.abandoned() {
+				continue
+			}
+
+			if c.nSent > 1 || c.missIndicator < 3 {
+				continue
+			}
+
+			// RFC 4960 Sec 7.2.4 Fast Retransmit on Gap Reports
+			//  3)  Determine how many of the earliest (i.e., lowest TSN) DATA chunks
+			//      marked for retransmission will fit into a single packet, subject
+			//      to constraint of the path MTU of the destination transport
+			//      address to which the packet is being sent.  Call this value K.
+			//      Retransmit those K DATA chunks in a single packet.  When a Fast
+			//      Retransmit is being performed, the sender SHOULD ignore the value
+			//      of cwnd and SHOULD NOT delay retransmission for this single
+			//		packet.
+
+			dataChunkSize := dataChunkHeaderSize + uint32(len(c.userData))
+			if a.MTU() < fastRetransSize+dataChunkSize {
+				break
+			}
+
+			fastRetransSize += dataChunkSize
+			a.stats.incFastRetrans()
+			c.nSent++
+			a.checkPartialReliabilityStatus(c)
+			toFastRetrans = append(toFastRetrans, c)
+			a.log.Tracef("[%s] fast-retransmit: tsn=%d sent=%d htna=%d",
+				a.name, c.tsn, c.nSent, a.fastRecoverExitPoint)
+		}
+
+		if len(toFastRetrans) > 0 {
+			raw, err := a.marshalPacket(a.createPacket(toFastRetrans))
+			if err != nil {
+				a.log.Warnf("[%s] failed to serialize a DATA packet to be fast-retransmitted", a.name)
+			} else {
+				rawPackets = append(rawPackets, raw)
+			}
+		}
+	}
+
+	return rawPackets
+}
+
+// The caller should hold the lock
+func (a *Association) gatherOutboundSackPackets(rawPackets [][]byte) [][]byte {
+	if a.ackState == ackStateImmediate {
+		a.ackState = ackStateIdle
+		sack := a.createSelectiveAckChunk()
+		a.stats.incSACKsSent()
+		a.log.Debugf("[%s] sending SACK: %s", a.name, sack)
+		raw, err := a.marshalPacket(a.createPacket([]chunk{sack}))
+		if err != nil {
+			a.log.Warnf("[%s] failed to serialize a SACK packet", a.name)
+		} else {
+			rawPackets = append(rawPackets, raw)
+		}
+	}
+
+	return rawPackets
+}
+
+// The caller should hold the lock
+func (a *Association) gatherOutboundForwardTSNPackets(rawPackets [][]byte) [][]byte {
+	if a.willSendForwardTSN {
+		a.willSendForwardTSN = false
+		if sna32GT(a.advancedPeerTSNAckPoint, a.cumulativeTSNAckPoint) {
+			fwdtsn := a.createForwardTSN()
+			raw, err := a.marshalPacket(a.createPacket([]chunk{fwdtsn}))
+			if err != nil {
+				a.log.Warnf("[%s] failed to serialize a Forward TSN packet", a.name)
+			} else {
+				rawPackets = append(rawPackets, raw)
+			}
+		}
+	}
+
+	return rawPackets
+}
+
+func (a *Association) gatherOutboundShutdownPackets(rawPackets [][]byte) ([][]byte, bool) {
+	ok := true
+
+	switch {
+	case a.willSendShutdown:
+		a.willSendShutdown = false
+
+		shutdown := &chunkShutdown{
+			cumulativeTSNAck: a.cumulativeTSNAckPoint,
+		}
+
+		raw, err := a.marshalPacket(a.createPacket([]chunk{shutdown}))
+		if err != nil {
+			a.log.Warnf("[%s] failed to serialize a Shutdown packet", a.name)
+		} else {
+			a.t2Shutdown.start(a.rtoMgr.getRTO())
+			rawPackets = append(rawPackets, raw)
+		}
+	case a.willSendShutdownAck:
+		a.willSendShutdownAck = false
+
+		shutdownAck := &chunkShutdownAck{}
+
+		raw, err := a.marshalPacket(a.createPacket([]chunk{shutdownAck}))
+		if err != nil {
+			a.log.Warnf("[%s] failed to serialize a ShutdownAck packet", a.name)
+		} else {
+			a.t2Shutdown.start(a.rtoMgr.getRTO())
+			rawPackets = append(rawPackets, raw)
+		}
+	case a.willSendShutdownComplete:
+		a.willSendShutdownComplete = false
+
+		shutdownComplete := &chunkShutdownComplete{}
+
+		raw, err := a.marshalPacket(a.createPacket([]chunk{shutdownComplete}))
+		if err != nil {
+			a.log.Warnf("[%s] failed to serialize a ShutdownComplete packet", a.name)
+		} else {
+			rawPackets = append(rawPackets, raw)
+			ok = false
+		}
+	}
+
+	return rawPackets, ok
+}
+
+func (a *Association) gatherAbortPacket() ([]byte, error) {
+	cause := a.willSendAbortCause
+
+	a.willSendAbort = false
+	a.willSendAbortCause = nil
+
+	abort := &chunkAbort{}
+
+	if cause != nil {
+		abort.errorCauses = []errorCause{cause}
+	}
+
+	raw, err := a.marshalPacket(a.createPacket([]chunk{abort}))
+
+	return raw, err
+}
+
+// gatherOutbound gathers outgoing packets. The returned bool value set to
+// false means the association should be closed down after the final send.
+func (a *Association) gatherOutbound() ([][]byte, bool) {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	if a.willSendAbort {
+		pkt, err := a.gatherAbortPacket()
+		if err != nil {
+			a.log.Warnf("[%s] failed to serialize an abort packet", a.name)
+			return nil, false
+		}
+
+		return [][]byte{pkt}, false
+	}
+
+	rawPackets := [][]byte{}
+
+	if a.controlQueue.size() > 0 {
+		for _, p := range a.controlQueue.popAll() {
+			raw, err := a.marshalPacket(p)
+			if err != nil {
+				a.log.Warnf("[%s] failed to serialize a control packet", a.name)
+				continue
+			}
+			rawPackets = append(rawPackets, raw)
+		}
+	}
+
+	state := a.getState()
+
+	ok := true
+
+	switch state {
+	case established:
+		rawPackets = a.gatherDataPacketsToRetransmit(rawPackets)
+		rawPackets = a.gatherOutboundDataAndReconfigPackets(rawPackets)
+		rawPackets = a.gatherOutboundFastRetransmissionPackets(rawPackets)
+		rawPackets = a.gatherOutboundSackPackets(rawPackets)
+		rawPackets = a.gatherOutboundForwardTSNPackets(rawPackets)
+	case shutdownPending, shutdownSent, shutdownReceived:
+		rawPackets = a.gatherDataPacketsToRetransmit(rawPackets)
+		rawPackets = a.gatherOutboundFastRetransmissionPackets(rawPackets)
+		rawPackets = a.gatherOutboundSackPackets(rawPackets)
+		rawPackets, ok = a.gatherOutboundShutdownPackets(rawPackets)
+	case shutdownAckSent:
+		rawPackets, ok = a.gatherOutboundShutdownPackets(rawPackets)
+	}
+
+	return rawPackets, ok
+}
+
+func checkPacket(p *packet) error {
+	// All packets must adhere to these rules
+
+	// This is the SCTP sender's port number.  It can be used by the
+	// receiver in combination with the source IP address, the SCTP
+	// destination port, and possibly the destination IP address to
+	// identify the association to which this packet belongs.  The port
+	// number 0 MUST NOT be used.
+	if p.sourcePort == 0 {
+		return ErrSCTPPacketSourcePortZero
+	}
+
+	// This is the SCTP port number to which this packet is destined.
+	// The receiving host will use this port number to de-multiplex the
+	// SCTP packet to the correct receiving endpoint/application.  The
+	// port number 0 MUST NOT be used.
+	if p.destinationPort == 0 {
+		return ErrSCTPPacketDestinationPortZero
+	}
+
+	// Check values on the packet that are specific to a particular chunk type
+	for _, c := range p.chunks {
+		switch c.(type) { // nolint:gocritic
+		case *chunkInit:
+			// An INIT or INIT ACK chunk MUST NOT be bundled with any other chunk.
+			// They MUST be the only chunks present in the SCTP packets that carry
+			// them.
+			if len(p.chunks) != 1 {
+				return ErrInitChunkBundled
+			}
+
+			// A packet containing an INIT chunk MUST have a zero Verification
+			// Tag.
+			if p.verificationTag != 0 {
+				return ErrInitChunkVerifyTagNotZero
+			}
+		}
+	}
+
+	return nil
+}
+
+func min16(a, b uint16) uint16 {
+	if a < b {
+		return a
+	}
+	return b
+}
+
+func max32(a, b uint32) uint32 {
+	if a > b {
+		return a
+	}
+	return b
+}
+
+func min32(a, b uint32) uint32 {
+	if a < b {
+		return a
+	}
+	return b
+}
+
+// peerLastTSN return last received cumulative TSN
+func (a *Association) peerLastTSN() uint32 {
+	return a.payloadQueue.getcumulativeTSN()
+}
+
+// setState atomically sets the state of the Association.
+// The caller should hold the lock.
+func (a *Association) setState(newState uint32) {
+	oldState := atomic.SwapUint32(&a.state, newState)
+	if newState != oldState {
+		a.log.Debugf("[%s] state change: '%s' => '%s'",
+			a.name,
+			getAssociationStateString(oldState),
+			getAssociationStateString(newState))
+	}
+}
+
+// getState atomically returns the state of the Association.
+func (a *Association) getState() uint32 {
+	return atomic.LoadUint32(&a.state)
+}
+
+// BytesSent returns the number of bytes sent
+func (a *Association) BytesSent() uint64 {
+	return atomic.LoadUint64(&a.bytesSent)
+}
+
+// BytesReceived returns the number of bytes received
+func (a *Association) BytesReceived() uint64 {
+	return atomic.LoadUint64(&a.bytesReceived)
+}
+
+// MTU returns the association's current MTU
+func (a *Association) MTU() uint32 {
+	return atomic.LoadUint32(&a.mtu)
+}
+
+// CWND returns the association's current congestion window (cwnd)
+func (a *Association) CWND() uint32 {
+	return atomic.LoadUint32(&a.cwnd)
+}
+
+func (a *Association) setCWND(cwnd uint32) {
+	atomic.StoreUint32(&a.cwnd, cwnd)
+}
+
+// RWND returns the association's current receiver window (rwnd)
+func (a *Association) RWND() uint32 {
+	return atomic.LoadUint32(&a.rwnd)
+}
+
+func (a *Association) setRWND(rwnd uint32) {
+	atomic.StoreUint32(&a.rwnd, rwnd)
+}
+
+// SRTT returns the latest smoothed round-trip time (srrt)
+func (a *Association) SRTT() float64 {
+	return a.srtt.Load().(float64) //nolint:forcetypeassert
+}
+
+// getMaxTSNOffset returns the maximum offset over the current cummulative TSN that
+// we are willing to enqueue. This ensures that we keep the bytes utilized in the receive
+// buffer within a small multiple of the user provided max receive buffer size.
+func getMaxTSNOffset(maxReceiveBufferSize uint32) uint32 {
+	// 4 is a magic number here. There is no theory behind this.
+	offset := (maxReceiveBufferSize * 4) / avgChunkSize
+	if offset < minTSNOffset {
+		offset = minTSNOffset
+	}
+	if offset > maxTSNOffset {
+		offset = maxTSNOffset
+	}
+	return offset
+}
+
+func setSupportedExtensions(init *chunkInitCommon) {
+	// nolint:godox
+	// TODO RFC5061 https://tools.ietf.org/html/rfc6525#section-5.2
+	// An implementation supporting this (Supported Extensions Parameter)
+	// extension MUST list the ASCONF, the ASCONF-ACK, and the AUTH chunks
+	// in its INIT and INIT-ACK parameters.
+	init.params = append(init.params, &paramSupportedExtensions{
+		ChunkTypes: []chunkType{ctReconfig, ctForwardTSN},
+	})
+}
+
+// The caller should hold the lock.
+func (a *Association) handleInit(p *packet, i *chunkInit) ([]*packet, error) {
+	state := a.getState()
+	a.log.Debugf("[%s] chunkInit received in state '%s'", a.name, getAssociationStateString(state))
+
+	// https://tools.ietf.org/html/rfc4960#section-5.2.1
+	// Upon receipt of an INIT in the COOKIE-WAIT state, an endpoint MUST
+	// respond with an INIT ACK using the same parameters it sent in its
+	// original INIT chunk (including its Initiate Tag, unchanged).  When
+	// responding, the endpoint MUST send the INIT ACK back to the same
+	// address that the original INIT (sent by this endpoint) was sent.
+
+	if state != closed && state != cookieWait && state != cookieEchoed {
+		// 5.2.2.  Unexpected INIT in States Other than CLOSED, COOKIE-ECHOED,
+		//        COOKIE-WAIT, and SHUTDOWN-ACK-SENT
+		return nil, fmt.Errorf("%w: %s", ErrHandleInitState, getAssociationStateString(state))
+	}
+
+	// NOTE: Setting these prior to a reception of a COOKIE ECHO chunk containing
+	// our cookie is not compliant with https://www.rfc-editor.org/rfc/rfc9260#section-5.1-2.2.3.
+	// It makes us more vulnerable to resource attacks, albeit minimally so.
+	//  https://www.rfc-editor.org/rfc/rfc9260#sec_handle_stream_parameters
+	a.myMaxNumInboundStreams = min16(i.numInboundStreams, a.myMaxNumInboundStreams)
+	a.myMaxNumOutboundStreams = min16(i.numOutboundStreams, a.myMaxNumOutboundStreams)
+	a.peerVerificationTag = i.initiateTag
+	a.sourcePort = p.destinationPort
+	a.destinationPort = p.sourcePort
+
+	// 13.2 This is the last TSN received in sequence.  This value
+	// is set initially by taking the peer's initial TSN,
+	// received in the INIT or INIT ACK chunk, and
+	// subtracting one from it.
+	a.payloadQueue.init(i.initialTSN - 1)
+
+	for _, param := range i.params {
+		switch v := param.(type) { // nolint:gocritic
+		case *paramSupportedExtensions:
+			for _, t := range v.ChunkTypes {
+				if t == ctForwardTSN {
+					a.log.Debugf("[%s] use ForwardTSN (on init)", a.name)
+					a.useForwardTSN = true
+				}
+			}
+		case *paramZeroChecksumAcceptable:
+			a.sendZeroChecksum = v.edmid == dtlsErrorDetectionMethod
+		}
+	}
+
+	if !a.useForwardTSN {
+		a.log.Warnf("[%s] not using ForwardTSN (on init)", a.name)
+	}
+
+	outbound := &packet{}
+	outbound.verificationTag = a.peerVerificationTag
+	outbound.sourcePort = a.sourcePort
+	outbound.destinationPort = a.destinationPort
+
+	initAck := &chunkInitAck{}
+	a.log.Debug("sending INIT ACK")
+
+	initAck.initialTSN = a.myNextTSN
+	initAck.numOutboundStreams = a.myMaxNumOutboundStreams
+	initAck.numInboundStreams = a.myMaxNumInboundStreams
+	initAck.initiateTag = a.myVerificationTag
+	initAck.advertisedReceiverWindowCredit = a.maxReceiveBufferSize
+
+	if a.myCookie == nil {
+		var err error
+		// NOTE: This generation process is not compliant with
+		// 5.1.3.  Generating State Cookie (https://www.rfc-editor.org/rfc/rfc4960#section-5.1.3)
+		if a.myCookie, err = newRandomStateCookie(); err != nil {
+			return nil, err
+		}
+	}
+
+	initAck.params = []param{a.myCookie}
+
+	if a.recvZeroChecksum {
+		initAck.params = append(initAck.params, &paramZeroChecksumAcceptable{edmid: dtlsErrorDetectionMethod})
+	}
+	a.log.Debugf("[%s] sendZeroChecksum=%t (on init)", a.name, a.sendZeroChecksum)
+
+	setSupportedExtensions(&initAck.chunkInitCommon)
+
+	outbound.chunks = []chunk{initAck}
+
+	return pack(outbound), nil
+}
+
+// The caller should hold the lock.
+func (a *Association) handleInitAck(p *packet, i *chunkInitAck) error {
+	state := a.getState()
+	a.log.Debugf("[%s] chunkInitAck received in state '%s'", a.name, getAssociationStateString(state))
+	if state != cookieWait {
+		// RFC 4960
+		// 5.2.3.  Unexpected INIT ACK
+		//   If an INIT ACK is received by an endpoint in any state other than the
+		//   COOKIE-WAIT state, the endpoint should discard the INIT ACK chunk.
+		//   An unexpected INIT ACK usually indicates the processing of an old or
+		//   duplicated INIT chunk.
+		return nil
+	}
+
+	a.myMaxNumInboundStreams = min16(i.numInboundStreams, a.myMaxNumInboundStreams)
+	a.myMaxNumOutboundStreams = min16(i.numOutboundStreams, a.myMaxNumOutboundStreams)
+	a.peerVerificationTag = i.initiateTag
+	a.payloadQueue.init(i.initialTSN - 1)
+	if a.sourcePort != p.destinationPort ||
+		a.destinationPort != p.sourcePort {
+		a.log.Warnf("[%s] handleInitAck: port mismatch", a.name)
+		return nil
+	}
+
+	a.setRWND(i.advertisedReceiverWindowCredit)
+	a.log.Debugf("[%s] initial rwnd=%d", a.name, a.RWND())
+
+	// RFC 4690 Sec 7.2.1
+	//  o  The initial value of ssthresh MAY be arbitrarily high (for
+	//     example, implementations MAY use the size of the receiver
+	//     advertised window).
+	a.ssthresh = a.RWND()
+	a.log.Tracef("[%s] updated cwnd=%d ssthresh=%d inflight=%d (INI)",
+		a.name, a.CWND(), a.ssthresh, a.inflightQueue.getNumBytes())
+
+	a.t1Init.stop()
+	a.storedInit = nil
+
+	var cookieParam *paramStateCookie
+	for _, param := range i.params {
+		switch v := param.(type) {
+		case *paramStateCookie:
+			cookieParam = v
+		case *paramSupportedExtensions:
+			for _, t := range v.ChunkTypes {
+				if t == ctForwardTSN {
+					a.log.Debugf("[%s] use ForwardTSN (on initAck)", a.name)
+					a.useForwardTSN = true
+				}
+			}
+		case *paramZeroChecksumAcceptable:
+			a.sendZeroChecksum = v.edmid == dtlsErrorDetectionMethod
+		}
+	}
+
+	a.log.Debugf("[%s] sendZeroChecksum=%t (on initAck)", a.name, a.sendZeroChecksum)
+
+	if !a.useForwardTSN {
+		a.log.Warnf("[%s] not using ForwardTSN (on initAck)", a.name)
+	}
+	if cookieParam == nil {
+		return ErrInitAckNoCookie
+	}
+
+	a.storedCookieEcho = &chunkCookieEcho{}
+	a.storedCookieEcho.cookie = cookieParam.cookie
+
+	err := a.sendCookieEcho()
+	if err != nil {
+		a.log.Errorf("[%s] failed to send init: %s", a.name, err.Error())
+	}
+
+	a.t1Cookie.start(a.rtoMgr.getRTO())
+	a.setState(cookieEchoed)
+	return nil
+}
+
+// The caller should hold the lock.
+func (a *Association) handleHeartbeat(c *chunkHeartbeat) []*packet {
+	a.log.Tracef("[%s] chunkHeartbeat", a.name)
+	hbi, ok := c.params[0].(*paramHeartbeatInfo)
+	if !ok {
+		a.log.Warnf("[%s] failed to handle Heartbeat, no ParamHeartbeatInfo", a.name)
+	}
+
+	return pack(&packet{
+		verificationTag: a.peerVerificationTag,
+		sourcePort:      a.sourcePort,
+		destinationPort: a.destinationPort,
+		chunks: []chunk{&chunkHeartbeatAck{
+			params: []param{
+				&paramHeartbeatInfo{
+					heartbeatInformation: hbi.heartbeatInformation,
+				},
+			},
+		}},
+	})
+}
+
+// The caller should hold the lock.
+func (a *Association) handleCookieEcho(c *chunkCookieEcho) []*packet {
+	state := a.getState()
+	a.log.Debugf("[%s] COOKIE-ECHO received in state '%s'", a.name, getAssociationStateString(state))
+
+	if a.myCookie == nil {
+		a.log.Debugf("[%s] COOKIE-ECHO received before initialization", a.name)
+		return nil
+	}
+	switch state {
+	default:
+		return nil
+	case established:
+		if !bytes.Equal(a.myCookie.cookie, c.cookie) {
+			return nil
+		}
+	case closed, cookieWait, cookieEchoed:
+		if !bytes.Equal(a.myCookie.cookie, c.cookie) {
+			return nil
+		}
+
+		// RFC wise, these do not seem to belong here, but removing them
+		// causes TestCookieEchoRetransmission to break
+		a.t1Init.stop()
+		a.storedInit = nil
+
+		a.t1Cookie.stop()
+		a.storedCookieEcho = nil
+
+		a.setState(established)
+		// Note: This is a future place where the user could be notified (COMMUNICATION UP)
+		a.handshakeCompletedCh <- nil
+	}
+
+	p := &packet{
+		verificationTag: a.peerVerificationTag,
+		sourcePort:      a.sourcePort,
+		destinationPort: a.destinationPort,
+		chunks:          []chunk{&chunkCookieAck{}},
+	}
+	return pack(p)
+}
+
+// The caller should hold the lock.
+func (a *Association) handleCookieAck() {
+	state := a.getState()
+	a.log.Debugf("[%s] COOKIE-ACK received in state '%s'", a.name, getAssociationStateString(state))
+	if state != cookieEchoed {
+		// RFC 4960
+		// 5.2.5.  Handle Duplicate COOKIE-ACK.
+		//   At any state other than COOKIE-ECHOED, an endpoint should silently
+		//   discard a received COOKIE ACK chunk.
+		return
+	}
+
+	a.t1Cookie.stop()
+	a.storedCookieEcho = nil
+
+	a.setState(established)
+	// Note: This is a future place where the user could be notified (COMMUNICATION UP)
+	a.handshakeCompletedCh <- nil
+}
+
+// The caller should hold the lock.
+func (a *Association) handleData(d *chunkPayloadData) []*packet {
+	a.log.Tracef("[%s] DATA: tsn=%d immediateSack=%v len=%d",
+		a.name, d.tsn, d.immediateSack, len(d.userData))
+	a.stats.incDATAs()
+
+	canPush := a.payloadQueue.canPush(d.tsn)
+	if canPush {
+		s := a.getOrCreateStream(d.streamIdentifier, true, PayloadTypeUnknown)
+		if s == nil {
+			// silently discard the data. (sender will retry on T3-rtx timeout)
+			// see pion/sctp#30
+			a.log.Debugf("[%s] discard %d", a.name, d.streamSequenceNumber)
+			return nil
+		}
+
+		if a.getMyReceiverWindowCredit() > 0 {
+			// Pass the new chunk to stream level as soon as it arrives
+			a.payloadQueue.push(d.tsn)
+			s.handleData(d)
+		} else {
+			// Receive buffer is full
+			lastTSN, ok := a.payloadQueue.getLastTSNReceived()
+			if ok && sna32LT(d.tsn, lastTSN) {
+				a.log.Debugf("[%s] receive buffer full, but accepted as this is a missing chunk with tsn=%d ssn=%d", a.name, d.tsn, d.streamSequenceNumber)
+				a.payloadQueue.push(d.tsn)
+				s.handleData(d)
+			} else {
+				a.log.Debugf("[%s] receive buffer full. dropping DATA with tsn=%d ssn=%d", a.name, d.tsn, d.streamSequenceNumber)
+			}
+		}
+	}
+
+	return a.handlePeerLastTSNAndAcknowledgement(d.immediateSack)
+}
+
+// A common routine for handleData and handleForwardTSN routines
+// The caller should hold the lock.
+func (a *Association) handlePeerLastTSNAndAcknowledgement(sackImmediately bool) []*packet {
+	var reply []*packet
+
+	// Try to advance peerLastTSN
+
+	// From RFC 3758 Sec 3.6:
+	//   .. and then MUST further advance its cumulative TSN point locally
+	//   if possible
+	// Meaning, if peerLastTSN+1 points to a chunk that is received,
+	// advance peerLastTSN until peerLastTSN+1 points to unreceived chunk.
+	for {
+		if popOk := a.payloadQueue.pop(false); !popOk {
+			break
+		}
+
+		for _, rstReq := range a.reconfigRequests {
+			resp := a.resetStreamsIfAny(rstReq)
+			if resp != nil {
+				a.log.Debugf("[%s] RESET RESPONSE: %+v", a.name, resp)
+				reply = append(reply, resp)
+			}
+		}
+	}
+
+	hasPacketLoss := (a.payloadQueue.size() > 0)
+	if hasPacketLoss {
+		a.log.Tracef("[%s] packetloss: %s", a.name, a.payloadQueue.getGapAckBlocksString())
+	}
+
+	if (a.ackState != ackStateImmediate && !sackImmediately && !hasPacketLoss && a.ackMode == ackModeNormal) || a.ackMode == ackModeAlwaysDelay {
+		if a.ackState == ackStateIdle {
+			a.delayedAckTriggered = true
+		} else {
+			a.immediateAckTriggered = true
+		}
+	} else {
+		a.immediateAckTriggered = true
+	}
+
+	return reply
+}
+
+// The caller should hold the lock.
+func (a *Association) getMyReceiverWindowCredit() uint32 {
+	var bytesQueued uint32
+	for _, s := range a.streams {
+		bytesQueued += uint32(s.getNumBytesInReassemblyQueue())
+	}
+
+	if bytesQueued >= a.maxReceiveBufferSize {
+		return 0
+	}
+	return a.maxReceiveBufferSize - bytesQueued
+}
+
+// OpenStream opens a stream
+func (a *Association) OpenStream(streamIdentifier uint16, defaultPayloadType PayloadProtocolIdentifier) (*Stream, error) {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	return a.getOrCreateStream(streamIdentifier, false, defaultPayloadType), nil
+}
+
+// AcceptStream accepts a stream
+func (a *Association) AcceptStream() (*Stream, error) {
+	s, ok := <-a.acceptCh
+	if !ok {
+		return nil, io.EOF // no more incoming streams
+	}
+	return s, nil
+}
+
+// createStream creates a stream. The caller should hold the lock and check no stream exists for this id.
+func (a *Association) createStream(streamIdentifier uint16, accept bool) *Stream {
+	s := &Stream{
+		association:      a,
+		streamIdentifier: streamIdentifier,
+		reassemblyQueue:  newReassemblyQueue(streamIdentifier),
+		log:              a.log,
+		name:             fmt.Sprintf("%d:%s", streamIdentifier, a.name),
+	}
+
+	s.readNotifier = sync.NewCond(&s.lock)
+
+	if accept {
+		select {
+		case a.acceptCh <- s:
+			a.streams[streamIdentifier] = s
+			a.log.Debugf("[%s] accepted a new stream (streamIdentifier: %d)",
+				a.name, streamIdentifier)
+		default:
+			a.log.Debugf("[%s] dropped a new stream (acceptCh size: %d)",
+				a.name, len(a.acceptCh))
+			return nil
+		}
+	} else {
+		a.streams[streamIdentifier] = s
+	}
+
+	return s
+}
+
+// getOrCreateStream gets or creates a stream. The caller should hold the lock.
+func (a *Association) getOrCreateStream(streamIdentifier uint16, accept bool, defaultPayloadType PayloadProtocolIdentifier) *Stream {
+	if s, ok := a.streams[streamIdentifier]; ok {
+		s.SetDefaultPayloadType(defaultPayloadType)
+		return s
+	}
+
+	s := a.createStream(streamIdentifier, accept)
+	if s != nil {
+		s.SetDefaultPayloadType(defaultPayloadType)
+	}
+	return s
+}
+
+// The caller should hold the lock.
+func (a *Association) processSelectiveAck(d *chunkSelectiveAck) (map[uint16]int, uint32, error) { // nolint:gocognit
+	bytesAckedPerStream := map[uint16]int{}
+
+	// New ack point, so pop all ACKed packets from inflightQueue
+	// We add 1 because the "currentAckPoint" has already been popped from the inflight queue
+	// For the first SACK we take care of this by setting the ackpoint to cumAck - 1
+	for i := a.cumulativeTSNAckPoint + 1; sna32LTE(i, d.cumulativeTSNAck); i++ {
+		c, ok := a.inflightQueue.pop(i)
+		if !ok {
+			return nil, 0, fmt.Errorf("%w: %v", ErrInflightQueueTSNPop, i)
+		}
+
+		if !c.acked {
+			// RFC 4096 sec 6.3.2.  Retransmission Timer Rules
+			//   R3)  Whenever a SACK is received that acknowledges the DATA chunk
+			//        with the earliest outstanding TSN for that address, restart the
+			//        T3-rtx timer for that address with its current RTO (if there is
+			//        still outstanding data on that address).
+			if i == a.cumulativeTSNAckPoint+1 {
+				// T3 timer needs to be reset. Stop it for now.
+				a.t3RTX.stop()
+			}
+
+			nBytesAcked := len(c.userData)
+
+			// Sum the number of bytes acknowledged per stream
+			if amount, ok := bytesAckedPerStream[c.streamIdentifier]; ok {
+				bytesAckedPerStream[c.streamIdentifier] = amount + nBytesAcked
+			} else {
+				bytesAckedPerStream[c.streamIdentifier] = nBytesAcked
+			}
+
+			// RFC 4960 sec 6.3.1.  RTO Calculation
+			//   C4)  When data is in flight and when allowed by rule C5 below, a new
+			//        RTT measurement MUST be made each round trip.  Furthermore, new
+			//        RTT measurements SHOULD be made no more than once per round trip
+			//        for a given destination transport address.
+			//   C5)  Karn's algorithm: RTT measurements MUST NOT be made using
+			//        packets that were retransmitted (and thus for which it is
+			//        ambiguous whether the reply was for the first instance of the
+			//        chunk or for a later instance)
+			if c.nSent == 1 && sna32GTE(c.tsn, a.minTSN2MeasureRTT) {
+				a.minTSN2MeasureRTT = a.myNextTSN
+				rtt := time.Since(c.since).Seconds() * 1000.0
+				srtt := a.rtoMgr.setNewRTT(rtt)
+				a.srtt.Store(srtt)
+				a.log.Tracef("[%s] SACK: measured-rtt=%f srtt=%f new-rto=%f",
+					a.name, rtt, srtt, a.rtoMgr.getRTO())
+			}
+		}
+
+		if a.inFastRecovery && c.tsn == a.fastRecoverExitPoint {
+			a.log.Debugf("[%s] exit fast-recovery", a.name)
+			a.inFastRecovery = false
+		}
+	}
+
+	htna := d.cumulativeTSNAck
+
+	// Mark selectively acknowledged chunks as "acked"
+	for _, g := range d.gapAckBlocks {
+		for i := g.start; i <= g.end; i++ {
+			tsn := d.cumulativeTSNAck + uint32(i)
+			c, ok := a.inflightQueue.get(tsn)
+			if !ok {
+				return nil, 0, fmt.Errorf("%w: %v", ErrTSNRequestNotExist, tsn)
+			}
+
+			if !c.acked {
+				nBytesAcked := a.inflightQueue.markAsAcked(tsn)
+
+				// Sum the number of bytes acknowledged per stream
+				if amount, ok := bytesAckedPerStream[c.streamIdentifier]; ok {
+					bytesAckedPerStream[c.streamIdentifier] = amount + nBytesAcked
+				} else {
+					bytesAckedPerStream[c.streamIdentifier] = nBytesAcked
+				}
+
+				a.log.Tracef("[%s] tsn=%d has been sacked", a.name, c.tsn)
+
+				if c.nSent == 1 {
+					a.minTSN2MeasureRTT = a.myNextTSN
+					rtt := time.Since(c.since).Seconds() * 1000.0
+					srtt := a.rtoMgr.setNewRTT(rtt)
+					a.srtt.Store(srtt)
+					a.log.Tracef("[%s] SACK: measured-rtt=%f srtt=%f new-rto=%f",
+						a.name, rtt, srtt, a.rtoMgr.getRTO())
+				}
+
+				if sna32LT(htna, tsn) {
+					htna = tsn
+				}
+			}
+		}
+	}
+
+	return bytesAckedPerStream, htna, nil
+}
+
+// The caller should hold the lock.
+func (a *Association) onCumulativeTSNAckPointAdvanced(totalBytesAcked int) {
+	// RFC 4096, sec 6.3.2.  Retransmission Timer Rules
+	//   R2)  Whenever all outstanding data sent to an address have been
+	//        acknowledged, turn off the T3-rtx timer of that address.
+	if a.inflightQueue.size() == 0 {
+		a.log.Tracef("[%s] SACK: no more packet in-flight (pending=%d)", a.name, a.pendingQueue.size())
+		a.t3RTX.stop()
+	} else {
+		a.log.Tracef("[%s] T3-rtx timer start (pt2)", a.name)
+		a.t3RTX.start(a.rtoMgr.getRTO())
+	}
+
+	// Update congestion control parameters
+	if a.CWND() <= a.ssthresh {
+		// RFC 4096, sec 7.2.1.  Slow-Start
+		//   o  When cwnd is less than or equal to ssthresh, an SCTP endpoint MUST
+		//		use the slow-start algorithm to increase cwnd only if the current
+		//      congestion window is being fully utilized, an incoming SACK
+		//      advances the Cumulative TSN Ack Point, and the data sender is not
+		//      in Fast Recovery.  Only when these three conditions are met can
+		//      the cwnd be increased; otherwise, the cwnd MUST not be increased.
+		//		If these conditions are met, then cwnd MUST be increased by, at
+		//      most, the lesser of 1) the total size of the previously
+		//      outstanding DATA chunk(s) acknowledged, and 2) the destination's
+		//      path MTU.
+		if !a.inFastRecovery &&
+			a.pendingQueue.size() > 0 {
+			a.setCWND(a.CWND() + min32(uint32(totalBytesAcked), a.CWND()))
+			// a.cwnd += min32(uint32(totalBytesAcked), a.MTU()) // SCTP way (slow)
+			a.log.Tracef("[%s] updated cwnd=%d ssthresh=%d acked=%d (SS)",
+				a.name, a.CWND(), a.ssthresh, totalBytesAcked)
+		} else {
+			a.log.Tracef("[%s] cwnd did not grow: cwnd=%d ssthresh=%d acked=%d FR=%v pending=%d",
+				a.name, a.CWND(), a.ssthresh, totalBytesAcked, a.inFastRecovery, a.pendingQueue.size())
+		}
+	} else {
+		// RFC 4096, sec 7.2.2.  Congestion Avoidance
+		//   o  Whenever cwnd is greater than ssthresh, upon each SACK arrival
+		//      that advances the Cumulative TSN Ack Point, increase
+		//      partial_bytes_acked by the total number of bytes of all new chunks
+		//      acknowledged in that SACK including chunks acknowledged by the new
+		//      Cumulative TSN Ack and by Gap Ack Blocks.
+		a.partialBytesAcked += uint32(totalBytesAcked)
+
+		//   o  When partial_bytes_acked is equal to or greater than cwnd and
+		//      before the arrival of the SACK the sender had cwnd or more bytes
+		//      of data outstanding (i.e., before arrival of the SACK, flight size
+		//      was greater than or equal to cwnd), increase cwnd by MTU, and
+		//      reset partial_bytes_acked to (partial_bytes_acked - cwnd).
+		if a.partialBytesAcked >= a.CWND() && a.pendingQueue.size() > 0 {
+			a.partialBytesAcked -= a.CWND()
+			a.setCWND(a.CWND() + a.MTU())
+			a.log.Tracef("[%s] updated cwnd=%d ssthresh=%d acked=%d (CA)",
+				a.name, a.CWND(), a.ssthresh, totalBytesAcked)
+		}
+	}
+}
+
+// The caller should hold the lock.
+func (a *Association) processFastRetransmission(cumTSNAckPoint, htna uint32, cumTSNAckPointAdvanced bool) error {
+	// HTNA algorithm - RFC 4960 Sec 7.2.4
+	// Increment missIndicator of each chunks that the SACK reported missing
+	// when either of the following is met:
+	// a)  Not in fast-recovery
+	//     miss indications are incremented only for missing TSNs prior to the
+	//     highest TSN newly acknowledged in the SACK.
+	// b)  In fast-recovery AND the Cumulative TSN Ack Point advanced
+	//     the miss indications are incremented for all TSNs reported missing
+	//     in the SACK.
+	if !a.inFastRecovery || (a.inFastRecovery && cumTSNAckPointAdvanced) {
+		var maxTSN uint32
+		if !a.inFastRecovery {
+			// a) increment only for missing TSNs prior to the HTNA
+			maxTSN = htna
+		} else {
+			// b) increment for all TSNs reported missing
+			maxTSN = cumTSNAckPoint + uint32(a.inflightQueue.size()) + 1
+		}
+
+		for tsn := cumTSNAckPoint + 1; sna32LT(tsn, maxTSN); tsn++ {
+			c, ok := a.inflightQueue.get(tsn)
+			if !ok {
+				return fmt.Errorf("%w: %v", ErrTSNRequestNotExist, tsn)
+			}
+			if !c.acked && !c.abandoned() && c.missIndicator < 3 {
+				c.missIndicator++
+				if c.missIndicator == 3 {
+					if !a.inFastRecovery {
+						// 2)  If not in Fast Recovery, adjust the ssthresh and cwnd of the
+						//     destination address(es) to which the missing DATA chunks were
+						//     last sent, according to the formula described in Section 7.2.3.
+						a.inFastRecovery = true
+						a.fastRecoverExitPoint = htna
+						a.ssthresh = max32(a.CWND()/2, 4*a.MTU())
+						a.setCWND(a.ssthresh)
+						a.partialBytesAcked = 0
+						a.willRetransmitFast = true
+
+						a.log.Tracef("[%s] updated cwnd=%d ssthresh=%d inflight=%d (FR)",
+							a.name, a.CWND(), a.ssthresh, a.inflightQueue.getNumBytes())
+					}
+				}
+			}
+		}
+	}
+
+	if a.inFastRecovery && cumTSNAckPointAdvanced {
+		a.willRetransmitFast = true
+	}
+
+	return nil
+}
+
+// The caller should hold the lock.
+func (a *Association) handleSack(d *chunkSelectiveAck) error {
+	a.log.Tracef("[%s] SACK: cumTSN=%d a_rwnd=%d", a.name, d.cumulativeTSNAck, d.advertisedReceiverWindowCredit)
+	state := a.getState()
+	if state != established && state != shutdownPending && state != shutdownReceived {
+		return nil
+	}
+
+	a.stats.incSACKsReceived()
+
+	if sna32GT(a.cumulativeTSNAckPoint, d.cumulativeTSNAck) {
+		// RFC 4960 sec 6.2.1.  Processing a Received SACK
+		// D)
+		//   i) If Cumulative TSN Ack is less than the Cumulative TSN Ack
+		//      Point, then drop the SACK.  Since Cumulative TSN Ack is
+		//      monotonically increasing, a SACK whose Cumulative TSN Ack is
+		//      less than the Cumulative TSN Ack Point indicates an out-of-
+		//      order SACK.
+
+		a.log.Debugf("[%s] SACK Cumulative ACK %v is older than ACK point %v",
+			a.name,
+			d.cumulativeTSNAck,
+			a.cumulativeTSNAckPoint)
+
+		return nil
+	}
+
+	// Process selective ack
+	bytesAckedPerStream, htna, err := a.processSelectiveAck(d)
+	if err != nil {
+		return err
+	}
+
+	var totalBytesAcked int
+	for _, nBytesAcked := range bytesAckedPerStream {
+		totalBytesAcked += nBytesAcked
+	}
+
+	cumTSNAckPointAdvanced := false
+	if sna32LT(a.cumulativeTSNAckPoint, d.cumulativeTSNAck) {
+		a.log.Tracef("[%s] SACK: cumTSN advanced: %d -> %d",
+			a.name,
+			a.cumulativeTSNAckPoint,
+			d.cumulativeTSNAck)
+
+		a.cumulativeTSNAckPoint = d.cumulativeTSNAck
+		cumTSNAckPointAdvanced = true
+		a.onCumulativeTSNAckPointAdvanced(totalBytesAcked)
+	}
+
+	for si, nBytesAcked := range bytesAckedPerStream {
+		if s, ok := a.streams[si]; ok {
+			a.lock.Unlock()
+			s.onBufferReleased(nBytesAcked)
+			a.lock.Lock()
+		}
+	}
+
+	// New rwnd value
+	// RFC 4960 sec 6.2.1.  Processing a Received SACK
+	// D)
+	//   ii) Set rwnd equal to the newly received a_rwnd minus the number
+	//       of bytes still outstanding after processing the Cumulative
+	//       TSN Ack and the Gap Ack Blocks.
+
+	// bytes acked were already subtracted by markAsAcked() method
+	bytesOutstanding := uint32(a.inflightQueue.getNumBytes())
+	if bytesOutstanding >= d.advertisedReceiverWindowCredit {
+		a.setRWND(0)
+	} else {
+		a.setRWND(d.advertisedReceiverWindowCredit - bytesOutstanding)
+	}
+
+	err = a.processFastRetransmission(d.cumulativeTSNAck, htna, cumTSNAckPointAdvanced)
+	if err != nil {
+		return err
+	}
+
+	if a.useForwardTSN {
+		// RFC 3758 Sec 3.5 C1
+		if sna32LT(a.advancedPeerTSNAckPoint, a.cumulativeTSNAckPoint) {
+			a.advancedPeerTSNAckPoint = a.cumulativeTSNAckPoint
+		}
+
+		// RFC 3758 Sec 3.5 C2
+		for i := a.advancedPeerTSNAckPoint + 1; ; i++ {
+			c, ok := a.inflightQueue.get(i)
+			if !ok {
+				break
+			}
+			if !c.abandoned() {
+				break
+			}
+			a.advancedPeerTSNAckPoint = i
+		}
+
+		// RFC 3758 Sec 3.5 C3
+		if sna32GT(a.advancedPeerTSNAckPoint, a.cumulativeTSNAckPoint) {
+			a.willSendForwardTSN = true
+		}
+		a.awakeWriteLoop()
+	}
+
+	a.postprocessSack(state, cumTSNAckPointAdvanced)
+
+	return nil
+}
+
+// The caller must hold the lock. This method was only added because the
+// linter was complaining about the "cognitive complexity" of handleSack.
+func (a *Association) postprocessSack(state uint32, shouldAwakeWriteLoop bool) {
+	switch {
+	case a.inflightQueue.size() > 0:
+		// Start timer. (noop if already started)
+		a.log.Tracef("[%s] T3-rtx timer start (pt3)", a.name)
+		a.t3RTX.start(a.rtoMgr.getRTO())
+	case state == shutdownPending:
+		// No more outstanding, send shutdown.
+		shouldAwakeWriteLoop = true
+		a.willSendShutdown = true
+		a.setState(shutdownSent)
+	case state == shutdownReceived:
+		// No more outstanding, send shutdown ack.
+		shouldAwakeWriteLoop = true
+		a.willSendShutdownAck = true
+		a.setState(shutdownAckSent)
+	}
+
+	if shouldAwakeWriteLoop {
+		a.awakeWriteLoop()
+	}
+}
+
+// The caller should hold the lock.
+func (a *Association) handleShutdown(_ *chunkShutdown) {
+	state := a.getState()
+
+	switch state {
+	case established:
+		if a.inflightQueue.size() > 0 {
+			a.setState(shutdownReceived)
+		} else {
+			// No more outstanding, send shutdown ack.
+			a.willSendShutdownAck = true
+			a.setState(shutdownAckSent)
+
+			a.awakeWriteLoop()
+		}
+
+		// a.cumulativeTSNAckPoint = c.cumulativeTSNAck
+	case shutdownSent:
+		a.willSendShutdownAck = true
+		a.setState(shutdownAckSent)
+
+		a.awakeWriteLoop()
+	}
+}
+
+// The caller should hold the lock.
+func (a *Association) handleShutdownAck(_ *chunkShutdownAck) {
+	state := a.getState()
+	if state == shutdownSent || state == shutdownAckSent {
+		a.t2Shutdown.stop()
+		a.willSendShutdownComplete = true
+
+		a.awakeWriteLoop()
+	}
+}
+
+func (a *Association) handleShutdownComplete(_ *chunkShutdownComplete) error {
+	state := a.getState()
+	if state == shutdownAckSent {
+		a.t2Shutdown.stop()
+
+		return a.close()
+	}
+
+	return nil
+}
+
+func (a *Association) handleAbort(c *chunkAbort) error {
+	var errStr string
+	for _, e := range c.errorCauses {
+		errStr += fmt.Sprintf("(%s)", e)
+	}
+
+	_ = a.close()
+
+	return fmt.Errorf("[%s] %w: %s", a.name, ErrChunk, errStr)
+}
+
+// createForwardTSN generates ForwardTSN chunk.
+// This method will be be called if useForwardTSN is set to false.
+// The caller should hold the lock.
+func (a *Association) createForwardTSN() *chunkForwardTSN {
+	// RFC 3758 Sec 3.5 C4
+	streamMap := map[uint16]uint16{} // to report only once per SI
+	for i := a.cumulativeTSNAckPoint + 1; sna32LTE(i, a.advancedPeerTSNAckPoint); i++ {
+		c, ok := a.inflightQueue.get(i)
+		if !ok {
+			break
+		}
+
+		ssn, ok := streamMap[c.streamIdentifier]
+		if !ok {
+			streamMap[c.streamIdentifier] = c.streamSequenceNumber
+		} else if sna16LT(ssn, c.streamSequenceNumber) {
+			// to report only once with greatest SSN
+			streamMap[c.streamIdentifier] = c.streamSequenceNumber
+		}
+	}
+
+	fwdtsn := &chunkForwardTSN{
+		newCumulativeTSN: a.advancedPeerTSNAckPoint,
+		streams:          []chunkForwardTSNStream{},
+	}
+
+	var streamStr string
+	for si, ssn := range streamMap {
+		streamStr += fmt.Sprintf("(si=%d ssn=%d)", si, ssn)
+		fwdtsn.streams = append(fwdtsn.streams, chunkForwardTSNStream{
+			identifier: si,
+			sequence:   ssn,
+		})
+	}
+	a.log.Tracef("[%s] building fwdtsn: newCumulativeTSN=%d cumTSN=%d - %s", a.name, fwdtsn.newCumulativeTSN, a.cumulativeTSNAckPoint, streamStr)
+
+	return fwdtsn
+}
+
+// createPacket wraps chunks in a packet.
+// The caller should hold the read lock.
+func (a *Association) createPacket(cs []chunk) *packet {
+	return &packet{
+		verificationTag: a.peerVerificationTag,
+		sourcePort:      a.sourcePort,
+		destinationPort: a.destinationPort,
+		chunks:          cs,
+	}
+}
+
+// The caller should hold the lock.
+func (a *Association) handleReconfig(c *chunkReconfig) ([]*packet, error) {
+	a.log.Tracef("[%s] handleReconfig", a.name)
+
+	pp := make([]*packet, 0)
+
+	p, err := a.handleReconfigParam(c.paramA)
+	if err != nil {
+		return nil, err
+	}
+	if p != nil {
+		pp = append(pp, p)
+	}
+
+	if c.paramB != nil {
+		p, err = a.handleReconfigParam(c.paramB)
+		if err != nil {
+			return nil, err
+		}
+		if p != nil {
+			pp = append(pp, p)
+		}
+	}
+	return pp, nil
+}
+
+// The caller should hold the lock.
+func (a *Association) handleForwardTSN(c *chunkForwardTSN) []*packet {
+	a.log.Tracef("[%s] FwdTSN: %s", a.name, c.String())
+
+	if !a.useForwardTSN {
+		a.log.Warn("[%s] received FwdTSN but not enabled")
+		// Return an error chunk
+		cerr := &chunkError{
+			errorCauses: []errorCause{&errorCauseUnrecognizedChunkType{}},
+		}
+		outbound := &packet{}
+		outbound.verificationTag = a.peerVerificationTag
+		outbound.sourcePort = a.sourcePort
+		outbound.destinationPort = a.destinationPort
+		outbound.chunks = []chunk{cerr}
+		return []*packet{outbound}
+	}
+
+	// From RFC 3758 Sec 3.6:
+	//   Note, if the "New Cumulative TSN" value carried in the arrived
+	//   FORWARD TSN chunk is found to be behind or at the current cumulative
+	//   TSN point, the data receiver MUST treat this FORWARD TSN as out-of-
+	//   date and MUST NOT update its Cumulative TSN.  The receiver SHOULD
+	//   send a SACK to its peer (the sender of the FORWARD TSN) since such a
+	//   duplicate may indicate the previous SACK was lost in the network.
+
+	a.log.Tracef("[%s] should send ack? newCumTSN=%d peerLastTSN=%d",
+		a.name, c.newCumulativeTSN, a.peerLastTSN())
+	if sna32LTE(c.newCumulativeTSN, a.peerLastTSN()) {
+		a.log.Tracef("[%s] sending ack on Forward TSN", a.name)
+		a.ackState = ackStateImmediate
+		a.ackTimer.stop()
+		a.awakeWriteLoop()
+		return nil
+	}
+
+	// From RFC 3758 Sec 3.6:
+	//   the receiver MUST perform the same TSN handling, including duplicate
+	//   detection, gap detection, SACK generation, cumulative TSN
+	//   advancement, etc. as defined in RFC 2960 [2]---with the following
+	//   exceptions and additions.
+
+	//   When a FORWARD TSN chunk arrives, the data receiver MUST first update
+	//   its cumulative TSN point to the value carried in the FORWARD TSN
+	//   chunk,
+
+	// Advance peerLastTSN
+	for sna32LT(a.peerLastTSN(), c.newCumulativeTSN) {
+		a.payloadQueue.pop(true) // may not exist
+	}
+
+	// Report new peerLastTSN value and abandoned largest SSN value to
+	// corresponding streams so that the abandoned chunks can be removed
+	// from the reassemblyQueue.
+	for _, forwarded := range c.streams {
+		if s, ok := a.streams[forwarded.identifier]; ok {
+			s.handleForwardTSNForOrdered(forwarded.sequence)
+		}
+	}
+
+	// TSN may be forewared for unordered chunks. ForwardTSN chunk does not
+	// report which stream identifier it skipped for unordered chunks.
+	// Therefore, we need to broadcast this event to all existing streams for
+	// unordered chunks.
+	// See https://github.com/pion/sctp/issues/106
+	for _, s := range a.streams {
+		s.handleForwardTSNForUnordered(c.newCumulativeTSN)
+	}
+
+	return a.handlePeerLastTSNAndAcknowledgement(false)
+}
+
+func (a *Association) sendResetRequest(streamIdentifier uint16) error {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	state := a.getState()
+	if state != established {
+		return fmt.Errorf("%w: state=%s", ErrResetPacketInStateNotExist,
+			getAssociationStateString(state))
+	}
+
+	// Create DATA chunk which only contains valid stream identifier with
+	// nil userData and use it as a EOS from the stream.
+	c := &chunkPayloadData{
+		streamIdentifier:  streamIdentifier,
+		beginningFragment: true,
+		endingFragment:    true,
+		userData:          nil,
+	}
+
+	a.pendingQueue.push(c)
+	a.awakeWriteLoop()
+	return nil
+}
+
+// The caller should hold the lock.
+func (a *Association) handleReconfigParam(raw param) (*packet, error) {
+	switch p := raw.(type) {
+	case *paramOutgoingResetRequest:
+		a.log.Tracef("[%s] handleReconfigParam (OutgoingResetRequest)", a.name)
+		if a.peerLastTSN() < p.senderLastTSN && len(a.reconfigRequests) >= maxReconfigRequests {
+			// We have too many reconfig requests outstanding. Drop the request and let
+			// the peer retransmit. A well behaved peer should only have 1 outstanding
+			// reconfig request.
+			//
+			// RFC 6525: https://www.rfc-editor.org/rfc/rfc6525.html#section-5.1.1
+			//    At any given time, there MUST NOT be more than one request in flight.
+			//    So, if the Re-configuration Timer is running and the RE-CONFIG chunk
+			//    contains at least one request parameter, the chunk MUST be buffered.
+			// chrome: https://chromium.googlesource.com/external/webrtc/+/refs/heads/main/net/dcsctp/socket/stream_reset_handler.cc#271
+			return nil, fmt.Errorf("%w: %d", ErrTooManyReconfigRequests, len(a.reconfigRequests))
+		}
+		a.reconfigRequests[p.reconfigRequestSequenceNumber] = p
+		resp := a.resetStreamsIfAny(p)
+		if resp != nil {
+			return resp, nil
+		}
+		return nil, nil //nolint:nilnil
+	case *paramReconfigResponse:
+		a.log.Tracef("[%s] handleReconfigParam (ReconfigResponse)", a.name)
+		if p.result == reconfigResultInProgress {
+			// RFC 6525: https://www.rfc-editor.org/rfc/rfc6525.html#section-5.2.7
+			//
+			//   If the Result field indicates "In progress", the timer for the
+			//   Re-configuration Request Sequence Number is started again.  If
+			//   the timer runs out, the RE-CONFIG chunk MUST be retransmitted
+			//   but the corresponding error counters MUST NOT be incremented.
+			if _, ok := a.reconfigs[p.reconfigResponseSequenceNumber]; ok {
+				a.tReconfig.stop()
+				a.tReconfig.start(a.rtoMgr.getRTO())
+			}
+			return nil, nil //nolint:nilnil
+		}
+		delete(a.reconfigs, p.reconfigResponseSequenceNumber)
+		if len(a.reconfigs) == 0 {
+			a.tReconfig.stop()
+		}
+		return nil, nil //nolint:nilnil
+	default:
+		return nil, fmt.Errorf("%w: %t", ErrParamterType, p)
+	}
+}
+
+// The caller should hold the lock.
+func (a *Association) resetStreamsIfAny(p *paramOutgoingResetRequest) *packet {
+	result := reconfigResultSuccessPerformed
+	if sna32LTE(p.senderLastTSN, a.peerLastTSN()) {
+		a.log.Debugf("[%s] resetStream(): senderLastTSN=%d <= peerLastTSN=%d",
+			a.name, p.senderLastTSN, a.peerLastTSN())
+		for _, id := range p.streamIdentifiers {
+			s, ok := a.streams[id]
+			if !ok {
+				continue
+			}
+			a.lock.Unlock()
+			s.onInboundStreamReset()
+			a.lock.Lock()
+			a.log.Debugf("[%s] deleting stream %d", a.name, id)
+			delete(a.streams, s.streamIdentifier)
+		}
+		delete(a.reconfigRequests, p.reconfigRequestSequenceNumber)
+	} else {
+		a.log.Debugf("[%s] resetStream(): senderLastTSN=%d > peerLastTSN=%d",
+			a.name, p.senderLastTSN, a.peerLastTSN())
+		result = reconfigResultInProgress
+	}
+
+	return a.createPacket([]chunk{&chunkReconfig{
+		paramA: &paramReconfigResponse{
+			reconfigResponseSequenceNumber: p.reconfigRequestSequenceNumber,
+			result:                         result,
+		},
+	}})
+}
+
+// Move the chunk peeked with a.pendingQueue.peek() to the inflightQueue.
+// The caller should hold the lock.
+func (a *Association) movePendingDataChunkToInflightQueue(c *chunkPayloadData) {
+	if err := a.pendingQueue.pop(c); err != nil {
+		a.log.Errorf("[%s] failed to pop from pending queue: %s", a.name, err.Error())
+	}
+
+	// Mark all fragements are in-flight now
+	if c.endingFragment {
+		c.setAllInflight()
+	}
+
+	// Assign TSN
+	c.tsn = a.generateNextTSN()
+
+	c.since = time.Now() // use to calculate RTT and also for maxPacketLifeTime
+	c.nSent = 1          // being sent for the first time
+
+	a.checkPartialReliabilityStatus(c)
+
+	a.log.Tracef("[%s] sending ppi=%d tsn=%d ssn=%d sent=%d len=%d (%v,%v)",
+		a.name, c.payloadType, c.tsn, c.streamSequenceNumber, c.nSent, len(c.userData), c.beginningFragment, c.endingFragment)
+
+	a.inflightQueue.pushNoCheck(c)
+}
+
+// popPendingDataChunksToSend pops chunks from the pending queues as many as
+// the cwnd and rwnd allows to send.
+// The caller should hold the lock.
+func (a *Association) popPendingDataChunksToSend() ([]*chunkPayloadData, []uint16) {
+	chunks := []*chunkPayloadData{}
+	var sisToReset []uint16 // stream identifieres to reset
+
+	if a.pendingQueue.size() > 0 {
+		// RFC 4960 sec 6.1.  Transmission of DATA Chunks
+		//   A) At any given time, the data sender MUST NOT transmit new data to
+		//      any destination transport address if its peer's rwnd indicates
+		//      that the peer has no buffer space (i.e., rwnd is 0; see Section
+		//      6.2.1).  However, regardless of the value of rwnd (including if it
+		//      is 0), the data sender can always have one DATA chunk in flight to
+		//      the receiver if allowed by cwnd (see rule B, below).
+
+		for {
+			c := a.pendingQueue.peek()
+			if c == nil {
+				break // no more pending data
+			}
+
+			dataLen := uint32(len(c.userData))
+			if dataLen == 0 {
+				sisToReset = append(sisToReset, c.streamIdentifier)
+				err := a.pendingQueue.pop(c)
+				if err != nil {
+					a.log.Errorf("failed to pop from pending queue: %s", err.Error())
+				}
+				continue
+			}
+
+			if uint32(a.inflightQueue.getNumBytes())+dataLen > a.CWND() {
+				break // would exceeds cwnd
+			}
+
+			if dataLen > a.RWND() {
+				break // no more rwnd
+			}
+
+			a.setRWND(a.RWND() - dataLen)
+
+			a.movePendingDataChunkToInflightQueue(c)
+			chunks = append(chunks, c)
+		}
+
+		// the data sender can always have one DATA chunk in flight to the receiver
+		if len(chunks) == 0 && a.inflightQueue.size() == 0 {
+			// Send zero window probe
+			c := a.pendingQueue.peek()
+			if c != nil {
+				a.movePendingDataChunkToInflightQueue(c)
+				chunks = append(chunks, c)
+			}
+		}
+	}
+
+	return chunks, sisToReset
+}
+
+// bundleDataChunksIntoPackets packs DATA chunks into packets. It tries to bundle
+// DATA chunks into a packet so long as the resulting packet size does not exceed
+// the path MTU.
+// The caller should hold the lock.
+func (a *Association) bundleDataChunksIntoPackets(chunks []*chunkPayloadData) []*packet {
+	packets := []*packet{}
+	chunksToSend := []chunk{}
+	bytesInPacket := int(commonHeaderSize)
+
+	for _, c := range chunks {
+		// RFC 4960 sec 6.1.  Transmission of DATA Chunks
+		//   Multiple DATA chunks committed for transmission MAY be bundled in a
+		//   single packet.  Furthermore, DATA chunks being retransmitted MAY be
+		//   bundled with new DATA chunks, as long as the resulting packet size
+		//   does not exceed the path MTU.
+		chunkSizeInPacket := int(dataChunkHeaderSize) + len(c.userData)
+		chunkSizeInPacket += getPadding(chunkSizeInPacket)
+		if bytesInPacket+chunkSizeInPacket > int(a.MTU()) {
+			packets = append(packets, a.createPacket(chunksToSend))
+			chunksToSend = []chunk{}
+			bytesInPacket = int(commonHeaderSize)
+		}
+		chunksToSend = append(chunksToSend, c)
+		bytesInPacket += chunkSizeInPacket
+	}
+
+	if len(chunksToSend) > 0 {
+		packets = append(packets, a.createPacket(chunksToSend))
+	}
+
+	return packets
+}
+
+// sendPayloadData sends the data chunks.
+func (a *Association) sendPayloadData(chunks []*chunkPayloadData) error {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	state := a.getState()
+	if state != established {
+		return fmt.Errorf("%w: state=%s", ErrPayloadDataStateNotExist,
+			getAssociationStateString(state))
+	}
+
+	// Push the chunks into the pending queue first.
+	for _, c := range chunks {
+		a.pendingQueue.push(c)
+	}
+
+	a.awakeWriteLoop()
+	return nil
+}
+
+// The caller should hold the lock.
+func (a *Association) checkPartialReliabilityStatus(c *chunkPayloadData) {
+	if !a.useForwardTSN {
+		return
+	}
+
+	// draft-ietf-rtcweb-data-protocol-09.txt section 6
+	//	6.  Procedures
+	//		All Data Channel Establishment Protocol messages MUST be sent using
+	//		ordered delivery and reliable transmission.
+	//
+	if c.payloadType == PayloadTypeWebRTCDCEP {
+		return
+	}
+
+	// PR-SCTP
+	if s, ok := a.streams[c.streamIdentifier]; ok {
+		s.lock.RLock()
+		if s.reliabilityType == ReliabilityTypeRexmit {
+			if c.nSent >= s.reliabilityValue {
+				c.setAbandoned(true)
+				a.log.Tracef("[%s] marked as abandoned: tsn=%d ppi=%d (remix: %d)", a.name, c.tsn, c.payloadType, c.nSent)
+			}
+		} else if s.reliabilityType == ReliabilityTypeTimed {
+			elapsed := int64(time.Since(c.since).Seconds() * 1000)
+			if elapsed >= int64(s.reliabilityValue) {
+				c.setAbandoned(true)
+				a.log.Tracef("[%s] marked as abandoned: tsn=%d ppi=%d (timed: %d)", a.name, c.tsn, c.payloadType, elapsed)
+			}
+		}
+		s.lock.RUnlock()
+	} else {
+		a.log.Errorf("[%s] stream %d not found)", a.name, c.streamIdentifier)
+	}
+}
+
+// getDataPacketsToRetransmit is called when T3-rtx is timed out and retransmit outstanding data chunks
+// that are not acked or abandoned yet.
+// The caller should hold the lock.
+func (a *Association) getDataPacketsToRetransmit() []*packet {
+	awnd := min32(a.CWND(), a.RWND())
+	chunks := []*chunkPayloadData{}
+	var bytesToSend int
+	var done bool
+
+	for i := 0; !done; i++ {
+		c, ok := a.inflightQueue.get(a.cumulativeTSNAckPoint + uint32(i) + 1)
+		if !ok {
+			break // end of pending data
+		}
+
+		if !c.retransmit {
+			continue
+		}
+
+		if i == 0 && int(a.RWND()) < len(c.userData) {
+			// Send it as a zero window probe
+			done = true
+		} else if bytesToSend+len(c.userData) > int(awnd) {
+			break
+		}
+
+		// reset the retransmit flag not to retransmit again before the next
+		// t3-rtx timer fires
+		c.retransmit = false
+		bytesToSend += len(c.userData)
+
+		c.nSent++
+
+		a.checkPartialReliabilityStatus(c)
+
+		a.log.Tracef("[%s] retransmitting tsn=%d ssn=%d sent=%d", a.name, c.tsn, c.streamSequenceNumber, c.nSent)
+
+		chunks = append(chunks, c)
+	}
+
+	return a.bundleDataChunksIntoPackets(chunks)
+}
+
+// generateNextTSN returns the myNextTSN and increases it. The caller should hold the lock.
+// The caller should hold the lock.
+func (a *Association) generateNextTSN() uint32 {
+	tsn := a.myNextTSN
+	a.myNextTSN++
+	return tsn
+}
+
+// generateNextRSN returns the myNextRSN and increases it. The caller should hold the lock.
+// The caller should hold the lock.
+func (a *Association) generateNextRSN() uint32 {
+	rsn := a.myNextRSN
+	a.myNextRSN++
+	return rsn
+}
+
+func (a *Association) createSelectiveAckChunk() *chunkSelectiveAck {
+	sack := &chunkSelectiveAck{}
+	sack.cumulativeTSNAck = a.peerLastTSN()
+	sack.advertisedReceiverWindowCredit = a.getMyReceiverWindowCredit()
+	sack.duplicateTSN = a.payloadQueue.popDuplicates()
+	sack.gapAckBlocks = a.payloadQueue.getGapAckBlocks()
+	return sack
+}
+
+func pack(p *packet) []*packet {
+	return []*packet{p}
+}
+
+func (a *Association) handleChunksStart() {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	a.stats.incPacketsReceived()
+
+	a.delayedAckTriggered = false
+	a.immediateAckTriggered = false
+}
+
+func (a *Association) handleChunksEnd() {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	if a.immediateAckTriggered {
+		a.ackState = ackStateImmediate
+		a.ackTimer.stop()
+		a.awakeWriteLoop()
+	} else if a.delayedAckTriggered {
+		// Will send delayed ack in the next ack timeout
+		a.ackState = ackStateDelay
+		a.ackTimer.start()
+	}
+}
+
+func (a *Association) handleChunk(p *packet, c chunk) error {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	var packets []*packet
+	var err error
+
+	if _, err = c.check(); err != nil {
+		a.log.Errorf("[%s] failed validating chunk: %s ", a.name, err)
+		return nil
+	}
+
+	isAbort := false
+
+	switch c := c.(type) {
+	// Note: We do not do the following for chunkInit, chunkInitAck, and chunkCookieEcho:
+	// If an endpoint receives an INIT, INIT ACK, or COOKIE ECHO chunk but decides not to establish the
+	// new association due to missing mandatory parameters in the received INIT or INIT ACK chunk, invalid
+	// parameter values, or lack of local resources, it SHOULD respond with an ABORT chunk.
+
+	case *chunkInit:
+		packets, err = a.handleInit(p, c)
+
+	case *chunkInitAck:
+		err = a.handleInitAck(p, c)
+
+	case *chunkAbort:
+		isAbort = true
+		err = a.handleAbort(c)
+
+	case *chunkError:
+		var errStr string
+		for _, e := range c.errorCauses {
+			errStr += fmt.Sprintf("(%s)", e)
+		}
+		a.log.Debugf("[%s] Error chunk, with following errors: %s", a.name, errStr)
+
+	// Note: chunkHeartbeatAck not handled?
+	case *chunkHeartbeat:
+		packets = a.handleHeartbeat(c)
+
+	case *chunkCookieEcho:
+		packets = a.handleCookieEcho(c)
+
+	case *chunkCookieAck:
+		a.handleCookieAck()
+
+	case *chunkPayloadData:
+		packets = a.handleData(c)
+
+	case *chunkSelectiveAck:
+		err = a.handleSack(c)
+
+	case *chunkReconfig:
+		packets, err = a.handleReconfig(c)
+
+	case *chunkForwardTSN:
+		packets = a.handleForwardTSN(c)
+
+	case *chunkShutdown:
+		a.handleShutdown(c)
+	case *chunkShutdownAck:
+		a.handleShutdownAck(c)
+	case *chunkShutdownComplete:
+		err = a.handleShutdownComplete(c)
+
+	default:
+		err = ErrChunkTypeUnhandled
+	}
+
+	// Log and return, the only condition that is fatal is a ABORT chunk
+	if err != nil {
+		if isAbort {
+			return err
+		}
+
+		a.log.Errorf("Failed to handle chunk: %v", err)
+		return nil
+	}
+
+	if len(packets) > 0 {
+		a.controlQueue.pushAll(packets)
+		a.awakeWriteLoop()
+	}
+
+	return nil
+}
+
+func (a *Association) onRetransmissionTimeout(id int, nRtos uint) {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	// TSN hasn't been incremented in 3 attempts. Speculatively
+	// toggle ZeroChecksum because old Pion versions had a broken implementation
+	if a.cumulativeTSNAckPoint+1 == a.initialTSN && nRtos%3 == 0 {
+		a.sendZeroChecksum = !a.sendZeroChecksum
+	}
+
+	if id == timerT1Init {
+		err := a.sendInit()
+		if err != nil {
+			a.log.Debugf("[%s] failed to retransmit init (nRtos=%d): %v", a.name, nRtos, err)
+		}
+		return
+	}
+
+	if id == timerT1Cookie {
+		err := a.sendCookieEcho()
+		if err != nil {
+			a.log.Debugf("[%s] failed to retransmit cookie-echo (nRtos=%d): %v", a.name, nRtos, err)
+		}
+		return
+	}
+
+	if id == timerT2Shutdown {
+		a.log.Debugf("[%s] retransmission of shutdown timeout (nRtos=%d): %v", a.name, nRtos)
+		state := a.getState()
+
+		switch state {
+		case shutdownSent:
+			a.willSendShutdown = true
+			a.awakeWriteLoop()
+		case shutdownAckSent:
+			a.willSendShutdownAck = true
+			a.awakeWriteLoop()
+		}
+	}
+
+	if id == timerT3RTX {
+		a.stats.incT3Timeouts()
+
+		// RFC 4960 sec 6.3.3
+		//  E1)  For the destination address for which the timer expires, adjust
+		//       its ssthresh with rules defined in Section 7.2.3 and set the
+		//       cwnd <- MTU.
+		// RFC 4960 sec 7.2.3
+		//   When the T3-rtx timer expires on an address, SCTP should perform slow
+		//   start by:
+		//      ssthresh = max(cwnd/2, 4*MTU)
+		//      cwnd = 1*MTU
+
+		a.ssthresh = max32(a.CWND()/2, 4*a.MTU())
+		a.setCWND(a.MTU())
+		a.log.Tracef("[%s] updated cwnd=%d ssthresh=%d inflight=%d (RTO)",
+			a.name, a.CWND(), a.ssthresh, a.inflightQueue.getNumBytes())
+
+		// RFC 3758 sec 3.5
+		//  A5) Any time the T3-rtx timer expires, on any destination, the sender
+		//  SHOULD try to advance the "Advanced.Peer.Ack.Point" by following
+		//  the procedures outlined in C2 - C5.
+		if a.useForwardTSN {
+			// RFC 3758 Sec 3.5 C2
+			for i := a.advancedPeerTSNAckPoint + 1; ; i++ {
+				c, ok := a.inflightQueue.get(i)
+				if !ok {
+					break
+				}
+				if !c.abandoned() {
+					break
+				}
+				a.advancedPeerTSNAckPoint = i
+			}
+
+			// RFC 3758 Sec 3.5 C3
+			if sna32GT(a.advancedPeerTSNAckPoint, a.cumulativeTSNAckPoint) {
+				a.willSendForwardTSN = true
+			}
+		}
+
+		a.log.Debugf("[%s] T3-rtx timed out: nRtos=%d cwnd=%d ssthresh=%d", a.name, nRtos, a.CWND(), a.ssthresh)
+
+		/*
+			a.log.Debugf("   - advancedPeerTSNAckPoint=%d", a.advancedPeerTSNAckPoint)
+			a.log.Debugf("   - cumulativeTSNAckPoint=%d", a.cumulativeTSNAckPoint)
+			a.inflightQueue.updateSortedKeys()
+			for i, tsn := range a.inflightQueue.sorted {
+				if c, ok := a.inflightQueue.get(tsn); ok {
+					a.log.Debugf("   - [%d] tsn=%d acked=%v abandoned=%v (%v,%v) len=%d",
+						i, c.tsn, c.acked, c.abandoned(), c.beginningFragment, c.endingFragment, len(c.userData))
+				}
+			}
+		*/
+
+		a.inflightQueue.markAllToRetrasmit()
+		a.awakeWriteLoop()
+
+		return
+	}
+
+	if id == timerReconfig {
+		a.willRetransmitReconfig = true
+		a.awakeWriteLoop()
+	}
+}
+
+func (a *Association) onRetransmissionFailure(id int) {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	if id == timerT1Init {
+		a.log.Errorf("[%s] retransmission failure: T1-init", a.name)
+		a.handshakeCompletedCh <- ErrHandshakeInitAck
+		return
+	}
+
+	if id == timerT1Cookie {
+		a.log.Errorf("[%s] retransmission failure: T1-cookie", a.name)
+		a.handshakeCompletedCh <- ErrHandshakeCookieEcho
+		return
+	}
+
+	if id == timerT2Shutdown {
+		a.log.Errorf("[%s] retransmission failure: T2-shutdown", a.name)
+		return
+	}
+
+	if id == timerT3RTX {
+		// T3-rtx timer will not fail by design
+		// Justifications:
+		//  * ICE would fail if the connectivity is lost
+		//  * WebRTC spec is not clear how this incident should be reported to ULP
+		a.log.Errorf("[%s] retransmission failure: T3-rtx (DATA)", a.name)
+		return
+	}
+}
+
+func (a *Association) onAckTimeout() {
+	a.lock.Lock()
+	defer a.lock.Unlock()
+
+	a.log.Tracef("[%s] ack timed out (ackState: %d)", a.name, a.ackState)
+	a.stats.incAckTimeouts()
+
+	a.ackState = ackStateImmediate
+	a.awakeWriteLoop()
+}
+
+// bufferedAmount returns total amount (in bytes) of currently buffered user data.
+// This is used only by testing.
+func (a *Association) bufferedAmount() int {
+	a.lock.RLock()
+	defer a.lock.RUnlock()
+
+	return a.pendingQueue.getNumBytes() + a.inflightQueue.getNumBytes()
+}
+
+// MaxMessageSize returns the maximum message size you can send.
+func (a *Association) MaxMessageSize() uint32 {
+	return atomic.LoadUint32(&a.maxMessageSize)
+}
+
+// SetMaxMessageSize sets the maximum message size you can send.
+func (a *Association) SetMaxMessageSize(maxMsgSize uint32) {
+	atomic.StoreUint32(&a.maxMessageSize, maxMsgSize)
+}
diff --git a/server/vendor/github.com/pion/sctp/association_stats.go b/server/vendor/github.com/pion/sctp/association_stats.go
new file mode 100644
index 0000000..0e4e581
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/association_stats.go
@@ -0,0 +1,94 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"sync/atomic"
+)
+
+type associationStats struct {
+	nPacketsReceived uint64
+	nPacketsSent     uint64
+	nDATAs           uint64
+	nSACKsReceived   uint64
+	nSACKsSent       uint64
+	nT3Timeouts      uint64
+	nAckTimeouts     uint64
+	nFastRetrans     uint64
+}
+
+func (s *associationStats) incPacketsReceived() {
+	atomic.AddUint64(&s.nPacketsReceived, 1)
+}
+
+func (s *associationStats) getNumPacketsReceived() uint64 {
+	return atomic.LoadUint64(&s.nPacketsReceived)
+}
+
+func (s *associationStats) incPacketsSent() {
+	atomic.AddUint64(&s.nPacketsSent, 1)
+}
+
+func (s *associationStats) getNumPacketsSent() uint64 {
+	return atomic.LoadUint64(&s.nPacketsSent)
+}
+
+func (s *associationStats) incDATAs() {
+	atomic.AddUint64(&s.nDATAs, 1)
+}
+
+func (s *associationStats) getNumDATAs() uint64 {
+	return atomic.LoadUint64(&s.nDATAs)
+}
+
+func (s *associationStats) incSACKsReceived() {
+	atomic.AddUint64(&s.nSACKsReceived, 1)
+}
+
+func (s *associationStats) getNumSACKsReceived() uint64 {
+	return atomic.LoadUint64(&s.nSACKsReceived)
+}
+
+func (s *associationStats) incSACKsSent() {
+	atomic.AddUint64(&s.nSACKsSent, 1)
+}
+
+func (s *associationStats) getNumSACKsSent() uint64 {
+	return atomic.LoadUint64(&s.nSACKsSent)
+}
+
+func (s *associationStats) incT3Timeouts() {
+	atomic.AddUint64(&s.nT3Timeouts, 1)
+}
+
+func (s *associationStats) getNumT3Timeouts() uint64 {
+	return atomic.LoadUint64(&s.nT3Timeouts)
+}
+
+func (s *associationStats) incAckTimeouts() {
+	atomic.AddUint64(&s.nAckTimeouts, 1)
+}
+
+func (s *associationStats) getNumAckTimeouts() uint64 {
+	return atomic.LoadUint64(&s.nAckTimeouts)
+}
+
+func (s *associationStats) incFastRetrans() {
+	atomic.AddUint64(&s.nFastRetrans, 1)
+}
+
+func (s *associationStats) getNumFastRetrans() uint64 {
+	return atomic.LoadUint64(&s.nFastRetrans)
+}
+
+func (s *associationStats) reset() {
+	atomic.StoreUint64(&s.nPacketsReceived, 0)
+	atomic.StoreUint64(&s.nPacketsSent, 0)
+	atomic.StoreUint64(&s.nDATAs, 0)
+	atomic.StoreUint64(&s.nSACKsReceived, 0)
+	atomic.StoreUint64(&s.nSACKsSent, 0)
+	atomic.StoreUint64(&s.nT3Timeouts, 0)
+	atomic.StoreUint64(&s.nAckTimeouts, 0)
+	atomic.StoreUint64(&s.nFastRetrans, 0)
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk.go b/server/vendor/github.com/pion/sctp/chunk.go
new file mode 100644
index 0000000..50b8a2e
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk.go
@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+type chunk interface {
+	unmarshal(raw []byte) error
+	marshal() ([]byte, error)
+	check() (bool, error)
+
+	valueLength() int
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_abort.go b/server/vendor/github.com/pion/sctp/chunk_abort.go
new file mode 100644
index 0000000..eaed697
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_abort.go
@@ -0,0 +1,96 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp // nolint:dupl
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+Abort represents an SCTP Chunk of type ABORT
+
+The ABORT chunk is sent to the peer of an association to close the
+association.  The ABORT chunk may contain Cause Parameters to inform
+the receiver about the reason of the abort.  DATA chunks MUST NOT be
+bundled with ABORT.  Control chunks (except for INIT, INIT ACK, and
+SHUTDOWN COMPLETE) MAY be bundled with an ABORT, but they MUST be
+placed before the ABORT in the SCTP packet or they will be ignored by
+the receiver.
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|   Type = 6    |Reserved     |T|           Length              |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                                                               |
+	|                   zero or more Error Causes                   |
+	|                                                               |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type chunkAbort struct {
+	chunkHeader
+	errorCauses []errorCause
+}
+
+// Abort chunk errors
+var (
+	ErrChunkTypeNotAbort     = errors.New("ChunkType is not of type ABORT")
+	ErrBuildAbortChunkFailed = errors.New("failed build Abort Chunk")
+)
+
+func (a *chunkAbort) unmarshal(raw []byte) error {
+	if err := a.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if a.typ != ctAbort {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotAbort, a.typ.String())
+	}
+
+	offset := chunkHeaderSize
+	for {
+		if len(raw)-offset < 4 {
+			break
+		}
+
+		e, err := buildErrorCause(raw[offset:])
+		if err != nil {
+			return fmt.Errorf("%w: %v", ErrBuildAbortChunkFailed, err) //nolint:errorlint
+		}
+
+		offset += int(e.length())
+		a.errorCauses = append(a.errorCauses, e)
+	}
+	return nil
+}
+
+func (a *chunkAbort) marshal() ([]byte, error) {
+	a.chunkHeader.typ = ctAbort
+	a.flags = 0x00
+	a.raw = []byte{}
+	for _, ec := range a.errorCauses {
+		raw, err := ec.marshal()
+		if err != nil {
+			return nil, err
+		}
+		a.raw = append(a.raw, raw...)
+	}
+	return a.chunkHeader.marshal()
+}
+
+func (a *chunkAbort) check() (abort bool, err error) {
+	return false, nil
+}
+
+// String makes chunkAbort printable
+func (a *chunkAbort) String() string {
+	res := a.chunkHeader.String()
+
+	for _, cause := range a.errorCauses {
+		res += fmt.Sprintf("\n - %s", cause)
+	}
+
+	return res
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_cookie_ack.go b/server/vendor/github.com/pion/sctp/chunk_cookie_ack.go
new file mode 100644
index 0000000..814ed2c
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_cookie_ack.go
@@ -0,0 +1,53 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+chunkCookieAck represents an SCTP Chunk of type chunkCookieAck
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|   Type = 11   |Chunk  Flags   |     Length = 4                |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type chunkCookieAck struct {
+	chunkHeader
+}
+
+// Cookie ack chunk errors
+var (
+	ErrChunkTypeNotCookieAck = errors.New("ChunkType is not of type COOKIEACK")
+)
+
+func (c *chunkCookieAck) unmarshal(raw []byte) error {
+	if err := c.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if c.typ != ctCookieAck {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotCookieAck, c.typ.String())
+	}
+
+	return nil
+}
+
+func (c *chunkCookieAck) marshal() ([]byte, error) {
+	c.chunkHeader.typ = ctCookieAck
+	return c.chunkHeader.marshal()
+}
+
+func (c *chunkCookieAck) check() (abort bool, err error) {
+	return false, nil
+}
+
+// String makes chunkCookieAck printable
+func (c *chunkCookieAck) String() string {
+	return c.chunkHeader.String()
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_cookie_echo.go b/server/vendor/github.com/pion/sctp/chunk_cookie_echo.go
new file mode 100644
index 0000000..23a2fc2
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_cookie_echo.go
@@ -0,0 +1,54 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+CookieEcho represents an SCTP Chunk of type CookieEcho
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|   Type = 10   |Chunk  Flags   |         Length                |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                     Cookie                                    |
+	|                                                               |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type chunkCookieEcho struct {
+	chunkHeader
+	cookie []byte
+}
+
+// Cookie echo chunk errors
+var (
+	ErrChunkTypeNotCookieEcho = errors.New("ChunkType is not of type COOKIEECHO")
+)
+
+func (c *chunkCookieEcho) unmarshal(raw []byte) error {
+	if err := c.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if c.typ != ctCookieEcho {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotCookieEcho, c.typ.String())
+	}
+	c.cookie = c.raw
+
+	return nil
+}
+
+func (c *chunkCookieEcho) marshal() ([]byte, error) {
+	c.chunkHeader.typ = ctCookieEcho
+	c.chunkHeader.raw = c.cookie
+	return c.chunkHeader.marshal()
+}
+
+func (c *chunkCookieEcho) check() (abort bool, err error) {
+	return false, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_error.go b/server/vendor/github.com/pion/sctp/chunk_error.go
new file mode 100644
index 0000000..b62be3a
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_error.go
@@ -0,0 +1,103 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp // nolint:dupl
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+Operation Error (ERROR) (9)
+
+An endpoint sends this chunk to its peer endpoint to notify it of
+certain error conditions.  It contains one or more error causes.  An
+Operation Error is not considered fatal in and of itself, but may be
+used with an ERROR chunk to report a fatal condition.  It has the
+following parameters:
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|   Type = 9    | Chunk  Flags  |           Length              |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	\                                                               \
+	/                    one or more Error Causes                   /
+	\                                                               \
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+Chunk Flags: 8 bits
+
+	Set to 0 on transmit and ignored on receipt.
+
+Length: 16 bits (unsigned integer)
+
+	Set to the size of the chunk in bytes, including the chunk header
+	and all the Error Cause fields present.
+*/
+type chunkError struct {
+	chunkHeader
+	errorCauses []errorCause
+}
+
+// Error chunk errors
+var (
+	ErrChunkTypeNotCtError   = errors.New("ChunkType is not of type ctError")
+	ErrBuildErrorChunkFailed = errors.New("failed build Error Chunk")
+)
+
+func (a *chunkError) unmarshal(raw []byte) error {
+	if err := a.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if a.typ != ctError {
+		return fmt.Errorf("%w, actually is %s", ErrChunkTypeNotCtError, a.typ.String())
+	}
+
+	offset := chunkHeaderSize
+	for {
+		if len(raw)-offset < 4 {
+			break
+		}
+
+		e, err := buildErrorCause(raw[offset:])
+		if err != nil {
+			return fmt.Errorf("%w: %v", ErrBuildErrorChunkFailed, err) //nolint:errorlint
+		}
+
+		offset += int(e.length())
+		a.errorCauses = append(a.errorCauses, e)
+	}
+	return nil
+}
+
+func (a *chunkError) marshal() ([]byte, error) {
+	a.chunkHeader.typ = ctError
+	a.flags = 0x00
+	a.raw = []byte{}
+	for _, ec := range a.errorCauses {
+		raw, err := ec.marshal()
+		if err != nil {
+			return nil, err
+		}
+		a.raw = append(a.raw, raw...)
+	}
+	return a.chunkHeader.marshal()
+}
+
+func (a *chunkError) check() (abort bool, err error) {
+	return false, nil
+}
+
+// String makes chunkError printable
+func (a *chunkError) String() string {
+	res := a.chunkHeader.String()
+
+	for _, cause := range a.errorCauses {
+		res += fmt.Sprintf("\n - %s", cause)
+	}
+
+	return res
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_forward_tsn.go b/server/vendor/github.com/pion/sctp/chunk_forward_tsn.go
new file mode 100644
index 0000000..b053e98
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_forward_tsn.go
@@ -0,0 +1,151 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+// This chunk shall be used by the data sender to inform the data
+// receiver to adjust its cumulative received TSN point forward because
+// some missing TSNs are associated with data chunks that SHOULD NOT be
+// transmitted or retransmitted by the sender.
+//
+//  0                   1                   2                   3
+//  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |   Type = 192  |  Flags = 0x00 |        Length = Variable      |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                      New Cumulative TSN                       |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |         Stream-1              |       Stream Sequence-1       |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// \                                                               /
+// /                                                               \
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |         Stream-N              |       Stream Sequence-N       |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+type chunkForwardTSN struct {
+	chunkHeader
+
+	// This indicates the new cumulative TSN to the data receiver.  Upon
+	// the reception of this value, the data receiver MUST consider
+	// any missing TSNs earlier than or equal to this value as received,
+	// and stop reporting them as gaps in any subsequent SACKs.
+	newCumulativeTSN uint32
+
+	streams []chunkForwardTSNStream
+}
+
+const (
+	newCumulativeTSNLength = 4
+	forwardTSNStreamLength = 4
+)
+
+// Forward TSN chunk errors
+var (
+	ErrMarshalStreamFailed = errors.New("failed to marshal stream")
+	ErrChunkTooShort       = errors.New("chunk too short")
+)
+
+func (c *chunkForwardTSN) unmarshal(raw []byte) error {
+	if err := c.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if len(c.raw) < newCumulativeTSNLength {
+		return ErrChunkTooShort
+	}
+
+	c.newCumulativeTSN = binary.BigEndian.Uint32(c.raw[0:])
+
+	offset := newCumulativeTSNLength
+	remaining := len(c.raw) - offset
+	for remaining > 0 {
+		s := chunkForwardTSNStream{}
+
+		if err := s.unmarshal(c.raw[offset:]); err != nil {
+			return fmt.Errorf("%w: %v", ErrMarshalStreamFailed, err) //nolint:errorlint
+		}
+
+		c.streams = append(c.streams, s)
+
+		offset += s.length()
+		remaining -= s.length()
+	}
+
+	return nil
+}
+
+func (c *chunkForwardTSN) marshal() ([]byte, error) {
+	out := make([]byte, newCumulativeTSNLength)
+	binary.BigEndian.PutUint32(out[0:], c.newCumulativeTSN)
+
+	for _, s := range c.streams {
+		b, err := s.marshal()
+		if err != nil {
+			return nil, fmt.Errorf("%w: %v", ErrMarshalStreamFailed, err) //nolint:errorlint
+		}
+		out = append(out, b...)
+	}
+
+	c.typ = ctForwardTSN
+	c.raw = out
+	return c.chunkHeader.marshal()
+}
+
+func (c *chunkForwardTSN) check() (abort bool, err error) {
+	return true, nil
+}
+
+// String makes chunkForwardTSN printable
+func (c *chunkForwardTSN) String() string {
+	res := fmt.Sprintf("New Cumulative TSN: %d\n", c.newCumulativeTSN)
+	for _, s := range c.streams {
+		res += fmt.Sprintf(" - si=%d, ssn=%d\n", s.identifier, s.sequence)
+	}
+	return res
+}
+
+type chunkForwardTSNStream struct {
+	// This field holds a stream number that was skipped by this
+	// FWD-TSN.
+	identifier uint16
+
+	// This field holds the sequence number associated with the stream
+	// that was skipped.  The stream sequence field holds the largest
+	// stream sequence number in this stream being skipped.  The receiver
+	// of the FWD-TSN's can use the Stream-N and Stream Sequence-N fields
+	// to enable delivery of any stranded TSN's that remain on the stream
+	// re-ordering queues.  This field MUST NOT report TSN's corresponding
+	// to DATA chunks that are marked as unordered.  For ordered DATA
+	// chunks this field MUST be filled in.
+	sequence uint16
+}
+
+func (s *chunkForwardTSNStream) length() int {
+	return forwardTSNStreamLength
+}
+
+func (s *chunkForwardTSNStream) unmarshal(raw []byte) error {
+	if len(raw) < forwardTSNStreamLength {
+		return ErrChunkTooShort
+	}
+	s.identifier = binary.BigEndian.Uint16(raw[0:])
+	s.sequence = binary.BigEndian.Uint16(raw[2:])
+
+	return nil
+}
+
+func (s *chunkForwardTSNStream) marshal() ([]byte, error) { // nolint:unparam
+	out := make([]byte, forwardTSNStreamLength)
+
+	binary.BigEndian.PutUint16(out[0:], s.identifier)
+	binary.BigEndian.PutUint16(out[2:], s.sequence)
+
+	return out, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_heartbeat.go b/server/vendor/github.com/pion/sctp/chunk_heartbeat.go
new file mode 100644
index 0000000..64914a3
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_heartbeat.go
@@ -0,0 +1,86 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+chunkHeartbeat represents an SCTP Chunk of type HEARTBEAT
+
+An endpoint should send this chunk to its peer endpoint to probe the
+reachability of a particular destination transport address defined in
+the present association.
+
+The parameter field contains the Heartbeat Information, which is a
+variable-length opaque data structure understood only by the sender.
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|   Type = 4    | Chunk  Flags  |      Heartbeat Length         |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                                                               |
+	|            Heartbeat Information TLV (Variable-Length)        |
+	|                                                               |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+Defined as a variable-length parameter using the format described
+in Section 3.2.1, i.e.:
+
+Variable Parameters                  Status     Type Value
+-------------------------------------------------------------
+heartbeat Info                       Mandatory   1
+*/
+type chunkHeartbeat struct {
+	chunkHeader
+	params []param
+}
+
+// Heartbeat chunk errors
+var (
+	ErrChunkTypeNotHeartbeat      = errors.New("ChunkType is not of type HEARTBEAT")
+	ErrHeartbeatNotLongEnoughInfo = errors.New("heartbeat is not long enough to contain Heartbeat Info")
+	ErrParseParamTypeFailed       = errors.New("failed to parse param type")
+	ErrHeartbeatParam             = errors.New("heartbeat should only have HEARTBEAT param")
+	ErrHeartbeatChunkUnmarshal    = errors.New("failed unmarshalling param in Heartbeat Chunk")
+)
+
+func (h *chunkHeartbeat) unmarshal(raw []byte) error {
+	if err := h.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	} else if h.typ != ctHeartbeat {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotHeartbeat, h.typ.String())
+	}
+
+	if len(raw) <= chunkHeaderSize {
+		return fmt.Errorf("%w: %d", ErrHeartbeatNotLongEnoughInfo, len(raw))
+	}
+
+	pType, err := parseParamType(raw[chunkHeaderSize:])
+	if err != nil {
+		return fmt.Errorf("%w: %v", ErrParseParamTypeFailed, err) //nolint:errorlint
+	}
+	if pType != heartbeatInfo {
+		return fmt.Errorf("%w: instead have %s", ErrHeartbeatParam, pType.String())
+	}
+
+	p, err := buildParam(pType, raw[chunkHeaderSize:])
+	if err != nil {
+		return fmt.Errorf("%w: %v", ErrHeartbeatChunkUnmarshal, err) //nolint:errorlint
+	}
+	h.params = append(h.params, p)
+
+	return nil
+}
+
+func (h *chunkHeartbeat) Marshal() ([]byte, error) {
+	return nil, ErrUnimplemented
+}
+
+func (h *chunkHeartbeat) check() (abort bool, err error) {
+	return false, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_heartbeat_ack.go b/server/vendor/github.com/pion/sctp/chunk_heartbeat_ack.go
new file mode 100644
index 0000000..6d825e0
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_heartbeat_ack.go
@@ -0,0 +1,96 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+chunkHeartbeatAck represents an SCTP Chunk of type HEARTBEAT ACK
+
+An endpoint should send this chunk to its peer endpoint as a response
+to a HEARTBEAT chunk (see Section 8.3).  A HEARTBEAT ACK is always
+sent to the source IP address of the IP datagram containing the
+HEARTBEAT chunk to which this ack is responding.
+
+The parameter field contains a variable-length opaque data structure.
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|   Type = 5    | Chunk  Flags  |    Heartbeat Ack Length       |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                                                               |
+	|            Heartbeat Information TLV (Variable-Length)        |
+	|                                                               |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+Defined as a variable-length parameter using the format described
+in Section 3.2.1, i.e.:
+
+Variable Parameters                  Status     Type Value
+-------------------------------------------------------------
+Heartbeat Info                       Mandatory   1
+*/
+type chunkHeartbeatAck struct {
+	chunkHeader
+	params []param
+}
+
+// Heartbeat ack chunk errors
+var (
+	ErrUnimplemented                = errors.New("unimplemented")
+	ErrHeartbeatAckParams           = errors.New("heartbeat Ack must have one param")
+	ErrHeartbeatAckNotHeartbeatInfo = errors.New("heartbeat Ack must have one param, and it should be a HeartbeatInfo")
+	ErrHeartbeatAckMarshalParam     = errors.New("unable to marshal parameter for Heartbeat Ack")
+)
+
+func (h *chunkHeartbeatAck) unmarshal([]byte) error {
+	return ErrUnimplemented
+}
+
+func (h *chunkHeartbeatAck) marshal() ([]byte, error) {
+	if len(h.params) != 1 {
+		return nil, ErrHeartbeatAckParams
+	}
+
+	switch h.params[0].(type) {
+	case *paramHeartbeatInfo:
+		// ParamHeartbeatInfo is valid
+	default:
+		return nil, ErrHeartbeatAckNotHeartbeatInfo
+	}
+
+	out := make([]byte, 0)
+	for idx, p := range h.params {
+		pp, err := p.marshal()
+		if err != nil {
+			return nil, fmt.Errorf("%w: %v", ErrHeartbeatAckMarshalParam, err) //nolint:errorlint
+		}
+
+		out = append(out, pp...)
+
+		// Chunks (including Type, Length, and Value fields) are padded out
+		// by the sender with all zero bytes to be a multiple of 4 bytes
+		// long.  This padding MUST NOT be more than 3 bytes in total.  The
+		// Chunk Length value does not include terminating padding of the
+		// chunk.  *However, it does include padding of any variable-length
+		// parameter except the last parameter in the chunk.*  The receiver
+		// MUST ignore the padding.
+		if idx != len(h.params)-1 {
+			out = padByte(out, getPadding(len(pp)))
+		}
+	}
+
+	h.chunkHeader.typ = ctHeartbeatAck
+	h.chunkHeader.raw = out
+
+	return h.chunkHeader.marshal()
+}
+
+func (h *chunkHeartbeatAck) check() (abort bool, err error) {
+	return false, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_init.go b/server/vendor/github.com/pion/sctp/chunk_init.go
new file mode 100644
index 0000000..a6a3be3
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_init.go
@@ -0,0 +1,142 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp // nolint:dupl
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+Init represents an SCTP Chunk of type INIT
+
+See chunkInitCommon for the fixed headers
+
+	Variable Parameters               	Status     	Type Value
+	-------------------------------------------------------------
+	IPv4 IP (Note 1)               		Optional    5
+	IPv6 IP (Note 1)               		Optional    6
+	Cookie Preservative                 Optional    9
+	Reserved for ECN Capable (Note 2)   Optional    32768 (0x8000)
+	Host Name IP (Note 3)          		Optional    11
+	Supported IP Types (Note 4)    		Optional    12
+*/
+type chunkInit struct {
+	chunkHeader
+	chunkInitCommon
+}
+
+// Init chunk errors
+var (
+	ErrChunkTypeNotTypeInit          = errors.New("ChunkType is not of type INIT")
+	ErrChunkValueNotLongEnough       = errors.New("chunk Value isn't long enough for mandatory parameters exp")
+	ErrChunkTypeInitFlagZero         = errors.New("ChunkType of type INIT flags must be all 0")
+	ErrChunkTypeInitUnmarshalFailed  = errors.New("failed to unmarshal INIT body")
+	ErrChunkTypeInitMarshalFailed    = errors.New("failed marshaling INIT common data")
+	ErrChunkTypeInitInitateTagZero   = errors.New("ChunkType of type INIT ACK InitiateTag must not be 0")
+	ErrInitInboundStreamRequestZero  = errors.New("INIT ACK inbound stream request must be > 0")
+	ErrInitOutboundStreamRequestZero = errors.New("INIT ACK outbound stream request must be > 0")
+	ErrInitAdvertisedReceiver1500    = errors.New("INIT ACK Advertised Receiver Window Credit (a_rwnd) must be >= 1500")
+	ErrInitUnknownParam              = errors.New("INIT with unknown param")
+)
+
+func (i *chunkInit) unmarshal(raw []byte) error {
+	if err := i.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if i.typ != ctInit {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotTypeInit, i.typ.String())
+	} else if len(i.raw) < initChunkMinLength {
+		return fmt.Errorf("%w: %d actual: %d", ErrChunkValueNotLongEnough, initChunkMinLength, len(i.raw))
+	}
+
+	// The Chunk Flags field in INIT is reserved, and all bits in it should
+	// be set to 0 by the sender and ignored by the receiver.  The sequence
+	// of parameters within an INIT can be processed in any order.
+	if i.flags != 0 {
+		return ErrChunkTypeInitFlagZero
+	}
+
+	if err := i.chunkInitCommon.unmarshal(i.raw); err != nil {
+		return fmt.Errorf("%w: %v", ErrChunkTypeInitUnmarshalFailed, err) //nolint:errorlint
+	}
+
+	return nil
+}
+
+func (i *chunkInit) marshal() ([]byte, error) {
+	initShared, err := i.chunkInitCommon.marshal()
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", ErrChunkTypeInitMarshalFailed, err) //nolint:errorlint
+	}
+
+	i.chunkHeader.typ = ctInit
+	i.chunkHeader.raw = initShared
+	return i.chunkHeader.marshal()
+}
+
+func (i *chunkInit) check() (abort bool, err error) {
+	// The receiver of the INIT (the responding end) records the value of
+	// the Initiate Tag parameter.  This value MUST be placed into the
+	// Verification Tag field of every SCTP packet that the receiver of
+	// the INIT transmits within this association.
+	//
+	// The Initiate Tag is allowed to have any value except 0.  See
+	// Section 5.3.1 for more on the selection of the tag value.
+	//
+	// If the value of the Initiate Tag in a received INIT chunk is found
+	// to be 0, the receiver MUST treat it as an error and close the
+	// association by transmitting an ABORT.
+	if i.initiateTag == 0 {
+		return true, ErrChunkTypeInitInitateTagZero
+	}
+
+	// Defines the maximum number of streams the sender of this INIT
+	// chunk allows the peer end to create in this association.  The
+	// value 0 MUST NOT be used.
+	//
+	// Note: There is no negotiation of the actual number of streams but
+	// instead the two endpoints will use the min(requested, offered).
+	// See Section 5.1.1 for details.
+	//
+	// Note: A receiver of an INIT with the MIS value of 0 SHOULD abort
+	// the association.
+	if i.numInboundStreams == 0 {
+		return true, ErrInitInboundStreamRequestZero
+	}
+
+	// Defines the number of outbound streams the sender of this INIT
+	// chunk wishes to create in this association.  The value of 0 MUST
+	// NOT be used.
+	//
+	// Note: A receiver of an INIT with the OS value set to 0 SHOULD
+	// abort the association.
+
+	if i.numOutboundStreams == 0 {
+		return true, ErrInitOutboundStreamRequestZero
+	}
+
+	// An SCTP receiver MUST be able to receive a minimum of 1500 bytes in
+	// one SCTP packet.  This means that an SCTP endpoint MUST NOT indicate
+	// less than 1500 bytes in its initial a_rwnd sent in the INIT or INIT
+	// ACK.
+	if i.advertisedReceiverWindowCredit < 1500 {
+		return true, ErrInitAdvertisedReceiver1500
+	}
+
+	for _, p := range i.unrecognizedParams {
+		if p.unrecognizedAction == paramHeaderUnrecognizedActionStop ||
+			p.unrecognizedAction == paramHeaderUnrecognizedActionStopAndReport {
+			return true, ErrInitUnknownParam
+		}
+	}
+
+	return false, nil
+}
+
+// String makes chunkInit printable
+func (i *chunkInit) String() string {
+	return fmt.Sprintf("%s\n%s", i.chunkHeader, i.chunkInitCommon)
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_init_ack.go b/server/vendor/github.com/pion/sctp/chunk_init_ack.go
new file mode 100644
index 0000000..ab790bd
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_init_ack.go
@@ -0,0 +1,140 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp // nolint:dupl
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+chunkInitAck represents an SCTP Chunk of type INIT ACK
+
+See chunkInitCommon for the fixed headers
+
+	Variable Parameters                  Status     Type Value
+	-------------------------------------------------------------
+	State Cookie                        Mandatory   7
+	IPv4 IP (Note 1)               		Optional    5
+	IPv6 IP (Note 1)               		Optional    6
+	Unrecognized Parameter              Optional    8
+	Reserved for ECN Capable (Note 2)   Optional    32768 (0x8000)
+	Host Name IP (Note 3)          		Optional    11<Paste>
+*/
+type chunkInitAck struct {
+	chunkHeader
+	chunkInitCommon
+}
+
+// Init ack chunk errors
+var (
+	ErrChunkTypeNotInitAck              = errors.New("ChunkType is not of type INIT ACK")
+	ErrChunkNotLongEnoughForParams      = errors.New("chunk Value isn't long enough for mandatory parameters exp")
+	ErrChunkTypeInitAckFlagZero         = errors.New("ChunkType of type INIT ACK flags must be all 0")
+	ErrInitAckUnmarshalFailed           = errors.New("failed to unmarshal INIT body")
+	ErrInitCommonDataMarshalFailed      = errors.New("failed marshaling INIT common data")
+	ErrChunkTypeInitAckInitateTagZero   = errors.New("ChunkType of type INIT ACK InitiateTag must not be 0")
+	ErrInitAckInboundStreamRequestZero  = errors.New("INIT ACK inbound stream request must be > 0")
+	ErrInitAckOutboundStreamRequestZero = errors.New("INIT ACK outbound stream request must be > 0")
+	ErrInitAckAdvertisedReceiver1500    = errors.New("INIT ACK Advertised Receiver Window Credit (a_rwnd) must be >= 1500")
+)
+
+func (i *chunkInitAck) unmarshal(raw []byte) error {
+	if err := i.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if i.typ != ctInitAck {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotInitAck, i.typ.String())
+	} else if len(i.raw) < initChunkMinLength {
+		return fmt.Errorf("%w: %d actual: %d", ErrChunkNotLongEnoughForParams, initChunkMinLength, len(i.raw))
+	}
+
+	// The Chunk Flags field in INIT is reserved, and all bits in it should
+	// be set to 0 by the sender and ignored by the receiver.  The sequence
+	// of parameters within an INIT can be processed in any order.
+	if i.flags != 0 {
+		return ErrChunkTypeInitAckFlagZero
+	}
+
+	if err := i.chunkInitCommon.unmarshal(i.raw); err != nil {
+		return fmt.Errorf("%w: %v", ErrInitAckUnmarshalFailed, err) //nolint:errorlint
+	}
+
+	return nil
+}
+
+func (i *chunkInitAck) marshal() ([]byte, error) {
+	initShared, err := i.chunkInitCommon.marshal()
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", ErrInitCommonDataMarshalFailed, err) //nolint:errorlint
+	}
+
+	i.chunkHeader.typ = ctInitAck
+	i.chunkHeader.raw = initShared
+	return i.chunkHeader.marshal()
+}
+
+func (i *chunkInitAck) check() (abort bool, err error) {
+	// The receiver of the INIT ACK records the value of the Initiate Tag
+	// parameter.  This value MUST be placed into the Verification Tag
+	// field of every SCTP packet that the INIT ACK receiver transmits
+	// within this association.
+	//
+	// The Initiate Tag MUST NOT take the value 0.  See Section 5.3.1 for
+	// more on the selection of the Initiate Tag value.
+	//
+	// If the value of the Initiate Tag in a received INIT ACK chunk is
+	// found to be 0, the receiver MUST destroy the association
+	// discarding its TCB.  The receiver MAY send an ABORT for debugging
+	// purpose.
+	if i.initiateTag == 0 {
+		abort = true
+		return abort, ErrChunkTypeInitAckInitateTagZero
+	}
+
+	// Defines the maximum number of streams the sender of this INIT ACK
+	// chunk allows the peer end to create in this association.  The
+	// value 0 MUST NOT be used.
+	//
+	// Note: There is no negotiation of the actual number of streams but
+	// instead the two endpoints will use the min(requested, offered).
+	// See Section 5.1.1 for details.
+	//
+	// Note: A receiver of an INIT ACK with the MIS value set to 0 SHOULD
+	// destroy the association discarding its TCB.
+	if i.numInboundStreams == 0 {
+		abort = true
+		return abort, ErrInitAckInboundStreamRequestZero
+	}
+
+	// Defines the number of outbound streams the sender of this INIT ACK
+	// chunk wishes to create in this association.  The value of 0 MUST
+	// NOT be used, and the value MUST NOT be greater than the MIS value
+	// sent in the INIT chunk.
+	//
+	// Note: A receiver of an INIT ACK with the OS value set to 0 SHOULD
+	// destroy the association discarding its TCB.
+
+	if i.numOutboundStreams == 0 {
+		abort = true
+		return abort, ErrInitAckOutboundStreamRequestZero
+	}
+
+	// An SCTP receiver MUST be able to receive a minimum of 1500 bytes in
+	// one SCTP packet.  This means that an SCTP endpoint MUST NOT indicate
+	// less than 1500 bytes in its initial a_rwnd sent in the INIT or INIT
+	// ACK.
+	if i.advertisedReceiverWindowCredit < 1500 {
+		abort = true
+		return abort, ErrInitAckAdvertisedReceiver1500
+	}
+
+	return false, nil
+}
+
+// String makes chunkInitAck printable
+func (i *chunkInitAck) String() string {
+	return fmt.Sprintf("%s\n%s", i.chunkHeader, i.chunkInitCommon)
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_init_common.go b/server/vendor/github.com/pion/sctp/chunk_init_common.go
new file mode 100644
index 0000000..b3f8b84
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_init_common.go
@@ -0,0 +1,167 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+/*
+chunkInitCommon represents an SCTP Chunk body of type INIT and INIT ACK
+
+ 0                   1                   2                   3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|   Type = 1    |  Chunk Flags  |      Chunk Length             |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                         Initiate Tag                          |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|           Advertised Receiver Window Credit (a_rwnd)          |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|  Number of Outbound Streams   |  Number of Inbound Streams    |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                          Initial TSN                          |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                                                               |
+|              Optional/Variable-Length Parameters              |
+|                                                               |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+The INIT chunk contains the following parameters.  Unless otherwise
+noted, each parameter MUST only be included once in the INIT chunk.
+
+Fixed Parameters                     Status
+----------------------------------------------
+Initiate Tag                        Mandatory
+Advertised Receiver Window Credit   Mandatory
+Number of Outbound Streams          Mandatory
+Number of Inbound Streams           Mandatory
+Initial TSN                         Mandatory
+*/
+
+type chunkInitCommon struct {
+	initiateTag                    uint32
+	advertisedReceiverWindowCredit uint32
+	numOutboundStreams             uint16
+	numInboundStreams              uint16
+	initialTSN                     uint32
+	params                         []param
+	unrecognizedParams             []paramHeader
+}
+
+const (
+	initChunkMinLength          = 16
+	initOptionalVarHeaderLength = 4
+)
+
+// Init chunk errors
+var (
+	ErrInitChunkParseParamTypeFailed = errors.New("failed to parse param type")
+	ErrInitAckMarshalParam           = errors.New("unable to marshal parameter for INIT/INITACK")
+)
+
+func (i *chunkInitCommon) unmarshal(raw []byte) error {
+	i.initiateTag = binary.BigEndian.Uint32(raw[0:])
+	i.advertisedReceiverWindowCredit = binary.BigEndian.Uint32(raw[4:])
+	i.numOutboundStreams = binary.BigEndian.Uint16(raw[8:])
+	i.numInboundStreams = binary.BigEndian.Uint16(raw[10:])
+	i.initialTSN = binary.BigEndian.Uint32(raw[12:])
+
+	// https://tools.ietf.org/html/rfc4960#section-3.2.1
+	//
+	// Chunk values of SCTP control chunks consist of a chunk-type-specific
+	// header of required fields, followed by zero or more parameters.  The
+	// optional and variable-length parameters contained in a chunk are
+	// defined in a Type-Length-Value format as shown below.
+	//
+	// 0                   1                   2                   3
+	// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	// |          Parameter Type       |       Parameter Length        |
+	// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	// |                                                               |
+	// |                       Parameter Value                         |
+	// |                                                               |
+	// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+	offset := initChunkMinLength
+	remaining := len(raw) - offset
+	for remaining > 0 {
+		if remaining > initOptionalVarHeaderLength {
+			var pHeader paramHeader
+			if err := pHeader.unmarshal(raw[offset:]); err != nil {
+				return fmt.Errorf("%w: %v", ErrInitChunkParseParamTypeFailed, err) //nolint:errorlint
+			}
+
+			p, err := buildParam(pHeader.typ, raw[offset:])
+			if err != nil {
+				i.unrecognizedParams = append(i.unrecognizedParams, pHeader)
+			} else {
+				i.params = append(i.params, p)
+			}
+
+			padding := getPadding(pHeader.length())
+			offset += pHeader.length() + padding
+			remaining -= pHeader.length() + padding
+		} else {
+			break
+		}
+	}
+
+	return nil
+}
+
+func (i *chunkInitCommon) marshal() ([]byte, error) {
+	out := make([]byte, initChunkMinLength)
+	binary.BigEndian.PutUint32(out[0:], i.initiateTag)
+	binary.BigEndian.PutUint32(out[4:], i.advertisedReceiverWindowCredit)
+	binary.BigEndian.PutUint16(out[8:], i.numOutboundStreams)
+	binary.BigEndian.PutUint16(out[10:], i.numInboundStreams)
+	binary.BigEndian.PutUint32(out[12:], i.initialTSN)
+	for idx, p := range i.params {
+		pp, err := p.marshal()
+		if err != nil {
+			return nil, fmt.Errorf("%w: %v", ErrInitAckMarshalParam, err) //nolint:errorlint
+		}
+
+		out = append(out, pp...)
+
+		// Chunks (including Type, Length, and Value fields) are padded out
+		// by the sender with all zero bytes to be a multiple of 4 bytes
+		// long.  This padding MUST NOT be more than 3 bytes in total.  The
+		// Chunk Length value does not include terminating padding of the
+		// chunk.  *However, it does include padding of any variable-length
+		// parameter except the last parameter in the chunk.*  The receiver
+		// MUST ignore the padding.
+		if idx != len(i.params)-1 {
+			out = padByte(out, getPadding(len(pp)))
+		}
+	}
+
+	return out, nil
+}
+
+// String makes chunkInitCommon printable
+func (i chunkInitCommon) String() string {
+	format := `initiateTag: %d
+	advertisedReceiverWindowCredit: %d
+	numOutboundStreams: %d
+	numInboundStreams: %d
+	initialTSN: %d`
+
+	res := fmt.Sprintf(format,
+		i.initiateTag,
+		i.advertisedReceiverWindowCredit,
+		i.numOutboundStreams,
+		i.numInboundStreams,
+		i.initialTSN,
+	)
+
+	for i, param := range i.params {
+		res += fmt.Sprintf("Param %d:\n %s", i, param)
+	}
+	return res
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_payload_data.go b/server/vendor/github.com/pion/sctp/chunk_payload_data.go
new file mode 100644
index 0000000..a5a0006
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_payload_data.go
@@ -0,0 +1,212 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"time"
+)
+
+/*
+chunkPayloadData represents an SCTP Chunk of type DATA
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|   Type = 0    | Reserved|U|B|E|    Length                     |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                              TSN                              |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|      Stream Identifier S      |   Stream Sequence Number n    |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                  Payload Protocol Identifier                  |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                                                               |
+	|                 User Data (seq n of Stream S)                 |
+	|                                                               |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+An unfragmented user message shall have both the B and E bits set to
+'1'.  Setting both B and E bits to '0' indicates a middle fragment of
+a multi-fragment user message, as summarized in the following table:
+
+	   B E                  Description
+	============================================================
+	|  1 0 | First piece of a fragmented user message          |
+	+----------------------------------------------------------+
+	|  0 0 | Middle piece of a fragmented user message         |
+	+----------------------------------------------------------+
+	|  0 1 | Last piece of a fragmented user message           |
+	+----------------------------------------------------------+
+	|  1 1 | Unfragmented message                              |
+	============================================================
+	|             Table 1: Fragment Description Flags          |
+	============================================================
+*/
+type chunkPayloadData struct {
+	chunkHeader
+
+	unordered         bool
+	beginningFragment bool
+	endingFragment    bool
+	immediateSack     bool
+
+	tsn                  uint32
+	streamIdentifier     uint16
+	streamSequenceNumber uint16
+	payloadType          PayloadProtocolIdentifier
+	userData             []byte
+
+	// Whether this data chunk was acknowledged (received by peer)
+	acked         bool
+	missIndicator uint32
+
+	// Partial-reliability parameters used only by sender
+	since        time.Time
+	nSent        uint32 // number of transmission made for this chunk
+	_abandoned   bool
+	_allInflight bool // valid only with the first fragment
+
+	// Retransmission flag set when T1-RTX timeout occurred and this
+	// chunk is still in the inflight queue
+	retransmit bool
+
+	head *chunkPayloadData // link to the head of the fragment
+}
+
+const (
+	payloadDataEndingFragmentBitmask   = 1
+	payloadDataBeginingFragmentBitmask = 2
+	payloadDataUnorderedBitmask        = 4
+	payloadDataImmediateSACK           = 8
+
+	payloadDataHeaderSize = 12
+)
+
+// PayloadProtocolIdentifier is an enum for DataChannel payload types
+type PayloadProtocolIdentifier uint32
+
+// PayloadProtocolIdentifier enums
+// https://www.iana.org/assignments/sctp-parameters/sctp-parameters.xhtml#sctp-parameters-25
+const (
+	PayloadTypeUnknown           PayloadProtocolIdentifier = 0
+	PayloadTypeWebRTCDCEP        PayloadProtocolIdentifier = 50
+	PayloadTypeWebRTCString      PayloadProtocolIdentifier = 51
+	PayloadTypeWebRTCBinary      PayloadProtocolIdentifier = 53
+	PayloadTypeWebRTCStringEmpty PayloadProtocolIdentifier = 56
+	PayloadTypeWebRTCBinaryEmpty PayloadProtocolIdentifier = 57
+)
+
+// Data chunk errors
+var (
+	ErrChunkPayloadSmall = errors.New("packet is smaller than the header size")
+)
+
+func (p PayloadProtocolIdentifier) String() string {
+	switch p {
+	case PayloadTypeWebRTCDCEP:
+		return "WebRTC DCEP"
+	case PayloadTypeWebRTCString:
+		return "WebRTC String"
+	case PayloadTypeWebRTCBinary:
+		return "WebRTC Binary"
+	case PayloadTypeWebRTCStringEmpty:
+		return "WebRTC String (Empty)"
+	case PayloadTypeWebRTCBinaryEmpty:
+		return "WebRTC Binary (Empty)"
+	default:
+		return fmt.Sprintf("Unknown Payload Protocol Identifier: %d", p)
+	}
+}
+
+func (p *chunkPayloadData) unmarshal(raw []byte) error {
+	if err := p.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	p.immediateSack = p.flags&payloadDataImmediateSACK != 0
+	p.unordered = p.flags&payloadDataUnorderedBitmask != 0
+	p.beginningFragment = p.flags&payloadDataBeginingFragmentBitmask != 0
+	p.endingFragment = p.flags&payloadDataEndingFragmentBitmask != 0
+
+	if len(p.raw) < payloadDataHeaderSize {
+		return ErrChunkPayloadSmall
+	}
+	p.tsn = binary.BigEndian.Uint32(p.raw[0:])
+	p.streamIdentifier = binary.BigEndian.Uint16(p.raw[4:])
+	p.streamSequenceNumber = binary.BigEndian.Uint16(p.raw[6:])
+	p.payloadType = PayloadProtocolIdentifier(binary.BigEndian.Uint32(p.raw[8:]))
+	p.userData = p.raw[payloadDataHeaderSize:]
+
+	return nil
+}
+
+func (p *chunkPayloadData) marshal() ([]byte, error) {
+	payRaw := make([]byte, payloadDataHeaderSize+len(p.userData))
+
+	binary.BigEndian.PutUint32(payRaw[0:], p.tsn)
+	binary.BigEndian.PutUint16(payRaw[4:], p.streamIdentifier)
+	binary.BigEndian.PutUint16(payRaw[6:], p.streamSequenceNumber)
+	binary.BigEndian.PutUint32(payRaw[8:], uint32(p.payloadType))
+	copy(payRaw[payloadDataHeaderSize:], p.userData)
+
+	flags := uint8(0)
+	if p.endingFragment {
+		flags = 1
+	}
+	if p.beginningFragment {
+		flags |= 1 << 1
+	}
+	if p.unordered {
+		flags |= 1 << 2
+	}
+	if p.immediateSack {
+		flags |= 1 << 3
+	}
+
+	p.chunkHeader.flags = flags
+	p.chunkHeader.typ = ctPayloadData
+	p.chunkHeader.raw = payRaw
+	return p.chunkHeader.marshal()
+}
+
+func (p *chunkPayloadData) check() (abort bool, err error) {
+	return false, nil
+}
+
+// String makes chunkPayloadData printable
+func (p *chunkPayloadData) String() string {
+	return fmt.Sprintf("%s\n%d", p.chunkHeader, p.tsn)
+}
+
+func (p *chunkPayloadData) abandoned() bool {
+	if p.head != nil {
+		return p.head._abandoned && p.head._allInflight
+	}
+	return p._abandoned && p._allInflight
+}
+
+func (p *chunkPayloadData) setAbandoned(abandoned bool) {
+	if p.head != nil {
+		p.head._abandoned = abandoned
+		return
+	}
+	p._abandoned = abandoned
+}
+
+func (p *chunkPayloadData) setAllInflight() {
+	if p.endingFragment {
+		if p.head != nil {
+			p.head._allInflight = true
+		} else {
+			p._allInflight = true
+		}
+	}
+}
+
+func (p *chunkPayloadData) isFragmented() bool {
+	return !(p.head == nil && p.beginningFragment && p.endingFragment)
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_reconfig.go b/server/vendor/github.com/pion/sctp/chunk_reconfig.go
new file mode 100644
index 0000000..39cb1fb
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_reconfig.go
@@ -0,0 +1,108 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+// https://tools.ietf.org/html/rfc6525#section-3.1
+// chunkReconfig represents an SCTP Chunk used to reconfigure streams.
+//
+//  0                   1                   2                   3
+//  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// | Type = 130    |  Chunk Flags  |      Chunk Length             |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// \                                                               \
+// /                  Re-configuration Parameter                   /
+// \                                                               \
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// \                                                               \
+// /             Re-configuration Parameter (optional)             /
+// \                                                               \
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+type chunkReconfig struct {
+	chunkHeader
+	paramA param
+	paramB param
+}
+
+// Reconfigure chunk errors
+var (
+	ErrChunkParseParamTypeFailed        = errors.New("failed to parse param type")
+	ErrChunkMarshalParamAReconfigFailed = errors.New("unable to marshal parameter A for reconfig")
+	ErrChunkMarshalParamBReconfigFailed = errors.New("unable to marshal parameter B for reconfig")
+)
+
+func (c *chunkReconfig) unmarshal(raw []byte) error {
+	if err := c.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+	pType, err := parseParamType(c.raw)
+	if err != nil {
+		return fmt.Errorf("%w: %v", ErrChunkParseParamTypeFailed, err) //nolint:errorlint
+	}
+	a, err := buildParam(pType, c.raw)
+	if err != nil {
+		return err
+	}
+	c.paramA = a
+
+	padding := getPadding(a.length())
+	offset := a.length() + padding
+	if len(c.raw) > offset {
+		pType, err := parseParamType(c.raw[offset:])
+		if err != nil {
+			return fmt.Errorf("%w: %v", ErrChunkParseParamTypeFailed, err) //nolint:errorlint
+		}
+		b, err := buildParam(pType, c.raw[offset:])
+		if err != nil {
+			return err
+		}
+		c.paramB = b
+	}
+
+	return nil
+}
+
+func (c *chunkReconfig) marshal() ([]byte, error) {
+	out, err := c.paramA.marshal()
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", ErrChunkMarshalParamAReconfigFailed, err) //nolint:errorlint
+	}
+	if c.paramB != nil {
+		// Pad param A
+		out = padByte(out, getPadding(len(out)))
+
+		outB, err := c.paramB.marshal()
+		if err != nil {
+			return nil, fmt.Errorf("%w: %v", ErrChunkMarshalParamBReconfigFailed, err) //nolint:errorlint
+		}
+
+		out = append(out, outB...)
+	}
+
+	c.typ = ctReconfig
+	c.raw = out
+	return c.chunkHeader.marshal()
+}
+
+func (c *chunkReconfig) check() (abort bool, err error) {
+	// nolint:godox
+	// TODO: check allowed combinations:
+	// https://tools.ietf.org/html/rfc6525#section-3.1
+	return true, nil
+}
+
+// String makes chunkReconfig printable
+func (c *chunkReconfig) String() string {
+	res := fmt.Sprintf("Param A:\n %s", c.paramA)
+	if c.paramB != nil {
+		res += fmt.Sprintf("Param B:\n %s", c.paramB)
+	}
+	return res
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_selective_ack.go b/server/vendor/github.com/pion/sctp/chunk_selective_ack.go
new file mode 100644
index 0000000..0d60b6a
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_selective_ack.go
@@ -0,0 +1,151 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+/*
+chunkSelectiveAck represents an SCTP Chunk of type SACK
+
+This chunk is sent to the peer endpoint to acknowledge received DATA
+chunks and to inform the peer endpoint of gaps in the received
+subsequences of DATA chunks as represented by their TSNs.
+0                   1                   2                   3
+0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|   Type = 3    |Chunk  Flags   |      Chunk Length             |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                      Cumulative TSN Ack                       |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|          Advertised Receiver Window Credit (a_rwnd)           |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+| Number of Gap Ack Blocks = N  |  Number of Duplicate TSNs = X |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|  Gap Ack Block #1 Start       |   Gap Ack Block #1 End        |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+/                                                               /
+\                              ...                              \
+/                                                               /
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|   Gap Ack Block #N Start      |  Gap Ack Block #N End         |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                       Duplicate TSN 1                         |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+/                                                               /
+\                              ...                              \
+/                                                               /
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                       Duplicate TSN X                         |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
+type gapAckBlock struct {
+	start uint16
+	end   uint16
+}
+
+// Selective ack chunk errors
+var (
+	ErrChunkTypeNotSack           = errors.New("ChunkType is not of type SACK")
+	ErrSackSizeNotLargeEnoughInfo = errors.New("SACK Chunk size is not large enough to contain header")
+	ErrSackSizeNotMatchPredicted  = errors.New("SACK Chunk size does not match predicted amount from header values")
+)
+
+// String makes gapAckBlock printable
+func (g gapAckBlock) String() string {
+	return fmt.Sprintf("%d - %d", g.start, g.end)
+}
+
+type chunkSelectiveAck struct {
+	chunkHeader
+	cumulativeTSNAck               uint32
+	advertisedReceiverWindowCredit uint32
+	gapAckBlocks                   []gapAckBlock
+	duplicateTSN                   []uint32
+}
+
+const (
+	selectiveAckHeaderSize = 12
+)
+
+func (s *chunkSelectiveAck) unmarshal(raw []byte) error {
+	if err := s.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if s.typ != ctSack {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotSack, s.typ.String())
+	}
+
+	if len(s.raw) < selectiveAckHeaderSize {
+		return fmt.Errorf("%w: %v remaining, needs %v bytes", ErrSackSizeNotLargeEnoughInfo,
+			len(s.raw), selectiveAckHeaderSize)
+	}
+
+	s.cumulativeTSNAck = binary.BigEndian.Uint32(s.raw[0:])
+	s.advertisedReceiverWindowCredit = binary.BigEndian.Uint32(s.raw[4:])
+	s.gapAckBlocks = make([]gapAckBlock, binary.BigEndian.Uint16(s.raw[8:]))
+	s.duplicateTSN = make([]uint32, binary.BigEndian.Uint16(s.raw[10:]))
+
+	if len(s.raw) != selectiveAckHeaderSize+(4*len(s.gapAckBlocks)+(4*len(s.duplicateTSN))) {
+		return ErrSackSizeNotMatchPredicted
+	}
+
+	offset := selectiveAckHeaderSize
+	for i := range s.gapAckBlocks {
+		s.gapAckBlocks[i].start = binary.BigEndian.Uint16(s.raw[offset:])
+		s.gapAckBlocks[i].end = binary.BigEndian.Uint16(s.raw[offset+2:])
+		offset += 4
+	}
+	for i := range s.duplicateTSN {
+		s.duplicateTSN[i] = binary.BigEndian.Uint32(s.raw[offset:])
+		offset += 4
+	}
+
+	return nil
+}
+
+func (s *chunkSelectiveAck) marshal() ([]byte, error) {
+	sackRaw := make([]byte, selectiveAckHeaderSize+(4*len(s.gapAckBlocks)+(4*len(s.duplicateTSN))))
+	binary.BigEndian.PutUint32(sackRaw[0:], s.cumulativeTSNAck)
+	binary.BigEndian.PutUint32(sackRaw[4:], s.advertisedReceiverWindowCredit)
+	binary.BigEndian.PutUint16(sackRaw[8:], uint16(len(s.gapAckBlocks)))
+	binary.BigEndian.PutUint16(sackRaw[10:], uint16(len(s.duplicateTSN)))
+	offset := selectiveAckHeaderSize
+	for _, g := range s.gapAckBlocks {
+		binary.BigEndian.PutUint16(sackRaw[offset:], g.start)
+		binary.BigEndian.PutUint16(sackRaw[offset+2:], g.end)
+		offset += 4
+	}
+	for _, t := range s.duplicateTSN {
+		binary.BigEndian.PutUint32(sackRaw[offset:], t)
+		offset += 4
+	}
+
+	s.chunkHeader.typ = ctSack
+	s.chunkHeader.raw = sackRaw
+	return s.chunkHeader.marshal()
+}
+
+func (s *chunkSelectiveAck) check() (abort bool, err error) {
+	return false, nil
+}
+
+// String makes chunkSelectiveAck printable
+func (s *chunkSelectiveAck) String() string {
+	res := fmt.Sprintf("SACK cumTsnAck=%d arwnd=%d dupTsn=%d",
+		s.cumulativeTSNAck,
+		s.advertisedReceiverWindowCredit,
+		s.duplicateTSN)
+
+	for _, gap := range s.gapAckBlocks {
+		res = fmt.Sprintf("%s\n gap ack: %s", res, gap)
+	}
+
+	return res
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_shutdown.go b/server/vendor/github.com/pion/sctp/chunk_shutdown.go
new file mode 100644
index 0000000..9cc756c
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_shutdown.go
@@ -0,0 +1,72 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+/*
+chunkShutdown represents an SCTP Chunk of type chunkShutdown
+
+0                   1                   2                   3
+0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|   Type = 7    | Chunk  Flags  |      Length = 8               |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|                      Cumulative TSN Ack                       |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type chunkShutdown struct {
+	chunkHeader
+	cumulativeTSNAck uint32
+}
+
+const (
+	cumulativeTSNAckLength = 4
+)
+
+// Shutdown chunk errors
+var (
+	ErrInvalidChunkSize     = errors.New("invalid chunk size")
+	ErrChunkTypeNotShutdown = errors.New("ChunkType is not of type SHUTDOWN")
+)
+
+func (c *chunkShutdown) unmarshal(raw []byte) error {
+	if err := c.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if c.typ != ctShutdown {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotShutdown, c.typ.String())
+	}
+
+	if len(c.raw) != cumulativeTSNAckLength {
+		return ErrInvalidChunkSize
+	}
+
+	c.cumulativeTSNAck = binary.BigEndian.Uint32(c.raw[0:])
+
+	return nil
+}
+
+func (c *chunkShutdown) marshal() ([]byte, error) {
+	out := make([]byte, cumulativeTSNAckLength)
+	binary.BigEndian.PutUint32(out[0:], c.cumulativeTSNAck)
+
+	c.typ = ctShutdown
+	c.raw = out
+	return c.chunkHeader.marshal()
+}
+
+func (c *chunkShutdown) check() (abort bool, err error) {
+	return false, nil
+}
+
+// String makes chunkShutdown printable
+func (c *chunkShutdown) String() string {
+	return c.chunkHeader.String()
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_shutdown_ack.go b/server/vendor/github.com/pion/sctp/chunk_shutdown_ack.go
new file mode 100644
index 0000000..87f4170
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_shutdown_ack.go
@@ -0,0 +1,53 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+chunkShutdownAck represents an SCTP Chunk of type chunkShutdownAck
+
+0                   1                   2                   3
+0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|   Type = 8    | Chunk  Flags  |      Length = 4               |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type chunkShutdownAck struct {
+	chunkHeader
+}
+
+// Shutdown ack chunk errors
+var (
+	ErrChunkTypeNotShutdownAck = errors.New("ChunkType is not of type SHUTDOWN-ACK")
+)
+
+func (c *chunkShutdownAck) unmarshal(raw []byte) error {
+	if err := c.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if c.typ != ctShutdownAck {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotShutdownAck, c.typ.String())
+	}
+
+	return nil
+}
+
+func (c *chunkShutdownAck) marshal() ([]byte, error) {
+	c.typ = ctShutdownAck
+	return c.chunkHeader.marshal()
+}
+
+func (c *chunkShutdownAck) check() (abort bool, err error) {
+	return false, nil
+}
+
+// String makes chunkShutdownAck printable
+func (c *chunkShutdownAck) String() string {
+	return c.chunkHeader.String()
+}
diff --git a/server/vendor/github.com/pion/sctp/chunk_shutdown_complete.go b/server/vendor/github.com/pion/sctp/chunk_shutdown_complete.go
new file mode 100644
index 0000000..9652f88
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunk_shutdown_complete.go
@@ -0,0 +1,53 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+chunkShutdownComplete represents an SCTP Chunk of type chunkShutdownComplete
+
+0                   1                   2                   3
+0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+|   Type = 14   |Reserved     |T|      Length = 4               |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type chunkShutdownComplete struct {
+	chunkHeader
+}
+
+// Shutdown complete chunk errors
+var (
+	ErrChunkTypeNotShutdownComplete = errors.New("ChunkType is not of type SHUTDOWN-COMPLETE")
+)
+
+func (c *chunkShutdownComplete) unmarshal(raw []byte) error {
+	if err := c.chunkHeader.unmarshal(raw); err != nil {
+		return err
+	}
+
+	if c.typ != ctShutdownComplete {
+		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotShutdownComplete, c.typ.String())
+	}
+
+	return nil
+}
+
+func (c *chunkShutdownComplete) marshal() ([]byte, error) {
+	c.typ = ctShutdownComplete
+	return c.chunkHeader.marshal()
+}
+
+func (c *chunkShutdownComplete) check() (abort bool, err error) {
+	return false, nil
+}
+
+// String makes chunkShutdownComplete printable
+func (c *chunkShutdownComplete) String() string {
+	return c.chunkHeader.String()
+}
diff --git a/server/vendor/github.com/pion/sctp/chunkheader.go b/server/vendor/github.com/pion/sctp/chunkheader.go
new file mode 100644
index 0000000..60b903b
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunkheader.go
@@ -0,0 +1,100 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+/*
+chunkHeader represents a SCTP Chunk header, defined in https://tools.ietf.org/html/rfc4960#section-3.2
+The figure below illustrates the field format for the chunks to be
+transmitted in the SCTP packet.  Each chunk is formatted with a Chunk
+Type field, a chunk-specific Flag field, a Chunk Length field, and a
+Value field.
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|   Chunk Type  | Chunk  Flags  |        Chunk Length           |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                                                               |
+	|                          Chunk Value                          |
+	|                                                               |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type chunkHeader struct {
+	typ   chunkType
+	flags byte
+	raw   []byte
+}
+
+const (
+	chunkHeaderSize = 4
+)
+
+// SCTP chunk header errors
+var (
+	ErrChunkHeaderTooSmall       = errors.New("raw is too small for a SCTP chunk")
+	ErrChunkHeaderNotEnoughSpace = errors.New("not enough data left in SCTP packet to satisfy requested length")
+	ErrChunkHeaderPaddingNonZero = errors.New("chunk padding is non-zero at offset")
+)
+
+func (c *chunkHeader) unmarshal(raw []byte) error {
+	if len(raw) < chunkHeaderSize {
+		return fmt.Errorf("%w: raw only %d bytes, %d is the minimum length", ErrChunkHeaderTooSmall, len(raw), chunkHeaderSize)
+	}
+
+	c.typ = chunkType(raw[0])
+	c.flags = raw[1]
+	length := binary.BigEndian.Uint16(raw[2:])
+
+	// Length includes Chunk header
+	valueLength := int(length - chunkHeaderSize)
+	lengthAfterValue := len(raw) - (chunkHeaderSize + valueLength)
+
+	if lengthAfterValue < 0 {
+		return fmt.Errorf("%w: remain %d req %d ", ErrChunkHeaderNotEnoughSpace, valueLength, len(raw)-chunkHeaderSize)
+	} else if lengthAfterValue < 4 {
+		// https://tools.ietf.org/html/rfc4960#section-3.2
+		// The Chunk Length field does not count any chunk padding.
+		// Chunks (including Type, Length, and Value fields) are padded out
+		// by the sender with all zero bytes to be a multiple of 4 bytes
+		// long.  This padding MUST NOT be more than 3 bytes in total.  The
+		// Chunk Length value does not include terminating padding of the
+		// chunk.  However, it does include padding of any variable-length
+		// parameter except the last parameter in the chunk.  The receiver
+		// MUST ignore the padding.
+		for i := lengthAfterValue; i > 0; i-- {
+			paddingOffset := chunkHeaderSize + valueLength + (i - 1)
+			if raw[paddingOffset] != 0 {
+				return fmt.Errorf("%w: %d ", ErrChunkHeaderPaddingNonZero, paddingOffset)
+			}
+		}
+	}
+
+	c.raw = raw[chunkHeaderSize : chunkHeaderSize+valueLength]
+	return nil
+}
+
+func (c *chunkHeader) marshal() ([]byte, error) {
+	raw := make([]byte, 4+len(c.raw))
+
+	raw[0] = uint8(c.typ)
+	raw[1] = c.flags
+	binary.BigEndian.PutUint16(raw[2:], uint16(len(c.raw)+chunkHeaderSize))
+	copy(raw[4:], c.raw)
+	return raw, nil
+}
+
+func (c *chunkHeader) valueLength() int {
+	return len(c.raw)
+}
+
+// String makes chunkHeader printable
+func (c chunkHeader) String() string {
+	return c.typ.String()
+}
diff --git a/server/vendor/github.com/pion/sctp/chunktype.go b/server/vendor/github.com/pion/sctp/chunktype.go
new file mode 100644
index 0000000..ed7e60c
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/chunktype.go
@@ -0,0 +1,70 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import "fmt"
+
+// chunkType is an enum for SCTP Chunk Type field
+// This field identifies the type of information contained in the
+// Chunk Value field.
+type chunkType uint8
+
+// List of known chunkType enums
+const (
+	ctPayloadData      chunkType = 0
+	ctInit             chunkType = 1
+	ctInitAck          chunkType = 2
+	ctSack             chunkType = 3
+	ctHeartbeat        chunkType = 4
+	ctHeartbeatAck     chunkType = 5
+	ctAbort            chunkType = 6
+	ctShutdown         chunkType = 7
+	ctShutdownAck      chunkType = 8
+	ctError            chunkType = 9
+	ctCookieEcho       chunkType = 10
+	ctCookieAck        chunkType = 11
+	ctCWR              chunkType = 13
+	ctShutdownComplete chunkType = 14
+	ctReconfig         chunkType = 130
+	ctForwardTSN       chunkType = 192
+)
+
+func (c chunkType) String() string {
+	switch c {
+	case ctPayloadData:
+		return "DATA"
+	case ctInit:
+		return "INIT"
+	case ctInitAck:
+		return "INIT-ACK"
+	case ctSack:
+		return "SACK"
+	case ctHeartbeat:
+		return "HEARTBEAT"
+	case ctHeartbeatAck:
+		return "HEARTBEAT-ACK"
+	case ctAbort:
+		return "ABORT"
+	case ctShutdown:
+		return "SHUTDOWN"
+	case ctShutdownAck:
+		return "SHUTDOWN-ACK"
+	case ctError:
+		return "ERROR"
+	case ctCookieEcho:
+		return "COOKIE-ECHO"
+	case ctCookieAck:
+		return "COOKIE-ACK"
+	case ctCWR:
+		return "ECNE" // Explicit Congestion Notification Echo
+	case ctShutdownComplete:
+		return "SHUTDOWN-COMPLETE"
+	case ctReconfig:
+		return "RECONFIG" // Re-configuration
+	case ctForwardTSN:
+		return "FORWARD-TSN"
+	default:
+		return fmt.Sprintf("Unknown ChunkType: %d", c)
+	}
+}
diff --git a/server/vendor/github.com/pion/sctp/codecov.yml b/server/vendor/github.com/pion/sctp/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/sctp/control_queue.go b/server/vendor/github.com/pion/sctp/control_queue.go
new file mode 100644
index 0000000..5c417bf
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/control_queue.go
@@ -0,0 +1,32 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+// control queue
+
+type controlQueue struct {
+	queue []*packet
+}
+
+func newControlQueue() *controlQueue {
+	return &controlQueue{queue: []*packet{}}
+}
+
+func (q *controlQueue) push(c *packet) {
+	q.queue = append(q.queue, c)
+}
+
+func (q *controlQueue) pushAll(packets []*packet) {
+	q.queue = append(q.queue, packets...)
+}
+
+func (q *controlQueue) popAll() []*packet {
+	packets := q.queue
+	q.queue = []*packet{}
+	return packets
+}
+
+func (q *controlQueue) size() int {
+	return len(q.queue)
+}
diff --git a/server/vendor/github.com/pion/sctp/error_cause.go b/server/vendor/github.com/pion/sctp/error_cause.go
new file mode 100644
index 0000000..bb1c7c8
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/error_cause.go
@@ -0,0 +1,101 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+// errorCauseCode is a cause code that appears in either a ERROR or ABORT chunk
+type errorCauseCode uint16
+
+type errorCause interface {
+	unmarshal([]byte) error
+	marshal() ([]byte, error)
+	length() uint16
+	String() string
+
+	errorCauseCode() errorCauseCode
+}
+
+// Error and abort chunk errors
+var (
+	ErrBuildErrorCaseHandle = errors.New("BuildErrorCause does not handle")
+)
+
+// buildErrorCause delegates the building of a error cause from raw bytes to the correct structure
+func buildErrorCause(raw []byte) (errorCause, error) {
+	var e errorCause
+
+	c := errorCauseCode(binary.BigEndian.Uint16(raw[0:]))
+	switch c {
+	case invalidMandatoryParameter:
+		e = &errorCauseInvalidMandatoryParameter{}
+	case unrecognizedChunkType:
+		e = &errorCauseUnrecognizedChunkType{}
+	case protocolViolation:
+		e = &errorCauseProtocolViolation{}
+	case userInitiatedAbort:
+		e = &errorCauseUserInitiatedAbort{}
+	default:
+		return nil, fmt.Errorf("%w: %s", ErrBuildErrorCaseHandle, c.String())
+	}
+
+	if err := e.unmarshal(raw); err != nil {
+		return nil, err
+	}
+
+	return e, nil
+}
+
+const (
+	invalidStreamIdentifier                errorCauseCode = 1
+	missingMandatoryParameter              errorCauseCode = 2
+	staleCookieError                       errorCauseCode = 3
+	outOfResource                          errorCauseCode = 4
+	unresolvableAddress                    errorCauseCode = 5
+	unrecognizedChunkType                  errorCauseCode = 6
+	invalidMandatoryParameter              errorCauseCode = 7
+	unrecognizedParameters                 errorCauseCode = 8
+	noUserData                             errorCauseCode = 9
+	cookieReceivedWhileShuttingDown        errorCauseCode = 10
+	restartOfAnAssociationWithNewAddresses errorCauseCode = 11
+	userInitiatedAbort                     errorCauseCode = 12
+	protocolViolation                      errorCauseCode = 13
+)
+
+func (e errorCauseCode) String() string {
+	switch e {
+	case invalidStreamIdentifier:
+		return "Invalid Stream Identifier"
+	case missingMandatoryParameter:
+		return "Missing Mandatory Parameter"
+	case staleCookieError:
+		return "Stale Cookie Error"
+	case outOfResource:
+		return "Out Of Resource"
+	case unresolvableAddress:
+		return "Unresolvable IP"
+	case unrecognizedChunkType:
+		return "Unrecognized Chunk Type"
+	case invalidMandatoryParameter:
+		return "Invalid Mandatory Parameter"
+	case unrecognizedParameters:
+		return "Unrecognized Parameters"
+	case noUserData:
+		return "No User Data"
+	case cookieReceivedWhileShuttingDown:
+		return "Cookie Received While Shutting Down"
+	case restartOfAnAssociationWithNewAddresses:
+		return "Restart Of An Association With New Addresses"
+	case userInitiatedAbort:
+		return "User Initiated Abort"
+	case protocolViolation:
+		return "Protocol Violation"
+	default:
+		return fmt.Sprintf("Unknown CauseCode: %d", e)
+	}
+}
diff --git a/server/vendor/github.com/pion/sctp/error_cause_header.go b/server/vendor/github.com/pion/sctp/error_cause_header.go
new file mode 100644
index 0000000..98c530f
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/error_cause_header.go
@@ -0,0 +1,57 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+)
+
+// errorCauseHeader represents the shared header that is shared by all error causes
+type errorCauseHeader struct {
+	code errorCauseCode
+	len  uint16
+	raw  []byte
+}
+
+const (
+	errorCauseHeaderLength = 4
+)
+
+// ErrInvalidSCTPChunk is returned when an SCTP chunk is invalid
+var ErrInvalidSCTPChunk = errors.New("invalid SCTP chunk")
+
+func (e *errorCauseHeader) marshal() ([]byte, error) {
+	e.len = uint16(len(e.raw)) + uint16(errorCauseHeaderLength)
+	raw := make([]byte, e.len)
+	binary.BigEndian.PutUint16(raw[0:], uint16(e.code))
+	binary.BigEndian.PutUint16(raw[2:], e.len)
+	copy(raw[errorCauseHeaderLength:], e.raw)
+
+	return raw, nil
+}
+
+func (e *errorCauseHeader) unmarshal(raw []byte) error {
+	e.code = errorCauseCode(binary.BigEndian.Uint16(raw[0:]))
+	e.len = binary.BigEndian.Uint16(raw[2:])
+	if e.len < errorCauseHeaderLength || int(e.len) > len(raw) {
+		return ErrInvalidSCTPChunk
+	}
+	valueLength := e.len - errorCauseHeaderLength
+	e.raw = raw[errorCauseHeaderLength : errorCauseHeaderLength+valueLength]
+	return nil
+}
+
+func (e *errorCauseHeader) length() uint16 {
+	return e.len
+}
+
+func (e *errorCauseHeader) errorCauseCode() errorCauseCode {
+	return e.code
+}
+
+// String makes errorCauseHeader printable
+func (e errorCauseHeader) String() string {
+	return e.code.String()
+}
diff --git a/server/vendor/github.com/pion/sctp/error_cause_invalid_mandatory_parameter.go b/server/vendor/github.com/pion/sctp/error_cause_invalid_mandatory_parameter.go
new file mode 100644
index 0000000..e73774b
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/error_cause_invalid_mandatory_parameter.go
@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+// errorCauseInvalidMandatoryParameter represents an SCTP error cause
+type errorCauseInvalidMandatoryParameter struct {
+	errorCauseHeader
+}
+
+func (e *errorCauseInvalidMandatoryParameter) marshal() ([]byte, error) {
+	return e.errorCauseHeader.marshal()
+}
+
+func (e *errorCauseInvalidMandatoryParameter) unmarshal(raw []byte) error {
+	return e.errorCauseHeader.unmarshal(raw)
+}
+
+// String makes errorCauseInvalidMandatoryParameter printable
+func (e *errorCauseInvalidMandatoryParameter) String() string {
+	return e.errorCauseHeader.String()
+}
diff --git a/server/vendor/github.com/pion/sctp/error_cause_protocol_violation.go b/server/vendor/github.com/pion/sctp/error_cause_protocol_violation.go
new file mode 100644
index 0000000..5861aed
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/error_cause_protocol_violation.go
@@ -0,0 +1,57 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+/*
+This error cause MAY be included in ABORT chunks that are sent
+because an SCTP endpoint detects a protocol violation of the peer
+that is not covered by the error causes described in Section 3.3.10.1
+to Section 3.3.10.12.  An implementation MAY provide additional
+information specifying what kind of protocol violation has been
+detected.
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|         Cause Code=13         |      Cause Length=Variable    |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	/                    Additional Information                     /
+	\                                                               \
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type errorCauseProtocolViolation struct {
+	errorCauseHeader
+	additionalInformation []byte
+}
+
+// Abort chunk errors
+var (
+	ErrProtocolViolationUnmarshal = errors.New("unable to unmarshal Protocol Violation error")
+)
+
+func (e *errorCauseProtocolViolation) marshal() ([]byte, error) {
+	e.raw = e.additionalInformation
+	return e.errorCauseHeader.marshal()
+}
+
+func (e *errorCauseProtocolViolation) unmarshal(raw []byte) error {
+	err := e.errorCauseHeader.unmarshal(raw)
+	if err != nil {
+		return fmt.Errorf("%w: %v", ErrProtocolViolationUnmarshal, err) //nolint:errorlint
+	}
+
+	e.additionalInformation = e.raw
+
+	return nil
+}
+
+// String makes errorCauseProtocolViolation printable
+func (e *errorCauseProtocolViolation) String() string {
+	return fmt.Sprintf("%s: %s", e.errorCauseHeader, e.additionalInformation)
+}
diff --git a/server/vendor/github.com/pion/sctp/error_cause_unrecognized_chunk_type.go b/server/vendor/github.com/pion/sctp/error_cause_unrecognized_chunk_type.go
new file mode 100644
index 0000000..84ea0e1
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/error_cause_unrecognized_chunk_type.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+// errorCauseUnrecognizedChunkType represents an SCTP error cause
+type errorCauseUnrecognizedChunkType struct {
+	errorCauseHeader
+	unrecognizedChunk []byte
+}
+
+func (e *errorCauseUnrecognizedChunkType) marshal() ([]byte, error) {
+	e.code = unrecognizedChunkType
+	e.errorCauseHeader.raw = e.unrecognizedChunk
+	return e.errorCauseHeader.marshal()
+}
+
+func (e *errorCauseUnrecognizedChunkType) unmarshal(raw []byte) error {
+	err := e.errorCauseHeader.unmarshal(raw)
+	if err != nil {
+		return err
+	}
+
+	e.unrecognizedChunk = e.errorCauseHeader.raw
+	return nil
+}
+
+// String makes errorCauseUnrecognizedChunkType printable
+func (e *errorCauseUnrecognizedChunkType) String() string {
+	return e.errorCauseHeader.String()
+}
diff --git a/server/vendor/github.com/pion/sctp/error_cause_user_initiated_abort.go b/server/vendor/github.com/pion/sctp/error_cause_user_initiated_abort.go
new file mode 100644
index 0000000..871460e
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/error_cause_user_initiated_abort.go
@@ -0,0 +1,49 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"fmt"
+)
+
+/*
+This error cause MAY be included in ABORT chunks that are sent
+because of an upper-layer request.  The upper layer can specify an
+Upper Layer Abort Reason that is transported by SCTP transparently
+and MAY be delivered to the upper-layer protocol at the peer.
+
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|         Cause Code=12         |      Cause Length=Variable    |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	/                    Upper Layer Abort Reason                   /
+	\                                                               \
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type errorCauseUserInitiatedAbort struct {
+	errorCauseHeader
+	upperLayerAbortReason []byte
+}
+
+func (e *errorCauseUserInitiatedAbort) marshal() ([]byte, error) {
+	e.code = userInitiatedAbort
+	e.errorCauseHeader.raw = e.upperLayerAbortReason
+	return e.errorCauseHeader.marshal()
+}
+
+func (e *errorCauseUserInitiatedAbort) unmarshal(raw []byte) error {
+	err := e.errorCauseHeader.unmarshal(raw)
+	if err != nil {
+		return err
+	}
+
+	e.upperLayerAbortReason = e.errorCauseHeader.raw
+	return nil
+}
+
+// String makes errorCauseUserInitiatedAbort printable
+func (e *errorCauseUserInitiatedAbort) String() string {
+	return fmt.Sprintf("%s: %s", e.errorCauseHeader.String(), e.upperLayerAbortReason)
+}
diff --git a/server/vendor/github.com/pion/sctp/packet.go b/server/vendor/github.com/pion/sctp/packet.go
new file mode 100644
index 0000000..a2ab8e1
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/packet.go
@@ -0,0 +1,227 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"hash/crc32"
+)
+
+// Create the crc32 table we'll use for the checksum
+var castagnoliTable = crc32.MakeTable(crc32.Castagnoli) // nolint:gochecknoglobals
+
+// Allocate and zero this data once.
+// We need to use it for the checksum and don't want to allocate/clear each time.
+var fourZeroes [4]byte // nolint:gochecknoglobals
+
+/*
+Packet represents an SCTP packet, defined in https://tools.ietf.org/html/rfc4960#section-3
+An SCTP packet is composed of a common header and chunks.  A chunk
+contains either control information or user data.
+
+						SCTP Packet Format
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                        Common Header                          |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                          Chunk #1                             |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                           ...                                 |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                          Chunk #n                             |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+					SCTP Common Header Format
+	 0                   1                   2                   3
+	 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|     Source Value Number      |     Destination Value Number   |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                      Verification Tag                         |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+	|                           Checksum                            |
+	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+type packet struct {
+	sourcePort      uint16
+	destinationPort uint16
+	verificationTag uint32
+	chunks          []chunk
+}
+
+const (
+	packetHeaderSize = 12
+)
+
+// SCTP packet errors
+var (
+	ErrPacketRawTooSmall           = errors.New("raw is smaller than the minimum length for a SCTP packet")
+	ErrParseSCTPChunkNotEnoughData = errors.New("unable to parse SCTP chunk, not enough data for complete header")
+	ErrUnmarshalUnknownChunkType   = errors.New("failed to unmarshal, contains unknown chunk type")
+	ErrChecksumMismatch            = errors.New("checksum mismatch theirs")
+)
+
+func (p *packet) unmarshal(doChecksum bool, raw []byte) error {
+	if len(raw) < packetHeaderSize {
+		return fmt.Errorf("%w: raw only %d bytes, %d is the minimum length", ErrPacketRawTooSmall, len(raw), packetHeaderSize)
+	}
+
+	offset := packetHeaderSize
+
+	// Check if doing CRC32c is required.
+	// Without having SCTP AUTH implemented, this depends only on the type
+	// og the first chunk.
+	if offset+chunkHeaderSize <= len(raw) {
+		switch chunkType(raw[offset]) {
+		case ctInit, ctCookieEcho:
+			doChecksum = true
+		default:
+		}
+	}
+	theirChecksum := binary.LittleEndian.Uint32(raw[8:])
+	if theirChecksum != 0 || doChecksum {
+		ourChecksum := generatePacketChecksum(raw)
+		if theirChecksum != ourChecksum {
+			return fmt.Errorf("%w: %d ours: %d", ErrChecksumMismatch, theirChecksum, ourChecksum)
+		}
+	}
+
+	p.sourcePort = binary.BigEndian.Uint16(raw[0:])
+	p.destinationPort = binary.BigEndian.Uint16(raw[2:])
+	p.verificationTag = binary.BigEndian.Uint32(raw[4:])
+
+	for {
+		// Exact match, no more chunks
+		if offset == len(raw) {
+			break
+		} else if offset+chunkHeaderSize > len(raw) {
+			return fmt.Errorf("%w: offset %d remaining %d", ErrParseSCTPChunkNotEnoughData, offset, len(raw))
+		}
+
+		var c chunk
+		switch chunkType(raw[offset]) {
+		case ctInit:
+			c = &chunkInit{}
+		case ctInitAck:
+			c = &chunkInitAck{}
+		case ctAbort:
+			c = &chunkAbort{}
+		case ctCookieEcho:
+			c = &chunkCookieEcho{}
+		case ctCookieAck:
+			c = &chunkCookieAck{}
+		case ctHeartbeat:
+			c = &chunkHeartbeat{}
+		case ctPayloadData:
+			c = &chunkPayloadData{}
+		case ctSack:
+			c = &chunkSelectiveAck{}
+		case ctReconfig:
+			c = &chunkReconfig{}
+		case ctForwardTSN:
+			c = &chunkForwardTSN{}
+		case ctError:
+			c = &chunkError{}
+		case ctShutdown:
+			c = &chunkShutdown{}
+		case ctShutdownAck:
+			c = &chunkShutdownAck{}
+		case ctShutdownComplete:
+			c = &chunkShutdownComplete{}
+		default:
+			return fmt.Errorf("%w: %s", ErrUnmarshalUnknownChunkType, chunkType(raw[offset]).String())
+		}
+
+		if err := c.unmarshal(raw[offset:]); err != nil {
+			return err
+		}
+
+		p.chunks = append(p.chunks, c)
+		chunkValuePadding := getPadding(c.valueLength())
+		offset += chunkHeaderSize + c.valueLength() + chunkValuePadding
+	}
+
+	return nil
+}
+
+func (p *packet) marshal(doChecksum bool) ([]byte, error) {
+	raw := make([]byte, packetHeaderSize)
+
+	// Populate static headers
+	// 8-12 is Checksum which will be populated when packet is complete
+	binary.BigEndian.PutUint16(raw[0:], p.sourcePort)
+	binary.BigEndian.PutUint16(raw[2:], p.destinationPort)
+	binary.BigEndian.PutUint32(raw[4:], p.verificationTag)
+
+	// Populate chunks
+	for _, c := range p.chunks {
+		chunkRaw, err := c.marshal()
+		if err != nil {
+			return nil, err
+		}
+		raw = append(raw, chunkRaw...)
+
+		paddingNeeded := getPadding(len(raw))
+		if paddingNeeded != 0 {
+			raw = append(raw, make([]byte, paddingNeeded)...)
+		}
+	}
+
+	if doChecksum {
+		// golang CRC32C uses reflected input and reflected output, the
+		// net result of this is to have the bytes flipped compared to
+		// the non reflected variant that the spec expects.
+		//
+		// Use LittleEndian.PutUint32 to avoid flipping the bytes in to
+		// the spec compliant checksum order
+		binary.LittleEndian.PutUint32(raw[8:], generatePacketChecksum(raw))
+	}
+
+	return raw, nil
+}
+
+func generatePacketChecksum(raw []byte) (sum uint32) {
+	// Fastest way to do a crc32 without allocating.
+	sum = crc32.Update(sum, castagnoliTable, raw[0:8])
+	sum = crc32.Update(sum, castagnoliTable, fourZeroes[:])
+	sum = crc32.Update(sum, castagnoliTable, raw[12:])
+	return sum
+}
+
+// String makes packet printable
+func (p *packet) String() string {
+	format := `Packet:
+	sourcePort: %d
+	destinationPort: %d
+	verificationTag: %d
+	`
+	res := fmt.Sprintf(format,
+		p.sourcePort,
+		p.destinationPort,
+		p.verificationTag,
+	)
+	for i, chunk := range p.chunks {
+		res += fmt.Sprintf("Chunk %d:\n %s", i, chunk)
+	}
+	return res
+}
+
+// TryMarshalUnmarshal attempts to marshal and unmarshal a message. Added for fuzzing.
+func TryMarshalUnmarshal(msg []byte) int {
+	p := &packet{}
+	err := p.unmarshal(false, msg)
+	if err != nil {
+		return 0
+	}
+
+	_, err = p.marshal(false)
+	if err != nil {
+		return 0
+	}
+
+	return 1
+}
diff --git a/server/vendor/github.com/pion/sctp/param.go b/server/vendor/github.com/pion/sctp/param.go
new file mode 100644
index 0000000..c28d7a5
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param.go
@@ -0,0 +1,46 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+)
+
+type param interface {
+	marshal() ([]byte, error)
+	length() int
+}
+
+// ErrParamTypeUnhandled is returned if unknown parameter type is specified.
+var ErrParamTypeUnhandled = errors.New("unhandled ParamType")
+
+func buildParam(t paramType, rawParam []byte) (param, error) {
+	switch t {
+	case forwardTSNSupp:
+		return (&paramForwardTSNSupported{}).unmarshal(rawParam)
+	case supportedExt:
+		return (&paramSupportedExtensions{}).unmarshal(rawParam)
+	case ecnCapable:
+		return (&paramECNCapable{}).unmarshal(rawParam)
+	case random:
+		return (&paramRandom{}).unmarshal(rawParam)
+	case reqHMACAlgo:
+		return (&paramRequestedHMACAlgorithm{}).unmarshal(rawParam)
+	case chunkList:
+		return (&paramChunkList{}).unmarshal(rawParam)
+	case stateCookie:
+		return (&paramStateCookie{}).unmarshal(rawParam)
+	case heartbeatInfo:
+		return (&paramHeartbeatInfo{}).unmarshal(rawParam)
+	case outSSNResetReq:
+		return (&paramOutgoingResetRequest{}).unmarshal(rawParam)
+	case reconfigResp:
+		return (&paramReconfigResponse{}).unmarshal(rawParam)
+	case zeroChecksumAcceptable:
+		return (&paramZeroChecksumAcceptable{}).unmarshal(rawParam)
+	default:
+		return nil, fmt.Errorf("%w: %v", ErrParamTypeUnhandled, t)
+	}
+}
diff --git a/server/vendor/github.com/pion/sctp/param_chunk_list.go b/server/vendor/github.com/pion/sctp/param_chunk_list.go
new file mode 100644
index 0000000..fe89052
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_chunk_list.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+type paramChunkList struct {
+	paramHeader
+	chunkTypes []chunkType
+}
+
+func (c *paramChunkList) marshal() ([]byte, error) {
+	c.typ = chunkList
+	c.raw = make([]byte, len(c.chunkTypes))
+	for i, t := range c.chunkTypes {
+		c.raw[i] = byte(t)
+	}
+
+	return c.paramHeader.marshal()
+}
+
+func (c *paramChunkList) unmarshal(raw []byte) (param, error) {
+	err := c.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	for _, t := range c.raw {
+		c.chunkTypes = append(c.chunkTypes, chunkType(t))
+	}
+
+	return c, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_ecn_capable.go b/server/vendor/github.com/pion/sctp/param_ecn_capable.go
new file mode 100644
index 0000000..d6cd0d3
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_ecn_capable.go
@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+type paramECNCapable struct {
+	paramHeader
+}
+
+func (r *paramECNCapable) marshal() ([]byte, error) {
+	r.typ = ecnCapable
+	r.raw = []byte{}
+	return r.paramHeader.marshal()
+}
+
+func (r *paramECNCapable) unmarshal(raw []byte) (param, error) {
+	err := r.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	return r, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_forward_tsn_supported.go b/server/vendor/github.com/pion/sctp/param_forward_tsn_supported.go
new file mode 100644
index 0000000..655a93f
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_forward_tsn_supported.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+// At the initialization of the association, the sender of the INIT or
+// INIT ACK chunk MAY include this OPTIONAL parameter to inform its peer
+// that it is able to support the Forward TSN chunk
+//
+//   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+//  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+//  |    Parameter Type = 49152     |  Parameter Length = 4         |
+//  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+type paramForwardTSNSupported struct {
+	paramHeader
+}
+
+func (f *paramForwardTSNSupported) marshal() ([]byte, error) {
+	f.typ = forwardTSNSupp
+	f.raw = []byte{}
+	return f.paramHeader.marshal()
+}
+
+func (f *paramForwardTSNSupported) unmarshal(raw []byte) (param, error) {
+	err := f.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	return f, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_heartbeat_info.go b/server/vendor/github.com/pion/sctp/param_heartbeat_info.go
new file mode 100644
index 0000000..06f7048
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_heartbeat_info.go
@@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+type paramHeartbeatInfo struct {
+	paramHeader
+	heartbeatInformation []byte
+}
+
+func (h *paramHeartbeatInfo) marshal() ([]byte, error) {
+	h.typ = heartbeatInfo
+	h.raw = h.heartbeatInformation
+	return h.paramHeader.marshal()
+}
+
+func (h *paramHeartbeatInfo) unmarshal(raw []byte) (param, error) {
+	err := h.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	h.heartbeatInformation = h.raw
+	return h, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_outgoing_reset_request.go b/server/vendor/github.com/pion/sctp/param_outgoing_reset_request.go
new file mode 100644
index 0000000..45ee28f
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_outgoing_reset_request.go
@@ -0,0 +1,94 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+)
+
+const (
+	paramOutgoingResetRequestStreamIdentifiersOffset = 12
+)
+
+// This parameter is used by the sender to request the reset of some or
+// all outgoing streams.
+//  0                   1                   2                   3
+//  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |     Parameter Type = 13       | Parameter Length = 16 + 2 * N |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |           Re-configuration Request Sequence Number            |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |           Re-configuration Response Sequence Number           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                Sender's Last Assigned TSN                     |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |  Stream Number 1 (optional)   |    Stream Number 2 (optional) |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// /                            ......                             /
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |  Stream Number N-1 (optional) |    Stream Number N (optional) |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+type paramOutgoingResetRequest struct {
+	paramHeader
+	// reconfigRequestSequenceNumber is used to identify the request.  It is a monotonically
+	// increasing number that is initialized to the same value as the
+	// initial TSN.  It is increased by 1 whenever sending a new Re-
+	// configuration Request Parameter.
+	reconfigRequestSequenceNumber uint32
+	// When this Outgoing SSN Reset Request Parameter is sent in response
+	// to an Incoming SSN Reset Request Parameter, this parameter is also
+	// an implicit response to the incoming request.  This field then
+	// holds the Re-configuration Request Sequence Number of the incoming
+	// request.  In other cases, it holds the next expected
+	// Re-configuration Request Sequence Number minus 1.
+	reconfigResponseSequenceNumber uint32
+	// This value holds the next TSN minus 1 -- in other words, the last
+	// TSN that this sender assigned.
+	senderLastTSN uint32
+	// This optional field, if included, is used to indicate specific
+	// streams that are to be reset.  If no streams are listed, then all
+	// streams are to be reset.
+	streamIdentifiers []uint16
+}
+
+// Outgoing reset request parameter errors
+var (
+	ErrSSNResetRequestParamTooShort = errors.New("outgoing SSN reset request parameter too short")
+)
+
+func (r *paramOutgoingResetRequest) marshal() ([]byte, error) {
+	r.typ = outSSNResetReq
+	r.raw = make([]byte, paramOutgoingResetRequestStreamIdentifiersOffset+2*len(r.streamIdentifiers))
+	binary.BigEndian.PutUint32(r.raw, r.reconfigRequestSequenceNumber)
+	binary.BigEndian.PutUint32(r.raw[4:], r.reconfigResponseSequenceNumber)
+	binary.BigEndian.PutUint32(r.raw[8:], r.senderLastTSN)
+	for i, sID := range r.streamIdentifiers {
+		binary.BigEndian.PutUint16(r.raw[paramOutgoingResetRequestStreamIdentifiersOffset+2*i:], sID)
+	}
+	return r.paramHeader.marshal()
+}
+
+func (r *paramOutgoingResetRequest) unmarshal(raw []byte) (param, error) {
+	err := r.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	if len(r.raw) < paramOutgoingResetRequestStreamIdentifiersOffset {
+		return nil, ErrSSNResetRequestParamTooShort
+	}
+	r.reconfigRequestSequenceNumber = binary.BigEndian.Uint32(r.raw)
+	r.reconfigResponseSequenceNumber = binary.BigEndian.Uint32(r.raw[4:])
+	r.senderLastTSN = binary.BigEndian.Uint32(r.raw[8:])
+
+	lim := (len(r.raw) - paramOutgoingResetRequestStreamIdentifiersOffset) / 2
+	r.streamIdentifiers = make([]uint16, lim)
+	for i := 0; i < lim; i++ {
+		r.streamIdentifiers[i] = binary.BigEndian.Uint16(r.raw[paramOutgoingResetRequestStreamIdentifiersOffset+2*i:])
+	}
+
+	return r, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_random.go b/server/vendor/github.com/pion/sctp/param_random.go
new file mode 100644
index 0000000..4a80aa0
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_random.go
@@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+type paramRandom struct {
+	paramHeader
+	randomData []byte
+}
+
+func (r *paramRandom) marshal() ([]byte, error) {
+	r.typ = random
+	r.raw = r.randomData
+	return r.paramHeader.marshal()
+}
+
+func (r *paramRandom) unmarshal(raw []byte) (param, error) {
+	err := r.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	r.randomData = r.raw
+	return r, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_reconfig_response.go b/server/vendor/github.com/pion/sctp/param_reconfig_response.go
new file mode 100644
index 0000000..e35f16a
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_reconfig_response.go
@@ -0,0 +1,98 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+// This parameter is used by the receiver of a Re-configuration Request
+// Parameter to respond to the request.
+//
+// 0                   1                   2                   3
+// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |     Parameter Type = 16       |      Parameter Length         |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |         Re-configuration Response Sequence Number             |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                            Result                             |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                   Sender's Next TSN (optional)                |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |                  Receiver's Next TSN (optional)               |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+type paramReconfigResponse struct {
+	paramHeader
+	// This value is copied from the request parameter and is used by the
+	// receiver of the Re-configuration Response Parameter to tie the
+	// response to the request.
+	reconfigResponseSequenceNumber uint32
+	// This value describes the result of the processing of the request.
+	result reconfigResult
+}
+
+type reconfigResult uint32
+
+const (
+	reconfigResultSuccessNOP                    reconfigResult = 0
+	reconfigResultSuccessPerformed              reconfigResult = 1
+	reconfigResultDenied                        reconfigResult = 2
+	reconfigResultErrorWrongSSN                 reconfigResult = 3
+	reconfigResultErrorRequestAlreadyInProgress reconfigResult = 4
+	reconfigResultErrorBadSequenceNumber        reconfigResult = 5
+	reconfigResultInProgress                    reconfigResult = 6
+)
+
+// Reconfiguration response errors
+var (
+	ErrReconfigRespParamTooShort = errors.New("reconfig response parameter too short")
+)
+
+func (t reconfigResult) String() string {
+	switch t {
+	case reconfigResultSuccessNOP:
+		return "0: Success - Nothing to do"
+	case reconfigResultSuccessPerformed:
+		return "1: Success - Performed"
+	case reconfigResultDenied:
+		return "2: Denied"
+	case reconfigResultErrorWrongSSN:
+		return "3: Error - Wrong SSN"
+	case reconfigResultErrorRequestAlreadyInProgress:
+		return "4: Error - Request already in progress"
+	case reconfigResultErrorBadSequenceNumber:
+		return "5: Error - Bad Sequence Number"
+	case reconfigResultInProgress:
+		return "6: In progress"
+	default:
+		return fmt.Sprintf("Unknown reconfigResult: %d", t)
+	}
+}
+
+func (r *paramReconfigResponse) marshal() ([]byte, error) {
+	r.typ = reconfigResp
+	r.raw = make([]byte, 8)
+	binary.BigEndian.PutUint32(r.raw, r.reconfigResponseSequenceNumber)
+	binary.BigEndian.PutUint32(r.raw[4:], uint32(r.result))
+
+	return r.paramHeader.marshal()
+}
+
+func (r *paramReconfigResponse) unmarshal(raw []byte) (param, error) {
+	err := r.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	if len(r.raw) < 8 {
+		return nil, ErrReconfigRespParamTooShort
+	}
+	r.reconfigResponseSequenceNumber = binary.BigEndian.Uint32(r.raw)
+	r.result = reconfigResult(binary.BigEndian.Uint32(r.raw[4:]))
+
+	return r, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_requested_hmac_algorithm.go b/server/vendor/github.com/pion/sctp/param_requested_hmac_algorithm.go
new file mode 100644
index 0000000..3e98ea7
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_requested_hmac_algorithm.go
@@ -0,0 +1,84 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+type hmacAlgorithm uint16
+
+const (
+	hmacResv1  hmacAlgorithm = 0
+	hmacSHA128 hmacAlgorithm = 1
+	hmacResv2  hmacAlgorithm = 2
+	hmacSHA256 hmacAlgorithm = 3
+)
+
+// ErrInvalidAlgorithmType is returned if unknown auth algorithm is specified.
+var ErrInvalidAlgorithmType = errors.New("invalid algorithm type")
+
+// ErrInvalidChunkLength is returned if the chunk length is invalid.
+var ErrInvalidChunkLength = errors.New("invalid chunk length")
+
+func (c hmacAlgorithm) String() string {
+	switch c {
+	case hmacResv1:
+		return "HMAC Reserved (0x00)"
+	case hmacSHA128:
+		return "HMAC SHA-128"
+	case hmacResv2:
+		return "HMAC Reserved (0x02)"
+	case hmacSHA256:
+		return "HMAC SHA-256"
+	default:
+		return fmt.Sprintf("Unknown HMAC Algorithm type: %d", c)
+	}
+}
+
+type paramRequestedHMACAlgorithm struct {
+	paramHeader
+	availableAlgorithms []hmacAlgorithm
+}
+
+func (r *paramRequestedHMACAlgorithm) marshal() ([]byte, error) {
+	r.typ = reqHMACAlgo
+	r.raw = make([]byte, len(r.availableAlgorithms)*2)
+	i := 0
+	for _, a := range r.availableAlgorithms {
+		binary.BigEndian.PutUint16(r.raw[i:], uint16(a))
+		i += 2
+	}
+
+	return r.paramHeader.marshal()
+}
+
+func (r *paramRequestedHMACAlgorithm) unmarshal(raw []byte) (param, error) {
+	err := r.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	if len(r.raw)%2 == 1 {
+		return nil, ErrInvalidChunkLength
+	}
+
+	i := 0
+	for i < len(r.raw) {
+		a := hmacAlgorithm(binary.BigEndian.Uint16(r.raw[i:]))
+		switch a {
+		case hmacSHA128:
+			fallthrough
+		case hmacSHA256:
+			r.availableAlgorithms = append(r.availableAlgorithms, a)
+		default:
+			return nil, fmt.Errorf("%w: %v", ErrInvalidAlgorithmType, a)
+		}
+
+		i += 2
+	}
+
+	return r, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_state_cookie.go b/server/vendor/github.com/pion/sctp/param_state_cookie.go
new file mode 100644
index 0000000..dbf8992
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_state_cookie.go
@@ -0,0 +1,49 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"crypto/rand"
+	"fmt"
+)
+
+type paramStateCookie struct {
+	paramHeader
+	cookie []byte
+}
+
+func newRandomStateCookie() (*paramStateCookie, error) {
+	randCookie := make([]byte, 32)
+	_, err := rand.Read(randCookie)
+	// crypto/rand.Read returns n == len(b) if and only if err == nil.
+	if err != nil {
+		return nil, err
+	}
+
+	s := &paramStateCookie{
+		cookie: randCookie,
+	}
+
+	return s, nil
+}
+
+func (s *paramStateCookie) marshal() ([]byte, error) {
+	s.typ = stateCookie
+	s.raw = s.cookie
+	return s.paramHeader.marshal()
+}
+
+func (s *paramStateCookie) unmarshal(raw []byte) (param, error) {
+	err := s.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	s.cookie = s.raw
+	return s, nil
+}
+
+// String makes paramStateCookie printable
+func (s *paramStateCookie) String() string {
+	return fmt.Sprintf("%s: %s", s.paramHeader, s.cookie)
+}
diff --git a/server/vendor/github.com/pion/sctp/param_supported_extensions.go b/server/vendor/github.com/pion/sctp/param_supported_extensions.go
new file mode 100644
index 0000000..0441053
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_supported_extensions.go
@@ -0,0 +1,32 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+type paramSupportedExtensions struct {
+	paramHeader
+	ChunkTypes []chunkType
+}
+
+func (s *paramSupportedExtensions) marshal() ([]byte, error) {
+	s.typ = supportedExt
+	s.raw = make([]byte, len(s.ChunkTypes))
+	for i, c := range s.ChunkTypes {
+		s.raw[i] = byte(c)
+	}
+
+	return s.paramHeader.marshal()
+}
+
+func (s *paramSupportedExtensions) unmarshal(raw []byte) (param, error) {
+	err := s.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, t := range s.raw {
+		s.ChunkTypes = append(s.ChunkTypes, chunkType(t))
+	}
+
+	return s, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/param_zero_checksum.go b/server/vendor/github.com/pion/sctp/param_zero_checksum.go
new file mode 100644
index 0000000..ddf7c5a
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/param_zero_checksum.go
@@ -0,0 +1,56 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+)
+
+//  This parameter is used to inform the receiver that a sender is willing to
+//  accept zero as checksum if some other error detection method is used
+//  instead.
+//
+//  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |   Type = 0x8001 (suggested)   |          Length = 8           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+// |           Error Detection Method Identifier (EDMID)           |
+// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+type paramZeroChecksumAcceptable struct {
+	paramHeader
+	// The Error Detection Method Identifier (EDMID) specifies an alternate
+	// error detection method the sender of this parameter is willing to use for
+	// received packets.
+	edmid uint32
+}
+
+// Zero Checksum parameter error
+var (
+	ErrZeroChecksumParamTooShort = errors.New("zero checksum parameter too short")
+)
+
+const (
+	dtlsErrorDetectionMethod uint32 = 1
+)
+
+func (r *paramZeroChecksumAcceptable) marshal() ([]byte, error) {
+	r.typ = zeroChecksumAcceptable
+	r.raw = make([]byte, 4)
+	binary.BigEndian.PutUint32(r.raw, r.edmid)
+	return r.paramHeader.marshal()
+}
+
+func (r *paramZeroChecksumAcceptable) unmarshal(raw []byte) (param, error) {
+	err := r.paramHeader.unmarshal(raw)
+	if err != nil {
+		return nil, err
+	}
+	if len(r.raw) < 4 {
+		return nil, ErrZeroChecksumParamTooShort
+	}
+	r.edmid = binary.BigEndian.Uint32(r.raw)
+	return r, nil
+}
diff --git a/server/vendor/github.com/pion/sctp/paramheader.go b/server/vendor/github.com/pion/sctp/paramheader.go
new file mode 100644
index 0000000..5b69442
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/paramheader.go
@@ -0,0 +1,101 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"encoding/hex"
+	"errors"
+	"fmt"
+)
+
+type paramHeaderUnrecognizedAction byte
+
+type paramHeader struct {
+	typ                paramType
+	unrecognizedAction paramHeaderUnrecognizedAction
+	len                int
+	raw                []byte
+}
+
+/*
+	 The Parameter Types are encoded such that the highest-order 2 bits specify
+	 the action that is taken if the processing endpoint does not recognize the
+	 Parameter Type.
+
+	 00 - Stop processing this parameter and do not process any further parameters within this chunk.
+
+	 01 - Stop processing this parameter, do not process any further parameters within this chunk, and
+		  report the unrecognized parameter, as described in Section 3.2.2.
+
+	 10 - Skip this parameter and continue processing.
+
+	 11 - Skip this parameter and continue processing, but report the unrecognized
+		  parameter, as described in Section 3.2.2.
+
+	 https://www.rfc-editor.org/rfc/rfc9260.html#section-3.2.1
+*/
+
+const (
+	paramHeaderUnrecognizedActionMask                                        = 0b11000000
+	paramHeaderUnrecognizedActionStop          paramHeaderUnrecognizedAction = 0b00000000
+	paramHeaderUnrecognizedActionStopAndReport paramHeaderUnrecognizedAction = 0b01000000
+	paramHeaderUnrecognizedActionSkip          paramHeaderUnrecognizedAction = 0b10000000
+	paramHeaderUnrecognizedActionSkipAndReport paramHeaderUnrecognizedAction = 0b11000000
+
+	paramHeaderLength = 4
+)
+
+// Parameter header parse errors
+var (
+	ErrParamHeaderTooShort                  = errors.New("param header too short")
+	ErrParamHeaderSelfReportedLengthShorter = errors.New("param self reported length is shorter than header length")
+	ErrParamHeaderSelfReportedLengthLonger  = errors.New("param self reported length is longer than header length")
+	ErrParamHeaderParseFailed               = errors.New("failed to parse param type")
+)
+
+func (p *paramHeader) marshal() ([]byte, error) {
+	paramLengthPlusHeader := paramHeaderLength + len(p.raw)
+
+	rawParam := make([]byte, paramLengthPlusHeader)
+	binary.BigEndian.PutUint16(rawParam[0:], uint16(p.typ))
+	binary.BigEndian.PutUint16(rawParam[2:], uint16(paramLengthPlusHeader))
+	copy(rawParam[paramHeaderLength:], p.raw)
+
+	return rawParam, nil
+}
+
+func (p *paramHeader) unmarshal(raw []byte) error {
+	if len(raw) < paramHeaderLength {
+		return ErrParamHeaderTooShort
+	}
+
+	paramLengthPlusHeader := binary.BigEndian.Uint16(raw[2:])
+	if int(paramLengthPlusHeader) < paramHeaderLength {
+		return fmt.Errorf("%w: param self reported length (%d) shorter than header length (%d)", ErrParamHeaderSelfReportedLengthShorter, int(paramLengthPlusHeader), paramHeaderLength)
+	}
+	if len(raw) < int(paramLengthPlusHeader) {
+		return fmt.Errorf("%w: param length (%d) shorter than its self reported length (%d)", ErrParamHeaderSelfReportedLengthLonger, len(raw), int(paramLengthPlusHeader))
+	}
+
+	typ, err := parseParamType(raw[0:])
+	if err != nil {
+		return fmt.Errorf("%w: %v", ErrParamHeaderParseFailed, err) //nolint:errorlint
+	}
+	p.typ = typ
+	p.unrecognizedAction = paramHeaderUnrecognizedAction(raw[0] & paramHeaderUnrecognizedActionMask)
+	p.raw = raw[paramHeaderLength:paramLengthPlusHeader]
+	p.len = int(paramLengthPlusHeader)
+
+	return nil
+}
+
+func (p *paramHeader) length() int {
+	return p.len
+}
+
+// String makes paramHeader printable
+func (p paramHeader) String() string {
+	return fmt.Sprintf("%s (%d): %s", p.typ, p.len, hex.Dump(p.raw))
+}
diff --git a/server/vendor/github.com/pion/sctp/paramtype.go b/server/vendor/github.com/pion/sctp/paramtype.go
new file mode 100644
index 0000000..de1b3dd
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/paramtype.go
@@ -0,0 +1,119 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+)
+
+// paramType represents a SCTP INIT/INITACK parameter
+type paramType uint16
+
+const (
+	heartbeatInfo          paramType = 1     // Heartbeat Info	[RFC4960]
+	ipV4Addr               paramType = 5     // IPv4 IP	[RFC4960]
+	ipV6Addr               paramType = 6     // IPv6 IP	[RFC4960]
+	stateCookie            paramType = 7     // State Cookie	[RFC4960]
+	unrecognizedParam      paramType = 8     // Unrecognized Parameters	[RFC4960]
+	cookiePreservative     paramType = 9     // Cookie Preservative	[RFC4960]
+	hostNameAddr           paramType = 11    // Host Name IP	[RFC4960]
+	supportedAddrTypes     paramType = 12    // Supported IP Types	[RFC4960]
+	outSSNResetReq         paramType = 13    // Outgoing SSN Reset Request Parameter	[RFC6525]
+	incSSNResetReq         paramType = 14    // Incoming SSN Reset Request Parameter	[RFC6525]
+	ssnTSNResetReq         paramType = 15    // SSN/TSN Reset Request Parameter	[RFC6525]
+	reconfigResp           paramType = 16    // Re-configuration Response Parameter	[RFC6525]
+	addOutStreamsReq       paramType = 17    // Add Outgoing Streams Request Parameter	[RFC6525]
+	addIncStreamsReq       paramType = 18    // Add Incoming Streams Request Parameter	[RFC6525]
+	ecnCapable             paramType = 32768 // ECN Capable (0x8000)	[RFC2960]
+	zeroChecksumAcceptable paramType = 32769 // Zero Checksum Acceptable [draft-ietf-tsvwg-sctp-zero-checksum-00]
+	random                 paramType = 32770 // Random (0x8002)	[RFC4805]
+	chunkList              paramType = 32771 // Chunk List (0x8003)	[RFC4895]
+	reqHMACAlgo            paramType = 32772 // Requested HMAC Algorithm Parameter (0x8004)	[RFC4895]
+	padding                paramType = 32773 // Padding (0x8005)
+	supportedExt           paramType = 32776 // Supported Extensions (0x8008)	[RFC5061]
+	forwardTSNSupp         paramType = 49152 // Forward TSN supported (0xC000)	[RFC3758]
+	addIPAddr              paramType = 49153 // Add IP IP (0xC001)	[RFC5061]
+	delIPAddr              paramType = 49154 // Delete IP IP (0xC002)	[RFC5061]
+	errClauseInd           paramType = 49155 // Error Cause Indication (0xC003)	[RFC5061]
+	setPriAddr             paramType = 49156 // Set Primary IP (0xC004)	[RFC5061]
+	successInd             paramType = 49157 // Success Indication (0xC005)	[RFC5061]
+	adaptLayerInd          paramType = 49158 // Adaptation Layer Indication (0xC006)	[RFC5061]
+)
+
+// Parameter packet errors
+var (
+	ErrParamPacketTooShort = errors.New("packet to short")
+)
+
+func parseParamType(raw []byte) (paramType, error) {
+	if len(raw) < 2 {
+		return paramType(0), ErrParamPacketTooShort
+	}
+	return paramType(binary.BigEndian.Uint16(raw)), nil
+}
+
+func (p paramType) String() string {
+	switch p {
+	case heartbeatInfo:
+		return "Heartbeat Info"
+	case ipV4Addr:
+		return "IPv4 IP"
+	case ipV6Addr:
+		return "IPv6 IP"
+	case stateCookie:
+		return "State Cookie"
+	case unrecognizedParam:
+		return "Unrecognized Parameters"
+	case cookiePreservative:
+		return "Cookie Preservative"
+	case hostNameAddr:
+		return "Host Name IP"
+	case supportedAddrTypes:
+		return "Supported IP Types"
+	case outSSNResetReq:
+		return "Outgoing SSN Reset Request Parameter"
+	case incSSNResetReq:
+		return "Incoming SSN Reset Request Parameter"
+	case ssnTSNResetReq:
+		return "SSN/TSN Reset Request Parameter"
+	case reconfigResp:
+		return "Re-configuration Response Parameter"
+	case addOutStreamsReq:
+		return "Add Outgoing Streams Request Parameter"
+	case addIncStreamsReq:
+		return "Add Incoming Streams Request Parameter"
+	case ecnCapable:
+		return "ECN Capable"
+	case zeroChecksumAcceptable:
+		return "Zero Checksum Acceptable"
+	case random:
+		return "Random"
+	case chunkList:
+		return "Chunk List"
+	case reqHMACAlgo:
+		return "Requested HMAC Algorithm Parameter"
+	case padding:
+		return "Padding"
+	case supportedExt:
+		return "Supported Extensions"
+	case forwardTSNSupp:
+		return "Forward TSN supported"
+	case addIPAddr:
+		return "Add IP IP"
+	case delIPAddr:
+		return "Delete IP IP"
+	case errClauseInd:
+		return "Error Cause Indication"
+	case setPriAddr:
+		return "Set Primary IP"
+	case successInd:
+		return "Success Indication"
+	case adaptLayerInd:
+		return "Adaptation Layer Indication"
+	default:
+		return fmt.Sprintf("Unknown ParamType: %d", p)
+	}
+}
diff --git a/server/vendor/github.com/pion/sctp/payload_queue.go b/server/vendor/github.com/pion/sctp/payload_queue.go
new file mode 100644
index 0000000..92eacec
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/payload_queue.go
@@ -0,0 +1,73 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+type payloadQueue struct {
+	chunks *queue[*chunkPayloadData]
+	nBytes int
+}
+
+func newPayloadQueue() *payloadQueue {
+	return &payloadQueue{chunks: newQueue[*chunkPayloadData](128)}
+}
+
+func (q *payloadQueue) pushNoCheck(p *chunkPayloadData) {
+	q.chunks.PushBack(p)
+	q.nBytes += len(p.userData)
+}
+
+// pop pops only if the oldest chunk's TSN matches the given TSN.
+func (q *payloadQueue) pop(tsn uint32) (*chunkPayloadData, bool) {
+	if q.chunks.Len() > 0 && tsn == q.chunks.Front().tsn {
+		c := q.chunks.PopFront()
+		q.nBytes -= len(c.userData)
+		return c, true
+	}
+
+	return nil, false
+}
+
+// get returns reference to chunkPayloadData with the given TSN value.
+func (q *payloadQueue) get(tsn uint32) (*chunkPayloadData, bool) {
+	length := q.chunks.Len()
+	if length == 0 {
+		return nil, false
+	}
+	head := q.chunks.Front().tsn
+	if tsn < head || int(tsn-head) >= length {
+		return nil, false
+	}
+	return q.chunks.At(int(tsn - head)), true
+}
+
+func (q *payloadQueue) markAsAcked(tsn uint32) int {
+	var nBytesAcked int
+	if c, ok := q.get(tsn); ok {
+		c.acked = true
+		c.retransmit = false
+		nBytesAcked = len(c.userData)
+		q.nBytes -= nBytesAcked
+		c.userData = []byte{}
+	}
+
+	return nBytesAcked
+}
+
+func (q *payloadQueue) markAllToRetrasmit() {
+	for i := 0; i < q.chunks.Len(); i++ {
+		c := q.chunks.At(i)
+		if c.acked || c.abandoned() {
+			continue
+		}
+		c.retransmit = true
+	}
+}
+
+func (q *payloadQueue) getNumBytes() int {
+	return q.nBytes
+}
+
+func (q *payloadQueue) size() int {
+	return q.chunks.Len()
+}
diff --git a/server/vendor/github.com/pion/sctp/pending_queue.go b/server/vendor/github.com/pion/sctp/pending_queue.go
new file mode 100644
index 0000000..6f70fea
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/pending_queue.go
@@ -0,0 +1,142 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+)
+
+// pendingBaseQueue
+
+type pendingBaseQueue struct {
+	queue []*chunkPayloadData
+}
+
+func newPendingBaseQueue() *pendingBaseQueue {
+	return &pendingBaseQueue{queue: []*chunkPayloadData{}}
+}
+
+func (q *pendingBaseQueue) push(c *chunkPayloadData) {
+	q.queue = append(q.queue, c)
+}
+
+func (q *pendingBaseQueue) pop() *chunkPayloadData {
+	if len(q.queue) == 0 {
+		return nil
+	}
+	c := q.queue[0]
+	q.queue = q.queue[1:]
+	return c
+}
+
+func (q *pendingBaseQueue) get(i int) *chunkPayloadData {
+	if len(q.queue) == 0 || i < 0 || i >= len(q.queue) {
+		return nil
+	}
+	return q.queue[i]
+}
+
+func (q *pendingBaseQueue) size() int {
+	return len(q.queue)
+}
+
+// pendingQueue
+
+type pendingQueue struct {
+	unorderedQueue      *pendingBaseQueue
+	orderedQueue        *pendingBaseQueue
+	nBytes              int
+	selected            bool
+	unorderedIsSelected bool
+}
+
+// Pending queue errors
+var (
+	ErrUnexpectedChuckPoppedUnordered = errors.New("unexpected chunk popped (unordered)")
+	ErrUnexpectedChuckPoppedOrdered   = errors.New("unexpected chunk popped (ordered)")
+	ErrUnexpectedQState               = errors.New("unexpected q state (should've been selected)")
+)
+
+func newPendingQueue() *pendingQueue {
+	return &pendingQueue{
+		unorderedQueue: newPendingBaseQueue(),
+		orderedQueue:   newPendingBaseQueue(),
+	}
+}
+
+func (q *pendingQueue) push(c *chunkPayloadData) {
+	if c.unordered {
+		q.unorderedQueue.push(c)
+	} else {
+		q.orderedQueue.push(c)
+	}
+	q.nBytes += len(c.userData)
+}
+
+func (q *pendingQueue) peek() *chunkPayloadData {
+	if q.selected {
+		if q.unorderedIsSelected {
+			return q.unorderedQueue.get(0)
+		}
+		return q.orderedQueue.get(0)
+	}
+
+	if c := q.unorderedQueue.get(0); c != nil {
+		return c
+	}
+	return q.orderedQueue.get(0)
+}
+
+func (q *pendingQueue) pop(c *chunkPayloadData) error {
+	if q.selected {
+		var popped *chunkPayloadData
+		if q.unorderedIsSelected {
+			popped = q.unorderedQueue.pop()
+			if popped != c {
+				return ErrUnexpectedChuckPoppedUnordered
+			}
+		} else {
+			popped = q.orderedQueue.pop()
+			if popped != c {
+				return ErrUnexpectedChuckPoppedOrdered
+			}
+		}
+		if popped.endingFragment {
+			q.selected = false
+		}
+	} else {
+		if !c.beginningFragment {
+			return ErrUnexpectedQState
+		}
+		if c.unordered {
+			popped := q.unorderedQueue.pop()
+			if popped != c {
+				return ErrUnexpectedChuckPoppedUnordered
+			}
+			if !popped.endingFragment {
+				q.selected = true
+				q.unorderedIsSelected = true
+			}
+		} else {
+			popped := q.orderedQueue.pop()
+			if popped != c {
+				return ErrUnexpectedChuckPoppedOrdered
+			}
+			if !popped.endingFragment {
+				q.selected = true
+				q.unorderedIsSelected = false
+			}
+		}
+	}
+	q.nBytes -= len(c.userData)
+	return nil
+}
+
+func (q *pendingQueue) getNumBytes() int {
+	return q.nBytes
+}
+
+func (q *pendingQueue) size() int {
+	return q.unorderedQueue.size() + q.orderedQueue.size()
+}
diff --git a/server/vendor/github.com/pion/sctp/queue.go b/server/vendor/github.com/pion/sctp/queue.go
new file mode 100644
index 0000000..a6945ca
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/queue.go
@@ -0,0 +1,70 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+type queue[T any] struct {
+	buf   []T
+	head  int
+	tail  int
+	count int
+}
+
+const minCap = 16
+
+func newQueue[T any](capacity int) *queue[T] {
+	queueCap := minCap
+	for queueCap < capacity {
+		queueCap <<= 1
+	}
+
+	return &queue[T]{
+		buf: make([]T, queueCap),
+	}
+}
+
+func (q *queue[T]) Len() int {
+	return q.count
+}
+
+func (q *queue[T]) PushBack(ele T) {
+	q.growIfFull()
+	q.buf[q.tail] = ele
+	q.tail = (q.tail + 1) % len(q.buf)
+	q.count++
+}
+
+func (q *queue[T]) PopFront() T {
+	ele := q.buf[q.head]
+	var zeroVal T
+	q.buf[q.head] = zeroVal
+	q.head = (q.head + 1) % len(q.buf)
+	q.count--
+	return ele
+}
+
+func (q *queue[T]) Front() T {
+	return q.buf[q.head]
+}
+
+func (q *queue[T]) At(i int) T {
+	return q.buf[(q.head+i)%(len(q.buf))]
+}
+
+func (q *queue[T]) growIfFull() {
+	if q.count < len(q.buf) {
+		return
+	}
+
+	newBuf := make([]T, q.count<<1)
+	if q.tail > q.head {
+		copy(newBuf, q.buf[q.head:q.tail])
+	} else {
+		n := copy(newBuf, q.buf[q.head:])
+		copy(newBuf[n:], q.buf[:q.tail])
+	}
+
+	q.head = 0
+	q.tail = q.count
+	q.buf = newBuf
+}
diff --git a/server/vendor/github.com/pion/sctp/reassembly_queue.go b/server/vendor/github.com/pion/sctp/reassembly_queue.go
new file mode 100644
index 0000000..e0d527c
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/reassembly_queue.go
@@ -0,0 +1,366 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"io"
+	"sort"
+	"sync/atomic"
+)
+
+func sortChunksByTSN(a []*chunkPayloadData) {
+	sort.Slice(a, func(i, j int) bool {
+		return sna32LT(a[i].tsn, a[j].tsn)
+	})
+}
+
+func sortChunksBySSN(a []*chunkSet) {
+	sort.Slice(a, func(i, j int) bool {
+		return sna16LT(a[i].ssn, a[j].ssn)
+	})
+}
+
+// chunkSet is a set of chunks that share the same SSN
+type chunkSet struct {
+	ssn    uint16 // used only with the ordered chunks
+	ppi    PayloadProtocolIdentifier
+	chunks []*chunkPayloadData
+}
+
+func newChunkSet(ssn uint16, ppi PayloadProtocolIdentifier) *chunkSet {
+	return &chunkSet{
+		ssn:    ssn,
+		ppi:    ppi,
+		chunks: []*chunkPayloadData{},
+	}
+}
+
+func (set *chunkSet) push(chunk *chunkPayloadData) bool {
+	// check if dup
+	for _, c := range set.chunks {
+		if c.tsn == chunk.tsn {
+			return false
+		}
+	}
+
+	// append and sort
+	set.chunks = append(set.chunks, chunk)
+	sortChunksByTSN(set.chunks)
+
+	// Check if we now have a complete set
+	complete := set.isComplete()
+	return complete
+}
+
+func (set *chunkSet) isComplete() bool {
+	// Condition for complete set
+	//   0. Has at least one chunk.
+	//   1. Begins with beginningFragment set to true
+	//   2. Ends with endingFragment set to true
+	//   3. TSN monotinically increase by 1 from beginning to end
+
+	// 0.
+	nChunks := len(set.chunks)
+	if nChunks == 0 {
+		return false
+	}
+
+	// 1.
+	if !set.chunks[0].beginningFragment {
+		return false
+	}
+
+	// 2.
+	if !set.chunks[nChunks-1].endingFragment {
+		return false
+	}
+
+	// 3.
+	var lastTSN uint32
+	for i, c := range set.chunks {
+		if i > 0 {
+			// Fragments must have contiguous TSN
+			// From RFC 4960 Section 3.3.1:
+			//   When a user message is fragmented into multiple chunks, the TSNs are
+			//   used by the receiver to reassemble the message.  This means that the
+			//   TSNs for each fragment of a fragmented user message MUST be strictly
+			//   sequential.
+			if c.tsn != lastTSN+1 {
+				// mid or end fragment is missing
+				return false
+			}
+		}
+
+		lastTSN = c.tsn
+	}
+
+	return true
+}
+
+type reassemblyQueue struct {
+	si              uint16
+	nextSSN         uint16 // expected SSN for next ordered chunk
+	ordered         []*chunkSet
+	unordered       []*chunkSet
+	unorderedChunks []*chunkPayloadData
+	nBytes          uint64
+}
+
+var errTryAgain = errors.New("try again")
+
+func newReassemblyQueue(si uint16) *reassemblyQueue {
+	// From RFC 4960 Sec 6.5:
+	//   The Stream Sequence Number in all the streams MUST start from 0 when
+	//   the association is established.  Also, when the Stream Sequence
+	//   Number reaches the value 65535 the next Stream Sequence Number MUST
+	//   be set to 0.
+	return &reassemblyQueue{
+		si:        si,
+		nextSSN:   0, // From RFC 4960 Sec 6.5:
+		ordered:   make([]*chunkSet, 0),
+		unordered: make([]*chunkSet, 0),
+	}
+}
+
+func (r *reassemblyQueue) push(chunk *chunkPayloadData) bool {
+	var cset *chunkSet
+
+	if chunk.streamIdentifier != r.si {
+		return false
+	}
+
+	if chunk.unordered {
+		// First, insert into unorderedChunks array
+		r.unorderedChunks = append(r.unorderedChunks, chunk)
+		atomic.AddUint64(&r.nBytes, uint64(len(chunk.userData)))
+		sortChunksByTSN(r.unorderedChunks)
+
+		// Scan unorderedChunks that are contiguous (in TSN)
+		cset = r.findCompleteUnorderedChunkSet()
+
+		// If found, append the complete set to the unordered array
+		if cset != nil {
+			r.unordered = append(r.unordered, cset)
+			return true
+		}
+
+		return false
+	}
+
+	// This is an ordered chunk
+
+	if sna16LT(chunk.streamSequenceNumber, r.nextSSN) {
+		return false
+	}
+
+	// Check if a fragmented chunkSet with the fragmented SSN already exists
+	if chunk.isFragmented() {
+		for _, set := range r.ordered {
+			// nolint:godox
+			// TODO: add caution around SSN wrapping here... this helps only a little bit
+			// by ensuring we don't add to an unfragmented cset (1 chunk). There's
+			// a case where if the SSN does wrap around, we may see the same SSN
+			// for a different chunk.
+
+			// nolint:godox
+			// TODO: this slice can get pretty big; it may be worth maintaining a map
+			// for O(1) lookups at the cost of 2x memory.
+			if set.ssn == chunk.streamSequenceNumber && set.chunks[0].isFragmented() {
+				cset = set
+				break
+			}
+		}
+	}
+
+	// If not found, create a new chunkSet
+	if cset == nil {
+		cset = newChunkSet(chunk.streamSequenceNumber, chunk.payloadType)
+		r.ordered = append(r.ordered, cset)
+		if !chunk.unordered {
+			sortChunksBySSN(r.ordered)
+		}
+	}
+
+	atomic.AddUint64(&r.nBytes, uint64(len(chunk.userData)))
+
+	return cset.push(chunk)
+}
+
+func (r *reassemblyQueue) findCompleteUnorderedChunkSet() *chunkSet {
+	startIdx := -1
+	nChunks := 0
+	var lastTSN uint32
+	var found bool
+
+	for i, c := range r.unorderedChunks {
+		// seek beigining
+		if c.beginningFragment {
+			startIdx = i
+			nChunks = 1
+			lastTSN = c.tsn
+
+			if c.endingFragment {
+				found = true
+				break
+			}
+			continue
+		}
+
+		if startIdx < 0 {
+			continue
+		}
+
+		// Check if contiguous in TSN
+		if c.tsn != lastTSN+1 {
+			startIdx = -1
+			continue
+		}
+
+		lastTSN = c.tsn
+		nChunks++
+
+		if c.endingFragment {
+			found = true
+			break
+		}
+	}
+
+	if !found {
+		return nil
+	}
+
+	// Extract the range of chunks
+	var chunks []*chunkPayloadData
+	chunks = append(chunks, r.unorderedChunks[startIdx:startIdx+nChunks]...)
+
+	r.unorderedChunks = append(
+		r.unorderedChunks[:startIdx],
+		r.unorderedChunks[startIdx+nChunks:]...)
+
+	chunkSet := newChunkSet(0, chunks[0].payloadType)
+	chunkSet.chunks = chunks
+
+	return chunkSet
+}
+
+func (r *reassemblyQueue) isReadable() bool {
+	// Check unordered first
+	if len(r.unordered) > 0 {
+		// The chunk sets in r.unordered should all be complete.
+		return true
+	}
+
+	// Check ordered sets
+	if len(r.ordered) > 0 {
+		cset := r.ordered[0]
+		if cset.isComplete() {
+			if sna16LTE(cset.ssn, r.nextSSN) {
+				return true
+			}
+		}
+	}
+	return false
+}
+
+func (r *reassemblyQueue) read(buf []byte) (int, PayloadProtocolIdentifier, error) {
+	var cset *chunkSet
+	// Check unordered first
+	switch {
+	case len(r.unordered) > 0:
+		cset = r.unordered[0]
+		r.unordered = r.unordered[1:]
+	case len(r.ordered) > 0:
+		// Now, check ordered
+		cset = r.ordered[0]
+		if !cset.isComplete() {
+			return 0, 0, errTryAgain
+		}
+		if sna16GT(cset.ssn, r.nextSSN) {
+			return 0, 0, errTryAgain
+		}
+		r.ordered = r.ordered[1:]
+		if cset.ssn == r.nextSSN {
+			r.nextSSN++
+		}
+	default:
+		return 0, 0, errTryAgain
+	}
+
+	// Concat all fragments into the buffer
+	nWritten := 0
+	ppi := cset.ppi
+	var err error
+	for _, c := range cset.chunks {
+		toCopy := len(c.userData)
+		r.subtractNumBytes(toCopy)
+		if err == nil {
+			n := copy(buf[nWritten:], c.userData)
+			nWritten += n
+			if n < toCopy {
+				err = io.ErrShortBuffer
+			}
+		}
+	}
+
+	return nWritten, ppi, err
+}
+
+func (r *reassemblyQueue) forwardTSNForOrdered(lastSSN uint16) {
+	// Use lastSSN to locate a chunkSet then remove it if the set has
+	// not been complete
+	keep := []*chunkSet{}
+	for _, set := range r.ordered {
+		if sna16LTE(set.ssn, lastSSN) {
+			if !set.isComplete() {
+				// drop the set
+				for _, c := range set.chunks {
+					r.subtractNumBytes(len(c.userData))
+				}
+				continue
+			}
+		}
+		keep = append(keep, set)
+	}
+	r.ordered = keep
+
+	// Finally, forward nextSSN
+	if sna16LTE(r.nextSSN, lastSSN) {
+		r.nextSSN = lastSSN + 1
+	}
+}
+
+func (r *reassemblyQueue) forwardTSNForUnordered(newCumulativeTSN uint32) {
+	// Remove all fragments in the unordered sets that contains chunks
+	// equal to or older than `newCumulativeTSN`.
+	// We know all sets in the r.unordered are complete ones.
+	// Just remove chunks that are equal to or older than newCumulativeTSN
+	// from the unorderedChunks
+	lastIdx := -1
+	for i, c := range r.unorderedChunks {
+		if sna32GT(c.tsn, newCumulativeTSN) {
+			break
+		}
+		lastIdx = i
+	}
+	if lastIdx >= 0 {
+		for _, c := range r.unorderedChunks[0 : lastIdx+1] {
+			r.subtractNumBytes(len(c.userData))
+		}
+		r.unorderedChunks = r.unorderedChunks[lastIdx+1:]
+	}
+}
+
+func (r *reassemblyQueue) subtractNumBytes(nBytes int) {
+	cur := atomic.LoadUint64(&r.nBytes)
+	if int(cur) >= nBytes {
+		atomic.AddUint64(&r.nBytes, -uint64(nBytes))
+	} else {
+		atomic.StoreUint64(&r.nBytes, 0)
+	}
+}
+
+func (r *reassemblyQueue) getNumBytes() int {
+	return int(atomic.LoadUint64(&r.nBytes))
+}
diff --git a/server/vendor/github.com/pion/sctp/receive_payload_queue.go b/server/vendor/github.com/pion/sctp/receive_payload_queue.go
new file mode 100644
index 0000000..2a4f2bb
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/receive_payload_queue.go
@@ -0,0 +1,186 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"fmt"
+	"math/bits"
+)
+
+type receivePayloadQueue struct {
+	tailTSN      uint32
+	chunkSize    int
+	tsnBitmask   []uint64
+	dupTSN       []uint32
+	maxTSNOffset uint32
+
+	cumulativeTSN uint32
+}
+
+func newReceivePayloadQueue(maxTSNOffset uint32) *receivePayloadQueue {
+	maxTSNOffset = ((maxTSNOffset + 63) / 64) * 64
+	return &receivePayloadQueue{
+		tsnBitmask:   make([]uint64, maxTSNOffset/64),
+		maxTSNOffset: maxTSNOffset,
+	}
+}
+
+func (q *receivePayloadQueue) init(cumulativeTSN uint32) {
+	q.cumulativeTSN = cumulativeTSN
+	q.tailTSN = cumulativeTSN
+	q.chunkSize = 0
+	for i := range q.tsnBitmask {
+		q.tsnBitmask[i] = 0
+	}
+	q.dupTSN = q.dupTSN[:0]
+}
+
+func (q *receivePayloadQueue) hasChunk(tsn uint32) bool {
+	if q.chunkSize == 0 || sna32LTE(tsn, q.cumulativeTSN) || sna32GT(tsn, q.tailTSN) {
+		return false
+	}
+
+	index, offset := int(tsn/64)%len(q.tsnBitmask), tsn%64
+	return q.tsnBitmask[index]&(1<<offset) != 0
+}
+
+func (q *receivePayloadQueue) canPush(tsn uint32) bool {
+	ok := q.hasChunk(tsn)
+	if ok || sna32LTE(tsn, q.cumulativeTSN) || sna32GT(tsn, q.cumulativeTSN+q.maxTSNOffset) {
+		return false
+	}
+	return true
+}
+
+// push pushes a payload data. If the payload data is already in our queue or
+// older than our cumulativeTSN marker, it will be recored as duplications,
+// which can later be retrieved using popDuplicates.
+func (q *receivePayloadQueue) push(tsn uint32) bool {
+	if sna32GT(tsn, q.cumulativeTSN+q.maxTSNOffset) {
+		return false
+	}
+
+	if sna32LTE(tsn, q.cumulativeTSN) || q.hasChunk(tsn) {
+		// Found the packet, log in dups
+		q.dupTSN = append(q.dupTSN, tsn)
+		return false
+	}
+
+	index, offset := int(tsn/64)%len(q.tsnBitmask), tsn%64
+	q.tsnBitmask[index] |= (1 << offset)
+	q.chunkSize++
+	if sna32GT(tsn, q.tailTSN) {
+		q.tailTSN = tsn
+	}
+	return true
+}
+
+// pop advances cumulativeTSN and pops the oldest chunk's TSN if it matches the given TSN or force is true.
+func (q *receivePayloadQueue) pop(force bool) bool {
+	tsn := q.cumulativeTSN + 1
+	if q.hasChunk(tsn) {
+		index, offset := int(tsn/64)%len(q.tsnBitmask), int(tsn%64)
+		q.tsnBitmask[index] &= ^uint64(1 << (offset))
+		q.chunkSize--
+		q.cumulativeTSN++
+		return true
+	}
+	if force {
+		q.cumulativeTSN++
+		if q.chunkSize == 0 {
+			q.tailTSN = q.cumulativeTSN
+		}
+	}
+	return false
+}
+
+// popDuplicates returns an array of TSN values that were found duplicate.
+func (q *receivePayloadQueue) popDuplicates() []uint32 {
+	dups := q.dupTSN
+	q.dupTSN = []uint32{}
+	return dups
+}
+
+func (q *receivePayloadQueue) getGapAckBlocks() (gapAckBlocks []gapAckBlock) {
+	var b gapAckBlock
+
+	if q.chunkSize == 0 {
+		return nil
+	}
+
+	startTSN, endTSN := q.cumulativeTSN+1, q.tailTSN
+	var findEnd bool
+	for tsn := startTSN; sna32LTE(tsn, endTSN); {
+		index, offset := int(tsn/64)%len(q.tsnBitmask), int(tsn%64)
+		if !findEnd {
+			// find first received tsn as start
+			if nonZeroBit, ok := getFirstNonZeroBit(q.tsnBitmask[index], offset, 64); ok {
+				b.start = uint16(tsn + uint32(nonZeroBit-offset) - q.cumulativeTSN)
+				tsn += uint32(nonZeroBit - offset)
+				findEnd = true
+			} else {
+				// no result, find start bits in next uint64 bitmask
+				tsn += uint32(64 - offset)
+			}
+		} else {
+			if zeroBit, ok := getFirstZeroBit(q.tsnBitmask[index], offset, 64); ok {
+				b.end = uint16(tsn + uint32(zeroBit-offset) - 1 - q.cumulativeTSN)
+				tsn += uint32(zeroBit - offset)
+				if sna32LTE(tsn, endTSN) {
+					gapAckBlocks = append(gapAckBlocks, gapAckBlock{
+						start: b.start,
+						end:   b.end,
+					})
+				}
+				findEnd = false
+			} else {
+				tsn += uint32(64 - offset)
+			}
+
+			// no zero bit at the end, close and append the last gap
+			if sna32GT(tsn, endTSN) {
+				b.end = uint16(endTSN - q.cumulativeTSN)
+				gapAckBlocks = append(gapAckBlocks, gapAckBlock{
+					start: b.start,
+					end:   b.end,
+				})
+				break
+			}
+		}
+	}
+	return gapAckBlocks
+}
+
+func (q *receivePayloadQueue) getGapAckBlocksString() string {
+	gapAckBlocks := q.getGapAckBlocks()
+	str := fmt.Sprintf("cumTSN=%d", q.cumulativeTSN)
+	for _, b := range gapAckBlocks {
+		str += fmt.Sprintf(",%d-%d", b.start, b.end)
+	}
+	return str
+}
+
+func (q *receivePayloadQueue) getLastTSNReceived() (uint32, bool) {
+	if q.chunkSize == 0 {
+		return 0, false
+	}
+	return q.tailTSN, true
+}
+
+func (q *receivePayloadQueue) getcumulativeTSN() uint32 {
+	return q.cumulativeTSN
+}
+
+func (q *receivePayloadQueue) size() int {
+	return q.chunkSize
+}
+
+func getFirstNonZeroBit(val uint64, start, end int) (int, bool) {
+	i := bits.TrailingZeros64(val >> uint64(start))
+	return i + start, i+start < end
+}
+
+func getFirstZeroBit(val uint64, start, end int) (int, bool) {
+	return getFirstNonZeroBit(^val, start, end)
+}
diff --git a/server/vendor/github.com/pion/sctp/renovate.json b/server/vendor/github.com/pion/sctp/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/sctp/rtx_timer.go b/server/vendor/github.com/pion/sctp/rtx_timer.go
new file mode 100644
index 0000000..1fea393
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/rtx_timer.go
@@ -0,0 +1,250 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"math"
+	"sync"
+	"time"
+)
+
+const (
+	// RTO.Initial in msec
+	rtoInitial float64 = 1.0 * 1000
+
+	// RTO.Min in msec
+	rtoMin float64 = 1.0 * 1000
+
+	// RTO.Max in msec
+	defaultRTOMax float64 = 60.0 * 1000
+
+	// RTO.Alpha
+	rtoAlpha float64 = 0.125
+
+	// RTO.Beta
+	rtoBeta float64 = 0.25
+
+	// Max.Init.Retransmits:
+	maxInitRetrans uint = 8
+
+	// Path.Max.Retrans
+	pathMaxRetrans uint = 5
+
+	noMaxRetrans uint = 0
+)
+
+// rtoManager manages Rtx timeout values.
+// This is an implementation of RFC 4960 sec 6.3.1.
+type rtoManager struct {
+	srtt     float64
+	rttvar   float64
+	rto      float64
+	noUpdate bool
+	mutex    sync.RWMutex
+	rtoMax   float64
+}
+
+// newRTOManager creates a new rtoManager.
+func newRTOManager(rtoMax float64) *rtoManager {
+	mgr := rtoManager{
+		rto:    rtoInitial,
+		rtoMax: rtoMax,
+	}
+	if mgr.rtoMax == 0 {
+		mgr.rtoMax = defaultRTOMax
+	}
+	return &mgr
+}
+
+// setNewRTT takes a newly measured RTT then adjust the RTO in msec.
+func (m *rtoManager) setNewRTT(rtt float64) float64 {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+
+	if m.noUpdate {
+		return m.srtt
+	}
+
+	if m.srtt == 0 {
+		// First measurement
+		m.srtt = rtt
+		m.rttvar = rtt / 2
+	} else {
+		// Subsequent rtt measurement
+		m.rttvar = (1-rtoBeta)*m.rttvar + rtoBeta*(math.Abs(m.srtt-rtt))
+		m.srtt = (1-rtoAlpha)*m.srtt + rtoAlpha*rtt
+	}
+	m.rto = math.Min(math.Max(m.srtt+4*m.rttvar, rtoMin), m.rtoMax)
+	return m.srtt
+}
+
+// getRTO simply returns the current RTO in msec.
+func (m *rtoManager) getRTO() float64 {
+	m.mutex.RLock()
+	defer m.mutex.RUnlock()
+
+	return m.rto
+}
+
+// reset resets the RTO variables to the initial values.
+func (m *rtoManager) reset() {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+
+	if m.noUpdate {
+		return
+	}
+
+	m.srtt = 0
+	m.rttvar = 0
+	m.rto = rtoInitial
+}
+
+// set RTO value for testing
+func (m *rtoManager) setRTO(rto float64, noUpdate bool) {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+
+	m.rto = rto
+	m.noUpdate = noUpdate
+}
+
+// rtxTimerObserver is the inteface to a timer observer.
+// NOTE: Observers MUST NOT call start() or stop() method on rtxTimer
+// from within these callbacks.
+type rtxTimerObserver interface {
+	onRetransmissionTimeout(timerID int, n uint)
+	onRetransmissionFailure(timerID int)
+}
+
+type rtxTimerState uint8
+
+const (
+	rtxTimerStopped rtxTimerState = iota
+	rtxTimerStarted
+	rtxTimerClosed
+)
+
+// rtxTimer provides the retnransmission timer conforms with RFC 4960 Sec 6.3.1
+type rtxTimer struct {
+	timer      *time.Timer
+	observer   rtxTimerObserver
+	id         int
+	maxRetrans uint
+	rtoMax     float64
+	mutex      sync.Mutex
+	rto        float64
+	nRtos      uint
+	state      rtxTimerState
+	pending    uint8
+}
+
+// newRTXTimer creates a new retransmission timer.
+// if maxRetrans is set to 0, it will keep retransmitting until stop() is called.
+// (it will never make onRetransmissionFailure() callback.
+func newRTXTimer(id int, observer rtxTimerObserver, maxRetrans uint,
+	rtoMax float64,
+) *rtxTimer {
+	timer := rtxTimer{
+		id:         id,
+		observer:   observer,
+		maxRetrans: maxRetrans,
+		rtoMax:     rtoMax,
+	}
+	if timer.rtoMax == 0 {
+		timer.rtoMax = defaultRTOMax
+	}
+	timer.timer = time.AfterFunc(math.MaxInt64, timer.timeout)
+	timer.timer.Stop()
+	return &timer
+}
+
+func (t *rtxTimer) calculateNextTimeout() time.Duration {
+	timeout := calculateNextTimeout(t.rto, t.nRtos, t.rtoMax)
+	return time.Duration(timeout) * time.Millisecond
+}
+
+func (t *rtxTimer) timeout() {
+	t.mutex.Lock()
+	if t.pending--; t.pending == 0 && t.state == rtxTimerStarted {
+		if t.nRtos++; t.maxRetrans == 0 || t.nRtos <= t.maxRetrans {
+			t.timer.Reset(t.calculateNextTimeout())
+			t.pending++
+			defer t.observer.onRetransmissionTimeout(t.id, t.nRtos)
+		} else {
+			t.state = rtxTimerStopped
+			defer t.observer.onRetransmissionFailure(t.id)
+		}
+	}
+	t.mutex.Unlock()
+}
+
+// start starts the timer.
+func (t *rtxTimer) start(rto float64) bool {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	// this timer is already closed or aleady running
+	if t.state != rtxTimerStopped {
+		return false
+	}
+
+	// Note: rto value is intentionally not capped by RTO.Min to allow
+	// fast timeout for the tests. Non-test code should pass in the
+	// rto generated by rtoManager getRTO() method which caps the
+	// value at RTO.Min or at RTO.Max.
+	t.rto = rto
+	t.nRtos = 0
+	t.state = rtxTimerStarted
+	t.pending++
+	t.timer.Reset(t.calculateNextTimeout())
+	return true
+}
+
+// stop stops the timer.
+func (t *rtxTimer) stop() {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	if t.state == rtxTimerStarted {
+		if t.timer.Stop() {
+			t.pending--
+		}
+		t.state = rtxTimerStopped
+	}
+}
+
+// closes the timer. this is similar to stop() but subsequent start() call
+// will fail (the timer is no longer usable)
+func (t *rtxTimer) close() {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	if t.state == rtxTimerStarted && t.timer.Stop() {
+		t.pending--
+	}
+	t.state = rtxTimerClosed
+}
+
+// isRunning tests if the timer is running.
+// Debug purpose only
+func (t *rtxTimer) isRunning() bool {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	return t.state == rtxTimerStarted
+}
+
+func calculateNextTimeout(rto float64, nRtos uint, rtoMax float64) float64 {
+	// RFC 4096 sec 6.3.3.  Handle T3-rtx Expiration
+	//   E2)  For the destination address for which the timer expires, set RTO
+	//        <- RTO * 2 ("back off the timer").  The maximum value discussed
+	//        in rule C7 above (RTO.max) may be used to provide an upper bound
+	//        to this doubling operation.
+	if nRtos < 31 {
+		m := 1 << nRtos
+		return math.Min(rto*float64(m), rtoMax)
+	}
+	return rtoMax
+}
diff --git a/server/vendor/github.com/pion/sctp/sctp.go b/server/vendor/github.com/pion/sctp/sctp.go
new file mode 100644
index 0000000..2bf74fb
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/sctp.go
@@ -0,0 +1,5 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package sctp implements the SCTP spec
+package sctp
diff --git a/server/vendor/github.com/pion/sctp/stream.go b/server/vendor/github.com/pion/sctp/stream.go
new file mode 100644
index 0000000..47e06f3
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/stream.go
@@ -0,0 +1,471 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+const (
+	// ReliabilityTypeReliable is used for reliable transmission
+	ReliabilityTypeReliable byte = 0
+	// ReliabilityTypeRexmit is used for partial reliability by retransmission count
+	ReliabilityTypeRexmit byte = 1
+	// ReliabilityTypeTimed is used for partial reliability by retransmission duration
+	ReliabilityTypeTimed byte = 2
+)
+
+// StreamState is an enum for SCTP Stream state field
+// This field identifies the state of stream.
+type StreamState int
+
+// StreamState enums
+const (
+	StreamStateOpen    StreamState = iota // Stream object starts with StreamStateOpen
+	StreamStateClosing                    // Outgoing stream is being reset
+	StreamStateClosed                     // Stream has been closed
+)
+
+func (ss StreamState) String() string {
+	switch ss {
+	case StreamStateOpen:
+		return "open"
+	case StreamStateClosing:
+		return "closing"
+	case StreamStateClosed:
+		return "closed"
+	}
+	return "unknown"
+}
+
+// SCTP stream errors
+var (
+	ErrOutboundPacketTooLarge = errors.New("outbound packet larger than maximum message size")
+	ErrStreamClosed           = errors.New("stream closed")
+	ErrReadDeadlineExceeded   = fmt.Errorf("read deadline exceeded: %w", os.ErrDeadlineExceeded)
+)
+
+// Stream represents an SCTP stream
+type Stream struct {
+	association         *Association
+	lock                sync.RWMutex
+	streamIdentifier    uint16
+	defaultPayloadType  PayloadProtocolIdentifier
+	reassemblyQueue     *reassemblyQueue
+	sequenceNumber      uint16
+	readNotifier        *sync.Cond
+	readErr             error
+	readTimeoutCancel   chan struct{}
+	unordered           bool
+	reliabilityType     byte
+	reliabilityValue    uint32
+	bufferedAmount      uint64
+	bufferedAmountLow   uint64
+	onBufferedAmountLow func()
+	state               StreamState
+	log                 logging.LeveledLogger
+	name                string
+}
+
+// StreamIdentifier returns the Stream identifier associated to the stream.
+func (s *Stream) StreamIdentifier() uint16 {
+	s.lock.RLock()
+	defer s.lock.RUnlock()
+	return s.streamIdentifier
+}
+
+// SetDefaultPayloadType sets the default payload type used by Write.
+func (s *Stream) SetDefaultPayloadType(defaultPayloadType PayloadProtocolIdentifier) {
+	atomic.StoreUint32((*uint32)(&s.defaultPayloadType), uint32(defaultPayloadType))
+}
+
+// SetReliabilityParams sets reliability parameters for this stream.
+func (s *Stream) SetReliabilityParams(unordered bool, relType byte, relVal uint32) {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	s.setReliabilityParams(unordered, relType, relVal)
+}
+
+// setReliabilityParams sets reliability parameters for this stream.
+// The caller should hold the lock.
+func (s *Stream) setReliabilityParams(unordered bool, relType byte, relVal uint32) {
+	s.log.Debugf("[%s] reliability params: ordered=%v type=%d value=%d",
+		s.name, !unordered, relType, relVal)
+	s.unordered = unordered
+	s.reliabilityType = relType
+	s.reliabilityValue = relVal
+}
+
+// Read reads a packet of len(p) bytes, dropping the Payload Protocol Identifier.
+// Returns EOF when the stream is reset or an error if the stream is closed
+// otherwise.
+func (s *Stream) Read(p []byte) (int, error) {
+	n, _, err := s.ReadSCTP(p)
+	return n, err
+}
+
+// ReadSCTP reads a packet of len(p) bytes and returns the associated Payload
+// Protocol Identifier.
+// Returns EOF when the stream is reset or an error if the stream is closed
+// otherwise.
+func (s *Stream) ReadSCTP(p []byte) (int, PayloadProtocolIdentifier, error) {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	defer func() {
+		// close readTimeoutCancel if the current read timeout routine is no longer effective
+		if s.readTimeoutCancel != nil && s.readErr != nil {
+			close(s.readTimeoutCancel)
+			s.readTimeoutCancel = nil
+		}
+	}()
+
+	for {
+		n, ppi, err := s.reassemblyQueue.read(p)
+		if err == nil {
+			return n, ppi, nil
+		} else if errors.Is(err, io.ErrShortBuffer) {
+			return 0, PayloadProtocolIdentifier(0), err
+		}
+
+		err = s.readErr
+		if err != nil {
+			return 0, PayloadProtocolIdentifier(0), err
+		}
+
+		s.readNotifier.Wait()
+	}
+}
+
+// SetReadDeadline sets the read deadline in an identical way to net.Conn
+func (s *Stream) SetReadDeadline(deadline time.Time) error {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	if s.readTimeoutCancel != nil {
+		close(s.readTimeoutCancel)
+		s.readTimeoutCancel = nil
+	}
+
+	if s.readErr != nil {
+		if !errors.Is(s.readErr, ErrReadDeadlineExceeded) {
+			return nil
+		}
+		s.readErr = nil
+	}
+
+	if !deadline.IsZero() {
+		s.readTimeoutCancel = make(chan struct{})
+
+		go func(readTimeoutCancel chan struct{}) {
+			t := time.NewTimer(time.Until(deadline))
+			select {
+			case <-readTimeoutCancel:
+				t.Stop()
+				return
+			case <-t.C:
+				select {
+				case <-readTimeoutCancel:
+					return
+				default:
+				}
+				s.lock.Lock()
+				if s.readErr == nil {
+					s.readErr = ErrReadDeadlineExceeded
+				}
+				s.readTimeoutCancel = nil
+				s.lock.Unlock()
+
+				s.readNotifier.Signal()
+			}
+		}(s.readTimeoutCancel)
+	}
+	return nil
+}
+
+func (s *Stream) handleData(pd *chunkPayloadData) {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	var readable bool
+	if s.reassemblyQueue.push(pd) {
+		readable = s.reassemblyQueue.isReadable()
+		s.log.Debugf("[%s] reassemblyQueue readable=%v", s.name, readable)
+		if readable {
+			s.log.Debugf("[%s] readNotifier.signal()", s.name)
+			s.readNotifier.Signal()
+			s.log.Debugf("[%s] readNotifier.signal() done", s.name)
+		}
+	}
+}
+
+func (s *Stream) handleForwardTSNForOrdered(ssn uint16) {
+	var readable bool
+
+	func() {
+		s.lock.Lock()
+		defer s.lock.Unlock()
+
+		if s.unordered {
+			return // unordered chunks are handled by handleForwardUnordered method
+		}
+
+		// Remove all chunks older than or equal to the new TSN from
+		// the reassemblyQueue.
+		s.reassemblyQueue.forwardTSNForOrdered(ssn)
+		readable = s.reassemblyQueue.isReadable()
+	}()
+
+	// Notify the reader asynchronously if there's a data chunk to read.
+	if readable {
+		s.readNotifier.Signal()
+	}
+}
+
+func (s *Stream) handleForwardTSNForUnordered(newCumulativeTSN uint32) {
+	var readable bool
+
+	func() {
+		s.lock.Lock()
+		defer s.lock.Unlock()
+
+		if !s.unordered {
+			return // ordered chunks are handled by handleForwardTSNOrdered method
+		}
+
+		// Remove all chunks older than or equal to the new TSN from
+		// the reassemblyQueue.
+		s.reassemblyQueue.forwardTSNForUnordered(newCumulativeTSN)
+		readable = s.reassemblyQueue.isReadable()
+	}()
+
+	// Notify the reader asynchronously if there's a data chunk to read.
+	if readable {
+		s.readNotifier.Signal()
+	}
+}
+
+// Write writes len(p) bytes from p with the default Payload Protocol Identifier
+func (s *Stream) Write(p []byte) (n int, err error) {
+	ppi := PayloadProtocolIdentifier(atomic.LoadUint32((*uint32)(&s.defaultPayloadType)))
+	return s.WriteSCTP(p, ppi)
+}
+
+// WriteSCTP writes len(p) bytes from p to the DTLS connection
+func (s *Stream) WriteSCTP(p []byte, ppi PayloadProtocolIdentifier) (int, error) {
+	maxMessageSize := s.association.MaxMessageSize()
+	if len(p) > int(maxMessageSize) {
+		return 0, fmt.Errorf("%w: %v", ErrOutboundPacketTooLarge, maxMessageSize)
+	}
+
+	if s.State() != StreamStateOpen {
+		return 0, ErrStreamClosed
+	}
+
+	chunks := s.packetize(p, ppi)
+	n := len(p)
+	err := s.association.sendPayloadData(chunks)
+	if err != nil {
+		return n, ErrStreamClosed
+	}
+	return n, nil
+}
+
+func (s *Stream) packetize(raw []byte, ppi PayloadProtocolIdentifier) []*chunkPayloadData {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	i := uint32(0)
+	remaining := uint32(len(raw))
+
+	// From draft-ietf-rtcweb-data-protocol-09, section 6:
+	//   All Data Channel Establishment Protocol messages MUST be sent using
+	//   ordered delivery and reliable transmission.
+	unordered := ppi != PayloadTypeWebRTCDCEP && s.unordered
+
+	var chunks []*chunkPayloadData
+	var head *chunkPayloadData
+	for remaining != 0 {
+		fragmentSize := min32(s.association.maxPayloadSize, remaining)
+
+		// Copy the userdata since we'll have to store it until acked
+		// and the caller may re-use the buffer in the mean time
+		userData := make([]byte, fragmentSize)
+		copy(userData, raw[i:i+fragmentSize])
+
+		chunk := &chunkPayloadData{
+			streamIdentifier:     s.streamIdentifier,
+			userData:             userData,
+			unordered:            unordered,
+			beginningFragment:    i == 0,
+			endingFragment:       remaining-fragmentSize == 0,
+			immediateSack:        false,
+			payloadType:          ppi,
+			streamSequenceNumber: s.sequenceNumber,
+			head:                 head,
+		}
+
+		if head == nil {
+			head = chunk
+		}
+
+		chunks = append(chunks, chunk)
+
+		remaining -= fragmentSize
+		i += fragmentSize
+	}
+
+	// RFC 4960 Sec 6.6
+	// Note: When transmitting ordered and unordered data, an endpoint does
+	// not increment its Stream Sequence Number when transmitting a DATA
+	// chunk with U flag set to 1.
+	if !unordered {
+		s.sequenceNumber++
+	}
+
+	s.bufferedAmount += uint64(len(raw))
+	s.log.Tracef("[%s] bufferedAmount = %d", s.name, s.bufferedAmount)
+
+	return chunks
+}
+
+// Close closes the write-direction of the stream.
+// Future calls to Write are not permitted after calling Close.
+func (s *Stream) Close() error {
+	if sid, resetOutbound := func() (uint16, bool) {
+		s.lock.Lock()
+		defer s.lock.Unlock()
+
+		s.log.Debugf("[%s] Close: state=%s", s.name, s.state.String())
+
+		if s.state == StreamStateOpen {
+			if s.readErr == nil {
+				s.state = StreamStateClosing
+			} else {
+				s.state = StreamStateClosed
+			}
+			s.log.Debugf("[%s] state change: open => %s", s.name, s.state.String())
+			return s.streamIdentifier, true
+		}
+		return s.streamIdentifier, false
+	}(); resetOutbound {
+		// Reset the outgoing stream
+		// https://tools.ietf.org/html/rfc6525
+		return s.association.sendResetRequest(sid)
+	}
+
+	return nil
+}
+
+// BufferedAmount returns the number of bytes of data currently queued to be sent over this stream.
+func (s *Stream) BufferedAmount() uint64 {
+	s.lock.RLock()
+	defer s.lock.RUnlock()
+
+	return s.bufferedAmount
+}
+
+// BufferedAmountLowThreshold returns the number of bytes of buffered outgoing data that is
+// considered "low." Defaults to 0.
+func (s *Stream) BufferedAmountLowThreshold() uint64 {
+	s.lock.RLock()
+	defer s.lock.RUnlock()
+
+	return s.bufferedAmountLow
+}
+
+// SetBufferedAmountLowThreshold is used to update the threshold.
+// See BufferedAmountLowThreshold().
+func (s *Stream) SetBufferedAmountLowThreshold(th uint64) {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	s.bufferedAmountLow = th
+}
+
+// OnBufferedAmountLow sets the callback handler which would be called when the number of
+// bytes of outgoing data buffered is lower than the threshold.
+func (s *Stream) OnBufferedAmountLow(f func()) {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	s.onBufferedAmountLow = f
+}
+
+// This method is called by association's readLoop (go-)routine to notify this stream
+// of the specified amount of outgoing data has been delivered to the peer.
+func (s *Stream) onBufferReleased(nBytesReleased int) {
+	if nBytesReleased <= 0 {
+		return
+	}
+
+	s.lock.Lock()
+
+	fromAmount := s.bufferedAmount
+
+	if s.bufferedAmount < uint64(nBytesReleased) {
+		s.bufferedAmount = 0
+		s.log.Errorf("[%s] released buffer size %d should be <= %d",
+			s.name, nBytesReleased, s.bufferedAmount)
+	} else {
+		s.bufferedAmount -= uint64(nBytesReleased)
+	}
+
+	s.log.Tracef("[%s] bufferedAmount = %d", s.name, s.bufferedAmount)
+
+	if s.onBufferedAmountLow != nil && fromAmount > s.bufferedAmountLow && s.bufferedAmount <= s.bufferedAmountLow {
+		f := s.onBufferedAmountLow
+		s.lock.Unlock()
+		f()
+		return
+	}
+
+	s.lock.Unlock()
+}
+
+func (s *Stream) getNumBytesInReassemblyQueue() int {
+	// No lock is required as it reads the size with atomic load function.
+	return s.reassemblyQueue.getNumBytes()
+}
+
+func (s *Stream) onInboundStreamReset() {
+	s.lock.Lock()
+	defer s.lock.Unlock()
+
+	s.log.Debugf("[%s] onInboundStreamReset: state=%s", s.name, s.state.String())
+
+	// No more inbound data to read. Unblock the read with io.EOF.
+	// This should cause DCEP layer (datachannel package) to call Close() which
+	// will reset outgoing stream also.
+
+	// See RFC 8831 section 6.7:
+	//	if one side decides to close the data channel, it resets the corresponding
+	//	outgoing stream.  When the peer sees that an incoming stream was
+	//	reset, it also resets its corresponding outgoing stream.  Once this
+	//	is completed, the data channel is closed.
+
+	s.readErr = io.EOF
+	s.readNotifier.Broadcast()
+
+	if s.state == StreamStateClosing {
+		s.log.Debugf("[%s] state change: closing => closed", s.name)
+		s.state = StreamStateClosed
+	}
+}
+
+// State return the stream state.
+func (s *Stream) State() StreamState {
+	s.lock.RLock()
+	defer s.lock.RUnlock()
+	return s.state
+}
diff --git a/server/vendor/github.com/pion/sctp/util.go b/server/vendor/github.com/pion/sctp/util.go
new file mode 100644
index 0000000..b8afc12
--- /dev/null
+++ b/server/vendor/github.com/pion/sctp/util.go
@@ -0,0 +1,61 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+const (
+	paddingMultiple = 4
+)
+
+func getPadding(l int) int {
+	return (paddingMultiple - (l % paddingMultiple)) % paddingMultiple
+}
+
+func padByte(in []byte, cnt int) []byte {
+	if cnt < 0 {
+		cnt = 0
+	}
+	padding := make([]byte, cnt)
+	return append(in, padding...)
+}
+
+// Serial Number Arithmetic (RFC 1982)
+func sna32LT(i1, i2 uint32) bool {
+	return (i1 < i2 && i2-i1 < 1<<31) || (i1 > i2 && i1-i2 > 1<<31)
+}
+
+func sna32LTE(i1, i2 uint32) bool {
+	return i1 == i2 || sna32LT(i1, i2)
+}
+
+func sna32GT(i1, i2 uint32) bool {
+	return (i1 < i2 && (i2-i1) >= 1<<31) || (i1 > i2 && (i1-i2) <= 1<<31)
+}
+
+func sna32GTE(i1, i2 uint32) bool {
+	return i1 == i2 || sna32GT(i1, i2)
+}
+
+func sna32EQ(i1, i2 uint32) bool {
+	return i1 == i2
+}
+
+func sna16LT(i1, i2 uint16) bool {
+	return (i1 < i2 && (i2-i1) < 1<<15) || (i1 > i2 && (i1-i2) > 1<<15)
+}
+
+func sna16LTE(i1, i2 uint16) bool {
+	return i1 == i2 || sna16LT(i1, i2)
+}
+
+func sna16GT(i1, i2 uint16) bool {
+	return (i1 < i2 && (i2-i1) >= 1<<15) || (i1 > i2 && (i1-i2) <= 1<<15)
+}
+
+func sna16GTE(i1, i2 uint16) bool {
+	return i1 == i2 || sna16GT(i1, i2)
+}
+
+func sna16EQ(i1, i2 uint16) bool {
+	return i1 == i2
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/.gitignore b/server/vendor/github.com/pion/sdp/v3/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/sdp/v3/.golangci.yml b/server/vendor/github.com/pion/sdp/v3/.golangci.yml
new file mode 100644
index 0000000..6dd80c8
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/.golangci.yml
@@ -0,0 +1,126 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests and examples, better to be self contained
+    - path: (examples|main\.go|_test\.go)
+      linters:
+        - forbidigo
+        - gocognit
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/sdp/v3/.goreleaser.yml b/server/vendor/github.com/pion/sdp/v3/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/sdp/v3/LICENSE b/server/vendor/github.com/pion/sdp/v3/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/sdp/v3/README.md b/server/vendor/github.com/pion/sdp/v3/README.md
new file mode 100644
index 0000000..1cb8dbd
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/README.md
@@ -0,0 +1,35 @@
+<h1 align="center">
+  <br>
+  Pion SDP
+  <br>
+</h1>
+<h4 align="center">A Go implementation of the SDP</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-sdp-gray.svg?longCache=true&colorB=brightgreen" alt="Pion SDP"></a>
+  <a href="https://sourcegraph.com/github.com/pion/sdp?badge"><img src="https://sourcegraph.com/github.com/pion/sdp/-/badge.svg" alt="Sourcegraph Widget"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/sdp/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/sdp/v2"><img src="https://pkg.go.dev/badge/github.com/pion/sdp/v2.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/sdp"><img src="https://codecov.io/gh/pion/sdp/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/sdp"><img src="https://goreportcard.com/badge/github.com/pion/sdp" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
\ No newline at end of file
diff --git a/server/vendor/github.com/pion/sdp/v3/base_lexer.go b/server/vendor/github.com/pion/sdp/v3/base_lexer.go
new file mode 100644
index 0000000..edd532a
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/base_lexer.go
@@ -0,0 +1,216 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"strconv"
+)
+
+var errDocumentStart = errors.New("already on document start")
+
+type syntaxError struct {
+	s string
+	i int
+}
+
+func (e syntaxError) Error() string {
+	if e.i < 0 {
+		e.i = 0
+	}
+	return fmt.Sprintf("sdp: syntax error at pos %d: %s", e.i, strconv.QuoteToASCII(e.s[e.i:e.i+1]))
+}
+
+type baseLexer struct {
+	value string
+	pos   int
+}
+
+func (l baseLexer) syntaxError() error {
+	return syntaxError{s: l.value, i: l.pos - 1}
+}
+
+func (l *baseLexer) unreadByte() error {
+	if l.pos <= 0 {
+		return errDocumentStart
+	}
+	l.pos--
+	return nil
+}
+
+func (l *baseLexer) readByte() (byte, error) {
+	if l.pos >= len(l.value) {
+		return byte(0), io.EOF
+	}
+	ch := l.value[l.pos]
+	l.pos++
+	return ch, nil
+}
+
+func (l *baseLexer) nextLine() error {
+	for {
+		ch, err := l.readByte()
+		if errors.Is(err, io.EOF) {
+			return nil
+		} else if err != nil {
+			return err
+		}
+		if !isNewline(ch) {
+			return l.unreadByte()
+		}
+	}
+}
+
+func (l *baseLexer) readWhitespace() error {
+	for {
+		ch, err := l.readByte()
+		if errors.Is(err, io.EOF) {
+			return nil
+		} else if err != nil {
+			return err
+		}
+		if !isWhitespace(ch) {
+			return l.unreadByte()
+		}
+	}
+}
+
+func (l *baseLexer) readUint64Field() (i uint64, err error) {
+	for {
+		ch, err := l.readByte()
+		if errors.Is(err, io.EOF) && i > 0 {
+			break
+		} else if err != nil {
+			return i, err
+		}
+
+		if isNewline(ch) {
+			if err := l.unreadByte(); err != nil {
+				return i, err
+			}
+			break
+		}
+
+		if isWhitespace(ch) {
+			if err := l.readWhitespace(); err != nil {
+				return i, err
+			}
+			break
+		}
+
+		switch ch {
+		case '0':
+			i *= 10
+		case '1':
+			i = i*10 + 1
+		case '2':
+			i = i*10 + 2
+		case '3':
+			i = i*10 + 3
+		case '4':
+			i = i*10 + 4
+		case '5':
+			i = i*10 + 5
+		case '6':
+			i = i*10 + 6
+		case '7':
+			i = i*10 + 7
+		case '8':
+			i = i*10 + 8
+		case '9':
+			i = i*10 + 9
+		default:
+			return i, l.syntaxError()
+		}
+	}
+
+	return i, nil
+}
+
+// Returns next field on this line or empty string if no more fields on line
+func (l *baseLexer) readField() (string, error) {
+	start := l.pos
+	var stop int
+	for {
+		stop = l.pos
+		ch, err := l.readByte()
+		if errors.Is(err, io.EOF) && stop > start {
+			break
+		} else if err != nil {
+			return "", err
+		}
+
+		if isNewline(ch) {
+			if err := l.unreadByte(); err != nil {
+				return "", err
+			}
+			break
+		}
+
+		if isWhitespace(ch) {
+			if err := l.readWhitespace(); err != nil {
+				return "", err
+			}
+			break
+		}
+	}
+	return l.value[start:stop], nil
+}
+
+// Returns symbols until line end
+func (l *baseLexer) readLine() (string, error) {
+	start := l.pos
+	trim := 1
+	for {
+		ch, err := l.readByte()
+		if err != nil {
+			return "", err
+		}
+		if ch == '\r' {
+			trim++
+		}
+		if ch == '\n' {
+			return l.value[start : l.pos-trim], nil
+		}
+	}
+}
+
+func (l *baseLexer) readType() (byte, error) {
+	for {
+		firstByte, err := l.readByte()
+		if err != nil {
+			return 0, err
+		}
+
+		if isNewline(firstByte) {
+			continue
+		}
+
+		secondByte, err := l.readByte()
+		if err != nil {
+			return 0, err
+		}
+
+		if secondByte != '=' {
+			return firstByte, l.syntaxError()
+		}
+
+		return firstByte, nil
+	}
+}
+
+func isNewline(ch byte) bool { return ch == '\n' || ch == '\r' }
+
+func isWhitespace(ch byte) bool { return ch == ' ' || ch == '\t' }
+
+func anyOf(element string, data ...string) bool {
+	for _, v := range data {
+		if element == v {
+			return true
+		}
+	}
+	return false
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/codecov.yml b/server/vendor/github.com/pion/sdp/v3/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/sdp/v3/common_description.go b/server/vendor/github.com/pion/sdp/v3/common_description.go
new file mode 100644
index 0000000..9db7903
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/common_description.go
@@ -0,0 +1,188 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"strconv"
+)
+
+// Information describes the "i=" field which provides textual information
+// about the session.
+type Information string
+
+func (i Information) String() string {
+	return stringFromMarshal(i.marshalInto, i.marshalSize)
+}
+
+func (i Information) marshalInto(b []byte) []byte {
+	return append(b, i...)
+}
+
+func (i Information) marshalSize() (size int) {
+	return len(i)
+}
+
+// ConnectionInformation defines the representation for the "c=" field
+// containing connection data.
+type ConnectionInformation struct {
+	NetworkType string
+	AddressType string
+	Address     *Address
+}
+
+func (c ConnectionInformation) String() string {
+	return stringFromMarshal(c.marshalInto, c.marshalSize)
+}
+
+func (c ConnectionInformation) marshalInto(b []byte) []byte {
+	b = append(append(b, c.NetworkType...), ' ')
+	b = append(b, c.AddressType...)
+
+	if c.Address != nil {
+		b = append(b, ' ')
+		b = c.Address.marshalInto(b)
+	}
+
+	return b
+}
+
+func (c ConnectionInformation) marshalSize() (size int) {
+	size = len(c.NetworkType)
+	size += 1 + len(c.AddressType)
+	if c.Address != nil {
+		size += 1 + c.Address.marshalSize()
+	}
+
+	return
+}
+
+// Address desribes a structured address token from within the "c=" field.
+type Address struct {
+	Address string
+	TTL     *int
+	Range   *int
+}
+
+func (c *Address) String() string {
+	return stringFromMarshal(c.marshalInto, c.marshalSize)
+}
+
+func (c *Address) marshalInto(b []byte) []byte {
+	b = append(b, c.Address...)
+	if c.TTL != nil {
+		b = append(b, '/')
+		b = strconv.AppendInt(b, int64(*c.TTL), 10)
+	}
+	if c.Range != nil {
+		b = append(b, '/')
+		b = strconv.AppendInt(b, int64(*c.Range), 10)
+	}
+
+	return b
+}
+
+func (c Address) marshalSize() (size int) {
+	size = len(c.Address)
+	if c.TTL != nil {
+		size += 1 + lenUint(uint64(*c.TTL))
+	}
+	if c.Range != nil {
+		size += 1 + lenUint(uint64(*c.Range))
+	}
+
+	return
+}
+
+// Bandwidth describes an optional field which denotes the proposed bandwidth
+// to be used by the session or media.
+type Bandwidth struct {
+	Experimental bool
+	Type         string
+	Bandwidth    uint64
+}
+
+func (b Bandwidth) String() string {
+	return stringFromMarshal(b.marshalInto, b.marshalSize)
+}
+
+func (b Bandwidth) marshalInto(d []byte) []byte {
+	if b.Experimental {
+		d = append(d, "X-"...)
+	}
+	d = append(append(d, b.Type...), ':')
+	return strconv.AppendUint(d, b.Bandwidth, 10)
+}
+
+func (b Bandwidth) marshalSize() (size int) {
+	if b.Experimental {
+		size += 2
+	}
+
+	size += len(b.Type) + 1 + lenUint(b.Bandwidth)
+	return
+}
+
+// EncryptionKey describes the "k=" which conveys encryption key information.
+type EncryptionKey string
+
+func (e EncryptionKey) String() string {
+	return stringFromMarshal(e.marshalInto, e.marshalSize)
+}
+
+func (e EncryptionKey) marshalInto(b []byte) []byte {
+	return append(b, e...)
+}
+
+func (e EncryptionKey) marshalSize() (size int) {
+	return len(e)
+}
+
+// Attribute describes the "a=" field which represents the primary means for
+// extending SDP.
+type Attribute struct {
+	Key   string
+	Value string
+}
+
+// NewPropertyAttribute constructs a new attribute
+func NewPropertyAttribute(key string) Attribute {
+	return Attribute{
+		Key: key,
+	}
+}
+
+// NewAttribute constructs a new attribute
+func NewAttribute(key, value string) Attribute {
+	return Attribute{
+		Key:   key,
+		Value: value,
+	}
+}
+
+func (a Attribute) String() string {
+	return stringFromMarshal(a.marshalInto, a.marshalSize)
+}
+
+func (a Attribute) marshalInto(b []byte) []byte {
+	b = append(b, a.Key...)
+	if len(a.Value) > 0 {
+		b = append(append(b, ':'), a.Value...)
+	}
+
+	return b
+}
+
+func (a Attribute) marshalSize() (size int) {
+	size = len(a.Key)
+	if len(a.Value) > 0 {
+		size += 1 + len(a.Value)
+	}
+
+	return size
+}
+
+// IsICECandidate returns true if the attribute key equals "candidate".
+func (a Attribute) IsICECandidate() bool {
+	return a.Key == "candidate"
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/direction.go b/server/vendor/github.com/pion/sdp/v3/direction.go
new file mode 100644
index 0000000..936130c
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/direction.go
@@ -0,0 +1,62 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import "errors"
+
+// Direction is a marker for transmission directon of an endpoint
+type Direction int
+
+const (
+	// DirectionSendRecv is for bidirectional communication
+	DirectionSendRecv Direction = iota + 1
+	// DirectionSendOnly is for outgoing communication
+	DirectionSendOnly
+	// DirectionRecvOnly is for incoming communication
+	DirectionRecvOnly
+	// DirectionInactive is for no communication
+	DirectionInactive
+)
+
+const (
+	directionSendRecvStr = "sendrecv"
+	directionSendOnlyStr = "sendonly"
+	directionRecvOnlyStr = "recvonly"
+	directionInactiveStr = "inactive"
+	directionUnknownStr  = ""
+)
+
+var errDirectionString = errors.New("invalid direction string")
+
+// NewDirection defines a procedure for creating a new direction from a raw
+// string.
+func NewDirection(raw string) (Direction, error) {
+	switch raw {
+	case directionSendRecvStr:
+		return DirectionSendRecv, nil
+	case directionSendOnlyStr:
+		return DirectionSendOnly, nil
+	case directionRecvOnlyStr:
+		return DirectionRecvOnly, nil
+	case directionInactiveStr:
+		return DirectionInactive, nil
+	default:
+		return Direction(unknown), errDirectionString
+	}
+}
+
+func (t Direction) String() string {
+	switch t {
+	case DirectionSendRecv:
+		return directionSendRecvStr
+	case DirectionSendOnly:
+		return directionSendOnlyStr
+	case DirectionRecvOnly:
+		return directionRecvOnlyStr
+	case DirectionInactive:
+		return directionInactiveStr
+	default:
+		return directionUnknownStr
+	}
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/extmap.go b/server/vendor/github.com/pion/sdp/v3/extmap.go
new file mode 100644
index 0000000..f260c9b
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/extmap.go
@@ -0,0 +1,111 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"fmt"
+	"net/url"
+	"strconv"
+	"strings"
+)
+
+// Default ext values
+const (
+	DefExtMapValueABSSendTime     = 1
+	DefExtMapValueTransportCC     = 2
+	DefExtMapValueSDESMid         = 3
+	DefExtMapValueSDESRTPStreamID = 4
+
+	ABSSendTimeURI     = "http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time"
+	TransportCCURI     = "http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01"
+	SDESMidURI         = "urn:ietf:params:rtp-hdrext:sdes:mid"
+	SDESRTPStreamIDURI = "urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id"
+	AudioLevelURI      = "urn:ietf:params:rtp-hdrext:ssrc-audio-level"
+)
+
+// ExtMap represents the activation of a single RTP header extension
+type ExtMap struct {
+	Value     int
+	Direction Direction
+	URI       *url.URL
+	ExtAttr   *string
+}
+
+// Clone converts this object to an Attribute
+func (e *ExtMap) Clone() Attribute {
+	return Attribute{Key: "extmap", Value: e.string()}
+}
+
+// Unmarshal creates an Extmap from a string
+func (e *ExtMap) Unmarshal(raw string) error {
+	parts := strings.SplitN(raw, ":", 2)
+	if len(parts) != 2 {
+		return fmt.Errorf("%w: %v", errSyntaxError, raw)
+	}
+
+	fields := strings.Fields(parts[1])
+	if len(fields) < 2 {
+		return fmt.Errorf("%w: %v", errSyntaxError, raw)
+	}
+
+	valdir := strings.Split(fields[0], "/")
+	value, err := strconv.ParseInt(valdir[0], 10, 64)
+	if (value < 1) || (value > 246) {
+		return fmt.Errorf("%w: %v -- extmap key must be in the range 1-256", errSyntaxError, valdir[0])
+	}
+	if err != nil {
+		return fmt.Errorf("%w: %v", errSyntaxError, valdir[0])
+	}
+
+	var direction Direction
+	if len(valdir) == 2 {
+		direction, err = NewDirection(valdir[1])
+		if err != nil {
+			return err
+		}
+	}
+
+	uri, err := url.Parse(fields[1])
+	if err != nil {
+		return err
+	}
+
+	if len(fields) == 3 {
+		tmp := fields[2]
+		e.ExtAttr = &tmp
+	}
+
+	e.Value = int(value)
+	e.Direction = direction
+	e.URI = uri
+	return nil
+}
+
+// Marshal creates a string from an ExtMap
+func (e *ExtMap) Marshal() string {
+	return e.Name() + ":" + e.string()
+}
+
+func (e *ExtMap) string() string {
+	output := fmt.Sprintf("%d", e.Value)
+	dirstring := e.Direction.String()
+	if dirstring != directionUnknownStr {
+		output += "/" + dirstring
+	}
+
+	if e.URI != nil {
+		output += " " + e.URI.String()
+	}
+
+	if e.ExtAttr != nil {
+		output += " " + *e.ExtAttr
+	}
+
+	return output
+}
+
+// Name returns the constant name of this object
+func (e *ExtMap) Name() string {
+	return "extmap"
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/jsep.go b/server/vendor/github.com/pion/sdp/v3/jsep.go
new file mode 100644
index 0000000..600acf5
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/jsep.go
@@ -0,0 +1,210 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"fmt"
+	"net/url"
+	"strconv"
+	"time"
+)
+
+// Constants for SDP attributes used in JSEP
+const (
+	AttrKeyCandidate        = "candidate"
+	AttrKeyEndOfCandidates  = "end-of-candidates"
+	AttrKeyIdentity         = "identity"
+	AttrKeyGroup            = "group"
+	AttrKeySSRC             = "ssrc"
+	AttrKeySSRCGroup        = "ssrc-group"
+	AttrKeyMsid             = "msid"
+	AttrKeyMsidSemantic     = "msid-semantic"
+	AttrKeyConnectionSetup  = "setup"
+	AttrKeyMID              = "mid"
+	AttrKeyICELite          = "ice-lite"
+	AttrKeyRTCPMux          = "rtcp-mux"
+	AttrKeyRTCPRsize        = "rtcp-rsize"
+	AttrKeyInactive         = "inactive"
+	AttrKeyRecvOnly         = "recvonly"
+	AttrKeySendOnly         = "sendonly"
+	AttrKeySendRecv         = "sendrecv"
+	AttrKeyExtMap           = "extmap"
+	AttrKeyExtMapAllowMixed = "extmap-allow-mixed"
+)
+
+// Constants for semantic tokens used in JSEP
+const (
+	SemanticTokenLipSynchronization     = "LS"
+	SemanticTokenFlowIdentification     = "FID"
+	SemanticTokenForwardErrorCorrection = "FEC"
+	SemanticTokenWebRTCMediaStreams     = "WMS"
+)
+
+// Constants for extmap key
+const (
+	ExtMapValueTransportCC = 3
+)
+
+func extMapURI() map[int]string {
+	return map[int]string{
+		ExtMapValueTransportCC: "http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01",
+	}
+}
+
+// API to match draft-ietf-rtcweb-jsep
+// Move to webrtc or its own package?
+
+// NewJSEPSessionDescription creates a new SessionDescription with
+// some settings that are required by the JSEP spec.
+//
+// Note: Since v2.4.0, session ID has been fixed to use crypto random according to
+//
+//	JSEP spec, so that NewJSEPSessionDescription now returns error as a second
+//	return value.
+func NewJSEPSessionDescription(identity bool) (*SessionDescription, error) {
+	sid, err := newSessionID()
+	if err != nil {
+		return nil, err
+	}
+	d := &SessionDescription{
+		Version: 0,
+		Origin: Origin{
+			Username:       "-",
+			SessionID:      sid,
+			SessionVersion: uint64(time.Now().Unix()),
+			NetworkType:    "IN",
+			AddressType:    "IP4",
+			UnicastAddress: "0.0.0.0",
+		},
+		SessionName: "-",
+		TimeDescriptions: []TimeDescription{
+			{
+				Timing: Timing{
+					StartTime: 0,
+					StopTime:  0,
+				},
+				RepeatTimes: nil,
+			},
+		},
+		Attributes: []Attribute{
+			// 	"Attribute(ice-options:trickle)", // TODO: implement trickle ICE
+		},
+	}
+
+	if identity {
+		d.WithPropertyAttribute(AttrKeyIdentity)
+	}
+
+	return d, nil
+}
+
+// WithPropertyAttribute adds a property attribute 'a=key' to the session description
+func (s *SessionDescription) WithPropertyAttribute(key string) *SessionDescription {
+	s.Attributes = append(s.Attributes, NewPropertyAttribute(key))
+	return s
+}
+
+// WithValueAttribute adds a value attribute 'a=key:value' to the session description
+func (s *SessionDescription) WithValueAttribute(key, value string) *SessionDescription {
+	s.Attributes = append(s.Attributes, NewAttribute(key, value))
+	return s
+}
+
+// WithFingerprint adds a fingerprint to the session description
+func (s *SessionDescription) WithFingerprint(algorithm, value string) *SessionDescription {
+	return s.WithValueAttribute("fingerprint", algorithm+" "+value)
+}
+
+// WithMedia adds a media description to the session description
+func (s *SessionDescription) WithMedia(md *MediaDescription) *SessionDescription {
+	s.MediaDescriptions = append(s.MediaDescriptions, md)
+	return s
+}
+
+// NewJSEPMediaDescription creates a new MediaName with
+// some settings that are required by the JSEP spec.
+func NewJSEPMediaDescription(codecType string, _ []string) *MediaDescription {
+	return &MediaDescription{
+		MediaName: MediaName{
+			Media:  codecType,
+			Port:   RangedPort{Value: 9},
+			Protos: []string{"UDP", "TLS", "RTP", "SAVPF"},
+		},
+		ConnectionInformation: &ConnectionInformation{
+			NetworkType: "IN",
+			AddressType: "IP4",
+			Address: &Address{
+				Address: "0.0.0.0",
+			},
+		},
+	}
+}
+
+// WithPropertyAttribute adds a property attribute 'a=key' to the media description
+func (d *MediaDescription) WithPropertyAttribute(key string) *MediaDescription {
+	d.Attributes = append(d.Attributes, NewPropertyAttribute(key))
+	return d
+}
+
+// WithValueAttribute adds a value attribute 'a=key:value' to the media description
+func (d *MediaDescription) WithValueAttribute(key, value string) *MediaDescription {
+	d.Attributes = append(d.Attributes, NewAttribute(key, value))
+	return d
+}
+
+// WithFingerprint adds a fingerprint to the media description
+func (d *MediaDescription) WithFingerprint(algorithm, value string) *MediaDescription {
+	return d.WithValueAttribute("fingerprint", algorithm+" "+value)
+}
+
+// WithICECredentials adds ICE credentials to the media description
+func (d *MediaDescription) WithICECredentials(username, password string) *MediaDescription {
+	return d.
+		WithValueAttribute("ice-ufrag", username).
+		WithValueAttribute("ice-pwd", password)
+}
+
+// WithCodec adds codec information to the media description
+func (d *MediaDescription) WithCodec(payloadType uint8, name string, clockrate uint32, channels uint16, fmtp string) *MediaDescription {
+	d.MediaName.Formats = append(d.MediaName.Formats, strconv.Itoa(int(payloadType)))
+	rtpmap := fmt.Sprintf("%d %s/%d", payloadType, name, clockrate)
+	if channels > 0 {
+		rtpmap += fmt.Sprintf("/%d", channels)
+	}
+	d.WithValueAttribute("rtpmap", rtpmap)
+	if fmtp != "" {
+		d.WithValueAttribute("fmtp", fmt.Sprintf("%d %s", payloadType, fmtp))
+	}
+	return d
+}
+
+// WithMediaSource adds media source information to the media description
+func (d *MediaDescription) WithMediaSource(ssrc uint32, cname, streamLabel, label string) *MediaDescription {
+	return d.
+		WithValueAttribute("ssrc", fmt.Sprintf("%d cname:%s", ssrc, cname)). // Deprecated but not phased out?
+		WithValueAttribute("ssrc", fmt.Sprintf("%d msid:%s %s", ssrc, streamLabel, label)).
+		WithValueAttribute("ssrc", fmt.Sprintf("%d mslabel:%s", ssrc, streamLabel)). // Deprecated but not phased out?
+		WithValueAttribute("ssrc", fmt.Sprintf("%d label:%s", ssrc, label))          // Deprecated but not phased out?
+}
+
+// WithCandidate adds an ICE candidate to the media description
+// Deprecated: use WithICECandidate instead
+func (d *MediaDescription) WithCandidate(value string) *MediaDescription {
+	return d.WithValueAttribute("candidate", value)
+}
+
+// WithExtMap adds an extmap to the media description
+func (d *MediaDescription) WithExtMap(e ExtMap) *MediaDescription {
+	return d.WithPropertyAttribute(e.Marshal())
+}
+
+// WithTransportCCExtMap adds an extmap to the media description
+func (d *MediaDescription) WithTransportCCExtMap() *MediaDescription {
+	uri, _ := url.Parse(extMapURI()[ExtMapValueTransportCC])
+	e := ExtMap{
+		Value: ExtMapValueTransportCC,
+		URI:   uri,
+	}
+	return d.WithExtMap(e)
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/marshal.go b/server/vendor/github.com/pion/sdp/v3/marshal.go
new file mode 100644
index 0000000..43dd738
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/marshal.go
@@ -0,0 +1,240 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+// Marshal takes a SDP struct to text
+// https://tools.ietf.org/html/rfc4566#section-5
+// Session description
+//
+//	v=  (protocol version)
+//	o=  (originator and session identifier)
+//	s=  (session name)
+//	i=* (session information)
+//	u=* (URI of description)
+//	e=* (email address)
+//	p=* (phone number)
+//	c=* (connection information -- not required if included in
+//	     all media)
+//	b=* (zero or more bandwidth information lines)
+//	One or more time descriptions ("t=" and "r=" lines; see below)
+//	z=* (time zone adjustments)
+//	k=* (encryption key)
+//	a=* (zero or more session attribute lines)
+//	Zero or more media descriptions
+//
+// Time description
+//
+//	t=  (time the session is active)
+//	r=* (zero or more repeat times)
+//
+// Media description, if present
+//
+//	m=  (media name and transport address)
+//	i=* (media title)
+//	c=* (connection information -- optional if included at
+//	     session level)
+//	b=* (zero or more bandwidth information lines)
+//	k=* (encryption key)
+//	a=* (zero or more media attribute lines)
+func (s *SessionDescription) Marshal() ([]byte, error) {
+	m := make(marshaller, 0, s.MarshalSize())
+
+	m.addKeyValue("v=", s.Version.marshalInto)
+	m.addKeyValue("o=", s.Origin.marshalInto)
+	m.addKeyValue("s=", s.SessionName.marshalInto)
+
+	if s.SessionInformation != nil {
+		m.addKeyValue("i=", s.SessionInformation.marshalInto)
+	}
+
+	if s.URI != nil {
+		m = append(m, "u="...)
+		m = append(m, s.URI.String()...)
+		m = append(m, "\r\n"...)
+	}
+
+	if s.EmailAddress != nil {
+		m.addKeyValue("e=", s.EmailAddress.marshalInto)
+	}
+
+	if s.PhoneNumber != nil {
+		m.addKeyValue("p=", s.PhoneNumber.marshalInto)
+	}
+
+	if s.ConnectionInformation != nil {
+		m.addKeyValue("c=", s.ConnectionInformation.marshalInto)
+	}
+
+	for _, b := range s.Bandwidth {
+		m.addKeyValue("b=", b.marshalInto)
+	}
+
+	for _, td := range s.TimeDescriptions {
+		m.addKeyValue("t=", td.Timing.marshalInto)
+		for _, r := range td.RepeatTimes {
+			m.addKeyValue("r=", r.marshalInto)
+		}
+	}
+
+	if len(s.TimeZones) > 0 {
+		m = append(m, "z="...)
+		for i, z := range s.TimeZones {
+			if i > 0 {
+				m = append(m, ' ')
+			}
+			m = z.marshalInto(m)
+		}
+		m = append(m, "\r\n"...)
+	}
+
+	if s.EncryptionKey != nil {
+		m.addKeyValue("k=", s.EncryptionKey.marshalInto)
+	}
+
+	for _, a := range s.Attributes {
+		m.addKeyValue("a=", a.marshalInto)
+	}
+
+	for _, md := range s.MediaDescriptions {
+		m.addKeyValue("m=", md.MediaName.marshalInto)
+
+		if md.MediaTitle != nil {
+			m.addKeyValue("i=", md.MediaTitle.marshalInto)
+		}
+
+		if md.ConnectionInformation != nil {
+			m.addKeyValue("c=", md.ConnectionInformation.marshalInto)
+		}
+
+		for _, b := range md.Bandwidth {
+			m.addKeyValue("b=", b.marshalInto)
+		}
+
+		if md.EncryptionKey != nil {
+			m.addKeyValue("k=", md.EncryptionKey.marshalInto)
+		}
+
+		for _, a := range md.Attributes {
+			m.addKeyValue("a=", a.marshalInto)
+		}
+	}
+
+	return m, nil
+}
+
+// `$type=` and CRLF size
+const lineBaseSize = 4
+
+// MarshalSize returns the size of the SessionDescription once marshaled.
+func (s *SessionDescription) MarshalSize() (marshalSize int) {
+	marshalSize += lineBaseSize + s.Version.marshalSize()
+	marshalSize += lineBaseSize + s.Origin.marshalSize()
+	marshalSize += lineBaseSize + s.SessionName.marshalSize()
+
+	if s.SessionInformation != nil {
+		marshalSize += lineBaseSize + s.SessionInformation.marshalSize()
+	}
+
+	if s.URI != nil {
+		marshalSize += lineBaseSize + len(s.URI.String())
+	}
+
+	if s.EmailAddress != nil {
+		marshalSize += lineBaseSize + s.EmailAddress.marshalSize()
+	}
+
+	if s.PhoneNumber != nil {
+		marshalSize += lineBaseSize + s.PhoneNumber.marshalSize()
+	}
+
+	if s.ConnectionInformation != nil {
+		marshalSize += lineBaseSize + s.ConnectionInformation.marshalSize()
+	}
+
+	for _, b := range s.Bandwidth {
+		marshalSize += lineBaseSize + b.marshalSize()
+	}
+
+	for _, td := range s.TimeDescriptions {
+		marshalSize += lineBaseSize + td.Timing.marshalSize()
+		for _, r := range td.RepeatTimes {
+			marshalSize += lineBaseSize + r.marshalSize()
+		}
+	}
+
+	if len(s.TimeZones) > 0 {
+		marshalSize += lineBaseSize
+
+		for i, z := range s.TimeZones {
+			if i > 0 {
+				marshalSize++
+			}
+			marshalSize += z.marshalSize()
+		}
+	}
+
+	if s.EncryptionKey != nil {
+		marshalSize += lineBaseSize + s.EncryptionKey.marshalSize()
+	}
+
+	for _, a := range s.Attributes {
+		marshalSize += lineBaseSize + a.marshalSize()
+	}
+
+	for _, md := range s.MediaDescriptions {
+		marshalSize += lineBaseSize + md.MediaName.marshalSize()
+		if md.MediaTitle != nil {
+			marshalSize += lineBaseSize + md.MediaTitle.marshalSize()
+		}
+		if md.ConnectionInformation != nil {
+			marshalSize += lineBaseSize + md.ConnectionInformation.marshalSize()
+		}
+
+		for _, b := range md.Bandwidth {
+			marshalSize += lineBaseSize + b.marshalSize()
+		}
+
+		if md.EncryptionKey != nil {
+			marshalSize += lineBaseSize + md.EncryptionKey.marshalSize()
+		}
+
+		for _, a := range md.Attributes {
+			marshalSize += lineBaseSize + a.marshalSize()
+		}
+	}
+
+	return marshalSize
+}
+
+// marshaller contains state during marshaling.
+type marshaller []byte
+
+func (m *marshaller) addKeyValue(key string, value func([]byte) []byte) {
+	*m = append(*m, key...)
+	*m = value(*m)
+	*m = append(*m, "\r\n"...)
+}
+
+func lenUint(i uint64) (count int) {
+	if i == 0 {
+		return 1
+	}
+
+	for i != 0 {
+		i /= 10
+		count++
+	}
+	return
+}
+
+func lenInt(i int64) (count int) {
+	if i < 0 {
+		return lenUint(uint64(-i)) + 1
+	}
+	return lenUint(uint64(i))
+}
+
+func stringFromMarshal(marshalFunc func([]byte) []byte, sizeFunc func() int) string {
+	return string(marshalFunc(make([]byte, 0, sizeFunc())))
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/media_description.go b/server/vendor/github.com/pion/sdp/v3/media_description.go
new file mode 100644
index 0000000..d5d76e4
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/media_description.go
@@ -0,0 +1,128 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"strconv"
+)
+
+// MediaDescription represents a media type.
+// https://tools.ietf.org/html/rfc4566#section-5.14
+type MediaDescription struct {
+	// m=<media> <port>/<number of ports> <proto> <fmt> ...
+	// https://tools.ietf.org/html/rfc4566#section-5.14
+	MediaName MediaName
+
+	// i=<session description>
+	// https://tools.ietf.org/html/rfc4566#section-5.4
+	MediaTitle *Information
+
+	// c=<nettype> <addrtype> <connection-address>
+	// https://tools.ietf.org/html/rfc4566#section-5.7
+	ConnectionInformation *ConnectionInformation
+
+	// b=<bwtype>:<bandwidth>
+	// https://tools.ietf.org/html/rfc4566#section-5.8
+	Bandwidth []Bandwidth
+
+	// k=<method>
+	// k=<method>:<encryption key>
+	// https://tools.ietf.org/html/rfc4566#section-5.12
+	EncryptionKey *EncryptionKey
+
+	// a=<attribute>
+	// a=<attribute>:<value>
+	// https://tools.ietf.org/html/rfc4566#section-5.13
+	Attributes []Attribute
+}
+
+// Attribute returns the value of an attribute and if it exists
+func (d *MediaDescription) Attribute(key string) (string, bool) {
+	for _, a := range d.Attributes {
+		if a.Key == key {
+			return a.Value, true
+		}
+	}
+	return "", false
+}
+
+// RangedPort supports special format for the media field "m=" port value. If
+// it may be necessary to specify multiple transport ports, the protocol allows
+// to write it as: <port>/<number of ports> where number of ports is a an
+// offsetting range.
+type RangedPort struct {
+	Value int
+	Range *int
+}
+
+func (p *RangedPort) String() string {
+	output := strconv.Itoa(p.Value)
+	if p.Range != nil {
+		output += "/" + strconv.Itoa(*p.Range)
+	}
+	return output
+}
+
+func (p RangedPort) marshalInto(b []byte) []byte {
+	b = strconv.AppendInt(b, int64(p.Value), 10)
+	if p.Range != nil {
+		b = append(b, '/')
+		b = strconv.AppendInt(b, int64(*p.Range), 10)
+	}
+	return b
+}
+
+func (p RangedPort) marshalSize() (size int) {
+	size = lenInt(int64(p.Value))
+	if p.Range != nil {
+		size += 1 + lenInt(int64(*p.Range))
+	}
+
+	return
+}
+
+// MediaName describes the "m=" field storage structure.
+type MediaName struct {
+	Media   string
+	Port    RangedPort
+	Protos  []string
+	Formats []string
+}
+
+func (m MediaName) String() string {
+	return stringFromMarshal(m.marshalInto, m.marshalSize)
+}
+
+func (m MediaName) marshalInto(b []byte) []byte {
+	appendList := func(list []string, sep byte) {
+		for i, p := range list {
+			if i != 0 && i != len(list) {
+				b = append(b, sep)
+			}
+			b = append(b, p...)
+		}
+	}
+
+	b = append(append(b, m.Media...), ' ')
+	b = append(m.Port.marshalInto(b), ' ')
+	appendList(m.Protos, '/')
+	b = append(b, ' ')
+	appendList(m.Formats, ' ')
+	return b
+}
+
+func (m MediaName) marshalSize() (size int) {
+	listSize := func(list []string) {
+		for _, p := range list {
+			size += 1 + len(p)
+		}
+	}
+
+	size = len(m.Media)
+	size += 1 + m.Port.marshalSize()
+	listSize(m.Protos)
+	listSize(m.Formats)
+
+	return size
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/renovate.json b/server/vendor/github.com/pion/sdp/v3/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/sdp.go b/server/vendor/github.com/pion/sdp/v3/sdp.go
new file mode 100644
index 0000000..a13e838
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/sdp.go
@@ -0,0 +1,5 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package sdp implements Session Description Protocol (SDP)
+package sdp
diff --git a/server/vendor/github.com/pion/sdp/v3/session_description.go b/server/vendor/github.com/pion/sdp/v3/session_description.go
new file mode 100644
index 0000000..a9e25da
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/session_description.go
@@ -0,0 +1,201 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"net/url"
+	"strconv"
+)
+
+// SessionDescription is a a well-defined format for conveying sufficient
+// information to discover and participate in a multimedia session.
+type SessionDescription struct {
+	// v=0
+	// https://tools.ietf.org/html/rfc4566#section-5.1
+	Version Version
+
+	// o=<username> <sess-id> <sess-version> <nettype> <addrtype> <unicast-address>
+	// https://tools.ietf.org/html/rfc4566#section-5.2
+	Origin Origin
+
+	// s=<session name>
+	// https://tools.ietf.org/html/rfc4566#section-5.3
+	SessionName SessionName
+
+	// i=<session description>
+	// https://tools.ietf.org/html/rfc4566#section-5.4
+	SessionInformation *Information
+
+	// u=<uri>
+	// https://tools.ietf.org/html/rfc4566#section-5.5
+	URI *url.URL
+
+	// e=<email-address>
+	// https://tools.ietf.org/html/rfc4566#section-5.6
+	EmailAddress *EmailAddress
+
+	// p=<phone-number>
+	// https://tools.ietf.org/html/rfc4566#section-5.6
+	PhoneNumber *PhoneNumber
+
+	// c=<nettype> <addrtype> <connection-address>
+	// https://tools.ietf.org/html/rfc4566#section-5.7
+	ConnectionInformation *ConnectionInformation
+
+	// b=<bwtype>:<bandwidth>
+	// https://tools.ietf.org/html/rfc4566#section-5.8
+	Bandwidth []Bandwidth
+
+	// https://tools.ietf.org/html/rfc4566#section-5.9
+	// https://tools.ietf.org/html/rfc4566#section-5.10
+	TimeDescriptions []TimeDescription
+
+	// z=<adjustment time> <offset> <adjustment time> <offset> ...
+	// https://tools.ietf.org/html/rfc4566#section-5.11
+	TimeZones []TimeZone
+
+	// k=<method>
+	// k=<method>:<encryption key>
+	// https://tools.ietf.org/html/rfc4566#section-5.12
+	EncryptionKey *EncryptionKey
+
+	// a=<attribute>
+	// a=<attribute>:<value>
+	// https://tools.ietf.org/html/rfc4566#section-5.13
+	Attributes []Attribute
+
+	// https://tools.ietf.org/html/rfc4566#section-5.14
+	MediaDescriptions []*MediaDescription
+}
+
+// Attribute returns the value of an attribute and if it exists
+func (s *SessionDescription) Attribute(key string) (string, bool) {
+	for _, a := range s.Attributes {
+		if a.Key == key {
+			return a.Value, true
+		}
+	}
+	return "", false
+}
+
+// Version describes the value provided by the "v=" field which gives
+// the version of the Session Description Protocol.
+type Version int
+
+func (v Version) String() string {
+	return stringFromMarshal(v.marshalInto, v.marshalSize)
+}
+
+func (v Version) marshalInto(b []byte) []byte {
+	return strconv.AppendInt(b, int64(v), 10)
+}
+
+func (v Version) marshalSize() (size int) {
+	return lenInt(int64(v))
+}
+
+// Origin defines the structure for the "o=" field which provides the
+// originator of the session plus a session identifier and version number.
+type Origin struct {
+	Username       string
+	SessionID      uint64
+	SessionVersion uint64
+	NetworkType    string
+	AddressType    string
+	UnicastAddress string
+}
+
+func (o Origin) String() string {
+	return stringFromMarshal(o.marshalInto, o.marshalSize)
+}
+
+func (o Origin) marshalInto(b []byte) []byte {
+	b = append(append(b, o.Username...), ' ')
+	b = append(strconv.AppendUint(b, o.SessionID, 10), ' ')
+	b = append(strconv.AppendUint(b, o.SessionVersion, 10), ' ')
+	b = append(append(b, o.NetworkType...), ' ')
+	b = append(append(b, o.AddressType...), ' ')
+	return append(b, o.UnicastAddress...)
+}
+
+func (o Origin) marshalSize() (size int) {
+	return len(o.Username) +
+		lenUint(o.SessionID) +
+		lenUint(o.SessionVersion) +
+		len(o.NetworkType) +
+		len(o.AddressType) +
+		len(o.UnicastAddress) +
+		5
+}
+
+// SessionName describes a structured representations for the "s=" field
+// and is the textual session name.
+type SessionName string
+
+func (s SessionName) String() string {
+	return stringFromMarshal(s.marshalInto, s.marshalSize)
+}
+
+func (s SessionName) marshalInto(b []byte) []byte {
+	return append(b, s...)
+}
+
+func (s SessionName) marshalSize() (size int) {
+	return len(s)
+}
+
+// EmailAddress describes a structured representations for the "e=" line
+// which specifies email contact information for the person responsible for
+// the conference.
+type EmailAddress string
+
+func (e EmailAddress) String() string {
+	return stringFromMarshal(e.marshalInto, e.marshalSize)
+}
+
+func (e EmailAddress) marshalInto(b []byte) []byte {
+	return append(b, e...)
+}
+
+func (e EmailAddress) marshalSize() (size int) {
+	return len(e)
+}
+
+// PhoneNumber describes a structured representations for the "p=" line
+// specify phone contact information for the person responsible for the
+// conference.
+type PhoneNumber string
+
+func (p PhoneNumber) String() string {
+	return stringFromMarshal(p.marshalInto, p.marshalSize)
+}
+
+func (p PhoneNumber) marshalInto(b []byte) []byte {
+	return append(b, p...)
+}
+
+func (p PhoneNumber) marshalSize() (size int) {
+	return len(p)
+}
+
+// TimeZone defines the structured object for "z=" line which describes
+// repeated sessions scheduling.
+type TimeZone struct {
+	AdjustmentTime uint64
+	Offset         int64
+}
+
+func (z TimeZone) String() string {
+	return stringFromMarshal(z.marshalInto, z.marshalSize)
+}
+
+func (z TimeZone) marshalInto(b []byte) []byte {
+	b = strconv.AppendUint(b, z.AdjustmentTime, 10)
+	b = append(b, ' ')
+	return strconv.AppendInt(b, z.Offset, 10)
+}
+
+func (z TimeZone) marshalSize() (size int) {
+	return lenUint(z.AdjustmentTime) + 1 + lenInt(z.Offset)
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/time_description.go b/server/vendor/github.com/pion/sdp/v3/time_description.go
new file mode 100644
index 0000000..0a5baa4
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/time_description.go
@@ -0,0 +1,75 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"strconv"
+)
+
+// TimeDescription describes "t=", "r=" fields of the session description
+// which are used to specify the start and stop times for a session as well as
+// repeat intervals and durations for the scheduled session.
+type TimeDescription struct {
+	// t=<start-time> <stop-time>
+	// https://tools.ietf.org/html/rfc4566#section-5.9
+	Timing Timing
+
+	// r=<repeat interval> <active duration> <offsets from start-time>
+	// https://tools.ietf.org/html/rfc4566#section-5.10
+	RepeatTimes []RepeatTime
+}
+
+// Timing defines the "t=" field's structured representation for the start and
+// stop times.
+type Timing struct {
+	StartTime uint64
+	StopTime  uint64
+}
+
+func (t Timing) String() string {
+	return stringFromMarshal(t.marshalInto, t.marshalSize)
+}
+
+func (t Timing) marshalInto(b []byte) []byte {
+	b = append(strconv.AppendUint(b, t.StartTime, 10), ' ')
+	return strconv.AppendUint(b, t.StopTime, 10)
+}
+
+func (t Timing) marshalSize() (size int) {
+	return lenUint(t.StartTime) + 1 + lenUint(t.StopTime)
+}
+
+// RepeatTime describes the "r=" fields of the session description which
+// represents the intervals and durations for repeated scheduled sessions.
+type RepeatTime struct {
+	Interval int64
+	Duration int64
+	Offsets  []int64
+}
+
+func (r RepeatTime) String() string {
+	return stringFromMarshal(r.marshalInto, r.marshalSize)
+}
+
+func (r RepeatTime) marshalInto(b []byte) []byte {
+	b = strconv.AppendInt(b, r.Interval, 10)
+	b = append(b, ' ')
+	b = strconv.AppendInt(b, r.Duration, 10)
+	for _, value := range r.Offsets {
+		b = append(b, ' ')
+		b = strconv.AppendInt(b, value, 10)
+	}
+
+	return b
+}
+
+func (r RepeatTime) marshalSize() (size int) {
+	size = lenInt(r.Interval)
+	size += 1 + lenInt(r.Duration)
+	for _, o := range r.Offsets {
+		size += 1 + lenInt(o)
+	}
+
+	return
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/unmarshal.go b/server/vendor/github.com/pion/sdp/v3/unmarshal.go
new file mode 100644
index 0000000..3720d0d
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/unmarshal.go
@@ -0,0 +1,956 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"errors"
+	"fmt"
+	"net/url"
+	"strconv"
+	"strings"
+	"sync"
+)
+
+var (
+	errSDPInvalidSyntax       = errors.New("sdp: invalid syntax")
+	errSDPInvalidNumericValue = errors.New("sdp: invalid numeric value")
+	errSDPInvalidValue        = errors.New("sdp: invalid value")
+	errSDPInvalidPortValue    = errors.New("sdp: invalid port value")
+	errSDPCacheInvalid        = errors.New("sdp: invalid cache")
+
+	//nolint: gochecknoglobals
+	unmarshalCachePool = sync.Pool{
+		New: func() interface{} {
+			return &unmarshalCache{}
+		},
+	}
+)
+
+// UnmarshalString is the primary function that deserializes the session description
+// message and stores it inside of a structured SessionDescription object.
+//
+// The States Transition Table describes the computation flow between functions
+// (namely s1, s2, s3, ...) for a parsing procedure that complies with the
+// specifications laid out by the rfc4566#section-5 as well as by JavaScript
+// Session Establishment Protocol draft. Links:
+//
+//	https://tools.ietf.org/html/rfc4566#section-5
+//	https://tools.ietf.org/html/draft-ietf-rtcweb-jsep-24
+//
+// https://tools.ietf.org/html/rfc4566#section-5
+// Session description
+//
+//	v=  (protocol version)
+//	o=  (originator and session identifier)
+//	s=  (session name)
+//	i=* (session information)
+//	u=* (URI of description)
+//	e=* (email address)
+//	p=* (phone number)
+//	c=* (connection information -- not required if included in
+//	     all media)
+//	b=* (zero or more bandwidth information lines)
+//	One or more time descriptions ("t=" and "r=" lines; see below)
+//	z=* (time zone adjustments)
+//	k=* (encryption key)
+//	a=* (zero or more session attribute lines)
+//	Zero or more media descriptions
+//
+// Time description
+//
+//	t=  (time the session is active)
+//	r=* (zero or more repeat times)
+//
+// Media description, if present
+//
+//	m=  (media name and transport address)
+//	i=* (media title)
+//	c=* (connection information -- optional if included at
+//	     session level)
+//	b=* (zero or more bandwidth information lines)
+//	k=* (encryption key)
+//	a=* (zero or more media attribute lines)
+//
+// In order to generate the following state table and draw subsequent
+// deterministic finite-state automota ("DFA") the following regex was used to
+// derive the DFA:
+//
+//	vosi?u?e?p?c?b*(tr*)+z?k?a*(mi?c?b*k?a*)*
+//
+// possible place and state to exit:
+//
+//	**   * * *  ** * * * *
+//	99   1 1 1  11 1 1 1 1
+//	     3 1 1  26 5 5 4 4
+//
+// Please pay close attention to the `k`, and `a` parsing states. In the table
+// below in order to distinguish between the states belonging to the media
+// description as opposed to the session description, the states are marked
+// with an asterisk ("a*", "k*").
+// +--------+----+-------+----+-----+----+-----+---+----+----+---+---+-----+---+---+----+---+----+
+// | STATES | a* | a*,k* | a  | a,k | b  | b,c | e | i  | m  | o | p | r,t | s | t | u  | v | z  |
+// +--------+----+-------+----+-----+----+-----+---+----+----+---+---+-----+---+---+----+---+----+
+// |   s1   |    |       |    |     |    |     |   |    |    |   |   |     |   |   |    | 2 |    |
+// |   s2   |    |       |    |     |    |     |   |    |    | 3 |   |     |   |   |    |   |    |
+// |   s3   |    |       |    |     |    |     |   |    |    |   |   |     | 4 |   |    |   |    |
+// |   s4   |    |       |    |     |    |   5 | 6 |  7 |    |   | 8 |     |   | 9 | 10 |   |    |
+// |   s5   |    |       |    |     |  5 |     |   |    |    |   |   |     |   | 9 |    |   |    |
+// |   s6   |    |       |    |     |    |   5 |   |    |    |   | 8 |     |   | 9 |    |   |    |
+// |   s7   |    |       |    |     |    |   5 | 6 |    |    |   | 8 |     |   | 9 | 10 |   |    |
+// |   s8   |    |       |    |     |    |   5 |   |    |    |   |   |     |   | 9 |    |   |    |
+// |   s9   |    |       |    |  11 |    |     |   |    | 12 |   |   |   9 |   |   |    |   | 13 |
+// |   s10  |    |       |    |     |    |   5 | 6 |    |    |   | 8 |     |   | 9 |    |   |    |
+// |   s11  |    |       | 11 |     |    |     |   |    | 12 |   |   |     |   |   |    |   |    |
+// |   s12  |    |    14 |    |     |    |  15 |   | 16 | 12 |   |   |     |   |   |    |   |    |
+// |   s13  |    |       |    |  11 |    |     |   |    | 12 |   |   |     |   |   |    |   |    |
+// |   s14  | 14 |       |    |     |    |     |   |    | 12 |   |   |     |   |   |    |   |    |
+// |   s15  |    |    14 |    |     | 15 |     |   |    | 12 |   |   |     |   |   |    |   |    |
+// |   s16  |    |    14 |    |     |    |  15 |   |    | 12 |   |   |     |   |   |    |   |    |
+// +--------+----+-------+----+-----+----+-----+---+----+----+---+---+-----+---+---+----+---+----+
+func (s *SessionDescription) UnmarshalString(value string) error {
+	var ok bool
+	l := new(lexer)
+	if l.cache, ok = unmarshalCachePool.Get().(*unmarshalCache); !ok {
+		return errSDPCacheInvalid
+	}
+	defer unmarshalCachePool.Put(l.cache)
+
+	l.cache.reset()
+	l.desc = s
+	l.value = value
+
+	for state := s1; state != nil; {
+		var err error
+		state, err = state(l)
+		if err != nil {
+			return err
+		}
+	}
+
+	s.Attributes = l.cache.cloneSessionAttributes()
+	populateMediaAttributes(l.cache, l.desc)
+	return nil
+}
+
+// Unmarshal converts the value into a []byte and then calls UnmarshalString.
+// Callers should use the more performant UnmarshalString
+func (s *SessionDescription) Unmarshal(value []byte) error {
+	return s.UnmarshalString(string(value))
+}
+
+func s1(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		if key == 'v' {
+			return unmarshalProtocolVersion
+		}
+		return nil
+	})
+}
+
+func s2(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		if key == 'o' {
+			return unmarshalOrigin
+		}
+		return nil
+	})
+}
+
+func s3(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		if key == 's' {
+			return unmarshalSessionName
+		}
+		return nil
+	})
+}
+
+func s4(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'i':
+			return unmarshalSessionInformation
+		case 'u':
+			return unmarshalURI
+		case 'e':
+			return unmarshalEmail
+		case 'p':
+			return unmarshalPhone
+		case 'c':
+			return unmarshalSessionConnectionInformation
+		case 'b':
+			return unmarshalSessionBandwidth
+		case 't':
+			return unmarshalTiming
+		}
+		return nil
+	})
+}
+
+func s5(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'b':
+			return unmarshalSessionBandwidth
+		case 't':
+			return unmarshalTiming
+		}
+		return nil
+	})
+}
+
+func s6(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'p':
+			return unmarshalPhone
+		case 'c':
+			return unmarshalSessionConnectionInformation
+		case 'b':
+			return unmarshalSessionBandwidth
+		case 't':
+			return unmarshalTiming
+		}
+		return nil
+	})
+}
+
+func s7(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'u':
+			return unmarshalURI
+		case 'e':
+			return unmarshalEmail
+		case 'p':
+			return unmarshalPhone
+		case 'c':
+			return unmarshalSessionConnectionInformation
+		case 'b':
+			return unmarshalSessionBandwidth
+		case 't':
+			return unmarshalTiming
+		}
+		return nil
+	})
+}
+
+func s8(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'c':
+			return unmarshalSessionConnectionInformation
+		case 'b':
+			return unmarshalSessionBandwidth
+		case 't':
+			return unmarshalTiming
+		}
+		return nil
+	})
+}
+
+func s9(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'z':
+			return unmarshalTimeZones
+		case 'k':
+			return unmarshalSessionEncryptionKey
+		case 'a':
+			return unmarshalSessionAttribute
+		case 'r':
+			return unmarshalRepeatTimes
+		case 't':
+			return unmarshalTiming
+		case 'm':
+			return unmarshalMediaDescription
+		}
+		return nil
+	})
+}
+
+func s10(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'e':
+			return unmarshalEmail
+		case 'p':
+			return unmarshalPhone
+		case 'c':
+			return unmarshalSessionConnectionInformation
+		case 'b':
+			return unmarshalSessionBandwidth
+		case 't':
+			return unmarshalTiming
+		}
+		return nil
+	})
+}
+
+func s11(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'a':
+			return unmarshalSessionAttribute
+		case 'm':
+			return unmarshalMediaDescription
+		}
+		return nil
+	})
+}
+
+func s12(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'a':
+			return unmarshalMediaAttribute
+		case 'k':
+			return unmarshalMediaEncryptionKey
+		case 'b':
+			return unmarshalMediaBandwidth
+		case 'c':
+			return unmarshalMediaConnectionInformation
+		case 'i':
+			return unmarshalMediaTitle
+		case 'm':
+			return unmarshalMediaDescription
+		}
+		return nil
+	})
+}
+
+func s13(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'a':
+			return unmarshalSessionAttribute
+		case 'k':
+			return unmarshalSessionEncryptionKey
+		case 'm':
+			return unmarshalMediaDescription
+		}
+		return nil
+	})
+}
+
+func s14(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'a':
+			return unmarshalMediaAttribute
+		case 'k':
+			// Non-spec ordering
+			return unmarshalMediaEncryptionKey
+		case 'b':
+			// Non-spec ordering
+			return unmarshalMediaBandwidth
+		case 'c':
+			// Non-spec ordering
+			return unmarshalMediaConnectionInformation
+		case 'i':
+			// Non-spec ordering
+			return unmarshalMediaTitle
+		case 'm':
+			return unmarshalMediaDescription
+		}
+		return nil
+	})
+}
+
+func s15(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'a':
+			return unmarshalMediaAttribute
+		case 'k':
+			return unmarshalMediaEncryptionKey
+		case 'b':
+			return unmarshalMediaBandwidth
+		case 'c':
+			return unmarshalMediaConnectionInformation
+		case 'i':
+			// Non-spec ordering
+			return unmarshalMediaTitle
+		case 'm':
+			return unmarshalMediaDescription
+		}
+		return nil
+	})
+}
+
+func s16(l *lexer) (stateFn, error) {
+	return l.handleType(func(key byte) stateFn {
+		switch key {
+		case 'a':
+			return unmarshalMediaAttribute
+		case 'k':
+			return unmarshalMediaEncryptionKey
+		case 'c':
+			return unmarshalMediaConnectionInformation
+		case 'b':
+			return unmarshalMediaBandwidth
+		case 'i':
+			// Non-spec ordering
+			return unmarshalMediaTitle
+		case 'm':
+			return unmarshalMediaDescription
+		}
+		return nil
+	})
+}
+
+func unmarshalProtocolVersion(l *lexer) (stateFn, error) {
+	version, err := l.readUint64Field()
+	if err != nil {
+		return nil, err
+	}
+
+	// As off the latest draft of the rfc this value is required to be 0.
+	// https://tools.ietf.org/html/draft-ietf-rtcweb-jsep-24#section-5.8.1
+	if version != 0 {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, version)
+	}
+
+	if err := l.nextLine(); err != nil {
+		return nil, err
+	}
+
+	return s2, nil
+}
+
+func unmarshalOrigin(l *lexer) (stateFn, error) {
+	var err error
+
+	l.desc.Origin.Username, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	l.desc.Origin.SessionID, err = l.readUint64Field()
+	if err != nil {
+		return nil, err
+	}
+
+	l.desc.Origin.SessionVersion, err = l.readUint64Field()
+	if err != nil {
+		return nil, err
+	}
+
+	l.desc.Origin.NetworkType, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	// Set according to currently registered with IANA
+	// https://tools.ietf.org/html/rfc4566#section-8.2.6
+	if !anyOf(l.desc.Origin.NetworkType, "IN") {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, l.desc.Origin.NetworkType)
+	}
+
+	l.desc.Origin.AddressType, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	// Set according to currently registered with IANA
+	// https://tools.ietf.org/html/rfc4566#section-8.2.7
+	if !anyOf(l.desc.Origin.AddressType, "IP4", "IP6") {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, l.desc.Origin.AddressType)
+	}
+
+	l.desc.Origin.UnicastAddress, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	if err := l.nextLine(); err != nil {
+		return nil, err
+	}
+
+	return s3, nil
+}
+
+func unmarshalSessionName(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	l.desc.SessionName = SessionName(value)
+	return s4, nil
+}
+
+func unmarshalSessionInformation(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	sessionInformation := Information(value)
+	l.desc.SessionInformation = &sessionInformation
+	return s7, nil
+}
+
+func unmarshalURI(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	l.desc.URI, err = url.Parse(value)
+	if err != nil {
+		return nil, err
+	}
+
+	return s10, nil
+}
+
+func unmarshalEmail(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	emailAddress := EmailAddress(value)
+	l.desc.EmailAddress = &emailAddress
+	return s6, nil
+}
+
+func unmarshalPhone(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	phoneNumber := PhoneNumber(value)
+	l.desc.PhoneNumber = &phoneNumber
+	return s8, nil
+}
+
+func unmarshalSessionConnectionInformation(l *lexer) (stateFn, error) {
+	var err error
+	l.desc.ConnectionInformation, err = l.unmarshalConnectionInformation()
+	if err != nil {
+		return nil, err
+	}
+	return s5, nil
+}
+
+func (l *lexer) unmarshalConnectionInformation() (*ConnectionInformation, error) {
+	var err error
+	var c ConnectionInformation
+
+	c.NetworkType, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	// Set according to currently registered with IANA
+	// https://tools.ietf.org/html/rfc4566#section-8.2.6
+	if !anyOf(c.NetworkType, "IN") {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, c.NetworkType)
+	}
+
+	c.AddressType, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	// Set according to currently registered with IANA
+	// https://tools.ietf.org/html/rfc4566#section-8.2.7
+	if !anyOf(c.AddressType, "IP4", "IP6") {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, c.AddressType)
+	}
+
+	address, err := l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	if address != "" {
+		c.Address = new(Address)
+		c.Address.Address = address
+	}
+
+	if err := l.nextLine(); err != nil {
+		return nil, err
+	}
+
+	return &c, nil
+}
+
+func unmarshalSessionBandwidth(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	bandwidth, err := unmarshalBandwidth(value)
+	if err != nil {
+		return nil, fmt.Errorf("%w `b=%v`", errSDPInvalidValue, value)
+	}
+	l.desc.Bandwidth = append(l.desc.Bandwidth, *bandwidth)
+
+	return s5, nil
+}
+
+func unmarshalBandwidth(value string) (*Bandwidth, error) {
+	parts := strings.Split(value, ":")
+	if len(parts) != 2 {
+		return nil, fmt.Errorf("%w `b=%v`", errSDPInvalidValue, parts)
+	}
+
+	experimental := strings.HasPrefix(parts[0], "X-")
+	if experimental {
+		parts[0] = strings.TrimPrefix(parts[0], "X-")
+	} else if !anyOf(parts[0], "CT", "AS", "TIAS", "RS", "RR") {
+		// Set according to currently registered with IANA
+		// https://tools.ietf.org/html/rfc4566#section-5.8
+		// https://tools.ietf.org/html/rfc3890#section-6.2
+		// https://tools.ietf.org/html/rfc3556#section-2
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, parts[0])
+	}
+
+	bandwidth, err := strconv.ParseUint(parts[1], 10, 64)
+	if err != nil {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidNumericValue, parts[1])
+	}
+
+	return &Bandwidth{
+		Experimental: experimental,
+		Type:         parts[0],
+		Bandwidth:    bandwidth,
+	}, nil
+}
+
+func unmarshalTiming(l *lexer) (stateFn, error) {
+	var err error
+	var td TimeDescription
+
+	td.Timing.StartTime, err = l.readUint64Field()
+	if err != nil {
+		return nil, err
+	}
+
+	td.Timing.StopTime, err = l.readUint64Field()
+	if err != nil {
+		return nil, err
+	}
+
+	if err := l.nextLine(); err != nil {
+		return nil, err
+	}
+
+	l.desc.TimeDescriptions = append(l.desc.TimeDescriptions, td)
+	return s9, nil
+}
+
+func unmarshalRepeatTimes(l *lexer) (stateFn, error) {
+	var err error
+	var newRepeatTime RepeatTime
+
+	latestTimeDesc := &l.desc.TimeDescriptions[len(l.desc.TimeDescriptions)-1]
+
+	field, err := l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	newRepeatTime.Interval, err = parseTimeUnits(field)
+	if err != nil {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, field)
+	}
+
+	field, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	newRepeatTime.Duration, err = parseTimeUnits(field)
+	if err != nil {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, field)
+	}
+
+	for {
+		field, err := l.readField()
+		if err != nil {
+			return nil, err
+		}
+		if field == "" {
+			break
+		}
+		offset, err := parseTimeUnits(field)
+		if err != nil {
+			return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, field)
+		}
+		newRepeatTime.Offsets = append(newRepeatTime.Offsets, offset)
+	}
+
+	if err := l.nextLine(); err != nil {
+		return nil, err
+	}
+
+	latestTimeDesc.RepeatTimes = append(latestTimeDesc.RepeatTimes, newRepeatTime)
+	return s9, nil
+}
+
+func unmarshalTimeZones(l *lexer) (stateFn, error) {
+	// These fields are transimitted in pairs
+	// z=<adjustment time> <offset> <adjustment time> <offset> ....
+	// so we are making sure that there are actually multiple of 2 total.
+	for {
+		var err error
+		var timeZone TimeZone
+
+		timeZone.AdjustmentTime, err = l.readUint64Field()
+		if err != nil {
+			return nil, err
+		}
+
+		offset, err := l.readField()
+		if err != nil {
+			return nil, err
+		}
+
+		if offset == "" {
+			break
+		}
+
+		timeZone.Offset, err = parseTimeUnits(offset)
+		if err != nil {
+			return nil, err
+		}
+
+		l.desc.TimeZones = append(l.desc.TimeZones, timeZone)
+	}
+
+	if err := l.nextLine(); err != nil {
+		return nil, err
+	}
+
+	return s13, nil
+}
+
+func unmarshalSessionEncryptionKey(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	encryptionKey := EncryptionKey(value)
+	l.desc.EncryptionKey = &encryptionKey
+	return s11, nil
+}
+
+func unmarshalSessionAttribute(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	i := strings.IndexRune(value, ':')
+	a := l.cache.getSessionAttribute()
+	if i > 0 {
+		a.Key = value[:i]
+		a.Value = value[i+1:]
+	} else {
+		a.Key = value
+	}
+
+	return s11, nil
+}
+
+func unmarshalMediaDescription(l *lexer) (stateFn, error) {
+	populateMediaAttributes(l.cache, l.desc)
+	var newMediaDesc MediaDescription
+
+	// <media>
+	field, err := l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	// Set according to currently registered with IANA
+	// https://tools.ietf.org/html/rfc4566#section-5.14
+	if !anyOf(field, "audio", "video", "text", "application", "message") {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, field)
+	}
+	newMediaDesc.MediaName.Media = field
+
+	// <port>
+	field, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+	parts := strings.Split(field, "/")
+	newMediaDesc.MediaName.Port.Value, err = parsePort(parts[0])
+	if err != nil {
+		return nil, fmt.Errorf("%w `%v`", errSDPInvalidPortValue, parts[0])
+	}
+
+	if len(parts) > 1 {
+		var portRange int
+		portRange, err = strconv.Atoi(parts[1])
+		if err != nil {
+			return nil, fmt.Errorf("%w `%v`", errSDPInvalidValue, parts)
+		}
+		newMediaDesc.MediaName.Port.Range = &portRange
+	}
+
+	// <proto>
+	field, err = l.readField()
+	if err != nil {
+		return nil, err
+	}
+
+	// Set according to currently registered with IANA
+	// https://tools.ietf.org/html/rfc4566#section-5.14
+	// https://tools.ietf.org/html/rfc4975#section-8.1
+	for _, proto := range strings.Split(field, "/") {
+		if !anyOf(proto, "UDP", "RTP", "AVP", "SAVP", "SAVPF", "TLS", "DTLS", "SCTP", "AVPF", "TCP", "MSRP", "BFCP", "UDT", "IX") {
+			return nil, fmt.Errorf("%w `%v`", errSDPInvalidNumericValue, field)
+		}
+		newMediaDesc.MediaName.Protos = append(newMediaDesc.MediaName.Protos, proto)
+	}
+
+	// <fmt>...
+	for {
+		field, err = l.readField()
+		if err != nil {
+			return nil, err
+		}
+		if field == "" {
+			break
+		}
+		newMediaDesc.MediaName.Formats = append(newMediaDesc.MediaName.Formats, field)
+	}
+
+	if err := l.nextLine(); err != nil {
+		return nil, err
+	}
+
+	l.desc.MediaDescriptions = append(l.desc.MediaDescriptions, &newMediaDesc)
+	return s12, nil
+}
+
+func unmarshalMediaTitle(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	latestMediaDesc := l.desc.MediaDescriptions[len(l.desc.MediaDescriptions)-1]
+	mediaTitle := Information(value)
+	latestMediaDesc.MediaTitle = &mediaTitle
+	return s16, nil
+}
+
+func unmarshalMediaConnectionInformation(l *lexer) (stateFn, error) {
+	var err error
+	latestMediaDesc := l.desc.MediaDescriptions[len(l.desc.MediaDescriptions)-1]
+	latestMediaDesc.ConnectionInformation, err = l.unmarshalConnectionInformation()
+	if err != nil {
+		return nil, err
+	}
+	return s15, nil
+}
+
+func unmarshalMediaBandwidth(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	latestMediaDesc := l.desc.MediaDescriptions[len(l.desc.MediaDescriptions)-1]
+	bandwidth, err := unmarshalBandwidth(value)
+	if err != nil {
+		return nil, fmt.Errorf("%w `b=%v`", errSDPInvalidSyntax, value)
+	}
+	latestMediaDesc.Bandwidth = append(latestMediaDesc.Bandwidth, *bandwidth)
+	return s15, nil
+}
+
+func unmarshalMediaEncryptionKey(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	latestMediaDesc := l.desc.MediaDescriptions[len(l.desc.MediaDescriptions)-1]
+	encryptionKey := EncryptionKey(value)
+	latestMediaDesc.EncryptionKey = &encryptionKey
+	return s14, nil
+}
+
+func unmarshalMediaAttribute(l *lexer) (stateFn, error) {
+	value, err := l.readLine()
+	if err != nil {
+		return nil, err
+	}
+
+	i := strings.IndexRune(value, ':')
+	a := l.cache.getMediaAttribute()
+	if i > 0 {
+		a.Key = value[:i]
+		a.Value = value[i+1:]
+	} else {
+		a.Key = value
+	}
+
+	return s14, nil
+}
+
+func parseTimeUnits(value string) (num int64, err error) {
+	if len(value) == 0 {
+		return 0, fmt.Errorf("%w `%v`", errSDPInvalidValue, value)
+	}
+	k := timeShorthand(value[len(value)-1])
+	if k > 0 {
+		num, err = strconv.ParseInt(value[:len(value)-1], 10, 64)
+	} else {
+		k = 1
+		num, err = strconv.ParseInt(value, 10, 64)
+	}
+	if err != nil {
+		return 0, fmt.Errorf("%w `%v`", errSDPInvalidValue, value)
+	}
+	return num * k, nil
+}
+
+func timeShorthand(b byte) int64 {
+	// Some time offsets in the protocol can be provided with a shorthand
+	// notation. This code ensures to convert it to NTP timestamp format.
+	switch b {
+	case 'd': // days
+		return 86400
+	case 'h': // hours
+		return 3600
+	case 'm': // minutes
+		return 60
+	case 's': // seconds (allowed for completeness)
+		return 1
+	default:
+		return 0
+	}
+}
+
+func parsePort(value string) (int, error) {
+	port, err := strconv.Atoi(value)
+	if err != nil {
+		return 0, fmt.Errorf("%w `%v`", errSDPInvalidPortValue, port)
+	}
+
+	if port < 0 || port > 65536 {
+		return 0, fmt.Errorf("%w -- out of range `%v`", errSDPInvalidPortValue, port)
+	}
+
+	return port, nil
+}
+
+func populateMediaAttributes(c *unmarshalCache, s *SessionDescription) {
+	if len(s.MediaDescriptions) != 0 {
+		lastMediaDesc := s.MediaDescriptions[len(s.MediaDescriptions)-1]
+		lastMediaDesc.Attributes = c.cloneMediaAttributes()
+	}
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/unmarshal_cache.go b/server/vendor/github.com/pion/sdp/v3/unmarshal_cache.go
new file mode 100644
index 0000000..728b305
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/unmarshal_cache.go
@@ -0,0 +1,44 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+type unmarshalCache struct {
+	sessionAttributes []Attribute
+	mediaAttributes   []Attribute
+}
+
+func (c *unmarshalCache) reset() {
+	c.sessionAttributes = c.sessionAttributes[:0]
+	c.mediaAttributes = c.mediaAttributes[:0]
+}
+
+func (c *unmarshalCache) getSessionAttribute() *Attribute {
+	c.sessionAttributes = append(c.sessionAttributes, Attribute{})
+	return &c.sessionAttributes[len(c.sessionAttributes)-1]
+}
+
+func (c *unmarshalCache) cloneSessionAttributes() []Attribute {
+	if len(c.sessionAttributes) == 0 {
+		return nil
+	}
+	s := make([]Attribute, len(c.sessionAttributes))
+	copy(s, c.sessionAttributes)
+	c.sessionAttributes = c.sessionAttributes[:0]
+	return s
+}
+
+func (c *unmarshalCache) getMediaAttribute() *Attribute {
+	c.mediaAttributes = append(c.mediaAttributes, Attribute{})
+	return &c.mediaAttributes[len(c.mediaAttributes)-1]
+}
+
+func (c *unmarshalCache) cloneMediaAttributes() []Attribute {
+	if len(c.mediaAttributes) == 0 {
+		return nil
+	}
+	s := make([]Attribute, len(c.mediaAttributes))
+	copy(s, c.mediaAttributes)
+	c.mediaAttributes = c.mediaAttributes[:0]
+	return s
+}
diff --git a/server/vendor/github.com/pion/sdp/v3/util.go b/server/vendor/github.com/pion/sdp/v3/util.go
new file mode 100644
index 0000000..0f14f15
--- /dev/null
+++ b/server/vendor/github.com/pion/sdp/v3/util.go
@@ -0,0 +1,360 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sdp
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"sort"
+	"strconv"
+	"strings"
+
+	"github.com/pion/randutil"
+)
+
+const (
+	attributeKey = "a="
+)
+
+var (
+	errExtractCodecRtpmap  = errors.New("could not extract codec from rtpmap")
+	errExtractCodecFmtp    = errors.New("could not extract codec from fmtp")
+	errExtractCodecRtcpFb  = errors.New("could not extract codec from rtcp-fb")
+	errPayloadTypeNotFound = errors.New("payload type not found")
+	errCodecNotFound       = errors.New("codec not found")
+	errSyntaxError         = errors.New("SyntaxError")
+)
+
+// ConnectionRole indicates which of the end points should initiate the connection establishment
+type ConnectionRole int
+
+const (
+	// ConnectionRoleActive indicates the endpoint will initiate an outgoing connection.
+	ConnectionRoleActive ConnectionRole = iota + 1
+
+	// ConnectionRolePassive indicates the endpoint will accept an incoming connection.
+	ConnectionRolePassive
+
+	// ConnectionRoleActpass indicates the endpoint is willing to accept an incoming connection or to initiate an outgoing connection.
+	ConnectionRoleActpass
+
+	// ConnectionRoleHoldconn indicates the endpoint does not want the connection to be established for the time being.
+	ConnectionRoleHoldconn
+)
+
+func (t ConnectionRole) String() string {
+	switch t {
+	case ConnectionRoleActive:
+		return "active"
+	case ConnectionRolePassive:
+		return "passive"
+	case ConnectionRoleActpass:
+		return "actpass"
+	case ConnectionRoleHoldconn:
+		return "holdconn"
+	default:
+		return "Unknown"
+	}
+}
+
+func newSessionID() (uint64, error) {
+	// https://tools.ietf.org/html/draft-ietf-rtcweb-jsep-26#section-5.2.1
+	// Session ID is recommended to be constructed by generating a 64-bit
+	// quantity with the highest bit set to zero and the remaining 63-bits
+	// being cryptographically random.
+	id, err := randutil.CryptoUint64()
+	return id & (^(uint64(1) << 63)), err
+}
+
+// Codec represents a codec
+type Codec struct {
+	PayloadType        uint8
+	Name               string
+	ClockRate          uint32
+	EncodingParameters string
+	Fmtp               string
+	RTCPFeedback       []string
+}
+
+const (
+	unknown = iota
+)
+
+func (c Codec) String() string {
+	return fmt.Sprintf("%d %s/%d/%s (%s) [%s]", c.PayloadType, c.Name, c.ClockRate, c.EncodingParameters, c.Fmtp, strings.Join(c.RTCPFeedback, ", "))
+}
+
+func (c *Codec) appendRTCPFeedback(rtcpFeedback string) {
+	for _, existingRTCPFeedback := range c.RTCPFeedback {
+		if existingRTCPFeedback == rtcpFeedback {
+			return
+		}
+	}
+
+	c.RTCPFeedback = append(c.RTCPFeedback, rtcpFeedback)
+}
+
+func parseRtpmap(rtpmap string) (Codec, error) {
+	var codec Codec
+	parsingFailed := errExtractCodecRtpmap
+
+	// a=rtpmap:<payload type> <encoding name>/<clock rate>[/<encoding parameters>]
+	split := strings.Split(rtpmap, " ")
+	if len(split) != 2 {
+		return codec, parsingFailed
+	}
+
+	ptSplit := strings.Split(split[0], ":")
+	if len(ptSplit) != 2 {
+		return codec, parsingFailed
+	}
+
+	ptInt, err := strconv.ParseUint(ptSplit[1], 10, 8)
+	if err != nil {
+		return codec, parsingFailed
+	}
+
+	codec.PayloadType = uint8(ptInt)
+
+	split = strings.Split(split[1], "/")
+	codec.Name = split[0]
+	parts := len(split)
+	if parts > 1 {
+		rate, err := strconv.ParseUint(split[1], 10, 32)
+		if err != nil {
+			return codec, parsingFailed
+		}
+		codec.ClockRate = uint32(rate)
+	}
+	if parts > 2 {
+		codec.EncodingParameters = split[2]
+	}
+
+	return codec, nil
+}
+
+func parseFmtp(fmtp string) (Codec, error) {
+	var codec Codec
+	parsingFailed := errExtractCodecFmtp
+
+	// a=fmtp:<format> <format specific parameters>
+	split := strings.Split(fmtp, " ")
+	if len(split) != 2 {
+		return codec, parsingFailed
+	}
+
+	formatParams := split[1]
+
+	split = strings.Split(split[0], ":")
+	if len(split) != 2 {
+		return codec, parsingFailed
+	}
+
+	ptInt, err := strconv.ParseUint(split[1], 10, 8)
+	if err != nil {
+		return codec, parsingFailed
+	}
+
+	codec.PayloadType = uint8(ptInt)
+	codec.Fmtp = formatParams
+
+	return codec, nil
+}
+
+func parseRtcpFb(rtcpFb string) (codec Codec, isWildcard bool, err error) {
+	var ptInt uint64
+	err = errExtractCodecRtcpFb
+
+	// a=ftcp-fb:<payload type> <RTCP feedback type> [<RTCP feedback parameter>]
+	split := strings.SplitN(rtcpFb, " ", 2)
+	if len(split) != 2 {
+		return
+	}
+
+	ptSplit := strings.Split(split[0], ":")
+	if len(ptSplit) != 2 {
+		return
+	}
+
+	isWildcard = ptSplit[1] == "*"
+	if !isWildcard {
+		ptInt, err = strconv.ParseUint(ptSplit[1], 10, 8)
+		if err != nil {
+			return
+		}
+
+		codec.PayloadType = uint8(ptInt)
+	}
+
+	codec.RTCPFeedback = append(codec.RTCPFeedback, split[1])
+	return codec, isWildcard, nil
+}
+
+func mergeCodecs(codec Codec, codecs map[uint8]Codec) {
+	savedCodec := codecs[codec.PayloadType]
+
+	if savedCodec.PayloadType == 0 {
+		savedCodec.PayloadType = codec.PayloadType
+	}
+	if savedCodec.Name == "" {
+		savedCodec.Name = codec.Name
+	}
+	if savedCodec.ClockRate == 0 {
+		savedCodec.ClockRate = codec.ClockRate
+	}
+	if savedCodec.EncodingParameters == "" {
+		savedCodec.EncodingParameters = codec.EncodingParameters
+	}
+	if savedCodec.Fmtp == "" {
+		savedCodec.Fmtp = codec.Fmtp
+	}
+	savedCodec.RTCPFeedback = append(savedCodec.RTCPFeedback, codec.RTCPFeedback...)
+
+	codecs[savedCodec.PayloadType] = savedCodec
+}
+
+func (s *SessionDescription) buildCodecMap() map[uint8]Codec {
+	codecs := map[uint8]Codec{
+		// static codecs that do not require a rtpmap
+		0: {
+			PayloadType: 0,
+			Name:        "PCMU",
+			ClockRate:   8000,
+		},
+		8: {
+			PayloadType: 8,
+			Name:        "PCMA",
+			ClockRate:   8000,
+		},
+	}
+
+	wildcardRTCPFeedback := []string{}
+	for _, m := range s.MediaDescriptions {
+		for _, a := range m.Attributes {
+			attr := a.String()
+			switch {
+			case strings.HasPrefix(attr, "rtpmap:"):
+				codec, err := parseRtpmap(attr)
+				if err == nil {
+					mergeCodecs(codec, codecs)
+				}
+			case strings.HasPrefix(attr, "fmtp:"):
+				codec, err := parseFmtp(attr)
+				if err == nil {
+					mergeCodecs(codec, codecs)
+				}
+			case strings.HasPrefix(attr, "rtcp-fb:"):
+				codec, isWildcard, err := parseRtcpFb(attr)
+				switch {
+				case err != nil:
+				case isWildcard:
+					wildcardRTCPFeedback = append(wildcardRTCPFeedback, codec.RTCPFeedback...)
+				default:
+					mergeCodecs(codec, codecs)
+				}
+			}
+		}
+	}
+
+	for i, codec := range codecs {
+		for _, newRTCPFeedback := range wildcardRTCPFeedback {
+			codec.appendRTCPFeedback(newRTCPFeedback)
+		}
+
+		codecs[i] = codec
+	}
+
+	return codecs
+}
+
+func equivalentFmtp(want, got string) bool {
+	wantSplit := strings.Split(want, ";")
+	gotSplit := strings.Split(got, ";")
+
+	if len(wantSplit) != len(gotSplit) {
+		return false
+	}
+
+	sort.Strings(wantSplit)
+	sort.Strings(gotSplit)
+
+	for i, wantPart := range wantSplit {
+		wantPart = strings.TrimSpace(wantPart)
+		gotPart := strings.TrimSpace(gotSplit[i])
+		if gotPart != wantPart {
+			return false
+		}
+	}
+
+	return true
+}
+
+func codecsMatch(wanted, got Codec) bool {
+	if wanted.Name != "" && !strings.EqualFold(wanted.Name, got.Name) {
+		return false
+	}
+	if wanted.ClockRate != 0 && wanted.ClockRate != got.ClockRate {
+		return false
+	}
+	if wanted.EncodingParameters != "" && wanted.EncodingParameters != got.EncodingParameters {
+		return false
+	}
+	if wanted.Fmtp != "" && !equivalentFmtp(wanted.Fmtp, got.Fmtp) {
+		return false
+	}
+
+	return true
+}
+
+// GetCodecForPayloadType scans the SessionDescription for the given payload type and returns the codec
+func (s *SessionDescription) GetCodecForPayloadType(payloadType uint8) (Codec, error) {
+	codecs := s.buildCodecMap()
+
+	codec, ok := codecs[payloadType]
+	if ok {
+		return codec, nil
+	}
+
+	return codec, errPayloadTypeNotFound
+}
+
+// GetPayloadTypeForCodec scans the SessionDescription for a codec that matches the provided codec
+// as closely as possible and returns its payload type
+func (s *SessionDescription) GetPayloadTypeForCodec(wanted Codec) (uint8, error) {
+	codecs := s.buildCodecMap()
+
+	for payloadType, codec := range codecs {
+		if codecsMatch(wanted, codec) {
+			return payloadType, nil
+		}
+	}
+
+	return 0, errCodecNotFound
+}
+
+type stateFn func(*lexer) (stateFn, error)
+
+type lexer struct {
+	desc  *SessionDescription
+	cache *unmarshalCache
+	baseLexer
+}
+
+type keyToState func(key byte) stateFn
+
+func (l *lexer) handleType(fn keyToState) (stateFn, error) {
+	key, err := l.readType()
+	if errors.Is(err, io.EOF) && key == 0 {
+		return nil, nil //nolint:nilnil
+	} else if err != nil {
+		return nil, err
+	}
+
+	if res := fn(key); res != nil {
+		return res, nil
+	}
+
+	return nil, l.syntaxError()
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/.gitignore b/server/vendor/github.com/pion/srtp/v2/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/srtp/v2/.golangci.yml b/server/vendor/github.com/pion/srtp/v2/.golangci.yml
new file mode 100644
index 0000000..4e3eddf
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/.golangci.yml
@@ -0,0 +1,137 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests, better to be self contained
+    - path: _test\.go
+      linters:
+        - gocognit
+        - forbidigo
+
+    # Allow complex main function in examples
+    - path: examples
+      text: "of func `main` is high"
+      linters:
+        - gocognit
+    
+    # Allow forbidden identifiers in examples
+    - path: examples
+      linters:
+        - forbidigo
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/srtp/v2/.goreleaser.yml b/server/vendor/github.com/pion/srtp/v2/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/srtp/v2/AUTHORS.txt b/server/vendor/github.com/pion/srtp/v2/AUTHORS.txt
new file mode 100644
index 0000000..73cea1e
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/AUTHORS.txt
@@ -0,0 +1,37 @@
+# Thank you to everyone that made Pion possible. If you are interested in contributing
+# we would love to have you https://github.com/pion/webrtc/wiki/Contributing
+#
+# This file is auto generated, using git to list all individuals contributors.
+# see https://github.com/pion/.goassets/blob/master/scripts/generate-authors.sh for the scripting
+adamroach <adam@nostrum.com>
+Adrian Cable <adrian.cable@gmail.com>
+Agniva De Sarker <agnivade@yahoo.co.in>
+Antoine Baché <antoine@tenten.app>
+Atsushi Watanabe <atsushi.w@ieee.org>
+backkem <mail@backkem.me>
+chenkaiC4 <chenkaic4@gmail.com>
+Chris Hiszpanski <chris@hiszpanski.name>
+cnderrauber <zengjie9004@gmail.com>
+cszdlt <cszdlt@qq.com>
+Hugo Arregui <hugo.arregui@gmail.com>
+Jerko Steiner <jerko.steiner@gmail.com>
+Juliusz Chroboczek <jch@irif.fr>
+Luke Curley <kixelated@gmail.com>
+Luke Curley <lcurley@twitch.tv>
+Max Hawkins <maxhawkins@gmail.com>
+mission-liao <missionaryliao@gmail.com>
+Novel Corpse <romandafe94@gmail.com>
+OrlandoCo <luisorlando.co@gmail.com>
+Patryk <digitalix4@gmail.com>
+Patryk Rogalski <digitalix4@gmail.com>
+Sean DuBois <seaduboi@amazon.com>
+Sean DuBois <sean@siobud.com>
+SeongGyu Park <tawny.port@kakaoenterprise.com>
+Steffen <post@steffenvogel.de>
+Steffen Vogel <post@steffenvogel.de>
+Tobias Fridén <tobias.friden@gmail.com>
+Woodrow Douglass <wdouglass@carnegierobotics.com>
+Yutaka Takeda <yt0916@gmail.com>
+
+# List of contributors not appearing in Git history
+
diff --git a/server/vendor/github.com/pion/srtp/v2/LICENSE b/server/vendor/github.com/pion/srtp/v2/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/srtp/v2/README.md b/server/vendor/github.com/pion/srtp/v2/README.md
new file mode 100644
index 0000000..d0e94e7
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/README.md
@@ -0,0 +1,35 @@
+<h1 align="center">
+  <br>
+  Pion SRTP
+  <br>
+</h1>
+<h4 align="center">A Go implementation of SRTP</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-srtp-gray.svg?longCache=true&colorB=brightgreen" alt="Pion SRTP"></a>
+  <a href="https://sourcegraph.com/github.com/pion/srtp?badge"><img src="https://sourcegraph.com/github.com/pion/srtp/-/badge.svg" alt="Sourcegraph Widget"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/srtp/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/srtp"><img src="https://pkg.go.dev/badge/github.com/pion/srtp.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/srtp"><img src="https://codecov.io/gh/pion/srtp/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/srtp"><img src="https://goreportcard.com/badge/github.com/pion/srtp" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible: [AUTHORS.txt](./AUTHORS.txt)
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/srtp/v2/codecov.yml b/server/vendor/github.com/pion/srtp/v2/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/srtp/v2/context.go b/server/vendor/github.com/pion/srtp/v2/context.go
new file mode 100644
index 0000000..ffed38f
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/context.go
@@ -0,0 +1,293 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/pion/transport/v2/replaydetector"
+)
+
+const (
+	labelSRTPEncryption        = 0x00
+	labelSRTPAuthenticationTag = 0x01
+	labelSRTPSalt              = 0x02
+
+	labelSRTCPEncryption        = 0x03
+	labelSRTCPAuthenticationTag = 0x04
+	labelSRTCPSalt              = 0x05
+
+	maxSequenceNumber = 65535
+	maxROC            = (1 << 32) - 1
+
+	seqNumMedian = 1 << 15
+	seqNumMax    = 1 << 16
+
+	srtcpIndexSize = 4
+)
+
+// Encrypt/Decrypt state for a single SRTP SSRC
+type srtpSSRCState struct {
+	ssrc                 uint32
+	rolloverHasProcessed bool
+	index                uint64
+	replayDetector       replaydetector.ReplayDetector
+}
+
+// Encrypt/Decrypt state for a single SRTCP SSRC
+type srtcpSSRCState struct {
+	srtcpIndex     uint32
+	ssrc           uint32
+	replayDetector replaydetector.ReplayDetector
+}
+
+// Context represents a SRTP cryptographic context.
+// Context can only be used for one-way operations.
+// it must either used ONLY for encryption or ONLY for decryption.
+// Note that Context does not provide any concurrency protection:
+// access to a Context from multiple goroutines requires external
+// synchronization.
+type Context struct {
+	cipher srtpCipher
+
+	srtpSSRCStates  map[uint32]*srtpSSRCState
+	srtcpSSRCStates map[uint32]*srtcpSSRCState
+
+	newSRTCPReplayDetector func() replaydetector.ReplayDetector
+	newSRTPReplayDetector  func() replaydetector.ReplayDetector
+
+	profile ProtectionProfile
+
+	sendMKI []byte                // Master Key Identifier used for encrypting RTP/RTCP packets. Set to nil if MKI is not enabled.
+	mkis    map[string]srtpCipher // Master Key Identifier to cipher mapping. Used for decrypting packets. Empty if MKI is not enabled.
+
+	encryptSRTP  bool
+	encryptSRTCP bool
+}
+
+// CreateContext creates a new SRTP Context.
+//
+// CreateContext receives variable number of ContextOption-s.
+// Passing multiple options which set the same parameter let the last one valid.
+// Following example create SRTP Context with replay protection with window size of 256.
+//
+//	decCtx, err := srtp.CreateContext(key, salt, profile, srtp.SRTPReplayProtection(256))
+func CreateContext(masterKey, masterSalt []byte, profile ProtectionProfile, opts ...ContextOption) (c *Context, err error) {
+	c = &Context{
+		srtpSSRCStates:  map[uint32]*srtpSSRCState{},
+		srtcpSSRCStates: map[uint32]*srtcpSSRCState{},
+		profile:         profile,
+		mkis:            map[string]srtpCipher{},
+	}
+
+	for _, o := range append(
+		[]ContextOption{ // Default options
+			SRTPNoReplayProtection(),
+			SRTCPNoReplayProtection(),
+			SRTPEncryption(),
+			SRTCPEncryption(),
+		},
+		opts..., // User specified options
+	) {
+		if errOpt := o(c); errOpt != nil {
+			return nil, errOpt
+		}
+	}
+
+	c.cipher, err = c.createCipher(c.sendMKI, masterKey, masterSalt, c.encryptSRTP, c.encryptSRTCP)
+	if err != nil {
+		return nil, err
+	}
+	if len(c.sendMKI) != 0 {
+		c.mkis[string(c.sendMKI)] = c.cipher
+	}
+
+	return c, nil
+}
+
+// AddCipherForMKI adds new MKI with associated masker key and salt. Context must be created with MasterKeyIndicator option
+// to enable MKI support. MKI must be unique and have the same length as the one used for creating Context.
+// Operation is not thread-safe, you need to provide synchronization with decrypting packets.
+func (c *Context) AddCipherForMKI(mki, masterKey, masterSalt []byte) error {
+	if len(c.mkis) == 0 {
+		return errMKIIsNotEnabled
+	}
+	if len(mki) == 0 || len(mki) != len(c.sendMKI) {
+		return errInvalidMKILength
+	}
+	if _, ok := c.mkis[string(mki)]; ok {
+		return errMKIAlreadyInUse
+	}
+
+	cipher, err := c.createCipher(mki, masterKey, masterSalt, c.encryptSRTP, c.encryptSRTCP)
+	if err != nil {
+		return err
+	}
+	c.mkis[string(mki)] = cipher
+	return nil
+}
+
+func (c *Context) createCipher(mki, masterKey, masterSalt []byte, encryptSRTP, encryptSRTCP bool) (srtpCipher, error) {
+	keyLen, err := c.profile.KeyLen()
+	if err != nil {
+		return nil, err
+	}
+
+	saltLen, err := c.profile.SaltLen()
+	if err != nil {
+		return nil, err
+	}
+
+	if masterKeyLen := len(masterKey); masterKeyLen != keyLen {
+		return nil, fmt.Errorf("%w expected(%d) actual(%d)", errShortSrtpMasterKey, masterKey, keyLen)
+	} else if masterSaltLen := len(masterSalt); masterSaltLen != saltLen {
+		return nil, fmt.Errorf("%w expected(%d) actual(%d)", errShortSrtpMasterSalt, saltLen, masterSaltLen)
+	}
+
+	switch c.profile {
+	case ProtectionProfileAeadAes128Gcm, ProtectionProfileAeadAes256Gcm:
+		return newSrtpCipherAeadAesGcm(c.profile, masterKey, masterSalt, mki, encryptSRTP, encryptSRTCP)
+	case ProtectionProfileAes128CmHmacSha1_32, ProtectionProfileAes128CmHmacSha1_80, ProtectionProfileAes256CmHmacSha1_32, ProtectionProfileAes256CmHmacSha1_80:
+		return newSrtpCipherAesCmHmacSha1(c.profile, masterKey, masterSalt, mki, encryptSRTP, encryptSRTCP)
+	case ProtectionProfileNullHmacSha1_32, ProtectionProfileNullHmacSha1_80:
+		return newSrtpCipherAesCmHmacSha1(c.profile, masterKey, masterSalt, mki, false, false)
+	default:
+		return nil, fmt.Errorf("%w: %#v", errNoSuchSRTPProfile, c.profile)
+	}
+}
+
+// RemoveMKI removes one of MKIs. You cannot remove last MKI and one used for encrypting RTP/RTCP packets.
+// Operation is not thread-safe, you need to provide synchronization with decrypting packets.
+func (c *Context) RemoveMKI(mki []byte) error {
+	if _, ok := c.mkis[string(mki)]; !ok {
+		return ErrMKINotFound
+	}
+	if bytes.Equal(mki, c.sendMKI) {
+		return errMKIAlreadyInUse
+	}
+	delete(c.mkis, string(mki))
+	return nil
+}
+
+// SetSendMKI switches MKI and cipher used for encrypting RTP/RTCP packets.
+// Operation is not thread-safe, you need to provide synchronization with encrypting packets.
+func (c *Context) SetSendMKI(mki []byte) error {
+	cipher, ok := c.mkis[string(mki)]
+	if !ok {
+		return ErrMKINotFound
+	}
+	c.sendMKI = mki
+	c.cipher = cipher
+	return nil
+}
+
+// https://tools.ietf.org/html/rfc3550#appendix-A.1
+func (s *srtpSSRCState) nextRolloverCount(sequenceNumber uint16) (roc uint32, diff int32, overflow bool) {
+	seq := int32(sequenceNumber)
+	localRoc := uint32(s.index >> 16)
+	localSeq := int32(s.index & (seqNumMax - 1))
+
+	guessRoc := localRoc
+	var difference int32
+
+	if s.rolloverHasProcessed {
+		// When localROC is equal to 0, and entering seq-localSeq > seqNumMedian
+		// judgment, it will cause guessRoc calculation error
+		if s.index > seqNumMedian {
+			if localSeq < seqNumMedian {
+				if seq-localSeq > seqNumMedian {
+					guessRoc = localRoc - 1
+					difference = seq - localSeq - seqNumMax
+				} else {
+					guessRoc = localRoc
+					difference = seq - localSeq
+				}
+			} else {
+				if localSeq-seqNumMedian > seq {
+					guessRoc = localRoc + 1
+					difference = seq - localSeq + seqNumMax
+				} else {
+					guessRoc = localRoc
+					difference = seq - localSeq
+				}
+			}
+		} else {
+			// localRoc is equal to 0
+			difference = seq - localSeq
+		}
+	}
+
+	return guessRoc, difference, (guessRoc == 0 && localRoc == maxROC)
+}
+
+func (s *srtpSSRCState) updateRolloverCount(sequenceNumber uint16, difference int32) {
+	if !s.rolloverHasProcessed {
+		s.index |= uint64(sequenceNumber)
+		s.rolloverHasProcessed = true
+		return
+	}
+	if difference > 0 {
+		s.index += uint64(difference)
+	}
+}
+
+func (c *Context) getSRTPSSRCState(ssrc uint32) *srtpSSRCState {
+	s, ok := c.srtpSSRCStates[ssrc]
+	if ok {
+		return s
+	}
+
+	s = &srtpSSRCState{
+		ssrc:           ssrc,
+		replayDetector: c.newSRTPReplayDetector(),
+	}
+	c.srtpSSRCStates[ssrc] = s
+	return s
+}
+
+func (c *Context) getSRTCPSSRCState(ssrc uint32) *srtcpSSRCState {
+	s, ok := c.srtcpSSRCStates[ssrc]
+	if ok {
+		return s
+	}
+
+	s = &srtcpSSRCState{
+		ssrc:           ssrc,
+		replayDetector: c.newSRTCPReplayDetector(),
+	}
+	c.srtcpSSRCStates[ssrc] = s
+	return s
+}
+
+// ROC returns SRTP rollover counter value of specified SSRC.
+func (c *Context) ROC(ssrc uint32) (uint32, bool) {
+	s, ok := c.srtpSSRCStates[ssrc]
+	if !ok {
+		return 0, false
+	}
+	return uint32(s.index >> 16), true
+}
+
+// SetROC sets SRTP rollover counter value of specified SSRC.
+func (c *Context) SetROC(ssrc uint32, roc uint32) {
+	s := c.getSRTPSSRCState(ssrc)
+	s.index = uint64(roc) << 16
+	s.rolloverHasProcessed = false
+}
+
+// Index returns SRTCP index value of specified SSRC.
+func (c *Context) Index(ssrc uint32) (uint32, bool) {
+	s, ok := c.srtcpSSRCStates[ssrc]
+	if !ok {
+		return 0, false
+	}
+	return s.srtcpIndex, true
+}
+
+// SetIndex sets SRTCP index value of specified SSRC.
+func (c *Context) SetIndex(ssrc uint32, index uint32) {
+	s := c.getSRTCPSSRCState(ssrc)
+	s.srtcpIndex = index % (maxSRTCPIndex + 1)
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/crypto.go b/server/vendor/github.com/pion/srtp/v2/crypto.go
new file mode 100644
index 0000000..9696e8f
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/crypto.go
@@ -0,0 +1,45 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"crypto/cipher"
+
+	"github.com/pion/transport/v2/utils/xor"
+)
+
+// incrementCTR increments a big-endian integer of arbitrary size.
+func incrementCTR(ctr []byte) {
+	for i := len(ctr) - 1; i >= 0; i-- {
+		ctr[i]++
+		if ctr[i] != 0 {
+			break
+		}
+	}
+}
+
+// xorBytesCTR performs CTR encryption and decryption.
+// It is equivalent to cipher.NewCTR followed by XORKeyStream.
+func xorBytesCTR(block cipher.Block, iv []byte, dst, src []byte) error {
+	if len(iv) != block.BlockSize() {
+		return errBadIVLength
+	}
+
+	ctr := make([]byte, len(iv))
+	copy(ctr, iv)
+	bs := block.BlockSize()
+	stream := make([]byte, bs)
+
+	i := 0
+	for i < len(src) {
+		block.Encrypt(stream, ctr)
+		incrementCTR(ctr)
+		n := xor.XorBytes(dst[i:], src[i:], stream)
+		if n == 0 {
+			break
+		}
+		i += n
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/errors.go b/server/vendor/github.com/pion/srtp/v2/errors.go
new file mode 100644
index 0000000..c22653f
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/errors.go
@@ -0,0 +1,53 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"errors"
+	"fmt"
+)
+
+var (
+	// ErrFailedToVerifyAuthTag is returned when decryption fails due to invalid authentication tag
+	ErrFailedToVerifyAuthTag = errors.New("failed to verify auth tag")
+	// ErrMKINotFound is returned when decryption fails due to unknown MKI value in packet
+	ErrMKINotFound = errors.New("MKI not found")
+
+	errDuplicated                    = errors.New("duplicated packet")
+	errShortSrtpMasterKey            = errors.New("SRTP master key is not long enough")
+	errShortSrtpMasterSalt           = errors.New("SRTP master salt is not long enough")
+	errNoSuchSRTPProfile             = errors.New("no such SRTP Profile")
+	errNonZeroKDRNotSupported        = errors.New("indexOverKdr > 0 is not supported yet")
+	errExporterWrongLabel            = errors.New("exporter called with wrong label")
+	errNoConfig                      = errors.New("no config provided")
+	errNoConn                        = errors.New("no conn provided")
+	errTooShortRTP                   = errors.New("packet is too short to be RTP packet")
+	errTooShortRTCP                  = errors.New("packet is too short to be RTCP packet")
+	errPayloadDiffers                = errors.New("payload differs")
+	errStartedChannelUsedIncorrectly = errors.New("started channel used incorrectly, should only be closed")
+	errBadIVLength                   = errors.New("bad iv length in xorBytesCTR")
+	errExceededMaxPackets            = errors.New("exceeded the maximum number of packets")
+	errMKIAlreadyInUse               = errors.New("MKI already in use")
+	errMKIIsNotEnabled               = errors.New("MKI is not enabled")
+	errInvalidMKILength              = errors.New("invalid MKI length")
+
+	errStreamNotInited     = errors.New("stream has not been inited, unable to close")
+	errStreamAlreadyClosed = errors.New("stream is already closed")
+	errStreamAlreadyInited = errors.New("stream is already inited")
+	errFailedTypeAssertion = errors.New("failed to cast child")
+)
+
+type duplicatedError struct {
+	Proto string // srtp or srtcp
+	SSRC  uint32
+	Index uint32 // sequence number or index
+}
+
+func (e *duplicatedError) Error() string {
+	return fmt.Sprintf("%s ssrc=%d index=%d: %v", e.Proto, e.SSRC, e.Index, errDuplicated)
+}
+
+func (e *duplicatedError) Unwrap() error {
+	return errDuplicated
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/key_derivation.go b/server/vendor/github.com/pion/srtp/v2/key_derivation.go
new file mode 100644
index 0000000..f192faf
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/key_derivation.go
@@ -0,0 +1,69 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"crypto/aes"
+	"encoding/binary"
+)
+
+func aesCmKeyDerivation(label byte, masterKey, masterSalt []byte, indexOverKdr int, outLen int) ([]byte, error) {
+	if indexOverKdr != 0 {
+		// 24-bit "index DIV kdr" must be xored to prf input.
+		return nil, errNonZeroKDRNotSupported
+	}
+
+	// https://tools.ietf.org/html/rfc3711#appendix-B.3
+	// The input block for AES-CM is generated by exclusive-oring the master salt with the
+	// concatenation of the encryption key label 0x00 with (index DIV kdr),
+	// - index is 'rollover count' and DIV is 'divided by'
+
+	nMasterSalt := len(masterSalt)
+
+	prfIn := make([]byte, 16)
+	copy(prfIn[:nMasterSalt], masterSalt)
+
+	prfIn[7] ^= label
+
+	// The resulting value is then AES encrypted using the master key to get the cipher key.
+	block, err := aes.NewCipher(masterKey)
+	if err != nil {
+		return nil, err
+	}
+
+	nBlockSize := block.BlockSize()
+	out := make([]byte, ((outLen+nBlockSize-1)/nBlockSize)*nBlockSize)
+	var i uint16
+	for n := 0; n < outLen; n += nBlockSize {
+		binary.BigEndian.PutUint16(prfIn[len(prfIn)-2:], i)
+		block.Encrypt(out[n:n+nBlockSize], prfIn)
+		i++
+	}
+	return out[:outLen], nil
+}
+
+// Generate IV https://tools.ietf.org/html/rfc3711#section-4.1.1
+// where the 128-bit integer value IV SHALL be defined by the SSRC, the
+// SRTP packet index i, and the SRTP session salting key k_s, as below.
+// - ROC = a 32-bit unsigned rollover counter (ROC), which records how many
+// -       times the 16-bit RTP sequence number has been reset to zero after
+// -       passing through 65,535
+// i = 2^16 * ROC + SEQ
+// IV = (salt*2 ^ 16) | (ssrc*2 ^ 64) | (i*2 ^ 16)
+func generateCounter(sequenceNumber uint16, rolloverCounter uint32, ssrc uint32, sessionSalt []byte) (counter [16]byte) {
+	copy(counter[:], sessionSalt)
+
+	counter[4] ^= byte(ssrc >> 24)
+	counter[5] ^= byte(ssrc >> 16)
+	counter[6] ^= byte(ssrc >> 8)
+	counter[7] ^= byte(ssrc)
+	counter[8] ^= byte(rolloverCounter >> 24)
+	counter[9] ^= byte(rolloverCounter >> 16)
+	counter[10] ^= byte(rolloverCounter >> 8)
+	counter[11] ^= byte(rolloverCounter)
+	counter[12] ^= byte(sequenceNumber >> 8)
+	counter[13] ^= byte(sequenceNumber)
+
+	return counter
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/keying.go b/server/vendor/github.com/pion/srtp/v2/keying.go
new file mode 100644
index 0000000..617f4d7
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/keying.go
@@ -0,0 +1,57 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+const labelExtractorDtlsSrtp = "EXTRACTOR-dtls_srtp"
+
+// KeyingMaterialExporter allows package SRTP to extract keying material
+type KeyingMaterialExporter interface {
+	ExportKeyingMaterial(label string, context []byte, length int) ([]byte, error)
+}
+
+// ExtractSessionKeysFromDTLS allows setting the Config SessionKeys by
+// extracting them from DTLS. This behavior is defined in RFC5764:
+// https://tools.ietf.org/html/rfc5764
+func (c *Config) ExtractSessionKeysFromDTLS(exporter KeyingMaterialExporter, isClient bool) error {
+	keyLen, err := c.Profile.KeyLen()
+	if err != nil {
+		return err
+	}
+
+	saltLen, err := c.Profile.SaltLen()
+	if err != nil {
+		return err
+	}
+
+	keyingMaterial, err := exporter.ExportKeyingMaterial(labelExtractorDtlsSrtp, nil, (keyLen*2)+(saltLen*2))
+	if err != nil {
+		return err
+	}
+
+	offset := 0
+	clientWriteKey := append([]byte{}, keyingMaterial[offset:offset+keyLen]...)
+	offset += keyLen
+
+	serverWriteKey := append([]byte{}, keyingMaterial[offset:offset+keyLen]...)
+	offset += keyLen
+
+	clientWriteKey = append(clientWriteKey, keyingMaterial[offset:offset+saltLen]...)
+	offset += saltLen
+
+	serverWriteKey = append(serverWriteKey, keyingMaterial[offset:offset+saltLen]...)
+
+	if isClient {
+		c.Keys.LocalMasterKey = clientWriteKey[0:keyLen]
+		c.Keys.LocalMasterSalt = clientWriteKey[keyLen:]
+		c.Keys.RemoteMasterKey = serverWriteKey[0:keyLen]
+		c.Keys.RemoteMasterSalt = serverWriteKey[keyLen:]
+		return nil
+	}
+
+	c.Keys.LocalMasterKey = serverWriteKey[0:keyLen]
+	c.Keys.LocalMasterSalt = serverWriteKey[keyLen:]
+	c.Keys.RemoteMasterKey = clientWriteKey[0:keyLen]
+	c.Keys.RemoteMasterSalt = clientWriteKey[keyLen:]
+	return nil
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/option.go b/server/vendor/github.com/pion/srtp/v2/option.go
new file mode 100644
index 0000000..708274f
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/option.go
@@ -0,0 +1,120 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"github.com/pion/transport/v2/replaydetector"
+)
+
+// ContextOption represents option of Context using the functional options pattern.
+type ContextOption func(*Context) error
+
+// SRTPReplayProtection sets SRTP replay protection window size.
+func SRTPReplayProtection(windowSize uint) ContextOption { // nolint:revive
+	return func(c *Context) error {
+		c.newSRTPReplayDetector = func() replaydetector.ReplayDetector {
+			return replaydetector.New(windowSize, maxROC<<16|maxSequenceNumber)
+		}
+		return nil
+	}
+}
+
+// SRTCPReplayProtection sets SRTCP replay protection window size.
+func SRTCPReplayProtection(windowSize uint) ContextOption {
+	return func(c *Context) error {
+		c.newSRTCPReplayDetector = func() replaydetector.ReplayDetector {
+			return replaydetector.New(windowSize, maxSRTCPIndex)
+		}
+		return nil
+	}
+}
+
+// SRTPNoReplayProtection disables SRTP replay protection.
+func SRTPNoReplayProtection() ContextOption { // nolint:revive
+	return func(c *Context) error {
+		c.newSRTPReplayDetector = func() replaydetector.ReplayDetector {
+			return &nopReplayDetector{}
+		}
+		return nil
+	}
+}
+
+// SRTCPNoReplayProtection disables SRTCP replay protection.
+func SRTCPNoReplayProtection() ContextOption {
+	return func(c *Context) error {
+		c.newSRTCPReplayDetector = func() replaydetector.ReplayDetector {
+			return &nopReplayDetector{}
+		}
+		return nil
+	}
+}
+
+// SRTPReplayDetectorFactory sets custom SRTP replay detector.
+func SRTPReplayDetectorFactory(fn func() replaydetector.ReplayDetector) ContextOption { // nolint:revive
+	return func(c *Context) error {
+		c.newSRTPReplayDetector = fn
+		return nil
+	}
+}
+
+// SRTCPReplayDetectorFactory sets custom SRTCP replay detector.
+func SRTCPReplayDetectorFactory(fn func() replaydetector.ReplayDetector) ContextOption {
+	return func(c *Context) error {
+		c.newSRTCPReplayDetector = fn
+		return nil
+	}
+}
+
+type nopReplayDetector struct{}
+
+func (s *nopReplayDetector) Check(uint64) (func(), bool) {
+	return func() {}, true
+}
+
+// MasterKeyIndicator sets RTP/RTCP MKI for the initial master key. Array passed as an argument will be
+// copied as-is to encrypted SRTP/SRTCP packets, so it must be of proper length and in Big Endian format.
+// All MKIs added later using Context.AddCipherForMKI must have the same length as the one used here.
+func MasterKeyIndicator(mki []byte) ContextOption {
+	return func(c *Context) error {
+		if len(mki) > 0 {
+			c.sendMKI = make([]byte, len(mki))
+			copy(c.sendMKI, mki)
+		}
+		return nil
+	}
+}
+
+// SRTPEncryption enables SRTP encryption.
+func SRTPEncryption() ContextOption { // nolint:revive
+	return func(c *Context) error {
+		c.encryptSRTP = true
+		return nil
+	}
+}
+
+// SRTPNoEncryption disables SRTP encryption. This option is useful when you want to use NullCipher for SRTP and keep authentication only.
+// It simplifies debugging and testing, but it is not recommended for production use.
+func SRTPNoEncryption() ContextOption { // nolint:revive
+	return func(c *Context) error {
+		c.encryptSRTP = false
+		return nil
+	}
+}
+
+// SRTCPEncryption enables SRTCP encryption.
+func SRTCPEncryption() ContextOption {
+	return func(c *Context) error {
+		c.encryptSRTCP = true
+		return nil
+	}
+}
+
+// SRTCPNoEncryption disables SRTCP encryption. This option is useful when you want to use NullCipher for SRTCP and keep authentication only.
+// It simplifies debugging and testing, but it is not recommended for production use.
+func SRTCPNoEncryption() ContextOption {
+	return func(c *Context) error {
+		c.encryptSRTCP = false
+		return nil
+	}
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/protection_profile.go b/server/vendor/github.com/pion/srtp/v2/protection_profile.go
new file mode 100644
index 0000000..9384bf8
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/protection_profile.go
@@ -0,0 +1,128 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import "fmt"
+
+// ProtectionProfile specifies Cipher and AuthTag details, similar to TLS cipher suite
+type ProtectionProfile uint16
+
+// Supported protection profiles
+// See https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
+//
+// AES128_CM_HMAC_SHA1_80 and AES128_CM_HMAC_SHA1_32 are valid SRTP profiles, but they do not have an DTLS-SRTP Protection Profiles ID assigned
+// in RFC 5764. They were in earlier draft of this RFC: https://datatracker.ietf.org/doc/html/draft-ietf-avt-dtls-srtp-03#section-4.1.2
+// Their IDs are now marked as reserved in the IANA registry. Despite this Chrome supports them:
+// https://chromium.googlesource.com/chromium/deps/libsrtp/+/84122798bb16927b1e676bd4f938a6e48e5bf2fe/srtp/include/srtp.h#694
+//
+// Null profiles disable encryption, they are used for debugging and testing. They are not recommended for production use.
+// Use of them is equivalent to using ProtectionProfileAes128CmHmacSha1_NN profile with SRTPNoEncryption and SRTCPNoEncryption options.
+const (
+	ProtectionProfileAes128CmHmacSha1_80 ProtectionProfile = 0x0001
+	ProtectionProfileAes128CmHmacSha1_32 ProtectionProfile = 0x0002
+	ProtectionProfileAes256CmHmacSha1_80 ProtectionProfile = 0x0003
+	ProtectionProfileAes256CmHmacSha1_32 ProtectionProfile = 0x0004
+	ProtectionProfileNullHmacSha1_80     ProtectionProfile = 0x0005
+	ProtectionProfileNullHmacSha1_32     ProtectionProfile = 0x0006
+	ProtectionProfileAeadAes128Gcm       ProtectionProfile = 0x0007
+	ProtectionProfileAeadAes256Gcm       ProtectionProfile = 0x0008
+)
+
+// KeyLen returns length of encryption key in bytes. For all profiles except NullHmacSha1_32 and NullHmacSha1_80 is is also the length of the session key.
+func (p ProtectionProfile) KeyLen() (int, error) {
+	switch p {
+	case ProtectionProfileAes128CmHmacSha1_32, ProtectionProfileAes128CmHmacSha1_80, ProtectionProfileAeadAes128Gcm, ProtectionProfileNullHmacSha1_32, ProtectionProfileNullHmacSha1_80:
+		return 16, nil
+	case ProtectionProfileAeadAes256Gcm, ProtectionProfileAes256CmHmacSha1_32, ProtectionProfileAes256CmHmacSha1_80:
+		return 32, nil
+	default:
+		return 0, fmt.Errorf("%w: %#v", errNoSuchSRTPProfile, p)
+	}
+}
+
+// SaltLen returns length of salt key in bytes. For all profiles except NullHmacSha1_32 and NullHmacSha1_80 is is also the length of the session salt.
+func (p ProtectionProfile) SaltLen() (int, error) {
+	switch p {
+	case ProtectionProfileAes128CmHmacSha1_32, ProtectionProfileAes128CmHmacSha1_80, ProtectionProfileAes256CmHmacSha1_32, ProtectionProfileAes256CmHmacSha1_80, ProtectionProfileNullHmacSha1_32, ProtectionProfileNullHmacSha1_80:
+		return 14, nil
+	case ProtectionProfileAeadAes128Gcm, ProtectionProfileAeadAes256Gcm:
+		return 12, nil
+	default:
+		return 0, fmt.Errorf("%w: %#v", errNoSuchSRTPProfile, p)
+	}
+}
+
+// AuthTagRTPLen returns length of RTP authentication tag in bytes for AES protection profiles. For AEAD ones it returns zero.
+func (p ProtectionProfile) AuthTagRTPLen() (int, error) {
+	switch p {
+	case ProtectionProfileAes128CmHmacSha1_80, ProtectionProfileAes256CmHmacSha1_80, ProtectionProfileNullHmacSha1_80:
+		return 10, nil
+	case ProtectionProfileAes128CmHmacSha1_32, ProtectionProfileAes256CmHmacSha1_32, ProtectionProfileNullHmacSha1_32:
+		return 4, nil
+	case ProtectionProfileAeadAes128Gcm, ProtectionProfileAeadAes256Gcm:
+		return 0, nil
+	default:
+		return 0, fmt.Errorf("%w: %#v", errNoSuchSRTPProfile, p)
+	}
+}
+
+// AuthTagRTCPLen returns length of RTCP authentication tag in bytes for AES protection profiles. For AEAD ones it returns zero.
+func (p ProtectionProfile) AuthTagRTCPLen() (int, error) {
+	switch p {
+	case ProtectionProfileAes128CmHmacSha1_32, ProtectionProfileAes128CmHmacSha1_80, ProtectionProfileAes256CmHmacSha1_32, ProtectionProfileAes256CmHmacSha1_80, ProtectionProfileNullHmacSha1_32, ProtectionProfileNullHmacSha1_80:
+		return 10, nil
+	case ProtectionProfileAeadAes128Gcm, ProtectionProfileAeadAes256Gcm:
+		return 0, nil
+	default:
+		return 0, fmt.Errorf("%w: %#v", errNoSuchSRTPProfile, p)
+	}
+}
+
+// AEADAuthTagLen returns length of authentication tag in bytes for AEAD protection profiles. For AES ones it returns zero.
+func (p ProtectionProfile) AEADAuthTagLen() (int, error) {
+	switch p {
+	case ProtectionProfileAes128CmHmacSha1_32, ProtectionProfileAes128CmHmacSha1_80, ProtectionProfileAes256CmHmacSha1_32, ProtectionProfileAes256CmHmacSha1_80, ProtectionProfileNullHmacSha1_32, ProtectionProfileNullHmacSha1_80:
+		return 0, nil
+	case ProtectionProfileAeadAes128Gcm, ProtectionProfileAeadAes256Gcm:
+		return 16, nil
+	default:
+		return 0, fmt.Errorf("%w: %#v", errNoSuchSRTPProfile, p)
+	}
+}
+
+// AuthKeyLen returns length of authentication key in bytes for AES protection profiles. For AEAD ones it returns zero.
+func (p ProtectionProfile) AuthKeyLen() (int, error) {
+	switch p {
+	case ProtectionProfileAes128CmHmacSha1_32, ProtectionProfileAes128CmHmacSha1_80, ProtectionProfileAes256CmHmacSha1_32, ProtectionProfileAes256CmHmacSha1_80, ProtectionProfileNullHmacSha1_32, ProtectionProfileNullHmacSha1_80:
+		return 20, nil
+	case ProtectionProfileAeadAes128Gcm, ProtectionProfileAeadAes256Gcm:
+		return 0, nil
+	default:
+		return 0, fmt.Errorf("%w: %#v", errNoSuchSRTPProfile, p)
+	}
+}
+
+// String returns the name of the protection profile.
+func (p ProtectionProfile) String() string {
+	switch p {
+	case ProtectionProfileAes128CmHmacSha1_80:
+		return "SRTP_AES128_CM_HMAC_SHA1_80"
+	case ProtectionProfileAes128CmHmacSha1_32:
+		return "SRTP_AES128_CM_HMAC_SHA1_32"
+	case ProtectionProfileAes256CmHmacSha1_80:
+		return "SRTP_AES256_CM_HMAC_SHA1_80"
+	case ProtectionProfileAes256CmHmacSha1_32:
+		return "SRTP_AES256_CM_HMAC_SHA1_32"
+	case ProtectionProfileAeadAes128Gcm:
+		return "SRTP_AEAD_AES_128_GCM"
+	case ProtectionProfileAeadAes256Gcm:
+		return "SRTP_AEAD_AES_256_GCM"
+	case ProtectionProfileNullHmacSha1_80:
+		return "SRTP_NULL_HMAC_SHA1_80"
+	case ProtectionProfileNullHmacSha1_32:
+		return "SRTP_NULL_HMAC_SHA1_32"
+	default:
+		return fmt.Sprintf("Unknown SRTP profile: %#v", p)
+	}
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/renovate.json b/server/vendor/github.com/pion/srtp/v2/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/session.go b/server/vendor/github.com/pion/srtp/v2/session.go
new file mode 100644
index 0000000..2e1f4fe
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/session.go
@@ -0,0 +1,161 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"errors"
+	"io"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2/packetio"
+)
+
+type streamSession interface {
+	Close() error
+	write([]byte) (int, error)
+	decrypt([]byte) error
+}
+
+type session struct {
+	localContextMutex           sync.Mutex
+	localContext, remoteContext *Context
+	localOptions, remoteOptions []ContextOption
+
+	newStream           chan readStream
+	acceptStreamTimeout time.Time
+
+	started chan interface{}
+	closed  chan interface{}
+
+	readStreamsClosed bool
+	readStreams       map[uint32]readStream
+	readStreamsLock   sync.Mutex
+
+	log           logging.LeveledLogger
+	bufferFactory func(packetType packetio.BufferPacketType, ssrc uint32) io.ReadWriteCloser
+
+	nextConn net.Conn
+}
+
+// Config is used to configure a session.
+// You can provide either a KeyingMaterialExporter to export keys
+// or directly pass the keys themselves.
+// After a Config is passed to a session it must not be modified.
+type Config struct {
+	Keys                SessionKeys
+	Profile             ProtectionProfile
+	BufferFactory       func(packetType packetio.BufferPacketType, ssrc uint32) io.ReadWriteCloser
+	LoggerFactory       logging.LoggerFactory
+	AcceptStreamTimeout time.Time
+
+	// List of local/remote context options.
+	// ReplayProtection is enabled on remote context by default.
+	// Default replay protection window size is 64.
+	LocalOptions, RemoteOptions []ContextOption
+}
+
+// SessionKeys bundles the keys required to setup an SRTP session
+type SessionKeys struct {
+	LocalMasterKey   []byte
+	LocalMasterSalt  []byte
+	RemoteMasterKey  []byte
+	RemoteMasterSalt []byte
+}
+
+func (s *session) getOrCreateReadStream(ssrc uint32, child streamSession, proto func() readStream) (readStream, bool) {
+	s.readStreamsLock.Lock()
+	defer s.readStreamsLock.Unlock()
+
+	if s.readStreamsClosed {
+		return nil, false
+	}
+
+	r, ok := s.readStreams[ssrc]
+	if ok {
+		return r, false
+	}
+
+	// Create the readStream.
+	r = proto()
+
+	if err := r.init(child, ssrc); err != nil {
+		return nil, false
+	}
+
+	s.readStreams[ssrc] = r
+	return r, true
+}
+
+func (s *session) removeReadStream(ssrc uint32) {
+	s.readStreamsLock.Lock()
+	defer s.readStreamsLock.Unlock()
+
+	if s.readStreamsClosed {
+		return
+	}
+
+	delete(s.readStreams, ssrc)
+}
+
+func (s *session) close() error {
+	if s.nextConn == nil {
+		return nil
+	} else if err := s.nextConn.Close(); err != nil {
+		return err
+	}
+
+	<-s.closed
+	return nil
+}
+
+func (s *session) start(localMasterKey, localMasterSalt, remoteMasterKey, remoteMasterSalt []byte, profile ProtectionProfile, child streamSession) error {
+	var err error
+	s.localContext, err = CreateContext(localMasterKey, localMasterSalt, profile, s.localOptions...)
+	if err != nil {
+		return err
+	}
+
+	s.remoteContext, err = CreateContext(remoteMasterKey, remoteMasterSalt, profile, s.remoteOptions...)
+	if err != nil {
+		return err
+	}
+
+	if err = s.nextConn.SetReadDeadline(s.acceptStreamTimeout); err != nil {
+		return err
+	}
+
+	go func() {
+		defer func() {
+			close(s.newStream)
+
+			s.readStreamsLock.Lock()
+			s.readStreamsClosed = true
+			s.readStreamsLock.Unlock()
+			close(s.closed)
+		}()
+
+		b := make([]byte, 8192)
+		for {
+			var i int
+			i, err = s.nextConn.Read(b)
+			if err != nil {
+				if !errors.Is(err, io.EOF) {
+					s.log.Error(err.Error())
+				}
+				return
+			}
+
+			if err = child.decrypt(b[:i]); err != nil {
+				s.log.Info(err.Error())
+			}
+		}
+	}()
+
+	close(s.started)
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/session_srtcp.go b/server/vendor/github.com/pion/srtp/v2/session_srtcp.go
new file mode 100644
index 0000000..13f1a95
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/session_srtcp.go
@@ -0,0 +1,190 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/rtcp"
+)
+
+const defaultSessionSRTCPReplayProtectionWindow = 64
+
+// SessionSRTCP implements io.ReadWriteCloser and provides a bi-directional SRTCP session
+// SRTCP itself does not have a design like this, but it is common in most applications
+// for local/remote to each have their own keying material. This provides those patterns
+// instead of making everyone re-implement
+type SessionSRTCP struct {
+	session
+	writeStream *WriteStreamSRTCP
+}
+
+// NewSessionSRTCP creates a SRTCP session using conn as the underlying transport.
+func NewSessionSRTCP(conn net.Conn, config *Config) (*SessionSRTCP, error) { //nolint:dupl
+	if config == nil {
+		return nil, errNoConfig
+	} else if conn == nil {
+		return nil, errNoConn
+	}
+
+	loggerFactory := config.LoggerFactory
+	if loggerFactory == nil {
+		loggerFactory = logging.NewDefaultLoggerFactory()
+	}
+
+	localOpts := append(
+		[]ContextOption{},
+		config.LocalOptions...,
+	)
+	remoteOpts := append(
+		[]ContextOption{
+			// Default options
+			SRTCPReplayProtection(defaultSessionSRTCPReplayProtectionWindow),
+		},
+		config.RemoteOptions...,
+	)
+
+	s := &SessionSRTCP{
+		session: session{
+			nextConn:            conn,
+			localOptions:        localOpts,
+			remoteOptions:       remoteOpts,
+			readStreams:         map[uint32]readStream{},
+			newStream:           make(chan readStream),
+			acceptStreamTimeout: config.AcceptStreamTimeout,
+			started:             make(chan interface{}),
+			closed:              make(chan interface{}),
+			bufferFactory:       config.BufferFactory,
+			log:                 loggerFactory.NewLogger("srtp"),
+		},
+	}
+	s.writeStream = &WriteStreamSRTCP{s}
+
+	err := s.session.start(
+		config.Keys.LocalMasterKey, config.Keys.LocalMasterSalt,
+		config.Keys.RemoteMasterKey, config.Keys.RemoteMasterSalt,
+		config.Profile,
+		s,
+	)
+	if err != nil {
+		return nil, err
+	}
+	return s, nil
+}
+
+// OpenWriteStream returns the global write stream for the Session
+func (s *SessionSRTCP) OpenWriteStream() (*WriteStreamSRTCP, error) {
+	return s.writeStream, nil
+}
+
+// OpenReadStream opens a read stream for the given SSRC, it can be used
+// if you want a certain SSRC, but don't want to wait for AcceptStream
+func (s *SessionSRTCP) OpenReadStream(ssrc uint32) (*ReadStreamSRTCP, error) {
+	r, _ := s.session.getOrCreateReadStream(ssrc, s, newReadStreamSRTCP)
+
+	if readStream, ok := r.(*ReadStreamSRTCP); ok {
+		return readStream, nil
+	}
+	return nil, errFailedTypeAssertion
+}
+
+// AcceptStream returns a stream to handle RTCP for a single SSRC
+func (s *SessionSRTCP) AcceptStream() (*ReadStreamSRTCP, uint32, error) {
+	stream, ok := <-s.newStream
+	if !ok {
+		return nil, 0, errStreamAlreadyClosed
+	}
+
+	readStream, ok := stream.(*ReadStreamSRTCP)
+	if !ok {
+		return nil, 0, errFailedTypeAssertion
+	}
+
+	return readStream, stream.GetSSRC(), nil
+}
+
+// Close ends the session
+func (s *SessionSRTCP) Close() error {
+	return s.session.close()
+}
+
+// Private
+
+func (s *SessionSRTCP) write(buf []byte) (int, error) {
+	if _, ok := <-s.session.started; ok {
+		return 0, errStartedChannelUsedIncorrectly
+	}
+
+	ibuf := bufferpool.Get()
+	defer bufferpool.Put(ibuf)
+
+	s.session.localContextMutex.Lock()
+	encrypted, err := s.localContext.EncryptRTCP(ibuf.([]byte), buf, nil)
+	s.session.localContextMutex.Unlock()
+
+	if err != nil {
+		return 0, err
+	}
+	return s.session.nextConn.Write(encrypted)
+}
+
+func (s *SessionSRTCP) setWriteDeadline(t time.Time) error {
+	return s.session.nextConn.SetWriteDeadline(t)
+}
+
+// create a list of Destination SSRCs
+// that's a superset of all Destinations in the slice.
+func destinationSSRC(pkts []rtcp.Packet) []uint32 {
+	ssrcSet := make(map[uint32]struct{})
+	for _, p := range pkts {
+		for _, ssrc := range p.DestinationSSRC() {
+			ssrcSet[ssrc] = struct{}{}
+		}
+	}
+
+	out := make([]uint32, 0, len(ssrcSet))
+	for ssrc := range ssrcSet {
+		out = append(out, ssrc)
+	}
+
+	return out
+}
+
+func (s *SessionSRTCP) decrypt(buf []byte) error {
+	decrypted, err := s.remoteContext.DecryptRTCP(buf, buf, nil)
+	if err != nil {
+		return err
+	}
+
+	pkt, err := rtcp.Unmarshal(decrypted)
+	if err != nil {
+		return err
+	}
+
+	for _, ssrc := range destinationSSRC(pkt) {
+		r, isNew := s.session.getOrCreateReadStream(ssrc, s, newReadStreamSRTCP)
+		if r == nil {
+			return nil // Session has been closed
+		} else if isNew {
+			if !s.session.acceptStreamTimeout.IsZero() {
+				_ = s.session.nextConn.SetReadDeadline(time.Time{})
+			}
+			s.session.newStream <- r // Notify AcceptStream
+		}
+
+		readStream, ok := r.(*ReadStreamSRTCP)
+		if !ok {
+			return errFailedTypeAssertion
+		}
+
+		_, err = readStream.write(decrypted)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/session_srtp.go b/server/vendor/github.com/pion/srtp/v2/session_srtp.go
new file mode 100644
index 0000000..e07cbe2
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/session_srtp.go
@@ -0,0 +1,200 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/rtp"
+)
+
+const defaultSessionSRTPReplayProtectionWindow = 64
+
+// SessionSRTP implements io.ReadWriteCloser and provides a bi-directional SRTP session
+// SRTP itself does not have a design like this, but it is common in most applications
+// for local/remote to each have their own keying material. This provides those patterns
+// instead of making everyone re-implement
+type SessionSRTP struct {
+	session
+	writeStream *WriteStreamSRTP
+}
+
+// NewSessionSRTP creates a SRTP session using conn as the underlying transport.
+func NewSessionSRTP(conn net.Conn, config *Config) (*SessionSRTP, error) { //nolint:dupl
+	if config == nil {
+		return nil, errNoConfig
+	} else if conn == nil {
+		return nil, errNoConn
+	}
+
+	loggerFactory := config.LoggerFactory
+	if loggerFactory == nil {
+		loggerFactory = logging.NewDefaultLoggerFactory()
+	}
+
+	localOpts := append(
+		[]ContextOption{},
+		config.LocalOptions...,
+	)
+	remoteOpts := append(
+		[]ContextOption{
+			// Default options
+			SRTPReplayProtection(defaultSessionSRTPReplayProtectionWindow),
+		},
+		config.RemoteOptions...,
+	)
+
+	s := &SessionSRTP{
+		session: session{
+			nextConn:            conn,
+			localOptions:        localOpts,
+			remoteOptions:       remoteOpts,
+			readStreams:         map[uint32]readStream{},
+			newStream:           make(chan readStream),
+			acceptStreamTimeout: config.AcceptStreamTimeout,
+			started:             make(chan interface{}),
+			closed:              make(chan interface{}),
+			bufferFactory:       config.BufferFactory,
+			log:                 loggerFactory.NewLogger("srtp"),
+		},
+	}
+	s.writeStream = &WriteStreamSRTP{s}
+
+	err := s.session.start(
+		config.Keys.LocalMasterKey, config.Keys.LocalMasterSalt,
+		config.Keys.RemoteMasterKey, config.Keys.RemoteMasterSalt,
+		config.Profile,
+		s,
+	)
+	if err != nil {
+		return nil, err
+	}
+	return s, nil
+}
+
+// OpenWriteStream returns the global write stream for the Session
+func (s *SessionSRTP) OpenWriteStream() (*WriteStreamSRTP, error) {
+	return s.writeStream, nil
+}
+
+// OpenReadStream opens a read stream for the given SSRC, it can be used
+// if you want a certain SSRC, but don't want to wait for AcceptStream
+func (s *SessionSRTP) OpenReadStream(ssrc uint32) (*ReadStreamSRTP, error) {
+	r, _ := s.session.getOrCreateReadStream(ssrc, s, newReadStreamSRTP)
+
+	if readStream, ok := r.(*ReadStreamSRTP); ok {
+		return readStream, nil
+	}
+
+	return nil, errFailedTypeAssertion
+}
+
+// AcceptStream returns a stream to handle RTCP for a single SSRC
+func (s *SessionSRTP) AcceptStream() (*ReadStreamSRTP, uint32, error) {
+	stream, ok := <-s.newStream
+	if !ok {
+		return nil, 0, errStreamAlreadyClosed
+	}
+
+	readStream, ok := stream.(*ReadStreamSRTP)
+	if !ok {
+		return nil, 0, errFailedTypeAssertion
+	}
+
+	return readStream, stream.GetSSRC(), nil
+}
+
+// Close ends the session
+func (s *SessionSRTP) Close() error {
+	return s.session.close()
+}
+
+func (s *SessionSRTP) write(b []byte) (int, error) {
+	packet := &rtp.Packet{}
+
+	if err := packet.Unmarshal(b); err != nil {
+		return 0, err
+	}
+
+	return s.writeRTP(&packet.Header, packet.Payload)
+}
+
+// bufferpool is a global pool of buffers used for encrypted packets in
+// writeRTP below.  Since it's global, buffers can be shared between
+// different sessions, which amortizes the cost of allocating the pool.
+//
+// 1472 is the maximum Ethernet UDP payload.  We give ourselves 20 bytes
+// of slack for any authentication tags, which is more than enough for
+// either CTR or GCM.  If the buffer is too small, no harm, it will just
+// get expanded by growBuffer.
+var bufferpool = sync.Pool{ // nolint:gochecknoglobals
+	New: func() interface{} {
+		return make([]byte, 1492)
+	},
+}
+
+func (s *SessionSRTP) writeRTP(header *rtp.Header, payload []byte) (int, error) {
+	if _, ok := <-s.session.started; ok {
+		return 0, errStartedChannelUsedIncorrectly
+	}
+
+	// encryptRTP will either return our buffer, or, if it is too
+	// small, allocate a new buffer itself.  In either case, it is
+	// safe to put the buffer back into the pool, but only after
+	// nextConn.Write has returned.
+	ibuf := bufferpool.Get()
+	defer bufferpool.Put(ibuf)
+
+	s.session.localContextMutex.Lock()
+	encrypted, err := s.localContext.encryptRTP(ibuf.([]byte), header, payload)
+	s.session.localContextMutex.Unlock()
+
+	if err != nil {
+		return 0, err
+	}
+
+	return s.session.nextConn.Write(encrypted)
+}
+
+func (s *SessionSRTP) setWriteDeadline(t time.Time) error {
+	return s.session.nextConn.SetWriteDeadline(t)
+}
+
+func (s *SessionSRTP) decrypt(buf []byte) error {
+	h := &rtp.Header{}
+	headerLen, err := h.Unmarshal(buf)
+	if err != nil {
+		return err
+	}
+
+	r, isNew := s.session.getOrCreateReadStream(h.SSRC, s, newReadStreamSRTP)
+	if r == nil {
+		return nil // Session has been closed
+	} else if isNew {
+		if !s.session.acceptStreamTimeout.IsZero() {
+			_ = s.session.nextConn.SetReadDeadline(time.Time{})
+		}
+		s.session.newStream <- r // Notify AcceptStream
+	}
+
+	readStream, ok := r.(*ReadStreamSRTP)
+	if !ok {
+		return errFailedTypeAssertion
+	}
+
+	decrypted, err := s.remoteContext.decryptRTP(buf, buf, h, headerLen)
+	if err != nil {
+		return err
+	}
+
+	_, err = readStream.write(decrypted)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/srtcp.go b/server/vendor/github.com/pion/srtp/v2/srtcp.go
new file mode 100644
index 0000000..6d1a1c1
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/srtcp.go
@@ -0,0 +1,109 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"encoding/binary"
+	"fmt"
+
+	"github.com/pion/rtcp"
+)
+
+const maxSRTCPIndex = 0x7FFFFFFF
+
+const srtcpHeaderSize = 8
+
+func (c *Context) decryptRTCP(dst, encrypted []byte) ([]byte, error) {
+	authTagLen, err := c.cipher.AuthTagRTCPLen()
+	if err != nil {
+		return nil, err
+	}
+	aeadAuthTagLen, err := c.cipher.AEADAuthTagLen()
+	if err != nil {
+		return nil, err
+	}
+	mkiLen := len(c.sendMKI)
+
+	// Verify that encrypted packet is long enough
+	if len(encrypted) < (srtcpHeaderSize + aeadAuthTagLen + srtcpIndexSize + mkiLen + authTagLen) {
+		return nil, fmt.Errorf("%w: %d", errTooShortRTCP, len(encrypted))
+	}
+
+	index := c.cipher.getRTCPIndex(encrypted)
+	ssrc := binary.BigEndian.Uint32(encrypted[4:])
+
+	s := c.getSRTCPSSRCState(ssrc)
+	markAsValid, ok := s.replayDetector.Check(uint64(index))
+	if !ok {
+		return nil, &duplicatedError{Proto: "srtcp", SSRC: ssrc, Index: index}
+	}
+
+	cipher := c.cipher
+	if len(c.mkis) > 0 {
+		// Find cipher for MKI
+		actualMKI := c.cipher.getMKI(encrypted, false)
+		cipher, ok = c.mkis[string(actualMKI)]
+		if !ok {
+			return nil, ErrMKINotFound
+		}
+	}
+
+	out := allocateIfMismatch(dst, encrypted)
+
+	out, err = cipher.decryptRTCP(out, encrypted, index, ssrc)
+	if err != nil {
+		return nil, err
+	}
+
+	markAsValid()
+	return out, nil
+}
+
+// DecryptRTCP decrypts a buffer that contains a RTCP packet
+func (c *Context) DecryptRTCP(dst, encrypted []byte, header *rtcp.Header) ([]byte, error) {
+	if header == nil {
+		header = &rtcp.Header{}
+	}
+
+	if err := header.Unmarshal(encrypted); err != nil {
+		return nil, err
+	}
+
+	return c.decryptRTCP(dst, encrypted)
+}
+
+func (c *Context) encryptRTCP(dst, decrypted []byte) ([]byte, error) {
+	if len(decrypted) < srtcpHeaderSize {
+		return nil, fmt.Errorf("%w: %d", errTooShortRTCP, len(decrypted))
+	}
+
+	ssrc := binary.BigEndian.Uint32(decrypted[4:])
+	s := c.getSRTCPSSRCState(ssrc)
+
+	if s.srtcpIndex >= maxSRTCPIndex {
+		// ... when 2^48 SRTP packets or 2^31 SRTCP packets have been secured with the same key
+		// (whichever occurs before), the key management MUST be called to provide new master key(s)
+		// (previously stored and used keys MUST NOT be used again), or the session MUST be terminated.
+		// https://www.rfc-editor.org/rfc/rfc3711#section-9.2
+		return nil, errExceededMaxPackets
+	}
+
+	// We roll over early because MSB is used for marking as encrypted
+	s.srtcpIndex++
+
+	return c.cipher.encryptRTCP(dst, decrypted, s.srtcpIndex, ssrc)
+}
+
+// EncryptRTCP Encrypts a RTCP packet
+func (c *Context) EncryptRTCP(dst, decrypted []byte, header *rtcp.Header) ([]byte, error) {
+	if header == nil {
+		header = &rtcp.Header{}
+	}
+
+	if err := header.Unmarshal(decrypted); err != nil {
+		return nil, err
+	}
+
+	return c.encryptRTCP(dst, decrypted)
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/srtp.go b/server/vendor/github.com/pion/srtp/v2/srtp.go
new file mode 100644
index 0000000..56828bc
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/srtp.go
@@ -0,0 +1,109 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package srtp implements Secure Real-time Transport Protocol
+package srtp
+
+import (
+	"fmt"
+
+	"github.com/pion/rtp"
+)
+
+func (c *Context) decryptRTP(dst, ciphertext []byte, header *rtp.Header, headerLen int) ([]byte, error) {
+	authTagLen, err := c.cipher.AuthTagRTPLen()
+	if err != nil {
+		return nil, err
+	}
+	aeadAuthTagLen, err := c.cipher.AEADAuthTagLen()
+	if err != nil {
+		return nil, err
+	}
+	mkiLen := len(c.sendMKI)
+
+	// Verify that encrypted packet is long enough
+	if len(ciphertext) < (headerLen + aeadAuthTagLen + mkiLen + authTagLen) {
+		return nil, fmt.Errorf("%w: %d", errTooShortRTP, len(ciphertext))
+	}
+
+	s := c.getSRTPSSRCState(header.SSRC)
+
+	roc, diff, _ := s.nextRolloverCount(header.SequenceNumber)
+	markAsValid, ok := s.replayDetector.Check(
+		(uint64(roc) << 16) | uint64(header.SequenceNumber),
+	)
+	if !ok {
+		return nil, &duplicatedError{
+			Proto: "srtp", SSRC: header.SSRC, Index: uint32(header.SequenceNumber),
+		}
+	}
+
+	cipher := c.cipher
+	if len(c.mkis) > 0 {
+		// Find cipher for MKI
+		actualMKI := c.cipher.getMKI(ciphertext, true)
+		cipher, ok = c.mkis[string(actualMKI)]
+		if !ok {
+			return nil, ErrMKINotFound
+		}
+	}
+
+	dst = growBufferSize(dst, len(ciphertext)-authTagLen-len(c.sendMKI))
+
+	dst, err = cipher.decryptRTP(dst, ciphertext, header, headerLen, roc)
+	if err != nil {
+		return nil, err
+	}
+
+	markAsValid()
+	s.updateRolloverCount(header.SequenceNumber, diff)
+	return dst, nil
+}
+
+// DecryptRTP decrypts a RTP packet with an encrypted payload
+func (c *Context) DecryptRTP(dst, encrypted []byte, header *rtp.Header) ([]byte, error) {
+	if header == nil {
+		header = &rtp.Header{}
+	}
+
+	headerLen, err := header.Unmarshal(encrypted)
+	if err != nil {
+		return nil, err
+	}
+
+	return c.decryptRTP(dst, encrypted, header, headerLen)
+}
+
+// EncryptRTP marshals and encrypts an RTP packet, writing to the dst buffer provided.
+// If the dst buffer does not have the capacity to hold `len(plaintext) + 10` bytes, a new one will be allocated and returned.
+// If a rtp.Header is provided, it will be Unmarshaled using the plaintext.
+func (c *Context) EncryptRTP(dst []byte, plaintext []byte, header *rtp.Header) ([]byte, error) {
+	if header == nil {
+		header = &rtp.Header{}
+	}
+
+	headerLen, err := header.Unmarshal(plaintext)
+	if err != nil {
+		return nil, err
+	}
+
+	return c.encryptRTP(dst, header, plaintext[headerLen:])
+}
+
+// encryptRTP marshals and encrypts an RTP packet, writing to the dst buffer provided.
+// If the dst buffer does not have the capacity, a new one will be allocated and returned.
+// Similar to above but faster because it can avoid unmarshaling the header and marshaling the payload.
+func (c *Context) encryptRTP(dst []byte, header *rtp.Header, payload []byte) (ciphertext []byte, err error) {
+	s := c.getSRTPSSRCState(header.SSRC)
+	roc, diff, ovf := s.nextRolloverCount(header.SequenceNumber)
+	if ovf {
+		// ... when 2^48 SRTP packets or 2^31 SRTCP packets have been secured with the same key
+		// (whichever occurs before), the key management MUST be called to provide new master key(s)
+		// (previously stored and used keys MUST NOT be used again), or the session MUST be terminated.
+		// https://www.rfc-editor.org/rfc/rfc3711#section-9.2
+		return nil, errExceededMaxPackets
+	}
+	s.updateRolloverCount(header.SequenceNumber, diff)
+
+	return c.cipher.encryptRTP(dst, header, payload, roc)
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/srtp_cipher.go b/server/vendor/github.com/pion/srtp/v2/srtp_cipher.go
new file mode 100644
index 0000000..da745e7
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/srtp_cipher.go
@@ -0,0 +1,51 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import "github.com/pion/rtp"
+
+// cipher represents a implementation of one
+// of the SRTP Specific ciphers
+type srtpCipher interface {
+	// AuthTagRTPLen/AuthTagRTCPLen return auth key length of the cipher.
+	// See the note below.
+	AuthTagRTPLen() (int, error)
+	AuthTagRTCPLen() (int, error)
+	// AEADAuthTagLen returns AEAD auth key length of the cipher.
+	// See the note below.
+	AEADAuthTagLen() (int, error)
+	getRTCPIndex([]byte) uint32
+	getMKI([]byte, bool) []byte
+
+	encryptRTP([]byte, *rtp.Header, []byte, uint32) ([]byte, error)
+	encryptRTCP([]byte, []byte, uint32, uint32) ([]byte, error)
+
+	decryptRTP([]byte, []byte, *rtp.Header, int, uint32) ([]byte, error)
+	decryptRTCP([]byte, []byte, uint32, uint32) ([]byte, error)
+}
+
+/*
+NOTE: Auth tag and AEAD auth tag are placed at the different position in SRTCP
+
+In non-AEAD cipher, the authentication tag is placed *after* the ESRTCP word
+(Encrypted-flag and SRTCP index).
+
+> AES_128_CM_HMAC_SHA1_80
+> | RTCP Header | Encrypted payload |E| SRTCP Index | Auth tag |
+>                                   ^               |----------|
+>                                   |                ^
+>                                   |                authTagLen=10
+>                                   aeadAuthTagLen=0
+
+In AEAD cipher, the AEAD authentication tag is embedded in the ciphertext.
+It is *before* the ESRTCP word (Encrypted-flag and SRTCP index).
+
+> AEAD_AES_128_GCM
+> | RTCP Header | Encrypted payload | AEAD auth tag |E| SRTCP Index |
+>                                   |---------------|               ^
+>                                    ^                              authTagLen=0
+>                                    aeadAuthTagLen=16
+
+See https://tools.ietf.org/html/rfc7714 for the full specifications.
+*/
diff --git a/server/vendor/github.com/pion/srtp/v2/srtp_cipher_aead_aes_gcm.go b/server/vendor/github.com/pion/srtp/v2/srtp_cipher_aead_aes_gcm.go
new file mode 100644
index 0000000..ac50c39
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/srtp_cipher_aead_aes_gcm.go
@@ -0,0 +1,285 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"encoding/binary"
+	"fmt"
+
+	"github.com/pion/rtp"
+)
+
+const (
+	rtcpEncryptionFlag = 0x80
+)
+
+type srtpCipherAeadAesGcm struct {
+	ProtectionProfile
+
+	srtpCipher, srtcpCipher cipher.AEAD
+
+	srtpSessionSalt, srtcpSessionSalt []byte
+
+	mki []byte
+
+	srtpEncrypted, srtcpEncrypted bool
+}
+
+func newSrtpCipherAeadAesGcm(profile ProtectionProfile, masterKey, masterSalt, mki []byte, encryptSRTP, encryptSRTCP bool) (*srtpCipherAeadAesGcm, error) {
+	s := &srtpCipherAeadAesGcm{
+		ProtectionProfile: profile,
+		srtpEncrypted:     encryptSRTP,
+		srtcpEncrypted:    encryptSRTCP,
+	}
+
+	srtpSessionKey, err := aesCmKeyDerivation(labelSRTPEncryption, masterKey, masterSalt, 0, len(masterKey))
+	if err != nil {
+		return nil, err
+	}
+
+	srtpBlock, err := aes.NewCipher(srtpSessionKey)
+	if err != nil {
+		return nil, err
+	}
+
+	s.srtpCipher, err = cipher.NewGCM(srtpBlock)
+	if err != nil {
+		return nil, err
+	}
+
+	srtcpSessionKey, err := aesCmKeyDerivation(labelSRTCPEncryption, masterKey, masterSalt, 0, len(masterKey))
+	if err != nil {
+		return nil, err
+	}
+
+	srtcpBlock, err := aes.NewCipher(srtcpSessionKey)
+	if err != nil {
+		return nil, err
+	}
+
+	s.srtcpCipher, err = cipher.NewGCM(srtcpBlock)
+	if err != nil {
+		return nil, err
+	}
+
+	if s.srtpSessionSalt, err = aesCmKeyDerivation(labelSRTPSalt, masterKey, masterSalt, 0, len(masterSalt)); err != nil {
+		return nil, err
+	} else if s.srtcpSessionSalt, err = aesCmKeyDerivation(labelSRTCPSalt, masterKey, masterSalt, 0, len(masterSalt)); err != nil {
+		return nil, err
+	}
+
+	mkiLen := len(mki)
+	if mkiLen > 0 {
+		s.mki = make([]byte, mkiLen)
+		copy(s.mki, mki)
+	}
+
+	return s, nil
+}
+
+func (s *srtpCipherAeadAesGcm) encryptRTP(dst []byte, header *rtp.Header, payload []byte, roc uint32) (ciphertext []byte, err error) {
+	// Grow the given buffer to fit the output.
+	authTagLen, err := s.AEADAuthTagLen()
+	if err != nil {
+		return nil, err
+	}
+	dst = growBufferSize(dst, header.MarshalSize()+len(payload)+authTagLen+len(s.mki))
+
+	n, err := header.MarshalTo(dst)
+	if err != nil {
+		return nil, err
+	}
+
+	iv := s.rtpInitializationVector(header, roc)
+	if s.srtpEncrypted {
+		s.srtpCipher.Seal(dst[n:n], iv[:], payload, dst[:n])
+	} else {
+		clearLen := n + len(payload)
+		copy(dst[n:], payload)
+		s.srtpCipher.Seal(dst[clearLen:clearLen], iv[:], nil, dst[:clearLen])
+	}
+
+	// Add MKI after the encrypted payload
+	if len(s.mki) > 0 {
+		copy(dst[len(dst)-len(s.mki):], s.mki)
+	}
+
+	return dst, nil
+}
+
+func (s *srtpCipherAeadAesGcm) decryptRTP(dst, ciphertext []byte, header *rtp.Header, headerLen int, roc uint32) ([]byte, error) {
+	// Grow the given buffer to fit the output.
+	authTagLen, err := s.AEADAuthTagLen()
+	if err != nil {
+		return nil, err
+	}
+	nDst := len(ciphertext) - authTagLen - len(s.mki)
+	if nDst < headerLen {
+		// Size of ciphertext is shorter than AEAD auth tag len.
+		return nil, ErrFailedToVerifyAuthTag
+	}
+	dst = growBufferSize(dst, nDst)
+
+	iv := s.rtpInitializationVector(header, roc)
+
+	nEnd := len(ciphertext) - len(s.mki)
+	if s.srtpEncrypted {
+		if _, err := s.srtpCipher.Open(
+			dst[headerLen:headerLen], iv[:], ciphertext[headerLen:nEnd], ciphertext[:headerLen],
+		); err != nil {
+			return nil, fmt.Errorf("%s: %s", ErrFailedToVerifyAuthTag, err)
+		}
+	} else {
+		nDataEnd := nEnd - authTagLen
+		if _, err := s.srtpCipher.Open(
+			nil, iv[:], ciphertext[nDataEnd:nEnd], ciphertext[:nDataEnd],
+		); err != nil {
+			return nil, fmt.Errorf("%s: %w", ErrFailedToVerifyAuthTag, err)
+		}
+		copy(dst[headerLen:], ciphertext[headerLen:nDataEnd])
+	}
+
+	copy(dst[:headerLen], ciphertext[:headerLen])
+	return dst, nil
+}
+
+func (s *srtpCipherAeadAesGcm) encryptRTCP(dst, decrypted []byte, srtcpIndex uint32, ssrc uint32) ([]byte, error) {
+	authTagLen, err := s.AEADAuthTagLen()
+	if err != nil {
+		return nil, err
+	}
+	aadPos := len(decrypted) + authTagLen
+	// Grow the given buffer to fit the output.
+	dst = growBufferSize(dst, aadPos+srtcpIndexSize+len(s.mki))
+
+	iv := s.rtcpInitializationVector(srtcpIndex, ssrc)
+	if s.srtcpEncrypted {
+		aad := s.rtcpAdditionalAuthenticatedData(decrypted, srtcpIndex)
+		copy(dst[:8], decrypted[:8])
+		copy(dst[aadPos:aadPos+4], aad[8:12])
+		s.srtcpCipher.Seal(dst[8:8], iv[:], decrypted[8:], aad[:])
+	} else {
+		// Copy the packet unencrypted.
+		copy(dst, decrypted)
+		// Append the SRTCP index to the end of the packet - this will form the AAD.
+		binary.BigEndian.PutUint32(dst[len(decrypted):], srtcpIndex)
+		// Generate the authentication tag.
+		tag := make([]byte, authTagLen)
+		s.srtcpCipher.Seal(tag[0:0], iv[:], nil, dst[:len(decrypted)+4])
+		// Copy index to the proper place.
+		copy(dst[aadPos:], dst[len(decrypted):len(decrypted)+4])
+		// Copy the auth tag after RTCP payload.
+		copy(dst[len(decrypted):], tag)
+	}
+
+	copy(dst[aadPos+4:], s.mki)
+	return dst, nil
+}
+
+func (s *srtpCipherAeadAesGcm) decryptRTCP(dst, encrypted []byte, srtcpIndex, ssrc uint32) ([]byte, error) {
+	aadPos := len(encrypted) - srtcpIndexSize - len(s.mki)
+	// Grow the given buffer to fit the output.
+	authTagLen, err := s.AEADAuthTagLen()
+	if err != nil {
+		return nil, err
+	}
+	nDst := aadPos - authTagLen
+	if nDst < 0 {
+		// Size of ciphertext is shorter than AEAD auth tag len.
+		return nil, ErrFailedToVerifyAuthTag
+	}
+	dst = growBufferSize(dst, nDst)
+
+	isEncrypted := encrypted[aadPos]>>7 != 0
+	iv := s.rtcpInitializationVector(srtcpIndex, ssrc)
+	if isEncrypted {
+		aad := s.rtcpAdditionalAuthenticatedData(encrypted, srtcpIndex)
+		if _, err := s.srtcpCipher.Open(dst[8:8], iv[:], encrypted[8:aadPos], aad[:]); err != nil {
+			return nil, fmt.Errorf("%s: %w", ErrFailedToVerifyAuthTag, err)
+		}
+	} else {
+		// Prepare AAD for received packet.
+		dataEnd := aadPos - authTagLen
+		aad := make([]byte, dataEnd+4)
+		copy(aad, encrypted[:dataEnd])
+		copy(aad[dataEnd:], encrypted[aadPos:aadPos+4])
+		// Verify the auth tag.
+		if _, err := s.srtcpCipher.Open(nil, iv[:], encrypted[dataEnd:aadPos], aad); err != nil {
+			return nil, fmt.Errorf("%s: %w", ErrFailedToVerifyAuthTag, err)
+		}
+		// Copy the unencrypted payload.
+		copy(dst[8:], encrypted[8:dataEnd])
+	}
+
+	copy(dst[:8], encrypted[:8])
+	return dst, nil
+}
+
+// The 12-octet IV used by AES-GCM SRTP is formed by first concatenating
+// 2 octets of zeroes, the 4-octet SSRC, the 4-octet rollover counter
+// (ROC), and the 2-octet sequence number (SEQ).  The resulting 12-octet
+// value is then XORed to the 12-octet salt to form the 12-octet IV.
+//
+// https://tools.ietf.org/html/rfc7714#section-8.1
+func (s *srtpCipherAeadAesGcm) rtpInitializationVector(header *rtp.Header, roc uint32) [12]byte {
+	var iv [12]byte
+	binary.BigEndian.PutUint32(iv[2:], header.SSRC)
+	binary.BigEndian.PutUint32(iv[6:], roc)
+	binary.BigEndian.PutUint16(iv[10:], header.SequenceNumber)
+
+	for i := range iv {
+		iv[i] ^= s.srtpSessionSalt[i]
+	}
+	return iv
+}
+
+// The 12-octet IV used by AES-GCM SRTCP is formed by first
+// concatenating 2 octets of zeroes, the 4-octet SSRC identifier,
+// 2 octets of zeroes, a single "0" bit, and the 31-bit SRTCP index.
+// The resulting 12-octet value is then XORed to the 12-octet salt to
+// form the 12-octet IV.
+//
+// https://tools.ietf.org/html/rfc7714#section-9.1
+func (s *srtpCipherAeadAesGcm) rtcpInitializationVector(srtcpIndex uint32, ssrc uint32) [12]byte {
+	var iv [12]byte
+
+	binary.BigEndian.PutUint32(iv[2:], ssrc)
+	binary.BigEndian.PutUint32(iv[8:], srtcpIndex)
+
+	for i := range iv {
+		iv[i] ^= s.srtcpSessionSalt[i]
+	}
+	return iv
+}
+
+// In an SRTCP packet, a 1-bit Encryption flag is prepended to the
+// 31-bit SRTCP index to form a 32-bit value we shall call the
+// "ESRTCP word"
+//
+// https://tools.ietf.org/html/rfc7714#section-17
+func (s *srtpCipherAeadAesGcm) rtcpAdditionalAuthenticatedData(rtcpPacket []byte, srtcpIndex uint32) [12]byte {
+	var aad [12]byte
+
+	copy(aad[:], rtcpPacket[:8])
+	binary.BigEndian.PutUint32(aad[8:], srtcpIndex)
+	aad[8] |= rtcpEncryptionFlag
+
+	return aad
+}
+
+func (s *srtpCipherAeadAesGcm) getRTCPIndex(in []byte) uint32 {
+	return binary.BigEndian.Uint32(in[len(in)-len(s.mki)-4:]) &^ (rtcpEncryptionFlag << 24)
+}
+
+func (s *srtpCipherAeadAesGcm) getMKI(in []byte, _ bool) []byte {
+	mkiLen := len(s.mki)
+	if mkiLen == 0 {
+		return nil
+	}
+
+	tailOffset := len(in) - mkiLen
+	return in[tailOffset:]
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/srtp_cipher_aes_cm_hmac_sha1.go b/server/vendor/github.com/pion/srtp/v2/srtp_cipher_aes_cm_hmac_sha1.go
new file mode 100644
index 0000000..aa673fa
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/srtp_cipher_aes_cm_hmac_sha1.go
@@ -0,0 +1,331 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import ( //nolint:gci
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/hmac"
+	"crypto/sha1" //nolint:gosec
+	"crypto/subtle"
+	"encoding/binary"
+	"hash"
+
+	"github.com/pion/rtp"
+)
+
+type srtpCipherAesCmHmacSha1 struct {
+	ProtectionProfile
+
+	srtpSessionSalt []byte
+	srtpSessionAuth hash.Hash
+	srtpBlock       cipher.Block
+	srtpEncrypted   bool
+
+	srtcpSessionSalt []byte
+	srtcpSessionAuth hash.Hash
+	srtcpBlock       cipher.Block
+	srtcpEncrypted   bool
+
+	mki []byte
+}
+
+func newSrtpCipherAesCmHmacSha1(profile ProtectionProfile, masterKey, masterSalt, mki []byte, encryptSRTP, encryptSRTCP bool) (*srtpCipherAesCmHmacSha1, error) {
+	if profile == ProtectionProfileNullHmacSha1_80 || profile == ProtectionProfileNullHmacSha1_32 {
+		encryptSRTP = false
+		encryptSRTCP = false
+	}
+
+	s := &srtpCipherAesCmHmacSha1{
+		ProtectionProfile: profile,
+		srtpEncrypted:     encryptSRTP,
+		srtcpEncrypted:    encryptSRTCP,
+	}
+
+	srtpSessionKey, err := aesCmKeyDerivation(labelSRTPEncryption, masterKey, masterSalt, 0, len(masterKey))
+	if err != nil {
+		return nil, err
+	} else if s.srtpBlock, err = aes.NewCipher(srtpSessionKey); err != nil {
+		return nil, err
+	}
+
+	srtcpSessionKey, err := aesCmKeyDerivation(labelSRTCPEncryption, masterKey, masterSalt, 0, len(masterKey))
+	if err != nil {
+		return nil, err
+	} else if s.srtcpBlock, err = aes.NewCipher(srtcpSessionKey); err != nil {
+		return nil, err
+	}
+
+	if s.srtpSessionSalt, err = aesCmKeyDerivation(labelSRTPSalt, masterKey, masterSalt, 0, len(masterSalt)); err != nil {
+		return nil, err
+	} else if s.srtcpSessionSalt, err = aesCmKeyDerivation(labelSRTCPSalt, masterKey, masterSalt, 0, len(masterSalt)); err != nil {
+		return nil, err
+	}
+
+	authKeyLen, err := profile.AuthKeyLen()
+	if err != nil {
+		return nil, err
+	}
+
+	srtpSessionAuthTag, err := aesCmKeyDerivation(labelSRTPAuthenticationTag, masterKey, masterSalt, 0, authKeyLen)
+	if err != nil {
+		return nil, err
+	}
+
+	srtcpSessionAuthTag, err := aesCmKeyDerivation(labelSRTCPAuthenticationTag, masterKey, masterSalt, 0, authKeyLen)
+	if err != nil {
+		return nil, err
+	}
+
+	s.srtcpSessionAuth = hmac.New(sha1.New, srtcpSessionAuthTag)
+	s.srtpSessionAuth = hmac.New(sha1.New, srtpSessionAuthTag)
+
+	mkiLen := len(mki)
+	if mkiLen > 0 {
+		s.mki = make([]byte, mkiLen)
+		copy(s.mki, mki)
+	}
+
+	return s, nil
+}
+
+func (s *srtpCipherAesCmHmacSha1) encryptRTP(dst []byte, header *rtp.Header, payload []byte, roc uint32) (ciphertext []byte, err error) {
+	// Grow the given buffer to fit the output.
+	authTagLen, err := s.AuthTagRTPLen()
+	if err != nil {
+		return nil, err
+	}
+	dst = growBufferSize(dst, header.MarshalSize()+len(payload)+len(s.mki)+authTagLen)
+
+	// Copy the header unencrypted.
+	n, err := header.MarshalTo(dst)
+	if err != nil {
+		return nil, err
+	}
+
+	// Encrypt the payload
+	if s.srtpEncrypted {
+		counter := generateCounter(header.SequenceNumber, roc, header.SSRC, s.srtpSessionSalt)
+		if err = xorBytesCTR(s.srtpBlock, counter[:], dst[n:], payload); err != nil {
+			return nil, err
+		}
+	} else {
+		copy(dst[n:], payload)
+	}
+	n += len(payload)
+
+	// Generate the auth tag.
+	authTag, err := s.generateSrtpAuthTag(dst[:n], roc)
+	if err != nil {
+		return nil, err
+	}
+
+	// Append the MKI (if used)
+	if len(s.mki) > 0 {
+		copy(dst[n:], s.mki)
+		n += len(s.mki)
+	}
+
+	// Write the auth tag to the dest.
+	copy(dst[n:], authTag)
+
+	return dst, nil
+}
+
+func (s *srtpCipherAesCmHmacSha1) decryptRTP(dst, ciphertext []byte, header *rtp.Header, headerLen int, roc uint32) ([]byte, error) {
+	// Split the auth tag and the cipher text into two parts.
+	authTagLen, err := s.AuthTagRTPLen()
+	if err != nil {
+		return nil, err
+	}
+
+	// Split the auth tag and the cipher text into two parts.
+	actualTag := ciphertext[len(ciphertext)-authTagLen:]
+	ciphertext = ciphertext[:len(ciphertext)-len(s.mki)-authTagLen]
+
+	// Generate the auth tag we expect to see from the ciphertext.
+	expectedTag, err := s.generateSrtpAuthTag(ciphertext, roc)
+	if err != nil {
+		return nil, err
+	}
+
+	// See if the auth tag actually matches.
+	// We use a constant time comparison to prevent timing attacks.
+	if subtle.ConstantTimeCompare(actualTag, expectedTag) != 1 {
+		return nil, ErrFailedToVerifyAuthTag
+	}
+
+	// Write the plaintext header to the destination buffer.
+	copy(dst, ciphertext[:headerLen])
+
+	// Decrypt the ciphertext for the payload.
+	if s.srtpEncrypted {
+		counter := generateCounter(header.SequenceNumber, roc, header.SSRC, s.srtpSessionSalt)
+		err = xorBytesCTR(
+			s.srtpBlock, counter[:], dst[headerLen:], ciphertext[headerLen:],
+		)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		copy(dst[headerLen:], ciphertext[headerLen:])
+	}
+	return dst, nil
+}
+
+func (s *srtpCipherAesCmHmacSha1) encryptRTCP(dst, decrypted []byte, srtcpIndex uint32, ssrc uint32) ([]byte, error) {
+	dst = allocateIfMismatch(dst, decrypted)
+
+	// Encrypt everything after header
+	if s.srtcpEncrypted {
+		counter := generateCounter(uint16(srtcpIndex&0xffff), srtcpIndex>>16, ssrc, s.srtcpSessionSalt)
+		if err := xorBytesCTR(s.srtcpBlock, counter[:], dst[8:], dst[8:]); err != nil {
+			return nil, err
+		}
+
+		// Add SRTCP Index and set Encryption bit
+		dst = append(dst, make([]byte, 4)...)
+		binary.BigEndian.PutUint32(dst[len(dst)-4:], srtcpIndex)
+		dst[len(dst)-4] |= 0x80
+	} else {
+		// Copy the decrypted payload as is
+		copy(dst[8:], decrypted[8:])
+
+		// Add SRTCP Index with Encryption bit cleared
+		dst = append(dst, make([]byte, 4)...)
+		binary.BigEndian.PutUint32(dst[len(dst)-4:], srtcpIndex)
+	}
+
+	// Generate the authentication tag
+	authTag, err := s.generateSrtcpAuthTag(dst)
+	if err != nil {
+		return nil, err
+	}
+
+	// Include the MKI if provided
+	if len(s.mki) > 0 {
+		dst = append(dst, s.mki...)
+	}
+
+	// Append the auth tag at the end of the buffer
+	return append(dst, authTag...), nil
+}
+
+func (s *srtpCipherAesCmHmacSha1) decryptRTCP(out, encrypted []byte, index, ssrc uint32) ([]byte, error) {
+	authTagLen, err := s.AuthTagRTCPLen()
+	if err != nil {
+		return nil, err
+	}
+	tailOffset := len(encrypted) - (authTagLen + len(s.mki) + srtcpIndexSize)
+	if tailOffset < 8 {
+		return nil, errTooShortRTCP
+	}
+	out = out[0:tailOffset]
+
+	expectedTag, err := s.generateSrtcpAuthTag(encrypted[:len(encrypted)-len(s.mki)-authTagLen])
+	if err != nil {
+		return nil, err
+	}
+
+	actualTag := encrypted[len(encrypted)-authTagLen:]
+	if subtle.ConstantTimeCompare(actualTag, expectedTag) != 1 {
+		return nil, ErrFailedToVerifyAuthTag
+	}
+
+	isEncrypted := encrypted[tailOffset]>>7 != 0
+	if isEncrypted {
+		counter := generateCounter(uint16(index&0xffff), index>>16, ssrc, s.srtcpSessionSalt)
+		err = xorBytesCTR(s.srtcpBlock, counter[:], out[8:], out[8:])
+	} else {
+		copy(out[8:], encrypted[8:])
+	}
+
+	return out, err
+}
+
+func (s *srtpCipherAesCmHmacSha1) generateSrtpAuthTag(buf []byte, roc uint32) ([]byte, error) {
+	// https://tools.ietf.org/html/rfc3711#section-4.2
+	// In the case of SRTP, M SHALL consist of the Authenticated
+	// Portion of the packet (as specified in Figure 1) concatenated with
+	// the ROC, M = Authenticated Portion || ROC;
+	//
+	// The pre-defined authentication transform for SRTP is HMAC-SHA1
+	// [RFC2104].  With HMAC-SHA1, the SRTP_PREFIX_LENGTH (Figure 3) SHALL
+	// be 0.  For SRTP (respectively SRTCP), the HMAC SHALL be applied to
+	// the session authentication key and M as specified above, i.e.,
+	// HMAC(k_a, M).  The HMAC output SHALL then be truncated to the n_tag
+	// left-most bits.
+	// - Authenticated portion of the packet is everything BEFORE MKI
+	// - k_a is the session message authentication key
+	// - n_tag is the bit-length of the output authentication tag
+	s.srtpSessionAuth.Reset()
+
+	if _, err := s.srtpSessionAuth.Write(buf); err != nil {
+		return nil, err
+	}
+
+	// For SRTP only, we need to hash the rollover counter as well.
+	rocRaw := [4]byte{}
+	binary.BigEndian.PutUint32(rocRaw[:], roc)
+
+	_, err := s.srtpSessionAuth.Write(rocRaw[:])
+	if err != nil {
+		return nil, err
+	}
+
+	// Truncate the hash to the size indicated by the profile
+	authTagLen, err := s.AuthTagRTPLen()
+	if err != nil {
+		return nil, err
+	}
+	return s.srtpSessionAuth.Sum(nil)[0:authTagLen], nil
+}
+
+func (s *srtpCipherAesCmHmacSha1) generateSrtcpAuthTag(buf []byte) ([]byte, error) {
+	// https://tools.ietf.org/html/rfc3711#section-4.2
+	//
+	// The pre-defined authentication transform for SRTP is HMAC-SHA1
+	// [RFC2104].  With HMAC-SHA1, the SRTP_PREFIX_LENGTH (Figure 3) SHALL
+	// be 0.  For SRTP (respectively SRTCP), the HMAC SHALL be applied to
+	// the session authentication key and M as specified above, i.e.,
+	// HMAC(k_a, M).  The HMAC output SHALL then be truncated to the n_tag
+	// left-most bits.
+	// - Authenticated portion of the packet is everything BEFORE MKI
+	// - k_a is the session message authentication key
+	// - n_tag is the bit-length of the output authentication tag
+	s.srtcpSessionAuth.Reset()
+
+	if _, err := s.srtcpSessionAuth.Write(buf); err != nil {
+		return nil, err
+	}
+	authTagLen, err := s.AuthTagRTCPLen()
+	if err != nil {
+		return nil, err
+	}
+
+	return s.srtcpSessionAuth.Sum(nil)[0:authTagLen], nil
+}
+
+func (s *srtpCipherAesCmHmacSha1) getRTCPIndex(in []byte) uint32 {
+	authTagLen, _ := s.AuthTagRTCPLen()
+	tailOffset := len(in) - (authTagLen + srtcpIndexSize + len(s.mki))
+	srtcpIndexBuffer := in[tailOffset : tailOffset+srtcpIndexSize]
+	return binary.BigEndian.Uint32(srtcpIndexBuffer) &^ (1 << 31)
+}
+
+func (s *srtpCipherAesCmHmacSha1) getMKI(in []byte, rtp bool) []byte {
+	mkiLen := len(s.mki)
+	if mkiLen == 0 {
+		return nil
+	}
+
+	var authTagLen int
+	if rtp {
+		authTagLen, _ = s.AuthTagRTPLen()
+	} else {
+		authTagLen, _ = s.AuthTagRTCPLen()
+	}
+	tailOffset := len(in) - (authTagLen + mkiLen)
+	return in[tailOffset : tailOffset+mkiLen]
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/stream.go b/server/vendor/github.com/pion/srtp/v2/stream.go
new file mode 100644
index 0000000..5f9c58a
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/stream.go
@@ -0,0 +1,11 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+type readStream interface {
+	init(child streamSession, ssrc uint32) error
+
+	Read(buf []byte) (int, error)
+	GetSSRC() uint32
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/stream_srtcp.go b/server/vendor/github.com/pion/srtp/v2/stream_srtcp.go
new file mode 100644
index 0000000..08d36dc
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/stream_srtcp.go
@@ -0,0 +1,160 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"errors"
+	"io"
+	"sync"
+	"time"
+
+	"github.com/pion/rtcp"
+	"github.com/pion/transport/v2/packetio"
+)
+
+// Limit the buffer size to 100KB
+const srtcpBufferSize = 100 * 1000
+
+// ReadStreamSRTCP handles decryption for a single RTCP SSRC
+type ReadStreamSRTCP struct {
+	mu sync.Mutex
+
+	isClosed chan bool
+
+	session  *SessionSRTCP
+	ssrc     uint32
+	isInited bool
+
+	buffer io.ReadWriteCloser
+}
+
+func (r *ReadStreamSRTCP) write(buf []byte) (n int, err error) {
+	n, err = r.buffer.Write(buf)
+
+	if errors.Is(err, packetio.ErrFull) {
+		// Silently drop data when the buffer is full.
+		return len(buf), nil
+	}
+
+	return n, err
+}
+
+// Used by getOrCreateReadStream
+func newReadStreamSRTCP() readStream {
+	return &ReadStreamSRTCP{}
+}
+
+// ReadRTCP reads and decrypts full RTCP packet and its header from the nextConn
+func (r *ReadStreamSRTCP) ReadRTCP(buf []byte) (int, *rtcp.Header, error) {
+	n, err := r.Read(buf)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	header := &rtcp.Header{}
+	err = header.Unmarshal(buf[:n])
+	if err != nil {
+		return 0, nil, err
+	}
+
+	return n, header, nil
+}
+
+// Read reads and decrypts full RTCP packet from the nextConn
+func (r *ReadStreamSRTCP) Read(buf []byte) (int, error) {
+	return r.buffer.Read(buf)
+}
+
+// SetReadDeadline sets the deadline for the Read operation.
+// Setting to zero means no deadline.
+func (r *ReadStreamSRTCP) SetReadDeadline(t time.Time) error {
+	if b, ok := r.buffer.(interface {
+		SetReadDeadline(time.Time) error
+	}); ok {
+		return b.SetReadDeadline(t)
+	}
+	return nil
+}
+
+// Close removes the ReadStream from the session and cleans up any associated state
+func (r *ReadStreamSRTCP) Close() error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if !r.isInited {
+		return errStreamNotInited
+	}
+
+	select {
+	case <-r.isClosed:
+		return errStreamAlreadyClosed
+	default:
+		err := r.buffer.Close()
+		if err != nil {
+			return err
+		}
+
+		r.session.removeReadStream(r.ssrc)
+		return nil
+	}
+}
+
+func (r *ReadStreamSRTCP) init(child streamSession, ssrc uint32) error {
+	sessionSRTCP, ok := child.(*SessionSRTCP)
+
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	if !ok {
+		return errFailedTypeAssertion
+	} else if r.isInited {
+		return errStreamAlreadyInited
+	}
+
+	r.session = sessionSRTCP
+	r.ssrc = ssrc
+	r.isInited = true
+	r.isClosed = make(chan bool)
+
+	if r.session.bufferFactory != nil {
+		r.buffer = r.session.bufferFactory(packetio.RTCPBufferPacket, ssrc)
+	} else {
+		// Create a buffer and limit it to 100KB
+		buff := packetio.NewBuffer()
+		buff.SetLimitSize(srtcpBufferSize)
+		r.buffer = buff
+	}
+
+	return nil
+}
+
+// GetSSRC returns the SSRC we are demuxing for
+func (r *ReadStreamSRTCP) GetSSRC() uint32 {
+	return r.ssrc
+}
+
+// WriteStreamSRTCP is stream for a single Session that is used to encrypt RTCP
+type WriteStreamSRTCP struct {
+	session *SessionSRTCP
+}
+
+// WriteRTCP encrypts a RTCP header and its payload to the nextConn
+func (w *WriteStreamSRTCP) WriteRTCP(header *rtcp.Header, payload []byte) (int, error) {
+	headerRaw, err := header.Marshal()
+	if err != nil {
+		return 0, err
+	}
+
+	return w.session.write(append(headerRaw, payload...))
+}
+
+// Write encrypts and writes a full RTCP packets to the nextConn
+func (w *WriteStreamSRTCP) Write(b []byte) (int, error) {
+	return w.session.write(b)
+}
+
+// SetWriteDeadline sets the deadline for the Write operation.
+// Setting to zero means no deadline.
+func (w *WriteStreamSRTCP) SetWriteDeadline(t time.Time) error {
+	return w.session.setWriteDeadline(t)
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/stream_srtp.go b/server/vendor/github.com/pion/srtp/v2/stream_srtp.go
new file mode 100644
index 0000000..8589700
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/stream_srtp.go
@@ -0,0 +1,157 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import (
+	"errors"
+	"io"
+	"sync"
+	"time"
+
+	"github.com/pion/rtp"
+	"github.com/pion/transport/v2/packetio"
+)
+
+// Limit the buffer size to 1MB
+const srtpBufferSize = 1000 * 1000
+
+// ReadStreamSRTP handles decryption for a single RTP SSRC
+type ReadStreamSRTP struct {
+	mu sync.Mutex
+
+	isClosed chan bool
+
+	session  *SessionSRTP
+	ssrc     uint32
+	isInited bool
+
+	buffer io.ReadWriteCloser
+}
+
+// Used by getOrCreateReadStream
+func newReadStreamSRTP() readStream {
+	return &ReadStreamSRTP{}
+}
+
+func (r *ReadStreamSRTP) init(child streamSession, ssrc uint32) error {
+	sessionSRTP, ok := child.(*SessionSRTP)
+
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if !ok {
+		return errFailedTypeAssertion
+	} else if r.isInited {
+		return errStreamAlreadyInited
+	}
+
+	r.session = sessionSRTP
+	r.ssrc = ssrc
+	r.isInited = true
+	r.isClosed = make(chan bool)
+
+	// Create a buffer with a 1MB limit
+	if r.session.bufferFactory != nil {
+		r.buffer = r.session.bufferFactory(packetio.RTPBufferPacket, ssrc)
+	} else {
+		buff := packetio.NewBuffer()
+		buff.SetLimitSize(srtpBufferSize)
+		r.buffer = buff
+	}
+
+	return nil
+}
+
+func (r *ReadStreamSRTP) write(buf []byte) (n int, err error) {
+	n, err = r.buffer.Write(buf)
+
+	if errors.Is(err, packetio.ErrFull) {
+		// Silently drop data when the buffer is full.
+		return len(buf), nil
+	}
+
+	return n, err
+}
+
+// Read reads and decrypts full RTP packet from the nextConn
+func (r *ReadStreamSRTP) Read(buf []byte) (int, error) {
+	return r.buffer.Read(buf)
+}
+
+// ReadRTP reads and decrypts full RTP packet and its header from the nextConn
+func (r *ReadStreamSRTP) ReadRTP(buf []byte) (int, *rtp.Header, error) {
+	n, err := r.Read(buf)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	header := &rtp.Header{}
+
+	_, err = header.Unmarshal(buf[:n])
+	if err != nil {
+		return 0, nil, err
+	}
+
+	return n, header, nil
+}
+
+// SetReadDeadline sets the deadline for the Read operation.
+// Setting to zero means no deadline.
+func (r *ReadStreamSRTP) SetReadDeadline(t time.Time) error {
+	if b, ok := r.buffer.(interface {
+		SetReadDeadline(time.Time) error
+	}); ok {
+		return b.SetReadDeadline(t)
+	}
+	return nil
+}
+
+// Close removes the ReadStream from the session and cleans up any associated state
+func (r *ReadStreamSRTP) Close() error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if !r.isInited {
+		return errStreamNotInited
+	}
+
+	select {
+	case <-r.isClosed:
+		return errStreamAlreadyClosed
+	default:
+		err := r.buffer.Close()
+		if err != nil {
+			return err
+		}
+
+		r.session.removeReadStream(r.ssrc)
+		return nil
+	}
+}
+
+// GetSSRC returns the SSRC we are demuxing for
+func (r *ReadStreamSRTP) GetSSRC() uint32 {
+	return r.ssrc
+}
+
+// WriteStreamSRTP is stream for a single Session that is used to encrypt RTP
+type WriteStreamSRTP struct {
+	session *SessionSRTP
+}
+
+// WriteRTP encrypts a RTP packet and writes to the connection
+func (w *WriteStreamSRTP) WriteRTP(header *rtp.Header, payload []byte) (int, error) {
+	return w.session.writeRTP(header, payload)
+}
+
+// Write encrypts and writes a full RTP packets to the nextConn
+func (w *WriteStreamSRTP) Write(b []byte) (int, error) {
+	return w.session.write(b)
+}
+
+// SetWriteDeadline sets the deadline for the Write operation.
+// Setting to zero means no deadline.
+func (w *WriteStreamSRTP) SetWriteDeadline(t time.Time) error {
+	return w.session.setWriteDeadline(t)
+}
diff --git a/server/vendor/github.com/pion/srtp/v2/util.go b/server/vendor/github.com/pion/srtp/v2/util.go
new file mode 100644
index 0000000..792175d
--- /dev/null
+++ b/server/vendor/github.com/pion/srtp/v2/util.go
@@ -0,0 +1,36 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package srtp
+
+import "bytes"
+
+// Grow the buffer size to the given number of bytes.
+func growBufferSize(buf []byte, size int) []byte {
+	if size <= cap(buf) {
+		return buf[:size]
+	}
+
+	buf2 := make([]byte, size)
+	copy(buf2, buf)
+	return buf2
+}
+
+// Check if buffers match, if not allocate a new buffer and return it
+func allocateIfMismatch(dst, src []byte) []byte {
+	if dst == nil {
+		dst = make([]byte, len(src))
+		copy(dst, src)
+	} else if !bytes.Equal(dst, src) { // bytes.Equal returns on ref equality, no optimization needed
+		extraNeeded := len(src) - len(dst)
+		if extraNeeded > 0 {
+			dst = append(dst, make([]byte, extraNeeded)...)
+		} else if extraNeeded < 0 {
+			dst = dst[:len(dst)+extraNeeded]
+		}
+
+		copy(dst, src)
+	}
+
+	return dst
+}
diff --git a/server/vendor/github.com/pion/stun/.gitignore b/server/vendor/github.com/pion/stun/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/stun/.golangci.yml b/server/vendor/github.com/pion/stun/.golangci.yml
new file mode 100644
index 0000000..4e3eddf
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/.golangci.yml
@@ -0,0 +1,137 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests, better to be self contained
+    - path: _test\.go
+      linters:
+        - gocognit
+        - forbidigo
+
+    # Allow complex main function in examples
+    - path: examples
+      text: "of func `main` is high"
+      linters:
+        - gocognit
+    
+    # Allow forbidden identifiers in examples
+    - path: examples
+      linters:
+        - forbidigo
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/stun/.goreleaser.yml b/server/vendor/github.com/pion/stun/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/stun/AUTHORS.txt b/server/vendor/github.com/pion/stun/AUTHORS.txt
new file mode 100644
index 0000000..3c3d9e0
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/AUTHORS.txt
@@ -0,0 +1,40 @@
+# Thank you to everyone that made Pion possible. If you are interested in contributing
+# we would love to have you https://github.com/pion/webrtc/wiki/Contributing
+#
+# This file is auto generated, using git to list all individuals contributors.
+# see https://github.com/pion/.goassets/blob/master/scripts/generate-authors.sh for the scripting
+Adam Kiss <masterada@gmail.com>
+Aleksandr Razumov <ar@cydev.ru>
+Aleksandr Razumov <ar@gortc.io>
+Atsushi Watanabe <atsushi.w@ieee.org>
+backkem <mail@backkem.me>
+Cecylia Bocovich <cohosh@torproject.org>
+Christian Muehlhaeuser <muesli@gmail.com>
+David-dp- <David-dp-@users.noreply.github.com>
+ernado <ar@cydev.ru>
+ernado <ernado@ya.ru>
+fossabot <badges@fossa.io>
+Frank Dietrich <bits_n_bytes@gmx.de>
+Hugo Arregui <hugo.arregui@gmail.com>
+Jerry Tao <taojay315@gmail.com>
+jinleileiking <jinleileiking@gmail.com>
+John Bradley <john@pion.ly>
+Juliusz Chroboczek <jch@irif.fr>
+Maanas Royy <m4manas@gmail.com>
+Moises Marangoni <moises.marangon@gmail.com>
+Raphael Randschau <nicolai86@me.com>
+Sean DuBois <seaduboi@amazon.com>
+Sean DuBois <sean@pion.ly>
+Sean DuBois <sean@siobud.com>
+songjiayang <songjiayang@users.noreply.github.com>
+Steffen Vogel <post@steffenvogel.de>
+Vladislav Yarmak <vladislav@vm-0.com>
+Will LE <lexuandinhct@gmail.com>
+Y.Horie <u5.horie@gmail.com>
+Yutaka Takeda <yt0916@gmail.com>
+ZHENK <chengzhenyang@gmail.com>
+
+# List of contributors not appearing in Git history
+Aliaksandr Valialkin <valyala@gmail.com>
+The IETF Trust
+The gortc project
diff --git a/server/vendor/github.com/pion/stun/LICENSE b/server/vendor/github.com/pion/stun/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/stun/Makefile b/server/vendor/github.com/pion/stun/Makefile
new file mode 100644
index 0000000..ebfcd33
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/Makefile
@@ -0,0 +1,39 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+VERSION := $(shell git describe --tags | sed -e 's/^v//g' | awk -F "-" '{print $$1}')
+ITERATION := $(shell git describe --tags --long | awk -F "-" '{print $$2}')
+GO_VERSION=$(shell gobuild -v)
+GO := $(or $(GOROOT),/usr/lib/go)/bin/go
+PROCS := $(shell nproc)
+cores:
+	@echo "cores: $(PROCS)"
+bench:
+	go test -bench .
+bench-record:
+	$(GO) test -bench . > "benchmarks/stun-go-$(GO_VERSION).txt"
+lint:
+	@golangci-lint run ./...
+	@echo "ok"
+escape:
+	@echo "Not escapes, except autogenerated:"
+	@go build -gcflags '-m -l' 2>&1 \
+	| grep -v "<autogenerated>" \
+	| grep escapes
+format:
+	goimports -w .
+bench-compare:
+	go test -bench . > bench.go-16
+	go-tip test -bench . > bench.go-tip
+	@benchcmp bench.go-16 bench.go-tip
+install:
+	go get gortc.io/api
+	go get -u github.com/golangci/golangci-lint/cmd/golangci-lint
+test-integration:
+	@cd e2e && bash ./test.sh
+prepush: test lint test-integration
+check-api:
+	@cd api && bash ./check.sh
+test:
+	@./go.test.sh
+clean:
diff --git a/server/vendor/github.com/pion/stun/README.md b/server/vendor/github.com/pion/stun/README.md
new file mode 100644
index 0000000..fe1b28f
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/README.md
@@ -0,0 +1,186 @@
+<h1 align="center">
+  <br>
+  Pion STUN
+  <br>
+</h1>
+<h4 align="center">A Go implementation of STUN</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-stun-gray.svg?longCache=true&colorB=brightgreen" alt="Pion stun"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/stun/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/stun"><img src="https://pkg.go.dev/badge/github.com/pion/stun.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/stun"><img src="https://codecov.io/gh/pion/stun/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/stun"><img src="https://goreportcard.com/badge/github.com/pion/stun" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+Package `stun` implements Session Traversal Utilities for NAT (STUN) ([RFC 5389][rfc5389])
+protocol and [client](https://pkg.go.dev/github.com/pion/stun#Client) with no external dependencies and zero allocations in hot paths.
+Client [supports](https://pkg.go.dev/github.com/pion/stun#WithRTO) automatic request retransmissions.
+
+### Example
+You can get your current IP address from any STUN server by sending
+binding request. See more idiomatic example at `cmd/stun-client`.
+```go
+package main
+
+import (
+	"fmt"
+
+	"github.com/pion/stun"
+)
+
+func main() {
+	// Parse a STUN URI
+	u, err := stun.ParseURI("stun:stun.l.google.com:19302")
+	if err != nil {
+		panic(err)
+	}
+
+	// Creating a "connection" to STUN server.
+	c, err := stun.DialURI(u, &stun.DialConfig{})
+	if err != nil {
+		panic(err)
+	}
+	// Building binding request with random transaction id.
+	message := stun.MustBuild(stun.TransactionID, stun.BindingRequest)
+	// Sending request to STUN server, waiting for response message.
+	if err := c.Do(message, func(res stun.Event) {
+		if res.Error != nil {
+			panic(res.Error)
+		}
+		// Decoding XOR-MAPPED-ADDRESS attribute from message.
+		var xorAddr stun.XORMappedAddress
+		if err := xorAddr.GetFrom(res.Message); err != nil {
+			panic(err)
+		}
+		fmt.Println("your IP is", xorAddr.IP)
+	}); err != nil {
+		panic(err)
+	}
+}
+```
+
+### RFCs
+#### Implemented
+- **RFC 5389**: [Session Traversal Utilities for NAT (STUN)][rfc5389]
+- **RFC 5769**: [Test Vectors for Session Traversal Utilities for NAT (STUN)][rfc5769]
+- **RFC 6062**: [Traversal Using Relays around NAT (TURN) Extensions for TCP Allocations][rfc6062]
+- **RFC 7064**: [URI Scheme for the Session Traversal Utilities for NAT (STUN) Protocol][rfc7064]
+- **RFC 7065**: [Traversal Using Relays around NAT (TURN) Uniform Resource Identifiers][rfc7065]
+- **RFC 5780**: [NAT Behavior Discovery Using Session Traversal Utilities for NAT (STUN)][rfc5780] via [cmd/stun-nat-behaviour](cmd/stun-nat-behaviour)
+- (TLS-over-)TCP client support
+
+#### Planned
+- **RFC 5389**: [ALTERNATE-SERVER](https://tools.ietf.org/html/rfc5389#section-11) support [#48](https://github.com/pion/stun/issues/48)
+
+#### Compatability notes
+
+[RFC 5389][rfc5389] obsoletes [RFC 3489][rfc3489], so implementation was ignored by purpose, however,
+[RFC 3489][rfc3489] can be easily implemented as separate package.
+
+[rfc3489]: https://tools.ietf.org/html/rfc3489
+[rfc5389]: https://tools.ietf.org/html/rfc5389
+[rfc5769]: https://tools.ietf.org/html/rfc5769
+[rfc5780]: https://tools.ietf.org/html/rfc5780
+[rfc6062]: https://tools.ietf.org/html/rfc6062
+[rfc7064]: https://tools.ietf.org/html/rfc7064
+[rfc7065]: https://tools.ietf.org/html/rfc7065
+
+### Stability
+Package is currently stable, no backward incompatible changes are expected
+with exception of critical bugs or security fixes.
+
+Additional attributes are unlikely to be implemented in scope of stun package,
+the only exception is constants for attribute or message types.
+
+### Requirements
+Go 1.12 is currently supported and tested in CI.
+
+### Testing
+Client behavior is tested and verified in many ways:
+  * End-To-End with long-term credentials
+    * **coturn**: The coturn [server](https://github.com/coturn/coturn/wiki/turnserver) (linux)
+  * Bunch of code static checkers (linters)
+  * Standard unit-tests with coverage reporting (linux {amd64, **arm**64}, windows and darwin)
+  * Explicit API backward compatibility [check](https://github.com/gortc/api), see `api` directory
+
+See [TeamCity project](https://tc.gortc.io/project.html?projectId=stun&guest=1) and `e2e` directory
+for more information. Also the Wireshark `.pcap` files are available for e2e test in
+artifacts for build.
+
+### Benchmarks
+Intel(R) Core(TM) i7-8700K:
+
+```
+version: 1.22.2
+goos: linux
+goarch: amd64
+pkg: github.com/pion/stun
+PASS
+benchmark                                         iter       time/iter      throughput   bytes alloc        allocs
+---------                                         ----       ---------      ----------   -----------        ------
+BenchmarkMappedAddress_AddTo-12               32489450     38.30 ns/op                        0 B/op   0 allocs/op
+BenchmarkAlternateServer_AddTo-12             31230991     39.00 ns/op                        0 B/op   0 allocs/op
+BenchmarkAgent_GC-12                            431390   2918.00 ns/op                        0 B/op   0 allocs/op
+BenchmarkAgent_Process-12                     35901940     36.20 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessage_GetNotFound-12              242004358      5.19 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessage_Get-12                      230520343      5.21 ns/op                        0 B/op   0 allocs/op
+BenchmarkClient_Do-12                          1282231    943.00 ns/op                        0 B/op   0 allocs/op
+BenchmarkErrorCode_AddTo-12                   16318916     75.50 ns/op                        0 B/op   0 allocs/op
+BenchmarkErrorCodeAttribute_AddTo-12          21584140     54.80 ns/op                        0 B/op   0 allocs/op
+BenchmarkErrorCodeAttribute_GetFrom-12       100000000     11.10 ns/op                        0 B/op   0 allocs/op
+BenchmarkFingerprint_AddTo-12                 19368768     64.00 ns/op     687.81 MB/s        0 B/op   0 allocs/op
+BenchmarkFingerprint_Check-12                 24167007     49.10 ns/op    1057.99 MB/s        0 B/op   0 allocs/op
+BenchmarkBuildOverhead/Build-12                5486252    224.00 ns/op                        0 B/op   0 allocs/op
+BenchmarkBuildOverhead/BuildNonPointer-12      2496544    517.00 ns/op                      100 B/op   4 allocs/op
+BenchmarkBuildOverhead/Raw-12                  6652118    181.00 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessage_ForEach-12                   28254212     35.90 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessageIntegrity_AddTo-12             1000000   1179.00 ns/op      16.96 MB/s        0 B/op   0 allocs/op
+BenchmarkMessageIntegrity_Check-12              975954   1219.00 ns/op      26.24 MB/s        0 B/op   0 allocs/op
+BenchmarkMessage_Write-12                     41040598     30.40 ns/op     922.13 MB/s        0 B/op   0 allocs/op
+BenchmarkMessageType_Value-12               1000000000      0.53 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessage_WriteTo-12                   94942935     11.30 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessage_ReadFrom-12                  43437718     29.30 ns/op     682.87 MB/s        0 B/op   0 allocs/op
+BenchmarkMessage_ReadBytes-12                 74693397     15.90 ns/op    1257.42 MB/s        0 B/op   0 allocs/op
+BenchmarkIsMessage-12                       1000000000      1.20 ns/op   16653.64 MB/s        0 B/op   0 allocs/op
+BenchmarkMessage_NewTransactionID-12            521121   2450.00 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessageFull-12                        5389495    221.00 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessageFullHardcore-12               12715876     94.40 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessage_WriteHeader-12              100000000     11.60 ns/op                        0 B/op   0 allocs/op
+BenchmarkMessage_CloneTo-12                   30199020     41.80 ns/op    1626.66 MB/s        0 B/op   0 allocs/op
+BenchmarkMessage_AddTo-12                    415257625      2.97 ns/op                        0 B/op   0 allocs/op
+BenchmarkDecode-12                            49573747     23.60 ns/op                        0 B/op   0 allocs/op
+BenchmarkUsername_AddTo-12                    56282674     22.50 ns/op                        0 B/op   0 allocs/op
+BenchmarkUsername_GetFrom-12                 100000000     10.10 ns/op                        0 B/op   0 allocs/op
+BenchmarkNonce_AddTo-12                       39419097     35.80 ns/op                        0 B/op   0 allocs/op
+BenchmarkNonce_AddTo_BadLength-12            196291666      6.04 ns/op                        0 B/op   0 allocs/op
+BenchmarkNonce_GetFrom-12                    120857732      9.93 ns/op                        0 B/op   0 allocs/op
+BenchmarkUnknownAttributes/AddTo-12           28881430     37.20 ns/op                        0 B/op   0 allocs/op
+BenchmarkUnknownAttributes/GetFrom-12         64907534     19.80 ns/op                        0 B/op   0 allocs/op
+BenchmarkXOR-12                               32868506     32.20 ns/op   31836.66 MB/s
+BenchmarkXORSafe-12                            5185776    234.00 ns/op    4378.74 MB/s
+BenchmarkXORFast-12                           30975679     32.50 ns/op   31525.28 MB/s
+BenchmarkXORMappedAddress_AddTo-12            21518028     54.50 ns/op                        0 B/op   0 allocs/op
+BenchmarkXORMappedAddress_GetFrom-12          35597667     34.40 ns/op                        0 B/op   0 allocs/op
+ok      github.com/pion/stun   60.973s
+```
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible: [AUTHORS.txt](./AUTHORS.txt)
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/stun/addr.go b/server/vendor/github.com/pion/stun/addr.go
new file mode 100644
index 0000000..d15e2bb
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/addr.go
@@ -0,0 +1,163 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"fmt"
+	"io"
+	"net"
+	"strconv"
+)
+
+// MappedAddress represents MAPPED-ADDRESS attribute.
+//
+// This attribute is used only by servers for achieving backwards
+// compatibility with RFC 3489 clients.
+//
+// RFC 5389 Section 15.1
+type MappedAddress struct {
+	IP   net.IP
+	Port int
+}
+
+// AlternateServer represents ALTERNATE-SERVER attribute.
+//
+// RFC 5389 Section 15.11
+type AlternateServer struct {
+	IP   net.IP
+	Port int
+}
+
+// ResponseOrigin represents RESPONSE-ORIGIN attribute.
+//
+// RFC 5780 Section 7.3
+type ResponseOrigin struct {
+	IP   net.IP
+	Port int
+}
+
+// OtherAddress represents OTHER-ADDRESS attribute.
+//
+// RFC 5780 Section 7.4
+type OtherAddress struct {
+	IP   net.IP
+	Port int
+}
+
+// AddTo adds ALTERNATE-SERVER attribute to message.
+func (s *AlternateServer) AddTo(m *Message) error {
+	a := (*MappedAddress)(s)
+	return a.AddToAs(m, AttrAlternateServer)
+}
+
+// GetFrom decodes ALTERNATE-SERVER from message.
+func (s *AlternateServer) GetFrom(m *Message) error {
+	a := (*MappedAddress)(s)
+	return a.GetFromAs(m, AttrAlternateServer)
+}
+
+func (a MappedAddress) String() string {
+	return net.JoinHostPort(a.IP.String(), strconv.Itoa(a.Port))
+}
+
+// GetFromAs decodes MAPPED-ADDRESS value in message m as an attribute of type t.
+func (a *MappedAddress) GetFromAs(m *Message, t AttrType) error {
+	v, err := m.Get(t)
+	if err != nil {
+		return err
+	}
+	if len(v) <= 4 {
+		return io.ErrUnexpectedEOF
+	}
+	family := bin.Uint16(v[0:2])
+	if family != familyIPv6 && family != familyIPv4 {
+		return newDecodeErr("xor-mapped address", "family",
+			fmt.Sprintf("bad value %d", family),
+		)
+	}
+	ipLen := net.IPv4len
+	if family == familyIPv6 {
+		ipLen = net.IPv6len
+	}
+	// Ensuring len(a.IP) == ipLen and reusing a.IP.
+	if len(a.IP) < ipLen {
+		a.IP = a.IP[:cap(a.IP)]
+		for len(a.IP) < ipLen {
+			a.IP = append(a.IP, 0)
+		}
+	}
+	a.IP = a.IP[:ipLen]
+	for i := range a.IP {
+		a.IP[i] = 0
+	}
+	a.Port = int(bin.Uint16(v[2:4]))
+	copy(a.IP, v[4:])
+	return nil
+}
+
+// AddToAs adds MAPPED-ADDRESS value to m as t attribute.
+func (a *MappedAddress) AddToAs(m *Message, t AttrType) error {
+	var (
+		family = familyIPv4
+		ip     = a.IP
+	)
+	if len(a.IP) == net.IPv6len {
+		if isIPv4(ip) {
+			ip = ip[12:16] // like in ip.To4()
+		} else {
+			family = familyIPv6
+		}
+	} else if len(ip) != net.IPv4len {
+		return ErrBadIPLength
+	}
+	value := make([]byte, 128)
+	value[0] = 0 // first 8 bits are zeroes
+	bin.PutUint16(value[0:2], family)
+	bin.PutUint16(value[2:4], uint16(a.Port))
+	copy(value[4:], ip)
+	m.Add(t, value[:4+len(ip)])
+	return nil
+}
+
+// AddTo adds MAPPED-ADDRESS to message.
+func (a *MappedAddress) AddTo(m *Message) error {
+	return a.AddToAs(m, AttrMappedAddress)
+}
+
+// GetFrom decodes MAPPED-ADDRESS from message.
+func (a *MappedAddress) GetFrom(m *Message) error {
+	return a.GetFromAs(m, AttrMappedAddress)
+}
+
+// AddTo adds OTHER-ADDRESS attribute to message.
+func (o *OtherAddress) AddTo(m *Message) error {
+	a := (*MappedAddress)(o)
+	return a.AddToAs(m, AttrOtherAddress)
+}
+
+// GetFrom decodes OTHER-ADDRESS from message.
+func (o *OtherAddress) GetFrom(m *Message) error {
+	a := (*MappedAddress)(o)
+	return a.GetFromAs(m, AttrOtherAddress)
+}
+
+func (o OtherAddress) String() string {
+	return net.JoinHostPort(o.IP.String(), strconv.Itoa(o.Port))
+}
+
+// AddTo adds RESPONSE-ORIGIN attribute to message.
+func (o *ResponseOrigin) AddTo(m *Message) error {
+	a := (*MappedAddress)(o)
+	return a.AddToAs(m, AttrResponseOrigin)
+}
+
+// GetFrom decodes RESPONSE-ORIGIN from message.
+func (o *ResponseOrigin) GetFrom(m *Message) error {
+	a := (*MappedAddress)(o)
+	return a.GetFromAs(m, AttrResponseOrigin)
+}
+
+func (o ResponseOrigin) String() string {
+	return net.JoinHostPort(o.IP.String(), strconv.Itoa(o.Port))
+}
diff --git a/server/vendor/github.com/pion/stun/agent.go b/server/vendor/github.com/pion/stun/agent.go
new file mode 100644
index 0000000..f03efa3
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/agent.go
@@ -0,0 +1,233 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"errors"
+	"sync"
+	"time"
+)
+
+// NoopHandler just discards any event.
+func NoopHandler() Handler {
+	return func(e Event) {}
+}
+
+// NewAgent initializes and returns new Agent with provided handler.
+// If h is nil, the NoopHandler will be used.
+func NewAgent(h Handler) *Agent {
+	if h == nil {
+		h = NoopHandler()
+	}
+	a := &Agent{
+		transactions: make(map[transactionID]agentTransaction),
+		handler:      h,
+	}
+	return a
+}
+
+// Agent is low-level abstraction over transaction list that
+// handles concurrency (all calls are goroutine-safe) and
+// time outs (via Collect call).
+type Agent struct {
+	// transactions is map of transactions that are currently
+	// in progress. Event handling is done in such way when
+	// transaction is unregistered before agentTransaction access,
+	// minimizing mux lock and protecting agentTransaction from
+	// data races via unexpected concurrent access.
+	transactions map[transactionID]agentTransaction
+	closed       bool       // all calls are invalid if true
+	mux          sync.Mutex // protects transactions and closed
+	handler      Handler    // handles transactions
+}
+
+// Handler handles state changes of transaction.
+//
+// Handler is called on transaction state change.
+// Usage of e is valid only during call, user must
+// copy needed fields explicitly.
+type Handler func(e Event)
+
+// Event is passed to Handler describing the transaction event.
+// Do not reuse outside Handler.
+type Event struct {
+	TransactionID [TransactionIDSize]byte
+	Message       *Message
+	Error         error
+}
+
+// agentTransaction represents transaction in progress.
+// Concurrent access is invalid.
+type agentTransaction struct {
+	id       transactionID
+	deadline time.Time
+}
+
+var (
+	// ErrTransactionStopped indicates that transaction was manually stopped.
+	ErrTransactionStopped = errors.New("transaction is stopped")
+	// ErrTransactionNotExists indicates that agent failed to find transaction.
+	ErrTransactionNotExists = errors.New("transaction not exists")
+	// ErrTransactionExists indicates that transaction with same id is already
+	// registered.
+	ErrTransactionExists = errors.New("transaction exists with same id")
+)
+
+// StopWithError removes transaction from list and calls handler with
+// provided error. Can return ErrTransactionNotExists and ErrAgentClosed.
+func (a *Agent) StopWithError(id [TransactionIDSize]byte, err error) error {
+	a.mux.Lock()
+	if a.closed {
+		a.mux.Unlock()
+		return ErrAgentClosed
+	}
+	t, exists := a.transactions[id]
+	delete(a.transactions, id)
+	h := a.handler
+	a.mux.Unlock()
+	if !exists {
+		return ErrTransactionNotExists
+	}
+	h(Event{
+		TransactionID: t.id,
+		Error:         err,
+	})
+	return nil
+}
+
+// Stop stops transaction by id with ErrTransactionStopped, blocking
+// until handler returns.
+func (a *Agent) Stop(id [TransactionIDSize]byte) error {
+	return a.StopWithError(id, ErrTransactionStopped)
+}
+
+// ErrAgentClosed indicates that agent is in closed state and is unable
+// to handle transactions.
+var ErrAgentClosed = errors.New("agent is closed")
+
+// Start registers transaction with provided id and deadline.
+// Could return ErrAgentClosed, ErrTransactionExists.
+//
+// Agent handler is guaranteed to be eventually called.
+func (a *Agent) Start(id [TransactionIDSize]byte, deadline time.Time) error {
+	a.mux.Lock()
+	defer a.mux.Unlock()
+	if a.closed {
+		return ErrAgentClosed
+	}
+	_, exists := a.transactions[id]
+	if exists {
+		return ErrTransactionExists
+	}
+	a.transactions[id] = agentTransaction{
+		id:       id,
+		deadline: deadline,
+	}
+	return nil
+}
+
+// agentCollectCap is initial capacity for Agent.Collect slices,
+// sufficient to make function zero-alloc in most cases.
+const agentCollectCap = 100
+
+// ErrTransactionTimeOut indicates that transaction has reached deadline.
+var ErrTransactionTimeOut = errors.New("transaction is timed out")
+
+// Collect terminates all transactions that have deadline before provided
+// time, blocking until all handlers will process ErrTransactionTimeOut.
+// Will return ErrAgentClosed if agent is already closed.
+//
+// It is safe to call Collect concurrently but makes no sense.
+func (a *Agent) Collect(gcTime time.Time) error {
+	toRemove := make([]transactionID, 0, agentCollectCap)
+	a.mux.Lock()
+	if a.closed {
+		// Doing nothing if agent is closed.
+		// All transactions should be already closed
+		// during Close() call.
+		a.mux.Unlock()
+		return ErrAgentClosed
+	}
+	// Adding all transactions with deadline before gcTime
+	// to toCall and toRemove slices.
+	// No allocs if there are less than agentCollectCap
+	// timed out transactions.
+	for id, t := range a.transactions {
+		if t.deadline.Before(gcTime) {
+			toRemove = append(toRemove, id)
+		}
+	}
+	// Un-registering timed out transactions.
+	for _, id := range toRemove {
+		delete(a.transactions, id)
+	}
+	// Calling handler does not require locked mutex,
+	// reducing lock time.
+	h := a.handler
+	a.mux.Unlock()
+	// Sending ErrTransactionTimeOut to handler for all transactions,
+	// blocking until last one.
+	event := Event{
+		Error: ErrTransactionTimeOut,
+	}
+	for _, id := range toRemove {
+		event.TransactionID = id
+		h(event)
+	}
+	return nil
+}
+
+// Process incoming message, synchronously passing it to handler.
+func (a *Agent) Process(m *Message) error {
+	e := Event{
+		TransactionID: m.TransactionID,
+		Message:       m,
+	}
+	a.mux.Lock()
+	if a.closed {
+		a.mux.Unlock()
+		return ErrAgentClosed
+	}
+	h := a.handler
+	delete(a.transactions, m.TransactionID)
+	a.mux.Unlock()
+	h(e)
+	return nil
+}
+
+// SetHandler sets agent handler to h.
+func (a *Agent) SetHandler(h Handler) error {
+	a.mux.Lock()
+	if a.closed {
+		a.mux.Unlock()
+		return ErrAgentClosed
+	}
+	a.handler = h
+	a.mux.Unlock()
+	return nil
+}
+
+// Close terminates all transactions with ErrAgentClosed and renders Agent to
+// closed state.
+func (a *Agent) Close() error {
+	e := Event{
+		Error: ErrAgentClosed,
+	}
+	a.mux.Lock()
+	if a.closed {
+		a.mux.Unlock()
+		return ErrAgentClosed
+	}
+	for _, t := range a.transactions {
+		e.TransactionID = t.id
+		a.handler(e)
+	}
+	a.transactions = nil
+	a.closed = true
+	a.handler = nil
+	a.mux.Unlock()
+	return nil
+}
+
+type transactionID [TransactionIDSize]byte
diff --git a/server/vendor/github.com/pion/stun/attributes.go b/server/vendor/github.com/pion/stun/attributes.go
new file mode 100644
index 0000000..8a1aa21
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/attributes.go
@@ -0,0 +1,254 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"errors"
+	"fmt"
+)
+
+// Attributes is list of message attributes.
+type Attributes []RawAttribute
+
+// Get returns first attribute from list by the type.
+// If attribute is present the RawAttribute is returned and the
+// boolean is true. Otherwise the returned RawAttribute will be
+// empty and boolean will be false.
+func (a Attributes) Get(t AttrType) (RawAttribute, bool) {
+	for _, candidate := range a {
+		if candidate.Type == t {
+			return candidate, true
+		}
+	}
+	return RawAttribute{}, false
+}
+
+// AttrType is attribute type.
+type AttrType uint16
+
+// Required returns true if type is from comprehension-required range (0x0000-0x7FFF).
+func (t AttrType) Required() bool {
+	return t <= 0x7FFF
+}
+
+// Optional returns true if type is from comprehension-optional range (0x8000-0xFFFF).
+func (t AttrType) Optional() bool {
+	return t >= 0x8000
+}
+
+// Attributes from comprehension-required range (0x0000-0x7FFF).
+const (
+	AttrMappedAddress     AttrType = 0x0001 // MAPPED-ADDRESS
+	AttrUsername          AttrType = 0x0006 // USERNAME
+	AttrMessageIntegrity  AttrType = 0x0008 // MESSAGE-INTEGRITY
+	AttrErrorCode         AttrType = 0x0009 // ERROR-CODE
+	AttrUnknownAttributes AttrType = 0x000A // UNKNOWN-ATTRIBUTES
+	AttrRealm             AttrType = 0x0014 // REALM
+	AttrNonce             AttrType = 0x0015 // NONCE
+	AttrXORMappedAddress  AttrType = 0x0020 // XOR-MAPPED-ADDRESS
+)
+
+// Attributes from comprehension-optional range (0x8000-0xFFFF).
+const (
+	AttrSoftware        AttrType = 0x8022 // SOFTWARE
+	AttrAlternateServer AttrType = 0x8023 // ALTERNATE-SERVER
+	AttrFingerprint     AttrType = 0x8028 // FINGERPRINT
+)
+
+// Attributes from RFC 5245 ICE.
+const (
+	AttrPriority       AttrType = 0x0024 // PRIORITY
+	AttrUseCandidate   AttrType = 0x0025 // USE-CANDIDATE
+	AttrICEControlled  AttrType = 0x8029 // ICE-CONTROLLED
+	AttrICEControlling AttrType = 0x802A // ICE-CONTROLLING
+)
+
+// Attributes from RFC 5766 TURN.
+const (
+	AttrChannelNumber      AttrType = 0x000C // CHANNEL-NUMBER
+	AttrLifetime           AttrType = 0x000D // LIFETIME
+	AttrXORPeerAddress     AttrType = 0x0012 // XOR-PEER-ADDRESS
+	AttrData               AttrType = 0x0013 // DATA
+	AttrXORRelayedAddress  AttrType = 0x0016 // XOR-RELAYED-ADDRESS
+	AttrEvenPort           AttrType = 0x0018 // EVEN-PORT
+	AttrRequestedTransport AttrType = 0x0019 // REQUESTED-TRANSPORT
+	AttrDontFragment       AttrType = 0x001A // DONT-FRAGMENT
+	AttrReservationToken   AttrType = 0x0022 // RESERVATION-TOKEN
+)
+
+// Attributes from RFC 5780 NAT Behavior Discovery
+const (
+	AttrChangeRequest  AttrType = 0x0003 // CHANGE-REQUEST
+	AttrPadding        AttrType = 0x0026 // PADDING
+	AttrResponsePort   AttrType = 0x0027 // RESPONSE-PORT
+	AttrCacheTimeout   AttrType = 0x8027 // CACHE-TIMEOUT
+	AttrResponseOrigin AttrType = 0x802b // RESPONSE-ORIGIN
+	AttrOtherAddress   AttrType = 0x802C // OTHER-ADDRESS
+)
+
+// Attributes from RFC 3489, removed by RFC 5389,
+//
+//	but still used by RFC5389-implementing software like Vovida.org, reTURNServer, etc.
+const (
+	AttrSourceAddress  AttrType = 0x0004 // SOURCE-ADDRESS
+	AttrChangedAddress AttrType = 0x0005 // CHANGED-ADDRESS
+)
+
+// Attributes from RFC 6062 TURN Extensions for TCP Allocations.
+const (
+	AttrConnectionID AttrType = 0x002a // CONNECTION-ID
+)
+
+// Attributes from RFC 6156 TURN IPv6.
+const (
+	AttrRequestedAddressFamily AttrType = 0x0017 // REQUESTED-ADDRESS-FAMILY
+)
+
+// Attributes from An Origin Attribute for the STUN Protocol.
+const (
+	AttrOrigin AttrType = 0x802F
+)
+
+// Attributes from RFC 8489 STUN.
+const (
+	AttrMessageIntegritySHA256 AttrType = 0x001C // MESSAGE-INTEGRITY-SHA256
+	AttrPasswordAlgorithm      AttrType = 0x001D // PASSWORD-ALGORITHM
+	AttrUserhash               AttrType = 0x001E // USERHASH
+	AttrPasswordAlgorithms     AttrType = 0x8002 // PASSWORD-ALGORITHMS
+	AttrAlternateDomain        AttrType = 0x8003 // ALTERNATE-DOMAIN
+)
+
+// Value returns uint16 representation of attribute type.
+func (t AttrType) Value() uint16 {
+	return uint16(t)
+}
+
+func attrNames() map[AttrType]string {
+	return map[AttrType]string{
+		AttrMappedAddress:          "MAPPED-ADDRESS",
+		AttrUsername:               "USERNAME",
+		AttrErrorCode:              "ERROR-CODE",
+		AttrMessageIntegrity:       "MESSAGE-INTEGRITY",
+		AttrUnknownAttributes:      "UNKNOWN-ATTRIBUTES",
+		AttrRealm:                  "REALM",
+		AttrNonce:                  "NONCE",
+		AttrXORMappedAddress:       "XOR-MAPPED-ADDRESS",
+		AttrSoftware:               "SOFTWARE",
+		AttrAlternateServer:        "ALTERNATE-SERVER",
+		AttrFingerprint:            "FINGERPRINT",
+		AttrPriority:               "PRIORITY",
+		AttrUseCandidate:           "USE-CANDIDATE",
+		AttrICEControlled:          "ICE-CONTROLLED",
+		AttrICEControlling:         "ICE-CONTROLLING",
+		AttrChannelNumber:          "CHANNEL-NUMBER",
+		AttrLifetime:               "LIFETIME",
+		AttrXORPeerAddress:         "XOR-PEER-ADDRESS",
+		AttrData:                   "DATA",
+		AttrXORRelayedAddress:      "XOR-RELAYED-ADDRESS",
+		AttrEvenPort:               "EVEN-PORT",
+		AttrRequestedTransport:     "REQUESTED-TRANSPORT",
+		AttrDontFragment:           "DONT-FRAGMENT",
+		AttrReservationToken:       "RESERVATION-TOKEN",
+		AttrConnectionID:           "CONNECTION-ID",
+		AttrRequestedAddressFamily: "REQUESTED-ADDRESS-FAMILY",
+		AttrMessageIntegritySHA256: "MESSAGE-INTEGRITY-SHA256",
+		AttrPasswordAlgorithm:      "PASSWORD-ALGORITHM",
+		AttrUserhash:               "USERHASH",
+		AttrPasswordAlgorithms:     "PASSWORD-ALGORITHMS",
+		AttrAlternateDomain:        "ALTERNATE-DOMAIN",
+	}
+}
+
+func (t AttrType) String() string {
+	s, ok := attrNames()[t]
+	if !ok {
+		// Just return hex representation of unknown attribute type.
+		return fmt.Sprintf("0x%x", uint16(t))
+	}
+	return s
+}
+
+// RawAttribute is a Type-Length-Value (TLV) object that
+// can be added to a STUN message. Attributes are divided into two
+// types: comprehension-required and comprehension-optional.  STUN
+// agents can safely ignore comprehension-optional attributes they
+// don't understand, but cannot successfully process a message if it
+// contains comprehension-required attributes that are not
+// understood.
+type RawAttribute struct {
+	Type   AttrType
+	Length uint16 // ignored while encoding
+	Value  []byte
+}
+
+// AddTo implements Setter, adding attribute as a.Type with a.Value and ignoring
+// the Length field.
+func (a RawAttribute) AddTo(m *Message) error {
+	m.Add(a.Type, a.Value)
+	return nil
+}
+
+// Equal returns true if a == b.
+func (a RawAttribute) Equal(b RawAttribute) bool {
+	if a.Type != b.Type {
+		return false
+	}
+	if a.Length != b.Length {
+		return false
+	}
+	if len(b.Value) != len(a.Value) {
+		return false
+	}
+	for i, v := range a.Value {
+		if b.Value[i] != v {
+			return false
+		}
+	}
+	return true
+}
+
+func (a RawAttribute) String() string {
+	return fmt.Sprintf("%s: 0x%x", a.Type, a.Value)
+}
+
+// ErrAttributeNotFound means that attribute with provided attribute
+// type does not exist in message.
+var ErrAttributeNotFound = errors.New("attribute not found")
+
+// Get returns byte slice that represents attribute value,
+// if there is no attribute with such type,
+// ErrAttributeNotFound is returned.
+func (m *Message) Get(t AttrType) ([]byte, error) {
+	v, ok := m.Attributes.Get(t)
+	if !ok {
+		return nil, ErrAttributeNotFound
+	}
+	return v.Value, nil
+}
+
+// STUN aligns attributes on 32-bit boundaries, attributes whose content
+// is not a multiple of 4 bytes are padded with 1, 2, or 3 bytes of
+// padding so that its value contains a multiple of 4 bytes.  The
+// padding bits are ignored, and may be any value.
+//
+// https://tools.ietf.org/html/rfc5389#section-15
+const padding = 4
+
+func nearestPaddedValueLength(l int) int {
+	n := padding * (l / padding)
+	if n < l {
+		n += padding
+	}
+	return n
+}
+
+// This method converts uint16 vlue to AttrType. If it finds an old attribute
+// type value, it also translates it to the new value to enable backward
+// compatibility. (See: https://github.com/pion/stun/issues/21)
+func compatAttrType(val uint16) AttrType {
+	if val == 0x8020 { // draft-ietf-behave-rfc3489bis-02, MS-TURN
+		return AttrXORMappedAddress // new: 0x0020 (from draft-ietf-behave-rfc3489bis-03 on)
+	}
+	return AttrType(val)
+}
diff --git a/server/vendor/github.com/pion/stun/attributes_debug.go b/server/vendor/github.com/pion/stun/attributes_debug.go
new file mode 100644
index 0000000..836d79f
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/attributes_debug.go
@@ -0,0 +1,37 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build debug
+// +build debug
+
+package stun
+
+import "fmt"
+
+// AttrOverflowErr occurs when len(v) > Max.
+type AttrOverflowErr struct {
+	Type AttrType
+	Max  int
+	Got  int
+}
+
+func (e AttrOverflowErr) Error() string {
+	return fmt.Sprintf("incorrect length of %s attribute: %d exceeds maximum %d",
+		e.Type, e.Got, e.Max,
+	)
+}
+
+// AttrLengthErr means that length for attribute is invalid.
+type AttrLengthErr struct {
+	Attr     AttrType
+	Got      int
+	Expected int
+}
+
+func (e AttrLengthErr) Error() string {
+	return fmt.Sprintf("incorrect length of %s attribute: got %d, expected %d",
+		e.Attr,
+		e.Got,
+		e.Expected,
+	)
+}
diff --git a/server/vendor/github.com/pion/stun/checks.go b/server/vendor/github.com/pion/stun/checks.go
new file mode 100644
index 0000000..6b678a0
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/checks.go
@@ -0,0 +1,53 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !debug
+// +build !debug
+
+package stun
+
+import (
+	"errors"
+
+	"github.com/pion/stun/internal/hmac"
+)
+
+// CheckSize returns ErrAttrSizeInvalid if got is not equal to expected.
+func CheckSize(_ AttrType, got, expected int) error {
+	if got == expected {
+		return nil
+	}
+	return ErrAttributeSizeInvalid
+}
+
+func checkHMAC(got, expected []byte) error {
+	if hmac.Equal(got, expected) {
+		return nil
+	}
+	return ErrIntegrityMismatch
+}
+
+func checkFingerprint(got, expected uint32) error {
+	if got == expected {
+		return nil
+	}
+	return ErrFingerprintMismatch
+}
+
+// IsAttrSizeInvalid returns true if error means that attribute size is invalid.
+func IsAttrSizeInvalid(err error) bool {
+	return errors.Is(err, ErrAttributeSizeInvalid)
+}
+
+// CheckOverflow returns ErrAttributeSizeOverflow if got is bigger that max.
+func CheckOverflow(_ AttrType, got, max int) error {
+	if got <= max {
+		return nil
+	}
+	return ErrAttributeSizeOverflow
+}
+
+// IsAttrSizeOverflow returns true if error means that attribute size is too big.
+func IsAttrSizeOverflow(err error) bool {
+	return errors.Is(err, ErrAttributeSizeOverflow)
+}
diff --git a/server/vendor/github.com/pion/stun/checks_debug.go b/server/vendor/github.com/pion/stun/checks_debug.go
new file mode 100644
index 0000000..0b5c67c
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/checks_debug.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build debug
+// +build debug
+
+package stun
+
+import "github.com/pion/stun/internal/hmac"
+
+// CheckSize returns *AttrLengthError if got is not equal to expected.
+func CheckSize(a AttrType, got, expected int) error {
+	if got == expected {
+		return nil
+	}
+	return &AttrLengthErr{
+		Got:      got,
+		Expected: expected,
+		Attr:     a,
+	}
+}
+
+func checkHMAC(got, expected []byte) error {
+	if hmac.Equal(got, expected) {
+		return nil
+	}
+	return &IntegrityErr{
+		Expected: expected,
+		Actual:   got,
+	}
+}
+
+func checkFingerprint(got, expected uint32) error {
+	if got == expected {
+		return nil
+	}
+	return &CRCMismatch{
+		Actual:   got,
+		Expected: expected,
+	}
+}
+
+// IsAttrSizeInvalid returns true if error means that attribute size is invalid.
+func IsAttrSizeInvalid(err error) bool {
+	_, ok := err.(*AttrLengthErr)
+	return ok
+}
+
+// CheckOverflow returns *AttrOverflowErr if got is bigger that max.
+func CheckOverflow(t AttrType, got, max int) error {
+	if got <= max {
+		return nil
+	}
+	return &AttrOverflowErr{
+		Type: t,
+		Got:  got,
+		Max:  max,
+	}
+}
+
+// IsAttrSizeOverflow returns true if error means that attribute size is too big.
+func IsAttrSizeOverflow(err error) bool {
+	_, ok := err.(*AttrOverflowErr)
+	return ok
+}
diff --git a/server/vendor/github.com/pion/stun/client.go b/server/vendor/github.com/pion/stun/client.go
new file mode 100644
index 0000000..5d02e51
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/client.go
@@ -0,0 +1,722 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"io"
+	"log"
+	"net"
+	"runtime"
+	"strconv"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/dtls/v2"
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/stdnet"
+)
+
+// ErrUnsupportedURI is an error thrown if the user passes an unsupported STUN or TURN URI
+var ErrUnsupportedURI = fmt.Errorf("invalid schema or transport")
+
+// Dial connects to the address on the named network and then
+// initializes Client on that connection, returning error if any.
+func Dial(network, address string) (*Client, error) {
+	conn, err := net.Dial(network, address)
+	if err != nil {
+		return nil, err
+	}
+	return NewClient(conn)
+}
+
+// DialConfig is used to pass configuration to DialURI()
+type DialConfig struct {
+	DTLSConfig dtls.Config
+	TLSConfig  tls.Config
+
+	Net transport.Net
+}
+
+// DialURI connect to the STUN/TURN URI and then
+// initializes Client on that connection, returning error if any.
+func DialURI(uri *URI, cfg *DialConfig) (*Client, error) {
+	var conn Connection
+	var err error
+
+	nw := cfg.Net
+	if nw == nil {
+		nw, err = stdnet.NewNet()
+		if err != nil {
+			return nil, fmt.Errorf("failed to create net: %w", err)
+		}
+	}
+
+	addr := net.JoinHostPort(uri.Host, strconv.Itoa(uri.Port))
+
+	switch {
+	case uri.Scheme == SchemeTypeSTUN:
+		if conn, err = nw.Dial("udp", addr); err != nil {
+			return nil, fmt.Errorf("failed to listen: %w", err)
+		}
+
+	case uri.Scheme == SchemeTypeTURN:
+		network := "udp" //nolint:goconst
+		if uri.Proto == ProtoTypeTCP {
+			network = "tcp" //nolint:goconst
+		}
+
+		if conn, err = nw.Dial(network, addr); err != nil {
+			return nil, fmt.Errorf("failed to dial: %w", err)
+		}
+
+	case uri.Scheme == SchemeTypeTURNS && uri.Proto == ProtoTypeUDP:
+		dtlsCfg := cfg.DTLSConfig // Copy
+		dtlsCfg.ServerName = uri.Host
+
+		udpConn, err := nw.Dial("udp", addr)
+		if err != nil {
+			return nil, fmt.Errorf("failed to dial: %w", err)
+		}
+
+		if conn, err = dtls.Client(udpConn, &dtlsCfg); err != nil {
+			return nil, fmt.Errorf("failed to connect to '%s': %w", addr, err)
+		}
+
+	case (uri.Scheme == SchemeTypeTURNS || uri.Scheme == SchemeTypeSTUNS) && uri.Proto == ProtoTypeTCP:
+		tlsCfg := cfg.TLSConfig //nolint:govet
+		tlsCfg.ServerName = uri.Host
+
+		tcpConn, err := nw.Dial("tcp", addr)
+		if err != nil {
+			return nil, fmt.Errorf("failed to dial: %w", err)
+		}
+
+		conn = tls.Client(tcpConn, &tlsCfg)
+
+	default:
+		return nil, ErrUnsupportedURI
+	}
+
+	return NewClient(conn)
+}
+
+// ErrNoConnection means that ClientOptions.Connection is nil.
+var ErrNoConnection = errors.New("no connection provided")
+
+// ClientOption sets some client option.
+type ClientOption func(c *Client)
+
+// WithHandler sets client handler which is called if Agent emits the Event
+// with TransactionID that is not currently registered by Client.
+// Useful for handling Data indications from TURN server.
+func WithHandler(h Handler) ClientOption {
+	return func(c *Client) {
+		c.handler = h
+	}
+}
+
+// WithRTO sets client RTO as defined in STUN RFC.
+func WithRTO(rto time.Duration) ClientOption {
+	return func(c *Client) {
+		c.rto = int64(rto)
+	}
+}
+
+// WithClock sets Clock of client, the source of current time.
+// Also clock is passed to default collector if set.
+func WithClock(clock Clock) ClientOption {
+	return func(c *Client) {
+		c.clock = clock
+	}
+}
+
+// WithTimeoutRate sets RTO timer minimum resolution.
+func WithTimeoutRate(d time.Duration) ClientOption {
+	return func(c *Client) {
+		c.rtoRate = d
+	}
+}
+
+// WithAgent sets client STUN agent.
+//
+// Defaults to agent implementation in current package,
+// see agent.go.
+func WithAgent(a ClientAgent) ClientOption {
+	return func(c *Client) {
+		c.a = a
+	}
+}
+
+// WithCollector rests client timeout collector, the implementation
+// of ticker which calls function on each tick.
+func WithCollector(coll Collector) ClientOption {
+	return func(c *Client) {
+		c.collector = coll
+	}
+}
+
+// WithNoConnClose prevents client from closing underlying connection when
+// the Close() method is called.
+func WithNoConnClose() ClientOption {
+	return func(c *Client) {
+		c.closeConn = false
+	}
+}
+
+// WithNoRetransmit disables retransmissions and sets RTO to
+// defaultMaxAttempts * defaultRTO which will be effectively time out
+// if not set.
+//
+// Useful for TCP connections where transport handles RTO.
+func WithNoRetransmit(c *Client) {
+	c.maxAttempts = 0
+	if c.rto == 0 {
+		c.rto = defaultMaxAttempts * int64(defaultRTO)
+	}
+}
+
+const (
+	defaultTimeoutRate = time.Millisecond * 5
+	defaultRTO         = time.Millisecond * 300
+	defaultMaxAttempts = 7
+)
+
+// NewClient initializes new Client from provided options,
+// starting internal goroutines and using default options fields
+// if necessary. Call Close method after using Client to close conn and
+// release resources.
+//
+// The conn will be closed on Close call. Use WithNoConnClose option to
+// prevent that.
+//
+// Note that user should handle the protocol multiplexing, client does not
+// provide any API for it, so if you need to read application data, wrap the
+// connection with your (de-)multiplexer and pass the wrapper as conn.
+func NewClient(conn Connection, options ...ClientOption) (*Client, error) {
+	c := &Client{
+		close:       make(chan struct{}),
+		c:           conn,
+		clock:       systemClock(),
+		rto:         int64(defaultRTO),
+		rtoRate:     defaultTimeoutRate,
+		t:           make(map[transactionID]*clientTransaction, 100),
+		maxAttempts: defaultMaxAttempts,
+		closeConn:   true,
+	}
+	for _, o := range options {
+		o(c)
+	}
+	if c.c == nil {
+		return nil, ErrNoConnection
+	}
+	if c.a == nil {
+		c.a = NewAgent(nil)
+	}
+	if err := c.a.SetHandler(c.handleAgentCallback); err != nil {
+		return nil, err
+	}
+	if c.collector == nil {
+		c.collector = &tickerCollector{
+			close: make(chan struct{}),
+			clock: c.clock,
+		}
+	}
+	if err := c.collector.Start(c.rtoRate, func(t time.Time) {
+		closedOrPanic(c.a.Collect(t))
+	}); err != nil {
+		return nil, err
+	}
+	c.wg.Add(1)
+	go c.readUntilClosed()
+	runtime.SetFinalizer(c, clientFinalizer)
+	return c, nil
+}
+
+func clientFinalizer(c *Client) {
+	if c == nil {
+		return
+	}
+	err := c.Close()
+	if errors.Is(err, ErrClientClosed) {
+		return
+	}
+	if err == nil {
+		log.Println("client: called finalizer on non-closed client") // nolint
+		return
+	}
+	log.Println("client: called finalizer on non-closed client:", err) // nolint
+}
+
+// Connection wraps Reader, Writer and Closer interfaces.
+type Connection interface {
+	io.Reader
+	io.Writer
+	io.Closer
+}
+
+// ClientAgent is Agent implementation that is used by Client to
+// process transactions.
+type ClientAgent interface {
+	Process(*Message) error
+	Close() error
+	Start(id [TransactionIDSize]byte, deadline time.Time) error
+	Stop(id [TransactionIDSize]byte) error
+	Collect(time.Time) error
+	SetHandler(h Handler) error
+}
+
+// Client simulates "connection" to STUN server.
+type Client struct {
+	rto         int64 // time.Duration
+	a           ClientAgent
+	c           Connection
+	close       chan struct{}
+	rtoRate     time.Duration
+	maxAttempts int32
+	closed      bool
+	closeConn   bool // should call c.Close() while closing
+	wg          sync.WaitGroup
+	clock       Clock
+	handler     Handler
+	collector   Collector
+	t           map[transactionID]*clientTransaction
+
+	// mux guards closed and t
+	mux sync.RWMutex
+}
+
+// clientTransaction represents transaction in progress.
+// If transaction is succeed or failed, f will be called
+// provided by event.
+// Concurrent access is invalid.
+type clientTransaction struct {
+	id      transactionID
+	attempt int32
+	calls   int32
+	h       Handler
+	start   time.Time
+	rto     time.Duration
+	raw     []byte
+}
+
+func (t *clientTransaction) handle(e Event) {
+	if atomic.AddInt32(&t.calls, 1) == 1 {
+		t.h(e)
+	}
+}
+
+var clientTransactionPool = &sync.Pool{ //nolint:gochecknoglobals
+	New: func() interface{} {
+		return &clientTransaction{
+			raw: make([]byte, 1500),
+		}
+	},
+}
+
+func acquireClientTransaction() *clientTransaction {
+	return clientTransactionPool.Get().(*clientTransaction) //nolint:forcetypeassert
+}
+
+func putClientTransaction(t *clientTransaction) {
+	t.raw = t.raw[:0]
+	t.start = time.Time{}
+	t.attempt = 0
+	t.id = transactionID{}
+	clientTransactionPool.Put(t)
+}
+
+func (t *clientTransaction) nextTimeout(now time.Time) time.Time {
+	return now.Add(time.Duration(t.attempt+1) * t.rto)
+}
+
+// start registers transaction.
+//
+// Could return ErrClientClosed, ErrTransactionExists.
+func (c *Client) start(t *clientTransaction) error {
+	c.mux.Lock()
+	defer c.mux.Unlock()
+	if c.closed {
+		return ErrClientClosed
+	}
+	_, exists := c.t[t.id]
+	if exists {
+		return ErrTransactionExists
+	}
+	c.t[t.id] = t
+	return nil
+}
+
+// Clock abstracts the source of current time.
+type Clock interface {
+	Now() time.Time
+}
+
+type systemClockService struct{}
+
+func (systemClockService) Now() time.Time { return time.Now() }
+
+func systemClock() systemClockService {
+	return systemClockService{}
+}
+
+// SetRTO sets current RTO value.
+func (c *Client) SetRTO(rto time.Duration) {
+	atomic.StoreInt64(&c.rto, int64(rto))
+}
+
+// StopErr occurs when Client fails to stop transaction while
+// processing error.
+//
+//nolint:errname
+type StopErr struct {
+	Err   error // value returned by Stop()
+	Cause error // error that caused Stop() call
+}
+
+func (e StopErr) Error() string {
+	return fmt.Sprintf("error while stopping due to %s: %s", sprintErr(e.Cause), sprintErr(e.Err))
+}
+
+// CloseErr indicates client close failure.
+//
+//nolint:errname
+type CloseErr struct {
+	AgentErr      error
+	ConnectionErr error
+}
+
+func sprintErr(err error) string {
+	if err == nil {
+		return "<nil>" //nolint:goconst
+	}
+	return err.Error()
+}
+
+func (c CloseErr) Error() string {
+	return fmt.Sprintf("failed to close: %s (connection), %s (agent)", sprintErr(c.ConnectionErr), sprintErr(c.AgentErr))
+}
+
+func (c *Client) readUntilClosed() {
+	defer c.wg.Done()
+	m := new(Message)
+	m.Raw = make([]byte, 1024)
+	for {
+		select {
+		case <-c.close:
+			return
+		default:
+		}
+		_, err := m.ReadFrom(c.c)
+		if err == nil {
+			if pErr := c.a.Process(m); errors.Is(pErr, ErrAgentClosed) {
+				return
+			}
+		}
+	}
+}
+
+func closedOrPanic(err error) {
+	if err == nil || errors.Is(err, ErrAgentClosed) {
+		return
+	}
+	panic(err) //nolint
+}
+
+type tickerCollector struct {
+	close chan struct{}
+	wg    sync.WaitGroup
+	clock Clock
+}
+
+// Collector calls function f with constant rate.
+//
+// The simple Collector is ticker which calls function on each tick.
+type Collector interface {
+	Start(rate time.Duration, f func(now time.Time)) error
+	Close() error
+}
+
+func (a *tickerCollector) Start(rate time.Duration, f func(now time.Time)) error {
+	t := time.NewTicker(rate)
+	a.wg.Add(1)
+	go func() {
+		defer a.wg.Done()
+		for {
+			select {
+			case <-a.close:
+				t.Stop()
+				return
+			case <-t.C:
+				f(a.clock.Now())
+			}
+		}
+	}()
+	return nil
+}
+
+func (a *tickerCollector) Close() error {
+	close(a.close)
+	a.wg.Wait()
+	return nil
+}
+
+// ErrClientClosed indicates that client is closed.
+var ErrClientClosed = errors.New("client is closed")
+
+// Close stops internal connection and agent, returning CloseErr on error.
+func (c *Client) Close() error {
+	if err := c.checkInit(); err != nil {
+		return err
+	}
+	c.mux.Lock()
+	if c.closed {
+		c.mux.Unlock()
+		return ErrClientClosed
+	}
+	c.closed = true
+	c.mux.Unlock()
+	if closeErr := c.collector.Close(); closeErr != nil {
+		return closeErr
+	}
+	var connErr error
+	agentErr := c.a.Close()
+	if c.closeConn {
+		connErr = c.c.Close()
+	}
+	close(c.close)
+	c.wg.Wait()
+	if agentErr == nil && connErr == nil {
+		return nil
+	}
+	return CloseErr{
+		AgentErr:      agentErr,
+		ConnectionErr: connErr,
+	}
+}
+
+// Indicate sends indication m to server. Shorthand to Start call
+// with zero deadline and callback.
+func (c *Client) Indicate(m *Message) error {
+	return c.Start(m, nil)
+}
+
+// callbackWaitHandler blocks on wait() call until callback is called.
+type callbackWaitHandler struct {
+	handler   Handler
+	callback  func(event Event)
+	cond      *sync.Cond
+	processed bool
+}
+
+func (s *callbackWaitHandler) HandleEvent(e Event) {
+	s.cond.L.Lock()
+	if s.callback == nil {
+		panic("s.callback is nil") //nolint
+	}
+	s.callback(e)
+	s.processed = true
+	s.cond.Broadcast()
+	s.cond.L.Unlock()
+}
+
+func (s *callbackWaitHandler) wait() {
+	s.cond.L.Lock()
+	for !s.processed {
+		s.cond.Wait()
+	}
+	s.processed = false
+	s.callback = nil
+	s.cond.L.Unlock()
+}
+
+func (s *callbackWaitHandler) setCallback(f func(event Event)) {
+	if f == nil {
+		panic("f is nil") //nolint
+	}
+	s.cond.L.Lock()
+	s.callback = f
+	if s.handler == nil {
+		s.handler = s.HandleEvent
+	}
+	s.cond.L.Unlock()
+}
+
+var callbackWaitHandlerPool = sync.Pool{ //nolint:gochecknoglobals
+	New: func() interface{} {
+		return &callbackWaitHandler{
+			cond: sync.NewCond(new(sync.Mutex)),
+		}
+	},
+}
+
+// ErrClientNotInitialized means that client connection or agent is nil.
+var ErrClientNotInitialized = errors.New("client not initialized")
+
+func (c *Client) checkInit() error {
+	if c == nil || c.c == nil || c.a == nil || c.close == nil {
+		return ErrClientNotInitialized
+	}
+	return nil
+}
+
+// Do is Start wrapper that waits until callback is called. If no callback
+// provided, Indicate is called instead.
+//
+// Do has cpu overhead due to blocking, see BenchmarkClient_Do.
+// Use Start method for less overhead.
+func (c *Client) Do(m *Message, f func(Event)) error {
+	if err := c.checkInit(); err != nil {
+		return err
+	}
+	if f == nil {
+		return c.Indicate(m)
+	}
+	h := callbackWaitHandlerPool.Get().(*callbackWaitHandler) //nolint:forcetypeassert
+	h.setCallback(f)
+	defer func() {
+		callbackWaitHandlerPool.Put(h)
+	}()
+	if err := c.Start(m, h.handler); err != nil {
+		return err
+	}
+	h.wait()
+	return nil
+}
+
+func (c *Client) delete(id transactionID) {
+	c.mux.Lock()
+	if c.t != nil {
+		delete(c.t, id)
+	}
+	c.mux.Unlock()
+}
+
+type buffer struct {
+	buf []byte
+}
+
+var bufferPool = &sync.Pool{ //nolint:gochecknoglobals
+	New: func() interface{} {
+		return &buffer{buf: make([]byte, 2048)}
+	},
+}
+
+func (c *Client) handleAgentCallback(e Event) {
+	c.mux.Lock()
+	if c.closed {
+		c.mux.Unlock()
+		return
+	}
+	t, found := c.t[e.TransactionID]
+	if found {
+		delete(c.t, t.id)
+	}
+	c.mux.Unlock()
+	if !found {
+		if c.handler != nil && !errors.Is(e.Error, ErrTransactionStopped) {
+			c.handler(e)
+		}
+		// Ignoring.
+		return
+	}
+	if atomic.LoadInt32(&c.maxAttempts) <= t.attempt || e.Error == nil {
+		// Transaction completed.
+		t.handle(e)
+		putClientTransaction(t)
+		return
+	}
+	// Doing re-transmission.
+	t.attempt++
+	b := bufferPool.Get().(*buffer) //nolint:forcetypeassert
+	b.buf = b.buf[:copy(b.buf[:cap(b.buf)], t.raw)]
+	defer bufferPool.Put(b)
+	var (
+		now     = c.clock.Now()
+		timeOut = t.nextTimeout(now)
+		id      = t.id
+	)
+	// Starting client transaction.
+	if startErr := c.start(t); startErr != nil {
+		c.delete(id)
+		e.Error = startErr
+		t.handle(e)
+		putClientTransaction(t)
+		return
+	}
+	// Starting agent transaction.
+	if startErr := c.a.Start(id, timeOut); startErr != nil {
+		c.delete(id)
+		e.Error = startErr
+		t.handle(e)
+		putClientTransaction(t)
+		return
+	}
+	// Writing message to connection again.
+	_, writeErr := c.c.Write(b.buf)
+	if writeErr != nil {
+		c.delete(id)
+		e.Error = writeErr
+		// Stopping agent transaction instead of waiting until it's deadline.
+		// This will call handleAgentCallback with "ErrTransactionStopped" error
+		// which will be ignored.
+		if stopErr := c.a.Stop(id); stopErr != nil {
+			// Failed to stop agent transaction. Wrapping the error in StopError.
+			e.Error = StopErr{
+				Err:   stopErr,
+				Cause: writeErr,
+			}
+		}
+		t.handle(e)
+		putClientTransaction(t)
+		return
+	}
+}
+
+// Start starts transaction (if h set) and writes message to server, handler
+// is called asynchronously.
+func (c *Client) Start(m *Message, h Handler) error {
+	if err := c.checkInit(); err != nil {
+		return err
+	}
+	c.mux.RLock()
+	closed := c.closed
+	c.mux.RUnlock()
+	if closed {
+		return ErrClientClosed
+	}
+	if h != nil {
+		// Starting transaction only if h is set. Useful for indications.
+		t := acquireClientTransaction()
+		t.id = m.TransactionID
+		t.start = c.clock.Now()
+		t.h = h
+		t.rto = time.Duration(atomic.LoadInt64(&c.rto))
+		t.attempt = 0
+		t.raw = append(t.raw[:0], m.Raw...)
+		t.calls = 0
+		d := t.nextTimeout(t.start)
+		if err := c.start(t); err != nil {
+			return err
+		}
+		if err := c.a.Start(m.TransactionID, d); err != nil {
+			return err
+		}
+	}
+	_, err := m.WriteTo(c.c)
+	if err != nil && h != nil {
+		c.delete(m.TransactionID)
+		// Stopping transaction instead of waiting until deadline.
+		if stopErr := c.a.Stop(m.TransactionID); stopErr != nil {
+			return StopErr{
+				Err:   stopErr,
+				Cause: err,
+			}
+		}
+	}
+	return err
+}
diff --git a/server/vendor/github.com/pion/stun/codecov.yml b/server/vendor/github.com/pion/stun/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/stun/errorcode.go b/server/vendor/github.com/pion/stun/errorcode.go
new file mode 100644
index 0000000..c852eed
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/errorcode.go
@@ -0,0 +1,162 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"errors"
+	"fmt"
+	"io"
+)
+
+// ErrorCodeAttribute represents ERROR-CODE attribute.
+//
+// RFC 5389 Section 15.6
+type ErrorCodeAttribute struct {
+	Code   ErrorCode
+	Reason []byte
+}
+
+func (c ErrorCodeAttribute) String() string {
+	return fmt.Sprintf("%d: %s", c.Code, c.Reason)
+}
+
+// constants for ERROR-CODE encoding.
+const (
+	errorCodeReasonStart = 4
+	errorCodeClassByte   = 2
+	errorCodeNumberByte  = 3
+	errorCodeReasonMaxB  = 763
+	errorCodeModulo      = 100
+)
+
+// AddTo adds ERROR-CODE to m.
+func (c ErrorCodeAttribute) AddTo(m *Message) error {
+	value := make([]byte, 0, errorCodeReasonStart+errorCodeReasonMaxB)
+	if err := CheckOverflow(AttrErrorCode,
+		len(c.Reason)+errorCodeReasonStart,
+		errorCodeReasonMaxB+errorCodeReasonStart,
+	); err != nil {
+		return err
+	}
+	value = value[:errorCodeReasonStart+len(c.Reason)]
+	number := byte(c.Code % errorCodeModulo) // error code modulo 100
+	class := byte(c.Code / errorCodeModulo)  // hundred digit
+	value[errorCodeClassByte] = class
+	value[errorCodeNumberByte] = number
+	copy(value[errorCodeReasonStart:], c.Reason)
+	m.Add(AttrErrorCode, value)
+	return nil
+}
+
+// GetFrom decodes ERROR-CODE from m. Reason is valid until m.Raw is valid.
+func (c *ErrorCodeAttribute) GetFrom(m *Message) error {
+	v, err := m.Get(AttrErrorCode)
+	if err != nil {
+		return err
+	}
+	if len(v) < errorCodeReasonStart {
+		return io.ErrUnexpectedEOF
+	}
+	var (
+		class  = uint16(v[errorCodeClassByte])
+		number = uint16(v[errorCodeNumberByte])
+		code   = int(class*errorCodeModulo + number)
+	)
+	c.Code = ErrorCode(code)
+	c.Reason = v[errorCodeReasonStart:]
+	return nil
+}
+
+// ErrorCode is code for ERROR-CODE attribute.
+type ErrorCode int
+
+// ErrNoDefaultReason means that default reason for provided error code
+// is not defined in RFC.
+var ErrNoDefaultReason = errors.New("no default reason for ErrorCode")
+
+// AddTo adds ERROR-CODE with default reason to m. If there
+// is no default reason, returns ErrNoDefaultReason.
+func (c ErrorCode) AddTo(m *Message) error {
+	reason := errorReasons[c]
+	if reason == nil {
+		return ErrNoDefaultReason
+	}
+	a := &ErrorCodeAttribute{
+		Code:   c,
+		Reason: reason,
+	}
+	return a.AddTo(m)
+}
+
+// Possible error codes.
+const (
+	CodeTryAlternate     ErrorCode = 300
+	CodeBadRequest       ErrorCode = 400
+	CodeUnauthorized     ErrorCode = 401
+	CodeUnknownAttribute ErrorCode = 420
+	CodeStaleNonce       ErrorCode = 438
+	CodeRoleConflict     ErrorCode = 487
+	CodeServerError      ErrorCode = 500
+)
+
+// DEPRECATED constants.
+const (
+	// DEPRECATED, use CodeUnauthorized.
+	CodeUnauthorised = CodeUnauthorized
+)
+
+// Error codes from RFC 5766.
+//
+// RFC 5766 Section 15
+const (
+	CodeForbidden             ErrorCode = 403 // Forbidden
+	CodeAllocMismatch         ErrorCode = 437 // Allocation Mismatch
+	CodeWrongCredentials      ErrorCode = 441 // Wrong Credentials
+	CodeUnsupportedTransProto ErrorCode = 442 // Unsupported Transport Protocol
+	CodeAllocQuotaReached     ErrorCode = 486 // Allocation Quota Reached
+	CodeInsufficientCapacity  ErrorCode = 508 // Insufficient Capacity
+)
+
+// Error codes from RFC 6062.
+//
+// RFC 6062 Section 6.3
+const (
+	CodeConnAlreadyExists    ErrorCode = 446
+	CodeConnTimeoutOrFailure ErrorCode = 447
+)
+
+// Error codes from RFC 6156.
+//
+// RFC 6156 Section 10.2
+const (
+	CodeAddrFamilyNotSupported ErrorCode = 440 // Address Family not Supported
+	CodePeerAddrFamilyMismatch ErrorCode = 443 // Peer Address Family Mismatch
+)
+
+//nolint:gochecknoglobals
+var errorReasons = map[ErrorCode][]byte{
+	CodeTryAlternate:     []byte("Try Alternate"),
+	CodeBadRequest:       []byte("Bad Request"),
+	CodeUnauthorized:     []byte("Unauthorized"),
+	CodeUnknownAttribute: []byte("Unknown Attribute"),
+	CodeStaleNonce:       []byte("Stale Nonce"),
+	CodeServerError:      []byte("Server Error"),
+	CodeRoleConflict:     []byte("Role Conflict"),
+
+	// RFC 5766.
+	CodeForbidden:             []byte("Forbidden"),
+	CodeAllocMismatch:         []byte("Allocation Mismatch"),
+	CodeWrongCredentials:      []byte("Wrong Credentials"),
+	CodeUnsupportedTransProto: []byte("Unsupported Transport Protocol"),
+	CodeAllocQuotaReached:     []byte("Allocation Quota Reached"),
+	CodeInsufficientCapacity:  []byte("Insufficient Capacity"),
+
+	// RFC 6062.
+	CodeConnAlreadyExists:    []byte("Connection Already Exists"),
+	CodeConnTimeoutOrFailure: []byte("Connection Timeout or Failure"),
+
+	// RFC 6156.
+	CodeAddrFamilyNotSupported: []byte("Address Family not Supported"),
+	CodePeerAddrFamilyMismatch: []byte("Peer Address Family Mismatch"),
+}
diff --git a/server/vendor/github.com/pion/stun/errors.go b/server/vendor/github.com/pion/stun/errors.go
new file mode 100644
index 0000000..d5f59ed
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/errors.go
@@ -0,0 +1,66 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import "errors"
+
+// DecodeErr records an error and place when it is occurred.
+//
+//nolint:errname
+type DecodeErr struct {
+	Place   DecodeErrPlace
+	Message string
+}
+
+// IsInvalidCookie returns true if error means that magic cookie
+// value is invalid.
+func (e DecodeErr) IsInvalidCookie() bool {
+	return e.Place == DecodeErrPlace{"message", "cookie"}
+}
+
+// IsPlaceParent reports if error place parent is p.
+func (e DecodeErr) IsPlaceParent(p string) bool {
+	return e.Place.Parent == p
+}
+
+// IsPlaceChildren reports if error place children is c.
+func (e DecodeErr) IsPlaceChildren(c string) bool {
+	return e.Place.Children == c
+}
+
+// IsPlace reports if error place is p.
+func (e DecodeErr) IsPlace(p DecodeErrPlace) bool {
+	return e.Place == p
+}
+
+// DecodeErrPlace records a place where error is occurred.
+type DecodeErrPlace struct {
+	Parent   string
+	Children string
+}
+
+func (p DecodeErrPlace) String() string {
+	return p.Parent + "/" + p.Children
+}
+
+func (e DecodeErr) Error() string {
+	return "BadFormat for " + e.Place.String() + ": " + e.Message
+}
+
+func newDecodeErr(parent, children, message string) *DecodeErr {
+	return &DecodeErr{
+		Place:   DecodeErrPlace{Parent: parent, Children: children},
+		Message: message,
+	}
+}
+
+func newAttrDecodeErr(children, message string) *DecodeErr {
+	return newDecodeErr("attribute", children, message)
+}
+
+// ErrAttributeSizeInvalid means that decoded attribute size is invalid.
+var ErrAttributeSizeInvalid = errors.New("attribute size is invalid")
+
+// ErrAttributeSizeOverflow means that decoded attribute size is too big.
+var ErrAttributeSizeOverflow = errors.New("attribute size overflow")
diff --git a/server/vendor/github.com/pion/stun/fingerprint.go b/server/vendor/github.com/pion/stun/fingerprint.go
new file mode 100644
index 0000000..b4126d2
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/fingerprint.go
@@ -0,0 +1,70 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"errors"
+	"hash/crc32"
+)
+
+// FingerprintAttr represents FINGERPRINT attribute.
+//
+// RFC 5389 Section 15.5
+type FingerprintAttr struct{}
+
+// ErrFingerprintMismatch means that computed fingerprint differs from expected.
+var ErrFingerprintMismatch = errors.New("fingerprint check failed")
+
+// Fingerprint is shorthand for FingerprintAttr.
+//
+// Example:
+//
+//	m := New()
+//	Fingerprint.AddTo(m)
+var Fingerprint FingerprintAttr //nolint:gochecknoglobals
+
+const (
+	fingerprintXORValue uint32 = 0x5354554e //nolint:staticcheck
+	fingerprintSize            = 4          // 32 bit
+)
+
+// FingerprintValue returns CRC-32 of b XOR-ed by 0x5354554e.
+//
+// The value of the attribute is computed as the CRC-32 of the STUN message
+// up to (but excluding) the FINGERPRINT attribute itself, XOR'ed with
+// the 32-bit value 0x5354554e (the XOR helps in cases where an
+// application packet is also using CRC-32 in it).
+func FingerprintValue(b []byte) uint32 {
+	return crc32.ChecksumIEEE(b) ^ fingerprintXORValue // XOR
+}
+
+// AddTo adds fingerprint to message.
+func (FingerprintAttr) AddTo(m *Message) error {
+	l := m.Length
+	// length in header should include size of fingerprint attribute
+	m.Length += fingerprintSize + attributeHeaderSize // increasing length
+	m.WriteLength()                                   // writing Length to Raw
+	b := make([]byte, fingerprintSize)
+	val := FingerprintValue(m.Raw)
+	bin.PutUint32(b, val)
+	m.Length = l
+	m.Add(AttrFingerprint, b)
+	return nil
+}
+
+// Check reads fingerprint value from m and checks it, returning error if any.
+// Can return *AttrLengthErr, ErrAttributeNotFound, and *CRCMismatch.
+func (FingerprintAttr) Check(m *Message) error {
+	b, err := m.Get(AttrFingerprint)
+	if err != nil {
+		return err
+	}
+	if err = CheckSize(AttrFingerprint, len(b), fingerprintSize); err != nil {
+		return err
+	}
+	val := bin.Uint32(b)
+	attrStart := len(m.Raw) - (fingerprintSize + attributeHeaderSize)
+	expected := FingerprintValue(m.Raw[:attrStart])
+	return checkFingerprint(val, expected)
+}
diff --git a/server/vendor/github.com/pion/stun/fingerprint_debug.go b/server/vendor/github.com/pion/stun/fingerprint_debug.go
new file mode 100644
index 0000000..0e3471d
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/fingerprint_debug.go
@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build debug
+// +build debug
+
+package stun
+
+import "fmt"
+
+// CRCMismatch represents CRC check error.
+type CRCMismatch struct {
+	Expected uint32
+	Actual   uint32
+}
+
+func (m CRCMismatch) Error() string {
+	return fmt.Sprintf("CRC mismatch: %x (expected) != %x (actual)",
+		m.Expected,
+		m.Actual,
+	)
+}
diff --git a/server/vendor/github.com/pion/stun/helpers.go b/server/vendor/github.com/pion/stun/helpers.go
new file mode 100644
index 0000000..d405650
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/helpers.go
@@ -0,0 +1,109 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+// Interfaces that are implemented by message attributes, shorthands for them,
+// or helpers for message fields as type or transaction id.
+type (
+	// Setter sets *Message attribute.
+	Setter interface {
+		AddTo(m *Message) error
+	}
+	// Getter parses attribute from *Message.
+	Getter interface {
+		GetFrom(m *Message) error
+	}
+	// Checker checks *Message attribute.
+	Checker interface {
+		Check(m *Message) error
+	}
+)
+
+// Build resets message and applies setters to it in batch, returning on
+// first error. To prevent allocations, pass pointers to values.
+//
+// Example:
+//
+//	var (
+//		t        = BindingRequest
+//		username = NewUsername("username")
+//		nonce    = NewNonce("nonce")
+//		realm    = NewRealm("example.org")
+//	)
+//	m := new(Message)
+//	m.Build(t, username, nonce, realm)     // 4 allocations
+//	m.Build(&t, &username, &nonce, &realm) // 0 allocations
+//
+// See BenchmarkBuildOverhead.
+func (m *Message) Build(setters ...Setter) error {
+	m.Reset()
+	m.WriteHeader()
+	for _, s := range setters {
+		if err := s.AddTo(m); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Check applies checkers to message in batch, returning on first error.
+func (m *Message) Check(checkers ...Checker) error {
+	for _, c := range checkers {
+		if err := c.Check(m); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Parse applies getters to message in batch, returning on first error.
+func (m *Message) Parse(getters ...Getter) error {
+	for _, c := range getters {
+		if err := c.GetFrom(m); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// MustBuild wraps Build call and panics on error.
+func MustBuild(setters ...Setter) *Message {
+	m, err := Build(setters...)
+	if err != nil {
+		panic(err) //nolint
+	}
+	return m
+}
+
+// Build wraps Message.Build method.
+func Build(setters ...Setter) (*Message, error) {
+	m := new(Message)
+	if err := m.Build(setters...); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+// ForEach is helper that iterates over message attributes allowing to call
+// Getter in f callback to get all attributes of type t and returning on first
+// f error.
+//
+// The m.Get method inside f will be returning next attribute on each f call.
+// Does not error if there are no results.
+func (m *Message) ForEach(t AttrType, f func(m *Message) error) error {
+	attrs := m.Attributes
+	defer func() {
+		m.Attributes = attrs
+	}()
+	for i, a := range attrs {
+		if a.Type != t {
+			continue
+		}
+		m.Attributes = attrs[i:]
+		if err := f(m); err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/stun/integrity.go b/server/vendor/github.com/pion/stun/integrity.go
new file mode 100644
index 0000000..0fee0b0
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/integrity.go
@@ -0,0 +1,126 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import ( //nolint:gci
+	"crypto/md5"  //nolint:gosec
+	"crypto/sha1" //nolint:gosec
+	"errors"
+	"fmt"
+	"strings"
+
+	"github.com/pion/stun/internal/hmac"
+)
+
+// separator for credentials.
+const credentialsSep = ":"
+
+// NewLongTermIntegrity returns new MessageIntegrity with key for long-term
+// credentials. Password, username, and realm must be SASL-prepared.
+func NewLongTermIntegrity(username, realm, password string) MessageIntegrity {
+	k := strings.Join([]string{username, realm, password}, credentialsSep)
+	h := md5.New() //nolint:gosec
+	fmt.Fprint(h, k)
+	return MessageIntegrity(h.Sum(nil))
+}
+
+// NewShortTermIntegrity returns new MessageIntegrity with key for short-term
+// credentials. Password must be SASL-prepared.
+func NewShortTermIntegrity(password string) MessageIntegrity {
+	return MessageIntegrity(password)
+}
+
+// MessageIntegrity represents MESSAGE-INTEGRITY attribute.
+//
+// AddTo and Check methods are using zero-allocation version of hmac, see
+// newHMAC function and internal/hmac/pool.go.
+//
+// RFC 5389 Section 15.4
+type MessageIntegrity []byte
+
+func newHMAC(key, message, buf []byte) []byte {
+	mac := hmac.AcquireSHA1(key)
+	writeOrPanic(mac, message)
+	defer hmac.PutSHA1(mac)
+	return mac.Sum(buf)
+}
+
+func (i MessageIntegrity) String() string {
+	return fmt.Sprintf("KEY: 0x%x", []byte(i))
+}
+
+const messageIntegritySize = 20
+
+// ErrFingerprintBeforeIntegrity means that FINGERPRINT attribute is already in
+// message, so MESSAGE-INTEGRITY attribute cannot be added.
+var ErrFingerprintBeforeIntegrity = errors.New("FINGERPRINT before MESSAGE-INTEGRITY attribute")
+
+// AddTo adds MESSAGE-INTEGRITY attribute to message.
+//
+// CPU costly, see BenchmarkMessageIntegrity_AddTo.
+func (i MessageIntegrity) AddTo(m *Message) error {
+	for _, a := range m.Attributes {
+		// Message should not contain FINGERPRINT attribute
+		// before MESSAGE-INTEGRITY.
+		if a.Type == AttrFingerprint {
+			return ErrFingerprintBeforeIntegrity
+		}
+	}
+	// The text used as input to HMAC is the STUN message,
+	// including the header, up to and including the attribute preceding the
+	// MESSAGE-INTEGRITY attribute.
+	length := m.Length
+	// Adjusting m.Length to contain MESSAGE-INTEGRITY TLV.
+	m.Length += messageIntegritySize + attributeHeaderSize
+	m.WriteLength()                            // writing length to m.Raw
+	v := newHMAC(i, m.Raw, m.Raw[len(m.Raw):]) // calculating HMAC for adjusted m.Raw
+	m.Length = length                          // changing m.Length back
+
+	// Copy hmac value to temporary variable to protect it from resetting
+	// while processing m.Add call.
+	vBuf := make([]byte, sha1.Size)
+	copy(vBuf, v)
+
+	m.Add(AttrMessageIntegrity, vBuf)
+	return nil
+}
+
+// ErrIntegrityMismatch means that computed HMAC differs from expected.
+var ErrIntegrityMismatch = errors.New("integrity check failed")
+
+// Check checks MESSAGE-INTEGRITY attribute.
+//
+// CPU costly, see BenchmarkMessageIntegrity_Check.
+func (i MessageIntegrity) Check(m *Message) error {
+	v, err := m.Get(AttrMessageIntegrity)
+	if err != nil {
+		return err
+	}
+
+	// Adjusting length in header to match m.Raw that was
+	// used when computing HMAC.
+	var (
+		length         = m.Length
+		afterIntegrity = false
+		sizeReduced    int
+	)
+	for _, a := range m.Attributes {
+		if afterIntegrity {
+			sizeReduced += nearestPaddedValueLength(int(a.Length))
+			sizeReduced += attributeHeaderSize
+		}
+		if a.Type == AttrMessageIntegrity {
+			afterIntegrity = true
+		}
+	}
+	m.Length -= uint32(sizeReduced)
+	m.WriteLength()
+	// startOfHMAC should be first byte of integrity attribute.
+	startOfHMAC := messageHeaderSize + m.Length - (attributeHeaderSize + messageIntegritySize)
+	b := m.Raw[:startOfHMAC] // data before integrity attribute
+	expected := newHMAC(i, b, m.Raw[len(m.Raw):])
+	m.Length = length
+	m.WriteLength() // writing length back
+	return checkHMAC(v, expected)
+}
diff --git a/server/vendor/github.com/pion/stun/integrity_debug.go b/server/vendor/github.com/pion/stun/integrity_debug.go
new file mode 100644
index 0000000..27fd0e2
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/integrity_debug.go
@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build debug
+// +build debug
+
+package stun
+
+import "fmt"
+
+// IntegrityErr occurs when computed HMAC differs from expected.
+type IntegrityErr struct {
+	Expected []byte
+	Actual   []byte
+}
+
+func (i *IntegrityErr) Error() string {
+	return fmt.Sprintf(
+		"Integrity check failed: 0x%x (expected) !- 0x%x (actual)",
+		i.Expected, i.Actual,
+	)
+}
diff --git a/server/vendor/github.com/pion/stun/internal/hmac/hmac.go b/server/vendor/github.com/pion/stun/internal/hmac/hmac.go
new file mode 100644
index 0000000..b4db5c9
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/internal/hmac/hmac.go
@@ -0,0 +1,156 @@
+// SPDX-FileCopyrightText: 2009 The Go Authors. All rights reserved.
+// SPDX-License-Identifier: BSD-3-Clause
+
+/*
+Package hmac implements the Keyed-Hash Message Authentication Code (HMAC) as
+defined in U.S. Federal Information Processing Standards Publication 198.
+An HMAC is a cryptographic hash that uses a key to sign a message.
+The receiver verifies the hash by recomputing it using the same key.
+
+Receivers should be careful to use Equal to compare MACs in order to avoid
+timing side-channels:
+
+	// ValidMAC reports whether messageMAC is a valid HMAC tag for message.
+	func ValidMAC(message, messageMAC, key []byte) bool {
+		mac := hmac.New(sha256.New, key)
+		mac.Write(message)
+		expectedMAC := mac.Sum(nil)
+		return hmac.Equal(messageMAC, expectedMAC)
+	}
+*/
+package hmac
+
+import (
+	"crypto/subtle"
+	"hash"
+)
+
+// FIPS 198-1:
+// https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf
+
+// key is zero padded to the block size of the hash function
+// ipad = 0x36 byte repeated for key length
+// opad = 0x5c byte repeated for key length
+// hmac = H([key ^ opad] H([key ^ ipad] text))
+
+// Marshalable is the combination of encoding.BinaryMarshaler and
+// encoding.BinaryUnmarshaler. Their method definitions are repeated here to
+// avoid a dependency on the encoding package.
+type marshalable interface {
+	MarshalBinary() ([]byte, error)
+	UnmarshalBinary([]byte) error
+}
+
+type hmac struct {
+	opad, ipad   []byte
+	outer, inner hash.Hash
+
+	// If marshaled is true, then opad and ipad do not contain a padded
+	// copy of the key, but rather the marshaled state of outer/inner after
+	// opad/ipad has been fed into it.
+	marshaled bool
+}
+
+func (h *hmac) Sum(in []byte) []byte {
+	origLen := len(in)
+	in = h.inner.Sum(in)
+
+	if h.marshaled {
+		if err := h.outer.(marshalable).UnmarshalBinary(h.opad); err != nil { //nolint:forcetypeassert
+			panic(err) //nolint
+		}
+	} else {
+		h.outer.Reset()
+		h.outer.Write(h.opad) //nolint:errcheck,gosec
+	}
+	h.outer.Write(in[origLen:]) //nolint:errcheck,gosec
+	return h.outer.Sum(in[:origLen])
+}
+
+func (h *hmac) Write(p []byte) (n int, err error) {
+	return h.inner.Write(p)
+}
+
+func (h *hmac) Size() int      { return h.outer.Size() }
+func (h *hmac) BlockSize() int { return h.inner.BlockSize() }
+
+func (h *hmac) Reset() {
+	if h.marshaled {
+		if err := h.inner.(marshalable).UnmarshalBinary(h.ipad); err != nil { //nolint:forcetypeassert
+			panic(err) //nolint
+		}
+		return
+	}
+
+	h.inner.Reset()
+	h.inner.Write(h.ipad) //nolint:errcheck,gosec
+
+	// If the underlying hash is marshalable, we can save some time by
+	// saving a copy of the hash state now, and restoring it on future
+	// calls to Reset and Sum instead of writing ipad/opad every time.
+	//
+	// If either hash is unmarshalable for whatever reason,
+	// it's safe to bail out here.
+	marshalableInner, innerOK := h.inner.(marshalable)
+	if !innerOK {
+		return
+	}
+	marshalableOuter, outerOK := h.outer.(marshalable)
+	if !outerOK {
+		return
+	}
+
+	imarshal, err := marshalableInner.MarshalBinary()
+	if err != nil {
+		return
+	}
+
+	h.outer.Reset()
+	h.outer.Write(h.opad) //nolint:errcheck,gosec
+	omarshal, err := marshalableOuter.MarshalBinary()
+	if err != nil {
+		return
+	}
+
+	// Marshaling succeeded; save the marshaled state for later
+	h.ipad = imarshal
+	h.opad = omarshal
+	h.marshaled = true
+}
+
+// New returns a new HMAC hash using the given hash.Hash type and key.
+// Note that unlike other hash implementations in the standard library,
+// the returned Hash does not implement encoding.BinaryMarshaler
+// or encoding.BinaryUnmarshaler.
+func New(h func() hash.Hash, key []byte) hash.Hash {
+	hm := new(hmac)
+	hm.outer = h()
+	hm.inner = h()
+	blocksize := hm.inner.BlockSize()
+	hm.ipad = make([]byte, blocksize)
+	hm.opad = make([]byte, blocksize)
+	if len(key) > blocksize {
+		// If key is too big, hash it.
+		hm.outer.Write(key) //nolint:errcheck,gosec
+		key = hm.outer.Sum(nil)
+	}
+	copy(hm.ipad, key)
+	copy(hm.opad, key)
+	for i := range hm.ipad {
+		hm.ipad[i] ^= 0x36
+	}
+	for i := range hm.opad {
+		hm.opad[i] ^= 0x5c
+	}
+	hm.inner.Write(hm.ipad) //nolint:errcheck,gosec
+
+	return hm
+}
+
+// Equal compares two MACs for equality without leaking timing information.
+func Equal(mac1, mac2 []byte) bool {
+	// We don't have to be constant time if the lengths of the MACs are
+	// different as that suggests that a completely different hash function
+	// was used.
+	return subtle.ConstantTimeCompare(mac1, mac2) == 1
+}
diff --git a/server/vendor/github.com/pion/stun/internal/hmac/pool.go b/server/vendor/github.com/pion/stun/internal/hmac/pool.go
new file mode 100644
index 0000000..d2ac14a
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/internal/hmac/pool.go
@@ -0,0 +1,92 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package hmac
+
+import ( //nolint:gci
+	"crypto/sha1" //nolint:gosec
+	"crypto/sha256"
+	"hash"
+	"sync"
+)
+
+func (h *hmac) resetTo(key []byte) {
+	h.outer.Reset()
+	h.inner.Reset()
+	blocksize := h.inner.BlockSize()
+
+	// Reset size and zero of ipad and opad.
+	h.ipad = append(h.ipad[:0], make([]byte, blocksize)...)
+	h.opad = append(h.opad[:0], make([]byte, blocksize)...)
+
+	if len(key) > blocksize {
+		// If key is too big, hash it.
+		h.outer.Write(key) //nolint:errcheck,gosec
+		key = h.outer.Sum(nil)
+	}
+	copy(h.ipad, key)
+	copy(h.opad, key)
+	for i := range h.ipad {
+		h.ipad[i] ^= 0x36
+	}
+	for i := range h.opad {
+		h.opad[i] ^= 0x5c
+	}
+	h.inner.Write(h.ipad) //nolint:errcheck,gosec
+
+	h.marshaled = false
+}
+
+var hmacSHA1Pool = &sync.Pool{ //nolint:gochecknoglobals
+	New: func() interface{} {
+		h := New(sha1.New, make([]byte, sha1.BlockSize))
+		return h
+	},
+}
+
+// AcquireSHA1 returns new HMAC from pool.
+func AcquireSHA1(key []byte) hash.Hash {
+	h := hmacSHA1Pool.Get().(*hmac) //nolint:forcetypeassert
+	assertHMACSize(h, sha1.Size, sha1.BlockSize)
+	h.resetTo(key)
+	return h
+}
+
+// PutSHA1 puts h to pool.
+func PutSHA1(h hash.Hash) {
+	hm := h.(*hmac) //nolint:forcetypeassert
+	assertHMACSize(hm, sha1.Size, sha1.BlockSize)
+	hmacSHA1Pool.Put(hm)
+}
+
+var hmacSHA256Pool = &sync.Pool{ //nolint:gochecknoglobals
+	New: func() interface{} {
+		h := New(sha256.New, make([]byte, sha256.BlockSize))
+		return h
+	},
+}
+
+// AcquireSHA256 returns new HMAC from SHA256 pool.
+func AcquireSHA256(key []byte) hash.Hash {
+	h := hmacSHA256Pool.Get().(*hmac) //nolint:forcetypeassert
+	assertHMACSize(h, sha256.Size, sha256.BlockSize)
+	h.resetTo(key)
+	return h
+}
+
+// PutSHA256 puts h to SHA256 pool.
+func PutSHA256(h hash.Hash) {
+	hm := h.(*hmac) //nolint:forcetypeassert
+	assertHMACSize(hm, sha256.Size, sha256.BlockSize)
+	hmacSHA256Pool.Put(hm)
+}
+
+// assertHMACSize panics if h.size != size or h.blocksize != blocksize.
+//
+// Put and Acquire functions are internal functions to project, so
+// checking it via such assert is optimal.
+func assertHMACSize(h *hmac, size, blocksize int) { //nolint:unparam
+	if h.Size() != size || h.BlockSize() != blocksize {
+		panic("BUG: hmac size invalid") //nolint
+	}
+}
diff --git a/server/vendor/github.com/pion/stun/internal/hmac/vendor.sh b/server/vendor/github.com/pion/stun/internal/hmac/vendor.sh
new file mode 100644
index 0000000..190d2b9
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/internal/hmac/vendor.sh
@@ -0,0 +1,7 @@
+#!/bin/env bash
+
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+cp -v $GOROOT/src/crypto/hmac/{hmac,hmac_test}.go .
+git diff {hmac,hmac_test}.go
diff --git a/server/vendor/github.com/pion/stun/message.go b/server/vendor/github.com/pion/stun/message.go
new file mode 100644
index 0000000..6a828d6
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/message.go
@@ -0,0 +1,622 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"io"
+)
+
+const (
+	// magicCookie is fixed value that aids in distinguishing STUN packets
+	// from packets of other protocols when STUN is multiplexed with those
+	// other protocols on the same Port.
+	//
+	// The magic cookie field MUST contain the fixed value 0x2112A442 in
+	// network byte order.
+	//
+	// Defined in "STUN Message Structure", section 6.
+	magicCookie         = 0x2112A442
+	attributeHeaderSize = 4
+	messageHeaderSize   = 20
+
+	// TransactionIDSize is length of transaction id array (in bytes).
+	TransactionIDSize = 12 // 96 bit
+)
+
+// NewTransactionID returns new random transaction ID using crypto/rand
+// as source.
+func NewTransactionID() (b [TransactionIDSize]byte) {
+	readFullOrPanic(rand.Reader, b[:])
+	return b
+}
+
+// IsMessage returns true if b looks like STUN message.
+// Useful for multiplexing. IsMessage does not guarantee
+// that decoding will be successful.
+func IsMessage(b []byte) bool {
+	return len(b) >= messageHeaderSize && bin.Uint32(b[4:8]) == magicCookie
+}
+
+// New returns *Message with pre-allocated Raw.
+func New() *Message {
+	const defaultRawCapacity = 120
+	return &Message{
+		Raw: make([]byte, messageHeaderSize, defaultRawCapacity),
+	}
+}
+
+// ErrDecodeToNil occurs on Decode(data, nil) call.
+var ErrDecodeToNil = errors.New("attempt to decode to nil message")
+
+// Decode decodes Message from data to m, returning error if any.
+func Decode(data []byte, m *Message) error {
+	if m == nil {
+		return ErrDecodeToNil
+	}
+	m.Raw = append(m.Raw[:0], data...)
+	return m.Decode()
+}
+
+// Message represents a single STUN packet. It uses aggressive internal
+// buffering to enable zero-allocation encoding and decoding,
+// so there are some usage constraints:
+//
+//	Message, its fields, results of m.Get or any attribute a.GetFrom
+//	are valid only until Message.Raw is not modified.
+type Message struct {
+	Type          MessageType
+	Length        uint32 // len(Raw) not including header
+	TransactionID [TransactionIDSize]byte
+	Attributes    Attributes
+	Raw           []byte
+}
+
+// MarshalBinary implements the encoding.BinaryMarshaler interface.
+func (m Message) MarshalBinary() (data []byte, err error) {
+	// We can't return m.Raw, allocation is expected by implicit interface
+	// contract induced by other implementations.
+	b := make([]byte, len(m.Raw))
+	copy(b, m.Raw)
+	return b, nil
+}
+
+// UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.
+func (m *Message) UnmarshalBinary(data []byte) error {
+	// We can't retain data, copy is expected by interface contract.
+	m.Raw = append(m.Raw[:0], data...)
+	return m.Decode()
+}
+
+// GobEncode implements the gob.GobEncoder interface.
+func (m Message) GobEncode() ([]byte, error) {
+	return m.MarshalBinary()
+}
+
+// GobDecode implements the gob.GobDecoder interface.
+func (m *Message) GobDecode(data []byte) error {
+	return m.UnmarshalBinary(data)
+}
+
+// AddTo sets b.TransactionID to m.TransactionID.
+//
+// Implements Setter to aid in crafting responses.
+func (m *Message) AddTo(b *Message) error {
+	b.TransactionID = m.TransactionID
+	b.WriteTransactionID()
+	return nil
+}
+
+// NewTransactionID sets m.TransactionID to random value from crypto/rand
+// and returns error if any.
+func (m *Message) NewTransactionID() error {
+	_, err := io.ReadFull(rand.Reader, m.TransactionID[:])
+	if err == nil {
+		m.WriteTransactionID()
+	}
+	return err
+}
+
+func (m *Message) String() string {
+	tID := base64.StdEncoding.EncodeToString(m.TransactionID[:])
+	aInfo := ""
+	for k, a := range m.Attributes {
+		aInfo += fmt.Sprintf("attr%d=%s ", k, a.Type)
+	}
+	return fmt.Sprintf("%s l=%d attrs=%d id=%s, %s", m.Type, m.Length, len(m.Attributes), tID, aInfo)
+}
+
+// Reset resets Message, attributes and underlying buffer length.
+func (m *Message) Reset() {
+	m.Raw = m.Raw[:0]
+	m.Length = 0
+	m.Attributes = m.Attributes[:0]
+}
+
+// grow ensures that internal buffer has n length.
+func (m *Message) grow(n int) {
+	if len(m.Raw) >= n {
+		return
+	}
+	if cap(m.Raw) >= n {
+		m.Raw = m.Raw[:n]
+		return
+	}
+	m.Raw = append(m.Raw, make([]byte, n-len(m.Raw))...)
+}
+
+// Add appends new attribute to message. Not goroutine-safe.
+//
+// Value of attribute is copied to internal buffer so
+// it is safe to reuse v.
+func (m *Message) Add(t AttrType, v []byte) {
+	// Allocating buffer for TLV (type-length-value).
+	// T = t, L = len(v), V = v.
+	// m.Raw will look like:
+	// [0:20]                               <- message header
+	// [20:20+m.Length]                     <- existing message attributes
+	// [20+m.Length:20+m.Length+len(v) + 4] <- allocated buffer for new TLV
+	// [first:last]                         <- same as previous
+	// [0 1|2 3|4    4 + len(v)]            <- mapping for allocated buffer
+	//   T   L        V
+	allocSize := attributeHeaderSize + len(v)  // ~ len(TLV) = len(TL) + len(V)
+	first := messageHeaderSize + int(m.Length) // first byte number
+	last := first + allocSize                  // last byte number
+	m.grow(last)                               // growing cap(Raw) to fit TLV
+	m.Raw = m.Raw[:last]                       // now len(Raw) = last
+	m.Length += uint32(allocSize)              // rendering length change
+
+	// Sub-slicing internal buffer to simplify encoding.
+	buf := m.Raw[first:last]           // slice for TLV
+	value := buf[attributeHeaderSize:] // slice for V
+	attr := RawAttribute{
+		Type:   t,              // T
+		Length: uint16(len(v)), // L
+		Value:  value,          // V
+	}
+
+	// Encoding attribute TLV to allocated buffer.
+	bin.PutUint16(buf[0:2], attr.Type.Value()) // T
+	bin.PutUint16(buf[2:4], attr.Length)       // L
+	copy(value, v)                             // V
+
+	// Checking that attribute value needs padding.
+	if attr.Length%padding != 0 {
+		// Performing padding.
+		bytesToAdd := nearestPaddedValueLength(len(v)) - len(v)
+		last += bytesToAdd
+		m.grow(last)
+		// setting all padding bytes to zero
+		// to prevent data leak from previous
+		// data in next bytesToAdd bytes
+		buf = m.Raw[last-bytesToAdd : last]
+		for i := range buf {
+			buf[i] = 0
+		}
+		m.Raw = m.Raw[:last]           // increasing buffer length
+		m.Length += uint32(bytesToAdd) // rendering length change
+	}
+	m.Attributes = append(m.Attributes, attr)
+	m.WriteLength()
+}
+
+func attrSliceEqual(a, b Attributes) bool {
+	for _, attr := range a {
+		found := false
+		for _, attrB := range b {
+			if attrB.Type != attr.Type {
+				continue
+			}
+			if attrB.Equal(attr) {
+				found = true
+				break
+			}
+		}
+		if !found {
+			return false
+		}
+	}
+	return true
+}
+
+func attrEqual(a, b Attributes) bool {
+	if a == nil && b == nil {
+		return true
+	}
+	if a == nil || b == nil {
+		return false
+	}
+	if len(a) != len(b) {
+		return false
+	}
+	if !attrSliceEqual(a, b) {
+		return false
+	}
+	if !attrSliceEqual(b, a) {
+		return false
+	}
+	return true
+}
+
+// Equal returns true if Message b equals to m.
+// Ignores m.Raw.
+func (m *Message) Equal(b *Message) bool {
+	if m == nil && b == nil {
+		return true
+	}
+	if m == nil || b == nil {
+		return false
+	}
+	if m.Type != b.Type {
+		return false
+	}
+	if m.TransactionID != b.TransactionID {
+		return false
+	}
+	if m.Length != b.Length {
+		return false
+	}
+	if !attrEqual(m.Attributes, b.Attributes) {
+		return false
+	}
+	return true
+}
+
+// WriteLength writes m.Length to m.Raw.
+func (m *Message) WriteLength() {
+	m.grow(4)
+	bin.PutUint16(m.Raw[2:4], uint16(m.Length))
+}
+
+// WriteHeader writes header to underlying buffer. Not goroutine-safe.
+func (m *Message) WriteHeader() {
+	m.grow(messageHeaderSize)
+	_ = m.Raw[:messageHeaderSize] // early bounds check to guarantee safety of writes below
+
+	m.WriteType()
+	m.WriteLength()
+	bin.PutUint32(m.Raw[4:8], magicCookie)               // magic cookie
+	copy(m.Raw[8:messageHeaderSize], m.TransactionID[:]) // transaction ID
+}
+
+// WriteTransactionID writes m.TransactionID to m.Raw.
+func (m *Message) WriteTransactionID() {
+	copy(m.Raw[8:messageHeaderSize], m.TransactionID[:]) // transaction ID
+}
+
+// WriteAttributes encodes all m.Attributes to m.
+func (m *Message) WriteAttributes() {
+	attributes := m.Attributes
+	m.Attributes = attributes[:0]
+	for _, a := range attributes {
+		m.Add(a.Type, a.Value)
+	}
+	m.Attributes = attributes
+}
+
+// WriteType writes m.Type to m.Raw.
+func (m *Message) WriteType() {
+	m.grow(2)
+	bin.PutUint16(m.Raw[0:2], m.Type.Value()) // message type
+}
+
+// SetType sets m.Type and writes it to m.Raw.
+func (m *Message) SetType(t MessageType) {
+	m.Type = t
+	m.WriteType()
+}
+
+// Encode re-encodes message into m.Raw.
+func (m *Message) Encode() {
+	m.Raw = m.Raw[:0]
+	m.WriteHeader()
+	m.Length = 0
+	m.WriteAttributes()
+}
+
+// WriteTo implements WriterTo via calling Write(m.Raw) on w and returning
+// call result.
+func (m *Message) WriteTo(w io.Writer) (int64, error) {
+	n, err := w.Write(m.Raw)
+	return int64(n), err
+}
+
+// ReadFrom implements ReaderFrom. Reads message from r into m.Raw,
+// Decodes it and return error if any. If m.Raw is too small, will return
+// ErrUnexpectedEOF, ErrUnexpectedHeaderEOF or *DecodeErr.
+//
+// Can return *DecodeErr while decoding too.
+func (m *Message) ReadFrom(r io.Reader) (int64, error) {
+	tBuf := m.Raw[:cap(m.Raw)]
+	var (
+		n   int
+		err error
+	)
+	if n, err = r.Read(tBuf); err != nil {
+		return int64(n), err
+	}
+	m.Raw = tBuf[:n]
+	return int64(n), m.Decode()
+}
+
+// ErrUnexpectedHeaderEOF means that there were not enough bytes in
+// m.Raw to read header.
+var ErrUnexpectedHeaderEOF = errors.New("unexpected EOF: not enough bytes to read header")
+
+// Decode decodes m.Raw into m.
+func (m *Message) Decode() error {
+	// decoding message header
+	buf := m.Raw
+	if len(buf) < messageHeaderSize {
+		return ErrUnexpectedHeaderEOF
+	}
+	var (
+		t        = bin.Uint16(buf[0:2])      // first 2 bytes
+		size     = int(bin.Uint16(buf[2:4])) // second 2 bytes
+		cookie   = bin.Uint32(buf[4:8])      // last 4 bytes
+		fullSize = messageHeaderSize + size  // len(m.Raw)
+	)
+	if cookie != magicCookie {
+		msg := fmt.Sprintf("%x is invalid magic cookie (should be %x)", cookie, magicCookie)
+		return newDecodeErr("message", "cookie", msg)
+	}
+	if len(buf) < fullSize {
+		msg := fmt.Sprintf("buffer length %d is less than %d (expected message size)", len(buf), fullSize)
+		return newAttrDecodeErr("message", msg)
+	}
+	// saving header data
+	m.Type.ReadValue(t)
+	m.Length = uint32(size)
+	copy(m.TransactionID[:], buf[8:messageHeaderSize])
+
+	m.Attributes = m.Attributes[:0]
+	var (
+		offset = 0
+		b      = buf[messageHeaderSize:fullSize]
+	)
+	for offset < size {
+		// checking that we have enough bytes to read header
+		if len(b) < attributeHeaderSize {
+			msg := fmt.Sprintf("buffer length %d is less than %d (expected header size)", len(b), attributeHeaderSize)
+			return newAttrDecodeErr("header", msg)
+		}
+		var (
+			a = RawAttribute{
+				Type:   compatAttrType(bin.Uint16(b[0:2])), // first 2 bytes
+				Length: bin.Uint16(b[2:4]),                 // second 2 bytes
+			}
+			aL     = int(a.Length)                // attribute length
+			aBuffL = nearestPaddedValueLength(aL) // expected buffer length (with padding)
+		)
+		b = b[attributeHeaderSize:] // slicing again to simplify value read
+		offset += attributeHeaderSize
+		if len(b) < aBuffL { // checking size
+			msg := fmt.Sprintf("buffer length %d is less than %d (expected value size for %s)", len(b), aBuffL, a.Type)
+			return newAttrDecodeErr("value", msg)
+		}
+		a.Value = b[:aL]
+		offset += aBuffL
+		b = b[aBuffL:]
+
+		m.Attributes = append(m.Attributes, a)
+	}
+	return nil
+}
+
+// Write decodes message and return error if any.
+//
+// Any error is unrecoverable, but message could be partially decoded.
+func (m *Message) Write(tBuf []byte) (int, error) {
+	m.Raw = append(m.Raw[:0], tBuf...)
+	return len(tBuf), m.Decode()
+}
+
+// CloneTo clones m to b securing any further m mutations.
+func (m *Message) CloneTo(b *Message) error {
+	b.Raw = append(b.Raw[:0], m.Raw...)
+	return b.Decode()
+}
+
+// MessageClass is 8-bit representation of 2-bit class of STUN Message Class.
+type MessageClass byte
+
+// Possible values for message class in STUN Message Type.
+const (
+	ClassRequest         MessageClass = 0x00 // 0b00
+	ClassIndication      MessageClass = 0x01 // 0b01
+	ClassSuccessResponse MessageClass = 0x02 // 0b10
+	ClassErrorResponse   MessageClass = 0x03 // 0b11
+)
+
+// Common STUN message types.
+var (
+	// Binding request message type.
+	BindingRequest = NewType(MethodBinding, ClassRequest) //nolint:gochecknoglobals
+	// Binding success response message type
+	BindingSuccess = NewType(MethodBinding, ClassSuccessResponse) //nolint:gochecknoglobals
+	// Binding error response message type.
+	BindingError = NewType(MethodBinding, ClassErrorResponse) //nolint:gochecknoglobals
+)
+
+func (c MessageClass) String() string {
+	switch c {
+	case ClassRequest:
+		return "request"
+	case ClassIndication:
+		return "indication"
+	case ClassSuccessResponse:
+		return "success response"
+	case ClassErrorResponse:
+		return "error response"
+	default:
+		panic("unknown message class") //nolint
+	}
+}
+
+// Method is uint16 representation of 12-bit STUN method.
+type Method uint16
+
+// Possible methods for STUN Message.
+const (
+	MethodBinding          Method = 0x001
+	MethodAllocate         Method = 0x003
+	MethodRefresh          Method = 0x004
+	MethodSend             Method = 0x006
+	MethodData             Method = 0x007
+	MethodCreatePermission Method = 0x008
+	MethodChannelBind      Method = 0x009
+)
+
+// Methods from RFC 6062.
+const (
+	MethodConnect           Method = 0x000a
+	MethodConnectionBind    Method = 0x000b
+	MethodConnectionAttempt Method = 0x000c
+)
+
+func methodName() map[Method]string {
+	return map[Method]string{
+		MethodBinding:          "Binding",
+		MethodAllocate:         "Allocate",
+		MethodRefresh:          "Refresh",
+		MethodSend:             "Send",
+		MethodData:             "Data",
+		MethodCreatePermission: "CreatePermission",
+		MethodChannelBind:      "ChannelBind",
+
+		// RFC 6062.
+		MethodConnect:           "Connect",
+		MethodConnectionBind:    "ConnectionBind",
+		MethodConnectionAttempt: "ConnectionAttempt",
+	}
+}
+
+func (m Method) String() string {
+	s, ok := methodName()[m]
+	if !ok {
+		// Falling back to hex representation.
+		s = fmt.Sprintf("0x%x", uint16(m))
+	}
+	return s
+}
+
+// MessageType is STUN Message Type Field.
+type MessageType struct {
+	Method Method       // e.g. binding
+	Class  MessageClass // e.g. request
+}
+
+// AddTo sets m type to t.
+func (t MessageType) AddTo(m *Message) error {
+	m.SetType(t)
+	return nil
+}
+
+// NewType returns new message type with provided method and class.
+func NewType(method Method, class MessageClass) MessageType {
+	return MessageType{
+		Method: method,
+		Class:  class,
+	}
+}
+
+const (
+	methodABits = 0xf   // 0b0000000000001111
+	methodBBits = 0x70  // 0b0000000001110000
+	methodDBits = 0xf80 // 0b0000111110000000
+
+	methodBShift = 1
+	methodDShift = 2
+
+	firstBit  = 0x1
+	secondBit = 0x2
+
+	c0Bit = firstBit
+	c1Bit = secondBit
+
+	classC0Shift = 4
+	classC1Shift = 7
+)
+
+// Value returns bit representation of messageType.
+func (t MessageType) Value() uint16 {
+	//	 0                 1
+	//	 2  3  4 5 6 7 8 9 0 1 2 3 4 5
+	//	+--+--+-+-+-+-+-+-+-+-+-+-+-+-+
+	//	|M |M |M|M|M|C|M|M|M|C|M|M|M|M|
+	//	|11|10|9|8|7|1|6|5|4|0|3|2|1|0|
+	//	+--+--+-+-+-+-+-+-+-+-+-+-+-+-+
+	// Figure 3: Format of STUN Message Type Field
+
+	// Warning: Abandon all hope ye who enter here.
+	// Splitting M into A(M0-M3), B(M4-M6), D(M7-M11).
+	m := uint16(t.Method)
+	a := m & methodABits // A = M * 0b0000000000001111 (right 4 bits)
+	b := m & methodBBits // B = M * 0b0000000001110000 (3 bits after A)
+	d := m & methodDBits // D = M * 0b0000111110000000 (5 bits after B)
+
+	// Shifting to add "holes" for C0 (at 4 bit) and C1 (8 bit).
+	m = a + (b << methodBShift) + (d << methodDShift)
+
+	// C0 is zero bit of C, C1 is first bit.
+	// C0 = C * 0b01, C1 = (C * 0b10) >> 1
+	// Ct = C0 << 4 + C1 << 8.
+	// Optimizations: "((C * 0b10) >> 1) << 8" as "(C * 0b10) << 7"
+	// We need C0 shifted by 4, and C1 by 8 to fit "11" and "7" positions
+	// (see figure 3).
+	c := uint16(t.Class)
+	c0 := (c & c0Bit) << classC0Shift
+	c1 := (c & c1Bit) << classC1Shift
+	class := c0 + c1
+
+	return m + class
+}
+
+// ReadValue decodes uint16 into MessageType.
+func (t *MessageType) ReadValue(v uint16) {
+	// Decoding class.
+	// We are taking first bit from v >> 4 and second from v >> 7.
+	c0 := (v >> classC0Shift) & c0Bit
+	c1 := (v >> classC1Shift) & c1Bit
+	class := c0 + c1
+	t.Class = MessageClass(class)
+
+	// Decoding method.
+	a := v & methodABits                   // A(M0-M3)
+	b := (v >> methodBShift) & methodBBits // B(M4-M6)
+	d := (v >> methodDShift) & methodDBits // D(M7-M11)
+	m := a + b + d
+	t.Method = Method(m)
+}
+
+func (t MessageType) String() string {
+	return fmt.Sprintf("%s %s", t.Method, t.Class)
+}
+
+// Contains return true if message contain t attribute.
+func (m *Message) Contains(t AttrType) bool {
+	for _, a := range m.Attributes {
+		if a.Type == t {
+			return true
+		}
+	}
+	return false
+}
+
+type transactionIDValueSetter [TransactionIDSize]byte
+
+// NewTransactionIDSetter returns new Setter that sets message transaction id
+// to provided value.
+func NewTransactionIDSetter(value [TransactionIDSize]byte) Setter {
+	return transactionIDValueSetter(value)
+}
+
+func (t transactionIDValueSetter) AddTo(m *Message) error {
+	m.TransactionID = t
+	m.WriteTransactionID()
+	return nil
+}
diff --git a/server/vendor/github.com/pion/stun/renovate.json b/server/vendor/github.com/pion/stun/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/stun/stun.go b/server/vendor/github.com/pion/stun/stun.go
new file mode 100644
index 0000000..3a7954f
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/stun.go
@@ -0,0 +1,54 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package stun implements Session Traversal Utilities for NAT (STUN) RFC 5389.
+//
+// The stun package is intended to use by package that implements extension
+// to STUN (e.g. TURN) or client/server applications.
+//
+// Most methods are designed to be zero allocations. If it is not enough,
+// low-level methods are available. On other hand, there are helpers that
+// reduce code repeat.
+//
+// See examples for Message for basic usage, or https://github.com/pion/turn
+// package for example of stun extension implementation.
+package stun
+
+import (
+	"encoding/binary"
+	"io"
+)
+
+// bin is shorthand to binary.BigEndian.
+var bin = binary.BigEndian //nolint:gochecknoglobals
+
+func readFullOrPanic(r io.Reader, v []byte) int {
+	n, err := io.ReadFull(r, v)
+	if err != nil {
+		panic(err) //nolint
+	}
+	return n
+}
+
+func writeOrPanic(w io.Writer, v []byte) int {
+	n, err := w.Write(v)
+	if err != nil {
+		panic(err) //nolint
+	}
+	return n
+}
+
+// IANA assigned ports for "stun" protocol.
+const (
+	DefaultPort    = 3478
+	DefaultTLSPort = 5349
+)
+
+type transactionIDSetter struct{}
+
+func (transactionIDSetter) AddTo(m *Message) error {
+	return m.NewTransactionID()
+}
+
+// TransactionID is Setter for m.TransactionID.
+var TransactionID Setter = transactionIDSetter{} //nolint:gochecknoglobals
diff --git a/server/vendor/github.com/pion/stun/textattrs.go b/server/vendor/github.com/pion/stun/textattrs.go
new file mode 100644
index 0000000..a98915a
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/textattrs.go
@@ -0,0 +1,132 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+// NewUsername returns Username with provided value.
+func NewUsername(username string) Username {
+	return Username(username)
+}
+
+// Username represents USERNAME attribute.
+//
+// RFC 5389 Section 15.3
+type Username []byte
+
+func (u Username) String() string {
+	return string(u)
+}
+
+const maxUsernameB = 513
+
+// AddTo adds USERNAME attribute to message.
+func (u Username) AddTo(m *Message) error {
+	return TextAttribute(u).AddToAs(m, AttrUsername, maxUsernameB)
+}
+
+// GetFrom gets USERNAME from message.
+func (u *Username) GetFrom(m *Message) error {
+	return (*TextAttribute)(u).GetFromAs(m, AttrUsername)
+}
+
+// NewRealm returns Realm with provided value.
+// Must be SASL-prepared.
+func NewRealm(realm string) Realm {
+	return Realm(realm)
+}
+
+// Realm represents REALM attribute.
+//
+// RFC 5389 Section 15.7
+type Realm []byte
+
+func (n Realm) String() string {
+	return string(n)
+}
+
+const maxRealmB = 763
+
+// AddTo adds NONCE to message.
+func (n Realm) AddTo(m *Message) error {
+	return TextAttribute(n).AddToAs(m, AttrRealm, maxRealmB)
+}
+
+// GetFrom gets REALM from message.
+func (n *Realm) GetFrom(m *Message) error {
+	return (*TextAttribute)(n).GetFromAs(m, AttrRealm)
+}
+
+const softwareRawMaxB = 763
+
+// Software is SOFTWARE attribute.
+//
+// RFC 5389 Section 15.10
+type Software []byte
+
+func (s Software) String() string {
+	return string(s)
+}
+
+// NewSoftware returns *Software from string.
+func NewSoftware(software string) Software {
+	return Software(software)
+}
+
+// AddTo adds Software attribute to m.
+func (s Software) AddTo(m *Message) error {
+	return TextAttribute(s).AddToAs(m, AttrSoftware, softwareRawMaxB)
+}
+
+// GetFrom decodes Software from m.
+func (s *Software) GetFrom(m *Message) error {
+	return (*TextAttribute)(s).GetFromAs(m, AttrSoftware)
+}
+
+// Nonce represents NONCE attribute.
+//
+// RFC 5389 Section 15.8
+type Nonce []byte
+
+// NewNonce returns new Nonce from string.
+func NewNonce(nonce string) Nonce {
+	return Nonce(nonce)
+}
+
+func (n Nonce) String() string {
+	return string(n)
+}
+
+const maxNonceB = 763
+
+// AddTo adds NONCE to message.
+func (n Nonce) AddTo(m *Message) error {
+	return TextAttribute(n).AddToAs(m, AttrNonce, maxNonceB)
+}
+
+// GetFrom gets NONCE from message.
+func (n *Nonce) GetFrom(m *Message) error {
+	return (*TextAttribute)(n).GetFromAs(m, AttrNonce)
+}
+
+// TextAttribute is helper for adding and getting text attributes.
+type TextAttribute []byte
+
+// AddToAs adds attribute with type t to m, checking maximum length. If maxLen
+// is less than 0, no check is performed.
+func (v TextAttribute) AddToAs(m *Message, t AttrType, maxLen int) error {
+	if err := CheckOverflow(t, len(v), maxLen); err != nil {
+		return err
+	}
+	m.Add(t, v)
+	return nil
+}
+
+// GetFromAs gets t attribute from m and appends its value to reseted v.
+func (v *TextAttribute) GetFromAs(m *Message, t AttrType) error {
+	a, err := m.Get(t)
+	if err != nil {
+		return err
+	}
+	*v = a
+	return nil
+}
diff --git a/server/vendor/github.com/pion/stun/uattrs.go b/server/vendor/github.com/pion/stun/uattrs.go
new file mode 100644
index 0000000..8b85d8a
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/uattrs.go
@@ -0,0 +1,66 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import "errors"
+
+// UnknownAttributes represents UNKNOWN-ATTRIBUTES attribute.
+//
+// RFC 5389 Section 15.9
+type UnknownAttributes []AttrType
+
+func (a UnknownAttributes) String() string {
+	s := ""
+	if len(a) == 0 {
+		return "<nil>"
+	}
+	last := len(a) - 1
+	for i, t := range a {
+		s += t.String()
+		if i != last {
+			s += ", "
+		}
+	}
+	return s
+}
+
+// type size is 16 bit.
+const attrTypeSize = 4
+
+// AddTo adds UNKNOWN-ATTRIBUTES attribute to message.
+func (a UnknownAttributes) AddTo(m *Message) error {
+	v := make([]byte, 0, attrTypeSize*20) // 20 should be enough
+	// If len(a.Types) > 20, there will be allocations.
+	for i, t := range a {
+		v = append(v, 0, 0, 0, 0) // 4 times by 0 (16 bits)
+		first := attrTypeSize * i
+		last := first + attrTypeSize
+		bin.PutUint16(v[first:last], t.Value())
+	}
+	m.Add(AttrUnknownAttributes, v)
+	return nil
+}
+
+// ErrBadUnknownAttrsSize means that UNKNOWN-ATTRIBUTES attribute value
+// has invalid length.
+var ErrBadUnknownAttrsSize = errors.New("bad UNKNOWN-ATTRIBUTES size")
+
+// GetFrom parses UNKNOWN-ATTRIBUTES from message.
+func (a *UnknownAttributes) GetFrom(m *Message) error {
+	v, err := m.Get(AttrUnknownAttributes)
+	if err != nil {
+		return err
+	}
+	if len(v)%attrTypeSize != 0 {
+		return ErrBadUnknownAttrsSize
+	}
+	*a = (*a)[:0]
+	first := 0
+	for first < len(v) {
+		last := first + attrTypeSize
+		*a = append(*a, AttrType(bin.Uint16(v[first:last])))
+		first = last
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/stun/uri.go b/server/vendor/github.com/pion/stun/uri.go
new file mode 100644
index 0000000..b9dab69
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/uri.go
@@ -0,0 +1,257 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"errors"
+	"net"
+	"net/url"
+	"strconv"
+)
+
+var (
+	// ErrUnknownType indicates an error with Unknown info.
+	ErrUnknownType = errors.New("Unknown")
+
+	// ErrSchemeType indicates the scheme type could not be parsed.
+	ErrSchemeType = errors.New("unknown scheme type")
+
+	// ErrSTUNQuery indicates query arguments are provided in a STUN URL.
+	ErrSTUNQuery = errors.New("queries not supported in stun address")
+
+	// ErrInvalidQuery indicates an malformed query is provided.
+	ErrInvalidQuery = errors.New("invalid query")
+
+	// ErrHost indicates malformed hostname is provided.
+	ErrHost = errors.New("invalid hostname")
+
+	// ErrPort indicates malformed port is provided.
+	ErrPort = errors.New("invalid port")
+
+	// ErrProtoType indicates an unsupported transport type was provided.
+	ErrProtoType = errors.New("invalid transport protocol type")
+)
+
+// SchemeType indicates the type of server used in the ice.URL structure.
+type SchemeType int
+
+const (
+	// SchemeTypeUnknown indicates an unknown or unsupported scheme.
+	SchemeTypeUnknown SchemeType = iota
+
+	// SchemeTypeSTUN indicates the URL represents a STUN server.
+	SchemeTypeSTUN
+
+	// SchemeTypeSTUNS indicates the URL represents a STUNS (secure) server.
+	SchemeTypeSTUNS
+
+	// SchemeTypeTURN indicates the URL represents a TURN server.
+	SchemeTypeTURN
+
+	// SchemeTypeTURNS indicates the URL represents a TURNS (secure) server.
+	SchemeTypeTURNS
+)
+
+// NewSchemeType defines a procedure for creating a new SchemeType from a raw
+// string naming the scheme type.
+func NewSchemeType(raw string) SchemeType {
+	switch raw {
+	case "stun":
+		return SchemeTypeSTUN
+	case "stuns":
+		return SchemeTypeSTUNS
+	case "turn":
+		return SchemeTypeTURN
+	case "turns":
+		return SchemeTypeTURNS
+	default:
+		return SchemeTypeUnknown
+	}
+}
+
+func (t SchemeType) String() string {
+	switch t {
+	case SchemeTypeSTUN:
+		return "stun"
+	case SchemeTypeSTUNS:
+		return "stuns"
+	case SchemeTypeTURN:
+		return "turn"
+	case SchemeTypeTURNS:
+		return "turns"
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// ProtoType indicates the transport protocol type that is used in the ice.URL
+// structure.
+type ProtoType int
+
+const (
+	// ProtoTypeUnknown indicates an unknown or unsupported protocol.
+	ProtoTypeUnknown ProtoType = iota
+
+	// ProtoTypeUDP indicates the URL uses a UDP transport.
+	ProtoTypeUDP
+
+	// ProtoTypeTCP indicates the URL uses a TCP transport.
+	ProtoTypeTCP
+)
+
+// NewProtoType defines a procedure for creating a new ProtoType from a raw
+// string naming the transport protocol type.
+func NewProtoType(raw string) ProtoType {
+	switch raw {
+	case "udp":
+		return ProtoTypeUDP
+	case "tcp":
+		return ProtoTypeTCP
+	default:
+		return ProtoTypeUnknown
+	}
+}
+
+func (t ProtoType) String() string {
+	switch t {
+	case ProtoTypeUDP:
+		return "udp"
+	case ProtoTypeTCP:
+		return "tcp"
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// URI represents a STUN (rfc7064) or TURN (rfc7065) URI
+type URI struct {
+	Scheme   SchemeType
+	Host     string
+	Port     int
+	Username string
+	Password string
+	Proto    ProtoType
+}
+
+// ParseURI parses a STUN or TURN urls following the ABNF syntax described in
+// https://tools.ietf.org/html/rfc7064 and https://tools.ietf.org/html/rfc7065
+// respectively.
+func ParseURI(raw string) (*URI, error) { //nolint:gocognit
+	rawParts, err := url.Parse(raw)
+	if err != nil {
+		return nil, err
+	}
+
+	var u URI
+	u.Scheme = NewSchemeType(rawParts.Scheme)
+	if u.Scheme == SchemeTypeUnknown {
+		return nil, ErrSchemeType
+	}
+
+	var rawPort string
+	if u.Host, rawPort, err = net.SplitHostPort(rawParts.Opaque); err != nil {
+		var e *net.AddrError
+		if errors.As(err, &e) {
+			if e.Err == "missing port in address" {
+				nextRawURL := u.Scheme.String() + ":" + rawParts.Opaque
+				switch {
+				case u.Scheme == SchemeTypeSTUN || u.Scheme == SchemeTypeTURN:
+					nextRawURL += ":3478"
+					if rawParts.RawQuery != "" {
+						nextRawURL += "?" + rawParts.RawQuery
+					}
+					return ParseURI(nextRawURL)
+				case u.Scheme == SchemeTypeSTUNS || u.Scheme == SchemeTypeTURNS:
+					nextRawURL += ":5349"
+					if rawParts.RawQuery != "" {
+						nextRawURL += "?" + rawParts.RawQuery
+					}
+					return ParseURI(nextRawURL)
+				}
+			}
+		}
+		return nil, err
+	}
+
+	if u.Host == "" {
+		return nil, ErrHost
+	}
+
+	if u.Port, err = strconv.Atoi(rawPort); err != nil {
+		return nil, ErrPort
+	}
+
+	switch u.Scheme {
+	case SchemeTypeSTUN:
+		qArgs, err := url.ParseQuery(rawParts.RawQuery)
+		if err != nil || len(qArgs) > 0 {
+			return nil, ErrSTUNQuery
+		}
+		u.Proto = ProtoTypeUDP
+	case SchemeTypeSTUNS:
+		qArgs, err := url.ParseQuery(rawParts.RawQuery)
+		if err != nil || len(qArgs) > 0 {
+			return nil, ErrSTUNQuery
+		}
+		u.Proto = ProtoTypeTCP
+	case SchemeTypeTURN:
+		proto, err := parseProto(rawParts.RawQuery)
+		if err != nil {
+			return nil, err
+		}
+
+		u.Proto = proto
+		if u.Proto == ProtoTypeUnknown {
+			u.Proto = ProtoTypeUDP
+		}
+	case SchemeTypeTURNS:
+		proto, err := parseProto(rawParts.RawQuery)
+		if err != nil {
+			return nil, err
+		}
+
+		u.Proto = proto
+		if u.Proto == ProtoTypeUnknown {
+			u.Proto = ProtoTypeTCP
+		}
+
+	case SchemeTypeUnknown:
+	}
+
+	return &u, nil
+}
+
+func parseProto(raw string) (ProtoType, error) {
+	qArgs, err := url.ParseQuery(raw)
+	if err != nil || len(qArgs) > 1 {
+		return ProtoTypeUnknown, ErrInvalidQuery
+	}
+
+	var proto ProtoType
+	if rawProto := qArgs.Get("transport"); rawProto != "" {
+		if proto = NewProtoType(rawProto); proto == ProtoType(0) {
+			return ProtoTypeUnknown, ErrProtoType
+		}
+		return proto, nil
+	}
+
+	if len(qArgs) > 0 {
+		return ProtoTypeUnknown, ErrInvalidQuery
+	}
+
+	return proto, nil
+}
+
+func (u URI) String() string {
+	rawURL := u.Scheme.String() + ":" + net.JoinHostPort(u.Host, strconv.Itoa(u.Port))
+	if u.Scheme == SchemeTypeTURN || u.Scheme == SchemeTypeTURNS {
+		rawURL += "?transport=" + u.Proto.String()
+	}
+	return rawURL
+}
+
+// IsSecure returns whether the this URL's scheme describes secure scheme or not.
+func (u URI) IsSecure() bool {
+	return u.Scheme == SchemeTypeSTUNS || u.Scheme == SchemeTypeTURNS
+}
diff --git a/server/vendor/github.com/pion/stun/xoraddr.go b/server/vendor/github.com/pion/stun/xoraddr.go
new file mode 100644
index 0000000..fc423be
--- /dev/null
+++ b/server/vendor/github.com/pion/stun/xoraddr.go
@@ -0,0 +1,150 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package stun
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"strconv"
+
+	"github.com/pion/transport/v2/utils/xor"
+)
+
+const (
+	familyIPv4 uint16 = 0x01
+	familyIPv6 uint16 = 0x02
+)
+
+// XORMappedAddress implements XOR-MAPPED-ADDRESS attribute.
+//
+// RFC 5389 Section 15.2
+type XORMappedAddress struct {
+	IP   net.IP
+	Port int
+}
+
+func (a XORMappedAddress) String() string {
+	return net.JoinHostPort(a.IP.String(), strconv.Itoa(a.Port))
+}
+
+// isIPv4 returns true if ip with len of net.IPv6Len seems to be ipv4.
+func isIPv4(ip net.IP) bool {
+	// Optimized for performance. Copied from net.IP.To4.
+	return isZeros(ip[0:10]) && ip[10] == 0xff && ip[11] == 0xff
+}
+
+// Is p all zeros?
+func isZeros(p net.IP) bool {
+	for i := 0; i < len(p); i++ {
+		if p[i] != 0 {
+			return false
+		}
+	}
+	return true
+}
+
+// ErrBadIPLength means that len(IP) is not net.{IPv6len,IPv4len}.
+var ErrBadIPLength = errors.New("invalid length of IP value")
+
+// AddToAs adds XOR-MAPPED-ADDRESS value to m as t attribute.
+func (a XORMappedAddress) AddToAs(m *Message, t AttrType) error {
+	var (
+		family = familyIPv4
+		ip     = a.IP
+	)
+	if len(a.IP) == net.IPv6len {
+		if isIPv4(ip) {
+			ip = ip[12:16] // like in ip.To4()
+		} else {
+			family = familyIPv6
+		}
+	} else if len(ip) != net.IPv4len {
+		return ErrBadIPLength
+	}
+	value := make([]byte, 32+128)
+	value[0] = 0 // first 8 bits are zeroes
+	xorValue := make([]byte, net.IPv6len)
+	copy(xorValue[4:], m.TransactionID[:])
+	bin.PutUint32(xorValue[0:4], magicCookie)
+	bin.PutUint16(value[0:2], family)
+	bin.PutUint16(value[2:4], uint16(a.Port^magicCookie>>16))
+	xor.XorBytes(value[4:4+len(ip)], ip, xorValue)
+	m.Add(t, value[:4+len(ip)])
+	return nil
+}
+
+// AddTo adds XOR-MAPPED-ADDRESS to m. Can return ErrBadIPLength
+// if len(a.IP) is invalid.
+func (a XORMappedAddress) AddTo(m *Message) error {
+	return a.AddToAs(m, AttrXORMappedAddress)
+}
+
+// GetFromAs decodes XOR-MAPPED-ADDRESS attribute value in message
+// getting it as for t type.
+func (a *XORMappedAddress) GetFromAs(m *Message, t AttrType) error {
+	v, err := m.Get(t)
+	if err != nil {
+		return err
+	}
+	family := bin.Uint16(v[0:2])
+	if family != familyIPv6 && family != familyIPv4 {
+		return newDecodeErr("xor-mapped address", "family",
+			fmt.Sprintf("bad value %d", family),
+		)
+	}
+	ipLen := net.IPv4len
+	if family == familyIPv6 {
+		ipLen = net.IPv6len
+	}
+	// Ensuring len(a.IP) == ipLen and reusing a.IP.
+	if len(a.IP) < ipLen {
+		a.IP = a.IP[:cap(a.IP)]
+		for len(a.IP) < ipLen {
+			a.IP = append(a.IP, 0)
+		}
+	}
+	a.IP = a.IP[:ipLen]
+	for i := range a.IP {
+		a.IP[i] = 0
+	}
+	if len(v) <= 4 {
+		return io.ErrUnexpectedEOF
+	}
+	if err := CheckOverflow(t, len(v[4:]), len(a.IP)); err != nil {
+		return err
+	}
+	a.Port = int(bin.Uint16(v[2:4])) ^ (magicCookie >> 16)
+	xorValue := make([]byte, 4+TransactionIDSize)
+	bin.PutUint32(xorValue[0:4], magicCookie)
+	copy(xorValue[4:], m.TransactionID[:])
+	xor.XorBytes(a.IP, v[4:], xorValue)
+	return nil
+}
+
+// GetFrom decodes XOR-MAPPED-ADDRESS attribute in message and returns
+// error if any. While decoding, a.IP is reused if possible and can be
+// rendered to invalid state (e.g. if a.IP was set to IPv6 and then
+// IPv4 value were decoded into it), be careful.
+//
+// Example:
+//
+//	expectedIP := net.ParseIP("213.141.156.236")
+//	expectedIP.String() // 213.141.156.236, 16 bytes, first 12 of them are zeroes
+//	expectedPort := 21254
+//	addr := &XORMappedAddress{
+//	  IP:   expectedIP,
+//	  Port: expectedPort,
+//	}
+//	// addr were added to message that is decoded as newMessage
+//	// ...
+//
+//	addr.GetFrom(newMessage)
+//	addr.IP.String()    // 213.141.156.236, net.IPv4Len
+//	expectedIP.String() // d58d:9cec::ffff:d58d:9cec, 16 bytes, first 4 are IPv4
+//	// now we have len(expectedIP) = 16 and len(addr.IP) = 4.
+func (a *XORMappedAddress) GetFrom(m *Message) error {
+	return a.GetFromAs(m, AttrXORMappedAddress)
+}
diff --git a/server/vendor/github.com/pion/transport/v2/.gitignore b/server/vendor/github.com/pion/transport/v2/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/transport/v2/.golangci.yml b/server/vendor/github.com/pion/transport/v2/.golangci.yml
new file mode 100644
index 0000000..4e3eddf
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/.golangci.yml
@@ -0,0 +1,137 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests, better to be self contained
+    - path: _test\.go
+      linters:
+        - gocognit
+        - forbidigo
+
+    # Allow complex main function in examples
+    - path: examples
+      text: "of func `main` is high"
+      linters:
+        - gocognit
+    
+    # Allow forbidden identifiers in examples
+    - path: examples
+      linters:
+        - forbidigo
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/transport/v2/.goreleaser.yml b/server/vendor/github.com/pion/transport/v2/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/transport/v2/AUTHORS.txt b/server/vendor/github.com/pion/transport/v2/AUTHORS.txt
new file mode 100644
index 0000000..b595c41
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/AUTHORS.txt
@@ -0,0 +1,29 @@
+# Thank you to everyone that made Pion possible. If you are interested in contributing
+# we would love to have you https://github.com/pion/webrtc/wiki/Contributing
+#
+# This file is auto generated, using git to list all individuals contributors.
+# see https://github.com/pion/.goassets/blob/master/scripts/generate-authors.sh for the scripting
+Adrian Cable <adrian.cable@gmail.com>
+Atsushi Watanabe <atsushi.w@ieee.org>
+backkem <mail@backkem.me>
+cnderrauber <zengjie9004@gmail.com>
+Daniel Mangum <georgedanielmangum@gmail.com>
+Hugo Arregui <hugo.arregui@gmail.com>
+Jeremiah Millay <jmillay@fastly.com>
+Jozef Kralik <jojo.lwin@gmail.com>
+Juliusz Chroboczek <jch@irif.fr>
+Luke Curley <kixelated@gmail.com>
+Mathis Engelbart <mathis.engelbart@gmail.com>
+OrlandoCo <luisorlando.co@gmail.com>
+Sean DuBois <duboisea@justin.tv>
+Sean DuBois <duboisea@twitch.tv>
+Sean DuBois <seaduboi@amazon.com>
+Sean DuBois <sean@siobud.com>
+Steffen Vogel <post@steffenvogel.de>
+Winlin <winlin@vip.126.com>
+Woodrow Douglass <wdouglass@carnegierobotics.com>
+Yutaka Takeda <yt0916@gmail.com>
+ZHENK <chengzhenyang@gmail.com>
+
+# List of contributors not appearing in Git history
+
diff --git a/server/vendor/github.com/pion/transport/v2/LICENSE b/server/vendor/github.com/pion/transport/v2/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/transport/v2/README.md b/server/vendor/github.com/pion/transport/v2/README.md
new file mode 100644
index 0000000..b604b10
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/README.md
@@ -0,0 +1,34 @@
+<h1 align="center">
+  <br>
+  Pion Transport
+  <br>
+</h1>
+<h4 align="center">Transport testing for Pion</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-transport-gray.svg?longCache=true&colorB=brightgreen" alt="Pion transport"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/transport/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/transport"><img src="https://pkg.go.dev/badge/github.com/pion/transport.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/transport"><img src="https://codecov.io/gh/pion/transport/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/transport"><img src="https://goreportcard.com/badge/github.com/pion/transport" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible: [AUTHORS.txt](./AUTHORS.txt)
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/transport/v2/codecov.yml b/server/vendor/github.com/pion/transport/v2/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/transport/v2/connctx/connctx.go b/server/vendor/github.com/pion/transport/v2/connctx/connctx.go
new file mode 100644
index 0000000..4869b9c
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/connctx/connctx.go
@@ -0,0 +1,177 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package connctx wraps net.Conn using context.Context.
+//
+// Deprecated: use netctx instead.
+package connctx
+
+import (
+	"context"
+	"errors"
+	"io"
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+)
+
+// ErrClosing is returned on Write to closed connection.
+var ErrClosing = errors.New("use of closed network connection")
+
+// Reader is an interface for context controlled reader.
+type Reader interface {
+	ReadContext(context.Context, []byte) (int, error)
+}
+
+// Writer is an interface for context controlled writer.
+type Writer interface {
+	WriteContext(context.Context, []byte) (int, error)
+}
+
+// ReadWriter is a composite of ReadWriter.
+type ReadWriter interface {
+	Reader
+	Writer
+}
+
+// ConnCtx is a wrapper of net.Conn using context.Context.
+type ConnCtx interface {
+	Reader
+	Writer
+	io.Closer
+	LocalAddr() net.Addr
+	RemoteAddr() net.Addr
+	Conn() net.Conn
+}
+
+type connCtx struct {
+	nextConn  net.Conn
+	closed    chan struct{}
+	closeOnce sync.Once
+	readMu    sync.Mutex
+	writeMu   sync.Mutex
+}
+
+var veryOld = time.Unix(0, 1) //nolint:gochecknoglobals
+
+// New creates a new ConnCtx wrapping given net.Conn.
+func New(conn net.Conn) ConnCtx {
+	c := &connCtx{
+		nextConn: conn,
+		closed:   make(chan struct{}),
+	}
+	return c
+}
+
+func (c *connCtx) ReadContext(ctx context.Context, b []byte) (int, error) {
+	c.readMu.Lock()
+	defer c.readMu.Unlock()
+
+	select {
+	case <-c.closed:
+		return 0, io.EOF
+	default:
+	}
+
+	done := make(chan struct{})
+	var wg sync.WaitGroup
+	var errSetDeadline atomic.Value
+	wg.Add(1)
+	go func() {
+		defer wg.Done()
+		select {
+		case <-ctx.Done():
+			// context canceled
+			if err := c.nextConn.SetReadDeadline(veryOld); err != nil {
+				errSetDeadline.Store(err)
+				return
+			}
+			<-done
+			if err := c.nextConn.SetReadDeadline(time.Time{}); err != nil {
+				errSetDeadline.Store(err)
+			}
+		case <-done:
+		}
+	}()
+
+	n, err := c.nextConn.Read(b)
+
+	close(done)
+	wg.Wait()
+	if e := ctx.Err(); e != nil && n == 0 {
+		err = e
+	}
+	if err2, ok := errSetDeadline.Load().(error); ok && err == nil && err2 != nil {
+		err = err2
+	}
+	return n, err
+}
+
+func (c *connCtx) WriteContext(ctx context.Context, b []byte) (int, error) {
+	c.writeMu.Lock()
+	defer c.writeMu.Unlock()
+
+	select {
+	case <-c.closed:
+		return 0, ErrClosing
+	default:
+	}
+
+	done := make(chan struct{})
+	var wg sync.WaitGroup
+	var errSetDeadline atomic.Value
+	wg.Add(1)
+	go func() {
+		defer wg.Done()
+		select {
+		case <-ctx.Done():
+			// context canceled
+			if err := c.nextConn.SetWriteDeadline(veryOld); err != nil {
+				errSetDeadline.Store(err)
+				return
+			}
+			<-done
+			if err := c.nextConn.SetWriteDeadline(time.Time{}); err != nil {
+				errSetDeadline.Store(err)
+			}
+		case <-done:
+		}
+	}()
+
+	n, err := c.nextConn.Write(b)
+
+	close(done)
+	wg.Wait()
+	if e := ctx.Err(); e != nil && n == 0 {
+		err = e
+	}
+	if err2, ok := errSetDeadline.Load().(error); ok && err == nil && err2 != nil {
+		err = err2
+	}
+	return n, err
+}
+
+func (c *connCtx) Close() error {
+	err := c.nextConn.Close()
+	c.closeOnce.Do(func() {
+		c.writeMu.Lock()
+		c.readMu.Lock()
+		close(c.closed)
+		c.readMu.Unlock()
+		c.writeMu.Unlock()
+	})
+	return err
+}
+
+func (c *connCtx) LocalAddr() net.Addr {
+	return c.nextConn.LocalAddr()
+}
+
+func (c *connCtx) RemoteAddr() net.Addr {
+	return c.nextConn.RemoteAddr()
+}
+
+func (c *connCtx) Conn() net.Conn {
+	return c.nextConn
+}
diff --git a/server/vendor/github.com/pion/transport/v2/connctx/pipe.go b/server/vendor/github.com/pion/transport/v2/connctx/pipe.go
new file mode 100644
index 0000000..96b802e
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/connctx/pipe.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package connctx
+
+import (
+	"net"
+)
+
+// Pipe creates piped pair of ConnCtx.
+func Pipe() (ConnCtx, ConnCtx) {
+	ca, cb := net.Pipe()
+	return New(ca), New(cb)
+}
diff --git a/server/vendor/github.com/pion/transport/v2/deadline/deadline.go b/server/vendor/github.com/pion/transport/v2/deadline/deadline.go
new file mode 100644
index 0000000..f49b908
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/deadline/deadline.go
@@ -0,0 +1,124 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package deadline provides deadline timer used to implement
+// net.Conn compatible connection
+package deadline
+
+import (
+	"context"
+	"sync"
+	"time"
+)
+
+type deadlineState uint8
+
+const (
+	deadlineStopped deadlineState = iota
+	deadlineStarted
+	deadlineExceeded
+)
+
+var _ context.Context = (*Deadline)(nil)
+
+// Deadline signals updatable deadline timer.
+// Also, it implements context.Context.
+type Deadline struct {
+	mu       sync.RWMutex
+	timer    timer
+	done     chan struct{}
+	deadline time.Time
+	state    deadlineState
+	pending  uint8
+}
+
+// New creates new deadline timer.
+func New() *Deadline {
+	return &Deadline{
+		done: make(chan struct{}),
+	}
+}
+
+func (d *Deadline) timeout() {
+	d.mu.Lock()
+	if d.pending--; d.pending != 0 || d.state != deadlineStarted {
+		d.mu.Unlock()
+		return
+	}
+
+	d.state = deadlineExceeded
+	done := d.done
+	d.mu.Unlock()
+
+	close(done)
+}
+
+// Set new deadline. Zero value means no deadline.
+func (d *Deadline) Set(t time.Time) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+
+	if d.state == deadlineStarted && d.timer.Stop() {
+		d.pending--
+	}
+
+	d.deadline = t
+	d.pending++
+
+	if d.state == deadlineExceeded {
+		d.done = make(chan struct{})
+	}
+
+	if t.IsZero() {
+		d.pending--
+		d.state = deadlineStopped
+		return
+	}
+
+	if dur := time.Until(t); dur > 0 {
+		d.state = deadlineStarted
+		if d.timer == nil {
+			d.timer = afterFunc(dur, d.timeout)
+		} else {
+			d.timer.Reset(dur)
+		}
+		return
+	}
+
+	d.pending--
+	d.state = deadlineExceeded
+	close(d.done)
+}
+
+// Done receives deadline signal.
+func (d *Deadline) Done() <-chan struct{} {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+	return d.done
+}
+
+// Err returns context.DeadlineExceeded if the deadline is exceeded.
+// Otherwise, it returns nil.
+func (d *Deadline) Err() error {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+	if d.state == deadlineExceeded {
+		return context.DeadlineExceeded
+	}
+	return nil
+}
+
+// Deadline returns current deadline.
+func (d *Deadline) Deadline() (time.Time, bool) {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+	if d.deadline.IsZero() {
+		return d.deadline, false
+	}
+	return d.deadline, true
+}
+
+// Value returns nil.
+func (d *Deadline) Value(interface{}) interface{} {
+	return nil
+}
diff --git a/server/vendor/github.com/pion/transport/v2/deadline/timer.go b/server/vendor/github.com/pion/transport/v2/deadline/timer.go
new file mode 100644
index 0000000..5a39724
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/deadline/timer.go
@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package deadline
+
+import (
+	"time"
+)
+
+type timer interface {
+	Stop() bool
+	Reset(time.Duration) bool
+}
diff --git a/server/vendor/github.com/pion/transport/v2/deadline/timer_generic.go b/server/vendor/github.com/pion/transport/v2/deadline/timer_generic.go
new file mode 100644
index 0000000..0c8f87c
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/deadline/timer_generic.go
@@ -0,0 +1,15 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package deadline
+
+import (
+	"time"
+)
+
+func afterFunc(d time.Duration, f func()) timer {
+	return time.AfterFunc(d, f)
+}
diff --git a/server/vendor/github.com/pion/transport/v2/deadline/timer_js.go b/server/vendor/github.com/pion/transport/v2/deadline/timer_js.go
new file mode 100644
index 0000000..b77e31e
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/deadline/timer_js.go
@@ -0,0 +1,67 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js
+// +build js
+
+package deadline
+
+import (
+	"sync"
+	"time"
+)
+
+// jsTimer is a timer utility for wasm with a working Reset function.
+type jsTimer struct {
+	f       func()
+	mu      sync.Mutex
+	timer   *time.Timer
+	version uint64
+	started bool
+}
+
+func afterFunc(d time.Duration, f func()) timer {
+	t := &jsTimer{f: f}
+	t.Reset(d)
+	return t
+}
+
+func (t *jsTimer) Stop() bool {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	t.version++
+	t.timer.Stop()
+
+	started := t.started
+	t.started = false
+	return started
+}
+
+func (t *jsTimer) Reset(d time.Duration) bool {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	if t.timer != nil {
+		t.timer.Stop()
+	}
+
+	t.version++
+	version := t.version
+	t.timer = time.AfterFunc(d, func() {
+		t.mu.Lock()
+		if version != t.version {
+			t.mu.Unlock()
+			return
+		}
+
+		t.started = false
+		t.mu.Unlock()
+
+		t.f()
+	})
+
+	started := t.started
+	t.started = true
+	return started
+}
diff --git a/server/vendor/github.com/pion/transport/v2/net.go b/server/vendor/github.com/pion/transport/v2/net.go
new file mode 100644
index 0000000..86d3468
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/net.go
@@ -0,0 +1,418 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package transport implements various networking related
+// functions used throughout the Pion modules.
+package transport
+
+import (
+	"errors"
+	"io"
+	"net"
+	"time"
+)
+
+var (
+	// ErrNoAddressAssigned ...
+	ErrNoAddressAssigned = errors.New("no address assigned")
+	// ErrNotSupported ...
+	ErrNotSupported = errors.New("not supported yey")
+	// ErrInterfaceNotFound ...
+	ErrInterfaceNotFound = errors.New("interface not found")
+	// ErrNotUDPAddress ...
+	ErrNotUDPAddress = errors.New("not a UDP address")
+)
+
+// Net is an interface providing common networking functions which are
+// similar to the functions provided by standard net package.
+type Net interface {
+	// ListenPacket announces on the local network address.
+	//
+	// The network must be "udp", "udp4", "udp6", "unixgram", or an IP
+	// transport. The IP transports are "ip", "ip4", or "ip6" followed by
+	// a colon and a literal protocol number or a protocol name, as in
+	// "ip:1" or "ip:icmp".
+	//
+	// For UDP and IP networks, if the host in the address parameter is
+	// empty or a literal unspecified IP address, ListenPacket listens on
+	// all available IP addresses of the local system except multicast IP
+	// addresses.
+	// To only use IPv4, use network "udp4" or "ip4:proto".
+	// The address can use a host name, but this is not recommended,
+	// because it will create a listener for at most one of the host's IP
+	// addresses.
+	// If the port in the address parameter is empty or "0", as in
+	// "127.0.0.1:" or "[::1]:0", a port number is automatically chosen.
+	// The LocalAddr method of PacketConn can be used to discover the
+	// chosen port.
+	//
+	// See func Dial for a description of the network and address
+	// parameters.
+	//
+	// ListenPacket uses context.Background internally; to specify the context, use
+	// ListenConfig.ListenPacket.
+	ListenPacket(network string, address string) (net.PacketConn, error)
+
+	// ListenUDP acts like ListenPacket for UDP networks.
+	//
+	// The network must be a UDP network name; see func Dial for details.
+	//
+	// If the IP field of laddr is nil or an unspecified IP address,
+	// ListenUDP listens on all available IP addresses of the local system
+	// except multicast IP addresses.
+	// If the Port field of laddr is 0, a port number is automatically
+	// chosen.
+	ListenUDP(network string, locAddr *net.UDPAddr) (UDPConn, error)
+
+	// ListenTCP acts like Listen for TCP networks.
+	//
+	// The network must be a TCP network name; see func Dial for details.
+	//
+	// If the IP field of laddr is nil or an unspecified IP address,
+	// ListenTCP listens on all available unicast and anycast IP addresses
+	// of the local system.
+	// If the Port field of laddr is 0, a port number is automatically
+	// chosen.
+	ListenTCP(network string, laddr *net.TCPAddr) (TCPListener, error)
+
+	// Dial connects to the address on the named network.
+	//
+	// Known networks are "tcp", "tcp4" (IPv4-only), "tcp6" (IPv6-only),
+	// "udp", "udp4" (IPv4-only), "udp6" (IPv6-only), "ip", "ip4"
+	// (IPv4-only), "ip6" (IPv6-only), "unix", "unixgram" and
+	// "unixpacket".
+	//
+	// For TCP and UDP networks, the address has the form "host:port".
+	// The host must be a literal IP address, or a host name that can be
+	// resolved to IP addresses.
+	// The port must be a literal port number or a service name.
+	// If the host is a literal IPv6 address it must be enclosed in square
+	// brackets, as in "[2001:db8::1]:80" or "[fe80::1%zone]:80".
+	// The zone specifies the scope of the literal IPv6 address as defined
+	// in RFC 4007.
+	// The functions JoinHostPort and SplitHostPort manipulate a pair of
+	// host and port in this form.
+	// When using TCP, and the host resolves to multiple IP addresses,
+	// Dial will try each IP address in order until one succeeds.
+	//
+	// Examples:
+	//
+	//	Dial("tcp", "golang.org:http")
+	//	Dial("tcp", "192.0.2.1:http")
+	//	Dial("tcp", "198.51.100.1:80")
+	//	Dial("udp", "[2001:db8::1]:domain")
+	//	Dial("udp", "[fe80::1%lo0]:53")
+	//	Dial("tcp", ":80")
+	//
+	// For IP networks, the network must be "ip", "ip4" or "ip6" followed
+	// by a colon and a literal protocol number or a protocol name, and
+	// the address has the form "host". The host must be a literal IP
+	// address or a literal IPv6 address with zone.
+	// It depends on each operating system how the operating system
+	// behaves with a non-well known protocol number such as "0" or "255".
+	//
+	// Examples:
+	//
+	//	Dial("ip4:1", "192.0.2.1")
+	//	Dial("ip6:ipv6-icmp", "2001:db8::1")
+	//	Dial("ip6:58", "fe80::1%lo0")
+	//
+	// For TCP, UDP and IP networks, if the host is empty or a literal
+	// unspecified IP address, as in ":80", "0.0.0.0:80" or "[::]:80" for
+	// TCP and UDP, "", "0.0.0.0" or "::" for IP, the local system is
+	// assumed.
+	//
+	// For Unix networks, the address must be a file system path.
+	Dial(network, address string) (net.Conn, error)
+
+	// DialUDP acts like Dial for UDP networks.
+	//
+	// The network must be a UDP network name; see func Dial for details.
+	//
+	// If laddr is nil, a local address is automatically chosen.
+	// If the IP field of raddr is nil or an unspecified IP address, the
+	// local system is assumed.
+	DialUDP(network string, laddr, raddr *net.UDPAddr) (UDPConn, error)
+
+	// DialTCP acts like Dial for TCP networks.
+	//
+	// The network must be a TCP network name; see func Dial for details.
+	//
+	// If laddr is nil, a local address is automatically chosen.
+	// If the IP field of raddr is nil or an unspecified IP address, the
+	// local system is assumed.
+	DialTCP(network string, laddr, raddr *net.TCPAddr) (TCPConn, error)
+
+	// ResolveIPAddr returns an address of IP end point.
+	//
+	// The network must be an IP network name.
+	//
+	// If the host in the address parameter is not a literal IP address,
+	// ResolveIPAddr resolves the address to an address of IP end point.
+	// Otherwise, it parses the address as a literal IP address.
+	// The address parameter can use a host name, but this is not
+	// recommended, because it will return at most one of the host name's
+	// IP addresses.
+	//
+	// See func Dial for a description of the network and address
+	// parameters.
+	ResolveIPAddr(network, address string) (*net.IPAddr, error)
+
+	// ResolveUDPAddr returns an address of UDP end point.
+	//
+	// The network must be a UDP network name.
+	//
+	// If the host in the address parameter is not a literal IP address or
+	// the port is not a literal port number, ResolveUDPAddr resolves the
+	// address to an address of UDP end point.
+	// Otherwise, it parses the address as a pair of literal IP address
+	// and port number.
+	// The address parameter can use a host name, but this is not
+	// recommended, because it will return at most one of the host name's
+	// IP addresses.
+	//
+	// See func Dial for a description of the network and address
+	// parameters.
+	ResolveUDPAddr(network, address string) (*net.UDPAddr, error)
+
+	// ResolveTCPAddr returns an address of TCP end point.
+	//
+	// The network must be a TCP network name.
+	//
+	// If the host in the address parameter is not a literal IP address or
+	// the port is not a literal port number, ResolveTCPAddr resolves the
+	// address to an address of TCP end point.
+	// Otherwise, it parses the address as a pair of literal IP address
+	// and port number.
+	// The address parameter can use a host name, but this is not
+	// recommended, because it will return at most one of the host name's
+	// IP addresses.
+	//
+	// See func Dial for a description of the network and address
+	// parameters.
+	ResolveTCPAddr(network, address string) (*net.TCPAddr, error)
+
+	// Interfaces returns a list of the system's network interfaces.
+	Interfaces() ([]*Interface, error)
+
+	// InterfaceByIndex returns the interface specified by index.
+	//
+	// On Solaris, it returns one of the logical network interfaces
+	// sharing the logical data link; for more precision use
+	// InterfaceByName.
+	InterfaceByIndex(index int) (*Interface, error)
+
+	// InterfaceByName returns the interface specified by name.
+	InterfaceByName(name string) (*Interface, error)
+
+	// The following functions are extensions to Go's standard net package
+
+	CreateDialer(dialer *net.Dialer) Dialer
+}
+
+// Dialer is identical to net.Dialer excepts that its methods
+// (Dial, DialContext) are overridden to use the Net interface.
+// Use vnet.CreateDialer() to create an instance of this Dialer.
+type Dialer interface {
+	Dial(network, address string) (net.Conn, error)
+}
+
+// UDPConn is packet-oriented connection for UDP.
+type UDPConn interface {
+	// Close closes the connection.
+	// Any blocked Read or Write operations will be unblocked and return errors.
+	Close() error
+
+	// LocalAddr returns the local network address, if known.
+	LocalAddr() net.Addr
+
+	// RemoteAddr returns the remote network address, if known.
+	RemoteAddr() net.Addr
+
+	// SetDeadline sets the read and write deadlines associated
+	// with the connection. It is equivalent to calling both
+	// SetReadDeadline and SetWriteDeadline.
+	//
+	// A deadline is an absolute time after which I/O operations
+	// fail instead of blocking. The deadline applies to all future
+	// and pending I/O, not just the immediately following call to
+	// Read or Write. After a deadline has been exceeded, the
+	// connection can be refreshed by setting a deadline in the future.
+	//
+	// If the deadline is exceeded a call to Read or Write or to other
+	// I/O methods will return an error that wraps os.ErrDeadlineExceeded.
+	// This can be tested using errors.Is(err, os.ErrDeadlineExceeded).
+	// The error's Timeout method will return true, but note that there
+	// are other possible errors for which the Timeout method will
+	// return true even if the deadline has not been exceeded.
+	//
+	// An idle timeout can be implemented by repeatedly extending
+	// the deadline after successful Read or Write calls.
+	//
+	// A zero value for t means I/O operations will not time out.
+	SetDeadline(t time.Time) error
+
+	// SetReadDeadline sets the deadline for future Read calls
+	// and any currently-blocked Read call.
+	// A zero value for t means Read will not time out.
+	SetReadDeadline(t time.Time) error
+
+	// SetWriteDeadline sets the deadline for future Write calls
+	// and any currently-blocked Write call.
+	// Even if write times out, it may return n > 0, indicating that
+	// some of the data was successfully written.
+	// A zero value for t means Write will not time out.
+	SetWriteDeadline(t time.Time) error
+
+	// SetReadBuffer sets the size of the operating system's
+	// receive buffer associated with the connection.
+	SetReadBuffer(bytes int) error
+
+	// SetWriteBuffer sets the size of the operating system's
+	// transmit buffer associated with the connection.
+	SetWriteBuffer(bytes int) error
+
+	// Read reads data from the connection.
+	// Read can be made to time out and return an error after a fixed
+	// time limit; see SetDeadline and SetReadDeadline.
+	Read(b []byte) (n int, err error)
+
+	// ReadFrom reads a packet from the connection,
+	// copying the payload into p. It returns the number of
+	// bytes copied into p and the return address that
+	// was on the packet.
+	// It returns the number of bytes read (0 <= n <= len(p))
+	// and any error encountered. Callers should always process
+	// the n > 0 bytes returned before considering the error err.
+	// ReadFrom can be made to time out and return an error after a
+	// fixed time limit; see SetDeadline and SetReadDeadline.
+	ReadFrom(p []byte) (n int, addr net.Addr, err error)
+
+	// ReadFromUDP acts like ReadFrom but returns a UDPAddr.
+	ReadFromUDP(b []byte) (n int, addr *net.UDPAddr, err error)
+
+	// ReadMsgUDP reads a message from c, copying the payload into b and
+	// the associated out-of-band data into oob. It returns the number of
+	// bytes copied into b, the number of bytes copied into oob, the flags
+	// that were set on the message and the source address of the message.
+	//
+	// The packages golang.org/x/net/ipv4 and golang.org/x/net/ipv6 can be
+	// used to manipulate IP-level socket options in oob.
+	ReadMsgUDP(b, oob []byte) (n, oobn, flags int, addr *net.UDPAddr, err error)
+
+	// Write writes data to the connection.
+	// Write can be made to time out and return an error after a fixed
+	// time limit; see SetDeadline and SetWriteDeadline.
+	Write(b []byte) (n int, err error)
+
+	// WriteTo writes a packet with payload p to addr.
+	// WriteTo can be made to time out and return an Error after a
+	// fixed time limit; see SetDeadline and SetWriteDeadline.
+	// On packet-oriented connections, write timeouts are rare.
+	WriteTo(p []byte, addr net.Addr) (n int, err error)
+
+	// WriteToUDP acts like WriteTo but takes a UDPAddr.
+	WriteToUDP(b []byte, addr *net.UDPAddr) (int, error)
+
+	// WriteMsgUDP writes a message to addr via c if c isn't connected, or
+	// to c's remote address if c is connected (in which case addr must be
+	// nil). The payload is copied from b and the associated out-of-band
+	// data is copied from oob. It returns the number of payload and
+	// out-of-band bytes written.
+	//
+	// The packages golang.org/x/net/ipv4 and golang.org/x/net/ipv6 can be
+	// used to manipulate IP-level socket options in oob.
+	WriteMsgUDP(b, oob []byte, addr *net.UDPAddr) (n, oobn int, err error)
+}
+
+// TCPConn is an interface for TCP network connections.
+type TCPConn interface {
+	net.Conn
+
+	// CloseRead shuts down the reading side of the TCP connection.
+	// Most callers should just use Close.
+	CloseRead() error
+
+	// CloseWrite shuts down the writing side of the TCP connection.
+	// Most callers should just use Close.
+	CloseWrite() error
+
+	// ReadFrom implements the io.ReaderFrom ReadFrom method.
+	ReadFrom(r io.Reader) (int64, error)
+
+	// SetLinger sets the behavior of Close on a connection which still
+	// has data waiting to be sent or to be acknowledged.
+	//
+	// If sec < 0 (the default), the operating system finishes sending the
+	// data in the background.
+	//
+	// If sec == 0, the operating system discards any unsent or
+	// unacknowledged data.
+	//
+	// If sec > 0, the data is sent in the background as with sec < 0. On
+	// some operating systems after sec seconds have elapsed any remaining
+	// unsent data may be discarded.
+	SetLinger(sec int) error
+
+	// SetKeepAlive sets whether the operating system should send
+	// keep-alive messages on the connection.
+	SetKeepAlive(keepalive bool) error
+
+	// SetKeepAlivePeriod sets period between keep-alives.
+	SetKeepAlivePeriod(d time.Duration) error
+
+	// SetNoDelay controls whether the operating system should delay
+	// packet transmission in hopes of sending fewer packets (Nagle's
+	// algorithm).  The default is true (no delay), meaning that data is
+	// sent as soon as possible after a Write.
+	SetNoDelay(noDelay bool) error
+
+	// SetWriteBuffer sets the size of the operating system's
+	// transmit buffer associated with the connection.
+	SetWriteBuffer(bytes int) error
+
+	// SetReadBuffer sets the size of the operating system's
+	// receive buffer associated with the connection.
+	SetReadBuffer(bytes int) error
+}
+
+// TCPListener is a TCP network listener. Clients should typically
+// use variables of type Listener instead of assuming TCP.
+type TCPListener interface {
+	net.Listener
+
+	// AcceptTCP accepts the next incoming call and returns the new
+	// connection.
+	AcceptTCP() (TCPConn, error)
+
+	// SetDeadline sets the deadline associated with the listener.
+	// A zero time value disables the deadline.
+	SetDeadline(t time.Time) error
+}
+
+// Interface wraps a standard net.Interfaces and its assigned addresses
+type Interface struct {
+	net.Interface
+	addrs []net.Addr
+}
+
+// NewInterface creates a new interface based of a standard net.Interface
+func NewInterface(ifc net.Interface) *Interface {
+	return &Interface{
+		Interface: ifc,
+		addrs:     nil,
+	}
+}
+
+// AddAddress adds a new address to the interface
+func (ifc *Interface) AddAddress(addr net.Addr) {
+	ifc.addrs = append(ifc.addrs, addr)
+}
+
+// Addrs returns a slice of configured addresses on the interface
+func (ifc *Interface) Addrs() ([]net.Addr, error) {
+	if len(ifc.addrs) == 0 {
+		return nil, ErrNoAddressAssigned
+	}
+	return ifc.addrs, nil
+}
diff --git a/server/vendor/github.com/pion/transport/v2/packetio/buffer.go b/server/vendor/github.com/pion/transport/v2/packetio/buffer.go
new file mode 100644
index 0000000..9f91b04
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/packetio/buffer.go
@@ -0,0 +1,335 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package packetio provides packet buffer
+package packetio
+
+import (
+	"errors"
+	"io"
+	"sync"
+	"time"
+
+	"github.com/pion/transport/v2/deadline"
+)
+
+var errPacketTooBig = errors.New("packet too big")
+
+// BufferPacketType allow the Buffer to know which packet protocol is writing.
+type BufferPacketType int
+
+const (
+	// RTPBufferPacket indicates the Buffer that is handling RTP packets
+	RTPBufferPacket BufferPacketType = 1
+	// RTCPBufferPacket indicates the Buffer that is handling RTCP packets
+	RTCPBufferPacket BufferPacketType = 2
+)
+
+// Buffer allows writing packets to an intermediate buffer, which can then be read form.
+// This is verify similar to bytes.Buffer but avoids combining multiple writes into a single read.
+type Buffer struct {
+	mutex sync.Mutex
+
+	// this is a circular buffer.  If head <= tail, then the useful
+	// data is in the interval [head, tail[.  If tail < head, then
+	// the useful data is the union of [head, len[ and [0, tail[.
+	// In order to avoid ambiguity when head = tail, we always leave
+	// an unused byte in the buffer.
+	data       []byte
+	head, tail int
+
+	notify  chan struct{}
+	waiting bool
+	closed  bool
+
+	count                 int
+	limitCount, limitSize int
+
+	readDeadline *deadline.Deadline
+}
+
+const (
+	minSize    = 2048
+	cutoffSize = 128 * 1024
+	maxSize    = 4 * 1024 * 1024
+)
+
+// NewBuffer creates a new Buffer.
+func NewBuffer() *Buffer {
+	return &Buffer{
+		notify:       make(chan struct{}, 1),
+		readDeadline: deadline.New(),
+	}
+}
+
+// available returns true if the buffer is large enough to fit a packet
+// of the given size, taking overhead into account.
+func (b *Buffer) available(size int) bool {
+	available := b.head - b.tail
+	if available <= 0 {
+		available += len(b.data)
+	}
+	// we interpret head=tail as empty, so always keep a byte free
+	if size+2+1 > available {
+		return false
+	}
+
+	return true
+}
+
+// grow increases the size of the buffer.  If it returns nil, then the
+// buffer has been grown.  It returns ErrFull if hits a limit.
+func (b *Buffer) grow() error {
+	var newSize int
+	if len(b.data) < cutoffSize {
+		newSize = 2 * len(b.data)
+	} else {
+		newSize = 5 * len(b.data) / 4
+	}
+	if newSize < minSize {
+		newSize = minSize
+	}
+	if (b.limitSize <= 0 || sizeHardLimit) && newSize > maxSize {
+		newSize = maxSize
+	}
+
+	// one byte slack
+	if b.limitSize > 0 && newSize > b.limitSize+1 {
+		newSize = b.limitSize + 1
+	}
+
+	if newSize <= len(b.data) {
+		return ErrFull
+	}
+
+	newData := make([]byte, newSize)
+
+	var n int
+	if b.head <= b.tail {
+		// data was contiguous
+		n = copy(newData, b.data[b.head:b.tail])
+	} else {
+		// data was discontinuous
+		n = copy(newData, b.data[b.head:])
+		n += copy(newData[n:], b.data[:b.tail])
+	}
+	b.head = 0
+	b.tail = n
+	b.data = newData
+
+	return nil
+}
+
+// Write appends a copy of the packet data to the buffer.
+// Returns ErrFull if the packet doesn't fit.
+//
+// Note that the packet size is limited to 65536 bytes since v0.11.0 due to the internal data structure.
+func (b *Buffer) Write(packet []byte) (int, error) {
+	if len(packet) >= 0x10000 {
+		return 0, errPacketTooBig
+	}
+
+	b.mutex.Lock()
+
+	if b.closed {
+		b.mutex.Unlock()
+		return 0, io.ErrClosedPipe
+	}
+
+	if (b.limitCount > 0 && b.count >= b.limitCount) ||
+		(b.limitSize > 0 && b.size()+2+len(packet) > b.limitSize) {
+		b.mutex.Unlock()
+		return 0, ErrFull
+	}
+
+	// grow the buffer until the packet fits
+	for !b.available(len(packet)) {
+		err := b.grow()
+		if err != nil {
+			b.mutex.Unlock()
+			return 0, err
+		}
+	}
+
+	// store the length of the packet
+	b.data[b.tail] = uint8(len(packet) >> 8)
+	b.tail++
+	if b.tail >= len(b.data) {
+		b.tail = 0
+	}
+	b.data[b.tail] = uint8(len(packet))
+	b.tail++
+	if b.tail >= len(b.data) {
+		b.tail = 0
+	}
+
+	// store the packet
+	n := copy(b.data[b.tail:], packet)
+	b.tail += n
+	if b.tail >= len(b.data) {
+		// we reached the end, wrap around
+		m := copy(b.data, packet[n:])
+		b.tail = m
+	}
+	b.count++
+
+	select {
+	case b.notify <- struct{}{}:
+	default:
+	}
+	b.mutex.Unlock()
+
+	return len(packet), nil
+}
+
+// Read populates the given byte slice, returning the number of bytes read.
+// Blocks until data is available or the buffer is closed.
+// Returns io.ErrShortBuffer is the packet is too small to copy the Write.
+// Returns io.EOF if the buffer is closed.
+func (b *Buffer) Read(packet []byte) (n int, err error) { //nolint:gocognit
+	// Return immediately if the deadline is already exceeded.
+	select {
+	case <-b.readDeadline.Done():
+		return 0, &netError{ErrTimeout, true, true}
+	default:
+	}
+
+	for {
+		b.mutex.Lock()
+
+		if b.head != b.tail {
+			// decode the packet size
+			n1 := b.data[b.head]
+			b.head++
+			if b.head >= len(b.data) {
+				b.head = 0
+			}
+			n2 := b.data[b.head]
+			b.head++
+			if b.head >= len(b.data) {
+				b.head = 0
+			}
+			count := int((uint16(n1) << 8) | uint16(n2))
+
+			// determine the number of bytes we'll actually copy
+			copied := count
+			if copied > len(packet) {
+				copied = len(packet)
+			}
+
+			// copy the data
+			if b.head+copied < len(b.data) {
+				copy(packet, b.data[b.head:b.head+copied])
+			} else {
+				k := copy(packet, b.data[b.head:])
+				copy(packet[k:], b.data[:copied-k])
+			}
+
+			// advance head, discarding any data that wasn't copied
+			b.head += count
+			if b.head >= len(b.data) {
+				b.head -= len(b.data)
+			}
+
+			if b.head == b.tail {
+				// the buffer is empty, reset to beginning
+				// in order to improve cache locality.
+				b.head = 0
+				b.tail = 0
+			}
+
+			b.count--
+			b.mutex.Unlock()
+
+			if copied < count {
+				return copied, io.ErrShortBuffer
+			}
+			return copied, nil
+		}
+
+		if b.closed {
+			b.mutex.Unlock()
+			return 0, io.EOF
+		}
+		b.mutex.Unlock()
+
+		select {
+		case <-b.readDeadline.Done():
+			return 0, &netError{ErrTimeout, true, true}
+		case <-b.notify:
+		}
+	}
+}
+
+// Close the buffer, unblocking any pending reads.
+// Data in the buffer can still be read, Read will return io.EOF only when empty.
+func (b *Buffer) Close() (err error) {
+	b.mutex.Lock()
+
+	if b.closed {
+		b.mutex.Unlock()
+		return nil
+	}
+
+	b.waiting = false
+	b.closed = true
+	close(b.notify)
+	b.mutex.Unlock()
+
+	return nil
+}
+
+// Count returns the number of packets in the buffer.
+func (b *Buffer) Count() int {
+	b.mutex.Lock()
+	defer b.mutex.Unlock()
+	return b.count
+}
+
+// SetLimitCount controls the maximum number of packets that can be buffered.
+// Causes Write to return ErrFull when this limit is reached.
+// A zero value will disable this limit.
+func (b *Buffer) SetLimitCount(limit int) {
+	b.mutex.Lock()
+	defer b.mutex.Unlock()
+
+	b.limitCount = limit
+}
+
+// Size returns the total byte size of packets in the buffer, including
+// a small amount of administrative overhead.
+func (b *Buffer) Size() int {
+	b.mutex.Lock()
+	defer b.mutex.Unlock()
+
+	return b.size()
+}
+
+func (b *Buffer) size() int {
+	size := b.tail - b.head
+	if size < 0 {
+		size += len(b.data)
+	}
+	return size
+}
+
+// SetLimitSize controls the maximum number of bytes that can be buffered.
+// Causes Write to return ErrFull when this limit is reached.
+// A zero value means 4MB since v0.11.0.
+//
+// User can set packetioSizeHardLimit build tag to enable 4MB hard limit.
+// When packetioSizeHardLimit build tag is set, SetLimitSize exceeding
+// the hard limit will be silently discarded.
+func (b *Buffer) SetLimitSize(limit int) {
+	b.mutex.Lock()
+	defer b.mutex.Unlock()
+
+	b.limitSize = limit
+}
+
+// SetReadDeadline sets the deadline for the Read operation.
+// Setting to zero means no deadline.
+func (b *Buffer) SetReadDeadline(t time.Time) error {
+	b.readDeadline.Set(t)
+	return nil
+}
diff --git a/server/vendor/github.com/pion/transport/v2/packetio/errors.go b/server/vendor/github.com/pion/transport/v2/packetio/errors.go
new file mode 100644
index 0000000..4974a10
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/packetio/errors.go
@@ -0,0 +1,30 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package packetio
+
+import (
+	"errors"
+)
+
+// netError implements net.Error
+type netError struct {
+	error
+	timeout, temporary bool
+}
+
+func (e *netError) Timeout() bool {
+	return e.timeout
+}
+
+func (e *netError) Temporary() bool {
+	return e.temporary
+}
+
+var (
+	// ErrFull is returned when the buffer has hit the configured limits.
+	ErrFull = errors.New("packetio.Buffer is full, discarding write")
+
+	// ErrTimeout is returned when a deadline has expired
+	ErrTimeout = errors.New("i/o timeout")
+)
diff --git a/server/vendor/github.com/pion/transport/v2/packetio/hardlimit.go b/server/vendor/github.com/pion/transport/v2/packetio/hardlimit.go
new file mode 100644
index 0000000..8058e47
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/packetio/hardlimit.go
@@ -0,0 +1,9 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build packetioSizeHardlimit
+// +build packetioSizeHardlimit
+
+package packetio
+
+const sizeHardLimit = true
diff --git a/server/vendor/github.com/pion/transport/v2/packetio/no_hardlimit.go b/server/vendor/github.com/pion/transport/v2/packetio/no_hardlimit.go
new file mode 100644
index 0000000..a59e259
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/packetio/no_hardlimit.go
@@ -0,0 +1,9 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !packetioSizeHardlimit
+// +build !packetioSizeHardlimit
+
+package packetio
+
+const sizeHardLimit = false
diff --git a/server/vendor/github.com/pion/transport/v2/renovate.json b/server/vendor/github.com/pion/transport/v2/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/transport/v2/replaydetector/fixedbig.go b/server/vendor/github.com/pion/transport/v2/replaydetector/fixedbig.go
new file mode 100644
index 0000000..80cb6b3
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/replaydetector/fixedbig.go
@@ -0,0 +1,81 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package replaydetector
+
+import (
+	"fmt"
+)
+
+// fixedBigInt is the fix-sized multi-word integer.
+type fixedBigInt struct {
+	bits    []uint64
+	n       uint
+	msbMask uint64
+}
+
+// newFixedBigInt creates a new fix-sized multi-word int.
+func newFixedBigInt(n uint) *fixedBigInt {
+	chunkSize := (n + 63) / 64
+	if chunkSize == 0 {
+		chunkSize = 1
+	}
+	return &fixedBigInt{
+		bits:    make([]uint64, chunkSize),
+		n:       n,
+		msbMask: (1 << (64 - n%64)) - 1,
+	}
+}
+
+// Lsh is the left shift operation.
+func (s *fixedBigInt) Lsh(n uint) {
+	if n == 0 {
+		return
+	}
+	nChunk := int(n / 64)
+	nN := n % 64
+
+	for i := len(s.bits) - 1; i >= 0; i-- {
+		var carry uint64
+		if i-nChunk >= 0 {
+			carry = s.bits[i-nChunk] << nN
+			if i-nChunk-1 >= 0 {
+				carry |= s.bits[i-nChunk-1] >> (64 - nN)
+			}
+		}
+		s.bits[i] = (s.bits[i] << n) | carry
+	}
+	s.bits[len(s.bits)-1] &= s.msbMask
+}
+
+// Bit returns i-th bit of the fixedBigInt.
+func (s *fixedBigInt) Bit(i uint) uint {
+	if i >= s.n {
+		return 0
+	}
+	chunk := i / 64
+	pos := i % 64
+	if s.bits[chunk]&(1<<pos) != 0 {
+		return 1
+	}
+	return 0
+}
+
+// SetBit sets i-th bit to 1.
+func (s *fixedBigInt) SetBit(i uint) {
+	if i >= s.n {
+		return
+	}
+	chunk := i / 64
+	pos := i % 64
+	s.bits[chunk] |= 1 << pos
+}
+
+// String returns string representation of fixedBigInt.
+func (s *fixedBigInt) String() string {
+	var out string
+	for i := len(s.bits) - 1; i >= 0; i-- {
+		out += fmt.Sprintf("%016X", s.bits[i])
+	}
+	return out
+}
diff --git a/server/vendor/github.com/pion/transport/v2/replaydetector/replaydetector.go b/server/vendor/github.com/pion/transport/v2/replaydetector/replaydetector.go
new file mode 100644
index 0000000..4358d8f
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/replaydetector/replaydetector.go
@@ -0,0 +1,119 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package replaydetector provides packet replay detection algorithm.
+package replaydetector
+
+// ReplayDetector is the interface of sequence replay detector.
+type ReplayDetector interface {
+	// Check returns true if given sequence number is not replayed.
+	// Call accept() to mark the packet is received properly.
+	Check(seq uint64) (accept func(), ok bool)
+}
+
+type slidingWindowDetector struct {
+	latestSeq  uint64
+	maxSeq     uint64
+	windowSize uint
+	mask       *fixedBigInt
+}
+
+// New creates ReplayDetector.
+// Created ReplayDetector doesn't allow wrapping.
+// It can handle monotonically increasing sequence number up to
+// full 64bit number. It is suitable for DTLS replay protection.
+func New(windowSize uint, maxSeq uint64) ReplayDetector {
+	return &slidingWindowDetector{
+		maxSeq:     maxSeq,
+		windowSize: windowSize,
+		mask:       newFixedBigInt(windowSize),
+	}
+}
+
+func (d *slidingWindowDetector) Check(seq uint64) (accept func(), ok bool) {
+	if seq > d.maxSeq {
+		// Exceeded upper limit.
+		return func() {}, false
+	}
+
+	if seq <= d.latestSeq {
+		if d.latestSeq >= uint64(d.windowSize)+seq {
+			return func() {}, false
+		}
+		if d.mask.Bit(uint(d.latestSeq-seq)) != 0 {
+			// The sequence number is duplicated.
+			return func() {}, false
+		}
+	}
+
+	return func() {
+		if seq > d.latestSeq {
+			// Update the head of the window.
+			d.mask.Lsh(uint(seq - d.latestSeq))
+			d.latestSeq = seq
+		}
+		diff := (d.latestSeq - seq) % d.maxSeq
+		d.mask.SetBit(uint(diff))
+	}, true
+}
+
+// WithWrap creates ReplayDetector allowing sequence wrapping.
+// This is suitable for short bit width counter like SRTP and SRTCP.
+func WithWrap(windowSize uint, maxSeq uint64) ReplayDetector {
+	return &wrappedSlidingWindowDetector{
+		maxSeq:     maxSeq,
+		windowSize: windowSize,
+		mask:       newFixedBigInt(windowSize),
+	}
+}
+
+type wrappedSlidingWindowDetector struct {
+	latestSeq  uint64
+	maxSeq     uint64
+	windowSize uint
+	mask       *fixedBigInt
+	init       bool
+}
+
+func (d *wrappedSlidingWindowDetector) Check(seq uint64) (accept func(), ok bool) {
+	if seq > d.maxSeq {
+		// Exceeded upper limit.
+		return func() {}, false
+	}
+	if !d.init {
+		if seq != 0 {
+			d.latestSeq = seq - 1
+		} else {
+			d.latestSeq = d.maxSeq
+		}
+		d.init = true
+	}
+
+	diff := int64(d.latestSeq) - int64(seq)
+	// Wrap the number.
+	if diff > int64(d.maxSeq)/2 {
+		diff -= int64(d.maxSeq + 1)
+	} else if diff <= -int64(d.maxSeq)/2 {
+		diff += int64(d.maxSeq + 1)
+	}
+
+	if diff >= int64(d.windowSize) {
+		// Too old.
+		return func() {}, false
+	}
+	if diff >= 0 {
+		if d.mask.Bit(uint(diff)) != 0 {
+			// The sequence number is duplicated.
+			return func() {}, false
+		}
+	}
+
+	return func() {
+		if diff < 0 {
+			// Update the head of the window.
+			d.mask.Lsh(uint(-diff))
+			d.latestSeq = seq
+		}
+		d.mask.SetBit(uint(d.latestSeq - seq))
+	}, true
+}
diff --git a/server/vendor/github.com/pion/transport/v2/stdnet/net.go b/server/vendor/github.com/pion/transport/v2/stdnet/net.go
new file mode 100644
index 0000000..a2cf964
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/stdnet/net.go
@@ -0,0 +1,168 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package stdnet implements the transport.Net interface
+// using methods from Go's standard net package.
+package stdnet
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/pion/transport/v2"
+	"github.com/wlynxg/anet"
+)
+
+const (
+	lo0String = "lo0String"
+	udpString = "udp"
+)
+
+// Net is an implementation of the net.Net interface
+// based on functions of the standard net package.
+type Net struct {
+	interfaces []*transport.Interface
+}
+
+// NewNet creates a new StdNet instance.
+func NewNet() (*Net, error) {
+	n := &Net{}
+
+	return n, n.UpdateInterfaces()
+}
+
+// Compile-time assertion
+var _ transport.Net = &Net{}
+
+// UpdateInterfaces updates the internal list of network interfaces
+// and associated addresses.
+func (n *Net) UpdateInterfaces() error {
+	ifs := []*transport.Interface{}
+
+	oifs, err := anet.Interfaces()
+	if err != nil {
+		return err
+	}
+
+	for i := range oifs {
+		ifc := transport.NewInterface(oifs[i])
+
+		addrs, err := anet.InterfaceAddrsByInterface(&oifs[i])
+		if err != nil {
+			return err
+		}
+
+		for _, addr := range addrs {
+			ifc.AddAddress(addr)
+		}
+
+		ifs = append(ifs, ifc)
+	}
+
+	n.interfaces = ifs
+
+	return nil
+}
+
+// Interfaces returns a slice of interfaces which are available on the
+// system
+func (n *Net) Interfaces() ([]*transport.Interface, error) {
+	return n.interfaces, nil
+}
+
+// InterfaceByIndex returns the interface specified by index.
+//
+// On Solaris, it returns one of the logical network interfaces
+// sharing the logical data link; for more precision use
+// InterfaceByName.
+func (n *Net) InterfaceByIndex(index int) (*transport.Interface, error) {
+	for _, ifc := range n.interfaces {
+		if ifc.Index == index {
+			return ifc, nil
+		}
+	}
+
+	return nil, fmt.Errorf("%w: index=%d", transport.ErrInterfaceNotFound, index)
+}
+
+// InterfaceByName returns the interface specified by name.
+func (n *Net) InterfaceByName(name string) (*transport.Interface, error) {
+	for _, ifc := range n.interfaces {
+		if ifc.Name == name {
+			return ifc, nil
+		}
+	}
+
+	return nil, fmt.Errorf("%w: %s", transport.ErrInterfaceNotFound, name)
+}
+
+// ListenPacket announces on the local network address.
+func (n *Net) ListenPacket(network string, address string) (net.PacketConn, error) {
+	return net.ListenPacket(network, address)
+}
+
+// ListenUDP acts like ListenPacket for UDP networks.
+func (n *Net) ListenUDP(network string, locAddr *net.UDPAddr) (transport.UDPConn, error) {
+	return net.ListenUDP(network, locAddr)
+}
+
+// Dial connects to the address on the named network.
+func (n *Net) Dial(network, address string) (net.Conn, error) {
+	return net.Dial(network, address)
+}
+
+// DialUDP acts like Dial for UDP networks.
+func (n *Net) DialUDP(network string, laddr, raddr *net.UDPAddr) (transport.UDPConn, error) {
+	return net.DialUDP(network, laddr, raddr)
+}
+
+// ResolveIPAddr returns an address of IP end point.
+func (n *Net) ResolveIPAddr(network, address string) (*net.IPAddr, error) {
+	return net.ResolveIPAddr(network, address)
+}
+
+// ResolveUDPAddr returns an address of UDP end point.
+func (n *Net) ResolveUDPAddr(network, address string) (*net.UDPAddr, error) {
+	return net.ResolveUDPAddr(network, address)
+}
+
+// ResolveTCPAddr returns an address of TCP end point.
+func (n *Net) ResolveTCPAddr(network, address string) (*net.TCPAddr, error) {
+	return net.ResolveTCPAddr(network, address)
+}
+
+// DialTCP acts like Dial for TCP networks.
+func (n *Net) DialTCP(network string, laddr, raddr *net.TCPAddr) (transport.TCPConn, error) {
+	return net.DialTCP(network, laddr, raddr)
+}
+
+// ListenTCP acts like Listen for TCP networks.
+func (n *Net) ListenTCP(network string, laddr *net.TCPAddr) (transport.TCPListener, error) {
+	l, err := net.ListenTCP(network, laddr)
+	if err != nil {
+		return nil, err
+	}
+
+	return tcpListener{l}, nil
+}
+
+type tcpListener struct {
+	*net.TCPListener
+}
+
+func (l tcpListener) AcceptTCP() (transport.TCPConn, error) {
+	return l.TCPListener.AcceptTCP()
+}
+
+type stdDialer struct {
+	*net.Dialer
+}
+
+func (d stdDialer) Dial(network, address string) (net.Conn, error) {
+	return d.Dialer.Dial(network, address)
+}
+
+// CreateDialer creates an instance of vnet.Dialer
+func (n *Net) CreateDialer(d *net.Dialer) transport.Dialer {
+	return stdDialer{d}
+}
diff --git a/server/vendor/github.com/pion/transport/v2/udp/batchconn.go b/server/vendor/github.com/pion/transport/v2/udp/batchconn.go
new file mode 100644
index 0000000..54bdab6
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/udp/batchconn.go
@@ -0,0 +1,170 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package udp
+
+import (
+	"io"
+	"net"
+	"runtime"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"golang.org/x/net/ipv4"
+	"golang.org/x/net/ipv6"
+)
+
+// BatchWriter represents conn can write messages in batch
+type BatchWriter interface {
+	WriteBatch(ms []ipv4.Message, flags int) (int, error)
+}
+
+// BatchReader represents conn can read messages in batch
+type BatchReader interface {
+	ReadBatch(msg []ipv4.Message, flags int) (int, error)
+}
+
+// BatchPacketConn represents conn can read/write messages in batch
+type BatchPacketConn interface {
+	BatchWriter
+	BatchReader
+	io.Closer
+}
+
+// BatchConn uses ipv4/v6.NewPacketConn to wrap a net.PacketConn to write/read messages in batch,
+// only available in linux. In other platform, it will use single Write/Read as same as net.Conn.
+type BatchConn struct {
+	net.PacketConn
+
+	batchConn BatchPacketConn
+
+	batchWriteMutex    sync.Mutex
+	batchWriteMessages []ipv4.Message
+	batchWritePos      int
+	batchWriteLast     time.Time
+
+	batchWriteSize     int
+	batchWriteInterval time.Duration
+
+	closed int32
+}
+
+// NewBatchConn creates a *BatchConn from net.PacketConn with batch configs.
+func NewBatchConn(conn net.PacketConn, batchWriteSize int, batchWriteInterval time.Duration) *BatchConn {
+	bc := &BatchConn{
+		PacketConn:         conn,
+		batchWriteLast:     time.Now(),
+		batchWriteInterval: batchWriteInterval,
+		batchWriteSize:     batchWriteSize,
+		batchWriteMessages: make([]ipv4.Message, batchWriteSize),
+	}
+	for i := range bc.batchWriteMessages {
+		bc.batchWriteMessages[i].Buffers = [][]byte{make([]byte, sendMTU)}
+	}
+
+	// batch write only supports linux
+	if runtime.GOOS == "linux" {
+		if pc4 := ipv4.NewPacketConn(conn); pc4 != nil {
+			bc.batchConn = pc4
+		} else if pc6 := ipv6.NewPacketConn(conn); pc6 != nil {
+			bc.batchConn = pc6
+		}
+	}
+
+	if bc.batchConn != nil {
+		go func() {
+			writeTicker := time.NewTicker(batchWriteInterval / 2)
+			defer writeTicker.Stop()
+			for atomic.LoadInt32(&bc.closed) != 1 {
+				<-writeTicker.C
+				bc.batchWriteMutex.Lock()
+				if bc.batchWritePos > 0 && time.Since(bc.batchWriteLast) >= bc.batchWriteInterval {
+					_ = bc.flush()
+				}
+				bc.batchWriteMutex.Unlock()
+			}
+		}()
+	}
+
+	return bc
+}
+
+// Close batchConn and the underlying PacketConn
+func (c *BatchConn) Close() error {
+	atomic.StoreInt32(&c.closed, 1)
+	c.batchWriteMutex.Lock()
+	if c.batchWritePos > 0 {
+		_ = c.flush()
+	}
+	c.batchWriteMutex.Unlock()
+	if c.batchConn != nil {
+		return c.batchConn.Close()
+	}
+	return c.PacketConn.Close()
+}
+
+// WriteTo write message to an UDPAddr, addr should be nil if it is a connected socket.
+func (c *BatchConn) WriteTo(b []byte, addr net.Addr) (int, error) {
+	if c.batchConn == nil {
+		return c.PacketConn.WriteTo(b, addr)
+	}
+	return c.enqueueMessage(b, addr)
+}
+
+func (c *BatchConn) enqueueMessage(buf []byte, raddr net.Addr) (int, error) {
+	var err error
+	c.batchWriteMutex.Lock()
+	defer c.batchWriteMutex.Unlock()
+
+	msg := &c.batchWriteMessages[c.batchWritePos]
+	// reset buffers
+	msg.Buffers = msg.Buffers[:1]
+	msg.Buffers[0] = msg.Buffers[0][:cap(msg.Buffers[0])]
+
+	c.batchWritePos++
+	if raddr != nil {
+		msg.Addr = raddr
+	}
+	if n := copy(msg.Buffers[0], buf); n < len(buf) {
+		extraBuffer := make([]byte, len(buf)-n)
+		copy(extraBuffer, buf[n:])
+		msg.Buffers = append(msg.Buffers, extraBuffer)
+	} else {
+		msg.Buffers[0] = msg.Buffers[0][:n]
+	}
+	if c.batchWritePos == c.batchWriteSize {
+		err = c.flush()
+	}
+	return len(buf), err
+}
+
+// ReadBatch reads messages in batch, return length of message readed and error.
+func (c *BatchConn) ReadBatch(msgs []ipv4.Message, flags int) (int, error) {
+	if c.batchConn == nil {
+		n, addr, err := c.PacketConn.ReadFrom(msgs[0].Buffers[0])
+		if err == nil {
+			msgs[0].N = n
+			msgs[0].Addr = addr
+			return 1, nil
+		}
+		return 0, err
+	}
+	return c.batchConn.ReadBatch(msgs, flags)
+}
+
+func (c *BatchConn) flush() error {
+	var writeErr error
+	var txN int
+	for txN < c.batchWritePos {
+		n, err := c.batchConn.WriteBatch(c.batchWriteMessages[txN:c.batchWritePos], 0)
+		if err != nil {
+			writeErr = err
+			break
+		}
+		txN += n
+	}
+	c.batchWritePos = 0
+	c.batchWriteLast = time.Now()
+	return writeErr
+}
diff --git a/server/vendor/github.com/pion/transport/v2/udp/conn.go b/server/vendor/github.com/pion/transport/v2/udp/conn.go
new file mode 100644
index 0000000..c2f257e
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/udp/conn.go
@@ -0,0 +1,406 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package udp provides a connection-oriented listener over a UDP PacketConn
+package udp
+
+import (
+	"context"
+	"errors"
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2/deadline"
+	"github.com/pion/transport/v2/packetio"
+	"golang.org/x/net/ipv4"
+)
+
+const (
+	receiveMTU           = 8192
+	sendMTU              = 1500
+	defaultListenBacklog = 128 // same as Linux default
+)
+
+// Typed errors
+var (
+	ErrClosedListener      = errors.New("udp: listener closed")
+	ErrListenQueueExceeded = errors.New("udp: listen queue exceeded")
+	ErrInvalidBatchConfig  = errors.New("udp: invalid batch config")
+)
+
+// listener augments a connection-oriented Listener over a UDP PacketConn
+type listener struct {
+	pConn net.PacketConn
+
+	readBatchSize int
+
+	accepting    atomic.Value // bool
+	acceptCh     chan *Conn
+	doneCh       chan struct{}
+	doneOnce     sync.Once
+	acceptFilter func([]byte) bool
+
+	connLock sync.Mutex
+	conns    map[string]*Conn
+	connWG   *sync.WaitGroup
+
+	readWG   sync.WaitGroup
+	errClose atomic.Value // error
+
+	readDoneCh chan struct{}
+	errRead    atomic.Value // error
+
+	logger logging.LeveledLogger
+}
+
+// Accept waits for and returns the next connection to the listener.
+func (l *listener) Accept() (net.Conn, error) {
+	select {
+	case c := <-l.acceptCh:
+		l.connWG.Add(1)
+		return c, nil
+
+	case <-l.readDoneCh:
+		err, _ := l.errRead.Load().(error)
+		return nil, err
+
+	case <-l.doneCh:
+		return nil, ErrClosedListener
+	}
+}
+
+// Close closes the listener.
+// Any blocked Accept operations will be unblocked and return errors.
+func (l *listener) Close() error {
+	var err error
+	l.doneOnce.Do(func() {
+		l.accepting.Store(false)
+		close(l.doneCh)
+
+		l.connLock.Lock()
+		// Close unaccepted connections
+	lclose:
+		for {
+			select {
+			case c := <-l.acceptCh:
+				close(c.doneCh)
+				delete(l.conns, c.rAddr.String())
+
+			default:
+				break lclose
+			}
+		}
+		nConns := len(l.conns)
+		l.connLock.Unlock()
+
+		l.connWG.Done()
+
+		if nConns == 0 {
+			// Wait if this is the final connection
+			l.readWG.Wait()
+			if errClose, ok := l.errClose.Load().(error); ok {
+				err = errClose
+			}
+		} else {
+			err = nil
+		}
+	})
+
+	return err
+}
+
+// Addr returns the listener's network address.
+func (l *listener) Addr() net.Addr {
+	return l.pConn.LocalAddr()
+}
+
+// BatchIOConfig indicates config to batch read/write packets,
+// it will use ReadBatch/WriteBatch to improve throughput for UDP.
+type BatchIOConfig struct {
+	Enable bool
+	// ReadBatchSize indicates the maximum number of packets to be read in one batch, a batch size less than 2 means
+	// disable read batch.
+	ReadBatchSize int
+	// WriteBatchSize indicates the maximum number of packets to be written in one batch
+	WriteBatchSize int
+	// WriteBatchInterval indicates the maximum interval to wait before writing packets in one batch
+	// small interval will reduce latency/jitter, but increase the io count.
+	WriteBatchInterval time.Duration
+}
+
+// ListenConfig stores options for listening to an address.
+type ListenConfig struct {
+	// Backlog defines the maximum length of the queue of pending
+	// connections. It is equivalent of the backlog argument of
+	// POSIX listen function.
+	// If a connection request arrives when the queue is full,
+	// the request will be silently discarded, unlike TCP.
+	// Set zero to use default value 128 which is same as Linux default.
+	Backlog int
+
+	// AcceptFilter determines whether the new conn should be made for
+	// the incoming packet. If not set, any packet creates new conn.
+	AcceptFilter func([]byte) bool
+
+	// ReadBufferSize sets the size of the operating system's
+	// receive buffer associated with the listener.
+	ReadBufferSize int
+
+	// WriteBufferSize sets the size of the operating system's
+	// send buffer associated with the connection.
+	WriteBufferSize int
+
+	Batch BatchIOConfig
+
+	LoggerFactory logging.LoggerFactory
+}
+
+// Listen creates a new listener based on the ListenConfig.
+func (lc *ListenConfig) Listen(network string, laddr *net.UDPAddr) (net.Listener, error) {
+	if lc.Backlog == 0 {
+		lc.Backlog = defaultListenBacklog
+	}
+
+	if lc.Batch.Enable && (lc.Batch.WriteBatchSize <= 0 || lc.Batch.WriteBatchInterval <= 0) {
+		return nil, ErrInvalidBatchConfig
+	}
+
+	conn, err := net.ListenUDP(network, laddr)
+	if err != nil {
+		return nil, err
+	}
+
+	if lc.ReadBufferSize > 0 {
+		_ = conn.SetReadBuffer(lc.ReadBufferSize)
+	}
+	if lc.WriteBufferSize > 0 {
+		_ = conn.SetWriteBuffer(lc.WriteBufferSize)
+	}
+
+	loggerFactory := lc.LoggerFactory
+	if loggerFactory == nil {
+		loggerFactory = logging.NewDefaultLoggerFactory()
+	}
+
+	logger := loggerFactory.NewLogger("transport")
+
+	l := &listener{
+		pConn:        conn,
+		acceptCh:     make(chan *Conn, lc.Backlog),
+		conns:        make(map[string]*Conn),
+		doneCh:       make(chan struct{}),
+		acceptFilter: lc.AcceptFilter,
+		connWG:       &sync.WaitGroup{},
+		readDoneCh:   make(chan struct{}),
+		logger:       logger,
+	}
+
+	if lc.Batch.Enable {
+		l.pConn = NewBatchConn(conn, lc.Batch.WriteBatchSize, lc.Batch.WriteBatchInterval)
+		l.readBatchSize = lc.Batch.ReadBatchSize
+	}
+
+	l.accepting.Store(true)
+	l.connWG.Add(1)
+	l.readWG.Add(2) // wait readLoop and Close execution routine
+
+	go l.readLoop()
+	go func() {
+		l.connWG.Wait()
+		if err := l.pConn.Close(); err != nil {
+			l.errClose.Store(err)
+		}
+		l.readWG.Done()
+	}()
+
+	return l, nil
+}
+
+// Listen creates a new listener using default ListenConfig.
+func Listen(network string, laddr *net.UDPAddr) (net.Listener, error) {
+	return (&ListenConfig{}).Listen(network, laddr)
+}
+
+// readLoop has to tasks:
+//  1. Dispatching incoming packets to the correct Conn.
+//     It can therefore not be ended until all Conns are closed.
+//  2. Creating a new Conn when receiving from a new remote.
+func (l *listener) readLoop() {
+	defer l.readWG.Done()
+	defer close(l.readDoneCh)
+
+	if br, ok := l.pConn.(BatchReader); ok && l.readBatchSize > 1 {
+		l.readBatch(br)
+	} else {
+		l.read()
+	}
+}
+
+func (l *listener) readBatch(br BatchReader) {
+	msgs := make([]ipv4.Message, l.readBatchSize)
+	for i := range msgs {
+		msg := &msgs[i]
+		msg.Buffers = [][]byte{make([]byte, receiveMTU)}
+		msg.OOB = make([]byte, 40)
+	}
+	for {
+		n, err := br.ReadBatch(msgs, 0)
+		if err != nil {
+			l.errRead.Store(err)
+			return
+		}
+		for i := 0; i < n; i++ {
+			l.dispatchMsg(msgs[i].Addr, msgs[i].Buffers[0][:msgs[i].N])
+		}
+	}
+}
+
+func (l *listener) read() {
+	buf := make([]byte, receiveMTU)
+	for {
+		n, raddr, err := l.pConn.ReadFrom(buf)
+		if err != nil {
+			l.errRead.Store(err)
+			l.logger.Tracef("error reading from connection err=%v", err)
+			return
+		}
+		l.dispatchMsg(raddr, buf[:n])
+	}
+}
+
+func (l *listener) dispatchMsg(addr net.Addr, buf []byte) {
+	conn, ok, err := l.getConn(addr, buf)
+	if err != nil {
+		return
+	}
+	if ok {
+		_, err := conn.buffer.Write(buf)
+		if err != nil {
+			l.logger.Tracef("error dispatching message addr=%v err=%v", addr, err)
+		}
+	}
+}
+
+func (l *listener) getConn(raddr net.Addr, buf []byte) (*Conn, bool, error) {
+	l.connLock.Lock()
+	defer l.connLock.Unlock()
+	conn, ok := l.conns[raddr.String()]
+	if !ok {
+		if isAccepting, ok := l.accepting.Load().(bool); !isAccepting || !ok {
+			return nil, false, ErrClosedListener
+		}
+		if l.acceptFilter != nil {
+			if !l.acceptFilter(buf) {
+				return nil, false, nil
+			}
+		}
+		conn = l.newConn(raddr)
+		select {
+		case l.acceptCh <- conn:
+			l.conns[raddr.String()] = conn
+		default:
+			return nil, false, ErrListenQueueExceeded
+		}
+	}
+	return conn, true, nil
+}
+
+// Conn augments a connection-oriented connection over a UDP PacketConn
+type Conn struct {
+	listener *listener
+
+	rAddr net.Addr
+
+	buffer *packetio.Buffer
+
+	doneCh   chan struct{}
+	doneOnce sync.Once
+
+	writeDeadline *deadline.Deadline
+}
+
+func (l *listener) newConn(rAddr net.Addr) *Conn {
+	return &Conn{
+		listener:      l,
+		rAddr:         rAddr,
+		buffer:        packetio.NewBuffer(),
+		doneCh:        make(chan struct{}),
+		writeDeadline: deadline.New(),
+	}
+}
+
+// Read reads from c into p
+func (c *Conn) Read(p []byte) (int, error) {
+	return c.buffer.Read(p)
+}
+
+// Write writes len(p) bytes from p to the DTLS connection
+func (c *Conn) Write(p []byte) (n int, err error) {
+	select {
+	case <-c.writeDeadline.Done():
+		return 0, context.DeadlineExceeded
+	default:
+	}
+	return c.listener.pConn.WriteTo(p, c.rAddr)
+}
+
+// Close closes the conn and releases any Read calls
+func (c *Conn) Close() error {
+	var err error
+	c.doneOnce.Do(func() {
+		c.listener.connWG.Done()
+		close(c.doneCh)
+		c.listener.connLock.Lock()
+		delete(c.listener.conns, c.rAddr.String())
+		nConns := len(c.listener.conns)
+		c.listener.connLock.Unlock()
+
+		if isAccepting, ok := c.listener.accepting.Load().(bool); nConns == 0 && !isAccepting && ok {
+			// Wait if this is the final connection
+			c.listener.readWG.Wait()
+			if errClose, ok := c.listener.errClose.Load().(error); ok {
+				err = errClose
+			}
+		} else {
+			err = nil
+		}
+
+		if errBuf := c.buffer.Close(); errBuf != nil && err == nil {
+			err = errBuf
+		}
+	})
+
+	return err
+}
+
+// LocalAddr implements net.Conn.LocalAddr
+func (c *Conn) LocalAddr() net.Addr {
+	return c.listener.pConn.LocalAddr()
+}
+
+// RemoteAddr implements net.Conn.RemoteAddr
+func (c *Conn) RemoteAddr() net.Addr {
+	return c.rAddr
+}
+
+// SetDeadline implements net.Conn.SetDeadline
+func (c *Conn) SetDeadline(t time.Time) error {
+	c.writeDeadline.Set(t)
+	return c.SetReadDeadline(t)
+}
+
+// SetReadDeadline implements net.Conn.SetDeadline
+func (c *Conn) SetReadDeadline(t time.Time) error {
+	return c.buffer.SetReadDeadline(t)
+}
+
+// SetWriteDeadline implements net.Conn.SetDeadline
+func (c *Conn) SetWriteDeadline(t time.Time) error {
+	c.writeDeadline.Set(t)
+	// Write deadline of underlying connection should not be changed
+	// since the connection can be shared.
+	return nil
+}
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_amd64.go b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_amd64.go
new file mode 100644
index 0000000..ded8e0d
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_amd64.go
@@ -0,0 +1,29 @@
+// SPDX-FileCopyrightText: 2018 The Go Authors. All rights reserved.
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !gccgo
+// +build !gccgo
+
+// Package xor provides utility functions used by other Pion
+// packages. AMD64 arch.
+package xor
+
+// XorBytes xors the bytes in a and b. The destination should have enough
+// space, otherwise xorBytes will panic. Returns the number of bytes xor'd.
+//
+//revive:disable-next-line
+func XorBytes(dst, a, b []byte) int {
+	n := len(a)
+	if len(b) < n {
+		n = len(b)
+	}
+	if n == 0 {
+		return 0
+	}
+	_ = dst[n-1]
+	xorBytesSSE2(&dst[0], &a[0], &b[0], n) // amd64 must have SSE2
+	return n
+}
+
+//go:noescape
+func xorBytesSSE2(dst, a, b *byte, n int)
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_amd64.s b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_amd64.s
new file mode 100644
index 0000000..f66ac95
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_amd64.s
@@ -0,0 +1,56 @@
+// SPDX-FileCopyrightText: 2018 The Go Authors. All rights reserved.
+// SPDX-License-Identifier: BSD-3-Clause
+
+// go:build !gccgo
+// +build !gccgo
+
+#include "textflag.h"
+
+// func xorBytesSSE2(dst, a, b *byte, n int)
+TEXT ·xorBytesSSE2(SB), NOSPLIT, $0
+	MOVQ  dst+0(FP), BX
+	MOVQ  a+8(FP), SI
+	MOVQ  b+16(FP), CX
+	MOVQ  n+24(FP), DX
+	TESTQ $15, DX            // AND 15 & len, if not zero jump to not_aligned.
+	JNZ   not_aligned
+
+aligned:
+	MOVQ $0, AX // position in slices
+
+loop16b:
+	MOVOU (SI)(AX*1), X0   // XOR 16byte forwards.
+	MOVOU (CX)(AX*1), X1
+	PXOR  X1, X0
+	MOVOU X0, (BX)(AX*1)
+	ADDQ  $16, AX
+	CMPQ  DX, AX
+	JNE   loop16b
+	RET
+
+loop_1b:
+	SUBQ  $1, DX           // XOR 1byte backwards.
+	MOVB  (SI)(DX*1), DI
+	MOVB  (CX)(DX*1), AX
+	XORB  AX, DI
+	MOVB  DI, (BX)(DX*1)
+	TESTQ $7, DX           // AND 7 & len, if not zero jump to loop_1b.
+	JNZ   loop_1b
+	CMPQ  DX, $0           // if len is 0, ret.
+	JE    ret
+	TESTQ $15, DX          // AND 15 & len, if zero jump to aligned.
+	JZ    aligned
+
+not_aligned:
+	TESTQ $7, DX           // AND $7 & len, if not zero jump to loop_1b.
+	JNE   loop_1b
+	SUBQ  $8, DX           // XOR 8bytes backwards.
+	MOVQ  (SI)(DX*1), DI
+	MOVQ  (CX)(DX*1), AX
+	XORQ  AX, DI
+	MOVQ  DI, (BX)(DX*1)
+	CMPQ  DX, $16          // if len is greater or equal 16 here, it must be aligned.
+	JGE   aligned
+
+ret:
+	RET
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm.go b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm.go
new file mode 100644
index 0000000..25d6b72
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm.go
@@ -0,0 +1,60 @@
+// SPDX-FileCopyrightText: 2022 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !gccgo
+// +build !gccgo
+
+// Package xor provides utility functions used by other Pion
+// packages. ARM arch.
+package xor
+
+import (
+	"unsafe"
+
+	"golang.org/x/sys/cpu"
+)
+
+const wordSize = int(unsafe.Sizeof(uintptr(0))) // nolint:gosec
+var hasNEON = cpu.ARM.HasNEON                   // nolint:gochecknoglobals
+
+func isAligned(a *byte) bool {
+	return uintptr(unsafe.Pointer(a))%uintptr(wordSize) == 0
+}
+
+// XorBytes xors the bytes in a and b. The destination should have enough
+// space, otherwise xorBytes will panic. Returns the number of bytes xor'd.
+//
+//revive:disable-next-line
+func XorBytes(dst, a, b []byte) int {
+	n := len(a)
+	if len(b) < n {
+		n = len(b)
+	}
+	if n == 0 {
+		return 0
+	}
+	// make sure dst has enough space
+	_ = dst[n-1]
+
+	if hasNEON {
+		xorBytesNEON32(&dst[0], &a[0], &b[0], n)
+	} else if isAligned(&dst[0]) && isAligned(&a[0]) && isAligned(&b[0]) {
+		xorBytesARM32(&dst[0], &a[0], &b[0], n)
+	} else {
+		safeXORBytes(dst, a, b, n)
+	}
+	return n
+}
+
+// n needs to be smaller or equal than the length of a and b.
+func safeXORBytes(dst, a, b []byte, n int) {
+	for i := 0; i < n; i++ {
+		dst[i] = a[i] ^ b[i]
+	}
+}
+
+//go:noescape
+func xorBytesARM32(dst, a, b *byte, n int)
+
+//go:noescape
+func xorBytesNEON32(dst, a, b *byte, n int)
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm.s b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm.s
new file mode 100644
index 0000000..5e52a2d
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm.s
@@ -0,0 +1,116 @@
+// SPDX-FileCopyrightText: 2022 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// go:build !gccgo
+// +build !gccgo
+
+#include "textflag.h"
+
+// func xorBytesARM32(dst, a, b *byte, n int)
+TEXT ·xorBytesARM32(SB), NOSPLIT|NOFRAME, $0
+	MOVW	dst+0(FP), R0
+	MOVW	a+4(FP), R1
+	MOVW	b+8(FP), R2
+	MOVW	n+12(FP), R3
+	CMP	$4, R3
+	BLT	less_than4
+
+loop_4:
+	MOVW.P	4(R1), R4
+	MOVW.P	4(R2), R5
+	EOR	R4, R5, R5
+	MOVW.P	R5, 4(R0)
+
+	SUB	$4, R3
+	CMP	$4, R3
+	BGE	loop_4
+
+less_than4:
+	CMP	$2, R3
+	BLT	less_than2
+	MOVH.P	2(R1), R4
+	MOVH.P	2(R2), R5
+	EOR	R4, R5, R5
+	MOVH.P	R5, 2(R0)
+
+	SUB	$2, R3
+
+less_than2:
+	CMP	$0, R3
+	BEQ	end
+	MOVB	(R1), R4
+	MOVB	(R2), R5
+	EOR	R4, R5, R5
+	MOVB	R5, (R0)
+end:
+	RET
+
+// func xorBytesNEON32(dst, a, b *byte, n int)
+TEXT ·xorBytesNEON32(SB), NOSPLIT|NOFRAME, $0
+	MOVW	dst+0(FP), R0
+	MOVW	a+4(FP), R1
+	MOVW	b+8(FP), R2
+	MOVW	n+12(FP), R3
+	CMP	$32, R3
+	BLT	less_than32
+
+loop_32:
+	WORD	$0xF421020D // vld1.u8 {q0, q1}, [r1]!
+	WORD	$0xF422420D // vld1.u8 {q2, q3}, [r2]!
+	WORD	$0xF3004154 // veor q2, q0, q2
+	WORD	$0xF3026156 // veor q3, q1, q3
+	WORD	$0xF400420D // vst1.u8 {q2, q3}, [r0]!
+
+	SUB	$32, R3
+	CMP	$32, R3
+	BGE	loop_32
+
+less_than32:
+	CMP	$16, R3
+	BLT	less_than16
+	WORD	$0xF4210A0D // vld1.u8 q0, [r1]!
+	WORD	$0xF4222A0D // vld1.u8 q1, [r2]!
+	WORD	$0xF3002152 // veor q1, q0, q1
+	WORD	$0xF4002A0D // vst1.u8 {q1}, [r0]!
+
+	SUB	$16, R3
+
+less_than16:
+	CMP	$8, R3
+	BLT	less_than8
+	WORD	$0xF421070D // vld1.u8 d0, [r1]!
+	WORD	$0xF422170D // vld1.u8 d1, [r2]!
+	WORD	$0xF3001111 // veor d1, d0, d1
+	WORD	$0xF400170D // vst1.u8 {d1}, [r0]!
+
+	SUB	$8, R3
+
+less_than8:
+	CMP	$4, R3
+	BLT	less_than4
+	MOVW.P	4(R1), R4
+	MOVW.P	4(R2), R5
+	EOR	R4, R5, R5
+	MOVW.P	R5, 4(R0)
+
+	SUB	$4, R3
+
+less_than4:
+	CMP	$2, R3
+	BLT	less_than2
+	MOVH.P	2(R1), R4
+	MOVH.P	2(R2), R5
+	EOR	R4, R5, R5
+	MOVH.P	R5, 2(R0)
+
+	SUB	$2, R3
+
+less_than2:
+	CMP	$0, R3
+	BEQ	end
+	MOVB	(R1), R4
+	MOVB	(R2), R5
+	EOR	R4, R5, R5
+	MOVB	R5, (R0)
+end:
+	RET
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm64.go b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm64.go
new file mode 100644
index 0000000..7002ab7
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm64.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2020 The Go Authors. All rights reserved.
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !gccgo
+// +build !gccgo
+
+// Package xor provides utility functions used by other Pion
+// packages. ARM64 arch.
+package xor
+
+// XorBytes xors the bytes in a and b. The destination should have enough
+// space, otherwise xorBytes will panic. Returns the number of bytes xor'd.
+//
+//revive:disable-next-line
+func XorBytes(dst, a, b []byte) int {
+	n := len(a)
+	if len(b) < n {
+		n = len(b)
+	}
+	if n == 0 {
+		return 0
+	}
+	// make sure dst has enough space
+	_ = dst[n-1]
+
+	xorBytesARM64(&dst[0], &a[0], &b[0], n)
+	return n
+}
+
+//go:noescape
+func xorBytesARM64(dst, a, b *byte, n int)
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm64.s b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm64.s
new file mode 100644
index 0000000..0b82d09
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_arm64.s
@@ -0,0 +1,69 @@
+// SPDX-FileCopyrightText: 2020 The Go Authors. All rights reserved.
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !gccgo
+// +build !gccgo
+
+#include "textflag.h"
+
+// func xorBytesARM64(dst, a, b *byte, n int)
+TEXT ·xorBytesARM64(SB), NOSPLIT|NOFRAME, $0
+	MOVD	dst+0(FP), R0
+	MOVD	a+8(FP), R1
+	MOVD	b+16(FP), R2
+	MOVD	n+24(FP), R3
+	CMP	$64, R3
+	BLT	tail
+loop_64:
+	VLD1.P	64(R1), [V0.B16, V1.B16, V2.B16, V3.B16]
+	VLD1.P	64(R2), [V4.B16, V5.B16, V6.B16, V7.B16]
+	VEOR	V0.B16, V4.B16, V4.B16
+	VEOR	V1.B16, V5.B16, V5.B16
+	VEOR	V2.B16, V6.B16, V6.B16
+	VEOR	V3.B16, V7.B16, V7.B16
+	VST1.P	[V4.B16, V5.B16, V6.B16, V7.B16], 64(R0)
+	SUBS	$64, R3
+	CMP	$64, R3
+	BGE	loop_64
+tail:
+	// quick end
+	CBZ	R3, end
+	TBZ	$5, R3, less_than32
+	VLD1.P	32(R1), [V0.B16, V1.B16]
+	VLD1.P	32(R2), [V2.B16, V3.B16]
+	VEOR	V0.B16, V2.B16, V2.B16
+	VEOR	V1.B16, V3.B16, V3.B16
+	VST1.P	[V2.B16, V3.B16], 32(R0)
+less_than32:
+	TBZ	$4, R3, less_than16
+	LDP.P	16(R1), (R11, R12)
+	LDP.P	16(R2), (R13, R14)
+	EOR	R11, R13, R13
+	EOR	R12, R14, R14
+	STP.P	(R13, R14), 16(R0)
+less_than16:
+	TBZ	$3, R3, less_than8
+	MOVD.P	8(R1), R11
+	MOVD.P	8(R2), R12
+	EOR	R11, R12, R12
+	MOVD.P	R12, 8(R0)
+less_than8:
+	TBZ	$2, R3, less_than4
+	MOVWU.P	4(R1), R13
+	MOVWU.P	4(R2), R14
+	EORW	R13, R14, R14
+	MOVWU.P	R14, 4(R0)
+less_than4:
+	TBZ	$1, R3, less_than2
+	MOVHU.P	2(R1), R15
+	MOVHU.P	2(R2), R16
+	EORW	R15, R16, R16
+	MOVHU.P	R16, 2(R0)
+less_than2:
+	TBZ	$0, R3, end
+	MOVBU	(R1), R17
+	MOVBU	(R2), R19
+	EORW	R17, R19, R19
+	MOVBU	R19, (R0)
+end:
+	RET
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_generic.go b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_generic.go
new file mode 100644
index 0000000..967fed3
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_generic.go
@@ -0,0 +1,78 @@
+// SPDX-FileCopyrightText: 2013 The Go Authors. All rights reserved.
+// SPDX-License-Identifier: BSD-3-Clause
+// SPDX-FileCopyrightText: 2022 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build (!amd64 && !ppc64 && !ppc64le && !arm64 && !arm) || gccgo
+// +build !amd64,!ppc64,!ppc64le,!arm64,!arm gccgo
+
+// Package xor provides utility functions used by other Pion
+// packages. Generic arch.
+package xor
+
+import (
+	"runtime"
+	"unsafe"
+)
+
+const (
+	wordSize          = int(unsafe.Sizeof(uintptr(0)))                                                                                   // nolint:gosec
+	supportsUnaligned = runtime.GOARCH == "386" || runtime.GOARCH == "ppc64" || runtime.GOARCH == "ppc64le" || runtime.GOARCH == "s390x" // nolint:gochecknoglobals
+)
+
+func isAligned(a *byte) bool {
+	return uintptr(unsafe.Pointer(a))%uintptr(wordSize) == 0
+}
+
+// XorBytes xors the bytes in a and b. The destination should have enough
+// space, otherwise xorBytes will panic. Returns the number of bytes xor'd.
+//
+//revive:disable-next-line
+func XorBytes(dst, a, b []byte) int {
+	n := len(a)
+	if len(b) < n {
+		n = len(b)
+	}
+	if n == 0 {
+		return 0
+	}
+
+	switch {
+	case supportsUnaligned:
+		fastXORBytes(dst, a, b, n)
+	case isAligned(&dst[0]) && isAligned(&a[0]) && isAligned(&b[0]):
+		fastXORBytes(dst, a, b, n)
+	default:
+		safeXORBytes(dst, a, b, n)
+	}
+	return n
+}
+
+// fastXORBytes xors in bulk. It only works on architectures that
+// support unaligned read/writes.
+// n needs to be smaller or equal than the length of a and b.
+func fastXORBytes(dst, a, b []byte, n int) {
+	// Assert dst has enough space
+	_ = dst[n-1]
+
+	w := n / wordSize
+	if w > 0 {
+		dw := *(*[]uintptr)(unsafe.Pointer(&dst)) // nolint:gosec
+		aw := *(*[]uintptr)(unsafe.Pointer(&a))   // nolint:gosec
+		bw := *(*[]uintptr)(unsafe.Pointer(&b))   // nolint:gosec
+		for i := 0; i < w; i++ {
+			dw[i] = aw[i] ^ bw[i]
+		}
+	}
+
+	for i := (n - n%wordSize); i < n; i++ {
+		dst[i] = a[i] ^ b[i]
+	}
+}
+
+// n needs to be smaller or equal than the length of a and b.
+func safeXORBytes(dst, a, b []byte, n int) {
+	for i := 0; i < n; i++ {
+		dst[i] = a[i] ^ b[i]
+	}
+}
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_ppc64x.go b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_ppc64x.go
new file mode 100644
index 0000000..bcc5926
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_ppc64x.go
@@ -0,0 +1,29 @@
+// SPDX-FileCopyrightText: 2018 The Go Authors. All rights reserved.
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build (ppc64 && !gccgo) || (ppc64le && !gccgo)
+// +build ppc64,!gccgo ppc64le,!gccgo
+
+// Package xor provides utility functions used by other Pion
+// packages. PPC64 arch.
+package xor
+
+// XorBytes xors the bytes in a and b. The destination should have enough
+// space, otherwise xorBytes will panic. Returns the number of bytes xor'd.
+//
+//revive:disable-next-line
+func XorBytes(dst, a, b []byte) int {
+	n := len(a)
+	if len(b) < n {
+		n = len(b)
+	}
+	if n == 0 {
+		return 0
+	}
+	_ = dst[n-1]
+	xorBytesVSX(&dst[0], &a[0], &b[0], n)
+	return n
+}
+
+//go:noescape
+func xorBytesVSX(dst, a, b *byte, n int)
diff --git a/server/vendor/github.com/pion/transport/v2/utils/xor/xor_ppc64x.s b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_ppc64x.s
new file mode 100644
index 0000000..2276353
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/utils/xor/xor_ppc64x.s
@@ -0,0 +1,87 @@
+// SPDX-FileCopyrightText: 2018 The Go Authors. All rights reserved.
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build (ppc64 && !gccgo) || (ppc64le && !gccgo)
+//+build ppc64,!gccgo ppc64le,!gccgo
+
+#include "textflag.h"
+
+// func xorBytesVSX(dst, a, b *byte, n int)
+TEXT ·xorBytesVSX(SB), NOSPLIT, $0
+	MOVD	dst+0(FP), R3	// R3 = dst
+	MOVD	a+8(FP), R4	// R4 = a
+	MOVD	b+16(FP), R5	// R5 = b
+	MOVD	n+24(FP), R6	// R6 = n
+
+	CMPU	R6, $32, CR7	// Check if n ≥ 32 bytes
+	MOVD	R0, R8		// R8 = index
+	CMPU	R6, $8, CR6	// Check if 8 ≤ n < 32 bytes
+	BLT	CR6, small	// Smaller than 8
+	BLT	CR7, xor16	// Case for 16 ≤ n < 32 bytes
+
+	// Case for n ≥ 32 bytes
+preloop32:
+	SRD	$5, R6, R7	// Setup loop counter
+	MOVD	R7, CTR
+	MOVD	$16, R10
+	ANDCC	$31, R6, R9	// Check for tailing bytes for later
+loop32:
+	LXVD2X		(R4)(R8), VS32		// VS32 = a[i,...,i+15]
+	LXVD2X		(R4)(R10), VS34
+	LXVD2X		(R5)(R8), VS33		// VS33 = b[i,...,i+15]
+	LXVD2X		(R5)(R10), VS35
+	XXLXOR		VS32, VS33, VS32	// VS34 = a[] ^ b[]
+	XXLXOR		VS34, VS35, VS34
+	STXVD2X		VS32, (R3)(R8)		// Store to dst
+	STXVD2X		VS34, (R3)(R10)
+	ADD		$32, R8			// Update index
+	ADD		$32, R10
+	BC		16, 0, loop32		// bdnz loop16
+
+	BEQ		CR0, done
+
+	MOVD		R9, R6
+	CMP		R6, $8
+	BLT		small
+xor16:
+	CMP		R6, $16
+	BLT		xor8
+	LXVD2X		(R4)(R8), VS32
+	LXVD2X		(R5)(R8), VS33
+	XXLXOR		VS32, VS33, VS32
+	STXVD2X		VS32, (R3)(R8)
+	ADD		$16, R8
+	ADD		$-16, R6
+	CMP		R6, $8
+	BLT		small
+xor8:
+	// Case for 8 ≤ n < 16 bytes
+	MOVD    (R4)(R8), R14   // R14 = a[i,...,i+7]
+	MOVD    (R5)(R8), R15   // R15 = b[i,...,i+7]
+	XOR     R14, R15, R16   // R16 = a[] ^ b[]
+	SUB     $8, R6          // n = n - 8
+	MOVD    R16, (R3)(R8)   // Store to dst
+	ADD     $8, R8
+
+	// Check if we're finished
+	CMP     R6, R0
+	BGT     small
+	RET
+
+	// Case for n < 8 bytes and tailing bytes from the
+	// previous cases.
+small:
+	CMP	R6, R0
+	BEQ	done
+	MOVD	R6, CTR		// Setup loop counter
+
+loop:
+	MOVBZ	(R4)(R8), R14	// R14 = a[i]
+	MOVBZ	(R5)(R8), R15	// R15 = b[i]
+	XOR	R14, R15, R16	// R16 = a[i] ^ b[i]
+	MOVB	R16, (R3)(R8)	// Store to dst
+	ADD	$1, R8
+	BC	16, 0, loop	// bdnz loop
+
+done:
+	RET
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/.gitignore b/server/vendor/github.com/pion/transport/v2/vnet/.gitignore
new file mode 100644
index 0000000..f2eef3e
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/.gitignore
@@ -0,0 +1,4 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+*.sw[poe]
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/README.md b/server/vendor/github.com/pion/transport/v2/vnet/README.md
new file mode 100644
index 0000000..bd0af25
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/README.md
@@ -0,0 +1,231 @@
+# vnet
+A virtual network layer for pion.
+
+## Overview
+
+### Goals
+* To make NAT traversal tests easy.
+* To emulate packet impairment at application level for testing.
+* To monitor packets at specified arbitrary interfaces.
+
+### Features
+* Configurable virtual LAN and WAN
+* Virtually hosted ICE servers
+
+### Virtual network components
+
+#### Top View
+```
+                           ......................................
+                           :         Virtual Network (vnet)     :
+                           :                                    :
+   +-------+ *         1 +----+         +--------+              :
+   | :App  |------------>|:Net|--o<-----|:Router |              :
+   +-------+             +----+         |        |              :
+   +-----------+ *     1 +----+         |        |              :
+   |:STUNServer|-------->|:Net|--o<-----|        |              :
+   +-----------+         +----+         |        |              :
+   +-----------+ *     1 +----+         |        |              :
+   |:TURNServer|-------->|:Net|--o<-----|        |              :
+   +-----------+         +----+ [1]     |        |              :
+                           :          1 |        | 1  <<has>>   :
+                           :      +---<>|        |<>----+ [2]   :
+                           :      |     +--------+      |       :
+                         To form  |      *|             v 0..1  :
+                   a subnet tree  |       o [3]      +-----+    :
+                           :      |       ^          |:NAT |    :
+                           :      |       |          +-----+    :
+                           :      +-------+                     :
+                           ......................................
+    Note:
+        o: NIC (Network Interface Controller)
+      [1]: Net implements NIC interface.
+      [2]: Root router has no NAT. All child routers have a NAT always.
+      [3]: Router implements NIC interface for accesses from the
+           parent router.
+```
+
+#### Net
+Net provides 3 interfaces:
+* Configuration API (direct)
+* Network API via Net (equivalent to net.Xxx())
+* Router access via NIC interface
+```
+                   (Pion module/app, ICE servers, etc.)
+                             +-----------+
+                             |   :App    |
+                             +-----------+
+                                 * | 
+                                   | <<uses>>
+                                 1 v
+   +---------+ 1           * +-----------+ 1    * +-----------+ 1    * +------+
+ ..| :Router |----+------>o--|   :Net    |<>------|:Interface |<>------|:Addr |
+   +---------+    |      NIC +-----------+        +-----------+        +------+
+                  | <<interface>>             (transport.Interface)   (net.Addr)
+                  |
+                  |        * +-----------+ 1    * +-----------+ 1    * +------+
+                  +------>o--|  :Router  |<>------|:Interface |<>------|:Addr |
+                         NIC +-----------+        +-----------+        +------+
+                    <<interface>>            (transport.Interface)    (net.Addr)
+```
+
+> The instance of `Net` will be the one passed around the project.
+> Net class has public methods for configuration and for application use.
+
+
+## Implementation
+
+### Design Policy
+* Each pion package should have config object which has `Net` (of type `transport.Net`) property.
+    - Just like how we distribute `LoggerFactory` throughout the pion project.
+* DNS => a simple dictionary (global)?
+* Each Net has routing capability (a goroutine)
+* Use interface provided net package as much as possible
+* Routers are connected in a tree structure (no loop is allowed)
+   - To simplify routing
+   - Easy to control / monitor (stats, etc)
+* Root router has no NAT (== Internet / WAN)
+* Non-root router has a NAT always
+* When a Net is instantiated, it will automatically add `lo0` and `eth0` interface, and `lo0` will have one IP address, 127.0.0.1. (this is not used in pion/ice, however)
+* When a Net is added to a router, the router automatically assign an IP address for `eth0` interface.
+   - For simplicity
+* User data won't fragment, but optionally drop chunk larger than MTU
+* IPv6 is not supported
+
+### Basic steps for setting up virtual network
+1. Create a root router (WAN)
+1. Create child routers and add to its parent (forms a tree, don't create a loop!)
+1. Add instances of Net to each routers
+1. Call Stop(), or Stop(), on the top router, which propagates all other routers
+
+#### Example: WAN with one endpoint (vnet)
+```go
+import (
+	"net"
+
+    "github.com/pion/transport"
+	"github.com/pion/transport/vnet"
+	"github.com/pion/logging"
+)
+
+// Create WAN (a root router).
+wan, err := vnet.NewRouter(&RouterConfig{
+    CIDR:          "0.0.0.0/0",
+    LoggerFactory: logging.NewDefaultLoggerFactory(),
+})
+
+// Create a network.
+// You can specify a static IP for the instance of Net to use. If not specified,
+// router will assign an IP address that is contained in the router's CIDR.
+nw := vnet.NewNet(&vnet.NetConfig{
+    StaticIP: "27.1.2.3",
+})
+
+// Add the network to the router.
+// The router will assign an IP address to `nw`.
+if err = wan.AddNet(nw); err != nil {
+    // handle error
+}
+
+// Start router.
+// This will start internal goroutine to route packets.
+// If you set child routers (using AddRouter), the call on the root router
+// will start the rest of routers for you.
+if err = wan.Start(); err != nil {
+    // handle error
+}
+
+//
+// Your application runs here using `nw`.
+//
+
+// Stop the router.
+// This will stop all internal Go routines in the router tree.
+// (No need to call Stop() on child routers)
+if err = wan.Stop(); err != nil {
+    // handle error
+}
+```
+
+#### Example of how to pass around the instance of vnet.Net
+The instance of vnet.Net wraps a subset of net package to enable operations
+on the virtual network. Your project must be able to pass the instance to
+all your routines that do network operation with net package. A typical way
+is to use a config param to create your instances with the virtual network
+instance (`nw` in the above example) like this:
+
+```go
+type AgentConfig struct {
+    :
+    Net:  transport.Net,
+}
+
+type Agent struct {
+     :
+    net:  transport.Net,
+}
+
+func NetAgent(config *AgentConfig) *Agent {
+    if config.Net == nil {
+        config.Net = vnet.NewNet()
+    }
+    
+    return &Agent {
+         :
+        net: config.Net,
+    }
+}
+```
+
+```go
+// a.net is the instance of vnet.Net class
+func (a *Agent) listenUDP(...) error {
+    conn, err := a.net.ListenPacket(udpString, ...)
+    if err != nil {
+        return nil, err
+    }
+      :
+}
+```
+
+### Compatibility and Support Status
+
+|`net`<br>(built-in)    |`vnet`                     |Note                               |
+|:---                   |:---                       |:---                               |
+| net.Interfaces()      | a.net.Interfaces()        |                                   |
+| net.InterfaceByName() | a.net.InterfaceByName()   |                                   |
+| net.ResolveUDPAddr()  | a.net.ResolveUDPAddr()    |                                   |
+| net.ListenPacket()    | a.net.ListenPacket()      |                                   |
+| net.ListenUDP()       | a.net.ListenUDP()         | ListenPacket() is recommended     |
+| net.Listen()          | a.net.Listen()            | TODO)                             |
+| net.ListenTCP()       | (not supported)           | Listen() would be recommended     |
+| net.Dial()            | a.net.Dial()              |                                   |
+| net.DialUDP()         | a.net.DialUDP()           |                                   |
+| net.DialTCP()         | (not supported)           |                                   |
+| net.Interface         | transport.Interface       |                                   |
+| net.PacketConn        | (use it as-is)            |                                   |
+| net.UDPConn           | transport.UDPConn         |                                   |
+| net.TCPConn           | transport.TCPConn         | TODO: Use net.Conn in your code   |
+| net.Dialer            | transport.Dialer          | Use a.net.CreateDialer() to create it.<br>The use of vnet.Dialer is currently experimental. |
+
+> `a.net` is an instance of Net class, and types are defined under the package name `vnet`
+
+> Most of other `interface` types in net package can be used as is.
+
+> Please post a github issue when other types/methods need to be added to vnet/vnet.Net.
+
+## TODO / Next Step
+* Implement TCP (TCPConn, Listen)
+* Support of IPv6
+* Write a bunch of examples for building virtual networks.
+* Add network impairment features (on Router)
+  - Introduce latency / jitter
+  - Packet filtering handler (allow selectively drop packets, etc.)
+* Add statistics data retrieval
+  - Total number of packets forward by each router
+  - Total number of packet loss
+  - Total number of connection failure (TCP)
+
+## References
+* [Comparing Simulated Packet Loss and RealWorld Network Congestion](https://www.riverbed.com/document/fpo/WhitePaper-Riverbed-SimulatedPacketLoss.pdf)
+* [wireguard-go using GVisor's netstack](https://github.com/WireGuard/wireguard-go/tree/master/tun/netstack)
\ No newline at end of file
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/chunk.go b/server/vendor/github.com/pion/transport/v2/vnet/chunk.go
new file mode 100644
index 0000000..9f59c9c
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/chunk.go
@@ -0,0 +1,286 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"fmt"
+	"net"
+	"strconv"
+	"strings"
+	"sync/atomic"
+	"time"
+)
+
+type tcpFlag uint8
+
+const (
+	tcpFIN tcpFlag = 0x01
+	tcpSYN tcpFlag = 0x02
+	tcpRST tcpFlag = 0x04
+	tcpPSH tcpFlag = 0x08
+	tcpACK tcpFlag = 0x10
+)
+
+func (f tcpFlag) String() string {
+	var sa []string
+	if f&tcpFIN != 0 {
+		sa = append(sa, "FIN")
+	}
+	if f&tcpSYN != 0 {
+		sa = append(sa, "SYN")
+	}
+	if f&tcpRST != 0 {
+		sa = append(sa, "RST")
+	}
+	if f&tcpPSH != 0 {
+		sa = append(sa, "PSH")
+	}
+	if f&tcpACK != 0 {
+		sa = append(sa, "ACK")
+	}
+
+	return strings.Join(sa, "-")
+}
+
+// Generate a base36-encoded unique tag
+// See: https://play.golang.org/p/0ZaAID1q-HN
+var assignChunkTag = func() func() string { //nolint:gochecknoglobals
+	var tagCtr uint64
+
+	return func() string {
+		n := atomic.AddUint64(&tagCtr, 1)
+		return strconv.FormatUint(n, 36)
+	}
+}()
+
+// Chunk represents a packet passed around in the vnet
+type Chunk interface {
+	setTimestamp() time.Time                 // used by router
+	getTimestamp() time.Time                 // used by router
+	getSourceIP() net.IP                     // used by router
+	getDestinationIP() net.IP                // used by router
+	setSourceAddr(address string) error      // used by nat
+	setDestinationAddr(address string) error // used by nat
+
+	SourceAddr() net.Addr
+	DestinationAddr() net.Addr
+	UserData() []byte
+	Tag() string
+	Clone() Chunk
+	Network() string // returns "udp" or "tcp"
+	String() string
+}
+
+type chunkIP struct {
+	timestamp     time.Time
+	sourceIP      net.IP
+	destinationIP net.IP
+	tag           string
+}
+
+func (c *chunkIP) setTimestamp() time.Time {
+	c.timestamp = time.Now()
+	return c.timestamp
+}
+
+func (c *chunkIP) getTimestamp() time.Time {
+	return c.timestamp
+}
+
+func (c *chunkIP) getDestinationIP() net.IP {
+	return c.destinationIP
+}
+
+func (c *chunkIP) getSourceIP() net.IP {
+	return c.sourceIP
+}
+
+func (c *chunkIP) Tag() string {
+	return c.tag
+}
+
+type chunkUDP struct {
+	chunkIP
+	sourcePort      int
+	destinationPort int
+	userData        []byte
+}
+
+func newChunkUDP(srcAddr, dstAddr *net.UDPAddr) *chunkUDP {
+	return &chunkUDP{
+		chunkIP: chunkIP{
+			sourceIP:      srcAddr.IP,
+			destinationIP: dstAddr.IP,
+			tag:           assignChunkTag(),
+		},
+		sourcePort:      srcAddr.Port,
+		destinationPort: dstAddr.Port,
+	}
+}
+
+func (c *chunkUDP) SourceAddr() net.Addr {
+	return &net.UDPAddr{
+		IP:   c.sourceIP,
+		Port: c.sourcePort,
+	}
+}
+
+func (c *chunkUDP) DestinationAddr() net.Addr {
+	return &net.UDPAddr{
+		IP:   c.destinationIP,
+		Port: c.destinationPort,
+	}
+}
+
+func (c *chunkUDP) UserData() []byte {
+	return c.userData
+}
+
+func (c *chunkUDP) Clone() Chunk {
+	var userData []byte
+	if c.userData != nil {
+		userData = make([]byte, len(c.userData))
+		copy(userData, c.userData)
+	}
+
+	return &chunkUDP{
+		chunkIP: chunkIP{
+			timestamp:     c.timestamp,
+			sourceIP:      c.sourceIP,
+			destinationIP: c.destinationIP,
+			tag:           c.tag,
+		},
+		sourcePort:      c.sourcePort,
+		destinationPort: c.destinationPort,
+		userData:        userData,
+	}
+}
+
+func (c *chunkUDP) Network() string {
+	return udp
+}
+
+func (c *chunkUDP) String() string {
+	src := c.SourceAddr()
+	dst := c.DestinationAddr()
+	return fmt.Sprintf("%s chunk %s %s => %s",
+		src.Network(),
+		c.tag,
+		src.String(),
+		dst.String(),
+	)
+}
+
+func (c *chunkUDP) setSourceAddr(address string) error {
+	addr, err := net.ResolveUDPAddr(udp, address)
+	if err != nil {
+		return err
+	}
+	c.sourceIP = addr.IP
+	c.sourcePort = addr.Port
+	return nil
+}
+
+func (c *chunkUDP) setDestinationAddr(address string) error {
+	addr, err := net.ResolveUDPAddr(udp, address)
+	if err != nil {
+		return err
+	}
+	c.destinationIP = addr.IP
+	c.destinationPort = addr.Port
+	return nil
+}
+
+type chunkTCP struct {
+	chunkIP
+	sourcePort      int
+	destinationPort int
+	flags           tcpFlag // control bits
+	userData        []byte  // only with PSH flag
+	// seq             uint32  // always starts with 0
+	// ack             uint32  // always starts with 0
+}
+
+func newChunkTCP(srcAddr, dstAddr *net.TCPAddr, flags tcpFlag) *chunkTCP {
+	return &chunkTCP{
+		chunkIP: chunkIP{
+			sourceIP:      srcAddr.IP,
+			destinationIP: dstAddr.IP,
+			tag:           assignChunkTag(),
+		},
+		sourcePort:      srcAddr.Port,
+		destinationPort: dstAddr.Port,
+		flags:           flags,
+	}
+}
+
+func (c *chunkTCP) SourceAddr() net.Addr {
+	return &net.TCPAddr{
+		IP:   c.sourceIP,
+		Port: c.sourcePort,
+	}
+}
+
+func (c *chunkTCP) DestinationAddr() net.Addr {
+	return &net.TCPAddr{
+		IP:   c.destinationIP,
+		Port: c.destinationPort,
+	}
+}
+
+func (c *chunkTCP) UserData() []byte {
+	return c.userData
+}
+
+func (c *chunkTCP) Clone() Chunk {
+	userData := make([]byte, len(c.userData))
+	copy(userData, c.userData)
+
+	return &chunkTCP{
+		chunkIP: chunkIP{
+			timestamp:     c.timestamp,
+			sourceIP:      c.sourceIP,
+			destinationIP: c.destinationIP,
+		},
+		sourcePort:      c.sourcePort,
+		destinationPort: c.destinationPort,
+		userData:        userData,
+	}
+}
+
+func (c *chunkTCP) Network() string {
+	return "tcp"
+}
+
+func (c *chunkTCP) String() string {
+	src := c.SourceAddr()
+	dst := c.DestinationAddr()
+	return fmt.Sprintf("%s %s chunk %s %s => %s",
+		src.Network(),
+		c.flags.String(),
+		c.tag,
+		src.String(),
+		dst.String(),
+	)
+}
+
+func (c *chunkTCP) setSourceAddr(address string) error {
+	addr, err := net.ResolveTCPAddr("tcp", address)
+	if err != nil {
+		return err
+	}
+	c.sourceIP = addr.IP
+	c.sourcePort = addr.Port
+	return nil
+}
+
+func (c *chunkTCP) setDestinationAddr(address string) error {
+	addr, err := net.ResolveTCPAddr("tcp", address)
+	if err != nil {
+		return err
+	}
+	c.destinationIP = addr.IP
+	c.destinationPort = addr.Port
+	return nil
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/chunk_queue.go b/server/vendor/github.com/pion/transport/v2/vnet/chunk_queue.go
new file mode 100644
index 0000000..2393254
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/chunk_queue.go
@@ -0,0 +1,68 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"sync"
+)
+
+type chunkQueue struct {
+	chunks       []Chunk
+	maxSize      int // 0 or negative value: unlimited
+	maxBytes     int // 0 or negative value: unlimited
+	currentBytes int
+	mutex        sync.RWMutex
+}
+
+func newChunkQueue(maxSize int, maxBytes int) *chunkQueue {
+	return &chunkQueue{
+		chunks:       []Chunk{},
+		maxSize:      maxSize,
+		maxBytes:     maxBytes,
+		currentBytes: 0,
+		mutex:        sync.RWMutex{},
+	}
+}
+
+func (q *chunkQueue) push(c Chunk) bool {
+	q.mutex.Lock()
+	defer q.mutex.Unlock()
+
+	if q.maxSize > 0 && len(q.chunks) >= q.maxSize {
+		return false // dropped
+	}
+	if q.maxBytes > 0 && q.currentBytes+len(c.UserData()) >= q.maxBytes {
+		return false
+	}
+
+	q.currentBytes += len(c.UserData())
+	q.chunks = append(q.chunks, c)
+	return true
+}
+
+func (q *chunkQueue) pop() (Chunk, bool) {
+	q.mutex.Lock()
+	defer q.mutex.Unlock()
+
+	if len(q.chunks) == 0 {
+		return nil, false
+	}
+
+	c := q.chunks[0]
+	q.chunks = q.chunks[1:]
+	q.currentBytes -= len(c.UserData())
+
+	return c, true
+}
+
+func (q *chunkQueue) peek() Chunk {
+	q.mutex.RLock()
+	defer q.mutex.RUnlock()
+
+	if len(q.chunks) == 0 {
+		return nil
+	}
+
+	return q.chunks[0]
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/conn.go b/server/vendor/github.com/pion/transport/v2/vnet/conn.go
new file mode 100644
index 0000000..8f6f342
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/conn.go
@@ -0,0 +1,298 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"math"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/transport/v2"
+)
+
+const (
+	maxReadQueueSize = 1024
+)
+
+var (
+	errObsCannotBeNil       = errors.New("obs cannot be nil")
+	errUseClosedNetworkConn = errors.New("use of closed network connection")
+	errAddrNotUDPAddr       = errors.New("addr is not a net.UDPAddr")
+	errLocAddr              = errors.New("something went wrong with locAddr")
+	errAlreadyClosed        = errors.New("already closed")
+	errNoRemAddr            = errors.New("no remAddr defined")
+)
+
+// vNet implements this
+type connObserver interface {
+	write(c Chunk) error
+	onClosed(addr net.Addr)
+	determineSourceIP(locIP, dstIP net.IP) net.IP
+}
+
+// UDPConn is the implementation of the Conn and PacketConn interfaces for UDP network connections.
+// compatible with net.PacketConn and net.Conn
+type UDPConn struct {
+	locAddr   *net.UDPAddr // read-only
+	remAddr   *net.UDPAddr // read-only
+	obs       connObserver // read-only
+	readCh    chan Chunk   // thread-safe
+	closed    bool         // requires mutex
+	mu        sync.Mutex   // to mutex closed flag
+	readTimer *time.Timer  // thread-safe
+}
+
+var _ transport.UDPConn = &UDPConn{}
+
+func newUDPConn(locAddr, remAddr *net.UDPAddr, obs connObserver) (*UDPConn, error) {
+	if obs == nil {
+		return nil, errObsCannotBeNil
+	}
+
+	return &UDPConn{
+		locAddr:   locAddr,
+		remAddr:   remAddr,
+		obs:       obs,
+		readCh:    make(chan Chunk, maxReadQueueSize),
+		readTimer: time.NewTimer(time.Duration(math.MaxInt64)),
+	}, nil
+}
+
+// Close closes the connection.
+// Any blocked ReadFrom or WriteTo operations will be unblocked and return errors.
+func (c *UDPConn) Close() error {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if c.closed {
+		return errAlreadyClosed
+	}
+	c.closed = true
+	close(c.readCh)
+
+	c.obs.onClosed(c.locAddr)
+	return nil
+}
+
+// LocalAddr returns the local network address.
+func (c *UDPConn) LocalAddr() net.Addr {
+	return c.locAddr
+}
+
+// RemoteAddr returns the remote network address.
+func (c *UDPConn) RemoteAddr() net.Addr {
+	return c.remAddr
+}
+
+// SetDeadline sets the read and write deadlines associated
+// with the connection. It is equivalent to calling both
+// SetReadDeadline and SetWriteDeadline.
+//
+// A deadline is an absolute time after which I/O operations
+// fail with a timeout (see type Error) instead of
+// blocking. The deadline applies to all future and pending
+// I/O, not just the immediately following call to ReadFrom or
+// WriteTo. After a deadline has been exceeded, the connection
+// can be refreshed by setting a deadline in the future.
+//
+// An idle timeout can be implemented by repeatedly extending
+// the deadline after successful ReadFrom or WriteTo calls.
+//
+// A zero value for t means I/O operations will not time out.
+func (c *UDPConn) SetDeadline(t time.Time) error {
+	return c.SetReadDeadline(t)
+}
+
+// SetReadDeadline sets the deadline for future ReadFrom calls
+// and any currently-blocked ReadFrom call.
+// A zero value for t means ReadFrom will not time out.
+func (c *UDPConn) SetReadDeadline(t time.Time) error {
+	var d time.Duration
+	var noDeadline time.Time
+	if t == noDeadline {
+		d = time.Duration(math.MaxInt64)
+	} else {
+		d = time.Until(t)
+	}
+	c.readTimer.Reset(d)
+	return nil
+}
+
+// SetWriteDeadline sets the deadline for future WriteTo calls
+// and any currently-blocked WriteTo call.
+// Even if write times out, it may return n > 0, indicating that
+// some of the data was successfully written.
+// A zero value for t means WriteTo will not time out.
+func (c *UDPConn) SetWriteDeadline(time.Time) error {
+	// Write never blocks.
+	return nil
+}
+
+// Read reads data from the connection.
+// Read can be made to time out and return an Error with Timeout() == true
+// after a fixed time limit; see SetDeadline and SetReadDeadline.
+func (c *UDPConn) Read(b []byte) (int, error) {
+	n, _, err := c.ReadFrom(b)
+	return n, err
+}
+
+// ReadFrom reads a packet from the connection,
+// copying the payload into p. It returns the number of
+// bytes copied into p and the return address that
+// was on the packet.
+// It returns the number of bytes read (0 <= n <= len(p))
+// and any error encountered. Callers should always process
+// the n > 0 bytes returned before considering the error err.
+// ReadFrom can be made to time out and return
+// an Error with Timeout() == true after a fixed time limit;
+// see SetDeadline and SetReadDeadline.
+func (c *UDPConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
+loop:
+	for {
+		select {
+		case chunk, ok := <-c.readCh:
+			if !ok {
+				break loop
+			}
+			var err error
+			n := copy(p, chunk.UserData())
+			addr := chunk.SourceAddr()
+			if n < len(chunk.UserData()) {
+				err = io.ErrShortBuffer
+			}
+
+			if c.remAddr != nil {
+				if addr.String() != c.remAddr.String() {
+					break // discard (shouldn't happen)
+				}
+			}
+			return n, addr, err
+
+		case <-c.readTimer.C:
+			return 0, nil, &net.OpError{
+				Op:   "read",
+				Net:  c.locAddr.Network(),
+				Addr: c.locAddr,
+				Err:  newTimeoutError("i/o timeout"),
+			}
+		}
+	}
+
+	return 0, nil, &net.OpError{
+		Op:   "read",
+		Net:  c.locAddr.Network(),
+		Addr: c.locAddr,
+		Err:  errUseClosedNetworkConn,
+	}
+}
+
+// ReadFromUDP acts like ReadFrom but returns a UDPAddr.
+func (c *UDPConn) ReadFromUDP(b []byte) (int, *net.UDPAddr, error) {
+	n, addr, err := c.ReadFrom(b)
+
+	udpAddr, ok := addr.(*net.UDPAddr)
+	if !ok {
+		return -1, nil, fmt.Errorf("%w: %s", transport.ErrNotUDPAddress, addr)
+	}
+
+	return n, udpAddr, err
+}
+
+// ReadMsgUDP reads a message from c, copying the payload into b and
+// the associated out-of-band data into oob. It returns the number of
+// bytes copied into b, the number of bytes copied into oob, the flags
+// that were set on the message and the source address of the message.
+//
+// The packages golang.org/x/net/ipv4 and golang.org/x/net/ipv6 can be
+// used to manipulate IP-level socket options in oob.
+func (c *UDPConn) ReadMsgUDP([]byte, []byte) (n, oobn, flags int, addr *net.UDPAddr, err error) {
+	return -1, -1, -1, nil, transport.ErrNotSupported
+}
+
+// Write writes data to the connection.
+// Write can be made to time out and return an Error with Timeout() == true
+// after a fixed time limit; see SetDeadline and SetWriteDeadline.
+func (c *UDPConn) Write(b []byte) (int, error) {
+	if c.remAddr == nil {
+		return 0, errNoRemAddr
+	}
+
+	return c.WriteTo(b, c.remAddr)
+}
+
+// WriteTo writes a packet with payload p to addr.
+// WriteTo can be made to time out and return
+// an Error with Timeout() == true after a fixed time limit;
+// see SetDeadline and SetWriteDeadline.
+// On packet-oriented connections, write timeouts are rare.
+func (c *UDPConn) WriteTo(p []byte, addr net.Addr) (n int, err error) {
+	dstAddr, ok := addr.(*net.UDPAddr)
+	if !ok {
+		return 0, errAddrNotUDPAddr
+	}
+
+	srcIP := c.obs.determineSourceIP(c.locAddr.IP, dstAddr.IP)
+	if srcIP == nil {
+		return 0, errLocAddr
+	}
+	srcAddr := &net.UDPAddr{
+		IP:   srcIP,
+		Port: c.locAddr.Port,
+	}
+
+	chunk := newChunkUDP(srcAddr, dstAddr)
+	chunk.userData = make([]byte, len(p))
+	copy(chunk.userData, p)
+	if err := c.obs.write(chunk); err != nil {
+		return 0, err
+	}
+	return len(p), nil
+}
+
+// WriteToUDP acts like WriteTo but takes a UDPAddr.
+func (c *UDPConn) WriteToUDP(b []byte, addr *net.UDPAddr) (int, error) {
+	return c.WriteTo(b, addr)
+}
+
+// WriteMsgUDP writes a message to addr via c if c isn't connected, or
+// to c's remote address if c is connected (in which case addr must be
+// nil). The payload is copied from b and the associated out-of-band
+// data is copied from oob. It returns the number of payload and
+// out-of-band bytes written.
+//
+// The packages golang.org/x/net/ipv4 and golang.org/x/net/ipv6 can be
+// used to manipulate IP-level socket options in oob.
+func (c *UDPConn) WriteMsgUDP([]byte, []byte, *net.UDPAddr) (n, oobn int, err error) {
+	return -1, -1, transport.ErrNotSupported
+}
+
+// SetReadBuffer sets the size of the operating system's
+// receive buffer associated with the connection.
+func (c *UDPConn) SetReadBuffer(int) error {
+	return transport.ErrNotSupported
+}
+
+// SetWriteBuffer sets the size of the operating system's
+// transmit buffer associated with the connection.
+func (c *UDPConn) SetWriteBuffer(int) error {
+	return transport.ErrNotSupported
+}
+
+func (c *UDPConn) onInboundChunk(chunk Chunk) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if c.closed {
+		return
+	}
+
+	select {
+	case c.readCh <- chunk:
+	default:
+	}
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/conn_map.go b/server/vendor/github.com/pion/transport/v2/vnet/conn_map.go
new file mode 100644
index 0000000..da22483
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/conn_map.go
@@ -0,0 +1,139 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"errors"
+	"net"
+	"sync"
+)
+
+var (
+	errAddressAlreadyInUse       = errors.New("address already in use")
+	errNoSuchUDPConn             = errors.New("no such UDPConn")
+	errCannotRemoveUnspecifiedIP = errors.New("cannot remove unspecified IP by the specified IP")
+)
+
+type udpConnMap struct {
+	portMap map[int][]*UDPConn
+	mutex   sync.RWMutex
+}
+
+func newUDPConnMap() *udpConnMap {
+	return &udpConnMap{
+		portMap: map[int][]*UDPConn{},
+	}
+}
+
+func (m *udpConnMap) insert(conn *UDPConn) error {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+
+	udpAddr := conn.LocalAddr().(*net.UDPAddr) //nolint:forcetypeassert
+
+	// check if the port has a listener
+	conns, ok := m.portMap[udpAddr.Port]
+	if ok {
+		if udpAddr.IP.IsUnspecified() {
+			return errAddressAlreadyInUse
+		}
+
+		for _, conn := range conns {
+			laddr := conn.LocalAddr().(*net.UDPAddr) //nolint:forcetypeassert
+			if laddr.IP.IsUnspecified() || laddr.IP.Equal(udpAddr.IP) {
+				return errAddressAlreadyInUse
+			}
+		}
+
+		conns = append(conns, conn)
+	} else {
+		conns = []*UDPConn{conn}
+	}
+
+	m.portMap[udpAddr.Port] = conns
+	return nil
+}
+
+func (m *udpConnMap) find(addr net.Addr) (*UDPConn, bool) {
+	m.mutex.Lock() // could be RLock, but we have delete() op
+	defer m.mutex.Unlock()
+
+	udpAddr := addr.(*net.UDPAddr) //nolint:forcetypeassert
+
+	if conns, ok := m.portMap[udpAddr.Port]; ok {
+		if udpAddr.IP.IsUnspecified() {
+			// pick the first one appears in the iteration
+			if len(conns) == 0 {
+				// This can't happen!
+				delete(m.portMap, udpAddr.Port)
+				return nil, false
+			}
+			return conns[0], true
+		}
+
+		for _, conn := range conns {
+			laddr := conn.LocalAddr().(*net.UDPAddr) //nolint:forcetypeassert
+			if laddr.IP.IsUnspecified() || laddr.IP.Equal(udpAddr.IP) {
+				return conn, ok
+			}
+		}
+	}
+
+	return nil, false
+}
+
+func (m *udpConnMap) delete(addr net.Addr) error {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+
+	udpAddr := addr.(*net.UDPAddr) //nolint:forcetypeassert
+
+	conns, ok := m.portMap[udpAddr.Port]
+	if !ok {
+		return errNoSuchUDPConn
+	}
+
+	if udpAddr.IP.IsUnspecified() {
+		// remove all from this port
+		delete(m.portMap, udpAddr.Port)
+		return nil
+	}
+
+	newConns := []*UDPConn{}
+
+	for _, conn := range conns {
+		laddr := conn.LocalAddr().(*net.UDPAddr) //nolint:forcetypeassert
+		if laddr.IP.IsUnspecified() {
+			// This can't happen!
+			return errCannotRemoveUnspecifiedIP
+		}
+
+		if laddr.IP.Equal(udpAddr.IP) {
+			continue
+		}
+
+		newConns = append(newConns, conn)
+	}
+
+	if len(newConns) == 0 {
+		delete(m.portMap, udpAddr.Port)
+	} else {
+		m.portMap[udpAddr.Port] = newConns
+	}
+
+	return nil
+}
+
+// size returns the number of UDPConns (UDP listeners)
+func (m *udpConnMap) size() int {
+	m.mutex.RLock()
+	defer m.mutex.RUnlock()
+
+	n := 0
+	for _, conns := range m.portMap {
+		n += len(conns)
+	}
+
+	return n
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/delay_filter.go b/server/vendor/github.com/pion/transport/v2/vnet/delay_filter.go
new file mode 100644
index 0000000..119e34e
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/delay_filter.go
@@ -0,0 +1,78 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"context"
+	"time"
+)
+
+// DelayFilter delays outgoing packets by the given delay. Run must be called
+// before any packets will be forwarded.
+type DelayFilter struct {
+	NIC
+	delay time.Duration
+	push  chan struct{}
+	queue *chunkQueue
+}
+
+type timedChunk struct {
+	Chunk
+	deadline time.Time
+}
+
+// NewDelayFilter creates a new DelayFilter with the given nic and delay.
+func NewDelayFilter(nic NIC, delay time.Duration) (*DelayFilter, error) {
+	return &DelayFilter{
+		NIC:   nic,
+		delay: delay,
+		push:  make(chan struct{}),
+		queue: newChunkQueue(0, 0),
+	}, nil
+}
+
+func (f *DelayFilter) onInboundChunk(c Chunk) {
+	f.queue.push(timedChunk{
+		Chunk:    c,
+		deadline: time.Now().Add(f.delay),
+	})
+	f.push <- struct{}{}
+}
+
+// Run starts forwarding of packets. Packets will be forwarded if they spent
+// >delay time in the internal queue. Must be called before any packet will be
+// forwarded.
+func (f *DelayFilter) Run(ctx context.Context) {
+	timer := time.NewTimer(0)
+	for {
+		select {
+		case <-ctx.Done():
+			return
+		case <-f.push:
+			next := f.queue.peek().(timedChunk) //nolint:forcetypeassert
+			if !timer.Stop() {
+				<-timer.C
+			}
+			timer.Reset(time.Until(next.deadline))
+		case now := <-timer.C:
+			next := f.queue.peek()
+			if next == nil {
+				timer.Reset(time.Minute)
+				continue
+			}
+			if n, ok := next.(timedChunk); ok && n.deadline.Before(now) {
+				f.queue.pop() // ignore result because we already got and casted it from peek
+				f.NIC.onInboundChunk(n.Chunk)
+			}
+			next = f.queue.peek()
+			if next == nil {
+				timer.Reset(time.Minute)
+				continue
+			}
+			if n, ok := next.(timedChunk); ok {
+				timer.Reset(time.Until(n.deadline))
+			}
+		}
+	}
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/errors.go b/server/vendor/github.com/pion/transport/v2/vnet/errors.go
new file mode 100644
index 0000000..22c7c2d
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/errors.go
@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+type timeoutError struct {
+	msg string
+}
+
+func newTimeoutError(msg string) error {
+	return &timeoutError{
+		msg: msg,
+	}
+}
+
+func (e *timeoutError) Error() string {
+	return e.msg
+}
+
+func (e *timeoutError) Timeout() bool {
+	return true
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/loss_filter.go b/server/vendor/github.com/pion/transport/v2/vnet/loss_filter.go
new file mode 100644
index 0000000..4b2d75f
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/loss_filter.go
@@ -0,0 +1,36 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"math/rand"
+	"time"
+)
+
+// LossFilter is a wrapper around NICs, that drops some of the packets passed to
+// onInboundChunk
+type LossFilter struct {
+	NIC
+	chance int
+}
+
+// NewLossFilter creates a new LossFilter that drops every packet with a
+// probability of chance/100. Every packet that is not dropped is passed on to
+// the given NIC.
+func NewLossFilter(nic NIC, chance int) (*LossFilter, error) {
+	f := &LossFilter{
+		NIC:    nic,
+		chance: chance,
+	}
+	rand.Seed(time.Now().UTC().UnixNano())
+	return f, nil
+}
+
+func (f *LossFilter) onInboundChunk(c Chunk) {
+	if rand.Intn(100) < f.chance { //nolint:gosec
+		return
+	}
+
+	f.NIC.onInboundChunk(c)
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/nat.go b/server/vendor/github.com/pion/transport/v2/vnet/nat.go
new file mode 100644
index 0000000..a4be36e
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/nat.go
@@ -0,0 +1,342 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+var (
+	errNATRequriesMapping            = errors.New("1:1 NAT requires more than one mapping")
+	errMismatchLengthIP              = errors.New("length mismtach between mappedIPs and localIPs")
+	errNonUDPTranslationNotSupported = errors.New("non-udp translation is not supported yet")
+	errNoAssociatedLocalAddress      = errors.New("no associated local address")
+	errNoNATBindingFound             = errors.New("no NAT binding found")
+	errHasNoPermission               = errors.New("has no permission")
+)
+
+// EndpointDependencyType defines a type of behavioral dependendency on the
+// remote endpoint's IP address or port number. This is used for the two
+// kinds of behaviors:
+//   - Port mapping behavior
+//   - Filtering behavior
+//
+// See: https://tools.ietf.org/html/rfc4787
+type EndpointDependencyType uint8
+
+const (
+	// EndpointIndependent means the behavior is independent of the endpoint's address or port
+	EndpointIndependent EndpointDependencyType = iota
+	// EndpointAddrDependent means the behavior is dependent on the endpoint's address
+	EndpointAddrDependent
+	// EndpointAddrPortDependent means the behavior is dependent on the endpoint's address and port
+	EndpointAddrPortDependent
+)
+
+// NATMode defines basic behavior of the NAT
+type NATMode uint8
+
+const (
+	// NATModeNormal means the NAT behaves as a standard NAPT (RFC 2663).
+	NATModeNormal NATMode = iota
+	// NATModeNAT1To1 exhibits 1:1 DNAT where the external IP address is statically mapped to
+	// a specific local IP address with port number is preserved always between them.
+	// When this mode is selected, MappingBehavior, FilteringBehavior, PortPreservation and
+	// MappingLifeTime of NATType are ignored.
+	NATModeNAT1To1
+)
+
+const (
+	defaultNATMappingLifeTime = 30 * time.Second
+)
+
+// NATType has a set of parameters that define the behavior of NAT.
+type NATType struct {
+	Mode              NATMode
+	MappingBehavior   EndpointDependencyType
+	FilteringBehavior EndpointDependencyType
+	Hairpinning       bool // Not implemented yet
+	PortPreservation  bool // Not implemented yet
+	MappingLifeTime   time.Duration
+}
+
+type natConfig struct {
+	name          string
+	natType       NATType
+	mappedIPs     []net.IP // mapped IPv4
+	localIPs      []net.IP // local IPv4, required only when the mode is NATModeNAT1To1
+	loggerFactory logging.LoggerFactory
+}
+
+type mapping struct {
+	proto   string              // "udp" or "tcp"
+	local   string              // "<local-ip>:<local-port>"
+	mapped  string              // "<mapped-ip>:<mapped-port>"
+	bound   string              // key: "[<remote-ip>[:<remote-port>]]"
+	filters map[string]struct{} // key: "[<remote-ip>[:<remote-port>]]"
+	expires time.Time           // time to expire
+}
+
+type networkAddressTranslator struct {
+	name           string
+	natType        NATType
+	mappedIPs      []net.IP            // mapped IPv4
+	localIPs       []net.IP            // local IPv4, required only when the mode is NATModeNAT1To1
+	outboundMap    map[string]*mapping // key: "<proto>:<local-ip>:<local-port>[:remote-ip[:remote-port]]
+	inboundMap     map[string]*mapping // key: "<proto>:<mapped-ip>:<mapped-port>"
+	udpPortCounter int
+	mutex          sync.RWMutex
+	log            logging.LeveledLogger
+}
+
+func newNAT(config *natConfig) (*networkAddressTranslator, error) {
+	natType := config.natType
+
+	if natType.Mode == NATModeNAT1To1 {
+		// 1:1 NAT behavior
+		natType.MappingBehavior = EndpointIndependent
+		natType.FilteringBehavior = EndpointIndependent
+		natType.PortPreservation = true
+		natType.MappingLifeTime = 0
+
+		if len(config.mappedIPs) == 0 {
+			return nil, errNATRequriesMapping
+		}
+		if len(config.mappedIPs) != len(config.localIPs) {
+			return nil, errMismatchLengthIP
+		}
+	} else {
+		// Normal (NAPT) behavior
+		natType.Mode = NATModeNormal
+		if natType.MappingLifeTime == 0 {
+			natType.MappingLifeTime = defaultNATMappingLifeTime
+		}
+	}
+
+	return &networkAddressTranslator{
+		name:        config.name,
+		natType:     natType,
+		mappedIPs:   config.mappedIPs,
+		localIPs:    config.localIPs,
+		outboundMap: map[string]*mapping{},
+		inboundMap:  map[string]*mapping{},
+		log:         config.loggerFactory.NewLogger("vnet"),
+	}, nil
+}
+
+func (n *networkAddressTranslator) getPairedMappedIP(locIP net.IP) net.IP {
+	for i, ip := range n.localIPs {
+		if ip.Equal(locIP) {
+			return n.mappedIPs[i]
+		}
+	}
+	return nil
+}
+
+func (n *networkAddressTranslator) getPairedLocalIP(mappedIP net.IP) net.IP {
+	for i, ip := range n.mappedIPs {
+		if ip.Equal(mappedIP) {
+			return n.localIPs[i]
+		}
+	}
+	return nil
+}
+
+func (n *networkAddressTranslator) translateOutbound(from Chunk) (Chunk, error) {
+	n.mutex.Lock()
+	defer n.mutex.Unlock()
+
+	to := from.Clone()
+
+	if from.Network() == udp {
+		if n.natType.Mode == NATModeNAT1To1 {
+			// 1:1 NAT behavior
+			srcAddr := from.SourceAddr().(*net.UDPAddr) //nolint:forcetypeassert
+			srcIP := n.getPairedMappedIP(srcAddr.IP)
+			if srcIP == nil {
+				n.log.Debugf("[%s] drop outbound chunk %s with not route", n.name, from.String())
+				return nil, nil // nolint:nilnil
+			}
+			srcPort := srcAddr.Port
+			if err := to.setSourceAddr(fmt.Sprintf("%s:%d", srcIP.String(), srcPort)); err != nil {
+				return nil, err
+			}
+		} else {
+			// Normal (NAPT) behavior
+			var bound, filterKey string
+			switch n.natType.MappingBehavior {
+			case EndpointIndependent:
+				bound = ""
+			case EndpointAddrDependent:
+				bound = from.getDestinationIP().String()
+			case EndpointAddrPortDependent:
+				bound = from.DestinationAddr().String()
+			}
+
+			switch n.natType.FilteringBehavior {
+			case EndpointIndependent:
+				filterKey = ""
+			case EndpointAddrDependent:
+				filterKey = from.getDestinationIP().String()
+			case EndpointAddrPortDependent:
+				filterKey = from.DestinationAddr().String()
+			}
+
+			oKey := fmt.Sprintf("udp:%s:%s", from.SourceAddr().String(), bound)
+
+			m := n.findOutboundMapping(oKey)
+			if m == nil {
+				// Create a new mapping
+				mappedPort := 0xC000 + n.udpPortCounter
+				n.udpPortCounter++
+
+				m = &mapping{
+					proto:   from.SourceAddr().Network(),
+					local:   from.SourceAddr().String(),
+					bound:   bound,
+					mapped:  fmt.Sprintf("%s:%d", n.mappedIPs[0].String(), mappedPort),
+					filters: map[string]struct{}{},
+					expires: time.Now().Add(n.natType.MappingLifeTime),
+				}
+
+				n.outboundMap[oKey] = m
+
+				iKey := fmt.Sprintf("udp:%s", m.mapped)
+
+				n.log.Debugf("[%s] created a new NAT binding oKey=%s iKey=%s",
+					n.name,
+					oKey,
+					iKey)
+
+				m.filters[filterKey] = struct{}{}
+				n.log.Debugf("[%s] permit access from %s to %s", n.name, filterKey, m.mapped)
+				n.inboundMap[iKey] = m
+			} else if _, ok := m.filters[filterKey]; !ok {
+				n.log.Debugf("[%s] permit access from %s to %s", n.name, filterKey, m.mapped)
+				m.filters[filterKey] = struct{}{}
+			}
+
+			if err := to.setSourceAddr(m.mapped); err != nil {
+				return nil, err
+			}
+		}
+
+		n.log.Debugf("[%s] translate outbound chunk from %s to %s", n.name, from.String(), to.String())
+
+		return to, nil
+	}
+
+	return nil, errNonUDPTranslationNotSupported
+}
+
+func (n *networkAddressTranslator) translateInbound(from Chunk) (Chunk, error) {
+	n.mutex.Lock()
+	defer n.mutex.Unlock()
+
+	to := from.Clone()
+
+	if from.Network() == udp {
+		if n.natType.Mode == NATModeNAT1To1 {
+			// 1:1 NAT behavior
+			dstAddr := from.DestinationAddr().(*net.UDPAddr) //nolint:forcetypeassert
+			dstIP := n.getPairedLocalIP(dstAddr.IP)
+			if dstIP == nil {
+				return nil, fmt.Errorf("drop %s as %w", from.String(), errNoAssociatedLocalAddress)
+			}
+			dstPort := from.DestinationAddr().(*net.UDPAddr).Port //nolint:forcetypeassert
+			if err := to.setDestinationAddr(fmt.Sprintf("%s:%d", dstIP, dstPort)); err != nil {
+				return nil, err
+			}
+		} else {
+			// Normal (NAPT) behavior
+			iKey := fmt.Sprintf("udp:%s", from.DestinationAddr().String())
+			m := n.findInboundMapping(iKey)
+			if m == nil {
+				return nil, fmt.Errorf("drop %s as %w", from.String(), errNoNATBindingFound)
+			}
+
+			var filterKey string
+			switch n.natType.FilteringBehavior {
+			case EndpointIndependent:
+				filterKey = ""
+			case EndpointAddrDependent:
+				filterKey = from.getSourceIP().String()
+			case EndpointAddrPortDependent:
+				filterKey = from.SourceAddr().String()
+			}
+
+			if _, ok := m.filters[filterKey]; !ok {
+				return nil, fmt.Errorf("drop %s as the remote %s %w", from.String(), filterKey, errHasNoPermission)
+			}
+
+			// See RFC 4847 Section 4.3.  Mapping Refresh
+			// a) Inbound refresh may be useful for applications with no outgoing
+			//   UDP traffic.  However, allowing inbound refresh may allow an
+			//   external attacker or misbehaving application to keep a mapping
+			//   alive indefinitely.  This may be a security risk.  Also, if the
+			//   process is repeated with different ports, over time, it could
+			//   use up all the ports on the NAT.
+
+			if err := to.setDestinationAddr(m.local); err != nil {
+				return nil, err
+			}
+		}
+
+		n.log.Debugf("[%s] translate inbound chunk from %s to %s", n.name, from.String(), to.String())
+
+		return to, nil
+	}
+
+	return nil, errNonUDPTranslationNotSupported
+}
+
+// caller must hold the mutex
+func (n *networkAddressTranslator) findOutboundMapping(oKey string) *mapping {
+	now := time.Now()
+
+	m, ok := n.outboundMap[oKey]
+	if ok {
+		// check if this mapping is expired
+		if now.After(m.expires) {
+			n.removeMapping(m)
+			m = nil // expired
+		} else {
+			m.expires = time.Now().Add(n.natType.MappingLifeTime)
+		}
+	}
+
+	return m
+}
+
+// caller must hold the mutex
+func (n *networkAddressTranslator) findInboundMapping(iKey string) *mapping {
+	now := time.Now()
+	m, ok := n.inboundMap[iKey]
+	if !ok {
+		return nil
+	}
+
+	// check if this mapping is expired
+	if now.After(m.expires) {
+		n.removeMapping(m)
+		return nil
+	}
+
+	return m
+}
+
+// caller must hold the mutex
+func (n *networkAddressTranslator) removeMapping(m *mapping) {
+	oKey := fmt.Sprintf("%s:%s:%s", m.proto, m.local, m.bound)
+	iKey := fmt.Sprintf("%s:%s", m.proto, m.mapped)
+
+	delete(n.outboundMap, oKey)
+	delete(n.inboundMap, iKey)
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/net.go b/server/vendor/github.com/pion/transport/v2/vnet/net.go
new file mode 100644
index 0000000..5d0938e
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/net.go
@@ -0,0 +1,618 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"math/rand"
+	"net"
+	"strconv"
+	"strings"
+	"sync"
+
+	"github.com/pion/transport/v2"
+)
+
+const (
+	lo0String = "lo0String"
+	udp       = "udp"
+	udp4      = "udp4"
+)
+
+var (
+	macAddrCounter                 uint64 = 0xBEEFED910200 //nolint:gochecknoglobals
+	errNoInterface                        = errors.New("no interface is available")
+	errUnexpectedNetwork                  = errors.New("unexpected network")
+	errCantAssignRequestedAddr            = errors.New("can't assign requested address")
+	errUnknownNetwork                     = errors.New("unknown network")
+	errNoRouterLinked                     = errors.New("no router linked")
+	errInvalidPortNumber                  = errors.New("invalid port number")
+	errUnexpectedTypeSwitchFailure        = errors.New("unexpected type-switch failure")
+	errBindFailedFor                      = errors.New("bind failed for")
+	errEndPortLessThanStart               = errors.New("end port is less than the start")
+	errPortSpaceExhausted                 = errors.New("port space exhausted")
+)
+
+func newMACAddress() net.HardwareAddr {
+	b := make([]byte, 8)
+	binary.BigEndian.PutUint64(b, macAddrCounter)
+	macAddrCounter++
+	return b[2:]
+}
+
+// Net represents a local network stack equivalent to a set of layers from NIC
+// up to the transport (UDP / TCP) layer.
+type Net struct {
+	interfaces []*transport.Interface // read-only
+	staticIPs  []net.IP               // read-only
+	router     *Router                // read-only
+	udpConns   *udpConnMap            // read-only
+	mutex      sync.RWMutex
+}
+
+// Compile-time assertion
+var _ transport.Net = &Net{}
+
+func (v *Net) _getInterfaces() ([]*transport.Interface, error) {
+	if len(v.interfaces) == 0 {
+		return nil, errNoInterface
+	}
+
+	return v.interfaces, nil
+}
+
+// Interfaces returns a list of the system's network interfaces.
+func (v *Net) Interfaces() ([]*transport.Interface, error) {
+	v.mutex.RLock()
+	defer v.mutex.RUnlock()
+
+	return v._getInterfaces()
+}
+
+// caller must hold the mutex (read)
+func (v *Net) _getInterface(ifName string) (*transport.Interface, error) {
+	ifs, err := v._getInterfaces()
+	if err != nil {
+		return nil, err
+	}
+	for _, ifc := range ifs {
+		if ifc.Name == ifName {
+			return ifc, nil
+		}
+	}
+
+	return nil, fmt.Errorf("%w: %s", transport.ErrInterfaceNotFound, ifName)
+}
+
+func (v *Net) getInterface(ifName string) (*transport.Interface, error) {
+	v.mutex.RLock()
+	defer v.mutex.RUnlock()
+
+	return v._getInterface(ifName)
+}
+
+// InterfaceByIndex returns the interface specified by index.
+//
+// On Solaris, it returns one of the logical network interfaces
+// sharing the logical data link; for more precision use
+// InterfaceByName.
+func (v *Net) InterfaceByIndex(index int) (*transport.Interface, error) {
+	for _, ifc := range v.interfaces {
+		if ifc.Index == index {
+			return ifc, nil
+		}
+	}
+
+	return nil, fmt.Errorf("%w: index=%d", transport.ErrInterfaceNotFound, index)
+}
+
+// InterfaceByName returns the interface specified by name.
+func (v *Net) InterfaceByName(ifName string) (*transport.Interface, error) {
+	return v.getInterface(ifName)
+}
+
+// caller must hold the mutex
+func (v *Net) getAllIPAddrs(ipv6 bool) []net.IP {
+	ips := []net.IP{}
+
+	for _, ifc := range v.interfaces {
+		addrs, err := ifc.Addrs()
+		if err != nil {
+			continue
+		}
+
+		for _, addr := range addrs {
+			var ip net.IP
+			if ipNet, ok := addr.(*net.IPNet); ok {
+				ip = ipNet.IP
+			} else if ipAddr, ok := addr.(*net.IPAddr); ok {
+				ip = ipAddr.IP
+			} else {
+				continue
+			}
+
+			if !ipv6 {
+				if ip.To4() != nil {
+					ips = append(ips, ip)
+				}
+			}
+		}
+	}
+
+	return ips
+}
+
+func (v *Net) setRouter(r *Router) error {
+	v.mutex.Lock()
+	defer v.mutex.Unlock()
+
+	v.router = r
+	return nil
+}
+
+func (v *Net) onInboundChunk(c Chunk) {
+	v.mutex.Lock()
+	defer v.mutex.Unlock()
+
+	if c.Network() == udp {
+		if conn, ok := v.udpConns.find(c.DestinationAddr()); ok {
+			conn.onInboundChunk(c)
+		}
+	}
+}
+
+// caller must hold the mutex
+func (v *Net) _dialUDP(network string, locAddr, remAddr *net.UDPAddr) (transport.UDPConn, error) {
+	// validate network
+	if network != udp && network != udp4 {
+		return nil, fmt.Errorf("%w: %s", errUnexpectedNetwork, network)
+	}
+
+	if locAddr == nil {
+		locAddr = &net.UDPAddr{
+			IP: net.IPv4zero,
+		}
+	} else if locAddr.IP == nil {
+		locAddr.IP = net.IPv4zero
+	}
+
+	// validate address. do we have that address?
+	if !v.hasIPAddr(locAddr.IP) {
+		return nil, &net.OpError{
+			Op:   "listen",
+			Net:  network,
+			Addr: locAddr,
+			Err:  fmt.Errorf("bind: %w", errCantAssignRequestedAddr),
+		}
+	}
+
+	if locAddr.Port == 0 {
+		// choose randomly from the range between 5000 and 5999
+		port, err := v.assignPort(locAddr.IP, 5000, 5999)
+		if err != nil {
+			return nil, &net.OpError{
+				Op:   "listen",
+				Net:  network,
+				Addr: locAddr,
+				Err:  err,
+			}
+		}
+		locAddr.Port = port
+	} else if _, ok := v.udpConns.find(locAddr); ok {
+		return nil, &net.OpError{
+			Op:   "listen",
+			Net:  network,
+			Addr: locAddr,
+			Err:  fmt.Errorf("bind: %w", errAddressAlreadyInUse),
+		}
+	}
+
+	conn, err := newUDPConn(locAddr, remAddr, v)
+	if err != nil {
+		return nil, err
+	}
+
+	err = v.udpConns.insert(conn)
+	if err != nil {
+		return nil, err
+	}
+
+	return conn, nil
+}
+
+// ListenPacket announces on the local network address.
+func (v *Net) ListenPacket(network string, address string) (net.PacketConn, error) {
+	v.mutex.Lock()
+	defer v.mutex.Unlock()
+
+	locAddr, err := v.ResolveUDPAddr(network, address)
+	if err != nil {
+		return nil, err
+	}
+
+	return v._dialUDP(network, locAddr, nil)
+}
+
+// ListenUDP acts like ListenPacket for UDP networks.
+func (v *Net) ListenUDP(network string, locAddr *net.UDPAddr) (transport.UDPConn, error) {
+	v.mutex.Lock()
+	defer v.mutex.Unlock()
+
+	return v._dialUDP(network, locAddr, nil)
+}
+
+// DialUDP acts like Dial for UDP networks.
+func (v *Net) DialUDP(network string, locAddr, remAddr *net.UDPAddr) (transport.UDPConn, error) {
+	v.mutex.Lock()
+	defer v.mutex.Unlock()
+
+	return v._dialUDP(network, locAddr, remAddr)
+}
+
+// Dial connects to the address on the named network.
+func (v *Net) Dial(network string, address string) (net.Conn, error) {
+	v.mutex.Lock()
+	defer v.mutex.Unlock()
+
+	remAddr, err := v.ResolveUDPAddr(network, address)
+	if err != nil {
+		return nil, err
+	}
+
+	// Determine source address
+	srcIP := v.determineSourceIP(nil, remAddr.IP)
+
+	locAddr := &net.UDPAddr{IP: srcIP, Port: 0}
+
+	return v._dialUDP(network, locAddr, remAddr)
+}
+
+// ResolveIPAddr returns an address of IP end point.
+func (v *Net) ResolveIPAddr(_, address string) (*net.IPAddr, error) {
+	var err error
+
+	// Check if host is a domain name
+	ip := net.ParseIP(address)
+	if ip == nil {
+		address = strings.ToLower(address)
+		if address == "localhost" {
+			ip = net.IPv4(127, 0, 0, 1)
+		} else {
+			// host is a domain name. resolve IP address by the name
+			if v.router == nil {
+				return nil, errNoRouterLinked
+			}
+
+			ip, err = v.router.resolver.lookUp(address)
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
+	return &net.IPAddr{
+		IP: ip,
+	}, nil
+}
+
+// ResolveUDPAddr returns an address of UDP end point.
+func (v *Net) ResolveUDPAddr(network, address string) (*net.UDPAddr, error) {
+	if network != udp && network != udp4 {
+		return nil, fmt.Errorf("%w %s", errUnknownNetwork, network)
+	}
+
+	host, sPort, err := net.SplitHostPort(address)
+	if err != nil {
+		return nil, err
+	}
+
+	ipAddress, err := v.ResolveIPAddr("ip", host)
+	if err != nil {
+		return nil, err
+	}
+
+	port, err := strconv.Atoi(sPort)
+	if err != nil {
+		return nil, errInvalidPortNumber
+	}
+
+	udpAddr := &net.UDPAddr{
+		IP:   ipAddress.IP,
+		Zone: ipAddress.Zone,
+		Port: port,
+	}
+
+	return udpAddr, nil
+}
+
+// ResolveTCPAddr returns an address of TCP end point.
+func (v *Net) ResolveTCPAddr(network, address string) (*net.TCPAddr, error) {
+	if network != udp && network != "udp4" {
+		return nil, fmt.Errorf("%w %s", errUnknownNetwork, network)
+	}
+
+	host, sPort, err := net.SplitHostPort(address)
+	if err != nil {
+		return nil, err
+	}
+
+	ipAddr, err := v.ResolveIPAddr("ip", host)
+	if err != nil {
+		return nil, err
+	}
+
+	port, err := strconv.Atoi(sPort)
+	if err != nil {
+		return nil, errInvalidPortNumber
+	}
+
+	udpAddr := &net.TCPAddr{
+		IP:   ipAddr.IP,
+		Zone: ipAddr.Zone,
+		Port: port,
+	}
+
+	return udpAddr, nil
+}
+
+func (v *Net) write(c Chunk) error {
+	if c.Network() == udp {
+		if udp, ok := c.(*chunkUDP); ok {
+			if c.getDestinationIP().IsLoopback() {
+				if conn, ok := v.udpConns.find(udp.DestinationAddr()); ok {
+					conn.onInboundChunk(udp)
+				}
+				return nil
+			}
+		} else {
+			return errUnexpectedTypeSwitchFailure
+		}
+	}
+
+	if v.router == nil {
+		return errNoRouterLinked
+	}
+
+	v.router.push(c)
+	return nil
+}
+
+func (v *Net) onClosed(addr net.Addr) {
+	if addr.Network() == udp {
+		//nolint:errcheck
+		v.udpConns.delete(addr) // #nosec
+	}
+}
+
+// This method determines the srcIP based on the dstIP when locIP
+// is any IP address ("0.0.0.0" or "::"). If locIP is a non-any addr,
+// this method simply returns locIP.
+// caller must hold the mutex
+func (v *Net) determineSourceIP(locIP, dstIP net.IP) net.IP {
+	if locIP != nil && !locIP.IsUnspecified() {
+		return locIP
+	}
+
+	var srcIP net.IP
+
+	if dstIP.IsLoopback() {
+		srcIP = net.ParseIP("127.0.0.1")
+	} else {
+		ifc, err2 := v._getInterface("eth0")
+		if err2 != nil {
+			return nil
+		}
+
+		addrs, err2 := ifc.Addrs()
+		if err2 != nil {
+			return nil
+		}
+
+		if len(addrs) == 0 {
+			return nil
+		}
+
+		var findIPv4 bool
+		if locIP != nil {
+			findIPv4 = (locIP.To4() != nil)
+		} else {
+			findIPv4 = (dstIP.To4() != nil)
+		}
+
+		for _, addr := range addrs {
+			ip := addr.(*net.IPNet).IP //nolint:forcetypeassert
+			if findIPv4 {
+				if ip.To4() != nil {
+					srcIP = ip
+					break
+				}
+			} else {
+				if ip.To4() == nil {
+					srcIP = ip
+					break
+				}
+			}
+		}
+	}
+
+	return srcIP
+}
+
+// caller must hold the mutex
+func (v *Net) hasIPAddr(ip net.IP) bool { //nolint:gocognit
+	for _, ifc := range v.interfaces {
+		if addrs, err := ifc.Addrs(); err == nil {
+			for _, addr := range addrs {
+				var locIP net.IP
+				if ipNet, ok := addr.(*net.IPNet); ok {
+					locIP = ipNet.IP
+				} else if ipAddr, ok := addr.(*net.IPAddr); ok {
+					locIP = ipAddr.IP
+				} else {
+					continue
+				}
+
+				switch ip.String() {
+				case "0.0.0.0":
+					if locIP.To4() != nil {
+						return true
+					}
+				case "::":
+					if locIP.To4() == nil {
+						return true
+					}
+				default:
+					if locIP.Equal(ip) {
+						return true
+					}
+				}
+			}
+		}
+	}
+
+	return false
+}
+
+// caller must hold the mutex
+func (v *Net) allocateLocalAddr(ip net.IP, port int) error {
+	// gather local IP addresses to bind
+	var ips []net.IP
+	if ip.IsUnspecified() {
+		ips = v.getAllIPAddrs(ip.To4() == nil)
+	} else if v.hasIPAddr(ip) {
+		ips = []net.IP{ip}
+	}
+
+	if len(ips) == 0 {
+		return fmt.Errorf("%w %s", errBindFailedFor, ip.String())
+	}
+
+	// check if all these transport addresses are not in use
+	for _, ip2 := range ips {
+		addr := &net.UDPAddr{
+			IP:   ip2,
+			Port: port,
+		}
+		if _, ok := v.udpConns.find(addr); ok {
+			return &net.OpError{
+				Op:   "bind",
+				Net:  udp,
+				Addr: addr,
+				Err:  fmt.Errorf("bind: %w", errAddressAlreadyInUse),
+			}
+		}
+	}
+
+	return nil
+}
+
+// caller must hold the mutex
+func (v *Net) assignPort(ip net.IP, start, end int) (int, error) {
+	// choose randomly from the range between start and end (inclusive)
+	if end < start {
+		return -1, errEndPortLessThanStart
+	}
+
+	space := end + 1 - start
+	offset := rand.Intn(space) //nolint:gosec
+	for i := 0; i < space; i++ {
+		port := ((offset + i) % space) + start
+
+		err := v.allocateLocalAddr(ip, port)
+		if err == nil {
+			return port, nil
+		}
+	}
+
+	return -1, errPortSpaceExhausted
+}
+
+func (v *Net) getStaticIPs() []net.IP {
+	return v.staticIPs
+}
+
+// NetConfig is a bag of configuration parameters passed to NewNet().
+type NetConfig struct {
+	// StaticIPs is an array of static IP addresses to be assigned for this Net.
+	// If no static IP address is given, the router will automatically assign
+	// an IP address.
+	StaticIPs []string
+
+	// StaticIP is deprecated. Use StaticIPs.
+	StaticIP string
+}
+
+// NewNet creates an instance of a virtual network.
+//
+// By design, it always have lo0 and eth0 interfaces.
+// The lo0 has the address 127.0.0.1 assigned by default.
+// IP address for eth0 will be assigned when this Net is added to a router.
+func NewNet(config *NetConfig) (*Net, error) {
+	lo0 := transport.NewInterface(net.Interface{
+		Index:        1,
+		MTU:          16384,
+		Name:         lo0String,
+		HardwareAddr: nil,
+		Flags:        net.FlagUp | net.FlagLoopback | net.FlagMulticast,
+	})
+	lo0.AddAddress(&net.IPNet{
+		IP:   net.ParseIP("127.0.0.1"),
+		Mask: net.CIDRMask(8, 32),
+	})
+
+	eth0 := transport.NewInterface(net.Interface{
+		Index:        2,
+		MTU:          1500,
+		Name:         "eth0",
+		HardwareAddr: newMACAddress(),
+		Flags:        net.FlagUp | net.FlagMulticast,
+	})
+
+	var staticIPs []net.IP
+	for _, ipStr := range config.StaticIPs {
+		if ip := net.ParseIP(ipStr); ip != nil {
+			staticIPs = append(staticIPs, ip)
+		}
+	}
+	if len(config.StaticIP) > 0 {
+		if ip := net.ParseIP(config.StaticIP); ip != nil {
+			staticIPs = append(staticIPs, ip)
+		}
+	}
+
+	return &Net{
+		interfaces: []*transport.Interface{lo0, eth0},
+		staticIPs:  staticIPs,
+		udpConns:   newUDPConnMap(),
+	}, nil
+}
+
+// DialTCP acts like Dial for TCP networks.
+func (v *Net) DialTCP(string, *net.TCPAddr, *net.TCPAddr) (transport.TCPConn, error) {
+	return nil, transport.ErrNotSupported
+}
+
+// ListenTCP acts like Listen for TCP networks.
+func (v *Net) ListenTCP(string, *net.TCPAddr) (transport.TCPListener, error) {
+	return nil, transport.ErrNotSupported
+}
+
+// CreateDialer creates an instance of vnet.Dialer
+func (v *Net) CreateDialer(d *net.Dialer) transport.Dialer {
+	return &dialer{
+		dialer: d,
+		net:    v,
+	}
+}
+
+type dialer struct {
+	dialer *net.Dialer
+	net    *Net
+}
+
+func (d *dialer) Dial(network, address string) (net.Conn, error) {
+	return d.net.Dial(network, address)
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/resolver.go b/server/vendor/github.com/pion/transport/v2/vnet/resolver.go
new file mode 100644
index 0000000..a391cc7
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/resolver.go
@@ -0,0 +1,92 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"sync"
+
+	"github.com/pion/logging"
+)
+
+var (
+	errHostnameEmpty       = errors.New("host name must not be empty")
+	errFailedToParseIPAddr = errors.New("failed to parse IP address")
+)
+
+type resolverConfig struct {
+	LoggerFactory logging.LoggerFactory
+}
+
+type resolver struct {
+	parent *resolver             // read-only
+	hosts  map[string]net.IP     // requires mutex
+	mutex  sync.RWMutex          // thread-safe
+	log    logging.LeveledLogger // read-only
+}
+
+func newResolver(config *resolverConfig) *resolver {
+	r := &resolver{
+		hosts: map[string]net.IP{},
+		log:   config.LoggerFactory.NewLogger("vnet"),
+	}
+
+	if err := r.addHost("localhost", "127.0.0.1"); err != nil {
+		r.log.Warn("failed to add localhost to resolver")
+	}
+	return r
+}
+
+func (r *resolver) setParent(parent *resolver) {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	r.parent = parent
+}
+
+func (r *resolver) addHost(name string, ipAddr string) error {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	if len(name) == 0 {
+		return errHostnameEmpty
+	}
+	ip := net.ParseIP(ipAddr)
+	if ip == nil {
+		return fmt.Errorf("%w \"%s\"", errFailedToParseIPAddr, ipAddr)
+	}
+	r.hosts[name] = ip
+	return nil
+}
+
+func (r *resolver) lookUp(hostName string) (net.IP, error) {
+	ip := func() net.IP {
+		r.mutex.RLock()
+		defer r.mutex.RUnlock()
+
+		if ip2, ok := r.hosts[hostName]; ok {
+			return ip2
+		}
+		return nil
+	}()
+	if ip != nil {
+		return ip, nil
+	}
+
+	// mutex must be unlocked before calling into parent resolver
+
+	if r.parent != nil {
+		return r.parent.lookUp(hostName)
+	}
+
+	return nil, &net.DNSError{
+		Err:         "host not found",
+		Name:        hostName,
+		Server:      "vnet resolver",
+		IsTimeout:   false,
+		IsTemporary: false,
+	}
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/router.go b/server/vendor/github.com/pion/transport/v2/vnet/router.go
new file mode 100644
index 0000000..cd4b88d
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/router.go
@@ -0,0 +1,621 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"errors"
+	"fmt"
+	"math/rand"
+	"net"
+	"strings"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2"
+)
+
+const (
+	defaultRouterQueueSize = 0 // unlimited
+)
+
+var (
+	errInvalidLocalIPinStaticIPs     = errors.New("invalid local IP in StaticIPs")
+	errLocalIPBeyondStaticIPsSubset  = errors.New("mapped in StaticIPs is beyond subnet")
+	errLocalIPNoStaticsIPsAssociated = errors.New("all StaticIPs must have associated local IPs")
+	errRouterAlreadyStarted          = errors.New("router already started")
+	errRouterAlreadyStopped          = errors.New("router already stopped")
+	errStaticIPisBeyondSubnet        = errors.New("static IP is beyond subnet")
+	errAddressSpaceExhausted         = errors.New("address space exhausted")
+	errNoIPAddrEth0                  = errors.New("no IP address is assigned for eth0")
+)
+
+// Generate a unique router name
+var assignRouterName = func() func() string { //nolint:gochecknoglobals
+	var routerIDCtr uint64
+
+	return func() string {
+		n := atomic.AddUint64(&routerIDCtr, 1)
+		return fmt.Sprintf("router%d", n)
+	}
+}()
+
+// RouterConfig ...
+type RouterConfig struct {
+	// Name of router. If not specified, a unique name will be assigned.
+	Name string
+	// CIDR notation, like "192.0.2.0/24"
+	CIDR string
+	// StaticIPs is an array of static IP addresses to be assigned for this router.
+	// If no static IP address is given, the router will automatically assign
+	// an IP address.
+	// This will be ignored if this router is the root.
+	StaticIPs []string
+	// StaticIP is deprecated. Use StaticIPs.
+	StaticIP string
+	// Internal queue size
+	QueueSize int
+	// Effective only when this router has a parent router
+	NATType *NATType
+	// Minimum Delay
+	MinDelay time.Duration
+	// Max Jitter
+	MaxJitter time.Duration
+	// Logger factory
+	LoggerFactory logging.LoggerFactory
+}
+
+// NIC is a network interface controller that interfaces Router
+type NIC interface {
+	getInterface(ifName string) (*transport.Interface, error)
+	onInboundChunk(c Chunk)
+	getStaticIPs() []net.IP
+	setRouter(r *Router) error
+}
+
+// ChunkFilter is a handler users can add to filter chunks.
+// If the filter returns false, the packet will be dropped.
+type ChunkFilter func(c Chunk) bool
+
+// Router ...
+type Router struct {
+	name           string                    // read-only
+	interfaces     []*transport.Interface    // read-only
+	ipv4Net        *net.IPNet                // read-only
+	staticIPs      []net.IP                  // read-only
+	staticLocalIPs map[string]net.IP         // read-only,
+	lastID         byte                      // requires mutex [x], used to assign the last digit of IPv4 address
+	queue          *chunkQueue               // read-only
+	parent         *Router                   // read-only
+	children       []*Router                 // read-only
+	natType        *NATType                  // read-only
+	nat            *networkAddressTranslator // read-only
+	nics           map[string]NIC            // read-only
+	stopFunc       func()                    // requires mutex [x]
+	resolver       *resolver                 // read-only
+	chunkFilters   []ChunkFilter             // requires mutex [x]
+	minDelay       time.Duration             // requires mutex [x]
+	maxJitter      time.Duration             // requires mutex [x]
+	mutex          sync.RWMutex              // thread-safe
+	pushCh         chan struct{}             // writer requires mutex
+	loggerFactory  logging.LoggerFactory     // read-only
+	log            logging.LeveledLogger     // read-only
+}
+
+// NewRouter ...
+func NewRouter(config *RouterConfig) (*Router, error) {
+	loggerFactory := config.LoggerFactory
+	log := loggerFactory.NewLogger("vnet")
+
+	_, ipv4Net, err := net.ParseCIDR(config.CIDR)
+	if err != nil {
+		return nil, err
+	}
+
+	queueSize := defaultRouterQueueSize
+	if config.QueueSize > 0 {
+		queueSize = config.QueueSize
+	}
+
+	// set up network interface, lo0
+	lo0 := transport.NewInterface(net.Interface{
+		Index:        1,
+		MTU:          16384,
+		Name:         lo0String,
+		HardwareAddr: nil,
+		Flags:        net.FlagUp | net.FlagLoopback | net.FlagMulticast,
+	})
+	lo0.AddAddress(&net.IPAddr{IP: net.ParseIP("127.0.0.1"), Zone: ""})
+
+	// set up network interface, eth0
+	eth0 := transport.NewInterface(net.Interface{
+		Index:        2,
+		MTU:          1500,
+		Name:         "eth0",
+		HardwareAddr: newMACAddress(),
+		Flags:        net.FlagUp | net.FlagMulticast,
+	})
+
+	// local host name resolver
+	resolver := newResolver(&resolverConfig{
+		LoggerFactory: config.LoggerFactory,
+	})
+
+	name := config.Name
+	if len(name) == 0 {
+		name = assignRouterName()
+	}
+
+	var staticIPs []net.IP
+	staticLocalIPs := map[string]net.IP{}
+	for _, ipStr := range config.StaticIPs {
+		ipPair := strings.Split(ipStr, "/")
+		if ip := net.ParseIP(ipPair[0]); ip != nil {
+			if len(ipPair) > 1 {
+				locIP := net.ParseIP(ipPair[1])
+				if locIP == nil {
+					return nil, errInvalidLocalIPinStaticIPs
+				}
+				if !ipv4Net.Contains(locIP) {
+					return nil, fmt.Errorf("local IP %s %w", locIP.String(), errLocalIPBeyondStaticIPsSubset)
+				}
+				staticLocalIPs[ip.String()] = locIP
+			}
+			staticIPs = append(staticIPs, ip)
+		}
+	}
+	if len(config.StaticIP) > 0 {
+		log.Warn("StaticIP is deprecated. Use StaticIPs instead")
+		if ip := net.ParseIP(config.StaticIP); ip != nil {
+			staticIPs = append(staticIPs, ip)
+		}
+	}
+
+	if nStaticLocal := len(staticLocalIPs); nStaticLocal > 0 {
+		if nStaticLocal != len(staticIPs) {
+			return nil, errLocalIPNoStaticsIPsAssociated
+		}
+	}
+
+	return &Router{
+		name:           name,
+		interfaces:     []*transport.Interface{lo0, eth0},
+		ipv4Net:        ipv4Net,
+		staticIPs:      staticIPs,
+		staticLocalIPs: staticLocalIPs,
+		queue:          newChunkQueue(queueSize, 0),
+		natType:        config.NATType,
+		nics:           map[string]NIC{},
+		resolver:       resolver,
+		minDelay:       config.MinDelay,
+		maxJitter:      config.MaxJitter,
+		pushCh:         make(chan struct{}, 1),
+		loggerFactory:  loggerFactory,
+		log:            log,
+	}, nil
+}
+
+// caller must hold the mutex
+func (r *Router) getInterfaces() ([]*transport.Interface, error) {
+	if len(r.interfaces) == 0 {
+		return nil, fmt.Errorf("%w is available", errNoInterface)
+	}
+
+	return r.interfaces, nil
+}
+
+func (r *Router) getInterface(ifName string) (*transport.Interface, error) {
+	r.mutex.RLock()
+	defer r.mutex.RUnlock()
+
+	ifs, err := r.getInterfaces()
+	if err != nil {
+		return nil, err
+	}
+	for _, ifc := range ifs {
+		if ifc.Name == ifName {
+			return ifc, nil
+		}
+	}
+
+	return nil, fmt.Errorf("%w: %s", transport.ErrInterfaceNotFound, ifName)
+}
+
+// Start ...
+func (r *Router) Start() error {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	if r.stopFunc != nil {
+		return errRouterAlreadyStarted
+	}
+
+	cancelCh := make(chan struct{})
+
+	go func() {
+	loop:
+		for {
+			d, err := r.processChunks()
+			if err != nil {
+				r.log.Errorf("[%s] %s", r.name, err.Error())
+				break
+			}
+
+			if d <= 0 {
+				select {
+				case <-r.pushCh:
+				case <-cancelCh:
+					break loop
+				}
+			} else {
+				t := time.NewTimer(d)
+				select {
+				case <-t.C:
+				case <-cancelCh:
+					break loop
+				}
+			}
+		}
+	}()
+
+	r.stopFunc = func() {
+		close(cancelCh)
+	}
+
+	for _, child := range r.children {
+		if err := child.Start(); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// Stop ...
+func (r *Router) Stop() error {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	if r.stopFunc == nil {
+		return errRouterAlreadyStopped
+	}
+
+	for _, router := range r.children {
+		r.mutex.Unlock()
+		err := router.Stop()
+		r.mutex.Lock()
+
+		if err != nil {
+			return err
+		}
+	}
+
+	r.stopFunc()
+	r.stopFunc = nil
+	return nil
+}
+
+// caller must hold the mutex
+func (r *Router) addNIC(nic NIC) error {
+	ifc, err := nic.getInterface("eth0")
+	if err != nil {
+		return err
+	}
+
+	var ips []net.IP
+
+	if ips = nic.getStaticIPs(); len(ips) == 0 {
+		// assign an IP address
+		ip, err2 := r.assignIPAddress()
+		if err2 != nil {
+			return err2
+		}
+		ips = append(ips, ip)
+	}
+
+	for _, ip := range ips {
+		if !r.ipv4Net.Contains(ip) {
+			return fmt.Errorf("%w: %s", errStaticIPisBeyondSubnet, r.ipv4Net.String())
+		}
+
+		ifc.AddAddress(&net.IPNet{
+			IP:   ip,
+			Mask: r.ipv4Net.Mask,
+		})
+
+		r.nics[ip.String()] = nic
+	}
+
+	return nic.setRouter(r)
+}
+
+// AddRouter adds a child Router.
+func (r *Router) AddRouter(router *Router) error {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	// Router is a NIC. Add it as a NIC so that packets are routed to this child
+	// router.
+	err := r.addNIC(router)
+	if err != nil {
+		return err
+	}
+
+	if err = router.setRouter(r); err != nil {
+		return err
+	}
+
+	r.children = append(r.children, router)
+	return nil
+}
+
+// AddChildRouter is like AddRouter, but does not add the child routers NIC to
+// the parent. This has to be done manually by calling AddNet, which allows to
+// use a wrapper around the subrouters NIC.
+// AddNet MUST be called before AddChildRouter.
+func (r *Router) AddChildRouter(router *Router) error {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+	if err := router.setRouter(r); err != nil {
+		return err
+	}
+
+	r.children = append(r.children, router)
+	return nil
+}
+
+// AddNet ...
+func (r *Router) AddNet(nic NIC) error {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	return r.addNIC(nic)
+}
+
+// AddHost adds a mapping of hostname and an IP address to the local resolver.
+func (r *Router) AddHost(hostName string, ipAddr string) error {
+	return r.resolver.addHost(hostName, ipAddr)
+}
+
+// AddChunkFilter adds a filter for chunks traversing this router.
+// You may add more than one filter. The filters are called in the order of this method call.
+// If a chunk is dropped by a filter, subsequent filter will not receive the chunk.
+func (r *Router) AddChunkFilter(filter ChunkFilter) {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	r.chunkFilters = append(r.chunkFilters, filter)
+}
+
+// caller should hold the mutex
+func (r *Router) assignIPAddress() (net.IP, error) {
+	// See: https://stackoverflow.com/questions/14915188/ip-address-ending-with-zero
+
+	if r.lastID == 0xfe {
+		return nil, errAddressSpaceExhausted
+	}
+
+	ip := make(net.IP, 4)
+	copy(ip, r.ipv4Net.IP[:3])
+	r.lastID++
+	ip[3] = r.lastID
+	return ip, nil
+}
+
+func (r *Router) push(c Chunk) {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	r.log.Debugf("[%s] route %s", r.name, c.String())
+	if r.stopFunc != nil {
+		c.setTimestamp()
+		if r.queue.push(c) {
+			select {
+			case r.pushCh <- struct{}{}:
+			default:
+			}
+		} else {
+			r.log.Warnf("[%s] queue was full. dropped a chunk", r.name)
+		}
+	}
+}
+
+func (r *Router) processChunks() (time.Duration, error) {
+	r.mutex.Lock()
+	defer r.mutex.Unlock()
+
+	// Introduce jitter by delaying the processing of chunks.
+	if r.maxJitter > 0 {
+		jitter := time.Duration(rand.Int63n(int64(r.maxJitter))) //nolint:gosec
+		time.Sleep(jitter)
+	}
+
+	//      cutOff
+	//         v min delay
+	//         |<--->|
+	//  +------------:--
+	//  |OOOOOOXXXXX :   --> time
+	//  +------------:--
+	//  |<--->|     now
+	//    due
+
+	enteredAt := time.Now()
+	cutOff := enteredAt.Add(-r.minDelay)
+
+	var d time.Duration // the next sleep duration
+
+	for {
+		d = 0
+
+		c := r.queue.peek()
+		if c == nil {
+			break // no more chunk in the queue
+		}
+
+		// check timestamp to find if the chunk is due
+		if c.getTimestamp().After(cutOff) {
+			// There is one or more chunk in the queue but none of them are due.
+			// Calculate the next sleep duration here.
+			nextExpire := c.getTimestamp().Add(r.minDelay)
+			d = nextExpire.Sub(enteredAt)
+			break
+		}
+
+		var ok bool
+		if c, ok = r.queue.pop(); !ok {
+			break // no more chunk in the queue
+		}
+
+		blocked := false
+		for i := 0; i < len(r.chunkFilters); i++ {
+			filter := r.chunkFilters[i]
+			if !filter(c) {
+				blocked = true
+				break
+			}
+		}
+		if blocked {
+			continue // discard
+		}
+
+		dstIP := c.getDestinationIP()
+
+		// check if the destination is in our subnet
+		if r.ipv4Net.Contains(dstIP) {
+			// search for the destination NIC
+			var nic NIC
+			if nic, ok = r.nics[dstIP.String()]; !ok {
+				// NIC not found. drop it.
+				r.log.Debugf("[%s] %s unreachable", r.name, c.String())
+				continue
+			}
+
+			// found the NIC, forward the chunk to the NIC.
+			// call to NIC must unlock mutex
+			r.mutex.Unlock()
+			nic.onInboundChunk(c)
+			r.mutex.Lock()
+			continue
+		}
+
+		// the destination is outside of this subnet
+		// is this WAN?
+		if r.parent == nil {
+			// this WAN. No route for this chunk
+			r.log.Debugf("[%s] no route found for %s", r.name, c.String())
+			continue
+		}
+
+		// Pass it to the parent via NAT
+		toParent, err := r.nat.translateOutbound(c)
+		if err != nil {
+			return 0, err
+		}
+
+		if toParent == nil {
+			continue
+		}
+
+		//nolint:godox
+		/* FIXME: this implementation would introduce a duplicate packet!
+		if r.nat.natType.Hairpinning {
+			hairpinned, err := r.nat.translateInbound(toParent)
+			if err != nil {
+				r.log.Warnf("[%s] %s", r.name, err.Error())
+			} else {
+				go func() {
+					r.push(hairpinned)
+				}()
+			}
+		}
+		*/
+
+		// call to parent router mutex unlock mutex
+		r.mutex.Unlock()
+		r.parent.push(toParent)
+		r.mutex.Lock()
+	}
+
+	return d, nil
+}
+
+// caller must hold the mutex
+func (r *Router) setRouter(parent *Router) error {
+	r.parent = parent
+	r.resolver.setParent(parent.resolver)
+
+	// when this method is called, one or more IP address has already been assigned by
+	// the parent router.
+	ifc, err := r.getInterface("eth0")
+	if err != nil {
+		return err
+	}
+
+	addrs, _ := ifc.Addrs()
+	if len(addrs) == 0 {
+		return errNoIPAddrEth0
+	}
+
+	mappedIPs := []net.IP{}
+	localIPs := []net.IP{}
+
+	for _, ifcAddr := range addrs {
+		var ip net.IP
+		switch addr := ifcAddr.(type) {
+		case *net.IPNet:
+			ip = addr.IP
+		case *net.IPAddr: // Do we really need this case?
+			ip = addr.IP
+		default:
+		}
+
+		if ip == nil {
+			continue
+		}
+
+		mappedIPs = append(mappedIPs, ip)
+
+		if locIP := r.staticLocalIPs[ip.String()]; locIP != nil {
+			localIPs = append(localIPs, locIP)
+		}
+	}
+
+	// Set up NAT here
+	if r.natType == nil {
+		r.natType = &NATType{
+			MappingBehavior:   EndpointIndependent,
+			FilteringBehavior: EndpointAddrPortDependent,
+			Hairpinning:       false,
+			PortPreservation:  false,
+			MappingLifeTime:   30 * time.Second,
+		}
+	}
+	r.nat, err = newNAT(&natConfig{
+		name:          r.name,
+		natType:       *r.natType,
+		mappedIPs:     mappedIPs,
+		localIPs:      localIPs,
+		loggerFactory: r.loggerFactory,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (r *Router) onInboundChunk(c Chunk) {
+	fromParent, err := r.nat.translateInbound(c)
+	if err != nil {
+		r.log.Warnf("[%s] %s", r.name, err.Error())
+		return
+	}
+
+	r.push(fromParent)
+}
+
+func (r *Router) getStaticIPs() []net.IP {
+	return r.staticIPs
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/tbf.go b/server/vendor/github.com/pion/transport/v2/vnet/tbf.go
new file mode 100644
index 0000000..e6188e3
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/tbf.go
@@ -0,0 +1,167 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"math"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+const (
+	// Bit is a single bit
+	Bit = 1
+	// KBit is a kilobit
+	KBit = 1000 * Bit
+	// MBit is a Megabit
+	MBit = 1000 * KBit
+)
+
+// TokenBucketFilter implements a token bucket rate limit algorithm.
+type TokenBucketFilter struct {
+	NIC
+	currentTokensInBucket float64
+	c                     chan Chunk
+	queue                 *chunkQueue
+	queueSize             int // in bytes
+
+	mutex             sync.Mutex
+	rate              int
+	maxBurst          int
+	minRefillDuration time.Duration
+
+	wg   sync.WaitGroup
+	done chan struct{}
+
+	log logging.LeveledLogger
+}
+
+// TBFOption is the option type to configure a TokenBucketFilter
+type TBFOption func(*TokenBucketFilter) TBFOption
+
+// TBFQueueSizeInBytes sets the max number of bytes waiting in the queue. Can
+// only be set in constructor before using the TBF.
+func TBFQueueSizeInBytes(bytes int) TBFOption {
+	return func(t *TokenBucketFilter) TBFOption {
+		prev := t.queueSize
+		t.queueSize = bytes
+		return TBFQueueSizeInBytes(prev)
+	}
+}
+
+// TBFRate sets the bit rate of a TokenBucketFilter
+func TBFRate(rate int) TBFOption {
+	return func(t *TokenBucketFilter) TBFOption {
+		t.mutex.Lock()
+		defer t.mutex.Unlock()
+		previous := t.rate
+		t.rate = rate
+		return TBFRate(previous)
+	}
+}
+
+// TBFMaxBurst sets the bucket size of the token bucket filter. This is the
+// maximum size that can instantly leave the filter, if the bucket is full.
+func TBFMaxBurst(size int) TBFOption {
+	return func(t *TokenBucketFilter) TBFOption {
+		t.mutex.Lock()
+		defer t.mutex.Unlock()
+		previous := t.maxBurst
+		t.maxBurst = size
+		return TBFMaxBurst(previous)
+	}
+}
+
+// Set updates a setting on the token bucket filter
+func (t *TokenBucketFilter) Set(opts ...TBFOption) (previous TBFOption) {
+	for _, opt := range opts {
+		previous = opt(t)
+	}
+	return previous
+}
+
+// NewTokenBucketFilter creates and starts a new TokenBucketFilter
+func NewTokenBucketFilter(n NIC, opts ...TBFOption) (*TokenBucketFilter, error) {
+	tbf := &TokenBucketFilter{
+		NIC:                   n,
+		currentTokensInBucket: 0,
+		c:                     make(chan Chunk),
+		queue:                 nil,
+		queueSize:             50000,
+		mutex:                 sync.Mutex{},
+		rate:                  1 * MBit,
+		maxBurst:              8 * KBit,
+		minRefillDuration:     100 * time.Millisecond,
+		wg:                    sync.WaitGroup{},
+		done:                  make(chan struct{}),
+		log:                   logging.NewDefaultLoggerFactory().NewLogger("tbf"),
+	}
+	tbf.Set(opts...)
+	tbf.queue = newChunkQueue(0, tbf.queueSize)
+	tbf.wg.Add(1)
+	go tbf.run()
+	return tbf, nil
+}
+
+func (t *TokenBucketFilter) onInboundChunk(c Chunk) {
+	t.c <- c
+}
+
+func (t *TokenBucketFilter) run() {
+	defer t.wg.Done()
+
+	t.refillTokens(t.minRefillDuration)
+	lastRefill := time.Now()
+
+	for {
+		select {
+		case <-t.done:
+			t.drainQueue()
+			return
+		case chunk := <-t.c:
+			if time.Since(lastRefill) > t.minRefillDuration {
+				t.refillTokens(time.Since(lastRefill))
+				lastRefill = time.Now()
+			}
+			t.queue.push(chunk)
+			t.drainQueue()
+		}
+	}
+}
+
+func (t *TokenBucketFilter) refillTokens(dt time.Duration) {
+	m := 1000.0 / float64(dt.Milliseconds())
+	add := (float64(t.rate) / m) / 8.0
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+	t.currentTokensInBucket = math.Min(float64(t.maxBurst), t.currentTokensInBucket+add)
+	t.log.Tracef("add=(%v / %v) / 8 = %v, currentTokensInBucket=%v, maxBurst=%v", t.rate, m, add, t.currentTokensInBucket, t.maxBurst)
+}
+
+func (t *TokenBucketFilter) drainQueue() {
+	for {
+		next := t.queue.peek()
+		if next == nil {
+			break
+		}
+		tokens := float64(len(next.UserData()))
+		if t.currentTokensInBucket < tokens {
+			t.log.Tracef("currentTokensInBucket=%v, tokens=%v, stop drain", t.currentTokensInBucket, tokens)
+			break
+		}
+		t.log.Tracef("currentTokensInBucket=%v, tokens=%v, pop chunk", t.currentTokensInBucket, tokens)
+		t.queue.pop()
+		t.NIC.onInboundChunk(next)
+		t.currentTokensInBucket -= tokens
+	}
+}
+
+// Close closes and stops the token bucket filter queue
+func (t *TokenBucketFilter) Close() error {
+	close(t.done)
+	t.wg.Wait()
+	return nil
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/udpproxy.go b/server/vendor/github.com/pion/transport/v2/vnet/udpproxy.go
new file mode 100644
index 0000000..c5b4f99
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/udpproxy.go
@@ -0,0 +1,223 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"context"
+	"net"
+	"sync"
+	"time"
+)
+
+// UDPProxy is a proxy between real server(net.UDPConn) and vnet.UDPConn.
+//
+// High level design:
+//
+//	                        ..............................................
+//	                        :         Virtual Network (vnet)             :
+//	                        :                                            :
+//	+-------+ *         1 +----+         +--------+                      :
+//	| :App  |------------>|:Net|--o<-----|:Router |          .............................
+//	+-------+             +----+         |        |          :        UDPProxy           :
+//	                        :            |        |       +----+     +---------+     +---------+     +--------+
+//	                        :            |        |--->o--|:Net|-->o-| vnet.   |-->o-|  net.   |--->-| :Real  |
+//	                        :            |        |       +----+     | UDPConn |     | UDPConn |     | Server |
+//	                        :            |        |          :       +---------+     +---------+     +--------+
+//	                        :            |        |          ............................:
+//	                        :            +--------+                       :
+//	                        ...............................................
+type UDPProxy struct {
+	// The router bind to.
+	router *Router
+
+	// Each vnet source, bind to a real socket to server.
+	// key is real server addr, which is net.Addr
+	// value is *aUDPProxyWorker
+	workers sync.Map
+
+	// For each endpoint, we never know when to start and stop proxy,
+	// so we stop the endpoint when timeout.
+	timeout time.Duration
+
+	// For utest, to mock the target real server.
+	// Optional, use the address of received client packet.
+	mockRealServerAddr *net.UDPAddr
+}
+
+// NewProxy create a proxy, the router for this proxy belongs/bind to. If need to proxy for
+// please create a new proxy for each router. For all addresses we proxy, we will create a
+// vnet.Net in this router and proxy all packets.
+func NewProxy(router *Router) (*UDPProxy, error) {
+	v := &UDPProxy{router: router, timeout: 2 * time.Minute}
+	return v, nil
+}
+
+// Close the proxy, stop all workers.
+func (v *UDPProxy) Close() error {
+	v.workers.Range(func(key, value interface{}) bool {
+		_ = value.(*aUDPProxyWorker).Close() //nolint:forcetypeassert
+		return true
+	})
+	return nil
+}
+
+// Proxy starts a worker for server, ignore if already started.
+func (v *UDPProxy) Proxy(client *Net, server *net.UDPAddr) error {
+	// Note that even if the worker exists, it's also ok to create a same worker,
+	// because the router will use the last one, and the real server will see a address
+	// change event after we switch to the next worker.
+	if _, ok := v.workers.Load(server.String()); ok {
+		// nolint:godox // TODO: Need to restart the stopped worker?
+		return nil
+	}
+
+	// Not exists, create a new one.
+	worker := &aUDPProxyWorker{
+		router: v.router, mockRealServerAddr: v.mockRealServerAddr,
+	}
+
+	// Create context for cleanup.
+	var ctx context.Context
+	ctx, worker.ctxDisposeCancel = context.WithCancel(context.Background())
+
+	v.workers.Store(server.String(), worker)
+
+	return worker.Proxy(ctx, client, server)
+}
+
+// A proxy worker for a specified proxy server.
+type aUDPProxyWorker struct {
+	router             *Router
+	mockRealServerAddr *net.UDPAddr
+
+	// Each vnet source, bind to a real socket to server.
+	// key is vnet client addr, which is net.Addr
+	// value is *net.UDPConn
+	endpoints sync.Map
+
+	// For cleanup.
+	ctxDisposeCancel context.CancelFunc
+	wg               sync.WaitGroup
+}
+
+func (v *aUDPProxyWorker) Close() error {
+	// Notify all goroutines to dispose.
+	v.ctxDisposeCancel()
+
+	// Wait for all goroutines quit.
+	v.wg.Wait()
+
+	return nil
+}
+
+func (v *aUDPProxyWorker) Proxy(ctx context.Context, _ *Net, serverAddr *net.UDPAddr) error { // nolint:gocognit
+	// Create vnet for real server by serverAddr.
+	nw, err := NewNet(&NetConfig{
+		StaticIP: serverAddr.IP.String(),
+	})
+	if err != nil {
+		return err
+	}
+
+	if err = v.router.AddNet(nw); err != nil {
+		return err
+	}
+
+	// We must create a "same" vnet.UDPConn as the net.UDPConn,
+	// which has the same ip:port, to copy packets between them.
+	vnetSocket, err := nw.ListenUDP("udp4", serverAddr)
+	if err != nil {
+		return err
+	}
+
+	// User stop proxy, we should close the socket.
+	go func() {
+		<-ctx.Done()
+		_ = vnetSocket.Close()
+	}()
+
+	// Got new vnet client, start a new endpoint.
+	findEndpointBy := func(addr net.Addr) (*net.UDPConn, error) {
+		// Exists binding.
+		if value, ok := v.endpoints.Load(addr.String()); ok {
+			// Exists endpoint, reuse it.
+			return value.(*net.UDPConn), nil //nolint:forcetypeassert
+		}
+
+		// The real server we proxy to, for utest to mock it.
+		realAddr := serverAddr
+		if v.mockRealServerAddr != nil {
+			realAddr = v.mockRealServerAddr
+		}
+
+		// Got new vnet client, create new endpoint.
+		realSocket, err := net.DialUDP("udp4", nil, realAddr)
+		if err != nil {
+			return nil, err
+		}
+
+		// User stop proxy, we should close the socket.
+		go func() {
+			<-ctx.Done()
+			_ = realSocket.Close()
+		}()
+
+		// Bind address.
+		v.endpoints.Store(addr.String(), realSocket)
+
+		// Got packet from real serverAddr, we should proxy it to vnet.
+		v.wg.Add(1)
+		go func(vnetClientAddr net.Addr) {
+			defer v.wg.Done()
+
+			buf := make([]byte, 1500)
+			for {
+				n, _, err := realSocket.ReadFrom(buf)
+				if err != nil {
+					return
+				}
+
+				if n <= 0 {
+					continue // Drop packet
+				}
+
+				if _, err := vnetSocket.WriteTo(buf[:n], vnetClientAddr); err != nil {
+					return
+				}
+			}
+		}(addr)
+
+		return realSocket, nil
+	}
+
+	// Start a proxy goroutine.
+	v.wg.Add(1)
+	go func() {
+		defer v.wg.Done()
+
+		buf := make([]byte, 1500)
+
+		for {
+			n, addr, err := vnetSocket.ReadFrom(buf)
+			if err != nil {
+				return
+			}
+
+			if n <= 0 || addr == nil {
+				continue // Drop packet
+			}
+
+			realSocket, err := findEndpointBy(addr)
+			if err != nil {
+				continue // Drop packet.
+			}
+
+			if _, err := realSocket.Write(buf[:n]); err != nil {
+				return
+			}
+		}
+	}()
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/udpproxy_direct.go b/server/vendor/github.com/pion/transport/v2/vnet/udpproxy_direct.go
new file mode 100644
index 0000000..bb2aedf
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/udpproxy_direct.go
@@ -0,0 +1,48 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package vnet
+
+import (
+	"fmt"
+	"net"
+)
+
+// Deliver directly send packet to vnet or real-server.
+// For example, we can use this API to simulate the REPLAY ATTACK.
+func (v *UDPProxy) Deliver(sourceAddr, destAddr net.Addr, b []byte) (nn int, err error) {
+	v.workers.Range(func(key, value interface{}) bool {
+		if nn, err = value.(*aUDPProxyWorker).Deliver(sourceAddr, destAddr, b); err != nil {
+			return false // Fail, abort.
+		} else if nn == len(b) {
+			return false // Done.
+		}
+
+		return true // Deliver by next worker.
+	})
+	return
+}
+
+func (v *aUDPProxyWorker) Deliver(sourceAddr, _ net.Addr, b []byte) (nn int, err error) {
+	addr, ok := sourceAddr.(*net.UDPAddr)
+	if !ok {
+		return 0, fmt.Errorf("invalid addr %v", sourceAddr) // nolint:goerr113
+	}
+
+	// nolint:godox // TODO: Support deliver packet from real server to vnet.
+	// If packet is from vnet, proxy to real server.
+	var realSocket *net.UDPConn
+	value, ok := v.endpoints.Load(addr.String())
+	if !ok {
+		return 0, nil
+	}
+
+	realSocket = value.(*net.UDPConn) // nolint:forcetypeassert
+
+	// Send to real server.
+	if _, err := realSocket.Write(b); err != nil {
+		return 0, err
+	}
+
+	return len(b), nil
+}
diff --git a/server/vendor/github.com/pion/transport/v2/vnet/vnet.go b/server/vendor/github.com/pion/transport/v2/vnet/vnet.go
new file mode 100644
index 0000000..1d244f0
--- /dev/null
+++ b/server/vendor/github.com/pion/transport/v2/vnet/vnet.go
@@ -0,0 +1,5 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package vnet provides a virtual network layer for pion
+package vnet
diff --git a/server/vendor/github.com/pion/turn/v2/.gitignore b/server/vendor/github.com/pion/turn/v2/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/turn/v2/.golangci.yml b/server/vendor/github.com/pion/turn/v2/.golangci.yml
new file mode 100644
index 0000000..4e3eddf
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/.golangci.yml
@@ -0,0 +1,137 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests, better to be self contained
+    - path: _test\.go
+      linters:
+        - gocognit
+        - forbidigo
+
+    # Allow complex main function in examples
+    - path: examples
+      text: "of func `main` is high"
+      linters:
+        - gocognit
+    
+    # Allow forbidden identifiers in examples
+    - path: examples
+      linters:
+        - forbidigo
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/turn/v2/.goreleaser.yml b/server/vendor/github.com/pion/turn/v2/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/turn/v2/AUTHORS.txt b/server/vendor/github.com/pion/turn/v2/AUTHORS.txt
new file mode 100644
index 0000000..ea98498
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/AUTHORS.txt
@@ -0,0 +1,48 @@
+# Thank you to everyone that made Pion possible. If you are interested in contributing
+# we would love to have you https://github.com/pion/webrtc/wiki/Contributing
+#
+# This file is auto generated, using git to list all individuals contributors.
+# see https://github.com/pion/.goassets/blob/master/scripts/generate-authors.sh for the scripting
+Aaron France <aaron.l.france@gmail.com>
+Aleksandr Razumov <ar@gortc.io>
+anastasia <anastasia@plutoview.com>
+andrefsp <andrefsp@gmail.com>
+Andy Yan <yan.andy4@gmail.com>
+Antonio Sorrentino <ansorrenltd@gmail.com>
+Artem Yarovenko <a.yarovenko@rubetek.com>
+Atsushi Watanabe <atsushi.w@ieee.org>
+backkem <mail@backkem.me>
+boks1971 <raja.gobi@tutanota.com>
+Caleb Phillips <calebrphillips@gmail.com>
+cnderrauber <zengjie9004@gmail.com>
+David Colburn <xero73@gmail.com>
+Gabor Retvari <retvari@tmit.bme.hu>
+Harold Thetiot <hthetiot@gmail.com>
+Herman Banken <hermanbanken@gmail.com>
+Hugo Arregui <hugo.arregui@gmail.com>
+Igor German <igor.german@synesis.ru>
+Ingmar Wittkau <iwittkau@users.noreply.github.com>
+Jannis Mattheis <contact@jmattheis.de>
+John Bradley <john@pion.ly>
+jose nazario <jose.monkey.org@gmail.com>
+Juliusz Chroboczek <jch@irif.fr>
+lllf <littlelightlittlefire@gmail.com>
+Lukas Rezek <lukas@miratronix.com>
+Marouane <6729798+nindolabs@users.noreply.github.com>
+Mészáros Mihály <bakfitty@gmail.com>
+nindolabs <6729798+nindolabs@users.noreply.github.com>
+Onwuka Gideon <dongidomed@gmail.com>
+Robert Eperjesi <eperjesi@uber.com>
+Sean DuBois <duboisea@twitch.tv>
+Sean DuBois <seaduboi@amazon.com>
+Sean DuBois <sean@pion.ly>
+Sean DuBois <sean@siobud.com>
+songjiayang <songjiayang@jd.com>
+Steffen Vogel <post@steffenvogel.de>
+ted <ted@skydio.com>
+Tom Clift <tom@clift.id.au>
+Yusuke Nakamura <yusuke1994525@gmail.com>
+Yutaka Takeda <yt0916@gmail.com>
+
+# List of contributors not appearing in Git history
+
diff --git a/server/vendor/github.com/pion/turn/v2/LICENSE b/server/vendor/github.com/pion/turn/v2/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/turn/v2/README.md b/server/vendor/github.com/pion/turn/v2/README.md
new file mode 100644
index 0000000..5adcfe7
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/README.md
@@ -0,0 +1,93 @@
+<h1 align="center">
+  <a href="https://pion.ly"><img src="./.github/gopher-pion.png" alt="Pion TURN" height="250px"></a>
+  <br>
+  Pion TURN
+  <br>
+</h1>
+<h4 align="center">A toolkit for building TURN clients and servers in Go</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-turn-gray.svg?longCache=true&colorB=brightgreen" alt="Pion TURN"></a>
+  <a href="http://gophers.slack.com/messages/pion"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <a href="https://github.com/pion/awesome-pion" alt="Awesome Pion"><img src="https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/turn/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/turn/v2"><img src="https://pkg.go.dev/badge/github.com/pion/turn/v2.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/turn"><img src="https://codecov.io/gh/pion/turn/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/turn/v2"><img src="https://goreportcard.com/badge/github.com/pion/turn/v2" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+Pion TURN is a Go toolkit for building TURN servers and clients. We wrote it to solve problems we had when building RTC projects.
+
+* **Deployable** - Use modern tooling of the Go ecosystem. Stop generating config files.
+* **Embeddable** - Include `pion/turn` in your existing applications. No need to manage another service.
+* **Extendable** - TURN as an API so you can easily integrate with your existing monitoring and metrics.
+* **Maintainable** - `pion/turn` is simple and well documented. Designed for learning and easy debugging.
+* **Portable** - Quickly deploy to multiple architectures/platforms just by setting an environment variable.
+* **Safe** - Stability and safety is important for network services. Go provides everything we need.
+* **Scalable** - Create allocations and mutate state at runtime. Designed to make scaling easy.
+
+### Using
+`pion/turn` is an API for building STUN/TURN clients and servers, not a binary you deploy then configure. It may require copying our examples and
+making minor modifications to fit your need, no knowledge of Go is required however. You may be able to download the pre-made binaries of our examples
+if you wish to get started quickly.
+
+The advantage of this is that you don't need to deal with complicated config files, or custom APIs to modify the state of Pion TURN.
+After you instantiate an instance of a Pion TURN server or client you interact with it like any library. The quickest way to get started is to look at the
+[examples](examples) or [GoDoc](https://godoc.org/github.com/pion/turn)
+
+### Examples
+We try to cover most common use cases in [examples](examples). If more examples could be helpful please file an issue, we are always looking
+to expand and improve `pion/turn` to make it easier for developers.
+
+To build any example you just need to run `go build` in the directory of the example you care about.
+It is also very easy to [cross compile](https://dave.cheney.net/2015/08/22/cross-compilation-with-go-1-5) Go programs.
+
+You can also see `pion/turn` usage in [pion/ice](https://github.com/pion/ice)
+
+### FAQ
+
+Also take a look at the [Pion WebRTC FAQ](https://github.com/pion/webrtc/wiki/FAQ)
+
+#### Will pion/turn also act as a STUN server?
+Yes.
+
+#### How do I implement token-based authentication?
+Replace the username with a token in the [AuthHandler](https://github.com/pion/turn/blob/6d0ff435910870eb9024b18321b93b61844fcfec/examples/turn-server/simple/main.go#L49).
+The password sent by the client can be any non-empty string, as long as it matches that used by the [GenerateAuthKey](https://github.com/pion/turn/blob/6d0ff435910870eb9024b18321b93b61844fcfec/examples/turn-server/simple/main.go#L41)
+function.
+
+#### Will WebRTC prioritize using STUN over TURN?
+Yes.
+
+### RFCs
+#### Implemented
+* **RFC 5389**: [Session Traversal Utilities for NAT (STUN)][rfc5389]
+* **RFC 5766**: [Traversal Using Relays around NAT (TURN): Relay Extensions to Session Traversal Utilities for NAT (STUN)][rfc5766]
+
+#### Planned
+* **RFC 6062**: [Traversal Using Relays around NAT (TURN) Extensions for TCP Allocations][rfc6062]
+* **RFC 6156**: [Traversal Using Relays around NAT (TURN) Extension for IPv6][rfc6156]
+
+[rfc5389]: https://tools.ietf.org/html/rfc5389
+[rfc5766]: https://tools.ietf.org/html/rfc5766
+[rfc6062]: https://tools.ietf.org/html/rfc6062
+[rfc6156]: https://tools.ietf.org/html/rfc6156
+
+### Roadmap
+The library is used as a part of our WebRTC implementation. Please refer to that [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible: [AUTHORS.txt](./AUTHORS.txt)
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/turn/v2/client.go b/server/vendor/github.com/pion/turn/v2/client.go
new file mode 100644
index 0000000..350715c
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/client.go
@@ -0,0 +1,685 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package turn
+
+import (
+	b64 "encoding/base64"
+	"fmt"
+	"math"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/stdnet"
+	"github.com/pion/turn/v2/internal/client"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+const (
+	defaultRTO        = 200 * time.Millisecond
+	maxRtxCount       = 7              // Total 7 requests (Rc)
+	maxDataBufferSize = math.MaxUint16 // Message size limit for Chromium
+)
+
+//              interval [msec]
+// 0: 0 ms      +500
+// 1: 500 ms	+1000
+// 2: 1500 ms   +2000
+// 3: 3500 ms   +4000
+// 4: 7500 ms   +8000
+// 5: 15500 ms  +16000
+// 6: 31500 ms  +32000
+// -: 63500 ms  failed
+
+// ClientConfig is a bag of config parameters for Client.
+type ClientConfig struct {
+	STUNServerAddr string // STUN server address (e.g. "stun.abc.com:3478")
+	TURNServerAddr string // TURN server address (e.g. "turn.abc.com:3478")
+	Username       string
+	Password       string
+	Realm          string
+	Software       string
+	RTO            time.Duration
+	Conn           net.PacketConn // Listening socket (net.PacketConn)
+	Net            transport.Net
+	LoggerFactory  logging.LoggerFactory
+}
+
+// Client is a STUN server client
+type Client struct {
+	conn           net.PacketConn // Read-only
+	net            transport.Net  // Read-only
+	stunServerAddr net.Addr       // Read-only
+	turnServerAddr net.Addr       // Read-only
+
+	username      stun.Username          // Read-only
+	password      string                 // Read-only
+	realm         stun.Realm             // Read-only
+	integrity     stun.MessageIntegrity  // Read-only
+	software      stun.Software          // Read-only
+	trMap         *client.TransactionMap // Thread-safe
+	rto           time.Duration          // Read-only
+	relayedConn   *client.UDPConn        // Protected by mutex ***
+	tcpAllocation *client.TCPAllocation  // Protected by mutex ***
+	allocTryLock  client.TryLock         // Thread-safe
+	listenTryLock client.TryLock         // Thread-safe
+	mutex         sync.RWMutex           // Thread-safe
+	mutexTrMap    sync.Mutex             // Thread-safe
+	log           logging.LeveledLogger  // Read-only
+}
+
+// NewClient returns a new Client instance. listeningAddress is the address and port to listen on, default "0.0.0.0:0"
+func NewClient(config *ClientConfig) (*Client, error) {
+	loggerFactory := config.LoggerFactory
+	if loggerFactory == nil {
+		loggerFactory = logging.NewDefaultLoggerFactory()
+	}
+
+	log := loggerFactory.NewLogger("turnc")
+
+	if config.Conn == nil {
+		return nil, errNilConn
+	}
+
+	rto := defaultRTO
+	if config.RTO > 0 {
+		rto = config.RTO
+	}
+
+	if config.Net == nil {
+		n, err := stdnet.NewNet()
+		if err != nil {
+			return nil, err
+		}
+		config.Net = n
+	}
+
+	var stunServ, turnServ net.Addr
+	var err error
+
+	if len(config.STUNServerAddr) > 0 {
+		stunServ, err = config.Net.ResolveUDPAddr("udp4", config.STUNServerAddr)
+		if err != nil {
+			return nil, err
+		}
+
+		log.Debugf("Resolved STUN server %s to %s", config.STUNServerAddr, stunServ)
+	}
+
+	if len(config.TURNServerAddr) > 0 {
+		turnServ, err = config.Net.ResolveUDPAddr("udp4", config.TURNServerAddr)
+		if err != nil {
+			return nil, err
+		}
+
+		log.Debugf("Resolved TURN server %s to %s", config.TURNServerAddr, turnServ)
+	}
+
+	c := &Client{
+		conn:           config.Conn,
+		stunServerAddr: stunServ,
+		turnServerAddr: turnServ,
+		username:       stun.NewUsername(config.Username),
+		password:       config.Password,
+		realm:          stun.NewRealm(config.Realm),
+		software:       stun.NewSoftware(config.Software),
+		trMap:          client.NewTransactionMap(),
+		net:            config.Net,
+		rto:            rto,
+		log:            log,
+	}
+
+	return c, nil
+}
+
+// TURNServerAddr return the TURN server address
+func (c *Client) TURNServerAddr() net.Addr {
+	return c.turnServerAddr
+}
+
+// STUNServerAddr return the STUN server address
+func (c *Client) STUNServerAddr() net.Addr {
+	return c.stunServerAddr
+}
+
+// Username returns username
+func (c *Client) Username() stun.Username {
+	return c.username
+}
+
+// Realm return realm
+func (c *Client) Realm() stun.Realm {
+	return c.realm
+}
+
+// WriteTo sends data to the specified destination using the base socket.
+func (c *Client) WriteTo(data []byte, to net.Addr) (int, error) {
+	return c.conn.WriteTo(data, to)
+}
+
+// Listen will have this client start listening on the conn provided via the config.
+// This is optional. If not used, you will need to call HandleInbound method
+// to supply incoming data, instead.
+func (c *Client) Listen() error {
+	if err := c.listenTryLock.Lock(); err != nil {
+		return fmt.Errorf("%w: %s", errAlreadyListening, err.Error())
+	}
+
+	go func() {
+		buf := make([]byte, maxDataBufferSize)
+		for {
+			n, from, err := c.conn.ReadFrom(buf)
+			if err != nil {
+				c.log.Debugf("Failed to read: %s. Exiting loop", err)
+				break
+			}
+
+			_, err = c.HandleInbound(buf[:n], from)
+			if err != nil {
+				c.log.Debugf("Failed to handle inbound message: %s. Exiting loop", err)
+				break
+			}
+		}
+
+		c.listenTryLock.Unlock()
+	}()
+
+	return nil
+}
+
+// Close closes this client
+func (c *Client) Close() {
+	c.mutexTrMap.Lock()
+	defer c.mutexTrMap.Unlock()
+
+	c.trMap.CloseAndDeleteAll()
+}
+
+// TransactionID & Base64: https://play.golang.org/p/EEgmJDI971P
+
+// SendBindingRequestTo sends a new STUN request to the given transport address
+func (c *Client) SendBindingRequestTo(to net.Addr) (net.Addr, error) {
+	attrs := []stun.Setter{stun.TransactionID, stun.BindingRequest}
+	if len(c.software) > 0 {
+		attrs = append(attrs, c.software)
+	}
+
+	msg, err := stun.Build(attrs...)
+	if err != nil {
+		return nil, err
+	}
+	trRes, err := c.PerformTransaction(msg, to, false)
+	if err != nil {
+		return nil, err
+	}
+
+	var reflAddr stun.XORMappedAddress
+	if err := reflAddr.GetFrom(trRes.Msg); err != nil {
+		return nil, err
+	}
+
+	return &net.UDPAddr{
+		IP:   reflAddr.IP,
+		Port: reflAddr.Port,
+	}, nil
+}
+
+// SendBindingRequest sends a new STUN request to the STUN server
+func (c *Client) SendBindingRequest() (net.Addr, error) {
+	if c.stunServerAddr == nil {
+		return nil, errSTUNServerAddressNotSet
+	}
+	return c.SendBindingRequestTo(c.stunServerAddr)
+}
+
+func (c *Client) sendAllocateRequest(protocol proto.Protocol) (proto.RelayedAddress, proto.Lifetime, stun.Nonce, error) {
+	var relayed proto.RelayedAddress
+	var lifetime proto.Lifetime
+	var nonce stun.Nonce
+
+	msg, err := stun.Build(
+		stun.TransactionID,
+		stun.NewType(stun.MethodAllocate, stun.ClassRequest),
+		proto.RequestedTransport{Protocol: protocol},
+		stun.Fingerprint,
+	)
+	if err != nil {
+		return relayed, lifetime, nonce, err
+	}
+
+	trRes, err := c.PerformTransaction(msg, c.turnServerAddr, false)
+	if err != nil {
+		return relayed, lifetime, nonce, err
+	}
+
+	res := trRes.Msg
+
+	// Anonymous allocate failed, trying to authenticate.
+	if err = nonce.GetFrom(res); err != nil {
+		return relayed, lifetime, nonce, err
+	}
+	if err = c.realm.GetFrom(res); err != nil {
+		return relayed, lifetime, nonce, err
+	}
+	c.realm = append([]byte(nil), c.realm...)
+	c.integrity = stun.NewLongTermIntegrity(
+		c.username.String(), c.realm.String(), c.password,
+	)
+	// Trying to authorize.
+	msg, err = stun.Build(
+		stun.TransactionID,
+		stun.NewType(stun.MethodAllocate, stun.ClassRequest),
+		proto.RequestedTransport{Protocol: protocol},
+		&c.username,
+		&c.realm,
+		&nonce,
+		&c.integrity,
+		stun.Fingerprint,
+	)
+	if err != nil {
+		return relayed, lifetime, nonce, err
+	}
+
+	trRes, err = c.PerformTransaction(msg, c.turnServerAddr, false)
+	if err != nil {
+		return relayed, lifetime, nonce, err
+	}
+	res = trRes.Msg
+
+	if res.Type.Class == stun.ClassErrorResponse {
+		var code stun.ErrorCodeAttribute
+		if err = code.GetFrom(res); err == nil {
+			return relayed, lifetime, nonce, fmt.Errorf("%s (error %s)", res.Type, code) //nolint:goerr113
+		}
+		return relayed, lifetime, nonce, fmt.Errorf("%s", res.Type) //nolint:goerr113
+	}
+
+	// Getting relayed addresses from response.
+	if err := relayed.GetFrom(res); err != nil {
+		return relayed, lifetime, nonce, err
+	}
+
+	// Getting lifetime from response
+	if err := lifetime.GetFrom(res); err != nil {
+		return relayed, lifetime, nonce, err
+	}
+	return relayed, lifetime, nonce, nil
+}
+
+// Allocate sends a TURN allocation request to the given transport address
+func (c *Client) Allocate() (net.PacketConn, error) {
+	if err := c.allocTryLock.Lock(); err != nil {
+		return nil, fmt.Errorf("%w: %s", errOneAllocateOnly, err.Error())
+	}
+	defer c.allocTryLock.Unlock()
+
+	relayedConn := c.relayedUDPConn()
+	if relayedConn != nil {
+		return nil, fmt.Errorf("%w: %s", errAlreadyAllocated, relayedConn.LocalAddr().String())
+	}
+
+	relayed, lifetime, nonce, err := c.sendAllocateRequest(proto.ProtoUDP)
+	if err != nil {
+		return nil, err
+	}
+
+	relayedAddr := &net.UDPAddr{
+		IP:   relayed.IP,
+		Port: relayed.Port,
+	}
+
+	relayedConn = client.NewUDPConn(&client.AllocationConfig{
+		Client:      c,
+		RelayedAddr: relayedAddr,
+		ServerAddr:  c.turnServerAddr,
+		Realm:       c.realm,
+		Username:    c.username,
+		Integrity:   c.integrity,
+		Nonce:       nonce,
+		Lifetime:    lifetime.Duration,
+		Net:         c.net,
+		Log:         c.log,
+	})
+	c.setRelayedUDPConn(relayedConn)
+
+	return relayedConn, nil
+}
+
+// AllocateTCP creates a new TCP allocation at the TURN server.
+func (c *Client) AllocateTCP() (*client.TCPAllocation, error) {
+	if err := c.allocTryLock.Lock(); err != nil {
+		return nil, fmt.Errorf("%w: %s", errOneAllocateOnly, err.Error())
+	}
+	defer c.allocTryLock.Unlock()
+
+	allocation := c.getTCPAllocation()
+	if allocation != nil {
+		return nil, fmt.Errorf("%w: %s", errAlreadyAllocated, allocation.Addr())
+	}
+
+	relayed, lifetime, nonce, err := c.sendAllocateRequest(proto.ProtoTCP)
+	if err != nil {
+		return nil, err
+	}
+
+	relayedAddr := &net.TCPAddr{
+		IP:   relayed.IP,
+		Port: relayed.Port,
+	}
+
+	allocation = client.NewTCPAllocation(&client.AllocationConfig{
+		Client:      c,
+		RelayedAddr: relayedAddr,
+		ServerAddr:  c.turnServerAddr,
+		Realm:       c.realm,
+		Username:    c.username,
+		Integrity:   c.integrity,
+		Nonce:       nonce,
+		Lifetime:    lifetime.Duration,
+		Net:         c.net,
+		Log:         c.log,
+	})
+
+	c.setTCPAllocation(allocation)
+
+	return allocation, nil
+}
+
+// CreatePermission Issues a CreatePermission request for the supplied addresses
+// as described in https://datatracker.ietf.org/doc/html/rfc5766#section-9
+func (c *Client) CreatePermission(addrs ...net.Addr) error {
+	if conn := c.relayedUDPConn(); conn != nil {
+		if err := conn.CreatePermissions(addrs...); err != nil {
+			return err
+		}
+	}
+
+	if allocation := c.getTCPAllocation(); allocation != nil {
+		if err := allocation.CreatePermissions(addrs...); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// PerformTransaction performs STUN transaction
+func (c *Client) PerformTransaction(msg *stun.Message, to net.Addr, ignoreResult bool) (client.TransactionResult,
+	error,
+) {
+	trKey := b64.StdEncoding.EncodeToString(msg.TransactionID[:])
+
+	raw := make([]byte, len(msg.Raw))
+	copy(raw, msg.Raw)
+
+	tr := client.NewTransaction(&client.TransactionConfig{
+		Key:          trKey,
+		Raw:          raw,
+		To:           to,
+		Interval:     c.rto,
+		IgnoreResult: ignoreResult,
+	})
+
+	c.trMap.Insert(trKey, tr)
+
+	c.log.Tracef("Start %s transaction %s to %s", msg.Type, trKey, tr.To)
+	_, err := c.conn.WriteTo(tr.Raw, to)
+	if err != nil {
+		return client.TransactionResult{}, err
+	}
+
+	tr.StartRtxTimer(c.onRtxTimeout)
+
+	// If ignoreResult is true, get the transaction going and return immediately
+	if ignoreResult {
+		return client.TransactionResult{}, nil
+	}
+
+	res := tr.WaitForResult()
+	if res.Err != nil {
+		return res, res.Err
+	}
+	return res, nil
+}
+
+// OnDeallocated is called when de-allocation of relay address has been complete.
+// (Called by UDPConn)
+func (c *Client) OnDeallocated(net.Addr) {
+	c.setRelayedUDPConn(nil)
+	c.setTCPAllocation(nil)
+}
+
+// HandleInbound handles data received.
+// This method handles incoming packet de-multiplex it by the source address
+// and the types of the message.
+// This return a boolean (handled or not) and if there was an error.
+// Caller should check if the packet was handled by this client or not.
+// If not handled, it is assumed that the packet is application data.
+// If an error is returned, the caller should discard the packet regardless.
+func (c *Client) HandleInbound(data []byte, from net.Addr) (bool, error) {
+	// +-------------------+-------------------------------+
+	// |   Return Values   |                               |
+	// +-------------------+       Meaning / Action        |
+	// | handled |  error  |                               |
+	// |=========+=========+===============================+
+	// |  false  |   nil   | Handle the packet as app data |
+	// |---------+---------+-------------------------------+
+	// |  true   |   nil   |        Nothing to do          |
+	// |---------+---------+-------------------------------+
+	// |  false  |  error  |     (shouldn't happen)        |
+	// |---------+---------+-------------------------------+
+	// |  true   |  error  | Error occurred while handling |
+	// +---------+---------+-------------------------------+
+	// Possible causes of the error:
+	//  - Malformed packet (parse error)
+	//  - STUN message was a request
+	//  - Non-STUN message from the STUN server
+
+	switch {
+	case stun.IsMessage(data):
+		return true, c.handleSTUNMessage(data, from)
+	case proto.IsChannelData(data):
+		return true, c.handleChannelData(data)
+	case c.stunServerAddr != nil && from.String() == c.stunServerAddr.String():
+		// Received from STUN server but it is not a STUN message
+		return true, errNonSTUNMessage
+	default:
+		// Assume, this is an application data
+		c.log.Tracef("Ignoring non-STUN/TURN packet")
+	}
+
+	return false, nil
+}
+
+func (c *Client) handleSTUNMessage(data []byte, from net.Addr) error {
+	raw := make([]byte, len(data))
+	copy(raw, data)
+
+	msg := &stun.Message{Raw: raw}
+	if err := msg.Decode(); err != nil {
+		return fmt.Errorf("%w: %s", errFailedToDecodeSTUN, err.Error())
+	}
+
+	if msg.Type.Class == stun.ClassRequest {
+		return fmt.Errorf("%w : %s", errUnexpectedSTUNRequestMessage, msg.String())
+	}
+
+	if msg.Type.Class == stun.ClassIndication {
+		switch msg.Type.Method {
+		case stun.MethodData:
+			var peerAddr proto.PeerAddress
+			if err := peerAddr.GetFrom(msg); err != nil {
+				return err
+			}
+			from = &net.UDPAddr{
+				IP:   peerAddr.IP,
+				Port: peerAddr.Port,
+			}
+
+			var data proto.Data
+			if err := data.GetFrom(msg); err != nil {
+				return err
+			}
+
+			c.log.Tracef("Data indication received from %s", from)
+
+			relayedConn := c.relayedUDPConn()
+			if relayedConn == nil {
+				c.log.Debug("No relayed conn allocated")
+				return nil // Silently discard
+			}
+			relayedConn.HandleInbound(data, from)
+		case stun.MethodConnectionAttempt:
+			var peerAddr proto.PeerAddress
+			if err := peerAddr.GetFrom(msg); err != nil {
+				return err
+			}
+
+			addr := &net.TCPAddr{
+				IP:   peerAddr.IP,
+				Port: peerAddr.Port,
+			}
+
+			var cid proto.ConnectionID
+			if err := cid.GetFrom(msg); err != nil {
+				return err
+			}
+
+			c.log.Debugf("Connection attempt from %s", addr)
+
+			allocation := c.getTCPAllocation()
+			if allocation == nil {
+				c.log.Debug("No TCP allocation exists")
+				return nil // Silently discard
+			}
+
+			allocation.HandleConnectionAttempt(addr, cid)
+		default:
+			c.log.Debug("Received unsupported STUN method")
+		}
+		return nil
+	}
+
+	// This is a STUN response message (transactional)
+	// The type is either:
+	// - stun.ClassSuccessResponse
+	// - stun.ClassErrorResponse
+
+	trKey := b64.StdEncoding.EncodeToString(msg.TransactionID[:])
+
+	c.mutexTrMap.Lock()
+	tr, ok := c.trMap.Find(trKey)
+	if !ok {
+		c.mutexTrMap.Unlock()
+		// Silently discard
+		c.log.Debugf("No transaction for %s", msg)
+		return nil
+	}
+
+	// End the transaction
+	tr.StopRtxTimer()
+	c.trMap.Delete(trKey)
+	c.mutexTrMap.Unlock()
+
+	if !tr.WriteResult(client.TransactionResult{
+		Msg:     msg,
+		From:    from,
+		Retries: tr.Retries(),
+	}) {
+		c.log.Debugf("No listener for %s", msg)
+	}
+
+	return nil
+}
+
+func (c *Client) handleChannelData(data []byte) error {
+	chData := &proto.ChannelData{
+		Raw: make([]byte, len(data)),
+	}
+	copy(chData.Raw, data)
+	if err := chData.Decode(); err != nil {
+		return err
+	}
+
+	relayedConn := c.relayedUDPConn()
+	if relayedConn == nil {
+		c.log.Debug("No relayed conn allocated")
+		return nil // Silently discard
+	}
+
+	addr, ok := relayedConn.FindAddrByChannelNumber(uint16(chData.Number))
+	if !ok {
+		return fmt.Errorf("%w: %d", errChannelBindNotFound, int(chData.Number))
+	}
+
+	c.log.Tracef("Channel data received from %s (ch=%d)", addr.String(), int(chData.Number))
+
+	relayedConn.HandleInbound(chData.Data, addr)
+	return nil
+}
+
+func (c *Client) onRtxTimeout(trKey string, nRtx int) {
+	c.mutexTrMap.Lock()
+	defer c.mutexTrMap.Unlock()
+
+	tr, ok := c.trMap.Find(trKey)
+	if !ok {
+		return // Already gone
+	}
+
+	if nRtx == maxRtxCount {
+		// All retransmissions failed
+		c.trMap.Delete(trKey)
+		if !tr.WriteResult(client.TransactionResult{
+			Err: fmt.Errorf("%w %s", errAllRetransmissionsFailed, trKey),
+		}) {
+			c.log.Debug("No listener for transaction")
+		}
+		return
+	}
+
+	c.log.Tracef("Retransmitting transaction %s to %s (nRtx=%d)",
+		trKey, tr.To.String(), nRtx)
+	_, err := c.conn.WriteTo(tr.Raw, tr.To)
+	if err != nil {
+		c.trMap.Delete(trKey)
+		if !tr.WriteResult(client.TransactionResult{
+			Err: fmt.Errorf("%w %s", errFailedToRetransmitTransaction, trKey),
+		}) {
+			c.log.Debug("No listener for transaction")
+		}
+		return
+	}
+	tr.StartRtxTimer(c.onRtxTimeout)
+}
+
+func (c *Client) setRelayedUDPConn(conn *client.UDPConn) {
+	c.mutex.Lock()
+	defer c.mutex.Unlock()
+
+	c.relayedConn = conn
+}
+
+func (c *Client) relayedUDPConn() *client.UDPConn {
+	c.mutex.RLock()
+	defer c.mutex.RUnlock()
+
+	return c.relayedConn
+}
+
+func (c *Client) setTCPAllocation(alloc *client.TCPAllocation) {
+	c.mutex.Lock()
+	defer c.mutex.Unlock()
+
+	c.tcpAllocation = alloc
+}
+
+func (c *Client) getTCPAllocation() *client.TCPAllocation {
+	c.mutex.RLock()
+	defer c.mutex.RUnlock()
+
+	return c.tcpAllocation
+}
diff --git a/server/vendor/github.com/pion/turn/v2/codecov.yml b/server/vendor/github.com/pion/turn/v2/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/turn/v2/errors.go b/server/vendor/github.com/pion/turn/v2/errors.go
new file mode 100644
index 0000000..50065e2
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/errors.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package turn
+
+import "errors"
+
+var (
+	errRelayAddressInvalid           = errors.New("turn: RelayAddress must be valid IP to use RelayAddressGeneratorStatic")
+	errNoAvailableConns              = errors.New("turn: PacketConnConfigs and ConnConfigs are empty, unable to proceed")
+	errConnUnset                     = errors.New("turn: PacketConnConfig must have a non-nil Conn")
+	errListenerUnset                 = errors.New("turn: ListenerConfig must have a non-nil Listener")
+	errListeningAddressInvalid       = errors.New("turn: RelayAddressGenerator has invalid ListeningAddress")
+	errRelayAddressGeneratorUnset    = errors.New("turn: RelayAddressGenerator in RelayConfig is unset")
+	errMaxRetriesExceeded            = errors.New("turn: max retries exceeded")
+	errMaxPortNotZero                = errors.New("turn: MaxPort must be not 0")
+	errMinPortNotZero                = errors.New("turn: MaxPort must be not 0")
+	errNilConn                       = errors.New("turn: conn cannot not be nil")
+	errTODO                          = errors.New("turn: TODO")
+	errAlreadyListening              = errors.New("turn: already listening")
+	errFailedToClose                 = errors.New("turn: Server failed to close")
+	errFailedToRetransmitTransaction = errors.New("turn: failed to retransmit transaction")
+	errAllRetransmissionsFailed      = errors.New("all retransmissions failed for")
+	errChannelBindNotFound           = errors.New("no binding found for channel")
+	errSTUNServerAddressNotSet       = errors.New("STUN server address is not set for the client")
+	errOneAllocateOnly               = errors.New("only one Allocate() caller is allowed")
+	errAlreadyAllocated              = errors.New("already allocated")
+	errNonSTUNMessage                = errors.New("non-STUN message from STUN server")
+	errFailedToDecodeSTUN            = errors.New("failed to decode STUN message")
+	errUnexpectedSTUNRequestMessage  = errors.New("unexpected STUN request message")
+)
diff --git a/server/vendor/github.com/pion/turn/v2/internal/allocation/allocation.go b/server/vendor/github.com/pion/turn/v2/internal/allocation/allocation.go
new file mode 100644
index 0000000..9bfd910
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/allocation/allocation.go
@@ -0,0 +1,286 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package allocation contains all CRUD operations for allocations
+package allocation
+
+import (
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/turn/v2/internal/ipnet"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+type allocationResponse struct {
+	transactionID [stun.TransactionIDSize]byte
+	responseAttrs []stun.Setter
+}
+
+// Allocation is tied to a FiveTuple and relays traffic
+// use CreateAllocation and GetAllocation to operate
+type Allocation struct {
+	RelayAddr           net.Addr
+	Protocol            Protocol
+	TurnSocket          net.PacketConn
+	RelaySocket         net.PacketConn
+	fiveTuple           *FiveTuple
+	permissionsLock     sync.RWMutex
+	permissions         map[string]*Permission
+	channelBindingsLock sync.RWMutex
+	channelBindings     []*ChannelBind
+	lifetimeTimer       *time.Timer
+	closed              chan interface{}
+	log                 logging.LeveledLogger
+
+	// Some clients (Firefox or others using resiprocate's nICE lib) may retry allocation
+	// with same 5 tuple when received 413, for compatible with these clients,
+	// cache for response lost and client retry to implement 'stateless stack approach'
+	// See: https://datatracker.ietf.org/doc/html/rfc5766#section-6.2
+	responseCache atomic.Value // *allocationResponse
+}
+
+// NewAllocation creates a new instance of NewAllocation.
+func NewAllocation(turnSocket net.PacketConn, fiveTuple *FiveTuple, log logging.LeveledLogger) *Allocation {
+	return &Allocation{
+		TurnSocket:  turnSocket,
+		fiveTuple:   fiveTuple,
+		permissions: make(map[string]*Permission, 64),
+		closed:      make(chan interface{}),
+		log:         log,
+	}
+}
+
+// GetPermission gets the Permission from the allocation
+func (a *Allocation) GetPermission(addr net.Addr) *Permission {
+	a.permissionsLock.RLock()
+	defer a.permissionsLock.RUnlock()
+
+	return a.permissions[ipnet.FingerprintAddr(addr)]
+}
+
+// AddPermission adds a new permission to the allocation
+func (a *Allocation) AddPermission(p *Permission) {
+	fingerprint := ipnet.FingerprintAddr(p.Addr)
+
+	a.permissionsLock.RLock()
+	existedPermission, ok := a.permissions[fingerprint]
+	a.permissionsLock.RUnlock()
+
+	if ok {
+		existedPermission.refresh(permissionTimeout)
+		return
+	}
+
+	p.allocation = a
+	a.permissionsLock.Lock()
+	a.permissions[fingerprint] = p
+	a.permissionsLock.Unlock()
+
+	p.start(permissionTimeout)
+}
+
+// RemovePermission removes the net.Addr's fingerprint from the allocation's permissions
+func (a *Allocation) RemovePermission(addr net.Addr) {
+	a.permissionsLock.Lock()
+	defer a.permissionsLock.Unlock()
+	delete(a.permissions, ipnet.FingerprintAddr(addr))
+}
+
+// AddChannelBind adds a new ChannelBind to the allocation, it also updates the
+// permissions needed for this ChannelBind
+func (a *Allocation) AddChannelBind(c *ChannelBind, lifetime time.Duration) error {
+	// Check that this channel id isn't bound to another transport address, and
+	// that this transport address isn't bound to another channel number.
+	channelByNumber := a.GetChannelByNumber(c.Number)
+
+	if channelByNumber != a.GetChannelByAddr(c.Peer) {
+		return errSameChannelDifferentPeer
+	}
+
+	// Add or refresh this channel.
+	if channelByNumber == nil {
+		a.channelBindingsLock.Lock()
+		defer a.channelBindingsLock.Unlock()
+
+		c.allocation = a
+		a.channelBindings = append(a.channelBindings, c)
+		c.start(lifetime)
+
+		// Channel binds also refresh permissions.
+		a.AddPermission(NewPermission(c.Peer, a.log))
+	} else {
+		channelByNumber.refresh(lifetime)
+
+		// Channel binds also refresh permissions.
+		a.AddPermission(NewPermission(channelByNumber.Peer, a.log))
+	}
+
+	return nil
+}
+
+// RemoveChannelBind removes the ChannelBind from this allocation by id
+func (a *Allocation) RemoveChannelBind(number proto.ChannelNumber) bool {
+	a.channelBindingsLock.Lock()
+	defer a.channelBindingsLock.Unlock()
+
+	for i := len(a.channelBindings) - 1; i >= 0; i-- {
+		if a.channelBindings[i].Number == number {
+			a.channelBindings = append(a.channelBindings[:i], a.channelBindings[i+1:]...)
+			return true
+		}
+	}
+
+	return false
+}
+
+// GetChannelByNumber gets the ChannelBind from this allocation by id
+func (a *Allocation) GetChannelByNumber(number proto.ChannelNumber) *ChannelBind {
+	a.channelBindingsLock.RLock()
+	defer a.channelBindingsLock.RUnlock()
+	for _, cb := range a.channelBindings {
+		if cb.Number == number {
+			return cb
+		}
+	}
+	return nil
+}
+
+// GetChannelByAddr gets the ChannelBind from this allocation by net.Addr
+func (a *Allocation) GetChannelByAddr(addr net.Addr) *ChannelBind {
+	a.channelBindingsLock.RLock()
+	defer a.channelBindingsLock.RUnlock()
+	for _, cb := range a.channelBindings {
+		if ipnet.AddrEqual(cb.Peer, addr) {
+			return cb
+		}
+	}
+	return nil
+}
+
+// Refresh updates the allocations lifetime
+func (a *Allocation) Refresh(lifetime time.Duration) {
+	if !a.lifetimeTimer.Reset(lifetime) {
+		a.log.Errorf("Failed to reset allocation timer for %v", a.fiveTuple)
+	}
+}
+
+// SetResponseCache cache allocation response for retransmit allocation request
+func (a *Allocation) SetResponseCache(transactionID [stun.TransactionIDSize]byte, attrs []stun.Setter) {
+	a.responseCache.Store(&allocationResponse{
+		transactionID: transactionID,
+		responseAttrs: attrs,
+	})
+}
+
+// GetResponseCache return response cache for retransmit allocation request
+func (a *Allocation) GetResponseCache() (id [stun.TransactionIDSize]byte, attrs []stun.Setter) {
+	if res, ok := a.responseCache.Load().(*allocationResponse); ok && res != nil {
+		id, attrs = res.transactionID, res.responseAttrs
+	}
+	return
+}
+
+// Close closes the allocation
+func (a *Allocation) Close() error {
+	select {
+	case <-a.closed:
+		return nil
+	default:
+	}
+	close(a.closed)
+
+	a.lifetimeTimer.Stop()
+
+	a.permissionsLock.RLock()
+	for _, p := range a.permissions {
+		p.lifetimeTimer.Stop()
+	}
+	a.permissionsLock.RUnlock()
+
+	a.channelBindingsLock.RLock()
+	for _, c := range a.channelBindings {
+		c.lifetimeTimer.Stop()
+	}
+	a.channelBindingsLock.RUnlock()
+
+	return a.RelaySocket.Close()
+}
+
+//  https://tools.ietf.org/html/rfc5766#section-10.3
+//  When the server receives a UDP datagram at a currently allocated
+//  relayed transport address, the server looks up the allocation
+//  associated with the relayed transport address.  The server then
+//  checks to see whether the set of permissions for the allocation allow
+//  the relaying of the UDP datagram as described in Section 8.
+//
+//  If relaying is permitted, then the server checks if there is a
+//  channel bound to the peer that sent the UDP datagram (see
+//  Section 11).  If a channel is bound, then processing proceeds as
+//  described in Section 11.7.
+//
+//  If relaying is permitted but no channel is bound to the peer, then
+//  the server forms and sends a Data indication.  The Data indication
+//  MUST contain both an XOR-PEER-ADDRESS and a DATA attribute.  The DATA
+//  attribute is set to the value of the 'data octets' field from the
+//  datagram, and the XOR-PEER-ADDRESS attribute is set to the source
+//  transport address of the received UDP datagram.  The Data indication
+//  is then sent on the 5-tuple associated with the allocation.
+
+const rtpMTU = 1600
+
+func (a *Allocation) packetHandler(m *Manager) {
+	buffer := make([]byte, rtpMTU)
+
+	for {
+		n, srcAddr, err := a.RelaySocket.ReadFrom(buffer)
+		if err != nil {
+			m.DeleteAllocation(a.fiveTuple)
+			return
+		}
+
+		a.log.Debugf("Relay socket %s received %d bytes from %s",
+			a.RelaySocket.LocalAddr(),
+			n,
+			srcAddr)
+
+		if channel := a.GetChannelByAddr(srcAddr); channel != nil {
+			channelData := &proto.ChannelData{
+				Data:   buffer[:n],
+				Number: channel.Number,
+			}
+			channelData.Encode()
+
+			if _, err = a.TurnSocket.WriteTo(channelData.Raw, a.fiveTuple.SrcAddr); err != nil {
+				a.log.Errorf("Failed to send ChannelData from allocation %v %v", srcAddr, err)
+			}
+		} else if p := a.GetPermission(srcAddr); p != nil {
+			udpAddr, ok := srcAddr.(*net.UDPAddr)
+			if !ok {
+				a.log.Errorf("Failed to send DataIndication from allocation %v %v", srcAddr, err)
+				return
+			}
+
+			peerAddressAttr := proto.PeerAddress{IP: udpAddr.IP, Port: udpAddr.Port}
+			dataAttr := proto.Data(buffer[:n])
+
+			msg, err := stun.Build(stun.TransactionID, stun.NewType(stun.MethodData, stun.ClassIndication), peerAddressAttr, dataAttr)
+			if err != nil {
+				a.log.Errorf("Failed to send DataIndication from allocation %v %v", srcAddr, err)
+				return
+			}
+			a.log.Debugf("Relaying message from %s to client at %s",
+				srcAddr,
+				a.fiveTuple.SrcAddr)
+			if _, err = a.TurnSocket.WriteTo(msg.Raw, a.fiveTuple.SrcAddr); err != nil {
+				a.log.Errorf("Failed to send DataIndication from allocation %v %v", srcAddr, err)
+			}
+		} else {
+			a.log.Infof("No Permission or Channel exists for %v on allocation %v", srcAddr, a.RelayAddr)
+		}
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/allocation/allocation_manager.go b/server/vendor/github.com/pion/turn/v2/internal/allocation/allocation_manager.go
new file mode 100644
index 0000000..2b76592
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/allocation/allocation_manager.go
@@ -0,0 +1,218 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package allocation
+
+import (
+	"fmt"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+// ManagerConfig a bag of config params for Manager.
+type ManagerConfig struct {
+	LeveledLogger      logging.LeveledLogger
+	AllocatePacketConn func(network string, requestedPort int) (net.PacketConn, net.Addr, error)
+	AllocateConn       func(network string, requestedPort int) (net.Conn, net.Addr, error)
+	PermissionHandler  func(sourceAddr net.Addr, peerIP net.IP) bool
+}
+
+type reservation struct {
+	token string
+	port  int
+}
+
+// Manager is used to hold active allocations
+type Manager struct {
+	lock sync.RWMutex
+	log  logging.LeveledLogger
+
+	allocations  map[FiveTupleFingerprint]*Allocation
+	reservations []*reservation
+
+	allocatePacketConn func(network string, requestedPort int) (net.PacketConn, net.Addr, error)
+	allocateConn       func(network string, requestedPort int) (net.Conn, net.Addr, error)
+	permissionHandler  func(sourceAddr net.Addr, peerIP net.IP) bool
+}
+
+// NewManager creates a new instance of Manager.
+func NewManager(config ManagerConfig) (*Manager, error) {
+	switch {
+	case config.AllocatePacketConn == nil:
+		return nil, errAllocatePacketConnMustBeSet
+	case config.AllocateConn == nil:
+		return nil, errAllocateConnMustBeSet
+	case config.LeveledLogger == nil:
+		return nil, errLeveledLoggerMustBeSet
+	}
+
+	return &Manager{
+		log:                config.LeveledLogger,
+		allocations:        make(map[FiveTupleFingerprint]*Allocation, 64),
+		allocatePacketConn: config.AllocatePacketConn,
+		allocateConn:       config.AllocateConn,
+		permissionHandler:  config.PermissionHandler,
+	}, nil
+}
+
+// GetAllocation fetches the allocation matching the passed FiveTuple
+func (m *Manager) GetAllocation(fiveTuple *FiveTuple) *Allocation {
+	m.lock.RLock()
+	defer m.lock.RUnlock()
+	return m.allocations[fiveTuple.Fingerprint()]
+}
+
+// AllocationCount returns the number of existing allocations
+func (m *Manager) AllocationCount() int {
+	m.lock.RLock()
+	defer m.lock.RUnlock()
+	return len(m.allocations)
+}
+
+// Close closes the manager and closes all allocations it manages
+func (m *Manager) Close() error {
+	m.lock.Lock()
+	defer m.lock.Unlock()
+
+	for _, a := range m.allocations {
+		if err := a.Close(); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// CreateAllocation creates a new allocation and starts relaying
+func (m *Manager) CreateAllocation(fiveTuple *FiveTuple, turnSocket net.PacketConn, requestedPort int, lifetime time.Duration) (*Allocation, error) {
+	switch {
+	case fiveTuple == nil:
+		return nil, errNilFiveTuple
+	case fiveTuple.SrcAddr == nil:
+		return nil, errNilFiveTupleSrcAddr
+	case fiveTuple.DstAddr == nil:
+		return nil, errNilFiveTupleDstAddr
+	case turnSocket == nil:
+		return nil, errNilTurnSocket
+	case lifetime == 0:
+		return nil, errLifetimeZero
+	}
+
+	if a := m.GetAllocation(fiveTuple); a != nil {
+		return nil, fmt.Errorf("%w: %v", errDupeFiveTuple, fiveTuple)
+	}
+	a := NewAllocation(turnSocket, fiveTuple, m.log)
+
+	conn, relayAddr, err := m.allocatePacketConn("udp4", requestedPort)
+	if err != nil {
+		return nil, err
+	}
+
+	a.RelaySocket = conn
+	a.RelayAddr = relayAddr
+
+	m.log.Debugf("Listening on relay address: %s", a.RelayAddr)
+
+	a.lifetimeTimer = time.AfterFunc(lifetime, func() {
+		m.DeleteAllocation(a.fiveTuple)
+	})
+
+	m.lock.Lock()
+	m.allocations[fiveTuple.Fingerprint()] = a
+	m.lock.Unlock()
+
+	go a.packetHandler(m)
+	return a, nil
+}
+
+// DeleteAllocation removes an allocation
+func (m *Manager) DeleteAllocation(fiveTuple *FiveTuple) {
+	fingerprint := fiveTuple.Fingerprint()
+
+	m.lock.Lock()
+	allocation := m.allocations[fingerprint]
+	delete(m.allocations, fingerprint)
+	m.lock.Unlock()
+
+	if allocation == nil {
+		return
+	}
+
+	if err := allocation.Close(); err != nil {
+		m.log.Errorf("Failed to close allocation: %v", err)
+	}
+}
+
+// CreateReservation stores the reservation for the token+port
+func (m *Manager) CreateReservation(reservationToken string, port int) {
+	time.AfterFunc(30*time.Second, func() {
+		m.lock.Lock()
+		defer m.lock.Unlock()
+		for i := len(m.reservations) - 1; i >= 0; i-- {
+			if m.reservations[i].token == reservationToken {
+				m.reservations = append(m.reservations[:i], m.reservations[i+1:]...)
+				return
+			}
+		}
+	})
+
+	m.lock.Lock()
+	m.reservations = append(m.reservations, &reservation{
+		token: reservationToken,
+		port:  port,
+	})
+	m.lock.Unlock()
+}
+
+// GetReservation returns the port for a given reservation if it exists
+func (m *Manager) GetReservation(reservationToken string) (int, bool) {
+	m.lock.RLock()
+	defer m.lock.RUnlock()
+
+	for _, r := range m.reservations {
+		if r.token == reservationToken {
+			return r.port, true
+		}
+	}
+	return 0, false
+}
+
+// GetRandomEvenPort returns a random un-allocated udp4 port
+func (m *Manager) GetRandomEvenPort() (int, error) {
+	for i := 0; i < 128; i++ {
+		conn, addr, err := m.allocatePacketConn("udp4", 0)
+		if err != nil {
+			return 0, err
+		}
+		udpAddr, ok := addr.(*net.UDPAddr)
+		err = conn.Close()
+		if err != nil {
+			return 0, err
+		}
+
+		if !ok {
+			return 0, errFailedToCastUDPAddr
+		}
+		if udpAddr.Port%2 == 0 {
+			return udpAddr.Port, nil
+		}
+	}
+	return 0, errFailedToAllocateEvenPort
+}
+
+// GrantPermission handles permission requests by calling the permission handler callback
+// associated with the TURN server listener socket
+func (m *Manager) GrantPermission(sourceAddr net.Addr, peerIP net.IP) error {
+	// No permission handler: open
+	if m.permissionHandler == nil {
+		return nil
+	}
+
+	if m.permissionHandler(sourceAddr, peerIP) {
+		return nil
+	}
+
+	return errAdminProhibited
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/allocation/channel_bind.go b/server/vendor/github.com/pion/turn/v2/internal/allocation/channel_bind.go
new file mode 100644
index 0000000..d38de35
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/allocation/channel_bind.go
@@ -0,0 +1,46 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package allocation
+
+import (
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+// ChannelBind represents a TURN Channel
+// See: https://tools.ietf.org/html/rfc5766#section-2.5
+type ChannelBind struct {
+	Peer   net.Addr
+	Number proto.ChannelNumber
+
+	allocation    *Allocation
+	lifetimeTimer *time.Timer
+	log           logging.LeveledLogger
+}
+
+// NewChannelBind creates a new ChannelBind
+func NewChannelBind(number proto.ChannelNumber, peer net.Addr, log logging.LeveledLogger) *ChannelBind {
+	return &ChannelBind{
+		Number: number,
+		Peer:   peer,
+		log:    log,
+	}
+}
+
+func (c *ChannelBind) start(lifetime time.Duration) {
+	c.lifetimeTimer = time.AfterFunc(lifetime, func() {
+		if !c.allocation.RemoveChannelBind(c.Number) {
+			c.log.Errorf("Failed to remove ChannelBind for %v %x %v", c.Number, c.Peer, c.allocation.fiveTuple)
+		}
+	})
+}
+
+func (c *ChannelBind) refresh(lifetime time.Duration) {
+	if !c.lifetimeTimer.Reset(lifetime) {
+		c.log.Errorf("Failed to reset ChannelBind timer for %v %x %v", c.Number, c.Peer, c.allocation.fiveTuple)
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/allocation/errors.go b/server/vendor/github.com/pion/turn/v2/internal/allocation/errors.go
new file mode 100644
index 0000000..584073c
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/allocation/errors.go
@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package allocation
+
+import "errors"
+
+var (
+	errAllocatePacketConnMustBeSet = errors.New("AllocatePacketConn must be set")
+	errAllocateConnMustBeSet       = errors.New("AllocateConn must be set")
+	errLeveledLoggerMustBeSet      = errors.New("LeveledLogger must be set")
+	errSameChannelDifferentPeer    = errors.New("you cannot use the same channel number with different peer")
+	errNilFiveTuple                = errors.New("allocations must not be created with nil FivTuple")
+	errNilFiveTupleSrcAddr         = errors.New("allocations must not be created with nil FiveTuple.SrcAddr")
+	errNilFiveTupleDstAddr         = errors.New("allocations must not be created with nil FiveTuple.DstAddr")
+	errNilTurnSocket               = errors.New("allocations must not be created with nil turnSocket")
+	errLifetimeZero                = errors.New("allocations must not be created with a lifetime of 0")
+	errDupeFiveTuple               = errors.New("allocation attempt created with duplicate FiveTuple")
+	errFailedToCastUDPAddr         = errors.New("failed to cast net.Addr to *net.UDPAddr")
+	errFailedToAllocateEvenPort    = errors.New("failed to allocate an even port")
+	errAdminProhibited             = errors.New("permission request administratively prohibited")
+)
diff --git a/server/vendor/github.com/pion/turn/v2/internal/allocation/five_tuple.go b/server/vendor/github.com/pion/turn/v2/internal/allocation/five_tuple.go
new file mode 100644
index 0000000..6d812ca
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/allocation/five_tuple.go
@@ -0,0 +1,63 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package allocation
+
+import (
+	"net"
+)
+
+// Protocol is an enum for relay protocol
+type Protocol uint8
+
+// Network protocols for relay
+const (
+	UDP Protocol = iota
+	TCP
+)
+
+// FiveTuple is the combination (client IP address and port, server IP
+// address and port, and transport protocol (currently one of UDP,
+// TCP, or TLS)) used to communicate between the client and the
+// server.  The 5-tuple uniquely identifies this communication
+// stream.  The 5-tuple also uniquely identifies the Allocation on
+// the server.
+type FiveTuple struct {
+	Protocol
+	SrcAddr, DstAddr net.Addr
+}
+
+// Equal asserts if two FiveTuples are equal
+func (f *FiveTuple) Equal(b *FiveTuple) bool {
+	return f.Fingerprint() == b.Fingerprint()
+}
+
+// FiveTupleFingerprint is a comparable representation of a FiveTuple
+type FiveTupleFingerprint struct {
+	srcIP, dstIP     [16]byte
+	srcPort, dstPort uint16
+	protocol         Protocol
+}
+
+// Fingerprint is the identity of a FiveTuple
+func (f *FiveTuple) Fingerprint() (fp FiveTupleFingerprint) {
+	srcIP, srcPort := netAddrIPAndPort(f.SrcAddr)
+	copy(fp.srcIP[:], srcIP)
+	fp.srcPort = srcPort
+	dstIP, dstPort := netAddrIPAndPort(f.DstAddr)
+	copy(fp.dstIP[:], dstIP)
+	fp.dstPort = dstPort
+	fp.protocol = f.Protocol
+	return
+}
+
+func netAddrIPAndPort(addr net.Addr) (net.IP, uint16) {
+	switch a := addr.(type) {
+	case *net.UDPAddr:
+		return a.IP.To16(), uint16(a.Port)
+	case *net.TCPAddr:
+		return a.IP.To16(), uint16(a.Port)
+	default:
+		return nil, 0
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/allocation/permission.go b/server/vendor/github.com/pion/turn/v2/internal/allocation/permission.go
new file mode 100644
index 0000000..a774f2c
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/allocation/permission.go
@@ -0,0 +1,43 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package allocation
+
+import (
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+const permissionTimeout = time.Duration(5) * time.Minute
+
+// Permission represents a TURN permission. TURN permissions mimic the address-restricted
+// filtering mechanism of NATs that comply with [RFC4787].
+// See: https://tools.ietf.org/html/rfc5766#section-2.3
+type Permission struct {
+	Addr          net.Addr
+	allocation    *Allocation
+	lifetimeTimer *time.Timer
+	log           logging.LeveledLogger
+}
+
+// NewPermission create a new Permission
+func NewPermission(addr net.Addr, log logging.LeveledLogger) *Permission {
+	return &Permission{
+		Addr: addr,
+		log:  log,
+	}
+}
+
+func (p *Permission) start(lifetime time.Duration) {
+	p.lifetimeTimer = time.AfterFunc(lifetime, func() {
+		p.allocation.RemovePermission(p.Addr)
+	})
+}
+
+func (p *Permission) refresh(lifetime time.Duration) {
+	if !p.lifetimeTimer.Reset(lifetime) {
+		p.log.Errorf("Failed to reset permission timer for %v %v", p.Addr, p.allocation.fiveTuple)
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/allocation.go b/server/vendor/github.com/pion/turn/v2/internal/client/allocation.go
new file mode 100644
index 0000000..f61452b
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/allocation.go
@@ -0,0 +1,189 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/transport/v2"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+// AllocationConfig is a set of configuration params use by NewUDPConn and NewTCPAllocation
+type AllocationConfig struct {
+	Client      Client
+	RelayedAddr net.Addr
+	ServerAddr  net.Addr
+	Integrity   stun.MessageIntegrity
+	Nonce       stun.Nonce
+	Username    stun.Username
+	Realm       stun.Realm
+	Lifetime    time.Duration
+	Net         transport.Net
+	Log         logging.LeveledLogger
+}
+
+type allocation struct {
+	client            Client                // Read-only
+	relayedAddr       net.Addr              // Read-only
+	serverAddr        net.Addr              // Read-only
+	permMap           *permissionMap        // Thread-safe
+	integrity         stun.MessageIntegrity // Read-only
+	username          stun.Username         // Read-only
+	realm             stun.Realm            // Read-only
+	_nonce            stun.Nonce            // Needs mutex x
+	_lifetime         time.Duration         // Needs mutex x
+	net               transport.Net         // Thread-safe
+	refreshAllocTimer *PeriodicTimer        // Thread-safe
+	refreshPermsTimer *PeriodicTimer        // Thread-safe
+	readTimer         *time.Timer           // Thread-safe
+	mutex             sync.RWMutex          // Thread-safe
+	log               logging.LeveledLogger // Read-only
+}
+
+func (a *allocation) setNonceFromMsg(msg *stun.Message) {
+	// Update nonce
+	var nonce stun.Nonce
+	if err := nonce.GetFrom(msg); err == nil {
+		a.setNonce(nonce)
+		a.log.Debug("Refresh allocation: 438, got new nonce.")
+	} else {
+		a.log.Warn("Refresh allocation: 438 but no nonce.")
+	}
+}
+
+func (a *allocation) refreshAllocation(lifetime time.Duration, dontWait bool) error {
+	msg, err := stun.Build(
+		stun.TransactionID,
+		stun.NewType(stun.MethodRefresh, stun.ClassRequest),
+		proto.Lifetime{Duration: lifetime},
+		a.username,
+		a.realm,
+		a.nonce(),
+		a.integrity,
+		stun.Fingerprint,
+	)
+	if err != nil {
+		return fmt.Errorf("%w: %s", errFailedToBuildRefreshRequest, err.Error())
+	}
+
+	a.log.Debugf("Send refresh request (dontWait=%v)", dontWait)
+	trRes, err := a.client.PerformTransaction(msg, a.serverAddr, dontWait)
+	if err != nil {
+		return fmt.Errorf("%w: %s", errFailedToRefreshAllocation, err.Error())
+	}
+
+	if dontWait {
+		a.log.Debug("Refresh request sent")
+		return nil
+	}
+
+	a.log.Debug("Refresh request sent, and waiting response")
+
+	res := trRes.Msg
+	if res.Type.Class == stun.ClassErrorResponse {
+		var code stun.ErrorCodeAttribute
+		if err = code.GetFrom(res); err == nil {
+			if code.Code == stun.CodeStaleNonce {
+				a.setNonceFromMsg(res)
+				return errTryAgain
+			}
+			return err
+		}
+		return fmt.Errorf("%s", res.Type) //nolint:goerr113
+	}
+
+	// Getting lifetime from response
+	var updatedLifetime proto.Lifetime
+	if err := updatedLifetime.GetFrom(res); err != nil {
+		return fmt.Errorf("%w: %s", errFailedToGetLifetime, err.Error())
+	}
+
+	a.setLifetime(updatedLifetime.Duration)
+	a.log.Debugf("Updated lifetime: %d seconds", int(a.lifetime().Seconds()))
+	return nil
+}
+
+func (a *allocation) refreshPermissions() error {
+	addrs := a.permMap.addrs()
+	if len(addrs) == 0 {
+		a.log.Debug("No permission to refresh")
+		return nil
+	}
+	if err := a.CreatePermissions(addrs...); err != nil {
+		if errors.Is(err, errTryAgain) {
+			return errTryAgain
+		}
+		a.log.Errorf("Fail to refresh permissions: %s", err)
+		return err
+	}
+	a.log.Debug("Refresh permissions successful")
+	return nil
+}
+
+func (a *allocation) onRefreshTimers(id int) {
+	a.log.Debugf("Refresh timer %d expired", id)
+	switch id {
+	case timerIDRefreshAlloc:
+		var err error
+		lifetime := a.lifetime()
+		// Limit the max retries on errTryAgain to 3
+		// when stale nonce returns, sencond retry should succeed
+		for i := 0; i < maxRetryAttempts; i++ {
+			err = a.refreshAllocation(lifetime, false)
+			if !errors.Is(err, errTryAgain) {
+				break
+			}
+		}
+		if err != nil {
+			a.log.Warnf("Failed to refresh allocation: %s", err)
+		}
+	case timerIDRefreshPerms:
+		var err error
+		for i := 0; i < maxRetryAttempts; i++ {
+			err = a.refreshPermissions()
+			if !errors.Is(err, errTryAgain) {
+				break
+			}
+		}
+		if err != nil {
+			a.log.Warnf("Failed to refresh permissions: %s", err)
+		}
+	}
+}
+
+func (a *allocation) nonce() stun.Nonce {
+	a.mutex.RLock()
+	defer a.mutex.RUnlock()
+
+	return a._nonce
+}
+
+func (a *allocation) setNonce(nonce stun.Nonce) {
+	a.mutex.Lock()
+	defer a.mutex.Unlock()
+
+	a.log.Debugf("Set new nonce with %d bytes", len(nonce))
+	a._nonce = nonce
+}
+
+func (a *allocation) lifetime() time.Duration {
+	a.mutex.RLock()
+	defer a.mutex.RUnlock()
+
+	return a._lifetime
+}
+
+func (a *allocation) setLifetime(lifetime time.Duration) {
+	a.mutex.Lock()
+	defer a.mutex.Unlock()
+
+	a._lifetime = lifetime
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/binding.go b/server/vendor/github.com/pion/turn/v2/internal/client/binding.go
new file mode 100644
index 0000000..a021747
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/binding.go
@@ -0,0 +1,155 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+)
+
+// Channel number:
+//
+//	0x4000 through 0x7FFF: These values are the allowed channel
+//	numbers (16,383 possible values).
+const (
+	minChannelNumber uint16 = 0x4000
+	maxChannelNumber uint16 = 0x7fff
+)
+
+type bindingState int32
+
+const (
+	bindingStateIdle bindingState = iota
+	bindingStateRequest
+	bindingStateReady
+	bindingStateRefresh
+	bindingStateFailed
+)
+
+type binding struct {
+	number       uint16          // Read-only
+	st           bindingState    // Thread-safe (atomic op)
+	addr         net.Addr        // Read-only
+	mgr          *bindingManager // Read-only
+	muBind       sync.Mutex      // Thread-safe, for ChannelBind ops
+	_refreshedAt time.Time       // Protected by mutex
+	mutex        sync.RWMutex    // Thread-safe
+}
+
+func (b *binding) setState(state bindingState) {
+	atomic.StoreInt32((*int32)(&b.st), int32(state))
+}
+
+func (b *binding) state() bindingState {
+	return bindingState(atomic.LoadInt32((*int32)(&b.st)))
+}
+
+func (b *binding) setRefreshedAt(at time.Time) {
+	b.mutex.Lock()
+	defer b.mutex.Unlock()
+
+	b._refreshedAt = at
+}
+
+func (b *binding) refreshedAt() time.Time {
+	b.mutex.RLock()
+	defer b.mutex.RUnlock()
+
+	return b._refreshedAt
+}
+
+// Thread-safe binding map
+type bindingManager struct {
+	chanMap map[uint16]*binding
+	addrMap map[string]*binding
+	next    uint16
+	mutex   sync.RWMutex
+}
+
+func newBindingManager() *bindingManager {
+	return &bindingManager{
+		chanMap: map[uint16]*binding{},
+		addrMap: map[string]*binding{},
+		next:    minChannelNumber,
+	}
+}
+
+func (mgr *bindingManager) assignChannelNumber() uint16 {
+	n := mgr.next
+	if mgr.next == maxChannelNumber {
+		mgr.next = minChannelNumber
+	} else {
+		mgr.next++
+	}
+	return n
+}
+
+func (mgr *bindingManager) create(addr net.Addr) *binding {
+	mgr.mutex.Lock()
+	defer mgr.mutex.Unlock()
+
+	b := &binding{
+		number:       mgr.assignChannelNumber(),
+		addr:         addr,
+		mgr:          mgr,
+		_refreshedAt: time.Now(),
+	}
+
+	mgr.chanMap[b.number] = b
+	mgr.addrMap[b.addr.String()] = b
+	return b
+}
+
+func (mgr *bindingManager) findByAddr(addr net.Addr) (*binding, bool) {
+	mgr.mutex.RLock()
+	defer mgr.mutex.RUnlock()
+
+	b, ok := mgr.addrMap[addr.String()]
+	return b, ok
+}
+
+func (mgr *bindingManager) findByNumber(number uint16) (*binding, bool) {
+	mgr.mutex.RLock()
+	defer mgr.mutex.RUnlock()
+
+	b, ok := mgr.chanMap[number]
+	return b, ok
+}
+
+func (mgr *bindingManager) deleteByAddr(addr net.Addr) bool {
+	mgr.mutex.Lock()
+	defer mgr.mutex.Unlock()
+
+	b, ok := mgr.addrMap[addr.String()]
+	if !ok {
+		return false
+	}
+
+	delete(mgr.addrMap, addr.String())
+	delete(mgr.chanMap, b.number)
+	return true
+}
+
+func (mgr *bindingManager) deleteByNumber(number uint16) bool {
+	mgr.mutex.Lock()
+	defer mgr.mutex.Unlock()
+
+	b, ok := mgr.chanMap[number]
+	if !ok {
+		return false
+	}
+
+	delete(mgr.addrMap, b.addr.String())
+	delete(mgr.chanMap, number)
+	return true
+}
+
+func (mgr *bindingManager) size() int {
+	mgr.mutex.RLock()
+	defer mgr.mutex.RUnlock()
+
+	return len(mgr.chanMap)
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/client.go b/server/vendor/github.com/pion/turn/v2/internal/client/client.go
new file mode 100644
index 0000000..7c22858
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/client.go
@@ -0,0 +1,18 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package client implements the API for a TURN client
+package client
+
+import (
+	"net"
+
+	"github.com/pion/stun"
+)
+
+// Client is an interface for the public turn.Client in order to break cyclic dependencies
+type Client interface {
+	WriteTo(data []byte, to net.Addr) (int, error)
+	PerformTransaction(msg *stun.Message, to net.Addr, dontWait bool) (TransactionResult, error)
+	OnDeallocated(relayedAddr net.Addr)
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/errors.go b/server/vendor/github.com/pion/turn/v2/internal/client/errors.go
new file mode 100644
index 0000000..ff40d2e
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/errors.go
@@ -0,0 +1,43 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"errors"
+)
+
+var (
+	errFake                                = errors.New("fake error")
+	errTryAgain                            = errors.New("try again")
+	errClosed                              = errors.New("use of closed network connection")
+	errTCPAddrCast                         = errors.New("addr is not a TCP address")
+	errUDPAddrCast                         = errors.New("addr is not a UDP address")
+	errAlreadyClosed                       = errors.New("already closed")
+	errDoubleLock                          = errors.New("try-lock is already locked")
+	errTransactionClosed                   = errors.New("transaction closed")
+	errWaitForResultOnNonResultTransaction = errors.New("WaitForResult called on non-result transaction")
+	errFailedToBuildRefreshRequest         = errors.New("failed to build refresh request")
+	errFailedToRefreshAllocation           = errors.New("failed to refresh allocation")
+	errFailedToGetLifetime                 = errors.New("failed to get lifetime from refresh response")
+	errInvalidTURNAddress                  = errors.New("invalid TURN server address")
+	errUnexpectedSTUNRequestMessage        = errors.New("unexpected STUN request message")
+)
+
+type timeoutError struct {
+	msg string
+}
+
+func newTimeoutError(msg string) error {
+	return &timeoutError{
+		msg: msg,
+	}
+}
+
+func (e *timeoutError) Error() string {
+	return e.msg
+}
+
+func (e *timeoutError) Timeout() bool {
+	return true
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/periodic_timer.go b/server/vendor/github.com/pion/turn/v2/internal/client/periodic_timer.go
new file mode 100644
index 0000000..5660bc4
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/periodic_timer.go
@@ -0,0 +1,85 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"sync"
+	"time"
+)
+
+// PeriodicTimerTimeoutHandler is a handler called on timeout
+type PeriodicTimerTimeoutHandler func(timerID int)
+
+// PeriodicTimer is a periodic timer
+type PeriodicTimer struct {
+	id             int
+	interval       time.Duration
+	timeoutHandler PeriodicTimerTimeoutHandler
+	stopFunc       func()
+	mutex          sync.RWMutex
+}
+
+// NewPeriodicTimer create a new timer
+func NewPeriodicTimer(id int, timeoutHandler PeriodicTimerTimeoutHandler, interval time.Duration) *PeriodicTimer {
+	return &PeriodicTimer{
+		id:             id,
+		interval:       interval,
+		timeoutHandler: timeoutHandler,
+	}
+}
+
+// Start starts the timer.
+func (t *PeriodicTimer) Start() bool {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	// This is a noop if the timer is always running
+	if t.stopFunc != nil {
+		return false
+	}
+
+	cancelCh := make(chan struct{})
+
+	go func() {
+		canceling := false
+
+		for !canceling {
+			timer := time.NewTimer(t.interval)
+
+			select {
+			case <-timer.C:
+				t.timeoutHandler(t.id)
+			case <-cancelCh:
+				canceling = true
+				timer.Stop()
+			}
+		}
+	}()
+
+	t.stopFunc = func() {
+		close(cancelCh)
+	}
+
+	return true
+}
+
+// Stop stops the timer.
+func (t *PeriodicTimer) Stop() {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	if t.stopFunc != nil {
+		t.stopFunc()
+		t.stopFunc = nil
+	}
+}
+
+// IsRunning tests if the timer is running.
+// Debug purpose only
+func (t *PeriodicTimer) IsRunning() bool {
+	t.mutex.RLock()
+	defer t.mutex.RUnlock()
+
+	return (t.stopFunc != nil)
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/permission.go b/server/vendor/github.com/pion/turn/v2/internal/client/permission.go
new file mode 100644
index 0000000..f5df0cc
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/permission.go
@@ -0,0 +1,77 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"net"
+	"sync"
+	"sync/atomic"
+
+	"github.com/pion/turn/v2/internal/ipnet"
+)
+
+type permState int32
+
+const (
+	permStateIdle permState = iota
+	permStatePermitted
+)
+
+type permission struct {
+	addr  net.Addr
+	st    permState    // Thread-safe (atomic op)
+	mutex sync.RWMutex // Thread-safe
+}
+
+func (p *permission) setState(state permState) {
+	atomic.StoreInt32((*int32)(&p.st), int32(state))
+}
+
+func (p *permission) state() permState {
+	return permState(atomic.LoadInt32((*int32)(&p.st)))
+}
+
+// Thread-safe permission map
+type permissionMap struct {
+	permMap map[string]*permission
+	mutex   sync.RWMutex
+}
+
+func (m *permissionMap) insert(addr net.Addr, p *permission) bool {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+	p.addr = addr
+	m.permMap[ipnet.FingerprintAddr(addr)] = p
+	return true
+}
+
+func (m *permissionMap) find(addr net.Addr) (*permission, bool) {
+	m.mutex.RLock()
+	defer m.mutex.RUnlock()
+	p, ok := m.permMap[ipnet.FingerprintAddr(addr)]
+	return p, ok
+}
+
+func (m *permissionMap) delete(addr net.Addr) {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+	delete(m.permMap, ipnet.FingerprintAddr(addr))
+}
+
+func (m *permissionMap) addrs() []net.Addr {
+	m.mutex.RLock()
+	defer m.mutex.RUnlock()
+
+	addrs := []net.Addr{}
+	for _, p := range m.permMap {
+		addrs = append(addrs, p.addr)
+	}
+	return addrs
+}
+
+func newPermissionMap() *permissionMap {
+	return &permissionMap{
+		permMap: map[string]*permission{},
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/tcp_alloc.go b/server/vendor/github.com/pion/turn/v2/internal/client/tcp_alloc.go
new file mode 100644
index 0000000..3d6838b
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/tcp_alloc.go
@@ -0,0 +1,371 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"math"
+	"net"
+	"time"
+
+	"github.com/pion/stun"
+	"github.com/pion/transport/v2"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+var (
+	_ transport.TCPListener = (*TCPAllocation)(nil) // Includes type check for net.Listener
+	_ transport.Dialer      = (*TCPAllocation)(nil)
+)
+
+func noDeadline() time.Time {
+	return time.Time{}
+}
+
+// TCPAllocation is an active TCP allocation on the TURN server
+// as specified by RFC 6062.
+// The allocation can be used to Dial/Accept relayed outgoing/incoming TCP connections.
+type TCPAllocation struct {
+	connAttemptCh chan *connectionAttempt
+	acceptTimer   *time.Timer
+	allocation
+}
+
+// NewTCPAllocation creates a new instance of TCPConn
+func NewTCPAllocation(config *AllocationConfig) *TCPAllocation {
+	a := &TCPAllocation{
+		connAttemptCh: make(chan *connectionAttempt, 10),
+		acceptTimer:   time.NewTimer(time.Duration(math.MaxInt64)),
+		allocation: allocation{
+			client:      config.Client,
+			relayedAddr: config.RelayedAddr,
+			serverAddr:  config.ServerAddr,
+			username:    config.Username,
+			realm:       config.Realm,
+			permMap:     newPermissionMap(),
+			integrity:   config.Integrity,
+			_nonce:      config.Nonce,
+			_lifetime:   config.Lifetime,
+			net:         config.Net,
+			log:         config.Log,
+		},
+	}
+
+	a.log.Debugf("Initial lifetime: %d seconds", int(a.lifetime().Seconds()))
+
+	a.refreshAllocTimer = NewPeriodicTimer(
+		timerIDRefreshAlloc,
+		a.onRefreshTimers,
+		a.lifetime()/2,
+	)
+
+	a.refreshPermsTimer = NewPeriodicTimer(
+		timerIDRefreshPerms,
+		a.onRefreshTimers,
+		permRefreshInterval,
+	)
+
+	if a.refreshAllocTimer.Start() {
+		a.log.Debug("Started refreshAllocTimer")
+	}
+	if a.refreshPermsTimer.Start() {
+		a.log.Debug("Started refreshPermsTimer")
+	}
+
+	return a
+}
+
+// Connect sends a Connect request to the turn server and returns a chosen connection ID
+func (a *TCPAllocation) Connect(peer net.Addr) (proto.ConnectionID, error) {
+	setters := []stun.Setter{
+		stun.TransactionID,
+		stun.NewType(stun.MethodConnect, stun.ClassRequest),
+		addr2PeerAddress(peer),
+		a.username,
+		a.realm,
+		a.nonce(),
+		a.integrity,
+		stun.Fingerprint,
+	}
+
+	msg, err := stun.Build(setters...)
+	if err != nil {
+		return 0, err
+	}
+
+	a.log.Debugf("Send connect request (peer=%v)", peer)
+	trRes, err := a.client.PerformTransaction(msg, a.serverAddr, false)
+	if err != nil {
+		return 0, err
+	}
+
+	res := trRes.Msg
+
+	if res.Type.Class == stun.ClassErrorResponse {
+		var code stun.ErrorCodeAttribute
+		if err = code.GetFrom(res); err == nil {
+			return 0, fmt.Errorf("%s (error %s)", res.Type, code) //nolint:goerr113
+		}
+
+		return 0, fmt.Errorf("%s", res.Type) //nolint:goerr113
+	}
+
+	var cid proto.ConnectionID
+	if err := cid.GetFrom(res); err != nil {
+		return 0, err
+	}
+
+	a.log.Debugf("Connect request successful (cid=%v)", cid)
+	return cid, nil
+}
+
+// Dial connects to the address on the named network.
+func (a *TCPAllocation) Dial(network, rAddrStr string) (net.Conn, error) {
+	rAddr, err := net.ResolveTCPAddr(network, rAddrStr)
+	if err != nil {
+		return nil, err
+	}
+
+	return a.DialTCP(network, nil, rAddr)
+}
+
+// DialWithConn connects to the address on the named network with an already existing connection.
+// The provided connection must be an already connected TCP connection to the TURN server.
+func (a *TCPAllocation) DialWithConn(conn net.Conn, network, rAddrStr string) (*TCPConn, error) {
+	rAddr, err := net.ResolveTCPAddr(network, rAddrStr)
+	if err != nil {
+		return nil, err
+	}
+
+	return a.DialTCPWithConn(conn, network, rAddr)
+}
+
+// DialTCP acts like Dial for TCP networks.
+func (a *TCPAllocation) DialTCP(network string, lAddr, rAddr *net.TCPAddr) (*TCPConn, error) {
+	var rAddrServer *net.TCPAddr
+	if addr, ok := a.serverAddr.(*net.TCPAddr); ok {
+		rAddrServer = &net.TCPAddr{
+			IP:   addr.IP,
+			Port: addr.Port,
+		}
+	} else {
+		return nil, errInvalidTURNAddress
+	}
+
+	conn, err := a.net.DialTCP(network, lAddr, rAddrServer)
+	if err != nil {
+		return nil, err
+	}
+
+	dataConn, err := a.DialTCPWithConn(conn, network, rAddr)
+	if err != nil {
+		conn.Close() //nolint:errcheck,gosec
+	}
+
+	return dataConn, err
+}
+
+// DialTCPWithConn acts like DialWithConn for TCP networks.
+func (a *TCPAllocation) DialTCPWithConn(conn net.Conn, _ string, rAddr *net.TCPAddr) (*TCPConn, error) {
+	var err error
+
+	// Check if we have a permission for the destination IP addr
+	perm, ok := a.permMap.find(rAddr)
+	if !ok {
+		perm = &permission{}
+		a.permMap.insert(rAddr, perm)
+	}
+
+	for i := 0; i < maxRetryAttempts; i++ {
+		if err = a.createPermission(perm, rAddr); !errors.Is(err, errTryAgain) {
+			break
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	// Send connect request if haven't done so.
+	cid, err := a.Connect(rAddr)
+	if err != nil {
+		return nil, err
+	}
+
+	tcpConn, ok := conn.(transport.TCPConn)
+	if !ok {
+		return nil, errTCPAddrCast
+	}
+
+	dataConn := &TCPConn{
+		TCPConn:       tcpConn,
+		ConnectionID:  cid,
+		remoteAddress: rAddr,
+		allocation:    a,
+	}
+
+	if err := a.BindConnection(dataConn, cid); err != nil {
+		return nil, fmt.Errorf("failed to bind connection: %w", err)
+	}
+
+	return dataConn, nil
+}
+
+// BindConnection associates the provided connection
+func (a *TCPAllocation) BindConnection(dataConn *TCPConn, cid proto.ConnectionID) error {
+	msg, err := stun.Build(
+		stun.TransactionID,
+		stun.NewType(stun.MethodConnectionBind, stun.ClassRequest),
+		cid,
+		a.username,
+		a.realm,
+		a.nonce(),
+		a.integrity,
+		stun.Fingerprint,
+	)
+	if err != nil {
+		return err
+	}
+
+	a.log.Debugf("Send connectionBind request (cid=%v)", cid)
+
+	_, err = dataConn.Write(msg.Raw)
+	if err != nil {
+		return err
+	}
+
+	// Read exactly one STUN message, any data after belongs to the user
+	b := make([]byte, stunHeaderSize)
+	n, err := dataConn.Read(b)
+	if n != stunHeaderSize {
+		return errIncompleteTURNFrame
+	} else if err != nil {
+		return err
+	}
+
+	if !stun.IsMessage(b) {
+		return errInvalidTURNFrame
+	}
+
+	datagramSize := binary.BigEndian.Uint16(b[2:4]) + stunHeaderSize
+	raw := make([]byte, datagramSize)
+	copy(raw, b)
+	_, err = dataConn.Read(raw[stunHeaderSize:])
+	if err != nil {
+		return err
+	}
+	res := &stun.Message{Raw: raw}
+	if err = res.Decode(); err != nil {
+		return fmt.Errorf("failed to decode STUN message: %w", err)
+	}
+
+	switch res.Type.Class {
+	case stun.ClassErrorResponse:
+		var code stun.ErrorCodeAttribute
+		if err = code.GetFrom(res); err == nil {
+			return fmt.Errorf("%s (error %s)", res.Type, code) //nolint:goerr113
+		}
+		return fmt.Errorf("%s", res.Type) //nolint:goerr113
+	case stun.ClassSuccessResponse:
+		a.log.Debug("Successful connectionBind request")
+		return nil
+	default:
+		return fmt.Errorf("%w: %s", errUnexpectedSTUNRequestMessage, res.String())
+	}
+}
+
+// Accept waits for and returns the next connection to the listener.
+func (a *TCPAllocation) Accept() (net.Conn, error) {
+	return a.AcceptTCP()
+}
+
+// AcceptTCP accepts the next incoming call and returns the new connection.
+func (a *TCPAllocation) AcceptTCP() (transport.TCPConn, error) {
+	addr, err := net.ResolveTCPAddr("tcp4", a.serverAddr.String())
+	if err != nil {
+		return nil, err
+	}
+
+	tcpConn, err := a.net.DialTCP("tcp", nil, addr)
+	if err != nil {
+		return nil, err
+	}
+
+	dataConn, err := a.AcceptTCPWithConn(tcpConn)
+	if err != nil {
+		tcpConn.Close() //nolint:errcheck,gosec
+	}
+
+	return dataConn, err
+}
+
+// AcceptTCPWithConn accepts the next incoming call and returns the new connection.
+func (a *TCPAllocation) AcceptTCPWithConn(conn net.Conn) (*TCPConn, error) {
+	select {
+	case attempt := <-a.connAttemptCh:
+
+		tcpConn, ok := conn.(transport.TCPConn)
+		if !ok {
+			return nil, errTCPAddrCast
+		}
+
+		dataConn := &TCPConn{
+			TCPConn:       tcpConn,
+			ConnectionID:  attempt.cid,
+			remoteAddress: attempt.from,
+			allocation:    a,
+		}
+
+		if err := a.BindConnection(dataConn, attempt.cid); err != nil {
+			return nil, fmt.Errorf("failed to bind connection: %w", err)
+		}
+
+		return dataConn, nil
+	case <-a.acceptTimer.C:
+		return nil, &net.OpError{
+			Op:   "accept",
+			Net:  a.Addr().Network(),
+			Addr: a.Addr(),
+			Err:  newTimeoutError("i/o timeout"),
+		}
+	}
+}
+
+// SetDeadline sets the deadline associated with the listener. A zero time value disables the deadline.
+func (a *TCPAllocation) SetDeadline(t time.Time) error {
+	var d time.Duration
+	if t == noDeadline() {
+		d = time.Duration(math.MaxInt64)
+	} else {
+		d = time.Until(t)
+	}
+	a.acceptTimer.Reset(d)
+	return nil
+}
+
+// Close releases the allocation
+// Any blocked Accept operations will be unblocked and return errors.
+// Any opened connection via Dial/Accept will be closed.
+func (a *TCPAllocation) Close() error {
+	a.refreshAllocTimer.Stop()
+	a.refreshPermsTimer.Stop()
+
+	a.client.OnDeallocated(a.relayedAddr)
+	return a.refreshAllocation(0, true /* dontWait=true */)
+}
+
+// Addr returns the relayed address of the allocation
+func (a *TCPAllocation) Addr() net.Addr {
+	return a.relayedAddr
+}
+
+// HandleConnectionAttempt is called by the TURN client
+// when it receives a ConnectionAttempt indication.
+func (a *TCPAllocation) HandleConnectionAttempt(from *net.TCPAddr, cid proto.ConnectionID) {
+	a.connAttemptCh <- &connectionAttempt{
+		from: from,
+		cid:  cid,
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/tcp_conn.go b/server/vendor/github.com/pion/turn/v2/internal/client/tcp_conn.go
new file mode 100644
index 0000000..06d50eb
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/tcp_conn.go
@@ -0,0 +1,49 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"errors"
+	"net"
+
+	"github.com/pion/transport/v2"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+var (
+	errInvalidTURNFrame    = errors.New("data is not a valid TURN frame, no STUN or ChannelData found")
+	errIncompleteTURNFrame = errors.New("data contains incomplete STUN or TURN frame")
+)
+
+const (
+	stunHeaderSize = 20
+)
+
+var _ transport.TCPConn = (*TCPConn)(nil) // Includes type check for net.Conn
+
+// TCPConn wraps a transport.TCPConn and returns the allocations relayed
+// transport address in response to TCPConn.LocalAddress()
+type TCPConn struct {
+	transport.TCPConn
+	remoteAddress *net.TCPAddr
+	allocation    *TCPAllocation
+	ConnectionID  proto.ConnectionID
+}
+
+type connectionAttempt struct {
+	from *net.TCPAddr
+	cid  proto.ConnectionID
+}
+
+// LocalAddr returns the local network address.
+// The Addr returned is shared by all invocations of LocalAddr, so do not modify it.
+func (c *TCPConn) LocalAddr() net.Addr {
+	return c.allocation.Addr()
+}
+
+// RemoteAddr returns the remote network address.
+// The Addr returned is shared by all invocations of RemoteAddr, so do not modify it.
+func (c *TCPConn) RemoteAddr() net.Addr {
+	return c.remoteAddress
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/transaction.go b/server/vendor/github.com/pion/turn/v2/internal/client/transaction.go
new file mode 100644
index 0000000..e447553
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/transaction.go
@@ -0,0 +1,188 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"net"
+	"sync"
+	"time"
+
+	"github.com/pion/stun"
+)
+
+const (
+	maxRtxInterval time.Duration = 1600 * time.Millisecond
+)
+
+// TransactionResult is a bag of result values of a transaction
+type TransactionResult struct {
+	Msg     *stun.Message
+	From    net.Addr
+	Retries int
+	Err     error
+}
+
+// TransactionConfig is a set of config params used by NewTransaction
+type TransactionConfig struct {
+	Key          string
+	Raw          []byte
+	To           net.Addr
+	Interval     time.Duration
+	IgnoreResult bool // True to throw away the result of this transaction (it will not be readable using WaitForResult)
+}
+
+// Transaction represents a transaction
+type Transaction struct {
+	Key      string                 // Read-only
+	Raw      []byte                 // Read-only
+	To       net.Addr               // Read-only
+	nRtx     int                    // Modified only by the timer thread
+	interval time.Duration          // Modified only by the timer thread
+	timer    *time.Timer            // Thread-safe, set only by the creator, and stopper
+	resultCh chan TransactionResult // Thread-safe
+	mutex    sync.RWMutex
+}
+
+// NewTransaction creates a new instance of Transaction
+func NewTransaction(config *TransactionConfig) *Transaction {
+	var resultCh chan TransactionResult
+	if !config.IgnoreResult {
+		resultCh = make(chan TransactionResult)
+	}
+
+	return &Transaction{
+		Key:      config.Key,      // Read-only
+		Raw:      config.Raw,      // Read-only
+		To:       config.To,       // Read-only
+		interval: config.Interval, // Modified only by the timer thread
+		resultCh: resultCh,        // Thread-safe
+	}
+}
+
+// StartRtxTimer starts the transaction timer
+func (t *Transaction) StartRtxTimer(onTimeout func(trKey string, nRtx int)) {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	t.timer = time.AfterFunc(t.interval, func() {
+		t.mutex.Lock()
+		t.nRtx++
+		nRtx := t.nRtx
+		t.interval *= 2
+		if t.interval > maxRtxInterval {
+			t.interval = maxRtxInterval
+		}
+		t.mutex.Unlock()
+		onTimeout(t.Key, nRtx)
+	})
+}
+
+// StopRtxTimer stop the transaction timer
+func (t *Transaction) StopRtxTimer() {
+	t.mutex.Lock()
+	defer t.mutex.Unlock()
+
+	if t.timer != nil {
+		t.timer.Stop()
+	}
+}
+
+// WriteResult writes the result to the result channel
+func (t *Transaction) WriteResult(res TransactionResult) bool {
+	if t.resultCh == nil {
+		return false
+	}
+
+	t.resultCh <- res
+
+	return true
+}
+
+// WaitForResult waits for the transaction result
+func (t *Transaction) WaitForResult() TransactionResult {
+	if t.resultCh == nil {
+		return TransactionResult{
+			Err: errWaitForResultOnNonResultTransaction,
+		}
+	}
+
+	result, ok := <-t.resultCh
+	if !ok {
+		result.Err = errTransactionClosed
+	}
+	return result
+}
+
+// Close closes the transaction
+func (t *Transaction) Close() {
+	if t.resultCh != nil {
+		close(t.resultCh)
+	}
+}
+
+// Retries returns the number of retransmission it has made
+func (t *Transaction) Retries() int {
+	t.mutex.RLock()
+	defer t.mutex.RUnlock()
+
+	return t.nRtx
+}
+
+// TransactionMap is a thread-safe transaction map
+type TransactionMap struct {
+	trMap map[string]*Transaction
+	mutex sync.RWMutex
+}
+
+// NewTransactionMap create a new instance of the transaction map
+func NewTransactionMap() *TransactionMap {
+	return &TransactionMap{
+		trMap: map[string]*Transaction{},
+	}
+}
+
+// Insert inserts a transaction to the map
+func (m *TransactionMap) Insert(key string, tr *Transaction) bool {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+
+	m.trMap[key] = tr
+	return true
+}
+
+// Find looks up a transaction by its key
+func (m *TransactionMap) Find(key string) (*Transaction, bool) {
+	m.mutex.RLock()
+	defer m.mutex.RUnlock()
+
+	tr, ok := m.trMap[key]
+	return tr, ok
+}
+
+// Delete deletes a transaction by its key
+func (m *TransactionMap) Delete(key string) {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+
+	delete(m.trMap, key)
+}
+
+// CloseAndDeleteAll closes and deletes all transactions
+func (m *TransactionMap) CloseAndDeleteAll() {
+	m.mutex.Lock()
+	defer m.mutex.Unlock()
+
+	for trKey, tr := range m.trMap {
+		tr.Close()
+		delete(m.trMap, trKey)
+	}
+}
+
+// Size returns the length of the transaction map
+func (m *TransactionMap) Size() int {
+	m.mutex.RLock()
+	defer m.mutex.RUnlock()
+
+	return len(m.trMap)
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/trylock.go b/server/vendor/github.com/pion/turn/v2/internal/client/trylock.go
new file mode 100644
index 0000000..6bfe6ff
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/trylock.go
@@ -0,0 +1,27 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package client
+
+import (
+	"sync/atomic"
+)
+
+// TryLock implement the classic  "try-lock" operation.
+type TryLock struct {
+	n int32
+}
+
+// Lock tries to lock the try-lock. If successful, it returns true.
+// Otherwise, it returns false immediately.
+func (c *TryLock) Lock() error {
+	if !atomic.CompareAndSwapInt32(&c.n, 0, 1) {
+		return errDoubleLock
+	}
+	return nil
+}
+
+// Unlock unlocks the try-lock.
+func (c *TryLock) Unlock() {
+	atomic.StoreInt32(&c.n, 0)
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/client/udp_conn.go b/server/vendor/github.com/pion/turn/v2/internal/client/udp_conn.go
new file mode 100644
index 0000000..f73bf5b
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/client/udp_conn.go
@@ -0,0 +1,455 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package client implements the API for a TURN client
+package client
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"math"
+	"net"
+	"time"
+
+	"github.com/pion/stun"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+const (
+	maxReadQueueSize    = 1024
+	permRefreshInterval = 120 * time.Second
+	maxRetryAttempts    = 3
+)
+
+const (
+	timerIDRefreshAlloc int = iota
+	timerIDRefreshPerms
+)
+
+type inboundData struct {
+	data []byte
+	from net.Addr
+}
+
+// UDPConn is the implementation of the Conn and PacketConn interfaces for UDP network connections.
+// compatible with net.PacketConn and net.Conn
+type UDPConn struct {
+	bindingMgr *bindingManager   // Thread-safe
+	readCh     chan *inboundData // Thread-safe
+	closeCh    chan struct{}     // Thread-safe
+	allocation
+}
+
+// NewUDPConn creates a new instance of UDPConn
+func NewUDPConn(config *AllocationConfig) *UDPConn {
+	c := &UDPConn{
+		bindingMgr: newBindingManager(),
+		readCh:     make(chan *inboundData, maxReadQueueSize),
+		closeCh:    make(chan struct{}),
+		allocation: allocation{
+			client:      config.Client,
+			relayedAddr: config.RelayedAddr,
+			serverAddr:  config.ServerAddr,
+			readTimer:   time.NewTimer(time.Duration(math.MaxInt64)),
+			permMap:     newPermissionMap(),
+			username:    config.Username,
+			realm:       config.Realm,
+			integrity:   config.Integrity,
+			_nonce:      config.Nonce,
+			_lifetime:   config.Lifetime,
+			net:         config.Net,
+			log:         config.Log,
+		},
+	}
+
+	c.log.Debugf("Initial lifetime: %d seconds", int(c.lifetime().Seconds()))
+
+	c.refreshAllocTimer = NewPeriodicTimer(
+		timerIDRefreshAlloc,
+		c.onRefreshTimers,
+		c.lifetime()/2,
+	)
+
+	c.refreshPermsTimer = NewPeriodicTimer(
+		timerIDRefreshPerms,
+		c.onRefreshTimers,
+		permRefreshInterval,
+	)
+
+	if c.refreshAllocTimer.Start() {
+		c.log.Debugf("Started refresh allocation timer")
+	}
+	if c.refreshPermsTimer.Start() {
+		c.log.Debugf("Started refresh permission timer")
+	}
+
+	return c
+}
+
+// ReadFrom reads a packet from the connection,
+// copying the payload into p. It returns the number of
+// bytes copied into p and the return address that
+// was on the packet.
+// It returns the number of bytes read (0 <= n <= len(p))
+// and any error encountered. Callers should always process
+// the n > 0 bytes returned before considering the error err.
+// ReadFrom can be made to time out and return
+// an Error with Timeout() == true after a fixed time limit;
+// see SetDeadline and SetReadDeadline.
+func (c *UDPConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
+	for {
+		select {
+		case ibData := <-c.readCh:
+			n := copy(p, ibData.data)
+			if n < len(ibData.data) {
+				return 0, nil, io.ErrShortBuffer
+			}
+			return n, ibData.from, nil
+
+		case <-c.readTimer.C:
+			return 0, nil, &net.OpError{
+				Op:   "read",
+				Net:  c.LocalAddr().Network(),
+				Addr: c.LocalAddr(),
+				Err:  newTimeoutError("i/o timeout"),
+			}
+
+		case <-c.closeCh:
+			return 0, nil, &net.OpError{
+				Op:   "read",
+				Net:  c.LocalAddr().Network(),
+				Addr: c.LocalAddr(),
+				Err:  errClosed,
+			}
+		}
+	}
+}
+
+func (a *allocation) createPermission(perm *permission, addr net.Addr) error {
+	perm.mutex.Lock()
+	defer perm.mutex.Unlock()
+
+	if perm.state() == permStateIdle {
+		// Punch a hole! (this would block a bit..)
+		if err := a.CreatePermissions(addr); err != nil {
+			a.permMap.delete(addr)
+			return err
+		}
+		perm.setState(permStatePermitted)
+	}
+	return nil
+}
+
+// WriteTo writes a packet with payload p to addr.
+// WriteTo can be made to time out and return
+// an Error with Timeout() == true after a fixed time limit;
+// see SetDeadline and SetWriteDeadline.
+// On packet-oriented connections, write timeouts are rare.
+func (c *UDPConn) WriteTo(p []byte, addr net.Addr) (int, error) { //nolint: gocognit
+	var err error
+	_, ok := addr.(*net.UDPAddr)
+	if !ok {
+		return 0, errUDPAddrCast
+	}
+
+	// Check if we have a permission for the destination IP addr
+	perm, ok := c.permMap.find(addr)
+	if !ok {
+		perm = &permission{}
+		c.permMap.insert(addr, perm)
+	}
+
+	for i := 0; i < maxRetryAttempts; i++ {
+		// c.createPermission() would block, per destination IP (, or perm),
+		// until the perm state becomes "requested". Purpose of this is to
+		// guarantee the order of packets (within the same perm).
+		// Note that CreatePermission transaction may not be complete before
+		// all the data transmission. This is done assuming that the request
+		// will be most likely successful and we can tolerate some loss of
+		// UDP packet (or reorder), inorder to minimize the latency in most cases.
+		if err = c.createPermission(perm, addr); !errors.Is(err, errTryAgain) {
+			break
+		}
+	}
+	if err != nil {
+		return 0, err
+	}
+
+	// Bind channel
+	b, ok := c.bindingMgr.findByAddr(addr)
+	if !ok {
+		b = c.bindingMgr.create(addr)
+	}
+
+	bindSt := b.state()
+
+	if bindSt == bindingStateIdle || bindSt == bindingStateRequest || bindSt == bindingStateFailed {
+		func() {
+			// Block only callers with the same binding until
+			// the binding transaction has been complete
+			b.muBind.Lock()
+			defer b.muBind.Unlock()
+
+			// Binding state may have been changed while waiting. check again.
+			if b.state() == bindingStateIdle {
+				b.setState(bindingStateRequest)
+				go func() {
+					err2 := c.bind(b)
+					if err2 != nil {
+						c.log.Warnf("Failed to bind bind(): %s", err2)
+						b.setState(bindingStateFailed)
+						// Keep going...
+					} else {
+						b.setState(bindingStateReady)
+					}
+				}()
+			}
+		}()
+
+		// Send data using SendIndication
+		peerAddr := addr2PeerAddress(addr)
+		var msg *stun.Message
+		msg, err = stun.Build(
+			stun.TransactionID,
+			stun.NewType(stun.MethodSend, stun.ClassIndication),
+			proto.Data(p),
+			peerAddr,
+			stun.Fingerprint,
+		)
+		if err != nil {
+			return 0, err
+		}
+
+		// Indication has no transaction (fire-and-forget)
+
+		return c.client.WriteTo(msg.Raw, c.serverAddr)
+	}
+
+	// Binding is either ready
+
+	// Check if the binding needs a refresh
+	func() {
+		b.muBind.Lock()
+		defer b.muBind.Unlock()
+
+		if b.state() == bindingStateReady && time.Since(b.refreshedAt()) > 5*time.Minute {
+			b.setState(bindingStateRefresh)
+			go func() {
+				err = c.bind(b)
+				if err != nil {
+					c.log.Warnf("Failed to bind() for refresh: %s", err)
+					b.setState(bindingStateFailed)
+					// Keep going...
+				} else {
+					b.setRefreshedAt(time.Now())
+					b.setState(bindingStateReady)
+				}
+			}()
+		}
+	}()
+
+	// Send via ChannelData
+	_, err = c.sendChannelData(p, b.number)
+	if err != nil {
+		return 0, err
+	}
+	return len(p), nil
+}
+
+// Close closes the connection.
+// Any blocked ReadFrom or WriteTo operations will be unblocked and return errors.
+func (c *UDPConn) Close() error {
+	c.refreshAllocTimer.Stop()
+	c.refreshPermsTimer.Stop()
+
+	select {
+	case <-c.closeCh:
+		return errAlreadyClosed
+	default:
+		close(c.closeCh)
+	}
+
+	c.client.OnDeallocated(c.relayedAddr)
+	return c.refreshAllocation(0, true /* dontWait=true */)
+}
+
+// LocalAddr returns the local network address.
+func (c *UDPConn) LocalAddr() net.Addr {
+	return c.relayedAddr
+}
+
+// SetDeadline sets the read and write deadlines associated
+// with the connection. It is equivalent to calling both
+// SetReadDeadline and SetWriteDeadline.
+//
+// A deadline is an absolute time after which I/O operations
+// fail with a timeout (see type Error) instead of
+// blocking. The deadline applies to all future and pending
+// I/O, not just the immediately following call to ReadFrom or
+// WriteTo. After a deadline has been exceeded, the connection
+// can be refreshed by setting a deadline in the future.
+//
+// An idle timeout can be implemented by repeatedly extending
+// the deadline after successful ReadFrom or WriteTo calls.
+//
+// A zero value for t means I/O operations will not time out.
+func (c *UDPConn) SetDeadline(t time.Time) error {
+	return c.SetReadDeadline(t)
+}
+
+// SetReadDeadline sets the deadline for future ReadFrom calls
+// and any currently-blocked ReadFrom call.
+// A zero value for t means ReadFrom will not time out.
+func (c *UDPConn) SetReadDeadline(t time.Time) error {
+	var d time.Duration
+	if t == noDeadline() {
+		d = time.Duration(math.MaxInt64)
+	} else {
+		d = time.Until(t)
+	}
+	c.readTimer.Reset(d)
+	return nil
+}
+
+// SetWriteDeadline sets the deadline for future WriteTo calls
+// and any currently-blocked WriteTo call.
+// Even if write times out, it may return n > 0, indicating that
+// some of the data was successfully written.
+// A zero value for t means WriteTo will not time out.
+func (c *UDPConn) SetWriteDeadline(time.Time) error {
+	// Write never blocks.
+	return nil
+}
+
+func addr2PeerAddress(addr net.Addr) proto.PeerAddress {
+	var peerAddr proto.PeerAddress
+	switch a := addr.(type) {
+	case *net.UDPAddr:
+		peerAddr.IP = a.IP
+		peerAddr.Port = a.Port
+	case *net.TCPAddr:
+		peerAddr.IP = a.IP
+		peerAddr.Port = a.Port
+	}
+
+	return peerAddr
+}
+
+// CreatePermissions Issues a CreatePermission request for the supplied addresses
+// as described in https://datatracker.ietf.org/doc/html/rfc5766#section-9
+func (a *allocation) CreatePermissions(addrs ...net.Addr) error {
+	setters := []stun.Setter{
+		stun.TransactionID,
+		stun.NewType(stun.MethodCreatePermission, stun.ClassRequest),
+	}
+
+	for _, addr := range addrs {
+		setters = append(setters, addr2PeerAddress(addr))
+	}
+
+	setters = append(setters,
+		a.username,
+		a.realm,
+		a.nonce(),
+		a.integrity,
+		stun.Fingerprint)
+
+	msg, err := stun.Build(setters...)
+	if err != nil {
+		return err
+	}
+
+	trRes, err := a.client.PerformTransaction(msg, a.serverAddr, false)
+	if err != nil {
+		return err
+	}
+
+	res := trRes.Msg
+
+	if res.Type.Class == stun.ClassErrorResponse {
+		var code stun.ErrorCodeAttribute
+		if err = code.GetFrom(res); err == nil {
+			if code.Code == stun.CodeStaleNonce {
+				a.setNonceFromMsg(res)
+				return errTryAgain
+			}
+			return fmt.Errorf("%s (error %s)", res.Type, code) //nolint:goerr113
+		}
+		return fmt.Errorf("%s", res.Type) //nolint:goerr113
+	}
+
+	return nil
+}
+
+// HandleInbound passes inbound data in UDPConn
+func (c *UDPConn) HandleInbound(data []byte, from net.Addr) {
+	// Copy data
+	copied := make([]byte, len(data))
+	copy(copied, data)
+
+	select {
+	case c.readCh <- &inboundData{data: copied, from: from}:
+	default:
+		c.log.Warnf("Receive buffer full")
+	}
+}
+
+// FindAddrByChannelNumber returns a peer address associated with the
+// channel number on this UDPConn
+func (c *UDPConn) FindAddrByChannelNumber(chNum uint16) (net.Addr, bool) {
+	b, ok := c.bindingMgr.findByNumber(chNum)
+	if !ok {
+		return nil, false
+	}
+	return b.addr, true
+}
+
+func (c *UDPConn) bind(b *binding) error {
+	setters := []stun.Setter{
+		stun.TransactionID,
+		stun.NewType(stun.MethodChannelBind, stun.ClassRequest),
+		addr2PeerAddress(b.addr),
+		proto.ChannelNumber(b.number),
+		c.username,
+		c.realm,
+		c.nonce(),
+		c.integrity,
+		stun.Fingerprint,
+	}
+
+	msg, err := stun.Build(setters...)
+	if err != nil {
+		return err
+	}
+
+	trRes, err := c.client.PerformTransaction(msg, c.serverAddr, false)
+	if err != nil {
+		c.bindingMgr.deleteByAddr(b.addr)
+		return err
+	}
+
+	res := trRes.Msg
+
+	if res.Type != stun.NewType(stun.MethodChannelBind, stun.ClassSuccessResponse) {
+		return fmt.Errorf("unexpected response type %s", res.Type) //nolint:goerr113
+	}
+
+	c.log.Debugf("Channel binding successful: %s %d", b.addr, b.number)
+
+	// Success.
+	return nil
+}
+
+func (c *UDPConn) sendChannelData(data []byte, chNum uint16) (int, error) {
+	chData := &proto.ChannelData{
+		Data:   data,
+		Number: proto.ChannelNumber(chNum),
+	}
+	chData.Encode()
+	_, err := c.client.WriteTo(chData.Raw, c.serverAddr)
+	if err != nil {
+		return 0, err
+	}
+	return len(data), nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/ipnet/util.go b/server/vendor/github.com/pion/turn/v2/internal/ipnet/util.go
new file mode 100644
index 0000000..c3a5b32
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/ipnet/util.go
@@ -0,0 +1,55 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package ipnet contains helper functions around net and IP
+package ipnet
+
+import (
+	"errors"
+	"net"
+)
+
+var errFailedToCastAddr = errors.New("failed to cast net.Addr to *net.UDPAddr or *net.TCPAddr")
+
+// AddrIPPort extracts the IP and Port from a net.Addr
+func AddrIPPort(a net.Addr) (net.IP, int, error) {
+	aUDP, ok := a.(*net.UDPAddr)
+	if ok {
+		return aUDP.IP, aUDP.Port, nil
+	}
+
+	aTCP, ok := a.(*net.TCPAddr)
+	if ok {
+		return aTCP.IP, aTCP.Port, nil
+	}
+
+	return nil, 0, errFailedToCastAddr
+}
+
+// AddrEqual asserts that two net.Addrs are equal
+// Currently only supports UDP but will be extended in the future to support others
+func AddrEqual(a, b net.Addr) bool {
+	aUDP, ok := a.(*net.UDPAddr)
+	if !ok {
+		return false
+	}
+
+	bUDP, ok := b.(*net.UDPAddr)
+	if !ok {
+		return false
+	}
+
+	return aUDP.IP.Equal(bUDP.IP) && aUDP.Port == bUDP.Port
+}
+
+// FingerprintAddr generates a fingerprint from net.UDPAddr or net.TCPAddr's
+// which can be used for indexing maps.
+func FingerprintAddr(addr net.Addr) string {
+	switch a := addr.(type) {
+	case *net.UDPAddr:
+		return a.IP.String()
+	case *net.TCPAddr: // Do we really need this case?
+		return a.IP.String()
+	}
+	return "" // Should never happen
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/addr.go b/server/vendor/github.com/pion/turn/v2/internal/proto/addr.go
new file mode 100644
index 0000000..7d4db8b
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/addr.go
@@ -0,0 +1,68 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"fmt"
+	"net"
+)
+
+// Addr is ip:port.
+type Addr struct {
+	IP   net.IP
+	Port int
+}
+
+// Network implements net.Addr.
+func (Addr) Network() string { return "turn" }
+
+// FromUDPAddr sets addr to UDPAddr.
+func (a *Addr) FromUDPAddr(n *net.UDPAddr) {
+	a.IP = n.IP
+	a.Port = n.Port
+}
+
+// Equal returns true if b == a.
+func (a Addr) Equal(b Addr) bool {
+	if a.Port != b.Port {
+		return false
+	}
+	return a.IP.Equal(b.IP)
+}
+
+// EqualIP returns true if a and b have equal IP addresses.
+func (a Addr) EqualIP(b Addr) bool {
+	return a.IP.Equal(b.IP)
+}
+
+func (a Addr) String() string {
+	return fmt.Sprintf("%s:%d", a.IP, a.Port)
+}
+
+// FiveTuple represents 5-TUPLE value.
+type FiveTuple struct {
+	Client Addr
+	Server Addr
+	Proto  Protocol
+}
+
+func (t FiveTuple) String() string {
+	return fmt.Sprintf("%s->%s (%s)",
+		t.Client, t.Server, t.Proto,
+	)
+}
+
+// Equal returns true if b == t.
+func (t FiveTuple) Equal(b FiveTuple) bool {
+	if t.Proto != b.Proto {
+		return false
+	}
+	if !t.Client.Equal(b.Client) {
+		return false
+	}
+	if !t.Server.Equal(b.Server) {
+		return false
+	}
+	return true
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/chandata.go b/server/vendor/github.com/pion/turn/v2/internal/proto/chandata.go
new file mode 100644
index 0000000..df93711
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/chandata.go
@@ -0,0 +1,143 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"bytes"
+	"encoding/binary"
+	"errors"
+	"io"
+)
+
+// ChannelData represents The ChannelData Message.
+//
+// See RFC 5766 Section 11.4
+type ChannelData struct {
+	Data   []byte // Can be sub slice of Raw
+	Length int    // Ignored while encoding, len(Data) is used
+	Number ChannelNumber
+	Raw    []byte
+}
+
+// Equal returns true if b == c.
+func (c *ChannelData) Equal(b *ChannelData) bool {
+	if c == nil && b == nil {
+		return true
+	}
+	if c == nil || b == nil {
+		return false
+	}
+	if c.Number != b.Number {
+		return false
+	}
+	if len(c.Data) != len(b.Data) {
+		return false
+	}
+	return bytes.Equal(c.Data, b.Data)
+}
+
+// Grow ensures that internal buffer will fit v more bytes and
+// increases it capacity if necessary.
+//
+// Similar to stun.Message.grow method.
+func (c *ChannelData) grow(v int) {
+	n := len(c.Raw) + v
+	for cap(c.Raw) < n {
+		c.Raw = append(c.Raw, 0)
+	}
+	c.Raw = c.Raw[:n]
+}
+
+// Reset resets Length, Data and Raw length.
+func (c *ChannelData) Reset() {
+	c.Raw = c.Raw[:0]
+	c.Length = 0
+	c.Data = c.Data[:0]
+}
+
+// Encode encodes ChannelData Message to Raw.
+func (c *ChannelData) Encode() {
+	c.Raw = c.Raw[:0]
+	c.WriteHeader()
+	c.Raw = append(c.Raw, c.Data...)
+	padded := nearestPaddedValueLength(len(c.Raw))
+	if bytesToAdd := padded - len(c.Raw); bytesToAdd > 0 {
+		for i := 0; i < bytesToAdd; i++ {
+			c.Raw = append(c.Raw, 0)
+		}
+	}
+}
+
+const padding = 4
+
+func nearestPaddedValueLength(l int) int {
+	n := padding * (l / padding)
+	if n < l {
+		n += padding
+	}
+	return n
+}
+
+// WriteHeader writes channel number and length.
+func (c *ChannelData) WriteHeader() {
+	if len(c.Raw) < channelDataHeaderSize {
+		// Making WriteHeader call valid even when c.Raw
+		// is nil or len(c.Raw) is less than needed for header.
+		c.grow(channelDataHeaderSize)
+	}
+	// Early bounds check to guarantee safety of writes below.
+	_ = c.Raw[:channelDataHeaderSize]
+	binary.BigEndian.PutUint16(c.Raw[:channelDataNumberSize], uint16(c.Number))
+	binary.BigEndian.PutUint16(c.Raw[channelDataNumberSize:channelDataHeaderSize],
+		uint16(len(c.Data)),
+	)
+}
+
+// ErrBadChannelDataLength means that channel data length is not equal
+// to actual data length.
+var ErrBadChannelDataLength = errors.New("channelData length != len(Data)")
+
+// Decode decodes The ChannelData Message from Raw.
+func (c *ChannelData) Decode() error {
+	buf := c.Raw
+	if len(buf) < channelDataHeaderSize {
+		return io.ErrUnexpectedEOF
+	}
+	num := binary.BigEndian.Uint16(buf[:channelDataNumberSize])
+	c.Number = ChannelNumber(num)
+	l := binary.BigEndian.Uint16(buf[channelDataNumberSize:channelDataHeaderSize])
+	c.Data = buf[channelDataHeaderSize:]
+	c.Length = int(l)
+	if !c.Number.Valid() {
+		return ErrInvalidChannelNumber
+	}
+	if int(l) < len(c.Data) {
+		c.Data = c.Data[:int(l)]
+	}
+	if int(l) > len(buf[channelDataHeaderSize:]) {
+		return ErrBadChannelDataLength
+	}
+	return nil
+}
+
+const (
+	channelDataLengthSize = 2
+	channelDataNumberSize = channelDataLengthSize
+	channelDataHeaderSize = channelDataLengthSize + channelDataNumberSize
+)
+
+// IsChannelData returns true if buf looks like the ChannelData Message.
+func IsChannelData(buf []byte) bool {
+	if len(buf) < channelDataHeaderSize {
+		return false
+	}
+
+	if int(binary.BigEndian.Uint16(buf[channelDataNumberSize:channelDataHeaderSize])) > len(buf[channelDataHeaderSize:]) {
+		return false
+	}
+
+	// Quick check for channel number.
+	num := binary.BigEndian.Uint16(buf[0:channelNumberSize])
+	return isChannelNumberValid(num)
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/chann.go b/server/vendor/github.com/pion/turn/v2/internal/proto/chann.go
new file mode 100644
index 0000000..f85c6a1
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/chann.go
@@ -0,0 +1,70 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"encoding/binary"
+	"errors"
+	"strconv"
+
+	"github.com/pion/stun"
+)
+
+// ChannelNumber represents CHANNEL-NUMBER attribute.
+//
+// The CHANNEL-NUMBER attribute contains the number of the channel.
+//
+// RFC 5766 Section 14.1
+type ChannelNumber uint16 // Encoded as uint16
+
+func (n ChannelNumber) String() string { return strconv.Itoa(int(n)) }
+
+// 16 bits of uint + 16 bits of RFFU = 0.
+const channelNumberSize = 4
+
+// AddTo adds CHANNEL-NUMBER to message.
+func (n ChannelNumber) AddTo(m *stun.Message) error {
+	v := make([]byte, channelNumberSize)
+	binary.BigEndian.PutUint16(v[:2], uint16(n))
+	// v[2:4] are zeroes (RFFU = 0)
+	m.Add(stun.AttrChannelNumber, v)
+	return nil
+}
+
+// GetFrom decodes CHANNEL-NUMBER from message.
+func (n *ChannelNumber) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrChannelNumber)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(stun.AttrChannelNumber, len(v), channelNumberSize); err != nil {
+		return err
+	}
+	_ = v[channelNumberSize-1] // Asserting length
+	*n = ChannelNumber(binary.BigEndian.Uint16(v[:2]))
+	// v[2:4] is RFFU and equals to 0.
+	return nil
+}
+
+// See https://tools.ietf.org/html/rfc5766#section-11:
+//
+// 0x4000 through 0x7FFF: These values are the allowed channel
+// numbers (16,383 possible values).
+const (
+	MinChannelNumber = 0x4000
+	MaxChannelNumber = 0x7FFF
+)
+
+// ErrInvalidChannelNumber means that channel number is not valid as by RFC 5766 Section 11.
+var ErrInvalidChannelNumber = errors.New("channel number not in [0x4000, 0x7FFF]")
+
+// isChannelNumberValid returns true if c in [0x4000, 0x7FFF].
+func isChannelNumberValid(c uint16) bool {
+	return c >= MinChannelNumber && c <= MaxChannelNumber
+}
+
+// Valid returns true if channel number has correct value that complies RFC 5766 Section 11 range.
+func (n ChannelNumber) Valid() bool {
+	return isChannelNumberValid(uint16(n))
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/connection_id.go b/server/vendor/github.com/pion/turn/v2/internal/proto/connection_id.go
new file mode 100644
index 0000000..8827da6
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/connection_id.go
@@ -0,0 +1,42 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"encoding/binary"
+
+	"github.com/pion/stun"
+)
+
+// ConnectionID represents CONNECTION-ID attribute.
+//
+// The CONNECTION-ID attribute uniquely identifies a peer data
+// connection.  It is a 32-bit unsigned integral value.
+//
+// RFC 6062 Section 6.2.1
+type ConnectionID uint32
+
+const connectionIDSize = 4 // uint32: 4 bytes, 32 bits
+
+// AddTo adds CONNECTION-ID to message.
+func (c ConnectionID) AddTo(m *stun.Message) error {
+	v := make([]byte, lifetimeSize)
+	binary.BigEndian.PutUint32(v, uint32(c))
+	m.Add(stun.AttrConnectionID, v)
+	return nil
+}
+
+// GetFrom decodes CONNECTION-ID from message.
+func (c *ConnectionID) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrConnectionID)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(stun.AttrConnectionID, len(v), connectionIDSize); err != nil {
+		return err
+	}
+	_ = v[connectionIDSize-1] // Asserting length
+	*(*uint32)(c) = binary.BigEndian.Uint32(v)
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/data.go b/server/vendor/github.com/pion/turn/v2/internal/proto/data.go
new file mode 100644
index 0000000..d3cf313
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/data.go
@@ -0,0 +1,33 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import "github.com/pion/stun"
+
+// Data represents DATA attribute.
+//
+// The DATA attribute is present in all Send and Data indications.  The
+// value portion of this attribute is variable length and consists of
+// the application data (that is, the data that would immediately follow
+// the UDP header if the data was been sent directly between the client
+// and the peer).
+//
+// RFC 5766 Section 14.4
+type Data []byte
+
+// AddTo adds DATA to message.
+func (d Data) AddTo(m *stun.Message) error {
+	m.Add(stun.AttrData, d)
+	return nil
+}
+
+// GetFrom decodes DATA from message.
+func (d *Data) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrData)
+	if err != nil {
+		return err
+	}
+	*d = v
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/dontfrag.go b/server/vendor/github.com/pion/turn/v2/internal/proto/dontfrag.go
new file mode 100644
index 0000000..317938c
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/dontfrag.go
@@ -0,0 +1,45 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"github.com/pion/stun"
+)
+
+// DontFragmentAttr is a deprecated alias for DontFragment
+// Deprecated: Please use DontFragment
+type DontFragmentAttr = DontFragment
+
+// DontFragment represents DONT-FRAGMENT attribute.
+//
+// This attribute is used by the client to request that the server set
+// the DF (Don't Fragment) bit in the IP header when relaying the
+// application data onward to the peer.  This attribute has no value
+// part and thus the attribute length field is 0.
+//
+// RFC 5766 Section 14.8
+type DontFragment struct{}
+
+const dontFragmentSize = 0
+
+// AddTo adds DONT-FRAGMENT attribute to message.
+func (DontFragment) AddTo(m *stun.Message) error {
+	m.Add(stun.AttrDontFragment, nil)
+	return nil
+}
+
+// GetFrom decodes DONT-FRAGMENT from message.
+func (d *DontFragment) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrDontFragment)
+	if err != nil {
+		return err
+	}
+	return stun.CheckSize(stun.AttrDontFragment, len(v), dontFragmentSize)
+}
+
+// IsSet returns true if DONT-FRAGMENT attribute is set.
+func (DontFragment) IsSet(m *stun.Message) bool {
+	_, err := m.Get(stun.AttrDontFragment)
+	return err == nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/evenport.go b/server/vendor/github.com/pion/turn/v2/internal/proto/evenport.go
new file mode 100644
index 0000000..c41df32
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/evenport.go
@@ -0,0 +1,58 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import "github.com/pion/stun"
+
+// EvenPort represents EVEN-PORT attribute.
+//
+// This attribute allows the client to request that the port in the
+// relayed transport address be even, and (optionally) that the server
+// reserve the next-higher port number.
+//
+// RFC 5766 Section 14.6
+type EvenPort struct {
+	// ReservePort means that the server is requested to reserve
+	// the next-higher port number (on the same IP address)
+	// for a subsequent allocation.
+	ReservePort bool
+}
+
+func (p EvenPort) String() string {
+	if p.ReservePort {
+		return "reserve: true"
+	}
+	return "reserve: false"
+}
+
+const (
+	evenPortSize = 1
+	firstBitSet  = (1 << 8) - 1 // 0b100000000
+)
+
+// AddTo adds EVEN-PORT to message.
+func (p EvenPort) AddTo(m *stun.Message) error {
+	v := make([]byte, evenPortSize)
+	if p.ReservePort {
+		// Set first bit to 1.
+		v[0] = firstBitSet
+	}
+	m.Add(stun.AttrEvenPort, v)
+	return nil
+}
+
+// GetFrom decodes EVEN-PORT from message.
+func (p *EvenPort) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrEvenPort)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(stun.AttrEvenPort, len(v), evenPortSize); err != nil {
+		return err
+	}
+	if v[0]&firstBitSet > 0 {
+		p.ReservePort = true
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/lifetime.go b/server/vendor/github.com/pion/turn/v2/internal/proto/lifetime.go
new file mode 100644
index 0000000..4405c77
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/lifetime.go
@@ -0,0 +1,55 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"encoding/binary"
+	"time"
+
+	"github.com/pion/stun"
+)
+
+// DefaultLifetime in RFC 5766 is 10 minutes.
+//
+// RFC 5766 Section 2.2
+const DefaultLifetime = time.Minute * 10
+
+// Lifetime represents LIFETIME attribute.
+//
+// The LIFETIME attribute represents the duration for which the server
+// will maintain an allocation in the absence of a refresh. The value
+// portion of this attribute is 4-bytes long and consists of a 32-bit
+// unsigned integral value representing the number of seconds remaining
+// until expiration.
+//
+// RFC 5766 Section 14.2
+type Lifetime struct {
+	time.Duration
+}
+
+// Seconds in uint32
+const lifetimeSize = 4 // 4 bytes, 32 bits
+
+// AddTo adds LIFETIME to message.
+func (l Lifetime) AddTo(m *stun.Message) error {
+	v := make([]byte, lifetimeSize)
+	binary.BigEndian.PutUint32(v, uint32(l.Seconds()))
+	m.Add(stun.AttrLifetime, v)
+	return nil
+}
+
+// GetFrom decodes LIFETIME from message.
+func (l *Lifetime) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrLifetime)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(stun.AttrLifetime, len(v), lifetimeSize); err != nil {
+		return err
+	}
+	_ = v[lifetimeSize-1] // Asserting length
+	seconds := binary.BigEndian.Uint32(v)
+	l.Duration = time.Second * time.Duration(seconds)
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/peeraddr.go b/server/vendor/github.com/pion/turn/v2/internal/proto/peeraddr.go
new file mode 100644
index 0000000..a562d5a
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/peeraddr.go
@@ -0,0 +1,45 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"net"
+
+	"github.com/pion/stun"
+)
+
+// PeerAddress implements XOR-PEER-ADDRESS attribute.
+//
+// The XOR-PEER-ADDRESS specifies the address and port of the peer as
+// seen from the TURN server. (For example, the peer's server-reflexive
+// transport address if the peer is behind a NAT.)
+//
+// RFC 5766 Section 14.3
+type PeerAddress struct {
+	IP   net.IP
+	Port int
+}
+
+func (a PeerAddress) String() string {
+	return stun.XORMappedAddress(a).String()
+}
+
+// AddTo adds XOR-PEER-ADDRESS to message.
+func (a PeerAddress) AddTo(m *stun.Message) error {
+	return stun.XORMappedAddress(a).AddToAs(m, stun.AttrXORPeerAddress)
+}
+
+// GetFrom decodes XOR-PEER-ADDRESS from message.
+func (a *PeerAddress) GetFrom(m *stun.Message) error {
+	return (*stun.XORMappedAddress)(a).GetFromAs(m, stun.AttrXORPeerAddress)
+}
+
+// XORPeerAddress implements XOR-PEER-ADDRESS attribute.
+//
+// The XOR-PEER-ADDRESS specifies the address and port of the peer as
+// seen from the TURN server. (For example, the peer's server-reflexive
+// transport address if the peer is behind a NAT.)
+//
+// RFC 5766 Section 14.3
+type XORPeerAddress = PeerAddress
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/proto.go b/server/vendor/github.com/pion/turn/v2/internal/proto/proto.go
new file mode 100644
index 0000000..e584268
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/proto.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package proto implements RFC 5766 Traversal Using Relays around NAT.
+package proto
+
+import (
+	"github.com/pion/stun"
+)
+
+// Default ports for TURN from RFC 5766 Section 4.
+const (
+	// DefaultPort for TURN is same as STUN.
+	DefaultPort = stun.DefaultPort
+	// DefaultTLSPort is for TURN over TLS and is same as STUN.
+	DefaultTLSPort = stun.DefaultTLSPort
+)
+
+// CreatePermissionRequest is shorthand for create permission request type.
+func CreatePermissionRequest() stun.MessageType {
+	return stun.NewType(stun.MethodCreatePermission, stun.ClassRequest)
+}
+
+// AllocateRequest is shorthand for allocation request message type.
+func AllocateRequest() stun.MessageType { return stun.NewType(stun.MethodAllocate, stun.ClassRequest) }
+
+// SendIndication is shorthand for send indication message type.
+func SendIndication() stun.MessageType { return stun.NewType(stun.MethodSend, stun.ClassIndication) }
+
+// RefreshRequest is shorthand for refresh request message type.
+func RefreshRequest() stun.MessageType { return stun.NewType(stun.MethodRefresh, stun.ClassRequest) }
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/relayedaddr.go b/server/vendor/github.com/pion/turn/v2/internal/proto/relayedaddr.go
new file mode 100644
index 0000000..d4dcc75
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/relayedaddr.go
@@ -0,0 +1,43 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"net"
+
+	"github.com/pion/stun"
+)
+
+// RelayedAddress implements XOR-RELAYED-ADDRESS attribute.
+//
+// It specifies the address and port that the server allocated to the
+// client. It is encoded in the same way as XOR-MAPPED-ADDRESS.
+//
+// RFC 5766 Section 14.5
+type RelayedAddress struct {
+	IP   net.IP
+	Port int
+}
+
+func (a RelayedAddress) String() string {
+	return stun.XORMappedAddress(a).String()
+}
+
+// AddTo adds XOR-PEER-ADDRESS to message.
+func (a RelayedAddress) AddTo(m *stun.Message) error {
+	return stun.XORMappedAddress(a).AddToAs(m, stun.AttrXORRelayedAddress)
+}
+
+// GetFrom decodes XOR-PEER-ADDRESS from message.
+func (a *RelayedAddress) GetFrom(m *stun.Message) error {
+	return (*stun.XORMappedAddress)(a).GetFromAs(m, stun.AttrXORRelayedAddress)
+}
+
+// XORRelayedAddress implements XOR-RELAYED-ADDRESS attribute.
+//
+// It specifies the address and port that the server allocated to the
+// client. It is encoded in the same way as XOR-MAPPED-ADDRESS.
+//
+// RFC 5766 Section 14.5
+type XORRelayedAddress = RelayedAddress
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/reqfamily.go b/server/vendor/github.com/pion/turn/v2/internal/proto/reqfamily.go
new file mode 100644
index 0000000..8c18f9d
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/reqfamily.go
@@ -0,0 +1,64 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"errors"
+
+	"github.com/pion/stun"
+)
+
+// RequestedAddressFamily represents the REQUESTED-ADDRESS-FAMILY Attribute as
+// defined in RFC 6156 Section 4.1.1.
+type RequestedAddressFamily byte
+
+const requestedFamilySize = 4
+
+var errInvalidRequestedFamilyValue = errors.New("invalid value for requested family attribute")
+
+// GetFrom decodes REQUESTED-ADDRESS-FAMILY from message.
+func (f *RequestedAddressFamily) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrRequestedAddressFamily)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(stun.AttrRequestedAddressFamily, len(v), requestedFamilySize); err != nil {
+		return err
+	}
+	switch v[0] {
+	case byte(RequestedFamilyIPv4), byte(RequestedFamilyIPv6):
+		*f = RequestedAddressFamily(v[0])
+	default:
+		return errInvalidRequestedFamilyValue
+	}
+	return nil
+}
+
+func (f RequestedAddressFamily) String() string {
+	switch f {
+	case RequestedFamilyIPv4:
+		return "IPv4"
+	case RequestedFamilyIPv6:
+		return "IPv6"
+	default:
+		return "unknown"
+	}
+}
+
+// AddTo adds REQUESTED-ADDRESS-FAMILY to message.
+func (f RequestedAddressFamily) AddTo(m *stun.Message) error {
+	v := make([]byte, requestedFamilySize)
+	v[0] = byte(f)
+	// b[1:4] is RFFU = 0.
+	// The RFFU field MUST be set to zero on transmission and MUST be
+	// ignored on reception. It is reserved for future uses.
+	m.Add(stun.AttrRequestedAddressFamily, v)
+	return nil
+}
+
+// Values for RequestedAddressFamily as defined in RFC 6156 Section 4.1.1.
+const (
+	RequestedFamilyIPv4 RequestedAddressFamily = 0x01
+	RequestedFamilyIPv6 RequestedAddressFamily = 0x02
+)
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/reqtrans.go b/server/vendor/github.com/pion/turn/v2/internal/proto/reqtrans.go
new file mode 100644
index 0000000..5dd446d
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/reqtrans.go
@@ -0,0 +1,72 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import (
+	"strconv"
+
+	"github.com/pion/stun"
+)
+
+// Protocol is IANA assigned protocol number.
+type Protocol byte
+
+const (
+	// ProtoTCP is IANA assigned protocol number for TCP.
+	ProtoTCP Protocol = 6
+	// ProtoUDP is IANA assigned protocol number for UDP.
+	ProtoUDP Protocol = 17
+)
+
+func (p Protocol) String() string {
+	switch p {
+	case ProtoTCP:
+		return "TCP"
+	case ProtoUDP:
+		return "UDP"
+	default:
+		return strconv.Itoa(int(p))
+	}
+}
+
+// RequestedTransport represents REQUESTED-TRANSPORT attribute.
+//
+// This attribute is used by the client to request a specific transport
+// protocol for the allocated transport address. RFC 5766 only allows the use of
+// code point 17 (User Datagram Protocol).
+//
+// RFC 5766 Section 14.7
+type RequestedTransport struct {
+	Protocol Protocol
+}
+
+func (t RequestedTransport) String() string {
+	return "protocol: " + t.Protocol.String()
+}
+
+const requestedTransportSize = 4
+
+// AddTo adds REQUESTED-TRANSPORT to message.
+func (t RequestedTransport) AddTo(m *stun.Message) error {
+	v := make([]byte, requestedTransportSize)
+	v[0] = byte(t.Protocol)
+	// b[1:4] is RFFU = 0.
+	// The RFFU field MUST be set to zero on transmission and MUST be
+	// ignored on reception. It is reserved for future uses.
+	m.Add(stun.AttrRequestedTransport, v)
+	return nil
+}
+
+// GetFrom decodes REQUESTED-TRANSPORT from message.
+func (t *RequestedTransport) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrRequestedTransport)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(stun.AttrRequestedTransport, len(v), requestedTransportSize); err != nil {
+		return err
+	}
+	t.Protocol = Protocol(v[0])
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/proto/rsrvtoken.go b/server/vendor/github.com/pion/turn/v2/internal/proto/rsrvtoken.go
new file mode 100644
index 0000000..ec72fc7
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/proto/rsrvtoken.go
@@ -0,0 +1,42 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package proto
+
+import "github.com/pion/stun"
+
+// ReservationToken represents RESERVATION-TOKEN attribute.
+//
+// The RESERVATION-TOKEN attribute contains a token that uniquely
+// identifies a relayed transport address being held in reserve by the
+// server. The server includes this attribute in a success response to
+// tell the client about the token, and the client includes this
+// attribute in a subsequent Allocate request to request the server use
+// that relayed transport address for the allocation.
+//
+// RFC 5766 Section 14.9
+type ReservationToken []byte
+
+const reservationTokenSize = 8 // 8 bytes
+
+// AddTo adds RESERVATION-TOKEN to message.
+func (t ReservationToken) AddTo(m *stun.Message) error {
+	if err := stun.CheckSize(stun.AttrReservationToken, len(t), reservationTokenSize); err != nil {
+		return err
+	}
+	m.Add(stun.AttrReservationToken, t)
+	return nil
+}
+
+// GetFrom decodes RESERVATION-TOKEN from message.
+func (t *ReservationToken) GetFrom(m *stun.Message) error {
+	v, err := m.Get(stun.AttrReservationToken)
+	if err != nil {
+		return err
+	}
+	if err = stun.CheckSize(stun.AttrReservationToken, len(v), reservationTokenSize); err != nil {
+		return err
+	}
+	*t = v
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/server/errors.go b/server/vendor/github.com/pion/turn/v2/internal/server/errors.go
new file mode 100644
index 0000000..ea6da83
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/server/errors.go
@@ -0,0 +1,29 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package server
+
+import "errors"
+
+var (
+	errFailedToGenerateNonce                  = errors.New("failed to generate nonce")
+	errInvalidNonce                           = errors.New("invalid nonce")
+	errFailedToSendError                      = errors.New("failed to send error message")
+	errNoSuchUser                             = errors.New("no such user exists")
+	errUnexpectedClass                        = errors.New("unexpected class")
+	errUnexpectedMethod                       = errors.New("unexpected method")
+	errFailedToHandle                         = errors.New("failed to handle")
+	errUnhandledSTUNPacket                    = errors.New("unhandled STUN packet")
+	errUnableToHandleChannelData              = errors.New("unable to handle ChannelData")
+	errFailedToCreateSTUNPacket               = errors.New("failed to create stun message from packet")
+	errFailedToCreateChannelData              = errors.New("failed to create channel data from packet")
+	errRelayAlreadyAllocatedForFiveTuple      = errors.New("relay already allocated for 5-TUPLE")
+	errUnsupportedTransportProtocol           = errors.New("RequestedTransport must be UDP or TCP")
+	errNoDontFragmentSupport                  = errors.New("no support for DONT-FRAGMENT")
+	errRequestWithReservationTokenAndEvenPort = errors.New("Request must not contain RESERVATION-TOKEN and EVEN-PORT")
+	errNoAllocationFound                      = errors.New("no allocation found")
+	errNoPermission                           = errors.New("unable to handle send-indication, no permission added")
+	errShortWrite                             = errors.New("packet write smaller than packet")
+	errNoSuchChannelBind                      = errors.New("no such channel bind")
+	errFailedWriteSocket                      = errors.New("failed writing to socket")
+)
diff --git a/server/vendor/github.com/pion/turn/v2/internal/server/nonce.go b/server/vendor/github.com/pion/turn/v2/internal/server/nonce.go
new file mode 100644
index 0000000..b3f3131
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/server/nonce.go
@@ -0,0 +1,71 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package server
+
+import (
+	"crypto/hmac"
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/binary"
+	"encoding/hex"
+	"fmt"
+	"time"
+)
+
+const (
+	nonceLifetime  = time.Hour // See: https://tools.ietf.org/html/rfc5766#section-4
+	nonceLength    = 40
+	nonceKeyLength = 64
+)
+
+// NewNonceHash creates a NonceHash
+func NewNonceHash() (*NonceHash, error) {
+	key := make([]byte, nonceKeyLength)
+	if _, err := rand.Read(key); err != nil {
+		return nil, err
+	}
+
+	return &NonceHash{key}, nil
+}
+
+// NonceHash is used to create and verify nonces
+type NonceHash struct {
+	key []byte
+}
+
+// Generate a nonce
+func (n *NonceHash) Generate() (string, error) {
+	nonce := make([]byte, 8, nonceLength)
+	binary.BigEndian.PutUint64(nonce, uint64(time.Now().UnixMilli()))
+
+	hash := hmac.New(sha256.New, n.key)
+	if _, err := hash.Write(nonce[:8]); err != nil {
+		return "", fmt.Errorf("%w: %v", errFailedToGenerateNonce, err) //nolint:errorlint
+	}
+	nonce = hash.Sum(nonce)
+
+	return hex.EncodeToString(nonce), nil
+}
+
+// Validate checks that nonce is signed and is not expired
+func (n *NonceHash) Validate(nonce string) error {
+	b, err := hex.DecodeString(nonce)
+	if err != nil || len(b) != nonceLength {
+		return fmt.Errorf("%w: %v", errInvalidNonce, err) //nolint:errorlint
+	}
+
+	if ts := time.UnixMilli(int64(binary.BigEndian.Uint64(b))); time.Since(ts) > nonceLifetime {
+		return errInvalidNonce
+	}
+
+	hash := hmac.New(sha256.New, n.key)
+	if _, err = hash.Write(b[:8]); err != nil {
+		return fmt.Errorf("%w: %v", errInvalidNonce, err) //nolint:errorlint
+	}
+	if !hmac.Equal(b[8:], hash.Sum(nil)) {
+		return errInvalidNonce
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/server/server.go b/server/vendor/github.com/pion/turn/v2/internal/server/server.go
new file mode 100644
index 0000000..097cb9f
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/server/server.go
@@ -0,0 +1,111 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package server implements the private API to implement a TURN server
+package server
+
+import (
+	"fmt"
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/turn/v2/internal/allocation"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+// Request contains all the state needed to process a single incoming datagram
+type Request struct {
+	// Current Request State
+	Conn    net.PacketConn
+	SrcAddr net.Addr
+	Buff    []byte
+
+	// Server State
+	AllocationManager *allocation.Manager
+	NonceHash         *NonceHash
+
+	// User Configuration
+	AuthHandler        func(username string, realm string, srcAddr net.Addr) (key []byte, ok bool)
+	Log                logging.LeveledLogger
+	Realm              string
+	ChannelBindTimeout time.Duration
+}
+
+// HandleRequest processes the give Request
+func HandleRequest(r Request) error {
+	r.Log.Debugf("Received %d bytes of udp from %s on %s", len(r.Buff), r.SrcAddr, r.Conn.LocalAddr())
+
+	if proto.IsChannelData(r.Buff) {
+		return handleDataPacket(r)
+	}
+
+	return handleTURNPacket(r)
+}
+
+func handleDataPacket(r Request) error {
+	r.Log.Debugf("Received DataPacket from %s", r.SrcAddr.String())
+	c := proto.ChannelData{Raw: r.Buff}
+	if err := c.Decode(); err != nil {
+		return fmt.Errorf("%w: %v", errFailedToCreateChannelData, err) //nolint:errorlint
+	}
+
+	err := handleChannelData(r, &c)
+	if err != nil {
+		err = fmt.Errorf("%w from %v: %v", errUnableToHandleChannelData, r.SrcAddr, err) //nolint:errorlint
+	}
+
+	return err
+}
+
+func handleTURNPacket(r Request) error {
+	r.Log.Debug("Handling TURN packet")
+	m := &stun.Message{Raw: append([]byte{}, r.Buff...)}
+	if err := m.Decode(); err != nil {
+		return fmt.Errorf("%w: %v", errFailedToCreateSTUNPacket, err) //nolint:errorlint
+	}
+
+	h, err := getMessageHandler(m.Type.Class, m.Type.Method)
+	if err != nil {
+		return fmt.Errorf("%w %v-%v from %v: %v", errUnhandledSTUNPacket, m.Type.Method, m.Type.Class, r.SrcAddr, err) //nolint:errorlint
+	}
+
+	err = h(r, m)
+	if err != nil {
+		return fmt.Errorf("%w %v-%v from %v: %v", errFailedToHandle, m.Type.Method, m.Type.Class, r.SrcAddr, err) //nolint:errorlint
+	}
+
+	return nil
+}
+
+func getMessageHandler(class stun.MessageClass, method stun.Method) (func(r Request, m *stun.Message) error, error) {
+	switch class {
+	case stun.ClassIndication:
+		switch method {
+		case stun.MethodSend:
+			return handleSendIndication, nil
+		default:
+			return nil, fmt.Errorf("%w: %s", errUnexpectedMethod, method)
+		}
+
+	case stun.ClassRequest:
+		switch method {
+		case stun.MethodAllocate:
+			return handleAllocateRequest, nil
+		case stun.MethodRefresh:
+			return handleRefreshRequest, nil
+		case stun.MethodCreatePermission:
+			return handleCreatePermissionRequest, nil
+		case stun.MethodChannelBind:
+			return handleChannelBindRequest, nil
+		case stun.MethodBinding:
+			return handleBindingRequest, nil
+		default:
+			return nil, fmt.Errorf("%w: %s", errUnexpectedMethod, method)
+		}
+
+	default:
+		return nil, fmt.Errorf("%w: %s", errUnexpectedClass, class)
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/server/stun.go b/server/vendor/github.com/pion/turn/v2/internal/server/stun.go
new file mode 100644
index 0000000..b8596d1
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/server/stun.go
@@ -0,0 +1,25 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package server
+
+import (
+	"github.com/pion/stun"
+	"github.com/pion/turn/v2/internal/ipnet"
+)
+
+func handleBindingRequest(r Request, m *stun.Message) error {
+	r.Log.Debugf("Received BindingRequest from %s", r.SrcAddr)
+
+	ip, port, err := ipnet.AddrIPPort(r.SrcAddr)
+	if err != nil {
+		return err
+	}
+
+	attrs := buildMsg(m.TransactionID, stun.BindingSuccess, &stun.XORMappedAddress{
+		IP:   ip,
+		Port: port,
+	}, stun.Fingerprint)
+
+	return buildAndSend(r.Conn, r.SrcAddr, attrs...)
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/server/turn.go b/server/vendor/github.com/pion/turn/v2/internal/server/turn.go
new file mode 100644
index 0000000..cd84834
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/server/turn.go
@@ -0,0 +1,376 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package server
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/pion/stun"
+	"github.com/pion/turn/v2/internal/allocation"
+	"github.com/pion/turn/v2/internal/ipnet"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+// See: https://tools.ietf.org/html/rfc5766#section-6.2
+func handleAllocateRequest(r Request, m *stun.Message) error {
+	r.Log.Debugf("Received AllocateRequest from %s", r.SrcAddr)
+
+	// 1. The server MUST require that the request be authenticated.  This
+	//    authentication MUST be done using the long-term credential
+	//    mechanism of [https://tools.ietf.org/html/rfc5389#section-10.2.2]
+	//    unless the client and server agree to use another mechanism through
+	//    some procedure outside the scope of this document.
+	messageIntegrity, hasAuth, err := authenticateRequest(r, m, stun.MethodAllocate)
+	if !hasAuth {
+		return err
+	}
+
+	fiveTuple := &allocation.FiveTuple{
+		SrcAddr:  r.SrcAddr,
+		DstAddr:  r.Conn.LocalAddr(),
+		Protocol: allocation.UDP,
+	}
+	requestedPort := 0
+	reservationToken := ""
+
+	badRequestMsg := buildMsg(m.TransactionID, stun.NewType(stun.MethodAllocate, stun.ClassErrorResponse), &stun.ErrorCodeAttribute{Code: stun.CodeBadRequest})
+	insufficientCapacityMsg := buildMsg(m.TransactionID, stun.NewType(stun.MethodAllocate, stun.ClassErrorResponse), &stun.ErrorCodeAttribute{Code: stun.CodeInsufficientCapacity})
+
+	// 2. The server checks if the 5-tuple is currently in use by an
+	//    existing allocation.  If yes, the server rejects the request with
+	//    a 437 (Allocation Mismatch) error.
+	if alloc := r.AllocationManager.GetAllocation(fiveTuple); alloc != nil {
+		id, attrs := alloc.GetResponseCache()
+		if id != m.TransactionID {
+			msg := buildMsg(m.TransactionID, stun.NewType(stun.MethodAllocate, stun.ClassErrorResponse), &stun.ErrorCodeAttribute{Code: stun.CodeAllocMismatch})
+			return buildAndSendErr(r.Conn, r.SrcAddr, errRelayAlreadyAllocatedForFiveTuple, msg...)
+		}
+		// A retry allocation
+		msg := buildMsg(m.TransactionID, stun.NewType(stun.MethodAllocate, stun.ClassSuccessResponse), append(attrs, messageIntegrity)...)
+		return buildAndSend(r.Conn, r.SrcAddr, msg...)
+	}
+
+	// 3. The server checks if the request contains a REQUESTED-TRANSPORT
+	//    attribute.  If the REQUESTED-TRANSPORT attribute is not included
+	//    or is malformed, the server rejects the request with a 400 (Bad
+	//    Request) error.  Otherwise, if the attribute is included but
+	//    specifies a protocol other that UDP/TCP, the server rejects the
+	//    request with a 442 (Unsupported Transport Protocol) error.
+	var requestedTransport proto.RequestedTransport
+	if err = requestedTransport.GetFrom(m); err != nil {
+		return buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	} else if requestedTransport.Protocol != proto.ProtoUDP && requestedTransport.Protocol != proto.ProtoTCP {
+		msg := buildMsg(m.TransactionID, stun.NewType(stun.MethodAllocate, stun.ClassErrorResponse), &stun.ErrorCodeAttribute{Code: stun.CodeUnsupportedTransProto})
+		return buildAndSendErr(r.Conn, r.SrcAddr, errUnsupportedTransportProtocol, msg...)
+	}
+
+	// 4. The request may contain a DONT-FRAGMENT attribute.  If it does,
+	//    but the server does not support sending UDP datagrams with the DF
+	//    bit set to 1 (see Section 12), then the server treats the DONT-
+	//    FRAGMENT attribute in the Allocate request as an unknown
+	//    comprehension-required attribute.
+	if m.Contains(stun.AttrDontFragment) {
+		msg := buildMsg(m.TransactionID, stun.NewType(stun.MethodAllocate, stun.ClassErrorResponse), &stun.ErrorCodeAttribute{Code: stun.CodeUnknownAttribute}, &stun.UnknownAttributes{stun.AttrDontFragment})
+		return buildAndSendErr(r.Conn, r.SrcAddr, errNoDontFragmentSupport, msg...)
+	}
+
+	// 5.  The server checks if the request contains a RESERVATION-TOKEN
+	//     attribute.  If yes, and the request also contains an EVEN-PORT
+	//     attribute, then the server rejects the request with a 400 (Bad
+	//     Request) error.  Otherwise, it checks to see if the token is
+	//     valid (i.e., the token is in range and has not expired and the
+	//     corresponding relayed transport address is still available).  If
+	//     the token is not valid for some reason, the server rejects the
+	//     request with a 508 (Insufficient Capacity) error.
+	var reservationTokenAttr proto.ReservationToken
+	if err = reservationTokenAttr.GetFrom(m); err == nil {
+		var evenPort proto.EvenPort
+		if err = evenPort.GetFrom(m); err == nil {
+			return buildAndSendErr(r.Conn, r.SrcAddr, errRequestWithReservationTokenAndEvenPort, badRequestMsg...)
+		}
+	}
+
+	// 6. The server checks if the request contains an EVEN-PORT attribute.
+	//    If yes, then the server checks that it can satisfy the request
+	//    (i.e., can allocate a relayed transport address as described
+	//    below).  If the server cannot satisfy the request, then the
+	//    server rejects the request with a 508 (Insufficient Capacity)
+	//    error.
+	var evenPort proto.EvenPort
+	if err = evenPort.GetFrom(m); err == nil {
+		var randomPort int
+		randomPort, err = r.AllocationManager.GetRandomEvenPort()
+		if err != nil {
+			return buildAndSendErr(r.Conn, r.SrcAddr, err, insufficientCapacityMsg...)
+		}
+		requestedPort = randomPort
+		reservationToken = randSeq(8)
+	}
+
+	// 7. At any point, the server MAY choose to reject the request with a
+	//    486 (Allocation Quota Reached) error if it feels the client is
+	//    trying to exceed some locally defined allocation quota.  The
+	//    server is free to define this allocation quota any way it wishes,
+	//    but SHOULD define it based on the username used to authenticate
+	//    the request, and not on the client's transport address.
+
+	// 8. Also at any point, the server MAY choose to reject the request
+	//    with a 300 (Try Alternate) error if it wishes to redirect the
+	//    client to a different server.  The use of this error code and
+	//    attribute follow the specification in [RFC5389].
+	lifetimeDuration := allocationLifeTime(m)
+	a, err := r.AllocationManager.CreateAllocation(
+		fiveTuple,
+		r.Conn,
+		requestedPort,
+		lifetimeDuration)
+	if err != nil {
+		return buildAndSendErr(r.Conn, r.SrcAddr, err, insufficientCapacityMsg...)
+	}
+
+	// Once the allocation is created, the server replies with a success
+	// response.
+	// The success response contains:
+	//   * An XOR-RELAYED-ADDRESS attribute containing the relayed transport
+	//     address.
+	//   * A LIFETIME attribute containing the current value of the time-to-
+	//     expiry timer.
+	//   * A RESERVATION-TOKEN attribute (if a second relayed transport
+	//     address was reserved).
+	//   * An XOR-MAPPED-ADDRESS attribute containing the client's IP address
+	//     and port (from the 5-tuple).
+
+	srcIP, srcPort, err := ipnet.AddrIPPort(r.SrcAddr)
+	if err != nil {
+		return buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	}
+
+	relayIP, relayPort, err := ipnet.AddrIPPort(a.RelayAddr)
+	if err != nil {
+		return buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	}
+
+	responseAttrs := []stun.Setter{
+		&proto.RelayedAddress{
+			IP:   relayIP,
+			Port: relayPort,
+		},
+		&proto.Lifetime{
+			Duration: lifetimeDuration,
+		},
+		&stun.XORMappedAddress{
+			IP:   srcIP,
+			Port: srcPort,
+		},
+	}
+
+	if reservationToken != "" {
+		r.AllocationManager.CreateReservation(reservationToken, relayPort)
+		responseAttrs = append(responseAttrs, proto.ReservationToken([]byte(reservationToken)))
+	}
+
+	msg := buildMsg(m.TransactionID, stun.NewType(stun.MethodAllocate, stun.ClassSuccessResponse), append(responseAttrs, messageIntegrity)...)
+	a.SetResponseCache(m.TransactionID, responseAttrs)
+	return buildAndSend(r.Conn, r.SrcAddr, msg...)
+}
+
+func handleRefreshRequest(r Request, m *stun.Message) error {
+	r.Log.Debugf("Received RefreshRequest from %s", r.SrcAddr)
+
+	messageIntegrity, hasAuth, err := authenticateRequest(r, m, stun.MethodRefresh)
+	if !hasAuth {
+		return err
+	}
+
+	lifetimeDuration := allocationLifeTime(m)
+	fiveTuple := &allocation.FiveTuple{
+		SrcAddr:  r.SrcAddr,
+		DstAddr:  r.Conn.LocalAddr(),
+		Protocol: allocation.UDP,
+	}
+
+	if lifetimeDuration != 0 {
+		a := r.AllocationManager.GetAllocation(fiveTuple)
+
+		if a == nil {
+			return fmt.Errorf("%w %v:%v", errNoAllocationFound, r.SrcAddr, r.Conn.LocalAddr())
+		}
+		a.Refresh(lifetimeDuration)
+	} else {
+		r.AllocationManager.DeleteAllocation(fiveTuple)
+	}
+
+	return buildAndSend(r.Conn, r.SrcAddr, buildMsg(m.TransactionID, stun.NewType(stun.MethodRefresh, stun.ClassSuccessResponse), []stun.Setter{
+		&proto.Lifetime{
+			Duration: lifetimeDuration,
+		},
+		messageIntegrity,
+	}...)...)
+}
+
+func handleCreatePermissionRequest(r Request, m *stun.Message) error {
+	r.Log.Debugf("Received CreatePermission from %s", r.SrcAddr)
+
+	a := r.AllocationManager.GetAllocation(&allocation.FiveTuple{
+		SrcAddr:  r.SrcAddr,
+		DstAddr:  r.Conn.LocalAddr(),
+		Protocol: allocation.UDP,
+	})
+	if a == nil {
+		return fmt.Errorf("%w %v:%v", errNoAllocationFound, r.SrcAddr, r.Conn.LocalAddr())
+	}
+
+	messageIntegrity, hasAuth, err := authenticateRequest(r, m, stun.MethodCreatePermission)
+	if !hasAuth {
+		return err
+	}
+
+	addCount := 0
+
+	if err := m.ForEach(stun.AttrXORPeerAddress, func(m *stun.Message) error {
+		var peerAddress proto.PeerAddress
+		if err := peerAddress.GetFrom(m); err != nil {
+			return err
+		}
+
+		if err := r.AllocationManager.GrantPermission(r.SrcAddr, peerAddress.IP); err != nil {
+			r.Log.Infof("permission denied for client %s to peer %s", r.SrcAddr, peerAddress.IP)
+			return err
+		}
+
+		r.Log.Debugf("Adding permission for %s", fmt.Sprintf("%s:%d",
+			peerAddress.IP, peerAddress.Port))
+
+		a.AddPermission(allocation.NewPermission(
+			&net.UDPAddr{
+				IP:   peerAddress.IP,
+				Port: peerAddress.Port,
+			},
+			r.Log,
+		))
+		addCount++
+		return nil
+	}); err != nil {
+		addCount = 0
+	}
+
+	respClass := stun.ClassSuccessResponse
+	if addCount == 0 {
+		respClass = stun.ClassErrorResponse
+	}
+
+	return buildAndSend(r.Conn, r.SrcAddr, buildMsg(m.TransactionID, stun.NewType(stun.MethodCreatePermission, respClass), []stun.Setter{messageIntegrity}...)...)
+}
+
+func handleSendIndication(r Request, m *stun.Message) error {
+	r.Log.Debugf("Received SendIndication from %s", r.SrcAddr)
+	a := r.AllocationManager.GetAllocation(&allocation.FiveTuple{
+		SrcAddr:  r.SrcAddr,
+		DstAddr:  r.Conn.LocalAddr(),
+		Protocol: allocation.UDP,
+	})
+	if a == nil {
+		return fmt.Errorf("%w %v:%v", errNoAllocationFound, r.SrcAddr, r.Conn.LocalAddr())
+	}
+
+	dataAttr := proto.Data{}
+	if err := dataAttr.GetFrom(m); err != nil {
+		return err
+	}
+
+	peerAddress := proto.PeerAddress{}
+	if err := peerAddress.GetFrom(m); err != nil {
+		return err
+	}
+
+	msgDst := &net.UDPAddr{IP: peerAddress.IP, Port: peerAddress.Port}
+	if perm := a.GetPermission(msgDst); perm == nil {
+		return fmt.Errorf("%w: %v", errNoPermission, msgDst)
+	}
+
+	l, err := a.RelaySocket.WriteTo(dataAttr, msgDst)
+	if l != len(dataAttr) {
+		return fmt.Errorf("%w %d != %d (expected) err: %v", errShortWrite, l, len(dataAttr), err) //nolint:errorlint
+	}
+	return err
+}
+
+func handleChannelBindRequest(r Request, m *stun.Message) error {
+	r.Log.Debugf("Received ChannelBindRequest from %s", r.SrcAddr)
+
+	a := r.AllocationManager.GetAllocation(&allocation.FiveTuple{
+		SrcAddr:  r.SrcAddr,
+		DstAddr:  r.Conn.LocalAddr(),
+		Protocol: allocation.UDP,
+	})
+	if a == nil {
+		return fmt.Errorf("%w %v:%v", errNoAllocationFound, r.SrcAddr, r.Conn.LocalAddr())
+	}
+
+	badRequestMsg := buildMsg(m.TransactionID, stun.NewType(stun.MethodChannelBind, stun.ClassErrorResponse), &stun.ErrorCodeAttribute{Code: stun.CodeBadRequest})
+
+	messageIntegrity, hasAuth, err := authenticateRequest(r, m, stun.MethodChannelBind)
+	if !hasAuth {
+		return err
+	}
+
+	var channel proto.ChannelNumber
+	if err = channel.GetFrom(m); err != nil {
+		return buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	}
+
+	peerAddr := proto.PeerAddress{}
+	if err = peerAddr.GetFrom(m); err != nil {
+		return buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	}
+
+	if err = r.AllocationManager.GrantPermission(r.SrcAddr, peerAddr.IP); err != nil {
+		r.Log.Infof("permission denied for client %s to peer %s", r.SrcAddr, peerAddr.IP)
+
+		unauthorizedRequestMsg := buildMsg(m.TransactionID,
+			stun.NewType(stun.MethodChannelBind, stun.ClassErrorResponse),
+			&stun.ErrorCodeAttribute{Code: stun.CodeUnauthorized})
+		return buildAndSendErr(r.Conn, r.SrcAddr, err, unauthorizedRequestMsg...)
+	}
+
+	r.Log.Debugf("Binding channel %d to %s", channel, peerAddr)
+	err = a.AddChannelBind(allocation.NewChannelBind(
+		channel,
+		&net.UDPAddr{IP: peerAddr.IP, Port: peerAddr.Port},
+		r.Log,
+	), r.ChannelBindTimeout)
+	if err != nil {
+		return buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	}
+
+	return buildAndSend(r.Conn, r.SrcAddr, buildMsg(m.TransactionID, stun.NewType(stun.MethodChannelBind, stun.ClassSuccessResponse), []stun.Setter{messageIntegrity}...)...)
+}
+
+func handleChannelData(r Request, c *proto.ChannelData) error {
+	r.Log.Debugf("Received ChannelData from %s", r.SrcAddr)
+
+	a := r.AllocationManager.GetAllocation(&allocation.FiveTuple{
+		SrcAddr:  r.SrcAddr,
+		DstAddr:  r.Conn.LocalAddr(),
+		Protocol: allocation.UDP,
+	})
+	if a == nil {
+		return fmt.Errorf("%w %v:%v", errNoAllocationFound, r.SrcAddr, r.Conn.LocalAddr())
+	}
+
+	channel := a.GetChannelByNumber(c.Number)
+	if channel == nil {
+		return fmt.Errorf("%w %x", errNoSuchChannelBind, uint16(c.Number))
+	}
+
+	l, err := a.RelaySocket.WriteTo(c.Data, channel.Peer)
+	if err != nil {
+		return fmt.Errorf("%w: %s", errFailedWriteSocket, err.Error())
+	} else if l != len(c.Data) {
+		return fmt.Errorf("%w %d != %d (expected)", errShortWrite, l, len(c.Data))
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/internal/server/util.go b/server/vendor/github.com/pion/turn/v2/internal/server/util.go
new file mode 100644
index 0000000..caa46e3
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/internal/server/util.go
@@ -0,0 +1,117 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package server
+
+import (
+	"errors"
+	"fmt"
+	"math/rand"
+	"net"
+	"time"
+
+	"github.com/pion/stun"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+const (
+	maximumAllocationLifetime = time.Hour // See: https://tools.ietf.org/html/rfc5766#section-6.2 defines 3600 seconds recommendation
+)
+
+func randSeq(n int) string {
+	letters := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
+	b := make([]rune, n)
+	for i := range b {
+		b[i] = letters[rand.Intn(len(letters))] //nolint:gosec
+	}
+	return string(b)
+}
+
+func buildAndSend(conn net.PacketConn, dst net.Addr, attrs ...stun.Setter) error {
+	msg, err := stun.Build(attrs...)
+	if err != nil {
+		return err
+	}
+	_, err = conn.WriteTo(msg.Raw, dst)
+	if errors.Is(err, net.ErrClosed) {
+		return nil
+	}
+
+	return err
+}
+
+// Send a STUN packet and return the original error to the caller
+func buildAndSendErr(conn net.PacketConn, dst net.Addr, err error, attrs ...stun.Setter) error {
+	if sendErr := buildAndSend(conn, dst, attrs...); sendErr != nil {
+		err = fmt.Errorf("%w %v %v", errFailedToSendError, sendErr, err) //nolint:errorlint
+	}
+	return err
+}
+
+func buildMsg(transactionID [stun.TransactionIDSize]byte, msgType stun.MessageType, additional ...stun.Setter) []stun.Setter {
+	return append([]stun.Setter{&stun.Message{TransactionID: transactionID}, msgType}, additional...)
+}
+
+func authenticateRequest(r Request, m *stun.Message, callingMethod stun.Method) (stun.MessageIntegrity, bool, error) {
+	respondWithNonce := func(responseCode stun.ErrorCode) (stun.MessageIntegrity, bool, error) {
+		nonce, err := r.NonceHash.Generate()
+		if err != nil {
+			return nil, false, err
+		}
+
+		return nil, false, buildAndSend(r.Conn, r.SrcAddr, buildMsg(m.TransactionID,
+			stun.NewType(callingMethod, stun.ClassErrorResponse),
+			&stun.ErrorCodeAttribute{Code: responseCode},
+			stun.NewNonce(nonce),
+			stun.NewRealm(r.Realm),
+		)...)
+	}
+
+	if !m.Contains(stun.AttrMessageIntegrity) {
+		return respondWithNonce(stun.CodeUnauthorized)
+	}
+
+	nonceAttr := &stun.Nonce{}
+	usernameAttr := &stun.Username{}
+	realmAttr := &stun.Realm{}
+	badRequestMsg := buildMsg(m.TransactionID, stun.NewType(callingMethod, stun.ClassErrorResponse), &stun.ErrorCodeAttribute{Code: stun.CodeBadRequest})
+
+	if err := nonceAttr.GetFrom(m); err != nil {
+		return nil, false, buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	}
+
+	// Assert Nonce is signed and is not expired
+	if err := r.NonceHash.Validate(nonceAttr.String()); err != nil {
+		return respondWithNonce(stun.CodeStaleNonce)
+	}
+
+	if err := realmAttr.GetFrom(m); err != nil {
+		return nil, false, buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	} else if err := usernameAttr.GetFrom(m); err != nil {
+		return nil, false, buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	}
+
+	ourKey, ok := r.AuthHandler(usernameAttr.String(), realmAttr.String(), r.SrcAddr)
+	if !ok {
+		return nil, false, buildAndSendErr(r.Conn, r.SrcAddr, fmt.Errorf("%w %s", errNoSuchUser, usernameAttr.String()), badRequestMsg...)
+	}
+
+	if err := stun.MessageIntegrity(ourKey).Check(m); err != nil {
+		return nil, false, buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
+	}
+
+	return stun.MessageIntegrity(ourKey), true, nil
+}
+
+func allocationLifeTime(m *stun.Message) time.Duration {
+	lifetimeDuration := proto.DefaultLifetime
+
+	var lifetime proto.Lifetime
+	if err := lifetime.GetFrom(m); err == nil {
+		if lifetime.Duration < maximumAllocationLifetime {
+			lifetimeDuration = lifetime.Duration
+		}
+	}
+
+	return lifetimeDuration
+}
diff --git a/server/vendor/github.com/pion/turn/v2/lt_cred.go b/server/vendor/github.com/pion/turn/v2/lt_cred.go
new file mode 100644
index 0000000..4308ed9
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/lt_cred.go
@@ -0,0 +1,59 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package turn
+
+import ( //nolint:gci
+	"crypto/hmac"
+	"crypto/sha1" //nolint:gosec,gci
+	"encoding/base64"
+	"net"
+	"strconv"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+// GenerateLongTermCredentials can be used to create credentials valid for [duration] time
+func GenerateLongTermCredentials(sharedSecret string, duration time.Duration) (string, string, error) {
+	t := time.Now().Add(duration).Unix()
+	username := strconv.FormatInt(t, 10)
+	password, err := longTermCredentials(username, sharedSecret)
+	return username, password, err
+}
+
+func longTermCredentials(username string, sharedSecret string) (string, error) {
+	mac := hmac.New(sha1.New, []byte(sharedSecret))
+	_, err := mac.Write([]byte(username))
+	if err != nil {
+		return "", err // Not sure if this will ever happen
+	}
+	password := mac.Sum(nil)
+	return base64.StdEncoding.EncodeToString(password), nil
+}
+
+// NewLongTermAuthHandler returns a turn.AuthAuthHandler used with Long Term (or Time Windowed) Credentials.
+// See: https://tools.ietf.org/search/rfc5389#section-10.2
+func NewLongTermAuthHandler(sharedSecret string, l logging.LeveledLogger) AuthHandler {
+	if l == nil {
+		l = logging.NewDefaultLoggerFactory().NewLogger("turn")
+	}
+	return func(username, realm string, srcAddr net.Addr) (key []byte, ok bool) {
+		l.Tracef("Authentication username=%q realm=%q srcAddr=%v", username, realm, srcAddr)
+		t, err := strconv.Atoi(username)
+		if err != nil {
+			l.Errorf("Invalid time-windowed username %q", username)
+			return nil, false
+		}
+		if int64(t) < time.Now().Unix() {
+			l.Errorf("Expired time-windowed username %q", username)
+			return nil, false
+		}
+		password, err := longTermCredentials(username, sharedSecret)
+		if err != nil {
+			l.Error(err.Error())
+			return nil, false
+		}
+		return GenerateAuthKey(username, realm, password), true
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/relay_address_generator_none.go b/server/vendor/github.com/pion/turn/v2/relay_address_generator_none.go
new file mode 100644
index 0000000..3df3813
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/relay_address_generator_none.go
@@ -0,0 +1,54 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package turn
+
+import (
+	"fmt"
+	"net"
+	"strconv"
+
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/stdnet"
+)
+
+// RelayAddressGeneratorNone returns the listener with no modifications
+type RelayAddressGeneratorNone struct {
+	// Address is passed to Listen/ListenPacket when creating the Relay
+	Address string
+
+	Net transport.Net
+}
+
+// Validate is called on server startup and confirms the RelayAddressGenerator is properly configured
+func (r *RelayAddressGeneratorNone) Validate() error {
+	if r.Net == nil {
+		var err error
+		r.Net, err = stdnet.NewNet()
+		if err != nil {
+			return fmt.Errorf("failed to create network: %w", err)
+		}
+	}
+
+	switch {
+	case r.Address == "":
+		return errListeningAddressInvalid
+	default:
+		return nil
+	}
+}
+
+// AllocatePacketConn generates a new PacketConn to receive traffic on and the IP/Port to populate the allocation response with
+func (r *RelayAddressGeneratorNone) AllocatePacketConn(network string, requestedPort int) (net.PacketConn, net.Addr, error) {
+	conn, err := r.Net.ListenPacket(network, r.Address+":"+strconv.Itoa(requestedPort))
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return conn, conn.LocalAddr(), nil
+}
+
+// AllocateConn generates a new Conn to receive traffic on and the IP/Port to populate the allocation response with
+func (r *RelayAddressGeneratorNone) AllocateConn(string, int) (net.Conn, net.Addr, error) {
+	return nil, nil, errTODO
+}
diff --git a/server/vendor/github.com/pion/turn/v2/relay_address_generator_range.go b/server/vendor/github.com/pion/turn/v2/relay_address_generator_range.go
new file mode 100644
index 0000000..9df62cc
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/relay_address_generator_range.go
@@ -0,0 +1,108 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package turn
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/pion/randutil"
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/stdnet"
+)
+
+// RelayAddressGeneratorPortRange can be used to only allocate connections inside a defined port range.
+// Similar to the RelayAddressGeneratorStatic a static ip address can be set.
+type RelayAddressGeneratorPortRange struct {
+	// RelayAddress is the IP returned to the user when the relay is created
+	RelayAddress net.IP
+
+	// MinPort the minimum port to allocate
+	MinPort uint16
+	// MaxPort the maximum (inclusive) port to allocate
+	MaxPort uint16
+
+	// MaxRetries the amount of tries to allocate a random port in the defined range
+	MaxRetries int
+
+	// Rand the random source of numbers
+	Rand randutil.MathRandomGenerator
+
+	// Address is passed to Listen/ListenPacket when creating the Relay
+	Address string
+
+	Net transport.Net
+}
+
+// Validate is called on server startup and confirms the RelayAddressGenerator is properly configured
+func (r *RelayAddressGeneratorPortRange) Validate() error {
+	if r.Net == nil {
+		var err error
+		r.Net, err = stdnet.NewNet()
+		if err != nil {
+			return fmt.Errorf("failed to create network: %w", err)
+		}
+	}
+
+	if r.Rand == nil {
+		r.Rand = randutil.NewMathRandomGenerator()
+	}
+
+	if r.MaxRetries == 0 {
+		r.MaxRetries = 10
+	}
+
+	switch {
+	case r.MinPort == 0:
+		return errMinPortNotZero
+	case r.MaxPort == 0:
+		return errMaxPortNotZero
+	case r.RelayAddress == nil:
+		return errRelayAddressInvalid
+	case r.Address == "":
+		return errListeningAddressInvalid
+	default:
+		return nil
+	}
+}
+
+// AllocatePacketConn generates a new PacketConn to receive traffic on and the IP/Port to populate the allocation response with
+func (r *RelayAddressGeneratorPortRange) AllocatePacketConn(network string, requestedPort int) (net.PacketConn, net.Addr, error) {
+	if requestedPort != 0 {
+		conn, err := r.Net.ListenPacket(network, fmt.Sprintf("%s:%d", r.Address, requestedPort))
+		if err != nil {
+			return nil, nil, err
+		}
+		relayAddr, ok := conn.LocalAddr().(*net.UDPAddr)
+		if !ok {
+			return nil, nil, errNilConn
+		}
+
+		relayAddr.IP = r.RelayAddress
+		return conn, relayAddr, nil
+	}
+
+	for try := 0; try < r.MaxRetries; try++ {
+		port := r.MinPort + uint16(r.Rand.Intn(int((r.MaxPort+1)-r.MinPort)))
+		conn, err := r.Net.ListenPacket(network, fmt.Sprintf("%s:%d", r.Address, port))
+		if err != nil {
+			continue
+		}
+
+		relayAddr, ok := conn.LocalAddr().(*net.UDPAddr)
+		if !ok {
+			return nil, nil, errNilConn
+		}
+
+		relayAddr.IP = r.RelayAddress
+		return conn, relayAddr, nil
+	}
+
+	return nil, nil, errMaxRetriesExceeded
+}
+
+// AllocateConn generates a new Conn to receive traffic on and the IP/Port to populate the allocation response with
+func (r *RelayAddressGeneratorPortRange) AllocateConn(string, int) (net.Conn, net.Addr, error) {
+	return nil, nil, errTODO
+}
diff --git a/server/vendor/github.com/pion/turn/v2/relay_address_generator_static.go b/server/vendor/github.com/pion/turn/v2/relay_address_generator_static.go
new file mode 100644
index 0000000..6988714
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/relay_address_generator_static.go
@@ -0,0 +1,68 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package turn
+
+import (
+	"fmt"
+	"net"
+	"strconv"
+
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/stdnet"
+)
+
+// RelayAddressGeneratorStatic can be used to return static IP address each time a relay is created.
+// This can be used when you have a single static IP address that you want to use
+type RelayAddressGeneratorStatic struct {
+	// RelayAddress is the IP returned to the user when the relay is created
+	RelayAddress net.IP
+
+	// Address is passed to Listen/ListenPacket when creating the Relay
+	Address string
+
+	Net transport.Net
+}
+
+// Validate is called on server startup and confirms the RelayAddressGenerator is properly configured
+func (r *RelayAddressGeneratorStatic) Validate() error {
+	if r.Net == nil {
+		var err error
+		r.Net, err = stdnet.NewNet()
+		if err != nil {
+			return fmt.Errorf("failed to create network: %w", err)
+		}
+	}
+
+	switch {
+	case r.RelayAddress == nil:
+		return errRelayAddressInvalid
+	case r.Address == "":
+		return errListeningAddressInvalid
+	default:
+		return nil
+	}
+}
+
+// AllocatePacketConn generates a new PacketConn to receive traffic on and the IP/Port to populate the allocation response with
+func (r *RelayAddressGeneratorStatic) AllocatePacketConn(network string, requestedPort int) (net.PacketConn, net.Addr, error) {
+	conn, err := r.Net.ListenPacket(network, r.Address+":"+strconv.Itoa(requestedPort))
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// Replace actual listening IP with the user requested one of RelayAddressGeneratorStatic
+	relayAddr, ok := conn.LocalAddr().(*net.UDPAddr)
+	if !ok {
+		return nil, nil, errNilConn
+	}
+
+	relayAddr.IP = r.RelayAddress
+
+	return conn, relayAddr, nil
+}
+
+// AllocateConn generates a new Conn to receive traffic on and the IP/Port to populate the allocation response with
+func (r *RelayAddressGeneratorStatic) AllocateConn(string, int) (net.Conn, net.Addr, error) {
+	return nil, nil, errTODO
+}
diff --git a/server/vendor/github.com/pion/turn/v2/renovate.json b/server/vendor/github.com/pion/turn/v2/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/turn/v2/server.go b/server/vendor/github.com/pion/turn/v2/server.go
new file mode 100644
index 0000000..ea8e04d
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/server.go
@@ -0,0 +1,210 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package turn contains the public API for pion/turn, a toolkit for building TURN clients and servers
+package turn
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"time"
+
+	"github.com/pion/logging"
+	"github.com/pion/turn/v2/internal/allocation"
+	"github.com/pion/turn/v2/internal/proto"
+	"github.com/pion/turn/v2/internal/server"
+)
+
+const (
+	defaultInboundMTU = 1600
+)
+
+// Server is an instance of the Pion TURN Server
+type Server struct {
+	log                logging.LeveledLogger
+	authHandler        AuthHandler
+	realm              string
+	channelBindTimeout time.Duration
+	nonceHash          *server.NonceHash
+
+	packetConnConfigs  []PacketConnConfig
+	listenerConfigs    []ListenerConfig
+	allocationManagers []*allocation.Manager
+	inboundMTU         int
+}
+
+// NewServer creates the Pion TURN server
+//
+//nolint:gocognit
+func NewServer(config ServerConfig) (*Server, error) {
+	if err := config.validate(); err != nil {
+		return nil, err
+	}
+
+	loggerFactory := config.LoggerFactory
+	if loggerFactory == nil {
+		loggerFactory = logging.NewDefaultLoggerFactory()
+	}
+
+	mtu := defaultInboundMTU
+	if config.InboundMTU != 0 {
+		mtu = config.InboundMTU
+	}
+
+	nonceHash, err := server.NewNonceHash()
+	if err != nil {
+		return nil, err
+	}
+
+	s := &Server{
+		log:                loggerFactory.NewLogger("turn"),
+		authHandler:        config.AuthHandler,
+		realm:              config.Realm,
+		channelBindTimeout: config.ChannelBindTimeout,
+		packetConnConfigs:  config.PacketConnConfigs,
+		listenerConfigs:    config.ListenerConfigs,
+		nonceHash:          nonceHash,
+		inboundMTU:         mtu,
+	}
+
+	if s.channelBindTimeout == 0 {
+		s.channelBindTimeout = proto.DefaultLifetime
+	}
+
+	for _, cfg := range s.packetConnConfigs {
+		am, err := s.createAllocationManager(cfg.RelayAddressGenerator, cfg.PermissionHandler)
+		if err != nil {
+			return nil, fmt.Errorf("failed to create AllocationManager: %w", err)
+		}
+
+		go func(cfg PacketConnConfig, am *allocation.Manager) {
+			s.readLoop(cfg.PacketConn, am)
+
+			if err := am.Close(); err != nil {
+				s.log.Errorf("Failed to close AllocationManager: %s", err)
+			}
+		}(cfg, am)
+	}
+
+	for _, cfg := range s.listenerConfigs {
+		am, err := s.createAllocationManager(cfg.RelayAddressGenerator, cfg.PermissionHandler)
+		if err != nil {
+			return nil, fmt.Errorf("failed to create AllocationManager: %w", err)
+		}
+
+		go func(cfg ListenerConfig, am *allocation.Manager) {
+			s.readListener(cfg.Listener, am)
+
+			if err := am.Close(); err != nil {
+				s.log.Errorf("Failed to close AllocationManager: %s", err)
+			}
+		}(cfg, am)
+	}
+
+	return s, nil
+}
+
+// AllocationCount returns the number of active allocations. It can be used to drain the server before closing
+func (s *Server) AllocationCount() int {
+	allocs := 0
+	for _, am := range s.allocationManagers {
+		allocs += am.AllocationCount()
+	}
+	return allocs
+}
+
+// Close stops the TURN Server. It cleans up any associated state and closes all connections it is managing
+func (s *Server) Close() error {
+	var errors []error
+
+	for _, cfg := range s.packetConnConfigs {
+		if err := cfg.PacketConn.Close(); err != nil {
+			errors = append(errors, err)
+		}
+	}
+
+	for _, cfg := range s.listenerConfigs {
+		if err := cfg.Listener.Close(); err != nil {
+			errors = append(errors, err)
+		}
+	}
+
+	if len(errors) == 0 {
+		return nil
+	}
+
+	err := errFailedToClose
+	for _, e := range errors {
+		err = fmt.Errorf("%s; close error (%w) ", err, e) //nolint:errorlint
+	}
+
+	return err
+}
+
+func (s *Server) readListener(l net.Listener, am *allocation.Manager) {
+	for {
+		conn, err := l.Accept()
+		if err != nil {
+			s.log.Debugf("Failed to accept: %s", err)
+			return
+		}
+
+		go func() {
+			s.readLoop(NewSTUNConn(conn), am)
+
+			if err := conn.Close(); err != nil && !errors.Is(err, net.ErrClosed) {
+				s.log.Errorf("Failed to close conn: %s", err)
+			}
+		}()
+	}
+}
+
+func (s *Server) createAllocationManager(addrGenerator RelayAddressGenerator, handler PermissionHandler) (*allocation.Manager, error) {
+	if handler == nil {
+		handler = DefaultPermissionHandler
+	}
+
+	am, err := allocation.NewManager(allocation.ManagerConfig{
+		AllocatePacketConn: addrGenerator.AllocatePacketConn,
+		AllocateConn:       addrGenerator.AllocateConn,
+		PermissionHandler:  handler,
+		LeveledLogger:      s.log,
+	})
+	if err != nil {
+		return am, err
+	}
+
+	s.allocationManagers = append(s.allocationManagers, am)
+
+	return am, err
+}
+
+func (s *Server) readLoop(p net.PacketConn, allocationManager *allocation.Manager) {
+	buf := make([]byte, s.inboundMTU)
+	for {
+		n, addr, err := p.ReadFrom(buf)
+		switch {
+		case err != nil:
+			s.log.Debugf("Exit read loop on error: %s", err)
+			return
+		case n >= s.inboundMTU:
+			s.log.Debugf("Read bytes exceeded MTU, packet is possibly truncated")
+			continue
+		}
+
+		if err := server.HandleRequest(server.Request{
+			Conn:               p,
+			SrcAddr:            addr,
+			Buff:               buf[:n],
+			Log:                s.log,
+			AuthHandler:        s.authHandler,
+			Realm:              s.realm,
+			AllocationManager:  allocationManager,
+			ChannelBindTimeout: s.channelBindTimeout,
+			NonceHash:          s.nonceHash,
+		}); err != nil {
+			s.log.Errorf("Failed to handle datagram: %v", err)
+		}
+	}
+}
diff --git a/server/vendor/github.com/pion/turn/v2/server_config.go b/server/vendor/github.com/pion/turn/v2/server_config.go
new file mode 100644
index 0000000..ee808fe
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/server_config.go
@@ -0,0 +1,145 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package turn
+
+import (
+	"crypto/md5" //nolint:gosec,gci
+	"fmt"
+	"net"
+	"strings"
+	"time"
+
+	"github.com/pion/logging"
+)
+
+// RelayAddressGenerator is used to generate a RelayAddress when creating an allocation.
+// You can use one of the provided ones or provide your own.
+type RelayAddressGenerator interface {
+	// Validate confirms that the RelayAddressGenerator is properly initialized
+	Validate() error
+
+	// Allocate a PacketConn (UDP) RelayAddress
+	AllocatePacketConn(network string, requestedPort int) (net.PacketConn, net.Addr, error)
+
+	// Allocate a Conn (TCP) RelayAddress
+	AllocateConn(network string, requestedPort int) (net.Conn, net.Addr, error)
+}
+
+// PermissionHandler is a callback to filter incoming CreatePermission and ChannelBindRequest
+// requests based on the client IP address and port and the peer IP address the client intends to
+// connect to. If the client is behind a NAT then the filter acts on the server reflexive
+// ("mapped") address instead of the real client IP address and port. Note that TURN permissions
+// are per-allocation and per-peer-IP-address, to mimic the address-restricted filtering mechanism
+// of NATs that comply with [RFC4787], see https://tools.ietf.org/html/rfc5766#section-2.3.
+type PermissionHandler func(clientAddr net.Addr, peerIP net.IP) (ok bool)
+
+// DefaultPermissionHandler is convince function that grants permission to all peers
+func DefaultPermissionHandler(net.Addr, net.IP) (ok bool) {
+	return true
+}
+
+// PacketConnConfig is a single net.PacketConn to listen/write on. This will be used for UDP listeners
+type PacketConnConfig struct {
+	PacketConn net.PacketConn
+
+	// When an allocation is generated the RelayAddressGenerator
+	// creates the net.PacketConn and returns the IP/Port it is available at
+	RelayAddressGenerator RelayAddressGenerator
+
+	// PermissionHandler is a callback to filter peer addresses. Can be set as nil, in which
+	// case the DefaultPermissionHandler is automatically instantiated to admit all peer
+	// connections
+	PermissionHandler PermissionHandler
+}
+
+func (c *PacketConnConfig) validate() error {
+	if c.PacketConn == nil {
+		return errConnUnset
+	}
+	if c.RelayAddressGenerator == nil {
+		return errRelayAddressGeneratorUnset
+	}
+
+	return c.RelayAddressGenerator.Validate()
+}
+
+// ListenerConfig is a single net.Listener to accept connections on. This will be used for TCP, TLS and DTLS listeners
+type ListenerConfig struct {
+	Listener net.Listener
+
+	// When an allocation is generated the RelayAddressGenerator
+	// creates the net.PacketConn and returns the IP/Port it is available at
+	RelayAddressGenerator RelayAddressGenerator
+
+	// PermissionHandler is a callback to filter peer addresses. Can be set as nil, in which
+	// case the DefaultPermissionHandler is automatically instantiated to admit all peer
+	// connections
+	PermissionHandler PermissionHandler
+}
+
+func (c *ListenerConfig) validate() error {
+	if c.Listener == nil {
+		return errListenerUnset
+	}
+
+	if c.RelayAddressGenerator == nil {
+		return errRelayAddressGeneratorUnset
+	}
+
+	return c.RelayAddressGenerator.Validate()
+}
+
+// AuthHandler is a callback used to handle incoming auth requests, allowing users to customize Pion TURN with custom behavior
+type AuthHandler func(username, realm string, srcAddr net.Addr) (key []byte, ok bool)
+
+// GenerateAuthKey is a convenience function to easily generate keys in the format used by AuthHandler
+func GenerateAuthKey(username, realm, password string) []byte {
+	// #nosec
+	h := md5.New()
+	fmt.Fprint(h, strings.Join([]string{username, realm, password}, ":"))
+	return h.Sum(nil)
+}
+
+// ServerConfig configures the Pion TURN Server
+type ServerConfig struct {
+	// PacketConnConfigs and ListenerConfigs are a list of all the turn listeners
+	// Each listener can have custom behavior around the creation of Relays
+	PacketConnConfigs []PacketConnConfig
+	ListenerConfigs   []ListenerConfig
+
+	// LoggerFactory must be set for logging from this server.
+	LoggerFactory logging.LoggerFactory
+
+	// Realm sets the realm for this server
+	Realm string
+
+	// AuthHandler is a callback used to handle incoming auth requests, allowing users to customize Pion TURN with custom behavior
+	AuthHandler AuthHandler
+
+	// ChannelBindTimeout sets the lifetime of channel binding. Defaults to 10 minutes.
+	ChannelBindTimeout time.Duration
+
+	// Sets the server inbound MTU(Maximum transmition unit). Defaults to 1600 bytes.
+	InboundMTU int
+}
+
+func (s *ServerConfig) validate() error {
+	if len(s.PacketConnConfigs) == 0 && len(s.ListenerConfigs) == 0 {
+		return errNoAvailableConns
+	}
+
+	for _, s := range s.PacketConnConfigs {
+		if err := s.validate(); err != nil {
+			return err
+		}
+	}
+
+	for _, s := range s.ListenerConfigs {
+		if err := s.validate(); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/turn/v2/stun_conn.go b/server/vendor/github.com/pion/turn/v2/stun_conn.go
new file mode 100644
index 0000000..cb062f8
--- /dev/null
+++ b/server/vendor/github.com/pion/turn/v2/stun_conn.go
@@ -0,0 +1,127 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package turn
+
+import (
+	"encoding/binary"
+	"errors"
+	"net"
+	"time"
+
+	"github.com/pion/stun"
+	"github.com/pion/turn/v2/internal/proto"
+)
+
+var (
+	errInvalidTURNFrame    = errors.New("data is not a valid TURN frame, no STUN or ChannelData found")
+	errIncompleteTURNFrame = errors.New("data contains incomplete STUN or TURN frame")
+)
+
+// STUNConn wraps a net.Conn and implements
+// net.PacketConn by being STUN aware and
+// packetizing the stream
+type STUNConn struct {
+	nextConn net.Conn
+	buff     []byte
+}
+
+const (
+	stunHeaderSize = 20
+
+	channelDataLengthSize = 2
+	channelDataNumberSize = channelDataLengthSize
+	channelDataHeaderSize = channelDataLengthSize + channelDataNumberSize
+	channelDataPadding    = 4
+)
+
+// Given a buffer give the last offset of the TURN frame
+// If the buffer isn't a valid STUN or ChannelData packet
+// or the length doesn't match return false
+func consumeSingleTURNFrame(p []byte) (int, error) {
+	// Too short to determine if ChannelData or STUN
+	if len(p) < 9 {
+		return 0, errIncompleteTURNFrame
+	}
+
+	var datagramSize uint16
+	switch {
+	case stun.IsMessage(p):
+		datagramSize = binary.BigEndian.Uint16(p[2:4]) + stunHeaderSize
+	case proto.ChannelNumber(binary.BigEndian.Uint16(p[0:2])).Valid():
+		datagramSize = binary.BigEndian.Uint16(p[channelDataNumberSize:channelDataHeaderSize])
+		if paddingOverflow := (datagramSize + channelDataPadding) % channelDataPadding; paddingOverflow != 0 {
+			datagramSize = (datagramSize + channelDataPadding) - paddingOverflow
+		}
+
+		datagramSize += channelDataHeaderSize
+	case len(p) < stunHeaderSize:
+		return 0, errIncompleteTURNFrame
+	default:
+		return 0, errInvalidTURNFrame
+	}
+
+	if len(p) < int(datagramSize) {
+		return 0, errIncompleteTURNFrame
+	}
+
+	return int(datagramSize), nil
+}
+
+// ReadFrom implements ReadFrom from net.PacketConn
+func (s *STUNConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
+	// First pass any buffered data from previous reads
+	n, err = consumeSingleTURNFrame(s.buff)
+	if errors.Is(err, errInvalidTURNFrame) {
+		return 0, nil, err
+	} else if err == nil {
+		copy(p, s.buff[:n])
+		s.buff = s.buff[n:]
+
+		return n, s.nextConn.RemoteAddr(), nil
+	}
+
+	// Then read from the nextConn, appending to our buff
+	n, err = s.nextConn.Read(p)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	s.buff = append(s.buff, append([]byte{}, p[:n]...)...)
+	return s.ReadFrom(p)
+}
+
+// WriteTo implements WriteTo from net.PacketConn
+func (s *STUNConn) WriteTo(p []byte, _ net.Addr) (n int, err error) {
+	return s.nextConn.Write(p)
+}
+
+// Close implements Close from net.PacketConn
+func (s *STUNConn) Close() error {
+	return s.nextConn.Close()
+}
+
+// LocalAddr implements LocalAddr from net.PacketConn
+func (s *STUNConn) LocalAddr() net.Addr {
+	return s.nextConn.LocalAddr()
+}
+
+// SetDeadline implements SetDeadline from net.PacketConn
+func (s *STUNConn) SetDeadline(t time.Time) error {
+	return s.nextConn.SetDeadline(t)
+}
+
+// SetReadDeadline implements SetReadDeadline from net.PacketConn
+func (s *STUNConn) SetReadDeadline(t time.Time) error {
+	return s.nextConn.SetReadDeadline(t)
+}
+
+// SetWriteDeadline implements SetWriteDeadline from net.PacketConn
+func (s *STUNConn) SetWriteDeadline(t time.Time) error {
+	return s.nextConn.SetWriteDeadline(t)
+}
+
+// NewSTUNConn creates a STUNConn
+func NewSTUNConn(nextConn net.Conn) *STUNConn {
+	return &STUNConn{nextConn: nextConn}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/.codacy.yaml b/server/vendor/github.com/pion/webrtc/v3/.codacy.yaml
new file mode 100644
index 0000000..aa0b11b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/.codacy.yaml
@@ -0,0 +1,6 @@
+---
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+exclude_paths:
+  - examples/examples.json
diff --git a/server/vendor/github.com/pion/webrtc/v3/.eslintrc.json b/server/vendor/github.com/pion/webrtc/v3/.eslintrc.json
new file mode 100644
index 0000000..a755cdb
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/.eslintrc.json
@@ -0,0 +1,3 @@
+{
+  "extends": ["standard"]
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/.gitignore b/server/vendor/github.com/pion/webrtc/v3/.gitignore
new file mode 100644
index 0000000..6e2f206
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/.gitignore
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+### JetBrains IDE ###
+#####################
+.idea/
+
+### Emacs Temporary Files ###
+#############################
+*~
+
+### Folders ###
+###############
+bin/
+vendor/
+node_modules/
+
+### Files ###
+#############
+*.ivf
+*.ogg
+tags
+cover.out
+*.sw[poe]
+*.wasm
+examples/sfu-ws/cert.pem
+examples/sfu-ws/key.pem
+wasm_exec.js
diff --git a/server/vendor/github.com/pion/webrtc/v3/.golangci.yml b/server/vendor/github.com/pion/webrtc/v3/.golangci.yml
new file mode 100644
index 0000000..4e3eddf
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/.golangci.yml
@@ -0,0 +1,137 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  misspell:
+    locale: US
+  exhaustive:
+    default-signifies-exhaustive: true
+  gomodguard:
+    blocked:
+      modules:
+        - github.com/pkg/errors:
+            recommendations:
+              - errors
+  forbidigo:
+    forbid:
+      - ^fmt.Print(f|ln)?$
+      - ^log.(Panic|Fatal|Print)(f|ln)?$
+      - ^os.Exit$
+      - ^panic$
+      - ^print(ln)?$
+
+linters:
+  enable:
+    - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
+    - bidichk          # Checks for dangerous unicode character sequences
+    - bodyclose        # checks whether HTTP response body is closed successfully
+    - contextcheck     # check the function whether use a non-inherited context
+    - decorder         # check declaration order and count of types, constants, variables and functions
+    - depguard         # Go linter that checks if package imports are in a list of acceptable packages
+    - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
+    - dupl             # Tool for code clone detection
+    - durationcheck    # check for two durations multiplied together
+    - errcheck         # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
+    - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted.
+    - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive       # check exhaustiveness of enum switch statements
+    - exportloopref    # checks for pointers to enclosing loop variables
+    - forbidigo        # Forbids identifiers
+    - forcetypeassert  # finds forced type assertions
+    - gci              # Gci control golang package import order and make it always deterministic.
+    - gochecknoglobals # Checks that no globals are present in Go code
+    - gochecknoinits   # Checks that no init functions are present in Go code
+    - gocognit         # Computes and checks the cognitive complexity of functions
+    - goconst          # Finds repeated strings that could be replaced by a constant
+    - gocritic         # The most opinionated Go source code linter
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
+    - goerr113         # Golang linter to check the errors handling expressions
+    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
+    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
+    - goheader         # Checks is file header matches to pattern
+    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
+    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
+    - goprintffuncname # Checks that printf-like functions are named with `f` at the end
+    - gosec            # Inspects source code for security problems
+    - gosimple         # Linter for Go source code that specializes in simplifying a code
+    - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
+    - grouper          # An analyzer to analyze expression groups.
+    - importas         # Enforces consistent import aliases
+    - ineffassign      # Detects when assignments to existing variables are not used
+    - misspell         # Finds commonly misspelled English words in comments
+    - nakedret         # Finds naked returns in functions greater than a specified function length
+    - nilerr           # Finds the code that returns nil even if it checks that the error is not nil.
+    - nilnil           # Checks that there is no simultaneous return of `nil` error and an invalid value.
+    - noctx            # noctx finds sending http request without context.Context
+    - predeclared      # find code that shadows one of Go's predeclared identifiers
+    - revive           # golint replacement, finds style mistakes
+    - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
+    - stylecheck       # Stylecheck is a replacement for golint
+    - tagliatelle      # Checks the struct tags.
+    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
+    - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
+    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
+    - unconvert        # Remove unnecessary type conversions
+    - unparam          # Reports unused function parameters
+    - unused           # Checks Go code for unused constants, variables, functions and types
+    - wastedassign     # wastedassign finds wasted assignment statements
+    - whitespace       # Tool for detection of leading and trailing whitespace
+  disable:
+    - containedctx     # containedctx is a linter that detects struct contained context.Context field
+    - cyclop           # checks function and package cyclomatic complexity
+    - exhaustivestruct # Checks if all struct's fields are initialized
+    - funlen           # Tool for detection of long functions
+    - gocyclo          # Computes and checks the cyclomatic complexity of functions
+    - godot            # Check if comments end in a period
+    - gomnd            # An analyzer to detect magic numbers.
+    - ifshort          # Checks that your code uses short syntax for if-statements whenever possible
+    - ireturn          # Accept Interfaces, Return Concrete Types
+    - lll              # Reports long lines
+    - maintidx         # maintidx measures the maintainability index of each function.
+    - makezero         # Finds slice declarations with non-zero initial length
+    - maligned         # Tool to detect Go structs that would take less memory if their fields were sorted
+    - nestif           # Reports deeply nested if statements
+    - nlreturn         # nlreturn checks for a new line before return and branch statements to increase code clarity
+    - nolintlint       # Reports ill-formed or insufficient nolint directives
+    - paralleltest     # paralleltest detects missing usage of t.Parallel() method in your Go test
+    - prealloc         # Finds slice declarations that could potentially be preallocated
+    - promlinter       # Check Prometheus metrics naming via promlint
+    - rowserrcheck     # checks whether Err of rows is checked successfully
+    - sqlclosecheck    # Checks that sql.Rows and sql.Stmt are closed.
+    - testpackage      # linter that makes you use a separate _test package
+    - thelper          # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers
+    - varnamelen       # checks that the length of a variable's name matches its scope
+    - wrapcheck        # Checks that errors returned from external packages are wrapped
+    - wsl              # Whitespace Linter - Forces you to use empty lines!
+
+issues:
+  exclude-use-default: false
+  exclude-rules:
+    # Allow complex tests, better to be self contained
+    - path: _test\.go
+      linters:
+        - gocognit
+        - forbidigo
+
+    # Allow complex main function in examples
+    - path: examples
+      text: "of func `main` is high"
+      linters:
+        - gocognit
+    
+    # Allow forbidden identifiers in examples
+    - path: examples
+      linters:
+        - forbidigo
+
+    # Allow forbidden identifiers in CLI commands
+    - path: cmd
+      linters:
+        - forbidigo
+
+run:
+  skip-dirs-use-default: false
diff --git a/server/vendor/github.com/pion/webrtc/v3/.goreleaser.yml b/server/vendor/github.com/pion/webrtc/v3/.goreleaser.yml
new file mode 100644
index 0000000..30093e9
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/.goreleaser.yml
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+builds:
+- skip: true
diff --git a/server/vendor/github.com/pion/webrtc/v3/AUTHORS.txt b/server/vendor/github.com/pion/webrtc/v3/AUTHORS.txt
new file mode 100644
index 0000000..799ddfc
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/AUTHORS.txt
@@ -0,0 +1,229 @@
+# Thank you to everyone that made Pion possible. If you are interested in contributing
+# we would love to have you https://github.com/pion/webrtc/wiki/Contributing
+#
+# This file is auto generated, using git to list all individuals contributors.
+# see https://github.com/pion/.goassets/blob/master/scripts/generate-authors.sh for the scripting
+a-wing <1@233.email>
+Aaron Boushley <boushley@pretzelaux.com>
+Aaron France <aaron.l.france@gmail.com>
+Adam Kiss <masterada@gmail.com>
+Aditya Kumar <k.aditya00@gmail.com>
+Adrian Cable <adrian.cable@gmail.com>
+adwpc <adwpc@hotmail.com>
+aggresss <aggresss@163.com>
+akil <akil@everycrave.me>
+Aleksandr Alekseev <alekseev-dev@yandex-team.ru>
+Aleksandr Razumov <ar@gortc.io>
+aler9 <46489434+aler9@users.noreply.github.com>
+Alex Browne <stephenalexbrowne@gmail.com>
+Alex Harford <harford@gmail.com>
+Alexey Khit <alexey.khit@gmail.com>
+AlexWoo(武杰) <wj19840501@gmail.com>
+Ali Error <alipadida@live.com>
+Andrew N. Shalaev <isqad88@gmail.com>
+Antoine Baché <antoine.bache@epitech.eu>
+Antoine Baché <antoine@tenten.app>
+Anton <leonardspbox@gmail.com>
+Artur Shellunts <shellunts.artur@gmail.com>
+Assad Obaid <assad@lap5cg901003r.se.axis.com>
+Ato Araki <ato.araki@gmail.com>
+Atsushi Watanabe <atsushi.w@ieee.org>
+backkem <mail@backkem.me>
+baiyufei <baiyufei@outlook.com>
+Bao Nguyen <bao@n4n.dev>
+Ben Weitzman <benweitzman@gmail.com>
+Benny Daon <benny@tuzig.com>
+bkim <bruce.kim.it@gmail.com>
+Bo Shi <boshi@mural.co>
+boks1971 <raja.gobi@tutanota.com>
+Brendan Rius <brendan.rius@gmail.com>
+brian <brian@cyalive.com>
+Bryan Phelps <bryan@coder.com>
+Cameron Elliott <cameron-elliott@users.noreply.github.com>
+Cecylia Bocovich <cohosh@torproject.org>
+Cedric Fung <cedric@vec.io>
+cgojin <gongjin21@hotmail.com>
+Chad Retz <chad.retz@stackpath.com>
+chenkaiC4 <chenkaic4@gmail.com>
+Chinmay Kousik <chinmaykousik1@gmail.com>
+Chris Hiszpanski <chris@hiszpanski.name>
+Christopher Fry <chris.fry@getcruise.com>
+Clayton McCray <cpmdmccray@gmail.com>
+cnderrauber <zengjie9004@gmail.com>
+cyannuk <cyannuk@issart.com>
+Daniele Sluijters <daenney@users.noreply.github.com>
+David <dz@livekit.io>
+David Hamilton <davidhamiltron@gmail.com>
+David Zhao <david@davidzhao.com>
+David Zhao <dz@livekit.io>
+david.s <david.s@hpcnt.com>
+Dean Sheather <dean@coder.com>
+decanus <7621705+decanus@users.noreply.github.com>
+Denis <Hixon10@yandex.ru>
+digitalix <digitalix4@gmail.com>
+do-hyung-kim <do_hyung.kim@navercorp.com>
+donotanswer <viktor.ferter@doclerholding.com>
+earle <aguilar@dm.ai>
+Egon Elbre <egonelbre@gmail.com>
+Eric Daniels <eric@erdaniels.com>
+Eric Fontaine <ericfontainejazz@gmail.com>
+Evan Sonderegger <evan@rpy.xyz>
+feixiao <feixiao2020@sina.com>
+Forest Johnson <forest.n.johnson@gmail.com>
+frank <frank@huzhedeMacBook-Pro.local>
+funvit <funvit@gmail.com>
+Gabor Pongracz <gabor.pongracz@proemergotech.com>
+Gareth Hayes <gareth.hayes@gmail.com>
+Guilherme <gqgs@protonmail.com>
+Guillaume Denis <gdenispro@gmail.com>
+Hanjun Kim <hallazzang@gmail.com>
+Hans Gylling <hans.gylling@axis.com>
+Hao <shell0fly@gmail.com>
+Hendrik Hofstadt <hendrik@nexantic.com>
+Henry <cryptix@riseup.net>
+Hongchao Ma <hongchao.ma@synaptop.com>
+Hugo Arregui <hugo.arregui@gmail.com>
+Hugo Arregui <hugo@decentraland.org>
+Ilya Mayorov <faroyam1@yandex.ru>
+imalic3 <manovisut.ktp@gmail.com>
+Ivan Egorov <vany.egorov@gmail.com>
+JacobZwang <59858341+JacobZwang@users.noreply.github.com>
+Jake B <doogie1012@gmail.com>
+Jamie Good <jamie.good@gmail.com>
+Jason <jabrady42@gmail.com>
+Jeff Tchang <jeff.tchang@gmail.com>
+jeremija
+Jerko Steiner <jerko.steiner@gmail.com>
+Jerry Tao <taojay315@gmail.com>
+jinleileiking <jinleileiking@gmail.com>
+John Berthels <john.berthels@gmail.com>
+John Bradley <jrb@turrettech.com>
+John Selbie <jselbie@gmail.com>
+JooYoung <qkdlql@naver.com>
+Jorropo <jorropo.pgm@gmail.com>
+Josh Bleecher Snyder <josharian@gmail.com>
+juberti <juberti@alphaexplorationco.com>
+Juliusz Chroboczek <jch@irif.fr>
+Justin Okamoto <jdokamoto@gmail.com>
+Justin Okamoto <justmoto@amazon.com>
+Kevin <kevmo314@gmail.com>
+Kevin Staunton-Lambert <kevin.staunton-lambert@metacdn.com>
+Kevin Wang <kevmo314@gmail.com>
+Konstantin Chugalinskiy <kchugalinskiy@yandex.ru>
+Konstantin Itskov <konstantin.itskov@kovits.com>
+krishna chiatanya <kittuov@gmail.com>
+Kunal <tekunalogy@gmail.com>
+Kunal Singh <kunalsin9h@gmail.com>
+Kuzmin Vladimir <vova-kyzmin@yandex.ru>
+lawl <github@dumbinter.net>
+Len <len@hpcnt.com>
+Leslie Wang <wqyuwss@gmail.com>
+lisa yan <lisa.yan@nokia-sbell.com>
+Lukas Herman <lherman.cs@gmail.com>
+Luke <luke@street.dev>
+Luke Curley <kixelated@gmail.com>
+Luke S <luke@street.dev>
+Magnus Wahlstrand <magnus.wahlstrand@gmail.com>
+Manish <itzmanish108@gmail.com>
+Markus Tzoe <chou.marcus@gmail.com>
+Marouane <6729798+nindolabs@users.noreply.github.com>
+Marouane <marouane@gamestream.biz>
+Masahiro Nakamura <13937915+tsuu32@users.noreply.github.com>
+Mathis Engelbart <mathis.engelbart@gmail.com>
+Max Hawkins <maxhawkins@gmail.com>
+mchlrhw <4028654+mchlrhw@users.noreply.github.com>
+Michael MacDonald <github@macdonald.cx>
+Michael MacDonald <mike.macdonald@savantsystems.com>
+Michiel De Backker <38858977+backkem@users.noreply.github.com>
+Mike Coleman <mc@fivebats.com>
+Mindgamesnl <matsmoolhuizen@gmail.com>
+mission-liao <missionaryliao@gmail.com>
+mohammadne <mohammadne@mail.ru>
+mr-shitij <21.shitijagrawal@gmail.com>
+mxmCherry <mxmCherry@gmail.com>
+Nam V. Do <vannam12a7@gmail.com>
+Nick Mykins <nmykins@digitalocean.com>
+Nicolas Menard <nicolas.p.menard@gmail.com>
+nindolabs <6729798+nindolabs@users.noreply.github.com>
+Norman Rasmussen <norman@rasmussen.co.za>
+notedit <notedit@gmail.com>
+o0olele <liangruipeng@ztgame.com>
+obasajujoshua31 <obasajujoshua31@gmail.com>
+Oleg Kovalov <iamolegkovalov@gmail.com>
+opennota <opennota@gmail.com>
+OrlandoCo <luisorlando.co@gmail.com>
+Pascal Benoit <pascal.benoit@acemediastools.fr>
+pascal-ace <47424881+pascal-ace@users.noreply.github.com>
+Patrice Ferlet <patrice.ferlet@smile.fr>
+Patrick Lange <mail@langep.com>
+Patryk Rogalski <digitalix4@gmail.com>
+Pieere Pi <pihuibin@hotmail.com>
+Pouget-Abadie <thomas.pougetabadie@gmail.com>
+q191201771 <191201771@qq.com>
+Quentin Renard <contact@asticode.com>
+Rafael Viscarra <rafael@viscarra.dev>
+rahulnakre <rahulnakre@gmail.com>
+Raphael Randschau <nicolai86@me.com>
+Raphael Randschau <nicolai86@users.noreply.github.com>
+Reese <3253971+figadore@users.noreply.github.com>
+rob <me@iamcalledrob.com>
+rob-deutsch <robzyb+altgithub@gmail.com>
+Robert Eperjesi <eperjesi@uber.com>
+Robin Raymond <robin-raymond@users.noreply.github.com>
+Roman Romanenko <roman.romanenko@aliexpress.ru>
+Roman Romanenko <romandafe94@gmail.com>
+ronan <ronan.jezequel@gmail.com>
+Ryan Shumate <Ryan.Shumate@garmin.com>
+salmān aljammāz <s@aljmz.com>
+Sam Lancia <sam@vaion.com>
+Sean <sean@pion.ly>
+Sean DuBois <duboisea@justin.tv>
+Sean DuBois <duboisea@twitch.tv>
+Sean DuBois <seaduboi@amazon.com>
+Sean DuBois <sean@pion.ly>
+Sean DuBois <sean@siobud.com>
+Sean DuBois <sean_dubois@apple.com>
+Sean Knight <git@seanknight.com>
+Sebastian Waisbrot <seppo0010@gmail.com>
+Sidney San Martín <sidney@s4y.us>
+Simon Cousineau <simon.cousineau@verkada.com>
+Simon Eisenmann <simon@longsleep.org>
+simonacca-fotokite <47634061+simonacca-fotokite@users.noreply.github.com>
+Simone Gotti <simone.gotti@gmail.com>
+Slugalisk <slugalisk@gmail.com>
+Somers Matthews <somersbmatthews@gmail.com>
+soolaugust <soolaugust@gmail.com>
+spaceCh1mp <drimboat@gmail.com>
+Steffen Vogel <post@steffenvogel.de>
+stephanrotolante <stephanrotolante@gmail.com>
+streamer45 <cstcld91@gmail.com>
+Suhas Gaddam <suhas.g.2011@gmail.com>
+Suzuki Takeo <takeo@stko.info>
+sylba2050 <masataka.hisasue@optim.co.jp>
+Tarrence van As <tarrencev@users.noreply.github.com>
+tarrencev <tarrence13@gmail.com>
+Thomas Miller <tmiv74@gmail.com>
+Tobias Fridén <tobias.friden@gmail.com>
+Tomek <tomek@pop-os.localdomain>
+treyhakanson <treyhakanson@gmail.com>
+Tristan Matthews <tmatth@videolan.org>
+Twometer <twometer@outlook.de>
+Vicken Simonian <vsimon@gmail.com>
+wattanakorn495 <wattanakorn.i@ku.th>
+Will Forcey <wsforc3y@gmail.com>
+Will Watson <william.a.watson@gmail.com>
+WofWca <wofwca@protonmail.com>
+Woodrow Douglass <wdouglass@carnegierobotics.com>
+xsbchen <xsbchen@qq.com>
+Yoon SeungYong <simon.y@hpcnt.com>
+Yuki Igarashi <me@bonprosoft.com>
+yusuke <yusuke.m99@gmail.com>
+Yutaka Takeda <yt0916@gmail.com>
+ZHENK <chengzhenyang@gmail.com>
+zhngs <zhangshuo19991204@163.com>
+zigazeljko <ziga.zeljko@gmail.com>
+Štefan Uram <SterverSVK@users.noreply.github.com>
+박종훈 <jonghun.park.194@gmail.com>
+
+# List of contributors not appearing in Git history
+
diff --git a/server/vendor/github.com/pion/webrtc/v3/DESIGN.md b/server/vendor/github.com/pion/webrtc/v3/DESIGN.md
new file mode 100644
index 0000000..e22b08e
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/DESIGN.md
@@ -0,0 +1,43 @@
+<h1 align="center">
+  Design
+</h1>
+WebRTC is a powerful, but complicated technology you can build amazing things with, it comes with a steep learning curve though.
+Using WebRTC in the browser is easy, but outside the browser is more of a challenge. There are multiple libraries, and they all have
+varying levels of quality. Most are also difficult to build, and depend on libraries that aren't available in repos or portable.
+
+Pion WebRTC aims to solve all that! Built in native Go you should be able to send and receive media and text from anywhere with minimal headache.
+These are the design principals that drive Pion WebRTC and hopefully convince you it is worth a try.
+
+### Portable
+Pion WebRTC is written in Go and extremely portable. Anywhere Golang runs, Pion WebRTC should work as well! Instead of dealing with complicated
+cross-compiling of multiple libraries, you now can run anywhere with one `go build`
+
+### Flexible
+When possible we leave all decisions to the user. When choice is possible (like what logging library is used) we defer to the developer.
+
+### Simple API
+If you know how to use WebRTC in your browser, you know how to use Pion WebRTC.
+We try our best just to duplicate the Javascript API, so your code can look the same everywhere.
+
+If this is your first time using WebRTC, don't worry! We have multiple [examples](https://github.com/pion/webrtc/tree/master/examples) and [GoDoc](https://pkg.go.dev/github.com/pion/webrtc/v3)
+
+### Bring your own media
+Pion WebRTC doesn't make any assumptions about where your audio, video or text come from. You can use FFmpeg, GStreamer, MLT or just serve a video file.
+This library only serves to transport, not create media.
+
+### Safe
+Golang provides a great foundation to build safe network services.
+Especially when running a networked service that is highly concurrent bugs can be devastating.
+
+### Readable
+If code comes from an RFC we try to make sure everything is commented with a link to the spec.
+This makes learning and debugging easier, this WebRTC library was written to also serve as a guide for others.
+
+### Tested
+Every commit is tested via travis-ci Go provides fantastic facilities for testing, and more will be added as time goes on.
+
+### Shared libraries
+Every Pion project is built using shared libraries, allowing others to review and reuse our libraries.
+
+### Community
+The most important part of Pion is the community. This projects only exist because of individual contributions. We aim to be radically open and do everything we can to support those that make Pion possible.
diff --git a/server/vendor/github.com/pion/webrtc/v3/LICENSE b/server/vendor/github.com/pion/webrtc/v3/LICENSE
new file mode 100644
index 0000000..491caf6
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/LICENSE
@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 The Pion community <https://pion.ly>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/server/vendor/github.com/pion/webrtc/v3/README.md b/server/vendor/github.com/pion/webrtc/v3/README.md
new file mode 100644
index 0000000..80dd8c1
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/README.md
@@ -0,0 +1,129 @@
+<h1 align="center">
+  <a href="https://pion.ly"><img src="./.github/pion-gopher-webrtc.png" alt="Pion WebRTC" height="250px"></a>
+  <br>
+  Pion WebRTC
+  <br>
+</h1>
+<h4 align="center">A pure Go implementation of the WebRTC API</h4>
+<p align="center">
+  <a href="https://pion.ly"><img src="https://img.shields.io/badge/pion-webrtc-gray.svg?longCache=true&colorB=brightgreen" alt="Pion WebRTC"></a>
+  <a href="https://sourcegraph.com/github.com/pion/webrtc?badge"><img src="https://sourcegraph.com/github.com/pion/webrtc/-/badge.svg" alt="Sourcegraph Widget"></a>
+  <a href="https://pion.ly/slack"><img src="https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=brightgreen" alt="Slack Widget"></a>
+  <a href="https://twitter.com/_pion?ref_src=twsrc%5Etfw"><img src="https://img.shields.io/twitter/url.svg?label=Follow%20%40_pion&style=social&url=https%3A%2F%2Ftwitter.com%2F_pion" alt="Twitter Widget"></a>
+  <a href="https://github.com/pion/awesome-pion" alt="Awesome Pion"><img src="https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg"></a>
+  <br>
+  <img alt="GitHub Workflow Status" src="https://img.shields.io/github/actions/workflow/status/pion/webrtc/test.yaml">
+  <a href="https://pkg.go.dev/github.com/pion/webrtc/v3"><img src="https://pkg.go.dev/badge/github.com/pion/webrtc/v3.svg" alt="Go Reference"></a>
+  <a href="https://codecov.io/gh/pion/webrtc"><img src="https://codecov.io/gh/pion/webrtc/branch/master/graph/badge.svg" alt="Coverage Status"></a>
+  <a href="https://goreportcard.com/report/github.com/pion/webrtc/v3"><img src="https://goreportcard.com/badge/github.com/pion/webrtc/v3" alt="Go Report Card"></a>
+  <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"></a>
+</p>
+<br>
+
+### Usage
+[Go Modules](https://blog.golang.org/using-go-modules) are mandatory for using Pion WebRTC. So make sure you set `export GO111MODULE=on`, and explicitly specify `/v2` or `/v3` when importing.
+
+
+**[example applications](examples/README.md)** contains code samples of common things people build with Pion WebRTC.
+
+**[example-webrtc-applications](https://github.com/pion/example-webrtc-applications)** contains more full featured examples that use 3rd party libraries.
+
+**[awesome-pion](https://github.com/pion/awesome-pion)** contains projects that have used Pion, and serve as real world examples of usage.
+
+**[GoDoc](https://pkg.go.dev/github.com/pion/webrtc/v3)** is an auto generated API reference. All our Public APIs are commented.
+
+**[FAQ](https://github.com/pion/webrtc/wiki/FAQ)** has answers to common questions. If you have a question not covered please ask in [Slack](https://pion.ly/slack) we are always looking to expand it.
+
+Now go build something awesome! Here are some **ideas** to get your creative juices flowing:
+* Send a video file to multiple browser in real time for perfectly synchronized movie watching.
+* Send a webcam on an embedded device to your browser with no additional server required!
+* Securely send data between two servers, without using pub/sub.
+* Record your webcam and do special effects server side.
+* Build a conferencing application that processes audio/video and make decisions off of it.
+* Remotely control a robots and stream its cameras in realtime.
+
+### Want to learn more about WebRTC?
+Join our [Office Hours](https://github.com/pion/webrtc/wiki/OfficeHours). Come hang out, ask questions, get help debugging and
+hear about the cool things being built with WebRTC. We also start every meeting with basic project planning.
+
+Check out [WebRTC for the Curious](https://webrtcforthecurious.com). A book about WebRTC in depth, not just about the APIs.
+Learn the full details of ICE, SCTP, DTLS, SRTP, and how they work together to make up the WebRTC stack.
+
+This is also a great resource if you are trying to debug. Learn the tools of the trade and how to approach WebRTC issues.
+
+This book is vendor agnostic and will not have any Pion specific information.
+
+### Features
+#### PeerConnection API
+* Go implementation of [webrtc-pc](https://w3c.github.io/webrtc-pc/) and [webrtc-stats](https://www.w3.org/TR/webrtc-stats/)
+* DataChannels
+* Send/Receive audio and video
+* Renegotiation
+* Plan-B and Unified Plan
+* [SettingEngine](https://pkg.go.dev/github.com/pion/webrtc/v3#SettingEngine) for Pion specific extensions
+
+
+#### Connectivity
+* Full ICE Agent
+* ICE Restart
+* Trickle ICE
+* STUN
+* TURN (UDP, TCP, DTLS and TLS)
+* mDNS candidates
+
+#### DataChannels
+* Ordered/Unordered
+* Lossy/Lossless
+
+#### Media
+* API with direct RTP/RTCP access
+* Opus, PCM, H264, VP8 and VP9 packetizer
+* API also allows developer to pass their own packetizer
+* IVF, Ogg, H264 and Matroska provided for easy sending and saving
+* [getUserMedia](https://github.com/pion/mediadevices) implementation (Requires Cgo)
+* Easy integration with x264, libvpx, GStreamer and ffmpeg.
+* [Simulcast](https://github.com/pion/webrtc/tree/master/examples/simulcast)
+* [SVC](https://github.com/pion/rtp/blob/master/codecs/vp9_packet.go#L138)
+* [NACK](https://github.com/pion/interceptor/pull/4)
+* [Sender/Receiver Reports](https://github.com/pion/interceptor/tree/master/pkg/report)
+* [Transport Wide Congestion Control Feedback](https://github.com/pion/interceptor/tree/master/pkg/twcc)
+* [Bandwidth Estimation](https://github.com/pion/webrtc/tree/master/examples/bandwidth-estimation-from-disk)
+
+#### Security
+* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 and TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA for DTLS v1.2
+* SRTP_AEAD_AES_256_GCM and SRTP_AES128_CM_HMAC_SHA1_80 for SRTP
+* Hardware acceleration available for GCM suites
+
+#### Pure Go
+* No Cgo usage
+* Wide platform support
+  * Windows, macOS, Linux, FreeBSD
+  * iOS, Android
+  * [WASM](https://github.com/pion/webrtc/wiki/WebAssembly-Development-and-Testing) see [examples](examples/README.md#webassembly)
+  *  386, amd64, arm, mips, ppc64
+* Easy to build *Numbers generated on Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz*
+  * **Time to build examples/play-from-disk** - 0.66s user 0.20s system 306% cpu 0.279 total
+  * **Time to run entire test suite** - 25.60s user 9.40s system 45% cpu 1:16.69 total
+* Tools to measure performance [provided](https://github.com/pion/rtsp-bench)
+
+### Roadmap
+The library is in active development, please refer to the [roadmap](https://github.com/pion/webrtc/issues/9) to track our major milestones.
+We also maintain a list of [Big Ideas](https://github.com/pion/webrtc/wiki/Big-Ideas) these are things we want to build but don't have a clear plan or the resources yet.
+If you are looking to get involved this is a great place to get started! We would also love to hear your ideas! Even if you can't implement it yourself, it could inspire others.
+
+### Sponsoring
+Work on Pion's congestion control and bandwidth estimation was funded through the [User-Operated Internet](https://nlnet.nl/useroperated/) fund, a fund established by [NLnet](https://nlnet.nl/) made possible by financial support from the [PKT Community](https://pkt.cash/)/[The Network Steward](https://pkt.cash/network-steward) and stichting [Technology Commons Trust](https://technologycommons.org/).
+
+### Community
+Pion has an active community on the [Slack](https://pion.ly/slack).
+
+Follow the [Pion Twitter](https://twitter.com/_pion) for project updates and important WebRTC news.
+
+We are always looking to support **your projects**. Please reach out if you have something to build!
+If you need commercial support or don't want to use public methods you can contact us at [team@pion.ly](mailto:team@pion.ly)
+
+### Contributing
+Check out the [contributing wiki](https://github.com/pion/webrtc/wiki/Contributing) to join the group of amazing people making this project possible: [AUTHORS.txt](./AUTHORS.txt)
+
+### License
+MIT License - see [LICENSE](LICENSE) for full text
diff --git a/server/vendor/github.com/pion/webrtc/v3/api.go b/server/vendor/github.com/pion/webrtc/v3/api.go
new file mode 100644
index 0000000..716be1f
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/api.go
@@ -0,0 +1,77 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"github.com/pion/interceptor"
+	"github.com/pion/logging"
+)
+
+// API allows configuration of a PeerConnection
+// with APIs that are available in the standard. This
+// lets you set custom behavior via the SettingEngine, configure
+// codecs via the MediaEngine and define custom media behaviors via
+// Interceptors.
+type API struct {
+	settingEngine       *SettingEngine
+	mediaEngine         *MediaEngine
+	interceptorRegistry *interceptor.Registry
+
+	interceptor interceptor.Interceptor // Generated per PeerConnection
+}
+
+// NewAPI Creates a new API object for keeping semi-global settings to WebRTC objects
+func NewAPI(options ...func(*API)) *API {
+	a := &API{
+		interceptor:         &interceptor.NoOp{},
+		settingEngine:       &SettingEngine{},
+		mediaEngine:         &MediaEngine{},
+		interceptorRegistry: &interceptor.Registry{},
+	}
+
+	for _, o := range options {
+		o(a)
+	}
+
+	if a.settingEngine.LoggerFactory == nil {
+		a.settingEngine.LoggerFactory = logging.NewDefaultLoggerFactory()
+	}
+
+	return a
+}
+
+// WithMediaEngine allows providing a MediaEngine to the API.
+// Settings can be changed after passing the engine to an API.
+// When a PeerConnection is created the MediaEngine is copied
+// and no more changes can be made.
+func WithMediaEngine(m *MediaEngine) func(a *API) {
+	return func(a *API) {
+		a.mediaEngine = m
+		if a.mediaEngine == nil {
+			a.mediaEngine = &MediaEngine{}
+		}
+	}
+}
+
+// WithSettingEngine allows providing a SettingEngine to the API.
+// Settings should not be changed after passing the engine to an API.
+func WithSettingEngine(s SettingEngine) func(a *API) {
+	return func(a *API) {
+		a.settingEngine = &s
+	}
+}
+
+// WithInterceptorRegistry allows providing Interceptors to the API.
+// Settings should not be changed after passing the registry to an API.
+func WithInterceptorRegistry(ir *interceptor.Registry) func(a *API) {
+	return func(a *API) {
+		a.interceptorRegistry = ir
+		if a.interceptorRegistry == nil {
+			a.interceptorRegistry = &interceptor.Registry{}
+		}
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/api_js.go b/server/vendor/github.com/pion/webrtc/v3/api_js.go
new file mode 100644
index 0000000..fe94bff
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/api_js.go
@@ -0,0 +1,35 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+// API bundles the global funcions of the WebRTC and ORTC API.
+type API struct {
+	settingEngine *SettingEngine
+}
+
+// NewAPI Creates a new API object for keeping semi-global settings to WebRTC objects
+func NewAPI(options ...func(*API)) *API {
+	a := &API{}
+
+	for _, o := range options {
+		o(a)
+	}
+
+	if a.settingEngine == nil {
+		a.settingEngine = &SettingEngine{}
+	}
+
+	return a
+}
+
+// WithSettingEngine allows providing a SettingEngine to the API.
+// Settings should not be changed after passing the engine to an API.
+func WithSettingEngine(s SettingEngine) func(a *API) {
+	return func(a *API) {
+		a.settingEngine = &s
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/atomicbool.go b/server/vendor/github.com/pion/webrtc/v3/atomicbool.go
new file mode 100644
index 0000000..cc6cdc1
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/atomicbool.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import "sync/atomic"
+
+type atomicBool struct {
+	val int32
+}
+
+func (b *atomicBool) set(value bool) { // nolint: unparam
+	var i int32
+	if value {
+		i = 1
+	}
+
+	atomic.StoreInt32(&(b.val), i)
+}
+
+func (b *atomicBool) get() bool {
+	return atomic.LoadInt32(&(b.val)) != 0
+}
+
+func (b *atomicBool) swap(value bool) bool {
+	var i int32
+	if value {
+		i = 1
+	}
+	return atomic.SwapInt32(&(b.val), i) != 0
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/bundlepolicy.go b/server/vendor/github.com/pion/webrtc/v3/bundlepolicy.go
new file mode 100644
index 0000000..ea6dad5
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/bundlepolicy.go
@@ -0,0 +1,81 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"encoding/json"
+)
+
+// BundlePolicy affects which media tracks are negotiated if the remote
+// endpoint is not bundle-aware, and what ICE candidates are gathered. If the
+// remote endpoint is bundle-aware, all media tracks and data channels are
+// bundled onto the same transport.
+type BundlePolicy int
+
+const (
+	// BundlePolicyBalanced indicates to gather ICE candidates for each
+	// media type in use (audio, video, and data). If the remote endpoint is
+	// not bundle-aware, negotiate only one audio and video track on separate
+	// transports.
+	BundlePolicyBalanced BundlePolicy = iota + 1
+
+	// BundlePolicyMaxCompat indicates to gather ICE candidates for each
+	// track. If the remote endpoint is not bundle-aware, negotiate all media
+	// tracks on separate transports.
+	BundlePolicyMaxCompat
+
+	// BundlePolicyMaxBundle indicates to gather ICE candidates for only
+	// one track. If the remote endpoint is not bundle-aware, negotiate only
+	// one media track.
+	BundlePolicyMaxBundle
+)
+
+// This is done this way because of a linter.
+const (
+	bundlePolicyBalancedStr  = "balanced"
+	bundlePolicyMaxCompatStr = "max-compat"
+	bundlePolicyMaxBundleStr = "max-bundle"
+)
+
+func newBundlePolicy(raw string) BundlePolicy {
+	switch raw {
+	case bundlePolicyBalancedStr:
+		return BundlePolicyBalanced
+	case bundlePolicyMaxCompatStr:
+		return BundlePolicyMaxCompat
+	case bundlePolicyMaxBundleStr:
+		return BundlePolicyMaxBundle
+	default:
+		return BundlePolicy(Unknown)
+	}
+}
+
+func (t BundlePolicy) String() string {
+	switch t {
+	case BundlePolicyBalanced:
+		return bundlePolicyBalancedStr
+	case BundlePolicyMaxCompat:
+		return bundlePolicyMaxCompatStr
+	case BundlePolicyMaxBundle:
+		return bundlePolicyMaxBundleStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// UnmarshalJSON parses the JSON-encoded data and stores the result
+func (t *BundlePolicy) UnmarshalJSON(b []byte) error {
+	var val string
+	if err := json.Unmarshal(b, &val); err != nil {
+		return err
+	}
+
+	*t = newBundlePolicy(val)
+	return nil
+}
+
+// MarshalJSON returns the JSON encoding
+func (t BundlePolicy) MarshalJSON() ([]byte, error) {
+	return json.Marshal(t.String())
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/certificate.go b/server/vendor/github.com/pion/webrtc/v3/certificate.go
new file mode 100644
index 0000000..1d5631b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/certificate.go
@@ -0,0 +1,234 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/base64"
+	"encoding/pem"
+	"fmt"
+	"math/big"
+	"strings"
+	"time"
+
+	"github.com/pion/dtls/v2/pkg/crypto/fingerprint"
+	"github.com/pion/webrtc/v3/pkg/rtcerr"
+)
+
+// Certificate represents a x509Cert used to authenticate WebRTC communications.
+type Certificate struct {
+	privateKey crypto.PrivateKey
+	x509Cert   *x509.Certificate
+	statsID    string
+}
+
+// NewCertificate generates a new x509 compliant Certificate to be used
+// by DTLS for encrypting data sent over the wire. This method differs from
+// GenerateCertificate by allowing to specify a template x509.Certificate to
+// be used in order to define certificate parameters.
+func NewCertificate(key crypto.PrivateKey, tpl x509.Certificate) (*Certificate, error) {
+	var err error
+	var certDER []byte
+	switch sk := key.(type) {
+	case *rsa.PrivateKey:
+		pk := sk.Public()
+		tpl.SignatureAlgorithm = x509.SHA256WithRSA
+		certDER, err = x509.CreateCertificate(rand.Reader, &tpl, &tpl, pk, sk)
+		if err != nil {
+			return nil, &rtcerr.UnknownError{Err: err}
+		}
+	case *ecdsa.PrivateKey:
+		pk := sk.Public()
+		tpl.SignatureAlgorithm = x509.ECDSAWithSHA256
+		certDER, err = x509.CreateCertificate(rand.Reader, &tpl, &tpl, pk, sk)
+		if err != nil {
+			return nil, &rtcerr.UnknownError{Err: err}
+		}
+	default:
+		return nil, &rtcerr.NotSupportedError{Err: ErrPrivateKeyType}
+	}
+
+	cert, err := x509.ParseCertificate(certDER)
+	if err != nil {
+		return nil, &rtcerr.UnknownError{Err: err}
+	}
+
+	return &Certificate{privateKey: key, x509Cert: cert, statsID: fmt.Sprintf("certificate-%d", time.Now().UnixNano())}, nil
+}
+
+// Equals determines if two certificates are identical by comparing both the
+// secretKeys and x509Certificates.
+func (c Certificate) Equals(o Certificate) bool {
+	switch cSK := c.privateKey.(type) {
+	case *rsa.PrivateKey:
+		if oSK, ok := o.privateKey.(*rsa.PrivateKey); ok {
+			if cSK.N.Cmp(oSK.N) != 0 {
+				return false
+			}
+			return c.x509Cert.Equal(o.x509Cert)
+		}
+		return false
+	case *ecdsa.PrivateKey:
+		if oSK, ok := o.privateKey.(*ecdsa.PrivateKey); ok {
+			if cSK.X.Cmp(oSK.X) != 0 || cSK.Y.Cmp(oSK.Y) != 0 {
+				return false
+			}
+			return c.x509Cert.Equal(o.x509Cert)
+		}
+		return false
+	default:
+		return false
+	}
+}
+
+// Expires returns the timestamp after which this certificate is no longer valid.
+func (c Certificate) Expires() time.Time {
+	if c.x509Cert == nil {
+		return time.Time{}
+	}
+	return c.x509Cert.NotAfter
+}
+
+// GetFingerprints returns the list of certificate fingerprints, one of which
+// is computed with the digest algorithm used in the certificate signature.
+func (c Certificate) GetFingerprints() ([]DTLSFingerprint, error) {
+	fingerprintAlgorithms := []crypto.Hash{crypto.SHA256}
+	res := make([]DTLSFingerprint, len(fingerprintAlgorithms))
+
+	i := 0
+	for _, algo := range fingerprintAlgorithms {
+		name, err := fingerprint.StringFromHash(algo)
+		if err != nil {
+			// nolint
+			return nil, fmt.Errorf("%w: %v", ErrFailedToGenerateCertificateFingerprint, err)
+		}
+		value, err := fingerprint.Fingerprint(c.x509Cert, algo)
+		if err != nil {
+			// nolint
+			return nil, fmt.Errorf("%w: %v", ErrFailedToGenerateCertificateFingerprint, err)
+		}
+		res[i] = DTLSFingerprint{
+			Algorithm: name,
+			Value:     value,
+		}
+	}
+
+	return res[:i+1], nil
+}
+
+// GenerateCertificate causes the creation of an X.509 certificate and
+// corresponding private key.
+func GenerateCertificate(secretKey crypto.PrivateKey) (*Certificate, error) {
+	// Max random value, a 130-bits integer, i.e 2^130 - 1
+	maxBigInt := new(big.Int)
+	/* #nosec */
+	maxBigInt.Exp(big.NewInt(2), big.NewInt(130), nil).Sub(maxBigInt, big.NewInt(1))
+	/* #nosec */
+	serialNumber, err := rand.Int(rand.Reader, maxBigInt)
+	if err != nil {
+		return nil, &rtcerr.UnknownError{Err: err}
+	}
+
+	return NewCertificate(secretKey, x509.Certificate{
+		Issuer:       pkix.Name{CommonName: generatedCertificateOrigin},
+		NotBefore:    time.Now().AddDate(0, 0, -1),
+		NotAfter:     time.Now().AddDate(0, 1, -1),
+		SerialNumber: serialNumber,
+		Version:      2,
+		Subject:      pkix.Name{CommonName: generatedCertificateOrigin},
+	})
+}
+
+// CertificateFromX509 creates a new WebRTC Certificate from a given PrivateKey and Certificate
+//
+// This can be used if you want to share a certificate across multiple PeerConnections
+func CertificateFromX509(privateKey crypto.PrivateKey, certificate *x509.Certificate) Certificate {
+	return Certificate{privateKey, certificate, fmt.Sprintf("certificate-%d", time.Now().UnixNano())}
+}
+
+func (c Certificate) collectStats(report *statsReportCollector) error {
+	report.Collecting()
+
+	fingerPrintAlgo, err := c.GetFingerprints()
+	if err != nil {
+		return err
+	}
+
+	base64Certificate := base64.RawURLEncoding.EncodeToString(c.x509Cert.Raw)
+
+	stats := CertificateStats{
+		Timestamp:            statsTimestampFrom(time.Now()),
+		Type:                 StatsTypeCertificate,
+		ID:                   c.statsID,
+		Fingerprint:          fingerPrintAlgo[0].Value,
+		FingerprintAlgorithm: fingerPrintAlgo[0].Algorithm,
+		Base64Certificate:    base64Certificate,
+		IssuerCertificateID:  c.x509Cert.Issuer.String(),
+	}
+
+	report.Collect(stats.ID, stats)
+	return nil
+}
+
+// CertificateFromPEM creates a fresh certificate based on a string containing
+// pem blocks fort the private key and x509 certificate
+func CertificateFromPEM(pems string) (*Certificate, error) {
+	// decode & parse the certificate
+	block, more := pem.Decode([]byte(pems))
+	if block == nil || block.Type != "CERTIFICATE" {
+		return nil, errCertificatePEMFormatError
+	}
+	certBytes := make([]byte, base64.StdEncoding.DecodedLen(len(block.Bytes)))
+	n, err := base64.StdEncoding.Decode(certBytes, block.Bytes)
+	if err != nil {
+		return nil, fmt.Errorf("failed to decode ceritifcate: %w", err)
+	}
+	cert, err := x509.ParseCertificate(certBytes[:n])
+	if err != nil {
+		return nil, fmt.Errorf("failed parsing ceritifcate: %w", err)
+	}
+	// decode & parse the private key
+	block, _ = pem.Decode(more)
+	if block == nil || block.Type != "PRIVATE KEY" {
+		return nil, errCertificatePEMFormatError
+	}
+	privateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
+	if err != nil {
+		return nil, fmt.Errorf("unable to parse private key: %w", err)
+	}
+	x := CertificateFromX509(privateKey, cert)
+	return &x, nil
+}
+
+// PEM returns the certificate encoded as two pem block: once for the X509
+// certificate and the other for the private key
+func (c Certificate) PEM() (string, error) {
+	// First write the X509 certificate
+	var o strings.Builder
+	xcertBytes := make(
+		[]byte, base64.StdEncoding.EncodedLen(len(c.x509Cert.Raw)))
+	base64.StdEncoding.Encode(xcertBytes, c.x509Cert.Raw)
+	err := pem.Encode(&o, &pem.Block{Type: "CERTIFICATE", Bytes: xcertBytes})
+	if err != nil {
+		return "", fmt.Errorf("failed to pem encode the X certificate: %w", err)
+	}
+	// Next write the private key
+	privBytes, err := x509.MarshalPKCS8PrivateKey(c.privateKey)
+	if err != nil {
+		return "", fmt.Errorf("failed to marshal private key: %w", err)
+	}
+	err = pem.Encode(&o, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes})
+	if err != nil {
+		return "", fmt.Errorf("failed to encode private key: %w", err)
+	}
+	return o.String(), nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/codecov.yml b/server/vendor/github.com/pion/webrtc/v3/codecov.yml
new file mode 100644
index 0000000..263e4d4
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/codecov.yml
@@ -0,0 +1,22 @@
+#
+# DO NOT EDIT THIS FILE
+#
+# It is automatically copied from https://github.com/pion/.goassets repository.
+#
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+coverage:
+  status:
+    project:
+      default:
+        # Allow decreasing 2% of total coverage to avoid noise.
+        threshold: 2%
+    patch:
+      default:
+        target: 70%
+        only_pulls: true
+
+ignore:
+  - "examples/*"
+  - "examples/**/*"
diff --git a/server/vendor/github.com/pion/webrtc/v3/configuration.go b/server/vendor/github.com/pion/webrtc/v3/configuration.go
new file mode 100644
index 0000000..90be318
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/configuration.go
@@ -0,0 +1,55 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+// A Configuration defines how peer-to-peer communication via PeerConnection
+// is established or re-established.
+// Configurations may be set up once and reused across multiple connections.
+// Configurations are treated as readonly. As long as they are unmodified,
+// they are safe for concurrent use.
+type Configuration struct {
+	// ICEServers defines a slice describing servers available to be used by
+	// ICE, such as STUN and TURN servers.
+	ICEServers []ICEServer `json:"iceServers,omitempty"`
+
+	// ICETransportPolicy indicates which candidates the ICEAgent is allowed
+	// to use.
+	ICETransportPolicy ICETransportPolicy `json:"iceTransportPolicy,omitempty"`
+
+	// BundlePolicy indicates which media-bundling policy to use when gathering
+	// ICE candidates.
+	BundlePolicy BundlePolicy `json:"bundlePolicy,omitempty"`
+
+	// RTCPMuxPolicy indicates which rtcp-mux policy to use when gathering ICE
+	// candidates.
+	RTCPMuxPolicy RTCPMuxPolicy `json:"rtcpMuxPolicy,omitempty"`
+
+	// PeerIdentity sets the target peer identity for the PeerConnection.
+	// The PeerConnection will not establish a connection to a remote peer
+	// unless it can be successfully authenticated with the provided name.
+	PeerIdentity string `json:"peerIdentity,omitempty"`
+
+	// Certificates describes a set of certificates that the PeerConnection
+	// uses to authenticate. Valid values for this parameter are created
+	// through calls to the GenerateCertificate function. Although any given
+	// DTLS connection will use only one certificate, this attribute allows the
+	// caller to provide multiple certificates that support different
+	// algorithms. The final certificate will be selected based on the DTLS
+	// handshake, which establishes which certificates are allowed. The
+	// PeerConnection implementation selects which of the certificates is
+	// used for a given connection; how certificates are selected is outside
+	// the scope of this specification. If this value is absent, then a default
+	// set of certificates is generated for each PeerConnection instance.
+	Certificates []Certificate `json:"certificates,omitempty"`
+
+	// ICECandidatePoolSize describes the size of the prefetched ICE pool.
+	ICECandidatePoolSize uint8 `json:"iceCandidatePoolSize,omitempty"`
+
+	// SDPSemantics controls the type of SDP offers accepted by and
+	// SDP answers generated by the PeerConnection.
+	SDPSemantics SDPSemantics `json:"sdpSemantics,omitempty"`
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/configuration_common.go b/server/vendor/github.com/pion/webrtc/v3/configuration_common.go
new file mode 100644
index 0000000..a3acdf5
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/configuration_common.go
@@ -0,0 +1,27 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import "strings"
+
+// getICEServers side-steps the strict parsing mode of the ice package
+// (as defined in https://tools.ietf.org/html/rfc7064) by copying and then
+// stripping any erroneous queries from "stun(s):" URLs before parsing.
+func (c Configuration) getICEServers() []ICEServer {
+	iceServers := append([]ICEServer{}, c.ICEServers...)
+
+	for iceServersIndex := range iceServers {
+		iceServers[iceServersIndex].URLs = append([]string{}, iceServers[iceServersIndex].URLs...)
+
+		for urlsIndex, rawURL := range iceServers[iceServersIndex].URLs {
+			if strings.HasPrefix(rawURL, "stun") {
+				// strip the query from "stun(s):" if present
+				parts := strings.Split(rawURL, "?")
+				rawURL = parts[0]
+			}
+			iceServers[iceServersIndex].URLs[urlsIndex] = rawURL
+		}
+	}
+	return iceServers
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/configuration_js.go b/server/vendor/github.com/pion/webrtc/v3/configuration_js.go
new file mode 100644
index 0000000..097085f
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/configuration_js.go
@@ -0,0 +1,39 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+// Configuration defines a set of parameters to configure how the
+// peer-to-peer communication via PeerConnection is established or
+// re-established.
+type Configuration struct {
+	// ICEServers defines a slice describing servers available to be used by
+	// ICE, such as STUN and TURN servers.
+	ICEServers []ICEServer
+
+	// ICETransportPolicy indicates which candidates the ICEAgent is allowed
+	// to use.
+	ICETransportPolicy ICETransportPolicy
+
+	// BundlePolicy indicates which media-bundling policy to use when gathering
+	// ICE candidates.
+	BundlePolicy BundlePolicy
+
+	// RTCPMuxPolicy indicates which rtcp-mux policy to use when gathering ICE
+	// candidates.
+	RTCPMuxPolicy RTCPMuxPolicy
+
+	// PeerIdentity sets the target peer identity for the PeerConnection.
+	// The PeerConnection will not establish a connection to a remote peer
+	// unless it can be successfully authenticated with the provided name.
+	PeerIdentity string
+
+	// Certificates are not supported in the JavaScript/Wasm bindings.
+	// Certificates []Certificate
+
+	// ICECandidatePoolSize describes the size of the prefetched ICE pool.
+	ICECandidatePoolSize uint8
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/constants.go b/server/vendor/github.com/pion/webrtc/v3/constants.go
new file mode 100644
index 0000000..c8ebb7b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/constants.go
@@ -0,0 +1,52 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import "github.com/pion/dtls/v2"
+
+const (
+	// Unknown defines default public constant to use for "enum" like struct
+	// comparisons when no value was defined.
+	Unknown    = iota
+	unknownStr = "unknown"
+
+	// Equal to UDP MTU
+	receiveMTU = 1460
+
+	// simulcastProbeCount is the amount of RTP Packets
+	// that handleUndeclaredSSRC will read and try to dispatch from
+	// mid and rid values
+	simulcastProbeCount = 10
+
+	// simulcastMaxProbeRoutines is how many active routines can be used to probe
+	// If the total amount of incoming SSRCes exceeds this new requests will be ignored
+	simulcastMaxProbeRoutines = 25
+
+	mediaSectionApplication = "application"
+
+	sdpAttributeRid = "rid"
+
+	sdpAttributeSimulcast = "simulcast"
+
+	rtpOutboundMTU = 1200
+
+	rtpPayloadTypeBitmask = 0x7F
+
+	incomingUnhandledRTPSsrc = "Incoming unhandled RTP ssrc(%d), OnTrack will not be fired. %v"
+
+	generatedCertificateOrigin = "WebRTC"
+
+	sdesRepairRTPStreamIDURI = "urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-stream-id"
+
+	// AttributeRtxPayloadType is the interceptor attribute added when Read() returns an RTX packet containing the RTX stream payload type
+	AttributeRtxPayloadType = "rtx_payload_type"
+	// AttributeRtxSsrc is the interceptor attribute added when Read() returns an RTX packet containing the RTX stream SSRC
+	AttributeRtxSsrc = "rtx_ssrc"
+	// AttributeRtxSequenceNumber is the interceptor attribute added when Read() returns an RTX packet containing the RTX stream sequence number
+	AttributeRtxSequenceNumber = "rtx_sequence_number"
+)
+
+func defaultSrtpProtectionProfiles() []dtls.SRTPProtectionProfile {
+	return []dtls.SRTPProtectionProfile{dtls.SRTP_AEAD_AES_256_GCM, dtls.SRTP_AEAD_AES_128_GCM, dtls.SRTP_AES128_CM_HMAC_SHA1_80}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/datachannel.go b/server/vendor/github.com/pion/webrtc/v3/datachannel.go
new file mode 100644
index 0000000..c3ce10b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/datachannel.go
@@ -0,0 +1,695 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"math"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/datachannel"
+	"github.com/pion/logging"
+	"github.com/pion/webrtc/v3/pkg/rtcerr"
+)
+
+const dataChannelBufferSize = math.MaxUint16 // message size limit for Chromium
+var errSCTPNotEstablished = errors.New("SCTP not established")
+
+// DataChannel represents a WebRTC DataChannel
+// The DataChannel interface represents a network channel
+// which can be used for bidirectional peer-to-peer transfers of arbitrary data
+type DataChannel struct {
+	mu sync.RWMutex
+
+	statsID                    string
+	label                      string
+	ordered                    bool
+	maxPacketLifeTime          *uint16
+	maxRetransmits             *uint16
+	protocol                   string
+	negotiated                 bool
+	id                         *uint16
+	readyState                 atomic.Value // DataChannelState
+	bufferedAmountLowThreshold uint64
+	detachCalled               bool
+	readLoopActive             chan struct{}
+	isGracefulClosed           bool
+
+	// The binaryType represents attribute MUST, on getting, return the value to
+	// which it was last set. On setting, if the new value is either the string
+	// "blob" or the string "arraybuffer", then set the IDL attribute to this
+	// new value. Otherwise, throw a SyntaxError. When an DataChannel object
+	// is created, the binaryType attribute MUST be initialized to the string
+	// "blob". This attribute controls how binary data is exposed to scripts.
+	// binaryType                 string
+
+	onMessageHandler    func(DataChannelMessage)
+	openHandlerOnce     sync.Once
+	onOpenHandler       func()
+	dialHandlerOnce     sync.Once
+	onDialHandler       func()
+	onCloseHandler      func()
+	onBufferedAmountLow func()
+	onErrorHandler      func(error)
+
+	sctpTransport *SCTPTransport
+	dataChannel   *datachannel.DataChannel
+
+	// A reference to the associated api object used by this datachannel
+	api *API
+	log logging.LeveledLogger
+}
+
+// NewDataChannel creates a new DataChannel.
+// This constructor is part of the ORTC API. It is not
+// meant to be used together with the basic WebRTC API.
+func (api *API) NewDataChannel(transport *SCTPTransport, params *DataChannelParameters) (*DataChannel, error) {
+	d, err := api.newDataChannel(params, nil, api.settingEngine.LoggerFactory.NewLogger("ortc"))
+	if err != nil {
+		return nil, err
+	}
+
+	err = d.open(transport)
+	if err != nil {
+		return nil, err
+	}
+
+	return d, nil
+}
+
+// newDataChannel is an internal constructor for the data channel used to
+// create the DataChannel object before the networking is set up.
+func (api *API) newDataChannel(params *DataChannelParameters, sctpTransport *SCTPTransport, log logging.LeveledLogger) (*DataChannel, error) {
+	// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #5)
+	if len(params.Label) > 65535 {
+		return nil, &rtcerr.TypeError{Err: ErrStringSizeLimit}
+	}
+
+	d := &DataChannel{
+		sctpTransport:     sctpTransport,
+		statsID:           fmt.Sprintf("DataChannel-%d", time.Now().UnixNano()),
+		label:             params.Label,
+		protocol:          params.Protocol,
+		negotiated:        params.Negotiated,
+		id:                params.ID,
+		ordered:           params.Ordered,
+		maxPacketLifeTime: params.MaxPacketLifeTime,
+		maxRetransmits:    params.MaxRetransmits,
+		api:               api,
+		log:               log,
+	}
+
+	d.setReadyState(DataChannelStateConnecting)
+	return d, nil
+}
+
+// open opens the datachannel over the sctp transport
+func (d *DataChannel) open(sctpTransport *SCTPTransport) error {
+	association := sctpTransport.association()
+	if association == nil {
+		return errSCTPNotEstablished
+	}
+
+	d.mu.Lock()
+	if d.sctpTransport != nil { // already open
+		d.mu.Unlock()
+		return nil
+	}
+	d.sctpTransport = sctpTransport
+	var channelType datachannel.ChannelType
+	var reliabilityParameter uint32
+
+	switch {
+	case d.maxPacketLifeTime == nil && d.maxRetransmits == nil:
+		if d.ordered {
+			channelType = datachannel.ChannelTypeReliable
+		} else {
+			channelType = datachannel.ChannelTypeReliableUnordered
+		}
+
+	case d.maxRetransmits != nil:
+		reliabilityParameter = uint32(*d.maxRetransmits)
+		if d.ordered {
+			channelType = datachannel.ChannelTypePartialReliableRexmit
+		} else {
+			channelType = datachannel.ChannelTypePartialReliableRexmitUnordered
+		}
+	default:
+		reliabilityParameter = uint32(*d.maxPacketLifeTime)
+		if d.ordered {
+			channelType = datachannel.ChannelTypePartialReliableTimed
+		} else {
+			channelType = datachannel.ChannelTypePartialReliableTimedUnordered
+		}
+	}
+
+	cfg := &datachannel.Config{
+		ChannelType:          channelType,
+		Priority:             datachannel.ChannelPriorityNormal,
+		ReliabilityParameter: reliabilityParameter,
+		Label:                d.label,
+		Protocol:             d.protocol,
+		Negotiated:           d.negotiated,
+		LoggerFactory:        d.api.settingEngine.LoggerFactory,
+	}
+
+	if d.id == nil {
+		// avoid holding lock when generating ID, since id generation locks
+		d.mu.Unlock()
+		var dcID *uint16
+		err := d.sctpTransport.generateAndSetDataChannelID(d.sctpTransport.dtlsTransport.role(), &dcID)
+		if err != nil {
+			return err
+		}
+		d.mu.Lock()
+		d.id = dcID
+	}
+	dc, err := datachannel.Dial(association, *d.id, cfg)
+	if err != nil {
+		d.mu.Unlock()
+		return err
+	}
+
+	// bufferedAmountLowThreshold and onBufferedAmountLow might be set earlier
+	dc.SetBufferedAmountLowThreshold(d.bufferedAmountLowThreshold)
+	dc.OnBufferedAmountLow(d.onBufferedAmountLow)
+	d.mu.Unlock()
+
+	d.onDial()
+	d.handleOpen(dc, false, d.negotiated)
+	return nil
+}
+
+// Transport returns the SCTPTransport instance the DataChannel is sending over.
+func (d *DataChannel) Transport() *SCTPTransport {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	return d.sctpTransport
+}
+
+// After onOpen is complete check that the user called detach
+// and provide an error message if the call was missed
+func (d *DataChannel) checkDetachAfterOpen() {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	if d.api.settingEngine.detach.DataChannels && !d.detachCalled {
+		d.log.Warn("webrtc.DetachDataChannels() enabled but didn't Detach, call Detach from OnOpen")
+	}
+}
+
+// OnOpen sets an event handler which is invoked when
+// the underlying data transport has been established (or re-established).
+func (d *DataChannel) OnOpen(f func()) {
+	d.mu.Lock()
+	d.openHandlerOnce = sync.Once{}
+	d.onOpenHandler = f
+	d.mu.Unlock()
+
+	if d.ReadyState() == DataChannelStateOpen {
+		// If the data channel is already open, call the handler immediately.
+		go d.openHandlerOnce.Do(func() {
+			f()
+			d.checkDetachAfterOpen()
+		})
+	}
+}
+
+func (d *DataChannel) onOpen() {
+	d.mu.RLock()
+	handler := d.onOpenHandler
+	if d.isGracefulClosed {
+		d.mu.RUnlock()
+		return
+	}
+	d.mu.RUnlock()
+
+	if handler != nil {
+		go d.openHandlerOnce.Do(func() {
+			handler()
+			d.checkDetachAfterOpen()
+		})
+	}
+}
+
+// OnDial sets an event handler which is invoked when the
+// peer has been dialed, but before said peer has responsed
+func (d *DataChannel) OnDial(f func()) {
+	d.mu.Lock()
+	d.dialHandlerOnce = sync.Once{}
+	d.onDialHandler = f
+	d.mu.Unlock()
+
+	if d.ReadyState() == DataChannelStateOpen {
+		// If the data channel is already open, call the handler immediately.
+		go d.dialHandlerOnce.Do(f)
+	}
+}
+
+func (d *DataChannel) onDial() {
+	d.mu.RLock()
+	handler := d.onDialHandler
+	if d.isGracefulClosed {
+		d.mu.RUnlock()
+		return
+	}
+	d.mu.RUnlock()
+
+	if handler != nil {
+		go d.dialHandlerOnce.Do(handler)
+	}
+}
+
+// OnClose sets an event handler which is invoked when
+// the underlying data transport has been closed.
+// Note: Due to backwards compatibility, there is a chance that
+// OnClose can be called, even if the GracefulClose is used.
+// If this is the case for you, you can deregister OnClose
+// prior to GracefulClose.
+func (d *DataChannel) OnClose(f func()) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+	d.onCloseHandler = f
+}
+
+func (d *DataChannel) onClose() {
+	d.mu.RLock()
+	handler := d.onCloseHandler
+	d.mu.RUnlock()
+
+	if handler != nil {
+		go handler()
+	}
+}
+
+// OnMessage sets an event handler which is invoked on a binary
+// message arrival over the sctp transport from a remote peer.
+// OnMessage can currently receive messages up to 16384 bytes
+// in size. Check out the detach API if you want to use larger
+// message sizes. Note that browser support for larger messages
+// is also limited.
+func (d *DataChannel) OnMessage(f func(msg DataChannelMessage)) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+	d.onMessageHandler = f
+}
+
+func (d *DataChannel) onMessage(msg DataChannelMessage) {
+	d.mu.RLock()
+	handler := d.onMessageHandler
+	if d.isGracefulClosed {
+		d.mu.RUnlock()
+		return
+	}
+	d.mu.RUnlock()
+
+	if handler == nil {
+		return
+	}
+	handler(msg)
+}
+
+func (d *DataChannel) handleOpen(dc *datachannel.DataChannel, isRemote, isAlreadyNegotiated bool) {
+	d.mu.Lock()
+	if d.isGracefulClosed {
+		d.mu.Unlock()
+		return
+	}
+	d.dataChannel = dc
+	bufferedAmountLowThreshold := d.bufferedAmountLowThreshold
+	onBufferedAmountLow := d.onBufferedAmountLow
+	d.mu.Unlock()
+	d.setReadyState(DataChannelStateOpen)
+
+	// Fire the OnOpen handler immediately not using pion/datachannel
+	// * detached datachannels have no read loop, the user needs to read and query themselves
+	// * remote datachannels should fire OnOpened. This isn't spec compliant, but we can't break behavior yet
+	// * already negotiated datachannels should fire OnOpened
+	if d.api.settingEngine.detach.DataChannels || isRemote || isAlreadyNegotiated {
+		// bufferedAmountLowThreshold and onBufferedAmountLow might be set earlier
+		d.dataChannel.SetBufferedAmountLowThreshold(bufferedAmountLowThreshold)
+		d.dataChannel.OnBufferedAmountLow(onBufferedAmountLow)
+		d.onOpen()
+	} else {
+		dc.OnOpen(func() {
+			d.onOpen()
+		})
+	}
+
+	d.mu.Lock()
+	defer d.mu.Unlock()
+
+	if d.isGracefulClosed {
+		return
+	}
+
+	if !d.api.settingEngine.detach.DataChannels {
+		d.readLoopActive = make(chan struct{})
+		go d.readLoop()
+	}
+}
+
+// OnError sets an event handler which is invoked when
+// the underlying data transport cannot be read.
+func (d *DataChannel) OnError(f func(err error)) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+	d.onErrorHandler = f
+}
+
+func (d *DataChannel) onError(err error) {
+	d.mu.RLock()
+	handler := d.onErrorHandler
+	if d.isGracefulClosed {
+		d.mu.RUnlock()
+		return
+	}
+	d.mu.RUnlock()
+
+	if handler != nil {
+		go handler(err)
+	}
+}
+
+// See https://github.com/pion/webrtc/issues/1516
+// nolint:gochecknoglobals
+var rlBufPool = sync.Pool{New: func() interface{} {
+	return make([]byte, dataChannelBufferSize)
+}}
+
+func (d *DataChannel) readLoop() {
+	defer func() {
+		d.mu.Lock()
+		readLoopActive := d.readLoopActive
+		d.mu.Unlock()
+		defer close(readLoopActive)
+	}()
+	for {
+		buffer := rlBufPool.Get().([]byte) //nolint:forcetypeassert
+		n, isString, err := d.dataChannel.ReadDataChannel(buffer)
+		if err != nil {
+			rlBufPool.Put(buffer) // nolint:staticcheck
+			d.setReadyState(DataChannelStateClosed)
+			if !errors.Is(err, io.EOF) {
+				d.onError(err)
+			}
+			d.onClose()
+			return
+		}
+
+		m := DataChannelMessage{Data: make([]byte, n), IsString: isString}
+		copy(m.Data, buffer[:n])
+		// The 'staticcheck' pragma is a false positive on the part of the CI linter.
+		rlBufPool.Put(buffer) // nolint:staticcheck
+
+		// NB: Why was DataChannelMessage not passed as a pointer value?
+		d.onMessage(m) // nolint:staticcheck
+	}
+}
+
+// Send sends the binary message to the DataChannel peer
+func (d *DataChannel) Send(data []byte) error {
+	err := d.ensureOpen()
+	if err != nil {
+		return err
+	}
+
+	_, err = d.dataChannel.WriteDataChannel(data, false)
+	return err
+}
+
+// SendText sends the text message to the DataChannel peer
+func (d *DataChannel) SendText(s string) error {
+	err := d.ensureOpen()
+	if err != nil {
+		return err
+	}
+
+	_, err = d.dataChannel.WriteDataChannel([]byte(s), true)
+	return err
+}
+
+func (d *DataChannel) ensureOpen() error {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+	if d.ReadyState() != DataChannelStateOpen {
+		return io.ErrClosedPipe
+	}
+	return nil
+}
+
+// Detach allows you to detach the underlying datachannel. This provides
+// an idiomatic API to work with, however it disables the OnMessage callback.
+// Before calling Detach you have to enable this behavior by calling
+// webrtc.DetachDataChannels(). Combining detached and normal data channels
+// is not supported.
+// Please refer to the data-channels-detach example and the
+// pion/datachannel documentation for the correct way to handle the
+// resulting DataChannel object.
+func (d *DataChannel) Detach() (datachannel.ReadWriteCloser, error) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+
+	if !d.api.settingEngine.detach.DataChannels {
+		return nil, errDetachNotEnabled
+	}
+
+	if d.dataChannel == nil {
+		return nil, errDetachBeforeOpened
+	}
+
+	d.detachCalled = true
+
+	return d.dataChannel, nil
+}
+
+// Close Closes the DataChannel. It may be called regardless of whether
+// the DataChannel object was created by this peer or the remote peer.
+func (d *DataChannel) Close() error {
+	return d.close(false)
+}
+
+// GracefulClose Closes the DataChannel. It may be called regardless of whether
+// the DataChannel object was created by this peer or the remote peer. It also waits
+// for any goroutines it started to complete. This is only safe to call outside of
+// DataChannel callbacks or if in a callback, in its own goroutine.
+func (d *DataChannel) GracefulClose() error {
+	return d.close(true)
+}
+
+// Normally, close only stops writes from happening, so graceful=true
+// will wait for reads to be finished based on underlying SCTP association
+// closure or a SCTP reset stream from the other side. This is safe to call
+// with graceful=true after tearing down a PeerConnection but not
+// necessarily before. For example, if you used a vnet and dropped all packets
+// right before closing the DataChannel, you'd need never see a reset stream.
+func (d *DataChannel) close(shouldGracefullyClose bool) error {
+	d.mu.Lock()
+	d.isGracefulClosed = true
+	readLoopActive := d.readLoopActive
+	if shouldGracefullyClose && readLoopActive != nil {
+		defer func() {
+			<-readLoopActive
+		}()
+	}
+	haveSctpTransport := d.dataChannel != nil
+	d.mu.Unlock()
+
+	if d.ReadyState() == DataChannelStateClosed {
+		return nil
+	}
+
+	d.setReadyState(DataChannelStateClosing)
+	if !haveSctpTransport {
+		return nil
+	}
+
+	return d.dataChannel.Close()
+}
+
+// Label represents a label that can be used to distinguish this
+// DataChannel object from other DataChannel objects. Scripts are
+// allowed to create multiple DataChannel objects with the same label.
+func (d *DataChannel) Label() string {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	return d.label
+}
+
+// Ordered returns true if the DataChannel is ordered, and false if
+// out-of-order delivery is allowed.
+func (d *DataChannel) Ordered() bool {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	return d.ordered
+}
+
+// MaxPacketLifeTime represents the length of the time window (msec) during
+// which transmissions and retransmissions may occur in unreliable mode.
+func (d *DataChannel) MaxPacketLifeTime() *uint16 {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	return d.maxPacketLifeTime
+}
+
+// MaxRetransmits represents the maximum number of retransmissions that are
+// attempted in unreliable mode.
+func (d *DataChannel) MaxRetransmits() *uint16 {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	return d.maxRetransmits
+}
+
+// Protocol represents the name of the sub-protocol used with this
+// DataChannel.
+func (d *DataChannel) Protocol() string {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	return d.protocol
+}
+
+// Negotiated represents whether this DataChannel was negotiated by the
+// application (true), or not (false).
+func (d *DataChannel) Negotiated() bool {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	return d.negotiated
+}
+
+// ID represents the ID for this DataChannel. The value is initially
+// null, which is what will be returned if the ID was not provided at
+// channel creation time, and the DTLS role of the SCTP transport has not
+// yet been negotiated. Otherwise, it will return the ID that was either
+// selected by the script or generated. After the ID is set to a non-null
+// value, it will not change.
+func (d *DataChannel) ID() *uint16 {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	return d.id
+}
+
+// ReadyState represents the state of the DataChannel object.
+func (d *DataChannel) ReadyState() DataChannelState {
+	if v, ok := d.readyState.Load().(DataChannelState); ok {
+		return v
+	}
+	return DataChannelState(0)
+}
+
+// BufferedAmount represents the number of bytes of application data
+// (UTF-8 text and binary data) that have been queued using send(). Even
+// though the data transmission can occur in parallel, the returned value
+// MUST NOT be decreased before the current task yielded back to the event
+// loop to prevent race conditions. The value does not include framing
+// overhead incurred by the protocol, or buffering done by the operating
+// system or network hardware. The value of BufferedAmount slot will only
+// increase with each call to the send() method as long as the ReadyState is
+// open; however, BufferedAmount does not reset to zero once the channel
+// closes.
+func (d *DataChannel) BufferedAmount() uint64 {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	if d.dataChannel == nil {
+		return 0
+	}
+	return d.dataChannel.BufferedAmount()
+}
+
+// BufferedAmountLowThreshold represents the threshold at which the
+// bufferedAmount is considered to be low. When the bufferedAmount decreases
+// from above this threshold to equal or below it, the bufferedamountlow
+// event fires. BufferedAmountLowThreshold is initially zero on each new
+// DataChannel, but the application may change its value at any time.
+// The threshold is set to 0 by default.
+func (d *DataChannel) BufferedAmountLowThreshold() uint64 {
+	d.mu.RLock()
+	defer d.mu.RUnlock()
+
+	if d.dataChannel == nil {
+		return d.bufferedAmountLowThreshold
+	}
+	return d.dataChannel.BufferedAmountLowThreshold()
+}
+
+// SetBufferedAmountLowThreshold is used to update the threshold.
+// See BufferedAmountLowThreshold().
+func (d *DataChannel) SetBufferedAmountLowThreshold(th uint64) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+
+	d.bufferedAmountLowThreshold = th
+
+	if d.dataChannel != nil {
+		d.dataChannel.SetBufferedAmountLowThreshold(th)
+	}
+}
+
+// OnBufferedAmountLow sets an event handler which is invoked when
+// the number of bytes of outgoing data becomes lower than the
+// BufferedAmountLowThreshold.
+func (d *DataChannel) OnBufferedAmountLow(f func()) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+
+	d.onBufferedAmountLow = f
+	if d.dataChannel != nil {
+		d.dataChannel.OnBufferedAmountLow(f)
+	}
+}
+
+func (d *DataChannel) getStatsID() string {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+	return d.statsID
+}
+
+func (d *DataChannel) collectStats(collector *statsReportCollector) {
+	collector.Collecting()
+
+	d.mu.Lock()
+	defer d.mu.Unlock()
+
+	stats := DataChannelStats{
+		Timestamp: statsTimestampNow(),
+		Type:      StatsTypeDataChannel,
+		ID:        d.statsID,
+		Label:     d.label,
+		Protocol:  d.protocol,
+		// TransportID string `json:"transportId"`
+		State: d.ReadyState(),
+	}
+
+	if d.id != nil {
+		stats.DataChannelIdentifier = int32(*d.id)
+	}
+
+	if d.dataChannel != nil {
+		stats.MessagesSent = d.dataChannel.MessagesSent()
+		stats.BytesSent = d.dataChannel.BytesSent()
+		stats.MessagesReceived = d.dataChannel.MessagesReceived()
+		stats.BytesReceived = d.dataChannel.BytesReceived()
+	}
+
+	collector.Collect(stats.ID, stats)
+}
+
+func (d *DataChannel) setReadyState(r DataChannelState) {
+	d.readyState.Store(r)
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/datachannel_js.go b/server/vendor/github.com/pion/webrtc/v3/datachannel_js.go
new file mode 100644
index 0000000..a34ab6e
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/datachannel_js.go
@@ -0,0 +1,323 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import (
+	"fmt"
+	"syscall/js"
+
+	"github.com/pion/datachannel"
+)
+
+const dataChannelBufferSize = 16384 // Lowest common denominator among browsers
+
+// DataChannel represents a WebRTC DataChannel
+// The DataChannel interface represents a network channel
+// which can be used for bidirectional peer-to-peer transfers of arbitrary data
+type DataChannel struct {
+	// Pointer to the underlying JavaScript RTCPeerConnection object.
+	underlying js.Value
+
+	// Keep track of handlers/callbacks so we can call Release as required by the
+	// syscall/js API. Initially nil.
+	onOpenHandler       *js.Func
+	onCloseHandler      *js.Func
+	onMessageHandler    *js.Func
+	onBufferedAmountLow *js.Func
+
+	// A reference to the associated api object used by this datachannel
+	api *API
+}
+
+// OnOpen sets an event handler which is invoked when
+// the underlying data transport has been established (or re-established).
+func (d *DataChannel) OnOpen(f func()) {
+	if d.onOpenHandler != nil {
+		oldHandler := d.onOpenHandler
+		defer oldHandler.Release()
+	}
+	onOpenHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		go f()
+		return js.Undefined()
+	})
+	d.onOpenHandler = &onOpenHandler
+	d.underlying.Set("onopen", onOpenHandler)
+}
+
+// OnClose sets an event handler which is invoked when
+// the underlying data transport has been closed.
+func (d *DataChannel) OnClose(f func()) {
+	if d.onCloseHandler != nil {
+		oldHandler := d.onCloseHandler
+		defer oldHandler.Release()
+	}
+	onCloseHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		go f()
+		return js.Undefined()
+	})
+	d.onCloseHandler = &onCloseHandler
+	d.underlying.Set("onclose", onCloseHandler)
+}
+
+// OnMessage sets an event handler which is invoked on a binary message arrival
+// from a remote peer. Note that browsers may place limitations on message size.
+func (d *DataChannel) OnMessage(f func(msg DataChannelMessage)) {
+	if d.onMessageHandler != nil {
+		oldHandler := d.onMessageHandler
+		defer oldHandler.Release()
+	}
+	onMessageHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		// pion/webrtc/projects/15
+		data := args[0].Get("data")
+		go func() {
+			// valueToDataChannelMessage may block when handling 'Blob' data
+			// so we need to call it from a new routine. See:
+			// https://pkg.go.dev/syscall/js#FuncOf
+			msg := valueToDataChannelMessage(data)
+			f(msg)
+		}()
+		return js.Undefined()
+	})
+	d.onMessageHandler = &onMessageHandler
+	d.underlying.Set("onmessage", onMessageHandler)
+}
+
+// Send sends the binary message to the DataChannel peer
+func (d *DataChannel) Send(data []byte) (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	array := js.Global().Get("Uint8Array").New(len(data))
+	js.CopyBytesToJS(array, data)
+	d.underlying.Call("send", array)
+	return nil
+}
+
+// SendText sends the text message to the DataChannel peer
+func (d *DataChannel) SendText(s string) (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	d.underlying.Call("send", s)
+	return nil
+}
+
+// Detach allows you to detach the underlying datachannel. This provides
+// an idiomatic API to work with, however it disables the OnMessage callback.
+// Before calling Detach you have to enable this behavior by calling
+// webrtc.DetachDataChannels(). Combining detached and normal data channels
+// is not supported.
+// Please reffer to the data-channels-detach example and the
+// pion/datachannel documentation for the correct way to handle the
+// resulting DataChannel object.
+func (d *DataChannel) Detach() (datachannel.ReadWriteCloser, error) {
+	if !d.api.settingEngine.detach.DataChannels {
+		return nil, fmt.Errorf("enable detaching by calling webrtc.DetachDataChannels()")
+	}
+
+	detached := newDetachedDataChannel(d)
+	return detached, nil
+}
+
+// Close Closes the DataChannel. It may be called regardless of whether
+// the DataChannel object was created by this peer or the remote peer.
+func (d *DataChannel) Close() (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+
+	d.underlying.Call("close")
+
+	// Release any handlers as required by the syscall/js API.
+	if d.onOpenHandler != nil {
+		d.onOpenHandler.Release()
+	}
+	if d.onCloseHandler != nil {
+		d.onCloseHandler.Release()
+	}
+	if d.onMessageHandler != nil {
+		d.onMessageHandler.Release()
+	}
+	if d.onBufferedAmountLow != nil {
+		d.onBufferedAmountLow.Release()
+	}
+
+	return nil
+}
+
+// Label represents a label that can be used to distinguish this
+// DataChannel object from other DataChannel objects. Scripts are
+// allowed to create multiple DataChannel objects with the same label.
+func (d *DataChannel) Label() string {
+	return d.underlying.Get("label").String()
+}
+
+// Ordered represents if the DataChannel is ordered, and false if
+// out-of-order delivery is allowed.
+func (d *DataChannel) Ordered() bool {
+	ordered := d.underlying.Get("ordered")
+	if ordered.IsUndefined() {
+		return true // default is true
+	}
+	return ordered.Bool()
+}
+
+// MaxPacketLifeTime represents the length of the time window (msec) during
+// which transmissions and retransmissions may occur in unreliable mode.
+func (d *DataChannel) MaxPacketLifeTime() *uint16 {
+	if !d.underlying.Get("maxPacketLifeTime").IsUndefined() {
+		return valueToUint16Pointer(d.underlying.Get("maxPacketLifeTime"))
+	}
+
+	// See https://bugs.chromium.org/p/chromium/issues/detail?id=696681
+	// Chrome calls this "maxRetransmitTime"
+	return valueToUint16Pointer(d.underlying.Get("maxRetransmitTime"))
+}
+
+// MaxRetransmits represents the maximum number of retransmissions that are
+// attempted in unreliable mode.
+func (d *DataChannel) MaxRetransmits() *uint16 {
+	return valueToUint16Pointer(d.underlying.Get("maxRetransmits"))
+}
+
+// Protocol represents the name of the sub-protocol used with this
+// DataChannel.
+func (d *DataChannel) Protocol() string {
+	return d.underlying.Get("protocol").String()
+}
+
+// Negotiated represents whether this DataChannel was negotiated by the
+// application (true), or not (false).
+func (d *DataChannel) Negotiated() bool {
+	return d.underlying.Get("negotiated").Bool()
+}
+
+// ID represents the ID for this DataChannel. The value is initially
+// null, which is what will be returned if the ID was not provided at
+// channel creation time. Otherwise, it will return the ID that was either
+// selected by the script or generated. After the ID is set to a non-null
+// value, it will not change.
+func (d *DataChannel) ID() *uint16 {
+	return valueToUint16Pointer(d.underlying.Get("id"))
+}
+
+// ReadyState represents the state of the DataChannel object.
+func (d *DataChannel) ReadyState() DataChannelState {
+	return newDataChannelState(d.underlying.Get("readyState").String())
+}
+
+// BufferedAmount represents the number of bytes of application data
+// (UTF-8 text and binary data) that have been queued using send(). Even
+// though the data transmission can occur in parallel, the returned value
+// MUST NOT be decreased before the current task yielded back to the event
+// loop to prevent race conditions. The value does not include framing
+// overhead incurred by the protocol, or buffering done by the operating
+// system or network hardware. The value of BufferedAmount slot will only
+// increase with each call to the send() method as long as the ReadyState is
+// open; however, BufferedAmount does not reset to zero once the channel
+// closes.
+func (d *DataChannel) BufferedAmount() uint64 {
+	return uint64(d.underlying.Get("bufferedAmount").Int())
+}
+
+// BufferedAmountLowThreshold represents the threshold at which the
+// bufferedAmount is considered to be low. When the bufferedAmount decreases
+// from above this threshold to equal or below it, the bufferedamountlow
+// event fires. BufferedAmountLowThreshold is initially zero on each new
+// DataChannel, but the application may change its value at any time.
+func (d *DataChannel) BufferedAmountLowThreshold() uint64 {
+	return uint64(d.underlying.Get("bufferedAmountLowThreshold").Int())
+}
+
+// SetBufferedAmountLowThreshold is used to update the threshold.
+// See BufferedAmountLowThreshold().
+func (d *DataChannel) SetBufferedAmountLowThreshold(th uint64) {
+	d.underlying.Set("bufferedAmountLowThreshold", th)
+}
+
+// OnBufferedAmountLow sets an event handler which is invoked when
+// the number of bytes of outgoing data becomes lower than the
+// BufferedAmountLowThreshold.
+func (d *DataChannel) OnBufferedAmountLow(f func()) {
+	if d.onBufferedAmountLow != nil {
+		oldHandler := d.onBufferedAmountLow
+		defer oldHandler.Release()
+	}
+	onBufferedAmountLow := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		go f()
+		return js.Undefined()
+	})
+	d.onBufferedAmountLow = &onBufferedAmountLow
+	d.underlying.Set("onbufferedamountlow", onBufferedAmountLow)
+}
+
+// valueToDataChannelMessage converts the given value to a DataChannelMessage.
+// val should be obtained from MessageEvent.data where MessageEvent is received
+// via the RTCDataChannel.onmessage callback.
+func valueToDataChannelMessage(val js.Value) DataChannelMessage {
+	// If val is of type string, the conversion is straightforward.
+	if val.Type() == js.TypeString {
+		return DataChannelMessage{
+			IsString: true,
+			Data:     []byte(val.String()),
+		}
+	}
+
+	// For other types, we need to first determine val.constructor.name.
+	constructorName := val.Get("constructor").Get("name").String()
+	var data []byte
+	switch constructorName {
+	case "Uint8Array":
+		// We can easily convert Uint8Array to []byte
+		data = uint8ArrayValueToBytes(val)
+	case "Blob":
+		// Convert the Blob to an ArrayBuffer and then convert the ArrayBuffer
+		// to a Uint8Array.
+		// See: https://developer.mozilla.org/en-US/docs/Web/API/Blob
+
+		// The JavaScript API for reading from the Blob is asynchronous. We use a
+		// channel to signal when reading is done.
+		reader := js.Global().Get("FileReader").New()
+		doneChan := make(chan struct{})
+		reader.Call("addEventListener", "loadend", js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+			go func() {
+				// Signal that the FileReader is done reading/loading by sending through
+				// the doneChan.
+				doneChan <- struct{}{}
+			}()
+			return js.Undefined()
+		}))
+
+		reader.Call("readAsArrayBuffer", val)
+
+		// Wait for the FileReader to finish reading/loading.
+		<-doneChan
+
+		// At this point buffer.result is a typed array, which we know how to
+		// handle.
+		buffer := reader.Get("result")
+		uint8Array := js.Global().Get("Uint8Array").New(buffer)
+		data = uint8ArrayValueToBytes(uint8Array)
+	default:
+		// Assume we have an ArrayBufferView type which we can convert to a
+		// Uint8Array in JavaScript.
+		// See: https://developer.mozilla.org/en-US/docs/Web/API/ArrayBufferView
+		uint8Array := js.Global().Get("Uint8Array").New(val)
+		data = uint8ArrayValueToBytes(uint8Array)
+	}
+
+	return DataChannelMessage{
+		IsString: false,
+		Data:     data,
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/datachannel_js_detach.go b/server/vendor/github.com/pion/webrtc/v3/datachannel_js_detach.go
new file mode 100644
index 0000000..691e9d4
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/datachannel_js_detach.go
@@ -0,0 +1,75 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import (
+	"errors"
+)
+
+type detachedDataChannel struct {
+	dc *DataChannel
+
+	read chan DataChannelMessage
+	done chan struct{}
+}
+
+func newDetachedDataChannel(dc *DataChannel) *detachedDataChannel {
+	read := make(chan DataChannelMessage)
+	done := make(chan struct{})
+
+	// Wire up callbacks
+	dc.OnMessage(func(msg DataChannelMessage) {
+		read <- msg // pion/webrtc/projects/15
+	})
+
+	// pion/webrtc/projects/15
+
+	return &detachedDataChannel{
+		dc:   dc,
+		read: read,
+		done: done,
+	}
+}
+
+func (c *detachedDataChannel) Read(p []byte) (int, error) {
+	n, _, err := c.ReadDataChannel(p)
+	return n, err
+}
+
+func (c *detachedDataChannel) ReadDataChannel(p []byte) (int, bool, error) {
+	select {
+	case <-c.done:
+		return 0, false, errors.New("Reader closed")
+	case msg := <-c.read:
+		n := copy(p, msg.Data)
+		if n < len(msg.Data) {
+			return n, msg.IsString, errors.New("Read buffer to small")
+		}
+		return n, msg.IsString, nil
+	}
+}
+
+func (c *detachedDataChannel) Write(p []byte) (n int, err error) {
+	return c.WriteDataChannel(p, false)
+}
+
+func (c *detachedDataChannel) WriteDataChannel(p []byte, isString bool) (n int, err error) {
+	if isString {
+		err = c.dc.SendText(string(p))
+		return len(p), err
+	}
+
+	err = c.dc.Send(p)
+
+	return len(p), err
+}
+
+func (c *detachedDataChannel) Close() error {
+	close(c.done)
+
+	return c.dc.Close()
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/datachannelinit.go b/server/vendor/github.com/pion/webrtc/v3/datachannelinit.go
new file mode 100644
index 0000000..b1775b7
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/datachannelinit.go
@@ -0,0 +1,36 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// DataChannelInit can be used to configure properties of the underlying
+// channel such as data reliability.
+type DataChannelInit struct {
+	// Ordered indicates if data is allowed to be delivered out of order. The
+	// default value of true, guarantees that data will be delivered in order.
+	Ordered *bool
+
+	// MaxPacketLifeTime limits the time (in milliseconds) during which the
+	// channel will transmit or retransmit data if not acknowledged. This value
+	// may be clamped if it exceeds the maximum value supported.
+	MaxPacketLifeTime *uint16
+
+	// MaxRetransmits limits the number of times a channel will retransmit data
+	// if not successfully delivered. This value may be clamped if it exceeds
+	// the maximum value supported.
+	MaxRetransmits *uint16
+
+	// Protocol describes the subprotocol name used for this channel.
+	Protocol *string
+
+	// Negotiated describes if the data channel is created by the local peer or
+	// the remote peer. The default value of false tells the user agent to
+	// announce the channel in-band and instruct the other peer to dispatch a
+	// corresponding DataChannel. If set to true, it is up to the application
+	// to negotiate the channel and create an DataChannel with the same id
+	// at the other peer.
+	Negotiated *bool
+
+	// ID overrides the default selection of ID for this channel.
+	ID *uint16
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/datachannelmessage.go b/server/vendor/github.com/pion/webrtc/v3/datachannelmessage.go
new file mode 100644
index 0000000..ba12199
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/datachannelmessage.go
@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// DataChannelMessage represents a message received from the
+// data channel. IsString will be set to true if the incoming
+// message is of the string type. Otherwise the message is of
+// a binary type.
+type DataChannelMessage struct {
+	IsString bool
+	Data     []byte
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/datachannelparameters.go b/server/vendor/github.com/pion/webrtc/v3/datachannelparameters.go
new file mode 100644
index 0000000..9b4f7ef
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/datachannelparameters.go
@@ -0,0 +1,15 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// DataChannelParameters describes the configuration of the DataChannel.
+type DataChannelParameters struct {
+	Label             string  `json:"label"`
+	Protocol          string  `json:"protocol"`
+	ID                *uint16 `json:"id"`
+	Ordered           bool    `json:"ordered"`
+	MaxPacketLifeTime *uint16 `json:"maxPacketLifeTime"`
+	MaxRetransmits    *uint16 `json:"maxRetransmits"`
+	Negotiated        bool    `json:"negotiated"`
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/datachannelstate.go b/server/vendor/github.com/pion/webrtc/v3/datachannelstate.go
new file mode 100644
index 0000000..55dc916
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/datachannelstate.go
@@ -0,0 +1,75 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// DataChannelState indicates the state of a data channel.
+type DataChannelState int
+
+const (
+	// DataChannelStateConnecting indicates that the data channel is being
+	// established. This is the initial state of DataChannel, whether created
+	// with CreateDataChannel, or dispatched as a part of an DataChannelEvent.
+	DataChannelStateConnecting DataChannelState = iota + 1
+
+	// DataChannelStateOpen indicates that the underlying data transport is
+	// established and communication is possible.
+	DataChannelStateOpen
+
+	// DataChannelStateClosing indicates that the procedure to close down the
+	// underlying data transport has started.
+	DataChannelStateClosing
+
+	// DataChannelStateClosed indicates that the underlying data transport
+	// has been closed or could not be established.
+	DataChannelStateClosed
+)
+
+// This is done this way because of a linter.
+const (
+	dataChannelStateConnectingStr = "connecting"
+	dataChannelStateOpenStr       = "open"
+	dataChannelStateClosingStr    = "closing"
+	dataChannelStateClosedStr     = "closed"
+)
+
+func newDataChannelState(raw string) DataChannelState {
+	switch raw {
+	case dataChannelStateConnectingStr:
+		return DataChannelStateConnecting
+	case dataChannelStateOpenStr:
+		return DataChannelStateOpen
+	case dataChannelStateClosingStr:
+		return DataChannelStateClosing
+	case dataChannelStateClosedStr:
+		return DataChannelStateClosed
+	default:
+		return DataChannelState(Unknown)
+	}
+}
+
+func (t DataChannelState) String() string {
+	switch t {
+	case DataChannelStateConnecting:
+		return dataChannelStateConnectingStr
+	case DataChannelStateOpen:
+		return dataChannelStateOpenStr
+	case DataChannelStateClosing:
+		return dataChannelStateClosingStr
+	case DataChannelStateClosed:
+		return dataChannelStateClosedStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// MarshalText implements encoding.TextMarshaler
+func (t DataChannelState) MarshalText() ([]byte, error) {
+	return []byte(t.String()), nil
+}
+
+// UnmarshalText implements encoding.TextUnmarshaler
+func (t *DataChannelState) UnmarshalText(b []byte) error {
+	*t = newDataChannelState(string(b))
+	return nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/dtlsfingerprint.go b/server/vendor/github.com/pion/webrtc/v3/dtlsfingerprint.go
new file mode 100644
index 0000000..b0d0614
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/dtlsfingerprint.go
@@ -0,0 +1,17 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// DTLSFingerprint specifies the hash function algorithm and certificate
+// fingerprint as described in https://tools.ietf.org/html/rfc4572.
+type DTLSFingerprint struct {
+	// Algorithm specifies one of the the hash function algorithms defined in
+	// the 'Hash function Textual Names' registry.
+	Algorithm string `json:"algorithm"`
+
+	// Value specifies the value of the certificate fingerprint in lowercase
+	// hex string as expressed utilizing the syntax of 'fingerprint' in
+	// https://tools.ietf.org/html/rfc4572#section-5.
+	Value string `json:"value"`
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/dtlsparameters.go b/server/vendor/github.com/pion/webrtc/v3/dtlsparameters.go
new file mode 100644
index 0000000..1dfa42a
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/dtlsparameters.go
@@ -0,0 +1,10 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// DTLSParameters holds information relating to DTLS configuration.
+type DTLSParameters struct {
+	Role         DTLSRole          `json:"role"`
+	Fingerprints []DTLSFingerprint `json:"fingerprints"`
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/dtlsrole.go b/server/vendor/github.com/pion/webrtc/v3/dtlsrole.go
new file mode 100644
index 0000000..9cee581
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/dtlsrole.go
@@ -0,0 +1,95 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"github.com/pion/sdp/v3"
+)
+
+// DTLSRole indicates the role of the DTLS transport.
+type DTLSRole byte
+
+const (
+	// DTLSRoleAuto defines the DTLS role is determined based on
+	// the resolved ICE role: the ICE controlled role acts as the DTLS
+	// client and the ICE controlling role acts as the DTLS server.
+	DTLSRoleAuto DTLSRole = iota + 1
+
+	// DTLSRoleClient defines the DTLS client role.
+	DTLSRoleClient
+
+	// DTLSRoleServer defines the DTLS server role.
+	DTLSRoleServer
+)
+
+const (
+	// https://tools.ietf.org/html/rfc5763
+	/*
+		The answerer MUST use either a
+		setup attribute value of setup:active or setup:passive.  Note that
+		if the answerer uses setup:passive, then the DTLS handshake will
+		not begin until the answerer is received, which adds additional
+		latency. setup:active allows the answer and the DTLS handshake to
+		occur in parallel.  Thus, setup:active is RECOMMENDED.
+	*/
+	defaultDtlsRoleAnswer = DTLSRoleClient
+	/*
+		The endpoint that is the offerer MUST use the setup attribute
+		value of setup:actpass and be prepared to receive a client_hello
+		before it receives the answer.
+	*/
+	defaultDtlsRoleOffer = DTLSRoleAuto
+)
+
+func (r DTLSRole) String() string {
+	switch r {
+	case DTLSRoleAuto:
+		return "auto"
+	case DTLSRoleClient:
+		return "client"
+	case DTLSRoleServer:
+		return "server"
+	default:
+		return unknownStr
+	}
+}
+
+// Iterate a SessionDescription from a remote to determine if an explicit
+// role can been determined from it. The decision is made from the first role we we parse.
+// If no role can be found we return DTLSRoleAuto
+func dtlsRoleFromRemoteSDP(sessionDescription *sdp.SessionDescription) DTLSRole {
+	if sessionDescription == nil {
+		return DTLSRoleAuto
+	}
+
+	for _, mediaSection := range sessionDescription.MediaDescriptions {
+		for _, attribute := range mediaSection.Attributes {
+			if attribute.Key == "setup" {
+				switch attribute.Value {
+				case sdp.ConnectionRoleActive.String():
+					return DTLSRoleClient
+				case sdp.ConnectionRolePassive.String():
+					return DTLSRoleServer
+				default:
+					return DTLSRoleAuto
+				}
+			}
+		}
+	}
+
+	return DTLSRoleAuto
+}
+
+func connectionRoleFromDtlsRole(d DTLSRole) sdp.ConnectionRole {
+	switch d {
+	case DTLSRoleClient:
+		return sdp.ConnectionRoleActive
+	case DTLSRoleServer:
+		return sdp.ConnectionRolePassive
+	case DTLSRoleAuto:
+		return sdp.ConnectionRoleActpass
+	default:
+		return sdp.ConnectionRole(0)
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/dtlstransport.go b/server/vendor/github.com/pion/webrtc/v3/dtlstransport.go
new file mode 100644
index 0000000..beaa7b2
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/dtlstransport.go
@@ -0,0 +1,522 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+	"fmt"
+	"strings"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/dtls/v2"
+	"github.com/pion/dtls/v2/pkg/crypto/fingerprint"
+	"github.com/pion/interceptor"
+	"github.com/pion/logging"
+	"github.com/pion/rtcp"
+	"github.com/pion/srtp/v2"
+	"github.com/pion/webrtc/v3/internal/mux"
+	"github.com/pion/webrtc/v3/internal/util"
+	"github.com/pion/webrtc/v3/pkg/rtcerr"
+)
+
+// DTLSTransport allows an application access to information about the DTLS
+// transport over which RTP and RTCP packets are sent and received by
+// RTPSender and RTPReceiver, as well other data such as SCTP packets sent
+// and received by data channels.
+type DTLSTransport struct {
+	lock sync.RWMutex
+
+	iceTransport          *ICETransport
+	certificates          []Certificate
+	remoteParameters      DTLSParameters
+	remoteCertificate     []byte
+	state                 DTLSTransportState
+	srtpProtectionProfile srtp.ProtectionProfile
+
+	onStateChangeHandler func(DTLSTransportState)
+
+	conn *dtls.Conn
+
+	srtpSession, srtcpSession   atomic.Value
+	srtpEndpoint, srtcpEndpoint *mux.Endpoint
+	simulcastStreams            []simulcastStreamPair
+	srtpReady                   chan struct{}
+
+	dtlsMatcher mux.MatchFunc
+
+	api *API
+	log logging.LeveledLogger
+}
+
+type simulcastStreamPair struct {
+	srtp  *srtp.ReadStreamSRTP
+	srtcp *srtp.ReadStreamSRTCP
+}
+
+// NewDTLSTransport creates a new DTLSTransport.
+// This constructor is part of the ORTC API. It is not
+// meant to be used together with the basic WebRTC API.
+func (api *API) NewDTLSTransport(transport *ICETransport, certificates []Certificate) (*DTLSTransport, error) {
+	t := &DTLSTransport{
+		iceTransport: transport,
+		api:          api,
+		state:        DTLSTransportStateNew,
+		dtlsMatcher:  mux.MatchDTLS,
+		srtpReady:    make(chan struct{}),
+		log:          api.settingEngine.LoggerFactory.NewLogger("DTLSTransport"),
+	}
+
+	if len(certificates) > 0 {
+		now := time.Now()
+		for _, x509Cert := range certificates {
+			if !x509Cert.Expires().IsZero() && now.After(x509Cert.Expires()) {
+				return nil, &rtcerr.InvalidAccessError{Err: ErrCertificateExpired}
+			}
+			t.certificates = append(t.certificates, x509Cert)
+		}
+	} else {
+		sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+		if err != nil {
+			return nil, &rtcerr.UnknownError{Err: err}
+		}
+		certificate, err := GenerateCertificate(sk)
+		if err != nil {
+			return nil, err
+		}
+		t.certificates = []Certificate{*certificate}
+	}
+
+	return t, nil
+}
+
+// ICETransport returns the currently-configured *ICETransport or nil
+// if one has not been configured
+func (t *DTLSTransport) ICETransport() *ICETransport {
+	t.lock.RLock()
+	defer t.lock.RUnlock()
+	return t.iceTransport
+}
+
+// onStateChange requires the caller holds the lock
+func (t *DTLSTransport) onStateChange(state DTLSTransportState) {
+	t.state = state
+	handler := t.onStateChangeHandler
+	if handler != nil {
+		handler(state)
+	}
+}
+
+// OnStateChange sets a handler that is fired when the DTLS
+// connection state changes.
+func (t *DTLSTransport) OnStateChange(f func(DTLSTransportState)) {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+	t.onStateChangeHandler = f
+}
+
+// State returns the current dtls transport state.
+func (t *DTLSTransport) State() DTLSTransportState {
+	t.lock.RLock()
+	defer t.lock.RUnlock()
+	return t.state
+}
+
+// WriteRTCP sends a user provided RTCP packet to the connected peer. If no peer is connected the
+// packet is discarded.
+func (t *DTLSTransport) WriteRTCP(pkts []rtcp.Packet) (int, error) {
+	raw, err := rtcp.Marshal(pkts)
+	if err != nil {
+		return 0, err
+	}
+
+	srtcpSession, err := t.getSRTCPSession()
+	if err != nil {
+		return 0, err
+	}
+
+	writeStream, err := srtcpSession.OpenWriteStream()
+	if err != nil {
+		// nolint
+		return 0, fmt.Errorf("%w: %v", errPeerConnWriteRTCPOpenWriteStream, err)
+	}
+
+	return writeStream.Write(raw)
+}
+
+// GetLocalParameters returns the DTLS parameters of the local DTLSTransport upon construction.
+func (t *DTLSTransport) GetLocalParameters() (DTLSParameters, error) {
+	fingerprints := []DTLSFingerprint{}
+
+	for _, c := range t.certificates {
+		prints, err := c.GetFingerprints()
+		if err != nil {
+			return DTLSParameters{}, err
+		}
+
+		fingerprints = append(fingerprints, prints...)
+	}
+
+	return DTLSParameters{
+		Role:         DTLSRoleAuto, // always returns the default role
+		Fingerprints: fingerprints,
+	}, nil
+}
+
+// GetRemoteCertificate returns the certificate chain in use by the remote side
+// returns an empty list prior to selection of the remote certificate
+func (t *DTLSTransport) GetRemoteCertificate() []byte {
+	t.lock.RLock()
+	defer t.lock.RUnlock()
+	return t.remoteCertificate
+}
+
+func (t *DTLSTransport) startSRTP() error {
+	srtpConfig := &srtp.Config{
+		Profile:       t.srtpProtectionProfile,
+		BufferFactory: t.api.settingEngine.BufferFactory,
+		LoggerFactory: t.api.settingEngine.LoggerFactory,
+	}
+	if t.api.settingEngine.replayProtection.SRTP != nil {
+		srtpConfig.RemoteOptions = append(
+			srtpConfig.RemoteOptions,
+			srtp.SRTPReplayProtection(*t.api.settingEngine.replayProtection.SRTP),
+		)
+	}
+
+	if t.api.settingEngine.disableSRTPReplayProtection {
+		srtpConfig.RemoteOptions = append(
+			srtpConfig.RemoteOptions,
+			srtp.SRTPNoReplayProtection(),
+		)
+	}
+
+	if t.api.settingEngine.replayProtection.SRTCP != nil {
+		srtpConfig.RemoteOptions = append(
+			srtpConfig.RemoteOptions,
+			srtp.SRTCPReplayProtection(*t.api.settingEngine.replayProtection.SRTCP),
+		)
+	}
+
+	if t.api.settingEngine.disableSRTCPReplayProtection {
+		srtpConfig.RemoteOptions = append(
+			srtpConfig.RemoteOptions,
+			srtp.SRTCPNoReplayProtection(),
+		)
+	}
+
+	connState := t.conn.ConnectionState()
+	err := srtpConfig.ExtractSessionKeysFromDTLS(&connState, t.role() == DTLSRoleClient)
+	if err != nil {
+		// nolint
+		return fmt.Errorf("%w: %v", errDtlsKeyExtractionFailed, err)
+	}
+
+	srtpSession, err := srtp.NewSessionSRTP(t.srtpEndpoint, srtpConfig)
+	if err != nil {
+		// nolint
+		return fmt.Errorf("%w: %v", errFailedToStartSRTP, err)
+	}
+
+	srtcpSession, err := srtp.NewSessionSRTCP(t.srtcpEndpoint, srtpConfig)
+	if err != nil {
+		// nolint
+		return fmt.Errorf("%w: %v", errFailedToStartSRTCP, err)
+	}
+
+	t.srtpSession.Store(srtpSession)
+	t.srtcpSession.Store(srtcpSession)
+	close(t.srtpReady)
+	return nil
+}
+
+func (t *DTLSTransport) getSRTPSession() (*srtp.SessionSRTP, error) {
+	if value, ok := t.srtpSession.Load().(*srtp.SessionSRTP); ok {
+		return value, nil
+	}
+
+	return nil, errDtlsTransportNotStarted
+}
+
+func (t *DTLSTransport) getSRTCPSession() (*srtp.SessionSRTCP, error) {
+	if value, ok := t.srtcpSession.Load().(*srtp.SessionSRTCP); ok {
+		return value, nil
+	}
+
+	return nil, errDtlsTransportNotStarted
+}
+
+func (t *DTLSTransport) role() DTLSRole {
+	// If remote has an explicit role use the inverse
+	switch t.remoteParameters.Role {
+	case DTLSRoleClient:
+		return DTLSRoleServer
+	case DTLSRoleServer:
+		return DTLSRoleClient
+	default:
+	}
+
+	// If SettingEngine has an explicit role
+	switch t.api.settingEngine.answeringDTLSRole {
+	case DTLSRoleServer:
+		return DTLSRoleServer
+	case DTLSRoleClient:
+		return DTLSRoleClient
+	default:
+	}
+
+	// Remote was auto and no explicit role was configured via SettingEngine
+	if t.iceTransport.Role() == ICERoleControlling {
+		return DTLSRoleServer
+	}
+	return defaultDtlsRoleAnswer
+}
+
+// Start DTLS transport negotiation with the parameters of the remote DTLS transport
+func (t *DTLSTransport) Start(remoteParameters DTLSParameters) error {
+	// Take lock and prepare connection, we must not hold the lock
+	// when connecting
+	prepareTransport := func() (DTLSRole, *dtls.Config, error) {
+		t.lock.Lock()
+		defer t.lock.Unlock()
+
+		if err := t.ensureICEConn(); err != nil {
+			return DTLSRole(0), nil, err
+		}
+
+		if t.state != DTLSTransportStateNew {
+			return DTLSRole(0), nil, &rtcerr.InvalidStateError{Err: fmt.Errorf("%w: %s", errInvalidDTLSStart, t.state)}
+		}
+
+		t.srtpEndpoint = t.iceTransport.newEndpoint(mux.MatchSRTP)
+		t.srtcpEndpoint = t.iceTransport.newEndpoint(mux.MatchSRTCP)
+		t.remoteParameters = remoteParameters
+
+		cert := t.certificates[0]
+		t.onStateChange(DTLSTransportStateConnecting)
+
+		return t.role(), &dtls.Config{
+			Certificates: []tls.Certificate{
+				{
+					Certificate: [][]byte{cert.x509Cert.Raw},
+					PrivateKey:  cert.privateKey,
+				},
+			},
+			SRTPProtectionProfiles: func() []dtls.SRTPProtectionProfile {
+				if len(t.api.settingEngine.srtpProtectionProfiles) > 0 {
+					return t.api.settingEngine.srtpProtectionProfiles
+				}
+
+				return defaultSrtpProtectionProfiles()
+			}(),
+			ClientAuth:         dtls.RequireAnyClientCert,
+			LoggerFactory:      t.api.settingEngine.LoggerFactory,
+			InsecureSkipVerify: !t.api.settingEngine.dtls.disableInsecureSkipVerify,
+		}, nil
+	}
+
+	var dtlsConn *dtls.Conn
+	dtlsEndpoint := t.iceTransport.newEndpoint(mux.MatchDTLS)
+	role, dtlsConfig, err := prepareTransport()
+	if err != nil {
+		return err
+	}
+
+	if t.api.settingEngine.replayProtection.DTLS != nil {
+		dtlsConfig.ReplayProtectionWindow = int(*t.api.settingEngine.replayProtection.DTLS)
+	}
+
+	if t.api.settingEngine.dtls.clientAuth != nil {
+		dtlsConfig.ClientAuth = *t.api.settingEngine.dtls.clientAuth
+	}
+
+	dtlsConfig.FlightInterval = t.api.settingEngine.dtls.retransmissionInterval
+	dtlsConfig.InsecureSkipVerifyHello = t.api.settingEngine.dtls.insecureSkipHelloVerify
+	dtlsConfig.EllipticCurves = t.api.settingEngine.dtls.ellipticCurves
+	dtlsConfig.ConnectContextMaker = t.api.settingEngine.dtls.connectContextMaker
+	dtlsConfig.ExtendedMasterSecret = t.api.settingEngine.dtls.extendedMasterSecret
+	dtlsConfig.ClientCAs = t.api.settingEngine.dtls.clientCAs
+	dtlsConfig.RootCAs = t.api.settingEngine.dtls.rootCAs
+	dtlsConfig.KeyLogWriter = t.api.settingEngine.dtls.keyLogWriter
+
+	// Connect as DTLS Client/Server, function is blocking and we
+	// must not hold the DTLSTransport lock
+	if role == DTLSRoleClient {
+		dtlsConn, err = dtls.Client(dtlsEndpoint, dtlsConfig)
+	} else {
+		dtlsConn, err = dtls.Server(dtlsEndpoint, dtlsConfig)
+	}
+
+	// Re-take the lock, nothing beyond here is blocking
+	t.lock.Lock()
+	defer t.lock.Unlock()
+
+	if err != nil {
+		t.onStateChange(DTLSTransportStateFailed)
+		return err
+	}
+
+	srtpProfile, ok := dtlsConn.SelectedSRTPProtectionProfile()
+	if !ok {
+		t.onStateChange(DTLSTransportStateFailed)
+		return ErrNoSRTPProtectionProfile
+	}
+
+	switch srtpProfile {
+	case dtls.SRTP_AEAD_AES_128_GCM:
+		t.srtpProtectionProfile = srtp.ProtectionProfileAeadAes128Gcm
+	case dtls.SRTP_AEAD_AES_256_GCM:
+		t.srtpProtectionProfile = srtp.ProtectionProfileAeadAes256Gcm
+	case dtls.SRTP_AES128_CM_HMAC_SHA1_80:
+		t.srtpProtectionProfile = srtp.ProtectionProfileAes128CmHmacSha1_80
+	case dtls.SRTP_NULL_HMAC_SHA1_80:
+		t.srtpProtectionProfile = srtp.ProtectionProfileNullHmacSha1_80
+	default:
+		t.onStateChange(DTLSTransportStateFailed)
+		return ErrNoSRTPProtectionProfile
+	}
+
+	// Check the fingerprint if a certificate was exchanged
+	remoteCerts := dtlsConn.ConnectionState().PeerCertificates
+	if len(remoteCerts) == 0 {
+		t.onStateChange(DTLSTransportStateFailed)
+		return errNoRemoteCertificate
+	}
+	t.remoteCertificate = remoteCerts[0]
+
+	if !t.api.settingEngine.disableCertificateFingerprintVerification {
+		parsedRemoteCert, err := x509.ParseCertificate(t.remoteCertificate)
+		if err != nil {
+			if closeErr := dtlsConn.Close(); closeErr != nil {
+				t.log.Error(err.Error())
+			}
+
+			t.onStateChange(DTLSTransportStateFailed)
+			return err
+		}
+
+		if err = t.validateFingerPrint(parsedRemoteCert); err != nil {
+			if closeErr := dtlsConn.Close(); closeErr != nil {
+				t.log.Error(err.Error())
+			}
+
+			t.onStateChange(DTLSTransportStateFailed)
+			return err
+		}
+	}
+
+	t.conn = dtlsConn
+	t.onStateChange(DTLSTransportStateConnected)
+
+	return t.startSRTP()
+}
+
+// Stop stops and closes the DTLSTransport object.
+func (t *DTLSTransport) Stop() error {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+
+	// Try closing everything and collect the errors
+	var closeErrs []error
+
+	if srtpSession, err := t.getSRTPSession(); err == nil && srtpSession != nil {
+		closeErrs = append(closeErrs, srtpSession.Close())
+	}
+
+	if srtcpSession, err := t.getSRTCPSession(); err == nil && srtcpSession != nil {
+		closeErrs = append(closeErrs, srtcpSession.Close())
+	}
+
+	for i := range t.simulcastStreams {
+		closeErrs = append(closeErrs, t.simulcastStreams[i].srtp.Close())
+		closeErrs = append(closeErrs, t.simulcastStreams[i].srtcp.Close())
+	}
+
+	if t.conn != nil {
+		// dtls connection may be closed on sctp close.
+		if err := t.conn.Close(); err != nil && !errors.Is(err, dtls.ErrConnClosed) {
+			closeErrs = append(closeErrs, err)
+		}
+	}
+	t.onStateChange(DTLSTransportStateClosed)
+	return util.FlattenErrs(closeErrs)
+}
+
+func (t *DTLSTransport) validateFingerPrint(remoteCert *x509.Certificate) error {
+	for _, fp := range t.remoteParameters.Fingerprints {
+		hashAlgo, err := fingerprint.HashFromString(fp.Algorithm)
+		if err != nil {
+			return err
+		}
+
+		remoteValue, err := fingerprint.Fingerprint(remoteCert, hashAlgo)
+		if err != nil {
+			return err
+		}
+
+		if strings.EqualFold(remoteValue, fp.Value) {
+			return nil
+		}
+	}
+
+	return errNoMatchingCertificateFingerprint
+}
+
+func (t *DTLSTransport) ensureICEConn() error {
+	if t.iceTransport == nil {
+		return errICEConnectionNotStarted
+	}
+
+	return nil
+}
+
+func (t *DTLSTransport) storeSimulcastStream(srtpReadStream *srtp.ReadStreamSRTP, srtcpReadStream *srtp.ReadStreamSRTCP) {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+
+	t.simulcastStreams = append(t.simulcastStreams, simulcastStreamPair{srtpReadStream, srtcpReadStream})
+}
+
+func (t *DTLSTransport) streamsForSSRC(ssrc SSRC, streamInfo interceptor.StreamInfo) (*srtp.ReadStreamSRTP, interceptor.RTPReader, *srtp.ReadStreamSRTCP, interceptor.RTCPReader, error) {
+	srtpSession, err := t.getSRTPSession()
+	if err != nil {
+		return nil, nil, nil, nil, err
+	}
+
+	rtpReadStream, err := srtpSession.OpenReadStream(uint32(ssrc))
+	if err != nil {
+		return nil, nil, nil, nil, err
+	}
+
+	rtpInterceptor := t.api.interceptor.BindRemoteStream(&streamInfo, interceptor.RTPReaderFunc(func(in []byte, a interceptor.Attributes) (n int, attributes interceptor.Attributes, err error) {
+		n, err = rtpReadStream.Read(in)
+		return n, a, err
+	}))
+
+	srtcpSession, err := t.getSRTCPSession()
+	if err != nil {
+		return nil, nil, nil, nil, err
+	}
+
+	rtcpReadStream, err := srtcpSession.OpenReadStream(uint32(ssrc))
+	if err != nil {
+		return nil, nil, nil, nil, err
+	}
+
+	rtcpInterceptor := t.api.interceptor.BindRTCPReader(interceptor.RTCPReaderFunc(func(in []byte, a interceptor.Attributes) (n int, attributes interceptor.Attributes, err error) {
+		n, err = rtcpReadStream.Read(in)
+		return n, a, err
+	}))
+
+	return rtpReadStream, rtpInterceptor, rtcpReadStream, rtcpInterceptor, nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/dtlstransport_js.go b/server/vendor/github.com/pion/webrtc/v3/dtlstransport_js.go
new file mode 100644
index 0000000..bc3444e
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/dtlstransport_js.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import "syscall/js"
+
+// DTLSTransport allows an application access to information about the DTLS
+// transport over which RTP and RTCP packets are sent and received by
+// RTPSender and RTPReceiver, as well other data such as SCTP packets sent
+// and received by data channels.
+type DTLSTransport struct {
+	// Pointer to the underlying JavaScript DTLSTransport object.
+	underlying js.Value
+}
+
+// ICETransport returns the currently-configured *ICETransport or nil
+// if one has not been configured
+func (r *DTLSTransport) ICETransport() *ICETransport {
+	underlying := r.underlying.Get("iceTransport")
+	if underlying.IsNull() || underlying.IsUndefined() {
+		return nil
+	}
+
+	return &ICETransport{
+		underlying: underlying,
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/dtlstransportstate.go b/server/vendor/github.com/pion/webrtc/v3/dtlstransportstate.go
new file mode 100644
index 0000000..573dd4b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/dtlstransportstate.go
@@ -0,0 +1,85 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// DTLSTransportState indicates the DTLS transport establishment state.
+type DTLSTransportState int
+
+const (
+	// DTLSTransportStateNew indicates that DTLS has not started negotiating
+	// yet.
+	DTLSTransportStateNew DTLSTransportState = iota + 1
+
+	// DTLSTransportStateConnecting indicates that DTLS is in the process of
+	// negotiating a secure connection and verifying the remote fingerprint.
+	DTLSTransportStateConnecting
+
+	// DTLSTransportStateConnected indicates that DTLS has completed
+	// negotiation of a secure connection and verified the remote fingerprint.
+	DTLSTransportStateConnected
+
+	// DTLSTransportStateClosed indicates that the transport has been closed
+	// intentionally as the result of receipt of a close_notify alert, or
+	// calling close().
+	DTLSTransportStateClosed
+
+	// DTLSTransportStateFailed indicates that the transport has failed as
+	// the result of an error (such as receipt of an error alert or failure to
+	// validate the remote fingerprint).
+	DTLSTransportStateFailed
+)
+
+// This is done this way because of a linter.
+const (
+	dtlsTransportStateNewStr        = "new"
+	dtlsTransportStateConnectingStr = "connecting"
+	dtlsTransportStateConnectedStr  = "connected"
+	dtlsTransportStateClosedStr     = "closed"
+	dtlsTransportStateFailedStr     = "failed"
+)
+
+func newDTLSTransportState(raw string) DTLSTransportState {
+	switch raw {
+	case dtlsTransportStateNewStr:
+		return DTLSTransportStateNew
+	case dtlsTransportStateConnectingStr:
+		return DTLSTransportStateConnecting
+	case dtlsTransportStateConnectedStr:
+		return DTLSTransportStateConnected
+	case dtlsTransportStateClosedStr:
+		return DTLSTransportStateClosed
+	case dtlsTransportStateFailedStr:
+		return DTLSTransportStateFailed
+	default:
+		return DTLSTransportState(Unknown)
+	}
+}
+
+func (t DTLSTransportState) String() string {
+	switch t {
+	case DTLSTransportStateNew:
+		return dtlsTransportStateNewStr
+	case DTLSTransportStateConnecting:
+		return dtlsTransportStateConnectingStr
+	case DTLSTransportStateConnected:
+		return dtlsTransportStateConnectedStr
+	case DTLSTransportStateClosed:
+		return dtlsTransportStateClosedStr
+	case DTLSTransportStateFailed:
+		return dtlsTransportStateFailedStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// MarshalText implements encoding.TextMarshaler
+func (t DTLSTransportState) MarshalText() ([]byte, error) {
+	return []byte(t.String()), nil
+}
+
+// UnmarshalText implements encoding.TextUnmarshaler
+func (t *DTLSTransportState) UnmarshalText(b []byte) error {
+	*t = newDTLSTransportState(string(b))
+	return nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/errors.go b/server/vendor/github.com/pion/webrtc/v3/errors.go
new file mode 100644
index 0000000..8c460d1
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/errors.go
@@ -0,0 +1,250 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"errors"
+)
+
+var (
+	// ErrUnknownType indicates an error with Unknown info.
+	ErrUnknownType = errors.New("unknown")
+
+	// ErrConnectionClosed indicates an operation executed after connection
+	// has already been closed.
+	ErrConnectionClosed = errors.New("connection closed")
+
+	// ErrDataChannelNotOpen indicates an operation executed when the data
+	// channel is not (yet) open.
+	ErrDataChannelNotOpen = errors.New("data channel not open")
+
+	// ErrCertificateExpired indicates that an x509 certificate has expired.
+	ErrCertificateExpired = errors.New("x509Cert expired")
+
+	// ErrNoTurnCredentials indicates that a TURN server URL was provided
+	// without required credentials.
+	ErrNoTurnCredentials = errors.New("turn server credentials required")
+
+	// ErrTurnCredentials indicates that provided TURN credentials are partial
+	// or malformed.
+	ErrTurnCredentials = errors.New("invalid turn server credentials")
+
+	// ErrExistingTrack indicates that a track already exists.
+	ErrExistingTrack = errors.New("track already exists")
+
+	// ErrPrivateKeyType indicates that a particular private key encryption
+	// chosen to generate a certificate is not supported.
+	ErrPrivateKeyType = errors.New("private key type not supported")
+
+	// ErrModifyingPeerIdentity indicates that an attempt to modify
+	// PeerIdentity was made after PeerConnection has been initialized.
+	ErrModifyingPeerIdentity = errors.New("peerIdentity cannot be modified")
+
+	// ErrModifyingCertificates indicates that an attempt to modify
+	// Certificates was made after PeerConnection has been initialized.
+	ErrModifyingCertificates = errors.New("certificates cannot be modified")
+
+	// ErrModifyingBundlePolicy indicates that an attempt to modify
+	// BundlePolicy was made after PeerConnection has been initialized.
+	ErrModifyingBundlePolicy = errors.New("bundle policy cannot be modified")
+
+	// ErrModifyingRTCPMuxPolicy indicates that an attempt to modify
+	// RTCPMuxPolicy was made after PeerConnection has been initialized.
+	ErrModifyingRTCPMuxPolicy = errors.New("rtcp mux policy cannot be modified")
+
+	// ErrModifyingICECandidatePoolSize indicates that an attempt to modify
+	// ICECandidatePoolSize was made after PeerConnection has been initialized.
+	ErrModifyingICECandidatePoolSize = errors.New("ice candidate pool size cannot be modified")
+
+	// ErrStringSizeLimit indicates that the character size limit of string is
+	// exceeded. The limit is hardcoded to 65535 according to specifications.
+	ErrStringSizeLimit = errors.New("data channel label exceeds size limit")
+
+	// ErrMaxDataChannelID indicates that the maximum number ID that could be
+	// specified for a data channel has been exceeded.
+	ErrMaxDataChannelID = errors.New("maximum number ID for datachannel specified")
+
+	// ErrNegotiatedWithoutID indicates that an attempt to create a data channel
+	// was made while setting the negotiated option to true without providing
+	// the negotiated channel ID.
+	ErrNegotiatedWithoutID = errors.New("negotiated set without channel id")
+
+	// ErrRetransmitsOrPacketLifeTime indicates that an attempt to create a data
+	// channel was made with both options MaxPacketLifeTime and MaxRetransmits
+	// set together. Such configuration is not supported by the specification
+	// and is mutually exclusive.
+	ErrRetransmitsOrPacketLifeTime = errors.New("both MaxPacketLifeTime and MaxRetransmits was set")
+
+	// ErrCodecNotFound is returned when a codec search to the Media Engine fails
+	ErrCodecNotFound = errors.New("codec not found")
+
+	// ErrNoRemoteDescription indicates that an operation was rejected because
+	// the remote description is not set
+	ErrNoRemoteDescription = errors.New("remote description is not set")
+
+	// ErrIncorrectSDPSemantics indicates that the PeerConnection was configured to
+	// generate SDP Answers with different SDP Semantics than the received Offer
+	ErrIncorrectSDPSemantics = errors.New("remote SessionDescription semantics does not match configuration")
+
+	// ErrIncorrectSignalingState indicates that the signaling state of PeerConnection is not correct
+	ErrIncorrectSignalingState = errors.New("operation can not be run in current signaling state")
+
+	// ErrProtocolTooLarge indicates that value given for a DataChannelInit protocol is
+	// longer then 65535 bytes
+	ErrProtocolTooLarge = errors.New("protocol is larger then 65535 bytes")
+
+	// ErrSenderNotCreatedByConnection indicates RemoveTrack was called with a RtpSender not created
+	// by this PeerConnection
+	ErrSenderNotCreatedByConnection = errors.New("RtpSender not created by this PeerConnection")
+
+	// ErrSessionDescriptionNoFingerprint indicates SetRemoteDescription was called with a SessionDescription that has no
+	// fingerprint
+	ErrSessionDescriptionNoFingerprint = errors.New("SetRemoteDescription called with no fingerprint")
+
+	// ErrSessionDescriptionInvalidFingerprint indicates SetRemoteDescription was called with a SessionDescription that
+	// has an invalid fingerprint
+	ErrSessionDescriptionInvalidFingerprint = errors.New("SetRemoteDescription called with an invalid fingerprint")
+
+	// ErrSessionDescriptionConflictingFingerprints indicates SetRemoteDescription was called with a SessionDescription that
+	// has an conflicting fingerprints
+	ErrSessionDescriptionConflictingFingerprints = errors.New("SetRemoteDescription called with multiple conflicting fingerprint")
+
+	// ErrSessionDescriptionMissingIceUfrag indicates SetRemoteDescription was called with a SessionDescription that
+	// is missing an ice-ufrag value
+	ErrSessionDescriptionMissingIceUfrag = errors.New("SetRemoteDescription called with no ice-ufrag")
+
+	// ErrSessionDescriptionMissingIcePwd indicates SetRemoteDescription was called with a SessionDescription that
+	// is missing an ice-pwd value
+	ErrSessionDescriptionMissingIcePwd = errors.New("SetRemoteDescription called with no ice-pwd")
+
+	// ErrSessionDescriptionConflictingIceUfrag  indicates SetRemoteDescription was called with a SessionDescription that
+	// contains multiple conflicting ice-ufrag values
+	ErrSessionDescriptionConflictingIceUfrag = errors.New("SetRemoteDescription called with multiple conflicting ice-ufrag values")
+
+	// ErrSessionDescriptionConflictingIcePwd indicates SetRemoteDescription was called with a SessionDescription that
+	// contains multiple conflicting ice-pwd values
+	ErrSessionDescriptionConflictingIcePwd = errors.New("SetRemoteDescription called with multiple conflicting ice-pwd values")
+
+	// ErrNoSRTPProtectionProfile indicates that the DTLS handshake completed and no SRTP Protection Profile was chosen
+	ErrNoSRTPProtectionProfile = errors.New("DTLS Handshake completed and no SRTP Protection Profile was chosen")
+
+	// ErrFailedToGenerateCertificateFingerprint indicates that we failed to generate the fingerprint used for comparing certificates
+	ErrFailedToGenerateCertificateFingerprint = errors.New("failed to generate certificate fingerprint")
+
+	// ErrNoCodecsAvailable indicates that operation isn't possible because the MediaEngine has no codecs available
+	ErrNoCodecsAvailable = errors.New("operation failed no codecs are available")
+
+	// ErrUnsupportedCodec indicates the remote peer doesn't support the requested codec
+	ErrUnsupportedCodec = errors.New("unable to start track, codec is not supported by remote")
+
+	// ErrSenderWithNoCodecs indicates that a RTPSender was created without any codecs. To send media the MediaEngine needs at
+	// least one configured codec.
+	ErrSenderWithNoCodecs = errors.New("unable to populate media section, RTPSender created with no codecs")
+
+	// ErrRTPSenderNewTrackHasIncorrectKind indicates that the new track is of a different kind than the previous/original
+	ErrRTPSenderNewTrackHasIncorrectKind = errors.New("new track must be of the same kind as previous")
+
+	// ErrRTPSenderNewTrackHasIncorrectEnvelope indicates that the new track has a different envelope than the previous/original
+	ErrRTPSenderNewTrackHasIncorrectEnvelope = errors.New("new track must have the same envelope as previous")
+
+	// ErrUnbindFailed indicates that a TrackLocal was not able to be unbind
+	ErrUnbindFailed = errors.New("failed to unbind TrackLocal from PeerConnection")
+
+	// ErrNoPayloaderForCodec indicates that the requested codec does not have a payloader
+	ErrNoPayloaderForCodec = errors.New("the requested codec does not have a payloader")
+
+	// ErrRegisterHeaderExtensionInvalidDirection indicates that a extension was registered with a direction besides `sendonly` or `recvonly`
+	ErrRegisterHeaderExtensionInvalidDirection = errors.New("a header extension must be registered as 'recvonly', 'sendonly' or both")
+
+	// ErrSimulcastProbeOverflow indicates that too many Simulcast probe streams are in flight and the requested SSRC was ignored
+	ErrSimulcastProbeOverflow = errors.New("simulcast probe limit has been reached, new SSRC has been discarded")
+
+	errDetachNotEnabled                 = errors.New("enable detaching by calling webrtc.DetachDataChannels()")
+	errDetachBeforeOpened               = errors.New("datachannel not opened yet, try calling Detach from OnOpen")
+	errDtlsTransportNotStarted          = errors.New("the DTLS transport has not started yet")
+	errDtlsKeyExtractionFailed          = errors.New("failed extracting keys from DTLS for SRTP")
+	errFailedToStartSRTP                = errors.New("failed to start SRTP")
+	errFailedToStartSRTCP               = errors.New("failed to start SRTCP")
+	errInvalidDTLSStart                 = errors.New("attempted to start DTLSTransport that is not in new state")
+	errNoRemoteCertificate              = errors.New("peer didn't provide certificate via DTLS")
+	errIdentityProviderNotImplemented   = errors.New("identity provider is not implemented")
+	errNoMatchingCertificateFingerprint = errors.New("remote certificate does not match any fingerprint")
+
+	errICEConnectionNotStarted        = errors.New("ICE connection not started")
+	errICECandidateTypeUnknown        = errors.New("unknown candidate type")
+	errICEInvalidConvertCandidateType = errors.New("cannot convert ice.CandidateType into webrtc.ICECandidateType, invalid type")
+	errICEAgentNotExist               = errors.New("ICEAgent does not exist")
+	errICECandiatesCoversionFailed    = errors.New("unable to convert ICE candidates to ICECandidates")
+	errICERoleUnknown                 = errors.New("unknown ICE Role")
+	errICEProtocolUnknown             = errors.New("unknown protocol")
+	errICEGathererNotStarted          = errors.New("gatherer not started")
+
+	errNetworkTypeUnknown = errors.New("unknown network type")
+
+	errSDPDoesNotMatchOffer                           = errors.New("new sdp does not match previous offer")
+	errSDPDoesNotMatchAnswer                          = errors.New("new sdp does not match previous answer")
+	errPeerConnSDPTypeInvalidValue                    = errors.New("provided value is not a valid enum value of type SDPType")
+	errPeerConnStateChangeInvalid                     = errors.New("invalid state change op")
+	errPeerConnStateChangeUnhandled                   = errors.New("unhandled state change op")
+	errPeerConnSDPTypeInvalidValueSetLocalDescription = errors.New("invalid SDP type supplied to SetLocalDescription()")
+	errPeerConnRemoteDescriptionWithoutMidValue       = errors.New("remoteDescription contained media section without mid value")
+	errPeerConnRemoteDescriptionNil                   = errors.New("remoteDescription has not been set yet")
+	errPeerConnSingleMediaSectionHasExplicitSSRC      = errors.New("single media section has an explicit SSRC")
+	errPeerConnRemoteSSRCAddTransceiver               = errors.New("could not add transceiver for remote SSRC")
+	errPeerConnSimulcastMidRTPExtensionRequired       = errors.New("mid RTP Extensions required for Simulcast")
+	errPeerConnSimulcastStreamIDRTPExtensionRequired  = errors.New("stream id RTP Extensions required for Simulcast")
+	errPeerConnSimulcastIncomingSSRCFailed            = errors.New("incoming SSRC failed Simulcast probing")
+	errPeerConnAddTransceiverFromKindOnlyAcceptsOne   = errors.New("AddTransceiverFromKind only accepts one RTPTransceiverInit")
+	errPeerConnAddTransceiverFromTrackOnlyAcceptsOne  = errors.New("AddTransceiverFromTrack only accepts one RTPTransceiverInit")
+	errPeerConnAddTransceiverFromKindSupport          = errors.New("AddTransceiverFromKind currently only supports recvonly")
+	errPeerConnAddTransceiverFromTrackSupport         = errors.New("AddTransceiverFromTrack currently only supports sendonly and sendrecv")
+	errPeerConnSetIdentityProviderNotImplemented      = errors.New("TODO SetIdentityProvider")
+	errPeerConnWriteRTCPOpenWriteStream               = errors.New("WriteRTCP failed to open WriteStream")
+	errPeerConnTranscieverMidNil                      = errors.New("cannot find transceiver with mid")
+
+	errRTPReceiverDTLSTransportNil            = errors.New("DTLSTransport must not be nil")
+	errRTPReceiverReceiveAlreadyCalled        = errors.New("Receive has already been called")
+	errRTPReceiverWithSSRCTrackStreamNotFound = errors.New("unable to find stream for Track with SSRC")
+	errRTPReceiverForRIDTrackStreamNotFound   = errors.New("no trackStreams found for RID")
+
+	errRTPSenderTrackNil             = errors.New("Track must not be nil")
+	errRTPSenderDTLSTransportNil     = errors.New("DTLSTransport must not be nil")
+	errRTPSenderSendAlreadyCalled    = errors.New("Send has already been called")
+	errRTPSenderStopped              = errors.New("Sender has already been stopped")
+	errRTPSenderTrackRemoved         = errors.New("Sender Track has been removed or replaced to nil")
+	errRTPSenderRidNil               = errors.New("Sender cannot add encoding as rid is empty")
+	errRTPSenderNoBaseEncoding       = errors.New("Sender cannot add encoding as there is no base track")
+	errRTPSenderBaseEncodingMismatch = errors.New("Sender cannot add encoding as provided track does not match base track")
+	errRTPSenderRIDCollision         = errors.New("Sender cannot encoding due to RID collision")
+	errRTPSenderNoTrackForRID        = errors.New("Sender does not have track for RID")
+
+	errRTPTransceiverCannotChangeMid        = errors.New("errRTPSenderTrackNil")
+	errRTPTransceiverSetSendingInvalidState = errors.New("invalid state change in RTPTransceiver.setSending")
+	errRTPTransceiverCodecUnsupported       = errors.New("unsupported codec type by this transceiver")
+
+	errSCTPTransportDTLS = errors.New("DTLS not established")
+
+	errSDPZeroTransceivers                 = errors.New("addTransceiverSDP() called with 0 transceivers")
+	errSDPMediaSectionMediaDataChanInvalid = errors.New("invalid Media Section. Media + DataChannel both enabled")
+	errSDPMediaSectionMultipleTrackInvalid = errors.New("invalid Media Section. Can not have multiple tracks in one MediaSection in UnifiedPlan")
+
+	errSettingEngineSetAnsweringDTLSRole = errors.New("SetAnsweringDTLSRole must DTLSRoleClient or DTLSRoleServer")
+
+	errSignalingStateCannotRollback            = errors.New("can't rollback from stable state")
+	errSignalingStateProposedTransitionInvalid = errors.New("invalid proposed signaling state transition")
+
+	errStatsICECandidateStateInvalid = errors.New("cannot convert to StatsICECandidatePairStateSucceeded invalid ice candidate state")
+
+	errInvalidICECredentialTypeString = errors.New("invalid ICECredentialType")
+	errInvalidICEServer               = errors.New("invalid ICEServer")
+
+	errICETransportNotInNew = errors.New("ICETransport can only be called in ICETransportStateNew")
+	errICETransportClosed   = errors.New("ICETransport closed")
+
+	errCertificatePEMFormatError = errors.New("bad Certificate PEM format")
+
+	errRTPTooShort = errors.New("not long enough to be a RTP Packet")
+
+	errExcessiveRetries = errors.New("excessive retries in CreateOffer")
+)
diff --git a/server/vendor/github.com/pion/webrtc/v3/gathering_complete_promise.go b/server/vendor/github.com/pion/webrtc/v3/gathering_complete_promise.go
new file mode 100644
index 0000000..12d3170
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/gathering_complete_promise.go
@@ -0,0 +1,27 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"context"
+)
+
+// GatheringCompletePromise is a Pion specific helper function that returns a channel that is closed when gathering is complete.
+// This function may be helpful in cases where you are unable to trickle your ICE Candidates.
+//
+// It is better to not use this function, and instead trickle candidates. If you use this function you will see longer connection startup times.
+// When the call is connected you will see no impact however.
+func GatheringCompletePromise(pc *PeerConnection) (gatherComplete <-chan struct{}) {
+	gatheringComplete, done := context.WithCancel(context.Background())
+
+	// It's possible to miss the GatherComplete event since setGatherCompleteHandler is an atomic operation and the
+	// promise might have been created after the gathering is finished. Therefore, we need to check if the ICE gathering
+	// state has changed to complete so that we don't block the caller forever.
+	pc.setGatherCompleteHandler(func() { done() })
+	if pc.ICEGatheringState() == ICEGatheringStateComplete {
+		done()
+	}
+
+	return gatheringComplete.Done()
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/ice_go.go b/server/vendor/github.com/pion/webrtc/v3/ice_go.go
new file mode 100644
index 0000000..9adcefb
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/ice_go.go
@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+// NewICETransport creates a new NewICETransport.
+// This constructor is part of the ORTC API. It is not
+// meant to be used together with the basic WebRTC API.
+func (api *API) NewICETransport(gatherer *ICEGatherer) *ICETransport {
+	return NewICETransport(gatherer, api.settingEngine.LoggerFactory)
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icecandidate.go b/server/vendor/github.com/pion/webrtc/v3/icecandidate.go
new file mode 100644
index 0000000..fa0b680
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icecandidate.go
@@ -0,0 +1,172 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"fmt"
+
+	"github.com/pion/ice/v2"
+)
+
+// ICECandidate represents a ice candidate
+type ICECandidate struct {
+	statsID        string
+	Foundation     string           `json:"foundation"`
+	Priority       uint32           `json:"priority"`
+	Address        string           `json:"address"`
+	Protocol       ICEProtocol      `json:"protocol"`
+	Port           uint16           `json:"port"`
+	Typ            ICECandidateType `json:"type"`
+	Component      uint16           `json:"component"`
+	RelatedAddress string           `json:"relatedAddress"`
+	RelatedPort    uint16           `json:"relatedPort"`
+	TCPType        string           `json:"tcpType"`
+}
+
+// Conversion for package ice
+
+func newICECandidatesFromICE(iceCandidates []ice.Candidate) ([]ICECandidate, error) {
+	candidates := []ICECandidate{}
+
+	for _, i := range iceCandidates {
+		c, err := newICECandidateFromICE(i)
+		if err != nil {
+			return nil, err
+		}
+		candidates = append(candidates, c)
+	}
+
+	return candidates, nil
+}
+
+func newICECandidateFromICE(i ice.Candidate) (ICECandidate, error) {
+	typ, err := convertTypeFromICE(i.Type())
+	if err != nil {
+		return ICECandidate{}, err
+	}
+	protocol, err := NewICEProtocol(i.NetworkType().NetworkShort())
+	if err != nil {
+		return ICECandidate{}, err
+	}
+
+	c := ICECandidate{
+		statsID:    i.ID(),
+		Foundation: i.Foundation(),
+		Priority:   i.Priority(),
+		Address:    i.Address(),
+		Protocol:   protocol,
+		Port:       uint16(i.Port()),
+		Component:  i.Component(),
+		Typ:        typ,
+		TCPType:    i.TCPType().String(),
+	}
+
+	if i.RelatedAddress() != nil {
+		c.RelatedAddress = i.RelatedAddress().Address
+		c.RelatedPort = uint16(i.RelatedAddress().Port)
+	}
+
+	return c, nil
+}
+
+func (c ICECandidate) toICE() (ice.Candidate, error) {
+	candidateID := c.statsID
+	switch c.Typ {
+	case ICECandidateTypeHost:
+		config := ice.CandidateHostConfig{
+			CandidateID: candidateID,
+			Network:     c.Protocol.String(),
+			Address:     c.Address,
+			Port:        int(c.Port),
+			Component:   c.Component,
+			TCPType:     ice.NewTCPType(c.TCPType),
+			Foundation:  c.Foundation,
+			Priority:    c.Priority,
+		}
+		return ice.NewCandidateHost(&config)
+	case ICECandidateTypeSrflx:
+		config := ice.CandidateServerReflexiveConfig{
+			CandidateID: candidateID,
+			Network:     c.Protocol.String(),
+			Address:     c.Address,
+			Port:        int(c.Port),
+			Component:   c.Component,
+			Foundation:  c.Foundation,
+			Priority:    c.Priority,
+			RelAddr:     c.RelatedAddress,
+			RelPort:     int(c.RelatedPort),
+		}
+		return ice.NewCandidateServerReflexive(&config)
+	case ICECandidateTypePrflx:
+		config := ice.CandidatePeerReflexiveConfig{
+			CandidateID: candidateID,
+			Network:     c.Protocol.String(),
+			Address:     c.Address,
+			Port:        int(c.Port),
+			Component:   c.Component,
+			Foundation:  c.Foundation,
+			Priority:    c.Priority,
+			RelAddr:     c.RelatedAddress,
+			RelPort:     int(c.RelatedPort),
+		}
+		return ice.NewCandidatePeerReflexive(&config)
+	case ICECandidateTypeRelay:
+		config := ice.CandidateRelayConfig{
+			CandidateID: candidateID,
+			Network:     c.Protocol.String(),
+			Address:     c.Address,
+			Port:        int(c.Port),
+			Component:   c.Component,
+			Foundation:  c.Foundation,
+			Priority:    c.Priority,
+			RelAddr:     c.RelatedAddress,
+			RelPort:     int(c.RelatedPort),
+		}
+		return ice.NewCandidateRelay(&config)
+	default:
+		return nil, fmt.Errorf("%w: %s", errICECandidateTypeUnknown, c.Typ)
+	}
+}
+
+func convertTypeFromICE(t ice.CandidateType) (ICECandidateType, error) {
+	switch t {
+	case ice.CandidateTypeHost:
+		return ICECandidateTypeHost, nil
+	case ice.CandidateTypeServerReflexive:
+		return ICECandidateTypeSrflx, nil
+	case ice.CandidateTypePeerReflexive:
+		return ICECandidateTypePrflx, nil
+	case ice.CandidateTypeRelay:
+		return ICECandidateTypeRelay, nil
+	default:
+		return ICECandidateType(t), fmt.Errorf("%w: %s", errICECandidateTypeUnknown, t)
+	}
+}
+
+func (c ICECandidate) String() string {
+	ic, err := c.toICE()
+	if err != nil {
+		return fmt.Sprintf("%#v failed to convert to ICE: %s", c, err)
+	}
+	return ic.String()
+}
+
+// ToJSON returns an ICECandidateInit
+// as indicated by the spec https://w3c.github.io/webrtc-pc/#dom-rtcicecandidate-tojson
+func (c ICECandidate) ToJSON() ICECandidateInit {
+	zeroVal := uint16(0)
+	emptyStr := ""
+	candidateStr := ""
+
+	candidate, err := c.toICE()
+	if err == nil {
+		candidateStr = candidate.Marshal()
+	}
+
+	return ICECandidateInit{
+		Candidate:     fmt.Sprintf("candidate:%s", candidateStr),
+		SDPMid:        &emptyStr,
+		SDPMLineIndex: &zeroVal,
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icecandidateinit.go b/server/vendor/github.com/pion/webrtc/v3/icecandidateinit.go
new file mode 100644
index 0000000..30ad93c
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icecandidateinit.go
@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// ICECandidateInit is used to serialize ice candidates
+type ICECandidateInit struct {
+	Candidate        string  `json:"candidate"`
+	SDPMid           *string `json:"sdpMid"`
+	SDPMLineIndex    *uint16 `json:"sdpMLineIndex"`
+	UsernameFragment *string `json:"usernameFragment"`
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icecandidatepair.go b/server/vendor/github.com/pion/webrtc/v3/icecandidatepair.go
new file mode 100644
index 0000000..b87884b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icecandidatepair.go
@@ -0,0 +1,32 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import "fmt"
+
+// ICECandidatePair represents an ICE Candidate pair
+type ICECandidatePair struct {
+	statsID string
+	Local   *ICECandidate
+	Remote  *ICECandidate
+}
+
+func newICECandidatePairStatsID(localID, remoteID string) string {
+	return fmt.Sprintf("%s-%s", localID, remoteID)
+}
+
+func (p *ICECandidatePair) String() string {
+	return fmt.Sprintf("(local) %s <-> (remote) %s", p.Local, p.Remote)
+}
+
+// NewICECandidatePair returns an initialized *ICECandidatePair
+// for the given pair of ICECandidate instances
+func NewICECandidatePair(local, remote *ICECandidate) *ICECandidatePair {
+	statsID := newICECandidatePairStatsID(local.statsID, remote.statsID)
+	return &ICECandidatePair{
+		statsID: statsID,
+		Local:   local,
+		Remote:  remote,
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icecandidatetype.go b/server/vendor/github.com/pion/webrtc/v3/icecandidatetype.go
new file mode 100644
index 0000000..5bef825
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icecandidatetype.go
@@ -0,0 +1,109 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"fmt"
+
+	"github.com/pion/ice/v2"
+)
+
+// ICECandidateType represents the type of the ICE candidate used.
+type ICECandidateType int
+
+const (
+	// ICECandidateTypeHost indicates that the candidate is of Host type as
+	// described in https://tools.ietf.org/html/rfc8445#section-5.1.1.1. A
+	// candidate obtained by binding to a specific port from an IP address on
+	// the host. This includes IP addresses on physical interfaces and logical
+	// ones, such as ones obtained through VPNs.
+	ICECandidateTypeHost ICECandidateType = iota + 1
+
+	// ICECandidateTypeSrflx indicates the the candidate is of Server
+	// Reflexive type as described
+	// https://tools.ietf.org/html/rfc8445#section-5.1.1.2. A candidate type
+	// whose IP address and port are a binding allocated by a NAT for an ICE
+	// agent after it sends a packet through the NAT to a server, such as a
+	// STUN server.
+	ICECandidateTypeSrflx
+
+	// ICECandidateTypePrflx indicates that the candidate is of Peer
+	// Reflexive type. A candidate type whose IP address and port are a binding
+	// allocated by a NAT for an ICE agent after it sends a packet through the
+	// NAT to its peer.
+	ICECandidateTypePrflx
+
+	// ICECandidateTypeRelay indicates the the candidate is of Relay type as
+	// described in https://tools.ietf.org/html/rfc8445#section-5.1.1.2. A
+	// candidate type obtained from a relay server, such as a TURN server.
+	ICECandidateTypeRelay
+)
+
+// This is done this way because of a linter.
+const (
+	iceCandidateTypeHostStr  = "host"
+	iceCandidateTypeSrflxStr = "srflx"
+	iceCandidateTypePrflxStr = "prflx"
+	iceCandidateTypeRelayStr = "relay"
+)
+
+// NewICECandidateType takes a string and converts it into ICECandidateType
+func NewICECandidateType(raw string) (ICECandidateType, error) {
+	switch raw {
+	case iceCandidateTypeHostStr:
+		return ICECandidateTypeHost, nil
+	case iceCandidateTypeSrflxStr:
+		return ICECandidateTypeSrflx, nil
+	case iceCandidateTypePrflxStr:
+		return ICECandidateTypePrflx, nil
+	case iceCandidateTypeRelayStr:
+		return ICECandidateTypeRelay, nil
+	default:
+		return ICECandidateType(Unknown), fmt.Errorf("%w: %s", errICECandidateTypeUnknown, raw)
+	}
+}
+
+func (t ICECandidateType) String() string {
+	switch t {
+	case ICECandidateTypeHost:
+		return iceCandidateTypeHostStr
+	case ICECandidateTypeSrflx:
+		return iceCandidateTypeSrflxStr
+	case ICECandidateTypePrflx:
+		return iceCandidateTypePrflxStr
+	case ICECandidateTypeRelay:
+		return iceCandidateTypeRelayStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+func getCandidateType(candidateType ice.CandidateType) (ICECandidateType, error) {
+	switch candidateType {
+	case ice.CandidateTypeHost:
+		return ICECandidateTypeHost, nil
+	case ice.CandidateTypeServerReflexive:
+		return ICECandidateTypeSrflx, nil
+	case ice.CandidateTypePeerReflexive:
+		return ICECandidateTypePrflx, nil
+	case ice.CandidateTypeRelay:
+		return ICECandidateTypeRelay, nil
+	default:
+		// NOTE: this should never happen[tm]
+		err := fmt.Errorf("%w: %s", errICEInvalidConvertCandidateType, candidateType.String())
+		return ICECandidateType(Unknown), err
+	}
+}
+
+// MarshalText implements the encoding.TextMarshaler interface.
+func (t ICECandidateType) MarshalText() ([]byte, error) {
+	return []byte(t.String()), nil
+}
+
+// UnmarshalText implements the encoding.TextUnmarshaler interface.
+func (t *ICECandidateType) UnmarshalText(b []byte) error {
+	var err error
+	*t, err = NewICECandidateType(string(b))
+	return err
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icecomponent.go b/server/vendor/github.com/pion/webrtc/v3/icecomponent.go
new file mode 100644
index 0000000..c65a893
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icecomponent.go
@@ -0,0 +1,50 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// ICEComponent describes if the ice transport is used for RTP
+// (or RTCP multiplexing).
+type ICEComponent int
+
+const (
+	// ICEComponentRTP indicates that the ICE Transport is used for RTP (or
+	// RTCP multiplexing), as defined in
+	// https://tools.ietf.org/html/rfc5245#section-4.1.1.1. Protocols
+	// multiplexed with RTP (e.g. data channel) share its component ID. This
+	// represents the component-id value 1 when encoded in candidate-attribute.
+	ICEComponentRTP ICEComponent = iota + 1
+
+	// ICEComponentRTCP indicates that the ICE Transport is used for RTCP as
+	// defined by https://tools.ietf.org/html/rfc5245#section-4.1.1.1. This
+	// represents the component-id value 2 when encoded in candidate-attribute.
+	ICEComponentRTCP
+)
+
+// This is done this way because of a linter.
+const (
+	iceComponentRTPStr  = "rtp"
+	iceComponentRTCPStr = "rtcp"
+)
+
+func newICEComponent(raw string) ICEComponent {
+	switch raw {
+	case iceComponentRTPStr:
+		return ICEComponentRTP
+	case iceComponentRTCPStr:
+		return ICEComponentRTCP
+	default:
+		return ICEComponent(Unknown)
+	}
+}
+
+func (t ICEComponent) String() string {
+	switch t {
+	case ICEComponentRTP:
+		return iceComponentRTPStr
+	case ICEComponentRTCP:
+		return iceComponentRTCPStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/iceconnectionstate.go b/server/vendor/github.com/pion/webrtc/v3/iceconnectionstate.go
new file mode 100644
index 0000000..e52e132
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/iceconnectionstate.go
@@ -0,0 +1,97 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// ICEConnectionState indicates signaling state of the ICE Connection.
+type ICEConnectionState int
+
+const (
+	// ICEConnectionStateNew indicates that any of the ICETransports are
+	// in the "new" state and none of them are in the "checking", "disconnected"
+	// or "failed" state, or all ICETransports are in the "closed" state, or
+	// there are no transports.
+	ICEConnectionStateNew ICEConnectionState = iota + 1
+
+	// ICEConnectionStateChecking indicates that any of the ICETransports
+	// are in the "checking" state and none of them are in the "disconnected"
+	// or "failed" state.
+	ICEConnectionStateChecking
+
+	// ICEConnectionStateConnected indicates that all ICETransports are
+	// in the "connected", "completed" or "closed" state and at least one of
+	// them is in the "connected" state.
+	ICEConnectionStateConnected
+
+	// ICEConnectionStateCompleted indicates that all ICETransports are
+	// in the "completed" or "closed" state and at least one of them is in the
+	// "completed" state.
+	ICEConnectionStateCompleted
+
+	// ICEConnectionStateDisconnected indicates that any of the
+	// ICETransports are in the "disconnected" state and none of them are
+	// in the "failed" state.
+	ICEConnectionStateDisconnected
+
+	// ICEConnectionStateFailed indicates that any of the ICETransports
+	// are in the "failed" state.
+	ICEConnectionStateFailed
+
+	// ICEConnectionStateClosed indicates that the PeerConnection's
+	// isClosed is true.
+	ICEConnectionStateClosed
+)
+
+// This is done this way because of a linter.
+const (
+	iceConnectionStateNewStr          = "new"
+	iceConnectionStateCheckingStr     = "checking"
+	iceConnectionStateConnectedStr    = "connected"
+	iceConnectionStateCompletedStr    = "completed"
+	iceConnectionStateDisconnectedStr = "disconnected"
+	iceConnectionStateFailedStr       = "failed"
+	iceConnectionStateClosedStr       = "closed"
+)
+
+// NewICEConnectionState takes a string and converts it to ICEConnectionState
+func NewICEConnectionState(raw string) ICEConnectionState {
+	switch raw {
+	case iceConnectionStateNewStr:
+		return ICEConnectionStateNew
+	case iceConnectionStateCheckingStr:
+		return ICEConnectionStateChecking
+	case iceConnectionStateConnectedStr:
+		return ICEConnectionStateConnected
+	case iceConnectionStateCompletedStr:
+		return ICEConnectionStateCompleted
+	case iceConnectionStateDisconnectedStr:
+		return ICEConnectionStateDisconnected
+	case iceConnectionStateFailedStr:
+		return ICEConnectionStateFailed
+	case iceConnectionStateClosedStr:
+		return ICEConnectionStateClosed
+	default:
+		return ICEConnectionState(Unknown)
+	}
+}
+
+func (c ICEConnectionState) String() string {
+	switch c {
+	case ICEConnectionStateNew:
+		return iceConnectionStateNewStr
+	case ICEConnectionStateChecking:
+		return iceConnectionStateCheckingStr
+	case ICEConnectionStateConnected:
+		return iceConnectionStateConnectedStr
+	case ICEConnectionStateCompleted:
+		return iceConnectionStateCompletedStr
+	case ICEConnectionStateDisconnected:
+		return iceConnectionStateDisconnectedStr
+	case ICEConnectionStateFailed:
+		return iceConnectionStateFailedStr
+	case ICEConnectionStateClosed:
+		return iceConnectionStateClosedStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icecredentialtype.go b/server/vendor/github.com/pion/webrtc/v3/icecredentialtype.go
new file mode 100644
index 0000000..5d704a9
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icecredentialtype.go
@@ -0,0 +1,72 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"encoding/json"
+	"fmt"
+)
+
+// ICECredentialType indicates the type of credentials used to connect to
+// an ICE server.
+type ICECredentialType int
+
+const (
+	// ICECredentialTypePassword describes username and password based
+	// credentials as described in https://tools.ietf.org/html/rfc5389.
+	ICECredentialTypePassword ICECredentialType = iota
+
+	// ICECredentialTypeOauth describes token based credential as described
+	// in https://tools.ietf.org/html/rfc7635.
+	ICECredentialTypeOauth
+)
+
+// This is done this way because of a linter.
+const (
+	iceCredentialTypePasswordStr = "password"
+	iceCredentialTypeOauthStr    = "oauth"
+)
+
+func newICECredentialType(raw string) (ICECredentialType, error) {
+	switch raw {
+	case iceCredentialTypePasswordStr:
+		return ICECredentialTypePassword, nil
+	case iceCredentialTypeOauthStr:
+		return ICECredentialTypeOauth, nil
+	default:
+		return ICECredentialTypePassword, errInvalidICECredentialTypeString
+	}
+}
+
+func (t ICECredentialType) String() string {
+	switch t {
+	case ICECredentialTypePassword:
+		return iceCredentialTypePasswordStr
+	case ICECredentialTypeOauth:
+		return iceCredentialTypeOauthStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// UnmarshalJSON parses the JSON-encoded data and stores the result
+func (t *ICECredentialType) UnmarshalJSON(b []byte) error {
+	var val string
+	if err := json.Unmarshal(b, &val); err != nil {
+		return err
+	}
+
+	tmp, err := newICECredentialType(val)
+	if err != nil {
+		return fmt.Errorf("%w: (%s)", err, val)
+	}
+
+	*t = tmp
+	return nil
+}
+
+// MarshalJSON returns the JSON encoding
+func (t ICECredentialType) MarshalJSON() ([]byte, error) {
+	return json.Marshal(t.String())
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icegatherer.go b/server/vendor/github.com/pion/webrtc/v3/icegatherer.go
new file mode 100644
index 0000000..b772f45
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icegatherer.go
@@ -0,0 +1,395 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"fmt"
+	"sync"
+	"sync/atomic"
+
+	"github.com/pion/ice/v2"
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+)
+
+// ICEGatherer gathers local host, server reflexive and relay
+// candidates, as well as enabling the retrieval of local Interactive
+// Connectivity Establishment (ICE) parameters which can be
+// exchanged in signaling.
+type ICEGatherer struct {
+	lock  sync.RWMutex
+	log   logging.LeveledLogger
+	state ICEGathererState
+
+	validatedServers []*stun.URI
+	gatherPolicy     ICETransportPolicy
+
+	agent *ice.Agent
+
+	onLocalCandidateHandler atomic.Value // func(candidate *ICECandidate)
+	onStateChangeHandler    atomic.Value // func(state ICEGathererState)
+
+	// Used for GatheringCompletePromise
+	onGatheringCompleteHandler atomic.Value // func()
+
+	api *API
+}
+
+// NewICEGatherer creates a new NewICEGatherer.
+// This constructor is part of the ORTC API. It is not
+// meant to be used together with the basic WebRTC API.
+func (api *API) NewICEGatherer(opts ICEGatherOptions) (*ICEGatherer, error) {
+	var validatedServers []*stun.URI
+	if len(opts.ICEServers) > 0 {
+		for _, server := range opts.ICEServers {
+			url, err := server.urls()
+			if err != nil {
+				return nil, err
+			}
+			validatedServers = append(validatedServers, url...)
+		}
+	}
+
+	return &ICEGatherer{
+		state:            ICEGathererStateNew,
+		gatherPolicy:     opts.ICEGatherPolicy,
+		validatedServers: validatedServers,
+		api:              api,
+		log:              api.settingEngine.LoggerFactory.NewLogger("ice"),
+	}, nil
+}
+
+func (g *ICEGatherer) createAgent() error {
+	g.lock.Lock()
+	defer g.lock.Unlock()
+
+	if g.agent != nil || g.State() != ICEGathererStateNew {
+		return nil
+	}
+
+	candidateTypes := []ice.CandidateType{}
+	if g.api.settingEngine.candidates.ICELite {
+		candidateTypes = append(candidateTypes, ice.CandidateTypeHost)
+	} else if g.gatherPolicy == ICETransportPolicyRelay {
+		candidateTypes = append(candidateTypes, ice.CandidateTypeRelay)
+	}
+
+	var nat1To1CandiTyp ice.CandidateType
+	switch g.api.settingEngine.candidates.NAT1To1IPCandidateType {
+	case ICECandidateTypeHost:
+		nat1To1CandiTyp = ice.CandidateTypeHost
+	case ICECandidateTypeSrflx:
+		nat1To1CandiTyp = ice.CandidateTypeServerReflexive
+	default:
+		nat1To1CandiTyp = ice.CandidateTypeUnspecified
+	}
+
+	mDNSMode := g.api.settingEngine.candidates.MulticastDNSMode
+	if mDNSMode != ice.MulticastDNSModeDisabled && mDNSMode != ice.MulticastDNSModeQueryAndGather {
+		// If enum is in state we don't recognized default to MulticastDNSModeQueryOnly
+		mDNSMode = ice.MulticastDNSModeQueryOnly
+	}
+
+	config := &ice.AgentConfig{
+		Lite:                   g.api.settingEngine.candidates.ICELite,
+		Urls:                   g.validatedServers,
+		PortMin:                g.api.settingEngine.ephemeralUDP.PortMin,
+		PortMax:                g.api.settingEngine.ephemeralUDP.PortMax,
+		DisconnectedTimeout:    g.api.settingEngine.timeout.ICEDisconnectedTimeout,
+		FailedTimeout:          g.api.settingEngine.timeout.ICEFailedTimeout,
+		KeepaliveInterval:      g.api.settingEngine.timeout.ICEKeepaliveInterval,
+		LoggerFactory:          g.api.settingEngine.LoggerFactory,
+		CandidateTypes:         candidateTypes,
+		HostAcceptanceMinWait:  g.api.settingEngine.timeout.ICEHostAcceptanceMinWait,
+		SrflxAcceptanceMinWait: g.api.settingEngine.timeout.ICESrflxAcceptanceMinWait,
+		PrflxAcceptanceMinWait: g.api.settingEngine.timeout.ICEPrflxAcceptanceMinWait,
+		RelayAcceptanceMinWait: g.api.settingEngine.timeout.ICERelayAcceptanceMinWait,
+		InterfaceFilter:        g.api.settingEngine.candidates.InterfaceFilter,
+		IPFilter:               g.api.settingEngine.candidates.IPFilter,
+		NAT1To1IPs:             g.api.settingEngine.candidates.NAT1To1IPs,
+		NAT1To1IPCandidateType: nat1To1CandiTyp,
+		IncludeLoopback:        g.api.settingEngine.candidates.IncludeLoopbackCandidate,
+		Net:                    g.api.settingEngine.net,
+		MulticastDNSMode:       mDNSMode,
+		MulticastDNSHostName:   g.api.settingEngine.candidates.MulticastDNSHostName,
+		LocalUfrag:             g.api.settingEngine.candidates.UsernameFragment,
+		LocalPwd:               g.api.settingEngine.candidates.Password,
+		TCPMux:                 g.api.settingEngine.iceTCPMux,
+		UDPMux:                 g.api.settingEngine.iceUDPMux,
+		ProxyDialer:            g.api.settingEngine.iceProxyDialer,
+		DisableActiveTCP:       g.api.settingEngine.iceDisableActiveTCP,
+		BindingRequestHandler:  g.api.settingEngine.iceBindingRequestHandler,
+	}
+
+	requestedNetworkTypes := g.api.settingEngine.candidates.ICENetworkTypes
+	if len(requestedNetworkTypes) == 0 {
+		requestedNetworkTypes = supportedNetworkTypes()
+	}
+
+	for _, typ := range requestedNetworkTypes {
+		config.NetworkTypes = append(config.NetworkTypes, ice.NetworkType(typ))
+	}
+
+	agent, err := ice.NewAgent(config)
+	if err != nil {
+		return err
+	}
+
+	g.agent = agent
+	return nil
+}
+
+// Gather ICE candidates.
+func (g *ICEGatherer) Gather() error {
+	if err := g.createAgent(); err != nil {
+		return err
+	}
+
+	agent := g.getAgent()
+	// it is possible agent had just been closed
+	if agent == nil {
+		return fmt.Errorf("%w: unable to gather", errICEAgentNotExist)
+	}
+
+	g.setState(ICEGathererStateGathering)
+	if err := agent.OnCandidate(func(candidate ice.Candidate) {
+		onLocalCandidateHandler := func(*ICECandidate) {}
+		if handler, ok := g.onLocalCandidateHandler.Load().(func(candidate *ICECandidate)); ok && handler != nil {
+			onLocalCandidateHandler = handler
+		}
+
+		onGatheringCompleteHandler := func() {}
+		if handler, ok := g.onGatheringCompleteHandler.Load().(func()); ok && handler != nil {
+			onGatheringCompleteHandler = handler
+		}
+
+		if candidate != nil {
+			c, err := newICECandidateFromICE(candidate)
+			if err != nil {
+				g.log.Warnf("Failed to convert ice.Candidate: %s", err)
+				return
+			}
+			onLocalCandidateHandler(&c)
+		} else {
+			g.setState(ICEGathererStateComplete)
+
+			onGatheringCompleteHandler()
+			onLocalCandidateHandler(nil)
+		}
+	}); err != nil {
+		return err
+	}
+	return agent.GatherCandidates()
+}
+
+// Close prunes all local candidates, and closes the ports.
+func (g *ICEGatherer) Close() error {
+	return g.close(false /* shouldGracefullyClose */)
+}
+
+// GracefulClose prunes all local candidates, and closes the ports. It also waits
+// for any goroutines it started to complete. This is only safe to call outside of
+// ICEGatherer callbacks or if in a callback, in its own goroutine.
+func (g *ICEGatherer) GracefulClose() error {
+	return g.close(true /* shouldGracefullyClose */)
+}
+
+func (g *ICEGatherer) close(shouldGracefullyClose bool) error {
+	g.lock.Lock()
+	defer g.lock.Unlock()
+
+	if g.agent == nil {
+		return nil
+	}
+	if shouldGracefullyClose {
+		if err := g.agent.GracefulClose(); err != nil {
+			return err
+		}
+	} else {
+		if err := g.agent.Close(); err != nil {
+			return err
+		}
+	}
+
+	g.agent = nil
+	g.setState(ICEGathererStateClosed)
+
+	return nil
+}
+
+// GetLocalParameters returns the ICE parameters of the ICEGatherer.
+func (g *ICEGatherer) GetLocalParameters() (ICEParameters, error) {
+	if err := g.createAgent(); err != nil {
+		return ICEParameters{}, err
+	}
+
+	agent := g.getAgent()
+	// it is possible agent had just been closed
+	if agent == nil {
+		return ICEParameters{}, fmt.Errorf("%w: unable to get local parameters", errICEAgentNotExist)
+	}
+
+	frag, pwd, err := agent.GetLocalUserCredentials()
+	if err != nil {
+		return ICEParameters{}, err
+	}
+
+	return ICEParameters{
+		UsernameFragment: frag,
+		Password:         pwd,
+		ICELite:          false,
+	}, nil
+}
+
+// GetLocalCandidates returns the sequence of valid local candidates associated with the ICEGatherer.
+func (g *ICEGatherer) GetLocalCandidates() ([]ICECandidate, error) {
+	if err := g.createAgent(); err != nil {
+		return nil, err
+	}
+
+	agent := g.getAgent()
+	// it is possible agent had just been closed
+	if agent == nil {
+		return nil, fmt.Errorf("%w: unable to get local candidates", errICEAgentNotExist)
+	}
+
+	iceCandidates, err := agent.GetLocalCandidates()
+	if err != nil {
+		return nil, err
+	}
+
+	return newICECandidatesFromICE(iceCandidates)
+}
+
+// OnLocalCandidate sets an event handler which fires when a new local ICE candidate is available
+// Take note that the handler will be called with a nil pointer when gathering is finished.
+func (g *ICEGatherer) OnLocalCandidate(f func(*ICECandidate)) {
+	g.onLocalCandidateHandler.Store(f)
+}
+
+// OnStateChange fires any time the ICEGatherer changes
+func (g *ICEGatherer) OnStateChange(f func(ICEGathererState)) {
+	g.onStateChangeHandler.Store(f)
+}
+
+// State indicates the current state of the ICE gatherer.
+func (g *ICEGatherer) State() ICEGathererState {
+	return atomicLoadICEGathererState(&g.state)
+}
+
+func (g *ICEGatherer) setState(s ICEGathererState) {
+	atomicStoreICEGathererState(&g.state, s)
+
+	if handler, ok := g.onStateChangeHandler.Load().(func(state ICEGathererState)); ok && handler != nil {
+		handler(s)
+	}
+}
+
+func (g *ICEGatherer) getAgent() *ice.Agent {
+	g.lock.RLock()
+	defer g.lock.RUnlock()
+	return g.agent
+}
+
+func (g *ICEGatherer) collectStats(collector *statsReportCollector) {
+	agent := g.getAgent()
+	if agent == nil {
+		return
+	}
+
+	collector.Collecting()
+	go func(collector *statsReportCollector, agent *ice.Agent) {
+		for _, candidatePairStats := range agent.GetCandidatePairsStats() {
+			collector.Collecting()
+
+			stats, err := toICECandidatePairStats(candidatePairStats)
+			if err != nil {
+				g.log.Error(err.Error())
+				continue
+			}
+
+			collector.Collect(stats.ID, stats)
+		}
+
+		for _, candidateStats := range agent.GetLocalCandidatesStats() {
+			collector.Collecting()
+
+			networkType, err := getNetworkType(candidateStats.NetworkType)
+			if err != nil {
+				g.log.Error(err.Error())
+			}
+
+			candidateType, err := getCandidateType(candidateStats.CandidateType)
+			if err != nil {
+				g.log.Error(err.Error())
+			}
+
+			stats := ICECandidateStats{
+				Timestamp:     statsTimestampFrom(candidateStats.Timestamp),
+				ID:            candidateStats.ID,
+				Type:          StatsTypeLocalCandidate,
+				IP:            candidateStats.IP,
+				Port:          int32(candidateStats.Port),
+				Protocol:      networkType.Protocol(),
+				CandidateType: candidateType,
+				Priority:      int32(candidateStats.Priority),
+				URL:           candidateStats.URL,
+				RelayProtocol: candidateStats.RelayProtocol,
+				Deleted:       candidateStats.Deleted,
+			}
+			collector.Collect(stats.ID, stats)
+		}
+
+		for _, candidateStats := range agent.GetRemoteCandidatesStats() {
+			collector.Collecting()
+			networkType, err := getNetworkType(candidateStats.NetworkType)
+			if err != nil {
+				g.log.Error(err.Error())
+			}
+
+			candidateType, err := getCandidateType(candidateStats.CandidateType)
+			if err != nil {
+				g.log.Error(err.Error())
+			}
+
+			stats := ICECandidateStats{
+				Timestamp:     statsTimestampFrom(candidateStats.Timestamp),
+				ID:            candidateStats.ID,
+				Type:          StatsTypeRemoteCandidate,
+				IP:            candidateStats.IP,
+				Port:          int32(candidateStats.Port),
+				Protocol:      networkType.Protocol(),
+				CandidateType: candidateType,
+				Priority:      int32(candidateStats.Priority),
+				URL:           candidateStats.URL,
+				RelayProtocol: candidateStats.RelayProtocol,
+			}
+			collector.Collect(stats.ID, stats)
+		}
+		collector.Done()
+	}(collector, agent)
+}
+
+func (g *ICEGatherer) getSelectedCandidatePairStats() (ICECandidatePairStats, bool) {
+	agent := g.getAgent()
+	if agent == nil {
+		return ICECandidatePairStats{}, false
+	}
+
+	selectedCandidatePairStats, isAvailable := agent.GetSelectedCandidatePairStats()
+	if !isAvailable {
+		return ICECandidatePairStats{}, false
+	}
+
+	stats, err := toICECandidatePairStats(selectedCandidatePairStats)
+	if err != nil {
+		g.log.Error(err.Error())
+		return ICECandidatePairStats{}, false
+	}
+
+	return stats, true
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icegathererstate.go b/server/vendor/github.com/pion/webrtc/v3/icegathererstate.go
new file mode 100644
index 0000000..b90acd3
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icegathererstate.go
@@ -0,0 +1,51 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"sync/atomic"
+)
+
+// ICEGathererState represents the current state of the ICE gatherer.
+type ICEGathererState uint32
+
+const (
+	// ICEGathererStateNew indicates object has been created but
+	// gather() has not been called.
+	ICEGathererStateNew ICEGathererState = iota + 1
+
+	// ICEGathererStateGathering indicates gather() has been called,
+	// and the ICEGatherer is in the process of gathering candidates.
+	ICEGathererStateGathering
+
+	// ICEGathererStateComplete indicates the ICEGatherer has completed gathering.
+	ICEGathererStateComplete
+
+	// ICEGathererStateClosed indicates the closed state can only be entered
+	// when the ICEGatherer has been closed intentionally by calling close().
+	ICEGathererStateClosed
+)
+
+func (s ICEGathererState) String() string {
+	switch s {
+	case ICEGathererStateNew:
+		return "new"
+	case ICEGathererStateGathering:
+		return "gathering"
+	case ICEGathererStateComplete:
+		return "complete"
+	case ICEGathererStateClosed:
+		return "closed"
+	default:
+		return unknownStr
+	}
+}
+
+func atomicStoreICEGathererState(state *ICEGathererState, newState ICEGathererState) {
+	atomic.StoreUint32((*uint32)(state), uint32(newState))
+}
+
+func atomicLoadICEGathererState(state *ICEGathererState) ICEGathererState {
+	return ICEGathererState(atomic.LoadUint32((*uint32)(state)))
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icegatheringstate.go b/server/vendor/github.com/pion/webrtc/v3/icegatheringstate.go
new file mode 100644
index 0000000..1925ddd
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icegatheringstate.go
@@ -0,0 +1,56 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// ICEGatheringState describes the state of the candidate gathering process.
+type ICEGatheringState int
+
+const (
+	// ICEGatheringStateNew indicates that any of the ICETransports are
+	// in the "new" gathering state and none of the transports are in the
+	// "gathering" state, or there are no transports.
+	ICEGatheringStateNew ICEGatheringState = iota + 1
+
+	// ICEGatheringStateGathering indicates that any of the ICETransports
+	// are in the "gathering" state.
+	ICEGatheringStateGathering
+
+	// ICEGatheringStateComplete indicates that at least one ICETransport
+	// exists, and all ICETransports are in the "completed" gathering state.
+	ICEGatheringStateComplete
+)
+
+// This is done this way because of a linter.
+const (
+	iceGatheringStateNewStr       = "new"
+	iceGatheringStateGatheringStr = "gathering"
+	iceGatheringStateCompleteStr  = "complete"
+)
+
+// NewICEGatheringState takes a string and converts it to ICEGatheringState
+func NewICEGatheringState(raw string) ICEGatheringState {
+	switch raw {
+	case iceGatheringStateNewStr:
+		return ICEGatheringStateNew
+	case iceGatheringStateGatheringStr:
+		return ICEGatheringStateGathering
+	case iceGatheringStateCompleteStr:
+		return ICEGatheringStateComplete
+	default:
+		return ICEGatheringState(Unknown)
+	}
+}
+
+func (t ICEGatheringState) String() string {
+	switch t {
+	case ICEGatheringStateNew:
+		return iceGatheringStateNewStr
+	case ICEGatheringStateGathering:
+		return iceGatheringStateGatheringStr
+	case ICEGatheringStateComplete:
+		return iceGatheringStateCompleteStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icegatheroptions.go b/server/vendor/github.com/pion/webrtc/v3/icegatheroptions.go
new file mode 100644
index 0000000..cca356f
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icegatheroptions.go
@@ -0,0 +1,10 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// ICEGatherOptions provides options relating to the gathering of ICE candidates.
+type ICEGatherOptions struct {
+	ICEServers      []ICEServer
+	ICEGatherPolicy ICETransportPolicy
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icemux.go b/server/vendor/github.com/pion/webrtc/v3/icemux.go
new file mode 100644
index 0000000..1bae313
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icemux.go
@@ -0,0 +1,30 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"net"
+
+	"github.com/pion/ice/v2"
+	"github.com/pion/logging"
+)
+
+// NewICETCPMux creates a new instance of ice.TCPMuxDefault. It enables use of
+// passive ICE TCP candidates.
+func NewICETCPMux(logger logging.LeveledLogger, listener net.Listener, readBufferSize int) ice.TCPMux {
+	return ice.NewTCPMuxDefault(ice.TCPMuxParams{
+		Listener:       listener,
+		Logger:         logger,
+		ReadBufferSize: readBufferSize,
+	})
+}
+
+// NewICEUDPMux creates a new instance of ice.UDPMuxDefault. It allows many PeerConnections to be served
+// by a single UDP Port.
+func NewICEUDPMux(logger logging.LeveledLogger, udpConn net.PacketConn) ice.UDPMux {
+	return ice.NewUDPMuxDefault(ice.UDPMuxParams{
+		UDPConn: udpConn,
+		Logger:  logger,
+	})
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/iceparameters.go b/server/vendor/github.com/pion/webrtc/v3/iceparameters.go
new file mode 100644
index 0000000..459ec60
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/iceparameters.go
@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// ICEParameters includes the ICE username fragment
+// and password and other ICE-related parameters.
+type ICEParameters struct {
+	UsernameFragment string `json:"usernameFragment"`
+	Password         string `json:"password"`
+	ICELite          bool   `json:"iceLite"`
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/iceprotocol.go b/server/vendor/github.com/pion/webrtc/v3/iceprotocol.go
new file mode 100644
index 0000000..3582b68
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/iceprotocol.go
@@ -0,0 +1,50 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"fmt"
+	"strings"
+)
+
+// ICEProtocol indicates the transport protocol type that is used in the
+// ice.URL structure.
+type ICEProtocol int
+
+const (
+	// ICEProtocolUDP indicates the URL uses a UDP transport.
+	ICEProtocolUDP ICEProtocol = iota + 1
+
+	// ICEProtocolTCP indicates the URL uses a TCP transport.
+	ICEProtocolTCP
+)
+
+// This is done this way because of a linter.
+const (
+	iceProtocolUDPStr = "udp"
+	iceProtocolTCPStr = "tcp"
+)
+
+// NewICEProtocol takes a string and converts it to ICEProtocol
+func NewICEProtocol(raw string) (ICEProtocol, error) {
+	switch {
+	case strings.EqualFold(iceProtocolUDPStr, raw):
+		return ICEProtocolUDP, nil
+	case strings.EqualFold(iceProtocolTCPStr, raw):
+		return ICEProtocolTCP, nil
+	default:
+		return ICEProtocol(Unknown), fmt.Errorf("%w: %s", errICEProtocolUnknown, raw)
+	}
+}
+
+func (t ICEProtocol) String() string {
+	switch t {
+	case ICEProtocolUDP:
+		return iceProtocolUDPStr
+	case ICEProtocolTCP:
+		return iceProtocolTCPStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icerole.go b/server/vendor/github.com/pion/webrtc/v3/icerole.go
new file mode 100644
index 0000000..a46b455
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icerole.go
@@ -0,0 +1,59 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// ICERole describes the role ice.Agent is playing in selecting the
+// preferred the candidate pair.
+type ICERole int
+
+const (
+	// ICERoleControlling indicates that the ICE agent that is responsible
+	// for selecting the final choice of candidate pairs and signaling them
+	// through STUN and an updated offer, if needed. In any session, one agent
+	// is always controlling. The other is the controlled agent.
+	ICERoleControlling ICERole = iota + 1
+
+	// ICERoleControlled indicates that an ICE agent that waits for the
+	// controlling agent to select the final choice of candidate pairs.
+	ICERoleControlled
+)
+
+// This is done this way because of a linter.
+const (
+	iceRoleControllingStr = "controlling"
+	iceRoleControlledStr  = "controlled"
+)
+
+func newICERole(raw string) ICERole {
+	switch raw {
+	case iceRoleControllingStr:
+		return ICERoleControlling
+	case iceRoleControlledStr:
+		return ICERoleControlled
+	default:
+		return ICERole(Unknown)
+	}
+}
+
+func (t ICERole) String() string {
+	switch t {
+	case ICERoleControlling:
+		return iceRoleControllingStr
+	case ICERoleControlled:
+		return iceRoleControlledStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// MarshalText implements encoding.TextMarshaler
+func (t ICERole) MarshalText() ([]byte, error) {
+	return []byte(t.String()), nil
+}
+
+// UnmarshalText implements encoding.TextUnmarshaler
+func (t *ICERole) UnmarshalText(b []byte) error {
+	*t = newICERole(string(b))
+	return nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/iceserver.go b/server/vendor/github.com/pion/webrtc/v3/iceserver.go
new file mode 100644
index 0000000..35d231f
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/iceserver.go
@@ -0,0 +1,182 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"encoding/json"
+
+	"github.com/pion/stun"
+	"github.com/pion/webrtc/v3/pkg/rtcerr"
+)
+
+// ICEServer describes a single STUN and TURN server that can be used by
+// the ICEAgent to establish a connection with a peer.
+type ICEServer struct {
+	URLs           []string          `json:"urls"`
+	Username       string            `json:"username,omitempty"`
+	Credential     interface{}       `json:"credential,omitempty"`
+	CredentialType ICECredentialType `json:"credentialType,omitempty"`
+}
+
+func (s ICEServer) parseURL(i int) (*stun.URI, error) {
+	return stun.ParseURI(s.URLs[i])
+}
+
+func (s ICEServer) validate() error {
+	_, err := s.urls()
+	return err
+}
+
+func (s ICEServer) urls() ([]*stun.URI, error) {
+	urls := []*stun.URI{}
+
+	for i := range s.URLs {
+		url, err := s.parseURL(i)
+		if err != nil {
+			return nil, &rtcerr.InvalidAccessError{Err: err}
+		}
+
+		if url.Scheme == stun.SchemeTypeTURN || url.Scheme == stun.SchemeTypeTURNS {
+			// https://www.w3.org/TR/webrtc/#set-the-configuration (step #11.3.2)
+			if s.Username == "" || s.Credential == nil {
+				return nil, &rtcerr.InvalidAccessError{Err: ErrNoTurnCredentials}
+			}
+			url.Username = s.Username
+
+			switch s.CredentialType {
+			case ICECredentialTypePassword:
+				// https://www.w3.org/TR/webrtc/#set-the-configuration (step #11.3.3)
+				password, ok := s.Credential.(string)
+				if !ok {
+					return nil, &rtcerr.InvalidAccessError{Err: ErrTurnCredentials}
+				}
+				url.Password = password
+
+			case ICECredentialTypeOauth:
+				// https://www.w3.org/TR/webrtc/#set-the-configuration (step #11.3.4)
+				if _, ok := s.Credential.(OAuthCredential); !ok {
+					return nil, &rtcerr.InvalidAccessError{Err: ErrTurnCredentials}
+				}
+
+			default:
+				return nil, &rtcerr.InvalidAccessError{Err: ErrTurnCredentials}
+			}
+		}
+
+		urls = append(urls, url)
+	}
+
+	return urls, nil
+}
+
+func iceserverUnmarshalUrls(val interface{}) (*[]string, error) {
+	s, ok := val.([]interface{})
+	if !ok {
+		return nil, errInvalidICEServer
+	}
+	out := make([]string, len(s))
+	for idx, url := range s {
+		out[idx], ok = url.(string)
+		if !ok {
+			return nil, errInvalidICEServer
+		}
+	}
+	return &out, nil
+}
+
+func iceserverUnmarshalOauth(val interface{}) (*OAuthCredential, error) {
+	c, ok := val.(map[string]interface{})
+	if !ok {
+		return nil, errInvalidICEServer
+	}
+	MACKey, ok := c["MACKey"].(string)
+	if !ok {
+		return nil, errInvalidICEServer
+	}
+	AccessToken, ok := c["AccessToken"].(string)
+	if !ok {
+		return nil, errInvalidICEServer
+	}
+	return &OAuthCredential{
+		MACKey:      MACKey,
+		AccessToken: AccessToken,
+	}, nil
+}
+
+func (s *ICEServer) iceserverUnmarshalFields(m map[string]interface{}) error {
+	if val, ok := m["urls"]; ok {
+		u, err := iceserverUnmarshalUrls(val)
+		if err != nil {
+			return err
+		}
+		s.URLs = *u
+	} else {
+		s.URLs = []string{}
+	}
+
+	if val, ok := m["username"]; ok {
+		s.Username, ok = val.(string)
+		if !ok {
+			return errInvalidICEServer
+		}
+	}
+	if val, ok := m["credentialType"]; ok {
+		ct, ok := val.(string)
+		if !ok {
+			return errInvalidICEServer
+		}
+		tpe, err := newICECredentialType(ct)
+		if err != nil {
+			return err
+		}
+		s.CredentialType = tpe
+	} else {
+		s.CredentialType = ICECredentialTypePassword
+	}
+	if val, ok := m["credential"]; ok {
+		switch s.CredentialType {
+		case ICECredentialTypePassword:
+			s.Credential = val
+		case ICECredentialTypeOauth:
+			c, err := iceserverUnmarshalOauth(val)
+			if err != nil {
+				return err
+			}
+			s.Credential = *c
+		default:
+			return errInvalidICECredentialTypeString
+		}
+	}
+	return nil
+}
+
+// UnmarshalJSON parses the JSON-encoded data and stores the result
+func (s *ICEServer) UnmarshalJSON(b []byte) error {
+	var tmp interface{}
+	err := json.Unmarshal(b, &tmp)
+	if err != nil {
+		return err
+	}
+	if m, ok := tmp.(map[string]interface{}); ok {
+		return s.iceserverUnmarshalFields(m)
+	}
+	return errInvalidICEServer
+}
+
+// MarshalJSON returns the JSON encoding
+func (s ICEServer) MarshalJSON() ([]byte, error) {
+	m := make(map[string]interface{})
+	m["urls"] = s.URLs
+	if s.Username != "" {
+		m["username"] = s.Username
+	}
+	if s.Credential != nil {
+		m["credential"] = s.Credential
+	}
+	m["credentialType"] = s.CredentialType
+	return json.Marshal(m)
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/iceserver_js.go b/server/vendor/github.com/pion/webrtc/v3/iceserver_js.go
new file mode 100644
index 0000000..e4061fa
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/iceserver_js.go
@@ -0,0 +1,46 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import (
+	"errors"
+
+	"github.com/pion/ice/v2"
+)
+
+// ICEServer describes a single STUN and TURN server that can be used by
+// the ICEAgent to establish a connection with a peer.
+type ICEServer struct {
+	URLs     []string
+	Username string
+	// Note: TURN is not supported in the WASM bindings yet
+	Credential     interface{}
+	CredentialType ICECredentialType
+}
+
+func (s ICEServer) parseURL(i int) (*ice.URL, error) {
+	return ice.ParseURL(s.URLs[i])
+}
+
+func (s ICEServer) validate() ([]*ice.URL, error) {
+	urls := []*ice.URL{}
+
+	for i := range s.URLs {
+		url, err := s.parseURL(i)
+		if err != nil {
+			return nil, err
+		}
+
+		if url.Scheme == ice.SchemeTypeTURN || url.Scheme == ice.SchemeTypeTURNS {
+			return nil, errors.New("TURN is not currently supported in the JavaScript/Wasm bindings")
+		}
+
+		urls = append(urls, url)
+	}
+
+	return urls, nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icetransport.go b/server/vendor/github.com/pion/webrtc/v3/icetransport.go
new file mode 100644
index 0000000..6724a94
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icetransport.go
@@ -0,0 +1,421 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"context"
+	"fmt"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/ice/v2"
+	"github.com/pion/logging"
+	"github.com/pion/webrtc/v3/internal/mux"
+	"github.com/pion/webrtc/v3/internal/util"
+)
+
+// ICETransport allows an application access to information about the ICE
+// transport over which packets are sent and received.
+type ICETransport struct {
+	lock sync.RWMutex
+
+	role ICERole
+
+	onConnectionStateChangeHandler         atomic.Value // func(ICETransportState)
+	internalOnConnectionStateChangeHandler atomic.Value // func(ICETransportState)
+	onSelectedCandidatePairChangeHandler   atomic.Value // func(*ICECandidatePair)
+
+	state atomic.Value // ICETransportState
+
+	gatherer *ICEGatherer
+	conn     *ice.Conn
+	mux      *mux.Mux
+
+	ctx       context.Context
+	ctxCancel func()
+
+	loggerFactory logging.LoggerFactory
+
+	log logging.LeveledLogger
+}
+
+// GetSelectedCandidatePair returns the selected candidate pair on which packets are sent
+// if there is no selected pair nil is returned
+func (t *ICETransport) GetSelectedCandidatePair() (*ICECandidatePair, error) {
+	agent := t.gatherer.getAgent()
+	if agent == nil {
+		return nil, nil //nolint:nilnil
+	}
+
+	icePair, err := agent.GetSelectedCandidatePair()
+	if icePair == nil || err != nil {
+		return nil, err
+	}
+
+	local, err := newICECandidateFromICE(icePair.Local)
+	if err != nil {
+		return nil, err
+	}
+
+	remote, err := newICECandidateFromICE(icePair.Remote)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewICECandidatePair(&local, &remote), nil
+}
+
+// GetSelectedCandidatePairStats returns the selected candidate pair stats on which packets are sent
+// if there is no selected pair empty stats, false is returned to indicate stats not available
+func (t *ICETransport) GetSelectedCandidatePairStats() (ICECandidatePairStats, bool) {
+	return t.gatherer.getSelectedCandidatePairStats()
+}
+
+// NewICETransport creates a new NewICETransport.
+func NewICETransport(gatherer *ICEGatherer, loggerFactory logging.LoggerFactory) *ICETransport {
+	iceTransport := &ICETransport{
+		gatherer:      gatherer,
+		loggerFactory: loggerFactory,
+		log:           loggerFactory.NewLogger("ortc"),
+	}
+	iceTransport.setState(ICETransportStateNew)
+	return iceTransport
+}
+
+// Start incoming connectivity checks based on its configured role.
+func (t *ICETransport) Start(gatherer *ICEGatherer, params ICEParameters, role *ICERole) error {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+
+	if t.State() != ICETransportStateNew {
+		return errICETransportNotInNew
+	}
+
+	if gatherer != nil {
+		t.gatherer = gatherer
+	}
+
+	if err := t.ensureGatherer(); err != nil {
+		return err
+	}
+
+	agent := t.gatherer.getAgent()
+	if agent == nil {
+		return fmt.Errorf("%w: unable to start ICETransport", errICEAgentNotExist)
+	}
+
+	if err := agent.OnConnectionStateChange(func(iceState ice.ConnectionState) {
+		state := newICETransportStateFromICE(iceState)
+
+		t.setState(state)
+		t.onConnectionStateChange(state)
+	}); err != nil {
+		return err
+	}
+	if err := agent.OnSelectedCandidatePairChange(func(local, remote ice.Candidate) {
+		candidates, err := newICECandidatesFromICE([]ice.Candidate{local, remote})
+		if err != nil {
+			t.log.Warnf("%w: %s", errICECandiatesCoversionFailed, err)
+			return
+		}
+		t.onSelectedCandidatePairChange(NewICECandidatePair(&candidates[0], &candidates[1]))
+	}); err != nil {
+		return err
+	}
+
+	if role == nil {
+		controlled := ICERoleControlled
+		role = &controlled
+	}
+	t.role = *role
+
+	t.ctx, t.ctxCancel = context.WithCancel(context.Background())
+
+	// Drop the lock here to allow ICE candidates to be
+	// added so that the agent can complete a connection
+	t.lock.Unlock()
+
+	var iceConn *ice.Conn
+	var err error
+	switch *role {
+	case ICERoleControlling:
+		iceConn, err = agent.Dial(t.ctx,
+			params.UsernameFragment,
+			params.Password)
+
+	case ICERoleControlled:
+		iceConn, err = agent.Accept(t.ctx,
+			params.UsernameFragment,
+			params.Password)
+
+	default:
+		err = errICERoleUnknown
+	}
+
+	// Reacquire the lock to set the connection/mux
+	t.lock.Lock()
+	if err != nil {
+		return err
+	}
+
+	if t.State() == ICETransportStateClosed {
+		return errICETransportClosed
+	}
+
+	t.conn = iceConn
+
+	config := mux.Config{
+		Conn:          t.conn,
+		BufferSize:    int(t.gatherer.api.settingEngine.getReceiveMTU()),
+		LoggerFactory: t.loggerFactory,
+	}
+	t.mux = mux.NewMux(config)
+
+	return nil
+}
+
+// restart is not exposed currently because ORTC has users create a whole new ICETransport
+// so for now lets keep it private so we don't cause ORTC users to depend on non-standard APIs
+func (t *ICETransport) restart() error {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+
+	agent := t.gatherer.getAgent()
+	if agent == nil {
+		return fmt.Errorf("%w: unable to restart ICETransport", errICEAgentNotExist)
+	}
+
+	if err := agent.Restart(t.gatherer.api.settingEngine.candidates.UsernameFragment, t.gatherer.api.settingEngine.candidates.Password); err != nil {
+		return err
+	}
+	return t.gatherer.Gather()
+}
+
+// Stop irreversibly stops the ICETransport.
+func (t *ICETransport) Stop() error {
+	return t.stop(false /* shouldGracefullyClose */)
+}
+
+// GracefulStop irreversibly stops the ICETransport. It also waits
+// for any goroutines it started to complete. This is only safe to call outside of
+// ICETransport callbacks or if in a callback, in its own goroutine.
+func (t *ICETransport) GracefulStop() error {
+	return t.stop(true /* shouldGracefullyClose */)
+}
+
+func (t *ICETransport) stop(shouldGracefullyClose bool) error {
+	t.lock.Lock()
+	t.setState(ICETransportStateClosed)
+
+	if t.ctxCancel != nil {
+		t.ctxCancel()
+	}
+
+	// mux and gatherer can only be set when ICETransport.State != Closed.
+	mux := t.mux
+	gatherer := t.gatherer
+	t.lock.Unlock()
+
+	if t.mux != nil {
+		var closeErrs []error
+		if shouldGracefullyClose && gatherer != nil {
+			// we can't access icegatherer/icetransport.Close via
+			// mux's net.Conn Close so we call it earlier here.
+			closeErrs = append(closeErrs, gatherer.GracefulClose())
+		}
+		closeErrs = append(closeErrs, mux.Close())
+		return util.FlattenErrs(closeErrs)
+	} else if gatherer != nil {
+		if shouldGracefullyClose {
+			return gatherer.GracefulClose()
+		}
+		return gatherer.Close()
+	}
+	return nil
+}
+
+// OnSelectedCandidatePairChange sets a handler that is invoked when a new
+// ICE candidate pair is selected
+func (t *ICETransport) OnSelectedCandidatePairChange(f func(*ICECandidatePair)) {
+	t.onSelectedCandidatePairChangeHandler.Store(f)
+}
+
+func (t *ICETransport) onSelectedCandidatePairChange(pair *ICECandidatePair) {
+	if handler, ok := t.onSelectedCandidatePairChangeHandler.Load().(func(*ICECandidatePair)); ok {
+		handler(pair)
+	}
+}
+
+// OnConnectionStateChange sets a handler that is fired when the ICE
+// connection state changes.
+func (t *ICETransport) OnConnectionStateChange(f func(ICETransportState)) {
+	t.onConnectionStateChangeHandler.Store(f)
+}
+
+func (t *ICETransport) onConnectionStateChange(state ICETransportState) {
+	if handler, ok := t.onConnectionStateChangeHandler.Load().(func(ICETransportState)); ok {
+		handler(state)
+	}
+	if handler, ok := t.internalOnConnectionStateChangeHandler.Load().(func(ICETransportState)); ok {
+		handler(state)
+	}
+}
+
+// Role indicates the current role of the ICE transport.
+func (t *ICETransport) Role() ICERole {
+	t.lock.RLock()
+	defer t.lock.RUnlock()
+
+	return t.role
+}
+
+// SetRemoteCandidates sets the sequence of candidates associated with the remote ICETransport.
+func (t *ICETransport) SetRemoteCandidates(remoteCandidates []ICECandidate) error {
+	t.lock.RLock()
+	defer t.lock.RUnlock()
+
+	if err := t.ensureGatherer(); err != nil {
+		return err
+	}
+
+	agent := t.gatherer.getAgent()
+	if agent == nil {
+		return fmt.Errorf("%w: unable to set remote candidates", errICEAgentNotExist)
+	}
+
+	for _, c := range remoteCandidates {
+		i, err := c.toICE()
+		if err != nil {
+			return err
+		}
+
+		if err = agent.AddRemoteCandidate(i); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// AddRemoteCandidate adds a candidate associated with the remote ICETransport.
+func (t *ICETransport) AddRemoteCandidate(remoteCandidate *ICECandidate) error {
+	t.lock.RLock()
+	defer t.lock.RUnlock()
+
+	var (
+		c   ice.Candidate
+		err error
+	)
+
+	if err = t.ensureGatherer(); err != nil {
+		return err
+	}
+
+	if remoteCandidate != nil {
+		if c, err = remoteCandidate.toICE(); err != nil {
+			return err
+		}
+	}
+
+	agent := t.gatherer.getAgent()
+	if agent == nil {
+		return fmt.Errorf("%w: unable to add remote candidates", errICEAgentNotExist)
+	}
+
+	return agent.AddRemoteCandidate(c)
+}
+
+// State returns the current ice transport state.
+func (t *ICETransport) State() ICETransportState {
+	if v, ok := t.state.Load().(ICETransportState); ok {
+		return v
+	}
+	return ICETransportState(0)
+}
+
+// GetLocalParameters returns an IceParameters object which provides information
+// uniquely identifying the local peer for the duration of the ICE session.
+func (t *ICETransport) GetLocalParameters() (ICEParameters, error) {
+	if err := t.ensureGatherer(); err != nil {
+		return ICEParameters{}, err
+	}
+
+	return t.gatherer.GetLocalParameters()
+}
+
+func (t *ICETransport) setState(i ICETransportState) {
+	t.state.Store(i)
+}
+
+func (t *ICETransport) newEndpoint(f mux.MatchFunc) *mux.Endpoint {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+	return t.mux.NewEndpoint(f)
+}
+
+func (t *ICETransport) ensureGatherer() error {
+	if t.gatherer == nil {
+		return errICEGathererNotStarted
+	} else if t.gatherer.getAgent() == nil {
+		if err := t.gatherer.createAgent(); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (t *ICETransport) collectStats(collector *statsReportCollector) {
+	t.lock.Lock()
+	conn := t.conn
+	t.lock.Unlock()
+
+	collector.Collecting()
+
+	stats := TransportStats{
+		Timestamp: statsTimestampFrom(time.Now()),
+		Type:      StatsTypeTransport,
+		ID:        "iceTransport",
+	}
+
+	if conn != nil {
+		stats.BytesSent = conn.BytesSent()
+		stats.BytesReceived = conn.BytesReceived()
+	}
+
+	collector.Collect(stats.ID, stats)
+}
+
+func (t *ICETransport) haveRemoteCredentialsChange(newUfrag, newPwd string) bool {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+
+	agent := t.gatherer.getAgent()
+	if agent == nil {
+		return false
+	}
+
+	uFrag, uPwd, err := agent.GetRemoteUserCredentials()
+	if err != nil {
+		return false
+	}
+
+	return uFrag != newUfrag || uPwd != newPwd
+}
+
+func (t *ICETransport) setRemoteCredentials(newUfrag, newPwd string) error {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+
+	agent := t.gatherer.getAgent()
+	if agent == nil {
+		return fmt.Errorf("%w: unable to SetRemoteCredentials", errICEAgentNotExist)
+	}
+
+	return agent.SetRemoteCredentials(newUfrag, newPwd)
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icetransport_js.go b/server/vendor/github.com/pion/webrtc/v3/icetransport_js.go
new file mode 100644
index 0000000..3ca577b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icetransport_js.go
@@ -0,0 +1,30 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import "syscall/js"
+
+// ICETransport allows an application access to information about the ICE
+// transport over which packets are sent and received.
+type ICETransport struct {
+	// Pointer to the underlying JavaScript ICETransport object.
+	underlying js.Value
+}
+
+// GetSelectedCandidatePair returns the selected candidate pair on which packets are sent
+// if there is no selected pair nil is returned
+func (t *ICETransport) GetSelectedCandidatePair() (*ICECandidatePair, error) {
+	val := t.underlying.Call("getSelectedCandidatePair")
+	if val.IsNull() || val.IsUndefined() {
+		return nil, nil
+	}
+
+	return NewICECandidatePair(
+		valueToICECandidate(val.Get("local")),
+		valueToICECandidate(val.Get("remote")),
+	), nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icetransportpolicy.go b/server/vendor/github.com/pion/webrtc/v3/icetransportpolicy.go
new file mode 100644
index 0000000..a2629fd
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icetransportpolicy.go
@@ -0,0 +1,68 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"encoding/json"
+)
+
+// ICETransportPolicy defines the ICE candidate policy surface the
+// permitted candidates. Only these candidates are used for connectivity checks.
+type ICETransportPolicy int
+
+// ICEGatherPolicy is the ORTC equivalent of ICETransportPolicy
+type ICEGatherPolicy = ICETransportPolicy
+
+const (
+	// ICETransportPolicyAll indicates any type of candidate is used.
+	ICETransportPolicyAll ICETransportPolicy = iota
+
+	// ICETransportPolicyRelay indicates only media relay candidates such
+	// as candidates passing through a TURN server are used.
+	ICETransportPolicyRelay
+)
+
+// This is done this way because of a linter.
+const (
+	iceTransportPolicyRelayStr = "relay"
+	iceTransportPolicyAllStr   = "all"
+)
+
+// NewICETransportPolicy takes a string and converts it to ICETransportPolicy
+func NewICETransportPolicy(raw string) ICETransportPolicy {
+	switch raw {
+	case iceTransportPolicyRelayStr:
+		return ICETransportPolicyRelay
+	case iceTransportPolicyAllStr:
+		return ICETransportPolicyAll
+	default:
+		return ICETransportPolicy(Unknown)
+	}
+}
+
+func (t ICETransportPolicy) String() string {
+	switch t {
+	case ICETransportPolicyRelay:
+		return iceTransportPolicyRelayStr
+	case ICETransportPolicyAll:
+		return iceTransportPolicyAllStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// UnmarshalJSON parses the JSON-encoded data and stores the result
+func (t *ICETransportPolicy) UnmarshalJSON(b []byte) error {
+	var val string
+	if err := json.Unmarshal(b, &val); err != nil {
+		return err
+	}
+	*t = NewICETransportPolicy(val)
+	return nil
+}
+
+// MarshalJSON returns the JSON encoding
+func (t ICETransportPolicy) MarshalJSON() ([]byte, error) {
+	return json.Marshal(t.String())
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/icetransportstate.go b/server/vendor/github.com/pion/webrtc/v3/icetransportstate.go
new file mode 100644
index 0000000..4edbf0f
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/icetransportstate.go
@@ -0,0 +1,110 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import "github.com/pion/ice/v2"
+
+// ICETransportState represents the current state of the ICE transport.
+type ICETransportState int
+
+const (
+	// ICETransportStateNew indicates the ICETransport is waiting
+	// for remote candidates to be supplied.
+	ICETransportStateNew = iota + 1
+
+	// ICETransportStateChecking indicates the ICETransport has
+	// received at least one remote candidate, and a local and remote
+	// ICECandidateComplete dictionary was not added as the last candidate.
+	ICETransportStateChecking
+
+	// ICETransportStateConnected indicates the ICETransport has
+	// received a response to an outgoing connectivity check, or has
+	// received incoming DTLS/media after a successful response to an
+	// incoming connectivity check, but is still checking other candidate
+	// pairs to see if there is a better connection.
+	ICETransportStateConnected
+
+	// ICETransportStateCompleted indicates the ICETransport tested
+	// all appropriate candidate pairs and at least one functioning
+	// candidate pair has been found.
+	ICETransportStateCompleted
+
+	// ICETransportStateFailed indicates the ICETransport the last
+	// candidate was added and all appropriate candidate pairs have either
+	// failed connectivity checks or have lost consent.
+	ICETransportStateFailed
+
+	// ICETransportStateDisconnected indicates the ICETransport has received
+	// at least one local and remote candidate, but the final candidate was
+	// received yet and all appropriate candidate pairs thus far have been
+	// tested and failed.
+	ICETransportStateDisconnected
+
+	// ICETransportStateClosed indicates the ICETransport has shut down
+	// and is no longer responding to STUN requests.
+	ICETransportStateClosed
+)
+
+func (c ICETransportState) String() string {
+	switch c {
+	case ICETransportStateNew:
+		return "new"
+	case ICETransportStateChecking:
+		return "checking"
+	case ICETransportStateConnected:
+		return "connected"
+	case ICETransportStateCompleted:
+		return "completed"
+	case ICETransportStateFailed:
+		return "failed"
+	case ICETransportStateDisconnected:
+		return "disconnected"
+	case ICETransportStateClosed:
+		return "closed"
+	default:
+		return unknownStr
+	}
+}
+
+func newICETransportStateFromICE(i ice.ConnectionState) ICETransportState {
+	switch i {
+	case ice.ConnectionStateNew:
+		return ICETransportStateNew
+	case ice.ConnectionStateChecking:
+		return ICETransportStateChecking
+	case ice.ConnectionStateConnected:
+		return ICETransportStateConnected
+	case ice.ConnectionStateCompleted:
+		return ICETransportStateCompleted
+	case ice.ConnectionStateFailed:
+		return ICETransportStateFailed
+	case ice.ConnectionStateDisconnected:
+		return ICETransportStateDisconnected
+	case ice.ConnectionStateClosed:
+		return ICETransportStateClosed
+	default:
+		return ICETransportState(Unknown)
+	}
+}
+
+func (c ICETransportState) toICE() ice.ConnectionState {
+	switch c {
+	case ICETransportStateNew:
+		return ice.ConnectionStateNew
+	case ICETransportStateChecking:
+		return ice.ConnectionStateChecking
+	case ICETransportStateConnected:
+		return ice.ConnectionStateConnected
+	case ICETransportStateCompleted:
+		return ice.ConnectionStateCompleted
+	case ICETransportStateFailed:
+		return ice.ConnectionStateFailed
+	case ICETransportStateDisconnected:
+		return ice.ConnectionStateDisconnected
+	case ICETransportStateClosed:
+		return ice.ConnectionStateClosed
+	default:
+		return ice.ConnectionState(Unknown)
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/interceptor.go b/server/vendor/github.com/pion/webrtc/v3/interceptor.go
new file mode 100644
index 0000000..7a5b4a7
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/interceptor.go
@@ -0,0 +1,167 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"sync/atomic"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/interceptor/pkg/nack"
+	"github.com/pion/interceptor/pkg/report"
+	"github.com/pion/interceptor/pkg/twcc"
+	"github.com/pion/rtp"
+	"github.com/pion/sdp/v3"
+)
+
+// RegisterDefaultInterceptors will register some useful interceptors.
+// If you want to customize which interceptors are loaded, you should copy the
+// code from this method and remove unwanted interceptors.
+func RegisterDefaultInterceptors(mediaEngine *MediaEngine, interceptorRegistry *interceptor.Registry) error {
+	if err := ConfigureNack(mediaEngine, interceptorRegistry); err != nil {
+		return err
+	}
+
+	if err := ConfigureRTCPReports(interceptorRegistry); err != nil {
+		return err
+	}
+
+	return ConfigureTWCCSender(mediaEngine, interceptorRegistry)
+}
+
+// ConfigureRTCPReports will setup everything necessary for generating Sender and Receiver Reports
+func ConfigureRTCPReports(interceptorRegistry *interceptor.Registry) error {
+	reciver, err := report.NewReceiverInterceptor()
+	if err != nil {
+		return err
+	}
+
+	sender, err := report.NewSenderInterceptor()
+	if err != nil {
+		return err
+	}
+
+	interceptorRegistry.Add(reciver)
+	interceptorRegistry.Add(sender)
+	return nil
+}
+
+// ConfigureNack will setup everything necessary for handling generating/responding to nack messages.
+func ConfigureNack(mediaEngine *MediaEngine, interceptorRegistry *interceptor.Registry) error {
+	generator, err := nack.NewGeneratorInterceptor()
+	if err != nil {
+		return err
+	}
+
+	responder, err := nack.NewResponderInterceptor()
+	if err != nil {
+		return err
+	}
+
+	mediaEngine.RegisterFeedback(RTCPFeedback{Type: "nack"}, RTPCodecTypeVideo)
+	mediaEngine.RegisterFeedback(RTCPFeedback{Type: "nack", Parameter: "pli"}, RTPCodecTypeVideo)
+	interceptorRegistry.Add(responder)
+	interceptorRegistry.Add(generator)
+	return nil
+}
+
+// ConfigureTWCCHeaderExtensionSender will setup everything necessary for adding
+// a TWCC header extension to outgoing RTP packets. This will allow the remote peer to generate TWCC reports.
+func ConfigureTWCCHeaderExtensionSender(mediaEngine *MediaEngine, interceptorRegistry *interceptor.Registry) error {
+	if err := mediaEngine.RegisterHeaderExtension(RTPHeaderExtensionCapability{URI: sdp.TransportCCURI}, RTPCodecTypeVideo); err != nil {
+		return err
+	}
+
+	if err := mediaEngine.RegisterHeaderExtension(RTPHeaderExtensionCapability{URI: sdp.TransportCCURI}, RTPCodecTypeAudio); err != nil {
+		return err
+	}
+
+	i, err := twcc.NewHeaderExtensionInterceptor()
+	if err != nil {
+		return err
+	}
+
+	interceptorRegistry.Add(i)
+	return nil
+}
+
+// ConfigureTWCCSender will setup everything necessary for generating TWCC reports.
+func ConfigureTWCCSender(mediaEngine *MediaEngine, interceptorRegistry *interceptor.Registry) error {
+	mediaEngine.RegisterFeedback(RTCPFeedback{Type: TypeRTCPFBTransportCC}, RTPCodecTypeVideo)
+	if err := mediaEngine.RegisterHeaderExtension(RTPHeaderExtensionCapability{URI: sdp.TransportCCURI}, RTPCodecTypeVideo); err != nil {
+		return err
+	}
+
+	mediaEngine.RegisterFeedback(RTCPFeedback{Type: TypeRTCPFBTransportCC}, RTPCodecTypeAudio)
+	if err := mediaEngine.RegisterHeaderExtension(RTPHeaderExtensionCapability{URI: sdp.TransportCCURI}, RTPCodecTypeAudio); err != nil {
+		return err
+	}
+
+	generator, err := twcc.NewSenderInterceptor()
+	if err != nil {
+		return err
+	}
+
+	interceptorRegistry.Add(generator)
+	return nil
+}
+
+// ConfigureSimulcastExtensionHeaders enables the RTP Extension Headers needed for Simulcast
+func ConfigureSimulcastExtensionHeaders(mediaEngine *MediaEngine) error {
+	if err := mediaEngine.RegisterHeaderExtension(RTPHeaderExtensionCapability{URI: sdp.SDESMidURI}, RTPCodecTypeVideo); err != nil {
+		return err
+	}
+
+	if err := mediaEngine.RegisterHeaderExtension(RTPHeaderExtensionCapability{URI: sdp.SDESRTPStreamIDURI}, RTPCodecTypeVideo); err != nil {
+		return err
+	}
+
+	return mediaEngine.RegisterHeaderExtension(RTPHeaderExtensionCapability{URI: sdesRepairRTPStreamIDURI}, RTPCodecTypeVideo)
+}
+
+type interceptorToTrackLocalWriter struct{ interceptor atomic.Value } // interceptor.RTPWriter }
+
+func (i *interceptorToTrackLocalWriter) WriteRTP(header *rtp.Header, payload []byte) (int, error) {
+	if writer, ok := i.interceptor.Load().(interceptor.RTPWriter); ok && writer != nil {
+		return writer.Write(header, payload, interceptor.Attributes{})
+	}
+
+	return 0, nil
+}
+
+func (i *interceptorToTrackLocalWriter) Write(b []byte) (int, error) {
+	packet := &rtp.Packet{}
+	if err := packet.Unmarshal(b); err != nil {
+		return 0, err
+	}
+
+	return i.WriteRTP(&packet.Header, packet.Payload)
+}
+
+func createStreamInfo(id string, ssrc SSRC, payloadType PayloadType, codec RTPCodecCapability, webrtcHeaderExtensions []RTPHeaderExtensionParameter) *interceptor.StreamInfo {
+	headerExtensions := make([]interceptor.RTPHeaderExtension, 0, len(webrtcHeaderExtensions))
+	for _, h := range webrtcHeaderExtensions {
+		headerExtensions = append(headerExtensions, interceptor.RTPHeaderExtension{ID: h.ID, URI: h.URI})
+	}
+
+	feedbacks := make([]interceptor.RTCPFeedback, 0, len(codec.RTCPFeedback))
+	for _, f := range codec.RTCPFeedback {
+		feedbacks = append(feedbacks, interceptor.RTCPFeedback{Type: f.Type, Parameter: f.Parameter})
+	}
+
+	return &interceptor.StreamInfo{
+		ID:                  id,
+		Attributes:          interceptor.Attributes{},
+		SSRC:                uint32(ssrc),
+		PayloadType:         uint8(payloadType),
+		RTPHeaderExtensions: headerExtensions,
+		MimeType:            codec.MimeType,
+		ClockRate:           codec.ClockRate,
+		Channels:            codec.Channels,
+		SDPFmtpLine:         codec.SDPFmtpLine,
+		RTCPFeedback:        feedbacks,
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/av1.go b/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/av1.go
new file mode 100644
index 0000000..29eccd1
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/av1.go
@@ -0,0 +1,41 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package fmtp
+
+type av1FMTP struct {
+	parameters map[string]string
+}
+
+func (h *av1FMTP) MimeType() string {
+	return "video/av1"
+}
+
+func (h *av1FMTP) Match(b FMTP) bool {
+	c, ok := b.(*av1FMTP)
+	if !ok {
+		return false
+	}
+
+	// RTP Payload Format For AV1 (v1.0)
+	// https://aomediacodec.github.io/av1-rtp-spec/
+	// If the profile parameter is not present, it MUST be inferred to be 0 (“Main” profile).
+	hProfile, ok := h.parameters["profile"]
+	if !ok {
+		hProfile = "0"
+	}
+	cProfile, ok := c.parameters["profile"]
+	if !ok {
+		cProfile = "0"
+	}
+	if hProfile != cProfile {
+		return false
+	}
+
+	return true
+}
+
+func (h *av1FMTP) Parameter(key string) (string, bool) {
+	v, ok := h.parameters[key]
+	return v, ok
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/fmtp.go b/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/fmtp.go
new file mode 100644
index 0000000..f515a64
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/fmtp.go
@@ -0,0 +1,112 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package fmtp implements per codec parsing of fmtp lines
+package fmtp
+
+import (
+	"strings"
+)
+
+func parseParameters(line string) map[string]string {
+	parameters := make(map[string]string)
+
+	for _, p := range strings.Split(line, ";") {
+		pp := strings.SplitN(strings.TrimSpace(p), "=", 2)
+		key := strings.ToLower(pp[0])
+		var value string
+		if len(pp) > 1 {
+			value = pp[1]
+		}
+		parameters[key] = value
+	}
+
+	return parameters
+}
+
+// FMTP interface for implementing custom
+// FMTP parsers based on MimeType
+type FMTP interface {
+	// MimeType returns the MimeType associated with
+	// the fmtp
+	MimeType() string
+	// Match compares two fmtp descriptions for
+	// compatibility based on the MimeType
+	Match(f FMTP) bool
+	// Parameter returns a value for the associated key
+	// if contained in the parsed fmtp string
+	Parameter(key string) (string, bool)
+}
+
+// Parse parses an fmtp string based on the MimeType
+func Parse(mimeType, line string) FMTP {
+	var f FMTP
+
+	parameters := parseParameters(line)
+
+	switch {
+	case strings.EqualFold(mimeType, "video/h264"):
+		f = &h264FMTP{
+			parameters: parameters,
+		}
+
+	case strings.EqualFold(mimeType, "video/vp9"):
+		f = &vp9FMTP{
+			parameters: parameters,
+		}
+
+	case strings.EqualFold(mimeType, "video/av1"):
+		f = &av1FMTP{
+			parameters: parameters,
+		}
+
+	default:
+		f = &genericFMTP{
+			mimeType:   mimeType,
+			parameters: parameters,
+		}
+	}
+
+	return f
+}
+
+type genericFMTP struct {
+	mimeType   string
+	parameters map[string]string
+}
+
+func (g *genericFMTP) MimeType() string {
+	return g.mimeType
+}
+
+// Match returns true if g and b are compatible fmtp descriptions
+// The generic implementation is used for MimeTypes that are not defined
+func (g *genericFMTP) Match(b FMTP) bool {
+	c, ok := b.(*genericFMTP)
+	if !ok {
+		return false
+	}
+
+	if !strings.EqualFold(g.mimeType, c.MimeType()) {
+		return false
+	}
+
+	for k, v := range g.parameters {
+		if vb, ok := c.parameters[k]; ok && !strings.EqualFold(vb, v) {
+			return false
+		}
+	}
+
+	for k, v := range c.parameters {
+		if va, ok := g.parameters[k]; ok && !strings.EqualFold(va, v) {
+			return false
+		}
+	}
+
+	return true
+}
+
+func (g *genericFMTP) Parameter(key string) (string, bool) {
+	v, ok := g.parameters[key]
+	return v, ok
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/h264.go b/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/h264.go
new file mode 100644
index 0000000..b89b97a
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/h264.go
@@ -0,0 +1,84 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package fmtp
+
+import (
+	"encoding/hex"
+)
+
+func profileLevelIDMatches(a, b string) bool {
+	aa, err := hex.DecodeString(a)
+	if err != nil || len(aa) < 2 {
+		return false
+	}
+	bb, err := hex.DecodeString(b)
+	if err != nil || len(bb) < 2 {
+		return false
+	}
+	return aa[0] == bb[0] && aa[1] == bb[1]
+}
+
+type h264FMTP struct {
+	parameters map[string]string
+}
+
+func (h *h264FMTP) MimeType() string {
+	return "video/h264"
+}
+
+// Match returns true if h and b are compatible fmtp descriptions
+// Based on RFC6184 Section 8.2.2:
+//
+//	The parameters identifying a media format configuration for H.264
+//	are profile-level-id and packetization-mode.  These media format
+//	configuration parameters (except for the level part of profile-
+//	level-id) MUST be used symmetrically; that is, the answerer MUST
+//	either maintain all configuration parameters or remove the media
+//	format (payload type) completely if one or more of the parameter
+//	values are not supported.
+//	  Informative note: The requirement for symmetric use does not
+//	  apply for the level part of profile-level-id and does not apply
+//	  for the other stream properties and capability parameters.
+func (h *h264FMTP) Match(b FMTP) bool {
+	c, ok := b.(*h264FMTP)
+	if !ok {
+		return false
+	}
+
+	// test packetization-mode
+	hpmode, hok := h.parameters["packetization-mode"]
+	if !hok {
+		return false
+	}
+	cpmode, cok := c.parameters["packetization-mode"]
+	if !cok {
+		return false
+	}
+
+	if hpmode != cpmode {
+		return false
+	}
+
+	// test profile-level-id
+	hplid, hok := h.parameters["profile-level-id"]
+	if !hok {
+		return false
+	}
+
+	cplid, cok := c.parameters["profile-level-id"]
+	if !cok {
+		return false
+	}
+
+	if !profileLevelIDMatches(hplid, cplid) {
+		return false
+	}
+
+	return true
+}
+
+func (h *h264FMTP) Parameter(key string) (string, bool) {
+	v, ok := h.parameters[key]
+	return v, ok
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/vp9.go b/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/vp9.go
new file mode 100644
index 0000000..7fc618b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/internal/fmtp/vp9.go
@@ -0,0 +1,41 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package fmtp
+
+type vp9FMTP struct {
+	parameters map[string]string
+}
+
+func (h *vp9FMTP) MimeType() string {
+	return "video/vp9"
+}
+
+func (h *vp9FMTP) Match(b FMTP) bool {
+	c, ok := b.(*vp9FMTP)
+	if !ok {
+		return false
+	}
+
+	// RTP Payload Format for VP9 Video - draft-ietf-payload-vp9-16
+	// https://datatracker.ietf.org/doc/html/draft-ietf-payload-vp9-16
+	// If no profile-id is present, Profile 0 MUST be inferred
+	hProfileID, ok := h.parameters["profile-id"]
+	if !ok {
+		hProfileID = "0"
+	}
+	cProfileID, ok := c.parameters["profile-id"]
+	if !ok {
+		cProfileID = "0"
+	}
+	if hProfileID != cProfileID {
+		return false
+	}
+
+	return true
+}
+
+func (h *vp9FMTP) Parameter(key string) (string, bool) {
+	v, ok := h.parameters[key]
+	return v, ok
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/internal/mux/endpoint.go b/server/vendor/github.com/pion/webrtc/v3/internal/mux/endpoint.go
new file mode 100644
index 0000000..3f53d16
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/internal/mux/endpoint.go
@@ -0,0 +1,78 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package mux
+
+import (
+	"errors"
+	"io"
+	"net"
+	"time"
+
+	"github.com/pion/ice/v2"
+	"github.com/pion/transport/v2/packetio"
+)
+
+// Endpoint implements net.Conn. It is used to read muxed packets.
+type Endpoint struct {
+	mux    *Mux
+	buffer *packetio.Buffer
+}
+
+// Close unregisters the endpoint from the Mux
+func (e *Endpoint) Close() (err error) {
+	err = e.close()
+	if err != nil {
+		return err
+	}
+
+	e.mux.RemoveEndpoint(e)
+	return nil
+}
+
+func (e *Endpoint) close() error {
+	return e.buffer.Close()
+}
+
+// Read reads a packet of len(p) bytes from the underlying conn
+// that are matched by the associated MuxFunc
+func (e *Endpoint) Read(p []byte) (int, error) {
+	return e.buffer.Read(p)
+}
+
+// Write writes len(p) bytes to the underlying conn
+func (e *Endpoint) Write(p []byte) (int, error) {
+	n, err := e.mux.nextConn.Write(p)
+	if errors.Is(err, ice.ErrNoCandidatePairs) {
+		return 0, nil
+	} else if errors.Is(err, ice.ErrClosed) {
+		return 0, io.ErrClosedPipe
+	}
+
+	return n, err
+}
+
+// LocalAddr is a stub
+func (e *Endpoint) LocalAddr() net.Addr {
+	return e.mux.nextConn.LocalAddr()
+}
+
+// RemoteAddr is a stub
+func (e *Endpoint) RemoteAddr() net.Addr {
+	return e.mux.nextConn.RemoteAddr()
+}
+
+// SetDeadline is a stub
+func (e *Endpoint) SetDeadline(time.Time) error {
+	return nil
+}
+
+// SetReadDeadline is a stub
+func (e *Endpoint) SetReadDeadline(time.Time) error {
+	return nil
+}
+
+// SetWriteDeadline is a stub
+func (e *Endpoint) SetWriteDeadline(time.Time) error {
+	return nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/internal/mux/mux.go b/server/vendor/github.com/pion/webrtc/v3/internal/mux/mux.go
new file mode 100644
index 0000000..d57b9c3
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/internal/mux/mux.go
@@ -0,0 +1,163 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package mux multiplexes packets on a single socket (RFC7983)
+package mux
+
+import (
+	"errors"
+	"io"
+	"net"
+	"sync"
+
+	"github.com/pion/ice/v2"
+	"github.com/pion/logging"
+	"github.com/pion/transport/v2/packetio"
+)
+
+// The maximum amount of data that can be buffered before returning errors.
+const maxBufferSize = 1000 * 1000 // 1MB
+
+// Config collects the arguments to mux.Mux construction into
+// a single structure
+type Config struct {
+	Conn          net.Conn
+	BufferSize    int
+	LoggerFactory logging.LoggerFactory
+}
+
+// Mux allows multiplexing
+type Mux struct {
+	lock       sync.RWMutex
+	nextConn   net.Conn
+	endpoints  map[*Endpoint]MatchFunc
+	bufferSize int
+	closedCh   chan struct{}
+
+	log logging.LeveledLogger
+}
+
+// NewMux creates a new Mux
+func NewMux(config Config) *Mux {
+	m := &Mux{
+		nextConn:   config.Conn,
+		endpoints:  make(map[*Endpoint]MatchFunc),
+		bufferSize: config.BufferSize,
+		closedCh:   make(chan struct{}),
+		log:        config.LoggerFactory.NewLogger("mux"),
+	}
+
+	go m.readLoop()
+
+	return m
+}
+
+// NewEndpoint creates a new Endpoint
+func (m *Mux) NewEndpoint(f MatchFunc) *Endpoint {
+	e := &Endpoint{
+		mux:    m,
+		buffer: packetio.NewBuffer(),
+	}
+
+	// Set a maximum size of the buffer in bytes.
+	e.buffer.SetLimitSize(maxBufferSize)
+
+	m.lock.Lock()
+	m.endpoints[e] = f
+	m.lock.Unlock()
+
+	return e
+}
+
+// RemoveEndpoint removes an endpoint from the Mux
+func (m *Mux) RemoveEndpoint(e *Endpoint) {
+	m.lock.Lock()
+	defer m.lock.Unlock()
+	delete(m.endpoints, e)
+}
+
+// Close closes the Mux and all associated Endpoints.
+func (m *Mux) Close() error {
+	m.lock.Lock()
+	for e := range m.endpoints {
+		if err := e.close(); err != nil {
+			m.lock.Unlock()
+			return err
+		}
+
+		delete(m.endpoints, e)
+	}
+	m.lock.Unlock()
+
+	err := m.nextConn.Close()
+	if err != nil {
+		return err
+	}
+
+	// Wait for readLoop to end
+	<-m.closedCh
+
+	return nil
+}
+
+func (m *Mux) readLoop() {
+	defer func() {
+		close(m.closedCh)
+	}()
+
+	buf := make([]byte, m.bufferSize)
+	for {
+		n, err := m.nextConn.Read(buf)
+		switch {
+		case errors.Is(err, io.EOF), errors.Is(err, ice.ErrClosed):
+			return
+		case errors.Is(err, io.ErrShortBuffer), errors.Is(err, packetio.ErrTimeout):
+			m.log.Errorf("mux: failed to read from packetio.Buffer %s", err.Error())
+			continue
+		case err != nil:
+			m.log.Errorf("mux: ending readLoop packetio.Buffer error %s", err.Error())
+			return
+		}
+
+		if err = m.dispatch(buf[:n]); err != nil {
+			if errors.Is(err, io.ErrClosedPipe) {
+				// if the buffer was closed, that's not an error we care to report
+				return
+			}
+			m.log.Errorf("mux: ending readLoop dispatch error %s", err.Error())
+			return
+		}
+	}
+}
+
+func (m *Mux) dispatch(buf []byte) error {
+	var endpoint *Endpoint
+
+	m.lock.Lock()
+	for e, f := range m.endpoints {
+		if f(buf) {
+			endpoint = e
+			break
+		}
+	}
+	m.lock.Unlock()
+
+	if endpoint == nil {
+		if len(buf) > 0 {
+			m.log.Warnf("Warning: mux: no endpoint for packet starting with %d", buf[0])
+		} else {
+			m.log.Warnf("Warning: mux: no endpoint for zero length packet")
+		}
+		return nil
+	}
+
+	_, err := endpoint.buffer.Write(buf)
+
+	// Expected when bytes are received faster than the endpoint can process them (#2152, #2180)
+	if errors.Is(err, packetio.ErrFull) {
+		m.log.Infof("mux: endpoint buffer is full, dropping packet")
+		return nil
+	}
+
+	return err
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/internal/mux/muxfunc.go b/server/vendor/github.com/pion/webrtc/v3/internal/mux/muxfunc.go
new file mode 100644
index 0000000..69c3d14
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/internal/mux/muxfunc.go
@@ -0,0 +1,65 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package mux
+
+// MatchFunc allows custom logic for mapping packets to an Endpoint
+type MatchFunc func([]byte) bool
+
+// MatchAll always returns true
+func MatchAll([]byte) bool {
+	return true
+}
+
+// MatchRange returns true if the first byte of buf is in [lower..upper]
+func MatchRange(lower, upper byte, buf []byte) bool {
+	if len(buf) < 1 {
+		return false
+	}
+	b := buf[0]
+	return b >= lower && b <= upper
+}
+
+// MatchFuncs as described in RFC7983
+// https://tools.ietf.org/html/rfc7983
+//              +----------------+
+//              |        [0..3] -+--> forward to STUN
+//              |                |
+//              |      [16..19] -+--> forward to ZRTP
+//              |                |
+//  packet -->  |      [20..63] -+--> forward to DTLS
+//              |                |
+//              |      [64..79] -+--> forward to TURN Channel
+//              |                |
+//              |    [128..191] -+--> forward to RTP/RTCP
+//              +----------------+
+
+// MatchDTLS is a MatchFunc that accepts packets with the first byte in [20..63]
+// as defied in RFC7983
+func MatchDTLS(b []byte) bool {
+	return MatchRange(20, 63, b)
+}
+
+// MatchSRTPOrSRTCP is a MatchFunc that accepts packets with the first byte in [128..191]
+// as defied in RFC7983
+func MatchSRTPOrSRTCP(b []byte) bool {
+	return MatchRange(128, 191, b)
+}
+
+func isRTCP(buf []byte) bool {
+	// Not long enough to determine RTP/RTCP
+	if len(buf) < 4 {
+		return false
+	}
+	return buf[1] >= 192 && buf[1] <= 223
+}
+
+// MatchSRTP is a MatchFunc that only matches SRTP and not SRTCP
+func MatchSRTP(buf []byte) bool {
+	return MatchSRTPOrSRTCP(buf) && !isRTCP(buf)
+}
+
+// MatchSRTCP is a MatchFunc that only matches SRTCP and not SRTP
+func MatchSRTCP(buf []byte) bool {
+	return MatchSRTPOrSRTCP(buf) && isRTCP(buf)
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/internal/util/util.go b/server/vendor/github.com/pion/webrtc/v3/internal/util/util.go
new file mode 100644
index 0000000..3f43c12
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/internal/util/util.go
@@ -0,0 +1,75 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package util provides auxiliary functions internally used in webrtc package
+package util
+
+import (
+	"errors"
+	"strings"
+
+	"github.com/pion/randutil"
+)
+
+const (
+	runesAlpha = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+)
+
+// Use global random generator to properly seed by crypto grade random.
+var globalMathRandomGenerator = randutil.NewMathRandomGenerator() // nolint:gochecknoglobals
+
+// MathRandAlpha generates a mathmatical random alphabet sequence of the requested length.
+func MathRandAlpha(n int) string {
+	return globalMathRandomGenerator.GenerateString(n, runesAlpha)
+}
+
+// RandUint32 generates a mathmatical random uint32.
+func RandUint32() uint32 {
+	return globalMathRandomGenerator.Uint32()
+}
+
+// FlattenErrs flattens multiple errors into one
+func FlattenErrs(errs []error) error {
+	errs2 := []error{}
+	for _, e := range errs {
+		if e != nil {
+			errs2 = append(errs2, e)
+		}
+	}
+	if len(errs2) == 0 {
+		return nil
+	}
+	return multiError(errs2)
+}
+
+type multiError []error //nolint:errname
+
+func (me multiError) Error() string {
+	var errstrings []string
+
+	for _, err := range me {
+		if err != nil {
+			errstrings = append(errstrings, err.Error())
+		}
+	}
+
+	if len(errstrings) == 0 {
+		return "multiError must contain multiple error but is empty"
+	}
+
+	return strings.Join(errstrings, "\n")
+}
+
+func (me multiError) Is(err error) bool {
+	for _, e := range me {
+		if errors.Is(e, err) {
+			return true
+		}
+		if me2, ok := e.(multiError); ok { //nolint:errorlint
+			if me2.Is(err) {
+				return true
+			}
+		}
+	}
+	return false
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/js_utils.go b/server/vendor/github.com/pion/webrtc/v3/js_utils.go
new file mode 100644
index 0000000..7e7b5e1
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/js_utils.go
@@ -0,0 +1,172 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import (
+	"fmt"
+	"syscall/js"
+)
+
+// awaitPromise accepts a js.Value representing a Promise. If the promise
+// resolves, it returns (result, nil). If the promise rejects, it returns
+// (js.Undefined, error). awaitPromise has a synchronous-like API but does not
+// block the JavaScript event loop.
+func awaitPromise(promise js.Value) (js.Value, error) {
+	resultsChan := make(chan js.Value)
+	errChan := make(chan js.Error)
+
+	thenFunc := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		go func() {
+			resultsChan <- args[0]
+		}()
+		return js.Undefined()
+	})
+	defer thenFunc.Release()
+
+	catchFunc := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		go func() {
+			errChan <- js.Error{args[0]}
+		}()
+		return js.Undefined()
+	})
+	defer catchFunc.Release()
+
+	promise.Call("then", thenFunc).Call("catch", catchFunc)
+
+	select {
+	case result := <-resultsChan:
+		return result, nil
+	case err := <-errChan:
+		return js.Undefined(), err
+	}
+}
+
+func valueToUint16Pointer(val js.Value) *uint16 {
+	if val.IsNull() || val.IsUndefined() {
+		return nil
+	}
+	convertedVal := uint16(val.Int())
+	return &convertedVal
+}
+
+func valueToStringPointer(val js.Value) *string {
+	if val.IsNull() || val.IsUndefined() {
+		return nil
+	}
+	stringVal := val.String()
+	return &stringVal
+}
+
+func stringToValueOrUndefined(val string) js.Value {
+	if val == "" {
+		return js.Undefined()
+	}
+	return js.ValueOf(val)
+}
+
+func uint8ToValueOrUndefined(val uint8) js.Value {
+	if val == 0 {
+		return js.Undefined()
+	}
+	return js.ValueOf(val)
+}
+
+func interfaceToValueOrUndefined(val interface{}) js.Value {
+	if val == nil {
+		return js.Undefined()
+	}
+	return js.ValueOf(val)
+}
+
+func valueToStringOrZero(val js.Value) string {
+	if val.IsUndefined() || val.IsNull() {
+		return ""
+	}
+	return val.String()
+}
+
+func valueToUint8OrZero(val js.Value) uint8 {
+	if val.IsUndefined() || val.IsNull() {
+		return 0
+	}
+	return uint8(val.Int())
+}
+
+func valueToUint16OrZero(val js.Value) uint16 {
+	if val.IsNull() || val.IsUndefined() {
+		return 0
+	}
+	return uint16(val.Int())
+}
+
+func valueToUint32OrZero(val js.Value) uint32 {
+	if val.IsNull() || val.IsUndefined() {
+		return 0
+	}
+	return uint32(val.Int())
+}
+
+func valueToStrings(val js.Value) []string {
+	result := make([]string, val.Length())
+	for i := 0; i < val.Length(); i++ {
+		result[i] = val.Index(i).String()
+	}
+	return result
+}
+
+func stringPointerToValue(val *string) js.Value {
+	if val == nil {
+		return js.Undefined()
+	}
+	return js.ValueOf(*val)
+}
+
+func uint16PointerToValue(val *uint16) js.Value {
+	if val == nil {
+		return js.Undefined()
+	}
+	return js.ValueOf(*val)
+}
+
+func boolPointerToValue(val *bool) js.Value {
+	if val == nil {
+		return js.Undefined()
+	}
+	return js.ValueOf(*val)
+}
+
+func stringsToValue(strings []string) js.Value {
+	val := make([]interface{}, len(strings))
+	for i, s := range strings {
+		val[i] = s
+	}
+	return js.ValueOf(val)
+}
+
+func stringEnumToValueOrUndefined(s string) js.Value {
+	if s == "unknown" {
+		return js.Undefined()
+	}
+	return js.ValueOf(s)
+}
+
+// Converts the return value of recover() to an error.
+func recoveryToError(e interface{}) error {
+	switch e := e.(type) {
+	case error:
+		return e
+	default:
+		return fmt.Errorf("recovered with non-error value: (%T) %s", e, e)
+	}
+}
+
+func uint8ArrayValueToBytes(val js.Value) []byte {
+	result := make([]byte, val.Length())
+	js.CopyBytesToGo(result, val)
+
+	return result
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/mediaengine.go b/server/vendor/github.com/pion/webrtc/v3/mediaengine.go
new file mode 100644
index 0000000..b85b784
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/mediaengine.go
@@ -0,0 +1,707 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/pion/rtp"
+	"github.com/pion/rtp/codecs"
+	"github.com/pion/sdp/v3"
+	"github.com/pion/webrtc/v3/internal/fmtp"
+)
+
+const (
+	// MimeTypeH264 H264 MIME type.
+	// Note: Matching should be case insensitive.
+	MimeTypeH264 = "video/H264"
+	// MimeTypeH265 H265 MIME type
+	// Note: Matching should be case insensitive.
+	MimeTypeH265 = "video/H265"
+	// MimeTypeOpus Opus MIME type
+	// Note: Matching should be case insensitive.
+	MimeTypeOpus = "audio/opus"
+	// MimeTypeVP8 VP8 MIME type
+	// Note: Matching should be case insensitive.
+	MimeTypeVP8 = "video/VP8"
+	// MimeTypeVP9 VP9 MIME type
+	// Note: Matching should be case insensitive.
+	MimeTypeVP9 = "video/VP9"
+	// MimeTypeAV1 AV1 MIME type
+	// Note: Matching should be case insensitive.
+	MimeTypeAV1 = "video/AV1"
+	// MimeTypeG722 G722 MIME type
+	// Note: Matching should be case insensitive.
+	MimeTypeG722 = "audio/G722"
+	// MimeTypePCMU PCMU MIME type
+	// Note: Matching should be case insensitive.
+	MimeTypePCMU = "audio/PCMU"
+	// MimeTypePCMA PCMA MIME type
+	// Note: Matching should be case insensitive.
+	MimeTypePCMA = "audio/PCMA"
+)
+
+type mediaEngineHeaderExtension struct {
+	uri              string
+	isAudio, isVideo bool
+
+	// If set only Transceivers of this direction are allowed
+	allowedDirections []RTPTransceiverDirection
+}
+
+// A MediaEngine defines the codecs supported by a PeerConnection, and the
+// configuration of those codecs.
+type MediaEngine struct {
+	// If we have attempted to negotiate a codec type yet.
+	negotiatedVideo, negotiatedAudio bool
+
+	videoCodecs, audioCodecs                     []RTPCodecParameters
+	negotiatedVideoCodecs, negotiatedAudioCodecs []RTPCodecParameters
+
+	headerExtensions           []mediaEngineHeaderExtension
+	negotiatedHeaderExtensions map[int]mediaEngineHeaderExtension
+
+	mu sync.RWMutex
+}
+
+// RegisterDefaultCodecs registers the default codecs supported by Pion WebRTC.
+// RegisterDefaultCodecs is not safe for concurrent use.
+func (m *MediaEngine) RegisterDefaultCodecs() error {
+	// Default Pion Audio Codecs
+	for _, codec := range []RTPCodecParameters{
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeOpus, 48000, 2, "minptime=10;useinbandfec=1", nil},
+			PayloadType:        111,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeG722, 8000, 0, "", nil},
+			PayloadType:        9,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypePCMU, 8000, 0, "", nil},
+			PayloadType:        0,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypePCMA, 8000, 0, "", nil},
+			PayloadType:        8,
+		},
+	} {
+		if err := m.RegisterCodec(codec, RTPCodecTypeAudio); err != nil {
+			return err
+		}
+	}
+
+	videoRTCPFeedback := []RTCPFeedback{{"goog-remb", ""}, {"ccm", "fir"}, {"nack", ""}, {"nack", "pli"}}
+	for _, codec := range []RTPCodecParameters{
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeVP8, 90000, 0, "", videoRTCPFeedback},
+			PayloadType:        96,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=96", nil},
+			PayloadType:        97,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeH264, 90000, 0, "level-asymmetry-allowed=1;packetization-mode=1;profile-level-id=42001f", videoRTCPFeedback},
+			PayloadType:        102,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=102", nil},
+			PayloadType:        103,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeH264, 90000, 0, "level-asymmetry-allowed=1;packetization-mode=0;profile-level-id=42001f", videoRTCPFeedback},
+			PayloadType:        104,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=104", nil},
+			PayloadType:        105,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeH264, 90000, 0, "level-asymmetry-allowed=1;packetization-mode=1;profile-level-id=42e01f", videoRTCPFeedback},
+			PayloadType:        106,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=106", nil},
+			PayloadType:        107,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeH264, 90000, 0, "level-asymmetry-allowed=1;packetization-mode=0;profile-level-id=42e01f", videoRTCPFeedback},
+			PayloadType:        108,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=108", nil},
+			PayloadType:        109,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeH264, 90000, 0, "level-asymmetry-allowed=1;packetization-mode=1;profile-level-id=4d001f", videoRTCPFeedback},
+			PayloadType:        127,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=127", nil},
+			PayloadType:        125,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeH264, 90000, 0, "level-asymmetry-allowed=1;packetization-mode=0;profile-level-id=4d001f", videoRTCPFeedback},
+			PayloadType:        39,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=39", nil},
+			PayloadType:        40,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeAV1, 90000, 0, "", videoRTCPFeedback},
+			PayloadType:        45,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=45", nil},
+			PayloadType:        46,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeVP9, 90000, 0, "profile-id=0", videoRTCPFeedback},
+			PayloadType:        98,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=98", nil},
+			PayloadType:        99,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeVP9, 90000, 0, "profile-id=2", videoRTCPFeedback},
+			PayloadType:        100,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=100", nil},
+			PayloadType:        101,
+		},
+
+		{
+			RTPCodecCapability: RTPCodecCapability{MimeTypeH264, 90000, 0, "level-asymmetry-allowed=1;packetization-mode=1;profile-level-id=64001f", videoRTCPFeedback},
+			PayloadType:        112,
+		},
+		{
+			RTPCodecCapability: RTPCodecCapability{"video/rtx", 90000, 0, "apt=112", nil},
+			PayloadType:        113,
+		},
+	} {
+		if err := m.RegisterCodec(codec, RTPCodecTypeVideo); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// addCodec will append codec if it not exists
+func (m *MediaEngine) addCodec(codecs []RTPCodecParameters, codec RTPCodecParameters) []RTPCodecParameters {
+	for _, c := range codecs {
+		if c.MimeType == codec.MimeType && c.PayloadType == codec.PayloadType {
+			return codecs
+		}
+	}
+	return append(codecs, codec)
+}
+
+// RegisterCodec adds codec to the MediaEngine
+// These are the list of codecs supported by this PeerConnection.
+// RegisterCodec is not safe for concurrent use.
+func (m *MediaEngine) RegisterCodec(codec RTPCodecParameters, typ RTPCodecType) error {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+
+	codec.statsID = fmt.Sprintf("RTPCodec-%d", time.Now().UnixNano())
+	switch typ {
+	case RTPCodecTypeAudio:
+		m.audioCodecs = m.addCodec(m.audioCodecs, codec)
+	case RTPCodecTypeVideo:
+		m.videoCodecs = m.addCodec(m.videoCodecs, codec)
+	default:
+		return ErrUnknownType
+	}
+	return nil
+}
+
+// RegisterHeaderExtension adds a header extension to the MediaEngine
+// To determine the negotiated value use `GetHeaderExtensionID` after signaling is complete
+func (m *MediaEngine) RegisterHeaderExtension(extension RTPHeaderExtensionCapability, typ RTPCodecType, allowedDirections ...RTPTransceiverDirection) error {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+
+	if m.negotiatedHeaderExtensions == nil {
+		m.negotiatedHeaderExtensions = map[int]mediaEngineHeaderExtension{}
+	}
+
+	if len(allowedDirections) == 0 {
+		allowedDirections = []RTPTransceiverDirection{RTPTransceiverDirectionRecvonly, RTPTransceiverDirectionSendonly}
+	}
+
+	for _, direction := range allowedDirections {
+		if direction != RTPTransceiverDirectionRecvonly && direction != RTPTransceiverDirectionSendonly {
+			return ErrRegisterHeaderExtensionInvalidDirection
+		}
+	}
+
+	extensionIndex := -1
+	for i := range m.headerExtensions {
+		if extension.URI == m.headerExtensions[i].uri {
+			extensionIndex = i
+		}
+	}
+
+	if extensionIndex == -1 {
+		m.headerExtensions = append(m.headerExtensions, mediaEngineHeaderExtension{})
+		extensionIndex = len(m.headerExtensions) - 1
+	}
+
+	if typ == RTPCodecTypeAudio {
+		m.headerExtensions[extensionIndex].isAudio = true
+	} else if typ == RTPCodecTypeVideo {
+		m.headerExtensions[extensionIndex].isVideo = true
+	}
+
+	m.headerExtensions[extensionIndex].uri = extension.URI
+	m.headerExtensions[extensionIndex].allowedDirections = allowedDirections
+
+	return nil
+}
+
+// RegisterFeedback adds feedback mechanism to already registered codecs.
+func (m *MediaEngine) RegisterFeedback(feedback RTCPFeedback, typ RTPCodecType) {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+
+	switch typ {
+	case RTPCodecTypeVideo:
+		for i, v := range m.videoCodecs {
+			v.RTCPFeedback = append(v.RTCPFeedback, feedback)
+			m.videoCodecs[i] = v
+		}
+	case RTPCodecTypeAudio:
+		for i, v := range m.audioCodecs {
+			v.RTCPFeedback = append(v.RTCPFeedback, feedback)
+			m.audioCodecs[i] = v
+		}
+	}
+}
+
+// getHeaderExtensionID returns the negotiated ID for a header extension.
+// If the Header Extension isn't enabled ok will be false
+func (m *MediaEngine) getHeaderExtensionID(extension RTPHeaderExtensionCapability) (val int, audioNegotiated, videoNegotiated bool) {
+	m.mu.RLock()
+	defer m.mu.RUnlock()
+
+	if m.negotiatedHeaderExtensions == nil {
+		return 0, false, false
+	}
+
+	for id, h := range m.negotiatedHeaderExtensions {
+		if extension.URI == h.uri {
+			return id, h.isAudio, h.isVideo
+		}
+	}
+
+	return
+}
+
+// copy copies any user modifiable state of the MediaEngine
+// all internal state is reset
+func (m *MediaEngine) copy() *MediaEngine {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	cloned := &MediaEngine{
+		videoCodecs:      append([]RTPCodecParameters{}, m.videoCodecs...),
+		audioCodecs:      append([]RTPCodecParameters{}, m.audioCodecs...),
+		headerExtensions: append([]mediaEngineHeaderExtension{}, m.headerExtensions...),
+	}
+	if len(m.headerExtensions) > 0 {
+		cloned.negotiatedHeaderExtensions = map[int]mediaEngineHeaderExtension{}
+	}
+	return cloned
+}
+
+func findCodecByPayload(codecs []RTPCodecParameters, payloadType PayloadType) *RTPCodecParameters {
+	for _, codec := range codecs {
+		if codec.PayloadType == payloadType {
+			return &codec
+		}
+	}
+	return nil
+}
+
+func (m *MediaEngine) getCodecByPayload(payloadType PayloadType) (RTPCodecParameters, RTPCodecType, error) {
+	m.mu.RLock()
+	defer m.mu.RUnlock()
+
+	// if we've negotiated audio or video, check the negotiated types before our
+	// built-in payload types, to ensure we pick the codec the other side wants.
+	if m.negotiatedVideo {
+		if codec := findCodecByPayload(m.negotiatedVideoCodecs, payloadType); codec != nil {
+			return *codec, RTPCodecTypeVideo, nil
+		}
+	}
+	if m.negotiatedAudio {
+		if codec := findCodecByPayload(m.negotiatedAudioCodecs, payloadType); codec != nil {
+			return *codec, RTPCodecTypeAudio, nil
+		}
+	}
+	if !m.negotiatedVideo {
+		if codec := findCodecByPayload(m.videoCodecs, payloadType); codec != nil {
+			return *codec, RTPCodecTypeVideo, nil
+		}
+	}
+	if !m.negotiatedAudio {
+		if codec := findCodecByPayload(m.audioCodecs, payloadType); codec != nil {
+			return *codec, RTPCodecTypeAudio, nil
+		}
+	}
+
+	return RTPCodecParameters{}, 0, ErrCodecNotFound
+}
+
+func (m *MediaEngine) collectStats(collector *statsReportCollector) {
+	m.mu.RLock()
+	defer m.mu.RUnlock()
+
+	statsLoop := func(codecs []RTPCodecParameters) {
+		for _, codec := range codecs {
+			collector.Collecting()
+			stats := CodecStats{
+				Timestamp:   statsTimestampFrom(time.Now()),
+				Type:        StatsTypeCodec,
+				ID:          codec.statsID,
+				PayloadType: codec.PayloadType,
+				MimeType:    codec.MimeType,
+				ClockRate:   codec.ClockRate,
+				Channels:    uint8(codec.Channels),
+				SDPFmtpLine: codec.SDPFmtpLine,
+			}
+
+			collector.Collect(stats.ID, stats)
+		}
+	}
+
+	statsLoop(m.videoCodecs)
+	statsLoop(m.audioCodecs)
+}
+
+// Look up a codec and enable if it exists
+func (m *MediaEngine) matchRemoteCodec(remoteCodec RTPCodecParameters, typ RTPCodecType, exactMatches, partialMatches []RTPCodecParameters) (RTPCodecParameters, codecMatchType, error) {
+	codecs := m.videoCodecs
+	if typ == RTPCodecTypeAudio {
+		codecs = m.audioCodecs
+	}
+
+	remoteFmtp := fmtp.Parse(remoteCodec.RTPCodecCapability.MimeType, remoteCodec.RTPCodecCapability.SDPFmtpLine)
+	if apt, hasApt := remoteFmtp.Parameter("apt"); hasApt {
+		payloadType, err := strconv.ParseUint(apt, 10, 8)
+		if err != nil {
+			return RTPCodecParameters{}, codecMatchNone, err
+		}
+
+		aptMatch := codecMatchNone
+		var aptCodec RTPCodecParameters
+		for _, codec := range exactMatches {
+			if codec.PayloadType == PayloadType(payloadType) {
+				aptMatch = codecMatchExact
+				aptCodec = codec
+				break
+			}
+		}
+
+		if aptMatch == codecMatchNone {
+			for _, codec := range partialMatches {
+				if codec.PayloadType == PayloadType(payloadType) {
+					aptMatch = codecMatchPartial
+					aptCodec = codec
+					break
+				}
+			}
+		}
+
+		if aptMatch == codecMatchNone {
+			return RTPCodecParameters{}, codecMatchNone, nil // not an error, we just ignore this codec we don't support
+		}
+
+		// replace the apt value with the original codec's payload type
+		toMatchCodec := remoteCodec
+		if aptMatched, mt := codecParametersFuzzySearch(aptCodec, codecs); mt == aptMatch {
+			toMatchCodec.SDPFmtpLine = strings.Replace(toMatchCodec.SDPFmtpLine, fmt.Sprintf("apt=%d", payloadType), fmt.Sprintf("apt=%d", aptMatched.PayloadType), 1)
+		}
+
+		// if apt's media codec is partial match, then apt codec must be partial match too
+		localCodec, matchType := codecParametersFuzzySearch(toMatchCodec, codecs)
+		if matchType == codecMatchExact && aptMatch == codecMatchPartial {
+			matchType = codecMatchPartial
+		}
+		return localCodec, matchType, nil
+	}
+
+	localCodec, matchType := codecParametersFuzzySearch(remoteCodec, codecs)
+	return localCodec, matchType, nil
+}
+
+// Update header extensions from a remote media section
+func (m *MediaEngine) updateHeaderExtensionFromMediaSection(media *sdp.MediaDescription) error {
+	var typ RTPCodecType
+	switch {
+	case strings.EqualFold(media.MediaName.Media, "audio"):
+		typ = RTPCodecTypeAudio
+	case strings.EqualFold(media.MediaName.Media, "video"):
+		typ = RTPCodecTypeVideo
+	default:
+		return nil
+	}
+	extensions, err := rtpExtensionsFromMediaDescription(media)
+	if err != nil {
+		return err
+	}
+
+	for extension, id := range extensions {
+		if err = m.updateHeaderExtension(id, extension, typ); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Look up a header extension and enable if it exists
+func (m *MediaEngine) updateHeaderExtension(id int, extension string, typ RTPCodecType) error {
+	if m.negotiatedHeaderExtensions == nil {
+		return nil
+	}
+
+	for _, localExtension := range m.headerExtensions {
+		if localExtension.uri == extension {
+			h := mediaEngineHeaderExtension{uri: extension, allowedDirections: localExtension.allowedDirections}
+			if existingValue, ok := m.negotiatedHeaderExtensions[id]; ok {
+				h = existingValue
+			}
+
+			switch {
+			case localExtension.isAudio && typ == RTPCodecTypeAudio:
+				h.isAudio = true
+			case localExtension.isVideo && typ == RTPCodecTypeVideo:
+				h.isVideo = true
+			}
+
+			m.negotiatedHeaderExtensions[id] = h
+		}
+	}
+	return nil
+}
+
+func (m *MediaEngine) pushCodecs(codecs []RTPCodecParameters, typ RTPCodecType) {
+	for _, codec := range codecs {
+		if typ == RTPCodecTypeAudio {
+			m.negotiatedAudioCodecs = m.addCodec(m.negotiatedAudioCodecs, codec)
+		} else if typ == RTPCodecTypeVideo {
+			m.negotiatedVideoCodecs = m.addCodec(m.negotiatedVideoCodecs, codec)
+		}
+	}
+}
+
+// Update the MediaEngine from a remote description
+func (m *MediaEngine) updateFromRemoteDescription(desc sdp.SessionDescription) error {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+
+	for _, media := range desc.MediaDescriptions {
+		var typ RTPCodecType
+
+		switch {
+		case strings.EqualFold(media.MediaName.Media, "audio"):
+			typ = RTPCodecTypeAudio
+		case strings.EqualFold(media.MediaName.Media, "video"):
+			typ = RTPCodecTypeVideo
+		}
+
+		switch {
+		case !m.negotiatedAudio && typ == RTPCodecTypeAudio:
+			m.negotiatedAudio = true
+		case !m.negotiatedVideo && typ == RTPCodecTypeVideo:
+			m.negotiatedVideo = true
+		default:
+			// update header extesions from remote sdp if codec is negotiated, Firefox
+			// would send updated header extension in renegotiation.
+			// e.g. publish first track without simucalst ->negotiated-> publish second track with simucalst
+			// then the two media secontions have different rtp header extensions in offer
+			if err := m.updateHeaderExtensionFromMediaSection(media); err != nil {
+				return err
+			}
+			continue
+		}
+
+		codecs, err := codecsFromMediaDescription(media)
+		if err != nil {
+			return err
+		}
+
+		exactMatches := make([]RTPCodecParameters, 0, len(codecs))
+		partialMatches := make([]RTPCodecParameters, 0, len(codecs))
+
+		for _, remoteCodec := range codecs {
+			localCodec, matchType, mErr := m.matchRemoteCodec(remoteCodec, typ, exactMatches, partialMatches)
+			if mErr != nil {
+				return mErr
+			}
+
+			remoteCodec.RTCPFeedback = rtcpFeedbackIntersection(localCodec.RTCPFeedback, remoteCodec.RTCPFeedback)
+
+			if matchType == codecMatchExact {
+				exactMatches = append(exactMatches, remoteCodec)
+			} else if matchType == codecMatchPartial {
+				partialMatches = append(partialMatches, remoteCodec)
+			}
+		}
+
+		// use exact matches when they exist, otherwise fall back to partial
+		switch {
+		case len(exactMatches) > 0:
+			m.pushCodecs(exactMatches, typ)
+		case len(partialMatches) > 0:
+			m.pushCodecs(partialMatches, typ)
+		default:
+			// no match, not negotiated
+			continue
+		}
+
+		if err := m.updateHeaderExtensionFromMediaSection(media); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (m *MediaEngine) getCodecsByKind(typ RTPCodecType) []RTPCodecParameters {
+	m.mu.RLock()
+	defer m.mu.RUnlock()
+
+	if typ == RTPCodecTypeVideo {
+		if m.negotiatedVideo {
+			return m.negotiatedVideoCodecs
+		}
+
+		return m.videoCodecs
+	} else if typ == RTPCodecTypeAudio {
+		if m.negotiatedAudio {
+			return m.negotiatedAudioCodecs
+		}
+
+		return m.audioCodecs
+	}
+
+	return nil
+}
+
+func (m *MediaEngine) getRTPParametersByKind(typ RTPCodecType, directions []RTPTransceiverDirection) RTPParameters { //nolint:gocognit
+	headerExtensions := make([]RTPHeaderExtensionParameter, 0)
+
+	// perform before locking to prevent recursive RLocks
+	foundCodecs := m.getCodecsByKind(typ)
+
+	m.mu.RLock()
+	defer m.mu.RUnlock()
+	if m.negotiatedVideo && typ == RTPCodecTypeVideo ||
+		m.negotiatedAudio && typ == RTPCodecTypeAudio {
+		for id, e := range m.negotiatedHeaderExtensions {
+			if haveRTPTransceiverDirectionIntersection(e.allowedDirections, directions) && (e.isAudio && typ == RTPCodecTypeAudio || e.isVideo && typ == RTPCodecTypeVideo) {
+				headerExtensions = append(headerExtensions, RTPHeaderExtensionParameter{ID: id, URI: e.uri})
+			}
+		}
+	} else {
+		mediaHeaderExtensions := make(map[int]mediaEngineHeaderExtension)
+		for _, e := range m.headerExtensions {
+			usingNegotiatedID := false
+			for id := range m.negotiatedHeaderExtensions {
+				if m.negotiatedHeaderExtensions[id].uri == e.uri {
+					usingNegotiatedID = true
+					mediaHeaderExtensions[id] = e
+					break
+				}
+			}
+			if !usingNegotiatedID {
+				for id := 1; id < 15; id++ {
+					idAvailable := true
+					if _, ok := mediaHeaderExtensions[id]; ok {
+						idAvailable = false
+					}
+					if _, taken := m.negotiatedHeaderExtensions[id]; idAvailable && !taken {
+						mediaHeaderExtensions[id] = e
+						break
+					}
+				}
+			}
+		}
+
+		for id, e := range mediaHeaderExtensions {
+			if haveRTPTransceiverDirectionIntersection(e.allowedDirections, directions) && (e.isAudio && typ == RTPCodecTypeAudio || e.isVideo && typ == RTPCodecTypeVideo) {
+				headerExtensions = append(headerExtensions, RTPHeaderExtensionParameter{ID: id, URI: e.uri})
+			}
+		}
+	}
+
+	return RTPParameters{
+		HeaderExtensions: headerExtensions,
+		Codecs:           foundCodecs,
+	}
+}
+
+func (m *MediaEngine) getRTPParametersByPayloadType(payloadType PayloadType) (RTPParameters, error) {
+	codec, typ, err := m.getCodecByPayload(payloadType)
+	if err != nil {
+		return RTPParameters{}, err
+	}
+
+	m.mu.RLock()
+	defer m.mu.RUnlock()
+	headerExtensions := make([]RTPHeaderExtensionParameter, 0)
+	for id, e := range m.negotiatedHeaderExtensions {
+		if e.isAudio && typ == RTPCodecTypeAudio || e.isVideo && typ == RTPCodecTypeVideo {
+			headerExtensions = append(headerExtensions, RTPHeaderExtensionParameter{ID: id, URI: e.uri})
+		}
+	}
+
+	return RTPParameters{
+		HeaderExtensions: headerExtensions,
+		Codecs:           []RTPCodecParameters{codec},
+	}, nil
+}
+
+func payloaderForCodec(codec RTPCodecCapability) (rtp.Payloader, error) {
+	switch strings.ToLower(codec.MimeType) {
+	case strings.ToLower(MimeTypeH264):
+		return &codecs.H264Payloader{}, nil
+	case strings.ToLower(MimeTypeOpus):
+		return &codecs.OpusPayloader{}, nil
+	case strings.ToLower(MimeTypeVP8):
+		return &codecs.VP8Payloader{
+			EnablePictureID: true,
+		}, nil
+	case strings.ToLower(MimeTypeVP9):
+		return &codecs.VP9Payloader{}, nil
+	case strings.ToLower(MimeTypeAV1):
+		return &codecs.AV1Payloader{}, nil
+	case strings.ToLower(MimeTypeG722):
+		return &codecs.G722Payloader{}, nil
+	case strings.ToLower(MimeTypePCMU), strings.ToLower(MimeTypePCMA):
+		return &codecs.G711Payloader{}, nil
+	default:
+		return nil, ErrNoPayloaderForCodec
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/networktype.go b/server/vendor/github.com/pion/webrtc/v3/networktype.go
new file mode 100644
index 0000000..601e73f
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/networktype.go
@@ -0,0 +1,107 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"fmt"
+
+	"github.com/pion/ice/v2"
+)
+
+func supportedNetworkTypes() []NetworkType {
+	return []NetworkType{
+		NetworkTypeUDP4,
+		NetworkTypeUDP6,
+		// NetworkTypeTCP4, // Not supported yet
+		// NetworkTypeTCP6, // Not supported yet
+	}
+}
+
+// NetworkType represents the type of network
+type NetworkType int
+
+const (
+	// NetworkTypeUDP4 indicates UDP over IPv4.
+	NetworkTypeUDP4 NetworkType = iota + 1
+
+	// NetworkTypeUDP6 indicates UDP over IPv6.
+	NetworkTypeUDP6
+
+	// NetworkTypeTCP4 indicates TCP over IPv4.
+	NetworkTypeTCP4
+
+	// NetworkTypeTCP6 indicates TCP over IPv6.
+	NetworkTypeTCP6
+)
+
+// This is done this way because of a linter.
+const (
+	networkTypeUDP4Str = "udp4"
+	networkTypeUDP6Str = "udp6"
+	networkTypeTCP4Str = "tcp4"
+	networkTypeTCP6Str = "tcp6"
+)
+
+func (t NetworkType) String() string {
+	switch t {
+	case NetworkTypeUDP4:
+		return networkTypeUDP4Str
+	case NetworkTypeUDP6:
+		return networkTypeUDP6Str
+	case NetworkTypeTCP4:
+		return networkTypeTCP4Str
+	case NetworkTypeTCP6:
+		return networkTypeTCP6Str
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// Protocol returns udp or tcp
+func (t NetworkType) Protocol() string {
+	switch t {
+	case NetworkTypeUDP4:
+		return "udp"
+	case NetworkTypeUDP6:
+		return "udp"
+	case NetworkTypeTCP4:
+		return "tcp"
+	case NetworkTypeTCP6:
+		return "tcp"
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// NewNetworkType allows create network type from string
+// It will be useful for getting custom network types from external config.
+func NewNetworkType(raw string) (NetworkType, error) {
+	switch raw {
+	case networkTypeUDP4Str:
+		return NetworkTypeUDP4, nil
+	case networkTypeUDP6Str:
+		return NetworkTypeUDP6, nil
+	case networkTypeTCP4Str:
+		return NetworkTypeTCP4, nil
+	case networkTypeTCP6Str:
+		return NetworkTypeTCP6, nil
+	default:
+		return NetworkType(Unknown), fmt.Errorf("%w: %s", errNetworkTypeUnknown, raw)
+	}
+}
+
+func getNetworkType(iceNetworkType ice.NetworkType) (NetworkType, error) {
+	switch iceNetworkType {
+	case ice.NetworkTypeUDP4:
+		return NetworkTypeUDP4, nil
+	case ice.NetworkTypeUDP6:
+		return NetworkTypeUDP6, nil
+	case ice.NetworkTypeTCP4:
+		return NetworkTypeTCP4, nil
+	case ice.NetworkTypeTCP6:
+		return NetworkTypeTCP6, nil
+	default:
+		return NetworkType(Unknown), fmt.Errorf("%w: %s", errNetworkTypeUnknown, iceNetworkType.String())
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/oauthcredential.go b/server/vendor/github.com/pion/webrtc/v3/oauthcredential.go
new file mode 100644
index 0000000..16210f9
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/oauthcredential.go
@@ -0,0 +1,18 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// OAuthCredential represents OAuth credential information which is used by
+// the STUN/TURN client to connect to an ICE server as defined in
+// https://tools.ietf.org/html/rfc7635. Note that the kid parameter is not
+// located in OAuthCredential, but in ICEServer's username member.
+type OAuthCredential struct {
+	// MACKey is a base64-url encoded format. It is used in STUN message
+	// integrity hash calculation.
+	MACKey string
+
+	// AccessToken is a base64-encoded format. This is an encrypted
+	// self-contained token that is opaque to the application.
+	AccessToken string
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/offeransweroptions.go b/server/vendor/github.com/pion/webrtc/v3/offeransweroptions.go
new file mode 100644
index 0000000..5286889
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/offeransweroptions.go
@@ -0,0 +1,29 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// OfferAnswerOptions is a base structure which describes the options that
+// can be used to control the offer/answer creation process.
+type OfferAnswerOptions struct {
+	// VoiceActivityDetection allows the application to provide information
+	// about whether it wishes voice detection feature to be enabled or disabled.
+	VoiceActivityDetection bool
+}
+
+// AnswerOptions structure describes the options used to control the answer
+// creation process.
+type AnswerOptions struct {
+	OfferAnswerOptions
+}
+
+// OfferOptions structure describes the options used to control the offer
+// creation process
+type OfferOptions struct {
+	OfferAnswerOptions
+
+	// ICERestart forces the underlying ice gathering process to be restarted.
+	// When this value is true, the generated description will have ICE
+	// credentials that are different from the current credentials
+	ICERestart bool
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/operations.go b/server/vendor/github.com/pion/webrtc/v3/operations.go
new file mode 100644
index 0000000..67d24ee
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/operations.go
@@ -0,0 +1,154 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"container/list"
+	"sync"
+)
+
+// Operation is a function
+type operation func()
+
+// Operations is a task executor.
+type operations struct {
+	mu     sync.Mutex
+	busyCh chan struct{}
+	ops    *list.List
+
+	updateNegotiationNeededFlagOnEmptyChain *atomicBool
+	onNegotiationNeeded                     func()
+	isClosed                                bool
+}
+
+func newOperations(
+	updateNegotiationNeededFlagOnEmptyChain *atomicBool,
+	onNegotiationNeeded func(),
+) *operations {
+	return &operations{
+		ops:                                     list.New(),
+		updateNegotiationNeededFlagOnEmptyChain: updateNegotiationNeededFlagOnEmptyChain,
+		onNegotiationNeeded:                     onNegotiationNeeded,
+	}
+}
+
+// Enqueue adds a new action to be executed. If there are no actions scheduled,
+// the execution will start immediately in a new goroutine. If the queue has been
+// closed, the operation will be dropped. The queue is only deliberately closed
+// by a user.
+func (o *operations) Enqueue(op operation) {
+	o.mu.Lock()
+	defer o.mu.Unlock()
+	_ = o.tryEnqueue(op)
+}
+
+// tryEnqueue attempts to enqueue the given operation. It returns false
+// if the op is invalid or the queue is closed. mu must be locked by
+// tryEnqueue's caller.
+func (o *operations) tryEnqueue(op operation) bool {
+	if op == nil {
+		return false
+	}
+
+	if o.isClosed {
+		return false
+	}
+	o.ops.PushBack(op)
+
+	if o.busyCh == nil {
+		o.busyCh = make(chan struct{})
+		go o.start()
+	}
+
+	return true
+}
+
+// IsEmpty checks if there are tasks in the queue
+func (o *operations) IsEmpty() bool {
+	o.mu.Lock()
+	defer o.mu.Unlock()
+	return o.ops.Len() == 0
+}
+
+// Done blocks until all currently enqueued operations are finished executing.
+// For more complex synchronization, use Enqueue directly.
+func (o *operations) Done() {
+	var wg sync.WaitGroup
+	wg.Add(1)
+	o.mu.Lock()
+	enqueued := o.tryEnqueue(func() {
+		wg.Done()
+	})
+	o.mu.Unlock()
+	if !enqueued {
+		return
+	}
+	wg.Wait()
+}
+
+// GracefulClose waits for the operations queue to be cleared and forbids
+// new operations from being enqueued.
+func (o *operations) GracefulClose() {
+	o.mu.Lock()
+	if o.isClosed {
+		o.mu.Unlock()
+		return
+	}
+	// do not enqueue anymore ops from here on
+	// o.isClosed=true will also not allow a new busyCh
+	// to be created.
+	o.isClosed = true
+
+	busyCh := o.busyCh
+	o.mu.Unlock()
+	if busyCh == nil {
+		return
+	}
+	<-busyCh
+}
+
+func (o *operations) pop() func() {
+	o.mu.Lock()
+	defer o.mu.Unlock()
+	if o.ops.Len() == 0 {
+		return nil
+	}
+
+	e := o.ops.Front()
+	o.ops.Remove(e)
+	if op, ok := e.Value.(operation); ok {
+		return op
+	}
+	return nil
+}
+
+func (o *operations) start() {
+	defer func() {
+		o.mu.Lock()
+		defer o.mu.Unlock()
+		// this wil lbe the most recent busy chan
+		close(o.busyCh)
+
+		if o.ops.Len() == 0 || o.isClosed {
+			o.busyCh = nil
+			return
+		}
+
+		// either a new operation was enqueued while we
+		// were busy, or an operation panicked
+		o.busyCh = make(chan struct{})
+		go o.start()
+	}()
+
+	fn := o.pop()
+	for fn != nil {
+		fn()
+		fn = o.pop()
+	}
+	if !o.updateNegotiationNeededFlagOnEmptyChain.get() {
+		return
+	}
+	o.updateNegotiationNeededFlagOnEmptyChain.set(false)
+	o.onNegotiationNeeded()
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/package.json b/server/vendor/github.com/pion/webrtc/v3/package.json
new file mode 100644
index 0000000..429f3ef
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/package.json
@@ -0,0 +1,11 @@
+{
+  "name": "webrtc",
+  "repository": "git@github.com:pion/webrtc.git",
+  "private": true,
+  "devDependencies": {
+    "wrtc": "0.4.7"
+  },
+  "dependencies": {
+    "request": "2.88.2"
+  }
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/peerconnection.go b/server/vendor/github.com/pion/webrtc/v3/peerconnection.go
new file mode 100644
index 0000000..d515c08
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/peerconnection.go
@@ -0,0 +1,2641 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"errors"
+	"fmt"
+	"io"
+	"strconv"
+	"strings"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/ice/v2"
+	"github.com/pion/interceptor"
+	"github.com/pion/logging"
+	"github.com/pion/rtcp"
+	"github.com/pion/sdp/v3"
+	"github.com/pion/srtp/v2"
+	"github.com/pion/webrtc/v3/internal/util"
+	"github.com/pion/webrtc/v3/pkg/rtcerr"
+)
+
+// PeerConnection represents a WebRTC connection that establishes a
+// peer-to-peer communications with another PeerConnection instance in a
+// browser, or to another endpoint implementing the required protocols.
+type PeerConnection struct {
+	statsID string
+	mu      sync.RWMutex
+
+	sdpOrigin sdp.Origin
+
+	// ops is an operations queue which will ensure the enqueued actions are
+	// executed in order. It is used for asynchronously, but serially processing
+	// remote and local descriptions
+	ops *operations
+
+	configuration Configuration
+
+	currentLocalDescription  *SessionDescription
+	pendingLocalDescription  *SessionDescription
+	currentRemoteDescription *SessionDescription
+	pendingRemoteDescription *SessionDescription
+	signalingState           SignalingState
+	iceConnectionState       atomic.Value // ICEConnectionState
+	connectionState          atomic.Value // PeerConnectionState
+
+	idpLoginURL *string
+
+	isClosed                                *atomicBool
+	isGracefullyClosingOrClosed             bool
+	isCloseDone                             chan struct{}
+	isGracefulCloseDone                     chan struct{}
+	isNegotiationNeeded                     *atomicBool
+	updateNegotiationNeededFlagOnEmptyChain *atomicBool
+
+	lastOffer  string
+	lastAnswer string
+
+	// a value containing the last known greater mid value
+	// we internally generate mids as numbers. Needed since JSEP
+	// requires that when reusing a media section a new unique mid
+	// should be defined (see JSEP 3.4.1).
+	greaterMid int
+
+	rtpTransceivers        []*RTPTransceiver
+	nonMediaBandwidthProbe atomic.Value // RTPReceiver
+
+	onSignalingStateChangeHandler     func(SignalingState)
+	onICEConnectionStateChangeHandler atomic.Value // func(ICEConnectionState)
+	onConnectionStateChangeHandler    atomic.Value // func(PeerConnectionState)
+	onTrackHandler                    func(*TrackRemote, *RTPReceiver)
+	onDataChannelHandler              func(*DataChannel)
+	onNegotiationNeededHandler        atomic.Value // func()
+
+	iceGatherer   *ICEGatherer
+	iceTransport  *ICETransport
+	dtlsTransport *DTLSTransport
+	sctpTransport *SCTPTransport
+
+	// A reference to the associated API state used by this connection
+	api *API
+	log logging.LeveledLogger
+
+	interceptorRTCPWriter interceptor.RTCPWriter
+}
+
+// NewPeerConnection creates a PeerConnection with the default codecs and
+// interceptors.  See RegisterDefaultCodecs and RegisterDefaultInterceptors.
+//
+// If you wish to customize the set of available codecs or the set of
+// active interceptors, create a MediaEngine and call api.NewPeerConnection
+// instead of this function.
+func NewPeerConnection(configuration Configuration) (*PeerConnection, error) {
+	m := &MediaEngine{}
+	if err := m.RegisterDefaultCodecs(); err != nil {
+		return nil, err
+	}
+
+	i := &interceptor.Registry{}
+	if err := RegisterDefaultInterceptors(m, i); err != nil {
+		return nil, err
+	}
+
+	api := NewAPI(WithMediaEngine(m), WithInterceptorRegistry(i))
+	return api.NewPeerConnection(configuration)
+}
+
+// NewPeerConnection creates a new PeerConnection with the provided configuration against the received API object
+func (api *API) NewPeerConnection(configuration Configuration) (*PeerConnection, error) {
+	// https://w3c.github.io/webrtc-pc/#constructor (Step #2)
+	// Some variables defined explicitly despite their implicit zero values to
+	// allow better readability to understand what is happening.
+
+	pc := &PeerConnection{
+		statsID: fmt.Sprintf("PeerConnection-%d", time.Now().UnixNano()),
+		configuration: Configuration{
+			ICEServers:           []ICEServer{},
+			ICETransportPolicy:   ICETransportPolicyAll,
+			BundlePolicy:         BundlePolicyBalanced,
+			RTCPMuxPolicy:        RTCPMuxPolicyRequire,
+			Certificates:         []Certificate{},
+			ICECandidatePoolSize: 0,
+		},
+		isClosed:                                &atomicBool{},
+		isCloseDone:                             make(chan struct{}),
+		isGracefulCloseDone:                     make(chan struct{}),
+		isNegotiationNeeded:                     &atomicBool{},
+		updateNegotiationNeededFlagOnEmptyChain: &atomicBool{},
+		lastOffer:                               "",
+		lastAnswer:                              "",
+		greaterMid:                              -1,
+		signalingState:                          SignalingStateStable,
+
+		api: api,
+		log: api.settingEngine.LoggerFactory.NewLogger("pc"),
+	}
+	pc.ops = newOperations(pc.updateNegotiationNeededFlagOnEmptyChain, pc.onNegotiationNeeded)
+
+	pc.iceConnectionState.Store(ICEConnectionStateNew)
+	pc.connectionState.Store(PeerConnectionStateNew)
+
+	i, err := api.interceptorRegistry.Build("")
+	if err != nil {
+		return nil, err
+	}
+
+	pc.api = &API{
+		settingEngine: api.settingEngine,
+		interceptor:   i,
+	}
+
+	if api.settingEngine.disableMediaEngineCopy {
+		pc.api.mediaEngine = api.mediaEngine
+	} else {
+		pc.api.mediaEngine = api.mediaEngine.copy()
+	}
+
+	if err = pc.initConfiguration(configuration); err != nil {
+		return nil, err
+	}
+
+	pc.iceGatherer, err = pc.createICEGatherer()
+	if err != nil {
+		return nil, err
+	}
+
+	// Create the ice transport
+	iceTransport := pc.createICETransport()
+	pc.iceTransport = iceTransport
+
+	// Create the DTLS transport
+	dtlsTransport, err := pc.api.NewDTLSTransport(pc.iceTransport, pc.configuration.Certificates)
+	if err != nil {
+		return nil, err
+	}
+	pc.dtlsTransport = dtlsTransport
+
+	// Create the SCTP transport
+	pc.sctpTransport = pc.api.NewSCTPTransport(pc.dtlsTransport)
+
+	// Wire up the on datachannel handler
+	pc.sctpTransport.OnDataChannel(func(d *DataChannel) {
+		pc.mu.RLock()
+		handler := pc.onDataChannelHandler
+		pc.mu.RUnlock()
+		if handler != nil {
+			handler(d)
+		}
+	})
+
+	pc.interceptorRTCPWriter = pc.api.interceptor.BindRTCPWriter(interceptor.RTCPWriterFunc(pc.writeRTCP))
+
+	return pc, nil
+}
+
+// initConfiguration defines validation of the specified Configuration and
+// its assignment to the internal configuration variable. This function differs
+// from its SetConfiguration counterpart because most of the checks do not
+// include verification statements related to the existing state. Thus the
+// function describes only minor verification of some the struct variables.
+func (pc *PeerConnection) initConfiguration(configuration Configuration) error {
+	if configuration.PeerIdentity != "" {
+		pc.configuration.PeerIdentity = configuration.PeerIdentity
+	}
+
+	// https://www.w3.org/TR/webrtc/#constructor (step #3)
+	if len(configuration.Certificates) > 0 {
+		now := time.Now()
+		for _, x509Cert := range configuration.Certificates {
+			if !x509Cert.Expires().IsZero() && now.After(x509Cert.Expires()) {
+				return &rtcerr.InvalidAccessError{Err: ErrCertificateExpired}
+			}
+			pc.configuration.Certificates = append(pc.configuration.Certificates, x509Cert)
+		}
+	} else {
+		sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+		if err != nil {
+			return &rtcerr.UnknownError{Err: err}
+		}
+		certificate, err := GenerateCertificate(sk)
+		if err != nil {
+			return err
+		}
+		pc.configuration.Certificates = []Certificate{*certificate}
+	}
+
+	if configuration.BundlePolicy != BundlePolicy(Unknown) {
+		pc.configuration.BundlePolicy = configuration.BundlePolicy
+	}
+
+	if configuration.RTCPMuxPolicy != RTCPMuxPolicy(Unknown) {
+		pc.configuration.RTCPMuxPolicy = configuration.RTCPMuxPolicy
+	}
+
+	if configuration.ICECandidatePoolSize != 0 {
+		pc.configuration.ICECandidatePoolSize = configuration.ICECandidatePoolSize
+	}
+
+	if configuration.ICETransportPolicy != ICETransportPolicy(Unknown) {
+		pc.configuration.ICETransportPolicy = configuration.ICETransportPolicy
+	}
+
+	if configuration.SDPSemantics != SDPSemantics(Unknown) {
+		pc.configuration.SDPSemantics = configuration.SDPSemantics
+	}
+
+	sanitizedICEServers := configuration.getICEServers()
+	if len(sanitizedICEServers) > 0 {
+		for _, server := range sanitizedICEServers {
+			if err := server.validate(); err != nil {
+				return err
+			}
+		}
+		pc.configuration.ICEServers = sanitizedICEServers
+	}
+
+	return nil
+}
+
+// OnSignalingStateChange sets an event handler which is invoked when the
+// peer connection's signaling state changes
+func (pc *PeerConnection) OnSignalingStateChange(f func(SignalingState)) {
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+	pc.onSignalingStateChangeHandler = f
+}
+
+func (pc *PeerConnection) onSignalingStateChange(newState SignalingState) {
+	pc.mu.RLock()
+	handler := pc.onSignalingStateChangeHandler
+	pc.mu.RUnlock()
+
+	pc.log.Infof("signaling state changed to %s", newState)
+	if handler != nil {
+		go handler(newState)
+	}
+}
+
+// OnDataChannel sets an event handler which is invoked when a data
+// channel message arrives from a remote peer.
+func (pc *PeerConnection) OnDataChannel(f func(*DataChannel)) {
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+	pc.onDataChannelHandler = f
+}
+
+// OnNegotiationNeeded sets an event handler which is invoked when
+// a change has occurred which requires session negotiation
+func (pc *PeerConnection) OnNegotiationNeeded(f func()) {
+	pc.onNegotiationNeededHandler.Store(f)
+}
+
+// onNegotiationNeeded enqueues negotiationNeededOp if necessary
+// caller of this method should hold `pc.mu` lock
+// https://www.w3.org/TR/webrtc/#dfn-update-the-negotiation-needed-flag
+func (pc *PeerConnection) onNegotiationNeeded() {
+	// 4.7.3.1 If the length of connection.[[Operations]] is not 0, then set
+	// connection.[[UpdateNegotiationNeededFlagOnEmptyChain]] to true, and abort these steps.
+	if !pc.ops.IsEmpty() {
+		pc.updateNegotiationNeededFlagOnEmptyChain.set(true)
+		return
+	}
+	pc.ops.Enqueue(pc.negotiationNeededOp)
+}
+
+// https://www.w3.org/TR/webrtc/#dfn-update-the-negotiation-needed-flag
+func (pc *PeerConnection) negotiationNeededOp() {
+	// 4.7.3.2.1 If connection.[[IsClosed]] is true, abort these steps.
+	if pc.isClosed.get() {
+		return
+	}
+
+	// 4.7.3.2.2 If the length of connection.[[Operations]] is not 0,
+	// then set connection.[[UpdateNegotiationNeededFlagOnEmptyChain]] to
+	// true, and abort these steps.
+	if !pc.ops.IsEmpty() {
+		pc.updateNegotiationNeededFlagOnEmptyChain.set(true)
+		return
+	}
+
+	// 4.7.3.2.3 If connection's signaling state is not "stable", abort these steps.
+	if pc.SignalingState() != SignalingStateStable {
+		return
+	}
+
+	// 4.7.3.2.4 If the result of checking if negotiation is needed is false,
+	// clear the negotiation-needed flag by setting connection.[[NegotiationNeeded]]
+	// to false, and abort these steps.
+	if !pc.checkNegotiationNeeded() {
+		pc.isNegotiationNeeded.set(false)
+		return
+	}
+
+	// 4.7.3.2.5 If connection.[[NegotiationNeeded]] is already true, abort these steps.
+	if pc.isNegotiationNeeded.get() {
+		return
+	}
+
+	// 4.7.3.2.6 Set connection.[[NegotiationNeeded]] to true.
+	pc.isNegotiationNeeded.set(true)
+
+	// 4.7.3.2.7 Fire an event named negotiationneeded at connection.
+	if handler, ok := pc.onNegotiationNeededHandler.Load().(func()); ok && handler != nil {
+		handler()
+	}
+}
+
+func (pc *PeerConnection) checkNegotiationNeeded() bool { //nolint:gocognit
+	// To check if negotiation is needed for connection, perform the following checks:
+	// Skip 1, 2 steps
+	// Step 3
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+
+	localDesc := pc.currentLocalDescription
+	remoteDesc := pc.currentRemoteDescription
+
+	if localDesc == nil {
+		return true
+	}
+
+	pc.sctpTransport.lock.Lock()
+	lenDataChannel := len(pc.sctpTransport.dataChannels)
+	pc.sctpTransport.lock.Unlock()
+
+	if lenDataChannel != 0 && haveDataChannel(localDesc) == nil {
+		return true
+	}
+
+	for _, t := range pc.rtpTransceivers {
+		// https://www.w3.org/TR/webrtc/#dfn-update-the-negotiation-needed-flag
+		// Step 5.1
+		// if t.stopping && !t.stopped {
+		// 	return true
+		// }
+		m := getByMid(t.Mid(), localDesc)
+		// Step 5.2
+		if !t.stopped && m == nil {
+			return true
+		}
+		if !t.stopped && m != nil {
+			// Step 5.3.1
+			if t.Direction() == RTPTransceiverDirectionSendrecv || t.Direction() == RTPTransceiverDirectionSendonly {
+				descMsid, okMsid := m.Attribute(sdp.AttrKeyMsid)
+				sender := t.Sender()
+				if sender == nil {
+					return true
+				}
+				track := sender.Track()
+				if !okMsid || descMsid != track.StreamID()+" "+track.ID() {
+					return true
+				}
+			}
+			switch localDesc.Type {
+			case SDPTypeOffer:
+				// Step 5.3.2
+				rm := getByMid(t.Mid(), remoteDesc)
+				if rm == nil {
+					return true
+				}
+
+				if getPeerDirection(m) != t.Direction() && getPeerDirection(rm) != t.Direction().Revers() {
+					return true
+				}
+			case SDPTypeAnswer:
+				// Step 5.3.3
+				if _, ok := m.Attribute(t.Direction().String()); !ok {
+					return true
+				}
+			default:
+			}
+		}
+		// Step 5.4
+		if t.stopped && t.Mid() != "" {
+			if getByMid(t.Mid(), localDesc) != nil || getByMid(t.Mid(), remoteDesc) != nil {
+				return true
+			}
+		}
+	}
+	// Step 6
+	return false
+}
+
+// OnICECandidate sets an event handler which is invoked when a new ICE
+// candidate is found.
+// ICE candidate gathering only begins when SetLocalDescription or
+// SetRemoteDescription is called.
+// Take note that the handler will be called with a nil pointer when
+// gathering is finished.
+func (pc *PeerConnection) OnICECandidate(f func(*ICECandidate)) {
+	pc.iceGatherer.OnLocalCandidate(f)
+}
+
+// OnICEGatheringStateChange sets an event handler which is invoked when the
+// ICE candidate gathering state has changed.
+func (pc *PeerConnection) OnICEGatheringStateChange(f func(ICEGathererState)) {
+	pc.iceGatherer.OnStateChange(f)
+}
+
+// OnTrack sets an event handler which is called when remote track
+// arrives from a remote peer.
+func (pc *PeerConnection) OnTrack(f func(*TrackRemote, *RTPReceiver)) {
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+	pc.onTrackHandler = f
+}
+
+func (pc *PeerConnection) onTrack(t *TrackRemote, r *RTPReceiver) {
+	pc.mu.RLock()
+	handler := pc.onTrackHandler
+	pc.mu.RUnlock()
+
+	pc.log.Debugf("got new track: %+v", t)
+	if t != nil {
+		if handler != nil {
+			go handler(t, r)
+		} else {
+			pc.log.Warnf("OnTrack unset, unable to handle incoming media streams")
+		}
+	}
+}
+
+// OnICEConnectionStateChange sets an event handler which is called
+// when an ICE connection state is changed.
+func (pc *PeerConnection) OnICEConnectionStateChange(f func(ICEConnectionState)) {
+	pc.onICEConnectionStateChangeHandler.Store(f)
+}
+
+func (pc *PeerConnection) onICEConnectionStateChange(cs ICEConnectionState) {
+	pc.iceConnectionState.Store(cs)
+	pc.log.Infof("ICE connection state changed: %s", cs)
+	if handler, ok := pc.onICEConnectionStateChangeHandler.Load().(func(ICEConnectionState)); ok && handler != nil {
+		handler(cs)
+	}
+}
+
+// OnConnectionStateChange sets an event handler which is called
+// when the PeerConnectionState has changed
+func (pc *PeerConnection) OnConnectionStateChange(f func(PeerConnectionState)) {
+	pc.onConnectionStateChangeHandler.Store(f)
+}
+
+func (pc *PeerConnection) onConnectionStateChange(cs PeerConnectionState) {
+	pc.connectionState.Store(cs)
+	pc.log.Infof("peer connection state changed: %s", cs)
+	if handler, ok := pc.onConnectionStateChangeHandler.Load().(func(PeerConnectionState)); ok && handler != nil {
+		go handler(cs)
+	}
+}
+
+// SetConfiguration updates the configuration of this PeerConnection object.
+func (pc *PeerConnection) SetConfiguration(configuration Configuration) error { //nolint:gocognit
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-setconfiguration (step #2)
+	if pc.isClosed.get() {
+		return &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #3)
+	if configuration.PeerIdentity != "" {
+		if configuration.PeerIdentity != pc.configuration.PeerIdentity {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingPeerIdentity}
+		}
+		pc.configuration.PeerIdentity = configuration.PeerIdentity
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #4)
+	if len(configuration.Certificates) > 0 {
+		if len(configuration.Certificates) != len(pc.configuration.Certificates) {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingCertificates}
+		}
+
+		for i, certificate := range configuration.Certificates {
+			if !pc.configuration.Certificates[i].Equals(certificate) {
+				return &rtcerr.InvalidModificationError{Err: ErrModifyingCertificates}
+			}
+		}
+		pc.configuration.Certificates = configuration.Certificates
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #5)
+	if configuration.BundlePolicy != BundlePolicy(Unknown) {
+		if configuration.BundlePolicy != pc.configuration.BundlePolicy {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingBundlePolicy}
+		}
+		pc.configuration.BundlePolicy = configuration.BundlePolicy
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #6)
+	if configuration.RTCPMuxPolicy != RTCPMuxPolicy(Unknown) {
+		if configuration.RTCPMuxPolicy != pc.configuration.RTCPMuxPolicy {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingRTCPMuxPolicy}
+		}
+		pc.configuration.RTCPMuxPolicy = configuration.RTCPMuxPolicy
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #7)
+	if configuration.ICECandidatePoolSize != 0 {
+		if pc.configuration.ICECandidatePoolSize != configuration.ICECandidatePoolSize &&
+			pc.LocalDescription() != nil {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingICECandidatePoolSize}
+		}
+		pc.configuration.ICECandidatePoolSize = configuration.ICECandidatePoolSize
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #8)
+	if configuration.ICETransportPolicy != ICETransportPolicy(Unknown) {
+		pc.configuration.ICETransportPolicy = configuration.ICETransportPolicy
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #11)
+	if len(configuration.ICEServers) > 0 {
+		// https://www.w3.org/TR/webrtc/#set-the-configuration (step #11.3)
+		for _, server := range configuration.ICEServers {
+			if err := server.validate(); err != nil {
+				return err
+			}
+		}
+		pc.configuration.ICEServers = configuration.ICEServers
+	}
+	return nil
+}
+
+// GetConfiguration returns a Configuration object representing the current
+// configuration of this PeerConnection object. The returned object is a
+// copy and direct mutation on it will not take affect until SetConfiguration
+// has been called with Configuration passed as its only argument.
+// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-getconfiguration
+func (pc *PeerConnection) GetConfiguration() Configuration {
+	return pc.configuration
+}
+
+func (pc *PeerConnection) getStatsID() string {
+	pc.mu.RLock()
+	defer pc.mu.RUnlock()
+	return pc.statsID
+}
+
+// hasLocalDescriptionChanged returns whether local media (rtpTransceivers) has changed
+// caller of this method should hold `pc.mu` lock
+func (pc *PeerConnection) hasLocalDescriptionChanged(desc *SessionDescription) bool {
+	for _, t := range pc.rtpTransceivers {
+		m := getByMid(t.Mid(), desc)
+		if m == nil {
+			return true
+		}
+
+		if getPeerDirection(m) != t.Direction() {
+			return true
+		}
+	}
+	return false
+}
+
+// CreateOffer starts the PeerConnection and generates the localDescription
+// https://w3c.github.io/webrtc-pc/#dom-rtcpeerconnection-createoffer
+func (pc *PeerConnection) CreateOffer(options *OfferOptions) (SessionDescription, error) { //nolint:gocognit
+	useIdentity := pc.idpLoginURL != nil
+	switch {
+	case useIdentity:
+		return SessionDescription{}, errIdentityProviderNotImplemented
+	case pc.isClosed.get():
+		return SessionDescription{}, &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	if options != nil && options.ICERestart {
+		if err := pc.iceTransport.restart(); err != nil {
+			return SessionDescription{}, err
+		}
+	}
+
+	var (
+		d     *sdp.SessionDescription
+		offer SessionDescription
+		err   error
+	)
+
+	// This may be necessary to recompute if, for example, createOffer was called when only an
+	// audio RTCRtpTransceiver was added to connection, but while performing the in-parallel
+	// steps to create an offer, a video RTCRtpTransceiver was added, requiring additional
+	// inspection of video system resources.
+	count := 0
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+	for {
+		// We cache current transceivers to ensure they aren't
+		// mutated during offer generation. We later check if they have
+		// been mutated and recompute the offer if necessary.
+		currentTransceivers := pc.rtpTransceivers
+
+		// in-parallel steps to create an offer
+		// https://w3c.github.io/webrtc-pc/#dfn-in-parallel-steps-to-create-an-offer
+		isPlanB := pc.configuration.SDPSemantics == SDPSemanticsPlanB
+		if pc.currentRemoteDescription != nil && isPlanB {
+			isPlanB = descriptionPossiblyPlanB(pc.currentRemoteDescription)
+		}
+
+		// include unmatched local transceivers
+		if !isPlanB {
+			// update the greater mid if the remote description provides a greater one
+			if pc.currentRemoteDescription != nil {
+				var numericMid int
+				for _, media := range pc.currentRemoteDescription.parsed.MediaDescriptions {
+					mid := getMidValue(media)
+					if mid == "" {
+						continue
+					}
+					numericMid, err = strconv.Atoi(mid)
+					if err != nil {
+						continue
+					}
+					if numericMid > pc.greaterMid {
+						pc.greaterMid = numericMid
+					}
+				}
+			}
+			for _, t := range currentTransceivers {
+				if mid := t.Mid(); mid != "" {
+					numericMid, errMid := strconv.Atoi(mid)
+					if errMid == nil {
+						if numericMid > pc.greaterMid {
+							pc.greaterMid = numericMid
+						}
+					}
+					continue
+				}
+				pc.greaterMid++
+				err = t.SetMid(strconv.Itoa(pc.greaterMid))
+				if err != nil {
+					return SessionDescription{}, err
+				}
+			}
+		}
+
+		if pc.currentRemoteDescription == nil {
+			d, err = pc.generateUnmatchedSDP(currentTransceivers, useIdentity)
+		} else {
+			d, err = pc.generateMatchedSDP(currentTransceivers, useIdentity, true /*includeUnmatched */, connectionRoleFromDtlsRole(defaultDtlsRoleOffer))
+		}
+
+		if err != nil {
+			return SessionDescription{}, err
+		}
+
+		updateSDPOrigin(&pc.sdpOrigin, d)
+		sdpBytes, err := d.Marshal()
+		if err != nil {
+			return SessionDescription{}, err
+		}
+
+		offer = SessionDescription{
+			Type:   SDPTypeOffer,
+			SDP:    string(sdpBytes),
+			parsed: d,
+		}
+
+		// Verify local media hasn't changed during offer
+		// generation. Recompute if necessary
+		if isPlanB || !pc.hasLocalDescriptionChanged(&offer) {
+			break
+		}
+		count++
+		if count >= 128 {
+			return SessionDescription{}, errExcessiveRetries
+		}
+	}
+
+	pc.lastOffer = offer.SDP
+	return offer, nil
+}
+
+func (pc *PeerConnection) createICEGatherer() (*ICEGatherer, error) {
+	g, err := pc.api.NewICEGatherer(ICEGatherOptions{
+		ICEServers:      pc.configuration.getICEServers(),
+		ICEGatherPolicy: pc.configuration.ICETransportPolicy,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return g, nil
+}
+
+// Update the PeerConnectionState given the state of relevant transports
+// https://www.w3.org/TR/webrtc/#rtcpeerconnectionstate-enum
+func (pc *PeerConnection) updateConnectionState(iceConnectionState ICEConnectionState, dtlsTransportState DTLSTransportState) {
+	connectionState := PeerConnectionStateNew
+	switch {
+	// The RTCPeerConnection object's [[IsClosed]] slot is true.
+	case pc.isClosed.get():
+		connectionState = PeerConnectionStateClosed
+
+	// Any of the RTCIceTransports or RTCDtlsTransports are in a "failed" state.
+	case iceConnectionState == ICEConnectionStateFailed || dtlsTransportState == DTLSTransportStateFailed:
+		connectionState = PeerConnectionStateFailed
+
+	// Any of the RTCIceTransports or RTCDtlsTransports are in the "disconnected"
+	// state and none of them are in the "failed" or "connecting" or "checking" state.  */
+	case iceConnectionState == ICEConnectionStateDisconnected:
+		connectionState = PeerConnectionStateDisconnected
+
+	// None of the previous states apply and all RTCIceTransports are in the "new" or "closed" state,
+	// and all RTCDtlsTransports are in the "new" or "closed" state, or there are no transports.
+	case (iceConnectionState == ICEConnectionStateNew || iceConnectionState == ICEConnectionStateClosed) &&
+		(dtlsTransportState == DTLSTransportStateNew || dtlsTransportState == DTLSTransportStateClosed):
+		connectionState = PeerConnectionStateNew
+
+	// None of the previous states apply and any RTCIceTransport is in the "new" or "checking" state or
+	// any RTCDtlsTransport is in the "new" or "connecting" state.
+	case (iceConnectionState == ICEConnectionStateNew || iceConnectionState == ICEConnectionStateChecking) ||
+		(dtlsTransportState == DTLSTransportStateNew || dtlsTransportState == DTLSTransportStateConnecting):
+		connectionState = PeerConnectionStateConnecting
+
+	// All RTCIceTransports and RTCDtlsTransports are in the "connected", "completed" or "closed"
+	// state and all RTCDtlsTransports are in the "connected" or "closed" state.
+	case (iceConnectionState == ICEConnectionStateConnected || iceConnectionState == ICEConnectionStateCompleted || iceConnectionState == ICEConnectionStateClosed) &&
+		(dtlsTransportState == DTLSTransportStateConnected || dtlsTransportState == DTLSTransportStateClosed):
+		connectionState = PeerConnectionStateConnected
+	}
+
+	if pc.connectionState.Load() == connectionState {
+		return
+	}
+
+	pc.onConnectionStateChange(connectionState)
+}
+
+func (pc *PeerConnection) createICETransport() *ICETransport {
+	t := pc.api.NewICETransport(pc.iceGatherer)
+	t.internalOnConnectionStateChangeHandler.Store(func(state ICETransportState) {
+		var cs ICEConnectionState
+		switch state {
+		case ICETransportStateNew:
+			cs = ICEConnectionStateNew
+		case ICETransportStateChecking:
+			cs = ICEConnectionStateChecking
+		case ICETransportStateConnected:
+			cs = ICEConnectionStateConnected
+		case ICETransportStateCompleted:
+			cs = ICEConnectionStateCompleted
+		case ICETransportStateFailed:
+			cs = ICEConnectionStateFailed
+		case ICETransportStateDisconnected:
+			cs = ICEConnectionStateDisconnected
+		case ICETransportStateClosed:
+			cs = ICEConnectionStateClosed
+		default:
+			pc.log.Warnf("OnConnectionStateChange: unhandled ICE state: %s", state)
+			return
+		}
+		pc.onICEConnectionStateChange(cs)
+		pc.updateConnectionState(cs, pc.dtlsTransport.State())
+	})
+
+	return t
+}
+
+// CreateAnswer starts the PeerConnection and generates the localDescription
+func (pc *PeerConnection) CreateAnswer(*AnswerOptions) (SessionDescription, error) {
+	useIdentity := pc.idpLoginURL != nil
+	remoteDesc := pc.RemoteDescription()
+	switch {
+	case remoteDesc == nil:
+		return SessionDescription{}, &rtcerr.InvalidStateError{Err: ErrNoRemoteDescription}
+	case useIdentity:
+		return SessionDescription{}, errIdentityProviderNotImplemented
+	case pc.isClosed.get():
+		return SessionDescription{}, &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	case pc.signalingState.Get() != SignalingStateHaveRemoteOffer && pc.signalingState.Get() != SignalingStateHaveLocalPranswer:
+		return SessionDescription{}, &rtcerr.InvalidStateError{Err: ErrIncorrectSignalingState}
+	}
+
+	connectionRole := connectionRoleFromDtlsRole(pc.api.settingEngine.answeringDTLSRole)
+	if connectionRole == sdp.ConnectionRole(0) {
+		connectionRole = connectionRoleFromDtlsRole(defaultDtlsRoleAnswer)
+
+		// If one of the agents is lite and the other one is not, the lite agent must be the controlled agent.
+		// If both or neither agents are lite the offering agent is controlling.
+		// RFC 8445 S6.1.1
+		if isIceLiteSet(remoteDesc.parsed) && !pc.api.settingEngine.candidates.ICELite {
+			connectionRole = connectionRoleFromDtlsRole(DTLSRoleServer)
+		}
+	}
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+
+	d, err := pc.generateMatchedSDP(pc.rtpTransceivers, useIdentity, false /*includeUnmatched */, connectionRole)
+	if err != nil {
+		return SessionDescription{}, err
+	}
+
+	updateSDPOrigin(&pc.sdpOrigin, d)
+	sdpBytes, err := d.Marshal()
+	if err != nil {
+		return SessionDescription{}, err
+	}
+
+	desc := SessionDescription{
+		Type:   SDPTypeAnswer,
+		SDP:    string(sdpBytes),
+		parsed: d,
+	}
+	pc.lastAnswer = desc.SDP
+	return desc, nil
+}
+
+// 4.4.1.6 Set the SessionDescription
+func (pc *PeerConnection) setDescription(sd *SessionDescription, op stateChangeOp) error { //nolint:gocognit
+	switch {
+	case pc.isClosed.get():
+		return &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	case NewSDPType(sd.Type.String()) == SDPType(Unknown):
+		return &rtcerr.TypeError{Err: fmt.Errorf("%w: '%d' is not a valid enum value of type SDPType", errPeerConnSDPTypeInvalidValue, sd.Type)}
+	}
+
+	nextState, err := func() (SignalingState, error) {
+		pc.mu.Lock()
+		defer pc.mu.Unlock()
+
+		cur := pc.SignalingState()
+		setLocal := stateChangeOpSetLocal
+		setRemote := stateChangeOpSetRemote
+		newSDPDoesNotMatchOffer := &rtcerr.InvalidModificationError{Err: errSDPDoesNotMatchOffer}
+		newSDPDoesNotMatchAnswer := &rtcerr.InvalidModificationError{Err: errSDPDoesNotMatchAnswer}
+
+		var nextState SignalingState
+		var err error
+		switch op {
+		case setLocal:
+			switch sd.Type {
+			// stable->SetLocal(offer)->have-local-offer
+			case SDPTypeOffer:
+				if sd.SDP != pc.lastOffer {
+					return nextState, newSDPDoesNotMatchOffer
+				}
+				nextState, err = checkNextSignalingState(cur, SignalingStateHaveLocalOffer, setLocal, sd.Type)
+				if err == nil {
+					pc.pendingLocalDescription = sd
+				}
+			// have-remote-offer->SetLocal(answer)->stable
+			// have-local-pranswer->SetLocal(answer)->stable
+			case SDPTypeAnswer:
+				if sd.SDP != pc.lastAnswer {
+					return nextState, newSDPDoesNotMatchAnswer
+				}
+				nextState, err = checkNextSignalingState(cur, SignalingStateStable, setLocal, sd.Type)
+				if err == nil {
+					pc.currentLocalDescription = sd
+					pc.currentRemoteDescription = pc.pendingRemoteDescription
+					pc.pendingRemoteDescription = nil
+					pc.pendingLocalDescription = nil
+				}
+			case SDPTypeRollback:
+				nextState, err = checkNextSignalingState(cur, SignalingStateStable, setLocal, sd.Type)
+				if err == nil {
+					pc.pendingLocalDescription = nil
+				}
+			// have-remote-offer->SetLocal(pranswer)->have-local-pranswer
+			case SDPTypePranswer:
+				if sd.SDP != pc.lastAnswer {
+					return nextState, newSDPDoesNotMatchAnswer
+				}
+				nextState, err = checkNextSignalingState(cur, SignalingStateHaveLocalPranswer, setLocal, sd.Type)
+				if err == nil {
+					pc.pendingLocalDescription = sd
+				}
+			default:
+				return nextState, &rtcerr.OperationError{Err: fmt.Errorf("%w: %s(%s)", errPeerConnStateChangeInvalid, op, sd.Type)}
+			}
+		case setRemote:
+			switch sd.Type {
+			// stable->SetRemote(offer)->have-remote-offer
+			case SDPTypeOffer:
+				nextState, err = checkNextSignalingState(cur, SignalingStateHaveRemoteOffer, setRemote, sd.Type)
+				if err == nil {
+					pc.pendingRemoteDescription = sd
+				}
+			// have-local-offer->SetRemote(answer)->stable
+			// have-remote-pranswer->SetRemote(answer)->stable
+			case SDPTypeAnswer:
+				nextState, err = checkNextSignalingState(cur, SignalingStateStable, setRemote, sd.Type)
+				if err == nil {
+					pc.currentRemoteDescription = sd
+					pc.currentLocalDescription = pc.pendingLocalDescription
+					pc.pendingRemoteDescription = nil
+					pc.pendingLocalDescription = nil
+				}
+			case SDPTypeRollback:
+				nextState, err = checkNextSignalingState(cur, SignalingStateStable, setRemote, sd.Type)
+				if err == nil {
+					pc.pendingRemoteDescription = nil
+				}
+			// have-local-offer->SetRemote(pranswer)->have-remote-pranswer
+			case SDPTypePranswer:
+				nextState, err = checkNextSignalingState(cur, SignalingStateHaveRemotePranswer, setRemote, sd.Type)
+				if err == nil {
+					pc.pendingRemoteDescription = sd
+				}
+			default:
+				return nextState, &rtcerr.OperationError{Err: fmt.Errorf("%w: %s(%s)", errPeerConnStateChangeInvalid, op, sd.Type)}
+			}
+		default:
+			return nextState, &rtcerr.OperationError{Err: fmt.Errorf("%w: %q", errPeerConnStateChangeUnhandled, op)}
+		}
+
+		return nextState, err
+	}()
+
+	if err == nil {
+		pc.signalingState.Set(nextState)
+		if pc.signalingState.Get() == SignalingStateStable {
+			pc.isNegotiationNeeded.set(false)
+			pc.mu.Lock()
+			pc.onNegotiationNeeded()
+			pc.mu.Unlock()
+		}
+		pc.onSignalingStateChange(nextState)
+	}
+	return err
+}
+
+// SetLocalDescription sets the SessionDescription of the local peer
+func (pc *PeerConnection) SetLocalDescription(desc SessionDescription) error {
+	if pc.isClosed.get() {
+		return &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	haveLocalDescription := pc.currentLocalDescription != nil
+
+	// JSEP 5.4
+	if desc.SDP == "" {
+		switch desc.Type {
+		case SDPTypeAnswer, SDPTypePranswer:
+			desc.SDP = pc.lastAnswer
+		case SDPTypeOffer:
+			desc.SDP = pc.lastOffer
+		default:
+			return &rtcerr.InvalidModificationError{
+				Err: fmt.Errorf("%w: %s", errPeerConnSDPTypeInvalidValueSetLocalDescription, desc.Type),
+			}
+		}
+	}
+
+	desc.parsed = &sdp.SessionDescription{}
+	if err := desc.parsed.UnmarshalString(desc.SDP); err != nil {
+		return err
+	}
+	if err := pc.setDescription(&desc, stateChangeOpSetLocal); err != nil {
+		return err
+	}
+
+	currentTransceivers := append([]*RTPTransceiver{}, pc.GetTransceivers()...)
+
+	weAnswer := desc.Type == SDPTypeAnswer
+	remoteDesc := pc.RemoteDescription()
+	if weAnswer && remoteDesc != nil {
+		_ = setRTPTransceiverCurrentDirection(&desc, currentTransceivers, false)
+		if err := pc.startRTPSenders(currentTransceivers); err != nil {
+			return err
+		}
+		pc.configureRTPReceivers(haveLocalDescription, remoteDesc, currentTransceivers)
+		pc.ops.Enqueue(func() {
+			pc.startRTP(haveLocalDescription, remoteDesc, currentTransceivers)
+		})
+	}
+
+	if pc.iceGatherer.State() == ICEGathererStateNew {
+		return pc.iceGatherer.Gather()
+	}
+	return nil
+}
+
+// LocalDescription returns PendingLocalDescription if it is not null and
+// otherwise it returns CurrentLocalDescription. This property is used to
+// determine if SetLocalDescription has already been called.
+// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-localdescription
+func (pc *PeerConnection) LocalDescription() *SessionDescription {
+	if pendingLocalDescription := pc.PendingLocalDescription(); pendingLocalDescription != nil {
+		return pendingLocalDescription
+	}
+	return pc.CurrentLocalDescription()
+}
+
+// SetRemoteDescription sets the SessionDescription of the remote peer
+func (pc *PeerConnection) SetRemoteDescription(desc SessionDescription) error { //nolint:gocognit,gocyclo
+	if pc.isClosed.get() {
+		return &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	isRenegotiation := pc.currentRemoteDescription != nil
+
+	if _, err := desc.Unmarshal(); err != nil {
+		return err
+	}
+	if err := pc.setDescription(&desc, stateChangeOpSetRemote); err != nil {
+		return err
+	}
+
+	if err := pc.api.mediaEngine.updateFromRemoteDescription(*desc.parsed); err != nil {
+		return err
+	}
+
+	var t *RTPTransceiver
+	localTransceivers := append([]*RTPTransceiver{}, pc.GetTransceivers()...)
+	detectedPlanB := descriptionIsPlanB(pc.RemoteDescription(), pc.log)
+	if pc.configuration.SDPSemantics != SDPSemanticsUnifiedPlan {
+		detectedPlanB = descriptionPossiblyPlanB(pc.RemoteDescription())
+	}
+
+	weOffer := desc.Type == SDPTypeAnswer
+
+	if !weOffer && !detectedPlanB {
+		for _, media := range pc.RemoteDescription().parsed.MediaDescriptions {
+			midValue := getMidValue(media)
+			if midValue == "" {
+				return errPeerConnRemoteDescriptionWithoutMidValue
+			}
+
+			if media.MediaName.Media == mediaSectionApplication {
+				continue
+			}
+
+			kind := NewRTPCodecType(media.MediaName.Media)
+			direction := getPeerDirection(media)
+			if kind == 0 || direction == RTPTransceiverDirection(Unknown) {
+				continue
+			}
+
+			t, localTransceivers = findByMid(midValue, localTransceivers)
+			if t == nil {
+				t, localTransceivers = satisfyTypeAndDirection(kind, direction, localTransceivers)
+			} else if direction == RTPTransceiverDirectionInactive {
+				if err := t.Stop(); err != nil {
+					return err
+				}
+			}
+
+			switch {
+			case t == nil:
+				receiver, err := pc.api.NewRTPReceiver(kind, pc.dtlsTransport)
+				if err != nil {
+					return err
+				}
+
+				localDirection := RTPTransceiverDirectionRecvonly
+				if direction == RTPTransceiverDirectionRecvonly {
+					localDirection = RTPTransceiverDirectionSendonly
+				} else if direction == RTPTransceiverDirectionInactive {
+					localDirection = RTPTransceiverDirectionInactive
+				}
+
+				t = newRTPTransceiver(receiver, nil, localDirection, kind, pc.api)
+				pc.mu.Lock()
+				pc.addRTPTransceiver(t)
+				pc.mu.Unlock()
+
+				// if transceiver is create by remote sdp, set prefer codec same as remote peer
+				if codecs, err := codecsFromMediaDescription(media); err == nil {
+					filteredCodecs := []RTPCodecParameters{}
+					for _, codec := range codecs {
+						if c, matchType := codecParametersFuzzySearch(codec, pc.api.mediaEngine.getCodecsByKind(kind)); matchType == codecMatchExact {
+							// if codec match exact, use payloadtype register to mediaengine
+							codec.PayloadType = c.PayloadType
+							filteredCodecs = append(filteredCodecs, codec)
+						}
+					}
+					_ = t.SetCodecPreferences(filteredCodecs)
+				}
+
+			case direction == RTPTransceiverDirectionRecvonly:
+				if t.Direction() == RTPTransceiverDirectionSendrecv {
+					t.setDirection(RTPTransceiverDirectionSendonly)
+				} else if t.Direction() == RTPTransceiverDirectionRecvonly {
+					t.setDirection(RTPTransceiverDirectionInactive)
+				}
+			case direction == RTPTransceiverDirectionSendrecv:
+				if t.Direction() == RTPTransceiverDirectionSendonly {
+					t.setDirection(RTPTransceiverDirectionSendrecv)
+				} else if t.Direction() == RTPTransceiverDirectionInactive {
+					t.setDirection(RTPTransceiverDirectionRecvonly)
+				}
+			case direction == RTPTransceiverDirectionSendonly:
+				if t.Direction() == RTPTransceiverDirectionInactive {
+					t.setDirection(RTPTransceiverDirectionRecvonly)
+				}
+			}
+
+			if t.Mid() == "" {
+				if err := t.SetMid(midValue); err != nil {
+					return err
+				}
+			}
+		}
+	}
+
+	remoteUfrag, remotePwd, candidates, err := extractICEDetails(desc.parsed, pc.log)
+	if err != nil {
+		return err
+	}
+
+	if isRenegotiation && pc.iceTransport.haveRemoteCredentialsChange(remoteUfrag, remotePwd) {
+		// An ICE Restart only happens implicitly for a SetRemoteDescription of type offer
+		if !weOffer {
+			if err = pc.iceTransport.restart(); err != nil {
+				return err
+			}
+		}
+
+		if err = pc.iceTransport.setRemoteCredentials(remoteUfrag, remotePwd); err != nil {
+			return err
+		}
+	}
+
+	for i := range candidates {
+		if err = pc.iceTransport.AddRemoteCandidate(&candidates[i]); err != nil {
+			return err
+		}
+	}
+
+	currentTransceivers := append([]*RTPTransceiver{}, pc.GetTransceivers()...)
+
+	if isRenegotiation {
+		if weOffer {
+			_ = setRTPTransceiverCurrentDirection(&desc, currentTransceivers, true)
+			if err = pc.startRTPSenders(currentTransceivers); err != nil {
+				return err
+			}
+			pc.configureRTPReceivers(true, &desc, currentTransceivers)
+			pc.ops.Enqueue(func() {
+				pc.startRTP(true, &desc, currentTransceivers)
+			})
+		}
+		return nil
+	}
+
+	remoteIsLite := isIceLiteSet(desc.parsed)
+
+	fingerprint, fingerprintHash, err := extractFingerprint(desc.parsed)
+	if err != nil {
+		return err
+	}
+
+	iceRole := ICERoleControlled
+	// If one of the agents is lite and the other one is not, the lite agent must be the controlled agent.
+	// If both or neither agents are lite the offering agent is controlling.
+	// RFC 8445 S6.1.1
+	if (weOffer && remoteIsLite == pc.api.settingEngine.candidates.ICELite) || (remoteIsLite && !pc.api.settingEngine.candidates.ICELite) {
+		iceRole = ICERoleControlling
+	}
+
+	// Start the networking in a new routine since it will block until
+	// the connection is actually established.
+	if weOffer {
+		_ = setRTPTransceiverCurrentDirection(&desc, currentTransceivers, true)
+		if err := pc.startRTPSenders(currentTransceivers); err != nil {
+			return err
+		}
+
+		pc.configureRTPReceivers(false, &desc, currentTransceivers)
+	}
+
+	pc.ops.Enqueue(func() {
+		pc.startTransports(iceRole, dtlsRoleFromRemoteSDP(desc.parsed), remoteUfrag, remotePwd, fingerprint, fingerprintHash)
+		if weOffer {
+			pc.startRTP(false, &desc, currentTransceivers)
+		}
+	})
+	return nil
+}
+
+func (pc *PeerConnection) configureReceiver(incoming trackDetails, receiver *RTPReceiver) {
+	receiver.configureReceive(trackDetailsToRTPReceiveParameters(&incoming))
+
+	// set track id and label early so they can be set as new track information
+	// is received from the SDP.
+	for i := range receiver.tracks {
+		receiver.tracks[i].track.mu.Lock()
+		receiver.tracks[i].track.id = incoming.id
+		receiver.tracks[i].track.streamID = incoming.streamID
+		receiver.tracks[i].track.mu.Unlock()
+	}
+}
+
+func (pc *PeerConnection) startReceiver(incoming trackDetails, receiver *RTPReceiver) {
+	if err := receiver.startReceive(trackDetailsToRTPReceiveParameters(&incoming)); err != nil {
+		pc.log.Warnf("RTPReceiver Receive failed %s", err)
+		return
+	}
+
+	for _, t := range receiver.Tracks() {
+		if t.SSRC() == 0 || t.RID() != "" {
+			return
+		}
+
+		go func(track *TrackRemote) {
+			b := make([]byte, pc.api.settingEngine.getReceiveMTU())
+			n, _, err := track.peek(b)
+			if err != nil {
+				pc.log.Warnf("Could not determine PayloadType for SSRC %d (%s)", track.SSRC(), err)
+				return
+			}
+
+			if err = track.checkAndUpdateTrack(b[:n]); err != nil {
+				pc.log.Warnf("Failed to set codec settings for track SSRC %d (%s)", track.SSRC(), err)
+				return
+			}
+
+			pc.onTrack(track, receiver)
+		}(t)
+	}
+}
+
+func setRTPTransceiverCurrentDirection(answer *SessionDescription, currentTransceivers []*RTPTransceiver, weOffer bool) error {
+	currentTransceivers = append([]*RTPTransceiver{}, currentTransceivers...)
+	for _, media := range answer.parsed.MediaDescriptions {
+		midValue := getMidValue(media)
+		if midValue == "" {
+			return errPeerConnRemoteDescriptionWithoutMidValue
+		}
+
+		if media.MediaName.Media == mediaSectionApplication {
+			continue
+		}
+
+		var t *RTPTransceiver
+		t, currentTransceivers = findByMid(midValue, currentTransceivers)
+
+		if t == nil {
+			return fmt.Errorf("%w: %q", errPeerConnTranscieverMidNil, midValue)
+		}
+
+		direction := getPeerDirection(media)
+		if direction == RTPTransceiverDirection(Unknown) {
+			continue
+		}
+
+		// reverse direction if it was a remote answer
+		if weOffer {
+			switch direction {
+			case RTPTransceiverDirectionSendonly:
+				direction = RTPTransceiverDirectionRecvonly
+			case RTPTransceiverDirectionRecvonly:
+				direction = RTPTransceiverDirectionSendonly
+			default:
+			}
+		}
+
+		// If a transceiver is created by applying a remote description that has recvonly transceiver,
+		// it will have no sender. In this case, the transceiver's current direction is set to inactive so
+		// that the transceiver can be reused by next AddTrack.
+		if !weOffer && direction == RTPTransceiverDirectionSendonly && t.Sender() == nil {
+			direction = RTPTransceiverDirectionInactive
+		}
+
+		t.setCurrentDirection(direction)
+	}
+	return nil
+}
+
+func runIfNewReceiver(
+	incomingTrack trackDetails,
+	transceivers []*RTPTransceiver,
+	f func(incomingTrack trackDetails, receiver *RTPReceiver),
+) bool {
+	for _, t := range transceivers {
+		if t.Mid() != incomingTrack.mid {
+			continue
+		}
+
+		receiver := t.Receiver()
+		if (incomingTrack.kind != t.Kind()) ||
+			(t.Direction() != RTPTransceiverDirectionRecvonly && t.Direction() != RTPTransceiverDirectionSendrecv) ||
+			receiver == nil ||
+			(receiver.haveReceived()) {
+			continue
+		}
+
+		f(incomingTrack, receiver)
+		return true
+	}
+
+	return false
+}
+
+// configurepRTPReceivers opens knows inbound SRTP streams from the RemoteDescription
+func (pc *PeerConnection) configureRTPReceivers(isRenegotiation bool, remoteDesc *SessionDescription, currentTransceivers []*RTPTransceiver) { //nolint:gocognit
+	incomingTracks := trackDetailsFromSDP(pc.log, remoteDesc.parsed)
+
+	if isRenegotiation {
+		for _, t := range currentTransceivers {
+			receiver := t.Receiver()
+			if receiver == nil {
+				continue
+			}
+
+			tracks := t.Receiver().Tracks()
+			if len(tracks) == 0 {
+				continue
+			}
+
+			mid := t.Mid()
+			receiverNeedsStopped := false
+			for _, track := range tracks {
+				func(t *TrackRemote) {
+					t.mu.Lock()
+					defer t.mu.Unlock()
+
+					if t.rid != "" {
+						if details := trackDetailsForRID(incomingTracks, mid, t.rid); details != nil {
+							t.id = details.id
+							t.streamID = details.streamID
+							return
+						}
+					} else if t.ssrc != 0 {
+						if details := trackDetailsForSSRC(incomingTracks, t.ssrc); details != nil {
+							t.id = details.id
+							t.streamID = details.streamID
+							return
+						}
+					}
+
+					receiverNeedsStopped = true
+				}(track)
+			}
+
+			if !receiverNeedsStopped {
+				continue
+			}
+
+			if err := receiver.Stop(); err != nil {
+				pc.log.Warnf("Failed to stop RtpReceiver: %s", err)
+				continue
+			}
+
+			receiver, err := pc.api.NewRTPReceiver(receiver.kind, pc.dtlsTransport)
+			if err != nil {
+				pc.log.Warnf("Failed to create new RtpReceiver: %s", err)
+				continue
+			}
+			t.setReceiver(receiver)
+		}
+	}
+
+	localTransceivers := append([]*RTPTransceiver{}, currentTransceivers...)
+
+	// Ensure we haven't already started a transceiver for this ssrc
+	filteredTracks := append([]trackDetails{}, incomingTracks...)
+	for _, incomingTrack := range incomingTracks {
+		// If we already have a TrackRemote for a given SSRC don't handle it again
+		for _, t := range localTransceivers {
+			if receiver := t.Receiver(); receiver != nil {
+				for _, track := range receiver.Tracks() {
+					for _, ssrc := range incomingTrack.ssrcs {
+						if ssrc == track.SSRC() {
+							filteredTracks = filterTrackWithSSRC(filteredTracks, track.SSRC())
+						}
+					}
+				}
+			}
+		}
+	}
+
+	for _, incomingTrack := range filteredTracks {
+		_ = runIfNewReceiver(incomingTrack, localTransceivers, pc.configureReceiver)
+	}
+}
+
+// startRTPReceivers opens knows inbound SRTP streams from the RemoteDescription
+func (pc *PeerConnection) startRTPReceivers(remoteDesc *SessionDescription, currentTransceivers []*RTPTransceiver) {
+	incomingTracks := trackDetailsFromSDP(pc.log, remoteDesc.parsed)
+	if len(incomingTracks) == 0 {
+		return
+	}
+
+	localTransceivers := append([]*RTPTransceiver{}, currentTransceivers...)
+
+	unhandledTracks := incomingTracks[:0]
+	for _, incomingTrack := range incomingTracks {
+		trackHandled := runIfNewReceiver(incomingTrack, localTransceivers, pc.startReceiver)
+		if !trackHandled {
+			unhandledTracks = append(unhandledTracks, incomingTrack)
+		}
+	}
+
+	remoteIsPlanB := false
+	switch pc.configuration.SDPSemantics {
+	case SDPSemanticsPlanB:
+		remoteIsPlanB = true
+	case SDPSemanticsUnifiedPlanWithFallback:
+		remoteIsPlanB = descriptionPossiblyPlanB(pc.RemoteDescription())
+	default:
+		// none
+	}
+
+	if remoteIsPlanB {
+		for _, incomingTrack := range unhandledTracks {
+			t, err := pc.AddTransceiverFromKind(incomingTrack.kind, RTPTransceiverInit{
+				Direction: RTPTransceiverDirectionSendrecv,
+			})
+			if err != nil {
+				pc.log.Warnf("Could not add transceiver for remote SSRC %d: %s", incomingTrack.ssrcs[0], err)
+				continue
+			}
+			pc.configureReceiver(incomingTrack, t.Receiver())
+			pc.startReceiver(incomingTrack, t.Receiver())
+		}
+	}
+}
+
+// startRTPSenders starts all outbound RTP streams
+func (pc *PeerConnection) startRTPSenders(currentTransceivers []*RTPTransceiver) error {
+	for _, transceiver := range currentTransceivers {
+		if sender := transceiver.Sender(); sender != nil && sender.isNegotiated() && !sender.hasSent() {
+			err := sender.Send(sender.GetParameters())
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+// Start SCTP subsystem
+func (pc *PeerConnection) startSCTP() {
+	// Start sctp
+	if err := pc.sctpTransport.Start(SCTPCapabilities{
+		MaxMessageSize: 0,
+	}); err != nil {
+		pc.log.Warnf("Failed to start SCTP: %s", err)
+		if err = pc.sctpTransport.Stop(); err != nil {
+			pc.log.Warnf("Failed to stop SCTPTransport: %s", err)
+		}
+
+		return
+	}
+}
+
+func (pc *PeerConnection) handleUndeclaredSSRC(ssrc SSRC, remoteDescription *SessionDescription) (handled bool, err error) {
+	if len(remoteDescription.parsed.MediaDescriptions) != 1 {
+		return false, nil
+	}
+
+	onlyMediaSection := remoteDescription.parsed.MediaDescriptions[0]
+	streamID := ""
+	id := ""
+	hasRidAttribute := false
+	hasSSRCAttribute := false
+
+	for _, a := range onlyMediaSection.Attributes {
+		switch a.Key {
+		case sdp.AttrKeyMsid:
+			if split := strings.Split(a.Value, " "); len(split) == 2 {
+				streamID = split[0]
+				id = split[1]
+			}
+		case sdp.AttrKeySSRC:
+			hasSSRCAttribute = true
+		case sdpAttributeRid:
+			hasRidAttribute = true
+		}
+	}
+
+	if hasRidAttribute {
+		return false, nil
+	} else if hasSSRCAttribute {
+		return false, errPeerConnSingleMediaSectionHasExplicitSSRC
+	}
+
+	incoming := trackDetails{
+		ssrcs:    []SSRC{ssrc},
+		kind:     RTPCodecTypeVideo,
+		streamID: streamID,
+		id:       id,
+	}
+	if onlyMediaSection.MediaName.Media == RTPCodecTypeAudio.String() {
+		incoming.kind = RTPCodecTypeAudio
+	}
+
+	t, err := pc.AddTransceiverFromKind(incoming.kind, RTPTransceiverInit{
+		Direction: RTPTransceiverDirectionSendrecv,
+	})
+	if err != nil {
+		// nolint
+		return false, fmt.Errorf("%w: %d: %s", errPeerConnRemoteSSRCAddTransceiver, ssrc, err)
+	}
+
+	pc.configureReceiver(incoming, t.Receiver())
+	pc.startReceiver(incoming, t.Receiver())
+	return true, nil
+}
+
+// Chrome sends probing traffic on SSRC 0. This reads the packets to ensure that we properly
+// generate TWCC reports for it. Since this isn't actually media we don't pass this to the user
+func (pc *PeerConnection) handleNonMediaBandwidthProbe() {
+	nonMediaBandwidthProbe, err := pc.api.NewRTPReceiver(RTPCodecTypeVideo, pc.dtlsTransport)
+	if err != nil {
+		pc.log.Errorf("handleNonMediaBandwidthProbe failed to create RTPReceiver: %v", err)
+		return
+	}
+
+	if err = nonMediaBandwidthProbe.Receive(RTPReceiveParameters{
+		Encodings: []RTPDecodingParameters{{RTPCodingParameters: RTPCodingParameters{}}},
+	}); err != nil {
+		pc.log.Errorf("handleNonMediaBandwidthProbe failed to start RTPReceiver: %v", err)
+		return
+	}
+
+	pc.nonMediaBandwidthProbe.Store(nonMediaBandwidthProbe)
+	b := make([]byte, pc.api.settingEngine.getReceiveMTU())
+	for {
+		if _, _, err = nonMediaBandwidthProbe.readRTP(b, nonMediaBandwidthProbe.Track()); err != nil {
+			pc.log.Tracef("handleNonMediaBandwidthProbe read exiting: %v", err)
+			return
+		}
+	}
+}
+
+func (pc *PeerConnection) handleIncomingSSRC(rtpStream io.Reader, ssrc SSRC) error { //nolint:gocognit
+	remoteDescription := pc.RemoteDescription()
+	if remoteDescription == nil {
+		return errPeerConnRemoteDescriptionNil
+	}
+
+	// If a SSRC already exists in the RemoteDescription don't perform heuristics upon it
+	for _, track := range trackDetailsFromSDP(pc.log, remoteDescription.parsed) {
+		if track.repairSsrc != nil && ssrc == *track.repairSsrc {
+			return nil
+		}
+		for _, trackSsrc := range track.ssrcs {
+			if ssrc == trackSsrc {
+				return nil
+			}
+		}
+	}
+
+	// If the remote SDP was only one media section the ssrc doesn't have to be explicitly declared
+	if handled, err := pc.handleUndeclaredSSRC(ssrc, remoteDescription); handled || err != nil {
+		return err
+	}
+
+	midExtensionID, audioSupported, videoSupported := pc.api.mediaEngine.getHeaderExtensionID(RTPHeaderExtensionCapability{sdp.SDESMidURI})
+	if !audioSupported && !videoSupported {
+		return errPeerConnSimulcastMidRTPExtensionRequired
+	}
+
+	streamIDExtensionID, audioSupported, videoSupported := pc.api.mediaEngine.getHeaderExtensionID(RTPHeaderExtensionCapability{sdp.SDESRTPStreamIDURI})
+	if !audioSupported && !videoSupported {
+		return errPeerConnSimulcastStreamIDRTPExtensionRequired
+	}
+
+	repairStreamIDExtensionID, _, _ := pc.api.mediaEngine.getHeaderExtensionID(RTPHeaderExtensionCapability{sdesRepairRTPStreamIDURI})
+
+	b := make([]byte, pc.api.settingEngine.getReceiveMTU())
+
+	i, err := rtpStream.Read(b)
+	if err != nil {
+		return err
+	}
+
+	if i < 4 {
+		return errRTPTooShort
+	}
+
+	payloadType := PayloadType(b[1] & 0x7f)
+	params, err := pc.api.mediaEngine.getRTPParametersByPayloadType(payloadType)
+	if err != nil {
+		return err
+	}
+
+	streamInfo := createStreamInfo("", ssrc, params.Codecs[0].PayloadType, params.Codecs[0].RTPCodecCapability, params.HeaderExtensions)
+	readStream, interceptor, rtcpReadStream, rtcpInterceptor, err := pc.dtlsTransport.streamsForSSRC(ssrc, *streamInfo)
+	if err != nil {
+		return err
+	}
+
+	var mid, rid, rsid string
+	var paddingOnly bool
+	for readCount := 0; readCount <= simulcastProbeCount; readCount++ {
+		if mid == "" || (rid == "" && rsid == "") {
+			// skip padding only packets for probing
+			if paddingOnly {
+				readCount--
+			}
+
+			i, _, err := interceptor.Read(b, nil)
+			if err != nil {
+				return err
+			}
+
+			if _, paddingOnly, err = handleUnknownRTPPacket(b[:i], uint8(midExtensionID), uint8(streamIDExtensionID), uint8(repairStreamIDExtensionID), &mid, &rid, &rsid); err != nil {
+				return err
+			}
+
+			continue
+		}
+
+		for _, t := range pc.GetTransceivers() {
+			receiver := t.Receiver()
+			if t.Mid() != mid || receiver == nil {
+				continue
+			}
+
+			if rsid != "" {
+				receiver.mu.Lock()
+				defer receiver.mu.Unlock()
+				return receiver.receiveForRtx(SSRC(0), rsid, streamInfo, readStream, interceptor, rtcpReadStream, rtcpInterceptor)
+			}
+
+			track, err := receiver.receiveForRid(rid, params, streamInfo, readStream, interceptor, rtcpReadStream, rtcpInterceptor)
+			if err != nil {
+				return err
+			}
+			pc.onTrack(track, receiver)
+			return nil
+		}
+	}
+
+	pc.api.interceptor.UnbindRemoteStream(streamInfo)
+	return errPeerConnSimulcastIncomingSSRCFailed
+}
+
+// undeclaredMediaProcessor handles RTP/RTCP packets that don't match any a:ssrc lines
+func (pc *PeerConnection) undeclaredMediaProcessor() {
+	go pc.undeclaredRTPMediaProcessor()
+	go pc.undeclaredRTCPMediaProcessor()
+}
+
+func (pc *PeerConnection) undeclaredRTPMediaProcessor() {
+	var simulcastRoutineCount uint64
+	for {
+		srtpSession, err := pc.dtlsTransport.getSRTPSession()
+		if err != nil {
+			pc.log.Warnf("undeclaredMediaProcessor failed to open SrtpSession: %v", err)
+			return
+		}
+
+		srtcpSession, err := pc.dtlsTransport.getSRTCPSession()
+		if err != nil {
+			pc.log.Warnf("undeclaredMediaProcessor failed to open SrtcpSession: %v", err)
+			return
+		}
+
+		srtpReadStream, ssrc, err := srtpSession.AcceptStream()
+		if err != nil {
+			pc.log.Warnf("Failed to accept RTP %v", err)
+			return
+		}
+
+		// open accompanying srtcp stream
+		srtcpReadStream, err := srtcpSession.OpenReadStream(ssrc)
+		if err != nil {
+			pc.log.Warnf("Failed to open RTCP stream for %d: %v", ssrc, err)
+			return
+		}
+
+		if pc.isClosed.get() {
+			if err = srtpReadStream.Close(); err != nil {
+				pc.log.Warnf("Failed to close RTP stream %v", err)
+			}
+			if err = srtcpReadStream.Close(); err != nil {
+				pc.log.Warnf("Failed to close RTCP stream %v", err)
+			}
+			continue
+		}
+
+		pc.dtlsTransport.storeSimulcastStream(srtpReadStream, srtcpReadStream)
+
+		if ssrc == 0 {
+			go pc.handleNonMediaBandwidthProbe()
+			continue
+		}
+
+		if atomic.AddUint64(&simulcastRoutineCount, 1) >= simulcastMaxProbeRoutines {
+			atomic.AddUint64(&simulcastRoutineCount, ^uint64(0))
+			pc.log.Warn(ErrSimulcastProbeOverflow.Error())
+			continue
+		}
+
+		go func(rtpStream io.Reader, ssrc SSRC) {
+			if err := pc.handleIncomingSSRC(rtpStream, ssrc); err != nil {
+				pc.log.Errorf(incomingUnhandledRTPSsrc, ssrc, err)
+			}
+			atomic.AddUint64(&simulcastRoutineCount, ^uint64(0))
+		}(srtpReadStream, SSRC(ssrc))
+	}
+}
+
+func (pc *PeerConnection) undeclaredRTCPMediaProcessor() {
+	var unhandledStreams []*srtp.ReadStreamSRTCP
+	defer func() {
+		for _, s := range unhandledStreams {
+			_ = s.Close()
+		}
+	}()
+	for {
+		srtcpSession, err := pc.dtlsTransport.getSRTCPSession()
+		if err != nil {
+			pc.log.Warnf("undeclaredMediaProcessor failed to open SrtcpSession: %v", err)
+			return
+		}
+
+		stream, ssrc, err := srtcpSession.AcceptStream()
+		if err != nil {
+			pc.log.Warnf("Failed to accept RTCP %v", err)
+			return
+		}
+		pc.log.Warnf("Incoming unhandled RTCP ssrc(%d), OnTrack will not be fired", ssrc)
+		unhandledStreams = append(unhandledStreams, stream)
+	}
+}
+
+// RemoteDescription returns pendingRemoteDescription if it is not null and
+// otherwise it returns currentRemoteDescription. This property is used to
+// determine if setRemoteDescription has already been called.
+// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-remotedescription
+func (pc *PeerConnection) RemoteDescription() *SessionDescription {
+	pc.mu.RLock()
+	defer pc.mu.RUnlock()
+
+	if pc.pendingRemoteDescription != nil {
+		return pc.pendingRemoteDescription
+	}
+	return pc.currentRemoteDescription
+}
+
+// AddICECandidate accepts an ICE candidate string and adds it
+// to the existing set of candidates.
+func (pc *PeerConnection) AddICECandidate(candidate ICECandidateInit) error {
+	if pc.RemoteDescription() == nil {
+		return &rtcerr.InvalidStateError{Err: ErrNoRemoteDescription}
+	}
+
+	candidateValue := strings.TrimPrefix(candidate.Candidate, "candidate:")
+
+	var iceCandidate *ICECandidate
+	if candidateValue != "" {
+		candidate, err := ice.UnmarshalCandidate(candidateValue)
+		if err != nil {
+			if errors.Is(err, ice.ErrUnknownCandidateTyp) || errors.Is(err, ice.ErrDetermineNetworkType) {
+				pc.log.Warnf("Discarding remote candidate: %s", err)
+				return nil
+			}
+			return err
+		}
+
+		c, err := newICECandidateFromICE(candidate)
+		if err != nil {
+			return err
+		}
+		iceCandidate = &c
+	}
+
+	return pc.iceTransport.AddRemoteCandidate(iceCandidate)
+}
+
+// ICEConnectionState returns the ICE connection state of the
+// PeerConnection instance.
+func (pc *PeerConnection) ICEConnectionState() ICEConnectionState {
+	if state, ok := pc.iceConnectionState.Load().(ICEConnectionState); ok {
+		return state
+	}
+	return ICEConnectionState(0)
+}
+
+// GetSenders returns the RTPSender that are currently attached to this PeerConnection
+func (pc *PeerConnection) GetSenders() (result []*RTPSender) {
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+
+	for _, transceiver := range pc.rtpTransceivers {
+		if sender := transceiver.Sender(); sender != nil {
+			result = append(result, sender)
+		}
+	}
+	return result
+}
+
+// GetReceivers returns the RTPReceivers that are currently attached to this PeerConnection
+func (pc *PeerConnection) GetReceivers() (receivers []*RTPReceiver) {
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+
+	for _, transceiver := range pc.rtpTransceivers {
+		if receiver := transceiver.Receiver(); receiver != nil {
+			receivers = append(receivers, receiver)
+		}
+	}
+	return
+}
+
+// GetTransceivers returns the RtpTransceiver that are currently attached to this PeerConnection
+func (pc *PeerConnection) GetTransceivers() []*RTPTransceiver {
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+
+	return pc.rtpTransceivers
+}
+
+// AddTrack adds a Track to the PeerConnection
+func (pc *PeerConnection) AddTrack(track TrackLocal) (*RTPSender, error) {
+	if pc.isClosed.get() {
+		return nil, &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+	for _, t := range pc.rtpTransceivers {
+		currentDirection := t.getCurrentDirection()
+		// According to https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-addtrack, if the
+		// transceiver can be reused only if it's currentDirection never be sendrecv or sendonly.
+		// But that will cause sdp inflate. So we only check currentDirection's current value,
+		// that's worked for all browsers.
+		if !t.stopped && t.kind == track.Kind() && t.Sender() == nil &&
+			!(currentDirection == RTPTransceiverDirectionSendrecv || currentDirection == RTPTransceiverDirectionSendonly) {
+			sender, err := pc.api.NewRTPSender(track, pc.dtlsTransport)
+			if err == nil {
+				err = t.SetSender(sender, track)
+				if err != nil {
+					_ = sender.Stop()
+					t.setSender(nil)
+				}
+			}
+			if err != nil {
+				return nil, err
+			}
+			pc.onNegotiationNeeded()
+			return sender, nil
+		}
+	}
+
+	transceiver, err := pc.newTransceiverFromTrack(RTPTransceiverDirectionSendrecv, track)
+	if err != nil {
+		return nil, err
+	}
+	pc.addRTPTransceiver(transceiver)
+	return transceiver.Sender(), nil
+}
+
+// RemoveTrack removes a Track from the PeerConnection
+func (pc *PeerConnection) RemoveTrack(sender *RTPSender) (err error) {
+	if pc.isClosed.get() {
+		return &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	var transceiver *RTPTransceiver
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+	for _, t := range pc.rtpTransceivers {
+		if t.Sender() == sender {
+			transceiver = t
+			break
+		}
+	}
+	if transceiver == nil {
+		return &rtcerr.InvalidAccessError{Err: ErrSenderNotCreatedByConnection}
+	} else if err = sender.Stop(); err == nil {
+		err = transceiver.setSendingTrack(nil)
+		if err == nil {
+			pc.onNegotiationNeeded()
+		}
+	}
+	return
+}
+
+func (pc *PeerConnection) newTransceiverFromTrack(direction RTPTransceiverDirection, track TrackLocal) (t *RTPTransceiver, err error) {
+	var (
+		r *RTPReceiver
+		s *RTPSender
+	)
+	switch direction {
+	case RTPTransceiverDirectionSendrecv:
+		r, err = pc.api.NewRTPReceiver(track.Kind(), pc.dtlsTransport)
+		if err != nil {
+			return
+		}
+		s, err = pc.api.NewRTPSender(track, pc.dtlsTransport)
+	case RTPTransceiverDirectionSendonly:
+		s, err = pc.api.NewRTPSender(track, pc.dtlsTransport)
+	default:
+		err = errPeerConnAddTransceiverFromTrackSupport
+	}
+	if err != nil {
+		return
+	}
+	return newRTPTransceiver(r, s, direction, track.Kind(), pc.api), nil
+}
+
+// AddTransceiverFromKind Create a new RtpTransceiver and adds it to the set of transceivers.
+func (pc *PeerConnection) AddTransceiverFromKind(kind RTPCodecType, init ...RTPTransceiverInit) (t *RTPTransceiver, err error) {
+	if pc.isClosed.get() {
+		return nil, &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	direction := RTPTransceiverDirectionSendrecv
+	if len(init) > 1 {
+		return nil, errPeerConnAddTransceiverFromKindOnlyAcceptsOne
+	} else if len(init) == 1 {
+		direction = init[0].Direction
+	}
+	switch direction {
+	case RTPTransceiverDirectionSendonly, RTPTransceiverDirectionSendrecv:
+		codecs := pc.api.mediaEngine.getCodecsByKind(kind)
+		if len(codecs) == 0 {
+			return nil, ErrNoCodecsAvailable
+		}
+		track, err := NewTrackLocalStaticSample(codecs[0].RTPCodecCapability, util.MathRandAlpha(16), util.MathRandAlpha(16))
+		if err != nil {
+			return nil, err
+		}
+		t, err = pc.newTransceiverFromTrack(direction, track)
+		if err != nil {
+			return nil, err
+		}
+	case RTPTransceiverDirectionRecvonly:
+		receiver, err := pc.api.NewRTPReceiver(kind, pc.dtlsTransport)
+		if err != nil {
+			return nil, err
+		}
+		t = newRTPTransceiver(receiver, nil, RTPTransceiverDirectionRecvonly, kind, pc.api)
+	default:
+		return nil, errPeerConnAddTransceiverFromKindSupport
+	}
+	pc.mu.Lock()
+	pc.addRTPTransceiver(t)
+	pc.mu.Unlock()
+	return t, nil
+}
+
+// AddTransceiverFromTrack Create a new RtpTransceiver(SendRecv or SendOnly) and add it to the set of transceivers.
+func (pc *PeerConnection) AddTransceiverFromTrack(track TrackLocal, init ...RTPTransceiverInit) (t *RTPTransceiver, err error) {
+	if pc.isClosed.get() {
+		return nil, &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	direction := RTPTransceiverDirectionSendrecv
+	if len(init) > 1 {
+		return nil, errPeerConnAddTransceiverFromTrackOnlyAcceptsOne
+	} else if len(init) == 1 {
+		direction = init[0].Direction
+	}
+
+	t, err = pc.newTransceiverFromTrack(direction, track)
+	if err == nil {
+		pc.mu.Lock()
+		pc.addRTPTransceiver(t)
+		pc.mu.Unlock()
+	}
+	return
+}
+
+// CreateDataChannel creates a new DataChannel object with the given label
+// and optional DataChannelInit used to configure properties of the
+// underlying channel such as data reliability.
+func (pc *PeerConnection) CreateDataChannel(label string, options *DataChannelInit) (*DataChannel, error) {
+	// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #2)
+	if pc.isClosed.get() {
+		return nil, &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	params := &DataChannelParameters{
+		Label:   label,
+		Ordered: true,
+	}
+
+	// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #19)
+	if options != nil {
+		params.ID = options.ID
+	}
+
+	if options != nil {
+		// Ordered indicates if data is allowed to be delivered out of order. The
+		// default value of true, guarantees that data will be delivered in order.
+		// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #9)
+		if options.Ordered != nil {
+			params.Ordered = *options.Ordered
+		}
+
+		// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #7)
+		if options.MaxPacketLifeTime != nil {
+			params.MaxPacketLifeTime = options.MaxPacketLifeTime
+		}
+
+		// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #8)
+		if options.MaxRetransmits != nil {
+			params.MaxRetransmits = options.MaxRetransmits
+		}
+
+		// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #10)
+		if options.Protocol != nil {
+			params.Protocol = *options.Protocol
+		}
+
+		// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #11)
+		if len(params.Protocol) > 65535 {
+			return nil, &rtcerr.TypeError{Err: ErrProtocolTooLarge}
+		}
+
+		// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #12)
+		if options.Negotiated != nil {
+			params.Negotiated = *options.Negotiated
+		}
+	}
+
+	d, err := pc.api.newDataChannel(params, nil, pc.log)
+	if err != nil {
+		return nil, err
+	}
+
+	// https://w3c.github.io/webrtc-pc/#peer-to-peer-data-api (Step #16)
+	if d.maxPacketLifeTime != nil && d.maxRetransmits != nil {
+		return nil, &rtcerr.TypeError{Err: ErrRetransmitsOrPacketLifeTime}
+	}
+
+	pc.sctpTransport.lock.Lock()
+	pc.sctpTransport.dataChannels = append(pc.sctpTransport.dataChannels, d)
+	pc.sctpTransport.dataChannelsRequested++
+	pc.sctpTransport.lock.Unlock()
+
+	// If SCTP already connected open all the channels
+	if pc.sctpTransport.State() == SCTPTransportStateConnected {
+		if err = d.open(pc.sctpTransport); err != nil {
+			return nil, err
+		}
+	}
+
+	pc.mu.Lock()
+	pc.onNegotiationNeeded()
+	pc.mu.Unlock()
+
+	return d, nil
+}
+
+// SetIdentityProvider is used to configure an identity provider to generate identity assertions
+func (pc *PeerConnection) SetIdentityProvider(string) error {
+	return errPeerConnSetIdentityProviderNotImplemented
+}
+
+// WriteRTCP sends a user provided RTCP packet to the connected peer. If no peer is connected the
+// packet is discarded. It also runs any configured interceptors.
+func (pc *PeerConnection) WriteRTCP(pkts []rtcp.Packet) error {
+	_, err := pc.interceptorRTCPWriter.Write(pkts, make(interceptor.Attributes))
+	return err
+}
+
+func (pc *PeerConnection) writeRTCP(pkts []rtcp.Packet, _ interceptor.Attributes) (int, error) {
+	return pc.dtlsTransport.WriteRTCP(pkts)
+}
+
+// Close ends the PeerConnection.
+func (pc *PeerConnection) Close() error {
+	return pc.close(false /* shouldGracefullyClose */)
+}
+
+// GracefulClose ends the PeerConnection. It also waits
+// for any goroutines it started to complete. This is only safe to call outside of
+// PeerConnection callbacks or if in a callback, in its own goroutine.
+func (pc *PeerConnection) GracefulClose() error {
+	return pc.close(true /* shouldGracefullyClose */)
+}
+
+func (pc *PeerConnection) close(shouldGracefullyClose bool) error {
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #1)
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #2)
+
+	pc.mu.Lock()
+	// A lock in this critical section is needed because pc.isClosed and
+	// pc.isGracefullyClosingOrClosed are related to each other in that we
+	// want to make graceful and normal closure one time operations in order
+	// to avoid any double closure errors from cropping up. However, there are
+	// some overlapping close cases when both normal and graceful close are used
+	// that should be idempotent, but be cautioned when writing new close behavior
+	// to preserve this property.
+	isAlreadyClosingOrClosed := pc.isClosed.swap(true)
+	isAlreadyGracefullyClosingOrClosed := pc.isGracefullyClosingOrClosed
+	if shouldGracefullyClose && !isAlreadyGracefullyClosingOrClosed {
+		pc.isGracefullyClosingOrClosed = true
+	}
+	pc.mu.Unlock()
+
+	if isAlreadyClosingOrClosed {
+		if !shouldGracefullyClose {
+			return nil
+		}
+		// Even if we're already closing, it may not be graceful:
+		// If we are not the ones doing the closing, we just wait for the graceful close
+		// to happen and then return.
+		if isAlreadyGracefullyClosingOrClosed {
+			<-pc.isGracefulCloseDone
+			return nil
+		}
+		// Otherwise we need to go through the graceful closure flow once the
+		// normal closure is done since there are extra steps to take with a
+		// graceful close.
+		<-pc.isCloseDone
+	} else {
+		defer close(pc.isCloseDone)
+	}
+
+	if shouldGracefullyClose {
+		defer close(pc.isGracefulCloseDone)
+	}
+
+	// Try closing everything and collect the errors
+	// Shutdown strategy:
+	// 1. All Conn close by closing their underlying Conn.
+	// 2. A Mux stops this chain. It won't close the underlying
+	//    Conn if one of the endpoints is closed down. To
+	//    continue the chain the Mux has to be closed.
+	closeErrs := make([]error, 4)
+
+	doGracefulCloseOps := func() []error {
+		if !shouldGracefullyClose {
+			return nil
+		}
+
+		// these are all non-canon steps
+		var gracefulCloseErrors []error
+		if pc.iceTransport != nil {
+			gracefulCloseErrors = append(gracefulCloseErrors, pc.iceTransport.GracefulStop())
+		}
+
+		pc.ops.GracefulClose()
+
+		pc.sctpTransport.lock.Lock()
+		for _, d := range pc.sctpTransport.dataChannels {
+			gracefulCloseErrors = append(gracefulCloseErrors, d.GracefulClose())
+		}
+		pc.sctpTransport.lock.Unlock()
+		return gracefulCloseErrors
+	}
+
+	if isAlreadyClosingOrClosed {
+		return util.FlattenErrs(doGracefulCloseOps())
+	}
+
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #3)
+	pc.signalingState.Set(SignalingStateClosed)
+
+	closeErrs = append(closeErrs, pc.api.interceptor.Close())
+
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #4)
+	pc.mu.Lock()
+	for _, t := range pc.rtpTransceivers {
+		if !t.stopped {
+			closeErrs = append(closeErrs, t.Stop())
+		}
+	}
+	if nonMediaBandwidthProbe, ok := pc.nonMediaBandwidthProbe.Load().(*RTPReceiver); ok {
+		closeErrs = append(closeErrs, nonMediaBandwidthProbe.Stop())
+	}
+	pc.mu.Unlock()
+
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #5)
+	pc.sctpTransport.lock.Lock()
+	for _, d := range pc.sctpTransport.dataChannels {
+		d.setReadyState(DataChannelStateClosed)
+	}
+	pc.sctpTransport.lock.Unlock()
+
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #6)
+	if pc.sctpTransport != nil {
+		closeErrs = append(closeErrs, pc.sctpTransport.Stop())
+	}
+
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #7)
+	closeErrs = append(closeErrs, pc.dtlsTransport.Stop())
+
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #8, #9, #10)
+	if pc.iceTransport != nil && !shouldGracefullyClose {
+		// we will stop gracefully in doGracefulCloseOps
+		closeErrs = append(closeErrs, pc.iceTransport.Stop())
+	}
+
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close (step #11)
+	pc.updateConnectionState(pc.ICEConnectionState(), pc.dtlsTransport.State())
+
+	closeErrs = append(closeErrs, doGracefulCloseOps()...)
+
+	return util.FlattenErrs(closeErrs)
+}
+
+// addRTPTransceiver appends t into rtpTransceivers
+// and fires onNegotiationNeeded;
+// caller of this method should hold `pc.mu` lock
+func (pc *PeerConnection) addRTPTransceiver(t *RTPTransceiver) {
+	pc.rtpTransceivers = append(pc.rtpTransceivers, t)
+	pc.onNegotiationNeeded()
+}
+
+// CurrentLocalDescription represents the local description that was
+// successfully negotiated the last time the PeerConnection transitioned
+// into the stable state plus any local candidates that have been generated
+// by the ICEAgent since the offer or answer was created.
+func (pc *PeerConnection) CurrentLocalDescription() *SessionDescription {
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+
+	localDescription := pc.currentLocalDescription
+	iceGather := pc.iceGatherer
+	iceGatheringState := pc.ICEGatheringState()
+	return populateLocalCandidates(localDescription, iceGather, iceGatheringState)
+}
+
+// PendingLocalDescription represents a local description that is in the
+// process of being negotiated plus any local candidates that have been
+// generated by the ICEAgent since the offer or answer was created. If the
+// PeerConnection is in the stable state, the value is null.
+func (pc *PeerConnection) PendingLocalDescription() *SessionDescription {
+	pc.mu.Lock()
+	defer pc.mu.Unlock()
+
+	localDescription := pc.pendingLocalDescription
+	iceGather := pc.iceGatherer
+	iceGatheringState := pc.ICEGatheringState()
+	return populateLocalCandidates(localDescription, iceGather, iceGatheringState)
+}
+
+// CurrentRemoteDescription represents the last remote description that was
+// successfully negotiated the last time the PeerConnection transitioned
+// into the stable state plus any remote candidates that have been supplied
+// via AddICECandidate() since the offer or answer was created.
+func (pc *PeerConnection) CurrentRemoteDescription() *SessionDescription {
+	pc.mu.RLock()
+	defer pc.mu.RUnlock()
+
+	return pc.currentRemoteDescription
+}
+
+// PendingRemoteDescription represents a remote description that is in the
+// process of being negotiated, complete with any remote candidates that
+// have been supplied via AddICECandidate() since the offer or answer was
+// created. If the PeerConnection is in the stable state, the value is
+// null.
+func (pc *PeerConnection) PendingRemoteDescription() *SessionDescription {
+	pc.mu.RLock()
+	defer pc.mu.RUnlock()
+
+	return pc.pendingRemoteDescription
+}
+
+// SignalingState attribute returns the signaling state of the
+// PeerConnection instance.
+func (pc *PeerConnection) SignalingState() SignalingState {
+	return pc.signalingState.Get()
+}
+
+// ICEGatheringState attribute returns the ICE gathering state of the
+// PeerConnection instance.
+func (pc *PeerConnection) ICEGatheringState() ICEGatheringState {
+	if pc.iceGatherer == nil {
+		return ICEGatheringStateNew
+	}
+
+	switch pc.iceGatherer.State() {
+	case ICEGathererStateNew:
+		return ICEGatheringStateNew
+	case ICEGathererStateGathering:
+		return ICEGatheringStateGathering
+	default:
+		return ICEGatheringStateComplete
+	}
+}
+
+// ConnectionState attribute returns the connection state of the
+// PeerConnection instance.
+func (pc *PeerConnection) ConnectionState() PeerConnectionState {
+	if state, ok := pc.connectionState.Load().(PeerConnectionState); ok {
+		return state
+	}
+	return PeerConnectionState(0)
+}
+
+// GetStats return data providing statistics about the overall connection
+func (pc *PeerConnection) GetStats() StatsReport {
+	var (
+		dataChannelsAccepted  uint32
+		dataChannelsClosed    uint32
+		dataChannelsOpened    uint32
+		dataChannelsRequested uint32
+	)
+	statsCollector := newStatsReportCollector()
+	statsCollector.Collecting()
+
+	pc.mu.Lock()
+	if pc.iceGatherer != nil {
+		pc.iceGatherer.collectStats(statsCollector)
+	}
+	if pc.iceTransport != nil {
+		pc.iceTransport.collectStats(statsCollector)
+	}
+
+	pc.sctpTransport.lock.Lock()
+	dataChannels := append([]*DataChannel{}, pc.sctpTransport.dataChannels...)
+	dataChannelsAccepted = pc.sctpTransport.dataChannelsAccepted
+	dataChannelsOpened = pc.sctpTransport.dataChannelsOpened
+	dataChannelsRequested = pc.sctpTransport.dataChannelsRequested
+	pc.sctpTransport.lock.Unlock()
+
+	for _, d := range dataChannels {
+		state := d.ReadyState()
+		if state != DataChannelStateConnecting && state != DataChannelStateOpen {
+			dataChannelsClosed++
+		}
+
+		d.collectStats(statsCollector)
+	}
+	pc.sctpTransport.collectStats(statsCollector)
+
+	stats := PeerConnectionStats{
+		Timestamp:             statsTimestampNow(),
+		Type:                  StatsTypePeerConnection,
+		ID:                    pc.statsID,
+		DataChannelsAccepted:  dataChannelsAccepted,
+		DataChannelsClosed:    dataChannelsClosed,
+		DataChannelsOpened:    dataChannelsOpened,
+		DataChannelsRequested: dataChannelsRequested,
+	}
+
+	statsCollector.Collect(stats.ID, stats)
+
+	certificates := pc.configuration.Certificates
+	for _, certificate := range certificates {
+		if err := certificate.collectStats(statsCollector); err != nil {
+			continue
+		}
+	}
+	pc.mu.Unlock()
+
+	pc.api.mediaEngine.collectStats(statsCollector)
+
+	return statsCollector.Ready()
+}
+
+// Start all transports. PeerConnection now has enough state
+func (pc *PeerConnection) startTransports(iceRole ICERole, dtlsRole DTLSRole, remoteUfrag, remotePwd, fingerprint, fingerprintHash string) {
+	// Start the ice transport
+	err := pc.iceTransport.Start(
+		pc.iceGatherer,
+		ICEParameters{
+			UsernameFragment: remoteUfrag,
+			Password:         remotePwd,
+			ICELite:          false,
+		},
+		&iceRole,
+	)
+	if err != nil {
+		pc.log.Warnf("Failed to start manager: %s", err)
+		return
+	}
+
+	// Start the dtls transport
+	err = pc.dtlsTransport.Start(DTLSParameters{
+		Role:         dtlsRole,
+		Fingerprints: []DTLSFingerprint{{Algorithm: fingerprintHash, Value: fingerprint}},
+	})
+	pc.updateConnectionState(pc.ICEConnectionState(), pc.dtlsTransport.State())
+	if err != nil {
+		pc.log.Warnf("Failed to start manager: %s", err)
+		return
+	}
+}
+
+// nolint: gocognit
+func (pc *PeerConnection) startRTP(isRenegotiation bool, remoteDesc *SessionDescription, currentTransceivers []*RTPTransceiver) {
+	if !isRenegotiation {
+		pc.undeclaredMediaProcessor()
+	}
+
+	pc.startRTPReceivers(remoteDesc, currentTransceivers)
+	if haveApplicationMediaSection(remoteDesc.parsed) {
+		pc.startSCTP()
+	}
+}
+
+// generateUnmatchedSDP generates an SDP that doesn't take remote state into account
+// This is used for the initial call for CreateOffer
+func (pc *PeerConnection) generateUnmatchedSDP(transceivers []*RTPTransceiver, useIdentity bool) (*sdp.SessionDescription, error) {
+	d, err := sdp.NewJSEPSessionDescription(useIdentity)
+	if err != nil {
+		return nil, err
+	}
+	d.Attributes = append(d.Attributes, sdp.Attribute{Key: sdp.AttrKeyMsidSemantic, Value: "WMS*"})
+
+	iceParams, err := pc.iceGatherer.GetLocalParameters()
+	if err != nil {
+		return nil, err
+	}
+
+	candidates, err := pc.iceGatherer.GetLocalCandidates()
+	if err != nil {
+		return nil, err
+	}
+
+	isPlanB := pc.configuration.SDPSemantics == SDPSemanticsPlanB
+	mediaSections := []mediaSection{}
+
+	// Needed for pc.sctpTransport.dataChannelsRequested
+	pc.sctpTransport.lock.Lock()
+	defer pc.sctpTransport.lock.Unlock()
+
+	if isPlanB {
+		video := make([]*RTPTransceiver, 0)
+		audio := make([]*RTPTransceiver, 0)
+
+		for _, t := range transceivers {
+			if t.kind == RTPCodecTypeVideo {
+				video = append(video, t)
+			} else if t.kind == RTPCodecTypeAudio {
+				audio = append(audio, t)
+			}
+			if sender := t.Sender(); sender != nil {
+				sender.setNegotiated()
+			}
+		}
+
+		if len(video) > 0 {
+			mediaSections = append(mediaSections, mediaSection{id: "video", transceivers: video})
+		}
+		if len(audio) > 0 {
+			mediaSections = append(mediaSections, mediaSection{id: "audio", transceivers: audio})
+		}
+
+		if pc.sctpTransport.dataChannelsRequested != 0 {
+			mediaSections = append(mediaSections, mediaSection{id: "data", data: true})
+		}
+	} else {
+		for _, t := range transceivers {
+			if sender := t.Sender(); sender != nil {
+				sender.setNegotiated()
+			}
+			mediaSections = append(mediaSections, mediaSection{id: t.Mid(), transceivers: []*RTPTransceiver{t}})
+		}
+
+		if pc.sctpTransport.dataChannelsRequested != 0 {
+			mediaSections = append(mediaSections, mediaSection{id: strconv.Itoa(len(mediaSections)), data: true})
+		}
+	}
+
+	dtlsFingerprints, err := pc.configuration.Certificates[0].GetFingerprints()
+	if err != nil {
+		return nil, err
+	}
+
+	return populateSDP(d, isPlanB, dtlsFingerprints, pc.api.settingEngine.sdpMediaLevelFingerprints, pc.api.settingEngine.candidates.ICELite, true, pc.api.mediaEngine, connectionRoleFromDtlsRole(defaultDtlsRoleOffer), candidates, iceParams, mediaSections, pc.ICEGatheringState(), nil)
+}
+
+// generateMatchedSDP generates a SDP and takes the remote state into account
+// this is used everytime we have a RemoteDescription
+// nolint: gocyclo
+func (pc *PeerConnection) generateMatchedSDP(transceivers []*RTPTransceiver, useIdentity bool, includeUnmatched bool, connectionRole sdp.ConnectionRole) (*sdp.SessionDescription, error) { //nolint:gocognit
+	d, err := sdp.NewJSEPSessionDescription(useIdentity)
+	if err != nil {
+		return nil, err
+	}
+	d.Attributes = append(d.Attributes, sdp.Attribute{Key: sdp.AttrKeyMsidSemantic, Value: "WMS*"})
+
+	iceParams, err := pc.iceGatherer.GetLocalParameters()
+	if err != nil {
+		return nil, err
+	}
+
+	candidates, err := pc.iceGatherer.GetLocalCandidates()
+	if err != nil {
+		return nil, err
+	}
+
+	var t *RTPTransceiver
+	remoteDescription := pc.currentRemoteDescription
+	if pc.pendingRemoteDescription != nil {
+		remoteDescription = pc.pendingRemoteDescription
+	}
+	isExtmapAllowMixed := isExtMapAllowMixedSet(remoteDescription.parsed)
+	localTransceivers := append([]*RTPTransceiver{}, transceivers...)
+
+	detectedPlanB := descriptionIsPlanB(remoteDescription, pc.log)
+	if pc.configuration.SDPSemantics != SDPSemanticsUnifiedPlan {
+		detectedPlanB = descriptionPossiblyPlanB(remoteDescription)
+	}
+
+	mediaSections := []mediaSection{}
+	alreadyHaveApplicationMediaSection := false
+	for _, media := range remoteDescription.parsed.MediaDescriptions {
+		midValue := getMidValue(media)
+		if midValue == "" {
+			return nil, errPeerConnRemoteDescriptionWithoutMidValue
+		}
+
+		if media.MediaName.Media == mediaSectionApplication {
+			mediaSections = append(mediaSections, mediaSection{id: midValue, data: true})
+			alreadyHaveApplicationMediaSection = true
+			continue
+		}
+
+		kind := NewRTPCodecType(media.MediaName.Media)
+		direction := getPeerDirection(media)
+		if kind == 0 || direction == RTPTransceiverDirection(Unknown) {
+			continue
+		}
+
+		sdpSemantics := pc.configuration.SDPSemantics
+
+		switch {
+		case sdpSemantics == SDPSemanticsPlanB || sdpSemantics == SDPSemanticsUnifiedPlanWithFallback && detectedPlanB:
+			if !detectedPlanB {
+				return nil, &rtcerr.TypeError{Err: fmt.Errorf("%w: Expected PlanB, but RemoteDescription is UnifiedPlan", ErrIncorrectSDPSemantics)}
+			}
+			// If we're responding to a plan-b offer, then we should try to fill up this
+			// media entry with all matching local transceivers
+			mediaTransceivers := []*RTPTransceiver{}
+			for {
+				// keep going until we can't get any more
+				t, localTransceivers = satisfyTypeAndDirection(kind, direction, localTransceivers)
+				if t == nil {
+					if len(mediaTransceivers) == 0 {
+						t = &RTPTransceiver{kind: kind, api: pc.api, codecs: pc.api.mediaEngine.getCodecsByKind(kind)}
+						t.setDirection(RTPTransceiverDirectionInactive)
+						mediaTransceivers = append(mediaTransceivers, t)
+					}
+					break
+				}
+				if sender := t.Sender(); sender != nil {
+					sender.setNegotiated()
+				}
+				mediaTransceivers = append(mediaTransceivers, t)
+			}
+			mediaSections = append(mediaSections, mediaSection{id: midValue, transceivers: mediaTransceivers})
+		case sdpSemantics == SDPSemanticsUnifiedPlan || sdpSemantics == SDPSemanticsUnifiedPlanWithFallback:
+			if detectedPlanB {
+				return nil, &rtcerr.TypeError{Err: fmt.Errorf("%w: Expected UnifiedPlan, but RemoteDescription is PlanB", ErrIncorrectSDPSemantics)}
+			}
+			t, localTransceivers = findByMid(midValue, localTransceivers)
+			if t == nil {
+				return nil, fmt.Errorf("%w: %q", errPeerConnTranscieverMidNil, midValue)
+			}
+			if sender := t.Sender(); sender != nil {
+				sender.setNegotiated()
+			}
+			mediaTransceivers := []*RTPTransceiver{t}
+
+			extensions, _ := rtpExtensionsFromMediaDescription(media)
+			mediaSections = append(mediaSections, mediaSection{id: midValue, transceivers: mediaTransceivers, matchExtensions: extensions, rids: getRids(media)})
+		}
+	}
+
+	var bundleGroup *string
+	// If we are offering also include unmatched local transceivers
+	if includeUnmatched {
+		if !detectedPlanB {
+			for _, t := range localTransceivers {
+				if sender := t.Sender(); sender != nil {
+					sender.setNegotiated()
+				}
+				mediaSections = append(mediaSections, mediaSection{id: t.Mid(), transceivers: []*RTPTransceiver{t}})
+			}
+		}
+
+		if pc.sctpTransport.dataChannelsRequested != 0 && !alreadyHaveApplicationMediaSection {
+			if detectedPlanB {
+				mediaSections = append(mediaSections, mediaSection{id: "data", data: true})
+			} else {
+				mediaSections = append(mediaSections, mediaSection{id: strconv.Itoa(len(mediaSections)), data: true})
+			}
+		}
+	} else if remoteDescription != nil {
+		groupValue, _ := remoteDescription.parsed.Attribute(sdp.AttrKeyGroup)
+		groupValue = strings.TrimLeft(groupValue, "BUNDLE")
+		bundleGroup = &groupValue
+	}
+
+	if pc.configuration.SDPSemantics == SDPSemanticsUnifiedPlanWithFallback && detectedPlanB {
+		pc.log.Info("Plan-B Offer detected; responding with Plan-B Answer")
+	}
+
+	dtlsFingerprints, err := pc.configuration.Certificates[0].GetFingerprints()
+	if err != nil {
+		return nil, err
+	}
+
+	return populateSDP(d, detectedPlanB, dtlsFingerprints, pc.api.settingEngine.sdpMediaLevelFingerprints, pc.api.settingEngine.candidates.ICELite, isExtmapAllowMixed, pc.api.mediaEngine, connectionRole, candidates, iceParams, mediaSections, pc.ICEGatheringState(), bundleGroup)
+}
+
+func (pc *PeerConnection) setGatherCompleteHandler(handler func()) {
+	pc.iceGatherer.onGatheringCompleteHandler.Store(handler)
+}
+
+// SCTP returns the SCTPTransport for this PeerConnection
+//
+// The SCTP transport over which SCTP data is sent and received. If SCTP has not been negotiated, the value is nil.
+// https://www.w3.org/TR/webrtc/#attributes-15
+func (pc *PeerConnection) SCTP() *SCTPTransport {
+	return pc.sctpTransport
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/peerconnection_js.go b/server/vendor/github.com/pion/webrtc/v3/peerconnection_js.go
new file mode 100644
index 0000000..8322e1b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/peerconnection_js.go
@@ -0,0 +1,774 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+// Package webrtc implements the WebRTC 1.0 as defined in W3C WebRTC specification document.
+package webrtc
+
+import (
+	"syscall/js"
+
+	"github.com/pion/ice/v2"
+	"github.com/pion/webrtc/v3/pkg/rtcerr"
+)
+
+// PeerConnection represents a WebRTC connection that establishes a
+// peer-to-peer communications with another PeerConnection instance in a
+// browser, or to another endpoint implementing the required protocols.
+type PeerConnection struct {
+	// Pointer to the underlying JavaScript RTCPeerConnection object.
+	underlying js.Value
+
+	// Keep track of handlers/callbacks so we can call Release as required by the
+	// syscall/js API. Initially nil.
+	onSignalingStateChangeHandler     *js.Func
+	onDataChannelHandler              *js.Func
+	onNegotiationNeededHandler        *js.Func
+	onConnectionStateChangeHandler    *js.Func
+	onICEConnectionStateChangeHandler *js.Func
+	onICECandidateHandler             *js.Func
+	onICEGatheringStateChangeHandler  *js.Func
+
+	// Used by GatheringCompletePromise
+	onGatherCompleteHandler func()
+
+	// A reference to the associated API state used by this connection
+	api *API
+}
+
+// NewPeerConnection creates a peerconnection.
+func NewPeerConnection(configuration Configuration) (*PeerConnection, error) {
+	api := NewAPI()
+	return api.NewPeerConnection(configuration)
+}
+
+// NewPeerConnection creates a new PeerConnection with the provided configuration against the received API object
+func (api *API) NewPeerConnection(configuration Configuration) (_ *PeerConnection, err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	configMap := configurationToValue(configuration)
+	underlying := js.Global().Get("window").Get("RTCPeerConnection").New(configMap)
+	return &PeerConnection{
+		underlying: underlying,
+		api:        api,
+	}, nil
+}
+
+// JSValue returns the underlying PeerConnection
+func (pc *PeerConnection) JSValue() js.Value {
+	return pc.underlying
+}
+
+// OnSignalingStateChange sets an event handler which is invoked when the
+// peer connection's signaling state changes
+func (pc *PeerConnection) OnSignalingStateChange(f func(SignalingState)) {
+	if pc.onSignalingStateChangeHandler != nil {
+		oldHandler := pc.onSignalingStateChangeHandler
+		defer oldHandler.Release()
+	}
+	onSignalingStateChangeHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		state := newSignalingState(args[0].String())
+		go f(state)
+		return js.Undefined()
+	})
+	pc.onSignalingStateChangeHandler = &onSignalingStateChangeHandler
+	pc.underlying.Set("onsignalingstatechange", onSignalingStateChangeHandler)
+}
+
+// OnDataChannel sets an event handler which is invoked when a data
+// channel message arrives from a remote peer.
+func (pc *PeerConnection) OnDataChannel(f func(*DataChannel)) {
+	if pc.onDataChannelHandler != nil {
+		oldHandler := pc.onDataChannelHandler
+		defer oldHandler.Release()
+	}
+	onDataChannelHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		// pion/webrtc/projects/15
+		// This reference to the underlying DataChannel doesn't know
+		// about any other references to the same DataChannel. This might result in
+		// memory leaks where we don't clean up handler functions. Could possibly fix
+		// by keeping a mutex-protected list of all DataChannel references as a
+		// property of this PeerConnection, but at the cost of additional overhead.
+		dataChannel := &DataChannel{
+			underlying: args[0].Get("channel"),
+			api:        pc.api,
+		}
+		go f(dataChannel)
+		return js.Undefined()
+	})
+	pc.onDataChannelHandler = &onDataChannelHandler
+	pc.underlying.Set("ondatachannel", onDataChannelHandler)
+}
+
+// OnNegotiationNeeded sets an event handler which is invoked when
+// a change has occurred which requires session negotiation
+func (pc *PeerConnection) OnNegotiationNeeded(f func()) {
+	if pc.onNegotiationNeededHandler != nil {
+		oldHandler := pc.onNegotiationNeededHandler
+		defer oldHandler.Release()
+	}
+	onNegotiationNeededHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		go f()
+		return js.Undefined()
+	})
+	pc.onNegotiationNeededHandler = &onNegotiationNeededHandler
+	pc.underlying.Set("onnegotiationneeded", onNegotiationNeededHandler)
+}
+
+// OnICEConnectionStateChange sets an event handler which is called
+// when an ICE connection state is changed.
+func (pc *PeerConnection) OnICEConnectionStateChange(f func(ICEConnectionState)) {
+	if pc.onICEConnectionStateChangeHandler != nil {
+		oldHandler := pc.onICEConnectionStateChangeHandler
+		defer oldHandler.Release()
+	}
+	onICEConnectionStateChangeHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		connectionState := NewICEConnectionState(pc.underlying.Get("iceConnectionState").String())
+		go f(connectionState)
+		return js.Undefined()
+	})
+	pc.onICEConnectionStateChangeHandler = &onICEConnectionStateChangeHandler
+	pc.underlying.Set("oniceconnectionstatechange", onICEConnectionStateChangeHandler)
+}
+
+// OnConnectionStateChange sets an event handler which is called
+// when an PeerConnectionState is changed.
+func (pc *PeerConnection) OnConnectionStateChange(f func(PeerConnectionState)) {
+	if pc.onConnectionStateChangeHandler != nil {
+		oldHandler := pc.onConnectionStateChangeHandler
+		defer oldHandler.Release()
+	}
+	onConnectionStateChangeHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		connectionState := newPeerConnectionState(pc.underlying.Get("connectionState").String())
+		go f(connectionState)
+		return js.Undefined()
+	})
+	pc.onConnectionStateChangeHandler = &onConnectionStateChangeHandler
+	pc.underlying.Set("onconnectionstatechange", onConnectionStateChangeHandler)
+}
+
+func (pc *PeerConnection) checkConfiguration(configuration Configuration) error {
+	// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-setconfiguration (step #2)
+	if pc.ConnectionState() == PeerConnectionStateClosed {
+		return &rtcerr.InvalidStateError{Err: ErrConnectionClosed}
+	}
+
+	existingConfig := pc.GetConfiguration()
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #3)
+	if configuration.PeerIdentity != "" {
+		if configuration.PeerIdentity != existingConfig.PeerIdentity {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingPeerIdentity}
+		}
+	}
+
+	// https://github.com/pion/webrtc/issues/513
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #4)
+	// if len(configuration.Certificates) > 0 {
+	// 	if len(configuration.Certificates) != len(existingConfiguration.Certificates) {
+	// 		return &rtcerr.InvalidModificationError{Err: ErrModifyingCertificates}
+	// 	}
+
+	// 	for i, certificate := range configuration.Certificates {
+	// 		if !pc.configuration.Certificates[i].Equals(certificate) {
+	// 			return &rtcerr.InvalidModificationError{Err: ErrModifyingCertificates}
+	// 		}
+	// 	}
+	// 	pc.configuration.Certificates = configuration.Certificates
+	// }
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #5)
+	if configuration.BundlePolicy != BundlePolicy(Unknown) {
+		if configuration.BundlePolicy != existingConfig.BundlePolicy {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingBundlePolicy}
+		}
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #6)
+	if configuration.RTCPMuxPolicy != RTCPMuxPolicy(Unknown) {
+		if configuration.RTCPMuxPolicy != existingConfig.RTCPMuxPolicy {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingRTCPMuxPolicy}
+		}
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #7)
+	if configuration.ICECandidatePoolSize != 0 {
+		if configuration.ICECandidatePoolSize != existingConfig.ICECandidatePoolSize &&
+			pc.LocalDescription() != nil {
+			return &rtcerr.InvalidModificationError{Err: ErrModifyingICECandidatePoolSize}
+		}
+	}
+
+	// https://www.w3.org/TR/webrtc/#set-the-configuration (step #11)
+	if len(configuration.ICEServers) > 0 {
+		// https://www.w3.org/TR/webrtc/#set-the-configuration (step #11.3)
+		for _, server := range configuration.ICEServers {
+			if _, err := server.validate(); err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+// SetConfiguration updates the configuration of this PeerConnection object.
+func (pc *PeerConnection) SetConfiguration(configuration Configuration) (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	if err := pc.checkConfiguration(configuration); err != nil {
+		return err
+	}
+	configMap := configurationToValue(configuration)
+	pc.underlying.Call("setConfiguration", configMap)
+	return nil
+}
+
+// GetConfiguration returns a Configuration object representing the current
+// configuration of this PeerConnection object. The returned object is a
+// copy and direct mutation on it will not take affect until SetConfiguration
+// has been called with Configuration passed as its only argument.
+// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-getconfiguration
+func (pc *PeerConnection) GetConfiguration() Configuration {
+	return valueToConfiguration(pc.underlying.Call("getConfiguration"))
+}
+
+// CreateOffer starts the PeerConnection and generates the localDescription
+func (pc *PeerConnection) CreateOffer(options *OfferOptions) (_ SessionDescription, err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	promise := pc.underlying.Call("createOffer", offerOptionsToValue(options))
+	desc, err := awaitPromise(promise)
+	if err != nil {
+		return SessionDescription{}, err
+	}
+	return *valueToSessionDescription(desc), nil
+}
+
+// CreateAnswer starts the PeerConnection and generates the localDescription
+func (pc *PeerConnection) CreateAnswer(options *AnswerOptions) (_ SessionDescription, err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	promise := pc.underlying.Call("createAnswer", answerOptionsToValue(options))
+	desc, err := awaitPromise(promise)
+	if err != nil {
+		return SessionDescription{}, err
+	}
+	return *valueToSessionDescription(desc), nil
+}
+
+// SetLocalDescription sets the SessionDescription of the local peer
+func (pc *PeerConnection) SetLocalDescription(desc SessionDescription) (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	promise := pc.underlying.Call("setLocalDescription", sessionDescriptionToValue(&desc))
+	_, err = awaitPromise(promise)
+	return err
+}
+
+// LocalDescription returns PendingLocalDescription if it is not null and
+// otherwise it returns CurrentLocalDescription. This property is used to
+// determine if setLocalDescription has already been called.
+// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-localdescription
+func (pc *PeerConnection) LocalDescription() *SessionDescription {
+	return valueToSessionDescription(pc.underlying.Get("localDescription"))
+}
+
+// SetRemoteDescription sets the SessionDescription of the remote peer
+func (pc *PeerConnection) SetRemoteDescription(desc SessionDescription) (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	promise := pc.underlying.Call("setRemoteDescription", sessionDescriptionToValue(&desc))
+	_, err = awaitPromise(promise)
+	return err
+}
+
+// RemoteDescription returns PendingRemoteDescription if it is not null and
+// otherwise it returns CurrentRemoteDescription. This property is used to
+// determine if setRemoteDescription has already been called.
+// https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-remotedescription
+func (pc *PeerConnection) RemoteDescription() *SessionDescription {
+	return valueToSessionDescription(pc.underlying.Get("remoteDescription"))
+}
+
+// AddICECandidate accepts an ICE candidate string and adds it
+// to the existing set of candidates
+func (pc *PeerConnection) AddICECandidate(candidate ICECandidateInit) (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	promise := pc.underlying.Call("addIceCandidate", iceCandidateInitToValue(candidate))
+	_, err = awaitPromise(promise)
+	return err
+}
+
+// ICEConnectionState returns the ICE connection state of the
+// PeerConnection instance.
+func (pc *PeerConnection) ICEConnectionState() ICEConnectionState {
+	return NewICEConnectionState(pc.underlying.Get("iceConnectionState").String())
+}
+
+// OnICECandidate sets an event handler which is invoked when a new ICE
+// candidate is found.
+func (pc *PeerConnection) OnICECandidate(f func(candidate *ICECandidate)) {
+	if pc.onICECandidateHandler != nil {
+		oldHandler := pc.onICECandidateHandler
+		defer oldHandler.Release()
+	}
+	onICECandidateHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		candidate := valueToICECandidate(args[0].Get("candidate"))
+		if candidate == nil && pc.onGatherCompleteHandler != nil {
+			go pc.onGatherCompleteHandler()
+		}
+
+		go f(candidate)
+		return js.Undefined()
+	})
+	pc.onICECandidateHandler = &onICECandidateHandler
+	pc.underlying.Set("onicecandidate", onICECandidateHandler)
+}
+
+// OnICEGatheringStateChange sets an event handler which is invoked when the
+// ICE candidate gathering state has changed.
+func (pc *PeerConnection) OnICEGatheringStateChange(f func()) {
+	if pc.onICEGatheringStateChangeHandler != nil {
+		oldHandler := pc.onICEGatheringStateChangeHandler
+		defer oldHandler.Release()
+	}
+	onICEGatheringStateChangeHandler := js.FuncOf(func(this js.Value, args []js.Value) interface{} {
+		go f()
+		return js.Undefined()
+	})
+	pc.onICEGatheringStateChangeHandler = &onICEGatheringStateChangeHandler
+	pc.underlying.Set("onicegatheringstatechange", onICEGatheringStateChangeHandler)
+}
+
+// CreateDataChannel creates a new DataChannel object with the given label
+// and optional DataChannelInit used to configure properties of the
+// underlying channel such as data reliability.
+func (pc *PeerConnection) CreateDataChannel(label string, options *DataChannelInit) (_ *DataChannel, err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	channel := pc.underlying.Call("createDataChannel", label, dataChannelInitToValue(options))
+	return &DataChannel{
+		underlying: channel,
+		api:        pc.api,
+	}, nil
+}
+
+// SetIdentityProvider is used to configure an identity provider to generate identity assertions
+func (pc *PeerConnection) SetIdentityProvider(provider string) (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+	pc.underlying.Call("setIdentityProvider", provider)
+	return nil
+}
+
+// Close ends the PeerConnection
+func (pc *PeerConnection) Close() (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+
+	pc.underlying.Call("close")
+
+	// Release any handlers as required by the syscall/js API.
+	if pc.onSignalingStateChangeHandler != nil {
+		pc.onSignalingStateChangeHandler.Release()
+	}
+	if pc.onDataChannelHandler != nil {
+		pc.onDataChannelHandler.Release()
+	}
+	if pc.onNegotiationNeededHandler != nil {
+		pc.onNegotiationNeededHandler.Release()
+	}
+	if pc.onConnectionStateChangeHandler != nil {
+		pc.onConnectionStateChangeHandler.Release()
+	}
+	if pc.onICEConnectionStateChangeHandler != nil {
+		pc.onICEConnectionStateChangeHandler.Release()
+	}
+	if pc.onICECandidateHandler != nil {
+		pc.onICECandidateHandler.Release()
+	}
+	if pc.onICEGatheringStateChangeHandler != nil {
+		pc.onICEGatheringStateChangeHandler.Release()
+	}
+
+	return nil
+}
+
+// CurrentLocalDescription represents the local description that was
+// successfully negotiated the last time the PeerConnection transitioned
+// into the stable state plus any local candidates that have been generated
+// by the ICEAgent since the offer or answer was created.
+func (pc *PeerConnection) CurrentLocalDescription() *SessionDescription {
+	desc := pc.underlying.Get("currentLocalDescription")
+	return valueToSessionDescription(desc)
+}
+
+// PendingLocalDescription represents a local description that is in the
+// process of being negotiated plus any local candidates that have been
+// generated by the ICEAgent since the offer or answer was created. If the
+// PeerConnection is in the stable state, the value is null.
+func (pc *PeerConnection) PendingLocalDescription() *SessionDescription {
+	desc := pc.underlying.Get("pendingLocalDescription")
+	return valueToSessionDescription(desc)
+}
+
+// CurrentRemoteDescription represents the last remote description that was
+// successfully negotiated the last time the PeerConnection transitioned
+// into the stable state plus any remote candidates that have been supplied
+// via AddICECandidate() since the offer or answer was created.
+func (pc *PeerConnection) CurrentRemoteDescription() *SessionDescription {
+	desc := pc.underlying.Get("currentRemoteDescription")
+	return valueToSessionDescription(desc)
+}
+
+// PendingRemoteDescription represents a remote description that is in the
+// process of being negotiated, complete with any remote candidates that
+// have been supplied via AddICECandidate() since the offer or answer was
+// created. If the PeerConnection is in the stable state, the value is
+// null.
+func (pc *PeerConnection) PendingRemoteDescription() *SessionDescription {
+	desc := pc.underlying.Get("pendingRemoteDescription")
+	return valueToSessionDescription(desc)
+}
+
+// SignalingState returns the signaling state of the PeerConnection instance.
+func (pc *PeerConnection) SignalingState() SignalingState {
+	rawState := pc.underlying.Get("signalingState").String()
+	return newSignalingState(rawState)
+}
+
+// ICEGatheringState attribute the ICE gathering state of the PeerConnection
+// instance.
+func (pc *PeerConnection) ICEGatheringState() ICEGatheringState {
+	rawState := pc.underlying.Get("iceGatheringState").String()
+	return NewICEGatheringState(rawState)
+}
+
+// ConnectionState attribute the connection state of the PeerConnection
+// instance.
+func (pc *PeerConnection) ConnectionState() PeerConnectionState {
+	rawState := pc.underlying.Get("connectionState").String()
+	return newPeerConnectionState(rawState)
+}
+
+func (pc *PeerConnection) setGatherCompleteHandler(handler func()) {
+	pc.onGatherCompleteHandler = handler
+
+	// If no onIceCandidate handler has been set provide an empty one
+	// otherwise our onGatherCompleteHandler will not be executed
+	if pc.onICECandidateHandler == nil {
+		pc.OnICECandidate(func(i *ICECandidate) {})
+	}
+}
+
+// AddTransceiverFromKind Create a new RtpTransceiver and adds it to the set of transceivers.
+func (pc *PeerConnection) AddTransceiverFromKind(kind RTPCodecType, init ...RTPTransceiverInit) (transceiver *RTPTransceiver, err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = recoveryToError(e)
+		}
+	}()
+
+	if len(init) == 1 {
+		return &RTPTransceiver{
+			underlying: pc.underlying.Call("addTransceiver", kind.String(), rtpTransceiverInitInitToValue(init[0])),
+		}, err
+	}
+
+	return &RTPTransceiver{
+		underlying: pc.underlying.Call("addTransceiver", kind.String()),
+	}, err
+}
+
+// GetTransceivers returns the RtpTransceiver that are currently attached to this PeerConnection
+func (pc *PeerConnection) GetTransceivers() (transceivers []*RTPTransceiver) {
+	rawTransceivers := pc.underlying.Call("getTransceivers")
+	transceivers = make([]*RTPTransceiver, rawTransceivers.Length())
+
+	for i := 0; i < rawTransceivers.Length(); i++ {
+		transceivers[i] = &RTPTransceiver{
+			underlying: rawTransceivers.Index(i),
+		}
+	}
+
+	return
+}
+
+// SCTP returns the SCTPTransport for this PeerConnection
+//
+// The SCTP transport over which SCTP data is sent and received. If SCTP has not been negotiated, the value is nil.
+// https://www.w3.org/TR/webrtc/#attributes-15
+func (pc *PeerConnection) SCTP() *SCTPTransport {
+	underlying := pc.underlying.Get("sctp")
+	if underlying.IsNull() || underlying.IsUndefined() {
+		return nil
+	}
+
+	return &SCTPTransport{
+		underlying: underlying,
+	}
+}
+
+// Converts a Configuration to js.Value so it can be passed
+// through to the JavaScript WebRTC API. Any zero values are converted to
+// js.Undefined(), which will result in the default value being used.
+func configurationToValue(configuration Configuration) js.Value {
+	return js.ValueOf(map[string]interface{}{
+		"iceServers":           iceServersToValue(configuration.ICEServers),
+		"iceTransportPolicy":   stringEnumToValueOrUndefined(configuration.ICETransportPolicy.String()),
+		"bundlePolicy":         stringEnumToValueOrUndefined(configuration.BundlePolicy.String()),
+		"rtcpMuxPolicy":        stringEnumToValueOrUndefined(configuration.RTCPMuxPolicy.String()),
+		"peerIdentity":         stringToValueOrUndefined(configuration.PeerIdentity),
+		"iceCandidatePoolSize": uint8ToValueOrUndefined(configuration.ICECandidatePoolSize),
+
+		// Note: Certificates are not currently supported.
+		// "certificates": configuration.Certificates,
+	})
+}
+
+func iceServersToValue(iceServers []ICEServer) js.Value {
+	if len(iceServers) == 0 {
+		return js.Undefined()
+	}
+	maps := make([]interface{}, len(iceServers))
+	for i, server := range iceServers {
+		maps[i] = iceServerToValue(server)
+	}
+	return js.ValueOf(maps)
+}
+
+func oauthCredentialToValue(o OAuthCredential) js.Value {
+	out := map[string]interface{}{
+		"MACKey":      o.MACKey,
+		"AccessToken": o.AccessToken,
+	}
+	return js.ValueOf(out)
+}
+
+func iceServerToValue(server ICEServer) js.Value {
+	out := map[string]interface{}{
+		"urls": stringsToValue(server.URLs), // required
+	}
+	if server.Username != "" {
+		out["username"] = stringToValueOrUndefined(server.Username)
+	}
+	if server.Credential != nil {
+		switch t := server.Credential.(type) {
+		case string:
+			out["credential"] = stringToValueOrUndefined(t)
+		case OAuthCredential:
+			out["credential"] = oauthCredentialToValue(t)
+		}
+	}
+	out["credentialType"] = stringEnumToValueOrUndefined(server.CredentialType.String())
+	return js.ValueOf(out)
+}
+
+func valueToConfiguration(configValue js.Value) Configuration {
+	if configValue.IsNull() || configValue.IsUndefined() {
+		return Configuration{}
+	}
+	return Configuration{
+		ICEServers:           valueToICEServers(configValue.Get("iceServers")),
+		ICETransportPolicy:   NewICETransportPolicy(valueToStringOrZero(configValue.Get("iceTransportPolicy"))),
+		BundlePolicy:         newBundlePolicy(valueToStringOrZero(configValue.Get("bundlePolicy"))),
+		RTCPMuxPolicy:        newRTCPMuxPolicy(valueToStringOrZero(configValue.Get("rtcpMuxPolicy"))),
+		PeerIdentity:         valueToStringOrZero(configValue.Get("peerIdentity")),
+		ICECandidatePoolSize: valueToUint8OrZero(configValue.Get("iceCandidatePoolSize")),
+
+		// Note: Certificates are not supported.
+		// Certificates []Certificate
+	}
+}
+
+func valueToICEServers(iceServersValue js.Value) []ICEServer {
+	if iceServersValue.IsNull() || iceServersValue.IsUndefined() {
+		return nil
+	}
+	iceServers := make([]ICEServer, iceServersValue.Length())
+	for i := 0; i < iceServersValue.Length(); i++ {
+		iceServers[i] = valueToICEServer(iceServersValue.Index(i))
+	}
+	return iceServers
+}
+
+func valueToICECredential(iceCredentialValue js.Value) interface{} {
+	if iceCredentialValue.IsNull() || iceCredentialValue.IsUndefined() {
+		return nil
+	}
+	if iceCredentialValue.Type() == js.TypeString {
+		return iceCredentialValue.String()
+	}
+	if iceCredentialValue.Type() == js.TypeObject {
+		return OAuthCredential{
+			MACKey:      iceCredentialValue.Get("MACKey").String(),
+			AccessToken: iceCredentialValue.Get("AccessToken").String(),
+		}
+	}
+	return nil
+}
+
+func valueToICEServer(iceServerValue js.Value) ICEServer {
+	tpe, err := newICECredentialType(valueToStringOrZero(iceServerValue.Get("credentialType")))
+	if err != nil {
+		tpe = ICECredentialTypePassword
+	}
+	s := ICEServer{
+		URLs:     valueToStrings(iceServerValue.Get("urls")), // required
+		Username: valueToStringOrZero(iceServerValue.Get("username")),
+		// Note: Credential and CredentialType are not currently supported.
+		Credential:     valueToICECredential(iceServerValue.Get("credential")),
+		CredentialType: tpe,
+	}
+
+	return s
+}
+
+func valueToICECandidate(val js.Value) *ICECandidate {
+	if val.IsNull() || val.IsUndefined() {
+		return nil
+	}
+	if val.Get("protocol").IsUndefined() && !val.Get("candidate").IsUndefined() {
+		// Missing some fields, assume it's Firefox and parse SDP candidate.
+		c, err := ice.UnmarshalCandidate(val.Get("candidate").String())
+		if err != nil {
+			return nil
+		}
+
+		iceCandidate, err := newICECandidateFromICE(c)
+		if err != nil {
+			return nil
+		}
+
+		return &iceCandidate
+	}
+	protocol, _ := NewICEProtocol(val.Get("protocol").String())
+	candidateType, _ := NewICECandidateType(val.Get("type").String())
+	return &ICECandidate{
+		Foundation:     val.Get("foundation").String(),
+		Priority:       valueToUint32OrZero(val.Get("priority")),
+		Address:        val.Get("address").String(),
+		Protocol:       protocol,
+		Port:           valueToUint16OrZero(val.Get("port")),
+		Typ:            candidateType,
+		Component:      stringToComponentIDOrZero(val.Get("component").String()),
+		RelatedAddress: val.Get("relatedAddress").String(),
+		RelatedPort:    valueToUint16OrZero(val.Get("relatedPort")),
+	}
+}
+
+func stringToComponentIDOrZero(val string) uint16 {
+	// See: https://developer.mozilla.org/en-US/docs/Web/API/RTCIceComponent
+	switch val {
+	case "rtp":
+		return 1
+	case "rtcp":
+		return 2
+	}
+	return 0
+}
+
+func sessionDescriptionToValue(desc *SessionDescription) js.Value {
+	if desc == nil {
+		return js.Undefined()
+	}
+	return js.ValueOf(map[string]interface{}{
+		"type": desc.Type.String(),
+		"sdp":  desc.SDP,
+	})
+}
+
+func valueToSessionDescription(descValue js.Value) *SessionDescription {
+	if descValue.IsNull() || descValue.IsUndefined() {
+		return nil
+	}
+	return &SessionDescription{
+		Type: NewSDPType(descValue.Get("type").String()),
+		SDP:  descValue.Get("sdp").String(),
+	}
+}
+
+func offerOptionsToValue(offerOptions *OfferOptions) js.Value {
+	if offerOptions == nil {
+		return js.Undefined()
+	}
+	return js.ValueOf(map[string]interface{}{
+		"iceRestart":             offerOptions.ICERestart,
+		"voiceActivityDetection": offerOptions.VoiceActivityDetection,
+	})
+}
+
+func answerOptionsToValue(answerOptions *AnswerOptions) js.Value {
+	if answerOptions == nil {
+		return js.Undefined()
+	}
+	return js.ValueOf(map[string]interface{}{
+		"voiceActivityDetection": answerOptions.VoiceActivityDetection,
+	})
+}
+
+func iceCandidateInitToValue(candidate ICECandidateInit) js.Value {
+	return js.ValueOf(map[string]interface{}{
+		"candidate":        candidate.Candidate,
+		"sdpMid":           stringPointerToValue(candidate.SDPMid),
+		"sdpMLineIndex":    uint16PointerToValue(candidate.SDPMLineIndex),
+		"usernameFragment": stringPointerToValue(candidate.UsernameFragment),
+	})
+}
+
+func dataChannelInitToValue(options *DataChannelInit) js.Value {
+	if options == nil {
+		return js.Undefined()
+	}
+
+	maxPacketLifeTime := uint16PointerToValue(options.MaxPacketLifeTime)
+	return js.ValueOf(map[string]interface{}{
+		"ordered":           boolPointerToValue(options.Ordered),
+		"maxPacketLifeTime": maxPacketLifeTime,
+		// See https://bugs.chromium.org/p/chromium/issues/detail?id=696681
+		// Chrome calls this "maxRetransmitTime"
+		"maxRetransmitTime": maxPacketLifeTime,
+		"maxRetransmits":    uint16PointerToValue(options.MaxRetransmits),
+		"protocol":          stringPointerToValue(options.Protocol),
+		"negotiated":        boolPointerToValue(options.Negotiated),
+		"id":                uint16PointerToValue(options.ID),
+	})
+}
+
+func rtpTransceiverInitInitToValue(init RTPTransceiverInit) js.Value {
+	return js.ValueOf(map[string]interface{}{
+		"direction": init.Direction.String(),
+	})
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/peerconnectionstate.go b/server/vendor/github.com/pion/webrtc/v3/peerconnectionstate.go
new file mode 100644
index 0000000..b626a31
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/peerconnectionstate.go
@@ -0,0 +1,86 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// PeerConnectionState indicates the state of the PeerConnection.
+type PeerConnectionState int
+
+const (
+	// PeerConnectionStateNew indicates that any of the ICETransports or
+	// DTLSTransports are in the "new" state and none of the transports are
+	// in the "connecting", "checking", "failed" or "disconnected" state, or
+	// all transports are in the "closed" state, or there are no transports.
+	PeerConnectionStateNew PeerConnectionState = iota + 1
+
+	// PeerConnectionStateConnecting indicates that any of the
+	// ICETransports or DTLSTransports are in the "connecting" or
+	// "checking" state and none of them is in the "failed" state.
+	PeerConnectionStateConnecting
+
+	// PeerConnectionStateConnected indicates that all ICETransports and
+	// DTLSTransports are in the "connected", "completed" or "closed" state
+	// and at least one of them is in the "connected" or "completed" state.
+	PeerConnectionStateConnected
+
+	// PeerConnectionStateDisconnected indicates that any of the
+	// ICETransports or DTLSTransports are in the "disconnected" state
+	// and none of them are in the "failed" or "connecting" or "checking" state.
+	PeerConnectionStateDisconnected
+
+	// PeerConnectionStateFailed indicates that any of the ICETransports
+	// or DTLSTransports are in a "failed" state.
+	PeerConnectionStateFailed
+
+	// PeerConnectionStateClosed indicates the peer connection is closed
+	// and the isClosed member variable of PeerConnection is true.
+	PeerConnectionStateClosed
+)
+
+// This is done this way because of a linter.
+const (
+	peerConnectionStateNewStr          = "new"
+	peerConnectionStateConnectingStr   = "connecting"
+	peerConnectionStateConnectedStr    = "connected"
+	peerConnectionStateDisconnectedStr = "disconnected"
+	peerConnectionStateFailedStr       = "failed"
+	peerConnectionStateClosedStr       = "closed"
+)
+
+func newPeerConnectionState(raw string) PeerConnectionState {
+	switch raw {
+	case peerConnectionStateNewStr:
+		return PeerConnectionStateNew
+	case peerConnectionStateConnectingStr:
+		return PeerConnectionStateConnecting
+	case peerConnectionStateConnectedStr:
+		return PeerConnectionStateConnected
+	case peerConnectionStateDisconnectedStr:
+		return PeerConnectionStateDisconnected
+	case peerConnectionStateFailedStr:
+		return PeerConnectionStateFailed
+	case peerConnectionStateClosedStr:
+		return PeerConnectionStateClosed
+	default:
+		return PeerConnectionState(Unknown)
+	}
+}
+
+func (t PeerConnectionState) String() string {
+	switch t {
+	case PeerConnectionStateNew:
+		return peerConnectionStateNewStr
+	case PeerConnectionStateConnecting:
+		return peerConnectionStateConnectingStr
+	case PeerConnectionStateConnected:
+		return peerConnectionStateConnectedStr
+	case PeerConnectionStateDisconnected:
+		return peerConnectionStateDisconnectedStr
+	case PeerConnectionStateFailed:
+		return peerConnectionStateFailedStr
+	case PeerConnectionStateClosed:
+		return peerConnectionStateClosedStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/pkg/media/media.go b/server/vendor/github.com/pion/webrtc/v3/pkg/media/media.go
new file mode 100644
index 0000000..386e65d
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/pkg/media/media.go
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package media provides media writer and filters
+package media
+
+import (
+	"time"
+
+	"github.com/pion/rtp"
+)
+
+// A Sample contains encoded media and timing information
+type Sample struct {
+	Data               []byte
+	Timestamp          time.Time
+	Duration           time.Duration
+	PacketTimestamp    uint32
+	PrevDroppedPackets uint16
+	Metadata           interface{}
+}
+
+// Writer defines an interface to handle
+// the creation of media files
+type Writer interface {
+	// Add the content of an RTP packet to the media
+	WriteRTP(packet *rtp.Packet) error
+	// Close the media
+	// Note: Close implementation must be idempotent
+	Close() error
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/pkg/rtcerr/errors.go b/server/vendor/github.com/pion/webrtc/v3/pkg/rtcerr/errors.go
new file mode 100644
index 0000000..36205c7
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/pkg/rtcerr/errors.go
@@ -0,0 +1,163 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package rtcerr implements the error wrappers defined throughout the
+// WebRTC 1.0 specifications.
+package rtcerr
+
+import (
+	"fmt"
+)
+
+// UnknownError indicates the operation failed for an unknown transient reason.
+type UnknownError struct {
+	Err error
+}
+
+func (e *UnknownError) Error() string {
+	return fmt.Sprintf("UnknownError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *UnknownError) Unwrap() error {
+	return e.Err
+}
+
+// InvalidStateError indicates the object is in an invalid state.
+type InvalidStateError struct {
+	Err error
+}
+
+func (e *InvalidStateError) Error() string {
+	return fmt.Sprintf("InvalidStateError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *InvalidStateError) Unwrap() error {
+	return e.Err
+}
+
+// InvalidAccessError indicates the object does not support the operation or
+// argument.
+type InvalidAccessError struct {
+	Err error
+}
+
+func (e *InvalidAccessError) Error() string {
+	return fmt.Sprintf("InvalidAccessError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *InvalidAccessError) Unwrap() error {
+	return e.Err
+}
+
+// NotSupportedError indicates the operation is not supported.
+type NotSupportedError struct {
+	Err error
+}
+
+func (e *NotSupportedError) Error() string {
+	return fmt.Sprintf("NotSupportedError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *NotSupportedError) Unwrap() error {
+	return e.Err
+}
+
+// InvalidModificationError indicates the object cannot be modified in this way.
+type InvalidModificationError struct {
+	Err error
+}
+
+func (e *InvalidModificationError) Error() string {
+	return fmt.Sprintf("InvalidModificationError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *InvalidModificationError) Unwrap() error {
+	return e.Err
+}
+
+// SyntaxError indicates the string did not match the expected pattern.
+type SyntaxError struct {
+	Err error
+}
+
+func (e *SyntaxError) Error() string {
+	return fmt.Sprintf("SyntaxError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *SyntaxError) Unwrap() error {
+	return e.Err
+}
+
+// TypeError indicates an error when a value is not of the expected type.
+type TypeError struct {
+	Err error
+}
+
+func (e *TypeError) Error() string {
+	return fmt.Sprintf("TypeError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *TypeError) Unwrap() error {
+	return e.Err
+}
+
+// OperationError indicates the operation failed for an operation-specific
+// reason.
+type OperationError struct {
+	Err error
+}
+
+func (e *OperationError) Error() string {
+	return fmt.Sprintf("OperationError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *OperationError) Unwrap() error {
+	return e.Err
+}
+
+// NotReadableError indicates the input/output read operation failed.
+type NotReadableError struct {
+	Err error
+}
+
+func (e *NotReadableError) Error() string {
+	return fmt.Sprintf("NotReadableError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *NotReadableError) Unwrap() error {
+	return e.Err
+}
+
+// RangeError indicates an error when a value is not in the set or range
+// of allowed values.
+type RangeError struct {
+	Err error
+}
+
+func (e *RangeError) Error() string {
+	return fmt.Sprintf("RangeError: %v", e.Err)
+}
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's type contains
+// an Unwrap method returning error. Otherwise, Unwrap returns nil.
+func (e *RangeError) Unwrap() error {
+	return e.Err
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/renovate.json b/server/vendor/github.com/pion/webrtc/v3/renovate.json
new file mode 100644
index 0000000..f1bb98c
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>pion/renovate-config"
+  ]
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtcpfeedback.go b/server/vendor/github.com/pion/webrtc/v3/rtcpfeedback.go
new file mode 100644
index 0000000..ab6f555
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtcpfeedback.go
@@ -0,0 +1,34 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+const (
+	// TypeRTCPFBTransportCC ..
+	TypeRTCPFBTransportCC = "transport-cc"
+
+	// TypeRTCPFBGoogREMB ..
+	TypeRTCPFBGoogREMB = "goog-remb"
+
+	// TypeRTCPFBACK ..
+	TypeRTCPFBACK = "ack"
+
+	// TypeRTCPFBCCM ..
+	TypeRTCPFBCCM = "ccm"
+
+	// TypeRTCPFBNACK ..
+	TypeRTCPFBNACK = "nack"
+)
+
+// RTCPFeedback signals the connection to use additional RTCP packet types.
+// https://draft.ortc.org/#dom-rtcrtcpfeedback
+type RTCPFeedback struct {
+	// Type is the type of feedback.
+	// see: https://draft.ortc.org/#dom-rtcrtcpfeedback
+	// valid: ack, ccm, nack, goog-remb, transport-cc
+	Type string
+
+	// The parameter value depends on the type.
+	// For example, type="nack" parameter="pli" will send Picture Loss Indicator packets.
+	Parameter string
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtcpmuxpolicy.go b/server/vendor/github.com/pion/webrtc/v3/rtcpmuxpolicy.go
new file mode 100644
index 0000000..bd68ab5
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtcpmuxpolicy.go
@@ -0,0 +1,69 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"encoding/json"
+)
+
+// RTCPMuxPolicy affects what ICE candidates are gathered to support
+// non-multiplexed RTCP.
+type RTCPMuxPolicy int
+
+const (
+	// RTCPMuxPolicyNegotiate indicates to gather ICE candidates for both
+	// RTP and RTCP candidates. If the remote-endpoint is capable of
+	// multiplexing RTCP, multiplex RTCP on the RTP candidates. If it is not,
+	// use both the RTP and RTCP candidates separately.
+	RTCPMuxPolicyNegotiate RTCPMuxPolicy = iota + 1
+
+	// RTCPMuxPolicyRequire indicates to gather ICE candidates only for
+	// RTP and multiplex RTCP on the RTP candidates. If the remote endpoint is
+	// not capable of rtcp-mux, session negotiation will fail.
+	RTCPMuxPolicyRequire
+)
+
+// This is done this way because of a linter.
+const (
+	rtcpMuxPolicyNegotiateStr = "negotiate"
+	rtcpMuxPolicyRequireStr   = "require"
+)
+
+func newRTCPMuxPolicy(raw string) RTCPMuxPolicy {
+	switch raw {
+	case rtcpMuxPolicyNegotiateStr:
+		return RTCPMuxPolicyNegotiate
+	case rtcpMuxPolicyRequireStr:
+		return RTCPMuxPolicyRequire
+	default:
+		return RTCPMuxPolicy(Unknown)
+	}
+}
+
+func (t RTCPMuxPolicy) String() string {
+	switch t {
+	case RTCPMuxPolicyNegotiate:
+		return rtcpMuxPolicyNegotiateStr
+	case RTCPMuxPolicyRequire:
+		return rtcpMuxPolicyRequireStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// UnmarshalJSON parses the JSON-encoded data and stores the result
+func (t *RTCPMuxPolicy) UnmarshalJSON(b []byte) error {
+	var val string
+	if err := json.Unmarshal(b, &val); err != nil {
+		return err
+	}
+
+	*t = newRTCPMuxPolicy(val)
+	return nil
+}
+
+// MarshalJSON returns the JSON encoding
+func (t RTCPMuxPolicy) MarshalJSON() ([]byte, error) {
+	return json.Marshal(t.String())
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpcapabilities.go b/server/vendor/github.com/pion/webrtc/v3/rtpcapabilities.go
new file mode 100644
index 0000000..3ac52e4
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpcapabilities.go
@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// RTPCapabilities represents the capabilities of a transceiver
+//
+// https://w3c.github.io/webrtc-pc/#rtcrtpcapabilities
+type RTPCapabilities struct {
+	Codecs           []RTPCodecCapability
+	HeaderExtensions []RTPHeaderExtensionCapability
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpcodec.go b/server/vendor/github.com/pion/webrtc/v3/rtpcodec.go
new file mode 100644
index 0000000..3d73fcb
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpcodec.go
@@ -0,0 +1,136 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"strings"
+
+	"github.com/pion/webrtc/v3/internal/fmtp"
+)
+
+// RTPCodecType determines the type of a codec
+type RTPCodecType int
+
+const (
+
+	// RTPCodecTypeAudio indicates this is an audio codec
+	RTPCodecTypeAudio RTPCodecType = iota + 1
+
+	// RTPCodecTypeVideo indicates this is a video codec
+	RTPCodecTypeVideo
+)
+
+func (t RTPCodecType) String() string {
+	switch t {
+	case RTPCodecTypeAudio:
+		return "audio" //nolint: goconst
+	case RTPCodecTypeVideo:
+		return "video" //nolint: goconst
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// NewRTPCodecType creates a RTPCodecType from a string
+func NewRTPCodecType(r string) RTPCodecType {
+	switch {
+	case strings.EqualFold(r, RTPCodecTypeAudio.String()):
+		return RTPCodecTypeAudio
+	case strings.EqualFold(r, RTPCodecTypeVideo.String()):
+		return RTPCodecTypeVideo
+	default:
+		return RTPCodecType(0)
+	}
+}
+
+// RTPCodecCapability provides information about codec capabilities.
+//
+// https://w3c.github.io/webrtc-pc/#dictionary-rtcrtpcodeccapability-members
+type RTPCodecCapability struct {
+	MimeType     string
+	ClockRate    uint32
+	Channels     uint16
+	SDPFmtpLine  string
+	RTCPFeedback []RTCPFeedback
+}
+
+// RTPHeaderExtensionCapability is used to define a RFC5285 RTP header extension supported by the codec.
+//
+// https://w3c.github.io/webrtc-pc/#dom-rtcrtpcapabilities-headerextensions
+type RTPHeaderExtensionCapability struct {
+	URI string
+}
+
+// RTPHeaderExtensionParameter represents a negotiated RFC5285 RTP header extension.
+//
+// https://w3c.github.io/webrtc-pc/#dictionary-rtcrtpheaderextensionparameters-members
+type RTPHeaderExtensionParameter struct {
+	URI string
+	ID  int
+}
+
+// RTPCodecParameters is a sequence containing the media codecs that an RtpSender
+// will choose from, as well as entries for RTX, RED and FEC mechanisms. This also
+// includes the PayloadType that has been negotiated
+//
+// https://w3c.github.io/webrtc-pc/#rtcrtpcodecparameters
+type RTPCodecParameters struct {
+	RTPCodecCapability
+	PayloadType PayloadType
+
+	statsID string
+}
+
+// RTPParameters is a list of negotiated codecs and header extensions
+//
+// https://w3c.github.io/webrtc-pc/#dictionary-rtcrtpparameters-members
+type RTPParameters struct {
+	HeaderExtensions []RTPHeaderExtensionParameter
+	Codecs           []RTPCodecParameters
+}
+
+type codecMatchType int
+
+const (
+	codecMatchNone    codecMatchType = 0
+	codecMatchPartial codecMatchType = 1
+	codecMatchExact   codecMatchType = 2
+)
+
+// Do a fuzzy find for a codec in the list of codecs
+// Used for lookup up a codec in an existing list to find a match
+// Returns codecMatchExact, codecMatchPartial, or codecMatchNone
+func codecParametersFuzzySearch(needle RTPCodecParameters, haystack []RTPCodecParameters) (RTPCodecParameters, codecMatchType) {
+	needleFmtp := fmtp.Parse(needle.RTPCodecCapability.MimeType, needle.RTPCodecCapability.SDPFmtpLine)
+
+	// First attempt to match on MimeType + SDPFmtpLine
+	for _, c := range haystack {
+		cfmtp := fmtp.Parse(c.RTPCodecCapability.MimeType, c.RTPCodecCapability.SDPFmtpLine)
+		if needleFmtp.Match(cfmtp) {
+			return c, codecMatchExact
+		}
+	}
+
+	// Fallback to just MimeType
+	for _, c := range haystack {
+		if strings.EqualFold(c.RTPCodecCapability.MimeType, needle.RTPCodecCapability.MimeType) {
+			return c, codecMatchPartial
+		}
+	}
+
+	return RTPCodecParameters{}, codecMatchNone
+}
+func rtcpFeedbackIntersection(a, b []RTCPFeedback) (out []RTCPFeedback) {
+	for _, aFeedback := range a {
+		for _, bFeeback := range b {
+			if aFeedback.Type == bFeeback.Type && aFeedback.Parameter == bFeeback.Parameter {
+				out = append(out, aFeedback)
+				break
+			}
+		}
+	}
+
+	return
+}
+
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpcodingparameters.go b/server/vendor/github.com/pion/webrtc/v3/rtpcodingparameters.go
new file mode 100644
index 0000000..f03d8c3
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpcodingparameters.go
@@ -0,0 +1,20 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// RTPRtxParameters dictionary contains information relating to retransmission (RTX) settings.
+// https://draft.ortc.org/#dom-rtcrtprtxparameters
+type RTPRtxParameters struct {
+	SSRC SSRC `json:"ssrc"`
+}
+
+// RTPCodingParameters provides information relating to both encoding and decoding.
+// This is a subset of the RFC since Pion WebRTC doesn't implement encoding/decoding itself
+// http://draft.ortc.org/#dom-rtcrtpcodingparameters
+type RTPCodingParameters struct {
+	RID         string           `json:"rid"`
+	SSRC        SSRC             `json:"ssrc"`
+	PayloadType PayloadType      `json:"payloadType"`
+	RTX         RTPRtxParameters `json:"rtx"`
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpdecodingparameters.go b/server/vendor/github.com/pion/webrtc/v3/rtpdecodingparameters.go
new file mode 100644
index 0000000..0c45f89
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpdecodingparameters.go
@@ -0,0 +1,11 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// RTPDecodingParameters provides information relating to both encoding and decoding.
+// This is a subset of the RFC since Pion WebRTC doesn't implement decoding itself
+// http://draft.ortc.org/#dom-rtcrtpdecodingparameters
+type RTPDecodingParameters struct {
+	RTPCodingParameters
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpencodingparameters.go b/server/vendor/github.com/pion/webrtc/v3/rtpencodingparameters.go
new file mode 100644
index 0000000..ffd4a8d
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpencodingparameters.go
@@ -0,0 +1,11 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// RTPEncodingParameters provides information relating to both encoding and decoding.
+// This is a subset of the RFC since Pion WebRTC doesn't implement encoding itself
+// http://draft.ortc.org/#dom-rtcrtpencodingparameters
+type RTPEncodingParameters struct {
+	RTPCodingParameters
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpreceiveparameters.go b/server/vendor/github.com/pion/webrtc/v3/rtpreceiveparameters.go
new file mode 100644
index 0000000..26a6676
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpreceiveparameters.go
@@ -0,0 +1,9 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// RTPReceiveParameters contains the RTP stack settings used by receivers
+type RTPReceiveParameters struct {
+	Encodings []RTPDecodingParameters
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpreceiver.go b/server/vendor/github.com/pion/webrtc/v3/rtpreceiver.go
new file mode 100644
index 0000000..28d7224
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpreceiver.go
@@ -0,0 +1,538 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"encoding/binary"
+	"fmt"
+	"io"
+	"sync"
+	"time"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/rtcp"
+	"github.com/pion/srtp/v2"
+	"github.com/pion/webrtc/v3/internal/util"
+)
+
+// trackStreams maintains a mapping of RTP/RTCP streams to a specific track
+// a RTPReceiver may contain multiple streams if we are dealing with Simulcast
+type trackStreams struct {
+	track *TrackRemote
+
+	streamInfo, repairStreamInfo *interceptor.StreamInfo
+
+	rtpReadStream  *srtp.ReadStreamSRTP
+	rtpInterceptor interceptor.RTPReader
+
+	rtcpReadStream  *srtp.ReadStreamSRTCP
+	rtcpInterceptor interceptor.RTCPReader
+
+	repairReadStream    *srtp.ReadStreamSRTP
+	repairInterceptor   interceptor.RTPReader
+	repairStreamChannel chan rtxPacketWithAttributes
+
+	repairRtcpReadStream  *srtp.ReadStreamSRTCP
+	repairRtcpInterceptor interceptor.RTCPReader
+}
+
+type rtxPacketWithAttributes struct {
+	pkt        []byte
+	attributes interceptor.Attributes
+	pool       *sync.Pool
+}
+
+func (p *rtxPacketWithAttributes) release() {
+	if p.pkt != nil {
+		b := p.pkt[:cap(p.pkt)]
+		p.pool.Put(b) // nolint:staticcheck
+		p.pkt = nil
+	}
+}
+
+// RTPReceiver allows an application to inspect the receipt of a TrackRemote
+type RTPReceiver struct {
+	kind      RTPCodecType
+	transport *DTLSTransport
+
+	tracks []trackStreams
+
+	closed, received chan interface{}
+	mu               sync.RWMutex
+
+	tr *RTPTransceiver
+
+	// A reference to the associated api object
+	api *API
+
+	rtxPool sync.Pool
+}
+
+// NewRTPReceiver constructs a new RTPReceiver
+func (api *API) NewRTPReceiver(kind RTPCodecType, transport *DTLSTransport) (*RTPReceiver, error) {
+	if transport == nil {
+		return nil, errRTPReceiverDTLSTransportNil
+	}
+
+	r := &RTPReceiver{
+		kind:      kind,
+		transport: transport,
+		api:       api,
+		closed:    make(chan interface{}),
+		received:  make(chan interface{}),
+		tracks:    []trackStreams{},
+		rtxPool: sync.Pool{New: func() interface{} {
+			return make([]byte, api.settingEngine.getReceiveMTU())
+		}},
+	}
+
+	return r, nil
+}
+
+func (r *RTPReceiver) setRTPTransceiver(tr *RTPTransceiver) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	r.tr = tr
+}
+
+// Transport returns the currently-configured *DTLSTransport or nil
+// if one has not yet been configured
+func (r *RTPReceiver) Transport() *DTLSTransport {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+	return r.transport
+}
+
+func (r *RTPReceiver) getParameters() RTPParameters {
+	parameters := r.api.mediaEngine.getRTPParametersByKind(r.kind, []RTPTransceiverDirection{RTPTransceiverDirectionRecvonly})
+	if r.tr != nil {
+		parameters.Codecs = r.tr.getCodecs()
+	}
+	return parameters
+}
+
+// GetParameters describes the current configuration for the encoding and
+// transmission of media on the receiver's track.
+func (r *RTPReceiver) GetParameters() RTPParameters {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+	return r.getParameters()
+}
+
+// Track returns the RtpTransceiver TrackRemote
+func (r *RTPReceiver) Track() *TrackRemote {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	if len(r.tracks) != 1 {
+		return nil
+	}
+	return r.tracks[0].track
+}
+
+// Tracks returns the RtpTransceiver tracks
+// A RTPReceiver to support Simulcast may now have multiple tracks
+func (r *RTPReceiver) Tracks() []*TrackRemote {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	var tracks []*TrackRemote
+	for i := range r.tracks {
+		tracks = append(tracks, r.tracks[i].track)
+	}
+	return tracks
+}
+
+// RTPTransceiver returns the RTPTransceiver this
+// RTPReceiver belongs too, or nil if none
+func (r *RTPReceiver) RTPTransceiver() *RTPTransceiver {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	return r.tr
+}
+
+// configureReceive initialize the track
+func (r *RTPReceiver) configureReceive(parameters RTPReceiveParameters) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	for i := range parameters.Encodings {
+		t := trackStreams{
+			track: newTrackRemote(
+				r.kind,
+				parameters.Encodings[i].SSRC,
+				parameters.Encodings[i].RTX.SSRC,
+				parameters.Encodings[i].RID,
+				r,
+			),
+		}
+
+		r.tracks = append(r.tracks, t)
+	}
+}
+
+// startReceive starts all the transports
+func (r *RTPReceiver) startReceive(parameters RTPReceiveParameters) error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	select {
+	case <-r.received:
+		return errRTPReceiverReceiveAlreadyCalled
+	default:
+	}
+	defer close(r.received)
+
+	globalParams := r.getParameters()
+	codec := RTPCodecCapability{}
+	if len(globalParams.Codecs) != 0 {
+		codec = globalParams.Codecs[0].RTPCodecCapability
+	}
+
+	for i := range parameters.Encodings {
+		if parameters.Encodings[i].RID != "" {
+			// RID based tracks will be set up in receiveForRid
+			continue
+		}
+
+		var t *trackStreams
+		for idx, ts := range r.tracks {
+			if ts.track != nil && ts.track.SSRC() == parameters.Encodings[i].SSRC {
+				t = &r.tracks[idx]
+				break
+			}
+		}
+		if t == nil {
+			return fmt.Errorf("%w: %d", errRTPReceiverWithSSRCTrackStreamNotFound, parameters.Encodings[i].SSRC)
+		}
+
+		t.streamInfo = createStreamInfo("", parameters.Encodings[i].SSRC, 0, codec, globalParams.HeaderExtensions)
+		var err error
+		if t.rtpReadStream, t.rtpInterceptor, t.rtcpReadStream, t.rtcpInterceptor, err = r.transport.streamsForSSRC(parameters.Encodings[i].SSRC, *t.streamInfo); err != nil {
+			return err
+		}
+
+		if rtxSsrc := parameters.Encodings[i].RTX.SSRC; rtxSsrc != 0 {
+			streamInfo := createStreamInfo("", rtxSsrc, 0, codec, globalParams.HeaderExtensions)
+			rtpReadStream, rtpInterceptor, rtcpReadStream, rtcpInterceptor, err := r.transport.streamsForSSRC(rtxSsrc, *streamInfo)
+			if err != nil {
+				return err
+			}
+
+			if err = r.receiveForRtx(rtxSsrc, "", streamInfo, rtpReadStream, rtpInterceptor, rtcpReadStream, rtcpInterceptor); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+// Receive initialize the track and starts all the transports
+func (r *RTPReceiver) Receive(parameters RTPReceiveParameters) error {
+	r.configureReceive(parameters)
+	return r.startReceive(parameters)
+}
+
+// Read reads incoming RTCP for this RTPReceiver
+func (r *RTPReceiver) Read(b []byte) (n int, a interceptor.Attributes, err error) {
+	select {
+	case <-r.received:
+		return r.tracks[0].rtcpInterceptor.Read(b, a)
+	case <-r.closed:
+		return 0, nil, io.ErrClosedPipe
+	}
+}
+
+// ReadSimulcast reads incoming RTCP for this RTPReceiver for given rid
+func (r *RTPReceiver) ReadSimulcast(b []byte, rid string) (n int, a interceptor.Attributes, err error) {
+	select {
+	case <-r.received:
+		for _, t := range r.tracks {
+			if t.track != nil && t.track.rid == rid {
+				return t.rtcpInterceptor.Read(b, a)
+			}
+		}
+		return 0, nil, fmt.Errorf("%w: %s", errRTPReceiverForRIDTrackStreamNotFound, rid)
+	case <-r.closed:
+		return 0, nil, io.ErrClosedPipe
+	}
+}
+
+// ReadRTCP is a convenience method that wraps Read and unmarshal for you.
+// It also runs any configured interceptors.
+func (r *RTPReceiver) ReadRTCP() ([]rtcp.Packet, interceptor.Attributes, error) {
+	b := make([]byte, r.api.settingEngine.getReceiveMTU())
+	i, attributes, err := r.Read(b)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	pkts, err := rtcp.Unmarshal(b[:i])
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return pkts, attributes, nil
+}
+
+// ReadSimulcastRTCP is a convenience method that wraps ReadSimulcast and unmarshal for you
+func (r *RTPReceiver) ReadSimulcastRTCP(rid string) ([]rtcp.Packet, interceptor.Attributes, error) {
+	b := make([]byte, r.api.settingEngine.getReceiveMTU())
+	i, attributes, err := r.ReadSimulcast(b, rid)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	pkts, err := rtcp.Unmarshal(b[:i])
+	return pkts, attributes, err
+}
+
+func (r *RTPReceiver) haveReceived() bool {
+	select {
+	case <-r.received:
+		return true
+	default:
+		return false
+	}
+}
+
+// Stop irreversibly stops the RTPReceiver
+func (r *RTPReceiver) Stop() error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	var err error
+
+	select {
+	case <-r.closed:
+		return err
+	default:
+	}
+
+	select {
+	case <-r.received:
+		for i := range r.tracks {
+			errs := []error{}
+
+			if r.tracks[i].rtcpReadStream != nil {
+				errs = append(errs, r.tracks[i].rtcpReadStream.Close())
+			}
+
+			if r.tracks[i].rtpReadStream != nil {
+				errs = append(errs, r.tracks[i].rtpReadStream.Close())
+			}
+
+			if r.tracks[i].repairReadStream != nil {
+				errs = append(errs, r.tracks[i].repairReadStream.Close())
+			}
+
+			if r.tracks[i].repairRtcpReadStream != nil {
+				errs = append(errs, r.tracks[i].repairRtcpReadStream.Close())
+			}
+
+			if r.tracks[i].streamInfo != nil {
+				r.api.interceptor.UnbindRemoteStream(r.tracks[i].streamInfo)
+			}
+
+			if r.tracks[i].repairStreamInfo != nil {
+				r.api.interceptor.UnbindRemoteStream(r.tracks[i].repairStreamInfo)
+			}
+
+			err = util.FlattenErrs(errs)
+		}
+	default:
+	}
+
+	close(r.closed)
+	return err
+}
+
+func (r *RTPReceiver) streamsForTrack(t *TrackRemote) *trackStreams {
+	for i := range r.tracks {
+		if r.tracks[i].track == t {
+			return &r.tracks[i]
+		}
+	}
+	return nil
+}
+
+// readRTP should only be called by a track, this only exists so we can keep state in one place
+func (r *RTPReceiver) readRTP(b []byte, reader *TrackRemote) (n int, a interceptor.Attributes, err error) {
+	<-r.received
+	if t := r.streamsForTrack(reader); t != nil {
+		return t.rtpInterceptor.Read(b, a)
+	}
+
+	return 0, nil, fmt.Errorf("%w: %d", errRTPReceiverWithSSRCTrackStreamNotFound, reader.SSRC())
+}
+
+// receiveForRid is the sibling of Receive expect for RIDs instead of SSRCs
+// It populates all the internal state for the given RID
+func (r *RTPReceiver) receiveForRid(rid string, params RTPParameters, streamInfo *interceptor.StreamInfo, rtpReadStream *srtp.ReadStreamSRTP, rtpInterceptor interceptor.RTPReader, rtcpReadStream *srtp.ReadStreamSRTCP, rtcpInterceptor interceptor.RTCPReader) (*TrackRemote, error) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	for i := range r.tracks {
+		if r.tracks[i].track.RID() == rid {
+			r.tracks[i].track.mu.Lock()
+			r.tracks[i].track.kind = r.kind
+			r.tracks[i].track.codec = params.Codecs[0]
+			r.tracks[i].track.params = params
+			r.tracks[i].track.ssrc = SSRC(streamInfo.SSRC)
+			r.tracks[i].track.mu.Unlock()
+
+			r.tracks[i].streamInfo = streamInfo
+			r.tracks[i].rtpReadStream = rtpReadStream
+			r.tracks[i].rtpInterceptor = rtpInterceptor
+			r.tracks[i].rtcpReadStream = rtcpReadStream
+			r.tracks[i].rtcpInterceptor = rtcpInterceptor
+
+			return r.tracks[i].track, nil
+		}
+	}
+
+	return nil, fmt.Errorf("%w: %s", errRTPReceiverForRIDTrackStreamNotFound, rid)
+}
+
+// receiveForRtx starts a routine that processes the repair stream
+func (r *RTPReceiver) receiveForRtx(ssrc SSRC, rsid string, streamInfo *interceptor.StreamInfo, rtpReadStream *srtp.ReadStreamSRTP, rtpInterceptor interceptor.RTPReader, rtcpReadStream *srtp.ReadStreamSRTCP, rtcpInterceptor interceptor.RTCPReader) error {
+	var track *trackStreams
+	if ssrc != 0 && len(r.tracks) == 1 {
+		track = &r.tracks[0]
+	} else {
+		for i := range r.tracks {
+			if r.tracks[i].track.RID() == rsid {
+				track = &r.tracks[i]
+				if track.track.RtxSSRC() == 0 {
+					track.track.setRtxSSRC(SSRC(streamInfo.SSRC))
+				}
+				break
+			}
+		}
+	}
+
+	if track == nil {
+		return fmt.Errorf("%w: ssrc(%d) rsid(%s)", errRTPReceiverForRIDTrackStreamNotFound, ssrc, rsid)
+	}
+
+	track.repairStreamInfo = streamInfo
+	track.repairReadStream = rtpReadStream
+	track.repairInterceptor = rtpInterceptor
+	track.repairRtcpReadStream = rtcpReadStream
+	track.repairRtcpInterceptor = rtcpInterceptor
+	track.repairStreamChannel = make(chan rtxPacketWithAttributes, 50)
+
+	go func() {
+		for {
+			b := r.rtxPool.Get().([]byte) // nolint:forcetypeassert
+			i, attributes, err := track.repairInterceptor.Read(b, nil)
+			if err != nil {
+				r.rtxPool.Put(b) // nolint:staticcheck
+				return
+			}
+
+			// RTX packets have a different payload format. Move the OSN in the payload to the RTP header and rewrite the
+			// payload type and SSRC, so that we can return RTX packets to the caller 'transparently' i.e. in the same format
+			// as non-RTX RTP packets
+			hasExtension := b[0]&0b10000 > 0
+			hasPadding := b[0]&0b100000 > 0
+			csrcCount := b[0] & 0b1111
+			headerLength := uint16(12 + (4 * csrcCount))
+			paddingLength := 0
+			if hasExtension {
+				headerLength += 4 * (1 + binary.BigEndian.Uint16(b[headerLength+2:headerLength+4]))
+			}
+			if hasPadding {
+				paddingLength = int(b[i-1])
+			}
+
+			if i-int(headerLength)-paddingLength < 2 {
+				// BWE probe packet, ignore
+				r.rtxPool.Put(b) // nolint:staticcheck
+				continue
+			}
+
+			if attributes == nil {
+				attributes = make(interceptor.Attributes)
+			}
+			attributes.Set(AttributeRtxPayloadType, b[1]&0x7F)
+			attributes.Set(AttributeRtxSequenceNumber, binary.BigEndian.Uint16(b[2:4]))
+			attributes.Set(AttributeRtxSsrc, binary.BigEndian.Uint32(b[8:12]))
+
+			b[1] = (b[1] & 0x80) | uint8(track.track.PayloadType())
+			b[2] = b[headerLength]
+			b[3] = b[headerLength+1]
+			binary.BigEndian.PutUint32(b[8:12], uint32(track.track.SSRC()))
+			copy(b[headerLength:i-2], b[headerLength+2:i])
+
+			select {
+			case <-r.closed:
+				r.rtxPool.Put(b) // nolint:staticcheck
+				return
+			case track.repairStreamChannel <- rtxPacketWithAttributes{pkt: b[:i-2], attributes: attributes, pool: &r.rtxPool}:
+			default:
+				// skip the RTX packet if the repair stream channel is full, could be blocked in the application's read loop
+			}
+		}
+	}()
+	return nil
+}
+
+// SetReadDeadline sets the max amount of time the RTCP stream will block before returning. 0 is forever.
+func (r *RTPReceiver) SetReadDeadline(t time.Time) error {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	return r.tracks[0].rtcpReadStream.SetReadDeadline(t)
+}
+
+// SetReadDeadlineSimulcast sets the max amount of time the RTCP stream for a given rid will block before returning. 0 is forever.
+func (r *RTPReceiver) SetReadDeadlineSimulcast(deadline time.Time, rid string) error {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	for _, t := range r.tracks {
+		if t.track != nil && t.track.rid == rid {
+			return t.rtcpReadStream.SetReadDeadline(deadline)
+		}
+	}
+	return fmt.Errorf("%w: %s", errRTPReceiverForRIDTrackStreamNotFound, rid)
+}
+
+// setRTPReadDeadline sets the max amount of time the RTP stream will block before returning. 0 is forever.
+// This should be fired by calling SetReadDeadline on the TrackRemote
+func (r *RTPReceiver) setRTPReadDeadline(deadline time.Time, reader *TrackRemote) error {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	if t := r.streamsForTrack(reader); t != nil {
+		return t.rtpReadStream.SetReadDeadline(deadline)
+	}
+	return fmt.Errorf("%w: %d", errRTPReceiverWithSSRCTrackStreamNotFound, reader.SSRC())
+}
+
+// readRTX returns an RTX packet if one is available on the RTX track, otherwise returns nil
+func (r *RTPReceiver) readRTX(reader *TrackRemote) *rtxPacketWithAttributes {
+	if !reader.HasRTX() {
+		return nil
+	}
+
+	select {
+	case <-r.received:
+	default:
+		return nil
+	}
+
+	if t := r.streamsForTrack(reader); t != nil {
+		select {
+		case rtxPacketReceived := <-t.repairStreamChannel:
+			return &rtxPacketReceived
+		default:
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpreceiver_go.go b/server/vendor/github.com/pion/webrtc/v3/rtpreceiver_go.go
new file mode 100644
index 0000000..4d150f0
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpreceiver_go.go
@@ -0,0 +1,36 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import "github.com/pion/interceptor"
+
+// SetRTPParameters applies provided RTPParameters the RTPReceiver's tracks.
+//
+// This method is part of the ORTC API. It is not
+// meant to be used together with the basic WebRTC API.
+//
+// The amount of provided codecs must match the number of tracks on the receiver.
+func (r *RTPReceiver) SetRTPParameters(params RTPParameters) {
+	headerExtensions := make([]interceptor.RTPHeaderExtension, 0, len(params.HeaderExtensions))
+	for _, h := range params.HeaderExtensions {
+		headerExtensions = append(headerExtensions, interceptor.RTPHeaderExtension{ID: h.ID, URI: h.URI})
+	}
+
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	for ndx, codec := range params.Codecs {
+		currentTrack := r.tracks[ndx].track
+
+		r.tracks[ndx].streamInfo.RTPHeaderExtensions = headerExtensions
+
+		currentTrack.mu.Lock()
+		currentTrack.codec = codec
+		currentTrack.params = params
+		currentTrack.mu.Unlock()
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpreceiver_js.go b/server/vendor/github.com/pion/webrtc/v3/rtpreceiver_js.go
new file mode 100644
index 0000000..44cef72
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpreceiver_js.go
@@ -0,0 +1,15 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import "syscall/js"
+
+// RTPReceiver allows an application to inspect the receipt of a TrackRemote
+type RTPReceiver struct {
+	// Pointer to the underlying JavaScript RTCRTPReceiver object.
+	underlying js.Value
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpsender.go b/server/vendor/github.com/pion/webrtc/v3/rtpsender.go
new file mode 100644
index 0000000..0c0e867
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpsender.go
@@ -0,0 +1,460 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"fmt"
+	"io"
+	"sync"
+	"time"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/randutil"
+	"github.com/pion/rtcp"
+	"github.com/pion/rtp"
+	"github.com/pion/webrtc/v3/internal/util"
+)
+
+type trackEncoding struct {
+	track TrackLocal
+
+	srtpStream *srtpWriterFuture
+
+	rtcpInterceptor interceptor.RTCPReader
+	streamInfo      interceptor.StreamInfo
+
+	context *baseTrackLocalContext
+
+	ssrc SSRC
+}
+
+// RTPSender allows an application to control how a given Track is encoded and transmitted to a remote peer
+type RTPSender struct {
+	trackEncodings []*trackEncoding
+
+	transport *DTLSTransport
+
+	payloadType PayloadType
+	kind        RTPCodecType
+
+	// nolint:godox
+	// TODO(sgotti) remove this when in future we'll avoid replacing
+	// a transceiver sender since we can just check the
+	// transceiver negotiation status
+	negotiated bool
+
+	// A reference to the associated api object
+	api *API
+	id  string
+
+	rtpTransceiver *RTPTransceiver
+
+	mu                     sync.RWMutex
+	sendCalled, stopCalled chan struct{}
+}
+
+// NewRTPSender constructs a new RTPSender
+func (api *API) NewRTPSender(track TrackLocal, transport *DTLSTransport) (*RTPSender, error) {
+	if track == nil {
+		return nil, errRTPSenderTrackNil
+	} else if transport == nil {
+		return nil, errRTPSenderDTLSTransportNil
+	}
+
+	id, err := randutil.GenerateCryptoRandomString(32, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
+	if err != nil {
+		return nil, err
+	}
+
+	r := &RTPSender{
+		transport:  transport,
+		api:        api,
+		sendCalled: make(chan struct{}),
+		stopCalled: make(chan struct{}),
+		id:         id,
+		kind:       track.Kind(),
+	}
+
+	r.addEncoding(track)
+
+	return r, nil
+}
+
+func (r *RTPSender) isNegotiated() bool {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+	return r.negotiated
+}
+
+func (r *RTPSender) setNegotiated() {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	r.negotiated = true
+}
+
+func (r *RTPSender) setRTPTransceiver(rtpTransceiver *RTPTransceiver) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	r.rtpTransceiver = rtpTransceiver
+}
+
+// Transport returns the currently-configured *DTLSTransport or nil
+// if one has not yet been configured
+func (r *RTPSender) Transport() *DTLSTransport {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+	return r.transport
+}
+
+func (r *RTPSender) getParameters() RTPSendParameters {
+	var encodings []RTPEncodingParameters
+	for _, trackEncoding := range r.trackEncodings {
+		var rid string
+		if trackEncoding.track != nil {
+			rid = trackEncoding.track.RID()
+		}
+		encodings = append(encodings, RTPEncodingParameters{
+			RTPCodingParameters: RTPCodingParameters{
+				RID:         rid,
+				SSRC:        trackEncoding.ssrc,
+				PayloadType: r.payloadType,
+			},
+		})
+	}
+	sendParameters := RTPSendParameters{
+		RTPParameters: r.api.mediaEngine.getRTPParametersByKind(
+			r.kind,
+			[]RTPTransceiverDirection{RTPTransceiverDirectionSendonly},
+		),
+		Encodings: encodings,
+	}
+	if r.rtpTransceiver != nil {
+		sendParameters.Codecs = r.rtpTransceiver.getCodecs()
+	} else {
+		sendParameters.Codecs = r.api.mediaEngine.getCodecsByKind(r.kind)
+	}
+	return sendParameters
+}
+
+// GetParameters describes the current configuration for the encoding and
+// transmission of media on the sender's track.
+func (r *RTPSender) GetParameters() RTPSendParameters {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+	return r.getParameters()
+}
+
+// AddEncoding adds an encoding to RTPSender. Used by simulcast senders.
+func (r *RTPSender) AddEncoding(track TrackLocal) error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if track == nil {
+		return errRTPSenderTrackNil
+	}
+
+	if track.RID() == "" {
+		return errRTPSenderRidNil
+	}
+
+	if r.hasStopped() {
+		return errRTPSenderStopped
+	}
+
+	if r.hasSent() {
+		return errRTPSenderSendAlreadyCalled
+	}
+
+	var refTrack TrackLocal
+	if len(r.trackEncodings) != 0 {
+		refTrack = r.trackEncodings[0].track
+	}
+	if refTrack == nil || refTrack.RID() == "" {
+		return errRTPSenderNoBaseEncoding
+	}
+
+	if refTrack.ID() != track.ID() || refTrack.StreamID() != track.StreamID() || refTrack.Kind() != track.Kind() {
+		return errRTPSenderBaseEncodingMismatch
+	}
+
+	for _, encoding := range r.trackEncodings {
+		if encoding.track == nil {
+			continue
+		}
+
+		if encoding.track.RID() == track.RID() {
+			return errRTPSenderRIDCollision
+		}
+	}
+
+	r.addEncoding(track)
+	return nil
+}
+
+func (r *RTPSender) addEncoding(track TrackLocal) {
+	ssrc := SSRC(randutil.NewMathRandomGenerator().Uint32())
+	trackEncoding := &trackEncoding{
+		track:      track,
+		srtpStream: &srtpWriterFuture{ssrc: ssrc},
+		ssrc:       ssrc,
+	}
+	trackEncoding.srtpStream.rtpSender = r
+	trackEncoding.rtcpInterceptor = r.api.interceptor.BindRTCPReader(
+		interceptor.RTCPReaderFunc(func(in []byte, a interceptor.Attributes) (n int, attributes interceptor.Attributes, err error) {
+			n, err = trackEncoding.srtpStream.Read(in)
+			return n, a, err
+		}),
+	)
+
+	r.trackEncodings = append(r.trackEncodings, trackEncoding)
+}
+
+// Track returns the RTCRtpTransceiver track, or nil
+func (r *RTPSender) Track() TrackLocal {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	if len(r.trackEncodings) == 0 {
+		return nil
+	}
+
+	return r.trackEncodings[0].track
+}
+
+// ReplaceTrack replaces the track currently being used as the sender's source with a new TrackLocal.
+// The new track must be of the same media kind (audio, video, etc) and switching the track should not
+// require negotiation.
+func (r *RTPSender) ReplaceTrack(track TrackLocal) error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if track != nil && r.kind != track.Kind() {
+		return ErrRTPSenderNewTrackHasIncorrectKind
+	}
+
+	// cannot replace simulcast envelope
+	if track != nil && len(r.trackEncodings) > 1 {
+		return ErrRTPSenderNewTrackHasIncorrectEnvelope
+	}
+
+	var replacedTrack TrackLocal
+	var context *baseTrackLocalContext
+	for _, e := range r.trackEncodings {
+		replacedTrack = e.track
+		context = e.context
+
+		if r.hasSent() && replacedTrack != nil {
+			if err := replacedTrack.Unbind(context); err != nil {
+				return err
+			}
+		}
+
+		if !r.hasSent() || track == nil {
+			e.track = track
+		}
+	}
+
+	if !r.hasSent() || track == nil {
+		return nil
+	}
+
+	// If we reach this point in the routine, there is only 1 track encoding
+	codec, err := track.Bind(&baseTrackLocalContext{
+		id:              context.ID(),
+		params:          r.api.mediaEngine.getRTPParametersByKind(track.Kind(), []RTPTransceiverDirection{RTPTransceiverDirectionSendonly}),
+		ssrc:            context.SSRC(),
+		writeStream:     context.WriteStream(),
+		rtcpInterceptor: context.RTCPReader(),
+	})
+	if err != nil {
+		// Re-bind the original track
+		if _, reBindErr := replacedTrack.Bind(context); reBindErr != nil {
+			return reBindErr
+		}
+
+		return err
+	}
+
+	// Codec has changed
+	if r.payloadType != codec.PayloadType {
+		context.params.Codecs = []RTPCodecParameters{codec}
+	}
+
+	r.trackEncodings[0].track = track
+
+	return nil
+}
+
+// Send Attempts to set the parameters controlling the sending of media.
+func (r *RTPSender) Send(parameters RTPSendParameters) error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	switch {
+	case r.hasSent():
+		return errRTPSenderSendAlreadyCalled
+	case r.trackEncodings[0].track == nil:
+		return errRTPSenderTrackRemoved
+	}
+
+	for idx, trackEncoding := range r.trackEncodings {
+		writeStream := &interceptorToTrackLocalWriter{}
+		trackEncoding.context = &baseTrackLocalContext{
+			id:              r.id,
+			params:          r.api.mediaEngine.getRTPParametersByKind(trackEncoding.track.Kind(), []RTPTransceiverDirection{RTPTransceiverDirectionSendonly}),
+			ssrc:            parameters.Encodings[idx].SSRC,
+			writeStream:     writeStream,
+			rtcpInterceptor: trackEncoding.rtcpInterceptor,
+		}
+
+		codec, err := trackEncoding.track.Bind(trackEncoding.context)
+		if err != nil {
+			return err
+		}
+		trackEncoding.context.params.Codecs = []RTPCodecParameters{codec}
+
+		trackEncoding.streamInfo = *createStreamInfo(
+			r.id,
+			parameters.Encodings[idx].SSRC,
+			codec.PayloadType,
+			codec.RTPCodecCapability,
+			parameters.HeaderExtensions,
+		)
+		srtpStream := trackEncoding.srtpStream
+		rtpInterceptor := r.api.interceptor.BindLocalStream(
+			&trackEncoding.streamInfo,
+			interceptor.RTPWriterFunc(func(header *rtp.Header, payload []byte, attributes interceptor.Attributes) (int, error) {
+				return srtpStream.WriteRTP(header, payload)
+			}),
+		)
+		writeStream.interceptor.Store(rtpInterceptor)
+	}
+
+	close(r.sendCalled)
+	return nil
+}
+
+// Stop irreversibly stops the RTPSender
+func (r *RTPSender) Stop() error {
+	r.mu.Lock()
+
+	if stopped := r.hasStopped(); stopped {
+		r.mu.Unlock()
+		return nil
+	}
+
+	close(r.stopCalled)
+	r.mu.Unlock()
+
+	if !r.hasSent() {
+		return nil
+	}
+
+	if err := r.ReplaceTrack(nil); err != nil {
+		return err
+	}
+
+	errs := []error{}
+	for _, trackEncoding := range r.trackEncodings {
+		r.api.interceptor.UnbindLocalStream(&trackEncoding.streamInfo)
+		errs = append(errs, trackEncoding.srtpStream.Close())
+	}
+
+	return util.FlattenErrs(errs)
+}
+
+// Read reads incoming RTCP for this RTPSender
+func (r *RTPSender) Read(b []byte) (n int, a interceptor.Attributes, err error) {
+	select {
+	case <-r.sendCalled:
+		return r.trackEncodings[0].rtcpInterceptor.Read(b, a)
+	case <-r.stopCalled:
+		return 0, nil, io.ErrClosedPipe
+	}
+}
+
+// ReadRTCP is a convenience method that wraps Read and unmarshals for you.
+func (r *RTPSender) ReadRTCP() ([]rtcp.Packet, interceptor.Attributes, error) {
+	b := make([]byte, r.api.settingEngine.getReceiveMTU())
+	i, attributes, err := r.Read(b)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	pkts, err := rtcp.Unmarshal(b[:i])
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return pkts, attributes, nil
+}
+
+// ReadSimulcast reads incoming RTCP for this RTPSender for given rid
+func (r *RTPSender) ReadSimulcast(b []byte, rid string) (n int, a interceptor.Attributes, err error) {
+	select {
+	case <-r.sendCalled:
+		for _, t := range r.trackEncodings {
+			if t.track != nil && t.track.RID() == rid {
+				return t.rtcpInterceptor.Read(b, a)
+			}
+		}
+		return 0, nil, fmt.Errorf("%w: %s", errRTPSenderNoTrackForRID, rid)
+	case <-r.stopCalled:
+		return 0, nil, io.ErrClosedPipe
+	}
+}
+
+// ReadSimulcastRTCP is a convenience method that wraps ReadSimulcast and unmarshal for you
+func (r *RTPSender) ReadSimulcastRTCP(rid string) ([]rtcp.Packet, interceptor.Attributes, error) {
+	b := make([]byte, r.api.settingEngine.getReceiveMTU())
+	i, attributes, err := r.ReadSimulcast(b, rid)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	pkts, err := rtcp.Unmarshal(b[:i])
+	return pkts, attributes, err
+}
+
+// SetReadDeadline sets the deadline for the Read operation.
+// Setting to zero means no deadline.
+func (r *RTPSender) SetReadDeadline(t time.Time) error {
+	return r.trackEncodings[0].srtpStream.SetReadDeadline(t)
+}
+
+// SetReadDeadlineSimulcast sets the max amount of time the RTCP stream for a given rid will block before returning. 0 is forever.
+func (r *RTPSender) SetReadDeadlineSimulcast(deadline time.Time, rid string) error {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	for _, t := range r.trackEncodings {
+		if t.track != nil && t.track.RID() == rid {
+			return t.srtpStream.SetReadDeadline(deadline)
+		}
+	}
+	return fmt.Errorf("%w: %s", errRTPSenderNoTrackForRID, rid)
+}
+
+// hasSent tells if data has been ever sent for this instance
+func (r *RTPSender) hasSent() bool {
+	select {
+	case <-r.sendCalled:
+		return true
+	default:
+		return false
+	}
+}
+
+// hasStopped tells if stop has been called
+func (r *RTPSender) hasStopped() bool {
+	select {
+	case <-r.stopCalled:
+		return true
+	default:
+		return false
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpsender_js.go b/server/vendor/github.com/pion/webrtc/v3/rtpsender_js.go
new file mode 100644
index 0000000..46ea599
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpsender_js.go
@@ -0,0 +1,15 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import "syscall/js"
+
+// RTPSender allows an application to control how a given Track is encoded and transmitted to a remote peer
+type RTPSender struct {
+	// Pointer to the underlying JavaScript RTCRTPSender object.
+	underlying js.Value
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtpsendparameters.go b/server/vendor/github.com/pion/webrtc/v3/rtpsendparameters.go
new file mode 100644
index 0000000..b955c61
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtpsendparameters.go
@@ -0,0 +1,10 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// RTPSendParameters contains the RTP stack settings used by receivers
+type RTPSendParameters struct {
+	RTPParameters
+	Encodings []RTPEncodingParameters
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtptransceiver.go b/server/vendor/github.com/pion/webrtc/v3/rtptransceiver.go
new file mode 100644
index 0000000..4278d1f
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtptransceiver.go
@@ -0,0 +1,298 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"fmt"
+	"sync"
+	"sync/atomic"
+
+	"github.com/pion/rtp"
+)
+
+// RTPTransceiver represents a combination of an RTPSender and an RTPReceiver that share a common mid.
+type RTPTransceiver struct {
+	mid              atomic.Value // string
+	sender           atomic.Value // *RTPSender
+	receiver         atomic.Value // *RTPReceiver
+	direction        atomic.Value // RTPTransceiverDirection
+	currentDirection atomic.Value // RTPTransceiverDirection
+
+	codecs []RTPCodecParameters // User provided codecs via SetCodecPreferences
+
+	stopped bool
+	kind    RTPCodecType
+
+	api *API
+	mu  sync.RWMutex
+}
+
+func newRTPTransceiver(
+	receiver *RTPReceiver,
+	sender *RTPSender,
+	direction RTPTransceiverDirection,
+	kind RTPCodecType,
+	api *API,
+) *RTPTransceiver {
+	t := &RTPTransceiver{kind: kind, api: api}
+	t.setReceiver(receiver)
+	t.setSender(sender)
+	t.setDirection(direction)
+	t.setCurrentDirection(RTPTransceiverDirection(Unknown))
+	return t
+}
+
+// SetCodecPreferences sets preferred list of supported codecs
+// if codecs is empty or nil we reset to default from MediaEngine
+func (t *RTPTransceiver) SetCodecPreferences(codecs []RTPCodecParameters) error {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	for _, codec := range codecs {
+		if _, matchType := codecParametersFuzzySearch(codec, t.api.mediaEngine.getCodecsByKind(t.kind)); matchType == codecMatchNone {
+			return fmt.Errorf("%w %s", errRTPTransceiverCodecUnsupported, codec.MimeType)
+		}
+	}
+
+	t.codecs = codecs
+	return nil
+}
+
+// Codecs returns list of supported codecs
+func (t *RTPTransceiver) getCodecs() []RTPCodecParameters {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+
+	mediaEngineCodecs := t.api.mediaEngine.getCodecsByKind(t.kind)
+	if len(t.codecs) == 0 {
+		return mediaEngineCodecs
+	}
+
+	filteredCodecs := []RTPCodecParameters{}
+	for _, codec := range t.codecs {
+		if c, matchType := codecParametersFuzzySearch(codec, mediaEngineCodecs); matchType != codecMatchNone {
+			if codec.PayloadType == 0 {
+				codec.PayloadType = c.PayloadType
+			}
+			codec.RTCPFeedback = rtcpFeedbackIntersection(codec.RTCPFeedback, c.RTCPFeedback)
+			filteredCodecs = append(filteredCodecs, codec)
+		}
+	}
+
+	return filteredCodecs
+}
+
+// Sender returns the RTPTransceiver's RTPSender if it has one
+func (t *RTPTransceiver) Sender() *RTPSender {
+	if v, ok := t.sender.Load().(*RTPSender); ok {
+		return v
+	}
+
+	return nil
+}
+
+// SetSender sets the RTPSender and Track to current transceiver
+func (t *RTPTransceiver) SetSender(s *RTPSender, track TrackLocal) error {
+	t.setSender(s)
+	return t.setSendingTrack(track)
+}
+
+func (t *RTPTransceiver) setSender(s *RTPSender) {
+	if s != nil {
+		s.setRTPTransceiver(t)
+	}
+
+	if prevSender := t.Sender(); prevSender != nil {
+		prevSender.setRTPTransceiver(nil)
+	}
+
+	t.sender.Store(s)
+}
+
+// Receiver returns the RTPTransceiver's RTPReceiver if it has one
+func (t *RTPTransceiver) Receiver() *RTPReceiver {
+	if v, ok := t.receiver.Load().(*RTPReceiver); ok {
+		return v
+	}
+
+	return nil
+}
+
+// SetMid sets the RTPTransceiver's mid. If it was already set, will return an error.
+func (t *RTPTransceiver) SetMid(mid string) error {
+	if currentMid := t.Mid(); currentMid != "" {
+		return fmt.Errorf("%w: %s to %s", errRTPTransceiverCannotChangeMid, currentMid, mid)
+	}
+	t.mid.Store(mid)
+	return nil
+}
+
+// Mid gets the Transceiver's mid value. When not already set, this value will be set in CreateOffer or CreateAnswer.
+func (t *RTPTransceiver) Mid() string {
+	if v, ok := t.mid.Load().(string); ok {
+		return v
+	}
+	return ""
+}
+
+// Kind returns RTPTransceiver's kind.
+func (t *RTPTransceiver) Kind() RTPCodecType {
+	return t.kind
+}
+
+// Direction returns the RTPTransceiver's current direction
+func (t *RTPTransceiver) Direction() RTPTransceiverDirection {
+	if direction, ok := t.direction.Load().(RTPTransceiverDirection); ok {
+		return direction
+	}
+	return RTPTransceiverDirection(0)
+}
+
+// Stop irreversibly stops the RTPTransceiver
+func (t *RTPTransceiver) Stop() error {
+	if sender := t.Sender(); sender != nil {
+		if err := sender.Stop(); err != nil {
+			return err
+		}
+	}
+	if receiver := t.Receiver(); receiver != nil {
+		if err := receiver.Stop(); err != nil {
+			return err
+		}
+	}
+
+	t.setDirection(RTPTransceiverDirectionInactive)
+	t.setCurrentDirection(RTPTransceiverDirectionInactive)
+	return nil
+}
+
+func (t *RTPTransceiver) setReceiver(r *RTPReceiver) {
+	if r != nil {
+		r.setRTPTransceiver(t)
+	}
+
+	if prevReceiver := t.Receiver(); prevReceiver != nil {
+		prevReceiver.setRTPTransceiver(nil)
+	}
+
+	t.receiver.Store(r)
+}
+
+func (t *RTPTransceiver) setDirection(d RTPTransceiverDirection) {
+	t.direction.Store(d)
+}
+
+func (t *RTPTransceiver) setCurrentDirection(d RTPTransceiverDirection) {
+	t.currentDirection.Store(d)
+}
+
+func (t *RTPTransceiver) getCurrentDirection() RTPTransceiverDirection {
+	if v, ok := t.currentDirection.Load().(RTPTransceiverDirection); ok {
+		return v
+	}
+	return RTPTransceiverDirection(Unknown)
+}
+
+func (t *RTPTransceiver) setSendingTrack(track TrackLocal) error {
+	if err := t.Sender().ReplaceTrack(track); err != nil {
+		return err
+	}
+	if track == nil {
+		t.setSender(nil)
+	}
+
+	switch {
+	case track != nil && t.Direction() == RTPTransceiverDirectionRecvonly:
+		t.setDirection(RTPTransceiverDirectionSendrecv)
+	case track != nil && t.Direction() == RTPTransceiverDirectionInactive:
+		t.setDirection(RTPTransceiverDirectionSendonly)
+	case track == nil && t.Direction() == RTPTransceiverDirectionSendrecv:
+		t.setDirection(RTPTransceiverDirectionRecvonly)
+	case track != nil && t.Direction() == RTPTransceiverDirectionSendonly:
+		// Handle the case where a sendonly transceiver was added by a negotiation
+		// initiated by remote peer. For example a remote peer added a transceiver
+		// with direction recvonly.
+	case track != nil && t.Direction() == RTPTransceiverDirectionSendrecv:
+		// Similar to above, but for sendrecv transceiver.
+	case track == nil && t.Direction() == RTPTransceiverDirectionSendonly:
+		t.setDirection(RTPTransceiverDirectionInactive)
+	default:
+		return errRTPTransceiverSetSendingInvalidState
+	}
+	return nil
+}
+
+func findByMid(mid string, localTransceivers []*RTPTransceiver) (*RTPTransceiver, []*RTPTransceiver) {
+	for i, t := range localTransceivers {
+		if t.Mid() == mid {
+			return t, append(localTransceivers[:i], localTransceivers[i+1:]...)
+		}
+	}
+
+	return nil, localTransceivers
+}
+
+// Given a direction+type pluck a transceiver from the passed list
+// if no entry satisfies the requested type+direction return a inactive Transceiver
+func satisfyTypeAndDirection(remoteKind RTPCodecType, remoteDirection RTPTransceiverDirection, localTransceivers []*RTPTransceiver) (*RTPTransceiver, []*RTPTransceiver) {
+	// Get direction order from most preferred to least
+	getPreferredDirections := func() []RTPTransceiverDirection {
+		switch remoteDirection {
+		case RTPTransceiverDirectionSendrecv:
+			return []RTPTransceiverDirection{RTPTransceiverDirectionRecvonly, RTPTransceiverDirectionSendrecv, RTPTransceiverDirectionSendonly}
+		case RTPTransceiverDirectionSendonly:
+			return []RTPTransceiverDirection{RTPTransceiverDirectionRecvonly, RTPTransceiverDirectionSendrecv}
+		case RTPTransceiverDirectionRecvonly:
+			return []RTPTransceiverDirection{RTPTransceiverDirectionSendonly, RTPTransceiverDirectionSendrecv}
+		default:
+			return []RTPTransceiverDirection{}
+		}
+	}
+
+	for _, possibleDirection := range getPreferredDirections() {
+		for i := range localTransceivers {
+			t := localTransceivers[i]
+			if t.Mid() == "" && t.kind == remoteKind && possibleDirection == t.Direction() {
+				return t, append(localTransceivers[:i], localTransceivers[i+1:]...)
+			}
+		}
+	}
+
+	return nil, localTransceivers
+}
+
+// handleUnknownRTPPacket consumes a single RTP Packet and returns information that is helpful
+// for demuxing and handling an unknown SSRC (usually for Simulcast)
+func handleUnknownRTPPacket(buf []byte, midExtensionID, streamIDExtensionID, repairStreamIDExtensionID uint8, mid, rid, rsid *string) (payloadType PayloadType, paddingOnly bool, err error) {
+	rp := &rtp.Packet{}
+	if err = rp.Unmarshal(buf); err != nil {
+		return
+	}
+
+	if rp.Padding && len(rp.Payload) == 0 {
+		paddingOnly = true
+	}
+
+	if !rp.Header.Extension {
+		return
+	}
+
+	payloadType = PayloadType(rp.PayloadType)
+	if payload := rp.GetExtension(midExtensionID); payload != nil {
+		*mid = string(payload)
+	}
+
+	if payload := rp.GetExtension(streamIDExtensionID); payload != nil {
+		*rid = string(payload)
+	}
+
+	if payload := rp.GetExtension(repairStreamIDExtensionID); payload != nil {
+		*rsid = string(payload)
+	}
+
+	return
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtptransceiver_js.go b/server/vendor/github.com/pion/webrtc/v3/rtptransceiver_js.go
new file mode 100644
index 0000000..43e129a
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtptransceiver_js.go
@@ -0,0 +1,42 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import (
+	"syscall/js"
+)
+
+// RTPTransceiver represents a combination of an RTPSender and an RTPReceiver that share a common mid.
+type RTPTransceiver struct {
+	// Pointer to the underlying JavaScript RTCRTPTransceiver object.
+	underlying js.Value
+}
+
+// Direction returns the RTPTransceiver's current direction
+func (r *RTPTransceiver) Direction() RTPTransceiverDirection {
+	return NewRTPTransceiverDirection(r.underlying.Get("direction").String())
+}
+
+// Sender returns the RTPTransceiver's RTPSender if it has one
+func (r *RTPTransceiver) Sender() *RTPSender {
+	underlying := r.underlying.Get("sender")
+	if underlying.IsNull() {
+		return nil
+	}
+
+	return &RTPSender{underlying: underlying}
+}
+
+// Receiver returns the RTPTransceiver's RTPReceiver if it has one
+func (r *RTPTransceiver) Receiver() *RTPReceiver {
+	underlying := r.underlying.Get("receiver")
+	if underlying.IsNull() {
+		return nil
+	}
+
+	return &RTPReceiver{underlying: underlying}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtptransceiverdirection.go b/server/vendor/github.com/pion/webrtc/v3/rtptransceiverdirection.go
new file mode 100644
index 0000000..752cd5b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtptransceiverdirection.go
@@ -0,0 +1,88 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// RTPTransceiverDirection indicates the direction of the RTPTransceiver.
+type RTPTransceiverDirection int
+
+const (
+	// RTPTransceiverDirectionSendrecv indicates the RTPSender will offer
+	// to send RTP and the RTPReceiver will offer to receive RTP.
+	RTPTransceiverDirectionSendrecv RTPTransceiverDirection = iota + 1
+
+	// RTPTransceiverDirectionSendonly indicates the RTPSender will offer
+	// to send RTP.
+	RTPTransceiverDirectionSendonly
+
+	// RTPTransceiverDirectionRecvonly indicates the RTPReceiver will
+	// offer to receive RTP.
+	RTPTransceiverDirectionRecvonly
+
+	// RTPTransceiverDirectionInactive indicates the RTPSender won't offer
+	// to send RTP and the RTPReceiver won't offer to receive RTP.
+	RTPTransceiverDirectionInactive
+)
+
+// This is done this way because of a linter.
+const (
+	rtpTransceiverDirectionSendrecvStr = "sendrecv"
+	rtpTransceiverDirectionSendonlyStr = "sendonly"
+	rtpTransceiverDirectionRecvonlyStr = "recvonly"
+	rtpTransceiverDirectionInactiveStr = "inactive"
+)
+
+// NewRTPTransceiverDirection defines a procedure for creating a new
+// RTPTransceiverDirection from a raw string naming the transceiver direction.
+func NewRTPTransceiverDirection(raw string) RTPTransceiverDirection {
+	switch raw {
+	case rtpTransceiverDirectionSendrecvStr:
+		return RTPTransceiverDirectionSendrecv
+	case rtpTransceiverDirectionSendonlyStr:
+		return RTPTransceiverDirectionSendonly
+	case rtpTransceiverDirectionRecvonlyStr:
+		return RTPTransceiverDirectionRecvonly
+	case rtpTransceiverDirectionInactiveStr:
+		return RTPTransceiverDirectionInactive
+	default:
+		return RTPTransceiverDirection(Unknown)
+	}
+}
+
+func (t RTPTransceiverDirection) String() string {
+	switch t {
+	case RTPTransceiverDirectionSendrecv:
+		return rtpTransceiverDirectionSendrecvStr
+	case RTPTransceiverDirectionSendonly:
+		return rtpTransceiverDirectionSendonlyStr
+	case RTPTransceiverDirectionRecvonly:
+		return rtpTransceiverDirectionRecvonlyStr
+	case RTPTransceiverDirectionInactive:
+		return rtpTransceiverDirectionInactiveStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// Revers indicate the opposite direction
+func (t RTPTransceiverDirection) Revers() RTPTransceiverDirection {
+	switch t {
+	case RTPTransceiverDirectionSendonly:
+		return RTPTransceiverDirectionRecvonly
+	case RTPTransceiverDirectionRecvonly:
+		return RTPTransceiverDirectionSendonly
+	default:
+		return t
+	}
+}
+
+func haveRTPTransceiverDirectionIntersection(haystack []RTPTransceiverDirection, needle []RTPTransceiverDirection) bool {
+	for _, n := range needle {
+		for _, h := range haystack {
+			if n == h {
+				return true
+			}
+		}
+	}
+	return false
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/rtptransceiverinit.go b/server/vendor/github.com/pion/webrtc/v3/rtptransceiverinit.go
new file mode 100644
index 0000000..3aac1dc
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/rtptransceiverinit.go
@@ -0,0 +1,15 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// RTPTransceiverInit dictionary is used when calling the WebRTC function addTransceiver() to provide configuration options for the new transceiver.
+type RTPTransceiverInit struct {
+	Direction     RTPTransceiverDirection
+	SendEncodings []RTPEncodingParameters
+	// Streams       []*Track
+}
+
+// RtpTransceiverInit is a temporary mapping while we fix case sensitivity
+// Deprecated: Use RTPTransceiverInit instead
+type RtpTransceiverInit = RTPTransceiverInit //nolint: stylecheck,golint
diff --git a/server/vendor/github.com/pion/webrtc/v3/sctpcapabilities.go b/server/vendor/github.com/pion/webrtc/v3/sctpcapabilities.go
new file mode 100644
index 0000000..c4c5ff5
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/sctpcapabilities.go
@@ -0,0 +1,9 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// SCTPCapabilities indicates the capabilities of the SCTPTransport.
+type SCTPCapabilities struct {
+	MaxMessageSize uint32 `json:"maxMessageSize"`
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/sctptransport.go b/server/vendor/github.com/pion/webrtc/v3/sctptransport.go
new file mode 100644
index 0000000..8167423
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/sctptransport.go
@@ -0,0 +1,451 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"errors"
+	"io"
+	"math"
+	"sync"
+	"time"
+
+	"github.com/pion/datachannel"
+	"github.com/pion/logging"
+	"github.com/pion/sctp"
+	"github.com/pion/webrtc/v3/pkg/rtcerr"
+)
+
+const sctpMaxChannels = uint16(65535)
+
+// SCTPTransport provides details about the SCTP transport.
+type SCTPTransport struct {
+	lock sync.RWMutex
+
+	dtlsTransport *DTLSTransport
+
+	// State represents the current state of the SCTP transport.
+	state SCTPTransportState
+
+	// SCTPTransportState doesn't have an enum to distinguish between New/Connecting
+	// so we need a dedicated field
+	isStarted bool
+
+	// MaxMessageSize represents the maximum size of data that can be passed to
+	// DataChannel's send() method.
+	maxMessageSize float64
+
+	// MaxChannels represents the maximum amount of DataChannel's that can
+	// be used simultaneously.
+	maxChannels *uint16
+
+	// OnStateChange  func()
+
+	onErrorHandler func(error)
+	onCloseHandler func(error)
+
+	sctpAssociation            *sctp.Association
+	onDataChannelHandler       func(*DataChannel)
+	onDataChannelOpenedHandler func(*DataChannel)
+
+	// DataChannels
+	dataChannels          []*DataChannel
+	dataChannelsOpened    uint32
+	dataChannelsRequested uint32
+	dataChannelsAccepted  uint32
+
+	api *API
+	log logging.LeveledLogger
+}
+
+// NewSCTPTransport creates a new SCTPTransport.
+// This constructor is part of the ORTC API. It is not
+// meant to be used together with the basic WebRTC API.
+func (api *API) NewSCTPTransport(dtls *DTLSTransport) *SCTPTransport {
+	res := &SCTPTransport{
+		dtlsTransport: dtls,
+		state:         SCTPTransportStateConnecting,
+		api:           api,
+		log:           api.settingEngine.LoggerFactory.NewLogger("ortc"),
+	}
+
+	res.updateMessageSize()
+	res.updateMaxChannels()
+
+	return res
+}
+
+// Transport returns the DTLSTransport instance the SCTPTransport is sending over.
+func (r *SCTPTransport) Transport() *DTLSTransport {
+	r.lock.RLock()
+	defer r.lock.RUnlock()
+
+	return r.dtlsTransport
+}
+
+// GetCapabilities returns the SCTPCapabilities of the SCTPTransport.
+func (r *SCTPTransport) GetCapabilities() SCTPCapabilities {
+	return SCTPCapabilities{
+		MaxMessageSize: 0,
+	}
+}
+
+// Start the SCTPTransport. Since both local and remote parties must mutually
+// create an SCTPTransport, SCTP SO (Simultaneous Open) is used to establish
+// a connection over SCTP.
+func (r *SCTPTransport) Start(SCTPCapabilities) error {
+	if r.isStarted {
+		return nil
+	}
+	r.isStarted = true
+
+	dtlsTransport := r.Transport()
+	if dtlsTransport == nil || dtlsTransport.conn == nil {
+		return errSCTPTransportDTLS
+	}
+
+	sctpAssociation, err := sctp.Client(sctp.Config{
+		NetConn:              dtlsTransport.conn,
+		MaxReceiveBufferSize: r.api.settingEngine.sctp.maxReceiveBufferSize,
+		EnableZeroChecksum:   r.api.settingEngine.sctp.enableZeroChecksum,
+		LoggerFactory:        r.api.settingEngine.LoggerFactory,
+	})
+	if err != nil {
+		return err
+	}
+
+	r.lock.Lock()
+	r.sctpAssociation = sctpAssociation
+	r.state = SCTPTransportStateConnected
+	dataChannels := append([]*DataChannel{}, r.dataChannels...)
+	r.lock.Unlock()
+
+	var openedDCCount uint32
+	for _, d := range dataChannels {
+		if d.ReadyState() == DataChannelStateConnecting {
+			err := d.open(r)
+			if err != nil {
+				r.log.Warnf("failed to open data channel: %s", err)
+				continue
+			}
+			openedDCCount++
+		}
+	}
+
+	r.lock.Lock()
+	r.dataChannelsOpened += openedDCCount
+	r.lock.Unlock()
+
+	go r.acceptDataChannels(sctpAssociation)
+
+	return nil
+}
+
+// Stop stops the SCTPTransport
+func (r *SCTPTransport) Stop() error {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+	if r.sctpAssociation == nil {
+		return nil
+	}
+	err := r.sctpAssociation.Close()
+	if err != nil {
+		return err
+	}
+
+	r.sctpAssociation = nil
+	r.state = SCTPTransportStateClosed
+
+	return nil
+}
+
+func (r *SCTPTransport) acceptDataChannels(a *sctp.Association) {
+	r.lock.RLock()
+	dataChannels := make([]*datachannel.DataChannel, 0, len(r.dataChannels))
+	for _, dc := range r.dataChannels {
+		dc.mu.Lock()
+		isNil := dc.dataChannel == nil
+		dc.mu.Unlock()
+		if isNil {
+			continue
+		}
+		dataChannels = append(dataChannels, dc.dataChannel)
+	}
+	r.lock.RUnlock()
+
+ACCEPT:
+	for {
+		dc, err := datachannel.Accept(a, &datachannel.Config{
+			LoggerFactory: r.api.settingEngine.LoggerFactory,
+		}, dataChannels...)
+		if err != nil {
+			if !errors.Is(err, io.EOF) {
+				r.log.Errorf("Failed to accept data channel: %v", err)
+				r.onError(err)
+				r.onClose(err)
+			} else {
+				r.onClose(nil)
+			}
+			return
+		}
+		for _, ch := range dataChannels {
+			if ch.StreamIdentifier() == dc.StreamIdentifier() {
+				continue ACCEPT
+			}
+		}
+
+		var (
+			maxRetransmits    *uint16
+			maxPacketLifeTime *uint16
+		)
+		val := uint16(dc.Config.ReliabilityParameter)
+		ordered := true
+
+		switch dc.Config.ChannelType {
+		case datachannel.ChannelTypeReliable:
+			ordered = true
+		case datachannel.ChannelTypeReliableUnordered:
+			ordered = false
+		case datachannel.ChannelTypePartialReliableRexmit:
+			ordered = true
+			maxRetransmits = &val
+		case datachannel.ChannelTypePartialReliableRexmitUnordered:
+			ordered = false
+			maxRetransmits = &val
+		case datachannel.ChannelTypePartialReliableTimed:
+			ordered = true
+			maxPacketLifeTime = &val
+		case datachannel.ChannelTypePartialReliableTimedUnordered:
+			ordered = false
+			maxPacketLifeTime = &val
+		default:
+		}
+
+		sid := dc.StreamIdentifier()
+		rtcDC, err := r.api.newDataChannel(&DataChannelParameters{
+			ID:                &sid,
+			Label:             dc.Config.Label,
+			Protocol:          dc.Config.Protocol,
+			Negotiated:        dc.Config.Negotiated,
+			Ordered:           ordered,
+			MaxPacketLifeTime: maxPacketLifeTime,
+			MaxRetransmits:    maxRetransmits,
+		}, r, r.api.settingEngine.LoggerFactory.NewLogger("ortc"))
+		if err != nil {
+			// This data channel is invalid. Close it and log an error.
+			if err1 := dc.Close(); err1 != nil {
+				r.log.Errorf("Failed to close invalid data channel: %v", err1)
+			}
+			r.log.Errorf("Failed to accept data channel: %v", err)
+			r.onError(err)
+			// We've received a datachannel with invalid configuration. We can still receive other datachannels.
+			continue ACCEPT
+		}
+
+		<-r.onDataChannel(rtcDC)
+		rtcDC.handleOpen(dc, true, dc.Config.Negotiated)
+
+		r.lock.Lock()
+		r.dataChannelsOpened++
+		handler := r.onDataChannelOpenedHandler
+		r.lock.Unlock()
+
+		if handler != nil {
+			handler(rtcDC)
+		}
+	}
+}
+
+// OnError sets an event handler which is invoked when the SCTP Association errors.
+func (r *SCTPTransport) OnError(f func(err error)) {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+	r.onErrorHandler = f
+}
+
+func (r *SCTPTransport) onError(err error) {
+	r.lock.RLock()
+	handler := r.onErrorHandler
+	r.lock.RUnlock()
+
+	if handler != nil {
+		go handler(err)
+	}
+}
+
+// OnClose sets an event handler which is invoked when the SCTP Association closes.
+func (r *SCTPTransport) OnClose(f func(err error)) {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+	r.onCloseHandler = f
+}
+
+func (r *SCTPTransport) onClose(err error) {
+	r.lock.RLock()
+	handler := r.onCloseHandler
+	r.lock.RUnlock()
+
+	if handler != nil {
+		go handler(err)
+	}
+}
+
+// OnDataChannel sets an event handler which is invoked when a data
+// channel message arrives from a remote peer.
+func (r *SCTPTransport) OnDataChannel(f func(*DataChannel)) {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+	r.onDataChannelHandler = f
+}
+
+// OnDataChannelOpened sets an event handler which is invoked when a data
+// channel is opened
+func (r *SCTPTransport) OnDataChannelOpened(f func(*DataChannel)) {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+	r.onDataChannelOpenedHandler = f
+}
+
+func (r *SCTPTransport) onDataChannel(dc *DataChannel) (done chan struct{}) {
+	r.lock.Lock()
+	r.dataChannels = append(r.dataChannels, dc)
+	r.dataChannelsAccepted++
+	handler := r.onDataChannelHandler
+	r.lock.Unlock()
+
+	done = make(chan struct{})
+	if handler == nil || dc == nil {
+		close(done)
+		return
+	}
+
+	// Run this synchronously to allow setup done in onDataChannelFn()
+	// to complete before datachannel event handlers might be called.
+	go func() {
+		handler(dc)
+		close(done)
+	}()
+
+	return
+}
+
+func (r *SCTPTransport) updateMessageSize() {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+
+	var remoteMaxMessageSize float64 = 65536 // pion/webrtc#758
+	var canSendSize float64 = 65536          // pion/webrtc#758
+
+	r.maxMessageSize = r.calcMessageSize(remoteMaxMessageSize, canSendSize)
+}
+
+func (r *SCTPTransport) calcMessageSize(remoteMaxMessageSize, canSendSize float64) float64 {
+	switch {
+	case remoteMaxMessageSize == 0 &&
+		canSendSize == 0:
+		return math.Inf(1)
+
+	case remoteMaxMessageSize == 0:
+		return canSendSize
+
+	case canSendSize == 0:
+		return remoteMaxMessageSize
+
+	case canSendSize > remoteMaxMessageSize:
+		return remoteMaxMessageSize
+
+	default:
+		return canSendSize
+	}
+}
+
+func (r *SCTPTransport) updateMaxChannels() {
+	val := sctpMaxChannels
+	r.maxChannels = &val
+}
+
+// MaxChannels is the maximum number of RTCDataChannels that can be open simultaneously.
+func (r *SCTPTransport) MaxChannels() uint16 {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+
+	if r.maxChannels == nil {
+		return sctpMaxChannels
+	}
+
+	return *r.maxChannels
+}
+
+// State returns the current state of the SCTPTransport
+func (r *SCTPTransport) State() SCTPTransportState {
+	r.lock.RLock()
+	defer r.lock.RUnlock()
+	return r.state
+}
+
+func (r *SCTPTransport) collectStats(collector *statsReportCollector) {
+	collector.Collecting()
+
+	stats := SCTPTransportStats{
+		Timestamp: statsTimestampFrom(time.Now()),
+		Type:      StatsTypeSCTPTransport,
+		ID:        "sctpTransport",
+	}
+
+	association := r.association()
+	if association != nil {
+		stats.BytesSent = association.BytesSent()
+		stats.BytesReceived = association.BytesReceived()
+		stats.SmoothedRoundTripTime = association.SRTT() * 0.001 // convert milliseconds to seconds
+		stats.CongestionWindow = association.CWND()
+		stats.ReceiverWindow = association.RWND()
+		stats.MTU = association.MTU()
+	}
+
+	collector.Collect(stats.ID, stats)
+}
+
+func (r *SCTPTransport) generateAndSetDataChannelID(dtlsRole DTLSRole, idOut **uint16) error {
+	var id uint16
+	if dtlsRole != DTLSRoleClient {
+		id++
+	}
+
+	max := r.MaxChannels()
+
+	r.lock.Lock()
+	defer r.lock.Unlock()
+
+	// Create map of ids so we can compare without double-looping each time.
+	idsMap := make(map[uint16]struct{}, len(r.dataChannels))
+	for _, dc := range r.dataChannels {
+		if dc.ID() == nil {
+			continue
+		}
+
+		idsMap[*dc.ID()] = struct{}{}
+	}
+
+	for ; id < max-1; id += 2 {
+		if _, ok := idsMap[id]; ok {
+			continue
+		}
+		*idOut = &id
+		return nil
+	}
+
+	return &rtcerr.OperationError{Err: ErrMaxDataChannelID}
+}
+
+func (r *SCTPTransport) association() *sctp.Association {
+	if r == nil {
+		return nil
+	}
+	r.lock.RLock()
+	association := r.sctpAssociation
+	r.lock.RUnlock()
+	return association
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/sctptransport_js.go b/server/vendor/github.com/pion/webrtc/v3/sctptransport_js.go
new file mode 100644
index 0000000..7ab6c39
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/sctptransport_js.go
@@ -0,0 +1,27 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+import "syscall/js"
+
+// SCTPTransport provides details about the SCTP transport.
+type SCTPTransport struct {
+	// Pointer to the underlying JavaScript SCTPTransport object.
+	underlying js.Value
+}
+
+// Transport returns the DTLSTransport instance the SCTPTransport is sending over.
+func (r *SCTPTransport) Transport() *DTLSTransport {
+	underlying := r.underlying.Get("transport")
+	if underlying.IsNull() || underlying.IsUndefined() {
+		return nil
+	}
+
+	return &DTLSTransport{
+		underlying: underlying,
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/sctptransportstate.go b/server/vendor/github.com/pion/webrtc/v3/sctptransportstate.go
new file mode 100644
index 0000000..5dd51d6
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/sctptransportstate.go
@@ -0,0 +1,57 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+// SCTPTransportState indicates the state of the SCTP transport.
+type SCTPTransportState int
+
+const (
+	// SCTPTransportStateConnecting indicates the SCTPTransport is in the
+	// process of negotiating an association. This is the initial state of the
+	// SCTPTransportState when an SCTPTransport is created.
+	SCTPTransportStateConnecting SCTPTransportState = iota + 1
+
+	// SCTPTransportStateConnected indicates the negotiation of an
+	// association is completed.
+	SCTPTransportStateConnected
+
+	// SCTPTransportStateClosed indicates a SHUTDOWN or ABORT chunk is
+	// received or when the SCTP association has been closed intentionally,
+	// such as by closing the peer connection or applying a remote description
+	// that rejects data or changes the SCTP port.
+	SCTPTransportStateClosed
+)
+
+// This is done this way because of a linter.
+const (
+	sctpTransportStateConnectingStr = "connecting"
+	sctpTransportStateConnectedStr  = "connected"
+	sctpTransportStateClosedStr     = "closed"
+)
+
+func newSCTPTransportState(raw string) SCTPTransportState {
+	switch raw {
+	case sctpTransportStateConnectingStr:
+		return SCTPTransportStateConnecting
+	case sctpTransportStateConnectedStr:
+		return SCTPTransportStateConnected
+	case sctpTransportStateClosedStr:
+		return SCTPTransportStateClosed
+	default:
+		return SCTPTransportState(Unknown)
+	}
+}
+
+func (s SCTPTransportState) String() string {
+	switch s {
+	case SCTPTransportStateConnecting:
+		return sctpTransportStateConnectingStr
+	case SCTPTransportStateConnected:
+		return sctpTransportStateConnectedStr
+	case SCTPTransportStateClosed:
+		return sctpTransportStateClosedStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/sdp.go b/server/vendor/github.com/pion/webrtc/v3/sdp.go
new file mode 100644
index 0000000..18f05e8
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/sdp.go
@@ -0,0 +1,925 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"errors"
+	"fmt"
+	"net/url"
+	"regexp"
+	"strconv"
+	"strings"
+	"sync/atomic"
+
+	"github.com/pion/ice/v2"
+	"github.com/pion/logging"
+	"github.com/pion/sdp/v3"
+)
+
+// trackDetails represents any media source that can be represented in a SDP
+// This isn't keyed by SSRC because it also needs to support rid based sources
+type trackDetails struct {
+	mid        string
+	kind       RTPCodecType
+	streamID   string
+	id         string
+	ssrcs      []SSRC
+	repairSsrc *SSRC
+	rids       []string
+}
+
+func trackDetailsForSSRC(trackDetails []trackDetails, ssrc SSRC) *trackDetails {
+	for i := range trackDetails {
+		for j := range trackDetails[i].ssrcs {
+			if trackDetails[i].ssrcs[j] == ssrc {
+				return &trackDetails[i]
+			}
+		}
+	}
+	return nil
+}
+
+func trackDetailsForRID(trackDetails []trackDetails, mid, rid string) *trackDetails {
+	for i := range trackDetails {
+		if trackDetails[i].mid != mid {
+			continue
+		}
+
+		for j := range trackDetails[i].rids {
+			if trackDetails[i].rids[j] == rid {
+				return &trackDetails[i]
+			}
+		}
+	}
+	return nil
+}
+
+func filterTrackWithSSRC(incomingTracks []trackDetails, ssrc SSRC) []trackDetails {
+	filtered := []trackDetails{}
+	doesTrackHaveSSRC := func(t trackDetails) bool {
+		for i := range t.ssrcs {
+			if t.ssrcs[i] == ssrc {
+				return true
+			}
+		}
+
+		return false
+	}
+
+	for i := range incomingTracks {
+		if !doesTrackHaveSSRC(incomingTracks[i]) {
+			filtered = append(filtered, incomingTracks[i])
+		}
+	}
+
+	return filtered
+}
+
+// extract all trackDetails from an SDP.
+func trackDetailsFromSDP(log logging.LeveledLogger, s *sdp.SessionDescription) (incomingTracks []trackDetails) { // nolint:gocognit
+	for _, media := range s.MediaDescriptions {
+		tracksInMediaSection := []trackDetails{}
+		rtxRepairFlows := map[uint64]uint64{}
+
+		// Plan B can have multiple tracks in a signle media section
+		streamID := ""
+		trackID := ""
+
+		// If media section is recvonly or inactive skip
+		if _, ok := media.Attribute(sdp.AttrKeyRecvOnly); ok {
+			continue
+		} else if _, ok := media.Attribute(sdp.AttrKeyInactive); ok {
+			continue
+		}
+
+		midValue := getMidValue(media)
+		if midValue == "" {
+			continue
+		}
+
+		codecType := NewRTPCodecType(media.MediaName.Media)
+		if codecType == 0 {
+			continue
+		}
+
+		for _, attr := range media.Attributes {
+			switch attr.Key {
+			case sdp.AttrKeySSRCGroup:
+				split := strings.Split(attr.Value, " ")
+				if split[0] == sdp.SemanticTokenFlowIdentification {
+					// Add rtx ssrcs to blacklist, to avoid adding them as tracks
+					// Essentially lines like `a=ssrc-group:FID 2231627014 632943048` are processed by this section
+					// as this declares that the second SSRC (632943048) is a rtx repair flow (RFC4588) for the first
+					// (2231627014) as specified in RFC5576
+					if len(split) == 3 {
+						baseSsrc, err := strconv.ParseUint(split[1], 10, 32)
+						if err != nil {
+							log.Warnf("Failed to parse SSRC: %v", err)
+							continue
+						}
+						rtxRepairFlow, err := strconv.ParseUint(split[2], 10, 32)
+						if err != nil {
+							log.Warnf("Failed to parse SSRC: %v", err)
+							continue
+						}
+						rtxRepairFlows[rtxRepairFlow] = baseSsrc
+						tracksInMediaSection = filterTrackWithSSRC(tracksInMediaSection, SSRC(rtxRepairFlow)) // Remove if rtx was added as track before
+						for i := range tracksInMediaSection {
+							if tracksInMediaSection[i].ssrcs[0] == SSRC(baseSsrc) {
+								repairSsrc := SSRC(rtxRepairFlow)
+								tracksInMediaSection[i].repairSsrc = &repairSsrc
+							}
+						}
+					}
+				}
+
+			// Handle `a=msid:<stream_id> <track_label>` for Unified plan. The first value is the same as MediaStream.id
+			// in the browser and can be used to figure out which tracks belong to the same stream. The browser should
+			// figure this out automatically when an ontrack event is emitted on RTCPeerConnection.
+			case sdp.AttrKeyMsid:
+				split := strings.Split(attr.Value, " ")
+				if len(split) == 2 {
+					streamID = split[0]
+					trackID = split[1]
+				}
+
+			case sdp.AttrKeySSRC:
+				split := strings.Split(attr.Value, " ")
+				ssrc, err := strconv.ParseUint(split[0], 10, 32)
+				if err != nil {
+					log.Warnf("Failed to parse SSRC: %v", err)
+					continue
+				}
+
+				if _, ok := rtxRepairFlows[ssrc]; ok {
+					continue // This ssrc is a RTX repair flow, ignore
+				}
+
+				if len(split) == 3 && strings.HasPrefix(split[1], "msid:") {
+					streamID = split[1][len("msid:"):]
+					trackID = split[2]
+				}
+
+				isNewTrack := true
+				trackDetails := &trackDetails{}
+				for i := range tracksInMediaSection {
+					for j := range tracksInMediaSection[i].ssrcs {
+						if tracksInMediaSection[i].ssrcs[j] == SSRC(ssrc) {
+							trackDetails = &tracksInMediaSection[i]
+							isNewTrack = false
+						}
+					}
+				}
+
+				trackDetails.mid = midValue
+				trackDetails.kind = codecType
+				trackDetails.streamID = streamID
+				trackDetails.id = trackID
+				trackDetails.ssrcs = []SSRC{SSRC(ssrc)}
+
+				for r, baseSsrc := range rtxRepairFlows {
+					if baseSsrc == ssrc {
+						repairSsrc := SSRC(r)
+						trackDetails.repairSsrc = &repairSsrc
+					}
+				}
+
+				if isNewTrack {
+					tracksInMediaSection = append(tracksInMediaSection, *trackDetails)
+				}
+			}
+		}
+
+		if rids := getRids(media); len(rids) != 0 && trackID != "" && streamID != "" {
+			simulcastTrack := trackDetails{
+				mid:      midValue,
+				kind:     codecType,
+				streamID: streamID,
+				id:       trackID,
+				rids:     []string{},
+			}
+			for _, rid := range rids {
+				simulcastTrack.rids = append(simulcastTrack.rids, rid.id)
+			}
+
+			tracksInMediaSection = []trackDetails{simulcastTrack}
+		}
+
+		incomingTracks = append(incomingTracks, tracksInMediaSection...)
+	}
+
+	return incomingTracks
+}
+
+func trackDetailsToRTPReceiveParameters(t *trackDetails) RTPReceiveParameters {
+	encodingSize := len(t.ssrcs)
+	if len(t.rids) >= encodingSize {
+		encodingSize = len(t.rids)
+	}
+
+	encodings := make([]RTPDecodingParameters, encodingSize)
+	for i := range encodings {
+		if len(t.rids) > i {
+			encodings[i].RID = t.rids[i]
+		}
+		if len(t.ssrcs) > i {
+			encodings[i].SSRC = t.ssrcs[i]
+		}
+
+		if t.repairSsrc != nil {
+			encodings[i].RTX.SSRC = *t.repairSsrc
+		}
+	}
+
+	return RTPReceiveParameters{Encodings: encodings}
+}
+
+func getRids(media *sdp.MediaDescription) []*simulcastRid {
+	rids := []*simulcastRid{}
+	var simulcastAttr string
+	for _, attr := range media.Attributes {
+		if attr.Key == sdpAttributeRid {
+			split := strings.Split(attr.Value, " ")
+			rids = append(rids, &simulcastRid{id: split[0], attrValue: attr.Value})
+		} else if attr.Key == sdpAttributeSimulcast {
+			simulcastAttr = attr.Value
+		}
+	}
+	// process paused stream like "a=simulcast:send 1;~2;~3"
+	if simulcastAttr != "" {
+		if space := strings.Index(simulcastAttr, " "); space > 0 {
+			simulcastAttr = simulcastAttr[space+1:]
+		}
+		ridStates := strings.Split(simulcastAttr, ";")
+		for _, ridState := range ridStates {
+			if ridState[:1] == "~" {
+				ridID := ridState[1:]
+				for _, rid := range rids {
+					if rid.id == ridID {
+						rid.paused = true
+						break
+					}
+				}
+			}
+		}
+	}
+	return rids
+}
+
+func addCandidatesToMediaDescriptions(candidates []ICECandidate, m *sdp.MediaDescription, iceGatheringState ICEGatheringState) error {
+	appendCandidateIfNew := func(c ice.Candidate, attributes []sdp.Attribute) {
+		marshaled := c.Marshal()
+		for _, a := range attributes {
+			if marshaled == a.Value {
+				return
+			}
+		}
+
+		m.WithValueAttribute("candidate", marshaled)
+	}
+
+	for _, c := range candidates {
+		candidate, err := c.toICE()
+		if err != nil {
+			return err
+		}
+
+		candidate.SetComponent(1)
+		appendCandidateIfNew(candidate, m.Attributes)
+
+		candidate.SetComponent(2)
+		appendCandidateIfNew(candidate, m.Attributes)
+	}
+
+	if iceGatheringState != ICEGatheringStateComplete {
+		return nil
+	}
+	for _, a := range m.Attributes {
+		if a.Key == "end-of-candidates" {
+			return nil
+		}
+	}
+
+	m.WithPropertyAttribute("end-of-candidates")
+	return nil
+}
+
+func addDataMediaSection(d *sdp.SessionDescription, shouldAddCandidates bool, dtlsFingerprints []DTLSFingerprint, midValue string, iceParams ICEParameters, candidates []ICECandidate, dtlsRole sdp.ConnectionRole, iceGatheringState ICEGatheringState) error {
+	media := (&sdp.MediaDescription{
+		MediaName: sdp.MediaName{
+			Media:   mediaSectionApplication,
+			Port:    sdp.RangedPort{Value: 9},
+			Protos:  []string{"UDP", "DTLS", "SCTP"},
+			Formats: []string{"webrtc-datachannel"},
+		},
+		ConnectionInformation: &sdp.ConnectionInformation{
+			NetworkType: "IN",
+			AddressType: "IP4",
+			Address: &sdp.Address{
+				Address: "0.0.0.0",
+			},
+		},
+	}).
+		WithValueAttribute(sdp.AttrKeyConnectionSetup, dtlsRole.String()).
+		WithValueAttribute(sdp.AttrKeyMID, midValue).
+		WithPropertyAttribute(RTPTransceiverDirectionSendrecv.String()).
+		WithPropertyAttribute("sctp-port:5000").
+		WithICECredentials(iceParams.UsernameFragment, iceParams.Password)
+
+	for _, f := range dtlsFingerprints {
+		media = media.WithFingerprint(f.Algorithm, strings.ToUpper(f.Value))
+	}
+
+	if shouldAddCandidates {
+		if err := addCandidatesToMediaDescriptions(candidates, media, iceGatheringState); err != nil {
+			return err
+		}
+	}
+
+	d.WithMedia(media)
+	return nil
+}
+
+func populateLocalCandidates(sessionDescription *SessionDescription, i *ICEGatherer, iceGatheringState ICEGatheringState) *SessionDescription {
+	if sessionDescription == nil || i == nil {
+		return sessionDescription
+	}
+
+	candidates, err := i.GetLocalCandidates()
+	if err != nil {
+		return sessionDescription
+	}
+
+	parsed := sessionDescription.parsed
+	if len(parsed.MediaDescriptions) > 0 {
+		m := parsed.MediaDescriptions[0]
+		if err = addCandidatesToMediaDescriptions(candidates, m, iceGatheringState); err != nil {
+			return sessionDescription
+		}
+	}
+
+	sdp, err := parsed.Marshal()
+	if err != nil {
+		return sessionDescription
+	}
+
+	return &SessionDescription{
+		SDP:    string(sdp),
+		Type:   sessionDescription.Type,
+		parsed: parsed,
+	}
+}
+
+func addSenderSDP(
+	mediaSection mediaSection,
+	isPlanB bool,
+	media *sdp.MediaDescription,
+) {
+	for _, mt := range mediaSection.transceivers {
+		sender := mt.Sender()
+		if sender == nil {
+			continue
+		}
+
+		track := sender.Track()
+		if track == nil {
+			continue
+		}
+
+		sendParameters := sender.GetParameters()
+		for _, encoding := range sendParameters.Encodings {
+			media = media.WithMediaSource(uint32(encoding.SSRC), track.StreamID() /* cname */, track.StreamID() /* streamLabel */, track.ID())
+			if !isPlanB {
+				media = media.WithPropertyAttribute("msid:" + track.StreamID() + " " + track.ID())
+			}
+		}
+
+		if len(sendParameters.Encodings) > 1 {
+			sendRids := make([]string, 0, len(sendParameters.Encodings))
+
+			for _, encoding := range sendParameters.Encodings {
+				media.WithValueAttribute(sdpAttributeRid, encoding.RID+" send")
+				sendRids = append(sendRids, encoding.RID)
+			}
+			// Simulcast
+			media.WithValueAttribute(sdpAttributeSimulcast, "send "+strings.Join(sendRids, ";"))
+		}
+
+		if !isPlanB {
+			break
+		}
+	}
+}
+
+func addTransceiverSDP(
+	d *sdp.SessionDescription,
+	isPlanB bool,
+	shouldAddCandidates bool,
+	dtlsFingerprints []DTLSFingerprint,
+	mediaEngine *MediaEngine,
+	midValue string,
+	iceParams ICEParameters,
+	candidates []ICECandidate,
+	dtlsRole sdp.ConnectionRole,
+	iceGatheringState ICEGatheringState,
+	mediaSection mediaSection,
+) (bool, error) {
+	transceivers := mediaSection.transceivers
+	if len(transceivers) < 1 {
+		return false, errSDPZeroTransceivers
+	}
+	// Use the first transceiver to generate the section attributes
+	t := transceivers[0]
+	media := sdp.NewJSEPMediaDescription(t.kind.String(), []string{}).
+		WithValueAttribute(sdp.AttrKeyConnectionSetup, dtlsRole.String()).
+		WithValueAttribute(sdp.AttrKeyMID, midValue).
+		WithICECredentials(iceParams.UsernameFragment, iceParams.Password).
+		WithPropertyAttribute(sdp.AttrKeyRTCPMux).
+		WithPropertyAttribute(sdp.AttrKeyRTCPRsize)
+
+	codecs := t.getCodecs()
+	for _, codec := range codecs {
+		name := strings.TrimPrefix(codec.MimeType, "audio/")
+		name = strings.TrimPrefix(name, "video/")
+		media.WithCodec(uint8(codec.PayloadType), name, codec.ClockRate, codec.Channels, codec.SDPFmtpLine)
+
+		for _, feedback := range codec.RTPCodecCapability.RTCPFeedback {
+			media.WithValueAttribute("rtcp-fb", fmt.Sprintf("%d %s %s", codec.PayloadType, feedback.Type, feedback.Parameter))
+		}
+	}
+	if len(codecs) == 0 {
+		// If we are sender and we have no codecs throw an error early
+		if t.Sender() != nil {
+			return false, ErrSenderWithNoCodecs
+		}
+
+		// Explicitly reject track if we don't have the codec
+		// We need to include connection information even if we're rejecting a track, otherwise Firefox will fail to
+		// parse the SDP with an error like:
+		// SIPCC Failed to parse SDP: SDP Parse Error on line 50:  c= connection line not specified for every media level, validation failed.
+		// In addition this makes our SDP compliant with RFC 4566 Section 5.7: https://datatracker.ietf.org/doc/html/rfc4566#section-5.7
+		d.WithMedia(&sdp.MediaDescription{
+			MediaName: sdp.MediaName{
+				Media:   t.kind.String(),
+				Port:    sdp.RangedPort{Value: 0},
+				Protos:  []string{"UDP", "TLS", "RTP", "SAVPF"},
+				Formats: []string{"0"},
+			},
+			ConnectionInformation: &sdp.ConnectionInformation{
+				NetworkType: "IN",
+				AddressType: "IP4",
+				Address: &sdp.Address{
+					Address: "0.0.0.0",
+				},
+			},
+		})
+		return false, nil
+	}
+
+	directions := []RTPTransceiverDirection{}
+	if t.Sender() != nil {
+		directions = append(directions, RTPTransceiverDirectionSendonly)
+	}
+	if t.Receiver() != nil {
+		directions = append(directions, RTPTransceiverDirectionRecvonly)
+	}
+
+	parameters := mediaEngine.getRTPParametersByKind(t.kind, directions)
+	for _, rtpExtension := range parameters.HeaderExtensions {
+		if mediaSection.matchExtensions != nil {
+			if _, enabled := mediaSection.matchExtensions[rtpExtension.URI]; !enabled {
+				continue
+			}
+		}
+		extURL, err := url.Parse(rtpExtension.URI)
+		if err != nil {
+			return false, err
+		}
+		media.WithExtMap(sdp.ExtMap{Value: rtpExtension.ID, URI: extURL})
+	}
+
+	if len(mediaSection.rids) > 0 {
+		recvRids := make([]string, 0, len(mediaSection.rids))
+
+		for _, rid := range mediaSection.rids {
+			ridID := rid.id
+			media.WithValueAttribute(sdpAttributeRid, ridID+" recv")
+			if rid.paused {
+				ridID = "~" + ridID
+			}
+			recvRids = append(recvRids, ridID)
+		}
+		// Simulcast
+		media.WithValueAttribute(sdpAttributeSimulcast, "recv "+strings.Join(recvRids, ";"))
+	}
+
+	addSenderSDP(mediaSection, isPlanB, media)
+
+	media = media.WithPropertyAttribute(t.Direction().String())
+
+	for _, fingerprint := range dtlsFingerprints {
+		media = media.WithFingerprint(fingerprint.Algorithm, strings.ToUpper(fingerprint.Value))
+	}
+
+	if shouldAddCandidates {
+		if err := addCandidatesToMediaDescriptions(candidates, media, iceGatheringState); err != nil {
+			return false, err
+		}
+	}
+
+	d.WithMedia(media)
+
+	return true, nil
+}
+
+type simulcastRid struct {
+	id        string
+	attrValue string
+	paused    bool
+}
+
+type mediaSection struct {
+	id              string
+	transceivers    []*RTPTransceiver
+	data            bool
+	matchExtensions map[string]int
+	rids            []*simulcastRid
+}
+
+func bundleMatchFromRemote(matchBundleGroup *string) func(mid string) bool {
+	if matchBundleGroup == nil {
+		return func(midValue string) bool {
+			return true
+		}
+	}
+	bundleTags := strings.Split(*matchBundleGroup, " ")
+	return func(midValue string) bool {
+		for _, tag := range bundleTags {
+			if tag == midValue {
+				return true
+			}
+		}
+		return false
+	}
+}
+
+// populateSDP serializes a PeerConnections state into an SDP
+func populateSDP(
+	d *sdp.SessionDescription,
+	isPlanB bool,
+	dtlsFingerprints []DTLSFingerprint,
+	mediaDescriptionFingerprint bool,
+	isICELite bool,
+	isExtmapAllowMixed bool,
+	mediaEngine *MediaEngine,
+	connectionRole sdp.ConnectionRole,
+	candidates []ICECandidate,
+	iceParams ICEParameters,
+	mediaSections []mediaSection,
+	iceGatheringState ICEGatheringState,
+	matchBundleGroup *string,
+) (*sdp.SessionDescription, error) {
+	var err error
+	mediaDtlsFingerprints := []DTLSFingerprint{}
+
+	if mediaDescriptionFingerprint {
+		mediaDtlsFingerprints = dtlsFingerprints
+	}
+
+	bundleValue := "BUNDLE"
+	bundleCount := 0
+
+	bundleMatch := bundleMatchFromRemote(matchBundleGroup)
+	appendBundle := func(midValue string) {
+		bundleValue += " " + midValue
+		bundleCount++
+	}
+
+	for i, m := range mediaSections {
+		if m.data && len(m.transceivers) != 0 {
+			return nil, errSDPMediaSectionMediaDataChanInvalid
+		} else if !isPlanB && len(m.transceivers) > 1 {
+			return nil, errSDPMediaSectionMultipleTrackInvalid
+		}
+
+		shouldAddID := true
+		shouldAddCandidates := i == 0
+		if m.data {
+			if err = addDataMediaSection(d, shouldAddCandidates, mediaDtlsFingerprints, m.id, iceParams, candidates, connectionRole, iceGatheringState); err != nil {
+				return nil, err
+			}
+		} else {
+			shouldAddID, err = addTransceiverSDP(d, isPlanB, shouldAddCandidates, mediaDtlsFingerprints, mediaEngine, m.id, iceParams, candidates, connectionRole, iceGatheringState, m)
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		if shouldAddID {
+			if bundleMatch(m.id) {
+				appendBundle(m.id)
+			} else {
+				d.MediaDescriptions[len(d.MediaDescriptions)-1].MediaName.Port = sdp.RangedPort{Value: 0}
+			}
+		}
+	}
+
+	if !mediaDescriptionFingerprint {
+		for _, fingerprint := range dtlsFingerprints {
+			d.WithFingerprint(fingerprint.Algorithm, strings.ToUpper(fingerprint.Value))
+		}
+	}
+
+	if isICELite {
+		// RFC 5245 S15.3
+		d = d.WithValueAttribute(sdp.AttrKeyICELite, "")
+	}
+
+	if isExtmapAllowMixed {
+		d = d.WithPropertyAttribute(sdp.AttrKeyExtMapAllowMixed)
+	}
+
+	if bundleCount > 0 {
+		d = d.WithValueAttribute(sdp.AttrKeyGroup, bundleValue)
+	}
+	return d, nil
+}
+
+func getMidValue(media *sdp.MediaDescription) string {
+	for _, attr := range media.Attributes {
+		if attr.Key == "mid" {
+			return attr.Value
+		}
+	}
+	return ""
+}
+
+// SessionDescription contains a MediaSection with Multiple SSRCs, it is Plan-B
+func descriptionIsPlanB(desc *SessionDescription, log logging.LeveledLogger) bool {
+	if desc == nil || desc.parsed == nil {
+		return false
+	}
+
+	// Store all MIDs that already contain a track
+	midWithTrack := map[string]bool{}
+
+	for _, trackDetail := range trackDetailsFromSDP(log, desc.parsed) {
+		if _, ok := midWithTrack[trackDetail.mid]; ok {
+			return true
+		}
+		midWithTrack[trackDetail.mid] = true
+	}
+
+	return false
+}
+
+// SessionDescription contains a MediaSection with name `audio`, `video` or `data`
+// If only one SSRC is set we can't know if it is Plan-B or Unified. If users have
+// set fallback mode assume it is Plan-B
+func descriptionPossiblyPlanB(desc *SessionDescription) bool {
+	if desc == nil || desc.parsed == nil {
+		return false
+	}
+
+	detectionRegex := regexp.MustCompile(`(?i)^(audio|video|data)$`)
+	for _, media := range desc.parsed.MediaDescriptions {
+		if len(detectionRegex.FindStringSubmatch(getMidValue(media))) == 2 {
+			return true
+		}
+	}
+	return false
+}
+
+func getPeerDirection(media *sdp.MediaDescription) RTPTransceiverDirection {
+	for _, a := range media.Attributes {
+		if direction := NewRTPTransceiverDirection(a.Key); direction != RTPTransceiverDirection(Unknown) {
+			return direction
+		}
+	}
+	return RTPTransceiverDirection(Unknown)
+}
+
+func extractFingerprint(desc *sdp.SessionDescription) (string, string, error) {
+	fingerprints := []string{}
+
+	if fingerprint, haveFingerprint := desc.Attribute("fingerprint"); haveFingerprint {
+		fingerprints = append(fingerprints, fingerprint)
+	}
+
+	for _, m := range desc.MediaDescriptions {
+		if fingerprint, haveFingerprint := m.Attribute("fingerprint"); haveFingerprint {
+			fingerprints = append(fingerprints, fingerprint)
+		}
+	}
+
+	if len(fingerprints) < 1 {
+		return "", "", ErrSessionDescriptionNoFingerprint
+	}
+
+	for _, m := range fingerprints {
+		if m != fingerprints[0] {
+			return "", "", ErrSessionDescriptionConflictingFingerprints
+		}
+	}
+
+	parts := strings.Split(fingerprints[0], " ")
+	if len(parts) != 2 {
+		return "", "", ErrSessionDescriptionInvalidFingerprint
+	}
+	return parts[1], parts[0], nil
+}
+
+func extractICEDetails(desc *sdp.SessionDescription, log logging.LeveledLogger) (string, string, []ICECandidate, error) { // nolint:gocognit
+	candidates := []ICECandidate{}
+	remotePwds := []string{}
+	remoteUfrags := []string{}
+
+	if ufrag, haveUfrag := desc.Attribute("ice-ufrag"); haveUfrag {
+		remoteUfrags = append(remoteUfrags, ufrag)
+	}
+	if pwd, havePwd := desc.Attribute("ice-pwd"); havePwd {
+		remotePwds = append(remotePwds, pwd)
+	}
+
+	for _, m := range desc.MediaDescriptions {
+		if ufrag, haveUfrag := m.Attribute("ice-ufrag"); haveUfrag {
+			remoteUfrags = append(remoteUfrags, ufrag)
+		}
+		if pwd, havePwd := m.Attribute("ice-pwd"); havePwd {
+			remotePwds = append(remotePwds, pwd)
+		}
+
+		for _, a := range m.Attributes {
+			if a.IsICECandidate() {
+				c, err := ice.UnmarshalCandidate(a.Value)
+				if err != nil {
+					if errors.Is(err, ice.ErrUnknownCandidateTyp) || errors.Is(err, ice.ErrDetermineNetworkType) {
+						log.Warnf("Discarding remote candidate: %s", err)
+						continue
+					}
+					return "", "", nil, err
+				}
+
+				candidate, err := newICECandidateFromICE(c)
+				if err != nil {
+					return "", "", nil, err
+				}
+
+				candidates = append(candidates, candidate)
+			}
+		}
+	}
+
+	if len(remoteUfrags) == 0 {
+		return "", "", nil, ErrSessionDescriptionMissingIceUfrag
+	} else if len(remotePwds) == 0 {
+		return "", "", nil, ErrSessionDescriptionMissingIcePwd
+	}
+
+	for _, m := range remoteUfrags {
+		if m != remoteUfrags[0] {
+			return "", "", nil, ErrSessionDescriptionConflictingIceUfrag
+		}
+	}
+
+	for _, m := range remotePwds {
+		if m != remotePwds[0] {
+			return "", "", nil, ErrSessionDescriptionConflictingIcePwd
+		}
+	}
+
+	return remoteUfrags[0], remotePwds[0], candidates, nil
+}
+
+func haveApplicationMediaSection(desc *sdp.SessionDescription) bool {
+	for _, m := range desc.MediaDescriptions {
+		if m.MediaName.Media == mediaSectionApplication {
+			return true
+		}
+	}
+
+	return false
+}
+
+func getByMid(searchMid string, desc *SessionDescription) *sdp.MediaDescription {
+	for _, m := range desc.parsed.MediaDescriptions {
+		if mid, ok := m.Attribute(sdp.AttrKeyMID); ok && mid == searchMid {
+			return m
+		}
+	}
+	return nil
+}
+
+// haveDataChannel return MediaDescription with MediaName equal application
+func haveDataChannel(desc *SessionDescription) *sdp.MediaDescription {
+	for _, d := range desc.parsed.MediaDescriptions {
+		if d.MediaName.Media == mediaSectionApplication {
+			return d
+		}
+	}
+	return nil
+}
+
+func codecsFromMediaDescription(m *sdp.MediaDescription) (out []RTPCodecParameters, err error) {
+	s := &sdp.SessionDescription{
+		MediaDescriptions: []*sdp.MediaDescription{m},
+	}
+
+	for _, payloadStr := range m.MediaName.Formats {
+		payloadType, err := strconv.ParseUint(payloadStr, 10, 8)
+		if err != nil {
+			return nil, err
+		}
+
+		codec, err := s.GetCodecForPayloadType(uint8(payloadType))
+		if err != nil {
+			if payloadType == 0 {
+				continue
+			}
+			return nil, err
+		}
+
+		channels := uint16(0)
+		val, err := strconv.ParseUint(codec.EncodingParameters, 10, 16)
+		if err == nil {
+			channels = uint16(val)
+		}
+
+		feedback := []RTCPFeedback{}
+		for _, raw := range codec.RTCPFeedback {
+			split := strings.Split(raw, " ")
+			entry := RTCPFeedback{Type: split[0]}
+			if len(split) == 2 {
+				entry.Parameter = split[1]
+			}
+
+			feedback = append(feedback, entry)
+		}
+
+		out = append(out, RTPCodecParameters{
+			RTPCodecCapability: RTPCodecCapability{m.MediaName.Media + "/" + codec.Name, codec.ClockRate, channels, codec.Fmtp, feedback},
+			PayloadType:        PayloadType(payloadType),
+		})
+	}
+
+	return out, nil
+}
+
+func rtpExtensionsFromMediaDescription(m *sdp.MediaDescription) (map[string]int, error) {
+	out := map[string]int{}
+
+	for _, a := range m.Attributes {
+		if a.Key == sdp.AttrKeyExtMap {
+			e := sdp.ExtMap{}
+			if err := e.Unmarshal(a.String()); err != nil {
+				return nil, err
+			}
+
+			out[e.URI.String()] = e.Value
+		}
+	}
+
+	return out, nil
+}
+
+// updateSDPOrigin saves sdp.Origin in PeerConnection when creating 1st local SDP;
+// for subsequent calling, it updates Origin for SessionDescription from saved one
+// and increments session version by one.
+// https://tools.ietf.org/html/draft-ietf-rtcweb-jsep-25#section-5.2.2
+func updateSDPOrigin(origin *sdp.Origin, d *sdp.SessionDescription) {
+	if atomic.CompareAndSwapUint64(&origin.SessionVersion, 0, d.Origin.SessionVersion) { // store
+		atomic.StoreUint64(&origin.SessionID, d.Origin.SessionID)
+	} else { // load
+		for { // awaiting for saving session id
+			d.Origin.SessionID = atomic.LoadUint64(&origin.SessionID)
+			if d.Origin.SessionID != 0 {
+				break
+			}
+		}
+		d.Origin.SessionVersion = atomic.AddUint64(&origin.SessionVersion, 1)
+	}
+}
+
+func isIceLiteSet(desc *sdp.SessionDescription) bool {
+	for _, a := range desc.Attributes {
+		if strings.TrimSpace(a.Key) == sdp.AttrKeyICELite {
+			return true
+		}
+	}
+
+	return false
+}
+
+func isExtMapAllowMixedSet(desc *sdp.SessionDescription) bool {
+	for _, a := range desc.Attributes {
+		if strings.TrimSpace(a.Key) == sdp.AttrKeyExtMapAllowMixed {
+			return true
+		}
+	}
+
+	return false
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/sdpsemantics.go b/server/vendor/github.com/pion/webrtc/v3/sdpsemantics.go
new file mode 100644
index 0000000..6d63350
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/sdpsemantics.go
@@ -0,0 +1,77 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"encoding/json"
+)
+
+// SDPSemantics determines which style of SDP offers and answers
+// can be used
+type SDPSemantics int
+
+const (
+	// SDPSemanticsUnifiedPlan uses unified-plan offers and answers
+	// (the default in Chrome since M72)
+	// https://tools.ietf.org/html/draft-roach-mmusic-unified-plan-00
+	SDPSemanticsUnifiedPlan SDPSemantics = iota
+
+	// SDPSemanticsPlanB uses plan-b offers and answers
+	// NB: This format should be considered deprecated
+	// https://tools.ietf.org/html/draft-uberti-rtcweb-plan-00
+	SDPSemanticsPlanB
+
+	// SDPSemanticsUnifiedPlanWithFallback prefers unified-plan
+	// offers and answers, but will respond to a plan-b offer
+	// with a plan-b answer
+	SDPSemanticsUnifiedPlanWithFallback
+)
+
+const (
+	sdpSemanticsUnifiedPlanWithFallback = "unified-plan-with-fallback"
+	sdpSemanticsUnifiedPlan             = "unified-plan"
+	sdpSemanticsPlanB                   = "plan-b"
+)
+
+func newSDPSemantics(raw string) SDPSemantics {
+	switch raw {
+	case sdpSemanticsUnifiedPlan:
+		return SDPSemanticsUnifiedPlan
+	case sdpSemanticsPlanB:
+		return SDPSemanticsPlanB
+	case sdpSemanticsUnifiedPlanWithFallback:
+		return SDPSemanticsUnifiedPlanWithFallback
+	default:
+		return SDPSemantics(Unknown)
+	}
+}
+
+func (s SDPSemantics) String() string {
+	switch s {
+	case SDPSemanticsUnifiedPlanWithFallback:
+		return sdpSemanticsUnifiedPlanWithFallback
+	case SDPSemanticsUnifiedPlan:
+		return sdpSemanticsUnifiedPlan
+	case SDPSemanticsPlanB:
+		return sdpSemanticsPlanB
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// UnmarshalJSON parses the JSON-encoded data and stores the result
+func (s *SDPSemantics) UnmarshalJSON(b []byte) error {
+	var val string
+	if err := json.Unmarshal(b, &val); err != nil {
+		return err
+	}
+
+	*s = newSDPSemantics(val)
+	return nil
+}
+
+// MarshalJSON returns the JSON encoding
+func (s SDPSemantics) MarshalJSON() ([]byte, error) {
+	return json.Marshal(s.String())
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/sdptype.go b/server/vendor/github.com/pion/webrtc/v3/sdptype.go
new file mode 100644
index 0000000..0c6d1d4
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/sdptype.go
@@ -0,0 +1,103 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"encoding/json"
+	"strings"
+)
+
+// SDPType describes the type of an SessionDescription.
+type SDPType int
+
+const (
+	// SDPTypeOffer indicates that a description MUST be treated as an SDP
+	// offer.
+	SDPTypeOffer SDPType = iota + 1
+
+	// SDPTypePranswer indicates that a description MUST be treated as an
+	// SDP answer, but not a final answer. A description used as an SDP
+	// pranswer may be applied as a response to an SDP offer, or an update to
+	// a previously sent SDP pranswer.
+	SDPTypePranswer
+
+	// SDPTypeAnswer indicates that a description MUST be treated as an SDP
+	// final answer, and the offer-answer exchange MUST be considered complete.
+	// A description used as an SDP answer may be applied as a response to an
+	// SDP offer or as an update to a previously sent SDP pranswer.
+	SDPTypeAnswer
+
+	// SDPTypeRollback indicates that a description MUST be treated as
+	// canceling the current SDP negotiation and moving the SDP offer and
+	// answer back to what it was in the previous stable state. Note the
+	// local or remote SDP descriptions in the previous stable state could be
+	// null if there has not yet been a successful offer-answer negotiation.
+	SDPTypeRollback
+)
+
+// This is done this way because of a linter.
+const (
+	sdpTypeOfferStr    = "offer"
+	sdpTypePranswerStr = "pranswer"
+	sdpTypeAnswerStr   = "answer"
+	sdpTypeRollbackStr = "rollback"
+)
+
+// NewSDPType creates an SDPType from a string
+func NewSDPType(raw string) SDPType {
+	switch raw {
+	case sdpTypeOfferStr:
+		return SDPTypeOffer
+	case sdpTypePranswerStr:
+		return SDPTypePranswer
+	case sdpTypeAnswerStr:
+		return SDPTypeAnswer
+	case sdpTypeRollbackStr:
+		return SDPTypeRollback
+	default:
+		return SDPType(Unknown)
+	}
+}
+
+func (t SDPType) String() string {
+	switch t {
+	case SDPTypeOffer:
+		return sdpTypeOfferStr
+	case SDPTypePranswer:
+		return sdpTypePranswerStr
+	case SDPTypeAnswer:
+		return sdpTypeAnswerStr
+	case SDPTypeRollback:
+		return sdpTypeRollbackStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// MarshalJSON enables JSON marshaling of a SDPType
+func (t SDPType) MarshalJSON() ([]byte, error) {
+	return json.Marshal(t.String())
+}
+
+// UnmarshalJSON enables JSON unmarshaling of a SDPType
+func (t *SDPType) UnmarshalJSON(b []byte) error {
+	var s string
+	if err := json.Unmarshal(b, &s); err != nil {
+		return err
+	}
+	switch strings.ToLower(s) {
+	default:
+		return ErrUnknownType
+	case "offer":
+		*t = SDPTypeOffer
+	case "pranswer":
+		*t = SDPTypePranswer
+	case "answer":
+		*t = SDPTypeAnswer
+	case "rollback":
+		*t = SDPTypeRollback
+	}
+
+	return nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/sessiondescription.go b/server/vendor/github.com/pion/webrtc/v3/sessiondescription.go
new file mode 100644
index 0000000..91e22a9
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/sessiondescription.go
@@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"github.com/pion/sdp/v3"
+)
+
+// SessionDescription is used to expose local and remote session descriptions.
+type SessionDescription struct {
+	Type SDPType `json:"type"`
+	SDP  string  `json:"sdp"`
+
+	// This will never be initialized by callers, internal use only
+	parsed *sdp.SessionDescription
+}
+
+// Unmarshal is a helper to deserialize the sdp
+func (sd *SessionDescription) Unmarshal() (*sdp.SessionDescription, error) {
+	sd.parsed = &sdp.SessionDescription{}
+	err := sd.parsed.UnmarshalString(sd.SDP)
+	return sd.parsed, err
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/settingengine.go b/server/vendor/github.com/pion/webrtc/v3/settingengine.go
new file mode 100644
index 0000000..38dbe5b
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/settingengine.go
@@ -0,0 +1,455 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"context"
+	"crypto/x509"
+	"io"
+	"net"
+	"time"
+
+	"github.com/pion/dtls/v2"
+	dtlsElliptic "github.com/pion/dtls/v2/pkg/crypto/elliptic"
+	"github.com/pion/ice/v2"
+	"github.com/pion/logging"
+	"github.com/pion/stun"
+	"github.com/pion/transport/v2"
+	"github.com/pion/transport/v2/packetio"
+	"github.com/pion/transport/v2/vnet"
+	"golang.org/x/net/proxy"
+)
+
+// SettingEngine allows influencing behavior in ways that are not
+// supported by the WebRTC API. This allows us to support additional
+// use-cases without deviating from the WebRTC API elsewhere.
+type SettingEngine struct {
+	ephemeralUDP struct {
+		PortMin uint16
+		PortMax uint16
+	}
+	detach struct {
+		DataChannels bool
+	}
+	timeout struct {
+		ICEDisconnectedTimeout    *time.Duration
+		ICEFailedTimeout          *time.Duration
+		ICEKeepaliveInterval      *time.Duration
+		ICEHostAcceptanceMinWait  *time.Duration
+		ICESrflxAcceptanceMinWait *time.Duration
+		ICEPrflxAcceptanceMinWait *time.Duration
+		ICERelayAcceptanceMinWait *time.Duration
+	}
+	candidates struct {
+		ICELite                  bool
+		ICENetworkTypes          []NetworkType
+		InterfaceFilter          func(string) bool
+		IPFilter                 func(net.IP) bool
+		NAT1To1IPs               []string
+		NAT1To1IPCandidateType   ICECandidateType
+		MulticastDNSMode         ice.MulticastDNSMode
+		MulticastDNSHostName     string
+		UsernameFragment         string
+		Password                 string
+		IncludeLoopbackCandidate bool
+	}
+	replayProtection struct {
+		DTLS  *uint
+		SRTP  *uint
+		SRTCP *uint
+	}
+	dtls struct {
+		insecureSkipHelloVerify   bool
+		disableInsecureSkipVerify bool
+		retransmissionInterval    time.Duration
+		ellipticCurves            []dtlsElliptic.Curve
+		connectContextMaker       func() (context.Context, func())
+		extendedMasterSecret      dtls.ExtendedMasterSecretType
+		clientAuth                *dtls.ClientAuthType
+		clientCAs                 *x509.CertPool
+		rootCAs                   *x509.CertPool
+		keyLogWriter              io.Writer
+	}
+	sctp struct {
+		maxReceiveBufferSize uint32
+		enableZeroChecksum   bool
+	}
+	sdpMediaLevelFingerprints                 bool
+	answeringDTLSRole                         DTLSRole
+	disableCertificateFingerprintVerification bool
+	disableSRTPReplayProtection               bool
+	disableSRTCPReplayProtection              bool
+	net                                       transport.Net
+	BufferFactory                             func(packetType packetio.BufferPacketType, ssrc uint32) io.ReadWriteCloser
+	LoggerFactory                             logging.LoggerFactory
+	iceTCPMux                                 ice.TCPMux
+	iceUDPMux                                 ice.UDPMux
+	iceProxyDialer                            proxy.Dialer
+	iceDisableActiveTCP                       bool
+	iceBindingRequestHandler                  func(m *stun.Message, local, remote ice.Candidate, pair *ice.CandidatePair) bool
+	disableMediaEngineCopy                    bool
+	srtpProtectionProfiles                    []dtls.SRTPProtectionProfile
+	receiveMTU                                uint
+}
+
+// getReceiveMTU returns the configured MTU. If SettingEngine's MTU is configured to 0 it returns the default
+func (e *SettingEngine) getReceiveMTU() uint {
+	if e.receiveMTU != 0 {
+		return e.receiveMTU
+	}
+
+	return receiveMTU
+}
+
+// DetachDataChannels enables detaching data channels. When enabled
+// data channels have to be detached in the OnOpen callback using the
+// DataChannel.Detach method.
+func (e *SettingEngine) DetachDataChannels() {
+	e.detach.DataChannels = true
+}
+
+// SetSRTPProtectionProfiles allows the user to override the default SRTP Protection Profiles
+// The default srtp protection profiles are provided by the function `defaultSrtpProtectionProfiles`
+func (e *SettingEngine) SetSRTPProtectionProfiles(profiles ...dtls.SRTPProtectionProfile) {
+	e.srtpProtectionProfiles = profiles
+}
+
+// SetICETimeouts sets the behavior around ICE Timeouts
+//
+// disconnectedTimeout:
+//
+//	Duration without network activity before an Agent is considered disconnected. Default is 5 Seconds
+//
+// failedTimeout:
+//
+//	Duration without network activity before an Agent is considered failed after disconnected. Default is 25 Seconds
+//
+// keepAliveInterval:
+//
+//	How often the ICE Agent sends extra traffic if there is no activity, if media is flowing no traffic will be sent. Default is 2 seconds
+func (e *SettingEngine) SetICETimeouts(disconnectedTimeout, failedTimeout, keepAliveInterval time.Duration) {
+	e.timeout.ICEDisconnectedTimeout = &disconnectedTimeout
+	e.timeout.ICEFailedTimeout = &failedTimeout
+	e.timeout.ICEKeepaliveInterval = &keepAliveInterval
+}
+
+// SetHostAcceptanceMinWait sets the ICEHostAcceptanceMinWait
+func (e *SettingEngine) SetHostAcceptanceMinWait(t time.Duration) {
+	e.timeout.ICEHostAcceptanceMinWait = &t
+}
+
+// SetSrflxAcceptanceMinWait sets the ICESrflxAcceptanceMinWait
+func (e *SettingEngine) SetSrflxAcceptanceMinWait(t time.Duration) {
+	e.timeout.ICESrflxAcceptanceMinWait = &t
+}
+
+// SetPrflxAcceptanceMinWait sets the ICEPrflxAcceptanceMinWait
+func (e *SettingEngine) SetPrflxAcceptanceMinWait(t time.Duration) {
+	e.timeout.ICEPrflxAcceptanceMinWait = &t
+}
+
+// SetRelayAcceptanceMinWait sets the ICERelayAcceptanceMinWait
+func (e *SettingEngine) SetRelayAcceptanceMinWait(t time.Duration) {
+	e.timeout.ICERelayAcceptanceMinWait = &t
+}
+
+// SetEphemeralUDPPortRange limits the pool of ephemeral ports that
+// ICE UDP connections can allocate from. This affects both host candidates,
+// and the local address of server reflexive candidates.
+//
+// When portMin and portMax are left to the 0 default value, pion/ice candidate
+// gatherer replaces them and uses 1 for portMin and 65535 for portMax.
+func (e *SettingEngine) SetEphemeralUDPPortRange(portMin, portMax uint16) error {
+	if portMax < portMin {
+		return ice.ErrPort
+	}
+
+	e.ephemeralUDP.PortMin = portMin
+	e.ephemeralUDP.PortMax = portMax
+	return nil
+}
+
+// SetLite configures whether or not the ice agent should be a lite agent
+func (e *SettingEngine) SetLite(lite bool) {
+	e.candidates.ICELite = lite
+}
+
+// SetNetworkTypes configures what types of candidate networks are supported
+// during local and server reflexive gathering.
+func (e *SettingEngine) SetNetworkTypes(candidateTypes []NetworkType) {
+	e.candidates.ICENetworkTypes = candidateTypes
+}
+
+// SetInterfaceFilter sets the filtering functions when gathering ICE candidates
+// This can be used to exclude certain network interfaces from ICE. Which may be
+// useful if you know a certain interface will never succeed, or if you wish to reduce
+// the amount of information you wish to expose to the remote peer
+func (e *SettingEngine) SetInterfaceFilter(filter func(string) bool) {
+	e.candidates.InterfaceFilter = filter
+}
+
+// SetIPFilter sets the filtering functions when gathering ICE candidates
+// This can be used to exclude certain ip from ICE. Which may be
+// useful if you know a certain ip will never succeed, or if you wish to reduce
+// the amount of information you wish to expose to the remote peer
+func (e *SettingEngine) SetIPFilter(filter func(net.IP) bool) {
+	e.candidates.IPFilter = filter
+}
+
+// SetNAT1To1IPs sets a list of external IP addresses of 1:1 (D)NAT
+// and a candidate type for which the external IP address is used.
+// This is useful when you host a server using Pion on an AWS EC2 instance
+// which has a private address, behind a 1:1 DNAT with a public IP (e.g.
+// Elastic IP). In this case, you can give the public IP address so that
+// Pion will use the public IP address in its candidate instead of the private
+// IP address. The second argument, candidateType, is used to tell Pion which
+// type of candidate should use the given public IP address.
+// Two types of candidates are supported:
+//
+// ICECandidateTypeHost:
+//
+//	The public IP address will be used for the host candidate in the SDP.
+//
+// ICECandidateTypeSrflx:
+//
+//	A server reflexive candidate with the given public IP address will be added to the SDP.
+//
+// Please note that if you choose ICECandidateTypeHost, then the private IP address
+// won't be advertised with the peer. Also, this option cannot be used along with mDNS.
+//
+// If you choose ICECandidateTypeSrflx, it simply adds a server reflexive candidate
+// with the public IP. The host candidate is still available along with mDNS
+// capabilities unaffected. Also, you cannot give STUN server URL at the same time.
+// It will result in an error otherwise.
+func (e *SettingEngine) SetNAT1To1IPs(ips []string, candidateType ICECandidateType) {
+	e.candidates.NAT1To1IPs = ips
+	e.candidates.NAT1To1IPCandidateType = candidateType
+}
+
+// SetIncludeLoopbackCandidate enable pion to gather loopback candidates, it is useful
+// for some VM have public IP mapped to loopback interface
+func (e *SettingEngine) SetIncludeLoopbackCandidate(include bool) {
+	e.candidates.IncludeLoopbackCandidate = include
+}
+
+// SetAnsweringDTLSRole sets the DTLS role that is selected when offering
+// The DTLS role controls if the WebRTC Client as a client or server. This
+// may be useful when interacting with non-compliant clients or debugging issues.
+//
+// DTLSRoleActive:
+//
+//	Act as DTLS Client, send the ClientHello and starts the handshake
+//
+// DTLSRolePassive:
+//
+//	Act as DTLS Server, wait for ClientHello
+func (e *SettingEngine) SetAnsweringDTLSRole(role DTLSRole) error {
+	if role != DTLSRoleClient && role != DTLSRoleServer {
+		return errSettingEngineSetAnsweringDTLSRole
+	}
+
+	e.answeringDTLSRole = role
+	return nil
+}
+
+// SetVNet sets the VNet instance that is passed to pion/ice
+//
+// VNet is a virtual network layer for Pion, allowing users to simulate
+// different topologies, latency, loss and jitter. This can be useful for
+// learning WebRTC concepts or testing your application in a lab environment
+// Deprecated: Please use SetNet()
+func (e *SettingEngine) SetVNet(vnet *vnet.Net) {
+	e.SetNet(vnet)
+}
+
+// SetNet sets the Net instance that is passed to pion/ice
+//
+// Net is an network interface layer for Pion, allowing users to replace
+// Pions network stack with a custom implementation.
+func (e *SettingEngine) SetNet(net transport.Net) {
+	e.net = net
+}
+
+// SetICEMulticastDNSMode controls if pion/ice queries and generates mDNS ICE Candidates
+func (e *SettingEngine) SetICEMulticastDNSMode(multicastDNSMode ice.MulticastDNSMode) {
+	e.candidates.MulticastDNSMode = multicastDNSMode
+}
+
+// SetMulticastDNSHostName sets a static HostName to be used by pion/ice instead of generating one on startup
+//
+// This should only be used for a single PeerConnection. Having multiple PeerConnections with the same HostName will cause
+// undefined behavior
+func (e *SettingEngine) SetMulticastDNSHostName(hostName string) {
+	e.candidates.MulticastDNSHostName = hostName
+}
+
+// SetICECredentials sets a staic uFrag/uPwd to be used by pion/ice
+//
+// This is useful if you want to do signalless WebRTC session, or having a reproducible environment with static credentials
+func (e *SettingEngine) SetICECredentials(usernameFragment, password string) {
+	e.candidates.UsernameFragment = usernameFragment
+	e.candidates.Password = password
+}
+
+// DisableCertificateFingerprintVerification disables fingerprint verification after DTLS Handshake has finished
+func (e *SettingEngine) DisableCertificateFingerprintVerification(isDisabled bool) {
+	e.disableCertificateFingerprintVerification = isDisabled
+}
+
+// SetDTLSReplayProtectionWindow sets a replay attack protection window size of DTLS connection.
+func (e *SettingEngine) SetDTLSReplayProtectionWindow(n uint) {
+	e.replayProtection.DTLS = &n
+}
+
+// SetSRTPReplayProtectionWindow sets a replay attack protection window size of SRTP session.
+func (e *SettingEngine) SetSRTPReplayProtectionWindow(n uint) {
+	e.disableSRTPReplayProtection = false
+	e.replayProtection.SRTP = &n
+}
+
+// SetSRTCPReplayProtectionWindow sets a replay attack protection window size of SRTCP session.
+func (e *SettingEngine) SetSRTCPReplayProtectionWindow(n uint) {
+	e.disableSRTCPReplayProtection = false
+	e.replayProtection.SRTCP = &n
+}
+
+// DisableSRTPReplayProtection disables SRTP replay protection.
+func (e *SettingEngine) DisableSRTPReplayProtection(isDisabled bool) {
+	e.disableSRTPReplayProtection = isDisabled
+}
+
+// DisableSRTCPReplayProtection disables SRTCP replay protection.
+func (e *SettingEngine) DisableSRTCPReplayProtection(isDisabled bool) {
+	e.disableSRTCPReplayProtection = isDisabled
+}
+
+// SetSDPMediaLevelFingerprints configures the logic for DTLS Fingerprint insertion
+// If true, fingerprints will be inserted in the sdp at the fingerprint
+// level, instead of the session level. This helps with compatibility with
+// some webrtc implementations.
+func (e *SettingEngine) SetSDPMediaLevelFingerprints(sdpMediaLevelFingerprints bool) {
+	e.sdpMediaLevelFingerprints = sdpMediaLevelFingerprints
+}
+
+// SetICETCPMux enables ICE-TCP when set to a non-nil value. Make sure that
+// NetworkTypeTCP4 or NetworkTypeTCP6 is enabled as well.
+func (e *SettingEngine) SetICETCPMux(tcpMux ice.TCPMux) {
+	e.iceTCPMux = tcpMux
+}
+
+// SetICEUDPMux allows ICE traffic to come through a single UDP port, drastically
+// simplifying deployments where ports will need to be opened/forwarded.
+// UDPMux should be started prior to creating PeerConnections.
+func (e *SettingEngine) SetICEUDPMux(udpMux ice.UDPMux) {
+	e.iceUDPMux = udpMux
+}
+
+// SetICEProxyDialer sets the proxy dialer interface based on golang.org/x/net/proxy.
+func (e *SettingEngine) SetICEProxyDialer(d proxy.Dialer) {
+	e.iceProxyDialer = d
+}
+
+// DisableActiveTCP disables using active TCP for ICE. Active TCP is enabled by default
+func (e *SettingEngine) DisableActiveTCP(isDisabled bool) {
+	e.iceDisableActiveTCP = isDisabled
+}
+
+// DisableMediaEngineCopy stops the MediaEngine from being copied. This allows a user to modify
+// the MediaEngine after the PeerConnection has been constructed. This is useful if you wish to
+// modify codecs after signaling. Make sure not to share MediaEngines between PeerConnections.
+func (e *SettingEngine) DisableMediaEngineCopy(isDisabled bool) {
+	e.disableMediaEngineCopy = isDisabled
+}
+
+// SetReceiveMTU sets the size of read buffer that copies incoming packets. This is optional.
+// Leave this 0 for the default receiveMTU
+func (e *SettingEngine) SetReceiveMTU(receiveMTU uint) {
+	e.receiveMTU = receiveMTU
+}
+
+// SetDTLSRetransmissionInterval sets the retranmission interval for DTLS.
+func (e *SettingEngine) SetDTLSRetransmissionInterval(interval time.Duration) {
+	e.dtls.retransmissionInterval = interval
+}
+
+// SetDTLSInsecureSkipHelloVerify sets the skip HelloVerify flag for DTLS.
+// If true and when acting as DTLS server, will allow client to skip hello verify phase and
+// receive ServerHello after initial ClientHello. This will mean faster connect times,
+// but will have lower DoS attack resistance.
+func (e *SettingEngine) SetDTLSInsecureSkipHelloVerify(skip bool) {
+	e.dtls.insecureSkipHelloVerify = skip
+}
+
+// SetDTLSDisableInsecureSkipVerify sets the disable skip insecure verify flag for DTLS.
+// This controls whether a client verifies the server's certificate chain and host name.
+func (e *SettingEngine) SetDTLSDisableInsecureSkipVerify(disable bool) {
+	e.dtls.disableInsecureSkipVerify = disable
+}
+
+// SetDTLSEllipticCurves sets the elliptic curves for DTLS.
+func (e *SettingEngine) SetDTLSEllipticCurves(ellipticCurves ...dtlsElliptic.Curve) {
+	e.dtls.ellipticCurves = ellipticCurves
+}
+
+// SetDTLSConnectContextMaker sets the context used during the DTLS Handshake.
+// It can be used to extend or reduce the timeout on the DTLS Handshake.
+// If nil, the default dtls.ConnectContextMaker is used. It can be implemented as following.
+//
+//	func ConnectContextMaker() (context.Context, func()) {
+//		return context.WithTimeout(context.Background(), 30*time.Second)
+//	}
+func (e *SettingEngine) SetDTLSConnectContextMaker(connectContextMaker func() (context.Context, func())) {
+	e.dtls.connectContextMaker = connectContextMaker
+}
+
+// SetDTLSExtendedMasterSecret sets the extended master secret type for DTLS.
+func (e *SettingEngine) SetDTLSExtendedMasterSecret(extendedMasterSecret dtls.ExtendedMasterSecretType) {
+	e.dtls.extendedMasterSecret = extendedMasterSecret
+}
+
+// SetDTLSClientAuth sets the client auth type for DTLS.
+func (e *SettingEngine) SetDTLSClientAuth(clientAuth dtls.ClientAuthType) {
+	e.dtls.clientAuth = &clientAuth
+}
+
+// SetDTLSClientCAs sets the client CA certificate pool for DTLS certificate verification.
+func (e *SettingEngine) SetDTLSClientCAs(clientCAs *x509.CertPool) {
+	e.dtls.clientCAs = clientCAs
+}
+
+// SetDTLSRootCAs sets the root CA certificate pool for DTLS certificate verification.
+func (e *SettingEngine) SetDTLSRootCAs(rootCAs *x509.CertPool) {
+	e.dtls.rootCAs = rootCAs
+}
+
+// SetDTLSKeyLogWriter sets the destination of the TLS key material for debugging.
+// Logging key material compromises security and should only be use for debugging.
+func (e *SettingEngine) SetDTLSKeyLogWriter(writer io.Writer) {
+	e.dtls.keyLogWriter = writer
+}
+
+// SetSCTPMaxReceiveBufferSize sets the maximum receive buffer size.
+// Leave this 0 for the default maxReceiveBufferSize.
+func (e *SettingEngine) SetSCTPMaxReceiveBufferSize(maxReceiveBufferSize uint32) {
+	e.sctp.maxReceiveBufferSize = maxReceiveBufferSize
+}
+
+// SetSCTPZeroChecksum enables the zero checksum feature in SCTP.
+// This removes the need to checksum every incoming/outgoing packet and will reduce
+// latency and CPU usage. This feature is not backwards compatible so is disabled by default
+func (e *SettingEngine) EnableSCTPZeroChecksum(isEnabled bool) {
+	e.sctp.enableZeroChecksum = isEnabled
+}
+
+// SetICEBindingRequestHandler sets a callback that is fired on a STUN BindingRequest
+// This allows users to do things like
+// - Log incoming Binding Requests for debugging
+// - Implement draft-thatcher-ice-renomination
+// - Implement custom CandidatePair switching logic
+func (e *SettingEngine) SetICEBindingRequestHandler(bindingRequestHandler func(m *stun.Message, local, remote ice.Candidate, pair *ice.CandidatePair) bool) {
+	e.iceBindingRequestHandler = bindingRequestHandler
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/settingengine_js.go b/server/vendor/github.com/pion/webrtc/v3/settingengine_js.go
new file mode 100644
index 0000000..0069d04
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/settingengine_js.go
@@ -0,0 +1,23 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build js && wasm
+// +build js,wasm
+
+package webrtc
+
+// SettingEngine allows influencing behavior in ways that are not
+// supported by the WebRTC API. This allows us to support additional
+// use-cases without deviating from the WebRTC API elsewhere.
+type SettingEngine struct {
+	detach struct {
+		DataChannels bool
+	}
+}
+
+// DetachDataChannels enables detaching data channels. When enabled
+// data channels have to be detached in the OnOpen callback using the
+// DataChannel.Detach method.
+func (e *SettingEngine) DetachDataChannels() {
+	e.detach.DataChannels = true
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/signalingstate.go b/server/vendor/github.com/pion/webrtc/v3/signalingstate.go
new file mode 100644
index 0000000..42911c9
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/signalingstate.go
@@ -0,0 +1,191 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"fmt"
+	"sync/atomic"
+
+	"github.com/pion/webrtc/v3/pkg/rtcerr"
+)
+
+type stateChangeOp int
+
+const (
+	stateChangeOpSetLocal stateChangeOp = iota + 1
+	stateChangeOpSetRemote
+)
+
+func (op stateChangeOp) String() string {
+	switch op {
+	case stateChangeOpSetLocal:
+		return "SetLocal"
+	case stateChangeOpSetRemote:
+		return "SetRemote"
+	default:
+		return "Unknown State Change Operation"
+	}
+}
+
+// SignalingState indicates the signaling state of the offer/answer process.
+type SignalingState int32
+
+const (
+	// SignalingStateStable indicates there is no offer/answer exchange in
+	// progress. This is also the initial state, in which case the local and
+	// remote descriptions are nil.
+	SignalingStateStable SignalingState = iota + 1
+
+	// SignalingStateHaveLocalOffer indicates that a local description, of
+	// type "offer", has been successfully applied.
+	SignalingStateHaveLocalOffer
+
+	// SignalingStateHaveRemoteOffer indicates that a remote description, of
+	// type "offer", has been successfully applied.
+	SignalingStateHaveRemoteOffer
+
+	// SignalingStateHaveLocalPranswer indicates that a remote description
+	// of type "offer" has been successfully applied and a local description
+	// of type "pranswer" has been successfully applied.
+	SignalingStateHaveLocalPranswer
+
+	// SignalingStateHaveRemotePranswer indicates that a local description
+	// of type "offer" has been successfully applied and a remote description
+	// of type "pranswer" has been successfully applied.
+	SignalingStateHaveRemotePranswer
+
+	// SignalingStateClosed indicates The PeerConnection has been closed.
+	SignalingStateClosed
+)
+
+// This is done this way because of a linter.
+const (
+	signalingStateStableStr             = "stable"
+	signalingStateHaveLocalOfferStr     = "have-local-offer"
+	signalingStateHaveRemoteOfferStr    = "have-remote-offer"
+	signalingStateHaveLocalPranswerStr  = "have-local-pranswer"
+	signalingStateHaveRemotePranswerStr = "have-remote-pranswer"
+	signalingStateClosedStr             = "closed"
+)
+
+func newSignalingState(raw string) SignalingState {
+	switch raw {
+	case signalingStateStableStr:
+		return SignalingStateStable
+	case signalingStateHaveLocalOfferStr:
+		return SignalingStateHaveLocalOffer
+	case signalingStateHaveRemoteOfferStr:
+		return SignalingStateHaveRemoteOffer
+	case signalingStateHaveLocalPranswerStr:
+		return SignalingStateHaveLocalPranswer
+	case signalingStateHaveRemotePranswerStr:
+		return SignalingStateHaveRemotePranswer
+	case signalingStateClosedStr:
+		return SignalingStateClosed
+	default:
+		return SignalingState(Unknown)
+	}
+}
+
+func (t SignalingState) String() string {
+	switch t {
+	case SignalingStateStable:
+		return signalingStateStableStr
+	case SignalingStateHaveLocalOffer:
+		return signalingStateHaveLocalOfferStr
+	case SignalingStateHaveRemoteOffer:
+		return signalingStateHaveRemoteOfferStr
+	case SignalingStateHaveLocalPranswer:
+		return signalingStateHaveLocalPranswerStr
+	case SignalingStateHaveRemotePranswer:
+		return signalingStateHaveRemotePranswerStr
+	case SignalingStateClosed:
+		return signalingStateClosedStr
+	default:
+		return ErrUnknownType.Error()
+	}
+}
+
+// Get thread safe read value
+func (t *SignalingState) Get() SignalingState {
+	return SignalingState(atomic.LoadInt32((*int32)(t)))
+}
+
+// Set thread safe write value
+func (t *SignalingState) Set(state SignalingState) {
+	atomic.StoreInt32((*int32)(t), int32(state))
+}
+
+func checkNextSignalingState(cur, next SignalingState, op stateChangeOp, sdpType SDPType) (SignalingState, error) { // nolint:gocognit
+	// Special case for rollbacks
+	if sdpType == SDPTypeRollback && cur == SignalingStateStable {
+		return cur, &rtcerr.InvalidModificationError{
+			Err: errSignalingStateCannotRollback,
+		}
+	}
+
+	// 4.3.1 valid state transitions
+	switch cur { // nolint:exhaustive
+	case SignalingStateStable:
+		switch op {
+		case stateChangeOpSetLocal:
+			// stable->SetLocal(offer)->have-local-offer
+			if sdpType == SDPTypeOffer && next == SignalingStateHaveLocalOffer {
+				return next, nil
+			}
+		case stateChangeOpSetRemote:
+			// stable->SetRemote(offer)->have-remote-offer
+			if sdpType == SDPTypeOffer && next == SignalingStateHaveRemoteOffer {
+				return next, nil
+			}
+		}
+	case SignalingStateHaveLocalOffer:
+		if op == stateChangeOpSetRemote {
+			switch sdpType { // nolint:exhaustive
+			// have-local-offer->SetRemote(answer)->stable
+			case SDPTypeAnswer:
+				if next == SignalingStateStable {
+					return next, nil
+				}
+			// have-local-offer->SetRemote(pranswer)->have-remote-pranswer
+			case SDPTypePranswer:
+				if next == SignalingStateHaveRemotePranswer {
+					return next, nil
+				}
+			}
+		}
+	case SignalingStateHaveRemotePranswer:
+		if op == stateChangeOpSetRemote && sdpType == SDPTypeAnswer {
+			// have-remote-pranswer->SetRemote(answer)->stable
+			if next == SignalingStateStable {
+				return next, nil
+			}
+		}
+	case SignalingStateHaveRemoteOffer:
+		if op == stateChangeOpSetLocal {
+			switch sdpType { // nolint:exhaustive
+			// have-remote-offer->SetLocal(answer)->stable
+			case SDPTypeAnswer:
+				if next == SignalingStateStable {
+					return next, nil
+				}
+			// have-remote-offer->SetLocal(pranswer)->have-local-pranswer
+			case SDPTypePranswer:
+				if next == SignalingStateHaveLocalPranswer {
+					return next, nil
+				}
+			}
+		}
+	case SignalingStateHaveLocalPranswer:
+		if op == stateChangeOpSetLocal && sdpType == SDPTypeAnswer {
+			// have-local-pranswer->SetLocal(answer)->stable
+			if next == SignalingStateStable {
+				return next, nil
+			}
+		}
+	}
+	return cur, &rtcerr.InvalidModificationError{
+		Err: fmt.Errorf("%w: %s->%s(%s)->%s", errSignalingStateProposedTransitionInvalid, cur, op, sdpType, next),
+	}
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/srtp_writer_future.go b/server/vendor/github.com/pion/webrtc/v3/srtp_writer_future.go
new file mode 100644
index 0000000..6855e8d
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/srtp_writer_future.go
@@ -0,0 +1,141 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"io"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/pion/rtp"
+	"github.com/pion/srtp/v2"
+)
+
+// srtpWriterFuture blocks Read/Write calls until
+// the SRTP Session is available
+type srtpWriterFuture struct {
+	ssrc           SSRC
+	rtpSender      *RTPSender
+	rtcpReadStream atomic.Value // *srtp.ReadStreamSRTCP
+	rtpWriteStream atomic.Value // *srtp.WriteStreamSRTP
+	mu             sync.Mutex
+	closed         bool
+}
+
+func (s *srtpWriterFuture) init(returnWhenNoSRTP bool) error {
+	if returnWhenNoSRTP {
+		select {
+		case <-s.rtpSender.stopCalled:
+			return io.ErrClosedPipe
+		case <-s.rtpSender.transport.srtpReady:
+		default:
+			return nil
+		}
+	} else {
+		select {
+		case <-s.rtpSender.stopCalled:
+			return io.ErrClosedPipe
+		case <-s.rtpSender.transport.srtpReady:
+		}
+	}
+
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	if s.closed {
+		return io.ErrClosedPipe
+	}
+
+	srtcpSession, err := s.rtpSender.transport.getSRTCPSession()
+	if err != nil {
+		return err
+	}
+
+	rtcpReadStream, err := srtcpSession.OpenReadStream(uint32(s.ssrc))
+	if err != nil {
+		return err
+	}
+
+	srtpSession, err := s.rtpSender.transport.getSRTPSession()
+	if err != nil {
+		return err
+	}
+
+	rtpWriteStream, err := srtpSession.OpenWriteStream()
+	if err != nil {
+		return err
+	}
+
+	s.rtcpReadStream.Store(rtcpReadStream)
+	s.rtpWriteStream.Store(rtpWriteStream)
+	return nil
+}
+
+func (s *srtpWriterFuture) Close() error {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	if s.closed {
+		return nil
+	}
+	s.closed = true
+
+	if value, ok := s.rtcpReadStream.Load().(*srtp.ReadStreamSRTCP); ok {
+		return value.Close()
+	}
+
+	return nil
+}
+
+func (s *srtpWriterFuture) Read(b []byte) (n int, err error) {
+	if value, ok := s.rtcpReadStream.Load().(*srtp.ReadStreamSRTCP); ok {
+		return value.Read(b)
+	}
+
+	if err := s.init(false); err != nil || s.rtcpReadStream.Load() == nil {
+		return 0, err
+	}
+
+	return s.Read(b)
+}
+
+func (s *srtpWriterFuture) SetReadDeadline(t time.Time) error {
+	if value, ok := s.rtcpReadStream.Load().(*srtp.ReadStreamSRTCP); ok {
+		return value.SetReadDeadline(t)
+	}
+
+	if err := s.init(false); err != nil || s.rtcpReadStream.Load() == nil {
+		return err
+	}
+
+	return s.SetReadDeadline(t)
+}
+
+func (s *srtpWriterFuture) WriteRTP(header *rtp.Header, payload []byte) (int, error) {
+	if value, ok := s.rtpWriteStream.Load().(*srtp.WriteStreamSRTP); ok {
+		return value.WriteRTP(header, payload)
+	}
+
+	if err := s.init(true); err != nil || s.rtpWriteStream.Load() == nil {
+		return 0, err
+	}
+
+	return s.WriteRTP(header, payload)
+}
+
+func (s *srtpWriterFuture) Write(b []byte) (int, error) {
+	if value, ok := s.rtpWriteStream.Load().(*srtp.WriteStreamSRTP); ok {
+		return value.Write(b)
+	}
+
+	if err := s.init(true); err != nil || s.rtpWriteStream.Load() == nil {
+		return 0, err
+	}
+
+	return s.Write(b)
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/stats.go b/server/vendor/github.com/pion/webrtc/v3/stats.go
new file mode 100644
index 0000000..a0b0795
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/stats.go
@@ -0,0 +1,2077 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"encoding/json"
+	"fmt"
+	"sync"
+	"time"
+
+	"github.com/pion/ice/v2"
+)
+
+// A Stats object contains a set of statistics copies out of a monitored component
+// of the WebRTC stack at a specific time.
+type Stats interface {
+	statsMarker()
+}
+
+// UnmarshalStatsJSON unmarshals a Stats object from JSON
+func UnmarshalStatsJSON(b []byte) (Stats, error) {
+	type typeJSON struct {
+		Type StatsType `json:"type"`
+	}
+	typeHolder := typeJSON{}
+
+	err := json.Unmarshal(b, &typeHolder)
+	if err != nil {
+		return nil, fmt.Errorf("unmarshal json type: %w", err)
+	}
+
+	switch typeHolder.Type {
+	case StatsTypeCodec:
+		return unmarshalCodecStats(b)
+	case StatsTypeInboundRTP:
+		return unmarshalInboundRTPStreamStats(b)
+	case StatsTypeOutboundRTP:
+		return unmarshalOutboundRTPStreamStats(b)
+	case StatsTypeRemoteInboundRTP:
+		return unmarshalRemoteInboundRTPStreamStats(b)
+	case StatsTypeRemoteOutboundRTP:
+		return unmarshalRemoteOutboundRTPStreamStats(b)
+	case StatsTypeCSRC:
+		return unmarshalCSRCStats(b)
+	case StatsTypeMediaSource:
+		return unmarshalMediaSourceStats(b)
+	case StatsTypeMediaPlayout:
+		return unmarshalMediaPlayoutStats(b)
+	case StatsTypePeerConnection:
+		return unmarshalPeerConnectionStats(b)
+	case StatsTypeDataChannel:
+		return unmarshalDataChannelStats(b)
+	case StatsTypeStream:
+		return unmarshalStreamStats(b)
+	case StatsTypeTrack:
+		return unmarshalTrackStats(b)
+	case StatsTypeSender:
+		return unmarshalSenderStats(b)
+	case StatsTypeReceiver:
+		return unmarshalReceiverStats(b)
+	case StatsTypeTransport:
+		return unmarshalTransportStats(b)
+	case StatsTypeCandidatePair:
+		return unmarshalICECandidatePairStats(b)
+	case StatsTypeLocalCandidate, StatsTypeRemoteCandidate:
+		return unmarshalICECandidateStats(b)
+	case StatsTypeCertificate:
+		return unmarshalCertificateStats(b)
+	case StatsTypeSCTPTransport:
+		return unmarshalSCTPTransportStats(b)
+	default:
+		return nil, fmt.Errorf("type: %w", ErrUnknownType)
+	}
+}
+
+// StatsType indicates the type of the object that a Stats object represents.
+type StatsType string
+
+const (
+	// StatsTypeCodec is used by CodecStats.
+	StatsTypeCodec StatsType = "codec"
+
+	// StatsTypeInboundRTP is used by InboundRTPStreamStats.
+	StatsTypeInboundRTP StatsType = "inbound-rtp"
+
+	// StatsTypeOutboundRTP is used by OutboundRTPStreamStats.
+	StatsTypeOutboundRTP StatsType = "outbound-rtp"
+
+	// StatsTypeRemoteInboundRTP is used by RemoteInboundRTPStreamStats.
+	StatsTypeRemoteInboundRTP StatsType = "remote-inbound-rtp"
+
+	// StatsTypeRemoteOutboundRTP is used by RemoteOutboundRTPStreamStats.
+	StatsTypeRemoteOutboundRTP StatsType = "remote-outbound-rtp"
+
+	// StatsTypeCSRC is used by RTPContributingSourceStats.
+	StatsTypeCSRC StatsType = "csrc"
+
+	// StatsTypeMediaSource is used by AudioSourceStats or VideoSourceStats depending on kind.
+	StatsTypeMediaSource = "media-source"
+
+	// StatsTypeMediaPlayout is used by AudioPlayoutStats.
+	StatsTypeMediaPlayout StatsType = "media-playout"
+
+	// StatsTypePeerConnection used by PeerConnectionStats.
+	StatsTypePeerConnection StatsType = "peer-connection"
+
+	// StatsTypeDataChannel is used by DataChannelStats.
+	StatsTypeDataChannel StatsType = "data-channel"
+
+	// StatsTypeStream is used by MediaStreamStats.
+	StatsTypeStream StatsType = "stream"
+
+	// StatsTypeTrack is used by SenderVideoTrackAttachmentStats and SenderAudioTrackAttachmentStats depending on kind.
+	StatsTypeTrack StatsType = "track"
+
+	// StatsTypeSender is used by the AudioSenderStats or VideoSenderStats depending on kind.
+	StatsTypeSender StatsType = "sender"
+
+	// StatsTypeReceiver is used by the AudioReceiverStats or VideoReceiverStats depending on kind.
+	StatsTypeReceiver StatsType = "receiver"
+
+	// StatsTypeTransport is used by TransportStats.
+	StatsTypeTransport StatsType = "transport"
+
+	// StatsTypeCandidatePair is used by ICECandidatePairStats.
+	StatsTypeCandidatePair StatsType = "candidate-pair"
+
+	// StatsTypeLocalCandidate is used by ICECandidateStats for the local candidate.
+	StatsTypeLocalCandidate StatsType = "local-candidate"
+
+	// StatsTypeRemoteCandidate is used by ICECandidateStats for the remote candidate.
+	StatsTypeRemoteCandidate StatsType = "remote-candidate"
+
+	// StatsTypeCertificate is used by CertificateStats.
+	StatsTypeCertificate StatsType = "certificate"
+
+	// StatsTypeSCTPTransport is used by SCTPTransportStats
+	StatsTypeSCTPTransport StatsType = "sctp-transport"
+)
+
+// MediaKind indicates the kind of media (audio or video)
+type MediaKind string
+
+const (
+	// MediaKindAudio indicates this is audio stats
+	MediaKindAudio MediaKind = "audio"
+	// MediaKindVideo indicates this is video stats
+	MediaKindVideo MediaKind = "video"
+)
+
+// StatsTimestamp is a timestamp represented by the floating point number of
+// milliseconds since the epoch.
+type StatsTimestamp float64
+
+// Time returns the time.Time represented by this timestamp.
+func (s StatsTimestamp) Time() time.Time {
+	millis := float64(s)
+	nanos := int64(millis * float64(time.Millisecond))
+
+	return time.Unix(0, nanos).UTC()
+}
+
+func statsTimestampFrom(t time.Time) StatsTimestamp {
+	return StatsTimestamp(t.UnixNano() / int64(time.Millisecond))
+}
+
+func statsTimestampNow() StatsTimestamp {
+	return statsTimestampFrom(time.Now())
+}
+
+// StatsReport collects Stats objects indexed by their ID.
+type StatsReport map[string]Stats
+
+type statsReportCollector struct {
+	collectingGroup sync.WaitGroup
+	report          StatsReport
+	mux             sync.Mutex
+}
+
+func newStatsReportCollector() *statsReportCollector {
+	return &statsReportCollector{report: make(StatsReport)}
+}
+
+func (src *statsReportCollector) Collecting() {
+	src.collectingGroup.Add(1)
+}
+
+func (src *statsReportCollector) Collect(id string, stats Stats) {
+	src.mux.Lock()
+	defer src.mux.Unlock()
+
+	src.report[id] = stats
+	src.collectingGroup.Done()
+}
+
+func (src *statsReportCollector) Done() {
+	src.collectingGroup.Done()
+}
+
+func (src *statsReportCollector) Ready() StatsReport {
+	src.collectingGroup.Wait()
+	src.mux.Lock()
+	defer src.mux.Unlock()
+	return src.report
+}
+
+// CodecType specifies whether a CodecStats objects represents a media format
+// that is being encoded or decoded
+type CodecType string
+
+const (
+	// CodecTypeEncode means the attached CodecStats represents a media format that
+	// is being encoded, or that the implementation is prepared to encode.
+	CodecTypeEncode CodecType = "encode"
+
+	// CodecTypeDecode means the attached CodecStats represents a media format
+	// that the implementation is prepared to decode.
+	CodecTypeDecode CodecType = "decode"
+)
+
+// CodecStats contains statistics for a codec that is currently being used by RTP streams
+// being sent or received by this PeerConnection object.
+type CodecStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// PayloadType as used in RTP encoding or decoding
+	PayloadType PayloadType `json:"payloadType"`
+
+	// CodecType of this CodecStats
+	CodecType CodecType `json:"codecType"`
+
+	// TransportID is the unique identifier of the transport on which this codec is
+	// being used, which can be used to look up the corresponding TransportStats object.
+	TransportID string `json:"transportId"`
+
+	// MimeType is the codec MIME media type/subtype. e.g., video/vp8 or equivalent.
+	MimeType string `json:"mimeType"`
+
+	// ClockRate represents the media sampling rate.
+	ClockRate uint32 `json:"clockRate"`
+
+	// Channels is 2 for stereo, missing for most other cases.
+	Channels uint8 `json:"channels"`
+
+	// SDPFmtpLine is the a=fmtp line in the SDP corresponding to the codec,
+	// i.e., after the colon following the PT.
+	SDPFmtpLine string `json:"sdpFmtpLine"`
+
+	// Implementation identifies the implementation used. This is useful for diagnosing
+	// interoperability issues.
+	Implementation string `json:"implementation"`
+}
+
+func (s CodecStats) statsMarker() {}
+
+func unmarshalCodecStats(b []byte) (CodecStats, error) {
+	var codecStats CodecStats
+	err := json.Unmarshal(b, &codecStats)
+	if err != nil {
+		return CodecStats{}, fmt.Errorf("unmarshal codec stats: %w", err)
+	}
+	return codecStats, nil
+}
+
+// InboundRTPStreamStats contains statistics for an inbound RTP stream that is
+// currently received with this PeerConnection object.
+type InboundRTPStreamStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// SSRC is the 32-bit unsigned integer value used to identify the source of the
+	// stream of RTP packets that this stats object concerns.
+	SSRC SSRC `json:"ssrc"`
+
+	// Kind is either "audio" or "video"
+	Kind string `json:"kind"`
+
+	// It is a unique identifier that is associated to the object that was inspected
+	// to produce the TransportStats associated with this RTP stream.
+	TransportID string `json:"transportId"`
+
+	// CodecID is a unique identifier that is associated to the object that was inspected
+	// to produce the CodecStats associated with this RTP stream.
+	CodecID string `json:"codecId"`
+
+	// FIRCount counts the total number of Full Intra Request (FIR) packets received
+	// by the sender. This metric is only valid for video and is sent by receiver.
+	FIRCount uint32 `json:"firCount"`
+
+	// PLICount counts the total number of Picture Loss Indication (PLI) packets
+	// received by the sender. This metric is only valid for video and is sent by receiver.
+	PLICount uint32 `json:"pliCount"`
+
+	// NACKCount counts the total number of Negative ACKnowledgement (NACK) packets
+	// received by the sender and is sent by receiver.
+	NACKCount uint32 `json:"nackCount"`
+
+	// SLICount counts the total number of Slice Loss Indication (SLI) packets received
+	// by the sender. This metric is only valid for video and is sent by receiver.
+	SLICount uint32 `json:"sliCount"`
+
+	// QPSum is the sum of the QP values of frames passed. The count of frames is
+	// in FramesDecoded for inbound stream stats, and in FramesEncoded for outbound stream stats.
+	QPSum uint64 `json:"qpSum"`
+
+	// PacketsReceived is the total number of RTP packets received for this SSRC.
+	PacketsReceived uint32 `json:"packetsReceived"`
+
+	// PacketsLost is the total number of RTP packets lost for this SSRC. Note that
+	// because of how this is estimated, it can be negative if more packets are received than sent.
+	PacketsLost int32 `json:"packetsLost"`
+
+	// Jitter is the packet jitter measured in seconds for this SSRC
+	Jitter float64 `json:"jitter"`
+
+	// PacketsDiscarded is the cumulative number of RTP packets discarded by the jitter
+	// buffer due to late or early-arrival, i.e., these packets are not played out.
+	// RTP packets discarded due to packet duplication are not reported in this metric.
+	PacketsDiscarded uint32 `json:"packetsDiscarded"`
+
+	// PacketsRepaired is the cumulative number of lost RTP packets repaired after applying
+	// an error-resilience mechanism. It is measured for the primary source RTP packets
+	// and only counted for RTP packets that have no further chance of repair.
+	PacketsRepaired uint32 `json:"packetsRepaired"`
+
+	// BurstPacketsLost is the cumulative number of RTP packets lost during loss bursts.
+	BurstPacketsLost uint32 `json:"burstPacketsLost"`
+
+	// BurstPacketsDiscarded is the cumulative number of RTP packets discarded during discard bursts.
+	BurstPacketsDiscarded uint32 `json:"burstPacketsDiscarded"`
+
+	// BurstLossCount is the cumulative number of bursts of lost RTP packets.
+	BurstLossCount uint32 `json:"burstLossCount"`
+
+	// BurstDiscardCount is the cumulative number of bursts of discarded RTP packets.
+	BurstDiscardCount uint32 `json:"burstDiscardCount"`
+
+	// BurstLossRate is the fraction of RTP packets lost during bursts to the
+	// total number of RTP packets expected in the bursts.
+	BurstLossRate float64 `json:"burstLossRate"`
+
+	// BurstDiscardRate is the fraction of RTP packets discarded during bursts to
+	// the total number of RTP packets expected in bursts.
+	BurstDiscardRate float64 `json:"burstDiscardRate"`
+
+	// GapLossRate is the fraction of RTP packets lost during the gap periods.
+	GapLossRate float64 `json:"gapLossRate"`
+
+	// GapDiscardRate is the fraction of RTP packets discarded during the gap periods.
+	GapDiscardRate float64 `json:"gapDiscardRate"`
+
+	// TrackID is the identifier of the stats object representing the receiving track,
+	// a ReceiverAudioTrackAttachmentStats or ReceiverVideoTrackAttachmentStats.
+	TrackID string `json:"trackId"`
+
+	// ReceiverID is the stats ID used to look up the AudioReceiverStats or VideoReceiverStats
+	// object receiving this stream.
+	ReceiverID string `json:"receiverId"`
+
+	// RemoteID is used for looking up the remote RemoteOutboundRTPStreamStats object
+	// for the same SSRC.
+	RemoteID string `json:"remoteId"`
+
+	// FramesDecoded represents the total number of frames correctly decoded for this SSRC,
+	// i.e., frames that would be displayed if no frames are dropped. Only valid for video.
+	FramesDecoded uint32 `json:"framesDecoded"`
+
+	// LastPacketReceivedTimestamp represents the timestamp at which the last packet was
+	// received for this SSRC. This differs from Timestamp, which represents the time
+	// at which the statistics were generated by the local endpoint.
+	LastPacketReceivedTimestamp StatsTimestamp `json:"lastPacketReceivedTimestamp"`
+
+	// AverageRTCPInterval is the average RTCP interval between two consecutive compound RTCP packets.
+	// This is calculated by the sending endpoint when sending compound RTCP reports.
+	// Compound packets must contain at least a RTCP RR or SR packet and an SDES packet
+	// with the CNAME item.
+	AverageRTCPInterval float64 `json:"averageRtcpInterval"`
+
+	// FECPacketsReceived is the total number of RTP FEC packets received for this SSRC.
+	// This counter can also be incremented when receiving FEC packets in-band with media packets (e.g., with Opus).
+	FECPacketsReceived uint32 `json:"fecPacketsReceived"`
+
+	// BytesReceived is the total number of bytes received for this SSRC.
+	BytesReceived uint64 `json:"bytesReceived"`
+
+	// PacketsFailedDecryption is the cumulative number of RTP packets that failed
+	// to be decrypted. These packets are not counted by PacketsDiscarded.
+	PacketsFailedDecryption uint32 `json:"packetsFailedDecryption"`
+
+	// PacketsDuplicated is the cumulative number of packets discarded because they
+	// are duplicated. Duplicate packets are not counted in PacketsDiscarded.
+	//
+	// Duplicated packets have the same RTP sequence number and content as a previously
+	// received packet. If multiple duplicates of a packet are received, all of them are counted.
+	// An improved estimate of lost packets can be calculated by adding PacketsDuplicated to PacketsLost.
+	PacketsDuplicated uint32 `json:"packetsDuplicated"`
+
+	// PerDSCPPacketsReceived is the total number of packets received for this SSRC,
+	// per Differentiated Services code point (DSCP) [RFC2474]. DSCPs are identified
+	// as decimal integers in string form. Note that due to network remapping and bleaching,
+	// these numbers are not expected to match the numbers seen on sending. Not all
+	// OSes make this information available.
+	PerDSCPPacketsReceived map[string]uint32 `json:"perDscpPacketsReceived"`
+}
+
+func (s InboundRTPStreamStats) statsMarker() {}
+
+func unmarshalInboundRTPStreamStats(b []byte) (InboundRTPStreamStats, error) {
+	var inboundRTPStreamStats InboundRTPStreamStats
+	err := json.Unmarshal(b, &inboundRTPStreamStats)
+	if err != nil {
+		return InboundRTPStreamStats{}, fmt.Errorf("unmarshal inbound rtp stream stats: %w", err)
+	}
+	return inboundRTPStreamStats, nil
+}
+
+// QualityLimitationReason lists the reason for limiting the resolution and/or framerate.
+// Only valid for video.
+type QualityLimitationReason string
+
+const (
+	// QualityLimitationReasonNone means the resolution and/or framerate is not limited.
+	QualityLimitationReasonNone QualityLimitationReason = "none"
+
+	// QualityLimitationReasonCPU means the resolution and/or framerate is primarily limited due to CPU load.
+	QualityLimitationReasonCPU QualityLimitationReason = "cpu"
+
+	// QualityLimitationReasonBandwidth means the resolution and/or framerate is primarily limited due to congestion cues during bandwidth estimation. Typical, congestion control algorithms use inter-arrival time, round-trip time, packet or other congestion cues to perform bandwidth estimation.
+	QualityLimitationReasonBandwidth QualityLimitationReason = "bandwidth"
+
+	// QualityLimitationReasonOther means the resolution and/or framerate is primarily limited for a reason other than the above.
+	QualityLimitationReasonOther QualityLimitationReason = "other"
+)
+
+// OutboundRTPStreamStats contains statistics for an outbound RTP stream that is
+// currently sent with this PeerConnection object.
+type OutboundRTPStreamStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// SSRC is the 32-bit unsigned integer value used to identify the source of the
+	// stream of RTP packets that this stats object concerns.
+	SSRC SSRC `json:"ssrc"`
+
+	// Kind is either "audio" or "video"
+	Kind string `json:"kind"`
+
+	// It is a unique identifier that is associated to the object that was inspected
+	// to produce the TransportStats associated with this RTP stream.
+	TransportID string `json:"transportId"`
+
+	// CodecID is a unique identifier that is associated to the object that was inspected
+	// to produce the CodecStats associated with this RTP stream.
+	CodecID string `json:"codecId"`
+
+	// FIRCount counts the total number of Full Intra Request (FIR) packets received
+	// by the sender. This metric is only valid for video and is sent by receiver.
+	FIRCount uint32 `json:"firCount"`
+
+	// PLICount counts the total number of Picture Loss Indication (PLI) packets
+	// received by the sender. This metric is only valid for video and is sent by receiver.
+	PLICount uint32 `json:"pliCount"`
+
+	// NACKCount counts the total number of Negative ACKnowledgement (NACK) packets
+	// received by the sender and is sent by receiver.
+	NACKCount uint32 `json:"nackCount"`
+
+	// SLICount counts the total number of Slice Loss Indication (SLI) packets received
+	// by the sender. This metric is only valid for video and is sent by receiver.
+	SLICount uint32 `json:"sliCount"`
+
+	// QPSum is the sum of the QP values of frames passed. The count of frames is
+	// in FramesDecoded for inbound stream stats, and in FramesEncoded for outbound stream stats.
+	QPSum uint64 `json:"qpSum"`
+
+	// PacketsSent is the total number of RTP packets sent for this SSRC.
+	PacketsSent uint32 `json:"packetsSent"`
+
+	// PacketsDiscardedOnSend is the total number of RTP packets for this SSRC that
+	// have been discarded due to socket errors, i.e. a socket error occurred when handing
+	// the packets to the socket. This might happen due to various reasons, including
+	// full buffer or no available memory.
+	PacketsDiscardedOnSend uint32 `json:"packetsDiscardedOnSend"`
+
+	// FECPacketsSent is the total number of RTP FEC packets sent for this SSRC.
+	// This counter can also be incremented when sending FEC packets in-band with
+	// media packets (e.g., with Opus).
+	FECPacketsSent uint32 `json:"fecPacketsSent"`
+
+	// BytesSent is the total number of bytes sent for this SSRC.
+	BytesSent uint64 `json:"bytesSent"`
+
+	// BytesDiscardedOnSend is the total number of bytes for this SSRC that have
+	// been discarded due to socket errors, i.e. a socket error occurred when handing
+	// the packets containing the bytes to the socket. This might happen due to various
+	// reasons, including full buffer or no available memory.
+	BytesDiscardedOnSend uint64 `json:"bytesDiscardedOnSend"`
+
+	// TrackID is the identifier of the stats object representing the current track
+	// attachment to the sender of this stream, a SenderAudioTrackAttachmentStats
+	// or SenderVideoTrackAttachmentStats.
+	TrackID string `json:"trackId"`
+
+	// SenderID is the stats ID used to look up the AudioSenderStats or VideoSenderStats
+	// object sending this stream.
+	SenderID string `json:"senderId"`
+
+	// RemoteID is used for looking up the remote RemoteInboundRTPStreamStats object
+	// for the same SSRC.
+	RemoteID string `json:"remoteId"`
+
+	// LastPacketSentTimestamp represents the timestamp at which the last packet was
+	// sent for this SSRC. This differs from timestamp, which represents the time at
+	// which the statistics were generated by the local endpoint.
+	LastPacketSentTimestamp StatsTimestamp `json:"lastPacketSentTimestamp"`
+
+	// TargetBitrate is the current target bitrate configured for this particular SSRC
+	// and is the Transport Independent Application Specific (TIAS) bitrate [RFC3890].
+	// Typically, the target bitrate is a configuration parameter provided to the codec's
+	// encoder and does not count the size of the IP or other transport layers like TCP or UDP.
+	// It is measured in bits per second and the bitrate is calculated over a 1 second window.
+	TargetBitrate float64 `json:"targetBitrate"`
+
+	// FramesEncoded represents the total number of frames successfully encoded for this RTP media stream.
+	// Only valid for video.
+	FramesEncoded uint32 `json:"framesEncoded"`
+
+	// TotalEncodeTime is the total number of seconds that has been spent encoding the
+	// framesEncoded frames of this stream. The average encode time can be calculated by
+	// dividing this value with FramesEncoded. The time it takes to encode one frame is the
+	// time passed between feeding the encoder a frame and the encoder returning encoded data
+	// for that frame. This does not include any additional time it may take to packetize the resulting data.
+	TotalEncodeTime float64 `json:"totalEncodeTime"`
+
+	// AverageRTCPInterval is the average RTCP interval between two consecutive compound RTCP
+	// packets. This is calculated by the sending endpoint when sending compound RTCP reports.
+	// Compound packets must contain at least a RTCP RR or SR packet and an SDES packet with the CNAME item.
+	AverageRTCPInterval float64 `json:"averageRtcpInterval"`
+
+	// QualityLimitationReason is the current reason for limiting the resolution and/or framerate,
+	// or "none" if not limited. Only valid for video.
+	QualityLimitationReason QualityLimitationReason `json:"qualityLimitationReason"`
+
+	// QualityLimitationDurations is record of the total time, in seconds, that this
+	// stream has spent in each quality limitation state. The record includes a mapping
+	// for all QualityLimitationReason types, including "none". Only valid for video.
+	QualityLimitationDurations map[string]float64 `json:"qualityLimitationDurations"`
+
+	// PerDSCPPacketsSent is the total number of packets sent for this SSRC, per DSCP.
+	// DSCPs are identified as decimal integers in string form.
+	PerDSCPPacketsSent map[string]uint32 `json:"perDscpPacketsSent"`
+}
+
+func (s OutboundRTPStreamStats) statsMarker() {}
+
+func unmarshalOutboundRTPStreamStats(b []byte) (OutboundRTPStreamStats, error) {
+	var outboundRTPStreamStats OutboundRTPStreamStats
+	err := json.Unmarshal(b, &outboundRTPStreamStats)
+	if err != nil {
+		return OutboundRTPStreamStats{}, fmt.Errorf("unmarshal outbound rtp stream stats: %w", err)
+	}
+	return outboundRTPStreamStats, nil
+}
+
+// RemoteInboundRTPStreamStats contains statistics for the remote endpoint's inbound
+// RTP stream corresponding to an outbound stream that is currently sent with this
+// PeerConnection object. It is measured at the remote endpoint and reported in an RTCP
+// Receiver Report (RR) or RTCP Extended Report (XR).
+type RemoteInboundRTPStreamStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// SSRC is the 32-bit unsigned integer value used to identify the source of the
+	// stream of RTP packets that this stats object concerns.
+	SSRC SSRC `json:"ssrc"`
+
+	// Kind is either "audio" or "video"
+	Kind string `json:"kind"`
+
+	// It is a unique identifier that is associated to the object that was inspected
+	// to produce the TransportStats associated with this RTP stream.
+	TransportID string `json:"transportId"`
+
+	// CodecID is a unique identifier that is associated to the object that was inspected
+	// to produce the CodecStats associated with this RTP stream.
+	CodecID string `json:"codecId"`
+
+	// FIRCount counts the total number of Full Intra Request (FIR) packets received
+	// by the sender. This metric is only valid for video and is sent by receiver.
+	FIRCount uint32 `json:"firCount"`
+
+	// PLICount counts the total number of Picture Loss Indication (PLI) packets
+	// received by the sender. This metric is only valid for video and is sent by receiver.
+	PLICount uint32 `json:"pliCount"`
+
+	// NACKCount counts the total number of Negative ACKnowledgement (NACK) packets
+	// received by the sender and is sent by receiver.
+	NACKCount uint32 `json:"nackCount"`
+
+	// SLICount counts the total number of Slice Loss Indication (SLI) packets received
+	// by the sender. This metric is only valid for video and is sent by receiver.
+	SLICount uint32 `json:"sliCount"`
+
+	// QPSum is the sum of the QP values of frames passed. The count of frames is
+	// in FramesDecoded for inbound stream stats, and in FramesEncoded for outbound stream stats.
+	QPSum uint64 `json:"qpSum"`
+
+	// PacketsReceived is the total number of RTP packets received for this SSRC.
+	PacketsReceived uint32 `json:"packetsReceived"`
+
+	// PacketsLost is the total number of RTP packets lost for this SSRC. Note that
+	// because of how this is estimated, it can be negative if more packets are received than sent.
+	PacketsLost int32 `json:"packetsLost"`
+
+	// Jitter is the packet jitter measured in seconds for this SSRC
+	Jitter float64 `json:"jitter"`
+
+	// PacketsDiscarded is the cumulative number of RTP packets discarded by the jitter
+	// buffer due to late or early-arrival, i.e., these packets are not played out.
+	// RTP packets discarded due to packet duplication are not reported in this metric.
+	PacketsDiscarded uint32 `json:"packetsDiscarded"`
+
+	// PacketsRepaired is the cumulative number of lost RTP packets repaired after applying
+	// an error-resilience mechanism. It is measured for the primary source RTP packets
+	// and only counted for RTP packets that have no further chance of repair.
+	PacketsRepaired uint32 `json:"packetsRepaired"`
+
+	// BurstPacketsLost is the cumulative number of RTP packets lost during loss bursts.
+	BurstPacketsLost uint32 `json:"burstPacketsLost"`
+
+	// BurstPacketsDiscarded is the cumulative number of RTP packets discarded during discard bursts.
+	BurstPacketsDiscarded uint32 `json:"burstPacketsDiscarded"`
+
+	// BurstLossCount is the cumulative number of bursts of lost RTP packets.
+	BurstLossCount uint32 `json:"burstLossCount"`
+
+	// BurstDiscardCount is the cumulative number of bursts of discarded RTP packets.
+	BurstDiscardCount uint32 `json:"burstDiscardCount"`
+
+	// BurstLossRate is the fraction of RTP packets lost during bursts to the
+	// total number of RTP packets expected in the bursts.
+	BurstLossRate float64 `json:"burstLossRate"`
+
+	// BurstDiscardRate is the fraction of RTP packets discarded during bursts to
+	// the total number of RTP packets expected in bursts.
+	BurstDiscardRate float64 `json:"burstDiscardRate"`
+
+	// GapLossRate is the fraction of RTP packets lost during the gap periods.
+	GapLossRate float64 `json:"gapLossRate"`
+
+	// GapDiscardRate is the fraction of RTP packets discarded during the gap periods.
+	GapDiscardRate float64 `json:"gapDiscardRate"`
+
+	// LocalID is used for looking up the local OutboundRTPStreamStats object for the same SSRC.
+	LocalID string `json:"localId"`
+
+	// RoundTripTime is the estimated round trip time for this SSRC based on the
+	// RTCP timestamps in the RTCP Receiver Report (RR) and measured in seconds.
+	RoundTripTime float64 `json:"roundTripTime"`
+
+	// FractionLost is the fraction packet loss reported for this SSRC.
+	FractionLost float64 `json:"fractionLost"`
+}
+
+func (s RemoteInboundRTPStreamStats) statsMarker() {}
+
+func unmarshalRemoteInboundRTPStreamStats(b []byte) (RemoteInboundRTPStreamStats, error) {
+	var remoteInboundRTPStreamStats RemoteInboundRTPStreamStats
+	err := json.Unmarshal(b, &remoteInboundRTPStreamStats)
+	if err != nil {
+		return RemoteInboundRTPStreamStats{}, fmt.Errorf("unmarshal remote inbound rtp stream stats: %w", err)
+	}
+	return remoteInboundRTPStreamStats, nil
+}
+
+// RemoteOutboundRTPStreamStats contains statistics for the remote endpoint's outbound
+// RTP stream corresponding to an inbound stream that is currently received with this
+// PeerConnection object. It is measured at the remote endpoint and reported in an
+// RTCP Sender Report (SR).
+type RemoteOutboundRTPStreamStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// SSRC is the 32-bit unsigned integer value used to identify the source of the
+	// stream of RTP packets that this stats object concerns.
+	SSRC SSRC `json:"ssrc"`
+
+	// Kind is either "audio" or "video"
+	Kind string `json:"kind"`
+
+	// It is a unique identifier that is associated to the object that was inspected
+	// to produce the TransportStats associated with this RTP stream.
+	TransportID string `json:"transportId"`
+
+	// CodecID is a unique identifier that is associated to the object that was inspected
+	// to produce the CodecStats associated with this RTP stream.
+	CodecID string `json:"codecId"`
+
+	// FIRCount counts the total number of Full Intra Request (FIR) packets received
+	// by the sender. This metric is only valid for video and is sent by receiver.
+	FIRCount uint32 `json:"firCount"`
+
+	// PLICount counts the total number of Picture Loss Indication (PLI) packets
+	// received by the sender. This metric is only valid for video and is sent by receiver.
+	PLICount uint32 `json:"pliCount"`
+
+	// NACKCount counts the total number of Negative ACKnowledgement (NACK) packets
+	// received by the sender and is sent by receiver.
+	NACKCount uint32 `json:"nackCount"`
+
+	// SLICount counts the total number of Slice Loss Indication (SLI) packets received
+	// by the sender. This metric is only valid for video and is sent by receiver.
+	SLICount uint32 `json:"sliCount"`
+
+	// QPSum is the sum of the QP values of frames passed. The count of frames is
+	// in FramesDecoded for inbound stream stats, and in FramesEncoded for outbound stream stats.
+	QPSum uint64 `json:"qpSum"`
+
+	// PacketsSent is the total number of RTP packets sent for this SSRC.
+	PacketsSent uint32 `json:"packetsSent"`
+
+	// PacketsDiscardedOnSend is the total number of RTP packets for this SSRC that
+	// have been discarded due to socket errors, i.e. a socket error occurred when handing
+	// the packets to the socket. This might happen due to various reasons, including
+	// full buffer or no available memory.
+	PacketsDiscardedOnSend uint32 `json:"packetsDiscardedOnSend"`
+
+	// FECPacketsSent is the total number of RTP FEC packets sent for this SSRC.
+	// This counter can also be incremented when sending FEC packets in-band with
+	// media packets (e.g., with Opus).
+	FECPacketsSent uint32 `json:"fecPacketsSent"`
+
+	// BytesSent is the total number of bytes sent for this SSRC.
+	BytesSent uint64 `json:"bytesSent"`
+
+	// BytesDiscardedOnSend is the total number of bytes for this SSRC that have
+	// been discarded due to socket errors, i.e. a socket error occurred when handing
+	// the packets containing the bytes to the socket. This might happen due to various
+	// reasons, including full buffer or no available memory.
+	BytesDiscardedOnSend uint64 `json:"bytesDiscardedOnSend"`
+
+	// LocalID is used for looking up the local InboundRTPStreamStats object for the same SSRC.
+	LocalID string `json:"localId"`
+
+	// RemoteTimestamp represents the remote timestamp at which these statistics were
+	// sent by the remote endpoint. This differs from timestamp, which represents the
+	// time at which the statistics were generated or received by the local endpoint.
+	// The RemoteTimestamp, if present, is derived from the NTP timestamp in an RTCP
+	// Sender Report (SR) packet, which reflects the remote endpoint's clock.
+	// That clock may not be synchronized with the local clock.
+	RemoteTimestamp StatsTimestamp `json:"remoteTimestamp"`
+}
+
+func (s RemoteOutboundRTPStreamStats) statsMarker() {}
+
+func unmarshalRemoteOutboundRTPStreamStats(b []byte) (RemoteOutboundRTPStreamStats, error) {
+	var remoteOutboundRTPStreamStats RemoteOutboundRTPStreamStats
+	err := json.Unmarshal(b, &remoteOutboundRTPStreamStats)
+	if err != nil {
+		return RemoteOutboundRTPStreamStats{}, fmt.Errorf("unmarshal remote outbound rtp stream stats: %w", err)
+	}
+	return remoteOutboundRTPStreamStats, nil
+}
+
+// RTPContributingSourceStats contains statistics for a contributing source (CSRC) that contributed
+// to an inbound RTP stream.
+type RTPContributingSourceStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// ContributorSSRC is the SSRC identifier of the contributing source represented
+	// by this stats object. It is a 32-bit unsigned integer that appears in the CSRC
+	// list of any packets the relevant source contributed to.
+	ContributorSSRC SSRC `json:"contributorSsrc"`
+
+	// InboundRTPStreamID is the ID of the InboundRTPStreamStats object representing
+	// the inbound RTP stream that this contributing source is contributing to.
+	InboundRTPStreamID string `json:"inboundRtpStreamId"`
+
+	// PacketsContributedTo is the total number of RTP packets that this contributing
+	// source contributed to. This value is incremented each time a packet is counted
+	// by InboundRTPStreamStats.packetsReceived, and the packet's CSRC list contains
+	// the SSRC identifier of this contributing source, ContributorSSRC.
+	PacketsContributedTo uint32 `json:"packetsContributedTo"`
+
+	// AudioLevel is present if the last received RTP packet that this source contributed
+	// to contained an [RFC6465] mixer-to-client audio level header extension. The value
+	// of audioLevel is between 0..1 (linear), where 1.0 represents 0 dBov, 0 represents
+	// silence, and 0.5 represents approximately 6 dBSPL change in the sound pressure level from 0 dBov.
+	AudioLevel float64 `json:"audioLevel"`
+}
+
+func (s RTPContributingSourceStats) statsMarker() {}
+
+func unmarshalCSRCStats(b []byte) (RTPContributingSourceStats, error) {
+	var csrcStats RTPContributingSourceStats
+	err := json.Unmarshal(b, &csrcStats)
+	if err != nil {
+		return RTPContributingSourceStats{}, fmt.Errorf("unmarshal csrc stats: %w", err)
+	}
+	return csrcStats, nil
+}
+
+// AudioSourceStats represents an audio track that is attached to one or more senders.
+type AudioSourceStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// TrackIdentifier represents the id property of the track.
+	TrackIdentifier string `json:"trackIdentifier"`
+
+	// Kind is "audio"
+	Kind string `json:"kind"`
+
+	// AudioLevel represents the output audio level of the track.
+	//
+	// The value is a value between 0..1 (linear), where 1.0 represents 0 dBov,
+	// 0 represents silence, and 0.5 represents approximately 6 dBSPL change in
+	// the sound pressure level from 0 dBov.
+	//
+	// If the track is sourced from an Receiver, does no audio processing, has a
+	// constant level, and has a volume setting of 1.0, the audio level is expected
+	// to be the same as the audio level of the source SSRC, while if the volume setting
+	// is 0.5, the AudioLevel is expected to be half that value.
+	AudioLevel float64 `json:"audioLevel"`
+
+	// TotalAudioEnergy is the total energy of all the audio samples sent/received
+	// for this object, calculated by duration * Math.pow(energy/maxEnergy, 2) for
+	// each audio sample seen.
+	TotalAudioEnergy float64 `json:"totalAudioEnergy"`
+
+	// TotalSamplesDuration represents the total duration in seconds of all samples
+	// that have sent or received (and thus counted by TotalSamplesSent or TotalSamplesReceived).
+	// Can be used with TotalAudioEnergy to compute an average audio level over different intervals.
+	TotalSamplesDuration float64 `json:"totalSamplesDuration"`
+
+	// EchoReturnLoss is only present while the sender is sending a track sourced from
+	// a microphone where echo cancellation is applied. Calculated in decibels.
+	EchoReturnLoss float64 `json:"echoReturnLoss"`
+
+	// EchoReturnLossEnhancement is only present while the sender is sending a track
+	// sourced from a microphone where echo cancellation is applied. Calculated in decibels.
+	EchoReturnLossEnhancement float64 `json:"echoReturnLossEnhancement"`
+
+	// DroppedSamplesDuration represents the total duration, in seconds, of samples produced by the device that got
+	// dropped before reaching the media source. Only applicable if this media source is backed by an audio capture device.
+	DroppedSamplesDuration float64 `json:"droppedSamplesDuration"`
+
+	// DroppedSamplesEvents is the number of dropped samples events. This counter increases every time a sample is
+	// dropped after a non-dropped sample. That is, multiple consecutive dropped samples will increase
+	// droppedSamplesDuration multiple times but is a single dropped samples event.
+	DroppedSamplesEvents uint64 `json:"droppedSamplesEvents"`
+
+	// TotalCaptureDelay is the total delay, in seconds, for each audio sample between the time the sample was emitted
+	// by the capture device and the sample reaching the source. This can be used together with totalSamplesCaptured to
+	// calculate the average capture delay per sample. Only applicable if the audio source represents an audio capture device.
+	TotalCaptureDelay float64 `json:"totalCaptureDelay"`
+
+	// TotalSamplesCaptured is the total number of captured samples reaching the audio source, i.e. that were not dropped
+	// by the capture pipeline. The frequency of the media source is not necessarily the same as the frequency of encoders
+	// later in the pipeline. Only applicable if the audio source represents an audio capture device.
+	TotalSamplesCaptured uint64 `json:"totalSamplesCaptured"`
+}
+
+func (s AudioSourceStats) statsMarker() {}
+
+// VideoSourceStats represents a video track that is attached to one or more senders.
+type VideoSourceStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// TrackIdentifier represents the id property of the track.
+	TrackIdentifier string `json:"trackIdentifier"`
+
+	// Kind is "video"
+	Kind string `json:"kind"`
+
+	// Width is width of the last frame originating from this source in pixels.
+	Width uint32 `json:"width"`
+
+	// Height is height of the last frame originating from this source in pixels.
+	Height uint32 `json:"height"`
+
+	// Frames is the total number of frames originating from this source.
+	Frames uint32 `json:"frames"`
+
+	// FramesPerSecond is the number of frames originating from this source, measured during the last second.
+	FramesPerSecond float64 `json:"framesPerSecond"`
+}
+
+func (s VideoSourceStats) statsMarker() {}
+
+func unmarshalMediaSourceStats(b []byte) (Stats, error) {
+	type kindJSON struct {
+		Kind string `json:"kind"`
+	}
+	kindHolder := kindJSON{}
+
+	err := json.Unmarshal(b, &kindHolder)
+	if err != nil {
+		return nil, fmt.Errorf("unmarshal json kind: %w", err)
+	}
+
+	switch MediaKind(kindHolder.Kind) {
+	case MediaKindAudio:
+		var mediaSourceStats AudioSourceStats
+		err := json.Unmarshal(b, &mediaSourceStats)
+		if err != nil {
+			return nil, fmt.Errorf("unmarshal audio source stats: %w", err)
+		}
+		return mediaSourceStats, nil
+	case MediaKindVideo:
+		var mediaSourceStats VideoSourceStats
+		err := json.Unmarshal(b, &mediaSourceStats)
+		if err != nil {
+			return nil, fmt.Errorf("unmarshal video source stats: %w", err)
+		}
+		return mediaSourceStats, nil
+	default:
+		return nil, fmt.Errorf("kind: %w", ErrUnknownType)
+	}
+}
+
+// AudioPlayoutStats represents one playout path - if the same playout stats object is referenced by multiple
+// RTCInboundRtpStreamStats this is an indication that audio mixing is happening in which case sample counters in this
+// stats object refer to the samples after mixing. Only applicable if the playout path represents an audio device.
+type AudioPlayoutStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// Kind is "audio"
+	Kind string `json:"kind"`
+
+	// SynthesizedSamplesDuration is measured in seconds and is incremented each time an audio sample is synthesized by
+	// this playout path. This metric can be used together with totalSamplesDuration to calculate the percentage of played
+	// out media being synthesized. If the playout path is unable to produce audio samples on time for device playout,
+	// samples are synthesized to be playout out instead. Synthesization typically only happens if the pipeline is
+	// underperforming. Samples synthesized by the RTCInboundRtpStreamStats are not counted for here, but in
+	// InboundRtpStreamStats.concealedSamples.
+	SynthesizedSamplesDuration float64 `json:"synthesizedSamplesDuration"`
+
+	// SynthesizedSamplesEvents is the number of synthesized samples events. This counter increases every time a sample
+	// is synthesized after a non-synthesized sample. That is, multiple consecutive synthesized samples will increase
+	// synthesizedSamplesDuration multiple times but is a single synthesization samples event.
+	SynthesizedSamplesEvents uint64 `json:"synthesizedSamplesEvents"`
+
+	// TotalSamplesDuration represents the total duration in seconds of all samples
+	// that have sent or received (and thus counted by TotalSamplesSent or TotalSamplesReceived).
+	// Can be used with TotalAudioEnergy to compute an average audio level over different intervals.
+	TotalSamplesDuration float64 `json:"totalSamplesDuration"`
+
+	// When audio samples are pulled by the playout device, this counter is incremented with the estimated delay of the
+	// playout path for that audio sample. The playout delay includes the delay from being emitted to the actual time of
+	// playout on the device. This metric can be used together with totalSamplesCount to calculate the average
+	// playout delay per sample.
+	TotalPlayoutDelay float64 `json:"totalPlayoutDelay"`
+
+	// When audio samples are pulled by the playout device, this counter is incremented with the number of samples
+	// emitted for playout.
+	TotalSamplesCount uint64 `json:"totalSamplesCount"`
+}
+
+func (s AudioPlayoutStats) statsMarker() {}
+
+func unmarshalMediaPlayoutStats(b []byte) (Stats, error) {
+	var audioPlayoutStats AudioPlayoutStats
+	err := json.Unmarshal(b, &audioPlayoutStats)
+	if err != nil {
+		return nil, fmt.Errorf("unmarshal audio playout stats: %w", err)
+	}
+	return audioPlayoutStats, nil
+}
+
+// PeerConnectionStats contains statistics related to the PeerConnection object.
+type PeerConnectionStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// DataChannelsOpened represents the number of unique DataChannels that have
+	// entered the "open" state during their lifetime.
+	DataChannelsOpened uint32 `json:"dataChannelsOpened"`
+
+	// DataChannelsClosed represents the number of unique DataChannels that have
+	// left the "open" state during their lifetime (due to being closed by either
+	// end or the underlying transport being closed). DataChannels that transition
+	// from "connecting" to "closing" or "closed" without ever being "open"
+	// are not counted in this number.
+	DataChannelsClosed uint32 `json:"dataChannelsClosed"`
+
+	// DataChannelsRequested Represents the number of unique DataChannels returned
+	// from a successful createDataChannel() call on the PeerConnection. If the
+	// underlying data transport is not established, these may be in the "connecting" state.
+	DataChannelsRequested uint32 `json:"dataChannelsRequested"`
+
+	// DataChannelsAccepted represents the number of unique DataChannels signaled
+	// in a "datachannel" event on the PeerConnection.
+	DataChannelsAccepted uint32 `json:"dataChannelsAccepted"`
+}
+
+func (s PeerConnectionStats) statsMarker() {}
+
+func unmarshalPeerConnectionStats(b []byte) (PeerConnectionStats, error) {
+	var pcStats PeerConnectionStats
+	err := json.Unmarshal(b, &pcStats)
+	if err != nil {
+		return PeerConnectionStats{}, fmt.Errorf("unmarshal pc stats: %w", err)
+	}
+	return pcStats, nil
+}
+
+// DataChannelStats contains statistics related to each DataChannel ID.
+type DataChannelStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// Label is the "label" value of the DataChannel object.
+	Label string `json:"label"`
+
+	// Protocol is the "protocol" value of the DataChannel object.
+	Protocol string `json:"protocol"`
+
+	// DataChannelIdentifier is the "id" attribute of the DataChannel object.
+	DataChannelIdentifier int32 `json:"dataChannelIdentifier"`
+
+	// TransportID the ID of the TransportStats object for transport used to carry this datachannel.
+	TransportID string `json:"transportId"`
+
+	// State is the "readyState" value of the DataChannel object.
+	State DataChannelState `json:"state"`
+
+	// MessagesSent represents the total number of API "message" events sent.
+	MessagesSent uint32 `json:"messagesSent"`
+
+	// BytesSent represents the total number of payload bytes sent on this
+	// datachannel not including headers or padding.
+	BytesSent uint64 `json:"bytesSent"`
+
+	// MessagesReceived represents the total number of API "message" events received.
+	MessagesReceived uint32 `json:"messagesReceived"`
+
+	// BytesReceived represents the total number of bytes received on this
+	// datachannel not including headers or padding.
+	BytesReceived uint64 `json:"bytesReceived"`
+}
+
+func (s DataChannelStats) statsMarker() {}
+
+func unmarshalDataChannelStats(b []byte) (DataChannelStats, error) {
+	var dataChannelStats DataChannelStats
+	err := json.Unmarshal(b, &dataChannelStats)
+	if err != nil {
+		return DataChannelStats{}, fmt.Errorf("unmarshal data channel stats: %w", err)
+	}
+	return dataChannelStats, nil
+}
+
+// MediaStreamStats contains statistics related to a specific MediaStream.
+type MediaStreamStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// StreamIdentifier is the "id" property of the MediaStream
+	StreamIdentifier string `json:"streamIdentifier"`
+
+	// TrackIDs is a list of the identifiers of the stats object representing the
+	// stream's tracks, either ReceiverAudioTrackAttachmentStats or ReceiverVideoTrackAttachmentStats.
+	TrackIDs []string `json:"trackIds"`
+}
+
+func (s MediaStreamStats) statsMarker() {}
+
+func unmarshalStreamStats(b []byte) (MediaStreamStats, error) {
+	var streamStats MediaStreamStats
+	err := json.Unmarshal(b, &streamStats)
+	if err != nil {
+		return MediaStreamStats{}, fmt.Errorf("unmarshal stream stats: %w", err)
+	}
+	return streamStats, nil
+}
+
+// AudioSenderStats represents the stats about one audio sender of a PeerConnection
+// object for which one calls GetStats.
+//
+// It appears in the stats as soon as the RTPSender is added by either AddTrack
+// or AddTransceiver, or by media negotiation.
+type AudioSenderStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// TrackIdentifier represents the id property of the track.
+	TrackIdentifier string `json:"trackIdentifier"`
+
+	// RemoteSource is true if the source is remote, for instance if it is sourced
+	// from another host via a PeerConnection. False otherwise. Only applicable for 'track' stats.
+	RemoteSource bool `json:"remoteSource"`
+
+	// Ended reflects the "ended" state of the track.
+	Ended bool `json:"ended"`
+
+	// Kind is "audio"
+	Kind string `json:"kind"`
+
+	// AudioLevel represents the output audio level of the track.
+	//
+	// The value is a value between 0..1 (linear), where 1.0 represents 0 dBov,
+	// 0 represents silence, and 0.5 represents approximately 6 dBSPL change in
+	// the sound pressure level from 0 dBov.
+	//
+	// If the track is sourced from an Receiver, does no audio processing, has a
+	// constant level, and has a volume setting of 1.0, the audio level is expected
+	// to be the same as the audio level of the source SSRC, while if the volume setting
+	// is 0.5, the AudioLevel is expected to be half that value.
+	//
+	// For outgoing audio tracks, the AudioLevel is the level of the audio being sent.
+	AudioLevel float64 `json:"audioLevel"`
+
+	// TotalAudioEnergy is the total energy of all the audio samples sent/received
+	// for this object, calculated by duration * Math.pow(energy/maxEnergy, 2) for
+	// each audio sample seen.
+	TotalAudioEnergy float64 `json:"totalAudioEnergy"`
+
+	// VoiceActivityFlag represents whether the last RTP packet sent or played out
+	// by this track contained voice activity or not based on the presence of the
+	// V bit in the extension header, as defined in [RFC6464].
+	//
+	// This value indicates the voice activity in the latest RTP packet played out
+	// from a given SSRC, and is defined in RTPSynchronizationSource.voiceActivityFlag.
+	VoiceActivityFlag bool `json:"voiceActivityFlag"`
+
+	// TotalSamplesDuration represents the total duration in seconds of all samples
+	// that have sent or received (and thus counted by TotalSamplesSent or TotalSamplesReceived).
+	// Can be used with TotalAudioEnergy to compute an average audio level over different intervals.
+	TotalSamplesDuration float64 `json:"totalSamplesDuration"`
+
+	// EchoReturnLoss is only present while the sender is sending a track sourced from
+	// a microphone where echo cancellation is applied. Calculated in decibels.
+	EchoReturnLoss float64 `json:"echoReturnLoss"`
+
+	// EchoReturnLossEnhancement is only present while the sender is sending a track
+	// sourced from a microphone where echo cancellation is applied. Calculated in decibels.
+	EchoReturnLossEnhancement float64 `json:"echoReturnLossEnhancement"`
+
+	// TotalSamplesSent is the total number of samples that have been sent by this sender.
+	TotalSamplesSent uint64 `json:"totalSamplesSent"`
+}
+
+func (s AudioSenderStats) statsMarker() {}
+
+// SenderAudioTrackAttachmentStats object represents the stats about one attachment
+// of an audio MediaStreamTrack to the PeerConnection object for which one calls GetStats.
+//
+// It appears in the stats as soon as it is attached (via AddTrack, via AddTransceiver,
+// via ReplaceTrack on an RTPSender object).
+//
+// If an audio track is attached twice (via AddTransceiver or ReplaceTrack), there
+// will be two SenderAudioTrackAttachmentStats objects, one for each attachment.
+// They will have the same "TrackIdentifier" attribute, but different "ID" attributes.
+//
+// If the track is detached from the PeerConnection (via removeTrack or via replaceTrack),
+// it continues to appear, but with the "ObjectDeleted" member set to true.
+type SenderAudioTrackAttachmentStats AudioSenderStats
+
+func (s SenderAudioTrackAttachmentStats) statsMarker() {}
+
+// VideoSenderStats represents the stats about one video sender of a PeerConnection
+// object for which one calls GetStats.
+//
+// It appears in the stats as soon as the sender is added by either AddTrack or
+// AddTransceiver, or by media negotiation.
+type VideoSenderStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// Kind is "video"
+	Kind string `json:"kind"`
+
+	// FramesCaptured represents the total number of frames captured, before encoding,
+	// for this RTPSender (or for this MediaStreamTrack, if type is "track"). For example,
+	// if type is "sender" and this sender's track represents a camera, then this is the
+	// number of frames produced by the camera for this track while being sent by this sender,
+	// combined with the number of frames produced by all tracks previously attached to this
+	// sender while being sent by this sender. Framerates can vary due to hardware limitations
+	// or environmental factors such as lighting conditions.
+	FramesCaptured uint32 `json:"framesCaptured"`
+
+	// FramesSent represents the total number of frames sent by this RTPSender
+	// (or for this MediaStreamTrack, if type is "track").
+	FramesSent uint32 `json:"framesSent"`
+
+	// HugeFramesSent represents the total number of huge frames sent by this RTPSender
+	// (or for this MediaStreamTrack, if type is "track"). Huge frames, by definition,
+	// are frames that have an encoded size at least 2.5 times the average size of the frames.
+	// The average size of the frames is defined as the target bitrate per second divided
+	// by the target fps at the time the frame was encoded. These are usually complex
+	// to encode frames with a lot of changes in the picture. This can be used to estimate,
+	// e.g slide changes in the streamed presentation. If a huge frame is also a key frame,
+	// then both counters HugeFramesSent and KeyFramesSent are incremented.
+	HugeFramesSent uint32 `json:"hugeFramesSent"`
+
+	// KeyFramesSent represents the total number of key frames sent by this RTPSender
+	// (or for this MediaStreamTrack, if type is "track"), such as Infra-frames in
+	// VP8 [RFC6386] or I-frames in H.264 [RFC6184]. This is a subset of FramesSent.
+	// FramesSent - KeyFramesSent gives you the number of delta frames sent.
+	KeyFramesSent uint32 `json:"keyFramesSent"`
+}
+
+func (s VideoSenderStats) statsMarker() {}
+
+// SenderVideoTrackAttachmentStats represents the stats about one attachment of a
+// video MediaStreamTrack to the PeerConnection object for which one calls GetStats.
+//
+// It appears in the stats as soon as it is attached (via AddTrack, via AddTransceiver,
+// via ReplaceTrack on an RTPSender object).
+//
+// If a video track is attached twice (via AddTransceiver or ReplaceTrack), there
+// will be two SenderVideoTrackAttachmentStats objects, one for each attachment.
+// They will have the same "TrackIdentifier" attribute, but different "ID" attributes.
+//
+// If the track is detached from the PeerConnection (via RemoveTrack or via ReplaceTrack),
+// it continues to appear, but with the "ObjectDeleted" member set to true.
+type SenderVideoTrackAttachmentStats VideoSenderStats
+
+func (s SenderVideoTrackAttachmentStats) statsMarker() {}
+
+func unmarshalSenderStats(b []byte) (Stats, error) {
+	type kindJSON struct {
+		Kind string `json:"kind"`
+	}
+	kindHolder := kindJSON{}
+
+	err := json.Unmarshal(b, &kindHolder)
+	if err != nil {
+		return nil, fmt.Errorf("unmarshal json kind: %w", err)
+	}
+
+	switch MediaKind(kindHolder.Kind) {
+	case MediaKindAudio:
+		var senderStats AudioSenderStats
+		err := json.Unmarshal(b, &senderStats)
+		if err != nil {
+			return nil, fmt.Errorf("unmarshal audio sender stats: %w", err)
+		}
+		return senderStats, nil
+	case MediaKindVideo:
+		var senderStats VideoSenderStats
+		err := json.Unmarshal(b, &senderStats)
+		if err != nil {
+			return nil, fmt.Errorf("unmarshal video sender stats: %w", err)
+		}
+		return senderStats, nil
+	default:
+		return nil, fmt.Errorf("kind: %w", ErrUnknownType)
+	}
+}
+
+func unmarshalTrackStats(b []byte) (Stats, error) {
+	type kindJSON struct {
+		Kind string `json:"kind"`
+	}
+	kindHolder := kindJSON{}
+
+	err := json.Unmarshal(b, &kindHolder)
+	if err != nil {
+		return nil, fmt.Errorf("unmarshal json kind: %w", err)
+	}
+
+	switch MediaKind(kindHolder.Kind) {
+	case MediaKindAudio:
+		var trackStats SenderAudioTrackAttachmentStats
+		err := json.Unmarshal(b, &trackStats)
+		if err != nil {
+			return nil, fmt.Errorf("unmarshal audio track stats: %w", err)
+		}
+		return trackStats, nil
+	case MediaKindVideo:
+		var trackStats SenderVideoTrackAttachmentStats
+		err := json.Unmarshal(b, &trackStats)
+		if err != nil {
+			return nil, fmt.Errorf("unmarshal video track stats: %w", err)
+		}
+		return trackStats, nil
+	default:
+		return nil, fmt.Errorf("kind: %w", ErrUnknownType)
+	}
+}
+
+// AudioReceiverStats contains audio metrics related to a specific receiver.
+type AudioReceiverStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// Kind is "audio"
+	Kind string `json:"kind"`
+
+	// AudioLevel represents the output audio level of the track.
+	//
+	// The value is a value between 0..1 (linear), where 1.0 represents 0 dBov,
+	// 0 represents silence, and 0.5 represents approximately 6 dBSPL change in
+	// the sound pressure level from 0 dBov.
+	//
+	// If the track is sourced from an Receiver, does no audio processing, has a
+	// constant level, and has a volume setting of 1.0, the audio level is expected
+	// to be the same as the audio level of the source SSRC, while if the volume setting
+	// is 0.5, the AudioLevel is expected to be half that value.
+	//
+	// For outgoing audio tracks, the AudioLevel is the level of the audio being sent.
+	AudioLevel float64 `json:"audioLevel"`
+
+	// TotalAudioEnergy is the total energy of all the audio samples sent/received
+	// for this object, calculated by duration * Math.pow(energy/maxEnergy, 2) for
+	// each audio sample seen.
+	TotalAudioEnergy float64 `json:"totalAudioEnergy"`
+
+	// VoiceActivityFlag represents whether the last RTP packet sent or played out
+	// by this track contained voice activity or not based on the presence of the
+	// V bit in the extension header, as defined in [RFC6464].
+	//
+	// This value indicates the voice activity in the latest RTP packet played out
+	// from a given SSRC, and is defined in RTPSynchronizationSource.voiceActivityFlag.
+	VoiceActivityFlag bool `json:"voiceActivityFlag"`
+
+	// TotalSamplesDuration represents the total duration in seconds of all samples
+	// that have sent or received (and thus counted by TotalSamplesSent or TotalSamplesReceived).
+	// Can be used with TotalAudioEnergy to compute an average audio level over different intervals.
+	TotalSamplesDuration float64 `json:"totalSamplesDuration"`
+
+	// EstimatedPlayoutTimestamp is the estimated playout time of this receiver's
+	// track. The playout time is the NTP timestamp of the last playable sample that
+	// has a known timestamp (from an RTCP SR packet mapping RTP timestamps to NTP
+	// timestamps), extrapolated with the time elapsed since it was ready to be played out.
+	// This is the "current time" of the track in NTP clock time of the sender and
+	// can be present even if there is no audio currently playing.
+	//
+	// This can be useful for estimating how much audio and video is out of
+	// sync for two tracks from the same source:
+	// 		AudioTrackStats.EstimatedPlayoutTimestamp - VideoTrackStats.EstimatedPlayoutTimestamp
+	EstimatedPlayoutTimestamp StatsTimestamp `json:"estimatedPlayoutTimestamp"`
+
+	// JitterBufferDelay is the sum of the time, in seconds, each sample takes from
+	// the time it is received and to the time it exits the jitter buffer.
+	// This increases upon samples exiting, having completed their time in the buffer
+	// (incrementing JitterBufferEmittedCount). The average jitter buffer delay can
+	// be calculated by dividing the JitterBufferDelay with the JitterBufferEmittedCount.
+	JitterBufferDelay float64 `json:"jitterBufferDelay"`
+
+	// JitterBufferEmittedCount is the total number of samples that have come out
+	// of the jitter buffer (increasing JitterBufferDelay).
+	JitterBufferEmittedCount uint64 `json:"jitterBufferEmittedCount"`
+
+	// TotalSamplesReceived is the total number of samples that have been received
+	// by this receiver. This includes ConcealedSamples.
+	TotalSamplesReceived uint64 `json:"totalSamplesReceived"`
+
+	// ConcealedSamples is the total number of samples that are concealed samples.
+	// A concealed sample is a sample that is based on data that was synthesized
+	// to conceal packet loss and does not represent incoming data.
+	ConcealedSamples uint64 `json:"concealedSamples"`
+
+	// ConcealmentEvents is the number of concealment events. This counter increases
+	// every time a concealed sample is synthesized after a non-concealed sample.
+	// That is, multiple consecutive concealed samples will increase the concealedSamples
+	// count multiple times but is a single concealment event.
+	ConcealmentEvents uint64 `json:"concealmentEvents"`
+}
+
+func (s AudioReceiverStats) statsMarker() {}
+
+// VideoReceiverStats contains video metrics related to a specific receiver.
+type VideoReceiverStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// Kind is "video"
+	Kind string `json:"kind"`
+
+	// FrameWidth represents the width of the last processed frame for this track.
+	// Before the first frame is processed this attribute is missing.
+	FrameWidth uint32 `json:"frameWidth"`
+
+	// FrameHeight represents the height of the last processed frame for this track.
+	// Before the first frame is processed this attribute is missing.
+	FrameHeight uint32 `json:"frameHeight"`
+
+	// FramesPerSecond represents the nominal FPS value before the degradation preference
+	// is applied. It is the number of complete frames in the last second. For sending
+	// tracks it is the current captured FPS and for the receiving tracks it is the
+	// current decoding framerate.
+	FramesPerSecond float64 `json:"framesPerSecond"`
+
+	// EstimatedPlayoutTimestamp is the estimated playout time of this receiver's
+	// track. The playout time is the NTP timestamp of the last playable sample that
+	// has a known timestamp (from an RTCP SR packet mapping RTP timestamps to NTP
+	// timestamps), extrapolated with the time elapsed since it was ready to be played out.
+	// This is the "current time" of the track in NTP clock time of the sender and
+	// can be present even if there is no audio currently playing.
+	//
+	// This can be useful for estimating how much audio and video is out of
+	// sync for two tracks from the same source:
+	// 		AudioTrackStats.EstimatedPlayoutTimestamp - VideoTrackStats.EstimatedPlayoutTimestamp
+	EstimatedPlayoutTimestamp StatsTimestamp `json:"estimatedPlayoutTimestamp"`
+
+	// JitterBufferDelay is the sum of the time, in seconds, each sample takes from
+	// the time it is received and to the time it exits the jitter buffer.
+	// This increases upon samples exiting, having completed their time in the buffer
+	// (incrementing JitterBufferEmittedCount). The average jitter buffer delay can
+	// be calculated by dividing the JitterBufferDelay with the JitterBufferEmittedCount.
+	JitterBufferDelay float64 `json:"jitterBufferDelay"`
+
+	// JitterBufferEmittedCount is the total number of samples that have come out
+	// of the jitter buffer (increasing JitterBufferDelay).
+	JitterBufferEmittedCount uint64 `json:"jitterBufferEmittedCount"`
+
+	// FramesReceived Represents the total number of complete frames received for
+	// this receiver. This metric is incremented when the complete frame is received.
+	FramesReceived uint32 `json:"framesReceived"`
+
+	// KeyFramesReceived represents the total number of complete key frames received
+	// for this MediaStreamTrack, such as Infra-frames in VP8 [RFC6386] or I-frames
+	// in H.264 [RFC6184]. This is a subset of framesReceived. `framesReceived - keyFramesReceived`
+	// gives you the number of delta frames received. This metric is incremented when
+	// the complete key frame is received. It is not incremented if a partial key
+	// frames is received and sent for decoding, i.e., the frame could not be recovered
+	// via retransmission or FEC.
+	KeyFramesReceived uint32 `json:"keyFramesReceived"`
+
+	// FramesDecoded represents the total number of frames correctly decoded for this
+	// SSRC, i.e., frames that would be displayed if no frames are dropped.
+	FramesDecoded uint32 `json:"framesDecoded"`
+
+	// FramesDropped is the total number of frames dropped predecode or dropped
+	// because the frame missed its display deadline for this receiver's track.
+	FramesDropped uint32 `json:"framesDropped"`
+
+	// The cumulative number of partial frames lost. This metric is incremented when
+	// the frame is sent to the decoder. If the partial frame is received and recovered
+	// via retransmission or FEC before decoding, the FramesReceived counter is incremented.
+	PartialFramesLost uint32 `json:"partialFramesLost"`
+
+	// FullFramesLost is the cumulative number of full frames lost.
+	FullFramesLost uint32 `json:"fullFramesLost"`
+}
+
+func (s VideoReceiverStats) statsMarker() {}
+
+func unmarshalReceiverStats(b []byte) (Stats, error) {
+	type kindJSON struct {
+		Kind string `json:"kind"`
+	}
+	kindHolder := kindJSON{}
+
+	err := json.Unmarshal(b, &kindHolder)
+	if err != nil {
+		return nil, fmt.Errorf("unmarshal json kind: %w", err)
+	}
+
+	switch MediaKind(kindHolder.Kind) {
+	case MediaKindAudio:
+		var receiverStats AudioReceiverStats
+		err := json.Unmarshal(b, &receiverStats)
+		if err != nil {
+			return nil, fmt.Errorf("unmarshal audio receiver stats: %w", err)
+		}
+		return receiverStats, nil
+	case MediaKindVideo:
+		var receiverStats VideoReceiverStats
+		err := json.Unmarshal(b, &receiverStats)
+		if err != nil {
+			return nil, fmt.Errorf("unmarshal video receiver stats: %w", err)
+		}
+		return receiverStats, nil
+	default:
+		return nil, fmt.Errorf("kind: %w", ErrUnknownType)
+	}
+}
+
+// TransportStats contains transport statistics related to the PeerConnection object.
+type TransportStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// PacketsSent represents the total number of packets sent over this transport.
+	PacketsSent uint32 `json:"packetsSent"`
+
+	// PacketsReceived represents the total number of packets received on this transport.
+	PacketsReceived uint32 `json:"packetsReceived"`
+
+	// BytesSent represents the total number of payload bytes sent on this PeerConnection
+	// not including headers or padding.
+	BytesSent uint64 `json:"bytesSent"`
+
+	// BytesReceived represents the total number of bytes received on this PeerConnection
+	// not including headers or padding.
+	BytesReceived uint64 `json:"bytesReceived"`
+
+	// RTCPTransportStatsID is the ID of the transport that gives stats for the RTCP
+	// component If RTP and RTCP are not multiplexed and this record has only
+	// the RTP component stats.
+	RTCPTransportStatsID string `json:"rtcpTransportStatsId"`
+
+	// ICERole is set to the current value of the "role" attribute of the underlying
+	// DTLSTransport's "transport".
+	ICERole ICERole `json:"iceRole"`
+
+	// DTLSState is set to the current value of the "state" attribute of the underlying DTLSTransport.
+	DTLSState DTLSTransportState `json:"dtlsState"`
+
+	// SelectedCandidatePairID is a unique identifier that is associated to the object
+	// that was inspected to produce the ICECandidatePairStats associated with this transport.
+	SelectedCandidatePairID string `json:"selectedCandidatePairId"`
+
+	// LocalCertificateID is the ID of the CertificateStats for the local certificate.
+	// Present only if DTLS is negotiated.
+	LocalCertificateID string `json:"localCertificateId"`
+
+	// LocalCertificateID is the ID of the CertificateStats for the remote certificate.
+	// Present only if DTLS is negotiated.
+	RemoteCertificateID string `json:"remoteCertificateId"`
+
+	// DTLSCipher is the descriptive name of the cipher suite used for the DTLS transport,
+	// as defined in the "Description" column of the IANA cipher suite registry.
+	DTLSCipher string `json:"dtlsCipher"`
+
+	// SRTPCipher is the descriptive name of the protection profile used for the SRTP
+	// transport, as defined in the "Profile" column of the IANA DTLS-SRTP protection
+	// profile registry.
+	SRTPCipher string `json:"srtpCipher"`
+}
+
+func (s TransportStats) statsMarker() {}
+
+func unmarshalTransportStats(b []byte) (TransportStats, error) {
+	var transportStats TransportStats
+	err := json.Unmarshal(b, &transportStats)
+	if err != nil {
+		return TransportStats{}, fmt.Errorf("unmarshal transport stats: %w", err)
+	}
+	return transportStats, nil
+}
+
+// StatsICECandidatePairState is the state of an ICE candidate pair used in the
+// ICECandidatePairStats object.
+type StatsICECandidatePairState string
+
+func toStatsICECandidatePairState(state ice.CandidatePairState) (StatsICECandidatePairState, error) {
+	switch state {
+	case ice.CandidatePairStateWaiting:
+		return StatsICECandidatePairStateWaiting, nil
+	case ice.CandidatePairStateInProgress:
+		return StatsICECandidatePairStateInProgress, nil
+	case ice.CandidatePairStateFailed:
+		return StatsICECandidatePairStateFailed, nil
+	case ice.CandidatePairStateSucceeded:
+		return StatsICECandidatePairStateSucceeded, nil
+	default:
+		// NOTE: this should never happen[tm]
+		err := fmt.Errorf("%w: %s", errStatsICECandidateStateInvalid, state.String())
+		return StatsICECandidatePairState("Unknown"), err
+	}
+}
+
+func toICECandidatePairStats(candidatePairStats ice.CandidatePairStats) (ICECandidatePairStats, error) {
+	state, err := toStatsICECandidatePairState(candidatePairStats.State)
+	if err != nil {
+		return ICECandidatePairStats{}, err
+	}
+
+	return ICECandidatePairStats{
+		Timestamp: statsTimestampFrom(candidatePairStats.Timestamp),
+		Type:      StatsTypeCandidatePair,
+		ID:        newICECandidatePairStatsID(candidatePairStats.LocalCandidateID, candidatePairStats.RemoteCandidateID),
+		// TransportID:
+		LocalCandidateID:            candidatePairStats.LocalCandidateID,
+		RemoteCandidateID:           candidatePairStats.RemoteCandidateID,
+		State:                       state,
+		Nominated:                   candidatePairStats.Nominated,
+		PacketsSent:                 candidatePairStats.PacketsSent,
+		PacketsReceived:             candidatePairStats.PacketsReceived,
+		BytesSent:                   candidatePairStats.BytesSent,
+		BytesReceived:               candidatePairStats.BytesReceived,
+		LastPacketSentTimestamp:     statsTimestampFrom(candidatePairStats.LastPacketSentTimestamp),
+		LastPacketReceivedTimestamp: statsTimestampFrom(candidatePairStats.LastPacketReceivedTimestamp),
+		FirstRequestTimestamp:       statsTimestampFrom(candidatePairStats.FirstRequestTimestamp),
+		LastRequestTimestamp:        statsTimestampFrom(candidatePairStats.LastRequestTimestamp),
+		LastResponseTimestamp:       statsTimestampFrom(candidatePairStats.LastResponseTimestamp),
+		TotalRoundTripTime:          candidatePairStats.TotalRoundTripTime,
+		CurrentRoundTripTime:        candidatePairStats.CurrentRoundTripTime,
+		AvailableOutgoingBitrate:    candidatePairStats.AvailableOutgoingBitrate,
+		AvailableIncomingBitrate:    candidatePairStats.AvailableIncomingBitrate,
+		CircuitBreakerTriggerCount:  candidatePairStats.CircuitBreakerTriggerCount,
+		RequestsReceived:            candidatePairStats.RequestsReceived,
+		RequestsSent:                candidatePairStats.RequestsSent,
+		ResponsesReceived:           candidatePairStats.ResponsesReceived,
+		ResponsesSent:               candidatePairStats.ResponsesSent,
+		RetransmissionsReceived:     candidatePairStats.RetransmissionsReceived,
+		RetransmissionsSent:         candidatePairStats.RetransmissionsSent,
+		ConsentRequestsSent:         candidatePairStats.ConsentRequestsSent,
+		ConsentExpiredTimestamp:     statsTimestampFrom(candidatePairStats.ConsentExpiredTimestamp),
+	}, nil
+}
+
+const (
+	// StatsICECandidatePairStateFrozen means a check for this pair hasn't been
+	// performed, and it can't yet be performed until some other check succeeds,
+	// allowing this pair to unfreeze and move into the Waiting state.
+	StatsICECandidatePairStateFrozen StatsICECandidatePairState = "frozen"
+
+	// StatsICECandidatePairStateWaiting means a check has not been performed for
+	// this pair, and can be performed as soon as it is the highest-priority Waiting
+	// pair on the check list.
+	StatsICECandidatePairStateWaiting StatsICECandidatePairState = "waiting"
+
+	// StatsICECandidatePairStateInProgress means a check has been sent for this pair,
+	// but the transaction is in progress.
+	StatsICECandidatePairStateInProgress StatsICECandidatePairState = "in-progress"
+
+	// StatsICECandidatePairStateFailed means a check for this pair was already done
+	// and failed, either never producing any response or producing an unrecoverable
+	// failure response.
+	StatsICECandidatePairStateFailed StatsICECandidatePairState = "failed"
+
+	// StatsICECandidatePairStateSucceeded means a check for this pair was already
+	// done and produced a successful result.
+	StatsICECandidatePairStateSucceeded StatsICECandidatePairState = "succeeded"
+)
+
+// ICECandidatePairStats contains ICE candidate pair statistics related
+// to the ICETransport objects.
+type ICECandidatePairStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// TransportID is a unique identifier that is associated to the object that
+	// was inspected to produce the TransportStats associated with this candidate pair.
+	TransportID string `json:"transportId"`
+
+	// LocalCandidateID is a unique identifier that is associated to the object
+	// that was inspected to produce the ICECandidateStats for the local candidate
+	// associated with this candidate pair.
+	LocalCandidateID string `json:"localCandidateId"`
+
+	// RemoteCandidateID is a unique identifier that is associated to the object
+	// that was inspected to produce the ICECandidateStats for the remote candidate
+	// associated with this candidate pair.
+	RemoteCandidateID string `json:"remoteCandidateId"`
+
+	// State represents the state of the checklist for the local and remote
+	// candidates in a pair.
+	State StatsICECandidatePairState `json:"state"`
+
+	// Nominated is true when this valid pair that should be used for media
+	// if it is the highest-priority one amongst those whose nominated flag is set
+	Nominated bool `json:"nominated"`
+
+	// PacketsSent represents the total number of packets sent on this candidate pair.
+	PacketsSent uint32 `json:"packetsSent"`
+
+	// PacketsReceived represents the total number of packets received on this candidate pair.
+	PacketsReceived uint32 `json:"packetsReceived"`
+
+	// BytesSent represents the total number of payload bytes sent on this candidate pair
+	// not including headers or padding.
+	BytesSent uint64 `json:"bytesSent"`
+
+	// BytesReceived represents the total number of payload bytes received on this candidate pair
+	// not including headers or padding.
+	BytesReceived uint64 `json:"bytesReceived"`
+
+	// LastPacketSentTimestamp represents the timestamp at which the last packet was
+	// sent on this particular candidate pair, excluding STUN packets.
+	LastPacketSentTimestamp StatsTimestamp `json:"lastPacketSentTimestamp"`
+
+	// LastPacketReceivedTimestamp represents the timestamp at which the last packet
+	// was received on this particular candidate pair, excluding STUN packets.
+	LastPacketReceivedTimestamp StatsTimestamp `json:"lastPacketReceivedTimestamp"`
+
+	// FirstRequestTimestamp represents the timestamp at which the first STUN request
+	// was sent on this particular candidate pair.
+	FirstRequestTimestamp StatsTimestamp `json:"firstRequestTimestamp"`
+
+	// LastRequestTimestamp represents the timestamp at which the last STUN request
+	// was sent on this particular candidate pair. The average interval between two
+	// consecutive connectivity checks sent can be calculated with
+	// (LastRequestTimestamp - FirstRequestTimestamp) / RequestsSent.
+	LastRequestTimestamp StatsTimestamp `json:"lastRequestTimestamp"`
+
+	// LastResponseTimestamp represents the timestamp at which the last STUN response
+	// was received on this particular candidate pair.
+	LastResponseTimestamp StatsTimestamp `json:"lastResponseTimestamp"`
+
+	// TotalRoundTripTime represents the sum of all round trip time measurements
+	// in seconds since the beginning of the session, based on STUN connectivity
+	// check responses (ResponsesReceived), including those that reply to requests
+	// that are sent in order to verify consent. The average round trip time can
+	// be computed from TotalRoundTripTime by dividing it by ResponsesReceived.
+	TotalRoundTripTime float64 `json:"totalRoundTripTime"`
+
+	// CurrentRoundTripTime represents the latest round trip time measured in seconds,
+	// computed from both STUN connectivity checks, including those that are sent
+	// for consent verification.
+	CurrentRoundTripTime float64 `json:"currentRoundTripTime"`
+
+	// AvailableOutgoingBitrate is calculated by the underlying congestion control
+	// by combining the available bitrate for all the outgoing RTP streams using
+	// this candidate pair. The bitrate measurement does not count the size of the
+	// IP or other transport layers like TCP or UDP. It is similar to the TIAS defined
+	// in RFC 3890, i.e., it is measured in bits per second and the bitrate is calculated
+	// over a 1 second window.
+	AvailableOutgoingBitrate float64 `json:"availableOutgoingBitrate"`
+
+	// AvailableIncomingBitrate is calculated by the underlying congestion control
+	// by combining the available bitrate for all the incoming RTP streams using
+	// this candidate pair. The bitrate measurement does not count the size of the
+	// IP or other transport layers like TCP or UDP. It is similar to the TIAS defined
+	// in  RFC 3890, i.e., it is measured in bits per second and the bitrate is
+	// calculated over a 1 second window.
+	AvailableIncomingBitrate float64 `json:"availableIncomingBitrate"`
+
+	// CircuitBreakerTriggerCount represents the number of times the circuit breaker
+	// is triggered for this particular 5-tuple, ceasing transmission.
+	CircuitBreakerTriggerCount uint32 `json:"circuitBreakerTriggerCount"`
+
+	// RequestsReceived represents the total number of connectivity check requests
+	// received (including retransmissions). It is impossible for the receiver to
+	// tell whether the request was sent in order to check connectivity or check
+	// consent, so all connectivity checks requests are counted here.
+	RequestsReceived uint64 `json:"requestsReceived"`
+
+	// RequestsSent represents the total number of connectivity check requests
+	// sent (not including retransmissions).
+	RequestsSent uint64 `json:"requestsSent"`
+
+	// ResponsesReceived represents the total number of connectivity check responses received.
+	ResponsesReceived uint64 `json:"responsesReceived"`
+
+	// ResponsesSent represents the total number of connectivity check responses sent.
+	// Since we cannot distinguish connectivity check requests and consent requests,
+	// all responses are counted.
+	ResponsesSent uint64 `json:"responsesSent"`
+
+	// RetransmissionsReceived represents the total number of connectivity check
+	// request retransmissions received.
+	RetransmissionsReceived uint64 `json:"retransmissionsReceived"`
+
+	// RetransmissionsSent represents the total number of connectivity check
+	// request retransmissions sent.
+	RetransmissionsSent uint64 `json:"retransmissionsSent"`
+
+	// ConsentRequestsSent represents the total number of consent requests sent.
+	ConsentRequestsSent uint64 `json:"consentRequestsSent"`
+
+	// ConsentExpiredTimestamp represents the timestamp at which the latest valid
+	// STUN binding response expired.
+	ConsentExpiredTimestamp StatsTimestamp `json:"consentExpiredTimestamp"`
+}
+
+func (s ICECandidatePairStats) statsMarker() {}
+
+func unmarshalICECandidatePairStats(b []byte) (ICECandidatePairStats, error) {
+	var iceCandidatePairStats ICECandidatePairStats
+	err := json.Unmarshal(b, &iceCandidatePairStats)
+	if err != nil {
+		return ICECandidatePairStats{}, fmt.Errorf("unmarshal ice candidate pair stats: %w", err)
+	}
+	return iceCandidatePairStats, nil
+}
+
+// ICECandidateStats contains ICE candidate statistics related to the ICETransport objects.
+type ICECandidateStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// TransportID is a unique identifier that is associated to the object that
+	// was inspected to produce the TransportStats associated with this candidate.
+	TransportID string `json:"transportId"`
+
+	// NetworkType represents the type of network interface used by the base of a
+	// local candidate (the address the ICE agent sends from). Only present for
+	// local candidates; it's not possible to know what type of network interface
+	// a remote candidate is using.
+	//
+	// Note:
+	// This stat only tells you about the network interface used by the first "hop";
+	// it's possible that a connection will be bottlenecked by another type of network.
+	// For example, when using Wi-Fi tethering, the networkType of the relevant candidate
+	// would be "wifi", even when the next hop is over a cellular connection.
+	//
+	// DEPRECATED. Although it may still work in some browsers, the networkType property was deprecated for
+	// preserving privacy.
+	NetworkType NetworkType `json:"networkType,omitempty"`
+
+	// IP is the IP address of the candidate, allowing for IPv4 addresses and
+	// IPv6 addresses, but fully qualified domain names (FQDNs) are not allowed.
+	IP string `json:"ip"`
+
+	// Port is the port number of the candidate.
+	Port int32 `json:"port"`
+
+	// Protocol is one of udp and tcp.
+	Protocol string `json:"protocol"`
+
+	// CandidateType is the "Type" field of the ICECandidate.
+	CandidateType ICECandidateType `json:"candidateType"`
+
+	// Priority is the "Priority" field of the ICECandidate.
+	Priority int32 `json:"priority"`
+
+	// URL is the URL of the TURN or STUN server indicated in the that translated
+	// this IP address. It is the URL address surfaced in an PeerConnectionICEEvent.
+	URL string `json:"url"`
+
+	// RelayProtocol is the protocol used by the endpoint to communicate with the
+	// TURN server. This is only present for local candidates. Valid values for
+	// the TURN URL protocol is one of udp, tcp, or tls.
+	RelayProtocol string `json:"relayProtocol"`
+
+	// Deleted is true if the candidate has been deleted/freed. For host candidates,
+	// this means that any network resources (typically a socket) associated with the
+	// candidate have been released. For TURN candidates, this means the TURN allocation
+	// is no longer active.
+	//
+	// Only defined for local candidates. For remote candidates, this property is not applicable.
+	Deleted bool `json:"deleted"`
+}
+
+func (s ICECandidateStats) statsMarker() {}
+
+func unmarshalICECandidateStats(b []byte) (ICECandidateStats, error) {
+	var iceCandidateStats ICECandidateStats
+	err := json.Unmarshal(b, &iceCandidateStats)
+	if err != nil {
+		return ICECandidateStats{}, fmt.Errorf("unmarshal ice candidate stats: %w", err)
+	}
+	return iceCandidateStats, nil
+}
+
+// CertificateStats contains information about a certificate used by an ICETransport.
+type CertificateStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// Fingerprint is the fingerprint of the certificate.
+	Fingerprint string `json:"fingerprint"`
+
+	// FingerprintAlgorithm is the hash function used to compute the certificate fingerprint. For instance, "sha-256".
+	FingerprintAlgorithm string `json:"fingerprintAlgorithm"`
+
+	// Base64Certificate is the DER-encoded base-64 representation of the certificate.
+	Base64Certificate string `json:"base64Certificate"`
+
+	// IssuerCertificateID refers to the stats object that contains the next certificate
+	// in the certificate chain. If the current certificate is at the end of the chain
+	// (i.e. a self-signed certificate), this will not be set.
+	IssuerCertificateID string `json:"issuerCertificateId"`
+}
+
+func (s CertificateStats) statsMarker() {}
+
+func unmarshalCertificateStats(b []byte) (CertificateStats, error) {
+	var certificateStats CertificateStats
+	err := json.Unmarshal(b, &certificateStats)
+	if err != nil {
+		return CertificateStats{}, fmt.Errorf("unmarshal certificate stats: %w", err)
+	}
+	return certificateStats, nil
+}
+
+// SCTPTransportStats contains information about a certificate used by an SCTPTransport.
+type SCTPTransportStats struct {
+	// Timestamp is the timestamp associated with this object.
+	Timestamp StatsTimestamp `json:"timestamp"`
+
+	// Type is the object's StatsType
+	Type StatsType `json:"type"`
+
+	// ID is a unique id that is associated with the component inspected to produce
+	// this Stats object. Two Stats objects will have the same ID if they were produced
+	// by inspecting the same underlying object.
+	ID string `json:"id"`
+
+	// TransportID is the identifier of the object that was inspected to produce the
+	// RTCTransportStats for the DTLSTransport and ICETransport supporting the SCTP transport.
+	TransportID string `json:"transportId"`
+
+	// SmoothedRoundTripTime is the latest smoothed round-trip time value, corresponding to spinfo_srtt defined in [RFC6458]
+	// but converted to seconds. If there has been no round-trip time measurements yet, this value is undefined.
+	SmoothedRoundTripTime float64 `json:"smoothedRoundTripTime"`
+
+	// CongestionWindow is the latest congestion window, corresponding to spinfo_cwnd defined in [RFC6458].
+	CongestionWindow uint32 `json:"congestionWindow"`
+
+	// ReceiverWindow is the latest receiver window, corresponding to sstat_rwnd defined in [RFC6458].
+	ReceiverWindow uint32 `json:"receiverWindow"`
+
+	// MTU is the latest maximum transmission unit, corresponding to spinfo_mtu defined in [RFC6458].
+	MTU uint32 `json:"mtu"`
+
+	// UNACKData is the number of unacknowledged DATA chunks, corresponding to sstat_unackdata defined in [RFC6458].
+	UNACKData uint32 `json:"unackData"`
+
+	// BytesSent represents the total number of bytes sent on this SCTPTransport
+	BytesSent uint64 `json:"bytesSent"`
+
+	// BytesReceived represents the total number of bytes received on this SCTPTransport
+	BytesReceived uint64 `json:"bytesReceived"`
+}
+
+func (s SCTPTransportStats) statsMarker() {}
+
+func unmarshalSCTPTransportStats(b []byte) (SCTPTransportStats, error) {
+	var sctpTransportStats SCTPTransportStats
+	if err := json.Unmarshal(b, &sctpTransportStats); err != nil {
+		return SCTPTransportStats{}, fmt.Errorf("unmarshal sctp transport stats: %w", err)
+	}
+	return sctpTransportStats, nil
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/stats_go.go b/server/vendor/github.com/pion/webrtc/v3/stats_go.go
new file mode 100644
index 0000000..a9a8e21
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/stats_go.go
@@ -0,0 +1,97 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+// GetConnectionStats is a helper method to return the associated stats for a given PeerConnection
+func (r StatsReport) GetConnectionStats(conn *PeerConnection) (PeerConnectionStats, bool) {
+	statsID := conn.getStatsID()
+	stats, ok := r[statsID]
+	if !ok {
+		return PeerConnectionStats{}, false
+	}
+
+	pcStats, ok := stats.(PeerConnectionStats)
+	if !ok {
+		return PeerConnectionStats{}, false
+	}
+	return pcStats, true
+}
+
+// GetDataChannelStats is a helper method to return the associated stats for a given DataChannel
+func (r StatsReport) GetDataChannelStats(dc *DataChannel) (DataChannelStats, bool) {
+	statsID := dc.getStatsID()
+	stats, ok := r[statsID]
+	if !ok {
+		return DataChannelStats{}, false
+	}
+
+	dcStats, ok := stats.(DataChannelStats)
+	if !ok {
+		return DataChannelStats{}, false
+	}
+	return dcStats, true
+}
+
+// GetICECandidateStats is a helper method to return the associated stats for a given ICECandidate
+func (r StatsReport) GetICECandidateStats(c *ICECandidate) (ICECandidateStats, bool) {
+	statsID := c.statsID
+	stats, ok := r[statsID]
+	if !ok {
+		return ICECandidateStats{}, false
+	}
+
+	candidateStats, ok := stats.(ICECandidateStats)
+	if !ok {
+		return ICECandidateStats{}, false
+	}
+	return candidateStats, true
+}
+
+// GetICECandidatePairStats is a helper method to return the associated stats for a given ICECandidatePair
+func (r StatsReport) GetICECandidatePairStats(c *ICECandidatePair) (ICECandidatePairStats, bool) {
+	statsID := c.statsID
+	stats, ok := r[statsID]
+	if !ok {
+		return ICECandidatePairStats{}, false
+	}
+
+	candidateStats, ok := stats.(ICECandidatePairStats)
+	if !ok {
+		return ICECandidatePairStats{}, false
+	}
+	return candidateStats, true
+}
+
+// GetCertificateStats is a helper method to return the associated stats for a given Certificate
+func (r StatsReport) GetCertificateStats(c *Certificate) (CertificateStats, bool) {
+	statsID := c.statsID
+	stats, ok := r[statsID]
+	if !ok {
+		return CertificateStats{}, false
+	}
+
+	certificateStats, ok := stats.(CertificateStats)
+	if !ok {
+		return CertificateStats{}, false
+	}
+	return certificateStats, true
+}
+
+// GetCodecStats is a helper method to return the associated stats for a given Codec
+func (r StatsReport) GetCodecStats(c *RTPCodecParameters) (CodecStats, bool) {
+	statsID := c.statsID
+	stats, ok := r[statsID]
+	if !ok {
+		return CodecStats{}, false
+	}
+
+	codecStats, ok := stats.(CodecStats)
+	if !ok {
+		return CodecStats{}, false
+	}
+	return codecStats, true
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/track_local.go b/server/vendor/github.com/pion/webrtc/v3/track_local.go
new file mode 100644
index 0000000..21131c8
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/track_local.go
@@ -0,0 +1,114 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package webrtc
+
+import (
+	"github.com/pion/interceptor"
+	"github.com/pion/rtp"
+)
+
+// TrackLocalWriter is the Writer for outbound RTP Packets
+type TrackLocalWriter interface {
+	// WriteRTP encrypts a RTP packet and writes to the connection
+	WriteRTP(header *rtp.Header, payload []byte) (int, error)
+
+	// Write encrypts and writes a full RTP packet
+	Write(b []byte) (int, error)
+}
+
+// TrackLocalContext is the Context passed when a TrackLocal has been Binded/Unbinded from a PeerConnection, and used
+// in Interceptors.
+type TrackLocalContext interface {
+	// CodecParameters returns the negotiated RTPCodecParameters. These are the codecs supported by both
+	// PeerConnections and the SSRC/PayloadTypes
+	CodecParameters() []RTPCodecParameters
+
+	// HeaderExtensions returns the negotiated RTPHeaderExtensionParameters. These are the header extensions supported by
+	// both PeerConnections and the SSRC/PayloadTypes
+	HeaderExtensions() []RTPHeaderExtensionParameter
+
+	// SSRC requires the negotiated SSRC of this track
+	// This track may have multiple if RTX is enabled
+	SSRC() SSRC
+
+	// WriteStream returns the WriteStream for this TrackLocal. The implementer writes the outbound
+	// media packets to it
+	WriteStream() TrackLocalWriter
+
+	// ID is a unique identifier that is used for both Bind/Unbind
+	ID() string
+
+	// RTCPReader returns the RTCP interceptor for this TrackLocal. Used to read RTCP of this TrackLocal.
+	RTCPReader() interceptor.RTCPReader
+}
+
+type baseTrackLocalContext struct {
+	id              string
+	params          RTPParameters
+	ssrc            SSRC
+	writeStream     TrackLocalWriter
+	rtcpInterceptor interceptor.RTCPReader
+}
+
+// CodecParameters returns the negotiated RTPCodecParameters. These are the codecs supported by both
+// PeerConnections and the SSRC/PayloadTypes
+func (t *baseTrackLocalContext) CodecParameters() []RTPCodecParameters {
+	return t.params.Codecs
+}
+
+// HeaderExtensions returns the negotiated RTPHeaderExtensionParameters. These are the header extensions supported by
+// both PeerConnections and the SSRC/PayloadTypes
+func (t *baseTrackLocalContext) HeaderExtensions() []RTPHeaderExtensionParameter {
+	return t.params.HeaderExtensions
+}
+
+// SSRC requires the negotiated SSRC of this track
+// This track may have multiple if RTX is enabled
+func (t *baseTrackLocalContext) SSRC() SSRC {
+	return t.ssrc
+}
+
+// WriteStream returns the WriteStream for this TrackLocal. The implementer writes the outbound
+// media packets to it
+func (t *baseTrackLocalContext) WriteStream() TrackLocalWriter {
+	return t.writeStream
+}
+
+// ID is a unique identifier that is used for both Bind/Unbind
+func (t *baseTrackLocalContext) ID() string {
+	return t.id
+}
+
+// RTCPReader returns the RTCP interceptor for this TrackLocal. Used to read RTCP of this TrackLocal.
+func (t *baseTrackLocalContext) RTCPReader() interceptor.RTCPReader {
+	return t.rtcpInterceptor
+}
+
+// TrackLocal is an interface that controls how the user can send media
+// The user can provide their own TrackLocal implementations, or use
+// the implementations in pkg/media
+type TrackLocal interface {
+	// Bind should implement the way how the media data flows from the Track to the PeerConnection
+	// This will be called internally after signaling is complete and the list of available
+	// codecs has been determined
+	Bind(TrackLocalContext) (RTPCodecParameters, error)
+
+	// Unbind should implement the teardown logic when the track is no longer needed. This happens
+	// because a track has been stopped.
+	Unbind(TrackLocalContext) error
+
+	// ID is the unique identifier for this Track. This should be unique for the
+	// stream, but doesn't have to globally unique. A common example would be 'audio' or 'video'
+	// and StreamID would be 'desktop' or 'webcam'
+	ID() string
+
+	// RID is the RTP Stream ID for this track.
+	RID() string
+
+	// StreamID is the group this track belongs too. This must be unique
+	StreamID() string
+
+	// Kind controls if this TrackLocal is audio or video
+	Kind() RTPCodecType
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/track_local_static.go b/server/vendor/github.com/pion/webrtc/v3/track_local_static.go
new file mode 100644
index 0000000..1c06feb
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/track_local_static.go
@@ -0,0 +1,331 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"strings"
+	"sync"
+
+	"github.com/pion/rtp"
+	"github.com/pion/webrtc/v3/internal/util"
+	"github.com/pion/webrtc/v3/pkg/media"
+)
+
+// trackBinding is a single bind for a Track
+// Bind can be called multiple times, this stores the
+// result for a single bind call so that it can be used when writing
+type trackBinding struct {
+	id          string
+	ssrc        SSRC
+	payloadType PayloadType
+	writeStream TrackLocalWriter
+}
+
+// TrackLocalStaticRTP  is a TrackLocal that has a pre-set codec and accepts RTP Packets.
+// If you wish to send a media.Sample use TrackLocalStaticSample
+type TrackLocalStaticRTP struct {
+	mu                sync.RWMutex
+	bindings          []trackBinding
+	codec             RTPCodecCapability
+	id, rid, streamID string
+}
+
+// NewTrackLocalStaticRTP returns a TrackLocalStaticRTP.
+func NewTrackLocalStaticRTP(c RTPCodecCapability, id, streamID string, options ...func(*TrackLocalStaticRTP)) (*TrackLocalStaticRTP, error) {
+	t := &TrackLocalStaticRTP{
+		codec:    c,
+		bindings: []trackBinding{},
+		id:       id,
+		streamID: streamID,
+	}
+
+	for _, option := range options {
+		option(t)
+	}
+
+	return t, nil
+}
+
+// WithRTPStreamID sets the RTP stream ID for this TrackLocalStaticRTP.
+func WithRTPStreamID(rid string) func(*TrackLocalStaticRTP) {
+	return func(t *TrackLocalStaticRTP) {
+		t.rid = rid
+	}
+}
+
+// Bind is called by the PeerConnection after negotiation is complete
+// This asserts that the code requested is supported by the remote peer.
+// If so it setups all the state (SSRC and PayloadType) to have a call
+func (s *TrackLocalStaticRTP) Bind(t TrackLocalContext) (RTPCodecParameters, error) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	parameters := RTPCodecParameters{RTPCodecCapability: s.codec}
+	if codec, matchType := codecParametersFuzzySearch(parameters, t.CodecParameters()); matchType != codecMatchNone {
+		s.bindings = append(s.bindings, trackBinding{
+			ssrc:        t.SSRC(),
+			payloadType: codec.PayloadType,
+			writeStream: t.WriteStream(),
+			id:          t.ID(),
+		})
+		return codec, nil
+	}
+
+	return RTPCodecParameters{}, ErrUnsupportedCodec
+}
+
+// Unbind implements the teardown logic when the track is no longer needed. This happens
+// because a track has been stopped.
+func (s *TrackLocalStaticRTP) Unbind(t TrackLocalContext) error {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	for i := range s.bindings {
+		if s.bindings[i].id == t.ID() {
+			s.bindings[i] = s.bindings[len(s.bindings)-1]
+			s.bindings = s.bindings[:len(s.bindings)-1]
+			return nil
+		}
+	}
+
+	return ErrUnbindFailed
+}
+
+// ID is the unique identifier for this Track. This should be unique for the
+// stream, but doesn't have to globally unique. A common example would be 'audio' or 'video'
+// and StreamID would be 'desktop' or 'webcam'
+func (s *TrackLocalStaticRTP) ID() string { return s.id }
+
+// StreamID is the group this track belongs too. This must be unique
+func (s *TrackLocalStaticRTP) StreamID() string { return s.streamID }
+
+// RID is the RTP stream identifier.
+func (s *TrackLocalStaticRTP) RID() string { return s.rid }
+
+// Kind controls if this TrackLocal is audio or video
+func (s *TrackLocalStaticRTP) Kind() RTPCodecType {
+	switch {
+	case strings.HasPrefix(s.codec.MimeType, "audio/"):
+		return RTPCodecTypeAudio
+	case strings.HasPrefix(s.codec.MimeType, "video/"):
+		return RTPCodecTypeVideo
+	default:
+		return RTPCodecType(0)
+	}
+}
+
+// Codec gets the Codec of the track
+func (s *TrackLocalStaticRTP) Codec() RTPCodecCapability {
+	return s.codec
+}
+
+// packetPool is a pool of packets used by WriteRTP and Write below
+// nolint:gochecknoglobals
+var rtpPacketPool = sync.Pool{
+	New: func() interface{} {
+		return &rtp.Packet{}
+	},
+}
+
+func resetPacketPoolAllocation(localPacket *rtp.Packet) {
+	*localPacket = rtp.Packet{}
+	rtpPacketPool.Put(localPacket)
+}
+
+func getPacketAllocationFromPool() *rtp.Packet {
+	ipacket := rtpPacketPool.Get()
+	return ipacket.(*rtp.Packet) //nolint:forcetypeassert
+}
+
+// WriteRTP writes a RTP Packet to the TrackLocalStaticRTP
+// If one PeerConnection fails the packets will still be sent to
+// all PeerConnections. The error message will contain the ID of the failed
+// PeerConnections so you can remove them
+func (s *TrackLocalStaticRTP) WriteRTP(p *rtp.Packet) error {
+	packet := getPacketAllocationFromPool()
+
+	defer resetPacketPoolAllocation(packet)
+
+	*packet = *p
+
+	return s.writeRTP(packet)
+}
+
+// writeRTP is like WriteRTP, except that it may modify the packet p
+func (s *TrackLocalStaticRTP) writeRTP(p *rtp.Packet) error {
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+
+	writeErrs := []error{}
+
+	for _, b := range s.bindings {
+		p.Header.SSRC = uint32(b.ssrc)
+		p.Header.PayloadType = uint8(b.payloadType)
+		if _, err := b.writeStream.WriteRTP(&p.Header, p.Payload); err != nil {
+			writeErrs = append(writeErrs, err)
+		}
+	}
+
+	return util.FlattenErrs(writeErrs)
+}
+
+// Write writes a RTP Packet as a buffer to the TrackLocalStaticRTP
+// If one PeerConnection fails the packets will still be sent to
+// all PeerConnections. The error message will contain the ID of the failed
+// PeerConnections so you can remove them
+func (s *TrackLocalStaticRTP) Write(b []byte) (n int, err error) {
+	packet := getPacketAllocationFromPool()
+
+	defer resetPacketPoolAllocation(packet)
+
+	if err = packet.Unmarshal(b); err != nil {
+		return 0, err
+	}
+
+	return len(b), s.writeRTP(packet)
+}
+
+// TrackLocalStaticSample is a TrackLocal that has a pre-set codec and accepts Samples.
+// If you wish to send a RTP Packet use TrackLocalStaticRTP
+type TrackLocalStaticSample struct {
+	packetizer rtp.Packetizer
+	sequencer  rtp.Sequencer
+	rtpTrack   *TrackLocalStaticRTP
+	clockRate  float64
+}
+
+// NewTrackLocalStaticSample returns a TrackLocalStaticSample
+func NewTrackLocalStaticSample(c RTPCodecCapability, id, streamID string, options ...func(*TrackLocalStaticRTP)) (*TrackLocalStaticSample, error) {
+	rtpTrack, err := NewTrackLocalStaticRTP(c, id, streamID, options...)
+	if err != nil {
+		return nil, err
+	}
+
+	return &TrackLocalStaticSample{
+		rtpTrack: rtpTrack,
+	}, nil
+}
+
+// ID is the unique identifier for this Track. This should be unique for the
+// stream, but doesn't have to globally unique. A common example would be 'audio' or 'video'
+// and StreamID would be 'desktop' or 'webcam'
+func (s *TrackLocalStaticSample) ID() string { return s.rtpTrack.ID() }
+
+// StreamID is the group this track belongs too. This must be unique
+func (s *TrackLocalStaticSample) StreamID() string { return s.rtpTrack.StreamID() }
+
+// RID is the RTP stream identifier.
+func (s *TrackLocalStaticSample) RID() string { return s.rtpTrack.RID() }
+
+// Kind controls if this TrackLocal is audio or video
+func (s *TrackLocalStaticSample) Kind() RTPCodecType { return s.rtpTrack.Kind() }
+
+// Codec gets the Codec of the track
+func (s *TrackLocalStaticSample) Codec() RTPCodecCapability {
+	return s.rtpTrack.Codec()
+}
+
+// Bind is called by the PeerConnection after negotiation is complete
+// This asserts that the code requested is supported by the remote peer.
+// If so it setups all the state (SSRC and PayloadType) to have a call
+func (s *TrackLocalStaticSample) Bind(t TrackLocalContext) (RTPCodecParameters, error) {
+	codec, err := s.rtpTrack.Bind(t)
+	if err != nil {
+		return codec, err
+	}
+
+	s.rtpTrack.mu.Lock()
+	defer s.rtpTrack.mu.Unlock()
+
+	// We only need one packetizer
+	if s.packetizer != nil {
+		return codec, nil
+	}
+
+	payloader, err := payloaderForCodec(codec.RTPCodecCapability)
+	if err != nil {
+		return codec, err
+	}
+
+	s.sequencer = rtp.NewRandomSequencer()
+	s.packetizer = rtp.NewPacketizer(
+		rtpOutboundMTU,
+		0, // Value is handled when writing
+		0, // Value is handled when writing
+		payloader,
+		s.sequencer,
+		codec.ClockRate,
+	)
+	s.clockRate = float64(codec.RTPCodecCapability.ClockRate)
+	return codec, nil
+}
+
+// Unbind implements the teardown logic when the track is no longer needed. This happens
+// because a track has been stopped.
+func (s *TrackLocalStaticSample) Unbind(t TrackLocalContext) error {
+	return s.rtpTrack.Unbind(t)
+}
+
+// WriteSample writes a Sample to the TrackLocalStaticSample
+// If one PeerConnection fails the packets will still be sent to
+// all PeerConnections. The error message will contain the ID of the failed
+// PeerConnections so you can remove them
+func (s *TrackLocalStaticSample) WriteSample(sample media.Sample) error {
+	s.rtpTrack.mu.RLock()
+	p := s.packetizer
+	clockRate := s.clockRate
+	s.rtpTrack.mu.RUnlock()
+
+	if p == nil {
+		return nil
+	}
+
+	// skip packets by the number of previously dropped packets
+	for i := uint16(0); i < sample.PrevDroppedPackets; i++ {
+		s.sequencer.NextSequenceNumber()
+	}
+
+	samples := uint32(sample.Duration.Seconds() * clockRate)
+	if sample.PrevDroppedPackets > 0 {
+		p.SkipSamples(samples * uint32(sample.PrevDroppedPackets))
+	}
+	packets := p.Packetize(sample.Data, samples)
+
+	writeErrs := []error{}
+	for _, p := range packets {
+		if err := s.rtpTrack.WriteRTP(p); err != nil {
+			writeErrs = append(writeErrs, err)
+		}
+	}
+
+	return util.FlattenErrs(writeErrs)
+}
+
+// GeneratePadding writes padding-only samples to the TrackLocalStaticSample
+// If one PeerConnection fails the packets will still be sent to
+// all PeerConnections. The error message will contain the ID of the failed
+// PeerConnections so you can remove them
+func (s *TrackLocalStaticSample) GeneratePadding(samples uint32) error {
+	s.rtpTrack.mu.RLock()
+	p := s.packetizer
+	s.rtpTrack.mu.RUnlock()
+
+	if p == nil {
+		return nil
+	}
+
+	packets := p.GeneratePadding(samples)
+
+	writeErrs := []error{}
+	for _, p := range packets {
+		if err := s.rtpTrack.WriteRTP(p); err != nil {
+			writeErrs = append(writeErrs, err)
+		}
+	}
+
+	return util.FlattenErrs(writeErrs)
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/track_remote.go b/server/vendor/github.com/pion/webrtc/v3/track_remote.go
new file mode 100644
index 0000000..7e448dd
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/track_remote.go
@@ -0,0 +1,232 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+//go:build !js
+// +build !js
+
+package webrtc
+
+import (
+	"sync"
+	"time"
+
+	"github.com/pion/interceptor"
+	"github.com/pion/rtp"
+)
+
+// TrackRemote represents a single inbound source of media
+type TrackRemote struct {
+	mu sync.RWMutex
+
+	id       string
+	streamID string
+
+	payloadType PayloadType
+	kind        RTPCodecType
+	ssrc        SSRC
+	rtxSsrc     SSRC
+	codec       RTPCodecParameters
+	params      RTPParameters
+	rid         string
+
+	receiver         *RTPReceiver
+	peeked           []byte
+	peekedAttributes interceptor.Attributes
+}
+
+func newTrackRemote(kind RTPCodecType, ssrc, rtxSsrc SSRC, rid string, receiver *RTPReceiver) *TrackRemote {
+	return &TrackRemote{
+		kind:     kind,
+		ssrc:     ssrc,
+		rtxSsrc:  rtxSsrc,
+		rid:      rid,
+		receiver: receiver,
+	}
+}
+
+// ID is the unique identifier for this Track. This should be unique for the
+// stream, but doesn't have to globally unique. A common example would be 'audio' or 'video'
+// and StreamID would be 'desktop' or 'webcam'
+func (t *TrackRemote) ID() string {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+	return t.id
+}
+
+// RID gets the RTP Stream ID of this Track
+// With Simulcast you will have multiple tracks with the same ID, but different RID values.
+// In many cases a TrackRemote will not have an RID, so it is important to assert it is non-zero
+func (t *TrackRemote) RID() string {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+
+	return t.rid
+}
+
+// PayloadType gets the PayloadType of the track
+func (t *TrackRemote) PayloadType() PayloadType {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+	return t.payloadType
+}
+
+// Kind gets the Kind of the track
+func (t *TrackRemote) Kind() RTPCodecType {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+	return t.kind
+}
+
+// StreamID is the group this track belongs too. This must be unique
+func (t *TrackRemote) StreamID() string {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+	return t.streamID
+}
+
+// SSRC gets the SSRC of the track
+func (t *TrackRemote) SSRC() SSRC {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+	return t.ssrc
+}
+
+// Msid gets the Msid of the track
+func (t *TrackRemote) Msid() string {
+	return t.StreamID() + " " + t.ID()
+}
+
+// Codec gets the Codec of the track
+func (t *TrackRemote) Codec() RTPCodecParameters {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+	return t.codec
+}
+
+// Read reads data from the track.
+func (t *TrackRemote) Read(b []byte) (n int, attributes interceptor.Attributes, err error) {
+	t.mu.RLock()
+	r := t.receiver
+	peeked := t.peeked != nil
+	t.mu.RUnlock()
+
+	if peeked {
+		t.mu.Lock()
+		data := t.peeked
+		attributes = t.peekedAttributes
+
+		t.peeked = nil
+		t.peekedAttributes = nil
+		t.mu.Unlock()
+		// someone else may have stolen our packet when we
+		// released the lock.  Deal with it.
+		if data != nil {
+			n = copy(b, data)
+			err = t.checkAndUpdateTrack(b)
+			return
+		}
+	}
+
+	// If there's a separate RTX track and an RTX packet is available, return that
+	if rtxPacketReceived := r.readRTX(t); rtxPacketReceived != nil {
+		n = copy(b, rtxPacketReceived.pkt)
+		attributes = rtxPacketReceived.attributes
+		rtxPacketReceived.release()
+		err = nil
+	} else {
+		// If there's no separate RTX track (or there's a separate RTX track but no RTX packet waiting), wait for and return
+		// a packet from the main track
+		n, attributes, err = r.readRTP(b, t)
+		if err != nil {
+			return
+		}
+		err = t.checkAndUpdateTrack(b)
+	}
+
+	return n, attributes, err
+}
+
+// checkAndUpdateTrack checks payloadType for every incoming packet
+// once a different payloadType is detected the track will be updated
+func (t *TrackRemote) checkAndUpdateTrack(b []byte) error {
+	if len(b) < 2 {
+		return errRTPTooShort
+	}
+
+	payloadType := PayloadType(b[1] & rtpPayloadTypeBitmask)
+	if payloadType != t.PayloadType() || len(t.params.Codecs) == 0 {
+		t.mu.Lock()
+		defer t.mu.Unlock()
+
+		params, err := t.receiver.api.mediaEngine.getRTPParametersByPayloadType(payloadType)
+		if err != nil {
+			return err
+		}
+
+		t.kind = t.receiver.kind
+		t.payloadType = payloadType
+		t.codec = params.Codecs[0]
+		t.params = params
+	}
+
+	return nil
+}
+
+// ReadRTP is a convenience method that wraps Read and unmarshals for you.
+func (t *TrackRemote) ReadRTP() (*rtp.Packet, interceptor.Attributes, error) {
+	b := make([]byte, t.receiver.api.settingEngine.getReceiveMTU())
+	i, attributes, err := t.Read(b)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	r := &rtp.Packet{}
+	if err := r.Unmarshal(b[:i]); err != nil {
+		return nil, nil, err
+	}
+	return r, attributes, nil
+}
+
+// peek is like Read, but it doesn't discard the packet read
+func (t *TrackRemote) peek(b []byte) (n int, a interceptor.Attributes, err error) {
+	n, a, err = t.Read(b)
+	if err != nil {
+		return
+	}
+
+	t.mu.Lock()
+	// this might overwrite data if somebody peeked between the Read
+	// and us getting the lock.  Oh well, we'll just drop a packet in
+	// that case.
+	data := make([]byte, n)
+	n = copy(data, b[:n])
+	t.peeked = data
+	t.peekedAttributes = a
+	t.mu.Unlock()
+	return
+}
+
+// SetReadDeadline sets the max amount of time the RTP stream will block before returning. 0 is forever.
+func (t *TrackRemote) SetReadDeadline(deadline time.Time) error {
+	return t.receiver.setRTPReadDeadline(deadline, t)
+}
+
+// RtxSSRC returns the RTX SSRC for a track, or 0 if track does not have a separate RTX stream
+func (t *TrackRemote) RtxSSRC() SSRC {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+	return t.rtxSsrc
+}
+
+// HasRTX returns true if the track has a separate RTX stream
+func (t *TrackRemote) HasRTX() bool {
+	t.mu.RLock()
+	defer t.mu.RUnlock()
+	return t.rtxSsrc != 0
+}
+
+func (t *TrackRemote) setRtxSSRC(ssrc SSRC) {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+	t.rtxSsrc = ssrc
+}
diff --git a/server/vendor/github.com/pion/webrtc/v3/webrtc.go b/server/vendor/github.com/pion/webrtc/v3/webrtc.go
new file mode 100644
index 0000000..2781c8d
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/webrtc.go
@@ -0,0 +1,20 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+// Package webrtc implements the WebRTC 1.0 as defined in W3C WebRTC specification document.
+package webrtc
+
+// SSRC represents a synchronization source
+// A synchronization source is a randomly chosen
+// value meant to be globally unique within a particular
+// RTP session. Used to identify a single stream of media.
+//
+// https://tools.ietf.org/html/rfc3550#section-3
+type SSRC uint32
+
+// PayloadType identifies the format of the RTP payload and determines
+// its interpretation by the application. Each codec in a RTP Session
+// will have a different PayloadType
+//
+// https://tools.ietf.org/html/rfc3550#section-3
+type PayloadType uint8
diff --git a/server/vendor/github.com/pion/webrtc/v3/yarn.lock b/server/vendor/github.com/pion/webrtc/v3/yarn.lock
new file mode 100644
index 0000000..01bf782
--- /dev/null
+++ b/server/vendor/github.com/pion/webrtc/v3/yarn.lock
@@ -0,0 +1,797 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+# SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+# SPDX-License-Identifier: MIT
+
+abbrev@1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.1.tgz#f8f2c887ad10bf67f634f005b6987fed3179aac8"
+  integrity sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==
+
+ajv@^6.5.5:
+  version "6.12.2"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.2.tgz#c629c5eced17baf314437918d2da88c99d5958cd"
+  integrity sha512-k+V+hzjm5q/Mr8ef/1Y9goCmlsK4I6Sm74teeyGvFk1XrOsbsKLjEdrvny42CZ+a8sXbk8KWpY/bDwS+FLL2UQ==
+  dependencies:
+    fast-deep-equal "^3.1.1"
+    fast-json-stable-stringify "^2.0.0"
+    json-schema-traverse "^0.4.1"
+    uri-js "^4.2.2"
+
+ansi-regex@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df"
+  integrity sha1-w7M6te42DYbg5ijwRorn7yfWVN8=
+
+ansi-regex@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-3.0.0.tgz#ed0317c322064f79466c02966bddb605ab37d998"
+  integrity sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=
+
+aproba@^1.0.3:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.2.0.tgz#6802e6264efd18c790a1b0d517f0f2627bf2c94a"
+  integrity sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw==
+
+are-we-there-yet@~1.1.2:
+  version "1.1.5"
+  resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.5.tgz#4b35c2944f062a8bfcda66410760350fe9ddfc21"
+  integrity sha512-5hYdAkZlcG8tOLujVDTgCT+uPX0VnpAH28gWsLfzpXYm7wP6mp5Q/gYyR7YQ0cKVJcXJnl3j2kpBan13PtQf6w==
+  dependencies:
+    delegates "^1.0.0"
+    readable-stream "^2.0.6"
+
+asn1@~0.2.3:
+  version "0.2.4"
+  resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.4.tgz#8d2475dfab553bb33e77b54e59e880bb8ce23136"
+  integrity sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==
+  dependencies:
+    safer-buffer "~2.1.0"
+
+assert-plus@1.0.0, assert-plus@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525"
+  integrity sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=
+
+asynckit@^0.4.0:
+  version "0.4.0"
+  resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79"
+  integrity sha1-x57Zf380y48robyXkLzDZkdLS3k=
+
+aws-sign2@~0.7.0:
+  version "0.7.0"
+  resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.7.0.tgz#b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8"
+  integrity sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=
+
+aws4@^1.8.0:
+  version "1.10.0"
+  resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.10.0.tgz#a17b3a8ea811060e74d47d306122400ad4497ae2"
+  integrity sha512-3YDiu347mtVtjpyV3u5kVqQLP242c06zwDOgpeRnybmXlYYsLbtTrUBUm8i8srONt+FWobl5aibnU1030PeeuA==
+
+balanced-match@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767"
+  integrity sha1-ibTRmasr7kneFk6gK4nORi1xt2c=
+
+bcrypt-pbkdf@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz#a4301d389b6a43f9b67ff3ca11a3f6637e360e9e"
+  integrity sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=
+  dependencies:
+    tweetnacl "^0.14.3"
+
+brace-expansion@^1.1.7:
+  version "1.1.11"
+  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
+  integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==
+  dependencies:
+    balanced-match "^1.0.0"
+    concat-map "0.0.1"
+
+caseless@~0.12.0:
+  version "0.12.0"
+  resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc"
+  integrity sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=
+
+chownr@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/chownr/-/chownr-1.1.1.tgz#54726b8b8fff4df053c42187e801fb4412df1494"
+  integrity sha512-j38EvO5+LHX84jlo6h4UzmOwi0UgW61WRyPtJz4qaadK5eY3BTS5TY/S1Stc3Uk2lIM6TPevAlULiEJwie860g==
+
+code-point-at@^1.0.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77"
+  integrity sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=
+
+combined-stream@^1.0.6, combined-stream@~1.0.6:
+  version "1.0.8"
+  resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f"
+  integrity sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==
+  dependencies:
+    delayed-stream "~1.0.0"
+
+concat-map@0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
+  integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=
+
+console-control-strings@^1.0.0, console-control-strings@~1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e"
+  integrity sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=
+
+core-util-is@1.0.2, core-util-is@~1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
+  integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=
+
+dashdash@^1.12.0:
+  version "1.14.1"
+  resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0"
+  integrity sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=
+  dependencies:
+    assert-plus "^1.0.0"
+
+debug@^2.1.2:
+  version "2.6.9"
+  resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f"
+  integrity sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==
+  dependencies:
+    ms "2.0.0"
+
+deep-extend@^0.6.0:
+  version "0.6.0"
+  resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.6.0.tgz#c4fa7c95404a17a9c3e8ca7e1537312b736330ac"
+  integrity sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==
+
+delayed-stream@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619"
+  integrity sha1-3zrhmayt+31ECqrgsp4icrJOxhk=
+
+delegates@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a"
+  integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=
+
+detect-libc@^1.0.2:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/detect-libc/-/detect-libc-1.0.3.tgz#fa137c4bd698edf55cd5cd02ac559f91a4c4ba9b"
+  integrity sha1-+hN8S9aY7fVc1c0CrFWfkaTEups=
+
+domexception@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/domexception/-/domexception-1.0.1.tgz#937442644ca6a31261ef36e3ec677fe805582c90"
+  integrity sha512-raigMkn7CJNNo6Ihro1fzG7wr3fHuYVytzquZKX5n0yizGsTcYgzdIUwj1X9pK0VvjeihV+XiclP+DjwbsSKug==
+  dependencies:
+    webidl-conversions "^4.0.2"
+
+ecc-jsbn@~0.1.1:
+  version "0.1.2"
+  resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz#3a83a904e54353287874c564b7549386849a98c9"
+  integrity sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=
+  dependencies:
+    jsbn "~0.1.0"
+    safer-buffer "^2.1.0"
+
+extend@~3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.2.tgz#f8b1136b4071fbd8eb140aff858b1019ec2915fa"
+  integrity sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==
+
+extsprintf@1.3.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.3.0.tgz#96918440e3041a7a414f8c52e3c574eb3c3e1e05"
+  integrity sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=
+
+extsprintf@^1.2.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.4.0.tgz#e2689f8f356fad62cca65a3a91c5df5f9551692f"
+  integrity sha1-4mifjzVvrWLMplo6kcXfX5VRaS8=
+
+fast-deep-equal@^3.1.1:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz#545145077c501491e33b15ec408c294376e94ae4"
+  integrity sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA==
+
+fast-json-stable-stringify@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz#874bf69c6f404c2b5d99c481341399fd55892633"
+  integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==
+
+forever-agent@~0.6.1:
+  version "0.6.1"
+  resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91"
+  integrity sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=
+
+form-data@~2.3.2:
+  version "2.3.3"
+  resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.3.3.tgz#dcce52c05f644f298c6a7ab936bd724ceffbf3a6"
+  integrity sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==
+  dependencies:
+    asynckit "^0.4.0"
+    combined-stream "^1.0.6"
+    mime-types "^2.1.12"
+
+fs-minipass@^1.2.5:
+  version "1.2.5"
+  resolved "https://registry.yarnpkg.com/fs-minipass/-/fs-minipass-1.2.5.tgz#06c277218454ec288df77ada54a03b8702aacb9d"
+  integrity sha512-JhBl0skXjUPCFH7x6x61gQxrKyXsxB5gcgePLZCwfyCGGsTISMoIeObbrvVeP6Xmyaudw4TT43qV2Gz+iyd2oQ==
+  dependencies:
+    minipass "^2.2.1"
+
+fs.realpath@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
+  integrity sha1-FQStJSMVjKpA20onh8sBQRmU6k8=
+
+gauge@~2.7.3:
+  version "2.7.4"
+  resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7"
+  integrity sha1-LANAXHU4w51+s3sxcCLjJfsBi/c=
+  dependencies:
+    aproba "^1.0.3"
+    console-control-strings "^1.0.0"
+    has-unicode "^2.0.0"
+    object-assign "^4.1.0"
+    signal-exit "^3.0.0"
+    string-width "^1.0.1"
+    strip-ansi "^3.0.1"
+    wide-align "^1.1.0"
+
+getpass@^0.1.1:
+  version "0.1.7"
+  resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.7.tgz#5eff8e3e684d569ae4cb2b1282604e8ba62149fa"
+  integrity sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=
+  dependencies:
+    assert-plus "^1.0.0"
+
+glob@^7.1.3:
+  version "7.1.3"
+  resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.3.tgz#3960832d3f1574108342dafd3a67b332c0969df1"
+  integrity sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==
+  dependencies:
+    fs.realpath "^1.0.0"
+    inflight "^1.0.4"
+    inherits "2"
+    minimatch "^3.0.4"
+    once "^1.3.0"
+    path-is-absolute "^1.0.0"
+
+har-schema@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-2.0.0.tgz#a94c2224ebcac04782a0d9035521f24735b7ec92"
+  integrity sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=
+
+har-validator@~5.1.3:
+  version "5.1.3"
+  resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-5.1.3.tgz#1ef89ebd3e4996557675eed9893110dc350fa080"
+  integrity sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==
+  dependencies:
+    ajv "^6.5.5"
+    har-schema "^2.0.0"
+
+has-unicode@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9"
+  integrity sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk=
+
+http-signature@~1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.2.0.tgz#9aecd925114772f3d95b65a60abb8f7c18fbace1"
+  integrity sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=
+  dependencies:
+    assert-plus "^1.0.0"
+    jsprim "^1.2.2"
+    sshpk "^1.7.0"
+
+iconv-lite@^0.4.4:
+  version "0.4.24"
+  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
+  integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
+  dependencies:
+    safer-buffer ">= 2.1.2 < 3"
+
+ignore-walk@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/ignore-walk/-/ignore-walk-3.0.1.tgz#a83e62e7d272ac0e3b551aaa82831a19b69f82f8"
+  integrity sha512-DTVlMx3IYPe0/JJcYP7Gxg7ttZZu3IInhuEhbchuqneY9wWe5Ojy2mXLBaQFUQmo0AW2r3qG7m1mg86js+gnlQ==
+  dependencies:
+    minimatch "^3.0.4"
+
+inflight@^1.0.4:
+  version "1.0.6"
+  resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9"
+  integrity sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=
+  dependencies:
+    once "^1.3.0"
+    wrappy "1"
+
+inherits@2, inherits@~2.0.3:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
+  integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=
+
+ini@~1.3.0:
+  version "1.3.5"
+  resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927"
+  integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw==
+
+is-fullwidth-code-point@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb"
+  integrity sha1-754xOG8DGn8NZDr4L95QxFfvAMs=
+  dependencies:
+    number-is-nan "^1.0.0"
+
+is-fullwidth-code-point@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f"
+  integrity sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=
+
+is-typedarray@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a"
+  integrity sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=
+
+isarray@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
+  integrity sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=
+
+isstream@~0.1.2:
+  version "0.1.2"
+  resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a"
+  integrity sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=
+
+jsbn@~0.1.0:
+  version "0.1.1"
+  resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513"
+  integrity sha1-peZUwuWi3rXyAdls77yoDA7y9RM=
+
+json-schema-traverse@^0.4.1:
+  version "0.4.1"
+  resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
+  integrity sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==
+
+json-schema@0.2.3:
+  version "0.2.3"
+  resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13"
+  integrity sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=
+
+json-stringify-safe@~5.0.1:
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb"
+  integrity sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=
+
+jsprim@^1.2.2:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2"
+  integrity sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=
+  dependencies:
+    assert-plus "1.0.0"
+    extsprintf "1.3.0"
+    json-schema "0.2.3"
+    verror "1.10.0"
+
+mime-db@1.44.0:
+  version "1.44.0"
+  resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.44.0.tgz#fa11c5eb0aca1334b4233cb4d52f10c5a6272f92"
+  integrity sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==
+
+mime-types@^2.1.12, mime-types@~2.1.19:
+  version "2.1.27"
+  resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.27.tgz#47949f98e279ea53119f5722e0f34e529bec009f"
+  integrity sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==
+  dependencies:
+    mime-db "1.44.0"
+
+minimatch@^3.0.4:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083"
+  integrity sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==
+  dependencies:
+    brace-expansion "^1.1.7"
+
+minimist@0.0.8:
+  version "0.0.8"
+  resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d"
+  integrity sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=
+
+minimist@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284"
+  integrity sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=
+
+minipass@^2.2.1, minipass@^2.3.4:
+  version "2.3.5"
+  resolved "https://registry.yarnpkg.com/minipass/-/minipass-2.3.5.tgz#cacebe492022497f656b0f0f51e2682a9ed2d848"
+  integrity sha512-Gi1W4k059gyRbyVUZQ4mEqLm0YIUiGYfvxhF6SIlk3ui1WVxMTGfGdQ2SInh3PDrRTVvPKgULkpJtT4RH10+VA==
+  dependencies:
+    safe-buffer "^5.1.2"
+    yallist "^3.0.0"
+
+minizlib@^1.1.1:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-1.2.1.tgz#dd27ea6136243c7c880684e8672bb3a45fd9b614"
+  integrity sha512-7+4oTUOWKg7AuL3vloEWekXY2/D20cevzsrNT2kGWm+39J9hGTCBv8VI5Pm5lXZ/o3/mdR4f8rflAPhnQb8mPA==
+  dependencies:
+    minipass "^2.2.1"
+
+mkdirp@^0.5.0, mkdirp@^0.5.1:
+  version "0.5.1"
+  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903"
+  integrity sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=
+  dependencies:
+    minimist "0.0.8"
+
+ms@2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8"
+  integrity sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=
+
+needle@^2.2.1:
+  version "2.2.4"
+  resolved "https://registry.yarnpkg.com/needle/-/needle-2.2.4.tgz#51931bff82533b1928b7d1d69e01f1b00ffd2a4e"
+  integrity sha512-HyoqEb4wr/rsoaIDfTH2aVL9nWtQqba2/HvMv+++m8u0dz808MaagKILxtfeSN7QU7nvbQ79zk3vYOJp9zsNEA==
+  dependencies:
+    debug "^2.1.2"
+    iconv-lite "^0.4.4"
+    sax "^1.2.4"
+
+node-pre-gyp@^0.13.0:
+  version "0.13.0"
+  resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.13.0.tgz#df9ab7b68dd6498137717838e4f92a33fc9daa42"
+  integrity sha512-Md1D3xnEne8b/HGVQkZZwV27WUi1ZRuZBij24TNaZwUPU3ZAFtvT6xxJGaUVillfmMKnn5oD1HoGsp2Ftik7SQ==
+  dependencies:
+    detect-libc "^1.0.2"
+    mkdirp "^0.5.1"
+    needle "^2.2.1"
+    nopt "^4.0.1"
+    npm-packlist "^1.1.6"
+    npmlog "^4.0.2"
+    rc "^1.2.7"
+    rimraf "^2.6.1"
+    semver "^5.3.0"
+    tar "^4"
+
+nopt@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/nopt/-/nopt-4.0.1.tgz#d0d4685afd5415193c8c7505602d0d17cd64474d"
+  integrity sha1-0NRoWv1UFRk8jHUFYC0NF81kR00=
+  dependencies:
+    abbrev "1"
+    osenv "^0.1.4"
+
+npm-bundled@^1.0.1:
+  version "1.0.6"
+  resolved "https://registry.yarnpkg.com/npm-bundled/-/npm-bundled-1.0.6.tgz#e7ba9aadcef962bb61248f91721cd932b3fe6bdd"
+  integrity sha512-8/JCaftHwbd//k6y2rEWp6k1wxVfpFzB6t1p825+cUb7Ym2XQfhwIC5KwhrvzZRJu+LtDE585zVaS32+CGtf0g==
+
+npm-packlist@^1.1.6:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-1.4.1.tgz#19064cdf988da80ea3cee45533879d90192bbfbc"
+  integrity sha512-+TcdO7HJJ8peiiYhvPxsEDhF3PJFGUGRcFsGve3vxvxdcpO2Z4Z7rkosRM0kWj6LfbK/P0gu3dzk5RU1ffvFcw==
+  dependencies:
+    ignore-walk "^3.0.1"
+    npm-bundled "^1.0.1"
+
+npmlog@^4.0.2:
+  version "4.1.2"
+  resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.2.tgz#08a7f2a8bf734604779a9efa4ad5cc717abb954b"
+  integrity sha512-2uUqazuKlTaSI/dC8AzicUck7+IrEaOnN/e0jd3Xtt1KcGpwx30v50mL7oPyr/h9bL3E4aZccVwpwP+5W9Vjkg==
+  dependencies:
+    are-we-there-yet "~1.1.2"
+    console-control-strings "~1.1.0"
+    gauge "~2.7.3"
+    set-blocking "~2.0.0"
+
+number-is-nan@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d"
+  integrity sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=
+
+oauth-sign@~0.9.0:
+  version "0.9.0"
+  resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.9.0.tgz#47a7b016baa68b5fa0ecf3dee08a85c679ac6455"
+  integrity sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==
+
+object-assign@^4.1.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863"
+  integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=
+
+once@^1.3.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1"
+  integrity sha1-WDsap3WWHUsROsF9nFC6753Xa9E=
+  dependencies:
+    wrappy "1"
+
+os-homedir@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3"
+  integrity sha1-/7xJiDNuDoM94MFox+8VISGqf7M=
+
+os-tmpdir@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274"
+  integrity sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ=
+
+osenv@^0.1.4:
+  version "0.1.5"
+  resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.5.tgz#85cdfafaeb28e8677f416e287592b5f3f49ea410"
+  integrity sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==
+  dependencies:
+    os-homedir "^1.0.0"
+    os-tmpdir "^1.0.0"
+
+path-is-absolute@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
+  integrity sha1-F0uSaHNVNP+8es5r9TpanhtcX18=
+
+performance-now@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b"
+  integrity sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=
+
+process-nextick-args@~2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
+  integrity sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw==
+
+psl@^1.1.28:
+  version "1.8.0"
+  resolved "https://registry.yarnpkg.com/psl/-/psl-1.8.0.tgz#9326f8bcfb013adcc005fdff056acce020e51c24"
+  integrity sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==
+
+punycode@^2.1.0, punycode@^2.1.1:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec"
+  integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==
+
+qs@~6.5.2:
+  version "6.5.2"
+  resolved "https://registry.yarnpkg.com/qs/-/qs-6.5.2.tgz#cb3ae806e8740444584ef154ce8ee98d403f3e36"
+  integrity sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==
+
+rc@^1.2.7:
+  version "1.2.8"
+  resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed"
+  integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==
+  dependencies:
+    deep-extend "^0.6.0"
+    ini "~1.3.0"
+    minimist "^1.2.0"
+    strip-json-comments "~2.0.1"
+
+readable-stream@^2.0.6:
+  version "2.3.6"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
+  integrity sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==
+  dependencies:
+    core-util-is "~1.0.0"
+    inherits "~2.0.3"
+    isarray "~1.0.0"
+    process-nextick-args "~2.0.0"
+    safe-buffer "~5.1.1"
+    string_decoder "~1.1.1"
+    util-deprecate "~1.0.1"
+
+request@2.88.2:
+  version "2.88.2"
+  resolved "https://registry.yarnpkg.com/request/-/request-2.88.2.tgz#d73c918731cb5a87da047e207234146f664d12b3"
+  integrity sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==
+  dependencies:
+    aws-sign2 "~0.7.0"
+    aws4 "^1.8.0"
+    caseless "~0.12.0"
+    combined-stream "~1.0.6"
+    extend "~3.0.2"
+    forever-agent "~0.6.1"
+    form-data "~2.3.2"
+    har-validator "~5.1.3"
+    http-signature "~1.2.0"
+    is-typedarray "~1.0.0"
+    isstream "~0.1.2"
+    json-stringify-safe "~5.0.1"
+    mime-types "~2.1.19"
+    oauth-sign "~0.9.0"
+    performance-now "^2.1.0"
+    qs "~6.5.2"
+    safe-buffer "^5.1.2"
+    tough-cookie "~2.5.0"
+    tunnel-agent "^0.6.0"
+    uuid "^3.3.2"
+
+rimraf@^2.6.1:
+  version "2.6.3"
+  resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.3.tgz#b2d104fe0d8fb27cf9e0a1cda8262dd3833c6cab"
+  integrity sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==
+  dependencies:
+    glob "^7.1.3"
+
+safe-buffer@^5.0.1:
+  version "5.2.1"
+  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6"
+  integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==
+
+safe-buffer@^5.1.2, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
+  version "5.1.2"
+  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
+  integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
+
+"safer-buffer@>= 2.1.2 < 3", safer-buffer@^2.0.2, safer-buffer@^2.1.0, safer-buffer@~2.1.0:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
+  integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
+
+sax@^1.2.4:
+  version "1.2.4"
+  resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
+  integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
+
+semver@^5.3.0:
+  version "5.6.0"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-5.6.0.tgz#7e74256fbaa49c75aa7c7a205cc22799cac80004"
+  integrity sha512-RS9R6R35NYgQn++fkDWaOmqGoj4Ek9gGs+DPxNUZKuwE183xjJroKvyo1IzVFeXvUrvmALy6FWD5xrdJT25gMg==
+
+set-blocking@~2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7"
+  integrity sha1-BF+XgtARrppoA93TgrJDkrPYkPc=
+
+signal-exit@^3.0.0:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d"
+  integrity sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0=
+
+sshpk@^1.7.0:
+  version "1.16.1"
+  resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.16.1.tgz#fb661c0bef29b39db40769ee39fa70093d6f6877"
+  integrity sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==
+  dependencies:
+    asn1 "~0.2.3"
+    assert-plus "^1.0.0"
+    bcrypt-pbkdf "^1.0.0"
+    dashdash "^1.12.0"
+    ecc-jsbn "~0.1.1"
+    getpass "^0.1.1"
+    jsbn "~0.1.0"
+    safer-buffer "^2.0.2"
+    tweetnacl "~0.14.0"
+
+string-width@^1.0.1:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3"
+  integrity sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=
+  dependencies:
+    code-point-at "^1.0.0"
+    is-fullwidth-code-point "^1.0.0"
+    strip-ansi "^3.0.0"
+
+"string-width@^1.0.2 || 2":
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.1.1.tgz#ab93f27a8dc13d28cac815c462143a6d9012ae9e"
+  integrity sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==
+  dependencies:
+    is-fullwidth-code-point "^2.0.0"
+    strip-ansi "^4.0.0"
+
+string_decoder@~1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
+  integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==
+  dependencies:
+    safe-buffer "~5.1.0"
+
+strip-ansi@^3.0.0, strip-ansi@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf"
+  integrity sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=
+  dependencies:
+    ansi-regex "^2.0.0"
+
+strip-ansi@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-4.0.0.tgz#a8479022eb1ac368a871389b635262c505ee368f"
+  integrity sha1-qEeQIusaw2iocTibY1JixQXuNo8=
+  dependencies:
+    ansi-regex "^3.0.0"
+
+strip-json-comments@~2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a"
+  integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo=
+
+tar@^4:
+  version "4.4.8"
+  resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.8.tgz#b19eec3fde2a96e64666df9fdb40c5ca1bc3747d"
+  integrity sha512-LzHF64s5chPQQS0IYBn9IN5h3i98c12bo4NCO7e0sGM2llXQ3p2FGC5sdENN4cTW48O915Sh+x+EXx7XW96xYQ==
+  dependencies:
+    chownr "^1.1.1"
+    fs-minipass "^1.2.5"
+    minipass "^2.3.4"
+    minizlib "^1.1.1"
+    mkdirp "^0.5.0"
+    safe-buffer "^5.1.2"
+    yallist "^3.0.2"
+
+tough-cookie@~2.5.0:
+  version "2.5.0"
+  resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.5.0.tgz#cd9fb2a0aa1d5a12b473bd9fb96fa3dcff65ade2"
+  integrity sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==
+  dependencies:
+    psl "^1.1.28"
+    punycode "^2.1.1"
+
+tunnel-agent@^0.6.0:
+  version "0.6.0"
+  resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd"
+  integrity sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=
+  dependencies:
+    safe-buffer "^5.0.1"
+
+tweetnacl@^0.14.3, tweetnacl@~0.14.0:
+  version "0.14.5"
+  resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.5.tgz#5ae68177f192d4456269d108afa93ff8743f4f64"
+  integrity sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=
+
+uri-js@^4.2.2:
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.2.2.tgz#94c540e1ff772956e2299507c010aea6c8838eb0"
+  integrity sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==
+  dependencies:
+    punycode "^2.1.0"
+
+util-deprecate@~1.0.1:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
+  integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=
+
+uuid@^3.3.2:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee"
+  integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==
+
+verror@1.10.0:
+  version "1.10.0"
+  resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.0.tgz#3a105ca17053af55d6e270c1f8288682e18da400"
+  integrity sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=
+  dependencies:
+    assert-plus "^1.0.0"
+    core-util-is "1.0.2"
+    extsprintf "^1.2.0"
+
+webidl-conversions@^4.0.2:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-4.0.2.tgz#a855980b1f0b6b359ba1d5d9fb39ae941faa63ad"
+  integrity sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==
+
+wide-align@^1.1.0:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.3.tgz#ae074e6bdc0c14a431e804e624549c633b000457"
+  integrity sha512-QGkOQc8XL6Bt5PwnsExKBPuMKBxnGxWWW3fU55Xt4feHozMUhdUMaBCk290qpm/wG5u/RSKzwdAC4i51YigihA==
+  dependencies:
+    string-width "^1.0.2 || 2"
+
+wrappy@1:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
+  integrity sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=
+
+wrtc@0.4.7:
+  version "0.4.7"
+  resolved "https://registry.yarnpkg.com/wrtc/-/wrtc-0.4.7.tgz#c61530cd662713e50bffe64b7a78673ce070426c"
+  integrity sha512-P6Hn7VT4lfSH49HxLHcHhDq+aFf/jd9dPY7lDHeFhZ22N3858EKuwm2jmnlPzpsRGEPaoF6XwkcxY5SYnt4f/g==
+  dependencies:
+    node-pre-gyp "^0.13.0"
+  optionalDependencies:
+    domexception "^1.0.1"
+
+yallist@^3.0.0, yallist@^3.0.2:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/yallist/-/yallist-3.0.3.tgz#b4b049e314be545e3ce802236d6cd22cd91c3de9"
+  integrity sha512-S+Zk8DEWE6oKpV+vI3qWkaK+jSbIK86pCwe2IF/xwIpQ8jEuxpw9NyaGjmp9+BoJv5FV2piqCDcoCtStppiq2A==
diff --git a/server/vendor/github.com/pmezard/go-difflib/LICENSE b/server/vendor/github.com/pmezard/go-difflib/LICENSE
new file mode 100644
index 0000000..c67dad6
--- /dev/null
+++ b/server/vendor/github.com/pmezard/go-difflib/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2013, Patrick Mezard
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+    Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+    Redistributions in binary form must reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+    The names of its contributors may not be used to endorse or promote
+products derived from this software without specific prior written
+permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/server/vendor/github.com/pmezard/go-difflib/difflib/difflib.go b/server/vendor/github.com/pmezard/go-difflib/difflib/difflib.go
new file mode 100644
index 0000000..003e99f
--- /dev/null
+++ b/server/vendor/github.com/pmezard/go-difflib/difflib/difflib.go
@@ -0,0 +1,772 @@
+// Package difflib is a partial port of Python difflib module.
+//
+// It provides tools to compare sequences of strings and generate textual diffs.
+//
+// The following class and functions have been ported:
+//
+// - SequenceMatcher
+//
+// - unified_diff
+//
+// - context_diff
+//
+// Getting unified diffs was the main goal of the port. Keep in mind this code
+// is mostly suitable to output text differences in a human friendly way, there
+// are no guarantees generated diffs are consumable by patch(1).
+package difflib
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"io"
+	"strings"
+)
+
+func min(a, b int) int {
+	if a < b {
+		return a
+	}
+	return b
+}
+
+func max(a, b int) int {
+	if a > b {
+		return a
+	}
+	return b
+}
+
+func calculateRatio(matches, length int) float64 {
+	if length > 0 {
+		return 2.0 * float64(matches) / float64(length)
+	}
+	return 1.0
+}
+
+type Match struct {
+	A    int
+	B    int
+	Size int
+}
+
+type OpCode struct {
+	Tag byte
+	I1  int
+	I2  int
+	J1  int
+	J2  int
+}
+
+// SequenceMatcher compares sequence of strings. The basic
+// algorithm predates, and is a little fancier than, an algorithm
+// published in the late 1980's by Ratcliff and Obershelp under the
+// hyperbolic name "gestalt pattern matching".  The basic idea is to find
+// the longest contiguous matching subsequence that contains no "junk"
+// elements (R-O doesn't address junk).  The same idea is then applied
+// recursively to the pieces of the sequences to the left and to the right
+// of the matching subsequence.  This does not yield minimal edit
+// sequences, but does tend to yield matches that "look right" to people.
+//
+// SequenceMatcher tries to compute a "human-friendly diff" between two
+// sequences.  Unlike e.g. UNIX(tm) diff, the fundamental notion is the
+// longest *contiguous* & junk-free matching subsequence.  That's what
+// catches peoples' eyes.  The Windows(tm) windiff has another interesting
+// notion, pairing up elements that appear uniquely in each sequence.
+// That, and the method here, appear to yield more intuitive difference
+// reports than does diff.  This method appears to be the least vulnerable
+// to synching up on blocks of "junk lines", though (like blank lines in
+// ordinary text files, or maybe "<P>" lines in HTML files).  That may be
+// because this is the only method of the 3 that has a *concept* of
+// "junk" <wink>.
+//
+// Timing:  Basic R-O is cubic time worst case and quadratic time expected
+// case.  SequenceMatcher is quadratic time for the worst case and has
+// expected-case behavior dependent in a complicated way on how many
+// elements the sequences have in common; best case time is linear.
+type SequenceMatcher struct {
+	a              []string
+	b              []string
+	b2j            map[string][]int
+	IsJunk         func(string) bool
+	autoJunk       bool
+	bJunk          map[string]struct{}
+	matchingBlocks []Match
+	fullBCount     map[string]int
+	bPopular       map[string]struct{}
+	opCodes        []OpCode
+}
+
+func NewMatcher(a, b []string) *SequenceMatcher {
+	m := SequenceMatcher{autoJunk: true}
+	m.SetSeqs(a, b)
+	return &m
+}
+
+func NewMatcherWithJunk(a, b []string, autoJunk bool,
+	isJunk func(string) bool) *SequenceMatcher {
+
+	m := SequenceMatcher{IsJunk: isJunk, autoJunk: autoJunk}
+	m.SetSeqs(a, b)
+	return &m
+}
+
+// Set two sequences to be compared.
+func (m *SequenceMatcher) SetSeqs(a, b []string) {
+	m.SetSeq1(a)
+	m.SetSeq2(b)
+}
+
+// Set the first sequence to be compared. The second sequence to be compared is
+// not changed.
+//
+// SequenceMatcher computes and caches detailed information about the second
+// sequence, so if you want to compare one sequence S against many sequences,
+// use .SetSeq2(s) once and call .SetSeq1(x) repeatedly for each of the other
+// sequences.
+//
+// See also SetSeqs() and SetSeq2().
+func (m *SequenceMatcher) SetSeq1(a []string) {
+	if &a == &m.a {
+		return
+	}
+	m.a = a
+	m.matchingBlocks = nil
+	m.opCodes = nil
+}
+
+// Set the second sequence to be compared. The first sequence to be compared is
+// not changed.
+func (m *SequenceMatcher) SetSeq2(b []string) {
+	if &b == &m.b {
+		return
+	}
+	m.b = b
+	m.matchingBlocks = nil
+	m.opCodes = nil
+	m.fullBCount = nil
+	m.chainB()
+}
+
+func (m *SequenceMatcher) chainB() {
+	// Populate line -> index mapping
+	b2j := map[string][]int{}
+	for i, s := range m.b {
+		indices := b2j[s]
+		indices = append(indices, i)
+		b2j[s] = indices
+	}
+
+	// Purge junk elements
+	m.bJunk = map[string]struct{}{}
+	if m.IsJunk != nil {
+		junk := m.bJunk
+		for s, _ := range b2j {
+			if m.IsJunk(s) {
+				junk[s] = struct{}{}
+			}
+		}
+		for s, _ := range junk {
+			delete(b2j, s)
+		}
+	}
+
+	// Purge remaining popular elements
+	popular := map[string]struct{}{}
+	n := len(m.b)
+	if m.autoJunk && n >= 200 {
+		ntest := n/100 + 1
+		for s, indices := range b2j {
+			if len(indices) > ntest {
+				popular[s] = struct{}{}
+			}
+		}
+		for s, _ := range popular {
+			delete(b2j, s)
+		}
+	}
+	m.bPopular = popular
+	m.b2j = b2j
+}
+
+func (m *SequenceMatcher) isBJunk(s string) bool {
+	_, ok := m.bJunk[s]
+	return ok
+}
+
+// Find longest matching block in a[alo:ahi] and b[blo:bhi].
+//
+// If IsJunk is not defined:
+//
+// Return (i,j,k) such that a[i:i+k] is equal to b[j:j+k], where
+//     alo <= i <= i+k <= ahi
+//     blo <= j <= j+k <= bhi
+// and for all (i',j',k') meeting those conditions,
+//     k >= k'
+//     i <= i'
+//     and if i == i', j <= j'
+//
+// In other words, of all maximal matching blocks, return one that
+// starts earliest in a, and of all those maximal matching blocks that
+// start earliest in a, return the one that starts earliest in b.
+//
+// If IsJunk is defined, first the longest matching block is
+// determined as above, but with the additional restriction that no
+// junk element appears in the block.  Then that block is extended as
+// far as possible by matching (only) junk elements on both sides.  So
+// the resulting block never matches on junk except as identical junk
+// happens to be adjacent to an "interesting" match.
+//
+// If no blocks match, return (alo, blo, 0).
+func (m *SequenceMatcher) findLongestMatch(alo, ahi, blo, bhi int) Match {
+	// CAUTION:  stripping common prefix or suffix would be incorrect.
+	// E.g.,
+	//    ab
+	//    acab
+	// Longest matching block is "ab", but if common prefix is
+	// stripped, it's "a" (tied with "b").  UNIX(tm) diff does so
+	// strip, so ends up claiming that ab is changed to acab by
+	// inserting "ca" in the middle.  That's minimal but unintuitive:
+	// "it's obvious" that someone inserted "ac" at the front.
+	// Windiff ends up at the same place as diff, but by pairing up
+	// the unique 'b's and then matching the first two 'a's.
+	besti, bestj, bestsize := alo, blo, 0
+
+	// find longest junk-free match
+	// during an iteration of the loop, j2len[j] = length of longest
+	// junk-free match ending with a[i-1] and b[j]
+	j2len := map[int]int{}
+	for i := alo; i != ahi; i++ {
+		// look at all instances of a[i] in b; note that because
+		// b2j has no junk keys, the loop is skipped if a[i] is junk
+		newj2len := map[int]int{}
+		for _, j := range m.b2j[m.a[i]] {
+			// a[i] matches b[j]
+			if j < blo {
+				continue
+			}
+			if j >= bhi {
+				break
+			}
+			k := j2len[j-1] + 1
+			newj2len[j] = k
+			if k > bestsize {
+				besti, bestj, bestsize = i-k+1, j-k+1, k
+			}
+		}
+		j2len = newj2len
+	}
+
+	// Extend the best by non-junk elements on each end.  In particular,
+	// "popular" non-junk elements aren't in b2j, which greatly speeds
+	// the inner loop above, but also means "the best" match so far
+	// doesn't contain any junk *or* popular non-junk elements.
+	for besti > alo && bestj > blo && !m.isBJunk(m.b[bestj-1]) &&
+		m.a[besti-1] == m.b[bestj-1] {
+		besti, bestj, bestsize = besti-1, bestj-1, bestsize+1
+	}
+	for besti+bestsize < ahi && bestj+bestsize < bhi &&
+		!m.isBJunk(m.b[bestj+bestsize]) &&
+		m.a[besti+bestsize] == m.b[bestj+bestsize] {
+		bestsize += 1
+	}
+
+	// Now that we have a wholly interesting match (albeit possibly
+	// empty!), we may as well suck up the matching junk on each
+	// side of it too.  Can't think of a good reason not to, and it
+	// saves post-processing the (possibly considerable) expense of
+	// figuring out what to do with it.  In the case of an empty
+	// interesting match, this is clearly the right thing to do,
+	// because no other kind of match is possible in the regions.
+	for besti > alo && bestj > blo && m.isBJunk(m.b[bestj-1]) &&
+		m.a[besti-1] == m.b[bestj-1] {
+		besti, bestj, bestsize = besti-1, bestj-1, bestsize+1
+	}
+	for besti+bestsize < ahi && bestj+bestsize < bhi &&
+		m.isBJunk(m.b[bestj+bestsize]) &&
+		m.a[besti+bestsize] == m.b[bestj+bestsize] {
+		bestsize += 1
+	}
+
+	return Match{A: besti, B: bestj, Size: bestsize}
+}
+
+// Return list of triples describing matching subsequences.
+//
+// Each triple is of the form (i, j, n), and means that
+// a[i:i+n] == b[j:j+n].  The triples are monotonically increasing in
+// i and in j. It's also guaranteed that if (i, j, n) and (i', j', n') are
+// adjacent triples in the list, and the second is not the last triple in the
+// list, then i+n != i' or j+n != j'. IOW, adjacent triples never describe
+// adjacent equal blocks.
+//
+// The last triple is a dummy, (len(a), len(b), 0), and is the only
+// triple with n==0.
+func (m *SequenceMatcher) GetMatchingBlocks() []Match {
+	if m.matchingBlocks != nil {
+		return m.matchingBlocks
+	}
+
+	var matchBlocks func(alo, ahi, blo, bhi int, matched []Match) []Match
+	matchBlocks = func(alo, ahi, blo, bhi int, matched []Match) []Match {
+		match := m.findLongestMatch(alo, ahi, blo, bhi)
+		i, j, k := match.A, match.B, match.Size
+		if match.Size > 0 {
+			if alo < i && blo < j {
+				matched = matchBlocks(alo, i, blo, j, matched)
+			}
+			matched = append(matched, match)
+			if i+k < ahi && j+k < bhi {
+				matched = matchBlocks(i+k, ahi, j+k, bhi, matched)
+			}
+		}
+		return matched
+	}
+	matched := matchBlocks(0, len(m.a), 0, len(m.b), nil)
+
+	// It's possible that we have adjacent equal blocks in the
+	// matching_blocks list now.
+	nonAdjacent := []Match{}
+	i1, j1, k1 := 0, 0, 0
+	for _, b := range matched {
+		// Is this block adjacent to i1, j1, k1?
+		i2, j2, k2 := b.A, b.B, b.Size
+		if i1+k1 == i2 && j1+k1 == j2 {
+			// Yes, so collapse them -- this just increases the length of
+			// the first block by the length of the second, and the first
+			// block so lengthened remains the block to compare against.
+			k1 += k2
+		} else {
+			// Not adjacent.  Remember the first block (k1==0 means it's
+			// the dummy we started with), and make the second block the
+			// new block to compare against.
+			if k1 > 0 {
+				nonAdjacent = append(nonAdjacent, Match{i1, j1, k1})
+			}
+			i1, j1, k1 = i2, j2, k2
+		}
+	}
+	if k1 > 0 {
+		nonAdjacent = append(nonAdjacent, Match{i1, j1, k1})
+	}
+
+	nonAdjacent = append(nonAdjacent, Match{len(m.a), len(m.b), 0})
+	m.matchingBlocks = nonAdjacent
+	return m.matchingBlocks
+}
+
+// Return list of 5-tuples describing how to turn a into b.
+//
+// Each tuple is of the form (tag, i1, i2, j1, j2).  The first tuple
+// has i1 == j1 == 0, and remaining tuples have i1 == the i2 from the
+// tuple preceding it, and likewise for j1 == the previous j2.
+//
+// The tags are characters, with these meanings:
+//
+// 'r' (replace):  a[i1:i2] should be replaced by b[j1:j2]
+//
+// 'd' (delete):   a[i1:i2] should be deleted, j1==j2 in this case.
+//
+// 'i' (insert):   b[j1:j2] should be inserted at a[i1:i1], i1==i2 in this case.
+//
+// 'e' (equal):    a[i1:i2] == b[j1:j2]
+func (m *SequenceMatcher) GetOpCodes() []OpCode {
+	if m.opCodes != nil {
+		return m.opCodes
+	}
+	i, j := 0, 0
+	matching := m.GetMatchingBlocks()
+	opCodes := make([]OpCode, 0, len(matching))
+	for _, m := range matching {
+		//  invariant:  we've pumped out correct diffs to change
+		//  a[:i] into b[:j], and the next matching block is
+		//  a[ai:ai+size] == b[bj:bj+size]. So we need to pump
+		//  out a diff to change a[i:ai] into b[j:bj], pump out
+		//  the matching block, and move (i,j) beyond the match
+		ai, bj, size := m.A, m.B, m.Size
+		tag := byte(0)
+		if i < ai && j < bj {
+			tag = 'r'
+		} else if i < ai {
+			tag = 'd'
+		} else if j < bj {
+			tag = 'i'
+		}
+		if tag > 0 {
+			opCodes = append(opCodes, OpCode{tag, i, ai, j, bj})
+		}
+		i, j = ai+size, bj+size
+		// the list of matching blocks is terminated by a
+		// sentinel with size 0
+		if size > 0 {
+			opCodes = append(opCodes, OpCode{'e', ai, i, bj, j})
+		}
+	}
+	m.opCodes = opCodes
+	return m.opCodes
+}
+
+// Isolate change clusters by eliminating ranges with no changes.
+//
+// Return a generator of groups with up to n lines of context.
+// Each group is in the same format as returned by GetOpCodes().
+func (m *SequenceMatcher) GetGroupedOpCodes(n int) [][]OpCode {
+	if n < 0 {
+		n = 3
+	}
+	codes := m.GetOpCodes()
+	if len(codes) == 0 {
+		codes = []OpCode{OpCode{'e', 0, 1, 0, 1}}
+	}
+	// Fixup leading and trailing groups if they show no changes.
+	if codes[0].Tag == 'e' {
+		c := codes[0]
+		i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2
+		codes[0] = OpCode{c.Tag, max(i1, i2-n), i2, max(j1, j2-n), j2}
+	}
+	if codes[len(codes)-1].Tag == 'e' {
+		c := codes[len(codes)-1]
+		i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2
+		codes[len(codes)-1] = OpCode{c.Tag, i1, min(i2, i1+n), j1, min(j2, j1+n)}
+	}
+	nn := n + n
+	groups := [][]OpCode{}
+	group := []OpCode{}
+	for _, c := range codes {
+		i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2
+		// End the current group and start a new one whenever
+		// there is a large range with no changes.
+		if c.Tag == 'e' && i2-i1 > nn {
+			group = append(group, OpCode{c.Tag, i1, min(i2, i1+n),
+				j1, min(j2, j1+n)})
+			groups = append(groups, group)
+			group = []OpCode{}
+			i1, j1 = max(i1, i2-n), max(j1, j2-n)
+		}
+		group = append(group, OpCode{c.Tag, i1, i2, j1, j2})
+	}
+	if len(group) > 0 && !(len(group) == 1 && group[0].Tag == 'e') {
+		groups = append(groups, group)
+	}
+	return groups
+}
+
+// Return a measure of the sequences' similarity (float in [0,1]).
+//
+// Where T is the total number of elements in both sequences, and
+// M is the number of matches, this is 2.0*M / T.
+// Note that this is 1 if the sequences are identical, and 0 if
+// they have nothing in common.
+//
+// .Ratio() is expensive to compute if you haven't already computed
+// .GetMatchingBlocks() or .GetOpCodes(), in which case you may
+// want to try .QuickRatio() or .RealQuickRation() first to get an
+// upper bound.
+func (m *SequenceMatcher) Ratio() float64 {
+	matches := 0
+	for _, m := range m.GetMatchingBlocks() {
+		matches += m.Size
+	}
+	return calculateRatio(matches, len(m.a)+len(m.b))
+}
+
+// Return an upper bound on ratio() relatively quickly.
+//
+// This isn't defined beyond that it is an upper bound on .Ratio(), and
+// is faster to compute.
+func (m *SequenceMatcher) QuickRatio() float64 {
+	// viewing a and b as multisets, set matches to the cardinality
+	// of their intersection; this counts the number of matches
+	// without regard to order, so is clearly an upper bound
+	if m.fullBCount == nil {
+		m.fullBCount = map[string]int{}
+		for _, s := range m.b {
+			m.fullBCount[s] = m.fullBCount[s] + 1
+		}
+	}
+
+	// avail[x] is the number of times x appears in 'b' less the
+	// number of times we've seen it in 'a' so far ... kinda
+	avail := map[string]int{}
+	matches := 0
+	for _, s := range m.a {
+		n, ok := avail[s]
+		if !ok {
+			n = m.fullBCount[s]
+		}
+		avail[s] = n - 1
+		if n > 0 {
+			matches += 1
+		}
+	}
+	return calculateRatio(matches, len(m.a)+len(m.b))
+}
+
+// Return an upper bound on ratio() very quickly.
+//
+// This isn't defined beyond that it is an upper bound on .Ratio(), and
+// is faster to compute than either .Ratio() or .QuickRatio().
+func (m *SequenceMatcher) RealQuickRatio() float64 {
+	la, lb := len(m.a), len(m.b)
+	return calculateRatio(min(la, lb), la+lb)
+}
+
+// Convert range to the "ed" format
+func formatRangeUnified(start, stop int) string {
+	// Per the diff spec at http://www.unix.org/single_unix_specification/
+	beginning := start + 1 // lines start numbering with one
+	length := stop - start
+	if length == 1 {
+		return fmt.Sprintf("%d", beginning)
+	}
+	if length == 0 {
+		beginning -= 1 // empty ranges begin at line just before the range
+	}
+	return fmt.Sprintf("%d,%d", beginning, length)
+}
+
+// Unified diff parameters
+type UnifiedDiff struct {
+	A        []string // First sequence lines
+	FromFile string   // First file name
+	FromDate string   // First file time
+	B        []string // Second sequence lines
+	ToFile   string   // Second file name
+	ToDate   string   // Second file time
+	Eol      string   // Headers end of line, defaults to LF
+	Context  int      // Number of context lines
+}
+
+// Compare two sequences of lines; generate the delta as a unified diff.
+//
+// Unified diffs are a compact way of showing line changes and a few
+// lines of context.  The number of context lines is set by 'n' which
+// defaults to three.
+//
+// By default, the diff control lines (those with ---, +++, or @@) are
+// created with a trailing newline.  This is helpful so that inputs
+// created from file.readlines() result in diffs that are suitable for
+// file.writelines() since both the inputs and outputs have trailing
+// newlines.
+//
+// For inputs that do not have trailing newlines, set the lineterm
+// argument to "" so that the output will be uniformly newline free.
+//
+// The unidiff format normally has a header for filenames and modification
+// times.  Any or all of these may be specified using strings for
+// 'fromfile', 'tofile', 'fromfiledate', and 'tofiledate'.
+// The modification times are normally expressed in the ISO 8601 format.
+func WriteUnifiedDiff(writer io.Writer, diff UnifiedDiff) error {
+	buf := bufio.NewWriter(writer)
+	defer buf.Flush()
+	wf := func(format string, args ...interface{}) error {
+		_, err := buf.WriteString(fmt.Sprintf(format, args...))
+		return err
+	}
+	ws := func(s string) error {
+		_, err := buf.WriteString(s)
+		return err
+	}
+
+	if len(diff.Eol) == 0 {
+		diff.Eol = "\n"
+	}
+
+	started := false
+	m := NewMatcher(diff.A, diff.B)
+	for _, g := range m.GetGroupedOpCodes(diff.Context) {
+		if !started {
+			started = true
+			fromDate := ""
+			if len(diff.FromDate) > 0 {
+				fromDate = "\t" + diff.FromDate
+			}
+			toDate := ""
+			if len(diff.ToDate) > 0 {
+				toDate = "\t" + diff.ToDate
+			}
+			if diff.FromFile != "" || diff.ToFile != "" {
+				err := wf("--- %s%s%s", diff.FromFile, fromDate, diff.Eol)
+				if err != nil {
+					return err
+				}
+				err = wf("+++ %s%s%s", diff.ToFile, toDate, diff.Eol)
+				if err != nil {
+					return err
+				}
+			}
+		}
+		first, last := g[0], g[len(g)-1]
+		range1 := formatRangeUnified(first.I1, last.I2)
+		range2 := formatRangeUnified(first.J1, last.J2)
+		if err := wf("@@ -%s +%s @@%s", range1, range2, diff.Eol); err != nil {
+			return err
+		}
+		for _, c := range g {
+			i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2
+			if c.Tag == 'e' {
+				for _, line := range diff.A[i1:i2] {
+					if err := ws(" " + line); err != nil {
+						return err
+					}
+				}
+				continue
+			}
+			if c.Tag == 'r' || c.Tag == 'd' {
+				for _, line := range diff.A[i1:i2] {
+					if err := ws("-" + line); err != nil {
+						return err
+					}
+				}
+			}
+			if c.Tag == 'r' || c.Tag == 'i' {
+				for _, line := range diff.B[j1:j2] {
+					if err := ws("+" + line); err != nil {
+						return err
+					}
+				}
+			}
+		}
+	}
+	return nil
+}
+
+// Like WriteUnifiedDiff but returns the diff a string.
+func GetUnifiedDiffString(diff UnifiedDiff) (string, error) {
+	w := &bytes.Buffer{}
+	err := WriteUnifiedDiff(w, diff)
+	return string(w.Bytes()), err
+}
+
+// Convert range to the "ed" format.
+func formatRangeContext(start, stop int) string {
+	// Per the diff spec at http://www.unix.org/single_unix_specification/
+	beginning := start + 1 // lines start numbering with one
+	length := stop - start
+	if length == 0 {
+		beginning -= 1 // empty ranges begin at line just before the range
+	}
+	if length <= 1 {
+		return fmt.Sprintf("%d", beginning)
+	}
+	return fmt.Sprintf("%d,%d", beginning, beginning+length-1)
+}
+
+type ContextDiff UnifiedDiff
+
+// Compare two sequences of lines; generate the delta as a context diff.
+//
+// Context diffs are a compact way of showing line changes and a few
+// lines of context. The number of context lines is set by diff.Context
+// which defaults to three.
+//
+// By default, the diff control lines (those with *** or ---) are
+// created with a trailing newline.
+//
+// For inputs that do not have trailing newlines, set the diff.Eol
+// argument to "" so that the output will be uniformly newline free.
+//
+// The context diff format normally has a header for filenames and
+// modification times.  Any or all of these may be specified using
+// strings for diff.FromFile, diff.ToFile, diff.FromDate, diff.ToDate.
+// The modification times are normally expressed in the ISO 8601 format.
+// If not specified, the strings default to blanks.
+func WriteContextDiff(writer io.Writer, diff ContextDiff) error {
+	buf := bufio.NewWriter(writer)
+	defer buf.Flush()
+	var diffErr error
+	wf := func(format string, args ...interface{}) {
+		_, err := buf.WriteString(fmt.Sprintf(format, args...))
+		if diffErr == nil && err != nil {
+			diffErr = err
+		}
+	}
+	ws := func(s string) {
+		_, err := buf.WriteString(s)
+		if diffErr == nil && err != nil {
+			diffErr = err
+		}
+	}
+
+	if len(diff.Eol) == 0 {
+		diff.Eol = "\n"
+	}
+
+	prefix := map[byte]string{
+		'i': "+ ",
+		'd': "- ",
+		'r': "! ",
+		'e': "  ",
+	}
+
+	started := false
+	m := NewMatcher(diff.A, diff.B)
+	for _, g := range m.GetGroupedOpCodes(diff.Context) {
+		if !started {
+			started = true
+			fromDate := ""
+			if len(diff.FromDate) > 0 {
+				fromDate = "\t" + diff.FromDate
+			}
+			toDate := ""
+			if len(diff.ToDate) > 0 {
+				toDate = "\t" + diff.ToDate
+			}
+			if diff.FromFile != "" || diff.ToFile != "" {
+				wf("*** %s%s%s", diff.FromFile, fromDate, diff.Eol)
+				wf("--- %s%s%s", diff.ToFile, toDate, diff.Eol)
+			}
+		}
+
+		first, last := g[0], g[len(g)-1]
+		ws("***************" + diff.Eol)
+
+		range1 := formatRangeContext(first.I1, last.I2)
+		wf("*** %s ****%s", range1, diff.Eol)
+		for _, c := range g {
+			if c.Tag == 'r' || c.Tag == 'd' {
+				for _, cc := range g {
+					if cc.Tag == 'i' {
+						continue
+					}
+					for _, line := range diff.A[cc.I1:cc.I2] {
+						ws(prefix[cc.Tag] + line)
+					}
+				}
+				break
+			}
+		}
+
+		range2 := formatRangeContext(first.J1, last.J2)
+		wf("--- %s ----%s", range2, diff.Eol)
+		for _, c := range g {
+			if c.Tag == 'r' || c.Tag == 'i' {
+				for _, cc := range g {
+					if cc.Tag == 'd' {
+						continue
+					}
+					for _, line := range diff.B[cc.J1:cc.J2] {
+						ws(prefix[cc.Tag] + line)
+					}
+				}
+				break
+			}
+		}
+	}
+	return diffErr
+}
+
+// Like WriteContextDiff but returns the diff a string.
+func GetContextDiffString(diff ContextDiff) (string, error) {
+	w := &bytes.Buffer{}
+	err := WriteContextDiff(w, diff)
+	return string(w.Bytes()), err
+}
+
+// Split a string on "\n" while preserving them. The output can be used
+// as input for UnifiedDiff and ContextDiff structures.
+func SplitLines(s string) []string {
+	lines := strings.SplitAfter(s, "\n")
+	lines[len(lines)-1] += "\n"
+	return lines
+}
diff --git a/server/vendor/github.com/stretchr/testify/LICENSE b/server/vendor/github.com/stretchr/testify/LICENSE
new file mode 100644
index 0000000..4b0421c
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2012-2020 Mat Ryer, Tyler Bunnell and contributors.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/server/vendor/github.com/stretchr/testify/assert/assertion_compare.go b/server/vendor/github.com/stretchr/testify/assert/assertion_compare.go
new file mode 100644
index 0000000..4d4b4aa
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/assertion_compare.go
@@ -0,0 +1,480 @@
+package assert
+
+import (
+	"bytes"
+	"fmt"
+	"reflect"
+	"time"
+)
+
+type CompareType int
+
+const (
+	compareLess CompareType = iota - 1
+	compareEqual
+	compareGreater
+)
+
+var (
+	intType   = reflect.TypeOf(int(1))
+	int8Type  = reflect.TypeOf(int8(1))
+	int16Type = reflect.TypeOf(int16(1))
+	int32Type = reflect.TypeOf(int32(1))
+	int64Type = reflect.TypeOf(int64(1))
+
+	uintType   = reflect.TypeOf(uint(1))
+	uint8Type  = reflect.TypeOf(uint8(1))
+	uint16Type = reflect.TypeOf(uint16(1))
+	uint32Type = reflect.TypeOf(uint32(1))
+	uint64Type = reflect.TypeOf(uint64(1))
+
+	uintptrType = reflect.TypeOf(uintptr(1))
+
+	float32Type = reflect.TypeOf(float32(1))
+	float64Type = reflect.TypeOf(float64(1))
+
+	stringType = reflect.TypeOf("")
+
+	timeType  = reflect.TypeOf(time.Time{})
+	bytesType = reflect.TypeOf([]byte{})
+)
+
+func compare(obj1, obj2 interface{}, kind reflect.Kind) (CompareType, bool) {
+	obj1Value := reflect.ValueOf(obj1)
+	obj2Value := reflect.ValueOf(obj2)
+
+	// throughout this switch we try and avoid calling .Convert() if possible,
+	// as this has a pretty big performance impact
+	switch kind {
+	case reflect.Int:
+		{
+			intobj1, ok := obj1.(int)
+			if !ok {
+				intobj1 = obj1Value.Convert(intType).Interface().(int)
+			}
+			intobj2, ok := obj2.(int)
+			if !ok {
+				intobj2 = obj2Value.Convert(intType).Interface().(int)
+			}
+			if intobj1 > intobj2 {
+				return compareGreater, true
+			}
+			if intobj1 == intobj2 {
+				return compareEqual, true
+			}
+			if intobj1 < intobj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Int8:
+		{
+			int8obj1, ok := obj1.(int8)
+			if !ok {
+				int8obj1 = obj1Value.Convert(int8Type).Interface().(int8)
+			}
+			int8obj2, ok := obj2.(int8)
+			if !ok {
+				int8obj2 = obj2Value.Convert(int8Type).Interface().(int8)
+			}
+			if int8obj1 > int8obj2 {
+				return compareGreater, true
+			}
+			if int8obj1 == int8obj2 {
+				return compareEqual, true
+			}
+			if int8obj1 < int8obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Int16:
+		{
+			int16obj1, ok := obj1.(int16)
+			if !ok {
+				int16obj1 = obj1Value.Convert(int16Type).Interface().(int16)
+			}
+			int16obj2, ok := obj2.(int16)
+			if !ok {
+				int16obj2 = obj2Value.Convert(int16Type).Interface().(int16)
+			}
+			if int16obj1 > int16obj2 {
+				return compareGreater, true
+			}
+			if int16obj1 == int16obj2 {
+				return compareEqual, true
+			}
+			if int16obj1 < int16obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Int32:
+		{
+			int32obj1, ok := obj1.(int32)
+			if !ok {
+				int32obj1 = obj1Value.Convert(int32Type).Interface().(int32)
+			}
+			int32obj2, ok := obj2.(int32)
+			if !ok {
+				int32obj2 = obj2Value.Convert(int32Type).Interface().(int32)
+			}
+			if int32obj1 > int32obj2 {
+				return compareGreater, true
+			}
+			if int32obj1 == int32obj2 {
+				return compareEqual, true
+			}
+			if int32obj1 < int32obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Int64:
+		{
+			int64obj1, ok := obj1.(int64)
+			if !ok {
+				int64obj1 = obj1Value.Convert(int64Type).Interface().(int64)
+			}
+			int64obj2, ok := obj2.(int64)
+			if !ok {
+				int64obj2 = obj2Value.Convert(int64Type).Interface().(int64)
+			}
+			if int64obj1 > int64obj2 {
+				return compareGreater, true
+			}
+			if int64obj1 == int64obj2 {
+				return compareEqual, true
+			}
+			if int64obj1 < int64obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Uint:
+		{
+			uintobj1, ok := obj1.(uint)
+			if !ok {
+				uintobj1 = obj1Value.Convert(uintType).Interface().(uint)
+			}
+			uintobj2, ok := obj2.(uint)
+			if !ok {
+				uintobj2 = obj2Value.Convert(uintType).Interface().(uint)
+			}
+			if uintobj1 > uintobj2 {
+				return compareGreater, true
+			}
+			if uintobj1 == uintobj2 {
+				return compareEqual, true
+			}
+			if uintobj1 < uintobj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Uint8:
+		{
+			uint8obj1, ok := obj1.(uint8)
+			if !ok {
+				uint8obj1 = obj1Value.Convert(uint8Type).Interface().(uint8)
+			}
+			uint8obj2, ok := obj2.(uint8)
+			if !ok {
+				uint8obj2 = obj2Value.Convert(uint8Type).Interface().(uint8)
+			}
+			if uint8obj1 > uint8obj2 {
+				return compareGreater, true
+			}
+			if uint8obj1 == uint8obj2 {
+				return compareEqual, true
+			}
+			if uint8obj1 < uint8obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Uint16:
+		{
+			uint16obj1, ok := obj1.(uint16)
+			if !ok {
+				uint16obj1 = obj1Value.Convert(uint16Type).Interface().(uint16)
+			}
+			uint16obj2, ok := obj2.(uint16)
+			if !ok {
+				uint16obj2 = obj2Value.Convert(uint16Type).Interface().(uint16)
+			}
+			if uint16obj1 > uint16obj2 {
+				return compareGreater, true
+			}
+			if uint16obj1 == uint16obj2 {
+				return compareEqual, true
+			}
+			if uint16obj1 < uint16obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Uint32:
+		{
+			uint32obj1, ok := obj1.(uint32)
+			if !ok {
+				uint32obj1 = obj1Value.Convert(uint32Type).Interface().(uint32)
+			}
+			uint32obj2, ok := obj2.(uint32)
+			if !ok {
+				uint32obj2 = obj2Value.Convert(uint32Type).Interface().(uint32)
+			}
+			if uint32obj1 > uint32obj2 {
+				return compareGreater, true
+			}
+			if uint32obj1 == uint32obj2 {
+				return compareEqual, true
+			}
+			if uint32obj1 < uint32obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Uint64:
+		{
+			uint64obj1, ok := obj1.(uint64)
+			if !ok {
+				uint64obj1 = obj1Value.Convert(uint64Type).Interface().(uint64)
+			}
+			uint64obj2, ok := obj2.(uint64)
+			if !ok {
+				uint64obj2 = obj2Value.Convert(uint64Type).Interface().(uint64)
+			}
+			if uint64obj1 > uint64obj2 {
+				return compareGreater, true
+			}
+			if uint64obj1 == uint64obj2 {
+				return compareEqual, true
+			}
+			if uint64obj1 < uint64obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Float32:
+		{
+			float32obj1, ok := obj1.(float32)
+			if !ok {
+				float32obj1 = obj1Value.Convert(float32Type).Interface().(float32)
+			}
+			float32obj2, ok := obj2.(float32)
+			if !ok {
+				float32obj2 = obj2Value.Convert(float32Type).Interface().(float32)
+			}
+			if float32obj1 > float32obj2 {
+				return compareGreater, true
+			}
+			if float32obj1 == float32obj2 {
+				return compareEqual, true
+			}
+			if float32obj1 < float32obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.Float64:
+		{
+			float64obj1, ok := obj1.(float64)
+			if !ok {
+				float64obj1 = obj1Value.Convert(float64Type).Interface().(float64)
+			}
+			float64obj2, ok := obj2.(float64)
+			if !ok {
+				float64obj2 = obj2Value.Convert(float64Type).Interface().(float64)
+			}
+			if float64obj1 > float64obj2 {
+				return compareGreater, true
+			}
+			if float64obj1 == float64obj2 {
+				return compareEqual, true
+			}
+			if float64obj1 < float64obj2 {
+				return compareLess, true
+			}
+		}
+	case reflect.String:
+		{
+			stringobj1, ok := obj1.(string)
+			if !ok {
+				stringobj1 = obj1Value.Convert(stringType).Interface().(string)
+			}
+			stringobj2, ok := obj2.(string)
+			if !ok {
+				stringobj2 = obj2Value.Convert(stringType).Interface().(string)
+			}
+			if stringobj1 > stringobj2 {
+				return compareGreater, true
+			}
+			if stringobj1 == stringobj2 {
+				return compareEqual, true
+			}
+			if stringobj1 < stringobj2 {
+				return compareLess, true
+			}
+		}
+	// Check for known struct types we can check for compare results.
+	case reflect.Struct:
+		{
+			// All structs enter here. We're not interested in most types.
+			if !obj1Value.CanConvert(timeType) {
+				break
+			}
+
+			// time.Time can be compared!
+			timeObj1, ok := obj1.(time.Time)
+			if !ok {
+				timeObj1 = obj1Value.Convert(timeType).Interface().(time.Time)
+			}
+
+			timeObj2, ok := obj2.(time.Time)
+			if !ok {
+				timeObj2 = obj2Value.Convert(timeType).Interface().(time.Time)
+			}
+
+			return compare(timeObj1.UnixNano(), timeObj2.UnixNano(), reflect.Int64)
+		}
+	case reflect.Slice:
+		{
+			// We only care about the []byte type.
+			if !obj1Value.CanConvert(bytesType) {
+				break
+			}
+
+			// []byte can be compared!
+			bytesObj1, ok := obj1.([]byte)
+			if !ok {
+				bytesObj1 = obj1Value.Convert(bytesType).Interface().([]byte)
+
+			}
+			bytesObj2, ok := obj2.([]byte)
+			if !ok {
+				bytesObj2 = obj2Value.Convert(bytesType).Interface().([]byte)
+			}
+
+			return CompareType(bytes.Compare(bytesObj1, bytesObj2)), true
+		}
+	case reflect.Uintptr:
+		{
+			uintptrObj1, ok := obj1.(uintptr)
+			if !ok {
+				uintptrObj1 = obj1Value.Convert(uintptrType).Interface().(uintptr)
+			}
+			uintptrObj2, ok := obj2.(uintptr)
+			if !ok {
+				uintptrObj2 = obj2Value.Convert(uintptrType).Interface().(uintptr)
+			}
+			if uintptrObj1 > uintptrObj2 {
+				return compareGreater, true
+			}
+			if uintptrObj1 == uintptrObj2 {
+				return compareEqual, true
+			}
+			if uintptrObj1 < uintptrObj2 {
+				return compareLess, true
+			}
+		}
+	}
+
+	return compareEqual, false
+}
+
+// Greater asserts that the first element is greater than the second
+//
+//	assert.Greater(t, 2, 1)
+//	assert.Greater(t, float64(2), float64(1))
+//	assert.Greater(t, "b", "a")
+func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return compareTwoValues(t, e1, e2, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...)
+}
+
+// GreaterOrEqual asserts that the first element is greater than or equal to the second
+//
+//	assert.GreaterOrEqual(t, 2, 1)
+//	assert.GreaterOrEqual(t, 2, 2)
+//	assert.GreaterOrEqual(t, "b", "a")
+//	assert.GreaterOrEqual(t, "b", "b")
+func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return compareTwoValues(t, e1, e2, []CompareType{compareGreater, compareEqual}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...)
+}
+
+// Less asserts that the first element is less than the second
+//
+//	assert.Less(t, 1, 2)
+//	assert.Less(t, float64(1), float64(2))
+//	assert.Less(t, "a", "b")
+func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return compareTwoValues(t, e1, e2, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...)
+}
+
+// LessOrEqual asserts that the first element is less than or equal to the second
+//
+//	assert.LessOrEqual(t, 1, 2)
+//	assert.LessOrEqual(t, 2, 2)
+//	assert.LessOrEqual(t, "a", "b")
+//	assert.LessOrEqual(t, "b", "b")
+func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return compareTwoValues(t, e1, e2, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...)
+}
+
+// Positive asserts that the specified element is positive
+//
+//	assert.Positive(t, 1)
+//	assert.Positive(t, 1.23)
+func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	zero := reflect.Zero(reflect.TypeOf(e))
+	return compareTwoValues(t, e, zero.Interface(), []CompareType{compareGreater}, "\"%v\" is not positive", msgAndArgs...)
+}
+
+// Negative asserts that the specified element is negative
+//
+//	assert.Negative(t, -1)
+//	assert.Negative(t, -1.23)
+func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	zero := reflect.Zero(reflect.TypeOf(e))
+	return compareTwoValues(t, e, zero.Interface(), []CompareType{compareLess}, "\"%v\" is not negative", msgAndArgs...)
+}
+
+func compareTwoValues(t TestingT, e1 interface{}, e2 interface{}, allowedComparesResults []CompareType, failMessage string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	e1Kind := reflect.ValueOf(e1).Kind()
+	e2Kind := reflect.ValueOf(e2).Kind()
+	if e1Kind != e2Kind {
+		return Fail(t, "Elements should be the same type", msgAndArgs...)
+	}
+
+	compareResult, isComparable := compare(e1, e2, e1Kind)
+	if !isComparable {
+		return Fail(t, fmt.Sprintf("Can not compare type \"%s\"", reflect.TypeOf(e1)), msgAndArgs...)
+	}
+
+	if !containsValue(allowedComparesResults, compareResult) {
+		return Fail(t, fmt.Sprintf(failMessage, e1, e2), msgAndArgs...)
+	}
+
+	return true
+}
+
+func containsValue(values []CompareType, value CompareType) bool {
+	for _, v := range values {
+		if v == value {
+			return true
+		}
+	}
+
+	return false
+}
diff --git a/server/vendor/github.com/stretchr/testify/assert/assertion_format.go b/server/vendor/github.com/stretchr/testify/assert/assertion_format.go
new file mode 100644
index 0000000..3ddab10
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/assertion_format.go
@@ -0,0 +1,815 @@
+// Code generated with github.com/stretchr/testify/_codegen; DO NOT EDIT.
+
+package assert
+
+import (
+	http "net/http"
+	url "net/url"
+	time "time"
+)
+
+// Conditionf uses a Comparison to assert a complex condition.
+func Conditionf(t TestingT, comp Comparison, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Condition(t, comp, append([]interface{}{msg}, args...)...)
+}
+
+// Containsf asserts that the specified string, list(array, slice...) or map contains the
+// specified substring or element.
+//
+//	assert.Containsf(t, "Hello World", "World", "error message %s", "formatted")
+//	assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted")
+//	assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted")
+func Containsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Contains(t, s, contains, append([]interface{}{msg}, args...)...)
+}
+
+// DirExistsf checks whether a directory exists in the given path. It also fails
+// if the path is a file rather a directory or there is an error checking whether it exists.
+func DirExistsf(t TestingT, path string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return DirExists(t, path, append([]interface{}{msg}, args...)...)
+}
+
+// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified
+// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
+// the number of appearances of each of them in both lists should match.
+//
+// assert.ElementsMatchf(t, [1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted")
+func ElementsMatchf(t TestingT, listA interface{}, listB interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return ElementsMatch(t, listA, listB, append([]interface{}{msg}, args...)...)
+}
+
+// Emptyf asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	assert.Emptyf(t, obj, "error message %s", "formatted")
+func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Empty(t, object, append([]interface{}{msg}, args...)...)
+}
+
+// Equalf asserts that two objects are equal.
+//
+//	assert.Equalf(t, 123, 123, "error message %s", "formatted")
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses). Function equality
+// cannot be determined and will always fail.
+func Equalf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Equal(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// EqualErrorf asserts that a function returned an error (i.e. not `nil`)
+// and that it is equal to the provided error.
+//
+//	actualObj, err := SomeFunction()
+//	assert.EqualErrorf(t, err,  expectedErrorString, "error message %s", "formatted")
+func EqualErrorf(t TestingT, theError error, errString string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualError(t, theError, errString, append([]interface{}{msg}, args...)...)
+}
+
+// EqualExportedValuesf asserts that the types of two objects are equal and their public
+// fields are also equal. This is useful for comparing structs that have private fields
+// that could potentially differ.
+//
+//	 type S struct {
+//		Exported     	int
+//		notExported   	int
+//	 }
+//	 assert.EqualExportedValuesf(t, S{1, 2}, S{1, 3}, "error message %s", "formatted") => true
+//	 assert.EqualExportedValuesf(t, S{1, 2}, S{2, 3}, "error message %s", "formatted") => false
+func EqualExportedValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualExportedValues(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// EqualValuesf asserts that two objects are equal or convertible to the same types
+// and equal.
+//
+//	assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted")
+func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualValues(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// Errorf asserts that a function returned an error (i.e. not `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if assert.Errorf(t, err, "error message %s", "formatted") {
+//		   assert.Equal(t, expectedErrorf, err)
+//	  }
+func Errorf(t TestingT, err error, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Error(t, err, append([]interface{}{msg}, args...)...)
+}
+
+// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
+// This is a wrapper for errors.As.
+func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorAs(t, err, target, append([]interface{}{msg}, args...)...)
+}
+
+// ErrorContainsf asserts that a function returned an error (i.e. not `nil`)
+// and that the error contains the specified substring.
+//
+//	actualObj, err := SomeFunction()
+//	assert.ErrorContainsf(t, err,  expectedErrorSubString, "error message %s", "formatted")
+func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorContains(t, theError, contains, append([]interface{}{msg}, args...)...)
+}
+
+// ErrorIsf asserts that at least one of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func ErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorIs(t, err, target, append([]interface{}{msg}, args...)...)
+}
+
+// Eventuallyf asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick.
+//
+//	assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
+func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Eventually(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...)
+}
+
+// EventuallyWithTf asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick. In contrast to Eventually,
+// it supplies a CollectT to the condition function, so that the condition
+// function can use the CollectT to call other assertions.
+// The condition is considered "met" if no errors are raised in a tick.
+// The supplied CollectT collects all errors from one tick (if there are any).
+// If the condition is not met before waitFor, the collected errors of
+// the last tick are copied to t.
+//
+//	externalValue := false
+//	go func() {
+//		time.Sleep(8*time.Second)
+//		externalValue = true
+//	}()
+//	assert.EventuallyWithTf(t, func(c *assert.CollectT, "error message %s", "formatted") {
+//		// add assertions as needed; any assertion failure will fail the current tick
+//		assert.True(c, externalValue, "expected 'externalValue' to be true")
+//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
+func EventuallyWithTf(t TestingT, condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return EventuallyWithT(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...)
+}
+
+// Exactlyf asserts that two objects are equal in value and type.
+//
+//	assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted")
+func Exactlyf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Exactly(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// Failf reports a failure through
+func Failf(t TestingT, failureMessage string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Fail(t, failureMessage, append([]interface{}{msg}, args...)...)
+}
+
+// FailNowf fails test
+func FailNowf(t TestingT, failureMessage string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return FailNow(t, failureMessage, append([]interface{}{msg}, args...)...)
+}
+
+// Falsef asserts that the specified value is false.
+//
+//	assert.Falsef(t, myBool, "error message %s", "formatted")
+func Falsef(t TestingT, value bool, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return False(t, value, append([]interface{}{msg}, args...)...)
+}
+
+// FileExistsf checks whether a file exists in the given path. It also fails if
+// the path points to a directory or there is an error when trying to check the file.
+func FileExistsf(t TestingT, path string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return FileExists(t, path, append([]interface{}{msg}, args...)...)
+}
+
+// Greaterf asserts that the first element is greater than the second
+//
+//	assert.Greaterf(t, 2, 1, "error message %s", "formatted")
+//	assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted")
+//	assert.Greaterf(t, "b", "a", "error message %s", "formatted")
+func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Greater(t, e1, e2, append([]interface{}{msg}, args...)...)
+}
+
+// GreaterOrEqualf asserts that the first element is greater than or equal to the second
+//
+//	assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted")
+//	assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted")
+//	assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted")
+//	assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted")
+func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return GreaterOrEqual(t, e1, e2, append([]interface{}{msg}, args...)...)
+}
+
+// HTTPBodyContainsf asserts that a specified handler returns a
+// body that contains a string.
+//
+//	assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPBodyContains(t, handler, method, url, values, str, append([]interface{}{msg}, args...)...)
+}
+
+// HTTPBodyNotContainsf asserts that a specified handler returns a
+// body that does not contain a string.
+//
+//	assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPBodyNotContains(t, handler, method, url, values, str, append([]interface{}{msg}, args...)...)
+}
+
+// HTTPErrorf asserts that a specified handler returns an error status code.
+//
+//	assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPError(t, handler, method, url, values, append([]interface{}{msg}, args...)...)
+}
+
+// HTTPRedirectf asserts that a specified handler returns a redirect status code.
+//
+//	assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPRedirect(t, handler, method, url, values, append([]interface{}{msg}, args...)...)
+}
+
+// HTTPStatusCodef asserts that a specified handler returns a specified status code.
+//
+//	assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPStatusCode(t, handler, method, url, values, statuscode, append([]interface{}{msg}, args...)...)
+}
+
+// HTTPSuccessf asserts that a specified handler returns a success status code.
+//
+//	assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPSuccess(t, handler, method, url, values, append([]interface{}{msg}, args...)...)
+}
+
+// Implementsf asserts that an object is implemented by the specified interface.
+//
+//	assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
+func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Implements(t, interfaceObject, object, append([]interface{}{msg}, args...)...)
+}
+
+// InDeltaf asserts that the two numerals are within delta of each other.
+//
+//	assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted")
+func InDeltaf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDelta(t, expected, actual, delta, append([]interface{}{msg}, args...)...)
+}
+
+// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
+func InDeltaMapValuesf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDeltaMapValues(t, expected, actual, delta, append([]interface{}{msg}, args...)...)
+}
+
+// InDeltaSlicef is the same as InDelta, except it compares two slices.
+func InDeltaSlicef(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDeltaSlice(t, expected, actual, delta, append([]interface{}{msg}, args...)...)
+}
+
+// InEpsilonf asserts that expected and actual have a relative error less than epsilon
+func InEpsilonf(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return InEpsilon(t, expected, actual, epsilon, append([]interface{}{msg}, args...)...)
+}
+
+// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices.
+func InEpsilonSlicef(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return InEpsilonSlice(t, expected, actual, epsilon, append([]interface{}{msg}, args...)...)
+}
+
+// IsDecreasingf asserts that the collection is decreasing
+//
+//	assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted")
+//	assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted")
+//	assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted")
+func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsDecreasing(t, object, append([]interface{}{msg}, args...)...)
+}
+
+// IsIncreasingf asserts that the collection is increasing
+//
+//	assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted")
+//	assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted")
+//	assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted")
+func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsIncreasing(t, object, append([]interface{}{msg}, args...)...)
+}
+
+// IsNonDecreasingf asserts that the collection is not decreasing
+//
+//	assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted")
+//	assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted")
+//	assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted")
+func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsNonDecreasing(t, object, append([]interface{}{msg}, args...)...)
+}
+
+// IsNonIncreasingf asserts that the collection is not increasing
+//
+//	assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted")
+//	assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted")
+//	assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted")
+func IsNonIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsNonIncreasing(t, object, append([]interface{}{msg}, args...)...)
+}
+
+// IsTypef asserts that the specified objects are of the same type.
+func IsTypef(t TestingT, expectedType interface{}, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsType(t, expectedType, object, append([]interface{}{msg}, args...)...)
+}
+
+// JSONEqf asserts that two JSON strings are equivalent.
+//
+//	assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted")
+func JSONEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return JSONEq(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// Lenf asserts that the specified object has specific length.
+// Lenf also fails if the object has a type that len() not accept.
+//
+//	assert.Lenf(t, mySlice, 3, "error message %s", "formatted")
+func Lenf(t TestingT, object interface{}, length int, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Len(t, object, length, append([]interface{}{msg}, args...)...)
+}
+
+// Lessf asserts that the first element is less than the second
+//
+//	assert.Lessf(t, 1, 2, "error message %s", "formatted")
+//	assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted")
+//	assert.Lessf(t, "a", "b", "error message %s", "formatted")
+func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Less(t, e1, e2, append([]interface{}{msg}, args...)...)
+}
+
+// LessOrEqualf asserts that the first element is less than or equal to the second
+//
+//	assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted")
+//	assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted")
+//	assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted")
+//	assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted")
+func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return LessOrEqual(t, e1, e2, append([]interface{}{msg}, args...)...)
+}
+
+// Negativef asserts that the specified element is negative
+//
+//	assert.Negativef(t, -1, "error message %s", "formatted")
+//	assert.Negativef(t, -1.23, "error message %s", "formatted")
+func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Negative(t, e, append([]interface{}{msg}, args...)...)
+}
+
+// Neverf asserts that the given condition doesn't satisfy in waitFor time,
+// periodically checking the target function each tick.
+//
+//	assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
+func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Never(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...)
+}
+
+// Nilf asserts that the specified object is nil.
+//
+//	assert.Nilf(t, err, "error message %s", "formatted")
+func Nilf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Nil(t, object, append([]interface{}{msg}, args...)...)
+}
+
+// NoDirExistsf checks whether a directory does not exist in the given path.
+// It fails if the path points to an existing _directory_ only.
+func NoDirExistsf(t TestingT, path string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoDirExists(t, path, append([]interface{}{msg}, args...)...)
+}
+
+// NoErrorf asserts that a function returned no error (i.e. `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if assert.NoErrorf(t, err, "error message %s", "formatted") {
+//		   assert.Equal(t, expectedObj, actualObj)
+//	  }
+func NoErrorf(t TestingT, err error, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoError(t, err, append([]interface{}{msg}, args...)...)
+}
+
+// NoFileExistsf checks whether a file does not exist in a given path. It fails
+// if the path points to an existing _file_ only.
+func NoFileExistsf(t TestingT, path string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoFileExists(t, path, append([]interface{}{msg}, args...)...)
+}
+
+// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the
+// specified substring or element.
+//
+//	assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted")
+//	assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted")
+//	assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted")
+func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotContains(t, s, contains, append([]interface{}{msg}, args...)...)
+}
+
+// NotEmptyf asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	if assert.NotEmptyf(t, obj, "error message %s", "formatted") {
+//	  assert.Equal(t, "two", obj[1])
+//	}
+func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEmpty(t, object, append([]interface{}{msg}, args...)...)
+}
+
+// NotEqualf asserts that the specified values are NOT equal.
+//
+//	assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted")
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses).
+func NotEqualf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEqual(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// NotEqualValuesf asserts that two objects are not equal even when converted to the same type
+//
+//	assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted")
+func NotEqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEqualValues(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// NotErrorIsf asserts that at none of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func NotErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotErrorIs(t, err, target, append([]interface{}{msg}, args...)...)
+}
+
+// NotImplementsf asserts that an object does not implement the specified interface.
+//
+//	assert.NotImplementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
+func NotImplementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotImplements(t, interfaceObject, object, append([]interface{}{msg}, args...)...)
+}
+
+// NotNilf asserts that the specified object is not nil.
+//
+//	assert.NotNilf(t, err, "error message %s", "formatted")
+func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotNil(t, object, append([]interface{}{msg}, args...)...)
+}
+
+// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic.
+//
+//	assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted")
+func NotPanicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotPanics(t, f, append([]interface{}{msg}, args...)...)
+}
+
+// NotRegexpf asserts that a specified regexp does not match a string.
+//
+//	assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted")
+//	assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted")
+func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotRegexp(t, rx, str, append([]interface{}{msg}, args...)...)
+}
+
+// NotSamef asserts that two pointers do not reference the same object.
+//
+//	assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted")
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func NotSamef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotSame(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// NotSubsetf asserts that the specified list(array, slice...) or map does NOT
+// contain all elements given in the specified subset list(array, slice...) or
+// map.
+//
+//	assert.NotSubsetf(t, [1, 3, 4], [1, 2], "error message %s", "formatted")
+//	assert.NotSubsetf(t, {"x": 1, "y": 2}, {"z": 3}, "error message %s", "formatted")
+func NotSubsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotSubset(t, list, subset, append([]interface{}{msg}, args...)...)
+}
+
+// NotZerof asserts that i is not the zero value for its type.
+func NotZerof(t TestingT, i interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotZero(t, i, append([]interface{}{msg}, args...)...)
+}
+
+// Panicsf asserts that the code inside the specified PanicTestFunc panics.
+//
+//	assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted")
+func Panicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Panics(t, f, append([]interface{}{msg}, args...)...)
+}
+
+// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc
+// panics, and that the recovered panic value is an error that satisfies the
+// EqualError comparison.
+//
+//	assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
+func PanicsWithErrorf(t TestingT, errString string, f PanicTestFunc, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return PanicsWithError(t, errString, f, append([]interface{}{msg}, args...)...)
+}
+
+// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that
+// the recovered panic value equals the expected panic value.
+//
+//	assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
+func PanicsWithValuef(t TestingT, expected interface{}, f PanicTestFunc, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return PanicsWithValue(t, expected, f, append([]interface{}{msg}, args...)...)
+}
+
+// Positivef asserts that the specified element is positive
+//
+//	assert.Positivef(t, 1, "error message %s", "formatted")
+//	assert.Positivef(t, 1.23, "error message %s", "formatted")
+func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Positive(t, e, append([]interface{}{msg}, args...)...)
+}
+
+// Regexpf asserts that a specified regexp matches a string.
+//
+//	assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted")
+//	assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted")
+func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Regexp(t, rx, str, append([]interface{}{msg}, args...)...)
+}
+
+// Samef asserts that two pointers reference the same object.
+//
+//	assert.Samef(t, ptr1, ptr2, "error message %s", "formatted")
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func Samef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Same(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// Subsetf asserts that the specified list(array, slice...) or map contains all
+// elements given in the specified subset list(array, slice...) or map.
+//
+//	assert.Subsetf(t, [1, 2, 3], [1, 2], "error message %s", "formatted")
+//	assert.Subsetf(t, {"x": 1, "y": 2}, {"x": 1}, "error message %s", "formatted")
+func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Subset(t, list, subset, append([]interface{}{msg}, args...)...)
+}
+
+// Truef asserts that the specified value is true.
+//
+//	assert.Truef(t, myBool, "error message %s", "formatted")
+func Truef(t TestingT, value bool, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return True(t, value, append([]interface{}{msg}, args...)...)
+}
+
+// WithinDurationf asserts that the two times are within duration delta of each other.
+//
+//	assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted")
+func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return WithinDuration(t, expected, actual, delta, append([]interface{}{msg}, args...)...)
+}
+
+// WithinRangef asserts that a time is within a time range (inclusive).
+//
+//	assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted")
+func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return WithinRange(t, actual, start, end, append([]interface{}{msg}, args...)...)
+}
+
+// YAMLEqf asserts that two YAML strings are equivalent.
+func YAMLEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return YAMLEq(t, expected, actual, append([]interface{}{msg}, args...)...)
+}
+
+// Zerof asserts that i is the zero value for its type.
+func Zerof(t TestingT, i interface{}, msg string, args ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Zero(t, i, append([]interface{}{msg}, args...)...)
+}
diff --git a/server/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl b/server/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl
new file mode 100644
index 0000000..d2bb0b8
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl
@@ -0,0 +1,5 @@
+{{.CommentFormat}}
+func {{.DocInfo.Name}}f(t TestingT, {{.ParamsFormat}}) bool {
+	if h, ok := t.(tHelper); ok { h.Helper() }
+	return {{.DocInfo.Name}}(t, {{.ForwardedParamsFormat}})
+}
diff --git a/server/vendor/github.com/stretchr/testify/assert/assertion_forward.go b/server/vendor/github.com/stretchr/testify/assert/assertion_forward.go
new file mode 100644
index 0000000..a84e09b
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/assertion_forward.go
@@ -0,0 +1,1621 @@
+// Code generated with github.com/stretchr/testify/_codegen; DO NOT EDIT.
+
+package assert
+
+import (
+	http "net/http"
+	url "net/url"
+	time "time"
+)
+
+// Condition uses a Comparison to assert a complex condition.
+func (a *Assertions) Condition(comp Comparison, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Condition(a.t, comp, msgAndArgs...)
+}
+
+// Conditionf uses a Comparison to assert a complex condition.
+func (a *Assertions) Conditionf(comp Comparison, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Conditionf(a.t, comp, msg, args...)
+}
+
+// Contains asserts that the specified string, list(array, slice...) or map contains the
+// specified substring or element.
+//
+//	a.Contains("Hello World", "World")
+//	a.Contains(["Hello", "World"], "World")
+//	a.Contains({"Hello": "World"}, "Hello")
+func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Contains(a.t, s, contains, msgAndArgs...)
+}
+
+// Containsf asserts that the specified string, list(array, slice...) or map contains the
+// specified substring or element.
+//
+//	a.Containsf("Hello World", "World", "error message %s", "formatted")
+//	a.Containsf(["Hello", "World"], "World", "error message %s", "formatted")
+//	a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted")
+func (a *Assertions) Containsf(s interface{}, contains interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Containsf(a.t, s, contains, msg, args...)
+}
+
+// DirExists checks whether a directory exists in the given path. It also fails
+// if the path is a file rather a directory or there is an error checking whether it exists.
+func (a *Assertions) DirExists(path string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return DirExists(a.t, path, msgAndArgs...)
+}
+
+// DirExistsf checks whether a directory exists in the given path. It also fails
+// if the path is a file rather a directory or there is an error checking whether it exists.
+func (a *Assertions) DirExistsf(path string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return DirExistsf(a.t, path, msg, args...)
+}
+
+// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified
+// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
+// the number of appearances of each of them in both lists should match.
+//
+// a.ElementsMatch([1, 3, 2, 3], [1, 3, 3, 2])
+func (a *Assertions) ElementsMatch(listA interface{}, listB interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return ElementsMatch(a.t, listA, listB, msgAndArgs...)
+}
+
+// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified
+// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
+// the number of appearances of each of them in both lists should match.
+//
+// a.ElementsMatchf([1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted")
+func (a *Assertions) ElementsMatchf(listA interface{}, listB interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return ElementsMatchf(a.t, listA, listB, msg, args...)
+}
+
+// Empty asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	a.Empty(obj)
+func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Empty(a.t, object, msgAndArgs...)
+}
+
+// Emptyf asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	a.Emptyf(obj, "error message %s", "formatted")
+func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Emptyf(a.t, object, msg, args...)
+}
+
+// Equal asserts that two objects are equal.
+//
+//	a.Equal(123, 123)
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses). Function equality
+// cannot be determined and will always fail.
+func (a *Assertions) Equal(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Equal(a.t, expected, actual, msgAndArgs...)
+}
+
+// EqualError asserts that a function returned an error (i.e. not `nil`)
+// and that it is equal to the provided error.
+//
+//	actualObj, err := SomeFunction()
+//	a.EqualError(err,  expectedErrorString)
+func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualError(a.t, theError, errString, msgAndArgs...)
+}
+
+// EqualErrorf asserts that a function returned an error (i.e. not `nil`)
+// and that it is equal to the provided error.
+//
+//	actualObj, err := SomeFunction()
+//	a.EqualErrorf(err,  expectedErrorString, "error message %s", "formatted")
+func (a *Assertions) EqualErrorf(theError error, errString string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualErrorf(a.t, theError, errString, msg, args...)
+}
+
+// EqualExportedValues asserts that the types of two objects are equal and their public
+// fields are also equal. This is useful for comparing structs that have private fields
+// that could potentially differ.
+//
+//	 type S struct {
+//		Exported     	int
+//		notExported   	int
+//	 }
+//	 a.EqualExportedValues(S{1, 2}, S{1, 3}) => true
+//	 a.EqualExportedValues(S{1, 2}, S{2, 3}) => false
+func (a *Assertions) EqualExportedValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualExportedValues(a.t, expected, actual, msgAndArgs...)
+}
+
+// EqualExportedValuesf asserts that the types of two objects are equal and their public
+// fields are also equal. This is useful for comparing structs that have private fields
+// that could potentially differ.
+//
+//	 type S struct {
+//		Exported     	int
+//		notExported   	int
+//	 }
+//	 a.EqualExportedValuesf(S{1, 2}, S{1, 3}, "error message %s", "formatted") => true
+//	 a.EqualExportedValuesf(S{1, 2}, S{2, 3}, "error message %s", "formatted") => false
+func (a *Assertions) EqualExportedValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualExportedValuesf(a.t, expected, actual, msg, args...)
+}
+
+// EqualValues asserts that two objects are equal or convertible to the same types
+// and equal.
+//
+//	a.EqualValues(uint32(123), int32(123))
+func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualValues(a.t, expected, actual, msgAndArgs...)
+}
+
+// EqualValuesf asserts that two objects are equal or convertible to the same types
+// and equal.
+//
+//	a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted")
+func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return EqualValuesf(a.t, expected, actual, msg, args...)
+}
+
+// Equalf asserts that two objects are equal.
+//
+//	a.Equalf(123, 123, "error message %s", "formatted")
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses). Function equality
+// cannot be determined and will always fail.
+func (a *Assertions) Equalf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Equalf(a.t, expected, actual, msg, args...)
+}
+
+// Error asserts that a function returned an error (i.e. not `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if a.Error(err) {
+//		   assert.Equal(t, expectedError, err)
+//	  }
+func (a *Assertions) Error(err error, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Error(a.t, err, msgAndArgs...)
+}
+
+// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
+// This is a wrapper for errors.As.
+func (a *Assertions) ErrorAs(err error, target interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorAs(a.t, err, target, msgAndArgs...)
+}
+
+// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
+// This is a wrapper for errors.As.
+func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorAsf(a.t, err, target, msg, args...)
+}
+
+// ErrorContains asserts that a function returned an error (i.e. not `nil`)
+// and that the error contains the specified substring.
+//
+//	actualObj, err := SomeFunction()
+//	a.ErrorContains(err,  expectedErrorSubString)
+func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorContains(a.t, theError, contains, msgAndArgs...)
+}
+
+// ErrorContainsf asserts that a function returned an error (i.e. not `nil`)
+// and that the error contains the specified substring.
+//
+//	actualObj, err := SomeFunction()
+//	a.ErrorContainsf(err,  expectedErrorSubString, "error message %s", "formatted")
+func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorContainsf(a.t, theError, contains, msg, args...)
+}
+
+// ErrorIs asserts that at least one of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func (a *Assertions) ErrorIs(err error, target error, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorIs(a.t, err, target, msgAndArgs...)
+}
+
+// ErrorIsf asserts that at least one of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func (a *Assertions) ErrorIsf(err error, target error, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return ErrorIsf(a.t, err, target, msg, args...)
+}
+
+// Errorf asserts that a function returned an error (i.e. not `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if a.Errorf(err, "error message %s", "formatted") {
+//		   assert.Equal(t, expectedErrorf, err)
+//	  }
+func (a *Assertions) Errorf(err error, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Errorf(a.t, err, msg, args...)
+}
+
+// Eventually asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick.
+//
+//	a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond)
+func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Eventually(a.t, condition, waitFor, tick, msgAndArgs...)
+}
+
+// EventuallyWithT asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick. In contrast to Eventually,
+// it supplies a CollectT to the condition function, so that the condition
+// function can use the CollectT to call other assertions.
+// The condition is considered "met" if no errors are raised in a tick.
+// The supplied CollectT collects all errors from one tick (if there are any).
+// If the condition is not met before waitFor, the collected errors of
+// the last tick are copied to t.
+//
+//	externalValue := false
+//	go func() {
+//		time.Sleep(8*time.Second)
+//		externalValue = true
+//	}()
+//	a.EventuallyWithT(func(c *assert.CollectT) {
+//		// add assertions as needed; any assertion failure will fail the current tick
+//		assert.True(c, externalValue, "expected 'externalValue' to be true")
+//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
+func (a *Assertions) EventuallyWithT(condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return EventuallyWithT(a.t, condition, waitFor, tick, msgAndArgs...)
+}
+
+// EventuallyWithTf asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick. In contrast to Eventually,
+// it supplies a CollectT to the condition function, so that the condition
+// function can use the CollectT to call other assertions.
+// The condition is considered "met" if no errors are raised in a tick.
+// The supplied CollectT collects all errors from one tick (if there are any).
+// If the condition is not met before waitFor, the collected errors of
+// the last tick are copied to t.
+//
+//	externalValue := false
+//	go func() {
+//		time.Sleep(8*time.Second)
+//		externalValue = true
+//	}()
+//	a.EventuallyWithTf(func(c *assert.CollectT, "error message %s", "formatted") {
+//		// add assertions as needed; any assertion failure will fail the current tick
+//		assert.True(c, externalValue, "expected 'externalValue' to be true")
+//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
+func (a *Assertions) EventuallyWithTf(condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return EventuallyWithTf(a.t, condition, waitFor, tick, msg, args...)
+}
+
+// Eventuallyf asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick.
+//
+//	a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
+func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Eventuallyf(a.t, condition, waitFor, tick, msg, args...)
+}
+
+// Exactly asserts that two objects are equal in value and type.
+//
+//	a.Exactly(int32(123), int64(123))
+func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Exactly(a.t, expected, actual, msgAndArgs...)
+}
+
+// Exactlyf asserts that two objects are equal in value and type.
+//
+//	a.Exactlyf(int32(123), int64(123), "error message %s", "formatted")
+func (a *Assertions) Exactlyf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Exactlyf(a.t, expected, actual, msg, args...)
+}
+
+// Fail reports a failure through
+func (a *Assertions) Fail(failureMessage string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Fail(a.t, failureMessage, msgAndArgs...)
+}
+
+// FailNow fails test
+func (a *Assertions) FailNow(failureMessage string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return FailNow(a.t, failureMessage, msgAndArgs...)
+}
+
+// FailNowf fails test
+func (a *Assertions) FailNowf(failureMessage string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return FailNowf(a.t, failureMessage, msg, args...)
+}
+
+// Failf reports a failure through
+func (a *Assertions) Failf(failureMessage string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Failf(a.t, failureMessage, msg, args...)
+}
+
+// False asserts that the specified value is false.
+//
+//	a.False(myBool)
+func (a *Assertions) False(value bool, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return False(a.t, value, msgAndArgs...)
+}
+
+// Falsef asserts that the specified value is false.
+//
+//	a.Falsef(myBool, "error message %s", "formatted")
+func (a *Assertions) Falsef(value bool, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Falsef(a.t, value, msg, args...)
+}
+
+// FileExists checks whether a file exists in the given path. It also fails if
+// the path points to a directory or there is an error when trying to check the file.
+func (a *Assertions) FileExists(path string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return FileExists(a.t, path, msgAndArgs...)
+}
+
+// FileExistsf checks whether a file exists in the given path. It also fails if
+// the path points to a directory or there is an error when trying to check the file.
+func (a *Assertions) FileExistsf(path string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return FileExistsf(a.t, path, msg, args...)
+}
+
+// Greater asserts that the first element is greater than the second
+//
+//	a.Greater(2, 1)
+//	a.Greater(float64(2), float64(1))
+//	a.Greater("b", "a")
+func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Greater(a.t, e1, e2, msgAndArgs...)
+}
+
+// GreaterOrEqual asserts that the first element is greater than or equal to the second
+//
+//	a.GreaterOrEqual(2, 1)
+//	a.GreaterOrEqual(2, 2)
+//	a.GreaterOrEqual("b", "a")
+//	a.GreaterOrEqual("b", "b")
+func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return GreaterOrEqual(a.t, e1, e2, msgAndArgs...)
+}
+
+// GreaterOrEqualf asserts that the first element is greater than or equal to the second
+//
+//	a.GreaterOrEqualf(2, 1, "error message %s", "formatted")
+//	a.GreaterOrEqualf(2, 2, "error message %s", "formatted")
+//	a.GreaterOrEqualf("b", "a", "error message %s", "formatted")
+//	a.GreaterOrEqualf("b", "b", "error message %s", "formatted")
+func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return GreaterOrEqualf(a.t, e1, e2, msg, args...)
+}
+
+// Greaterf asserts that the first element is greater than the second
+//
+//	a.Greaterf(2, 1, "error message %s", "formatted")
+//	a.Greaterf(float64(2), float64(1), "error message %s", "formatted")
+//	a.Greaterf("b", "a", "error message %s", "formatted")
+func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Greaterf(a.t, e1, e2, msg, args...)
+}
+
+// HTTPBodyContains asserts that a specified handler returns a
+// body that contains a string.
+//
+//	a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPBodyContains(a.t, handler, method, url, values, str, msgAndArgs...)
+}
+
+// HTTPBodyContainsf asserts that a specified handler returns a
+// body that contains a string.
+//
+//	a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPBodyContainsf(a.t, handler, method, url, values, str, msg, args...)
+}
+
+// HTTPBodyNotContains asserts that a specified handler returns a
+// body that does not contain a string.
+//
+//	a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPBodyNotContains(a.t, handler, method, url, values, str, msgAndArgs...)
+}
+
+// HTTPBodyNotContainsf asserts that a specified handler returns a
+// body that does not contain a string.
+//
+//	a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPBodyNotContainsf(a.t, handler, method, url, values, str, msg, args...)
+}
+
+// HTTPError asserts that a specified handler returns an error status code.
+//
+//	a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPError(a.t, handler, method, url, values, msgAndArgs...)
+}
+
+// HTTPErrorf asserts that a specified handler returns an error status code.
+//
+//	a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPErrorf(a.t, handler, method, url, values, msg, args...)
+}
+
+// HTTPRedirect asserts that a specified handler returns a redirect status code.
+//
+//	a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPRedirect(a.t, handler, method, url, values, msgAndArgs...)
+}
+
+// HTTPRedirectf asserts that a specified handler returns a redirect status code.
+//
+//	a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPRedirectf(a.t, handler, method, url, values, msg, args...)
+}
+
+// HTTPStatusCode asserts that a specified handler returns a specified status code.
+//
+//	a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501)
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPStatusCode(a.t, handler, method, url, values, statuscode, msgAndArgs...)
+}
+
+// HTTPStatusCodef asserts that a specified handler returns a specified status code.
+//
+//	a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPStatusCodef(a.t, handler, method, url, values, statuscode, msg, args...)
+}
+
+// HTTPSuccess asserts that a specified handler returns a success status code.
+//
+//	a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil)
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPSuccess(a.t, handler, method, url, values, msgAndArgs...)
+}
+
+// HTTPSuccessf asserts that a specified handler returns a success status code.
+//
+//	a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return HTTPSuccessf(a.t, handler, method, url, values, msg, args...)
+}
+
+// Implements asserts that an object is implemented by the specified interface.
+//
+//	a.Implements((*MyInterface)(nil), new(MyObject))
+func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Implements(a.t, interfaceObject, object, msgAndArgs...)
+}
+
+// Implementsf asserts that an object is implemented by the specified interface.
+//
+//	a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
+func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Implementsf(a.t, interfaceObject, object, msg, args...)
+}
+
+// InDelta asserts that the two numerals are within delta of each other.
+//
+//	a.InDelta(math.Pi, 22/7.0, 0.01)
+func (a *Assertions) InDelta(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDelta(a.t, expected, actual, delta, msgAndArgs...)
+}
+
+// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
+func (a *Assertions) InDeltaMapValues(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDeltaMapValues(a.t, expected, actual, delta, msgAndArgs...)
+}
+
+// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
+func (a *Assertions) InDeltaMapValuesf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDeltaMapValuesf(a.t, expected, actual, delta, msg, args...)
+}
+
+// InDeltaSlice is the same as InDelta, except it compares two slices.
+func (a *Assertions) InDeltaSlice(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDeltaSlice(a.t, expected, actual, delta, msgAndArgs...)
+}
+
+// InDeltaSlicef is the same as InDelta, except it compares two slices.
+func (a *Assertions) InDeltaSlicef(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDeltaSlicef(a.t, expected, actual, delta, msg, args...)
+}
+
+// InDeltaf asserts that the two numerals are within delta of each other.
+//
+//	a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted")
+func (a *Assertions) InDeltaf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InDeltaf(a.t, expected, actual, delta, msg, args...)
+}
+
+// InEpsilon asserts that expected and actual have a relative error less than epsilon
+func (a *Assertions) InEpsilon(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InEpsilon(a.t, expected, actual, epsilon, msgAndArgs...)
+}
+
+// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices.
+func (a *Assertions) InEpsilonSlice(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InEpsilonSlice(a.t, expected, actual, epsilon, msgAndArgs...)
+}
+
+// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices.
+func (a *Assertions) InEpsilonSlicef(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InEpsilonSlicef(a.t, expected, actual, epsilon, msg, args...)
+}
+
+// InEpsilonf asserts that expected and actual have a relative error less than epsilon
+func (a *Assertions) InEpsilonf(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return InEpsilonf(a.t, expected, actual, epsilon, msg, args...)
+}
+
+// IsDecreasing asserts that the collection is decreasing
+//
+//	a.IsDecreasing([]int{2, 1, 0})
+//	a.IsDecreasing([]float{2, 1})
+//	a.IsDecreasing([]string{"b", "a"})
+func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsDecreasing(a.t, object, msgAndArgs...)
+}
+
+// IsDecreasingf asserts that the collection is decreasing
+//
+//	a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted")
+//	a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted")
+//	a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted")
+func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsDecreasingf(a.t, object, msg, args...)
+}
+
+// IsIncreasing asserts that the collection is increasing
+//
+//	a.IsIncreasing([]int{1, 2, 3})
+//	a.IsIncreasing([]float{1, 2})
+//	a.IsIncreasing([]string{"a", "b"})
+func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsIncreasing(a.t, object, msgAndArgs...)
+}
+
+// IsIncreasingf asserts that the collection is increasing
+//
+//	a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted")
+//	a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted")
+//	a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted")
+func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsIncreasingf(a.t, object, msg, args...)
+}
+
+// IsNonDecreasing asserts that the collection is not decreasing
+//
+//	a.IsNonDecreasing([]int{1, 1, 2})
+//	a.IsNonDecreasing([]float{1, 2})
+//	a.IsNonDecreasing([]string{"a", "b"})
+func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsNonDecreasing(a.t, object, msgAndArgs...)
+}
+
+// IsNonDecreasingf asserts that the collection is not decreasing
+//
+//	a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted")
+//	a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted")
+//	a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted")
+func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsNonDecreasingf(a.t, object, msg, args...)
+}
+
+// IsNonIncreasing asserts that the collection is not increasing
+//
+//	a.IsNonIncreasing([]int{2, 1, 1})
+//	a.IsNonIncreasing([]float{2, 1})
+//	a.IsNonIncreasing([]string{"b", "a"})
+func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsNonIncreasing(a.t, object, msgAndArgs...)
+}
+
+// IsNonIncreasingf asserts that the collection is not increasing
+//
+//	a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted")
+//	a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted")
+//	a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted")
+func (a *Assertions) IsNonIncreasingf(object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsNonIncreasingf(a.t, object, msg, args...)
+}
+
+// IsType asserts that the specified objects are of the same type.
+func (a *Assertions) IsType(expectedType interface{}, object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsType(a.t, expectedType, object, msgAndArgs...)
+}
+
+// IsTypef asserts that the specified objects are of the same type.
+func (a *Assertions) IsTypef(expectedType interface{}, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return IsTypef(a.t, expectedType, object, msg, args...)
+}
+
+// JSONEq asserts that two JSON strings are equivalent.
+//
+//	a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`)
+func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return JSONEq(a.t, expected, actual, msgAndArgs...)
+}
+
+// JSONEqf asserts that two JSON strings are equivalent.
+//
+//	a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted")
+func (a *Assertions) JSONEqf(expected string, actual string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return JSONEqf(a.t, expected, actual, msg, args...)
+}
+
+// Len asserts that the specified object has specific length.
+// Len also fails if the object has a type that len() not accept.
+//
+//	a.Len(mySlice, 3)
+func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Len(a.t, object, length, msgAndArgs...)
+}
+
+// Lenf asserts that the specified object has specific length.
+// Lenf also fails if the object has a type that len() not accept.
+//
+//	a.Lenf(mySlice, 3, "error message %s", "formatted")
+func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Lenf(a.t, object, length, msg, args...)
+}
+
+// Less asserts that the first element is less than the second
+//
+//	a.Less(1, 2)
+//	a.Less(float64(1), float64(2))
+//	a.Less("a", "b")
+func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Less(a.t, e1, e2, msgAndArgs...)
+}
+
+// LessOrEqual asserts that the first element is less than or equal to the second
+//
+//	a.LessOrEqual(1, 2)
+//	a.LessOrEqual(2, 2)
+//	a.LessOrEqual("a", "b")
+//	a.LessOrEqual("b", "b")
+func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return LessOrEqual(a.t, e1, e2, msgAndArgs...)
+}
+
+// LessOrEqualf asserts that the first element is less than or equal to the second
+//
+//	a.LessOrEqualf(1, 2, "error message %s", "formatted")
+//	a.LessOrEqualf(2, 2, "error message %s", "formatted")
+//	a.LessOrEqualf("a", "b", "error message %s", "formatted")
+//	a.LessOrEqualf("b", "b", "error message %s", "formatted")
+func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return LessOrEqualf(a.t, e1, e2, msg, args...)
+}
+
+// Lessf asserts that the first element is less than the second
+//
+//	a.Lessf(1, 2, "error message %s", "formatted")
+//	a.Lessf(float64(1), float64(2), "error message %s", "formatted")
+//	a.Lessf("a", "b", "error message %s", "formatted")
+func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Lessf(a.t, e1, e2, msg, args...)
+}
+
+// Negative asserts that the specified element is negative
+//
+//	a.Negative(-1)
+//	a.Negative(-1.23)
+func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Negative(a.t, e, msgAndArgs...)
+}
+
+// Negativef asserts that the specified element is negative
+//
+//	a.Negativef(-1, "error message %s", "formatted")
+//	a.Negativef(-1.23, "error message %s", "formatted")
+func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Negativef(a.t, e, msg, args...)
+}
+
+// Never asserts that the given condition doesn't satisfy in waitFor time,
+// periodically checking the target function each tick.
+//
+//	a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond)
+func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Never(a.t, condition, waitFor, tick, msgAndArgs...)
+}
+
+// Neverf asserts that the given condition doesn't satisfy in waitFor time,
+// periodically checking the target function each tick.
+//
+//	a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
+func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Neverf(a.t, condition, waitFor, tick, msg, args...)
+}
+
+// Nil asserts that the specified object is nil.
+//
+//	a.Nil(err)
+func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Nil(a.t, object, msgAndArgs...)
+}
+
+// Nilf asserts that the specified object is nil.
+//
+//	a.Nilf(err, "error message %s", "formatted")
+func (a *Assertions) Nilf(object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Nilf(a.t, object, msg, args...)
+}
+
+// NoDirExists checks whether a directory does not exist in the given path.
+// It fails if the path points to an existing _directory_ only.
+func (a *Assertions) NoDirExists(path string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoDirExists(a.t, path, msgAndArgs...)
+}
+
+// NoDirExistsf checks whether a directory does not exist in the given path.
+// It fails if the path points to an existing _directory_ only.
+func (a *Assertions) NoDirExistsf(path string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoDirExistsf(a.t, path, msg, args...)
+}
+
+// NoError asserts that a function returned no error (i.e. `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if a.NoError(err) {
+//		   assert.Equal(t, expectedObj, actualObj)
+//	  }
+func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoError(a.t, err, msgAndArgs...)
+}
+
+// NoErrorf asserts that a function returned no error (i.e. `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if a.NoErrorf(err, "error message %s", "formatted") {
+//		   assert.Equal(t, expectedObj, actualObj)
+//	  }
+func (a *Assertions) NoErrorf(err error, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoErrorf(a.t, err, msg, args...)
+}
+
+// NoFileExists checks whether a file does not exist in a given path. It fails
+// if the path points to an existing _file_ only.
+func (a *Assertions) NoFileExists(path string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoFileExists(a.t, path, msgAndArgs...)
+}
+
+// NoFileExistsf checks whether a file does not exist in a given path. It fails
+// if the path points to an existing _file_ only.
+func (a *Assertions) NoFileExistsf(path string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NoFileExistsf(a.t, path, msg, args...)
+}
+
+// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the
+// specified substring or element.
+//
+//	a.NotContains("Hello World", "Earth")
+//	a.NotContains(["Hello", "World"], "Earth")
+//	a.NotContains({"Hello": "World"}, "Earth")
+func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotContains(a.t, s, contains, msgAndArgs...)
+}
+
+// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the
+// specified substring or element.
+//
+//	a.NotContainsf("Hello World", "Earth", "error message %s", "formatted")
+//	a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted")
+//	a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted")
+func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotContainsf(a.t, s, contains, msg, args...)
+}
+
+// NotEmpty asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	if a.NotEmpty(obj) {
+//	  assert.Equal(t, "two", obj[1])
+//	}
+func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEmpty(a.t, object, msgAndArgs...)
+}
+
+// NotEmptyf asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	if a.NotEmptyf(obj, "error message %s", "formatted") {
+//	  assert.Equal(t, "two", obj[1])
+//	}
+func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEmptyf(a.t, object, msg, args...)
+}
+
+// NotEqual asserts that the specified values are NOT equal.
+//
+//	a.NotEqual(obj1, obj2)
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses).
+func (a *Assertions) NotEqual(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEqual(a.t, expected, actual, msgAndArgs...)
+}
+
+// NotEqualValues asserts that two objects are not equal even when converted to the same type
+//
+//	a.NotEqualValues(obj1, obj2)
+func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEqualValues(a.t, expected, actual, msgAndArgs...)
+}
+
+// NotEqualValuesf asserts that two objects are not equal even when converted to the same type
+//
+//	a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted")
+func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEqualValuesf(a.t, expected, actual, msg, args...)
+}
+
+// NotEqualf asserts that the specified values are NOT equal.
+//
+//	a.NotEqualf(obj1, obj2, "error message %s", "formatted")
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses).
+func (a *Assertions) NotEqualf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotEqualf(a.t, expected, actual, msg, args...)
+}
+
+// NotErrorIs asserts that at none of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func (a *Assertions) NotErrorIs(err error, target error, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotErrorIs(a.t, err, target, msgAndArgs...)
+}
+
+// NotErrorIsf asserts that at none of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func (a *Assertions) NotErrorIsf(err error, target error, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotErrorIsf(a.t, err, target, msg, args...)
+}
+
+// NotImplements asserts that an object does not implement the specified interface.
+//
+//	a.NotImplements((*MyInterface)(nil), new(MyObject))
+func (a *Assertions) NotImplements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotImplements(a.t, interfaceObject, object, msgAndArgs...)
+}
+
+// NotImplementsf asserts that an object does not implement the specified interface.
+//
+//	a.NotImplementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
+func (a *Assertions) NotImplementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotImplementsf(a.t, interfaceObject, object, msg, args...)
+}
+
+// NotNil asserts that the specified object is not nil.
+//
+//	a.NotNil(err)
+func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotNil(a.t, object, msgAndArgs...)
+}
+
+// NotNilf asserts that the specified object is not nil.
+//
+//	a.NotNilf(err, "error message %s", "formatted")
+func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotNilf(a.t, object, msg, args...)
+}
+
+// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic.
+//
+//	a.NotPanics(func(){ RemainCalm() })
+func (a *Assertions) NotPanics(f PanicTestFunc, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotPanics(a.t, f, msgAndArgs...)
+}
+
+// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic.
+//
+//	a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted")
+func (a *Assertions) NotPanicsf(f PanicTestFunc, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotPanicsf(a.t, f, msg, args...)
+}
+
+// NotRegexp asserts that a specified regexp does not match a string.
+//
+//	a.NotRegexp(regexp.MustCompile("starts"), "it's starting")
+//	a.NotRegexp("^start", "it's not starting")
+func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotRegexp(a.t, rx, str, msgAndArgs...)
+}
+
+// NotRegexpf asserts that a specified regexp does not match a string.
+//
+//	a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted")
+//	a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted")
+func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotRegexpf(a.t, rx, str, msg, args...)
+}
+
+// NotSame asserts that two pointers do not reference the same object.
+//
+//	a.NotSame(ptr1, ptr2)
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func (a *Assertions) NotSame(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotSame(a.t, expected, actual, msgAndArgs...)
+}
+
+// NotSamef asserts that two pointers do not reference the same object.
+//
+//	a.NotSamef(ptr1, ptr2, "error message %s", "formatted")
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func (a *Assertions) NotSamef(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotSamef(a.t, expected, actual, msg, args...)
+}
+
+// NotSubset asserts that the specified list(array, slice...) or map does NOT
+// contain all elements given in the specified subset list(array, slice...) or
+// map.
+//
+//	a.NotSubset([1, 3, 4], [1, 2])
+//	a.NotSubset({"x": 1, "y": 2}, {"z": 3})
+func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotSubset(a.t, list, subset, msgAndArgs...)
+}
+
+// NotSubsetf asserts that the specified list(array, slice...) or map does NOT
+// contain all elements given in the specified subset list(array, slice...) or
+// map.
+//
+//	a.NotSubsetf([1, 3, 4], [1, 2], "error message %s", "formatted")
+//	a.NotSubsetf({"x": 1, "y": 2}, {"z": 3}, "error message %s", "formatted")
+func (a *Assertions) NotSubsetf(list interface{}, subset interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotSubsetf(a.t, list, subset, msg, args...)
+}
+
+// NotZero asserts that i is not the zero value for its type.
+func (a *Assertions) NotZero(i interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotZero(a.t, i, msgAndArgs...)
+}
+
+// NotZerof asserts that i is not the zero value for its type.
+func (a *Assertions) NotZerof(i interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return NotZerof(a.t, i, msg, args...)
+}
+
+// Panics asserts that the code inside the specified PanicTestFunc panics.
+//
+//	a.Panics(func(){ GoCrazy() })
+func (a *Assertions) Panics(f PanicTestFunc, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Panics(a.t, f, msgAndArgs...)
+}
+
+// PanicsWithError asserts that the code inside the specified PanicTestFunc
+// panics, and that the recovered panic value is an error that satisfies the
+// EqualError comparison.
+//
+//	a.PanicsWithError("crazy error", func(){ GoCrazy() })
+func (a *Assertions) PanicsWithError(errString string, f PanicTestFunc, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return PanicsWithError(a.t, errString, f, msgAndArgs...)
+}
+
+// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc
+// panics, and that the recovered panic value is an error that satisfies the
+// EqualError comparison.
+//
+//	a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
+func (a *Assertions) PanicsWithErrorf(errString string, f PanicTestFunc, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return PanicsWithErrorf(a.t, errString, f, msg, args...)
+}
+
+// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that
+// the recovered panic value equals the expected panic value.
+//
+//	a.PanicsWithValue("crazy error", func(){ GoCrazy() })
+func (a *Assertions) PanicsWithValue(expected interface{}, f PanicTestFunc, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return PanicsWithValue(a.t, expected, f, msgAndArgs...)
+}
+
+// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that
+// the recovered panic value equals the expected panic value.
+//
+//	a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
+func (a *Assertions) PanicsWithValuef(expected interface{}, f PanicTestFunc, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return PanicsWithValuef(a.t, expected, f, msg, args...)
+}
+
+// Panicsf asserts that the code inside the specified PanicTestFunc panics.
+//
+//	a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted")
+func (a *Assertions) Panicsf(f PanicTestFunc, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Panicsf(a.t, f, msg, args...)
+}
+
+// Positive asserts that the specified element is positive
+//
+//	a.Positive(1)
+//	a.Positive(1.23)
+func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Positive(a.t, e, msgAndArgs...)
+}
+
+// Positivef asserts that the specified element is positive
+//
+//	a.Positivef(1, "error message %s", "formatted")
+//	a.Positivef(1.23, "error message %s", "formatted")
+func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Positivef(a.t, e, msg, args...)
+}
+
+// Regexp asserts that a specified regexp matches a string.
+//
+//	a.Regexp(regexp.MustCompile("start"), "it's starting")
+//	a.Regexp("start...$", "it's not starting")
+func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Regexp(a.t, rx, str, msgAndArgs...)
+}
+
+// Regexpf asserts that a specified regexp matches a string.
+//
+//	a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted")
+//	a.Regexpf("start...$", "it's not starting", "error message %s", "formatted")
+func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Regexpf(a.t, rx, str, msg, args...)
+}
+
+// Same asserts that two pointers reference the same object.
+//
+//	a.Same(ptr1, ptr2)
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func (a *Assertions) Same(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Same(a.t, expected, actual, msgAndArgs...)
+}
+
+// Samef asserts that two pointers reference the same object.
+//
+//	a.Samef(ptr1, ptr2, "error message %s", "formatted")
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func (a *Assertions) Samef(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Samef(a.t, expected, actual, msg, args...)
+}
+
+// Subset asserts that the specified list(array, slice...) or map contains all
+// elements given in the specified subset list(array, slice...) or map.
+//
+//	a.Subset([1, 2, 3], [1, 2])
+//	a.Subset({"x": 1, "y": 2}, {"x": 1})
+func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Subset(a.t, list, subset, msgAndArgs...)
+}
+
+// Subsetf asserts that the specified list(array, slice...) or map contains all
+// elements given in the specified subset list(array, slice...) or map.
+//
+//	a.Subsetf([1, 2, 3], [1, 2], "error message %s", "formatted")
+//	a.Subsetf({"x": 1, "y": 2}, {"x": 1}, "error message %s", "formatted")
+func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Subsetf(a.t, list, subset, msg, args...)
+}
+
+// True asserts that the specified value is true.
+//
+//	a.True(myBool)
+func (a *Assertions) True(value bool, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return True(a.t, value, msgAndArgs...)
+}
+
+// Truef asserts that the specified value is true.
+//
+//	a.Truef(myBool, "error message %s", "formatted")
+func (a *Assertions) Truef(value bool, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Truef(a.t, value, msg, args...)
+}
+
+// WithinDuration asserts that the two times are within duration delta of each other.
+//
+//	a.WithinDuration(time.Now(), time.Now(), 10*time.Second)
+func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return WithinDuration(a.t, expected, actual, delta, msgAndArgs...)
+}
+
+// WithinDurationf asserts that the two times are within duration delta of each other.
+//
+//	a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted")
+func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return WithinDurationf(a.t, expected, actual, delta, msg, args...)
+}
+
+// WithinRange asserts that a time is within a time range (inclusive).
+//
+//	a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second))
+func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return WithinRange(a.t, actual, start, end, msgAndArgs...)
+}
+
+// WithinRangef asserts that a time is within a time range (inclusive).
+//
+//	a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted")
+func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return WithinRangef(a.t, actual, start, end, msg, args...)
+}
+
+// YAMLEq asserts that two YAML strings are equivalent.
+func (a *Assertions) YAMLEq(expected string, actual string, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return YAMLEq(a.t, expected, actual, msgAndArgs...)
+}
+
+// YAMLEqf asserts that two YAML strings are equivalent.
+func (a *Assertions) YAMLEqf(expected string, actual string, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return YAMLEqf(a.t, expected, actual, msg, args...)
+}
+
+// Zero asserts that i is the zero value for its type.
+func (a *Assertions) Zero(i interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Zero(a.t, i, msgAndArgs...)
+}
+
+// Zerof asserts that i is the zero value for its type.
+func (a *Assertions) Zerof(i interface{}, msg string, args ...interface{}) bool {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	return Zerof(a.t, i, msg, args...)
+}
diff --git a/server/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl b/server/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl
new file mode 100644
index 0000000..188bb9e
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl
@@ -0,0 +1,5 @@
+{{.CommentWithoutT "a"}}
+func (a *Assertions) {{.DocInfo.Name}}({{.Params}}) bool {
+	if h, ok := a.t.(tHelper); ok { h.Helper() }
+	return {{.DocInfo.Name}}(a.t, {{.ForwardedParams}})
+}
diff --git a/server/vendor/github.com/stretchr/testify/assert/assertion_order.go b/server/vendor/github.com/stretchr/testify/assert/assertion_order.go
new file mode 100644
index 0000000..00df62a
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/assertion_order.go
@@ -0,0 +1,81 @@
+package assert
+
+import (
+	"fmt"
+	"reflect"
+)
+
+// isOrdered checks that collection contains orderable elements.
+func isOrdered(t TestingT, object interface{}, allowedComparesResults []CompareType, failMessage string, msgAndArgs ...interface{}) bool {
+	objKind := reflect.TypeOf(object).Kind()
+	if objKind != reflect.Slice && objKind != reflect.Array {
+		return false
+	}
+
+	objValue := reflect.ValueOf(object)
+	objLen := objValue.Len()
+
+	if objLen <= 1 {
+		return true
+	}
+
+	value := objValue.Index(0)
+	valueInterface := value.Interface()
+	firstValueKind := value.Kind()
+
+	for i := 1; i < objLen; i++ {
+		prevValue := value
+		prevValueInterface := valueInterface
+
+		value = objValue.Index(i)
+		valueInterface = value.Interface()
+
+		compareResult, isComparable := compare(prevValueInterface, valueInterface, firstValueKind)
+
+		if !isComparable {
+			return Fail(t, fmt.Sprintf("Can not compare type \"%s\" and \"%s\"", reflect.TypeOf(value), reflect.TypeOf(prevValue)), msgAndArgs...)
+		}
+
+		if !containsValue(allowedComparesResults, compareResult) {
+			return Fail(t, fmt.Sprintf(failMessage, prevValue, value), msgAndArgs...)
+		}
+	}
+
+	return true
+}
+
+// IsIncreasing asserts that the collection is increasing
+//
+//	assert.IsIncreasing(t, []int{1, 2, 3})
+//	assert.IsIncreasing(t, []float{1, 2})
+//	assert.IsIncreasing(t, []string{"a", "b"})
+func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
+	return isOrdered(t, object, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...)
+}
+
+// IsNonIncreasing asserts that the collection is not increasing
+//
+//	assert.IsNonIncreasing(t, []int{2, 1, 1})
+//	assert.IsNonIncreasing(t, []float{2, 1})
+//	assert.IsNonIncreasing(t, []string{"b", "a"})
+func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
+	return isOrdered(t, object, []CompareType{compareEqual, compareGreater}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...)
+}
+
+// IsDecreasing asserts that the collection is decreasing
+//
+//	assert.IsDecreasing(t, []int{2, 1, 0})
+//	assert.IsDecreasing(t, []float{2, 1})
+//	assert.IsDecreasing(t, []string{"b", "a"})
+func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
+	return isOrdered(t, object, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...)
+}
+
+// IsNonDecreasing asserts that the collection is not decreasing
+//
+//	assert.IsNonDecreasing(t, []int{1, 1, 2})
+//	assert.IsNonDecreasing(t, []float{1, 2})
+//	assert.IsNonDecreasing(t, []string{"a", "b"})
+func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
+	return isOrdered(t, object, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...)
+}
diff --git a/server/vendor/github.com/stretchr/testify/assert/assertions.go b/server/vendor/github.com/stretchr/testify/assert/assertions.go
new file mode 100644
index 0000000..0b7570f
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/assertions.go
@@ -0,0 +1,2105 @@
+package assert
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"math"
+	"os"
+	"reflect"
+	"regexp"
+	"runtime"
+	"runtime/debug"
+	"strings"
+	"time"
+	"unicode"
+	"unicode/utf8"
+
+	"github.com/davecgh/go-spew/spew"
+	"github.com/pmezard/go-difflib/difflib"
+	"gopkg.in/yaml.v3"
+)
+
+//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=assert -template=assertion_format.go.tmpl"
+
+// TestingT is an interface wrapper around *testing.T
+type TestingT interface {
+	Errorf(format string, args ...interface{})
+}
+
+// ComparisonAssertionFunc is a common function prototype when comparing two values.  Can be useful
+// for table driven tests.
+type ComparisonAssertionFunc func(TestingT, interface{}, interface{}, ...interface{}) bool
+
+// ValueAssertionFunc is a common function prototype when validating a single value.  Can be useful
+// for table driven tests.
+type ValueAssertionFunc func(TestingT, interface{}, ...interface{}) bool
+
+// BoolAssertionFunc is a common function prototype when validating a bool value.  Can be useful
+// for table driven tests.
+type BoolAssertionFunc func(TestingT, bool, ...interface{}) bool
+
+// ErrorAssertionFunc is a common function prototype when validating an error value.  Can be useful
+// for table driven tests.
+type ErrorAssertionFunc func(TestingT, error, ...interface{}) bool
+
+// Comparison is a custom function that returns true on success and false on failure
+type Comparison func() (success bool)
+
+/*
+	Helper functions
+*/
+
+// ObjectsAreEqual determines if two objects are considered equal.
+//
+// This function does no assertion of any kind.
+func ObjectsAreEqual(expected, actual interface{}) bool {
+	if expected == nil || actual == nil {
+		return expected == actual
+	}
+
+	exp, ok := expected.([]byte)
+	if !ok {
+		return reflect.DeepEqual(expected, actual)
+	}
+
+	act, ok := actual.([]byte)
+	if !ok {
+		return false
+	}
+	if exp == nil || act == nil {
+		return exp == nil && act == nil
+	}
+	return bytes.Equal(exp, act)
+}
+
+// copyExportedFields iterates downward through nested data structures and creates a copy
+// that only contains the exported struct fields.
+func copyExportedFields(expected interface{}) interface{} {
+	if isNil(expected) {
+		return expected
+	}
+
+	expectedType := reflect.TypeOf(expected)
+	expectedKind := expectedType.Kind()
+	expectedValue := reflect.ValueOf(expected)
+
+	switch expectedKind {
+	case reflect.Struct:
+		result := reflect.New(expectedType).Elem()
+		for i := 0; i < expectedType.NumField(); i++ {
+			field := expectedType.Field(i)
+			isExported := field.IsExported()
+			if isExported {
+				fieldValue := expectedValue.Field(i)
+				if isNil(fieldValue) || isNil(fieldValue.Interface()) {
+					continue
+				}
+				newValue := copyExportedFields(fieldValue.Interface())
+				result.Field(i).Set(reflect.ValueOf(newValue))
+			}
+		}
+		return result.Interface()
+
+	case reflect.Ptr:
+		result := reflect.New(expectedType.Elem())
+		unexportedRemoved := copyExportedFields(expectedValue.Elem().Interface())
+		result.Elem().Set(reflect.ValueOf(unexportedRemoved))
+		return result.Interface()
+
+	case reflect.Array, reflect.Slice:
+		var result reflect.Value
+		if expectedKind == reflect.Array {
+			result = reflect.New(reflect.ArrayOf(expectedValue.Len(), expectedType.Elem())).Elem()
+		} else {
+			result = reflect.MakeSlice(expectedType, expectedValue.Len(), expectedValue.Len())
+		}
+		for i := 0; i < expectedValue.Len(); i++ {
+			index := expectedValue.Index(i)
+			if isNil(index) {
+				continue
+			}
+			unexportedRemoved := copyExportedFields(index.Interface())
+			result.Index(i).Set(reflect.ValueOf(unexportedRemoved))
+		}
+		return result.Interface()
+
+	case reflect.Map:
+		result := reflect.MakeMap(expectedType)
+		for _, k := range expectedValue.MapKeys() {
+			index := expectedValue.MapIndex(k)
+			unexportedRemoved := copyExportedFields(index.Interface())
+			result.SetMapIndex(k, reflect.ValueOf(unexportedRemoved))
+		}
+		return result.Interface()
+
+	default:
+		return expected
+	}
+}
+
+// ObjectsExportedFieldsAreEqual determines if the exported (public) fields of two objects are
+// considered equal. This comparison of only exported fields is applied recursively to nested data
+// structures.
+//
+// This function does no assertion of any kind.
+//
+// Deprecated: Use [EqualExportedValues] instead.
+func ObjectsExportedFieldsAreEqual(expected, actual interface{}) bool {
+	expectedCleaned := copyExportedFields(expected)
+	actualCleaned := copyExportedFields(actual)
+	return ObjectsAreEqualValues(expectedCleaned, actualCleaned)
+}
+
+// ObjectsAreEqualValues gets whether two objects are equal, or if their
+// values are equal.
+func ObjectsAreEqualValues(expected, actual interface{}) bool {
+	if ObjectsAreEqual(expected, actual) {
+		return true
+	}
+
+	expectedValue := reflect.ValueOf(expected)
+	actualValue := reflect.ValueOf(actual)
+	if !expectedValue.IsValid() || !actualValue.IsValid() {
+		return false
+	}
+
+	expectedType := expectedValue.Type()
+	actualType := actualValue.Type()
+	if !expectedType.ConvertibleTo(actualType) {
+		return false
+	}
+
+	if !isNumericType(expectedType) || !isNumericType(actualType) {
+		// Attempt comparison after type conversion
+		return reflect.DeepEqual(
+			expectedValue.Convert(actualType).Interface(), actual,
+		)
+	}
+
+	// If BOTH values are numeric, there are chances of false positives due
+	// to overflow or underflow. So, we need to make sure to always convert
+	// the smaller type to a larger type before comparing.
+	if expectedType.Size() >= actualType.Size() {
+		return actualValue.Convert(expectedType).Interface() == expected
+	}
+
+	return expectedValue.Convert(actualType).Interface() == actual
+}
+
+// isNumericType returns true if the type is one of:
+// int, int8, int16, int32, int64, uint, uint8, uint16, uint32, uint64,
+// float32, float64, complex64, complex128
+func isNumericType(t reflect.Type) bool {
+	return t.Kind() >= reflect.Int && t.Kind() <= reflect.Complex128
+}
+
+/* CallerInfo is necessary because the assert functions use the testing object
+internally, causing it to print the file:line of the assert method, rather than where
+the problem actually occurred in calling code.*/
+
+// CallerInfo returns an array of strings containing the file and line number
+// of each stack frame leading from the current test to the assert call that
+// failed.
+func CallerInfo() []string {
+
+	var pc uintptr
+	var ok bool
+	var file string
+	var line int
+	var name string
+
+	callers := []string{}
+	for i := 0; ; i++ {
+		pc, file, line, ok = runtime.Caller(i)
+		if !ok {
+			// The breaks below failed to terminate the loop, and we ran off the
+			// end of the call stack.
+			break
+		}
+
+		// This is a huge edge case, but it will panic if this is the case, see #180
+		if file == "<autogenerated>" {
+			break
+		}
+
+		f := runtime.FuncForPC(pc)
+		if f == nil {
+			break
+		}
+		name = f.Name()
+
+		// testing.tRunner is the standard library function that calls
+		// tests. Subtests are called directly by tRunner, without going through
+		// the Test/Benchmark/Example function that contains the t.Run calls, so
+		// with subtests we should break when we hit tRunner, without adding it
+		// to the list of callers.
+		if name == "testing.tRunner" {
+			break
+		}
+
+		parts := strings.Split(file, "/")
+		if len(parts) > 1 {
+			filename := parts[len(parts)-1]
+			dir := parts[len(parts)-2]
+			if (dir != "assert" && dir != "mock" && dir != "require") || filename == "mock_test.go" {
+				callers = append(callers, fmt.Sprintf("%s:%d", file, line))
+			}
+		}
+
+		// Drop the package
+		segments := strings.Split(name, ".")
+		name = segments[len(segments)-1]
+		if isTest(name, "Test") ||
+			isTest(name, "Benchmark") ||
+			isTest(name, "Example") {
+			break
+		}
+	}
+
+	return callers
+}
+
+// Stolen from the `go test` tool.
+// isTest tells whether name looks like a test (or benchmark, according to prefix).
+// It is a Test (say) if there is a character after Test that is not a lower-case letter.
+// We don't want TesticularCancer.
+func isTest(name, prefix string) bool {
+	if !strings.HasPrefix(name, prefix) {
+		return false
+	}
+	if len(name) == len(prefix) { // "Test" is ok
+		return true
+	}
+	r, _ := utf8.DecodeRuneInString(name[len(prefix):])
+	return !unicode.IsLower(r)
+}
+
+func messageFromMsgAndArgs(msgAndArgs ...interface{}) string {
+	if len(msgAndArgs) == 0 || msgAndArgs == nil {
+		return ""
+	}
+	if len(msgAndArgs) == 1 {
+		msg := msgAndArgs[0]
+		if msgAsStr, ok := msg.(string); ok {
+			return msgAsStr
+		}
+		return fmt.Sprintf("%+v", msg)
+	}
+	if len(msgAndArgs) > 1 {
+		return fmt.Sprintf(msgAndArgs[0].(string), msgAndArgs[1:]...)
+	}
+	return ""
+}
+
+// Aligns the provided message so that all lines after the first line start at the same location as the first line.
+// Assumes that the first line starts at the correct location (after carriage return, tab, label, spacer and tab).
+// The longestLabelLen parameter specifies the length of the longest label in the output (required because this is the
+// basis on which the alignment occurs).
+func indentMessageLines(message string, longestLabelLen int) string {
+	outBuf := new(bytes.Buffer)
+
+	for i, scanner := 0, bufio.NewScanner(strings.NewReader(message)); scanner.Scan(); i++ {
+		// no need to align first line because it starts at the correct location (after the label)
+		if i != 0 {
+			// append alignLen+1 spaces to align with "{{longestLabel}}:" before adding tab
+			outBuf.WriteString("\n\t" + strings.Repeat(" ", longestLabelLen+1) + "\t")
+		}
+		outBuf.WriteString(scanner.Text())
+	}
+
+	return outBuf.String()
+}
+
+type failNower interface {
+	FailNow()
+}
+
+// FailNow fails test
+func FailNow(t TestingT, failureMessage string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	Fail(t, failureMessage, msgAndArgs...)
+
+	// We cannot extend TestingT with FailNow() and
+	// maintain backwards compatibility, so we fallback
+	// to panicking when FailNow is not available in
+	// TestingT.
+	// See issue #263
+
+	if t, ok := t.(failNower); ok {
+		t.FailNow()
+	} else {
+		panic("test failed and t is missing `FailNow()`")
+	}
+	return false
+}
+
+// Fail reports a failure through
+func Fail(t TestingT, failureMessage string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	content := []labeledContent{
+		{"Error Trace", strings.Join(CallerInfo(), "\n\t\t\t")},
+		{"Error", failureMessage},
+	}
+
+	// Add test name if the Go version supports it
+	if n, ok := t.(interface {
+		Name() string
+	}); ok {
+		content = append(content, labeledContent{"Test", n.Name()})
+	}
+
+	message := messageFromMsgAndArgs(msgAndArgs...)
+	if len(message) > 0 {
+		content = append(content, labeledContent{"Messages", message})
+	}
+
+	t.Errorf("\n%s", ""+labeledOutput(content...))
+
+	return false
+}
+
+type labeledContent struct {
+	label   string
+	content string
+}
+
+// labeledOutput returns a string consisting of the provided labeledContent. Each labeled output is appended in the following manner:
+//
+//	\t{{label}}:{{align_spaces}}\t{{content}}\n
+//
+// The initial carriage return is required to undo/erase any padding added by testing.T.Errorf. The "\t{{label}}:" is for the label.
+// If a label is shorter than the longest label provided, padding spaces are added to make all the labels match in length. Once this
+// alignment is achieved, "\t{{content}}\n" is added for the output.
+//
+// If the content of the labeledOutput contains line breaks, the subsequent lines are aligned so that they start at the same location as the first line.
+func labeledOutput(content ...labeledContent) string {
+	longestLabel := 0
+	for _, v := range content {
+		if len(v.label) > longestLabel {
+			longestLabel = len(v.label)
+		}
+	}
+	var output string
+	for _, v := range content {
+		output += "\t" + v.label + ":" + strings.Repeat(" ", longestLabel-len(v.label)) + "\t" + indentMessageLines(v.content, longestLabel) + "\n"
+	}
+	return output
+}
+
+// Implements asserts that an object is implemented by the specified interface.
+//
+//	assert.Implements(t, (*MyInterface)(nil), new(MyObject))
+func Implements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	interfaceType := reflect.TypeOf(interfaceObject).Elem()
+
+	if object == nil {
+		return Fail(t, fmt.Sprintf("Cannot check if nil implements %v", interfaceType), msgAndArgs...)
+	}
+	if !reflect.TypeOf(object).Implements(interfaceType) {
+		return Fail(t, fmt.Sprintf("%T must implement %v", object, interfaceType), msgAndArgs...)
+	}
+
+	return true
+}
+
+// NotImplements asserts that an object does not implement the specified interface.
+//
+//	assert.NotImplements(t, (*MyInterface)(nil), new(MyObject))
+func NotImplements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	interfaceType := reflect.TypeOf(interfaceObject).Elem()
+
+	if object == nil {
+		return Fail(t, fmt.Sprintf("Cannot check if nil does not implement %v", interfaceType), msgAndArgs...)
+	}
+	if reflect.TypeOf(object).Implements(interfaceType) {
+		return Fail(t, fmt.Sprintf("%T implements %v", object, interfaceType), msgAndArgs...)
+	}
+
+	return true
+}
+
+// IsType asserts that the specified objects are of the same type.
+func IsType(t TestingT, expectedType interface{}, object interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if !ObjectsAreEqual(reflect.TypeOf(object), reflect.TypeOf(expectedType)) {
+		return Fail(t, fmt.Sprintf("Object expected to be of type %v, but was %v", reflect.TypeOf(expectedType), reflect.TypeOf(object)), msgAndArgs...)
+	}
+
+	return true
+}
+
+// Equal asserts that two objects are equal.
+//
+//	assert.Equal(t, 123, 123)
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses). Function equality
+// cannot be determined and will always fail.
+func Equal(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if err := validateEqualArgs(expected, actual); err != nil {
+		return Fail(t, fmt.Sprintf("Invalid operation: %#v == %#v (%s)",
+			expected, actual, err), msgAndArgs...)
+	}
+
+	if !ObjectsAreEqual(expected, actual) {
+		diff := diff(expected, actual)
+		expected, actual = formatUnequalValues(expected, actual)
+		return Fail(t, fmt.Sprintf("Not equal: \n"+
+			"expected: %s\n"+
+			"actual  : %s%s", expected, actual, diff), msgAndArgs...)
+	}
+
+	return true
+
+}
+
+// validateEqualArgs checks whether provided arguments can be safely used in the
+// Equal/NotEqual functions.
+func validateEqualArgs(expected, actual interface{}) error {
+	if expected == nil && actual == nil {
+		return nil
+	}
+
+	if isFunction(expected) || isFunction(actual) {
+		return errors.New("cannot take func type as argument")
+	}
+	return nil
+}
+
+// Same asserts that two pointers reference the same object.
+//
+//	assert.Same(t, ptr1, ptr2)
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func Same(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if !samePointers(expected, actual) {
+		return Fail(t, fmt.Sprintf("Not same: \n"+
+			"expected: %p %#v\n"+
+			"actual  : %p %#v", expected, expected, actual, actual), msgAndArgs...)
+	}
+
+	return true
+}
+
+// NotSame asserts that two pointers do not reference the same object.
+//
+//	assert.NotSame(t, ptr1, ptr2)
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func NotSame(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if samePointers(expected, actual) {
+		return Fail(t, fmt.Sprintf(
+			"Expected and actual point to the same object: %p %#v",
+			expected, expected), msgAndArgs...)
+	}
+	return true
+}
+
+// samePointers compares two generic interface objects and returns whether
+// they point to the same object
+func samePointers(first, second interface{}) bool {
+	firstPtr, secondPtr := reflect.ValueOf(first), reflect.ValueOf(second)
+	if firstPtr.Kind() != reflect.Ptr || secondPtr.Kind() != reflect.Ptr {
+		return false
+	}
+
+	firstType, secondType := reflect.TypeOf(first), reflect.TypeOf(second)
+	if firstType != secondType {
+		return false
+	}
+
+	// compare pointer addresses
+	return first == second
+}
+
+// formatUnequalValues takes two values of arbitrary types and returns string
+// representations appropriate to be presented to the user.
+//
+// If the values are not of like type, the returned strings will be prefixed
+// with the type name, and the value will be enclosed in parentheses similar
+// to a type conversion in the Go grammar.
+func formatUnequalValues(expected, actual interface{}) (e string, a string) {
+	if reflect.TypeOf(expected) != reflect.TypeOf(actual) {
+		return fmt.Sprintf("%T(%s)", expected, truncatingFormat(expected)),
+			fmt.Sprintf("%T(%s)", actual, truncatingFormat(actual))
+	}
+	switch expected.(type) {
+	case time.Duration:
+		return fmt.Sprintf("%v", expected), fmt.Sprintf("%v", actual)
+	}
+	return truncatingFormat(expected), truncatingFormat(actual)
+}
+
+// truncatingFormat formats the data and truncates it if it's too long.
+//
+// This helps keep formatted error messages lines from exceeding the
+// bufio.MaxScanTokenSize max line length that the go testing framework imposes.
+func truncatingFormat(data interface{}) string {
+	value := fmt.Sprintf("%#v", data)
+	max := bufio.MaxScanTokenSize - 100 // Give us some space the type info too if needed.
+	if len(value) > max {
+		value = value[0:max] + "<... truncated>"
+	}
+	return value
+}
+
+// EqualValues asserts that two objects are equal or convertible to the same types
+// and equal.
+//
+//	assert.EqualValues(t, uint32(123), int32(123))
+func EqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if !ObjectsAreEqualValues(expected, actual) {
+		diff := diff(expected, actual)
+		expected, actual = formatUnequalValues(expected, actual)
+		return Fail(t, fmt.Sprintf("Not equal: \n"+
+			"expected: %s\n"+
+			"actual  : %s%s", expected, actual, diff), msgAndArgs...)
+	}
+
+	return true
+
+}
+
+// EqualExportedValues asserts that the types of two objects are equal and their public
+// fields are also equal. This is useful for comparing structs that have private fields
+// that could potentially differ.
+//
+//	 type S struct {
+//		Exported     	int
+//		notExported   	int
+//	 }
+//	 assert.EqualExportedValues(t, S{1, 2}, S{1, 3}) => true
+//	 assert.EqualExportedValues(t, S{1, 2}, S{2, 3}) => false
+func EqualExportedValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	aType := reflect.TypeOf(expected)
+	bType := reflect.TypeOf(actual)
+
+	if aType != bType {
+		return Fail(t, fmt.Sprintf("Types expected to match exactly\n\t%v != %v", aType, bType), msgAndArgs...)
+	}
+
+	if aType.Kind() == reflect.Ptr {
+		aType = aType.Elem()
+	}
+	if bType.Kind() == reflect.Ptr {
+		bType = bType.Elem()
+	}
+
+	if aType.Kind() != reflect.Struct {
+		return Fail(t, fmt.Sprintf("Types expected to both be struct or pointer to struct \n\t%v != %v", aType.Kind(), reflect.Struct), msgAndArgs...)
+	}
+
+	if bType.Kind() != reflect.Struct {
+		return Fail(t, fmt.Sprintf("Types expected to both be struct or pointer to struct \n\t%v != %v", bType.Kind(), reflect.Struct), msgAndArgs...)
+	}
+
+	expected = copyExportedFields(expected)
+	actual = copyExportedFields(actual)
+
+	if !ObjectsAreEqualValues(expected, actual) {
+		diff := diff(expected, actual)
+		expected, actual = formatUnequalValues(expected, actual)
+		return Fail(t, fmt.Sprintf("Not equal (comparing only exported fields): \n"+
+			"expected: %s\n"+
+			"actual  : %s%s", expected, actual, diff), msgAndArgs...)
+	}
+
+	return true
+}
+
+// Exactly asserts that two objects are equal in value and type.
+//
+//	assert.Exactly(t, int32(123), int64(123))
+func Exactly(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	aType := reflect.TypeOf(expected)
+	bType := reflect.TypeOf(actual)
+
+	if aType != bType {
+		return Fail(t, fmt.Sprintf("Types expected to match exactly\n\t%v != %v", aType, bType), msgAndArgs...)
+	}
+
+	return Equal(t, expected, actual, msgAndArgs...)
+
+}
+
+// NotNil asserts that the specified object is not nil.
+//
+//	assert.NotNil(t, err)
+func NotNil(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
+	if !isNil(object) {
+		return true
+	}
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Fail(t, "Expected value not to be nil.", msgAndArgs...)
+}
+
+// isNil checks if a specified object is nil or not, without Failing.
+func isNil(object interface{}) bool {
+	if object == nil {
+		return true
+	}
+
+	value := reflect.ValueOf(object)
+	switch value.Kind() {
+	case
+		reflect.Chan, reflect.Func,
+		reflect.Interface, reflect.Map,
+		reflect.Ptr, reflect.Slice, reflect.UnsafePointer:
+
+		return value.IsNil()
+	}
+
+	return false
+}
+
+// Nil asserts that the specified object is nil.
+//
+//	assert.Nil(t, err)
+func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
+	if isNil(object) {
+		return true
+	}
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	return Fail(t, fmt.Sprintf("Expected nil, but got: %#v", object), msgAndArgs...)
+}
+
+// isEmpty gets whether the specified object is considered empty or not.
+func isEmpty(object interface{}) bool {
+
+	// get nil case out of the way
+	if object == nil {
+		return true
+	}
+
+	objValue := reflect.ValueOf(object)
+
+	switch objValue.Kind() {
+	// collection types are empty when they have no element
+	case reflect.Chan, reflect.Map, reflect.Slice:
+		return objValue.Len() == 0
+	// pointers are empty if nil or if the value they point to is empty
+	case reflect.Ptr:
+		if objValue.IsNil() {
+			return true
+		}
+		deref := objValue.Elem().Interface()
+		return isEmpty(deref)
+	// for all other types, compare against the zero value
+	// array types are empty when they match their zero-initialized state
+	default:
+		zero := reflect.Zero(objValue.Type())
+		return reflect.DeepEqual(object, zero.Interface())
+	}
+}
+
+// Empty asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	assert.Empty(t, obj)
+func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
+	pass := isEmpty(object)
+	if !pass {
+		if h, ok := t.(tHelper); ok {
+			h.Helper()
+		}
+		Fail(t, fmt.Sprintf("Should be empty, but was %v", object), msgAndArgs...)
+	}
+
+	return pass
+
+}
+
+// NotEmpty asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	if assert.NotEmpty(t, obj) {
+//	  assert.Equal(t, "two", obj[1])
+//	}
+func NotEmpty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
+	pass := !isEmpty(object)
+	if !pass {
+		if h, ok := t.(tHelper); ok {
+			h.Helper()
+		}
+		Fail(t, fmt.Sprintf("Should NOT be empty, but was %v", object), msgAndArgs...)
+	}
+
+	return pass
+
+}
+
+// getLen tries to get the length of an object.
+// It returns (0, false) if impossible.
+func getLen(x interface{}) (length int, ok bool) {
+	v := reflect.ValueOf(x)
+	defer func() {
+		ok = recover() == nil
+	}()
+	return v.Len(), true
+}
+
+// Len asserts that the specified object has specific length.
+// Len also fails if the object has a type that len() not accept.
+//
+//	assert.Len(t, mySlice, 3)
+func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	l, ok := getLen(object)
+	if !ok {
+		return Fail(t, fmt.Sprintf("\"%v\" could not be applied builtin len()", object), msgAndArgs...)
+	}
+
+	if l != length {
+		return Fail(t, fmt.Sprintf("\"%v\" should have %d item(s), but has %d", object, length, l), msgAndArgs...)
+	}
+	return true
+}
+
+// True asserts that the specified value is true.
+//
+//	assert.True(t, myBool)
+func True(t TestingT, value bool, msgAndArgs ...interface{}) bool {
+	if !value {
+		if h, ok := t.(tHelper); ok {
+			h.Helper()
+		}
+		return Fail(t, "Should be true", msgAndArgs...)
+	}
+
+	return true
+
+}
+
+// False asserts that the specified value is false.
+//
+//	assert.False(t, myBool)
+func False(t TestingT, value bool, msgAndArgs ...interface{}) bool {
+	if value {
+		if h, ok := t.(tHelper); ok {
+			h.Helper()
+		}
+		return Fail(t, "Should be false", msgAndArgs...)
+	}
+
+	return true
+
+}
+
+// NotEqual asserts that the specified values are NOT equal.
+//
+//	assert.NotEqual(t, obj1, obj2)
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses).
+func NotEqual(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if err := validateEqualArgs(expected, actual); err != nil {
+		return Fail(t, fmt.Sprintf("Invalid operation: %#v != %#v (%s)",
+			expected, actual, err), msgAndArgs...)
+	}
+
+	if ObjectsAreEqual(expected, actual) {
+		return Fail(t, fmt.Sprintf("Should not be: %#v\n", actual), msgAndArgs...)
+	}
+
+	return true
+
+}
+
+// NotEqualValues asserts that two objects are not equal even when converted to the same type
+//
+//	assert.NotEqualValues(t, obj1, obj2)
+func NotEqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if ObjectsAreEqualValues(expected, actual) {
+		return Fail(t, fmt.Sprintf("Should not be: %#v\n", actual), msgAndArgs...)
+	}
+
+	return true
+}
+
+// containsElement try loop over the list check if the list includes the element.
+// return (false, false) if impossible.
+// return (true, false) if element was not found.
+// return (true, true) if element was found.
+func containsElement(list interface{}, element interface{}) (ok, found bool) {
+
+	listValue := reflect.ValueOf(list)
+	listType := reflect.TypeOf(list)
+	if listType == nil {
+		return false, false
+	}
+	listKind := listType.Kind()
+	defer func() {
+		if e := recover(); e != nil {
+			ok = false
+			found = false
+		}
+	}()
+
+	if listKind == reflect.String {
+		elementValue := reflect.ValueOf(element)
+		return true, strings.Contains(listValue.String(), elementValue.String())
+	}
+
+	if listKind == reflect.Map {
+		mapKeys := listValue.MapKeys()
+		for i := 0; i < len(mapKeys); i++ {
+			if ObjectsAreEqual(mapKeys[i].Interface(), element) {
+				return true, true
+			}
+		}
+		return true, false
+	}
+
+	for i := 0; i < listValue.Len(); i++ {
+		if ObjectsAreEqual(listValue.Index(i).Interface(), element) {
+			return true, true
+		}
+	}
+	return true, false
+
+}
+
+// Contains asserts that the specified string, list(array, slice...) or map contains the
+// specified substring or element.
+//
+//	assert.Contains(t, "Hello World", "World")
+//	assert.Contains(t, ["Hello", "World"], "World")
+//	assert.Contains(t, {"Hello": "World"}, "Hello")
+func Contains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	ok, found := containsElement(s, contains)
+	if !ok {
+		return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", s), msgAndArgs...)
+	}
+	if !found {
+		return Fail(t, fmt.Sprintf("%#v does not contain %#v", s, contains), msgAndArgs...)
+	}
+
+	return true
+
+}
+
+// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the
+// specified substring or element.
+//
+//	assert.NotContains(t, "Hello World", "Earth")
+//	assert.NotContains(t, ["Hello", "World"], "Earth")
+//	assert.NotContains(t, {"Hello": "World"}, "Earth")
+func NotContains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	ok, found := containsElement(s, contains)
+	if !ok {
+		return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", s), msgAndArgs...)
+	}
+	if found {
+		return Fail(t, fmt.Sprintf("%#v should not contain %#v", s, contains), msgAndArgs...)
+	}
+
+	return true
+
+}
+
+// Subset asserts that the specified list(array, slice...) or map contains all
+// elements given in the specified subset list(array, slice...) or map.
+//
+//	assert.Subset(t, [1, 2, 3], [1, 2])
+//	assert.Subset(t, {"x": 1, "y": 2}, {"x": 1})
+func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok bool) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if subset == nil {
+		return true // we consider nil to be equal to the nil set
+	}
+
+	listKind := reflect.TypeOf(list).Kind()
+	if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map {
+		return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...)
+	}
+
+	subsetKind := reflect.TypeOf(subset).Kind()
+	if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map {
+		return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...)
+	}
+
+	if subsetKind == reflect.Map && listKind == reflect.Map {
+		subsetMap := reflect.ValueOf(subset)
+		actualMap := reflect.ValueOf(list)
+
+		for _, k := range subsetMap.MapKeys() {
+			ev := subsetMap.MapIndex(k)
+			av := actualMap.MapIndex(k)
+
+			if !av.IsValid() {
+				return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...)
+			}
+			if !ObjectsAreEqual(ev.Interface(), av.Interface()) {
+				return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...)
+			}
+		}
+
+		return true
+	}
+
+	subsetList := reflect.ValueOf(subset)
+	for i := 0; i < subsetList.Len(); i++ {
+		element := subsetList.Index(i).Interface()
+		ok, found := containsElement(list, element)
+		if !ok {
+			return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", list), msgAndArgs...)
+		}
+		if !found {
+			return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, element), msgAndArgs...)
+		}
+	}
+
+	return true
+}
+
+// NotSubset asserts that the specified list(array, slice...) or map does NOT
+// contain all elements given in the specified subset list(array, slice...) or
+// map.
+//
+//	assert.NotSubset(t, [1, 3, 4], [1, 2])
+//	assert.NotSubset(t, {"x": 1, "y": 2}, {"z": 3})
+func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok bool) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if subset == nil {
+		return Fail(t, "nil is the empty set which is a subset of every set", msgAndArgs...)
+	}
+
+	listKind := reflect.TypeOf(list).Kind()
+	if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map {
+		return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...)
+	}
+
+	subsetKind := reflect.TypeOf(subset).Kind()
+	if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map {
+		return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...)
+	}
+
+	if subsetKind == reflect.Map && listKind == reflect.Map {
+		subsetMap := reflect.ValueOf(subset)
+		actualMap := reflect.ValueOf(list)
+
+		for _, k := range subsetMap.MapKeys() {
+			ev := subsetMap.MapIndex(k)
+			av := actualMap.MapIndex(k)
+
+			if !av.IsValid() {
+				return true
+			}
+			if !ObjectsAreEqual(ev.Interface(), av.Interface()) {
+				return true
+			}
+		}
+
+		return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...)
+	}
+
+	subsetList := reflect.ValueOf(subset)
+	for i := 0; i < subsetList.Len(); i++ {
+		element := subsetList.Index(i).Interface()
+		ok, found := containsElement(list, element)
+		if !ok {
+			return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...)
+		}
+		if !found {
+			return true
+		}
+	}
+
+	return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...)
+}
+
+// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified
+// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
+// the number of appearances of each of them in both lists should match.
+//
+// assert.ElementsMatch(t, [1, 3, 2, 3], [1, 3, 3, 2])
+func ElementsMatch(t TestingT, listA, listB interface{}, msgAndArgs ...interface{}) (ok bool) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if isEmpty(listA) && isEmpty(listB) {
+		return true
+	}
+
+	if !isList(t, listA, msgAndArgs...) || !isList(t, listB, msgAndArgs...) {
+		return false
+	}
+
+	extraA, extraB := diffLists(listA, listB)
+
+	if len(extraA) == 0 && len(extraB) == 0 {
+		return true
+	}
+
+	return Fail(t, formatListDiff(listA, listB, extraA, extraB), msgAndArgs...)
+}
+
+// isList checks that the provided value is array or slice.
+func isList(t TestingT, list interface{}, msgAndArgs ...interface{}) (ok bool) {
+	kind := reflect.TypeOf(list).Kind()
+	if kind != reflect.Array && kind != reflect.Slice {
+		return Fail(t, fmt.Sprintf("%q has an unsupported type %s, expecting array or slice", list, kind),
+			msgAndArgs...)
+	}
+	return true
+}
+
+// diffLists diffs two arrays/slices and returns slices of elements that are only in A and only in B.
+// If some element is present multiple times, each instance is counted separately (e.g. if something is 2x in A and
+// 5x in B, it will be 0x in extraA and 3x in extraB). The order of items in both lists is ignored.
+func diffLists(listA, listB interface{}) (extraA, extraB []interface{}) {
+	aValue := reflect.ValueOf(listA)
+	bValue := reflect.ValueOf(listB)
+
+	aLen := aValue.Len()
+	bLen := bValue.Len()
+
+	// Mark indexes in bValue that we already used
+	visited := make([]bool, bLen)
+	for i := 0; i < aLen; i++ {
+		element := aValue.Index(i).Interface()
+		found := false
+		for j := 0; j < bLen; j++ {
+			if visited[j] {
+				continue
+			}
+			if ObjectsAreEqual(bValue.Index(j).Interface(), element) {
+				visited[j] = true
+				found = true
+				break
+			}
+		}
+		if !found {
+			extraA = append(extraA, element)
+		}
+	}
+
+	for j := 0; j < bLen; j++ {
+		if visited[j] {
+			continue
+		}
+		extraB = append(extraB, bValue.Index(j).Interface())
+	}
+
+	return
+}
+
+func formatListDiff(listA, listB interface{}, extraA, extraB []interface{}) string {
+	var msg bytes.Buffer
+
+	msg.WriteString("elements differ")
+	if len(extraA) > 0 {
+		msg.WriteString("\n\nextra elements in list A:\n")
+		msg.WriteString(spewConfig.Sdump(extraA))
+	}
+	if len(extraB) > 0 {
+		msg.WriteString("\n\nextra elements in list B:\n")
+		msg.WriteString(spewConfig.Sdump(extraB))
+	}
+	msg.WriteString("\n\nlistA:\n")
+	msg.WriteString(spewConfig.Sdump(listA))
+	msg.WriteString("\n\nlistB:\n")
+	msg.WriteString(spewConfig.Sdump(listB))
+
+	return msg.String()
+}
+
+// Condition uses a Comparison to assert a complex condition.
+func Condition(t TestingT, comp Comparison, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	result := comp()
+	if !result {
+		Fail(t, "Condition failed!", msgAndArgs...)
+	}
+	return result
+}
+
+// PanicTestFunc defines a func that should be passed to the assert.Panics and assert.NotPanics
+// methods, and represents a simple func that takes no arguments, and returns nothing.
+type PanicTestFunc func()
+
+// didPanic returns true if the function passed to it panics. Otherwise, it returns false.
+func didPanic(f PanicTestFunc) (didPanic bool, message interface{}, stack string) {
+	didPanic = true
+
+	defer func() {
+		message = recover()
+		if didPanic {
+			stack = string(debug.Stack())
+		}
+	}()
+
+	// call the target function
+	f()
+	didPanic = false
+
+	return
+}
+
+// Panics asserts that the code inside the specified PanicTestFunc panics.
+//
+//	assert.Panics(t, func(){ GoCrazy() })
+func Panics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if funcDidPanic, panicValue, _ := didPanic(f); !funcDidPanic {
+		return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...)
+	}
+
+	return true
+}
+
+// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that
+// the recovered panic value equals the expected panic value.
+//
+//	assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() })
+func PanicsWithValue(t TestingT, expected interface{}, f PanicTestFunc, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	funcDidPanic, panicValue, panickedStack := didPanic(f)
+	if !funcDidPanic {
+		return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...)
+	}
+	if panicValue != expected {
+		return Fail(t, fmt.Sprintf("func %#v should panic with value:\t%#v\n\tPanic value:\t%#v\n\tPanic stack:\t%s", f, expected, panicValue, panickedStack), msgAndArgs...)
+	}
+
+	return true
+}
+
+// PanicsWithError asserts that the code inside the specified PanicTestFunc
+// panics, and that the recovered panic value is an error that satisfies the
+// EqualError comparison.
+//
+//	assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() })
+func PanicsWithError(t TestingT, errString string, f PanicTestFunc, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	funcDidPanic, panicValue, panickedStack := didPanic(f)
+	if !funcDidPanic {
+		return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...)
+	}
+	panicErr, ok := panicValue.(error)
+	if !ok || panicErr.Error() != errString {
+		return Fail(t, fmt.Sprintf("func %#v should panic with error message:\t%#v\n\tPanic value:\t%#v\n\tPanic stack:\t%s", f, errString, panicValue, panickedStack), msgAndArgs...)
+	}
+
+	return true
+}
+
+// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic.
+//
+//	assert.NotPanics(t, func(){ RemainCalm() })
+func NotPanics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if funcDidPanic, panicValue, panickedStack := didPanic(f); funcDidPanic {
+		return Fail(t, fmt.Sprintf("func %#v should not panic\n\tPanic value:\t%v\n\tPanic stack:\t%s", f, panicValue, panickedStack), msgAndArgs...)
+	}
+
+	return true
+}
+
+// WithinDuration asserts that the two times are within duration delta of each other.
+//
+//	assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second)
+func WithinDuration(t TestingT, expected, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	dt := expected.Sub(actual)
+	if dt < -delta || dt > delta {
+		return Fail(t, fmt.Sprintf("Max difference between %v and %v allowed is %v, but difference was %v", expected, actual, delta, dt), msgAndArgs...)
+	}
+
+	return true
+}
+
+// WithinRange asserts that a time is within a time range (inclusive).
+//
+//	assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second))
+func WithinRange(t TestingT, actual, start, end time.Time, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if end.Before(start) {
+		return Fail(t, "Start should be before end", msgAndArgs...)
+	}
+
+	if actual.Before(start) {
+		return Fail(t, fmt.Sprintf("Time %v expected to be in time range %v to %v, but is before the range", actual, start, end), msgAndArgs...)
+	} else if actual.After(end) {
+		return Fail(t, fmt.Sprintf("Time %v expected to be in time range %v to %v, but is after the range", actual, start, end), msgAndArgs...)
+	}
+
+	return true
+}
+
+func toFloat(x interface{}) (float64, bool) {
+	var xf float64
+	xok := true
+
+	switch xn := x.(type) {
+	case uint:
+		xf = float64(xn)
+	case uint8:
+		xf = float64(xn)
+	case uint16:
+		xf = float64(xn)
+	case uint32:
+		xf = float64(xn)
+	case uint64:
+		xf = float64(xn)
+	case int:
+		xf = float64(xn)
+	case int8:
+		xf = float64(xn)
+	case int16:
+		xf = float64(xn)
+	case int32:
+		xf = float64(xn)
+	case int64:
+		xf = float64(xn)
+	case float32:
+		xf = float64(xn)
+	case float64:
+		xf = xn
+	case time.Duration:
+		xf = float64(xn)
+	default:
+		xok = false
+	}
+
+	return xf, xok
+}
+
+// InDelta asserts that the two numerals are within delta of each other.
+//
+//	assert.InDelta(t, math.Pi, 22/7.0, 0.01)
+func InDelta(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	af, aok := toFloat(expected)
+	bf, bok := toFloat(actual)
+
+	if !aok || !bok {
+		return Fail(t, "Parameters must be numerical", msgAndArgs...)
+	}
+
+	if math.IsNaN(af) && math.IsNaN(bf) {
+		return true
+	}
+
+	if math.IsNaN(af) {
+		return Fail(t, "Expected must not be NaN", msgAndArgs...)
+	}
+
+	if math.IsNaN(bf) {
+		return Fail(t, fmt.Sprintf("Expected %v with delta %v, but was NaN", expected, delta), msgAndArgs...)
+	}
+
+	dt := af - bf
+	if dt < -delta || dt > delta {
+		return Fail(t, fmt.Sprintf("Max difference between %v and %v allowed is %v, but difference was %v", expected, actual, delta, dt), msgAndArgs...)
+	}
+
+	return true
+}
+
+// InDeltaSlice is the same as InDelta, except it compares two slices.
+func InDeltaSlice(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if expected == nil || actual == nil ||
+		reflect.TypeOf(actual).Kind() != reflect.Slice ||
+		reflect.TypeOf(expected).Kind() != reflect.Slice {
+		return Fail(t, "Parameters must be slice", msgAndArgs...)
+	}
+
+	actualSlice := reflect.ValueOf(actual)
+	expectedSlice := reflect.ValueOf(expected)
+
+	for i := 0; i < actualSlice.Len(); i++ {
+		result := InDelta(t, actualSlice.Index(i).Interface(), expectedSlice.Index(i).Interface(), delta, msgAndArgs...)
+		if !result {
+			return result
+		}
+	}
+
+	return true
+}
+
+// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
+func InDeltaMapValues(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if expected == nil || actual == nil ||
+		reflect.TypeOf(actual).Kind() != reflect.Map ||
+		reflect.TypeOf(expected).Kind() != reflect.Map {
+		return Fail(t, "Arguments must be maps", msgAndArgs...)
+	}
+
+	expectedMap := reflect.ValueOf(expected)
+	actualMap := reflect.ValueOf(actual)
+
+	if expectedMap.Len() != actualMap.Len() {
+		return Fail(t, "Arguments must have the same number of keys", msgAndArgs...)
+	}
+
+	for _, k := range expectedMap.MapKeys() {
+		ev := expectedMap.MapIndex(k)
+		av := actualMap.MapIndex(k)
+
+		if !ev.IsValid() {
+			return Fail(t, fmt.Sprintf("missing key %q in expected map", k), msgAndArgs...)
+		}
+
+		if !av.IsValid() {
+			return Fail(t, fmt.Sprintf("missing key %q in actual map", k), msgAndArgs...)
+		}
+
+		if !InDelta(
+			t,
+			ev.Interface(),
+			av.Interface(),
+			delta,
+			msgAndArgs...,
+		) {
+			return false
+		}
+	}
+
+	return true
+}
+
+func calcRelativeError(expected, actual interface{}) (float64, error) {
+	af, aok := toFloat(expected)
+	bf, bok := toFloat(actual)
+	if !aok || !bok {
+		return 0, fmt.Errorf("Parameters must be numerical")
+	}
+	if math.IsNaN(af) && math.IsNaN(bf) {
+		return 0, nil
+	}
+	if math.IsNaN(af) {
+		return 0, errors.New("expected value must not be NaN")
+	}
+	if af == 0 {
+		return 0, fmt.Errorf("expected value must have a value other than zero to calculate the relative error")
+	}
+	if math.IsNaN(bf) {
+		return 0, errors.New("actual value must not be NaN")
+	}
+
+	return math.Abs(af-bf) / math.Abs(af), nil
+}
+
+// InEpsilon asserts that expected and actual have a relative error less than epsilon
+func InEpsilon(t TestingT, expected, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if math.IsNaN(epsilon) {
+		return Fail(t, "epsilon must not be NaN", msgAndArgs...)
+	}
+	actualEpsilon, err := calcRelativeError(expected, actual)
+	if err != nil {
+		return Fail(t, err.Error(), msgAndArgs...)
+	}
+	if actualEpsilon > epsilon {
+		return Fail(t, fmt.Sprintf("Relative error is too high: %#v (expected)\n"+
+			"        < %#v (actual)", epsilon, actualEpsilon), msgAndArgs...)
+	}
+
+	return true
+}
+
+// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices.
+func InEpsilonSlice(t TestingT, expected, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	if expected == nil || actual == nil {
+		return Fail(t, "Parameters must be slice", msgAndArgs...)
+	}
+
+	expectedSlice := reflect.ValueOf(expected)
+	actualSlice := reflect.ValueOf(actual)
+
+	if expectedSlice.Type().Kind() != reflect.Slice {
+		return Fail(t, "Expected value must be slice", msgAndArgs...)
+	}
+
+	expectedLen := expectedSlice.Len()
+	if !IsType(t, expected, actual) || !Len(t, actual, expectedLen) {
+		return false
+	}
+
+	for i := 0; i < expectedLen; i++ {
+		if !InEpsilon(t, expectedSlice.Index(i).Interface(), actualSlice.Index(i).Interface(), epsilon, "at index %d", i) {
+			return false
+		}
+	}
+
+	return true
+}
+
+/*
+	Errors
+*/
+
+// NoError asserts that a function returned no error (i.e. `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if assert.NoError(t, err) {
+//		   assert.Equal(t, expectedObj, actualObj)
+//	  }
+func NoError(t TestingT, err error, msgAndArgs ...interface{}) bool {
+	if err != nil {
+		if h, ok := t.(tHelper); ok {
+			h.Helper()
+		}
+		return Fail(t, fmt.Sprintf("Received unexpected error:\n%+v", err), msgAndArgs...)
+	}
+
+	return true
+}
+
+// Error asserts that a function returned an error (i.e. not `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if assert.Error(t, err) {
+//		   assert.Equal(t, expectedError, err)
+//	  }
+func Error(t TestingT, err error, msgAndArgs ...interface{}) bool {
+	if err == nil {
+		if h, ok := t.(tHelper); ok {
+			h.Helper()
+		}
+		return Fail(t, "An error is expected but got nil.", msgAndArgs...)
+	}
+
+	return true
+}
+
+// EqualError asserts that a function returned an error (i.e. not `nil`)
+// and that it is equal to the provided error.
+//
+//	actualObj, err := SomeFunction()
+//	assert.EqualError(t, err,  expectedErrorString)
+func EqualError(t TestingT, theError error, errString string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if !Error(t, theError, msgAndArgs...) {
+		return false
+	}
+	expected := errString
+	actual := theError.Error()
+	// don't need to use deep equals here, we know they are both strings
+	if expected != actual {
+		return Fail(t, fmt.Sprintf("Error message not equal:\n"+
+			"expected: %q\n"+
+			"actual  : %q", expected, actual), msgAndArgs...)
+	}
+	return true
+}
+
+// ErrorContains asserts that a function returned an error (i.e. not `nil`)
+// and that the error contains the specified substring.
+//
+//	actualObj, err := SomeFunction()
+//	assert.ErrorContains(t, err,  expectedErrorSubString)
+func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if !Error(t, theError, msgAndArgs...) {
+		return false
+	}
+
+	actual := theError.Error()
+	if !strings.Contains(actual, contains) {
+		return Fail(t, fmt.Sprintf("Error %#v does not contain %#v", actual, contains), msgAndArgs...)
+	}
+
+	return true
+}
+
+// matchRegexp return true if a specified regexp matches a string.
+func matchRegexp(rx interface{}, str interface{}) bool {
+
+	var r *regexp.Regexp
+	if rr, ok := rx.(*regexp.Regexp); ok {
+		r = rr
+	} else {
+		r = regexp.MustCompile(fmt.Sprint(rx))
+	}
+
+	return (r.FindStringIndex(fmt.Sprint(str)) != nil)
+
+}
+
+// Regexp asserts that a specified regexp matches a string.
+//
+//	assert.Regexp(t, regexp.MustCompile("start"), "it's starting")
+//	assert.Regexp(t, "start...$", "it's not starting")
+func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	match := matchRegexp(rx, str)
+
+	if !match {
+		Fail(t, fmt.Sprintf("Expect \"%v\" to match \"%v\"", str, rx), msgAndArgs...)
+	}
+
+	return match
+}
+
+// NotRegexp asserts that a specified regexp does not match a string.
+//
+//	assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting")
+//	assert.NotRegexp(t, "^start", "it's not starting")
+func NotRegexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	match := matchRegexp(rx, str)
+
+	if match {
+		Fail(t, fmt.Sprintf("Expect \"%v\" to NOT match \"%v\"", str, rx), msgAndArgs...)
+	}
+
+	return !match
+
+}
+
+// Zero asserts that i is the zero value for its type.
+func Zero(t TestingT, i interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if i != nil && !reflect.DeepEqual(i, reflect.Zero(reflect.TypeOf(i)).Interface()) {
+		return Fail(t, fmt.Sprintf("Should be zero, but was %v", i), msgAndArgs...)
+	}
+	return true
+}
+
+// NotZero asserts that i is not the zero value for its type.
+func NotZero(t TestingT, i interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if i == nil || reflect.DeepEqual(i, reflect.Zero(reflect.TypeOf(i)).Interface()) {
+		return Fail(t, fmt.Sprintf("Should not be zero, but was %v", i), msgAndArgs...)
+	}
+	return true
+}
+
+// FileExists checks whether a file exists in the given path. It also fails if
+// the path points to a directory or there is an error when trying to check the file.
+func FileExists(t TestingT, path string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	info, err := os.Lstat(path)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return Fail(t, fmt.Sprintf("unable to find file %q", path), msgAndArgs...)
+		}
+		return Fail(t, fmt.Sprintf("error when running os.Lstat(%q): %s", path, err), msgAndArgs...)
+	}
+	if info.IsDir() {
+		return Fail(t, fmt.Sprintf("%q is a directory", path), msgAndArgs...)
+	}
+	return true
+}
+
+// NoFileExists checks whether a file does not exist in a given path. It fails
+// if the path points to an existing _file_ only.
+func NoFileExists(t TestingT, path string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	info, err := os.Lstat(path)
+	if err != nil {
+		return true
+	}
+	if info.IsDir() {
+		return true
+	}
+	return Fail(t, fmt.Sprintf("file %q exists", path), msgAndArgs...)
+}
+
+// DirExists checks whether a directory exists in the given path. It also fails
+// if the path is a file rather a directory or there is an error checking whether it exists.
+func DirExists(t TestingT, path string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	info, err := os.Lstat(path)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return Fail(t, fmt.Sprintf("unable to find file %q", path), msgAndArgs...)
+		}
+		return Fail(t, fmt.Sprintf("error when running os.Lstat(%q): %s", path, err), msgAndArgs...)
+	}
+	if !info.IsDir() {
+		return Fail(t, fmt.Sprintf("%q is a file", path), msgAndArgs...)
+	}
+	return true
+}
+
+// NoDirExists checks whether a directory does not exist in the given path.
+// It fails if the path points to an existing _directory_ only.
+func NoDirExists(t TestingT, path string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	info, err := os.Lstat(path)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return true
+		}
+		return true
+	}
+	if !info.IsDir() {
+		return true
+	}
+	return Fail(t, fmt.Sprintf("directory %q exists", path), msgAndArgs...)
+}
+
+// JSONEq asserts that two JSON strings are equivalent.
+//
+//	assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`)
+func JSONEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	var expectedJSONAsInterface, actualJSONAsInterface interface{}
+
+	if err := json.Unmarshal([]byte(expected), &expectedJSONAsInterface); err != nil {
+		return Fail(t, fmt.Sprintf("Expected value ('%s') is not valid json.\nJSON parsing error: '%s'", expected, err.Error()), msgAndArgs...)
+	}
+
+	if err := json.Unmarshal([]byte(actual), &actualJSONAsInterface); err != nil {
+		return Fail(t, fmt.Sprintf("Input ('%s') needs to be valid json.\nJSON parsing error: '%s'", actual, err.Error()), msgAndArgs...)
+	}
+
+	return Equal(t, expectedJSONAsInterface, actualJSONAsInterface, msgAndArgs...)
+}
+
+// YAMLEq asserts that two YAML strings are equivalent.
+func YAMLEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	var expectedYAMLAsInterface, actualYAMLAsInterface interface{}
+
+	if err := yaml.Unmarshal([]byte(expected), &expectedYAMLAsInterface); err != nil {
+		return Fail(t, fmt.Sprintf("Expected value ('%s') is not valid yaml.\nYAML parsing error: '%s'", expected, err.Error()), msgAndArgs...)
+	}
+
+	if err := yaml.Unmarshal([]byte(actual), &actualYAMLAsInterface); err != nil {
+		return Fail(t, fmt.Sprintf("Input ('%s') needs to be valid yaml.\nYAML error: '%s'", actual, err.Error()), msgAndArgs...)
+	}
+
+	return Equal(t, expectedYAMLAsInterface, actualYAMLAsInterface, msgAndArgs...)
+}
+
+func typeAndKind(v interface{}) (reflect.Type, reflect.Kind) {
+	t := reflect.TypeOf(v)
+	k := t.Kind()
+
+	if k == reflect.Ptr {
+		t = t.Elem()
+		k = t.Kind()
+	}
+	return t, k
+}
+
+// diff returns a diff of both values as long as both are of the same type and
+// are a struct, map, slice, array or string. Otherwise it returns an empty string.
+func diff(expected interface{}, actual interface{}) string {
+	if expected == nil || actual == nil {
+		return ""
+	}
+
+	et, ek := typeAndKind(expected)
+	at, _ := typeAndKind(actual)
+
+	if et != at {
+		return ""
+	}
+
+	if ek != reflect.Struct && ek != reflect.Map && ek != reflect.Slice && ek != reflect.Array && ek != reflect.String {
+		return ""
+	}
+
+	var e, a string
+
+	switch et {
+	case reflect.TypeOf(""):
+		e = reflect.ValueOf(expected).String()
+		a = reflect.ValueOf(actual).String()
+	case reflect.TypeOf(time.Time{}):
+		e = spewConfigStringerEnabled.Sdump(expected)
+		a = spewConfigStringerEnabled.Sdump(actual)
+	default:
+		e = spewConfig.Sdump(expected)
+		a = spewConfig.Sdump(actual)
+	}
+
+	diff, _ := difflib.GetUnifiedDiffString(difflib.UnifiedDiff{
+		A:        difflib.SplitLines(e),
+		B:        difflib.SplitLines(a),
+		FromFile: "Expected",
+		FromDate: "",
+		ToFile:   "Actual",
+		ToDate:   "",
+		Context:  1,
+	})
+
+	return "\n\nDiff:\n" + diff
+}
+
+func isFunction(arg interface{}) bool {
+	if arg == nil {
+		return false
+	}
+	return reflect.TypeOf(arg).Kind() == reflect.Func
+}
+
+var spewConfig = spew.ConfigState{
+	Indent:                  " ",
+	DisablePointerAddresses: true,
+	DisableCapacities:       true,
+	SortKeys:                true,
+	DisableMethods:          true,
+	MaxDepth:                10,
+}
+
+var spewConfigStringerEnabled = spew.ConfigState{
+	Indent:                  " ",
+	DisablePointerAddresses: true,
+	DisableCapacities:       true,
+	SortKeys:                true,
+	MaxDepth:                10,
+}
+
+type tHelper interface {
+	Helper()
+}
+
+// Eventually asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick.
+//
+//	assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond)
+func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	ch := make(chan bool, 1)
+
+	timer := time.NewTimer(waitFor)
+	defer timer.Stop()
+
+	ticker := time.NewTicker(tick)
+	defer ticker.Stop()
+
+	for tick := ticker.C; ; {
+		select {
+		case <-timer.C:
+			return Fail(t, "Condition never satisfied", msgAndArgs...)
+		case <-tick:
+			tick = nil
+			go func() { ch <- condition() }()
+		case v := <-ch:
+			if v {
+				return true
+			}
+			tick = ticker.C
+		}
+	}
+}
+
+// CollectT implements the TestingT interface and collects all errors.
+type CollectT struct {
+	errors []error
+}
+
+// Errorf collects the error.
+func (c *CollectT) Errorf(format string, args ...interface{}) {
+	c.errors = append(c.errors, fmt.Errorf(format, args...))
+}
+
+// FailNow panics.
+func (*CollectT) FailNow() {
+	panic("Assertion failed")
+}
+
+// Deprecated: That was a method for internal usage that should not have been published. Now just panics.
+func (*CollectT) Reset() {
+	panic("Reset() is deprecated")
+}
+
+// Deprecated: That was a method for internal usage that should not have been published. Now just panics.
+func (*CollectT) Copy(TestingT) {
+	panic("Copy() is deprecated")
+}
+
+// EventuallyWithT asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick. In contrast to Eventually,
+// it supplies a CollectT to the condition function, so that the condition
+// function can use the CollectT to call other assertions.
+// The condition is considered "met" if no errors are raised in a tick.
+// The supplied CollectT collects all errors from one tick (if there are any).
+// If the condition is not met before waitFor, the collected errors of
+// the last tick are copied to t.
+//
+//	externalValue := false
+//	go func() {
+//		time.Sleep(8*time.Second)
+//		externalValue = true
+//	}()
+//	assert.EventuallyWithT(t, func(c *assert.CollectT) {
+//		// add assertions as needed; any assertion failure will fail the current tick
+//		assert.True(c, externalValue, "expected 'externalValue' to be true")
+//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
+func EventuallyWithT(t TestingT, condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	var lastFinishedTickErrs []error
+	ch := make(chan []error, 1)
+
+	timer := time.NewTimer(waitFor)
+	defer timer.Stop()
+
+	ticker := time.NewTicker(tick)
+	defer ticker.Stop()
+
+	for tick := ticker.C; ; {
+		select {
+		case <-timer.C:
+			for _, err := range lastFinishedTickErrs {
+				t.Errorf("%v", err)
+			}
+			return Fail(t, "Condition never satisfied", msgAndArgs...)
+		case <-tick:
+			tick = nil
+			go func() {
+				collect := new(CollectT)
+				defer func() {
+					ch <- collect.errors
+				}()
+				condition(collect)
+			}()
+		case errs := <-ch:
+			if len(errs) == 0 {
+				return true
+			}
+			// Keep the errors from the last ended condition, so that they can be copied to t if timeout is reached.
+			lastFinishedTickErrs = errs
+			tick = ticker.C
+		}
+	}
+}
+
+// Never asserts that the given condition doesn't satisfy in waitFor time,
+// periodically checking the target function each tick.
+//
+//	assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond)
+func Never(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+
+	ch := make(chan bool, 1)
+
+	timer := time.NewTimer(waitFor)
+	defer timer.Stop()
+
+	ticker := time.NewTicker(tick)
+	defer ticker.Stop()
+
+	for tick := ticker.C; ; {
+		select {
+		case <-timer.C:
+			return true
+		case <-tick:
+			tick = nil
+			go func() { ch <- condition() }()
+		case v := <-ch:
+			if v {
+				return Fail(t, "Condition satisfied", msgAndArgs...)
+			}
+			tick = ticker.C
+		}
+	}
+}
+
+// ErrorIs asserts that at least one of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func ErrorIs(t TestingT, err, target error, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if errors.Is(err, target) {
+		return true
+	}
+
+	var expectedText string
+	if target != nil {
+		expectedText = target.Error()
+	}
+
+	chain := buildErrorChainString(err)
+
+	return Fail(t, fmt.Sprintf("Target error should be in err chain:\n"+
+		"expected: %q\n"+
+		"in chain: %s", expectedText, chain,
+	), msgAndArgs...)
+}
+
+// NotErrorIs asserts that at none of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func NotErrorIs(t TestingT, err, target error, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if !errors.Is(err, target) {
+		return true
+	}
+
+	var expectedText string
+	if target != nil {
+		expectedText = target.Error()
+	}
+
+	chain := buildErrorChainString(err)
+
+	return Fail(t, fmt.Sprintf("Target error should not be in err chain:\n"+
+		"found: %q\n"+
+		"in chain: %s", expectedText, chain,
+	), msgAndArgs...)
+}
+
+// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
+// This is a wrapper for errors.As.
+func ErrorAs(t TestingT, err error, target interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if errors.As(err, target) {
+		return true
+	}
+
+	chain := buildErrorChainString(err)
+
+	return Fail(t, fmt.Sprintf("Should be in error chain:\n"+
+		"expected: %q\n"+
+		"in chain: %s", target, chain,
+	), msgAndArgs...)
+}
+
+func buildErrorChainString(err error) string {
+	if err == nil {
+		return ""
+	}
+
+	e := errors.Unwrap(err)
+	chain := fmt.Sprintf("%q", err.Error())
+	for e != nil {
+		chain += fmt.Sprintf("\n\t%q", e.Error())
+		e = errors.Unwrap(e)
+	}
+	return chain
+}
diff --git a/server/vendor/github.com/stretchr/testify/assert/doc.go b/server/vendor/github.com/stretchr/testify/assert/doc.go
new file mode 100644
index 0000000..4953981
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/doc.go
@@ -0,0 +1,46 @@
+// Package assert provides a set of comprehensive testing tools for use with the normal Go testing system.
+//
+// # Example Usage
+//
+// The following is a complete example using assert in a standard test function:
+//
+//	import (
+//	  "testing"
+//	  "github.com/stretchr/testify/assert"
+//	)
+//
+//	func TestSomething(t *testing.T) {
+//
+//	  var a string = "Hello"
+//	  var b string = "Hello"
+//
+//	  assert.Equal(t, a, b, "The two words should be the same.")
+//
+//	}
+//
+// if you assert many times, use the format below:
+//
+//	import (
+//	  "testing"
+//	  "github.com/stretchr/testify/assert"
+//	)
+//
+//	func TestSomething(t *testing.T) {
+//	  assert := assert.New(t)
+//
+//	  var a string = "Hello"
+//	  var b string = "Hello"
+//
+//	  assert.Equal(a, b, "The two words should be the same.")
+//	}
+//
+// # Assertions
+//
+// Assertions allow you to easily write test code, and are global funcs in the `assert` package.
+// All assertion functions take, as the first argument, the `*testing.T` object provided by the
+// testing framework. This allows the assertion funcs to write the failings and other details to
+// the correct place.
+//
+// Every assertion function also takes an optional string message as the final argument,
+// allowing custom error messages to be appended to the message the assertion method outputs.
+package assert
diff --git a/server/vendor/github.com/stretchr/testify/assert/errors.go b/server/vendor/github.com/stretchr/testify/assert/errors.go
new file mode 100644
index 0000000..ac9dc9d
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/errors.go
@@ -0,0 +1,10 @@
+package assert
+
+import (
+	"errors"
+)
+
+// AnError is an error instance useful for testing.  If the code does not care
+// about error specifics, and only needs to return the error for example, this
+// error should be used to make the test code more readable.
+var AnError = errors.New("assert.AnError general error for testing")
diff --git a/server/vendor/github.com/stretchr/testify/assert/forward_assertions.go b/server/vendor/github.com/stretchr/testify/assert/forward_assertions.go
new file mode 100644
index 0000000..df189d2
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/forward_assertions.go
@@ -0,0 +1,16 @@
+package assert
+
+// Assertions provides assertion methods around the
+// TestingT interface.
+type Assertions struct {
+	t TestingT
+}
+
+// New makes a new Assertions object for the specified TestingT.
+func New(t TestingT) *Assertions {
+	return &Assertions{
+		t: t,
+	}
+}
+
+//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=assert -template=assertion_forward.go.tmpl -include-format-funcs"
diff --git a/server/vendor/github.com/stretchr/testify/assert/http_assertions.go b/server/vendor/github.com/stretchr/testify/assert/http_assertions.go
new file mode 100644
index 0000000..861ed4b
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/assert/http_assertions.go
@@ -0,0 +1,165 @@
+package assert
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"strings"
+)
+
+// httpCode is a helper that returns HTTP code of the response. It returns -1 and
+// an error if building a new request fails.
+func httpCode(handler http.HandlerFunc, method, url string, values url.Values) (int, error) {
+	w := httptest.NewRecorder()
+	req, err := http.NewRequest(method, url, http.NoBody)
+	if err != nil {
+		return -1, err
+	}
+	req.URL.RawQuery = values.Encode()
+	handler(w, req)
+	return w.Code, nil
+}
+
+// HTTPSuccess asserts that a specified handler returns a success status code.
+//
+//	assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil)
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPSuccess(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	code, err := httpCode(handler, method, url, values)
+	if err != nil {
+		Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err), msgAndArgs...)
+	}
+
+	isSuccessCode := code >= http.StatusOK && code <= http.StatusPartialContent
+	if !isSuccessCode {
+		Fail(t, fmt.Sprintf("Expected HTTP success status code for %q but received %d", url+"?"+values.Encode(), code), msgAndArgs...)
+	}
+
+	return isSuccessCode
+}
+
+// HTTPRedirect asserts that a specified handler returns a redirect status code.
+//
+//	assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPRedirect(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	code, err := httpCode(handler, method, url, values)
+	if err != nil {
+		Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err), msgAndArgs...)
+	}
+
+	isRedirectCode := code >= http.StatusMultipleChoices && code <= http.StatusTemporaryRedirect
+	if !isRedirectCode {
+		Fail(t, fmt.Sprintf("Expected HTTP redirect status code for %q but received %d", url+"?"+values.Encode(), code), msgAndArgs...)
+	}
+
+	return isRedirectCode
+}
+
+// HTTPError asserts that a specified handler returns an error status code.
+//
+//	assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPError(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	code, err := httpCode(handler, method, url, values)
+	if err != nil {
+		Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err), msgAndArgs...)
+	}
+
+	isErrorCode := code >= http.StatusBadRequest
+	if !isErrorCode {
+		Fail(t, fmt.Sprintf("Expected HTTP error status code for %q but received %d", url+"?"+values.Encode(), code), msgAndArgs...)
+	}
+
+	return isErrorCode
+}
+
+// HTTPStatusCode asserts that a specified handler returns a specified status code.
+//
+//	assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501)
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPStatusCode(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	code, err := httpCode(handler, method, url, values)
+	if err != nil {
+		Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err), msgAndArgs...)
+	}
+
+	successful := code == statuscode
+	if !successful {
+		Fail(t, fmt.Sprintf("Expected HTTP status code %d for %q but received %d", statuscode, url+"?"+values.Encode(), code), msgAndArgs...)
+	}
+
+	return successful
+}
+
+// HTTPBody is a helper that returns HTTP body of the response. It returns
+// empty string if building a new request fails.
+func HTTPBody(handler http.HandlerFunc, method, url string, values url.Values) string {
+	w := httptest.NewRecorder()
+	if len(values) > 0 {
+		url += "?" + values.Encode()
+	}
+	req, err := http.NewRequest(method, url, http.NoBody)
+	if err != nil {
+		return ""
+	}
+	handler(w, req)
+	return w.Body.String()
+}
+
+// HTTPBodyContains asserts that a specified handler returns a
+// body that contains a string.
+//
+//	assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	body := HTTPBody(handler, method, url, values)
+
+	contains := strings.Contains(body, fmt.Sprint(str))
+	if !contains {
+		Fail(t, fmt.Sprintf("Expected response body for \"%s\" to contain \"%s\" but found \"%s\"", url+"?"+values.Encode(), str, body), msgAndArgs...)
+	}
+
+	return contains
+}
+
+// HTTPBodyNotContains asserts that a specified handler returns a
+// body that does not contain a string.
+//
+//	assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPBodyNotContains(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	body := HTTPBody(handler, method, url, values)
+
+	contains := strings.Contains(body, fmt.Sprint(str))
+	if contains {
+		Fail(t, fmt.Sprintf("Expected response body for \"%s\" to NOT contain \"%s\" but found \"%s\"", url+"?"+values.Encode(), str, body), msgAndArgs...)
+	}
+
+	return !contains
+}
diff --git a/server/vendor/github.com/stretchr/testify/require/doc.go b/server/vendor/github.com/stretchr/testify/require/doc.go
new file mode 100644
index 0000000..9684347
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/require/doc.go
@@ -0,0 +1,29 @@
+// Package require implements the same assertions as the `assert` package but
+// stops test execution when a test fails.
+//
+// # Example Usage
+//
+// The following is a complete example using require in a standard test function:
+//
+//	import (
+//	  "testing"
+//	  "github.com/stretchr/testify/require"
+//	)
+//
+//	func TestSomething(t *testing.T) {
+//
+//	  var a string = "Hello"
+//	  var b string = "Hello"
+//
+//	  require.Equal(t, a, b, "The two words should be the same.")
+//
+//	}
+//
+// # Assertions
+//
+// The `require` package have same global functions as in the `assert` package,
+// but instead of returning a boolean result they call `t.FailNow()`.
+//
+// Every assertion function also takes an optional string message as the final argument,
+// allowing custom error messages to be appended to the message the assertion method outputs.
+package require
diff --git a/server/vendor/github.com/stretchr/testify/require/forward_requirements.go b/server/vendor/github.com/stretchr/testify/require/forward_requirements.go
new file mode 100644
index 0000000..1dcb233
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/require/forward_requirements.go
@@ -0,0 +1,16 @@
+package require
+
+// Assertions provides assertion methods around the
+// TestingT interface.
+type Assertions struct {
+	t TestingT
+}
+
+// New makes a new Assertions object for the specified TestingT.
+func New(t TestingT) *Assertions {
+	return &Assertions{
+		t: t,
+	}
+}
+
+//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=require -template=require_forward.go.tmpl -include-format-funcs"
diff --git a/server/vendor/github.com/stretchr/testify/require/require.go b/server/vendor/github.com/stretchr/testify/require/require.go
new file mode 100644
index 0000000..506a82f
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/require/require.go
@@ -0,0 +1,2060 @@
+// Code generated with github.com/stretchr/testify/_codegen; DO NOT EDIT.
+
+package require
+
+import (
+	assert "github.com/stretchr/testify/assert"
+	http "net/http"
+	url "net/url"
+	time "time"
+)
+
+// Condition uses a Comparison to assert a complex condition.
+func Condition(t TestingT, comp assert.Comparison, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Condition(t, comp, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Conditionf uses a Comparison to assert a complex condition.
+func Conditionf(t TestingT, comp assert.Comparison, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Conditionf(t, comp, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Contains asserts that the specified string, list(array, slice...) or map contains the
+// specified substring or element.
+//
+//	assert.Contains(t, "Hello World", "World")
+//	assert.Contains(t, ["Hello", "World"], "World")
+//	assert.Contains(t, {"Hello": "World"}, "Hello")
+func Contains(t TestingT, s interface{}, contains interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Contains(t, s, contains, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Containsf asserts that the specified string, list(array, slice...) or map contains the
+// specified substring or element.
+//
+//	assert.Containsf(t, "Hello World", "World", "error message %s", "formatted")
+//	assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted")
+//	assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted")
+func Containsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Containsf(t, s, contains, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// DirExists checks whether a directory exists in the given path. It also fails
+// if the path is a file rather a directory or there is an error checking whether it exists.
+func DirExists(t TestingT, path string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.DirExists(t, path, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// DirExistsf checks whether a directory exists in the given path. It also fails
+// if the path is a file rather a directory or there is an error checking whether it exists.
+func DirExistsf(t TestingT, path string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.DirExistsf(t, path, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified
+// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
+// the number of appearances of each of them in both lists should match.
+//
+// assert.ElementsMatch(t, [1, 3, 2, 3], [1, 3, 3, 2])
+func ElementsMatch(t TestingT, listA interface{}, listB interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.ElementsMatch(t, listA, listB, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified
+// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
+// the number of appearances of each of them in both lists should match.
+//
+// assert.ElementsMatchf(t, [1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted")
+func ElementsMatchf(t TestingT, listA interface{}, listB interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.ElementsMatchf(t, listA, listB, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Empty asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	assert.Empty(t, obj)
+func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Empty(t, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Emptyf asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	assert.Emptyf(t, obj, "error message %s", "formatted")
+func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Emptyf(t, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Equal asserts that two objects are equal.
+//
+//	assert.Equal(t, 123, 123)
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses). Function equality
+// cannot be determined and will always fail.
+func Equal(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Equal(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// EqualError asserts that a function returned an error (i.e. not `nil`)
+// and that it is equal to the provided error.
+//
+//	actualObj, err := SomeFunction()
+//	assert.EqualError(t, err,  expectedErrorString)
+func EqualError(t TestingT, theError error, errString string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.EqualError(t, theError, errString, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// EqualErrorf asserts that a function returned an error (i.e. not `nil`)
+// and that it is equal to the provided error.
+//
+//	actualObj, err := SomeFunction()
+//	assert.EqualErrorf(t, err,  expectedErrorString, "error message %s", "formatted")
+func EqualErrorf(t TestingT, theError error, errString string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.EqualErrorf(t, theError, errString, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// EqualExportedValues asserts that the types of two objects are equal and their public
+// fields are also equal. This is useful for comparing structs that have private fields
+// that could potentially differ.
+//
+//	 type S struct {
+//		Exported     	int
+//		notExported   	int
+//	 }
+//	 assert.EqualExportedValues(t, S{1, 2}, S{1, 3}) => true
+//	 assert.EqualExportedValues(t, S{1, 2}, S{2, 3}) => false
+func EqualExportedValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.EqualExportedValues(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// EqualExportedValuesf asserts that the types of two objects are equal and their public
+// fields are also equal. This is useful for comparing structs that have private fields
+// that could potentially differ.
+//
+//	 type S struct {
+//		Exported     	int
+//		notExported   	int
+//	 }
+//	 assert.EqualExportedValuesf(t, S{1, 2}, S{1, 3}, "error message %s", "formatted") => true
+//	 assert.EqualExportedValuesf(t, S{1, 2}, S{2, 3}, "error message %s", "formatted") => false
+func EqualExportedValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.EqualExportedValuesf(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// EqualValues asserts that two objects are equal or convertible to the same types
+// and equal.
+//
+//	assert.EqualValues(t, uint32(123), int32(123))
+func EqualValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.EqualValues(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// EqualValuesf asserts that two objects are equal or convertible to the same types
+// and equal.
+//
+//	assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted")
+func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.EqualValuesf(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Equalf asserts that two objects are equal.
+//
+//	assert.Equalf(t, 123, 123, "error message %s", "formatted")
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses). Function equality
+// cannot be determined and will always fail.
+func Equalf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Equalf(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Error asserts that a function returned an error (i.e. not `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if assert.Error(t, err) {
+//		   assert.Equal(t, expectedError, err)
+//	  }
+func Error(t TestingT, err error, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Error(t, err, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
+// This is a wrapper for errors.As.
+func ErrorAs(t TestingT, err error, target interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.ErrorAs(t, err, target, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
+// This is a wrapper for errors.As.
+func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.ErrorAsf(t, err, target, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// ErrorContains asserts that a function returned an error (i.e. not `nil`)
+// and that the error contains the specified substring.
+//
+//	actualObj, err := SomeFunction()
+//	assert.ErrorContains(t, err,  expectedErrorSubString)
+func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.ErrorContains(t, theError, contains, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// ErrorContainsf asserts that a function returned an error (i.e. not `nil`)
+// and that the error contains the specified substring.
+//
+//	actualObj, err := SomeFunction()
+//	assert.ErrorContainsf(t, err,  expectedErrorSubString, "error message %s", "formatted")
+func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.ErrorContainsf(t, theError, contains, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// ErrorIs asserts that at least one of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func ErrorIs(t TestingT, err error, target error, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.ErrorIs(t, err, target, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// ErrorIsf asserts that at least one of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func ErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.ErrorIsf(t, err, target, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Errorf asserts that a function returned an error (i.e. not `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if assert.Errorf(t, err, "error message %s", "formatted") {
+//		   assert.Equal(t, expectedErrorf, err)
+//	  }
+func Errorf(t TestingT, err error, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Errorf(t, err, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Eventually asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick.
+//
+//	assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond)
+func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Eventually(t, condition, waitFor, tick, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// EventuallyWithT asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick. In contrast to Eventually,
+// it supplies a CollectT to the condition function, so that the condition
+// function can use the CollectT to call other assertions.
+// The condition is considered "met" if no errors are raised in a tick.
+// The supplied CollectT collects all errors from one tick (if there are any).
+// If the condition is not met before waitFor, the collected errors of
+// the last tick are copied to t.
+//
+//	externalValue := false
+//	go func() {
+//		time.Sleep(8*time.Second)
+//		externalValue = true
+//	}()
+//	assert.EventuallyWithT(t, func(c *assert.CollectT) {
+//		// add assertions as needed; any assertion failure will fail the current tick
+//		assert.True(c, externalValue, "expected 'externalValue' to be true")
+//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
+func EventuallyWithT(t TestingT, condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.EventuallyWithT(t, condition, waitFor, tick, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// EventuallyWithTf asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick. In contrast to Eventually,
+// it supplies a CollectT to the condition function, so that the condition
+// function can use the CollectT to call other assertions.
+// The condition is considered "met" if no errors are raised in a tick.
+// The supplied CollectT collects all errors from one tick (if there are any).
+// If the condition is not met before waitFor, the collected errors of
+// the last tick are copied to t.
+//
+//	externalValue := false
+//	go func() {
+//		time.Sleep(8*time.Second)
+//		externalValue = true
+//	}()
+//	assert.EventuallyWithTf(t, func(c *assert.CollectT, "error message %s", "formatted") {
+//		// add assertions as needed; any assertion failure will fail the current tick
+//		assert.True(c, externalValue, "expected 'externalValue' to be true")
+//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
+func EventuallyWithTf(t TestingT, condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.EventuallyWithTf(t, condition, waitFor, tick, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Eventuallyf asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick.
+//
+//	assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
+func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Eventuallyf(t, condition, waitFor, tick, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Exactly asserts that two objects are equal in value and type.
+//
+//	assert.Exactly(t, int32(123), int64(123))
+func Exactly(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Exactly(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Exactlyf asserts that two objects are equal in value and type.
+//
+//	assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted")
+func Exactlyf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Exactlyf(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Fail reports a failure through
+func Fail(t TestingT, failureMessage string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Fail(t, failureMessage, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// FailNow fails test
+func FailNow(t TestingT, failureMessage string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.FailNow(t, failureMessage, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// FailNowf fails test
+func FailNowf(t TestingT, failureMessage string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.FailNowf(t, failureMessage, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Failf reports a failure through
+func Failf(t TestingT, failureMessage string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Failf(t, failureMessage, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// False asserts that the specified value is false.
+//
+//	assert.False(t, myBool)
+func False(t TestingT, value bool, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.False(t, value, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Falsef asserts that the specified value is false.
+//
+//	assert.Falsef(t, myBool, "error message %s", "formatted")
+func Falsef(t TestingT, value bool, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Falsef(t, value, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// FileExists checks whether a file exists in the given path. It also fails if
+// the path points to a directory or there is an error when trying to check the file.
+func FileExists(t TestingT, path string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.FileExists(t, path, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// FileExistsf checks whether a file exists in the given path. It also fails if
+// the path points to a directory or there is an error when trying to check the file.
+func FileExistsf(t TestingT, path string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.FileExistsf(t, path, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Greater asserts that the first element is greater than the second
+//
+//	assert.Greater(t, 2, 1)
+//	assert.Greater(t, float64(2), float64(1))
+//	assert.Greater(t, "b", "a")
+func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Greater(t, e1, e2, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// GreaterOrEqual asserts that the first element is greater than or equal to the second
+//
+//	assert.GreaterOrEqual(t, 2, 1)
+//	assert.GreaterOrEqual(t, 2, 2)
+//	assert.GreaterOrEqual(t, "b", "a")
+//	assert.GreaterOrEqual(t, "b", "b")
+func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.GreaterOrEqual(t, e1, e2, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// GreaterOrEqualf asserts that the first element is greater than or equal to the second
+//
+//	assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted")
+//	assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted")
+//	assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted")
+//	assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted")
+func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.GreaterOrEqualf(t, e1, e2, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Greaterf asserts that the first element is greater than the second
+//
+//	assert.Greaterf(t, 2, 1, "error message %s", "formatted")
+//	assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted")
+//	assert.Greaterf(t, "b", "a", "error message %s", "formatted")
+func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Greaterf(t, e1, e2, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPBodyContains asserts that a specified handler returns a
+// body that contains a string.
+//
+//	assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPBodyContains(t, handler, method, url, values, str, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPBodyContainsf asserts that a specified handler returns a
+// body that contains a string.
+//
+//	assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPBodyContainsf(t, handler, method, url, values, str, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPBodyNotContains asserts that a specified handler returns a
+// body that does not contain a string.
+//
+//	assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPBodyNotContains(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPBodyNotContains(t, handler, method, url, values, str, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPBodyNotContainsf asserts that a specified handler returns a
+// body that does not contain a string.
+//
+//	assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPBodyNotContainsf(t, handler, method, url, values, str, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPError asserts that a specified handler returns an error status code.
+//
+//	assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPError(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPError(t, handler, method, url, values, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPErrorf asserts that a specified handler returns an error status code.
+//
+//	assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPErrorf(t, handler, method, url, values, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPRedirect asserts that a specified handler returns a redirect status code.
+//
+//	assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPRedirect(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPRedirect(t, handler, method, url, values, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPRedirectf asserts that a specified handler returns a redirect status code.
+//
+//	assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPRedirectf(t, handler, method, url, values, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPStatusCode asserts that a specified handler returns a specified status code.
+//
+//	assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501)
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPStatusCode(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPStatusCode(t, handler, method, url, values, statuscode, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPStatusCodef asserts that a specified handler returns a specified status code.
+//
+//	assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPStatusCodef(t, handler, method, url, values, statuscode, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPSuccess asserts that a specified handler returns a success status code.
+//
+//	assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil)
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPSuccess(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPSuccess(t, handler, method, url, values, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// HTTPSuccessf asserts that a specified handler returns a success status code.
+//
+//	assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.HTTPSuccessf(t, handler, method, url, values, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Implements asserts that an object is implemented by the specified interface.
+//
+//	assert.Implements(t, (*MyInterface)(nil), new(MyObject))
+func Implements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Implements(t, interfaceObject, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Implementsf asserts that an object is implemented by the specified interface.
+//
+//	assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
+func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Implementsf(t, interfaceObject, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InDelta asserts that the two numerals are within delta of each other.
+//
+//	assert.InDelta(t, math.Pi, 22/7.0, 0.01)
+func InDelta(t TestingT, expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InDelta(t, expected, actual, delta, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
+func InDeltaMapValues(t TestingT, expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InDeltaMapValues(t, expected, actual, delta, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
+func InDeltaMapValuesf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InDeltaMapValuesf(t, expected, actual, delta, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InDeltaSlice is the same as InDelta, except it compares two slices.
+func InDeltaSlice(t TestingT, expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InDeltaSlice(t, expected, actual, delta, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InDeltaSlicef is the same as InDelta, except it compares two slices.
+func InDeltaSlicef(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InDeltaSlicef(t, expected, actual, delta, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InDeltaf asserts that the two numerals are within delta of each other.
+//
+//	assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted")
+func InDeltaf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InDeltaf(t, expected, actual, delta, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InEpsilon asserts that expected and actual have a relative error less than epsilon
+func InEpsilon(t TestingT, expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InEpsilon(t, expected, actual, epsilon, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices.
+func InEpsilonSlice(t TestingT, expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InEpsilonSlice(t, expected, actual, epsilon, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices.
+func InEpsilonSlicef(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InEpsilonSlicef(t, expected, actual, epsilon, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// InEpsilonf asserts that expected and actual have a relative error less than epsilon
+func InEpsilonf(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.InEpsilonf(t, expected, actual, epsilon, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsDecreasing asserts that the collection is decreasing
+//
+//	assert.IsDecreasing(t, []int{2, 1, 0})
+//	assert.IsDecreasing(t, []float{2, 1})
+//	assert.IsDecreasing(t, []string{"b", "a"})
+func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsDecreasing(t, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsDecreasingf asserts that the collection is decreasing
+//
+//	assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted")
+//	assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted")
+//	assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted")
+func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsDecreasingf(t, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsIncreasing asserts that the collection is increasing
+//
+//	assert.IsIncreasing(t, []int{1, 2, 3})
+//	assert.IsIncreasing(t, []float{1, 2})
+//	assert.IsIncreasing(t, []string{"a", "b"})
+func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsIncreasing(t, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsIncreasingf asserts that the collection is increasing
+//
+//	assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted")
+//	assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted")
+//	assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted")
+func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsIncreasingf(t, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsNonDecreasing asserts that the collection is not decreasing
+//
+//	assert.IsNonDecreasing(t, []int{1, 1, 2})
+//	assert.IsNonDecreasing(t, []float{1, 2})
+//	assert.IsNonDecreasing(t, []string{"a", "b"})
+func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsNonDecreasing(t, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsNonDecreasingf asserts that the collection is not decreasing
+//
+//	assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted")
+//	assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted")
+//	assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted")
+func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsNonDecreasingf(t, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsNonIncreasing asserts that the collection is not increasing
+//
+//	assert.IsNonIncreasing(t, []int{2, 1, 1})
+//	assert.IsNonIncreasing(t, []float{2, 1})
+//	assert.IsNonIncreasing(t, []string{"b", "a"})
+func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsNonIncreasing(t, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsNonIncreasingf asserts that the collection is not increasing
+//
+//	assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted")
+//	assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted")
+//	assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted")
+func IsNonIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsNonIncreasingf(t, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsType asserts that the specified objects are of the same type.
+func IsType(t TestingT, expectedType interface{}, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsType(t, expectedType, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// IsTypef asserts that the specified objects are of the same type.
+func IsTypef(t TestingT, expectedType interface{}, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.IsTypef(t, expectedType, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// JSONEq asserts that two JSON strings are equivalent.
+//
+//	assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`)
+func JSONEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.JSONEq(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// JSONEqf asserts that two JSON strings are equivalent.
+//
+//	assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted")
+func JSONEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.JSONEqf(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Len asserts that the specified object has specific length.
+// Len also fails if the object has a type that len() not accept.
+//
+//	assert.Len(t, mySlice, 3)
+func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Len(t, object, length, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Lenf asserts that the specified object has specific length.
+// Lenf also fails if the object has a type that len() not accept.
+//
+//	assert.Lenf(t, mySlice, 3, "error message %s", "formatted")
+func Lenf(t TestingT, object interface{}, length int, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Lenf(t, object, length, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Less asserts that the first element is less than the second
+//
+//	assert.Less(t, 1, 2)
+//	assert.Less(t, float64(1), float64(2))
+//	assert.Less(t, "a", "b")
+func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Less(t, e1, e2, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// LessOrEqual asserts that the first element is less than or equal to the second
+//
+//	assert.LessOrEqual(t, 1, 2)
+//	assert.LessOrEqual(t, 2, 2)
+//	assert.LessOrEqual(t, "a", "b")
+//	assert.LessOrEqual(t, "b", "b")
+func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.LessOrEqual(t, e1, e2, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// LessOrEqualf asserts that the first element is less than or equal to the second
+//
+//	assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted")
+//	assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted")
+//	assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted")
+//	assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted")
+func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.LessOrEqualf(t, e1, e2, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Lessf asserts that the first element is less than the second
+//
+//	assert.Lessf(t, 1, 2, "error message %s", "formatted")
+//	assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted")
+//	assert.Lessf(t, "a", "b", "error message %s", "formatted")
+func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Lessf(t, e1, e2, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Negative asserts that the specified element is negative
+//
+//	assert.Negative(t, -1)
+//	assert.Negative(t, -1.23)
+func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Negative(t, e, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Negativef asserts that the specified element is negative
+//
+//	assert.Negativef(t, -1, "error message %s", "formatted")
+//	assert.Negativef(t, -1.23, "error message %s", "formatted")
+func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Negativef(t, e, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Never asserts that the given condition doesn't satisfy in waitFor time,
+// periodically checking the target function each tick.
+//
+//	assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond)
+func Never(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Never(t, condition, waitFor, tick, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Neverf asserts that the given condition doesn't satisfy in waitFor time,
+// periodically checking the target function each tick.
+//
+//	assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
+func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Neverf(t, condition, waitFor, tick, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Nil asserts that the specified object is nil.
+//
+//	assert.Nil(t, err)
+func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Nil(t, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Nilf asserts that the specified object is nil.
+//
+//	assert.Nilf(t, err, "error message %s", "formatted")
+func Nilf(t TestingT, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Nilf(t, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NoDirExists checks whether a directory does not exist in the given path.
+// It fails if the path points to an existing _directory_ only.
+func NoDirExists(t TestingT, path string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NoDirExists(t, path, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NoDirExistsf checks whether a directory does not exist in the given path.
+// It fails if the path points to an existing _directory_ only.
+func NoDirExistsf(t TestingT, path string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NoDirExistsf(t, path, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NoError asserts that a function returned no error (i.e. `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if assert.NoError(t, err) {
+//		   assert.Equal(t, expectedObj, actualObj)
+//	  }
+func NoError(t TestingT, err error, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NoError(t, err, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NoErrorf asserts that a function returned no error (i.e. `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if assert.NoErrorf(t, err, "error message %s", "formatted") {
+//		   assert.Equal(t, expectedObj, actualObj)
+//	  }
+func NoErrorf(t TestingT, err error, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NoErrorf(t, err, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NoFileExists checks whether a file does not exist in a given path. It fails
+// if the path points to an existing _file_ only.
+func NoFileExists(t TestingT, path string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NoFileExists(t, path, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NoFileExistsf checks whether a file does not exist in a given path. It fails
+// if the path points to an existing _file_ only.
+func NoFileExistsf(t TestingT, path string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NoFileExistsf(t, path, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the
+// specified substring or element.
+//
+//	assert.NotContains(t, "Hello World", "Earth")
+//	assert.NotContains(t, ["Hello", "World"], "Earth")
+//	assert.NotContains(t, {"Hello": "World"}, "Earth")
+func NotContains(t TestingT, s interface{}, contains interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotContains(t, s, contains, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the
+// specified substring or element.
+//
+//	assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted")
+//	assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted")
+//	assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted")
+func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotContainsf(t, s, contains, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotEmpty asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	if assert.NotEmpty(t, obj) {
+//	  assert.Equal(t, "two", obj[1])
+//	}
+func NotEmpty(t TestingT, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotEmpty(t, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotEmptyf asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	if assert.NotEmptyf(t, obj, "error message %s", "formatted") {
+//	  assert.Equal(t, "two", obj[1])
+//	}
+func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotEmptyf(t, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotEqual asserts that the specified values are NOT equal.
+//
+//	assert.NotEqual(t, obj1, obj2)
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses).
+func NotEqual(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotEqual(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotEqualValues asserts that two objects are not equal even when converted to the same type
+//
+//	assert.NotEqualValues(t, obj1, obj2)
+func NotEqualValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotEqualValues(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotEqualValuesf asserts that two objects are not equal even when converted to the same type
+//
+//	assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted")
+func NotEqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotEqualValuesf(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotEqualf asserts that the specified values are NOT equal.
+//
+//	assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted")
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses).
+func NotEqualf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotEqualf(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotErrorIs asserts that at none of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func NotErrorIs(t TestingT, err error, target error, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotErrorIs(t, err, target, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotErrorIsf asserts that at none of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func NotErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotErrorIsf(t, err, target, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotImplements asserts that an object does not implement the specified interface.
+//
+//	assert.NotImplements(t, (*MyInterface)(nil), new(MyObject))
+func NotImplements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotImplements(t, interfaceObject, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotImplementsf asserts that an object does not implement the specified interface.
+//
+//	assert.NotImplementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
+func NotImplementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotImplementsf(t, interfaceObject, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotNil asserts that the specified object is not nil.
+//
+//	assert.NotNil(t, err)
+func NotNil(t TestingT, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotNil(t, object, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotNilf asserts that the specified object is not nil.
+//
+//	assert.NotNilf(t, err, "error message %s", "formatted")
+func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotNilf(t, object, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic.
+//
+//	assert.NotPanics(t, func(){ RemainCalm() })
+func NotPanics(t TestingT, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotPanics(t, f, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic.
+//
+//	assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted")
+func NotPanicsf(t TestingT, f assert.PanicTestFunc, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotPanicsf(t, f, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotRegexp asserts that a specified regexp does not match a string.
+//
+//	assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting")
+//	assert.NotRegexp(t, "^start", "it's not starting")
+func NotRegexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotRegexp(t, rx, str, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotRegexpf asserts that a specified regexp does not match a string.
+//
+//	assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted")
+//	assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted")
+func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotRegexpf(t, rx, str, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotSame asserts that two pointers do not reference the same object.
+//
+//	assert.NotSame(t, ptr1, ptr2)
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func NotSame(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotSame(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotSamef asserts that two pointers do not reference the same object.
+//
+//	assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted")
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func NotSamef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotSamef(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotSubset asserts that the specified list(array, slice...) or map does NOT
+// contain all elements given in the specified subset list(array, slice...) or
+// map.
+//
+//	assert.NotSubset(t, [1, 3, 4], [1, 2])
+//	assert.NotSubset(t, {"x": 1, "y": 2}, {"z": 3})
+func NotSubset(t TestingT, list interface{}, subset interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotSubset(t, list, subset, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotSubsetf asserts that the specified list(array, slice...) or map does NOT
+// contain all elements given in the specified subset list(array, slice...) or
+// map.
+//
+//	assert.NotSubsetf(t, [1, 3, 4], [1, 2], "error message %s", "formatted")
+//	assert.NotSubsetf(t, {"x": 1, "y": 2}, {"z": 3}, "error message %s", "formatted")
+func NotSubsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotSubsetf(t, list, subset, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotZero asserts that i is not the zero value for its type.
+func NotZero(t TestingT, i interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotZero(t, i, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// NotZerof asserts that i is not the zero value for its type.
+func NotZerof(t TestingT, i interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.NotZerof(t, i, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Panics asserts that the code inside the specified PanicTestFunc panics.
+//
+//	assert.Panics(t, func(){ GoCrazy() })
+func Panics(t TestingT, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Panics(t, f, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// PanicsWithError asserts that the code inside the specified PanicTestFunc
+// panics, and that the recovered panic value is an error that satisfies the
+// EqualError comparison.
+//
+//	assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() })
+func PanicsWithError(t TestingT, errString string, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.PanicsWithError(t, errString, f, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc
+// panics, and that the recovered panic value is an error that satisfies the
+// EqualError comparison.
+//
+//	assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
+func PanicsWithErrorf(t TestingT, errString string, f assert.PanicTestFunc, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.PanicsWithErrorf(t, errString, f, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that
+// the recovered panic value equals the expected panic value.
+//
+//	assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() })
+func PanicsWithValue(t TestingT, expected interface{}, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.PanicsWithValue(t, expected, f, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that
+// the recovered panic value equals the expected panic value.
+//
+//	assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
+func PanicsWithValuef(t TestingT, expected interface{}, f assert.PanicTestFunc, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.PanicsWithValuef(t, expected, f, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Panicsf asserts that the code inside the specified PanicTestFunc panics.
+//
+//	assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted")
+func Panicsf(t TestingT, f assert.PanicTestFunc, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Panicsf(t, f, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Positive asserts that the specified element is positive
+//
+//	assert.Positive(t, 1)
+//	assert.Positive(t, 1.23)
+func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Positive(t, e, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Positivef asserts that the specified element is positive
+//
+//	assert.Positivef(t, 1, "error message %s", "formatted")
+//	assert.Positivef(t, 1.23, "error message %s", "formatted")
+func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Positivef(t, e, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Regexp asserts that a specified regexp matches a string.
+//
+//	assert.Regexp(t, regexp.MustCompile("start"), "it's starting")
+//	assert.Regexp(t, "start...$", "it's not starting")
+func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Regexp(t, rx, str, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Regexpf asserts that a specified regexp matches a string.
+//
+//	assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted")
+//	assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted")
+func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Regexpf(t, rx, str, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Same asserts that two pointers reference the same object.
+//
+//	assert.Same(t, ptr1, ptr2)
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func Same(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Same(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Samef asserts that two pointers reference the same object.
+//
+//	assert.Samef(t, ptr1, ptr2, "error message %s", "formatted")
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func Samef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Samef(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Subset asserts that the specified list(array, slice...) or map contains all
+// elements given in the specified subset list(array, slice...) or map.
+//
+//	assert.Subset(t, [1, 2, 3], [1, 2])
+//	assert.Subset(t, {"x": 1, "y": 2}, {"x": 1})
+func Subset(t TestingT, list interface{}, subset interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Subset(t, list, subset, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Subsetf asserts that the specified list(array, slice...) or map contains all
+// elements given in the specified subset list(array, slice...) or map.
+//
+//	assert.Subsetf(t, [1, 2, 3], [1, 2], "error message %s", "formatted")
+//	assert.Subsetf(t, {"x": 1, "y": 2}, {"x": 1}, "error message %s", "formatted")
+func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Subsetf(t, list, subset, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// True asserts that the specified value is true.
+//
+//	assert.True(t, myBool)
+func True(t TestingT, value bool, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.True(t, value, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Truef asserts that the specified value is true.
+//
+//	assert.Truef(t, myBool, "error message %s", "formatted")
+func Truef(t TestingT, value bool, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Truef(t, value, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// WithinDuration asserts that the two times are within duration delta of each other.
+//
+//	assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second)
+func WithinDuration(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.WithinDuration(t, expected, actual, delta, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// WithinDurationf asserts that the two times are within duration delta of each other.
+//
+//	assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted")
+func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.WithinDurationf(t, expected, actual, delta, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// WithinRange asserts that a time is within a time range (inclusive).
+//
+//	assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second))
+func WithinRange(t TestingT, actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.WithinRange(t, actual, start, end, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// WithinRangef asserts that a time is within a time range (inclusive).
+//
+//	assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted")
+func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.WithinRangef(t, actual, start, end, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// YAMLEq asserts that two YAML strings are equivalent.
+func YAMLEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.YAMLEq(t, expected, actual, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// YAMLEqf asserts that two YAML strings are equivalent.
+func YAMLEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.YAMLEqf(t, expected, actual, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Zero asserts that i is the zero value for its type.
+func Zero(t TestingT, i interface{}, msgAndArgs ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Zero(t, i, msgAndArgs...) {
+		return
+	}
+	t.FailNow()
+}
+
+// Zerof asserts that i is the zero value for its type.
+func Zerof(t TestingT, i interface{}, msg string, args ...interface{}) {
+	if h, ok := t.(tHelper); ok {
+		h.Helper()
+	}
+	if assert.Zerof(t, i, msg, args...) {
+		return
+	}
+	t.FailNow()
+}
diff --git a/server/vendor/github.com/stretchr/testify/require/require.go.tmpl b/server/vendor/github.com/stretchr/testify/require/require.go.tmpl
new file mode 100644
index 0000000..55e42dd
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/require/require.go.tmpl
@@ -0,0 +1,6 @@
+{{.Comment}}
+func {{.DocInfo.Name}}(t TestingT, {{.Params}}) {
+	if h, ok := t.(tHelper); ok { h.Helper() }
+	if assert.{{.DocInfo.Name}}(t, {{.ForwardedParams}}) { return }
+	t.FailNow()
+}
diff --git a/server/vendor/github.com/stretchr/testify/require/require_forward.go b/server/vendor/github.com/stretchr/testify/require/require_forward.go
new file mode 100644
index 0000000..eee8310
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/require/require_forward.go
@@ -0,0 +1,1622 @@
+// Code generated with github.com/stretchr/testify/_codegen; DO NOT EDIT.
+
+package require
+
+import (
+	assert "github.com/stretchr/testify/assert"
+	http "net/http"
+	url "net/url"
+	time "time"
+)
+
+// Condition uses a Comparison to assert a complex condition.
+func (a *Assertions) Condition(comp assert.Comparison, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Condition(a.t, comp, msgAndArgs...)
+}
+
+// Conditionf uses a Comparison to assert a complex condition.
+func (a *Assertions) Conditionf(comp assert.Comparison, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Conditionf(a.t, comp, msg, args...)
+}
+
+// Contains asserts that the specified string, list(array, slice...) or map contains the
+// specified substring or element.
+//
+//	a.Contains("Hello World", "World")
+//	a.Contains(["Hello", "World"], "World")
+//	a.Contains({"Hello": "World"}, "Hello")
+func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Contains(a.t, s, contains, msgAndArgs...)
+}
+
+// Containsf asserts that the specified string, list(array, slice...) or map contains the
+// specified substring or element.
+//
+//	a.Containsf("Hello World", "World", "error message %s", "formatted")
+//	a.Containsf(["Hello", "World"], "World", "error message %s", "formatted")
+//	a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted")
+func (a *Assertions) Containsf(s interface{}, contains interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Containsf(a.t, s, contains, msg, args...)
+}
+
+// DirExists checks whether a directory exists in the given path. It also fails
+// if the path is a file rather a directory or there is an error checking whether it exists.
+func (a *Assertions) DirExists(path string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	DirExists(a.t, path, msgAndArgs...)
+}
+
+// DirExistsf checks whether a directory exists in the given path. It also fails
+// if the path is a file rather a directory or there is an error checking whether it exists.
+func (a *Assertions) DirExistsf(path string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	DirExistsf(a.t, path, msg, args...)
+}
+
+// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified
+// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
+// the number of appearances of each of them in both lists should match.
+//
+// a.ElementsMatch([1, 3, 2, 3], [1, 3, 3, 2])
+func (a *Assertions) ElementsMatch(listA interface{}, listB interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	ElementsMatch(a.t, listA, listB, msgAndArgs...)
+}
+
+// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified
+// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
+// the number of appearances of each of them in both lists should match.
+//
+// a.ElementsMatchf([1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted")
+func (a *Assertions) ElementsMatchf(listA interface{}, listB interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	ElementsMatchf(a.t, listA, listB, msg, args...)
+}
+
+// Empty asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	a.Empty(obj)
+func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Empty(a.t, object, msgAndArgs...)
+}
+
+// Emptyf asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	a.Emptyf(obj, "error message %s", "formatted")
+func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Emptyf(a.t, object, msg, args...)
+}
+
+// Equal asserts that two objects are equal.
+//
+//	a.Equal(123, 123)
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses). Function equality
+// cannot be determined and will always fail.
+func (a *Assertions) Equal(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Equal(a.t, expected, actual, msgAndArgs...)
+}
+
+// EqualError asserts that a function returned an error (i.e. not `nil`)
+// and that it is equal to the provided error.
+//
+//	actualObj, err := SomeFunction()
+//	a.EqualError(err,  expectedErrorString)
+func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	EqualError(a.t, theError, errString, msgAndArgs...)
+}
+
+// EqualErrorf asserts that a function returned an error (i.e. not `nil`)
+// and that it is equal to the provided error.
+//
+//	actualObj, err := SomeFunction()
+//	a.EqualErrorf(err,  expectedErrorString, "error message %s", "formatted")
+func (a *Assertions) EqualErrorf(theError error, errString string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	EqualErrorf(a.t, theError, errString, msg, args...)
+}
+
+// EqualExportedValues asserts that the types of two objects are equal and their public
+// fields are also equal. This is useful for comparing structs that have private fields
+// that could potentially differ.
+//
+//	 type S struct {
+//		Exported     	int
+//		notExported   	int
+//	 }
+//	 a.EqualExportedValues(S{1, 2}, S{1, 3}) => true
+//	 a.EqualExportedValues(S{1, 2}, S{2, 3}) => false
+func (a *Assertions) EqualExportedValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	EqualExportedValues(a.t, expected, actual, msgAndArgs...)
+}
+
+// EqualExportedValuesf asserts that the types of two objects are equal and their public
+// fields are also equal. This is useful for comparing structs that have private fields
+// that could potentially differ.
+//
+//	 type S struct {
+//		Exported     	int
+//		notExported   	int
+//	 }
+//	 a.EqualExportedValuesf(S{1, 2}, S{1, 3}, "error message %s", "formatted") => true
+//	 a.EqualExportedValuesf(S{1, 2}, S{2, 3}, "error message %s", "formatted") => false
+func (a *Assertions) EqualExportedValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	EqualExportedValuesf(a.t, expected, actual, msg, args...)
+}
+
+// EqualValues asserts that two objects are equal or convertible to the same types
+// and equal.
+//
+//	a.EqualValues(uint32(123), int32(123))
+func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	EqualValues(a.t, expected, actual, msgAndArgs...)
+}
+
+// EqualValuesf asserts that two objects are equal or convertible to the same types
+// and equal.
+//
+//	a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted")
+func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	EqualValuesf(a.t, expected, actual, msg, args...)
+}
+
+// Equalf asserts that two objects are equal.
+//
+//	a.Equalf(123, 123, "error message %s", "formatted")
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses). Function equality
+// cannot be determined and will always fail.
+func (a *Assertions) Equalf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Equalf(a.t, expected, actual, msg, args...)
+}
+
+// Error asserts that a function returned an error (i.e. not `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if a.Error(err) {
+//		   assert.Equal(t, expectedError, err)
+//	  }
+func (a *Assertions) Error(err error, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Error(a.t, err, msgAndArgs...)
+}
+
+// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
+// This is a wrapper for errors.As.
+func (a *Assertions) ErrorAs(err error, target interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	ErrorAs(a.t, err, target, msgAndArgs...)
+}
+
+// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
+// This is a wrapper for errors.As.
+func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	ErrorAsf(a.t, err, target, msg, args...)
+}
+
+// ErrorContains asserts that a function returned an error (i.e. not `nil`)
+// and that the error contains the specified substring.
+//
+//	actualObj, err := SomeFunction()
+//	a.ErrorContains(err,  expectedErrorSubString)
+func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	ErrorContains(a.t, theError, contains, msgAndArgs...)
+}
+
+// ErrorContainsf asserts that a function returned an error (i.e. not `nil`)
+// and that the error contains the specified substring.
+//
+//	actualObj, err := SomeFunction()
+//	a.ErrorContainsf(err,  expectedErrorSubString, "error message %s", "formatted")
+func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	ErrorContainsf(a.t, theError, contains, msg, args...)
+}
+
+// ErrorIs asserts that at least one of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func (a *Assertions) ErrorIs(err error, target error, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	ErrorIs(a.t, err, target, msgAndArgs...)
+}
+
+// ErrorIsf asserts that at least one of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func (a *Assertions) ErrorIsf(err error, target error, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	ErrorIsf(a.t, err, target, msg, args...)
+}
+
+// Errorf asserts that a function returned an error (i.e. not `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if a.Errorf(err, "error message %s", "formatted") {
+//		   assert.Equal(t, expectedErrorf, err)
+//	  }
+func (a *Assertions) Errorf(err error, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Errorf(a.t, err, msg, args...)
+}
+
+// Eventually asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick.
+//
+//	a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond)
+func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Eventually(a.t, condition, waitFor, tick, msgAndArgs...)
+}
+
+// EventuallyWithT asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick. In contrast to Eventually,
+// it supplies a CollectT to the condition function, so that the condition
+// function can use the CollectT to call other assertions.
+// The condition is considered "met" if no errors are raised in a tick.
+// The supplied CollectT collects all errors from one tick (if there are any).
+// If the condition is not met before waitFor, the collected errors of
+// the last tick are copied to t.
+//
+//	externalValue := false
+//	go func() {
+//		time.Sleep(8*time.Second)
+//		externalValue = true
+//	}()
+//	a.EventuallyWithT(func(c *assert.CollectT) {
+//		// add assertions as needed; any assertion failure will fail the current tick
+//		assert.True(c, externalValue, "expected 'externalValue' to be true")
+//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
+func (a *Assertions) EventuallyWithT(condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	EventuallyWithT(a.t, condition, waitFor, tick, msgAndArgs...)
+}
+
+// EventuallyWithTf asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick. In contrast to Eventually,
+// it supplies a CollectT to the condition function, so that the condition
+// function can use the CollectT to call other assertions.
+// The condition is considered "met" if no errors are raised in a tick.
+// The supplied CollectT collects all errors from one tick (if there are any).
+// If the condition is not met before waitFor, the collected errors of
+// the last tick are copied to t.
+//
+//	externalValue := false
+//	go func() {
+//		time.Sleep(8*time.Second)
+//		externalValue = true
+//	}()
+//	a.EventuallyWithTf(func(c *assert.CollectT, "error message %s", "formatted") {
+//		// add assertions as needed; any assertion failure will fail the current tick
+//		assert.True(c, externalValue, "expected 'externalValue' to be true")
+//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
+func (a *Assertions) EventuallyWithTf(condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	EventuallyWithTf(a.t, condition, waitFor, tick, msg, args...)
+}
+
+// Eventuallyf asserts that given condition will be met in waitFor time,
+// periodically checking target function each tick.
+//
+//	a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
+func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Eventuallyf(a.t, condition, waitFor, tick, msg, args...)
+}
+
+// Exactly asserts that two objects are equal in value and type.
+//
+//	a.Exactly(int32(123), int64(123))
+func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Exactly(a.t, expected, actual, msgAndArgs...)
+}
+
+// Exactlyf asserts that two objects are equal in value and type.
+//
+//	a.Exactlyf(int32(123), int64(123), "error message %s", "formatted")
+func (a *Assertions) Exactlyf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Exactlyf(a.t, expected, actual, msg, args...)
+}
+
+// Fail reports a failure through
+func (a *Assertions) Fail(failureMessage string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Fail(a.t, failureMessage, msgAndArgs...)
+}
+
+// FailNow fails test
+func (a *Assertions) FailNow(failureMessage string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	FailNow(a.t, failureMessage, msgAndArgs...)
+}
+
+// FailNowf fails test
+func (a *Assertions) FailNowf(failureMessage string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	FailNowf(a.t, failureMessage, msg, args...)
+}
+
+// Failf reports a failure through
+func (a *Assertions) Failf(failureMessage string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Failf(a.t, failureMessage, msg, args...)
+}
+
+// False asserts that the specified value is false.
+//
+//	a.False(myBool)
+func (a *Assertions) False(value bool, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	False(a.t, value, msgAndArgs...)
+}
+
+// Falsef asserts that the specified value is false.
+//
+//	a.Falsef(myBool, "error message %s", "formatted")
+func (a *Assertions) Falsef(value bool, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Falsef(a.t, value, msg, args...)
+}
+
+// FileExists checks whether a file exists in the given path. It also fails if
+// the path points to a directory or there is an error when trying to check the file.
+func (a *Assertions) FileExists(path string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	FileExists(a.t, path, msgAndArgs...)
+}
+
+// FileExistsf checks whether a file exists in the given path. It also fails if
+// the path points to a directory or there is an error when trying to check the file.
+func (a *Assertions) FileExistsf(path string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	FileExistsf(a.t, path, msg, args...)
+}
+
+// Greater asserts that the first element is greater than the second
+//
+//	a.Greater(2, 1)
+//	a.Greater(float64(2), float64(1))
+//	a.Greater("b", "a")
+func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Greater(a.t, e1, e2, msgAndArgs...)
+}
+
+// GreaterOrEqual asserts that the first element is greater than or equal to the second
+//
+//	a.GreaterOrEqual(2, 1)
+//	a.GreaterOrEqual(2, 2)
+//	a.GreaterOrEqual("b", "a")
+//	a.GreaterOrEqual("b", "b")
+func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	GreaterOrEqual(a.t, e1, e2, msgAndArgs...)
+}
+
+// GreaterOrEqualf asserts that the first element is greater than or equal to the second
+//
+//	a.GreaterOrEqualf(2, 1, "error message %s", "formatted")
+//	a.GreaterOrEqualf(2, 2, "error message %s", "formatted")
+//	a.GreaterOrEqualf("b", "a", "error message %s", "formatted")
+//	a.GreaterOrEqualf("b", "b", "error message %s", "formatted")
+func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	GreaterOrEqualf(a.t, e1, e2, msg, args...)
+}
+
+// Greaterf asserts that the first element is greater than the second
+//
+//	a.Greaterf(2, 1, "error message %s", "formatted")
+//	a.Greaterf(float64(2), float64(1), "error message %s", "formatted")
+//	a.Greaterf("b", "a", "error message %s", "formatted")
+func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Greaterf(a.t, e1, e2, msg, args...)
+}
+
+// HTTPBodyContains asserts that a specified handler returns a
+// body that contains a string.
+//
+//	a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPBodyContains(a.t, handler, method, url, values, str, msgAndArgs...)
+}
+
+// HTTPBodyContainsf asserts that a specified handler returns a
+// body that contains a string.
+//
+//	a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPBodyContainsf(a.t, handler, method, url, values, str, msg, args...)
+}
+
+// HTTPBodyNotContains asserts that a specified handler returns a
+// body that does not contain a string.
+//
+//	a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPBodyNotContains(a.t, handler, method, url, values, str, msgAndArgs...)
+}
+
+// HTTPBodyNotContainsf asserts that a specified handler returns a
+// body that does not contain a string.
+//
+//	a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPBodyNotContainsf(a.t, handler, method, url, values, str, msg, args...)
+}
+
+// HTTPError asserts that a specified handler returns an error status code.
+//
+//	a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPError(a.t, handler, method, url, values, msgAndArgs...)
+}
+
+// HTTPErrorf asserts that a specified handler returns an error status code.
+//
+//	a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPErrorf(a.t, handler, method, url, values, msg, args...)
+}
+
+// HTTPRedirect asserts that a specified handler returns a redirect status code.
+//
+//	a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPRedirect(a.t, handler, method, url, values, msgAndArgs...)
+}
+
+// HTTPRedirectf asserts that a specified handler returns a redirect status code.
+//
+//	a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPRedirectf(a.t, handler, method, url, values, msg, args...)
+}
+
+// HTTPStatusCode asserts that a specified handler returns a specified status code.
+//
+//	a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501)
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPStatusCode(a.t, handler, method, url, values, statuscode, msgAndArgs...)
+}
+
+// HTTPStatusCodef asserts that a specified handler returns a specified status code.
+//
+//	a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPStatusCodef(a.t, handler, method, url, values, statuscode, msg, args...)
+}
+
+// HTTPSuccess asserts that a specified handler returns a success status code.
+//
+//	a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil)
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPSuccess(a.t, handler, method, url, values, msgAndArgs...)
+}
+
+// HTTPSuccessf asserts that a specified handler returns a success status code.
+//
+//	a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted")
+//
+// Returns whether the assertion was successful (true) or not (false).
+func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	HTTPSuccessf(a.t, handler, method, url, values, msg, args...)
+}
+
+// Implements asserts that an object is implemented by the specified interface.
+//
+//	a.Implements((*MyInterface)(nil), new(MyObject))
+func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Implements(a.t, interfaceObject, object, msgAndArgs...)
+}
+
+// Implementsf asserts that an object is implemented by the specified interface.
+//
+//	a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
+func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Implementsf(a.t, interfaceObject, object, msg, args...)
+}
+
+// InDelta asserts that the two numerals are within delta of each other.
+//
+//	a.InDelta(math.Pi, 22/7.0, 0.01)
+func (a *Assertions) InDelta(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InDelta(a.t, expected, actual, delta, msgAndArgs...)
+}
+
+// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
+func (a *Assertions) InDeltaMapValues(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InDeltaMapValues(a.t, expected, actual, delta, msgAndArgs...)
+}
+
+// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
+func (a *Assertions) InDeltaMapValuesf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InDeltaMapValuesf(a.t, expected, actual, delta, msg, args...)
+}
+
+// InDeltaSlice is the same as InDelta, except it compares two slices.
+func (a *Assertions) InDeltaSlice(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InDeltaSlice(a.t, expected, actual, delta, msgAndArgs...)
+}
+
+// InDeltaSlicef is the same as InDelta, except it compares two slices.
+func (a *Assertions) InDeltaSlicef(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InDeltaSlicef(a.t, expected, actual, delta, msg, args...)
+}
+
+// InDeltaf asserts that the two numerals are within delta of each other.
+//
+//	a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted")
+func (a *Assertions) InDeltaf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InDeltaf(a.t, expected, actual, delta, msg, args...)
+}
+
+// InEpsilon asserts that expected and actual have a relative error less than epsilon
+func (a *Assertions) InEpsilon(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InEpsilon(a.t, expected, actual, epsilon, msgAndArgs...)
+}
+
+// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices.
+func (a *Assertions) InEpsilonSlice(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InEpsilonSlice(a.t, expected, actual, epsilon, msgAndArgs...)
+}
+
+// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices.
+func (a *Assertions) InEpsilonSlicef(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InEpsilonSlicef(a.t, expected, actual, epsilon, msg, args...)
+}
+
+// InEpsilonf asserts that expected and actual have a relative error less than epsilon
+func (a *Assertions) InEpsilonf(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	InEpsilonf(a.t, expected, actual, epsilon, msg, args...)
+}
+
+// IsDecreasing asserts that the collection is decreasing
+//
+//	a.IsDecreasing([]int{2, 1, 0})
+//	a.IsDecreasing([]float{2, 1})
+//	a.IsDecreasing([]string{"b", "a"})
+func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsDecreasing(a.t, object, msgAndArgs...)
+}
+
+// IsDecreasingf asserts that the collection is decreasing
+//
+//	a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted")
+//	a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted")
+//	a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted")
+func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsDecreasingf(a.t, object, msg, args...)
+}
+
+// IsIncreasing asserts that the collection is increasing
+//
+//	a.IsIncreasing([]int{1, 2, 3})
+//	a.IsIncreasing([]float{1, 2})
+//	a.IsIncreasing([]string{"a", "b"})
+func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsIncreasing(a.t, object, msgAndArgs...)
+}
+
+// IsIncreasingf asserts that the collection is increasing
+//
+//	a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted")
+//	a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted")
+//	a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted")
+func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsIncreasingf(a.t, object, msg, args...)
+}
+
+// IsNonDecreasing asserts that the collection is not decreasing
+//
+//	a.IsNonDecreasing([]int{1, 1, 2})
+//	a.IsNonDecreasing([]float{1, 2})
+//	a.IsNonDecreasing([]string{"a", "b"})
+func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsNonDecreasing(a.t, object, msgAndArgs...)
+}
+
+// IsNonDecreasingf asserts that the collection is not decreasing
+//
+//	a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted")
+//	a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted")
+//	a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted")
+func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsNonDecreasingf(a.t, object, msg, args...)
+}
+
+// IsNonIncreasing asserts that the collection is not increasing
+//
+//	a.IsNonIncreasing([]int{2, 1, 1})
+//	a.IsNonIncreasing([]float{2, 1})
+//	a.IsNonIncreasing([]string{"b", "a"})
+func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsNonIncreasing(a.t, object, msgAndArgs...)
+}
+
+// IsNonIncreasingf asserts that the collection is not increasing
+//
+//	a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted")
+//	a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted")
+//	a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted")
+func (a *Assertions) IsNonIncreasingf(object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsNonIncreasingf(a.t, object, msg, args...)
+}
+
+// IsType asserts that the specified objects are of the same type.
+func (a *Assertions) IsType(expectedType interface{}, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsType(a.t, expectedType, object, msgAndArgs...)
+}
+
+// IsTypef asserts that the specified objects are of the same type.
+func (a *Assertions) IsTypef(expectedType interface{}, object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	IsTypef(a.t, expectedType, object, msg, args...)
+}
+
+// JSONEq asserts that two JSON strings are equivalent.
+//
+//	a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`)
+func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	JSONEq(a.t, expected, actual, msgAndArgs...)
+}
+
+// JSONEqf asserts that two JSON strings are equivalent.
+//
+//	a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted")
+func (a *Assertions) JSONEqf(expected string, actual string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	JSONEqf(a.t, expected, actual, msg, args...)
+}
+
+// Len asserts that the specified object has specific length.
+// Len also fails if the object has a type that len() not accept.
+//
+//	a.Len(mySlice, 3)
+func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Len(a.t, object, length, msgAndArgs...)
+}
+
+// Lenf asserts that the specified object has specific length.
+// Lenf also fails if the object has a type that len() not accept.
+//
+//	a.Lenf(mySlice, 3, "error message %s", "formatted")
+func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Lenf(a.t, object, length, msg, args...)
+}
+
+// Less asserts that the first element is less than the second
+//
+//	a.Less(1, 2)
+//	a.Less(float64(1), float64(2))
+//	a.Less("a", "b")
+func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Less(a.t, e1, e2, msgAndArgs...)
+}
+
+// LessOrEqual asserts that the first element is less than or equal to the second
+//
+//	a.LessOrEqual(1, 2)
+//	a.LessOrEqual(2, 2)
+//	a.LessOrEqual("a", "b")
+//	a.LessOrEqual("b", "b")
+func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	LessOrEqual(a.t, e1, e2, msgAndArgs...)
+}
+
+// LessOrEqualf asserts that the first element is less than or equal to the second
+//
+//	a.LessOrEqualf(1, 2, "error message %s", "formatted")
+//	a.LessOrEqualf(2, 2, "error message %s", "formatted")
+//	a.LessOrEqualf("a", "b", "error message %s", "formatted")
+//	a.LessOrEqualf("b", "b", "error message %s", "formatted")
+func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	LessOrEqualf(a.t, e1, e2, msg, args...)
+}
+
+// Lessf asserts that the first element is less than the second
+//
+//	a.Lessf(1, 2, "error message %s", "formatted")
+//	a.Lessf(float64(1), float64(2), "error message %s", "formatted")
+//	a.Lessf("a", "b", "error message %s", "formatted")
+func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Lessf(a.t, e1, e2, msg, args...)
+}
+
+// Negative asserts that the specified element is negative
+//
+//	a.Negative(-1)
+//	a.Negative(-1.23)
+func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Negative(a.t, e, msgAndArgs...)
+}
+
+// Negativef asserts that the specified element is negative
+//
+//	a.Negativef(-1, "error message %s", "formatted")
+//	a.Negativef(-1.23, "error message %s", "formatted")
+func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Negativef(a.t, e, msg, args...)
+}
+
+// Never asserts that the given condition doesn't satisfy in waitFor time,
+// periodically checking the target function each tick.
+//
+//	a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond)
+func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Never(a.t, condition, waitFor, tick, msgAndArgs...)
+}
+
+// Neverf asserts that the given condition doesn't satisfy in waitFor time,
+// periodically checking the target function each tick.
+//
+//	a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
+func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Neverf(a.t, condition, waitFor, tick, msg, args...)
+}
+
+// Nil asserts that the specified object is nil.
+//
+//	a.Nil(err)
+func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Nil(a.t, object, msgAndArgs...)
+}
+
+// Nilf asserts that the specified object is nil.
+//
+//	a.Nilf(err, "error message %s", "formatted")
+func (a *Assertions) Nilf(object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Nilf(a.t, object, msg, args...)
+}
+
+// NoDirExists checks whether a directory does not exist in the given path.
+// It fails if the path points to an existing _directory_ only.
+func (a *Assertions) NoDirExists(path string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NoDirExists(a.t, path, msgAndArgs...)
+}
+
+// NoDirExistsf checks whether a directory does not exist in the given path.
+// It fails if the path points to an existing _directory_ only.
+func (a *Assertions) NoDirExistsf(path string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NoDirExistsf(a.t, path, msg, args...)
+}
+
+// NoError asserts that a function returned no error (i.e. `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if a.NoError(err) {
+//		   assert.Equal(t, expectedObj, actualObj)
+//	  }
+func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NoError(a.t, err, msgAndArgs...)
+}
+
+// NoErrorf asserts that a function returned no error (i.e. `nil`).
+//
+//	  actualObj, err := SomeFunction()
+//	  if a.NoErrorf(err, "error message %s", "formatted") {
+//		   assert.Equal(t, expectedObj, actualObj)
+//	  }
+func (a *Assertions) NoErrorf(err error, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NoErrorf(a.t, err, msg, args...)
+}
+
+// NoFileExists checks whether a file does not exist in a given path. It fails
+// if the path points to an existing _file_ only.
+func (a *Assertions) NoFileExists(path string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NoFileExists(a.t, path, msgAndArgs...)
+}
+
+// NoFileExistsf checks whether a file does not exist in a given path. It fails
+// if the path points to an existing _file_ only.
+func (a *Assertions) NoFileExistsf(path string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NoFileExistsf(a.t, path, msg, args...)
+}
+
+// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the
+// specified substring or element.
+//
+//	a.NotContains("Hello World", "Earth")
+//	a.NotContains(["Hello", "World"], "Earth")
+//	a.NotContains({"Hello": "World"}, "Earth")
+func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotContains(a.t, s, contains, msgAndArgs...)
+}
+
+// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the
+// specified substring or element.
+//
+//	a.NotContainsf("Hello World", "Earth", "error message %s", "formatted")
+//	a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted")
+//	a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted")
+func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotContainsf(a.t, s, contains, msg, args...)
+}
+
+// NotEmpty asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	if a.NotEmpty(obj) {
+//	  assert.Equal(t, "two", obj[1])
+//	}
+func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotEmpty(a.t, object, msgAndArgs...)
+}
+
+// NotEmptyf asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
+// a slice or a channel with len == 0.
+//
+//	if a.NotEmptyf(obj, "error message %s", "formatted") {
+//	  assert.Equal(t, "two", obj[1])
+//	}
+func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotEmptyf(a.t, object, msg, args...)
+}
+
+// NotEqual asserts that the specified values are NOT equal.
+//
+//	a.NotEqual(obj1, obj2)
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses).
+func (a *Assertions) NotEqual(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotEqual(a.t, expected, actual, msgAndArgs...)
+}
+
+// NotEqualValues asserts that two objects are not equal even when converted to the same type
+//
+//	a.NotEqualValues(obj1, obj2)
+func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotEqualValues(a.t, expected, actual, msgAndArgs...)
+}
+
+// NotEqualValuesf asserts that two objects are not equal even when converted to the same type
+//
+//	a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted")
+func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotEqualValuesf(a.t, expected, actual, msg, args...)
+}
+
+// NotEqualf asserts that the specified values are NOT equal.
+//
+//	a.NotEqualf(obj1, obj2, "error message %s", "formatted")
+//
+// Pointer variable equality is determined based on the equality of the
+// referenced values (as opposed to the memory addresses).
+func (a *Assertions) NotEqualf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotEqualf(a.t, expected, actual, msg, args...)
+}
+
+// NotErrorIs asserts that at none of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func (a *Assertions) NotErrorIs(err error, target error, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotErrorIs(a.t, err, target, msgAndArgs...)
+}
+
+// NotErrorIsf asserts that at none of the errors in err's chain matches target.
+// This is a wrapper for errors.Is.
+func (a *Assertions) NotErrorIsf(err error, target error, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotErrorIsf(a.t, err, target, msg, args...)
+}
+
+// NotImplements asserts that an object does not implement the specified interface.
+//
+//	a.NotImplements((*MyInterface)(nil), new(MyObject))
+func (a *Assertions) NotImplements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotImplements(a.t, interfaceObject, object, msgAndArgs...)
+}
+
+// NotImplementsf asserts that an object does not implement the specified interface.
+//
+//	a.NotImplementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
+func (a *Assertions) NotImplementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotImplementsf(a.t, interfaceObject, object, msg, args...)
+}
+
+// NotNil asserts that the specified object is not nil.
+//
+//	a.NotNil(err)
+func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotNil(a.t, object, msgAndArgs...)
+}
+
+// NotNilf asserts that the specified object is not nil.
+//
+//	a.NotNilf(err, "error message %s", "formatted")
+func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotNilf(a.t, object, msg, args...)
+}
+
+// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic.
+//
+//	a.NotPanics(func(){ RemainCalm() })
+func (a *Assertions) NotPanics(f assert.PanicTestFunc, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotPanics(a.t, f, msgAndArgs...)
+}
+
+// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic.
+//
+//	a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted")
+func (a *Assertions) NotPanicsf(f assert.PanicTestFunc, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotPanicsf(a.t, f, msg, args...)
+}
+
+// NotRegexp asserts that a specified regexp does not match a string.
+//
+//	a.NotRegexp(regexp.MustCompile("starts"), "it's starting")
+//	a.NotRegexp("^start", "it's not starting")
+func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotRegexp(a.t, rx, str, msgAndArgs...)
+}
+
+// NotRegexpf asserts that a specified regexp does not match a string.
+//
+//	a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted")
+//	a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted")
+func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotRegexpf(a.t, rx, str, msg, args...)
+}
+
+// NotSame asserts that two pointers do not reference the same object.
+//
+//	a.NotSame(ptr1, ptr2)
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func (a *Assertions) NotSame(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotSame(a.t, expected, actual, msgAndArgs...)
+}
+
+// NotSamef asserts that two pointers do not reference the same object.
+//
+//	a.NotSamef(ptr1, ptr2, "error message %s", "formatted")
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func (a *Assertions) NotSamef(expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotSamef(a.t, expected, actual, msg, args...)
+}
+
+// NotSubset asserts that the specified list(array, slice...) or map does NOT
+// contain all elements given in the specified subset list(array, slice...) or
+// map.
+//
+//	a.NotSubset([1, 3, 4], [1, 2])
+//	a.NotSubset({"x": 1, "y": 2}, {"z": 3})
+func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotSubset(a.t, list, subset, msgAndArgs...)
+}
+
+// NotSubsetf asserts that the specified list(array, slice...) or map does NOT
+// contain all elements given in the specified subset list(array, slice...) or
+// map.
+//
+//	a.NotSubsetf([1, 3, 4], [1, 2], "error message %s", "formatted")
+//	a.NotSubsetf({"x": 1, "y": 2}, {"z": 3}, "error message %s", "formatted")
+func (a *Assertions) NotSubsetf(list interface{}, subset interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotSubsetf(a.t, list, subset, msg, args...)
+}
+
+// NotZero asserts that i is not the zero value for its type.
+func (a *Assertions) NotZero(i interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotZero(a.t, i, msgAndArgs...)
+}
+
+// NotZerof asserts that i is not the zero value for its type.
+func (a *Assertions) NotZerof(i interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	NotZerof(a.t, i, msg, args...)
+}
+
+// Panics asserts that the code inside the specified PanicTestFunc panics.
+//
+//	a.Panics(func(){ GoCrazy() })
+func (a *Assertions) Panics(f assert.PanicTestFunc, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Panics(a.t, f, msgAndArgs...)
+}
+
+// PanicsWithError asserts that the code inside the specified PanicTestFunc
+// panics, and that the recovered panic value is an error that satisfies the
+// EqualError comparison.
+//
+//	a.PanicsWithError("crazy error", func(){ GoCrazy() })
+func (a *Assertions) PanicsWithError(errString string, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	PanicsWithError(a.t, errString, f, msgAndArgs...)
+}
+
+// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc
+// panics, and that the recovered panic value is an error that satisfies the
+// EqualError comparison.
+//
+//	a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
+func (a *Assertions) PanicsWithErrorf(errString string, f assert.PanicTestFunc, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	PanicsWithErrorf(a.t, errString, f, msg, args...)
+}
+
+// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that
+// the recovered panic value equals the expected panic value.
+//
+//	a.PanicsWithValue("crazy error", func(){ GoCrazy() })
+func (a *Assertions) PanicsWithValue(expected interface{}, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	PanicsWithValue(a.t, expected, f, msgAndArgs...)
+}
+
+// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that
+// the recovered panic value equals the expected panic value.
+//
+//	a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
+func (a *Assertions) PanicsWithValuef(expected interface{}, f assert.PanicTestFunc, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	PanicsWithValuef(a.t, expected, f, msg, args...)
+}
+
+// Panicsf asserts that the code inside the specified PanicTestFunc panics.
+//
+//	a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted")
+func (a *Assertions) Panicsf(f assert.PanicTestFunc, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Panicsf(a.t, f, msg, args...)
+}
+
+// Positive asserts that the specified element is positive
+//
+//	a.Positive(1)
+//	a.Positive(1.23)
+func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Positive(a.t, e, msgAndArgs...)
+}
+
+// Positivef asserts that the specified element is positive
+//
+//	a.Positivef(1, "error message %s", "formatted")
+//	a.Positivef(1.23, "error message %s", "formatted")
+func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Positivef(a.t, e, msg, args...)
+}
+
+// Regexp asserts that a specified regexp matches a string.
+//
+//	a.Regexp(regexp.MustCompile("start"), "it's starting")
+//	a.Regexp("start...$", "it's not starting")
+func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Regexp(a.t, rx, str, msgAndArgs...)
+}
+
+// Regexpf asserts that a specified regexp matches a string.
+//
+//	a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted")
+//	a.Regexpf("start...$", "it's not starting", "error message %s", "formatted")
+func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Regexpf(a.t, rx, str, msg, args...)
+}
+
+// Same asserts that two pointers reference the same object.
+//
+//	a.Same(ptr1, ptr2)
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func (a *Assertions) Same(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Same(a.t, expected, actual, msgAndArgs...)
+}
+
+// Samef asserts that two pointers reference the same object.
+//
+//	a.Samef(ptr1, ptr2, "error message %s", "formatted")
+//
+// Both arguments must be pointer variables. Pointer variable sameness is
+// determined based on the equality of both type and value.
+func (a *Assertions) Samef(expected interface{}, actual interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Samef(a.t, expected, actual, msg, args...)
+}
+
+// Subset asserts that the specified list(array, slice...) or map contains all
+// elements given in the specified subset list(array, slice...) or map.
+//
+//	a.Subset([1, 2, 3], [1, 2])
+//	a.Subset({"x": 1, "y": 2}, {"x": 1})
+func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Subset(a.t, list, subset, msgAndArgs...)
+}
+
+// Subsetf asserts that the specified list(array, slice...) or map contains all
+// elements given in the specified subset list(array, slice...) or map.
+//
+//	a.Subsetf([1, 2, 3], [1, 2], "error message %s", "formatted")
+//	a.Subsetf({"x": 1, "y": 2}, {"x": 1}, "error message %s", "formatted")
+func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Subsetf(a.t, list, subset, msg, args...)
+}
+
+// True asserts that the specified value is true.
+//
+//	a.True(myBool)
+func (a *Assertions) True(value bool, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	True(a.t, value, msgAndArgs...)
+}
+
+// Truef asserts that the specified value is true.
+//
+//	a.Truef(myBool, "error message %s", "formatted")
+func (a *Assertions) Truef(value bool, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Truef(a.t, value, msg, args...)
+}
+
+// WithinDuration asserts that the two times are within duration delta of each other.
+//
+//	a.WithinDuration(time.Now(), time.Now(), 10*time.Second)
+func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	WithinDuration(a.t, expected, actual, delta, msgAndArgs...)
+}
+
+// WithinDurationf asserts that the two times are within duration delta of each other.
+//
+//	a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted")
+func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	WithinDurationf(a.t, expected, actual, delta, msg, args...)
+}
+
+// WithinRange asserts that a time is within a time range (inclusive).
+//
+//	a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second))
+func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	WithinRange(a.t, actual, start, end, msgAndArgs...)
+}
+
+// WithinRangef asserts that a time is within a time range (inclusive).
+//
+//	a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted")
+func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	WithinRangef(a.t, actual, start, end, msg, args...)
+}
+
+// YAMLEq asserts that two YAML strings are equivalent.
+func (a *Assertions) YAMLEq(expected string, actual string, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	YAMLEq(a.t, expected, actual, msgAndArgs...)
+}
+
+// YAMLEqf asserts that two YAML strings are equivalent.
+func (a *Assertions) YAMLEqf(expected string, actual string, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	YAMLEqf(a.t, expected, actual, msg, args...)
+}
+
+// Zero asserts that i is the zero value for its type.
+func (a *Assertions) Zero(i interface{}, msgAndArgs ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Zero(a.t, i, msgAndArgs...)
+}
+
+// Zerof asserts that i is the zero value for its type.
+func (a *Assertions) Zerof(i interface{}, msg string, args ...interface{}) {
+	if h, ok := a.t.(tHelper); ok {
+		h.Helper()
+	}
+	Zerof(a.t, i, msg, args...)
+}
diff --git a/server/vendor/github.com/stretchr/testify/require/require_forward.go.tmpl b/server/vendor/github.com/stretchr/testify/require/require_forward.go.tmpl
new file mode 100644
index 0000000..54124df
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/require/require_forward.go.tmpl
@@ -0,0 +1,5 @@
+{{.CommentWithoutT "a"}}
+func (a *Assertions) {{.DocInfo.Name}}({{.Params}}) {
+	if h, ok := a.t.(tHelper); ok { h.Helper() }
+	{{.DocInfo.Name}}(a.t, {{.ForwardedParams}})
+}
diff --git a/server/vendor/github.com/stretchr/testify/require/requirements.go b/server/vendor/github.com/stretchr/testify/require/requirements.go
new file mode 100644
index 0000000..91772df
--- /dev/null
+++ b/server/vendor/github.com/stretchr/testify/require/requirements.go
@@ -0,0 +1,29 @@
+package require
+
+// TestingT is an interface wrapper around *testing.T
+type TestingT interface {
+	Errorf(format string, args ...interface{})
+	FailNow()
+}
+
+type tHelper interface {
+	Helper()
+}
+
+// ComparisonAssertionFunc is a common function prototype when comparing two values.  Can be useful
+// for table driven tests.
+type ComparisonAssertionFunc func(TestingT, interface{}, interface{}, ...interface{})
+
+// ValueAssertionFunc is a common function prototype when validating a single value.  Can be useful
+// for table driven tests.
+type ValueAssertionFunc func(TestingT, interface{}, ...interface{})
+
+// BoolAssertionFunc is a common function prototype when validating a bool value.  Can be useful
+// for table driven tests.
+type BoolAssertionFunc func(TestingT, bool, ...interface{})
+
+// ErrorAssertionFunc is a common function prototype when validating an error value.  Can be useful
+// for table driven tests.
+type ErrorAssertionFunc func(TestingT, error, ...interface{})
+
+//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=require -template=require.go.tmpl -include-format-funcs"
diff --git a/server/vendor/github.com/wlynxg/anet/.gitignore b/server/vendor/github.com/wlynxg/anet/.gitignore
new file mode 100644
index 0000000..723ef36
--- /dev/null
+++ b/server/vendor/github.com/wlynxg/anet/.gitignore
@@ -0,0 +1 @@
+.idea
\ No newline at end of file
diff --git a/server/vendor/github.com/wlynxg/anet/LICENSE b/server/vendor/github.com/wlynxg/anet/LICENSE
new file mode 100644
index 0000000..db6fa36
--- /dev/null
+++ b/server/vendor/github.com/wlynxg/anet/LICENSE
@@ -0,0 +1,28 @@
+BSD 3-Clause License
+
+Copyright (c) 2023, wlynxg
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/server/vendor/github.com/wlynxg/anet/README.md b/server/vendor/github.com/wlynxg/anet/README.md
new file mode 100644
index 0000000..d437a42
--- /dev/null
+++ b/server/vendor/github.com/wlynxg/anet/README.md
@@ -0,0 +1,119 @@
+## Introduction
+In response to the modifications made to the permissions for accessing system MAC addresses in Android 11, ordinary applications encounter several main issues when using NETLINK sockets:
+
+- Not allowing bind operations on `NETLINK` sockets.
+- Not permitting the use of the `RTM_GETLINK` functionality.
+
+For detailed information, please refer to: https://developer.android.com/training/articles/user-data-ids#mac-11-plus
+
+As a result of the aforementioned reasons, using `net.Interfaces()` and `net.InterfaceAddrs()` from the Go net package in the Android environment leads to the `route ip+net: netlinkrib: permission denied` error. 
+
+You can find specific issue details here: https://github.com/golang/go/issues/40569
+
+To address the issue of using the Go net package in the Android environment, we have made partial modifications to its source code to ensure proper functionality on Android. 
+
+I have fully resolved the issues with `net.InterfaceAddrs()`. 
+
+However, for `net.Interfaces()`, we have only addressed some problems, as the following issues still remain:
+- It can only return interfaces with IP addresses.
+- It cannot return hardware MAC addresses.
+
+Nevertheless, the fixed `net.Interfaces()` function now aligns with the Android API's `NetworkInterface.getNetworkInterfaces()` and can be used normally in most scenarios.
+
+The specific fix logic includes:
+
+Removing the `Bind()` operation on `Netlink` sockets in the `NetlinkRIB()` function.
+Using `ioctl` based on the Index number returned by `RTM_GETADDR` to retrieve the network card's name, MTU, and flags.
+
+
+
+
+
+## Test Code
+### net.Interface()
+use `net.Interface()`:
+```go
+func RawInterface() {
+	interfaces, err := net.Interfaces()
+	if err != nil {
+		panic(err)
+	}
+
+	for _, i := range interfaces {
+		log.Println(i)
+	}
+}
+```
+result:
+```
+panic: route ip+net: netlinkrib: permission denied
+```
+
+use `anet.Interface()`:
+```go
+func AnetInterface() {
+	interfaces, err := anet.Interfaces()
+	if err != nil {
+		panic(err)
+	}
+
+	for _, i := range interfaces {
+		log.Println(i)
+	}
+}
+```
+
+result:
+```
+{1 65536 lo  up|loopback|running}
+{15 1400 rmnet_data1  up|running}
+{24 1500 wlan0  up|broadcast|multicast|running}
+{3 1500 dummy0  up|broadcast|running}
+{4 1500 ifb0  up|broadcast|running}
+{5 1500 ifb1  up|broadcast|running}
+{12 1500 ifb2  up|broadcast|running}
+{14 1500 rmnet_data0  up|running}
+{16 1400 rmnet_data2  up|running}
+{17 1400 rmnet_data3  up|running}
+```
+
+### net.InterfaceAddrs()
+use `net.InterfaceAddrs()`:
+```go
+func NetInterfaceAddrs() {
+	addrs, err := net.InterfaceAddrs()
+	if err != nil {
+		panic(err)
+	}
+
+	for _, addr := range addrs {
+		log.Println(addr)
+	}
+}
+```
+result: 
+```
+panic: route ip+net: netlinkrib: permission denied
+```
+
+use `anet.InterfaceAddrs()`:
+```go
+func AnetInterfaceAddrs() {
+	addrs, err := anet.InterfaceAddrs()
+	if err != nil {
+		panic(err)
+	}
+
+	for _, addr := range addrs {
+		log.Println(addr)
+	}
+}
+```
+result:
+```
+127.0.0.1/8
+::1/128
+...
+192.168.6.143/24
+fe80::7e4f:4446:eb3:1eb8/64
+```
\ No newline at end of file
diff --git a/server/vendor/github.com/wlynxg/anet/README_zh.md b/server/vendor/github.com/wlynxg/anet/README_zh.md
new file mode 100644
index 0000000..20b6629
--- /dev/null
+++ b/server/vendor/github.com/wlynxg/anet/README_zh.md
@@ -0,0 +1,22 @@
+针对Android 11之后对访问系统MAC地址的权限进行了修改的问题，导致普通应用在调用`NETLINK`套接字时会遇到以下几个主要问题：
+- 不允许对`NETLINK`套接字进行`bind`操作。
+- 不允许调用`RTM_GETLINK`功能。
+
+详细说明可以在此链接找到：https://developer.android.com/training/articles/user-data-ids#mac-11-plus
+
+由于上述两个原因，导致在安卓环境下使用Go net包中的`net.Interfaces()`和`net.InterfaceAddrs()`时会抛出`route ip+net: netlinkrib: permission denied`错误。
+具体 issue 可见：https://github.com/golang/go/issues/40569
+
+为了解决在安卓环境下使用Go net包的问题，我们对其源代码进行了部分改造，以使其能够在Android上正常工作。
+
+对于`net.InterfaceAddrs()`，我已经完全解决了其中的问题；
+对于`net.Interfaces()`，我只解决了部分问题，目前仍存在以下问题：
+- 只能返回具有IP地址的接口。
+- 不能返回硬件的MAC地址。
+
+但是修复后的`net.Interfaces()`函数现在与Android API的`NetworkInterface.getNetworkInterfaces()`保持一致，在大多数情况下可正常使用。
+
+具体修复逻辑包括：
+
+- 取消了`NetlinkRIB()`函数中对`Netlink`套接字的`Bind()`操作。
+- 根据`RTM_GETADDR`返回的Index号，使用`ioctl`获取其网卡的名称、MTU和标志位。
\ No newline at end of file
diff --git a/server/vendor/github.com/wlynxg/anet/interface.go b/server/vendor/github.com/wlynxg/anet/interface.go
new file mode 100644
index 0000000..384f29c
--- /dev/null
+++ b/server/vendor/github.com/wlynxg/anet/interface.go
@@ -0,0 +1,30 @@
+//go:build !android
+// +build !android
+
+package anet
+
+import (
+	"net"
+)
+
+// Interfaces returns a list of the system's network interfaces.
+func Interfaces() ([]net.Interface, error) {
+	return net.Interfaces()
+}
+
+// InterfaceAddrs returns a list of the system's unicast interface
+// addresses.
+//
+// The returned list does not identify the associated interface; use
+// Interfaces and Interface.Addrs for more detail.
+func InterfaceAddrs() ([]net.Addr, error) {
+	return net.InterfaceAddrs()
+}
+
+// InterfaceAddrsByInterface returns a list of the system's unicast
+// interface addresses by specific interface.
+func InterfaceAddrsByInterface(ifi *net.Interface) ([]net.Addr, error) {
+	return ifi.Addrs()
+}
+
+func SetAndroidVersion(version uint) {}
diff --git a/server/vendor/github.com/wlynxg/anet/interface_android.go b/server/vendor/github.com/wlynxg/anet/interface_android.go
new file mode 100644
index 0000000..1c81112
--- /dev/null
+++ b/server/vendor/github.com/wlynxg/anet/interface_android.go
@@ -0,0 +1,419 @@
+package anet
+
+import (
+	"bytes"
+	"errors"
+	"net"
+	"os"
+	"sync"
+	"syscall"
+	"time"
+	"unsafe"
+)
+
+const (
+	android11 = 11
+)
+
+var (
+	androidVersion              uint
+	errInvalidInterface         = errors.New("invalid network interface")
+	errInvalidInterfaceIndex    = errors.New("invalid network interface index")
+	errInvalidInterfaceName     = errors.New("invalid network interface name")
+	errNoSuchInterface          = errors.New("no such network interface")
+	errNoSuchMulticastInterface = errors.New("no such multicast network interface")
+)
+
+type ifReq [40]byte
+
+// Interfaces returns a list of the system's network interfaces.
+func Interfaces() ([]net.Interface, error) {
+	if androidVersion < android11 {
+		return net.Interfaces()
+	}
+
+	ift, err := interfaceTable(0)
+	if err != nil {
+		return nil, &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: err}
+	}
+	if len(ift) != 0 {
+		zoneCache.update(ift, false)
+	}
+	return ift, nil
+}
+
+// InterfaceAddrs returns a list of the system's unicast interface
+// addresses.
+//
+// The returned list does not identify the associated interface; use
+// Interfaces and Interface.Addrs for more detail.
+func InterfaceAddrs() ([]net.Addr, error) {
+	if androidVersion < android11 {
+		return net.InterfaceAddrs()
+	}
+
+	ifat, err := interfaceAddrTable(nil)
+	if err != nil {
+		err = &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: err}
+	}
+	return ifat, err
+}
+
+// InterfaceByIndex returns the interface specified by index.
+//
+// On Solaris, it returns one of the logical network interfaces
+// sharing the logical data link; for more precision use
+// InterfaceByName.
+func InterfaceByIndex(index int) (*net.Interface, error) {
+	if androidVersion < android11 {
+		return net.InterfaceByIndex(index)
+	}
+
+	if index <= 0 {
+		return nil, &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: errInvalidInterfaceIndex}
+	}
+	ift, err := interfaceTable(index)
+	if err != nil {
+		return nil, &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: err}
+	}
+	ifi, err := interfaceByIndex(ift, index)
+	if err != nil {
+		err = &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: err}
+	}
+	return ifi, err
+}
+
+// InterfaceByName returns the interface specified by name.
+func InterfaceByName(name string) (*net.Interface, error) {
+	if name == "" {
+		return nil, &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: errInvalidInterfaceName}
+	}
+	ift, err := interfaceTable(0)
+	if err != nil {
+		return nil, &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: err}
+	}
+	if len(ift) != 0 {
+		zoneCache.update(ift, false)
+	}
+	for _, ifi := range ift {
+		if name == ifi.Name {
+			return &ifi, nil
+		}
+	}
+	return nil, &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: errNoSuchInterface}
+}
+
+// InterfaceAddrsByInterface returns a list of the system's unicast
+// interface addresses by specific interface.
+func InterfaceAddrsByInterface(ifi *net.Interface) ([]net.Addr, error) {
+	if ifi == nil {
+		return nil, &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: errInvalidInterface}
+	}
+
+	if androidVersion < android11 {
+		return ifi.Addrs()
+	}
+
+	ifat, err := interfaceAddrTable(ifi)
+	if err != nil {
+		err = &net.OpError{Op: "route", Net: "ip+net", Source: nil, Addr: nil, Err: err}
+	}
+	return ifat, err
+}
+
+// SetAndroidVersion set the Android environment in which the program runs.
+// The Android system version number can be obtained through
+// `android.os.Build.VERSION.RELEASE` of the Android framework.
+func SetAndroidVersion(version uint) {
+	androidVersion = version
+}
+
+// An ipv6ZoneCache represents a cache holding partial network
+// interface information. It is used for reducing the cost of IPv6
+// addressing scope zone resolution.
+//
+// Multiple names sharing the index are managed by first-come
+// first-served basis for consistency.
+type ipv6ZoneCache struct {
+	sync.RWMutex                // guard the following
+	lastFetched  time.Time      // last time routing information was fetched
+	toIndex      map[string]int // interface name to its index
+	toName       map[int]string // interface index to its name
+}
+
+//go:linkname zoneCache net.zoneCache
+var zoneCache ipv6ZoneCache
+
+// update refreshes the network interface information if the cache was last
+// updated more than 1 minute ago, or if force is set. It reports whether the
+// cache was updated.
+func (zc *ipv6ZoneCache) update(ift []net.Interface, force bool) (updated bool) {
+	zc.Lock()
+	defer zc.Unlock()
+	now := time.Now()
+	if !force && zc.lastFetched.After(now.Add(-60*time.Second)) {
+		return false
+	}
+	zc.lastFetched = now
+	if len(ift) == 0 {
+		var err error
+		if ift, err = interfaceTable(0); err != nil {
+			return false
+		}
+	}
+	zc.toIndex = make(map[string]int, len(ift))
+	zc.toName = make(map[int]string, len(ift))
+	for _, ifi := range ift {
+		zc.toIndex[ifi.Name] = ifi.Index
+		if _, ok := zc.toName[ifi.Index]; !ok {
+			zc.toName[ifi.Index] = ifi.Name
+		}
+	}
+	return true
+}
+
+// If the ifindex is zero, interfaceTable returns mappings of all
+// network interfaces. Otherwise it returns a mapping of a specific
+// interface.
+func interfaceTable(ifindex int) ([]net.Interface, error) {
+	tab, err := NetlinkRIB(syscall.RTM_GETADDR, syscall.AF_UNSPEC)
+	if err != nil {
+		return nil, os.NewSyscallError("netlinkrib", err)
+	}
+	msgs, err := syscall.ParseNetlinkMessage(tab)
+	if err != nil {
+		return nil, os.NewSyscallError("parsenetlinkmessage", err)
+	}
+
+	var ift []net.Interface
+	im := make(map[uint32]struct{})
+loop:
+	for _, m := range msgs {
+		switch m.Header.Type {
+		case syscall.NLMSG_DONE:
+			break loop
+		case syscall.RTM_NEWADDR:
+			ifam := (*syscall.IfAddrmsg)(unsafe.Pointer(&m.Data[0]))
+			if _, ok := im[ifam.Index]; ok {
+				continue
+			} else {
+				im[ifam.Index] = struct{}{}
+			}
+
+			if ifindex == 0 || ifindex == int(ifam.Index) {
+				ifi := newLink(ifam)
+				if ifi != nil {
+					ift = append(ift, *ifi)
+				}
+				if ifindex == int(ifam.Index) {
+					break loop
+				}
+			}
+		}
+	}
+
+	return ift, nil
+}
+
+func newLink(ifam *syscall.IfAddrmsg) *net.Interface {
+	ift := &net.Interface{Index: int(ifam.Index)}
+
+	name, err := indexToName(ifam.Index)
+	if err != nil {
+		return nil
+	}
+	ift.Name = name
+
+	mtu, err := nameToMTU(name)
+	if err != nil {
+		return nil
+	}
+	ift.MTU = mtu
+
+	flags, err := nameToFlags(name)
+	if err != nil {
+		return nil
+	}
+	ift.Flags = flags
+	return ift
+}
+
+func linkFlags(rawFlags uint32) net.Flags {
+	var f net.Flags
+	if rawFlags&syscall.IFF_UP != 0 {
+		f |= net.FlagUp
+	}
+	if rawFlags&syscall.IFF_RUNNING != 0 {
+		f |= net.FlagRunning
+	}
+	if rawFlags&syscall.IFF_BROADCAST != 0 {
+		f |= net.FlagBroadcast
+	}
+	if rawFlags&syscall.IFF_LOOPBACK != 0 {
+		f |= net.FlagLoopback
+	}
+	if rawFlags&syscall.IFF_POINTOPOINT != 0 {
+		f |= net.FlagPointToPoint
+	}
+	if rawFlags&syscall.IFF_MULTICAST != 0 {
+		f |= net.FlagMulticast
+	}
+	return f
+}
+
+// If the ifi is nil, interfaceAddrTable returns addresses for all
+// network interfaces. Otherwise it returns addresses for a specific
+// interface.
+func interfaceAddrTable(ifi *net.Interface) ([]net.Addr, error) {
+	tab, err := NetlinkRIB(syscall.RTM_GETADDR, syscall.AF_UNSPEC)
+	if err != nil {
+		return nil, os.NewSyscallError("netlinkrib", err)
+	}
+	msgs, err := syscall.ParseNetlinkMessage(tab)
+	if err != nil {
+		return nil, os.NewSyscallError("parsenetlinkmessage", err)
+	}
+
+	var ift []net.Interface
+	if ifi == nil {
+		var err error
+		ift, err = interfaceTable(0)
+		if err != nil {
+			return nil, err
+		}
+	}
+	ifat, err := addrTable(ift, ifi, msgs)
+	if err != nil {
+		return nil, err
+	}
+	return ifat, nil
+}
+
+func addrTable(ift []net.Interface, ifi *net.Interface, msgs []syscall.NetlinkMessage) ([]net.Addr, error) {
+	var ifat []net.Addr
+loop:
+	for _, m := range msgs {
+		switch m.Header.Type {
+		case syscall.NLMSG_DONE:
+			break loop
+		case syscall.RTM_NEWADDR:
+			ifam := (*syscall.IfAddrmsg)(unsafe.Pointer(&m.Data[0]))
+			if len(ift) != 0 || ifi.Index == int(ifam.Index) {
+				attrs, err := syscall.ParseNetlinkRouteAttr(&m)
+				if err != nil {
+					return nil, os.NewSyscallError("parsenetlinkrouteattr", err)
+				}
+				ifa := newAddr(ifam, attrs)
+				if ifa != nil {
+					ifat = append(ifat, ifa)
+				}
+			}
+		}
+	}
+	return ifat, nil
+}
+
+func newAddr(ifam *syscall.IfAddrmsg, attrs []syscall.NetlinkRouteAttr) net.Addr {
+	var ipPointToPoint bool
+	// Seems like we need to make sure whether the IP interface
+	// stack consists of IP point-to-point numbered or unnumbered
+	// addressing.
+	for _, a := range attrs {
+		if a.Attr.Type == syscall.IFA_LOCAL {
+			ipPointToPoint = true
+			break
+		}
+	}
+	for _, a := range attrs {
+		if ipPointToPoint && a.Attr.Type == syscall.IFA_ADDRESS {
+			continue
+		}
+		switch ifam.Family {
+		case syscall.AF_INET:
+			return &net.IPNet{IP: net.IPv4(a.Value[0], a.Value[1], a.Value[2], a.Value[3]), Mask: net.CIDRMask(int(ifam.Prefixlen), 8*net.IPv4len)}
+		case syscall.AF_INET6:
+			ifa := &net.IPNet{IP: make(net.IP, net.IPv6len), Mask: net.CIDRMask(int(ifam.Prefixlen), 8*net.IPv6len)}
+			copy(ifa.IP, a.Value[:])
+			return ifa
+		}
+	}
+	return nil
+}
+
+func interfaceByIndex(ift []net.Interface, index int) (*net.Interface, error) {
+	for _, ifi := range ift {
+		if index == ifi.Index {
+			return &ifi, nil
+		}
+	}
+	return nil, errNoSuchInterface
+}
+
+func ioctl(fd int, req uint, arg unsafe.Pointer) error {
+	_, _, e1 := syscall.Syscall(syscall.SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg))
+	if e1 != 0 {
+		return e1
+	}
+	return nil
+}
+
+func indexToName(index uint32) (string, error) {
+	fd, err := syscall.Socket(syscall.AF_INET, syscall.SOCK_DGRAM|syscall.SOCK_CLOEXEC, 0)
+	if err != nil {
+		return "", err
+	}
+	defer syscall.Close(fd)
+
+	var ifr ifReq
+	*(*uint32)(unsafe.Pointer(&ifr[syscall.IFNAMSIZ])) = index
+	err = ioctl(fd, syscall.SIOCGIFNAME, unsafe.Pointer(&ifr[0]))
+	if err != nil {
+		return "", err
+	}
+
+	return string(bytes.Trim(ifr[:syscall.IFNAMSIZ], "\x00")), nil
+}
+
+func nameToMTU(name string) (int, error) {
+	// Leave room for terminating NULL byte.
+	if len(name) >= syscall.IFNAMSIZ {
+		return -1, syscall.EINVAL
+	}
+
+	fd, err := syscall.Socket(syscall.AF_INET, syscall.SOCK_DGRAM|syscall.SOCK_CLOEXEC, 0)
+	if err != nil {
+		return -1, err
+	}
+	defer syscall.Close(fd)
+
+	var ifr ifReq
+	copy(ifr[:], name)
+	err = ioctl(fd, syscall.SIOCGIFMTU, unsafe.Pointer(&ifr[0]))
+	if err != nil {
+		return -1, err
+	}
+
+	return int(*(*int32)(unsafe.Pointer(&ifr[syscall.IFNAMSIZ]))), nil
+}
+
+func nameToFlags(name string) (net.Flags, error) {
+	// Leave room for terminating NULL byte.
+	if len(name) >= syscall.IFNAMSIZ {
+		return 0, syscall.EINVAL
+	}
+
+	fd, err := syscall.Socket(syscall.AF_INET, syscall.SOCK_DGRAM|syscall.SOCK_CLOEXEC, 0)
+	if err != nil {
+		return 0, err
+	}
+	defer syscall.Close(fd)
+
+	var ifr ifReq
+	copy(ifr[:], name)
+	err = ioctl(fd, syscall.SIOCGIFFLAGS, unsafe.Pointer(&ifr[0]))
+	if err != nil {
+		return 0, err
+	}
+
+	return linkFlags(*(*uint32)(unsafe.Pointer(&ifr[syscall.IFNAMSIZ]))), nil
+}
diff --git a/server/vendor/github.com/wlynxg/anet/netlink_android.go b/server/vendor/github.com/wlynxg/anet/netlink_android.go
new file mode 100644
index 0000000..fc0d84d
--- /dev/null
+++ b/server/vendor/github.com/wlynxg/anet/netlink_android.go
@@ -0,0 +1,179 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Netlink sockets and messages
+
+package anet
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+// Round the length of a netlink message up to align it properly.
+func nlmAlignOf(msglen int) int {
+	return (msglen + syscall.NLMSG_ALIGNTO - 1) & ^(syscall.NLMSG_ALIGNTO - 1)
+}
+
+// Round the length of a netlink route attribute up to align it
+// properly.
+func rtaAlignOf(attrlen int) int {
+	return (attrlen + syscall.RTA_ALIGNTO - 1) & ^(syscall.RTA_ALIGNTO - 1)
+}
+
+// NetlinkRouteRequest represents a request message to receive routing
+// and link states from the kernel.
+type NetlinkRouteRequest struct {
+	Header syscall.NlMsghdr
+	Data   syscall.RtGenmsg
+}
+
+func (rr *NetlinkRouteRequest) toWireFormat() []byte {
+	b := make([]byte, rr.Header.Len)
+	*(*uint32)(unsafe.Pointer(&b[0:4][0])) = rr.Header.Len
+	*(*uint16)(unsafe.Pointer(&b[4:6][0])) = rr.Header.Type
+	*(*uint16)(unsafe.Pointer(&b[6:8][0])) = rr.Header.Flags
+	*(*uint32)(unsafe.Pointer(&b[8:12][0])) = rr.Header.Seq
+	*(*uint32)(unsafe.Pointer(&b[12:16][0])) = rr.Header.Pid
+	b[16] = byte(rr.Data.Family)
+	return b
+}
+
+func newNetlinkRouteRequest(proto, seq, family int) []byte {
+	rr := &NetlinkRouteRequest{}
+	rr.Header.Len = uint32(syscall.NLMSG_HDRLEN + syscall.SizeofRtGenmsg)
+	rr.Header.Type = uint16(proto)
+	rr.Header.Flags = syscall.NLM_F_DUMP | syscall.NLM_F_REQUEST
+	rr.Header.Seq = uint32(seq)
+	rr.Data.Family = uint8(family)
+	return rr.toWireFormat()
+}
+
+// NetlinkRIB returns routing information base, as known as RIB, which
+// consists of network facility information, states and parameters.
+func NetlinkRIB(proto, family int) ([]byte, error) {
+	s, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW|syscall.SOCK_CLOEXEC, syscall.NETLINK_ROUTE)
+	if err != nil {
+		return nil, err
+	}
+	defer syscall.Close(s)
+	sa := &syscall.SockaddrNetlink{Family: syscall.AF_NETLINK}
+
+	wb := newNetlinkRouteRequest(proto, 1, family)
+	if err := syscall.Sendto(s, wb, 0, sa); err != nil {
+		return nil, err
+	}
+	lsa, err := syscall.Getsockname(s)
+	if err != nil {
+		return nil, err
+	}
+	lsanl, ok := lsa.(*syscall.SockaddrNetlink)
+	if !ok {
+		return nil, syscall.EINVAL
+	}
+	var tab []byte
+	rbNew := make([]byte, syscall.Getpagesize())
+done:
+	for {
+		rb := rbNew
+		nr, _, err := syscall.Recvfrom(s, rb, 0)
+		if err != nil {
+			return nil, err
+		}
+		if nr < syscall.NLMSG_HDRLEN {
+			return nil, syscall.EINVAL
+		}
+		rb = rb[:nr]
+		tab = append(tab, rb...)
+		msgs, err := ParseNetlinkMessage(rb)
+		if err != nil {
+			return nil, err
+		}
+		for _, m := range msgs {
+			if m.Header.Seq != 1 || m.Header.Pid != lsanl.Pid {
+				return nil, syscall.EINVAL
+			}
+			if m.Header.Type == syscall.NLMSG_DONE {
+				break done
+			}
+			if m.Header.Type == syscall.NLMSG_ERROR {
+				return nil, syscall.EINVAL
+			}
+		}
+	}
+	return tab, nil
+}
+
+// NetlinkMessage represents a netlink message.
+type NetlinkMessage struct {
+	Header syscall.NlMsghdr
+	Data   []byte
+}
+
+// ParseNetlinkMessage parses b as an array of netlink messages and
+// returns the slice containing the NetlinkMessage structures.
+func ParseNetlinkMessage(b []byte) ([]NetlinkMessage, error) {
+	var msgs []NetlinkMessage
+	for len(b) >= syscall.NLMSG_HDRLEN {
+		h, dbuf, dlen, err := netlinkMessageHeaderAndData(b)
+		if err != nil {
+			return nil, err
+		}
+		m := NetlinkMessage{Header: *h, Data: dbuf[:int(h.Len)-syscall.NLMSG_HDRLEN]}
+		msgs = append(msgs, m)
+		b = b[dlen:]
+	}
+	return msgs, nil
+}
+
+func netlinkMessageHeaderAndData(b []byte) (*syscall.NlMsghdr, []byte, int, error) {
+	h := (*syscall.NlMsghdr)(unsafe.Pointer(&b[0]))
+	l := nlmAlignOf(int(h.Len))
+	if int(h.Len) < syscall.NLMSG_HDRLEN || l > len(b) {
+		return nil, nil, 0, syscall.EINVAL
+	}
+	return h, b[syscall.NLMSG_HDRLEN:], l, nil
+}
+
+// NetlinkRouteAttr represents a netlink route attribute.
+type NetlinkRouteAttr struct {
+	Attr  syscall.RtAttr
+	Value []byte
+}
+
+// ParseNetlinkRouteAttr parses m's payload as an array of netlink
+// route attributes and returns the slice containing the
+// NetlinkRouteAttr structures.
+func ParseNetlinkRouteAttr(m *NetlinkMessage) ([]NetlinkRouteAttr, error) {
+	var b []byte
+	switch m.Header.Type {
+	case syscall.RTM_NEWLINK, syscall.RTM_DELLINK:
+		b = m.Data[syscall.SizeofIfInfomsg:]
+	case syscall.RTM_NEWADDR, syscall.RTM_DELADDR:
+		b = m.Data[syscall.SizeofIfAddrmsg:]
+	case syscall.RTM_NEWROUTE, syscall.RTM_DELROUTE:
+		b = m.Data[syscall.SizeofRtMsg:]
+	default:
+		return nil, syscall.EINVAL
+	}
+	var attrs []NetlinkRouteAttr
+	for len(b) >= syscall.SizeofRtAttr {
+		a, vbuf, alen, err := netlinkRouteAttrAndValue(b)
+		if err != nil {
+			return nil, err
+		}
+		ra := NetlinkRouteAttr{Attr: *a, Value: vbuf[:int(a.Len)-syscall.SizeofRtAttr]}
+		attrs = append(attrs, ra)
+		b = b[alen:]
+	}
+	return attrs, nil
+}
+
+func netlinkRouteAttrAndValue(b []byte) (*syscall.RtAttr, []byte, int, error) {
+	a := (*syscall.RtAttr)(unsafe.Pointer(&b[0]))
+	if int(a.Len) < syscall.SizeofRtAttr || int(a.Len) > len(b) {
+		return nil, nil, 0, syscall.EINVAL
+	}
+	return a, b[syscall.SizeofRtAttr:], rtaAlignOf(int(a.Len)), nil
+}
diff --git a/server/vendor/golang.org/x/crypto/cryptobyte/asn1.go b/server/vendor/golang.org/x/crypto/cryptobyte/asn1.go
new file mode 100644
index 0000000..2492f79
--- /dev/null
+++ b/server/vendor/golang.org/x/crypto/cryptobyte/asn1.go
@@ -0,0 +1,825 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cryptobyte
+
+import (
+	encoding_asn1 "encoding/asn1"
+	"fmt"
+	"math/big"
+	"reflect"
+	"time"
+
+	"golang.org/x/crypto/cryptobyte/asn1"
+)
+
+// This file contains ASN.1-related methods for String and Builder.
+
+// Builder
+
+// AddASN1Int64 appends a DER-encoded ASN.1 INTEGER.
+func (b *Builder) AddASN1Int64(v int64) {
+	b.addASN1Signed(asn1.INTEGER, v)
+}
+
+// AddASN1Int64WithTag appends a DER-encoded ASN.1 INTEGER with the
+// given tag.
+func (b *Builder) AddASN1Int64WithTag(v int64, tag asn1.Tag) {
+	b.addASN1Signed(tag, v)
+}
+
+// AddASN1Enum appends a DER-encoded ASN.1 ENUMERATION.
+func (b *Builder) AddASN1Enum(v int64) {
+	b.addASN1Signed(asn1.ENUM, v)
+}
+
+func (b *Builder) addASN1Signed(tag asn1.Tag, v int64) {
+	b.AddASN1(tag, func(c *Builder) {
+		length := 1
+		for i := v; i >= 0x80 || i < -0x80; i >>= 8 {
+			length++
+		}
+
+		for ; length > 0; length-- {
+			i := v >> uint((length-1)*8) & 0xff
+			c.AddUint8(uint8(i))
+		}
+	})
+}
+
+// AddASN1Uint64 appends a DER-encoded ASN.1 INTEGER.
+func (b *Builder) AddASN1Uint64(v uint64) {
+	b.AddASN1(asn1.INTEGER, func(c *Builder) {
+		length := 1
+		for i := v; i >= 0x80; i >>= 8 {
+			length++
+		}
+
+		for ; length > 0; length-- {
+			i := v >> uint((length-1)*8) & 0xff
+			c.AddUint8(uint8(i))
+		}
+	})
+}
+
+// AddASN1BigInt appends a DER-encoded ASN.1 INTEGER.
+func (b *Builder) AddASN1BigInt(n *big.Int) {
+	if b.err != nil {
+		return
+	}
+
+	b.AddASN1(asn1.INTEGER, func(c *Builder) {
+		if n.Sign() < 0 {
+			// A negative number has to be converted to two's-complement form. So we
+			// invert and subtract 1. If the most-significant-bit isn't set then
+			// we'll need to pad the beginning with 0xff in order to keep the number
+			// negative.
+			nMinus1 := new(big.Int).Neg(n)
+			nMinus1.Sub(nMinus1, bigOne)
+			bytes := nMinus1.Bytes()
+			for i := range bytes {
+				bytes[i] ^= 0xff
+			}
+			if len(bytes) == 0 || bytes[0]&0x80 == 0 {
+				c.add(0xff)
+			}
+			c.add(bytes...)
+		} else if n.Sign() == 0 {
+			c.add(0)
+		} else {
+			bytes := n.Bytes()
+			if bytes[0]&0x80 != 0 {
+				c.add(0)
+			}
+			c.add(bytes...)
+		}
+	})
+}
+
+// AddASN1OctetString appends a DER-encoded ASN.1 OCTET STRING.
+func (b *Builder) AddASN1OctetString(bytes []byte) {
+	b.AddASN1(asn1.OCTET_STRING, func(c *Builder) {
+		c.AddBytes(bytes)
+	})
+}
+
+const generalizedTimeFormatStr = "20060102150405Z0700"
+
+// AddASN1GeneralizedTime appends a DER-encoded ASN.1 GENERALIZEDTIME.
+func (b *Builder) AddASN1GeneralizedTime(t time.Time) {
+	if t.Year() < 0 || t.Year() > 9999 {
+		b.err = fmt.Errorf("cryptobyte: cannot represent %v as a GeneralizedTime", t)
+		return
+	}
+	b.AddASN1(asn1.GeneralizedTime, func(c *Builder) {
+		c.AddBytes([]byte(t.Format(generalizedTimeFormatStr)))
+	})
+}
+
+// AddASN1UTCTime appends a DER-encoded ASN.1 UTCTime.
+func (b *Builder) AddASN1UTCTime(t time.Time) {
+	b.AddASN1(asn1.UTCTime, func(c *Builder) {
+		// As utilized by the X.509 profile, UTCTime can only
+		// represent the years 1950 through 2049.
+		if t.Year() < 1950 || t.Year() >= 2050 {
+			b.err = fmt.Errorf("cryptobyte: cannot represent %v as a UTCTime", t)
+			return
+		}
+		c.AddBytes([]byte(t.Format(defaultUTCTimeFormatStr)))
+	})
+}
+
+// AddASN1BitString appends a DER-encoded ASN.1 BIT STRING. This does not
+// support BIT STRINGs that are not a whole number of bytes.
+func (b *Builder) AddASN1BitString(data []byte) {
+	b.AddASN1(asn1.BIT_STRING, func(b *Builder) {
+		b.AddUint8(0)
+		b.AddBytes(data)
+	})
+}
+
+func (b *Builder) addBase128Int(n int64) {
+	var length int
+	if n == 0 {
+		length = 1
+	} else {
+		for i := n; i > 0; i >>= 7 {
+			length++
+		}
+	}
+
+	for i := length - 1; i >= 0; i-- {
+		o := byte(n >> uint(i*7))
+		o &= 0x7f
+		if i != 0 {
+			o |= 0x80
+		}
+
+		b.add(o)
+	}
+}
+
+func isValidOID(oid encoding_asn1.ObjectIdentifier) bool {
+	if len(oid) < 2 {
+		return false
+	}
+
+	if oid[0] > 2 || (oid[0] <= 1 && oid[1] >= 40) {
+		return false
+	}
+
+	for _, v := range oid {
+		if v < 0 {
+			return false
+		}
+	}
+
+	return true
+}
+
+func (b *Builder) AddASN1ObjectIdentifier(oid encoding_asn1.ObjectIdentifier) {
+	b.AddASN1(asn1.OBJECT_IDENTIFIER, func(b *Builder) {
+		if !isValidOID(oid) {
+			b.err = fmt.Errorf("cryptobyte: invalid OID: %v", oid)
+			return
+		}
+
+		b.addBase128Int(int64(oid[0])*40 + int64(oid[1]))
+		for _, v := range oid[2:] {
+			b.addBase128Int(int64(v))
+		}
+	})
+}
+
+func (b *Builder) AddASN1Boolean(v bool) {
+	b.AddASN1(asn1.BOOLEAN, func(b *Builder) {
+		if v {
+			b.AddUint8(0xff)
+		} else {
+			b.AddUint8(0)
+		}
+	})
+}
+
+func (b *Builder) AddASN1NULL() {
+	b.add(uint8(asn1.NULL), 0)
+}
+
+// MarshalASN1 calls encoding_asn1.Marshal on its input and appends the result if
+// successful or records an error if one occurred.
+func (b *Builder) MarshalASN1(v interface{}) {
+	// NOTE(martinkr): This is somewhat of a hack to allow propagation of
+	// encoding_asn1.Marshal errors into Builder.err. N.B. if you call MarshalASN1 with a
+	// value embedded into a struct, its tag information is lost.
+	if b.err != nil {
+		return
+	}
+	bytes, err := encoding_asn1.Marshal(v)
+	if err != nil {
+		b.err = err
+		return
+	}
+	b.AddBytes(bytes)
+}
+
+// AddASN1 appends an ASN.1 object. The object is prefixed with the given tag.
+// Tags greater than 30 are not supported and result in an error (i.e.
+// low-tag-number form only). The child builder passed to the
+// BuilderContinuation can be used to build the content of the ASN.1 object.
+func (b *Builder) AddASN1(tag asn1.Tag, f BuilderContinuation) {
+	if b.err != nil {
+		return
+	}
+	// Identifiers with the low five bits set indicate high-tag-number format
+	// (two or more octets), which we don't support.
+	if tag&0x1f == 0x1f {
+		b.err = fmt.Errorf("cryptobyte: high-tag number identifier octects not supported: 0x%x", tag)
+		return
+	}
+	b.AddUint8(uint8(tag))
+	b.addLengthPrefixed(1, true, f)
+}
+
+// String
+
+// ReadASN1Boolean decodes an ASN.1 BOOLEAN and converts it to a boolean
+// representation into out and advances. It reports whether the read
+// was successful.
+func (s *String) ReadASN1Boolean(out *bool) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.BOOLEAN) || len(bytes) != 1 {
+		return false
+	}
+
+	switch bytes[0] {
+	case 0:
+		*out = false
+	case 0xff:
+		*out = true
+	default:
+		return false
+	}
+
+	return true
+}
+
+// ReadASN1Integer decodes an ASN.1 INTEGER into out and advances. If out does
+// not point to an integer, to a big.Int, or to a []byte it panics. Only
+// positive and zero values can be decoded into []byte, and they are returned as
+// big-endian binary values that share memory with s. Positive values will have
+// no leading zeroes, and zero will be returned as a single zero byte.
+// ReadASN1Integer reports whether the read was successful.
+func (s *String) ReadASN1Integer(out interface{}) bool {
+	switch out := out.(type) {
+	case *int, *int8, *int16, *int32, *int64:
+		var i int64
+		if !s.readASN1Int64(&i) || reflect.ValueOf(out).Elem().OverflowInt(i) {
+			return false
+		}
+		reflect.ValueOf(out).Elem().SetInt(i)
+		return true
+	case *uint, *uint8, *uint16, *uint32, *uint64:
+		var u uint64
+		if !s.readASN1Uint64(&u) || reflect.ValueOf(out).Elem().OverflowUint(u) {
+			return false
+		}
+		reflect.ValueOf(out).Elem().SetUint(u)
+		return true
+	case *big.Int:
+		return s.readASN1BigInt(out)
+	case *[]byte:
+		return s.readASN1Bytes(out)
+	default:
+		panic("out does not point to an integer type")
+	}
+}
+
+func checkASN1Integer(bytes []byte) bool {
+	if len(bytes) == 0 {
+		// An INTEGER is encoded with at least one octet.
+		return false
+	}
+	if len(bytes) == 1 {
+		return true
+	}
+	if bytes[0] == 0 && bytes[1]&0x80 == 0 || bytes[0] == 0xff && bytes[1]&0x80 == 0x80 {
+		// Value is not minimally encoded.
+		return false
+	}
+	return true
+}
+
+var bigOne = big.NewInt(1)
+
+func (s *String) readASN1BigInt(out *big.Int) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) {
+		return false
+	}
+	if bytes[0]&0x80 == 0x80 {
+		// Negative number.
+		neg := make([]byte, len(bytes))
+		for i, b := range bytes {
+			neg[i] = ^b
+		}
+		out.SetBytes(neg)
+		out.Add(out, bigOne)
+		out.Neg(out)
+	} else {
+		out.SetBytes(bytes)
+	}
+	return true
+}
+
+func (s *String) readASN1Bytes(out *[]byte) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) {
+		return false
+	}
+	if bytes[0]&0x80 == 0x80 {
+		return false
+	}
+	for len(bytes) > 1 && bytes[0] == 0 {
+		bytes = bytes[1:]
+	}
+	*out = bytes
+	return true
+}
+
+func (s *String) readASN1Int64(out *int64) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) || !asn1Signed(out, bytes) {
+		return false
+	}
+	return true
+}
+
+func asn1Signed(out *int64, n []byte) bool {
+	length := len(n)
+	if length > 8 {
+		return false
+	}
+	for i := 0; i < length; i++ {
+		*out <<= 8
+		*out |= int64(n[i])
+	}
+	// Shift up and down in order to sign extend the result.
+	*out <<= 64 - uint8(length)*8
+	*out >>= 64 - uint8(length)*8
+	return true
+}
+
+func (s *String) readASN1Uint64(out *uint64) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) || !asn1Unsigned(out, bytes) {
+		return false
+	}
+	return true
+}
+
+func asn1Unsigned(out *uint64, n []byte) bool {
+	length := len(n)
+	if length > 9 || length == 9 && n[0] != 0 {
+		// Too large for uint64.
+		return false
+	}
+	if n[0]&0x80 != 0 {
+		// Negative number.
+		return false
+	}
+	for i := 0; i < length; i++ {
+		*out <<= 8
+		*out |= uint64(n[i])
+	}
+	return true
+}
+
+// ReadASN1Int64WithTag decodes an ASN.1 INTEGER with the given tag into out
+// and advances. It reports whether the read was successful and resulted in a
+// value that can be represented in an int64.
+func (s *String) ReadASN1Int64WithTag(out *int64, tag asn1.Tag) bool {
+	var bytes String
+	return s.ReadASN1(&bytes, tag) && checkASN1Integer(bytes) && asn1Signed(out, bytes)
+}
+
+// ReadASN1Enum decodes an ASN.1 ENUMERATION into out and advances. It reports
+// whether the read was successful.
+func (s *String) ReadASN1Enum(out *int) bool {
+	var bytes String
+	var i int64
+	if !s.ReadASN1(&bytes, asn1.ENUM) || !checkASN1Integer(bytes) || !asn1Signed(&i, bytes) {
+		return false
+	}
+	if int64(int(i)) != i {
+		return false
+	}
+	*out = int(i)
+	return true
+}
+
+func (s *String) readBase128Int(out *int) bool {
+	ret := 0
+	for i := 0; len(*s) > 0; i++ {
+		if i == 5 {
+			return false
+		}
+		// Avoid overflowing int on a 32-bit platform.
+		// We don't want different behavior based on the architecture.
+		if ret >= 1<<(31-7) {
+			return false
+		}
+		ret <<= 7
+		b := s.read(1)[0]
+
+		// ITU-T X.690, section 8.19.2:
+		// The subidentifier shall be encoded in the fewest possible octets,
+		// that is, the leading octet of the subidentifier shall not have the value 0x80.
+		if i == 0 && b == 0x80 {
+			return false
+		}
+
+		ret |= int(b & 0x7f)
+		if b&0x80 == 0 {
+			*out = ret
+			return true
+		}
+	}
+	return false // truncated
+}
+
+// ReadASN1ObjectIdentifier decodes an ASN.1 OBJECT IDENTIFIER into out and
+// advances. It reports whether the read was successful.
+func (s *String) ReadASN1ObjectIdentifier(out *encoding_asn1.ObjectIdentifier) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.OBJECT_IDENTIFIER) || len(bytes) == 0 {
+		return false
+	}
+
+	// In the worst case, we get two elements from the first byte (which is
+	// encoded differently) and then every varint is a single byte long.
+	components := make([]int, len(bytes)+1)
+
+	// The first varint is 40*value1 + value2:
+	// According to this packing, value1 can take the values 0, 1 and 2 only.
+	// When value1 = 0 or value1 = 1, then value2 is <= 39. When value1 = 2,
+	// then there are no restrictions on value2.
+	var v int
+	if !bytes.readBase128Int(&v) {
+		return false
+	}
+	if v < 80 {
+		components[0] = v / 40
+		components[1] = v % 40
+	} else {
+		components[0] = 2
+		components[1] = v - 80
+	}
+
+	i := 2
+	for ; len(bytes) > 0; i++ {
+		if !bytes.readBase128Int(&v) {
+			return false
+		}
+		components[i] = v
+	}
+	*out = components[:i]
+	return true
+}
+
+// ReadASN1GeneralizedTime decodes an ASN.1 GENERALIZEDTIME into out and
+// advances. It reports whether the read was successful.
+func (s *String) ReadASN1GeneralizedTime(out *time.Time) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.GeneralizedTime) {
+		return false
+	}
+	t := string(bytes)
+	res, err := time.Parse(generalizedTimeFormatStr, t)
+	if err != nil {
+		return false
+	}
+	if serialized := res.Format(generalizedTimeFormatStr); serialized != t {
+		return false
+	}
+	*out = res
+	return true
+}
+
+const defaultUTCTimeFormatStr = "060102150405Z0700"
+
+// ReadASN1UTCTime decodes an ASN.1 UTCTime into out and advances.
+// It reports whether the read was successful.
+func (s *String) ReadASN1UTCTime(out *time.Time) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.UTCTime) {
+		return false
+	}
+	t := string(bytes)
+
+	formatStr := defaultUTCTimeFormatStr
+	var err error
+	res, err := time.Parse(formatStr, t)
+	if err != nil {
+		// Fallback to minute precision if we can't parse second
+		// precision. If we are following X.509 or X.690 we shouldn't
+		// support this, but we do.
+		formatStr = "0601021504Z0700"
+		res, err = time.Parse(formatStr, t)
+	}
+	if err != nil {
+		return false
+	}
+
+	if serialized := res.Format(formatStr); serialized != t {
+		return false
+	}
+
+	if res.Year() >= 2050 {
+		// UTCTime interprets the low order digits 50-99 as 1950-99.
+		// This only applies to its use in the X.509 profile.
+		// See https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1
+		res = res.AddDate(-100, 0, 0)
+	}
+	*out = res
+	return true
+}
+
+// ReadASN1BitString decodes an ASN.1 BIT STRING into out and advances.
+// It reports whether the read was successful.
+func (s *String) ReadASN1BitString(out *encoding_asn1.BitString) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.BIT_STRING) || len(bytes) == 0 ||
+		len(bytes)*8/8 != len(bytes) {
+		return false
+	}
+
+	paddingBits := bytes[0]
+	bytes = bytes[1:]
+	if paddingBits > 7 ||
+		len(bytes) == 0 && paddingBits != 0 ||
+		len(bytes) > 0 && bytes[len(bytes)-1]&(1<<paddingBits-1) != 0 {
+		return false
+	}
+
+	out.BitLength = len(bytes)*8 - int(paddingBits)
+	out.Bytes = bytes
+	return true
+}
+
+// ReadASN1BitStringAsBytes decodes an ASN.1 BIT STRING into out and advances. It is
+// an error if the BIT STRING is not a whole number of bytes. It reports
+// whether the read was successful.
+func (s *String) ReadASN1BitStringAsBytes(out *[]byte) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.BIT_STRING) || len(bytes) == 0 {
+		return false
+	}
+
+	paddingBits := bytes[0]
+	if paddingBits != 0 {
+		return false
+	}
+	*out = bytes[1:]
+	return true
+}
+
+// ReadASN1Bytes reads the contents of a DER-encoded ASN.1 element (not including
+// tag and length bytes) into out, and advances. The element must match the
+// given tag. It reports whether the read was successful.
+func (s *String) ReadASN1Bytes(out *[]byte, tag asn1.Tag) bool {
+	return s.ReadASN1((*String)(out), tag)
+}
+
+// ReadASN1 reads the contents of a DER-encoded ASN.1 element (not including
+// tag and length bytes) into out, and advances. The element must match the
+// given tag. It reports whether the read was successful.
+//
+// Tags greater than 30 are not supported (i.e. low-tag-number format only).
+func (s *String) ReadASN1(out *String, tag asn1.Tag) bool {
+	var t asn1.Tag
+	if !s.ReadAnyASN1(out, &t) || t != tag {
+		return false
+	}
+	return true
+}
+
+// ReadASN1Element reads the contents of a DER-encoded ASN.1 element (including
+// tag and length bytes) into out, and advances. The element must match the
+// given tag. It reports whether the read was successful.
+//
+// Tags greater than 30 are not supported (i.e. low-tag-number format only).
+func (s *String) ReadASN1Element(out *String, tag asn1.Tag) bool {
+	var t asn1.Tag
+	if !s.ReadAnyASN1Element(out, &t) || t != tag {
+		return false
+	}
+	return true
+}
+
+// ReadAnyASN1 reads the contents of a DER-encoded ASN.1 element (not including
+// tag and length bytes) into out, sets outTag to its tag, and advances.
+// It reports whether the read was successful.
+//
+// Tags greater than 30 are not supported (i.e. low-tag-number format only).
+func (s *String) ReadAnyASN1(out *String, outTag *asn1.Tag) bool {
+	return s.readASN1(out, outTag, true /* skip header */)
+}
+
+// ReadAnyASN1Element reads the contents of a DER-encoded ASN.1 element
+// (including tag and length bytes) into out, sets outTag to is tag, and
+// advances. It reports whether the read was successful.
+//
+// Tags greater than 30 are not supported (i.e. low-tag-number format only).
+func (s *String) ReadAnyASN1Element(out *String, outTag *asn1.Tag) bool {
+	return s.readASN1(out, outTag, false /* include header */)
+}
+
+// PeekASN1Tag reports whether the next ASN.1 value on the string starts with
+// the given tag.
+func (s String) PeekASN1Tag(tag asn1.Tag) bool {
+	if len(s) == 0 {
+		return false
+	}
+	return asn1.Tag(s[0]) == tag
+}
+
+// SkipASN1 reads and discards an ASN.1 element with the given tag. It
+// reports whether the operation was successful.
+func (s *String) SkipASN1(tag asn1.Tag) bool {
+	var unused String
+	return s.ReadASN1(&unused, tag)
+}
+
+// ReadOptionalASN1 attempts to read the contents of a DER-encoded ASN.1
+// element (not including tag and length bytes) tagged with the given tag into
+// out. It stores whether an element with the tag was found in outPresent,
+// unless outPresent is nil. It reports whether the read was successful.
+func (s *String) ReadOptionalASN1(out *String, outPresent *bool, tag asn1.Tag) bool {
+	present := s.PeekASN1Tag(tag)
+	if outPresent != nil {
+		*outPresent = present
+	}
+	if present && !s.ReadASN1(out, tag) {
+		return false
+	}
+	return true
+}
+
+// SkipOptionalASN1 advances s over an ASN.1 element with the given tag, or
+// else leaves s unchanged. It reports whether the operation was successful.
+func (s *String) SkipOptionalASN1(tag asn1.Tag) bool {
+	if !s.PeekASN1Tag(tag) {
+		return true
+	}
+	var unused String
+	return s.ReadASN1(&unused, tag)
+}
+
+// ReadOptionalASN1Integer attempts to read an optional ASN.1 INTEGER explicitly
+// tagged with tag into out and advances. If no element with a matching tag is
+// present, it writes defaultValue into out instead. Otherwise, it behaves like
+// ReadASN1Integer.
+func (s *String) ReadOptionalASN1Integer(out interface{}, tag asn1.Tag, defaultValue interface{}) bool {
+	var present bool
+	var i String
+	if !s.ReadOptionalASN1(&i, &present, tag) {
+		return false
+	}
+	if !present {
+		switch out.(type) {
+		case *int, *int8, *int16, *int32, *int64,
+			*uint, *uint8, *uint16, *uint32, *uint64, *[]byte:
+			reflect.ValueOf(out).Elem().Set(reflect.ValueOf(defaultValue))
+		case *big.Int:
+			if defaultValue, ok := defaultValue.(*big.Int); ok {
+				out.(*big.Int).Set(defaultValue)
+			} else {
+				panic("out points to big.Int, but defaultValue does not")
+			}
+		default:
+			panic("invalid integer type")
+		}
+		return true
+	}
+	if !i.ReadASN1Integer(out) || !i.Empty() {
+		return false
+	}
+	return true
+}
+
+// ReadOptionalASN1OctetString attempts to read an optional ASN.1 OCTET STRING
+// explicitly tagged with tag into out and advances. If no element with a
+// matching tag is present, it sets "out" to nil instead. It reports
+// whether the read was successful.
+func (s *String) ReadOptionalASN1OctetString(out *[]byte, outPresent *bool, tag asn1.Tag) bool {
+	var present bool
+	var child String
+	if !s.ReadOptionalASN1(&child, &present, tag) {
+		return false
+	}
+	if outPresent != nil {
+		*outPresent = present
+	}
+	if present {
+		var oct String
+		if !child.ReadASN1(&oct, asn1.OCTET_STRING) || !child.Empty() {
+			return false
+		}
+		*out = oct
+	} else {
+		*out = nil
+	}
+	return true
+}
+
+// ReadOptionalASN1Boolean attempts to read an optional ASN.1 BOOLEAN
+// explicitly tagged with tag into out and advances. If no element with a
+// matching tag is present, it sets "out" to defaultValue instead. It reports
+// whether the read was successful.
+func (s *String) ReadOptionalASN1Boolean(out *bool, tag asn1.Tag, defaultValue bool) bool {
+	var present bool
+	var child String
+	if !s.ReadOptionalASN1(&child, &present, tag) {
+		return false
+	}
+
+	if !present {
+		*out = defaultValue
+		return true
+	}
+
+	return child.ReadASN1Boolean(out)
+}
+
+func (s *String) readASN1(out *String, outTag *asn1.Tag, skipHeader bool) bool {
+	if len(*s) < 2 {
+		return false
+	}
+	tag, lenByte := (*s)[0], (*s)[1]
+
+	if tag&0x1f == 0x1f {
+		// ITU-T X.690 section 8.1.2
+		//
+		// An identifier octet with a tag part of 0x1f indicates a high-tag-number
+		// form identifier with two or more octets. We only support tags less than
+		// 31 (i.e. low-tag-number form, single octet identifier).
+		return false
+	}
+
+	if outTag != nil {
+		*outTag = asn1.Tag(tag)
+	}
+
+	// ITU-T X.690 section 8.1.3
+	//
+	// Bit 8 of the first length byte indicates whether the length is short- or
+	// long-form.
+	var length, headerLen uint32 // length includes headerLen
+	if lenByte&0x80 == 0 {
+		// Short-form length (section 8.1.3.4), encoded in bits 1-7.
+		length = uint32(lenByte) + 2
+		headerLen = 2
+	} else {
+		// Long-form length (section 8.1.3.5). Bits 1-7 encode the number of octets
+		// used to encode the length.
+		lenLen := lenByte & 0x7f
+		var len32 uint32
+
+		if lenLen == 0 || lenLen > 4 || len(*s) < int(2+lenLen) {
+			return false
+		}
+
+		lenBytes := String((*s)[2 : 2+lenLen])
+		if !lenBytes.readUnsigned(&len32, int(lenLen)) {
+			return false
+		}
+
+		// ITU-T X.690 section 10.1 (DER length forms) requires encoding the length
+		// with the minimum number of octets.
+		if len32 < 128 {
+			// Length should have used short-form encoding.
+			return false
+		}
+		if len32>>((lenLen-1)*8) == 0 {
+			// Leading octet is 0. Length should have been at least one byte shorter.
+			return false
+		}
+
+		headerLen = 2 + uint32(lenLen)
+		if headerLen+len32 < len32 {
+			// Overflow.
+			return false
+		}
+		length = headerLen + len32
+	}
+
+	if int(length) < 0 || !s.ReadBytes((*[]byte)(out), int(length)) {
+		return false
+	}
+	if skipHeader && !out.Skip(int(headerLen)) {
+		panic("cryptobyte: internal error")
+	}
+
+	return true
+}
diff --git a/server/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go b/server/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
new file mode 100644
index 0000000..90ef6a2
--- /dev/null
+++ b/server/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
@@ -0,0 +1,46 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package asn1 contains supporting types for parsing and building ASN.1
+// messages with the cryptobyte package.
+package asn1
+
+// Tag represents an ASN.1 identifier octet, consisting of a tag number
+// (indicating a type) and class (such as context-specific or constructed).
+//
+// Methods in the cryptobyte package only support the low-tag-number form, i.e.
+// a single identifier octet with bits 7-8 encoding the class and bits 1-6
+// encoding the tag number.
+type Tag uint8
+
+const (
+	classConstructed     = 0x20
+	classContextSpecific = 0x80
+)
+
+// Constructed returns t with the constructed class bit set.
+func (t Tag) Constructed() Tag { return t | classConstructed }
+
+// ContextSpecific returns t with the context-specific class bit set.
+func (t Tag) ContextSpecific() Tag { return t | classContextSpecific }
+
+// The following is a list of standard tag and class combinations.
+const (
+	BOOLEAN           = Tag(1)
+	INTEGER           = Tag(2)
+	BIT_STRING        = Tag(3)
+	OCTET_STRING      = Tag(4)
+	NULL              = Tag(5)
+	OBJECT_IDENTIFIER = Tag(6)
+	ENUM              = Tag(10)
+	UTF8String        = Tag(12)
+	SEQUENCE          = Tag(16 | classConstructed)
+	SET               = Tag(17 | classConstructed)
+	PrintableString   = Tag(19)
+	T61String         = Tag(20)
+	IA5String         = Tag(22)
+	UTCTime           = Tag(23)
+	GeneralizedTime   = Tag(24)
+	GeneralString     = Tag(27)
+)
diff --git a/server/vendor/golang.org/x/crypto/cryptobyte/builder.go b/server/vendor/golang.org/x/crypto/cryptobyte/builder.go
new file mode 100644
index 0000000..cf254f5
--- /dev/null
+++ b/server/vendor/golang.org/x/crypto/cryptobyte/builder.go
@@ -0,0 +1,350 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cryptobyte
+
+import (
+	"errors"
+	"fmt"
+)
+
+// A Builder builds byte strings from fixed-length and length-prefixed values.
+// Builders either allocate space as needed, or are ‘fixed’, which means that
+// they write into a given buffer and produce an error if it's exhausted.
+//
+// The zero value is a usable Builder that allocates space as needed.
+//
+// Simple values are marshaled and appended to a Builder using methods on the
+// Builder. Length-prefixed values are marshaled by providing a
+// BuilderContinuation, which is a function that writes the inner contents of
+// the value to a given Builder. See the documentation for BuilderContinuation
+// for details.
+type Builder struct {
+	err            error
+	result         []byte
+	fixedSize      bool
+	child          *Builder
+	offset         int
+	pendingLenLen  int
+	pendingIsASN1  bool
+	inContinuation *bool
+}
+
+// NewBuilder creates a Builder that appends its output to the given buffer.
+// Like append(), the slice will be reallocated if its capacity is exceeded.
+// Use Bytes to get the final buffer.
+func NewBuilder(buffer []byte) *Builder {
+	return &Builder{
+		result: buffer,
+	}
+}
+
+// NewFixedBuilder creates a Builder that appends its output into the given
+// buffer. This builder does not reallocate the output buffer. Writes that
+// would exceed the buffer's capacity are treated as an error.
+func NewFixedBuilder(buffer []byte) *Builder {
+	return &Builder{
+		result:    buffer,
+		fixedSize: true,
+	}
+}
+
+// SetError sets the value to be returned as the error from Bytes. Writes
+// performed after calling SetError are ignored.
+func (b *Builder) SetError(err error) {
+	b.err = err
+}
+
+// Bytes returns the bytes written by the builder or an error if one has
+// occurred during building.
+func (b *Builder) Bytes() ([]byte, error) {
+	if b.err != nil {
+		return nil, b.err
+	}
+	return b.result[b.offset:], nil
+}
+
+// BytesOrPanic returns the bytes written by the builder or panics if an error
+// has occurred during building.
+func (b *Builder) BytesOrPanic() []byte {
+	if b.err != nil {
+		panic(b.err)
+	}
+	return b.result[b.offset:]
+}
+
+// AddUint8 appends an 8-bit value to the byte string.
+func (b *Builder) AddUint8(v uint8) {
+	b.add(byte(v))
+}
+
+// AddUint16 appends a big-endian, 16-bit value to the byte string.
+func (b *Builder) AddUint16(v uint16) {
+	b.add(byte(v>>8), byte(v))
+}
+
+// AddUint24 appends a big-endian, 24-bit value to the byte string. The highest
+// byte of the 32-bit input value is silently truncated.
+func (b *Builder) AddUint24(v uint32) {
+	b.add(byte(v>>16), byte(v>>8), byte(v))
+}
+
+// AddUint32 appends a big-endian, 32-bit value to the byte string.
+func (b *Builder) AddUint32(v uint32) {
+	b.add(byte(v>>24), byte(v>>16), byte(v>>8), byte(v))
+}
+
+// AddUint48 appends a big-endian, 48-bit value to the byte string.
+func (b *Builder) AddUint48(v uint64) {
+	b.add(byte(v>>40), byte(v>>32), byte(v>>24), byte(v>>16), byte(v>>8), byte(v))
+}
+
+// AddUint64 appends a big-endian, 64-bit value to the byte string.
+func (b *Builder) AddUint64(v uint64) {
+	b.add(byte(v>>56), byte(v>>48), byte(v>>40), byte(v>>32), byte(v>>24), byte(v>>16), byte(v>>8), byte(v))
+}
+
+// AddBytes appends a sequence of bytes to the byte string.
+func (b *Builder) AddBytes(v []byte) {
+	b.add(v...)
+}
+
+// BuilderContinuation is a continuation-passing interface for building
+// length-prefixed byte sequences. Builder methods for length-prefixed
+// sequences (AddUint8LengthPrefixed etc) will invoke the BuilderContinuation
+// supplied to them. The child builder passed to the continuation can be used
+// to build the content of the length-prefixed sequence. For example:
+//
+//	parent := cryptobyte.NewBuilder()
+//	parent.AddUint8LengthPrefixed(func (child *Builder) {
+//	  child.AddUint8(42)
+//	  child.AddUint8LengthPrefixed(func (grandchild *Builder) {
+//	    grandchild.AddUint8(5)
+//	  })
+//	})
+//
+// It is an error to write more bytes to the child than allowed by the reserved
+// length prefix. After the continuation returns, the child must be considered
+// invalid, i.e. users must not store any copies or references of the child
+// that outlive the continuation.
+//
+// If the continuation panics with a value of type BuildError then the inner
+// error will be returned as the error from Bytes. If the child panics
+// otherwise then Bytes will repanic with the same value.
+type BuilderContinuation func(child *Builder)
+
+// BuildError wraps an error. If a BuilderContinuation panics with this value,
+// the panic will be recovered and the inner error will be returned from
+// Builder.Bytes.
+type BuildError struct {
+	Err error
+}
+
+// AddUint8LengthPrefixed adds a 8-bit length-prefixed byte sequence.
+func (b *Builder) AddUint8LengthPrefixed(f BuilderContinuation) {
+	b.addLengthPrefixed(1, false, f)
+}
+
+// AddUint16LengthPrefixed adds a big-endian, 16-bit length-prefixed byte sequence.
+func (b *Builder) AddUint16LengthPrefixed(f BuilderContinuation) {
+	b.addLengthPrefixed(2, false, f)
+}
+
+// AddUint24LengthPrefixed adds a big-endian, 24-bit length-prefixed byte sequence.
+func (b *Builder) AddUint24LengthPrefixed(f BuilderContinuation) {
+	b.addLengthPrefixed(3, false, f)
+}
+
+// AddUint32LengthPrefixed adds a big-endian, 32-bit length-prefixed byte sequence.
+func (b *Builder) AddUint32LengthPrefixed(f BuilderContinuation) {
+	b.addLengthPrefixed(4, false, f)
+}
+
+func (b *Builder) callContinuation(f BuilderContinuation, arg *Builder) {
+	if !*b.inContinuation {
+		*b.inContinuation = true
+
+		defer func() {
+			*b.inContinuation = false
+
+			r := recover()
+			if r == nil {
+				return
+			}
+
+			if buildError, ok := r.(BuildError); ok {
+				b.err = buildError.Err
+			} else {
+				panic(r)
+			}
+		}()
+	}
+
+	f(arg)
+}
+
+func (b *Builder) addLengthPrefixed(lenLen int, isASN1 bool, f BuilderContinuation) {
+	// Subsequent writes can be ignored if the builder has encountered an error.
+	if b.err != nil {
+		return
+	}
+
+	offset := len(b.result)
+	b.add(make([]byte, lenLen)...)
+
+	if b.inContinuation == nil {
+		b.inContinuation = new(bool)
+	}
+
+	b.child = &Builder{
+		result:         b.result,
+		fixedSize:      b.fixedSize,
+		offset:         offset,
+		pendingLenLen:  lenLen,
+		pendingIsASN1:  isASN1,
+		inContinuation: b.inContinuation,
+	}
+
+	b.callContinuation(f, b.child)
+	b.flushChild()
+	if b.child != nil {
+		panic("cryptobyte: internal error")
+	}
+}
+
+func (b *Builder) flushChild() {
+	if b.child == nil {
+		return
+	}
+	b.child.flushChild()
+	child := b.child
+	b.child = nil
+
+	if child.err != nil {
+		b.err = child.err
+		return
+	}
+
+	length := len(child.result) - child.pendingLenLen - child.offset
+
+	if length < 0 {
+		panic("cryptobyte: internal error") // result unexpectedly shrunk
+	}
+
+	if child.pendingIsASN1 {
+		// For ASN.1, we reserved a single byte for the length. If that turned out
+		// to be incorrect, we have to move the contents along in order to make
+		// space.
+		if child.pendingLenLen != 1 {
+			panic("cryptobyte: internal error")
+		}
+		var lenLen, lenByte uint8
+		if int64(length) > 0xfffffffe {
+			b.err = errors.New("pending ASN.1 child too long")
+			return
+		} else if length > 0xffffff {
+			lenLen = 5
+			lenByte = 0x80 | 4
+		} else if length > 0xffff {
+			lenLen = 4
+			lenByte = 0x80 | 3
+		} else if length > 0xff {
+			lenLen = 3
+			lenByte = 0x80 | 2
+		} else if length > 0x7f {
+			lenLen = 2
+			lenByte = 0x80 | 1
+		} else {
+			lenLen = 1
+			lenByte = uint8(length)
+			length = 0
+		}
+
+		// Insert the initial length byte, make space for successive length bytes,
+		// and adjust the offset.
+		child.result[child.offset] = lenByte
+		extraBytes := int(lenLen - 1)
+		if extraBytes != 0 {
+			child.add(make([]byte, extraBytes)...)
+			childStart := child.offset + child.pendingLenLen
+			copy(child.result[childStart+extraBytes:], child.result[childStart:])
+		}
+		child.offset++
+		child.pendingLenLen = extraBytes
+	}
+
+	l := length
+	for i := child.pendingLenLen - 1; i >= 0; i-- {
+		child.result[child.offset+i] = uint8(l)
+		l >>= 8
+	}
+	if l != 0 {
+		b.err = fmt.Errorf("cryptobyte: pending child length %d exceeds %d-byte length prefix", length, child.pendingLenLen)
+		return
+	}
+
+	if b.fixedSize && &b.result[0] != &child.result[0] {
+		panic("cryptobyte: BuilderContinuation reallocated a fixed-size buffer")
+	}
+
+	b.result = child.result
+}
+
+func (b *Builder) add(bytes ...byte) {
+	if b.err != nil {
+		return
+	}
+	if b.child != nil {
+		panic("cryptobyte: attempted write while child is pending")
+	}
+	if len(b.result)+len(bytes) < len(bytes) {
+		b.err = errors.New("cryptobyte: length overflow")
+	}
+	if b.fixedSize && len(b.result)+len(bytes) > cap(b.result) {
+		b.err = errors.New("cryptobyte: Builder is exceeding its fixed-size buffer")
+		return
+	}
+	b.result = append(b.result, bytes...)
+}
+
+// Unwrite rolls back non-negative n bytes written directly to the Builder.
+// An attempt by a child builder passed to a continuation to unwrite bytes
+// from its parent will panic.
+func (b *Builder) Unwrite(n int) {
+	if b.err != nil {
+		return
+	}
+	if b.child != nil {
+		panic("cryptobyte: attempted unwrite while child is pending")
+	}
+	length := len(b.result) - b.pendingLenLen - b.offset
+	if length < 0 {
+		panic("cryptobyte: internal error")
+	}
+	if n < 0 {
+		panic("cryptobyte: attempted to unwrite negative number of bytes")
+	}
+	if n > length {
+		panic("cryptobyte: attempted to unwrite more than was written")
+	}
+	b.result = b.result[:len(b.result)-n]
+}
+
+// A MarshalingValue marshals itself into a Builder.
+type MarshalingValue interface {
+	// Marshal is called by Builder.AddValue. It receives a pointer to a builder
+	// to marshal itself into. It may return an error that occurred during
+	// marshaling, such as unset or invalid values.
+	Marshal(b *Builder) error
+}
+
+// AddValue calls Marshal on v, passing a pointer to the builder to append to.
+// If Marshal returns an error, it is set on the Builder so that subsequent
+// appends don't have an effect.
+func (b *Builder) AddValue(v MarshalingValue) {
+	err := v.Marshal(b)
+	if err != nil {
+		b.err = err
+	}
+}
diff --git a/server/vendor/golang.org/x/crypto/cryptobyte/string.go b/server/vendor/golang.org/x/crypto/cryptobyte/string.go
new file mode 100644
index 0000000..4b0f809
--- /dev/null
+++ b/server/vendor/golang.org/x/crypto/cryptobyte/string.go
@@ -0,0 +1,183 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package cryptobyte contains types that help with parsing and constructing
+// length-prefixed, binary messages, including ASN.1 DER. (The asn1 subpackage
+// contains useful ASN.1 constants.)
+//
+// The String type is for parsing. It wraps a []byte slice and provides helper
+// functions for consuming structures, value by value.
+//
+// The Builder type is for constructing messages. It providers helper functions
+// for appending values and also for appending length-prefixed submessages –
+// without having to worry about calculating the length prefix ahead of time.
+//
+// See the documentation and examples for the Builder and String types to get
+// started.
+package cryptobyte
+
+// String represents a string of bytes. It provides methods for parsing
+// fixed-length and length-prefixed values from it.
+type String []byte
+
+// read advances a String by n bytes and returns them. If less than n bytes
+// remain, it returns nil.
+func (s *String) read(n int) []byte {
+	if len(*s) < n || n < 0 {
+		return nil
+	}
+	v := (*s)[:n]
+	*s = (*s)[n:]
+	return v
+}
+
+// Skip advances the String by n byte and reports whether it was successful.
+func (s *String) Skip(n int) bool {
+	return s.read(n) != nil
+}
+
+// ReadUint8 decodes an 8-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint8(out *uint8) bool {
+	v := s.read(1)
+	if v == nil {
+		return false
+	}
+	*out = uint8(v[0])
+	return true
+}
+
+// ReadUint16 decodes a big-endian, 16-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint16(out *uint16) bool {
+	v := s.read(2)
+	if v == nil {
+		return false
+	}
+	*out = uint16(v[0])<<8 | uint16(v[1])
+	return true
+}
+
+// ReadUint24 decodes a big-endian, 24-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint24(out *uint32) bool {
+	v := s.read(3)
+	if v == nil {
+		return false
+	}
+	*out = uint32(v[0])<<16 | uint32(v[1])<<8 | uint32(v[2])
+	return true
+}
+
+// ReadUint32 decodes a big-endian, 32-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint32(out *uint32) bool {
+	v := s.read(4)
+	if v == nil {
+		return false
+	}
+	*out = uint32(v[0])<<24 | uint32(v[1])<<16 | uint32(v[2])<<8 | uint32(v[3])
+	return true
+}
+
+// ReadUint48 decodes a big-endian, 48-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint48(out *uint64) bool {
+	v := s.read(6)
+	if v == nil {
+		return false
+	}
+	*out = uint64(v[0])<<40 | uint64(v[1])<<32 | uint64(v[2])<<24 | uint64(v[3])<<16 | uint64(v[4])<<8 | uint64(v[5])
+	return true
+}
+
+// ReadUint64 decodes a big-endian, 64-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint64(out *uint64) bool {
+	v := s.read(8)
+	if v == nil {
+		return false
+	}
+	*out = uint64(v[0])<<56 | uint64(v[1])<<48 | uint64(v[2])<<40 | uint64(v[3])<<32 | uint64(v[4])<<24 | uint64(v[5])<<16 | uint64(v[6])<<8 | uint64(v[7])
+	return true
+}
+
+func (s *String) readUnsigned(out *uint32, length int) bool {
+	v := s.read(length)
+	if v == nil {
+		return false
+	}
+	var result uint32
+	for i := 0; i < length; i++ {
+		result <<= 8
+		result |= uint32(v[i])
+	}
+	*out = result
+	return true
+}
+
+func (s *String) readLengthPrefixed(lenLen int, outChild *String) bool {
+	lenBytes := s.read(lenLen)
+	if lenBytes == nil {
+		return false
+	}
+	var length uint32
+	for _, b := range lenBytes {
+		length = length << 8
+		length = length | uint32(b)
+	}
+	v := s.read(int(length))
+	if v == nil {
+		return false
+	}
+	*outChild = v
+	return true
+}
+
+// ReadUint8LengthPrefixed reads the content of an 8-bit length-prefixed value
+// into out and advances over it. It reports whether the read was successful.
+func (s *String) ReadUint8LengthPrefixed(out *String) bool {
+	return s.readLengthPrefixed(1, out)
+}
+
+// ReadUint16LengthPrefixed reads the content of a big-endian, 16-bit
+// length-prefixed value into out and advances over it. It reports whether the
+// read was successful.
+func (s *String) ReadUint16LengthPrefixed(out *String) bool {
+	return s.readLengthPrefixed(2, out)
+}
+
+// ReadUint24LengthPrefixed reads the content of a big-endian, 24-bit
+// length-prefixed value into out and advances over it. It reports whether
+// the read was successful.
+func (s *String) ReadUint24LengthPrefixed(out *String) bool {
+	return s.readLengthPrefixed(3, out)
+}
+
+// ReadBytes reads n bytes into out and advances over them. It reports
+// whether the read was successful.
+func (s *String) ReadBytes(out *[]byte, n int) bool {
+	v := s.read(n)
+	if v == nil {
+		return false
+	}
+	*out = v
+	return true
+}
+
+// CopyBytes copies len(out) bytes into out and advances over them. It reports
+// whether the copy operation was successful
+func (s *String) CopyBytes(out []byte) bool {
+	n := len(out)
+	v := s.read(n)
+	if v == nil {
+		return false
+	}
+	return copy(out, v) == n
+}
+
+// Empty reports whether the string does not contain any bytes.
+func (s String) Empty() bool {
+	return len(s) == 0
+}
diff --git a/server/vendor/golang.org/x/crypto/curve25519/curve25519.go b/server/vendor/golang.org/x/crypto/curve25519/curve25519.go
new file mode 100644
index 0000000..21ca3b2
--- /dev/null
+++ b/server/vendor/golang.org/x/crypto/curve25519/curve25519.go
@@ -0,0 +1,90 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package curve25519 provides an implementation of the X25519 function, which
+// performs scalar multiplication on the elliptic curve known as Curve25519.
+// See RFC 7748.
+//
+// This package is a wrapper for the X25519 implementation
+// in the crypto/ecdh package.
+package curve25519
+
+import "crypto/ecdh"
+
+// ScalarMult sets dst to the product scalar * point.
+//
+// Deprecated: when provided a low-order point, ScalarMult will set dst to all
+// zeroes, irrespective of the scalar. Instead, use the X25519 function, which
+// will return an error.
+func ScalarMult(dst, scalar, point *[32]byte) {
+	if _, err := x25519(dst, scalar[:], point[:]); err != nil {
+		// The only error condition for x25519 when the inputs are 32 bytes long
+		// is if the output would have been the all-zero value.
+		for i := range dst {
+			dst[i] = 0
+		}
+	}
+}
+
+// ScalarBaseMult sets dst to the product scalar * base where base is the
+// standard generator.
+//
+// It is recommended to use the X25519 function with Basepoint instead, as
+// copying into fixed size arrays can lead to unexpected bugs.
+func ScalarBaseMult(dst, scalar *[32]byte) {
+	curve := ecdh.X25519()
+	priv, err := curve.NewPrivateKey(scalar[:])
+	if err != nil {
+		panic("curve25519: internal error: scalarBaseMult was not 32 bytes")
+	}
+	copy(dst[:], priv.PublicKey().Bytes())
+}
+
+const (
+	// ScalarSize is the size of the scalar input to X25519.
+	ScalarSize = 32
+	// PointSize is the size of the point input to X25519.
+	PointSize = 32
+)
+
+// Basepoint is the canonical Curve25519 generator.
+var Basepoint []byte
+
+var basePoint = [32]byte{9}
+
+func init() { Basepoint = basePoint[:] }
+
+// X25519 returns the result of the scalar multiplication (scalar * point),
+// according to RFC 7748, Section 5. scalar, point and the return value are
+// slices of 32 bytes.
+//
+// scalar can be generated at random, for example with crypto/rand. point should
+// be either Basepoint or the output of another X25519 call.
+//
+// If point is Basepoint (but not if it's a different slice with the same
+// contents) a precomputed implementation might be used for performance.
+func X25519(scalar, point []byte) ([]byte, error) {
+	// Outline the body of function, to let the allocation be inlined in the
+	// caller, and possibly avoid escaping to the heap.
+	var dst [32]byte
+	return x25519(&dst, scalar, point)
+}
+
+func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
+	curve := ecdh.X25519()
+	pub, err := curve.NewPublicKey(point)
+	if err != nil {
+		return nil, err
+	}
+	priv, err := curve.NewPrivateKey(scalar)
+	if err != nil {
+		return nil, err
+	}
+	out, err := priv.ECDH(pub)
+	if err != nil {
+		return nil, err
+	}
+	copy(dst[:], out)
+	return dst[:], nil
+}
diff --git a/server/vendor/golang.org/x/net/bpf/asm.go b/server/vendor/golang.org/x/net/bpf/asm.go
new file mode 100644
index 0000000..15e21b1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/bpf/asm.go
@@ -0,0 +1,41 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package bpf
+
+import "fmt"
+
+// Assemble converts insts into raw instructions suitable for loading
+// into a BPF virtual machine.
+//
+// Currently, no optimization is attempted, the assembled program flow
+// is exactly as provided.
+func Assemble(insts []Instruction) ([]RawInstruction, error) {
+	ret := make([]RawInstruction, len(insts))
+	var err error
+	for i, inst := range insts {
+		ret[i], err = inst.Assemble()
+		if err != nil {
+			return nil, fmt.Errorf("assembling instruction %d: %s", i+1, err)
+		}
+	}
+	return ret, nil
+}
+
+// Disassemble attempts to parse raw back into
+// Instructions. Unrecognized RawInstructions are assumed to be an
+// extension not implemented by this package, and are passed through
+// unchanged to the output. The allDecoded value reports whether insts
+// contains no RawInstructions.
+func Disassemble(raw []RawInstruction) (insts []Instruction, allDecoded bool) {
+	insts = make([]Instruction, len(raw))
+	allDecoded = true
+	for i, r := range raw {
+		insts[i] = r.Disassemble()
+		if _, ok := insts[i].(RawInstruction); ok {
+			allDecoded = false
+		}
+	}
+	return insts, allDecoded
+}
diff --git a/server/vendor/golang.org/x/net/bpf/constants.go b/server/vendor/golang.org/x/net/bpf/constants.go
new file mode 100644
index 0000000..12f3ee8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/bpf/constants.go
@@ -0,0 +1,222 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package bpf
+
+// A Register is a register of the BPF virtual machine.
+type Register uint16
+
+const (
+	// RegA is the accumulator register. RegA is always the
+	// destination register of ALU operations.
+	RegA Register = iota
+	// RegX is the indirection register, used by LoadIndirect
+	// operations.
+	RegX
+)
+
+// An ALUOp is an arithmetic or logic operation.
+type ALUOp uint16
+
+// ALU binary operation types.
+const (
+	ALUOpAdd ALUOp = iota << 4
+	ALUOpSub
+	ALUOpMul
+	ALUOpDiv
+	ALUOpOr
+	ALUOpAnd
+	ALUOpShiftLeft
+	ALUOpShiftRight
+	aluOpNeg // Not exported because it's the only unary ALU operation, and gets its own instruction type.
+	ALUOpMod
+	ALUOpXor
+)
+
+// A JumpTest is a comparison operator used in conditional jumps.
+type JumpTest uint16
+
+// Supported operators for conditional jumps.
+// K can be RegX for JumpIfX
+const (
+	// K == A
+	JumpEqual JumpTest = iota
+	// K != A
+	JumpNotEqual
+	// K > A
+	JumpGreaterThan
+	// K < A
+	JumpLessThan
+	// K >= A
+	JumpGreaterOrEqual
+	// K <= A
+	JumpLessOrEqual
+	// K & A != 0
+	JumpBitsSet
+	// K & A == 0
+	JumpBitsNotSet
+)
+
+// An Extension is a function call provided by the kernel that
+// performs advanced operations that are expensive or impossible
+// within the BPF virtual machine.
+//
+// Extensions are only implemented by the Linux kernel.
+//
+// TODO: should we prune this list? Some of these extensions seem
+// either broken or near-impossible to use correctly, whereas other
+// (len, random, ifindex) are quite useful.
+type Extension int
+
+// Extension functions available in the Linux kernel.
+const (
+	// extOffset is the negative maximum number of instructions used
+	// to load instructions by overloading the K argument.
+	extOffset = -0x1000
+	// ExtLen returns the length of the packet.
+	ExtLen Extension = 1
+	// ExtProto returns the packet's L3 protocol type.
+	ExtProto Extension = 0
+	// ExtType returns the packet's type (skb->pkt_type in the kernel)
+	//
+	// TODO: better documentation. How nice an API do we want to
+	// provide for these esoteric extensions?
+	ExtType Extension = 4
+	// ExtPayloadOffset returns the offset of the packet payload, or
+	// the first protocol header that the kernel does not know how to
+	// parse.
+	ExtPayloadOffset Extension = 52
+	// ExtInterfaceIndex returns the index of the interface on which
+	// the packet was received.
+	ExtInterfaceIndex Extension = 8
+	// ExtNetlinkAttr returns the netlink attribute of type X at
+	// offset A.
+	ExtNetlinkAttr Extension = 12
+	// ExtNetlinkAttrNested returns the nested netlink attribute of
+	// type X at offset A.
+	ExtNetlinkAttrNested Extension = 16
+	// ExtMark returns the packet's mark value.
+	ExtMark Extension = 20
+	// ExtQueue returns the packet's assigned hardware queue.
+	ExtQueue Extension = 24
+	// ExtLinkLayerType returns the packet's hardware address type
+	// (e.g. Ethernet, Infiniband).
+	ExtLinkLayerType Extension = 28
+	// ExtRXHash returns the packets receive hash.
+	//
+	// TODO: figure out what this rxhash actually is.
+	ExtRXHash Extension = 32
+	// ExtCPUID returns the ID of the CPU processing the current
+	// packet.
+	ExtCPUID Extension = 36
+	// ExtVLANTag returns the packet's VLAN tag.
+	ExtVLANTag Extension = 44
+	// ExtVLANTagPresent returns non-zero if the packet has a VLAN
+	// tag.
+	//
+	// TODO: I think this might be a lie: it reads bit 0x1000 of the
+	// VLAN header, which changed meaning in recent revisions of the
+	// spec - this extension may now return meaningless information.
+	ExtVLANTagPresent Extension = 48
+	// ExtVLANProto returns 0x8100 if the frame has a VLAN header,
+	// 0x88a8 if the frame has a "Q-in-Q" double VLAN header, or some
+	// other value if no VLAN information is present.
+	ExtVLANProto Extension = 60
+	// ExtRand returns a uniformly random uint32.
+	ExtRand Extension = 56
+)
+
+// The following gives names to various bit patterns used in opcode construction.
+
+const (
+	opMaskCls uint16 = 0x7
+	// opClsLoad masks
+	opMaskLoadDest  = 0x01
+	opMaskLoadWidth = 0x18
+	opMaskLoadMode  = 0xe0
+	// opClsALU & opClsJump
+	opMaskOperand  = 0x08
+	opMaskOperator = 0xf0
+)
+
+const (
+	// +---------------+-----------------+---+---+---+
+	// | AddrMode (3b) | LoadWidth (2b)  | 0 | 0 | 0 |
+	// +---------------+-----------------+---+---+---+
+	opClsLoadA uint16 = iota
+	// +---------------+-----------------+---+---+---+
+	// | AddrMode (3b) | LoadWidth (2b)  | 0 | 0 | 1 |
+	// +---------------+-----------------+---+---+---+
+	opClsLoadX
+	// +---+---+---+---+---+---+---+---+
+	// | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 |
+	// +---+---+---+---+---+---+---+---+
+	opClsStoreA
+	// +---+---+---+---+---+---+---+---+
+	// | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
+	// +---+---+---+---+---+---+---+---+
+	opClsStoreX
+	// +---------------+-----------------+---+---+---+
+	// | Operator (4b) | OperandSrc (1b) | 1 | 0 | 0 |
+	// +---------------+-----------------+---+---+---+
+	opClsALU
+	// +-----------------------------+---+---+---+---+
+	// |      TestOperator (4b)      | 0 | 1 | 0 | 1 |
+	// +-----------------------------+---+---+---+---+
+	opClsJump
+	// +---+-------------------------+---+---+---+---+
+	// | 0 | 0 | 0 |   RetSrc (1b)   | 0 | 1 | 1 | 0 |
+	// +---+-------------------------+---+---+---+---+
+	opClsReturn
+	// +---+-------------------------+---+---+---+---+
+	// | 0 | 0 | 0 |  TXAorTAX (1b)  | 0 | 1 | 1 | 1 |
+	// +---+-------------------------+---+---+---+---+
+	opClsMisc
+)
+
+const (
+	opAddrModeImmediate uint16 = iota << 5
+	opAddrModeAbsolute
+	opAddrModeIndirect
+	opAddrModeScratch
+	opAddrModePacketLen // actually an extension, not an addressing mode.
+	opAddrModeMemShift
+)
+
+const (
+	opLoadWidth4 uint16 = iota << 3
+	opLoadWidth2
+	opLoadWidth1
+)
+
+// Operand for ALU and Jump instructions
+type opOperand uint16
+
+// Supported operand sources.
+const (
+	opOperandConstant opOperand = iota << 3
+	opOperandX
+)
+
+// An jumpOp is a conditional jump condition.
+type jumpOp uint16
+
+// Supported jump conditions.
+const (
+	opJumpAlways jumpOp = iota << 4
+	opJumpEqual
+	opJumpGT
+	opJumpGE
+	opJumpSet
+)
+
+const (
+	opRetSrcConstant uint16 = iota << 4
+	opRetSrcA
+)
+
+const (
+	opMiscTAX = 0x00
+	opMiscTXA = 0x80
+)
diff --git a/server/vendor/golang.org/x/net/bpf/doc.go b/server/vendor/golang.org/x/net/bpf/doc.go
new file mode 100644
index 0000000..04ec1c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/bpf/doc.go
@@ -0,0 +1,80 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+/*
+Package bpf implements marshaling and unmarshaling of programs for the
+Berkeley Packet Filter virtual machine, and provides a Go implementation
+of the virtual machine.
+
+BPF's main use is to specify a packet filter for network taps, so that
+the kernel doesn't have to expensively copy every packet it sees to
+userspace. However, it's been repurposed to other areas where running
+user code in-kernel is needed. For example, Linux's seccomp uses BPF
+to apply security policies to system calls. For simplicity, this
+documentation refers only to packets, but other uses of BPF have their
+own data payloads.
+
+BPF programs run in a restricted virtual machine. It has almost no
+access to kernel functions, and while conditional branches are
+allowed, they can only jump forwards, to guarantee that there are no
+infinite loops.
+
+# The virtual machine
+
+The BPF VM is an accumulator machine. Its main register, called
+register A, is an implicit source and destination in all arithmetic
+and logic operations. The machine also has 16 scratch registers for
+temporary storage, and an indirection register (register X) for
+indirect memory access. All registers are 32 bits wide.
+
+Each run of a BPF program is given one packet, which is placed in the
+VM's read-only "main memory". LoadAbsolute and LoadIndirect
+instructions can fetch up to 32 bits at a time into register A for
+examination.
+
+The goal of a BPF program is to produce and return a verdict (uint32),
+which tells the kernel what to do with the packet. In the context of
+packet filtering, the returned value is the number of bytes of the
+packet to forward to userspace, or 0 to ignore the packet. Other
+contexts like seccomp define their own return values.
+
+In order to simplify programs, attempts to read past the end of the
+packet terminate the program execution with a verdict of 0 (ignore
+packet). This means that the vast majority of BPF programs don't need
+to do any explicit bounds checking.
+
+In addition to the bytes of the packet, some BPF programs have access
+to extensions, which are essentially calls to kernel utility
+functions. Currently, the only extensions supported by this package
+are the Linux packet filter extensions.
+
+# Examples
+
+This packet filter selects all ARP packets.
+
+	bpf.Assemble([]bpf.Instruction{
+		// Load "EtherType" field from the ethernet header.
+		bpf.LoadAbsolute{Off: 12, Size: 2},
+		// Skip over the next instruction if EtherType is not ARP.
+		bpf.JumpIf{Cond: bpf.JumpNotEqual, Val: 0x0806, SkipTrue: 1},
+		// Verdict is "send up to 4k of the packet to userspace."
+		bpf.RetConstant{Val: 4096},
+		// Verdict is "ignore packet."
+		bpf.RetConstant{Val: 0},
+	})
+
+This packet filter captures a random 1% sample of traffic.
+
+	bpf.Assemble([]bpf.Instruction{
+		// Get a 32-bit random number from the Linux kernel.
+		bpf.LoadExtension{Num: bpf.ExtRand},
+		// 1% dice roll?
+		bpf.JumpIf{Cond: bpf.JumpLessThan, Val: 2^32/100, SkipFalse: 1},
+		// Capture.
+		bpf.RetConstant{Val: 4096},
+		// Ignore.
+		bpf.RetConstant{Val: 0},
+	})
+*/
+package bpf // import "golang.org/x/net/bpf"
diff --git a/server/vendor/golang.org/x/net/bpf/instructions.go b/server/vendor/golang.org/x/net/bpf/instructions.go
new file mode 100644
index 0000000..3cffcaa
--- /dev/null
+++ b/server/vendor/golang.org/x/net/bpf/instructions.go
@@ -0,0 +1,726 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package bpf
+
+import "fmt"
+
+// An Instruction is one instruction executed by the BPF virtual
+// machine.
+type Instruction interface {
+	// Assemble assembles the Instruction into a RawInstruction.
+	Assemble() (RawInstruction, error)
+}
+
+// A RawInstruction is a raw BPF virtual machine instruction.
+type RawInstruction struct {
+	// Operation to execute.
+	Op uint16
+	// For conditional jump instructions, the number of instructions
+	// to skip if the condition is true/false.
+	Jt uint8
+	Jf uint8
+	// Constant parameter. The meaning depends on the Op.
+	K uint32
+}
+
+// Assemble implements the Instruction Assemble method.
+func (ri RawInstruction) Assemble() (RawInstruction, error) { return ri, nil }
+
+// Disassemble parses ri into an Instruction and returns it. If ri is
+// not recognized by this package, ri itself is returned.
+func (ri RawInstruction) Disassemble() Instruction {
+	switch ri.Op & opMaskCls {
+	case opClsLoadA, opClsLoadX:
+		reg := Register(ri.Op & opMaskLoadDest)
+		sz := 0
+		switch ri.Op & opMaskLoadWidth {
+		case opLoadWidth4:
+			sz = 4
+		case opLoadWidth2:
+			sz = 2
+		case opLoadWidth1:
+			sz = 1
+		default:
+			return ri
+		}
+		switch ri.Op & opMaskLoadMode {
+		case opAddrModeImmediate:
+			if sz != 4 {
+				return ri
+			}
+			return LoadConstant{Dst: reg, Val: ri.K}
+		case opAddrModeScratch:
+			if sz != 4 || ri.K > 15 {
+				return ri
+			}
+			return LoadScratch{Dst: reg, N: int(ri.K)}
+		case opAddrModeAbsolute:
+			if ri.K > extOffset+0xffffffff {
+				return LoadExtension{Num: Extension(-extOffset + ri.K)}
+			}
+			return LoadAbsolute{Size: sz, Off: ri.K}
+		case opAddrModeIndirect:
+			return LoadIndirect{Size: sz, Off: ri.K}
+		case opAddrModePacketLen:
+			if sz != 4 {
+				return ri
+			}
+			return LoadExtension{Num: ExtLen}
+		case opAddrModeMemShift:
+			return LoadMemShift{Off: ri.K}
+		default:
+			return ri
+		}
+
+	case opClsStoreA:
+		if ri.Op != opClsStoreA || ri.K > 15 {
+			return ri
+		}
+		return StoreScratch{Src: RegA, N: int(ri.K)}
+
+	case opClsStoreX:
+		if ri.Op != opClsStoreX || ri.K > 15 {
+			return ri
+		}
+		return StoreScratch{Src: RegX, N: int(ri.K)}
+
+	case opClsALU:
+		switch op := ALUOp(ri.Op & opMaskOperator); op {
+		case ALUOpAdd, ALUOpSub, ALUOpMul, ALUOpDiv, ALUOpOr, ALUOpAnd, ALUOpShiftLeft, ALUOpShiftRight, ALUOpMod, ALUOpXor:
+			switch operand := opOperand(ri.Op & opMaskOperand); operand {
+			case opOperandX:
+				return ALUOpX{Op: op}
+			case opOperandConstant:
+				return ALUOpConstant{Op: op, Val: ri.K}
+			default:
+				return ri
+			}
+		case aluOpNeg:
+			return NegateA{}
+		default:
+			return ri
+		}
+
+	case opClsJump:
+		switch op := jumpOp(ri.Op & opMaskOperator); op {
+		case opJumpAlways:
+			return Jump{Skip: ri.K}
+		case opJumpEqual, opJumpGT, opJumpGE, opJumpSet:
+			cond, skipTrue, skipFalse := jumpOpToTest(op, ri.Jt, ri.Jf)
+			switch operand := opOperand(ri.Op & opMaskOperand); operand {
+			case opOperandX:
+				return JumpIfX{Cond: cond, SkipTrue: skipTrue, SkipFalse: skipFalse}
+			case opOperandConstant:
+				return JumpIf{Cond: cond, Val: ri.K, SkipTrue: skipTrue, SkipFalse: skipFalse}
+			default:
+				return ri
+			}
+		default:
+			return ri
+		}
+
+	case opClsReturn:
+		switch ri.Op {
+		case opClsReturn | opRetSrcA:
+			return RetA{}
+		case opClsReturn | opRetSrcConstant:
+			return RetConstant{Val: ri.K}
+		default:
+			return ri
+		}
+
+	case opClsMisc:
+		switch ri.Op {
+		case opClsMisc | opMiscTAX:
+			return TAX{}
+		case opClsMisc | opMiscTXA:
+			return TXA{}
+		default:
+			return ri
+		}
+
+	default:
+		panic("unreachable") // switch is exhaustive on the bit pattern
+	}
+}
+
+func jumpOpToTest(op jumpOp, skipTrue uint8, skipFalse uint8) (JumpTest, uint8, uint8) {
+	var test JumpTest
+
+	// Decode "fake" jump conditions that don't appear in machine code
+	// Ensures the Assemble -> Disassemble stage recreates the same instructions
+	// See https://github.com/golang/go/issues/18470
+	if skipTrue == 0 {
+		switch op {
+		case opJumpEqual:
+			test = JumpNotEqual
+		case opJumpGT:
+			test = JumpLessOrEqual
+		case opJumpGE:
+			test = JumpLessThan
+		case opJumpSet:
+			test = JumpBitsNotSet
+		}
+
+		return test, skipFalse, 0
+	}
+
+	switch op {
+	case opJumpEqual:
+		test = JumpEqual
+	case opJumpGT:
+		test = JumpGreaterThan
+	case opJumpGE:
+		test = JumpGreaterOrEqual
+	case opJumpSet:
+		test = JumpBitsSet
+	}
+
+	return test, skipTrue, skipFalse
+}
+
+// LoadConstant loads Val into register Dst.
+type LoadConstant struct {
+	Dst Register
+	Val uint32
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a LoadConstant) Assemble() (RawInstruction, error) {
+	return assembleLoad(a.Dst, 4, opAddrModeImmediate, a.Val)
+}
+
+// String returns the instruction in assembler notation.
+func (a LoadConstant) String() string {
+	switch a.Dst {
+	case RegA:
+		return fmt.Sprintf("ld #%d", a.Val)
+	case RegX:
+		return fmt.Sprintf("ldx #%d", a.Val)
+	default:
+		return fmt.Sprintf("unknown instruction: %#v", a)
+	}
+}
+
+// LoadScratch loads scratch[N] into register Dst.
+type LoadScratch struct {
+	Dst Register
+	N   int // 0-15
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a LoadScratch) Assemble() (RawInstruction, error) {
+	if a.N < 0 || a.N > 15 {
+		return RawInstruction{}, fmt.Errorf("invalid scratch slot %d", a.N)
+	}
+	return assembleLoad(a.Dst, 4, opAddrModeScratch, uint32(a.N))
+}
+
+// String returns the instruction in assembler notation.
+func (a LoadScratch) String() string {
+	switch a.Dst {
+	case RegA:
+		return fmt.Sprintf("ld M[%d]", a.N)
+	case RegX:
+		return fmt.Sprintf("ldx M[%d]", a.N)
+	default:
+		return fmt.Sprintf("unknown instruction: %#v", a)
+	}
+}
+
+// LoadAbsolute loads packet[Off:Off+Size] as an integer value into
+// register A.
+type LoadAbsolute struct {
+	Off  uint32
+	Size int // 1, 2 or 4
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a LoadAbsolute) Assemble() (RawInstruction, error) {
+	return assembleLoad(RegA, a.Size, opAddrModeAbsolute, a.Off)
+}
+
+// String returns the instruction in assembler notation.
+func (a LoadAbsolute) String() string {
+	switch a.Size {
+	case 1: // byte
+		return fmt.Sprintf("ldb [%d]", a.Off)
+	case 2: // half word
+		return fmt.Sprintf("ldh [%d]", a.Off)
+	case 4: // word
+		if a.Off > extOffset+0xffffffff {
+			return LoadExtension{Num: Extension(a.Off + 0x1000)}.String()
+		}
+		return fmt.Sprintf("ld [%d]", a.Off)
+	default:
+		return fmt.Sprintf("unknown instruction: %#v", a)
+	}
+}
+
+// LoadIndirect loads packet[X+Off:X+Off+Size] as an integer value
+// into register A.
+type LoadIndirect struct {
+	Off  uint32
+	Size int // 1, 2 or 4
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a LoadIndirect) Assemble() (RawInstruction, error) {
+	return assembleLoad(RegA, a.Size, opAddrModeIndirect, a.Off)
+}
+
+// String returns the instruction in assembler notation.
+func (a LoadIndirect) String() string {
+	switch a.Size {
+	case 1: // byte
+		return fmt.Sprintf("ldb [x + %d]", a.Off)
+	case 2: // half word
+		return fmt.Sprintf("ldh [x + %d]", a.Off)
+	case 4: // word
+		return fmt.Sprintf("ld [x + %d]", a.Off)
+	default:
+		return fmt.Sprintf("unknown instruction: %#v", a)
+	}
+}
+
+// LoadMemShift multiplies the first 4 bits of the byte at packet[Off]
+// by 4 and stores the result in register X.
+//
+// This instruction is mainly useful to load into X the length of an
+// IPv4 packet header in a single instruction, rather than have to do
+// the arithmetic on the header's first byte by hand.
+type LoadMemShift struct {
+	Off uint32
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a LoadMemShift) Assemble() (RawInstruction, error) {
+	return assembleLoad(RegX, 1, opAddrModeMemShift, a.Off)
+}
+
+// String returns the instruction in assembler notation.
+func (a LoadMemShift) String() string {
+	return fmt.Sprintf("ldx 4*([%d]&0xf)", a.Off)
+}
+
+// LoadExtension invokes a linux-specific extension and stores the
+// result in register A.
+type LoadExtension struct {
+	Num Extension
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a LoadExtension) Assemble() (RawInstruction, error) {
+	if a.Num == ExtLen {
+		return assembleLoad(RegA, 4, opAddrModePacketLen, 0)
+	}
+	return assembleLoad(RegA, 4, opAddrModeAbsolute, uint32(extOffset+a.Num))
+}
+
+// String returns the instruction in assembler notation.
+func (a LoadExtension) String() string {
+	switch a.Num {
+	case ExtLen:
+		return "ld #len"
+	case ExtProto:
+		return "ld #proto"
+	case ExtType:
+		return "ld #type"
+	case ExtPayloadOffset:
+		return "ld #poff"
+	case ExtInterfaceIndex:
+		return "ld #ifidx"
+	case ExtNetlinkAttr:
+		return "ld #nla"
+	case ExtNetlinkAttrNested:
+		return "ld #nlan"
+	case ExtMark:
+		return "ld #mark"
+	case ExtQueue:
+		return "ld #queue"
+	case ExtLinkLayerType:
+		return "ld #hatype"
+	case ExtRXHash:
+		return "ld #rxhash"
+	case ExtCPUID:
+		return "ld #cpu"
+	case ExtVLANTag:
+		return "ld #vlan_tci"
+	case ExtVLANTagPresent:
+		return "ld #vlan_avail"
+	case ExtVLANProto:
+		return "ld #vlan_tpid"
+	case ExtRand:
+		return "ld #rand"
+	default:
+		return fmt.Sprintf("unknown instruction: %#v", a)
+	}
+}
+
+// StoreScratch stores register Src into scratch[N].
+type StoreScratch struct {
+	Src Register
+	N   int // 0-15
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a StoreScratch) Assemble() (RawInstruction, error) {
+	if a.N < 0 || a.N > 15 {
+		return RawInstruction{}, fmt.Errorf("invalid scratch slot %d", a.N)
+	}
+	var op uint16
+	switch a.Src {
+	case RegA:
+		op = opClsStoreA
+	case RegX:
+		op = opClsStoreX
+	default:
+		return RawInstruction{}, fmt.Errorf("invalid source register %v", a.Src)
+	}
+
+	return RawInstruction{
+		Op: op,
+		K:  uint32(a.N),
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a StoreScratch) String() string {
+	switch a.Src {
+	case RegA:
+		return fmt.Sprintf("st M[%d]", a.N)
+	case RegX:
+		return fmt.Sprintf("stx M[%d]", a.N)
+	default:
+		return fmt.Sprintf("unknown instruction: %#v", a)
+	}
+}
+
+// ALUOpConstant executes A = A <Op> Val.
+type ALUOpConstant struct {
+	Op  ALUOp
+	Val uint32
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a ALUOpConstant) Assemble() (RawInstruction, error) {
+	return RawInstruction{
+		Op: opClsALU | uint16(opOperandConstant) | uint16(a.Op),
+		K:  a.Val,
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a ALUOpConstant) String() string {
+	switch a.Op {
+	case ALUOpAdd:
+		return fmt.Sprintf("add #%d", a.Val)
+	case ALUOpSub:
+		return fmt.Sprintf("sub #%d", a.Val)
+	case ALUOpMul:
+		return fmt.Sprintf("mul #%d", a.Val)
+	case ALUOpDiv:
+		return fmt.Sprintf("div #%d", a.Val)
+	case ALUOpMod:
+		return fmt.Sprintf("mod #%d", a.Val)
+	case ALUOpAnd:
+		return fmt.Sprintf("and #%d", a.Val)
+	case ALUOpOr:
+		return fmt.Sprintf("or #%d", a.Val)
+	case ALUOpXor:
+		return fmt.Sprintf("xor #%d", a.Val)
+	case ALUOpShiftLeft:
+		return fmt.Sprintf("lsh #%d", a.Val)
+	case ALUOpShiftRight:
+		return fmt.Sprintf("rsh #%d", a.Val)
+	default:
+		return fmt.Sprintf("unknown instruction: %#v", a)
+	}
+}
+
+// ALUOpX executes A = A <Op> X
+type ALUOpX struct {
+	Op ALUOp
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a ALUOpX) Assemble() (RawInstruction, error) {
+	return RawInstruction{
+		Op: opClsALU | uint16(opOperandX) | uint16(a.Op),
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a ALUOpX) String() string {
+	switch a.Op {
+	case ALUOpAdd:
+		return "add x"
+	case ALUOpSub:
+		return "sub x"
+	case ALUOpMul:
+		return "mul x"
+	case ALUOpDiv:
+		return "div x"
+	case ALUOpMod:
+		return "mod x"
+	case ALUOpAnd:
+		return "and x"
+	case ALUOpOr:
+		return "or x"
+	case ALUOpXor:
+		return "xor x"
+	case ALUOpShiftLeft:
+		return "lsh x"
+	case ALUOpShiftRight:
+		return "rsh x"
+	default:
+		return fmt.Sprintf("unknown instruction: %#v", a)
+	}
+}
+
+// NegateA executes A = -A.
+type NegateA struct{}
+
+// Assemble implements the Instruction Assemble method.
+func (a NegateA) Assemble() (RawInstruction, error) {
+	return RawInstruction{
+		Op: opClsALU | uint16(aluOpNeg),
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a NegateA) String() string {
+	return fmt.Sprintf("neg")
+}
+
+// Jump skips the following Skip instructions in the program.
+type Jump struct {
+	Skip uint32
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a Jump) Assemble() (RawInstruction, error) {
+	return RawInstruction{
+		Op: opClsJump | uint16(opJumpAlways),
+		K:  a.Skip,
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a Jump) String() string {
+	return fmt.Sprintf("ja %d", a.Skip)
+}
+
+// JumpIf skips the following Skip instructions in the program if A
+// <Cond> Val is true.
+type JumpIf struct {
+	Cond      JumpTest
+	Val       uint32
+	SkipTrue  uint8
+	SkipFalse uint8
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a JumpIf) Assemble() (RawInstruction, error) {
+	return jumpToRaw(a.Cond, opOperandConstant, a.Val, a.SkipTrue, a.SkipFalse)
+}
+
+// String returns the instruction in assembler notation.
+func (a JumpIf) String() string {
+	return jumpToString(a.Cond, fmt.Sprintf("#%d", a.Val), a.SkipTrue, a.SkipFalse)
+}
+
+// JumpIfX skips the following Skip instructions in the program if A
+// <Cond> X is true.
+type JumpIfX struct {
+	Cond      JumpTest
+	SkipTrue  uint8
+	SkipFalse uint8
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a JumpIfX) Assemble() (RawInstruction, error) {
+	return jumpToRaw(a.Cond, opOperandX, 0, a.SkipTrue, a.SkipFalse)
+}
+
+// String returns the instruction in assembler notation.
+func (a JumpIfX) String() string {
+	return jumpToString(a.Cond, "x", a.SkipTrue, a.SkipFalse)
+}
+
+// jumpToRaw assembles a jump instruction into a RawInstruction
+func jumpToRaw(test JumpTest, operand opOperand, k uint32, skipTrue, skipFalse uint8) (RawInstruction, error) {
+	var (
+		cond jumpOp
+		flip bool
+	)
+	switch test {
+	case JumpEqual:
+		cond = opJumpEqual
+	case JumpNotEqual:
+		cond, flip = opJumpEqual, true
+	case JumpGreaterThan:
+		cond = opJumpGT
+	case JumpLessThan:
+		cond, flip = opJumpGE, true
+	case JumpGreaterOrEqual:
+		cond = opJumpGE
+	case JumpLessOrEqual:
+		cond, flip = opJumpGT, true
+	case JumpBitsSet:
+		cond = opJumpSet
+	case JumpBitsNotSet:
+		cond, flip = opJumpSet, true
+	default:
+		return RawInstruction{}, fmt.Errorf("unknown JumpTest %v", test)
+	}
+	jt, jf := skipTrue, skipFalse
+	if flip {
+		jt, jf = jf, jt
+	}
+	return RawInstruction{
+		Op: opClsJump | uint16(cond) | uint16(operand),
+		Jt: jt,
+		Jf: jf,
+		K:  k,
+	}, nil
+}
+
+// jumpToString converts a jump instruction to assembler notation
+func jumpToString(cond JumpTest, operand string, skipTrue, skipFalse uint8) string {
+	switch cond {
+	// K == A
+	case JumpEqual:
+		return conditionalJump(operand, skipTrue, skipFalse, "jeq", "jneq")
+	// K != A
+	case JumpNotEqual:
+		return fmt.Sprintf("jneq %s,%d", operand, skipTrue)
+	// K > A
+	case JumpGreaterThan:
+		return conditionalJump(operand, skipTrue, skipFalse, "jgt", "jle")
+	// K < A
+	case JumpLessThan:
+		return fmt.Sprintf("jlt %s,%d", operand, skipTrue)
+	// K >= A
+	case JumpGreaterOrEqual:
+		return conditionalJump(operand, skipTrue, skipFalse, "jge", "jlt")
+	// K <= A
+	case JumpLessOrEqual:
+		return fmt.Sprintf("jle %s,%d", operand, skipTrue)
+	// K & A != 0
+	case JumpBitsSet:
+		if skipFalse > 0 {
+			return fmt.Sprintf("jset %s,%d,%d", operand, skipTrue, skipFalse)
+		}
+		return fmt.Sprintf("jset %s,%d", operand, skipTrue)
+	// K & A == 0, there is no assembler instruction for JumpBitNotSet, use JumpBitSet and invert skips
+	case JumpBitsNotSet:
+		return jumpToString(JumpBitsSet, operand, skipFalse, skipTrue)
+	default:
+		return fmt.Sprintf("unknown JumpTest %#v", cond)
+	}
+}
+
+func conditionalJump(operand string, skipTrue, skipFalse uint8, positiveJump, negativeJump string) string {
+	if skipTrue > 0 {
+		if skipFalse > 0 {
+			return fmt.Sprintf("%s %s,%d,%d", positiveJump, operand, skipTrue, skipFalse)
+		}
+		return fmt.Sprintf("%s %s,%d", positiveJump, operand, skipTrue)
+	}
+	return fmt.Sprintf("%s %s,%d", negativeJump, operand, skipFalse)
+}
+
+// RetA exits the BPF program, returning the value of register A.
+type RetA struct{}
+
+// Assemble implements the Instruction Assemble method.
+func (a RetA) Assemble() (RawInstruction, error) {
+	return RawInstruction{
+		Op: opClsReturn | opRetSrcA,
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a RetA) String() string {
+	return fmt.Sprintf("ret a")
+}
+
+// RetConstant exits the BPF program, returning a constant value.
+type RetConstant struct {
+	Val uint32
+}
+
+// Assemble implements the Instruction Assemble method.
+func (a RetConstant) Assemble() (RawInstruction, error) {
+	return RawInstruction{
+		Op: opClsReturn | opRetSrcConstant,
+		K:  a.Val,
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a RetConstant) String() string {
+	return fmt.Sprintf("ret #%d", a.Val)
+}
+
+// TXA copies the value of register X to register A.
+type TXA struct{}
+
+// Assemble implements the Instruction Assemble method.
+func (a TXA) Assemble() (RawInstruction, error) {
+	return RawInstruction{
+		Op: opClsMisc | opMiscTXA,
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a TXA) String() string {
+	return fmt.Sprintf("txa")
+}
+
+// TAX copies the value of register A to register X.
+type TAX struct{}
+
+// Assemble implements the Instruction Assemble method.
+func (a TAX) Assemble() (RawInstruction, error) {
+	return RawInstruction{
+		Op: opClsMisc | opMiscTAX,
+	}, nil
+}
+
+// String returns the instruction in assembler notation.
+func (a TAX) String() string {
+	return fmt.Sprintf("tax")
+}
+
+func assembleLoad(dst Register, loadSize int, mode uint16, k uint32) (RawInstruction, error) {
+	var (
+		cls uint16
+		sz  uint16
+	)
+	switch dst {
+	case RegA:
+		cls = opClsLoadA
+	case RegX:
+		cls = opClsLoadX
+	default:
+		return RawInstruction{}, fmt.Errorf("invalid target register %v", dst)
+	}
+	switch loadSize {
+	case 1:
+		sz = opLoadWidth1
+	case 2:
+		sz = opLoadWidth2
+	case 4:
+		sz = opLoadWidth4
+	default:
+		return RawInstruction{}, fmt.Errorf("invalid load byte length %d", sz)
+	}
+	return RawInstruction{
+		Op: cls | sz | mode,
+		K:  k,
+	}, nil
+}
diff --git a/server/vendor/golang.org/x/net/bpf/setter.go b/server/vendor/golang.org/x/net/bpf/setter.go
new file mode 100644
index 0000000..43e35f0
--- /dev/null
+++ b/server/vendor/golang.org/x/net/bpf/setter.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package bpf
+
+// A Setter is a type which can attach a compiled BPF filter to itself.
+type Setter interface {
+	SetBPF(filter []RawInstruction) error
+}
diff --git a/server/vendor/golang.org/x/net/bpf/vm.go b/server/vendor/golang.org/x/net/bpf/vm.go
new file mode 100644
index 0000000..73f57f1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/bpf/vm.go
@@ -0,0 +1,150 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package bpf
+
+import (
+	"errors"
+	"fmt"
+)
+
+// A VM is an emulated BPF virtual machine.
+type VM struct {
+	filter []Instruction
+}
+
+// NewVM returns a new VM using the input BPF program.
+func NewVM(filter []Instruction) (*VM, error) {
+	if len(filter) == 0 {
+		return nil, errors.New("one or more Instructions must be specified")
+	}
+
+	for i, ins := range filter {
+		check := len(filter) - (i + 1)
+		switch ins := ins.(type) {
+		// Check for out-of-bounds jumps in instructions
+		case Jump:
+			if check <= int(ins.Skip) {
+				return nil, fmt.Errorf("cannot jump %d instructions; jumping past program bounds", ins.Skip)
+			}
+		case JumpIf:
+			if check <= int(ins.SkipTrue) {
+				return nil, fmt.Errorf("cannot jump %d instructions in true case; jumping past program bounds", ins.SkipTrue)
+			}
+			if check <= int(ins.SkipFalse) {
+				return nil, fmt.Errorf("cannot jump %d instructions in false case; jumping past program bounds", ins.SkipFalse)
+			}
+		case JumpIfX:
+			if check <= int(ins.SkipTrue) {
+				return nil, fmt.Errorf("cannot jump %d instructions in true case; jumping past program bounds", ins.SkipTrue)
+			}
+			if check <= int(ins.SkipFalse) {
+				return nil, fmt.Errorf("cannot jump %d instructions in false case; jumping past program bounds", ins.SkipFalse)
+			}
+		// Check for division or modulus by zero
+		case ALUOpConstant:
+			if ins.Val != 0 {
+				break
+			}
+
+			switch ins.Op {
+			case ALUOpDiv, ALUOpMod:
+				return nil, errors.New("cannot divide by zero using ALUOpConstant")
+			}
+		// Check for unknown extensions
+		case LoadExtension:
+			switch ins.Num {
+			case ExtLen:
+			default:
+				return nil, fmt.Errorf("extension %d not implemented", ins.Num)
+			}
+		}
+	}
+
+	// Make sure last instruction is a return instruction
+	switch filter[len(filter)-1].(type) {
+	case RetA, RetConstant:
+	default:
+		return nil, errors.New("BPF program must end with RetA or RetConstant")
+	}
+
+	// Though our VM works using disassembled instructions, we
+	// attempt to assemble the input filter anyway to ensure it is compatible
+	// with an operating system VM.
+	_, err := Assemble(filter)
+
+	return &VM{
+		filter: filter,
+	}, err
+}
+
+// Run runs the VM's BPF program against the input bytes.
+// Run returns the number of bytes accepted by the BPF program, and any errors
+// which occurred while processing the program.
+func (v *VM) Run(in []byte) (int, error) {
+	var (
+		// Registers of the virtual machine
+		regA       uint32
+		regX       uint32
+		regScratch [16]uint32
+
+		// OK is true if the program should continue processing the next
+		// instruction, or false if not, causing the loop to break
+		ok = true
+	)
+
+	// TODO(mdlayher): implement:
+	// - NegateA:
+	//   - would require a change from uint32 registers to int32
+	//     registers
+
+	// TODO(mdlayher): add interop tests that check signedness of ALU
+	// operations against kernel implementation, and make sure Go
+	// implementation matches behavior
+
+	for i := 0; i < len(v.filter) && ok; i++ {
+		ins := v.filter[i]
+
+		switch ins := ins.(type) {
+		case ALUOpConstant:
+			regA = aluOpConstant(ins, regA)
+		case ALUOpX:
+			regA, ok = aluOpX(ins, regA, regX)
+		case Jump:
+			i += int(ins.Skip)
+		case JumpIf:
+			jump := jumpIf(ins, regA)
+			i += jump
+		case JumpIfX:
+			jump := jumpIfX(ins, regA, regX)
+			i += jump
+		case LoadAbsolute:
+			regA, ok = loadAbsolute(ins, in)
+		case LoadConstant:
+			regA, regX = loadConstant(ins, regA, regX)
+		case LoadExtension:
+			regA = loadExtension(ins, in)
+		case LoadIndirect:
+			regA, ok = loadIndirect(ins, in, regX)
+		case LoadMemShift:
+			regX, ok = loadMemShift(ins, in)
+		case LoadScratch:
+			regA, regX = loadScratch(ins, regScratch, regA, regX)
+		case RetA:
+			return int(regA), nil
+		case RetConstant:
+			return int(ins.Val), nil
+		case StoreScratch:
+			regScratch = storeScratch(ins, regScratch, regA, regX)
+		case TAX:
+			regX = regA
+		case TXA:
+			regA = regX
+		default:
+			return 0, fmt.Errorf("unknown Instruction at index %d: %T", i, ins)
+		}
+	}
+
+	return 0, nil
+}
diff --git a/server/vendor/golang.org/x/net/bpf/vm_instructions.go b/server/vendor/golang.org/x/net/bpf/vm_instructions.go
new file mode 100644
index 0000000..0aa307c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/bpf/vm_instructions.go
@@ -0,0 +1,182 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package bpf
+
+import (
+	"encoding/binary"
+	"fmt"
+)
+
+func aluOpConstant(ins ALUOpConstant, regA uint32) uint32 {
+	return aluOpCommon(ins.Op, regA, ins.Val)
+}
+
+func aluOpX(ins ALUOpX, regA uint32, regX uint32) (uint32, bool) {
+	// Guard against division or modulus by zero by terminating
+	// the program, as the OS BPF VM does
+	if regX == 0 {
+		switch ins.Op {
+		case ALUOpDiv, ALUOpMod:
+			return 0, false
+		}
+	}
+
+	return aluOpCommon(ins.Op, regA, regX), true
+}
+
+func aluOpCommon(op ALUOp, regA uint32, value uint32) uint32 {
+	switch op {
+	case ALUOpAdd:
+		return regA + value
+	case ALUOpSub:
+		return regA - value
+	case ALUOpMul:
+		return regA * value
+	case ALUOpDiv:
+		// Division by zero not permitted by NewVM and aluOpX checks
+		return regA / value
+	case ALUOpOr:
+		return regA | value
+	case ALUOpAnd:
+		return regA & value
+	case ALUOpShiftLeft:
+		return regA << value
+	case ALUOpShiftRight:
+		return regA >> value
+	case ALUOpMod:
+		// Modulus by zero not permitted by NewVM and aluOpX checks
+		return regA % value
+	case ALUOpXor:
+		return regA ^ value
+	default:
+		return regA
+	}
+}
+
+func jumpIf(ins JumpIf, regA uint32) int {
+	return jumpIfCommon(ins.Cond, ins.SkipTrue, ins.SkipFalse, regA, ins.Val)
+}
+
+func jumpIfX(ins JumpIfX, regA uint32, regX uint32) int {
+	return jumpIfCommon(ins.Cond, ins.SkipTrue, ins.SkipFalse, regA, regX)
+}
+
+func jumpIfCommon(cond JumpTest, skipTrue, skipFalse uint8, regA uint32, value uint32) int {
+	var ok bool
+
+	switch cond {
+	case JumpEqual:
+		ok = regA == value
+	case JumpNotEqual:
+		ok = regA != value
+	case JumpGreaterThan:
+		ok = regA > value
+	case JumpLessThan:
+		ok = regA < value
+	case JumpGreaterOrEqual:
+		ok = regA >= value
+	case JumpLessOrEqual:
+		ok = regA <= value
+	case JumpBitsSet:
+		ok = (regA & value) != 0
+	case JumpBitsNotSet:
+		ok = (regA & value) == 0
+	}
+
+	if ok {
+		return int(skipTrue)
+	}
+
+	return int(skipFalse)
+}
+
+func loadAbsolute(ins LoadAbsolute, in []byte) (uint32, bool) {
+	offset := int(ins.Off)
+	size := ins.Size
+
+	return loadCommon(in, offset, size)
+}
+
+func loadConstant(ins LoadConstant, regA uint32, regX uint32) (uint32, uint32) {
+	switch ins.Dst {
+	case RegA:
+		regA = ins.Val
+	case RegX:
+		regX = ins.Val
+	}
+
+	return regA, regX
+}
+
+func loadExtension(ins LoadExtension, in []byte) uint32 {
+	switch ins.Num {
+	case ExtLen:
+		return uint32(len(in))
+	default:
+		panic(fmt.Sprintf("unimplemented extension: %d", ins.Num))
+	}
+}
+
+func loadIndirect(ins LoadIndirect, in []byte, regX uint32) (uint32, bool) {
+	offset := int(ins.Off) + int(regX)
+	size := ins.Size
+
+	return loadCommon(in, offset, size)
+}
+
+func loadMemShift(ins LoadMemShift, in []byte) (uint32, bool) {
+	offset := int(ins.Off)
+
+	// Size of LoadMemShift is always 1 byte
+	if !inBounds(len(in), offset, 1) {
+		return 0, false
+	}
+
+	// Mask off high 4 bits and multiply low 4 bits by 4
+	return uint32(in[offset]&0x0f) * 4, true
+}
+
+func inBounds(inLen int, offset int, size int) bool {
+	return offset+size <= inLen
+}
+
+func loadCommon(in []byte, offset int, size int) (uint32, bool) {
+	if !inBounds(len(in), offset, size) {
+		return 0, false
+	}
+
+	switch size {
+	case 1:
+		return uint32(in[offset]), true
+	case 2:
+		return uint32(binary.BigEndian.Uint16(in[offset : offset+size])), true
+	case 4:
+		return uint32(binary.BigEndian.Uint32(in[offset : offset+size])), true
+	default:
+		panic(fmt.Sprintf("invalid load size: %d", size))
+	}
+}
+
+func loadScratch(ins LoadScratch, regScratch [16]uint32, regA uint32, regX uint32) (uint32, uint32) {
+	switch ins.Dst {
+	case RegA:
+		regA = regScratch[ins.N]
+	case RegX:
+		regX = regScratch[ins.N]
+	}
+
+	return regA, regX
+}
+
+func storeScratch(ins StoreScratch, regScratch [16]uint32, regA uint32, regX uint32) [16]uint32 {
+	switch ins.Src {
+	case RegA:
+		regScratch[ins.N] = regA
+	case RegX:
+		regScratch[ins.N] = regX
+	}
+
+	return regScratch
+}
diff --git a/server/vendor/golang.org/x/net/dns/dnsmessage/message.go b/server/vendor/golang.org/x/net/dns/dnsmessage/message.go
new file mode 100644
index 0000000..a656efc
--- /dev/null
+++ b/server/vendor/golang.org/x/net/dns/dnsmessage/message.go
@@ -0,0 +1,2712 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package dnsmessage provides a mostly RFC 1035 compliant implementation of
+// DNS message packing and unpacking.
+//
+// The package also supports messages with Extension Mechanisms for DNS
+// (EDNS(0)) as defined in RFC 6891.
+//
+// This implementation is designed to minimize heap allocations and avoid
+// unnecessary packing and unpacking as much as possible.
+package dnsmessage
+
+import (
+	"errors"
+)
+
+// Message formats
+
+// A Type is a type of DNS request and response.
+type Type uint16
+
+const (
+	// ResourceHeader.Type and Question.Type
+	TypeA     Type = 1
+	TypeNS    Type = 2
+	TypeCNAME Type = 5
+	TypeSOA   Type = 6
+	TypePTR   Type = 12
+	TypeMX    Type = 15
+	TypeTXT   Type = 16
+	TypeAAAA  Type = 28
+	TypeSRV   Type = 33
+	TypeOPT   Type = 41
+
+	// Question.Type
+	TypeWKS   Type = 11
+	TypeHINFO Type = 13
+	TypeMINFO Type = 14
+	TypeAXFR  Type = 252
+	TypeALL   Type = 255
+)
+
+var typeNames = map[Type]string{
+	TypeA:     "TypeA",
+	TypeNS:    "TypeNS",
+	TypeCNAME: "TypeCNAME",
+	TypeSOA:   "TypeSOA",
+	TypePTR:   "TypePTR",
+	TypeMX:    "TypeMX",
+	TypeTXT:   "TypeTXT",
+	TypeAAAA:  "TypeAAAA",
+	TypeSRV:   "TypeSRV",
+	TypeOPT:   "TypeOPT",
+	TypeWKS:   "TypeWKS",
+	TypeHINFO: "TypeHINFO",
+	TypeMINFO: "TypeMINFO",
+	TypeAXFR:  "TypeAXFR",
+	TypeALL:   "TypeALL",
+}
+
+// String implements fmt.Stringer.String.
+func (t Type) String() string {
+	if n, ok := typeNames[t]; ok {
+		return n
+	}
+	return printUint16(uint16(t))
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (t Type) GoString() string {
+	if n, ok := typeNames[t]; ok {
+		return "dnsmessage." + n
+	}
+	return printUint16(uint16(t))
+}
+
+// A Class is a type of network.
+type Class uint16
+
+const (
+	// ResourceHeader.Class and Question.Class
+	ClassINET   Class = 1
+	ClassCSNET  Class = 2
+	ClassCHAOS  Class = 3
+	ClassHESIOD Class = 4
+
+	// Question.Class
+	ClassANY Class = 255
+)
+
+var classNames = map[Class]string{
+	ClassINET:   "ClassINET",
+	ClassCSNET:  "ClassCSNET",
+	ClassCHAOS:  "ClassCHAOS",
+	ClassHESIOD: "ClassHESIOD",
+	ClassANY:    "ClassANY",
+}
+
+// String implements fmt.Stringer.String.
+func (c Class) String() string {
+	if n, ok := classNames[c]; ok {
+		return n
+	}
+	return printUint16(uint16(c))
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (c Class) GoString() string {
+	if n, ok := classNames[c]; ok {
+		return "dnsmessage." + n
+	}
+	return printUint16(uint16(c))
+}
+
+// An OpCode is a DNS operation code.
+type OpCode uint16
+
+// GoString implements fmt.GoStringer.GoString.
+func (o OpCode) GoString() string {
+	return printUint16(uint16(o))
+}
+
+// An RCode is a DNS response status code.
+type RCode uint16
+
+// Header.RCode values.
+const (
+	RCodeSuccess        RCode = 0 // NoError
+	RCodeFormatError    RCode = 1 // FormErr
+	RCodeServerFailure  RCode = 2 // ServFail
+	RCodeNameError      RCode = 3 // NXDomain
+	RCodeNotImplemented RCode = 4 // NotImp
+	RCodeRefused        RCode = 5 // Refused
+)
+
+var rCodeNames = map[RCode]string{
+	RCodeSuccess:        "RCodeSuccess",
+	RCodeFormatError:    "RCodeFormatError",
+	RCodeServerFailure:  "RCodeServerFailure",
+	RCodeNameError:      "RCodeNameError",
+	RCodeNotImplemented: "RCodeNotImplemented",
+	RCodeRefused:        "RCodeRefused",
+}
+
+// String implements fmt.Stringer.String.
+func (r RCode) String() string {
+	if n, ok := rCodeNames[r]; ok {
+		return n
+	}
+	return printUint16(uint16(r))
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r RCode) GoString() string {
+	if n, ok := rCodeNames[r]; ok {
+		return "dnsmessage." + n
+	}
+	return printUint16(uint16(r))
+}
+
+func printPaddedUint8(i uint8) string {
+	b := byte(i)
+	return string([]byte{
+		b/100 + '0',
+		b/10%10 + '0',
+		b%10 + '0',
+	})
+}
+
+func printUint8Bytes(buf []byte, i uint8) []byte {
+	b := byte(i)
+	if i >= 100 {
+		buf = append(buf, b/100+'0')
+	}
+	if i >= 10 {
+		buf = append(buf, b/10%10+'0')
+	}
+	return append(buf, b%10+'0')
+}
+
+func printByteSlice(b []byte) string {
+	if len(b) == 0 {
+		return ""
+	}
+	buf := make([]byte, 0, 5*len(b))
+	buf = printUint8Bytes(buf, uint8(b[0]))
+	for _, n := range b[1:] {
+		buf = append(buf, ',', ' ')
+		buf = printUint8Bytes(buf, uint8(n))
+	}
+	return string(buf)
+}
+
+const hexDigits = "0123456789abcdef"
+
+func printString(str []byte) string {
+	buf := make([]byte, 0, len(str))
+	for i := 0; i < len(str); i++ {
+		c := str[i]
+		if c == '.' || c == '-' || c == ' ' ||
+			'A' <= c && c <= 'Z' ||
+			'a' <= c && c <= 'z' ||
+			'0' <= c && c <= '9' {
+			buf = append(buf, c)
+			continue
+		}
+
+		upper := c >> 4
+		lower := (c << 4) >> 4
+		buf = append(
+			buf,
+			'\\',
+			'x',
+			hexDigits[upper],
+			hexDigits[lower],
+		)
+	}
+	return string(buf)
+}
+
+func printUint16(i uint16) string {
+	return printUint32(uint32(i))
+}
+
+func printUint32(i uint32) string {
+	// Max value is 4294967295.
+	buf := make([]byte, 10)
+	for b, d := buf, uint32(1000000000); d > 0; d /= 10 {
+		b[0] = byte(i/d%10 + '0')
+		if b[0] == '0' && len(b) == len(buf) && len(buf) > 1 {
+			buf = buf[1:]
+		}
+		b = b[1:]
+		i %= d
+	}
+	return string(buf)
+}
+
+func printBool(b bool) string {
+	if b {
+		return "true"
+	}
+	return "false"
+}
+
+var (
+	// ErrNotStarted indicates that the prerequisite information isn't
+	// available yet because the previous records haven't been appropriately
+	// parsed, skipped or finished.
+	ErrNotStarted = errors.New("parsing/packing of this type isn't available yet")
+
+	// ErrSectionDone indicated that all records in the section have been
+	// parsed or finished.
+	ErrSectionDone = errors.New("parsing/packing of this section has completed")
+
+	errBaseLen            = errors.New("insufficient data for base length type")
+	errCalcLen            = errors.New("insufficient data for calculated length type")
+	errReserved           = errors.New("segment prefix is reserved")
+	errTooManyPtr         = errors.New("too many pointers (>10)")
+	errInvalidPtr         = errors.New("invalid pointer")
+	errInvalidName        = errors.New("invalid dns name")
+	errNilResouceBody     = errors.New("nil resource body")
+	errResourceLen        = errors.New("insufficient data for resource body length")
+	errSegTooLong         = errors.New("segment length too long")
+	errNameTooLong        = errors.New("name too long")
+	errZeroSegLen         = errors.New("zero length segment")
+	errResTooLong         = errors.New("resource length too long")
+	errTooManyQuestions   = errors.New("too many Questions to pack (>65535)")
+	errTooManyAnswers     = errors.New("too many Answers to pack (>65535)")
+	errTooManyAuthorities = errors.New("too many Authorities to pack (>65535)")
+	errTooManyAdditionals = errors.New("too many Additionals to pack (>65535)")
+	errNonCanonicalName   = errors.New("name is not in canonical format (it must end with a .)")
+	errStringTooLong      = errors.New("character string exceeds maximum length (255)")
+)
+
+// Internal constants.
+const (
+	// packStartingCap is the default initial buffer size allocated during
+	// packing.
+	//
+	// The starting capacity doesn't matter too much, but most DNS responses
+	// Will be <= 512 bytes as it is the limit for DNS over UDP.
+	packStartingCap = 512
+
+	// uint16Len is the length (in bytes) of a uint16.
+	uint16Len = 2
+
+	// uint32Len is the length (in bytes) of a uint32.
+	uint32Len = 4
+
+	// headerLen is the length (in bytes) of a DNS header.
+	//
+	// A header is comprised of 6 uint16s and no padding.
+	headerLen = 6 * uint16Len
+)
+
+type nestedError struct {
+	// s is the current level's error message.
+	s string
+
+	// err is the nested error.
+	err error
+}
+
+// nestedError implements error.Error.
+func (e *nestedError) Error() string {
+	return e.s + ": " + e.err.Error()
+}
+
+// Header is a representation of a DNS message header.
+type Header struct {
+	ID                 uint16
+	Response           bool
+	OpCode             OpCode
+	Authoritative      bool
+	Truncated          bool
+	RecursionDesired   bool
+	RecursionAvailable bool
+	AuthenticData      bool
+	CheckingDisabled   bool
+	RCode              RCode
+}
+
+func (m *Header) pack() (id uint16, bits uint16) {
+	id = m.ID
+	bits = uint16(m.OpCode)<<11 | uint16(m.RCode)
+	if m.RecursionAvailable {
+		bits |= headerBitRA
+	}
+	if m.RecursionDesired {
+		bits |= headerBitRD
+	}
+	if m.Truncated {
+		bits |= headerBitTC
+	}
+	if m.Authoritative {
+		bits |= headerBitAA
+	}
+	if m.Response {
+		bits |= headerBitQR
+	}
+	if m.AuthenticData {
+		bits |= headerBitAD
+	}
+	if m.CheckingDisabled {
+		bits |= headerBitCD
+	}
+	return
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (m *Header) GoString() string {
+	return "dnsmessage.Header{" +
+		"ID: " + printUint16(m.ID) + ", " +
+		"Response: " + printBool(m.Response) + ", " +
+		"OpCode: " + m.OpCode.GoString() + ", " +
+		"Authoritative: " + printBool(m.Authoritative) + ", " +
+		"Truncated: " + printBool(m.Truncated) + ", " +
+		"RecursionDesired: " + printBool(m.RecursionDesired) + ", " +
+		"RecursionAvailable: " + printBool(m.RecursionAvailable) + ", " +
+		"AuthenticData: " + printBool(m.AuthenticData) + ", " +
+		"CheckingDisabled: " + printBool(m.CheckingDisabled) + ", " +
+		"RCode: " + m.RCode.GoString() + "}"
+}
+
+// Message is a representation of a DNS message.
+type Message struct {
+	Header
+	Questions   []Question
+	Answers     []Resource
+	Authorities []Resource
+	Additionals []Resource
+}
+
+type section uint8
+
+const (
+	sectionNotStarted section = iota
+	sectionHeader
+	sectionQuestions
+	sectionAnswers
+	sectionAuthorities
+	sectionAdditionals
+	sectionDone
+
+	headerBitQR = 1 << 15 // query/response (response=1)
+	headerBitAA = 1 << 10 // authoritative
+	headerBitTC = 1 << 9  // truncated
+	headerBitRD = 1 << 8  // recursion desired
+	headerBitRA = 1 << 7  // recursion available
+	headerBitAD = 1 << 5  // authentic data
+	headerBitCD = 1 << 4  // checking disabled
+)
+
+var sectionNames = map[section]string{
+	sectionHeader:      "header",
+	sectionQuestions:   "Question",
+	sectionAnswers:     "Answer",
+	sectionAuthorities: "Authority",
+	sectionAdditionals: "Additional",
+}
+
+// header is the wire format for a DNS message header.
+type header struct {
+	id          uint16
+	bits        uint16
+	questions   uint16
+	answers     uint16
+	authorities uint16
+	additionals uint16
+}
+
+func (h *header) count(sec section) uint16 {
+	switch sec {
+	case sectionQuestions:
+		return h.questions
+	case sectionAnswers:
+		return h.answers
+	case sectionAuthorities:
+		return h.authorities
+	case sectionAdditionals:
+		return h.additionals
+	}
+	return 0
+}
+
+// pack appends the wire format of the header to msg.
+func (h *header) pack(msg []byte) []byte {
+	msg = packUint16(msg, h.id)
+	msg = packUint16(msg, h.bits)
+	msg = packUint16(msg, h.questions)
+	msg = packUint16(msg, h.answers)
+	msg = packUint16(msg, h.authorities)
+	return packUint16(msg, h.additionals)
+}
+
+func (h *header) unpack(msg []byte, off int) (int, error) {
+	newOff := off
+	var err error
+	if h.id, newOff, err = unpackUint16(msg, newOff); err != nil {
+		return off, &nestedError{"id", err}
+	}
+	if h.bits, newOff, err = unpackUint16(msg, newOff); err != nil {
+		return off, &nestedError{"bits", err}
+	}
+	if h.questions, newOff, err = unpackUint16(msg, newOff); err != nil {
+		return off, &nestedError{"questions", err}
+	}
+	if h.answers, newOff, err = unpackUint16(msg, newOff); err != nil {
+		return off, &nestedError{"answers", err}
+	}
+	if h.authorities, newOff, err = unpackUint16(msg, newOff); err != nil {
+		return off, &nestedError{"authorities", err}
+	}
+	if h.additionals, newOff, err = unpackUint16(msg, newOff); err != nil {
+		return off, &nestedError{"additionals", err}
+	}
+	return newOff, nil
+}
+
+func (h *header) header() Header {
+	return Header{
+		ID:                 h.id,
+		Response:           (h.bits & headerBitQR) != 0,
+		OpCode:             OpCode(h.bits>>11) & 0xF,
+		Authoritative:      (h.bits & headerBitAA) != 0,
+		Truncated:          (h.bits & headerBitTC) != 0,
+		RecursionDesired:   (h.bits & headerBitRD) != 0,
+		RecursionAvailable: (h.bits & headerBitRA) != 0,
+		AuthenticData:      (h.bits & headerBitAD) != 0,
+		CheckingDisabled:   (h.bits & headerBitCD) != 0,
+		RCode:              RCode(h.bits & 0xF),
+	}
+}
+
+// A Resource is a DNS resource record.
+type Resource struct {
+	Header ResourceHeader
+	Body   ResourceBody
+}
+
+func (r *Resource) GoString() string {
+	return "dnsmessage.Resource{" +
+		"Header: " + r.Header.GoString() +
+		", Body: &" + r.Body.GoString() +
+		"}"
+}
+
+// A ResourceBody is a DNS resource record minus the header.
+type ResourceBody interface {
+	// pack packs a Resource except for its header.
+	pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error)
+
+	// realType returns the actual type of the Resource. This is used to
+	// fill in the header Type field.
+	realType() Type
+
+	// GoString implements fmt.GoStringer.GoString.
+	GoString() string
+}
+
+// pack appends the wire format of the Resource to msg.
+func (r *Resource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	if r.Body == nil {
+		return msg, errNilResouceBody
+	}
+	oldMsg := msg
+	r.Header.Type = r.Body.realType()
+	msg, lenOff, err := r.Header.pack(msg, compression, compressionOff)
+	if err != nil {
+		return msg, &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	msg, err = r.Body.pack(msg, compression, compressionOff)
+	if err != nil {
+		return msg, &nestedError{"content", err}
+	}
+	if err := r.Header.fixLen(msg, lenOff, preLen); err != nil {
+		return oldMsg, err
+	}
+	return msg, nil
+}
+
+// A Parser allows incrementally parsing a DNS message.
+//
+// When parsing is started, the Header is parsed. Next, each Question can be
+// either parsed or skipped. Alternatively, all Questions can be skipped at
+// once. When all Questions have been parsed, attempting to parse Questions
+// will return the [ErrSectionDone] error.
+// After all Questions have been either parsed or skipped, all
+// Answers, Authorities and Additionals can be either parsed or skipped in the
+// same way, and each type of Resource must be fully parsed or skipped before
+// proceeding to the next type of Resource.
+//
+// Parser is safe to copy to preserve the parsing state.
+//
+// Note that there is no requirement to fully skip or parse the message.
+type Parser struct {
+	msg    []byte
+	header header
+
+	section         section
+	off             int
+	index           int
+	resHeaderValid  bool
+	resHeaderOffset int
+	resHeaderType   Type
+	resHeaderLength uint16
+}
+
+// Start parses the header and enables the parsing of Questions.
+func (p *Parser) Start(msg []byte) (Header, error) {
+	if p.msg != nil {
+		*p = Parser{}
+	}
+	p.msg = msg
+	var err error
+	if p.off, err = p.header.unpack(msg, 0); err != nil {
+		return Header{}, &nestedError{"unpacking header", err}
+	}
+	p.section = sectionQuestions
+	return p.header.header(), nil
+}
+
+func (p *Parser) checkAdvance(sec section) error {
+	if p.section < sec {
+		return ErrNotStarted
+	}
+	if p.section > sec {
+		return ErrSectionDone
+	}
+	p.resHeaderValid = false
+	if p.index == int(p.header.count(sec)) {
+		p.index = 0
+		p.section++
+		return ErrSectionDone
+	}
+	return nil
+}
+
+func (p *Parser) resource(sec section) (Resource, error) {
+	var r Resource
+	var err error
+	r.Header, err = p.resourceHeader(sec)
+	if err != nil {
+		return r, err
+	}
+	p.resHeaderValid = false
+	r.Body, p.off, err = unpackResourceBody(p.msg, p.off, r.Header)
+	if err != nil {
+		return Resource{}, &nestedError{"unpacking " + sectionNames[sec], err}
+	}
+	p.index++
+	return r, nil
+}
+
+func (p *Parser) resourceHeader(sec section) (ResourceHeader, error) {
+	if p.resHeaderValid {
+		p.off = p.resHeaderOffset
+	}
+
+	if err := p.checkAdvance(sec); err != nil {
+		return ResourceHeader{}, err
+	}
+	var hdr ResourceHeader
+	off, err := hdr.unpack(p.msg, p.off)
+	if err != nil {
+		return ResourceHeader{}, err
+	}
+	p.resHeaderValid = true
+	p.resHeaderOffset = p.off
+	p.resHeaderType = hdr.Type
+	p.resHeaderLength = hdr.Length
+	p.off = off
+	return hdr, nil
+}
+
+func (p *Parser) skipResource(sec section) error {
+	if p.resHeaderValid && p.section == sec {
+		newOff := p.off + int(p.resHeaderLength)
+		if newOff > len(p.msg) {
+			return errResourceLen
+		}
+		p.off = newOff
+		p.resHeaderValid = false
+		p.index++
+		return nil
+	}
+	if err := p.checkAdvance(sec); err != nil {
+		return err
+	}
+	var err error
+	p.off, err = skipResource(p.msg, p.off)
+	if err != nil {
+		return &nestedError{"skipping: " + sectionNames[sec], err}
+	}
+	p.index++
+	return nil
+}
+
+// Question parses a single Question.
+func (p *Parser) Question() (Question, error) {
+	if err := p.checkAdvance(sectionQuestions); err != nil {
+		return Question{}, err
+	}
+	var name Name
+	off, err := name.unpack(p.msg, p.off)
+	if err != nil {
+		return Question{}, &nestedError{"unpacking Question.Name", err}
+	}
+	typ, off, err := unpackType(p.msg, off)
+	if err != nil {
+		return Question{}, &nestedError{"unpacking Question.Type", err}
+	}
+	class, off, err := unpackClass(p.msg, off)
+	if err != nil {
+		return Question{}, &nestedError{"unpacking Question.Class", err}
+	}
+	p.off = off
+	p.index++
+	return Question{name, typ, class}, nil
+}
+
+// AllQuestions parses all Questions.
+func (p *Parser) AllQuestions() ([]Question, error) {
+	// Multiple questions are valid according to the spec,
+	// but servers don't actually support them. There will
+	// be at most one question here.
+	//
+	// Do not pre-allocate based on info in p.header, since
+	// the data is untrusted.
+	qs := []Question{}
+	for {
+		q, err := p.Question()
+		if err == ErrSectionDone {
+			return qs, nil
+		}
+		if err != nil {
+			return nil, err
+		}
+		qs = append(qs, q)
+	}
+}
+
+// SkipQuestion skips a single Question.
+func (p *Parser) SkipQuestion() error {
+	if err := p.checkAdvance(sectionQuestions); err != nil {
+		return err
+	}
+	off, err := skipName(p.msg, p.off)
+	if err != nil {
+		return &nestedError{"skipping Question Name", err}
+	}
+	if off, err = skipType(p.msg, off); err != nil {
+		return &nestedError{"skipping Question Type", err}
+	}
+	if off, err = skipClass(p.msg, off); err != nil {
+		return &nestedError{"skipping Question Class", err}
+	}
+	p.off = off
+	p.index++
+	return nil
+}
+
+// SkipAllQuestions skips all Questions.
+func (p *Parser) SkipAllQuestions() error {
+	for {
+		if err := p.SkipQuestion(); err == ErrSectionDone {
+			return nil
+		} else if err != nil {
+			return err
+		}
+	}
+}
+
+// AnswerHeader parses a single Answer ResourceHeader.
+func (p *Parser) AnswerHeader() (ResourceHeader, error) {
+	return p.resourceHeader(sectionAnswers)
+}
+
+// Answer parses a single Answer Resource.
+func (p *Parser) Answer() (Resource, error) {
+	return p.resource(sectionAnswers)
+}
+
+// AllAnswers parses all Answer Resources.
+func (p *Parser) AllAnswers() ([]Resource, error) {
+	// The most common query is for A/AAAA, which usually returns
+	// a handful of IPs.
+	//
+	// Pre-allocate up to a certain limit, since p.header is
+	// untrusted data.
+	n := int(p.header.answers)
+	if n > 20 {
+		n = 20
+	}
+	as := make([]Resource, 0, n)
+	for {
+		a, err := p.Answer()
+		if err == ErrSectionDone {
+			return as, nil
+		}
+		if err != nil {
+			return nil, err
+		}
+		as = append(as, a)
+	}
+}
+
+// SkipAnswer skips a single Answer Resource.
+//
+// It does not perform a complete validation of the resource header, which means
+// it may return a nil error when the [AnswerHeader] would actually return an error.
+func (p *Parser) SkipAnswer() error {
+	return p.skipResource(sectionAnswers)
+}
+
+// SkipAllAnswers skips all Answer Resources.
+func (p *Parser) SkipAllAnswers() error {
+	for {
+		if err := p.SkipAnswer(); err == ErrSectionDone {
+			return nil
+		} else if err != nil {
+			return err
+		}
+	}
+}
+
+// AuthorityHeader parses a single Authority ResourceHeader.
+func (p *Parser) AuthorityHeader() (ResourceHeader, error) {
+	return p.resourceHeader(sectionAuthorities)
+}
+
+// Authority parses a single Authority Resource.
+func (p *Parser) Authority() (Resource, error) {
+	return p.resource(sectionAuthorities)
+}
+
+// AllAuthorities parses all Authority Resources.
+func (p *Parser) AllAuthorities() ([]Resource, error) {
+	// Authorities contains SOA in case of NXDOMAIN and friends,
+	// otherwise it is empty.
+	//
+	// Pre-allocate up to a certain limit, since p.header is
+	// untrusted data.
+	n := int(p.header.authorities)
+	if n > 10 {
+		n = 10
+	}
+	as := make([]Resource, 0, n)
+	for {
+		a, err := p.Authority()
+		if err == ErrSectionDone {
+			return as, nil
+		}
+		if err != nil {
+			return nil, err
+		}
+		as = append(as, a)
+	}
+}
+
+// SkipAuthority skips a single Authority Resource.
+//
+// It does not perform a complete validation of the resource header, which means
+// it may return a nil error when the [AuthorityHeader] would actually return an error.
+func (p *Parser) SkipAuthority() error {
+	return p.skipResource(sectionAuthorities)
+}
+
+// SkipAllAuthorities skips all Authority Resources.
+func (p *Parser) SkipAllAuthorities() error {
+	for {
+		if err := p.SkipAuthority(); err == ErrSectionDone {
+			return nil
+		} else if err != nil {
+			return err
+		}
+	}
+}
+
+// AdditionalHeader parses a single Additional ResourceHeader.
+func (p *Parser) AdditionalHeader() (ResourceHeader, error) {
+	return p.resourceHeader(sectionAdditionals)
+}
+
+// Additional parses a single Additional Resource.
+func (p *Parser) Additional() (Resource, error) {
+	return p.resource(sectionAdditionals)
+}
+
+// AllAdditionals parses all Additional Resources.
+func (p *Parser) AllAdditionals() ([]Resource, error) {
+	// Additionals usually contain OPT, and sometimes A/AAAA
+	// glue records.
+	//
+	// Pre-allocate up to a certain limit, since p.header is
+	// untrusted data.
+	n := int(p.header.additionals)
+	if n > 10 {
+		n = 10
+	}
+	as := make([]Resource, 0, n)
+	for {
+		a, err := p.Additional()
+		if err == ErrSectionDone {
+			return as, nil
+		}
+		if err != nil {
+			return nil, err
+		}
+		as = append(as, a)
+	}
+}
+
+// SkipAdditional skips a single Additional Resource.
+//
+// It does not perform a complete validation of the resource header, which means
+// it may return a nil error when the [AdditionalHeader] would actually return an error.
+func (p *Parser) SkipAdditional() error {
+	return p.skipResource(sectionAdditionals)
+}
+
+// SkipAllAdditionals skips all Additional Resources.
+func (p *Parser) SkipAllAdditionals() error {
+	for {
+		if err := p.SkipAdditional(); err == ErrSectionDone {
+			return nil
+		} else if err != nil {
+			return err
+		}
+	}
+}
+
+// CNAMEResource parses a single CNAMEResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) CNAMEResource() (CNAMEResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeCNAME {
+		return CNAMEResource{}, ErrNotStarted
+	}
+	r, err := unpackCNAMEResource(p.msg, p.off)
+	if err != nil {
+		return CNAMEResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// MXResource parses a single MXResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) MXResource() (MXResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeMX {
+		return MXResource{}, ErrNotStarted
+	}
+	r, err := unpackMXResource(p.msg, p.off)
+	if err != nil {
+		return MXResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// NSResource parses a single NSResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) NSResource() (NSResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeNS {
+		return NSResource{}, ErrNotStarted
+	}
+	r, err := unpackNSResource(p.msg, p.off)
+	if err != nil {
+		return NSResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// PTRResource parses a single PTRResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) PTRResource() (PTRResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypePTR {
+		return PTRResource{}, ErrNotStarted
+	}
+	r, err := unpackPTRResource(p.msg, p.off)
+	if err != nil {
+		return PTRResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// SOAResource parses a single SOAResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) SOAResource() (SOAResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeSOA {
+		return SOAResource{}, ErrNotStarted
+	}
+	r, err := unpackSOAResource(p.msg, p.off)
+	if err != nil {
+		return SOAResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// TXTResource parses a single TXTResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) TXTResource() (TXTResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeTXT {
+		return TXTResource{}, ErrNotStarted
+	}
+	r, err := unpackTXTResource(p.msg, p.off, p.resHeaderLength)
+	if err != nil {
+		return TXTResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// SRVResource parses a single SRVResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) SRVResource() (SRVResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeSRV {
+		return SRVResource{}, ErrNotStarted
+	}
+	r, err := unpackSRVResource(p.msg, p.off)
+	if err != nil {
+		return SRVResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// AResource parses a single AResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) AResource() (AResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeA {
+		return AResource{}, ErrNotStarted
+	}
+	r, err := unpackAResource(p.msg, p.off)
+	if err != nil {
+		return AResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// AAAAResource parses a single AAAAResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) AAAAResource() (AAAAResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeAAAA {
+		return AAAAResource{}, ErrNotStarted
+	}
+	r, err := unpackAAAAResource(p.msg, p.off)
+	if err != nil {
+		return AAAAResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// OPTResource parses a single OPTResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) OPTResource() (OPTResource, error) {
+	if !p.resHeaderValid || p.resHeaderType != TypeOPT {
+		return OPTResource{}, ErrNotStarted
+	}
+	r, err := unpackOPTResource(p.msg, p.off, p.resHeaderLength)
+	if err != nil {
+		return OPTResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// UnknownResource parses a single UnknownResource.
+//
+// One of the XXXHeader methods must have been called before calling this
+// method.
+func (p *Parser) UnknownResource() (UnknownResource, error) {
+	if !p.resHeaderValid {
+		return UnknownResource{}, ErrNotStarted
+	}
+	r, err := unpackUnknownResource(p.resHeaderType, p.msg, p.off, p.resHeaderLength)
+	if err != nil {
+		return UnknownResource{}, err
+	}
+	p.off += int(p.resHeaderLength)
+	p.resHeaderValid = false
+	p.index++
+	return r, nil
+}
+
+// Unpack parses a full Message.
+func (m *Message) Unpack(msg []byte) error {
+	var p Parser
+	var err error
+	if m.Header, err = p.Start(msg); err != nil {
+		return err
+	}
+	if m.Questions, err = p.AllQuestions(); err != nil {
+		return err
+	}
+	if m.Answers, err = p.AllAnswers(); err != nil {
+		return err
+	}
+	if m.Authorities, err = p.AllAuthorities(); err != nil {
+		return err
+	}
+	if m.Additionals, err = p.AllAdditionals(); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Pack packs a full Message.
+func (m *Message) Pack() ([]byte, error) {
+	return m.AppendPack(make([]byte, 0, packStartingCap))
+}
+
+// AppendPack is like Pack but appends the full Message to b and returns the
+// extended buffer.
+func (m *Message) AppendPack(b []byte) ([]byte, error) {
+	// Validate the lengths. It is very unlikely that anyone will try to
+	// pack more than 65535 of any particular type, but it is possible and
+	// we should fail gracefully.
+	if len(m.Questions) > int(^uint16(0)) {
+		return nil, errTooManyQuestions
+	}
+	if len(m.Answers) > int(^uint16(0)) {
+		return nil, errTooManyAnswers
+	}
+	if len(m.Authorities) > int(^uint16(0)) {
+		return nil, errTooManyAuthorities
+	}
+	if len(m.Additionals) > int(^uint16(0)) {
+		return nil, errTooManyAdditionals
+	}
+
+	var h header
+	h.id, h.bits = m.Header.pack()
+
+	h.questions = uint16(len(m.Questions))
+	h.answers = uint16(len(m.Answers))
+	h.authorities = uint16(len(m.Authorities))
+	h.additionals = uint16(len(m.Additionals))
+
+	compressionOff := len(b)
+	msg := h.pack(b)
+
+	// RFC 1035 allows (but does not require) compression for packing. RFC
+	// 1035 requires unpacking implementations to support compression, so
+	// unconditionally enabling it is fine.
+	//
+	// DNS lookups are typically done over UDP, and RFC 1035 states that UDP
+	// DNS messages can be a maximum of 512 bytes long. Without compression,
+	// many DNS response messages are over this limit, so enabling
+	// compression will help ensure compliance.
+	compression := map[string]uint16{}
+
+	for i := range m.Questions {
+		var err error
+		if msg, err = m.Questions[i].pack(msg, compression, compressionOff); err != nil {
+			return nil, &nestedError{"packing Question", err}
+		}
+	}
+	for i := range m.Answers {
+		var err error
+		if msg, err = m.Answers[i].pack(msg, compression, compressionOff); err != nil {
+			return nil, &nestedError{"packing Answer", err}
+		}
+	}
+	for i := range m.Authorities {
+		var err error
+		if msg, err = m.Authorities[i].pack(msg, compression, compressionOff); err != nil {
+			return nil, &nestedError{"packing Authority", err}
+		}
+	}
+	for i := range m.Additionals {
+		var err error
+		if msg, err = m.Additionals[i].pack(msg, compression, compressionOff); err != nil {
+			return nil, &nestedError{"packing Additional", err}
+		}
+	}
+
+	return msg, nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (m *Message) GoString() string {
+	s := "dnsmessage.Message{Header: " + m.Header.GoString() + ", " +
+		"Questions: []dnsmessage.Question{"
+	if len(m.Questions) > 0 {
+		s += m.Questions[0].GoString()
+		for _, q := range m.Questions[1:] {
+			s += ", " + q.GoString()
+		}
+	}
+	s += "}, Answers: []dnsmessage.Resource{"
+	if len(m.Answers) > 0 {
+		s += m.Answers[0].GoString()
+		for _, a := range m.Answers[1:] {
+			s += ", " + a.GoString()
+		}
+	}
+	s += "}, Authorities: []dnsmessage.Resource{"
+	if len(m.Authorities) > 0 {
+		s += m.Authorities[0].GoString()
+		for _, a := range m.Authorities[1:] {
+			s += ", " + a.GoString()
+		}
+	}
+	s += "}, Additionals: []dnsmessage.Resource{"
+	if len(m.Additionals) > 0 {
+		s += m.Additionals[0].GoString()
+		for _, a := range m.Additionals[1:] {
+			s += ", " + a.GoString()
+		}
+	}
+	return s + "}}"
+}
+
+// A Builder allows incrementally packing a DNS message.
+//
+// Example usage:
+//
+//	buf := make([]byte, 2, 514)
+//	b := NewBuilder(buf, Header{...})
+//	b.EnableCompression()
+//	// Optionally start a section and add things to that section.
+//	// Repeat adding sections as necessary.
+//	buf, err := b.Finish()
+//	// If err is nil, buf[2:] will contain the built bytes.
+type Builder struct {
+	// msg is the storage for the message being built.
+	msg []byte
+
+	// section keeps track of the current section being built.
+	section section
+
+	// header keeps track of what should go in the header when Finish is
+	// called.
+	header header
+
+	// start is the starting index of the bytes allocated in msg for header.
+	start int
+
+	// compression is a mapping from name suffixes to their starting index
+	// in msg.
+	compression map[string]uint16
+}
+
+// NewBuilder creates a new builder with compression disabled.
+//
+// Note: Most users will want to immediately enable compression with the
+// EnableCompression method. See that method's comment for why you may or may
+// not want to enable compression.
+//
+// The DNS message is appended to the provided initial buffer buf (which may be
+// nil) as it is built. The final message is returned by the (*Builder).Finish
+// method, which includes buf[:len(buf)] and may return the same underlying
+// array if there was sufficient capacity in the slice.
+func NewBuilder(buf []byte, h Header) Builder {
+	if buf == nil {
+		buf = make([]byte, 0, packStartingCap)
+	}
+	b := Builder{msg: buf, start: len(buf)}
+	b.header.id, b.header.bits = h.pack()
+	var hb [headerLen]byte
+	b.msg = append(b.msg, hb[:]...)
+	b.section = sectionHeader
+	return b
+}
+
+// EnableCompression enables compression in the Builder.
+//
+// Leaving compression disabled avoids compression related allocations, but can
+// result in larger message sizes. Be careful with this mode as it can cause
+// messages to exceed the UDP size limit.
+//
+// According to RFC 1035, section 4.1.4, the use of compression is optional, but
+// all implementations must accept both compressed and uncompressed DNS
+// messages.
+//
+// Compression should be enabled before any sections are added for best results.
+func (b *Builder) EnableCompression() {
+	b.compression = map[string]uint16{}
+}
+
+func (b *Builder) startCheck(s section) error {
+	if b.section <= sectionNotStarted {
+		return ErrNotStarted
+	}
+	if b.section > s {
+		return ErrSectionDone
+	}
+	return nil
+}
+
+// StartQuestions prepares the builder for packing Questions.
+func (b *Builder) StartQuestions() error {
+	if err := b.startCheck(sectionQuestions); err != nil {
+		return err
+	}
+	b.section = sectionQuestions
+	return nil
+}
+
+// StartAnswers prepares the builder for packing Answers.
+func (b *Builder) StartAnswers() error {
+	if err := b.startCheck(sectionAnswers); err != nil {
+		return err
+	}
+	b.section = sectionAnswers
+	return nil
+}
+
+// StartAuthorities prepares the builder for packing Authorities.
+func (b *Builder) StartAuthorities() error {
+	if err := b.startCheck(sectionAuthorities); err != nil {
+		return err
+	}
+	b.section = sectionAuthorities
+	return nil
+}
+
+// StartAdditionals prepares the builder for packing Additionals.
+func (b *Builder) StartAdditionals() error {
+	if err := b.startCheck(sectionAdditionals); err != nil {
+		return err
+	}
+	b.section = sectionAdditionals
+	return nil
+}
+
+func (b *Builder) incrementSectionCount() error {
+	var count *uint16
+	var err error
+	switch b.section {
+	case sectionQuestions:
+		count = &b.header.questions
+		err = errTooManyQuestions
+	case sectionAnswers:
+		count = &b.header.answers
+		err = errTooManyAnswers
+	case sectionAuthorities:
+		count = &b.header.authorities
+		err = errTooManyAuthorities
+	case sectionAdditionals:
+		count = &b.header.additionals
+		err = errTooManyAdditionals
+	}
+	if *count == ^uint16(0) {
+		return err
+	}
+	*count++
+	return nil
+}
+
+// Question adds a single Question.
+func (b *Builder) Question(q Question) error {
+	if b.section < sectionQuestions {
+		return ErrNotStarted
+	}
+	if b.section > sectionQuestions {
+		return ErrSectionDone
+	}
+	msg, err := q.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+func (b *Builder) checkResourceSection() error {
+	if b.section < sectionAnswers {
+		return ErrNotStarted
+	}
+	if b.section > sectionAdditionals {
+		return ErrSectionDone
+	}
+	return nil
+}
+
+// CNAMEResource adds a single CNAMEResource.
+func (b *Builder) CNAMEResource(h ResourceHeader, r CNAMEResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"CNAMEResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// MXResource adds a single MXResource.
+func (b *Builder) MXResource(h ResourceHeader, r MXResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"MXResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// NSResource adds a single NSResource.
+func (b *Builder) NSResource(h ResourceHeader, r NSResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"NSResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// PTRResource adds a single PTRResource.
+func (b *Builder) PTRResource(h ResourceHeader, r PTRResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"PTRResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// SOAResource adds a single SOAResource.
+func (b *Builder) SOAResource(h ResourceHeader, r SOAResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"SOAResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// TXTResource adds a single TXTResource.
+func (b *Builder) TXTResource(h ResourceHeader, r TXTResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"TXTResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// SRVResource adds a single SRVResource.
+func (b *Builder) SRVResource(h ResourceHeader, r SRVResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"SRVResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// AResource adds a single AResource.
+func (b *Builder) AResource(h ResourceHeader, r AResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"AResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// AAAAResource adds a single AAAAResource.
+func (b *Builder) AAAAResource(h ResourceHeader, r AAAAResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"AAAAResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// OPTResource adds a single OPTResource.
+func (b *Builder) OPTResource(h ResourceHeader, r OPTResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"OPTResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// UnknownResource adds a single UnknownResource.
+func (b *Builder) UnknownResource(h ResourceHeader, r UnknownResource) error {
+	if err := b.checkResourceSection(); err != nil {
+		return err
+	}
+	h.Type = r.realType()
+	msg, lenOff, err := h.pack(b.msg, b.compression, b.start)
+	if err != nil {
+		return &nestedError{"ResourceHeader", err}
+	}
+	preLen := len(msg)
+	if msg, err = r.pack(msg, b.compression, b.start); err != nil {
+		return &nestedError{"UnknownResource body", err}
+	}
+	if err := h.fixLen(msg, lenOff, preLen); err != nil {
+		return err
+	}
+	if err := b.incrementSectionCount(); err != nil {
+		return err
+	}
+	b.msg = msg
+	return nil
+}
+
+// Finish ends message building and generates a binary message.
+func (b *Builder) Finish() ([]byte, error) {
+	if b.section < sectionHeader {
+		return nil, ErrNotStarted
+	}
+	b.section = sectionDone
+	// Space for the header was allocated in NewBuilder.
+	b.header.pack(b.msg[b.start:b.start])
+	return b.msg, nil
+}
+
+// A ResourceHeader is the header of a DNS resource record. There are
+// many types of DNS resource records, but they all share the same header.
+type ResourceHeader struct {
+	// Name is the domain name for which this resource record pertains.
+	Name Name
+
+	// Type is the type of DNS resource record.
+	//
+	// This field will be set automatically during packing.
+	Type Type
+
+	// Class is the class of network to which this DNS resource record
+	// pertains.
+	Class Class
+
+	// TTL is the length of time (measured in seconds) which this resource
+	// record is valid for (time to live). All Resources in a set should
+	// have the same TTL (RFC 2181 Section 5.2).
+	TTL uint32
+
+	// Length is the length of data in the resource record after the header.
+	//
+	// This field will be set automatically during packing.
+	Length uint16
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (h *ResourceHeader) GoString() string {
+	return "dnsmessage.ResourceHeader{" +
+		"Name: " + h.Name.GoString() + ", " +
+		"Type: " + h.Type.GoString() + ", " +
+		"Class: " + h.Class.GoString() + ", " +
+		"TTL: " + printUint32(h.TTL) + ", " +
+		"Length: " + printUint16(h.Length) + "}"
+}
+
+// pack appends the wire format of the ResourceHeader to oldMsg.
+//
+// lenOff is the offset in msg where the Length field was packed.
+func (h *ResourceHeader) pack(oldMsg []byte, compression map[string]uint16, compressionOff int) (msg []byte, lenOff int, err error) {
+	msg = oldMsg
+	if msg, err = h.Name.pack(msg, compression, compressionOff); err != nil {
+		return oldMsg, 0, &nestedError{"Name", err}
+	}
+	msg = packType(msg, h.Type)
+	msg = packClass(msg, h.Class)
+	msg = packUint32(msg, h.TTL)
+	lenOff = len(msg)
+	msg = packUint16(msg, h.Length)
+	return msg, lenOff, nil
+}
+
+func (h *ResourceHeader) unpack(msg []byte, off int) (int, error) {
+	newOff := off
+	var err error
+	if newOff, err = h.Name.unpack(msg, newOff); err != nil {
+		return off, &nestedError{"Name", err}
+	}
+	if h.Type, newOff, err = unpackType(msg, newOff); err != nil {
+		return off, &nestedError{"Type", err}
+	}
+	if h.Class, newOff, err = unpackClass(msg, newOff); err != nil {
+		return off, &nestedError{"Class", err}
+	}
+	if h.TTL, newOff, err = unpackUint32(msg, newOff); err != nil {
+		return off, &nestedError{"TTL", err}
+	}
+	if h.Length, newOff, err = unpackUint16(msg, newOff); err != nil {
+		return off, &nestedError{"Length", err}
+	}
+	return newOff, nil
+}
+
+// fixLen updates a packed ResourceHeader to include the length of the
+// ResourceBody.
+//
+// lenOff is the offset of the ResourceHeader.Length field in msg.
+//
+// preLen is the length that msg was before the ResourceBody was packed.
+func (h *ResourceHeader) fixLen(msg []byte, lenOff int, preLen int) error {
+	conLen := len(msg) - preLen
+	if conLen > int(^uint16(0)) {
+		return errResTooLong
+	}
+
+	// Fill in the length now that we know how long the content is.
+	packUint16(msg[lenOff:lenOff], uint16(conLen))
+	h.Length = uint16(conLen)
+
+	return nil
+}
+
+// EDNS(0) wire constants.
+const (
+	edns0Version = 0
+
+	edns0DNSSECOK     = 0x00008000
+	ednsVersionMask   = 0x00ff0000
+	edns0DNSSECOKMask = 0x00ff8000
+)
+
+// SetEDNS0 configures h for EDNS(0).
+//
+// The provided extRCode must be an extended RCode.
+func (h *ResourceHeader) SetEDNS0(udpPayloadLen int, extRCode RCode, dnssecOK bool) error {
+	h.Name = Name{Data: [255]byte{'.'}, Length: 1} // RFC 6891 section 6.1.2
+	h.Type = TypeOPT
+	h.Class = Class(udpPayloadLen)
+	h.TTL = uint32(extRCode) >> 4 << 24
+	if dnssecOK {
+		h.TTL |= edns0DNSSECOK
+	}
+	return nil
+}
+
+// DNSSECAllowed reports whether the DNSSEC OK bit is set.
+func (h *ResourceHeader) DNSSECAllowed() bool {
+	return h.TTL&edns0DNSSECOKMask == edns0DNSSECOK // RFC 6891 section 6.1.3
+}
+
+// ExtendedRCode returns an extended RCode.
+//
+// The provided rcode must be the RCode in DNS message header.
+func (h *ResourceHeader) ExtendedRCode(rcode RCode) RCode {
+	if h.TTL&ednsVersionMask == edns0Version { // RFC 6891 section 6.1.3
+		return RCode(h.TTL>>24<<4) | rcode
+	}
+	return rcode
+}
+
+func skipResource(msg []byte, off int) (int, error) {
+	newOff, err := skipName(msg, off)
+	if err != nil {
+		return off, &nestedError{"Name", err}
+	}
+	if newOff, err = skipType(msg, newOff); err != nil {
+		return off, &nestedError{"Type", err}
+	}
+	if newOff, err = skipClass(msg, newOff); err != nil {
+		return off, &nestedError{"Class", err}
+	}
+	if newOff, err = skipUint32(msg, newOff); err != nil {
+		return off, &nestedError{"TTL", err}
+	}
+	length, newOff, err := unpackUint16(msg, newOff)
+	if err != nil {
+		return off, &nestedError{"Length", err}
+	}
+	if newOff += int(length); newOff > len(msg) {
+		return off, errResourceLen
+	}
+	return newOff, nil
+}
+
+// packUint16 appends the wire format of field to msg.
+func packUint16(msg []byte, field uint16) []byte {
+	return append(msg, byte(field>>8), byte(field))
+}
+
+func unpackUint16(msg []byte, off int) (uint16, int, error) {
+	if off+uint16Len > len(msg) {
+		return 0, off, errBaseLen
+	}
+	return uint16(msg[off])<<8 | uint16(msg[off+1]), off + uint16Len, nil
+}
+
+func skipUint16(msg []byte, off int) (int, error) {
+	if off+uint16Len > len(msg) {
+		return off, errBaseLen
+	}
+	return off + uint16Len, nil
+}
+
+// packType appends the wire format of field to msg.
+func packType(msg []byte, field Type) []byte {
+	return packUint16(msg, uint16(field))
+}
+
+func unpackType(msg []byte, off int) (Type, int, error) {
+	t, o, err := unpackUint16(msg, off)
+	return Type(t), o, err
+}
+
+func skipType(msg []byte, off int) (int, error) {
+	return skipUint16(msg, off)
+}
+
+// packClass appends the wire format of field to msg.
+func packClass(msg []byte, field Class) []byte {
+	return packUint16(msg, uint16(field))
+}
+
+func unpackClass(msg []byte, off int) (Class, int, error) {
+	c, o, err := unpackUint16(msg, off)
+	return Class(c), o, err
+}
+
+func skipClass(msg []byte, off int) (int, error) {
+	return skipUint16(msg, off)
+}
+
+// packUint32 appends the wire format of field to msg.
+func packUint32(msg []byte, field uint32) []byte {
+	return append(
+		msg,
+		byte(field>>24),
+		byte(field>>16),
+		byte(field>>8),
+		byte(field),
+	)
+}
+
+func unpackUint32(msg []byte, off int) (uint32, int, error) {
+	if off+uint32Len > len(msg) {
+		return 0, off, errBaseLen
+	}
+	v := uint32(msg[off])<<24 | uint32(msg[off+1])<<16 | uint32(msg[off+2])<<8 | uint32(msg[off+3])
+	return v, off + uint32Len, nil
+}
+
+func skipUint32(msg []byte, off int) (int, error) {
+	if off+uint32Len > len(msg) {
+		return off, errBaseLen
+	}
+	return off + uint32Len, nil
+}
+
+// packText appends the wire format of field to msg.
+func packText(msg []byte, field string) ([]byte, error) {
+	l := len(field)
+	if l > 255 {
+		return nil, errStringTooLong
+	}
+	msg = append(msg, byte(l))
+	msg = append(msg, field...)
+
+	return msg, nil
+}
+
+func unpackText(msg []byte, off int) (string, int, error) {
+	if off >= len(msg) {
+		return "", off, errBaseLen
+	}
+	beginOff := off + 1
+	endOff := beginOff + int(msg[off])
+	if endOff > len(msg) {
+		return "", off, errCalcLen
+	}
+	return string(msg[beginOff:endOff]), endOff, nil
+}
+
+// packBytes appends the wire format of field to msg.
+func packBytes(msg []byte, field []byte) []byte {
+	return append(msg, field...)
+}
+
+func unpackBytes(msg []byte, off int, field []byte) (int, error) {
+	newOff := off + len(field)
+	if newOff > len(msg) {
+		return off, errBaseLen
+	}
+	copy(field, msg[off:newOff])
+	return newOff, nil
+}
+
+const nonEncodedNameMax = 254
+
+// A Name is a non-encoded and non-escaped domain name. It is used instead of strings to avoid
+// allocations.
+type Name struct {
+	Data   [255]byte
+	Length uint8
+}
+
+// NewName creates a new Name from a string.
+func NewName(name string) (Name, error) {
+	n := Name{Length: uint8(len(name))}
+	if len(name) > len(n.Data) {
+		return Name{}, errCalcLen
+	}
+	copy(n.Data[:], name)
+	return n, nil
+}
+
+// MustNewName creates a new Name from a string and panics on error.
+func MustNewName(name string) Name {
+	n, err := NewName(name)
+	if err != nil {
+		panic("creating name: " + err.Error())
+	}
+	return n
+}
+
+// String implements fmt.Stringer.String.
+//
+// Note: characters inside the labels are not escaped in any way.
+func (n Name) String() string {
+	return string(n.Data[:n.Length])
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (n *Name) GoString() string {
+	return `dnsmessage.MustNewName("` + printString(n.Data[:n.Length]) + `")`
+}
+
+// pack appends the wire format of the Name to msg.
+//
+// Domain names are a sequence of counted strings split at the dots. They end
+// with a zero-length string. Compression can be used to reuse domain suffixes.
+//
+// The compression map will be updated with new domain suffixes. If compression
+// is nil, compression will not be used.
+func (n *Name) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	oldMsg := msg
+
+	if n.Length > nonEncodedNameMax {
+		return nil, errNameTooLong
+	}
+
+	// Add a trailing dot to canonicalize name.
+	if n.Length == 0 || n.Data[n.Length-1] != '.' {
+		return oldMsg, errNonCanonicalName
+	}
+
+	// Allow root domain.
+	if n.Data[0] == '.' && n.Length == 1 {
+		return append(msg, 0), nil
+	}
+
+	var nameAsStr string
+
+	// Emit sequence of counted strings, chopping at dots.
+	for i, begin := 0, 0; i < int(n.Length); i++ {
+		// Check for the end of the segment.
+		if n.Data[i] == '.' {
+			// The two most significant bits have special meaning.
+			// It isn't allowed for segments to be long enough to
+			// need them.
+			if i-begin >= 1<<6 {
+				return oldMsg, errSegTooLong
+			}
+
+			// Segments must have a non-zero length.
+			if i-begin == 0 {
+				return oldMsg, errZeroSegLen
+			}
+
+			msg = append(msg, byte(i-begin))
+
+			for j := begin; j < i; j++ {
+				msg = append(msg, n.Data[j])
+			}
+
+			begin = i + 1
+			continue
+		}
+
+		// We can only compress domain suffixes starting with a new
+		// segment. A pointer is two bytes with the two most significant
+		// bits set to 1 to indicate that it is a pointer.
+		if (i == 0 || n.Data[i-1] == '.') && compression != nil {
+			if ptr, ok := compression[string(n.Data[i:n.Length])]; ok {
+				// Hit. Emit a pointer instead of the rest of
+				// the domain.
+				return append(msg, byte(ptr>>8|0xC0), byte(ptr)), nil
+			}
+
+			// Miss. Add the suffix to the compression table if the
+			// offset can be stored in the available 14 bits.
+			newPtr := len(msg) - compressionOff
+			if newPtr <= int(^uint16(0)>>2) {
+				if nameAsStr == "" {
+					// allocate n.Data on the heap once, to avoid allocating it
+					// multiple times (for next labels).
+					nameAsStr = string(n.Data[:n.Length])
+				}
+				compression[nameAsStr[i:]] = uint16(newPtr)
+			}
+		}
+	}
+	return append(msg, 0), nil
+}
+
+// unpack unpacks a domain name.
+func (n *Name) unpack(msg []byte, off int) (int, error) {
+	// currOff is the current working offset.
+	currOff := off
+
+	// newOff is the offset where the next record will start. Pointers lead
+	// to data that belongs to other names and thus doesn't count towards to
+	// the usage of this name.
+	newOff := off
+
+	// ptr is the number of pointers followed.
+	var ptr int
+
+	// Name is a slice representation of the name data.
+	name := n.Data[:0]
+
+Loop:
+	for {
+		if currOff >= len(msg) {
+			return off, errBaseLen
+		}
+		c := int(msg[currOff])
+		currOff++
+		switch c & 0xC0 {
+		case 0x00: // String segment
+			if c == 0x00 {
+				// A zero length signals the end of the name.
+				break Loop
+			}
+			endOff := currOff + c
+			if endOff > len(msg) {
+				return off, errCalcLen
+			}
+
+			// Reject names containing dots.
+			// See issue golang/go#56246
+			for _, v := range msg[currOff:endOff] {
+				if v == '.' {
+					return off, errInvalidName
+				}
+			}
+
+			name = append(name, msg[currOff:endOff]...)
+			name = append(name, '.')
+			currOff = endOff
+		case 0xC0: // Pointer
+			if currOff >= len(msg) {
+				return off, errInvalidPtr
+			}
+			c1 := msg[currOff]
+			currOff++
+			if ptr == 0 {
+				newOff = currOff
+			}
+			// Don't follow too many pointers, maybe there's a loop.
+			if ptr++; ptr > 10 {
+				return off, errTooManyPtr
+			}
+			currOff = (c^0xC0)<<8 | int(c1)
+		default:
+			// Prefixes 0x80 and 0x40 are reserved.
+			return off, errReserved
+		}
+	}
+	if len(name) == 0 {
+		name = append(name, '.')
+	}
+	if len(name) > nonEncodedNameMax {
+		return off, errNameTooLong
+	}
+	n.Length = uint8(len(name))
+	if ptr == 0 {
+		newOff = currOff
+	}
+	return newOff, nil
+}
+
+func skipName(msg []byte, off int) (int, error) {
+	// newOff is the offset where the next record will start. Pointers lead
+	// to data that belongs to other names and thus doesn't count towards to
+	// the usage of this name.
+	newOff := off
+
+Loop:
+	for {
+		if newOff >= len(msg) {
+			return off, errBaseLen
+		}
+		c := int(msg[newOff])
+		newOff++
+		switch c & 0xC0 {
+		case 0x00:
+			if c == 0x00 {
+				// A zero length signals the end of the name.
+				break Loop
+			}
+			// literal string
+			newOff += c
+			if newOff > len(msg) {
+				return off, errCalcLen
+			}
+		case 0xC0:
+			// Pointer to somewhere else in msg.
+
+			// Pointers are two bytes.
+			newOff++
+
+			// Don't follow the pointer as the data here has ended.
+			break Loop
+		default:
+			// Prefixes 0x80 and 0x40 are reserved.
+			return off, errReserved
+		}
+	}
+
+	return newOff, nil
+}
+
+// A Question is a DNS query.
+type Question struct {
+	Name  Name
+	Type  Type
+	Class Class
+}
+
+// pack appends the wire format of the Question to msg.
+func (q *Question) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	msg, err := q.Name.pack(msg, compression, compressionOff)
+	if err != nil {
+		return msg, &nestedError{"Name", err}
+	}
+	msg = packType(msg, q.Type)
+	return packClass(msg, q.Class), nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (q *Question) GoString() string {
+	return "dnsmessage.Question{" +
+		"Name: " + q.Name.GoString() + ", " +
+		"Type: " + q.Type.GoString() + ", " +
+		"Class: " + q.Class.GoString() + "}"
+}
+
+func unpackResourceBody(msg []byte, off int, hdr ResourceHeader) (ResourceBody, int, error) {
+	var (
+		r    ResourceBody
+		err  error
+		name string
+	)
+	switch hdr.Type {
+	case TypeA:
+		var rb AResource
+		rb, err = unpackAResource(msg, off)
+		r = &rb
+		name = "A"
+	case TypeNS:
+		var rb NSResource
+		rb, err = unpackNSResource(msg, off)
+		r = &rb
+		name = "NS"
+	case TypeCNAME:
+		var rb CNAMEResource
+		rb, err = unpackCNAMEResource(msg, off)
+		r = &rb
+		name = "CNAME"
+	case TypeSOA:
+		var rb SOAResource
+		rb, err = unpackSOAResource(msg, off)
+		r = &rb
+		name = "SOA"
+	case TypePTR:
+		var rb PTRResource
+		rb, err = unpackPTRResource(msg, off)
+		r = &rb
+		name = "PTR"
+	case TypeMX:
+		var rb MXResource
+		rb, err = unpackMXResource(msg, off)
+		r = &rb
+		name = "MX"
+	case TypeTXT:
+		var rb TXTResource
+		rb, err = unpackTXTResource(msg, off, hdr.Length)
+		r = &rb
+		name = "TXT"
+	case TypeAAAA:
+		var rb AAAAResource
+		rb, err = unpackAAAAResource(msg, off)
+		r = &rb
+		name = "AAAA"
+	case TypeSRV:
+		var rb SRVResource
+		rb, err = unpackSRVResource(msg, off)
+		r = &rb
+		name = "SRV"
+	case TypeOPT:
+		var rb OPTResource
+		rb, err = unpackOPTResource(msg, off, hdr.Length)
+		r = &rb
+		name = "OPT"
+	default:
+		var rb UnknownResource
+		rb, err = unpackUnknownResource(hdr.Type, msg, off, hdr.Length)
+		r = &rb
+		name = "Unknown"
+	}
+	if err != nil {
+		return nil, off, &nestedError{name + " record", err}
+	}
+	return r, off + int(hdr.Length), nil
+}
+
+// A CNAMEResource is a CNAME Resource record.
+type CNAMEResource struct {
+	CNAME Name
+}
+
+func (r *CNAMEResource) realType() Type {
+	return TypeCNAME
+}
+
+// pack appends the wire format of the CNAMEResource to msg.
+func (r *CNAMEResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	return r.CNAME.pack(msg, compression, compressionOff)
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *CNAMEResource) GoString() string {
+	return "dnsmessage.CNAMEResource{CNAME: " + r.CNAME.GoString() + "}"
+}
+
+func unpackCNAMEResource(msg []byte, off int) (CNAMEResource, error) {
+	var cname Name
+	if _, err := cname.unpack(msg, off); err != nil {
+		return CNAMEResource{}, err
+	}
+	return CNAMEResource{cname}, nil
+}
+
+// An MXResource is an MX Resource record.
+type MXResource struct {
+	Pref uint16
+	MX   Name
+}
+
+func (r *MXResource) realType() Type {
+	return TypeMX
+}
+
+// pack appends the wire format of the MXResource to msg.
+func (r *MXResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	oldMsg := msg
+	msg = packUint16(msg, r.Pref)
+	msg, err := r.MX.pack(msg, compression, compressionOff)
+	if err != nil {
+		return oldMsg, &nestedError{"MXResource.MX", err}
+	}
+	return msg, nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *MXResource) GoString() string {
+	return "dnsmessage.MXResource{" +
+		"Pref: " + printUint16(r.Pref) + ", " +
+		"MX: " + r.MX.GoString() + "}"
+}
+
+func unpackMXResource(msg []byte, off int) (MXResource, error) {
+	pref, off, err := unpackUint16(msg, off)
+	if err != nil {
+		return MXResource{}, &nestedError{"Pref", err}
+	}
+	var mx Name
+	if _, err := mx.unpack(msg, off); err != nil {
+		return MXResource{}, &nestedError{"MX", err}
+	}
+	return MXResource{pref, mx}, nil
+}
+
+// An NSResource is an NS Resource record.
+type NSResource struct {
+	NS Name
+}
+
+func (r *NSResource) realType() Type {
+	return TypeNS
+}
+
+// pack appends the wire format of the NSResource to msg.
+func (r *NSResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	return r.NS.pack(msg, compression, compressionOff)
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *NSResource) GoString() string {
+	return "dnsmessage.NSResource{NS: " + r.NS.GoString() + "}"
+}
+
+func unpackNSResource(msg []byte, off int) (NSResource, error) {
+	var ns Name
+	if _, err := ns.unpack(msg, off); err != nil {
+		return NSResource{}, err
+	}
+	return NSResource{ns}, nil
+}
+
+// A PTRResource is a PTR Resource record.
+type PTRResource struct {
+	PTR Name
+}
+
+func (r *PTRResource) realType() Type {
+	return TypePTR
+}
+
+// pack appends the wire format of the PTRResource to msg.
+func (r *PTRResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	return r.PTR.pack(msg, compression, compressionOff)
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *PTRResource) GoString() string {
+	return "dnsmessage.PTRResource{PTR: " + r.PTR.GoString() + "}"
+}
+
+func unpackPTRResource(msg []byte, off int) (PTRResource, error) {
+	var ptr Name
+	if _, err := ptr.unpack(msg, off); err != nil {
+		return PTRResource{}, err
+	}
+	return PTRResource{ptr}, nil
+}
+
+// An SOAResource is an SOA Resource record.
+type SOAResource struct {
+	NS      Name
+	MBox    Name
+	Serial  uint32
+	Refresh uint32
+	Retry   uint32
+	Expire  uint32
+
+	// MinTTL the is the default TTL of Resources records which did not
+	// contain a TTL value and the TTL of negative responses. (RFC 2308
+	// Section 4)
+	MinTTL uint32
+}
+
+func (r *SOAResource) realType() Type {
+	return TypeSOA
+}
+
+// pack appends the wire format of the SOAResource to msg.
+func (r *SOAResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	oldMsg := msg
+	msg, err := r.NS.pack(msg, compression, compressionOff)
+	if err != nil {
+		return oldMsg, &nestedError{"SOAResource.NS", err}
+	}
+	msg, err = r.MBox.pack(msg, compression, compressionOff)
+	if err != nil {
+		return oldMsg, &nestedError{"SOAResource.MBox", err}
+	}
+	msg = packUint32(msg, r.Serial)
+	msg = packUint32(msg, r.Refresh)
+	msg = packUint32(msg, r.Retry)
+	msg = packUint32(msg, r.Expire)
+	return packUint32(msg, r.MinTTL), nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *SOAResource) GoString() string {
+	return "dnsmessage.SOAResource{" +
+		"NS: " + r.NS.GoString() + ", " +
+		"MBox: " + r.MBox.GoString() + ", " +
+		"Serial: " + printUint32(r.Serial) + ", " +
+		"Refresh: " + printUint32(r.Refresh) + ", " +
+		"Retry: " + printUint32(r.Retry) + ", " +
+		"Expire: " + printUint32(r.Expire) + ", " +
+		"MinTTL: " + printUint32(r.MinTTL) + "}"
+}
+
+func unpackSOAResource(msg []byte, off int) (SOAResource, error) {
+	var ns Name
+	off, err := ns.unpack(msg, off)
+	if err != nil {
+		return SOAResource{}, &nestedError{"NS", err}
+	}
+	var mbox Name
+	if off, err = mbox.unpack(msg, off); err != nil {
+		return SOAResource{}, &nestedError{"MBox", err}
+	}
+	serial, off, err := unpackUint32(msg, off)
+	if err != nil {
+		return SOAResource{}, &nestedError{"Serial", err}
+	}
+	refresh, off, err := unpackUint32(msg, off)
+	if err != nil {
+		return SOAResource{}, &nestedError{"Refresh", err}
+	}
+	retry, off, err := unpackUint32(msg, off)
+	if err != nil {
+		return SOAResource{}, &nestedError{"Retry", err}
+	}
+	expire, off, err := unpackUint32(msg, off)
+	if err != nil {
+		return SOAResource{}, &nestedError{"Expire", err}
+	}
+	minTTL, _, err := unpackUint32(msg, off)
+	if err != nil {
+		return SOAResource{}, &nestedError{"MinTTL", err}
+	}
+	return SOAResource{ns, mbox, serial, refresh, retry, expire, minTTL}, nil
+}
+
+// A TXTResource is a TXT Resource record.
+type TXTResource struct {
+	TXT []string
+}
+
+func (r *TXTResource) realType() Type {
+	return TypeTXT
+}
+
+// pack appends the wire format of the TXTResource to msg.
+func (r *TXTResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	oldMsg := msg
+	for _, s := range r.TXT {
+		var err error
+		msg, err = packText(msg, s)
+		if err != nil {
+			return oldMsg, err
+		}
+	}
+	return msg, nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *TXTResource) GoString() string {
+	s := "dnsmessage.TXTResource{TXT: []string{"
+	if len(r.TXT) == 0 {
+		return s + "}}"
+	}
+	s += `"` + printString([]byte(r.TXT[0]))
+	for _, t := range r.TXT[1:] {
+		s += `", "` + printString([]byte(t))
+	}
+	return s + `"}}`
+}
+
+func unpackTXTResource(msg []byte, off int, length uint16) (TXTResource, error) {
+	txts := make([]string, 0, 1)
+	for n := uint16(0); n < length; {
+		var t string
+		var err error
+		if t, off, err = unpackText(msg, off); err != nil {
+			return TXTResource{}, &nestedError{"text", err}
+		}
+		// Check if we got too many bytes.
+		if length-n < uint16(len(t))+1 {
+			return TXTResource{}, errCalcLen
+		}
+		n += uint16(len(t)) + 1
+		txts = append(txts, t)
+	}
+	return TXTResource{txts}, nil
+}
+
+// An SRVResource is an SRV Resource record.
+type SRVResource struct {
+	Priority uint16
+	Weight   uint16
+	Port     uint16
+	Target   Name // Not compressed as per RFC 2782.
+}
+
+func (r *SRVResource) realType() Type {
+	return TypeSRV
+}
+
+// pack appends the wire format of the SRVResource to msg.
+func (r *SRVResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	oldMsg := msg
+	msg = packUint16(msg, r.Priority)
+	msg = packUint16(msg, r.Weight)
+	msg = packUint16(msg, r.Port)
+	msg, err := r.Target.pack(msg, nil, compressionOff)
+	if err != nil {
+		return oldMsg, &nestedError{"SRVResource.Target", err}
+	}
+	return msg, nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *SRVResource) GoString() string {
+	return "dnsmessage.SRVResource{" +
+		"Priority: " + printUint16(r.Priority) + ", " +
+		"Weight: " + printUint16(r.Weight) + ", " +
+		"Port: " + printUint16(r.Port) + ", " +
+		"Target: " + r.Target.GoString() + "}"
+}
+
+func unpackSRVResource(msg []byte, off int) (SRVResource, error) {
+	priority, off, err := unpackUint16(msg, off)
+	if err != nil {
+		return SRVResource{}, &nestedError{"Priority", err}
+	}
+	weight, off, err := unpackUint16(msg, off)
+	if err != nil {
+		return SRVResource{}, &nestedError{"Weight", err}
+	}
+	port, off, err := unpackUint16(msg, off)
+	if err != nil {
+		return SRVResource{}, &nestedError{"Port", err}
+	}
+	var target Name
+	if _, err := target.unpack(msg, off); err != nil {
+		return SRVResource{}, &nestedError{"Target", err}
+	}
+	return SRVResource{priority, weight, port, target}, nil
+}
+
+// An AResource is an A Resource record.
+type AResource struct {
+	A [4]byte
+}
+
+func (r *AResource) realType() Type {
+	return TypeA
+}
+
+// pack appends the wire format of the AResource to msg.
+func (r *AResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	return packBytes(msg, r.A[:]), nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *AResource) GoString() string {
+	return "dnsmessage.AResource{" +
+		"A: [4]byte{" + printByteSlice(r.A[:]) + "}}"
+}
+
+func unpackAResource(msg []byte, off int) (AResource, error) {
+	var a [4]byte
+	if _, err := unpackBytes(msg, off, a[:]); err != nil {
+		return AResource{}, err
+	}
+	return AResource{a}, nil
+}
+
+// An AAAAResource is an AAAA Resource record.
+type AAAAResource struct {
+	AAAA [16]byte
+}
+
+func (r *AAAAResource) realType() Type {
+	return TypeAAAA
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *AAAAResource) GoString() string {
+	return "dnsmessage.AAAAResource{" +
+		"AAAA: [16]byte{" + printByteSlice(r.AAAA[:]) + "}}"
+}
+
+// pack appends the wire format of the AAAAResource to msg.
+func (r *AAAAResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	return packBytes(msg, r.AAAA[:]), nil
+}
+
+func unpackAAAAResource(msg []byte, off int) (AAAAResource, error) {
+	var aaaa [16]byte
+	if _, err := unpackBytes(msg, off, aaaa[:]); err != nil {
+		return AAAAResource{}, err
+	}
+	return AAAAResource{aaaa}, nil
+}
+
+// An OPTResource is an OPT pseudo Resource record.
+//
+// The pseudo resource record is part of the extension mechanisms for DNS
+// as defined in RFC 6891.
+type OPTResource struct {
+	Options []Option
+}
+
+// An Option represents a DNS message option within OPTResource.
+//
+// The message option is part of the extension mechanisms for DNS as
+// defined in RFC 6891.
+type Option struct {
+	Code uint16 // option code
+	Data []byte
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (o *Option) GoString() string {
+	return "dnsmessage.Option{" +
+		"Code: " + printUint16(o.Code) + ", " +
+		"Data: []byte{" + printByteSlice(o.Data) + "}}"
+}
+
+func (r *OPTResource) realType() Type {
+	return TypeOPT
+}
+
+func (r *OPTResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	for _, opt := range r.Options {
+		msg = packUint16(msg, opt.Code)
+		l := uint16(len(opt.Data))
+		msg = packUint16(msg, l)
+		msg = packBytes(msg, opt.Data)
+	}
+	return msg, nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *OPTResource) GoString() string {
+	s := "dnsmessage.OPTResource{Options: []dnsmessage.Option{"
+	if len(r.Options) == 0 {
+		return s + "}}"
+	}
+	s += r.Options[0].GoString()
+	for _, o := range r.Options[1:] {
+		s += ", " + o.GoString()
+	}
+	return s + "}}"
+}
+
+func unpackOPTResource(msg []byte, off int, length uint16) (OPTResource, error) {
+	var opts []Option
+	for oldOff := off; off < oldOff+int(length); {
+		var err error
+		var o Option
+		o.Code, off, err = unpackUint16(msg, off)
+		if err != nil {
+			return OPTResource{}, &nestedError{"Code", err}
+		}
+		var l uint16
+		l, off, err = unpackUint16(msg, off)
+		if err != nil {
+			return OPTResource{}, &nestedError{"Data", err}
+		}
+		o.Data = make([]byte, l)
+		if copy(o.Data, msg[off:]) != int(l) {
+			return OPTResource{}, &nestedError{"Data", errCalcLen}
+		}
+		off += int(l)
+		opts = append(opts, o)
+	}
+	return OPTResource{opts}, nil
+}
+
+// An UnknownResource is a catch-all container for unknown record types.
+type UnknownResource struct {
+	Type Type
+	Data []byte
+}
+
+func (r *UnknownResource) realType() Type {
+	return r.Type
+}
+
+// pack appends the wire format of the UnknownResource to msg.
+func (r *UnknownResource) pack(msg []byte, compression map[string]uint16, compressionOff int) ([]byte, error) {
+	return packBytes(msg, r.Data[:]), nil
+}
+
+// GoString implements fmt.GoStringer.GoString.
+func (r *UnknownResource) GoString() string {
+	return "dnsmessage.UnknownResource{" +
+		"Type: " + r.Type.GoString() + ", " +
+		"Data: []byte{" + printByteSlice(r.Data) + "}}"
+}
+
+func unpackUnknownResource(recordType Type, msg []byte, off int, length uint16) (UnknownResource, error) {
+	parsed := UnknownResource{
+		Type: recordType,
+		Data: make([]byte, length),
+	}
+	if _, err := unpackBytes(msg, off, parsed.Data); err != nil {
+		return UnknownResource{}, err
+	}
+	return parsed, nil
+}
diff --git a/server/vendor/golang.org/x/net/http2/transport.go b/server/vendor/golang.org/x/net/http2/transport.go
index df578b8..c2a5b44 100644
--- a/server/vendor/golang.org/x/net/http2/transport.go
+++ b/server/vendor/golang.org/x/net/http2/transport.go
@@ -2911,6 +2911,15 @@ func (rl *clientConnReadLoop) processWindowUpdate(f *WindowUpdateFrame) error {
 		fl = &cs.flow
 	}
 	if !fl.add(int32(f.Increment)) {
+		// For stream, the sender sends RST_STREAM with an error code of FLOW_CONTROL_ERROR
+		if cs != nil {
+			rl.endStreamError(cs, StreamError{
+				StreamID: f.StreamID,
+				Code:     ErrCodeFlowControl,
+			})
+			return nil
+		}
+
 		return ConnectionError(ErrCodeFlowControl)
 	}
 	cc.cond.Broadcast()
diff --git a/server/vendor/golang.org/x/net/internal/iana/const.go b/server/vendor/golang.org/x/net/internal/iana/const.go
new file mode 100644
index 0000000..cea712f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/iana/const.go
@@ -0,0 +1,223 @@
+// go generate gen.go
+// Code generated by the command above; DO NOT EDIT.
+
+// Package iana provides protocol number resources managed by the Internet Assigned Numbers Authority (IANA).
+package iana // import "golang.org/x/net/internal/iana"
+
+// Differentiated Services Field Codepoints (DSCP), Updated: 2018-05-04
+const (
+	DiffServCS0           = 0x00 // CS0
+	DiffServCS1           = 0x20 // CS1
+	DiffServCS2           = 0x40 // CS2
+	DiffServCS3           = 0x60 // CS3
+	DiffServCS4           = 0x80 // CS4
+	DiffServCS5           = 0xa0 // CS5
+	DiffServCS6           = 0xc0 // CS6
+	DiffServCS7           = 0xe0 // CS7
+	DiffServAF11          = 0x28 // AF11
+	DiffServAF12          = 0x30 // AF12
+	DiffServAF13          = 0x38 // AF13
+	DiffServAF21          = 0x48 // AF21
+	DiffServAF22          = 0x50 // AF22
+	DiffServAF23          = 0x58 // AF23
+	DiffServAF31          = 0x68 // AF31
+	DiffServAF32          = 0x70 // AF32
+	DiffServAF33          = 0x78 // AF33
+	DiffServAF41          = 0x88 // AF41
+	DiffServAF42          = 0x90 // AF42
+	DiffServAF43          = 0x98 // AF43
+	DiffServEF            = 0xb8 // EF
+	DiffServVOICEADMIT    = 0xb0 // VOICE-ADMIT
+	NotECNTransport       = 0x00 // Not-ECT (Not ECN-Capable Transport)
+	ECNTransport1         = 0x01 // ECT(1) (ECN-Capable Transport(1))
+	ECNTransport0         = 0x02 // ECT(0) (ECN-Capable Transport(0))
+	CongestionExperienced = 0x03 // CE (Congestion Experienced)
+)
+
+// Protocol Numbers, Updated: 2017-10-13
+const (
+	ProtocolIP             = 0   // IPv4 encapsulation, pseudo protocol number
+	ProtocolHOPOPT         = 0   // IPv6 Hop-by-Hop Option
+	ProtocolICMP           = 1   // Internet Control Message
+	ProtocolIGMP           = 2   // Internet Group Management
+	ProtocolGGP            = 3   // Gateway-to-Gateway
+	ProtocolIPv4           = 4   // IPv4 encapsulation
+	ProtocolST             = 5   // Stream
+	ProtocolTCP            = 6   // Transmission Control
+	ProtocolCBT            = 7   // CBT
+	ProtocolEGP            = 8   // Exterior Gateway Protocol
+	ProtocolIGP            = 9   // any private interior gateway (used by Cisco for their IGRP)
+	ProtocolBBNRCCMON      = 10  // BBN RCC Monitoring
+	ProtocolNVPII          = 11  // Network Voice Protocol
+	ProtocolPUP            = 12  // PUP
+	ProtocolEMCON          = 14  // EMCON
+	ProtocolXNET           = 15  // Cross Net Debugger
+	ProtocolCHAOS          = 16  // Chaos
+	ProtocolUDP            = 17  // User Datagram
+	ProtocolMUX            = 18  // Multiplexing
+	ProtocolDCNMEAS        = 19  // DCN Measurement Subsystems
+	ProtocolHMP            = 20  // Host Monitoring
+	ProtocolPRM            = 21  // Packet Radio Measurement
+	ProtocolXNSIDP         = 22  // XEROX NS IDP
+	ProtocolTRUNK1         = 23  // Trunk-1
+	ProtocolTRUNK2         = 24  // Trunk-2
+	ProtocolLEAF1          = 25  // Leaf-1
+	ProtocolLEAF2          = 26  // Leaf-2
+	ProtocolRDP            = 27  // Reliable Data Protocol
+	ProtocolIRTP           = 28  // Internet Reliable Transaction
+	ProtocolISOTP4         = 29  // ISO Transport Protocol Class 4
+	ProtocolNETBLT         = 30  // Bulk Data Transfer Protocol
+	ProtocolMFENSP         = 31  // MFE Network Services Protocol
+	ProtocolMERITINP       = 32  // MERIT Internodal Protocol
+	ProtocolDCCP           = 33  // Datagram Congestion Control Protocol
+	Protocol3PC            = 34  // Third Party Connect Protocol
+	ProtocolIDPR           = 35  // Inter-Domain Policy Routing Protocol
+	ProtocolXTP            = 36  // XTP
+	ProtocolDDP            = 37  // Datagram Delivery Protocol
+	ProtocolIDPRCMTP       = 38  // IDPR Control Message Transport Proto
+	ProtocolTPPP           = 39  // TP++ Transport Protocol
+	ProtocolIL             = 40  // IL Transport Protocol
+	ProtocolIPv6           = 41  // IPv6 encapsulation
+	ProtocolSDRP           = 42  // Source Demand Routing Protocol
+	ProtocolIPv6Route      = 43  // Routing Header for IPv6
+	ProtocolIPv6Frag       = 44  // Fragment Header for IPv6
+	ProtocolIDRP           = 45  // Inter-Domain Routing Protocol
+	ProtocolRSVP           = 46  // Reservation Protocol
+	ProtocolGRE            = 47  // Generic Routing Encapsulation
+	ProtocolDSR            = 48  // Dynamic Source Routing Protocol
+	ProtocolBNA            = 49  // BNA
+	ProtocolESP            = 50  // Encap Security Payload
+	ProtocolAH             = 51  // Authentication Header
+	ProtocolINLSP          = 52  // Integrated Net Layer Security  TUBA
+	ProtocolNARP           = 54  // NBMA Address Resolution Protocol
+	ProtocolMOBILE         = 55  // IP Mobility
+	ProtocolTLSP           = 56  // Transport Layer Security Protocol using Kryptonet key management
+	ProtocolSKIP           = 57  // SKIP
+	ProtocolIPv6ICMP       = 58  // ICMP for IPv6
+	ProtocolIPv6NoNxt      = 59  // No Next Header for IPv6
+	ProtocolIPv6Opts       = 60  // Destination Options for IPv6
+	ProtocolCFTP           = 62  // CFTP
+	ProtocolSATEXPAK       = 64  // SATNET and Backroom EXPAK
+	ProtocolKRYPTOLAN      = 65  // Kryptolan
+	ProtocolRVD            = 66  // MIT Remote Virtual Disk Protocol
+	ProtocolIPPC           = 67  // Internet Pluribus Packet Core
+	ProtocolSATMON         = 69  // SATNET Monitoring
+	ProtocolVISA           = 70  // VISA Protocol
+	ProtocolIPCV           = 71  // Internet Packet Core Utility
+	ProtocolCPNX           = 72  // Computer Protocol Network Executive
+	ProtocolCPHB           = 73  // Computer Protocol Heart Beat
+	ProtocolWSN            = 74  // Wang Span Network
+	ProtocolPVP            = 75  // Packet Video Protocol
+	ProtocolBRSATMON       = 76  // Backroom SATNET Monitoring
+	ProtocolSUNND          = 77  // SUN ND PROTOCOL-Temporary
+	ProtocolWBMON          = 78  // WIDEBAND Monitoring
+	ProtocolWBEXPAK        = 79  // WIDEBAND EXPAK
+	ProtocolISOIP          = 80  // ISO Internet Protocol
+	ProtocolVMTP           = 81  // VMTP
+	ProtocolSECUREVMTP     = 82  // SECURE-VMTP
+	ProtocolVINES          = 83  // VINES
+	ProtocolTTP            = 84  // Transaction Transport Protocol
+	ProtocolIPTM           = 84  // Internet Protocol Traffic Manager
+	ProtocolNSFNETIGP      = 85  // NSFNET-IGP
+	ProtocolDGP            = 86  // Dissimilar Gateway Protocol
+	ProtocolTCF            = 87  // TCF
+	ProtocolEIGRP          = 88  // EIGRP
+	ProtocolOSPFIGP        = 89  // OSPFIGP
+	ProtocolSpriteRPC      = 90  // Sprite RPC Protocol
+	ProtocolLARP           = 91  // Locus Address Resolution Protocol
+	ProtocolMTP            = 92  // Multicast Transport Protocol
+	ProtocolAX25           = 93  // AX.25 Frames
+	ProtocolIPIP           = 94  // IP-within-IP Encapsulation Protocol
+	ProtocolSCCSP          = 96  // Semaphore Communications Sec. Pro.
+	ProtocolETHERIP        = 97  // Ethernet-within-IP Encapsulation
+	ProtocolENCAP          = 98  // Encapsulation Header
+	ProtocolGMTP           = 100 // GMTP
+	ProtocolIFMP           = 101 // Ipsilon Flow Management Protocol
+	ProtocolPNNI           = 102 // PNNI over IP
+	ProtocolPIM            = 103 // Protocol Independent Multicast
+	ProtocolARIS           = 104 // ARIS
+	ProtocolSCPS           = 105 // SCPS
+	ProtocolQNX            = 106 // QNX
+	ProtocolAN             = 107 // Active Networks
+	ProtocolIPComp         = 108 // IP Payload Compression Protocol
+	ProtocolSNP            = 109 // Sitara Networks Protocol
+	ProtocolCompaqPeer     = 110 // Compaq Peer Protocol
+	ProtocolIPXinIP        = 111 // IPX in IP
+	ProtocolVRRP           = 112 // Virtual Router Redundancy Protocol
+	ProtocolPGM            = 113 // PGM Reliable Transport Protocol
+	ProtocolL2TP           = 115 // Layer Two Tunneling Protocol
+	ProtocolDDX            = 116 // D-II Data Exchange (DDX)
+	ProtocolIATP           = 117 // Interactive Agent Transfer Protocol
+	ProtocolSTP            = 118 // Schedule Transfer Protocol
+	ProtocolSRP            = 119 // SpectraLink Radio Protocol
+	ProtocolUTI            = 120 // UTI
+	ProtocolSMP            = 121 // Simple Message Protocol
+	ProtocolPTP            = 123 // Performance Transparency Protocol
+	ProtocolISIS           = 124 // ISIS over IPv4
+	ProtocolFIRE           = 125 // FIRE
+	ProtocolCRTP           = 126 // Combat Radio Transport Protocol
+	ProtocolCRUDP          = 127 // Combat Radio User Datagram
+	ProtocolSSCOPMCE       = 128 // SSCOPMCE
+	ProtocolIPLT           = 129 // IPLT
+	ProtocolSPS            = 130 // Secure Packet Shield
+	ProtocolPIPE           = 131 // Private IP Encapsulation within IP
+	ProtocolSCTP           = 132 // Stream Control Transmission Protocol
+	ProtocolFC             = 133 // Fibre Channel
+	ProtocolRSVPE2EIGNORE  = 134 // RSVP-E2E-IGNORE
+	ProtocolMobilityHeader = 135 // Mobility Header
+	ProtocolUDPLite        = 136 // UDPLite
+	ProtocolMPLSinIP       = 137 // MPLS-in-IP
+	ProtocolMANET          = 138 // MANET Protocols
+	ProtocolHIP            = 139 // Host Identity Protocol
+	ProtocolShim6          = 140 // Shim6 Protocol
+	ProtocolWESP           = 141 // Wrapped Encapsulating Security Payload
+	ProtocolROHC           = 142 // Robust Header Compression
+	ProtocolReserved       = 255 // Reserved
+)
+
+// Address Family Numbers, Updated: 2018-04-02
+const (
+	AddrFamilyIPv4                          = 1     // IP (IP version 4)
+	AddrFamilyIPv6                          = 2     // IP6 (IP version 6)
+	AddrFamilyNSAP                          = 3     // NSAP
+	AddrFamilyHDLC                          = 4     // HDLC (8-bit multidrop)
+	AddrFamilyBBN1822                       = 5     // BBN 1822
+	AddrFamily802                           = 6     // 802 (includes all 802 media plus Ethernet "canonical format")
+	AddrFamilyE163                          = 7     // E.163
+	AddrFamilyE164                          = 8     // E.164 (SMDS, Frame Relay, ATM)
+	AddrFamilyF69                           = 9     // F.69 (Telex)
+	AddrFamilyX121                          = 10    // X.121 (X.25, Frame Relay)
+	AddrFamilyIPX                           = 11    // IPX
+	AddrFamilyAppletalk                     = 12    // Appletalk
+	AddrFamilyDecnetIV                      = 13    // Decnet IV
+	AddrFamilyBanyanVines                   = 14    // Banyan Vines
+	AddrFamilyE164withSubaddress            = 15    // E.164 with NSAP format subaddress
+	AddrFamilyDNS                           = 16    // DNS (Domain Name System)
+	AddrFamilyDistinguishedName             = 17    // Distinguished Name
+	AddrFamilyASNumber                      = 18    // AS Number
+	AddrFamilyXTPoverIPv4                   = 19    // XTP over IP version 4
+	AddrFamilyXTPoverIPv6                   = 20    // XTP over IP version 6
+	AddrFamilyXTPnativemodeXTP              = 21    // XTP native mode XTP
+	AddrFamilyFibreChannelWorldWidePortName = 22    // Fibre Channel World-Wide Port Name
+	AddrFamilyFibreChannelWorldWideNodeName = 23    // Fibre Channel World-Wide Node Name
+	AddrFamilyGWID                          = 24    // GWID
+	AddrFamilyL2VPN                         = 25    // AFI for L2VPN information
+	AddrFamilyMPLSTPSectionEndpointID       = 26    // MPLS-TP Section Endpoint Identifier
+	AddrFamilyMPLSTPLSPEndpointID           = 27    // MPLS-TP LSP Endpoint Identifier
+	AddrFamilyMPLSTPPseudowireEndpointID    = 28    // MPLS-TP Pseudowire Endpoint Identifier
+	AddrFamilyMTIPv4                        = 29    // MT IP: Multi-Topology IP version 4
+	AddrFamilyMTIPv6                        = 30    // MT IPv6: Multi-Topology IP version 6
+	AddrFamilyEIGRPCommonServiceFamily      = 16384 // EIGRP Common Service Family
+	AddrFamilyEIGRPIPv4ServiceFamily        = 16385 // EIGRP IPv4 Service Family
+	AddrFamilyEIGRPIPv6ServiceFamily        = 16386 // EIGRP IPv6 Service Family
+	AddrFamilyLISPCanonicalAddressFormat    = 16387 // LISP Canonical Address Format (LCAF)
+	AddrFamilyBGPLS                         = 16388 // BGP-LS
+	AddrFamily48bitMAC                      = 16389 // 48-bit MAC
+	AddrFamily64bitMAC                      = 16390 // 64-bit MAC
+	AddrFamilyOUI                           = 16391 // OUI
+	AddrFamilyMACFinal24bits                = 16392 // MAC/24
+	AddrFamilyMACFinal40bits                = 16393 // MAC/40
+	AddrFamilyIPv6Initial64bits             = 16394 // IPv6/64
+	AddrFamilyRBridgePortID                 = 16395 // RBridge Port ID
+	AddrFamilyTRILLNickname                 = 16396 // TRILL Nickname
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/cmsghdr.go b/server/vendor/golang.org/x/net/internal/socket/cmsghdr.go
new file mode 100644
index 0000000..33a5bf5
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/cmsghdr.go
@@ -0,0 +1,11 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+
+package socket
+
+func (h *cmsghdr) len() int { return int(h.Len) }
+func (h *cmsghdr) lvl() int { return int(h.Level) }
+func (h *cmsghdr) typ() int { return int(h.Type) }
diff --git a/server/vendor/golang.org/x/net/internal/socket/cmsghdr_bsd.go b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_bsd.go
new file mode 100644
index 0000000..68f438c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_bsd.go
@@ -0,0 +1,13 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd
+
+package socket
+
+func (h *cmsghdr) set(l, lvl, typ int) {
+	h.Len = uint32(l)
+	h.Level = int32(lvl)
+	h.Type = int32(typ)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_32bit.go b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_32bit.go
new file mode 100644
index 0000000..058ea8d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_32bit.go
@@ -0,0 +1,13 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build (arm || mips || mipsle || 386 || ppc) && linux
+
+package socket
+
+func (h *cmsghdr) set(l, lvl, typ int) {
+	h.Len = uint32(l)
+	h.Level = int32(lvl)
+	h.Type = int32(typ)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_64bit.go b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_64bit.go
new file mode 100644
index 0000000..3ca0d3a
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_64bit.go
@@ -0,0 +1,13 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build (arm64 || amd64 || loong64 || ppc64 || ppc64le || mips64 || mips64le || riscv64 || s390x) && linux
+
+package socket
+
+func (h *cmsghdr) set(l, lvl, typ int) {
+	h.Len = uint64(l)
+	h.Level = int32(lvl)
+	h.Type = int32(typ)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/cmsghdr_solaris_64bit.go b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_solaris_64bit.go
new file mode 100644
index 0000000..6d0e426
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_solaris_64bit.go
@@ -0,0 +1,13 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build amd64 && solaris
+
+package socket
+
+func (h *cmsghdr) set(l, lvl, typ int) {
+	h.Len = uint32(l)
+	h.Level = int32(lvl)
+	h.Type = int32(typ)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/cmsghdr_stub.go b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_stub.go
new file mode 100644
index 0000000..7ca9cb7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_stub.go
@@ -0,0 +1,27 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+
+package socket
+
+func controlHeaderLen() int {
+	return 0
+}
+
+func controlMessageLen(dataLen int) int {
+	return 0
+}
+
+func controlMessageSpace(dataLen int) int {
+	return 0
+}
+
+type cmsghdr struct{}
+
+func (h *cmsghdr) len() int { return 0 }
+func (h *cmsghdr) lvl() int { return 0 }
+func (h *cmsghdr) typ() int { return 0 }
+
+func (h *cmsghdr) set(l, lvl, typ int) {}
diff --git a/server/vendor/golang.org/x/net/internal/socket/cmsghdr_unix.go b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_unix.go
new file mode 100644
index 0000000..0211f22
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_unix.go
@@ -0,0 +1,21 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+
+package socket
+
+import "golang.org/x/sys/unix"
+
+func controlHeaderLen() int {
+	return unix.CmsgLen(0)
+}
+
+func controlMessageLen(dataLen int) int {
+	return unix.CmsgLen(dataLen)
+}
+
+func controlMessageSpace(dataLen int) int {
+	return unix.CmsgSpace(dataLen)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/cmsghdr_zos_s390x.go b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_zos_s390x.go
new file mode 100644
index 0000000..68dc8ad
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/cmsghdr_zos_s390x.go
@@ -0,0 +1,11 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+func (h *cmsghdr) set(l, lvl, typ int) {
+	h.Len = int32(l)
+	h.Level = int32(lvl)
+	h.Type = int32(typ)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/complete_dontwait.go b/server/vendor/golang.org/x/net/internal/socket/complete_dontwait.go
new file mode 100644
index 0000000..2038f29
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/complete_dontwait.go
@@ -0,0 +1,25 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
+
+package socket
+
+import (
+	"syscall"
+)
+
+// ioComplete checks the flags and result of a syscall, to be used as return
+// value in a syscall.RawConn.Read or Write callback.
+func ioComplete(flags int, operr error) bool {
+	if flags&syscall.MSG_DONTWAIT != 0 {
+		// Caller explicitly said don't wait, so always return immediately.
+		return true
+	}
+	if operr == syscall.EAGAIN || operr == syscall.EWOULDBLOCK {
+		// No data available, block for I/O and try again.
+		return false
+	}
+	return true
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/complete_nodontwait.go b/server/vendor/golang.org/x/net/internal/socket/complete_nodontwait.go
new file mode 100644
index 0000000..70e6f44
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/complete_nodontwait.go
@@ -0,0 +1,21 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || windows || zos
+
+package socket
+
+import (
+	"syscall"
+)
+
+// ioComplete checks the flags and result of a syscall, to be used as return
+// value in a syscall.RawConn.Read or Write callback.
+func ioComplete(flags int, operr error) bool {
+	if operr == syscall.EAGAIN || operr == syscall.EWOULDBLOCK {
+		// No data available, block for I/O and try again.
+		return false
+	}
+	return true
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/empty.s b/server/vendor/golang.org/x/net/internal/socket/empty.s
new file mode 100644
index 0000000..49d7979
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/empty.s
@@ -0,0 +1,7 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin && go1.12
+
+// This exists solely so we can linkname in symbols from syscall.
diff --git a/server/vendor/golang.org/x/net/internal/socket/error_unix.go b/server/vendor/golang.org/x/net/internal/socket/error_unix.go
new file mode 100644
index 0000000..7a5cc5c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/error_unix.go
@@ -0,0 +1,31 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+
+package socket
+
+import "syscall"
+
+var (
+	errEAGAIN error = syscall.EAGAIN
+	errEINVAL error = syscall.EINVAL
+	errENOENT error = syscall.ENOENT
+)
+
+// errnoErr returns common boxed Errno values, to prevent allocations
+// at runtime.
+func errnoErr(errno syscall.Errno) error {
+	switch errno {
+	case 0:
+		return nil
+	case syscall.EAGAIN:
+		return errEAGAIN
+	case syscall.EINVAL:
+		return errEINVAL
+	case syscall.ENOENT:
+		return errENOENT
+	}
+	return errno
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/error_windows.go b/server/vendor/golang.org/x/net/internal/socket/error_windows.go
new file mode 100644
index 0000000..6a6379a
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/error_windows.go
@@ -0,0 +1,26 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import "syscall"
+
+var (
+	errERROR_IO_PENDING error = syscall.ERROR_IO_PENDING
+	errEINVAL           error = syscall.EINVAL
+)
+
+// errnoErr returns common boxed Errno values, to prevent allocations
+// at runtime.
+func errnoErr(errno syscall.Errno) error {
+	switch errno {
+	case 0:
+		return nil
+	case syscall.ERROR_IO_PENDING:
+		return errERROR_IO_PENDING
+	case syscall.EINVAL:
+		return errEINVAL
+	}
+	return errno
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/iovec_32bit.go b/server/vendor/golang.org/x/net/internal/socket/iovec_32bit.go
new file mode 100644
index 0000000..340e53f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/iovec_32bit.go
@@ -0,0 +1,18 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build (arm || mips || mipsle || 386 || ppc) && (darwin || dragonfly || freebsd || linux || netbsd || openbsd)
+
+package socket
+
+import "unsafe"
+
+func (v *iovec) set(b []byte) {
+	l := len(b)
+	if l == 0 {
+		return
+	}
+	v.Base = (*byte)(unsafe.Pointer(&b[0]))
+	v.Len = uint32(l)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/iovec_64bit.go b/server/vendor/golang.org/x/net/internal/socket/iovec_64bit.go
new file mode 100644
index 0000000..26470c1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/iovec_64bit.go
@@ -0,0 +1,18 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build (arm64 || amd64 || loong64 || ppc64 || ppc64le || mips64 || mips64le || riscv64 || s390x) && (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || zos)
+
+package socket
+
+import "unsafe"
+
+func (v *iovec) set(b []byte) {
+	l := len(b)
+	if l == 0 {
+		return
+	}
+	v.Base = (*byte)(unsafe.Pointer(&b[0]))
+	v.Len = uint64(l)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/iovec_solaris_64bit.go b/server/vendor/golang.org/x/net/internal/socket/iovec_solaris_64bit.go
new file mode 100644
index 0000000..8859ce1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/iovec_solaris_64bit.go
@@ -0,0 +1,18 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build amd64 && solaris
+
+package socket
+
+import "unsafe"
+
+func (v *iovec) set(b []byte) {
+	l := len(b)
+	if l == 0 {
+		return
+	}
+	v.Base = (*int8)(unsafe.Pointer(&b[0]))
+	v.Len = uint64(l)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/iovec_stub.go b/server/vendor/golang.org/x/net/internal/socket/iovec_stub.go
new file mode 100644
index 0000000..da886b0
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/iovec_stub.go
@@ -0,0 +1,11 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+
+package socket
+
+type iovec struct{}
+
+func (v *iovec) set(b []byte) {}
diff --git a/server/vendor/golang.org/x/net/internal/socket/mmsghdr_stub.go b/server/vendor/golang.org/x/net/internal/socket/mmsghdr_stub.go
new file mode 100644
index 0000000..4825b21
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/mmsghdr_stub.go
@@ -0,0 +1,21 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !linux && !netbsd
+
+package socket
+
+import "net"
+
+type mmsghdr struct{}
+
+type mmsghdrs []mmsghdr
+
+func (hs mmsghdrs) pack(ms []Message, parseFn func([]byte, string) (net.Addr, error), marshalFn func(net.Addr) []byte) error {
+	return nil
+}
+
+func (hs mmsghdrs) unpack(ms []Message, parseFn func([]byte, string) (net.Addr, error), hint string) error {
+	return nil
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/mmsghdr_unix.go b/server/vendor/golang.org/x/net/internal/socket/mmsghdr_unix.go
new file mode 100644
index 0000000..311fd2c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/mmsghdr_unix.go
@@ -0,0 +1,195 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || linux || netbsd
+
+package socket
+
+import (
+	"net"
+	"os"
+	"sync"
+	"syscall"
+)
+
+type mmsghdrs []mmsghdr
+
+func (hs mmsghdrs) unpack(ms []Message, parseFn func([]byte, string) (net.Addr, error), hint string) error {
+	for i := range hs {
+		ms[i].N = int(hs[i].Len)
+		ms[i].NN = hs[i].Hdr.controllen()
+		ms[i].Flags = hs[i].Hdr.flags()
+		if parseFn != nil {
+			var err error
+			ms[i].Addr, err = parseFn(hs[i].Hdr.name(), hint)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+// mmsghdrsPacker packs Message-slices into mmsghdrs (re-)using pre-allocated buffers.
+type mmsghdrsPacker struct {
+	// hs are the pre-allocated mmsghdrs.
+	hs mmsghdrs
+	// sockaddrs is the pre-allocated buffer for the Hdr.Name buffers.
+	// We use one large buffer for all messages and slice it up.
+	sockaddrs []byte
+	// vs are the pre-allocated iovecs.
+	// We allocate one large buffer for all messages and slice it up. This allows to reuse the buffer
+	// if the number of buffers per message is distributed differently between calls.
+	vs []iovec
+}
+
+func (p *mmsghdrsPacker) prepare(ms []Message) {
+	n := len(ms)
+	if n <= cap(p.hs) {
+		p.hs = p.hs[:n]
+	} else {
+		p.hs = make(mmsghdrs, n)
+	}
+	if n*sizeofSockaddrInet6 <= cap(p.sockaddrs) {
+		p.sockaddrs = p.sockaddrs[:n*sizeofSockaddrInet6]
+	} else {
+		p.sockaddrs = make([]byte, n*sizeofSockaddrInet6)
+	}
+
+	nb := 0
+	for _, m := range ms {
+		nb += len(m.Buffers)
+	}
+	if nb <= cap(p.vs) {
+		p.vs = p.vs[:nb]
+	} else {
+		p.vs = make([]iovec, nb)
+	}
+}
+
+func (p *mmsghdrsPacker) pack(ms []Message, parseFn func([]byte, string) (net.Addr, error), marshalFn func(net.Addr, []byte) int) mmsghdrs {
+	p.prepare(ms)
+	hs := p.hs
+	vsRest := p.vs
+	saRest := p.sockaddrs
+	for i := range hs {
+		nvs := len(ms[i].Buffers)
+		vs := vsRest[:nvs]
+		vsRest = vsRest[nvs:]
+
+		var sa []byte
+		if parseFn != nil {
+			sa = saRest[:sizeofSockaddrInet6]
+			saRest = saRest[sizeofSockaddrInet6:]
+		} else if marshalFn != nil {
+			n := marshalFn(ms[i].Addr, saRest)
+			if n > 0 {
+				sa = saRest[:n]
+				saRest = saRest[n:]
+			}
+		}
+		hs[i].Hdr.pack(vs, ms[i].Buffers, ms[i].OOB, sa)
+	}
+	return hs
+}
+
+// syscaller is a helper to invoke recvmmsg and sendmmsg via the RawConn.Read/Write interface.
+// It is reusable, to amortize the overhead of allocating a closure for the function passed to
+// RawConn.Read/Write.
+type syscaller struct {
+	n     int
+	operr error
+	hs    mmsghdrs
+	flags int
+
+	boundRecvmmsgF func(uintptr) bool
+	boundSendmmsgF func(uintptr) bool
+}
+
+func (r *syscaller) init() {
+	r.boundRecvmmsgF = r.recvmmsgF
+	r.boundSendmmsgF = r.sendmmsgF
+}
+
+func (r *syscaller) recvmmsg(c syscall.RawConn, hs mmsghdrs, flags int) (int, error) {
+	r.n = 0
+	r.operr = nil
+	r.hs = hs
+	r.flags = flags
+	if err := c.Read(r.boundRecvmmsgF); err != nil {
+		return r.n, err
+	}
+	if r.operr != nil {
+		return r.n, os.NewSyscallError("recvmmsg", r.operr)
+	}
+	return r.n, nil
+}
+
+func (r *syscaller) recvmmsgF(s uintptr) bool {
+	r.n, r.operr = recvmmsg(s, r.hs, r.flags)
+	return ioComplete(r.flags, r.operr)
+}
+
+func (r *syscaller) sendmmsg(c syscall.RawConn, hs mmsghdrs, flags int) (int, error) {
+	r.n = 0
+	r.operr = nil
+	r.hs = hs
+	r.flags = flags
+	if err := c.Write(r.boundSendmmsgF); err != nil {
+		return r.n, err
+	}
+	if r.operr != nil {
+		return r.n, os.NewSyscallError("sendmmsg", r.operr)
+	}
+	return r.n, nil
+}
+
+func (r *syscaller) sendmmsgF(s uintptr) bool {
+	r.n, r.operr = sendmmsg(s, r.hs, r.flags)
+	return ioComplete(r.flags, r.operr)
+}
+
+// mmsgTmps holds reusable temporary helpers for recvmmsg and sendmmsg.
+type mmsgTmps struct {
+	packer    mmsghdrsPacker
+	syscaller syscaller
+}
+
+var defaultMmsgTmpsPool = mmsgTmpsPool{
+	p: sync.Pool{
+		New: func() interface{} {
+			tmps := new(mmsgTmps)
+			tmps.syscaller.init()
+			return tmps
+		},
+	},
+}
+
+type mmsgTmpsPool struct {
+	p sync.Pool
+}
+
+func (p *mmsgTmpsPool) Get() *mmsgTmps {
+	m := p.p.Get().(*mmsgTmps)
+	// Clear fields up to the len (not the cap) of the slice,
+	// assuming that the previous caller only used that many elements.
+	for i := range m.packer.sockaddrs {
+		m.packer.sockaddrs[i] = 0
+	}
+	m.packer.sockaddrs = m.packer.sockaddrs[:0]
+	for i := range m.packer.vs {
+		m.packer.vs[i] = iovec{}
+	}
+	m.packer.vs = m.packer.vs[:0]
+	for i := range m.packer.hs {
+		m.packer.hs[i].Len = 0
+		m.packer.hs[i].Hdr = msghdr{}
+	}
+	m.packer.hs = m.packer.hs[:0]
+	return m
+}
+
+func (p *mmsgTmpsPool) Put(tmps *mmsgTmps) {
+	p.p.Put(tmps)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_bsd.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_bsd.go
new file mode 100644
index 0000000..ebff4f6
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_bsd.go
@@ -0,0 +1,39 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd
+
+package socket
+
+import "unsafe"
+
+func (h *msghdr) pack(vs []iovec, bs [][]byte, oob []byte, sa []byte) {
+	for i := range vs {
+		vs[i].set(bs[i])
+	}
+	h.setIov(vs)
+	if len(oob) > 0 {
+		h.Control = (*byte)(unsafe.Pointer(&oob[0]))
+		h.Controllen = uint32(len(oob))
+	}
+	if sa != nil {
+		h.Name = (*byte)(unsafe.Pointer(&sa[0]))
+		h.Namelen = uint32(len(sa))
+	}
+}
+
+func (h *msghdr) name() []byte {
+	if h.Name != nil && h.Namelen > 0 {
+		return (*[sizeofSockaddrInet6]byte)(unsafe.Pointer(h.Name))[:h.Namelen]
+	}
+	return nil
+}
+
+func (h *msghdr) controllen() int {
+	return int(h.Controllen)
+}
+
+func (h *msghdr) flags() int {
+	return int(h.Flags)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_bsdvar.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_bsdvar.go
new file mode 100644
index 0000000..62e6fe8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_bsdvar.go
@@ -0,0 +1,16 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || netbsd
+
+package socket
+
+func (h *msghdr) setIov(vs []iovec) {
+	l := len(vs)
+	if l == 0 {
+		return
+	}
+	h.Iov = &vs[0]
+	h.Iovlen = int32(l)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_linux.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_linux.go
new file mode 100644
index 0000000..5a38798
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_linux.go
@@ -0,0 +1,36 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import "unsafe"
+
+func (h *msghdr) pack(vs []iovec, bs [][]byte, oob []byte, sa []byte) {
+	for i := range vs {
+		vs[i].set(bs[i])
+	}
+	h.setIov(vs)
+	if len(oob) > 0 {
+		h.setControl(oob)
+	}
+	if sa != nil {
+		h.Name = (*byte)(unsafe.Pointer(&sa[0]))
+		h.Namelen = uint32(len(sa))
+	}
+}
+
+func (h *msghdr) name() []byte {
+	if h.Name != nil && h.Namelen > 0 {
+		return (*[sizeofSockaddrInet6]byte)(unsafe.Pointer(h.Name))[:h.Namelen]
+	}
+	return nil
+}
+
+func (h *msghdr) controllen() int {
+	return int(h.Controllen)
+}
+
+func (h *msghdr) flags() int {
+	return int(h.Flags)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_linux_32bit.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_linux_32bit.go
new file mode 100644
index 0000000..3dd0725
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_linux_32bit.go
@@ -0,0 +1,23 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build (arm || mips || mipsle || 386 || ppc) && linux
+
+package socket
+
+import "unsafe"
+
+func (h *msghdr) setIov(vs []iovec) {
+	l := len(vs)
+	if l == 0 {
+		return
+	}
+	h.Iov = &vs[0]
+	h.Iovlen = uint32(l)
+}
+
+func (h *msghdr) setControl(b []byte) {
+	h.Control = (*byte)(unsafe.Pointer(&b[0]))
+	h.Controllen = uint32(len(b))
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_linux_64bit.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_linux_64bit.go
new file mode 100644
index 0000000..5af9ddd
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_linux_64bit.go
@@ -0,0 +1,23 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build (arm64 || amd64 || loong64 || ppc64 || ppc64le || mips64 || mips64le || riscv64 || s390x) && linux
+
+package socket
+
+import "unsafe"
+
+func (h *msghdr) setIov(vs []iovec) {
+	l := len(vs)
+	if l == 0 {
+		return
+	}
+	h.Iov = &vs[0]
+	h.Iovlen = uint64(l)
+}
+
+func (h *msghdr) setControl(b []byte) {
+	h.Control = (*byte)(unsafe.Pointer(&b[0]))
+	h.Controllen = uint64(len(b))
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_openbsd.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_openbsd.go
new file mode 100644
index 0000000..71a69e2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_openbsd.go
@@ -0,0 +1,14 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+func (h *msghdr) setIov(vs []iovec) {
+	l := len(vs)
+	if l == 0 {
+		return
+	}
+	h.Iov = &vs[0]
+	h.Iovlen = uint32(l)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_solaris_64bit.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_solaris_64bit.go
new file mode 100644
index 0000000..e212b50
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_solaris_64bit.go
@@ -0,0 +1,35 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build amd64 && solaris
+
+package socket
+
+import "unsafe"
+
+func (h *msghdr) pack(vs []iovec, bs [][]byte, oob []byte, sa []byte) {
+	for i := range vs {
+		vs[i].set(bs[i])
+	}
+	if len(vs) > 0 {
+		h.Iov = &vs[0]
+		h.Iovlen = int32(len(vs))
+	}
+	if len(oob) > 0 {
+		h.Accrights = (*int8)(unsafe.Pointer(&oob[0]))
+		h.Accrightslen = int32(len(oob))
+	}
+	if sa != nil {
+		h.Name = (*byte)(unsafe.Pointer(&sa[0]))
+		h.Namelen = uint32(len(sa))
+	}
+}
+
+func (h *msghdr) controllen() int {
+	return int(h.Accrightslen)
+}
+
+func (h *msghdr) flags() int {
+	return int(NativeEndian.Uint32(h.Pad_cgo_2[:]))
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_stub.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_stub.go
new file mode 100644
index 0000000..e876776
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_stub.go
@@ -0,0 +1,14 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+
+package socket
+
+type msghdr struct{}
+
+func (h *msghdr) pack(vs []iovec, bs [][]byte, oob []byte, sa []byte) {}
+func (h *msghdr) name() []byte                                        { return nil }
+func (h *msghdr) controllen() int                                     { return 0 }
+func (h *msghdr) flags() int                                          { return 0 }
diff --git a/server/vendor/golang.org/x/net/internal/socket/msghdr_zos_s390x.go b/server/vendor/golang.org/x/net/internal/socket/msghdr_zos_s390x.go
new file mode 100644
index 0000000..529db68
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/msghdr_zos_s390x.go
@@ -0,0 +1,35 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build s390x && zos
+
+package socket
+
+import "unsafe"
+
+func (h *msghdr) pack(vs []iovec, bs [][]byte, oob []byte, sa []byte) {
+	for i := range vs {
+		vs[i].set(bs[i])
+	}
+	if len(vs) > 0 {
+		h.Iov = &vs[0]
+		h.Iovlen = int32(len(vs))
+	}
+	if len(oob) > 0 {
+		h.Control = (*byte)(unsafe.Pointer(&oob[0]))
+		h.Controllen = uint32(len(oob))
+	}
+	if sa != nil {
+		h.Name = (*byte)(unsafe.Pointer(&sa[0]))
+		h.Namelen = uint32(len(sa))
+	}
+}
+
+func (h *msghdr) controllen() int {
+	return int(h.Controllen)
+}
+
+func (h *msghdr) flags() int {
+	return int(h.Flags)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/norace.go b/server/vendor/golang.org/x/net/internal/socket/norace.go
new file mode 100644
index 0000000..8af30ec
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/norace.go
@@ -0,0 +1,12 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !race
+
+package socket
+
+func (m *Message) raceRead() {
+}
+func (m *Message) raceWrite() {
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/race.go b/server/vendor/golang.org/x/net/internal/socket/race.go
new file mode 100644
index 0000000..9afa958
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/race.go
@@ -0,0 +1,37 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build race
+
+package socket
+
+import (
+	"runtime"
+	"unsafe"
+)
+
+// This package reads and writes the Message buffers using a
+// direct system call, which the race detector can't see.
+// These functions tell the race detector what is going on during the syscall.
+
+func (m *Message) raceRead() {
+	for _, b := range m.Buffers {
+		if len(b) > 0 {
+			runtime.RaceReadRange(unsafe.Pointer(&b[0]), len(b))
+		}
+	}
+	if b := m.OOB; len(b) > 0 {
+		runtime.RaceReadRange(unsafe.Pointer(&b[0]), len(b))
+	}
+}
+func (m *Message) raceWrite() {
+	for _, b := range m.Buffers {
+		if len(b) > 0 {
+			runtime.RaceWriteRange(unsafe.Pointer(&b[0]), len(b))
+		}
+	}
+	if b := m.OOB; len(b) > 0 {
+		runtime.RaceWriteRange(unsafe.Pointer(&b[0]), len(b))
+	}
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/rawconn.go b/server/vendor/golang.org/x/net/internal/socket/rawconn.go
new file mode 100644
index 0000000..87e8107
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/rawconn.go
@@ -0,0 +1,91 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import (
+	"errors"
+	"net"
+	"os"
+	"syscall"
+)
+
+// A Conn represents a raw connection.
+type Conn struct {
+	network string
+	c       syscall.RawConn
+}
+
+// tcpConn is an interface implemented by net.TCPConn.
+// It can be used for interface assertions to check if a net.Conn is a TCP connection.
+type tcpConn interface {
+	SyscallConn() (syscall.RawConn, error)
+	SetLinger(int) error
+}
+
+var _ tcpConn = (*net.TCPConn)(nil)
+
+// udpConn is an interface implemented by net.UDPConn.
+// It can be used for interface assertions to check if a net.Conn is a UDP connection.
+type udpConn interface {
+	SyscallConn() (syscall.RawConn, error)
+	ReadMsgUDP(b, oob []byte) (n, oobn, flags int, addr *net.UDPAddr, err error)
+}
+
+var _ udpConn = (*net.UDPConn)(nil)
+
+// ipConn is an interface implemented by net.IPConn.
+// It can be used for interface assertions to check if a net.Conn is an IP connection.
+type ipConn interface {
+	SyscallConn() (syscall.RawConn, error)
+	ReadMsgIP(b, oob []byte) (n, oobn, flags int, addr *net.IPAddr, err error)
+}
+
+var _ ipConn = (*net.IPConn)(nil)
+
+// NewConn returns a new raw connection.
+func NewConn(c net.Conn) (*Conn, error) {
+	var err error
+	var cc Conn
+	switch c := c.(type) {
+	case tcpConn:
+		cc.network = "tcp"
+		cc.c, err = c.SyscallConn()
+	case udpConn:
+		cc.network = "udp"
+		cc.c, err = c.SyscallConn()
+	case ipConn:
+		cc.network = "ip"
+		cc.c, err = c.SyscallConn()
+	default:
+		return nil, errors.New("unknown connection type")
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &cc, nil
+}
+
+func (o *Option) get(c *Conn, b []byte) (int, error) {
+	var operr error
+	var n int
+	fn := func(s uintptr) {
+		n, operr = getsockopt(s, o.Level, o.Name, b)
+	}
+	if err := c.c.Control(fn); err != nil {
+		return 0, err
+	}
+	return n, os.NewSyscallError("getsockopt", operr)
+}
+
+func (o *Option) set(c *Conn, b []byte) error {
+	var operr error
+	fn := func(s uintptr) {
+		operr = setsockopt(s, o.Level, o.Name, b)
+	}
+	if err := c.c.Control(fn); err != nil {
+		return err
+	}
+	return os.NewSyscallError("setsockopt", operr)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/rawconn_mmsg.go b/server/vendor/golang.org/x/net/internal/socket/rawconn_mmsg.go
new file mode 100644
index 0000000..0431390
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/rawconn_mmsg.go
@@ -0,0 +1,53 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux
+
+package socket
+
+import (
+	"net"
+)
+
+func (c *Conn) recvMsgs(ms []Message, flags int) (int, error) {
+	for i := range ms {
+		ms[i].raceWrite()
+	}
+	tmps := defaultMmsgTmpsPool.Get()
+	defer defaultMmsgTmpsPool.Put(tmps)
+	var parseFn func([]byte, string) (net.Addr, error)
+	if c.network != "tcp" {
+		parseFn = parseInetAddr
+	}
+	hs := tmps.packer.pack(ms, parseFn, nil)
+	n, err := tmps.syscaller.recvmmsg(c.c, hs, flags)
+	if err != nil {
+		return n, err
+	}
+	if err := hs[:n].unpack(ms[:n], parseFn, c.network); err != nil {
+		return n, err
+	}
+	return n, nil
+}
+
+func (c *Conn) sendMsgs(ms []Message, flags int) (int, error) {
+	for i := range ms {
+		ms[i].raceRead()
+	}
+	tmps := defaultMmsgTmpsPool.Get()
+	defer defaultMmsgTmpsPool.Put(tmps)
+	var marshalFn func(net.Addr, []byte) int
+	if c.network != "tcp" {
+		marshalFn = marshalInetAddr
+	}
+	hs := tmps.packer.pack(ms, nil, marshalFn)
+	n, err := tmps.syscaller.sendmmsg(c.c, hs, flags)
+	if err != nil {
+		return n, err
+	}
+	if err := hs[:n].unpack(ms[:n], nil, ""); err != nil {
+		return n, err
+	}
+	return n, nil
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/rawconn_msg.go b/server/vendor/golang.org/x/net/internal/socket/rawconn_msg.go
new file mode 100644
index 0000000..7c0d741
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/rawconn_msg.go
@@ -0,0 +1,59 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows || zos
+
+package socket
+
+import (
+	"net"
+	"os"
+)
+
+func (c *Conn) recvMsg(m *Message, flags int) error {
+	m.raceWrite()
+	var (
+		operr     error
+		n         int
+		oobn      int
+		recvflags int
+		from      net.Addr
+	)
+	fn := func(s uintptr) bool {
+		n, oobn, recvflags, from, operr = recvmsg(s, m.Buffers, m.OOB, flags, c.network)
+		return ioComplete(flags, operr)
+	}
+	if err := c.c.Read(fn); err != nil {
+		return err
+	}
+	if operr != nil {
+		return os.NewSyscallError("recvmsg", operr)
+	}
+	m.Addr = from
+	m.N = n
+	m.NN = oobn
+	m.Flags = recvflags
+	return nil
+}
+
+func (c *Conn) sendMsg(m *Message, flags int) error {
+	m.raceRead()
+	var (
+		operr error
+		n     int
+	)
+	fn := func(s uintptr) bool {
+		n, operr = sendmsg(s, m.Buffers, m.OOB, m.Addr, flags)
+		return ioComplete(flags, operr)
+	}
+	if err := c.c.Write(fn); err != nil {
+		return err
+	}
+	if operr != nil {
+		return os.NewSyscallError("sendmsg", operr)
+	}
+	m.N = n
+	m.NN = len(m.OOB)
+	return nil
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/rawconn_nommsg.go b/server/vendor/golang.org/x/net/internal/socket/rawconn_nommsg.go
new file mode 100644
index 0000000..e363fb5
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/rawconn_nommsg.go
@@ -0,0 +1,15 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !linux
+
+package socket
+
+func (c *Conn) recvMsgs(ms []Message, flags int) (int, error) {
+	return 0, errNotImplemented
+}
+
+func (c *Conn) sendMsgs(ms []Message, flags int) (int, error) {
+	return 0, errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/rawconn_nomsg.go b/server/vendor/golang.org/x/net/internal/socket/rawconn_nomsg.go
new file mode 100644
index 0000000..ff7a8ba
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/rawconn_nomsg.go
@@ -0,0 +1,15 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package socket
+
+func (c *Conn) recvMsg(m *Message, flags int) error {
+	return errNotImplemented
+}
+
+func (c *Conn) sendMsg(m *Message, flags int) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/socket.go b/server/vendor/golang.org/x/net/internal/socket/socket.go
new file mode 100644
index 0000000..dba47bf
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/socket.go
@@ -0,0 +1,280 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package socket provides a portable interface for socket system
+// calls.
+package socket // import "golang.org/x/net/internal/socket"
+
+import (
+	"errors"
+	"net"
+	"runtime"
+	"unsafe"
+)
+
+var errNotImplemented = errors.New("not implemented on " + runtime.GOOS + "/" + runtime.GOARCH)
+
+// An Option represents a sticky socket option.
+type Option struct {
+	Level int // level
+	Name  int // name; must be equal or greater than 1
+	Len   int // length of value in bytes; must be equal or greater than 1
+}
+
+// Get reads a value for the option from the kernel.
+// It returns the number of bytes written into b.
+func (o *Option) Get(c *Conn, b []byte) (int, error) {
+	if o.Name < 1 || o.Len < 1 {
+		return 0, errors.New("invalid option")
+	}
+	if len(b) < o.Len {
+		return 0, errors.New("short buffer")
+	}
+	return o.get(c, b)
+}
+
+// GetInt returns an integer value for the option.
+//
+// The Len field of Option must be either 1 or 4.
+func (o *Option) GetInt(c *Conn) (int, error) {
+	if o.Len != 1 && o.Len != 4 {
+		return 0, errors.New("invalid option")
+	}
+	var b []byte
+	var bb [4]byte
+	if o.Len == 1 {
+		b = bb[:1]
+	} else {
+		b = bb[:4]
+	}
+	n, err := o.get(c, b)
+	if err != nil {
+		return 0, err
+	}
+	if n != o.Len {
+		return 0, errors.New("invalid option length")
+	}
+	if o.Len == 1 {
+		return int(b[0]), nil
+	}
+	return int(NativeEndian.Uint32(b[:4])), nil
+}
+
+// Set writes the option and value to the kernel.
+func (o *Option) Set(c *Conn, b []byte) error {
+	if o.Name < 1 || o.Len < 1 {
+		return errors.New("invalid option")
+	}
+	if len(b) < o.Len {
+		return errors.New("short buffer")
+	}
+	return o.set(c, b)
+}
+
+// SetInt writes the option and value to the kernel.
+//
+// The Len field of Option must be either 1 or 4.
+func (o *Option) SetInt(c *Conn, v int) error {
+	if o.Len != 1 && o.Len != 4 {
+		return errors.New("invalid option")
+	}
+	var b []byte
+	if o.Len == 1 {
+		b = []byte{byte(v)}
+	} else {
+		var bb [4]byte
+		NativeEndian.PutUint32(bb[:o.Len], uint32(v))
+		b = bb[:4]
+	}
+	return o.set(c, b)
+}
+
+// ControlMessageSpace returns the whole length of control message.
+func ControlMessageSpace(dataLen int) int {
+	return controlMessageSpace(dataLen)
+}
+
+// A ControlMessage represents the head message in a stream of control
+// messages.
+//
+// A control message comprises of a header, data and a few padding
+// fields to conform to the interface to the kernel.
+//
+// See RFC 3542 for further information.
+type ControlMessage []byte
+
+// Data returns the data field of the control message at the head on
+// m.
+func (m ControlMessage) Data(dataLen int) []byte {
+	l := controlHeaderLen()
+	if len(m) < l || len(m) < l+dataLen {
+		return nil
+	}
+	return m[l : l+dataLen]
+}
+
+// Next returns the control message at the next on m.
+//
+// Next works only for standard control messages.
+func (m ControlMessage) Next(dataLen int) ControlMessage {
+	l := ControlMessageSpace(dataLen)
+	if len(m) < l {
+		return nil
+	}
+	return m[l:]
+}
+
+// MarshalHeader marshals the header fields of the control message at
+// the head on m.
+func (m ControlMessage) MarshalHeader(lvl, typ, dataLen int) error {
+	if len(m) < controlHeaderLen() {
+		return errors.New("short message")
+	}
+	h := (*cmsghdr)(unsafe.Pointer(&m[0]))
+	h.set(controlMessageLen(dataLen), lvl, typ)
+	return nil
+}
+
+// ParseHeader parses and returns the header fields of the control
+// message at the head on m.
+func (m ControlMessage) ParseHeader() (lvl, typ, dataLen int, err error) {
+	l := controlHeaderLen()
+	if len(m) < l {
+		return 0, 0, 0, errors.New("short message")
+	}
+	h := (*cmsghdr)(unsafe.Pointer(&m[0]))
+	return h.lvl(), h.typ(), int(uint64(h.len()) - uint64(l)), nil
+}
+
+// Marshal marshals the control message at the head on m, and returns
+// the next control message.
+func (m ControlMessage) Marshal(lvl, typ int, data []byte) (ControlMessage, error) {
+	l := len(data)
+	if len(m) < ControlMessageSpace(l) {
+		return nil, errors.New("short message")
+	}
+	h := (*cmsghdr)(unsafe.Pointer(&m[0]))
+	h.set(controlMessageLen(l), lvl, typ)
+	if l > 0 {
+		copy(m.Data(l), data)
+	}
+	return m.Next(l), nil
+}
+
+// Parse parses m as a single or multiple control messages.
+//
+// Parse works for both standard and compatible messages.
+func (m ControlMessage) Parse() ([]ControlMessage, error) {
+	var ms []ControlMessage
+	for len(m) >= controlHeaderLen() {
+		h := (*cmsghdr)(unsafe.Pointer(&m[0]))
+		l := h.len()
+		if l <= 0 {
+			return nil, errors.New("invalid header length")
+		}
+		if uint64(l) < uint64(controlHeaderLen()) {
+			return nil, errors.New("invalid message length")
+		}
+		if uint64(l) > uint64(len(m)) {
+			return nil, errors.New("short buffer")
+		}
+		// On message reception:
+		//
+		// |<- ControlMessageSpace --------------->|
+		// |<- controlMessageLen ---------->|      |
+		// |<- controlHeaderLen ->|         |      |
+		// +---------------+------+---------+------+
+		// |    Header     | PadH |  Data   | PadD |
+		// +---------------+------+---------+------+
+		//
+		// On compatible message reception:
+		//
+		// | ... |<- controlMessageLen ----------->|
+		// | ... |<- controlHeaderLen ->|          |
+		// +-----+---------------+------+----------+
+		// | ... |    Header     | PadH |   Data   |
+		// +-----+---------------+------+----------+
+		ms = append(ms, ControlMessage(m[:l]))
+		ll := l - controlHeaderLen()
+		if len(m) >= ControlMessageSpace(ll) {
+			m = m[ControlMessageSpace(ll):]
+		} else {
+			m = m[controlMessageLen(ll):]
+		}
+	}
+	return ms, nil
+}
+
+// NewControlMessage returns a new stream of control messages.
+func NewControlMessage(dataLen []int) ControlMessage {
+	var l int
+	for i := range dataLen {
+		l += ControlMessageSpace(dataLen[i])
+	}
+	return make([]byte, l)
+}
+
+// A Message represents an IO message.
+type Message struct {
+	// When writing, the Buffers field must contain at least one
+	// byte to write.
+	// When reading, the Buffers field will always contain a byte
+	// to read.
+	Buffers [][]byte
+
+	// OOB contains protocol-specific control or miscellaneous
+	// ancillary data known as out-of-band data.
+	OOB []byte
+
+	// Addr specifies a destination address when writing.
+	// It can be nil when the underlying protocol of the raw
+	// connection uses connection-oriented communication.
+	// After a successful read, it may contain the source address
+	// on the received packet.
+	Addr net.Addr
+
+	N     int // # of bytes read or written from/to Buffers
+	NN    int // # of bytes read or written from/to OOB
+	Flags int // protocol-specific information on the received message
+}
+
+// RecvMsg wraps recvmsg system call.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_PEEK.
+func (c *Conn) RecvMsg(m *Message, flags int) error {
+	return c.recvMsg(m, flags)
+}
+
+// SendMsg wraps sendmsg system call.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_DONTROUTE.
+func (c *Conn) SendMsg(m *Message, flags int) error {
+	return c.sendMsg(m, flags)
+}
+
+// RecvMsgs wraps recvmmsg system call.
+//
+// It returns the number of processed messages.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_PEEK.
+//
+// Only Linux supports this.
+func (c *Conn) RecvMsgs(ms []Message, flags int) (int, error) {
+	return c.recvMsgs(ms, flags)
+}
+
+// SendMsgs wraps sendmmsg system call.
+//
+// It returns the number of processed messages.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_DONTROUTE.
+//
+// Only Linux supports this.
+func (c *Conn) SendMsgs(ms []Message, flags int) (int, error) {
+	return c.sendMsgs(ms, flags)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys.go b/server/vendor/golang.org/x/net/internal/socket/sys.go
new file mode 100644
index 0000000..4a26af1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys.go
@@ -0,0 +1,23 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import (
+	"encoding/binary"
+	"unsafe"
+)
+
+// NativeEndian is the machine native endian implementation of ByteOrder.
+var NativeEndian binary.ByteOrder
+
+func init() {
+	i := uint32(1)
+	b := (*[4]byte)(unsafe.Pointer(&i))
+	if b[0] == 1 {
+		NativeEndian = binary.LittleEndian
+	} else {
+		NativeEndian = binary.BigEndian
+	}
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_bsd.go b/server/vendor/golang.org/x/net/internal/socket/sys_bsd.go
new file mode 100644
index 0000000..e7664d4
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_bsd.go
@@ -0,0 +1,15 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || openbsd || solaris
+
+package socket
+
+func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	return 0, errNotImplemented
+}
+
+func sendmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	return 0, errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_const_unix.go b/server/vendor/golang.org/x/net/internal/socket/sys_const_unix.go
new file mode 100644
index 0000000..d7627f8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_const_unix.go
@@ -0,0 +1,20 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+
+package socket
+
+import "golang.org/x/sys/unix"
+
+const (
+	sysAF_UNSPEC = unix.AF_UNSPEC
+	sysAF_INET   = unix.AF_INET
+	sysAF_INET6  = unix.AF_INET6
+
+	sysSOCK_RAW = unix.SOCK_RAW
+
+	sizeofSockaddrInet4 = unix.SizeofSockaddrInet4
+	sizeofSockaddrInet6 = unix.SizeofSockaddrInet6
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux.go
new file mode 100644
index 0000000..08d4910
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux.go
@@ -0,0 +1,22 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux && !s390x && !386
+
+package socket
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	n, _, errno := syscall.Syscall6(sysRECVMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
+	return int(n), errnoErr(errno)
+}
+
+func sendmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	n, _, errno := syscall.Syscall6(sysSENDMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
+	return int(n), errnoErr(errno)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_386.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
new file mode 100644
index 0000000..c877ef2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
@@ -0,0 +1,28 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+const (
+	sysRECVMMSG = 0x13
+	sysSENDMMSG = 0x14
+)
+
+func socketcall(call, a0, a1, a2, a3, a4, a5 uintptr) (uintptr, syscall.Errno)
+func rawsocketcall(call, a0, a1, a2, a3, a4, a5 uintptr) (uintptr, syscall.Errno)
+
+func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	n, errno := socketcall(sysRECVMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
+	return int(n), errnoErr(errno)
+}
+
+func sendmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	n, errno := socketcall(sysSENDMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
+	return int(n), errnoErr(errno)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_386.s b/server/vendor/golang.org/x/net/internal/socket/sys_linux_386.s
new file mode 100644
index 0000000..93e7d75
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_386.s
@@ -0,0 +1,11 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+#include "textflag.h"
+
+TEXT	·socketcall(SB),NOSPLIT,$0-36
+	JMP	syscall·socketcall(SB)
+
+TEXT	·rawsocketcall(SB),NOSPLIT,$0-36
+	JMP	syscall·rawsocketcall(SB)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_amd64.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_amd64.go
new file mode 100644
index 0000000..9decee2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_amd64.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x12b
+	sysSENDMMSG = 0x133
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_arm.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_arm.go
new file mode 100644
index 0000000..d753b43
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_arm.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x16d
+	sysSENDMMSG = 0x176
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_arm64.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_arm64.go
new file mode 100644
index 0000000..b670894
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_arm64.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0xf3
+	sysSENDMMSG = 0x10d
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_loong64.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_loong64.go
new file mode 100644
index 0000000..1d18247
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_loong64.go
@@ -0,0 +1,12 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build loong64
+
+package socket
+
+const (
+	sysRECVMMSG = 0xf3
+	sysSENDMMSG = 0x10d
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips.go
new file mode 100644
index 0000000..9c0d740
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x10ef
+	sysSENDMMSG = 0x10f7
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips64.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips64.go
new file mode 100644
index 0000000..071a4ab
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips64.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x14ae
+	sysSENDMMSG = 0x14b6
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips64le.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips64le.go
new file mode 100644
index 0000000..071a4ab
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_mips64le.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x14ae
+	sysSENDMMSG = 0x14b6
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_mipsle.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_mipsle.go
new file mode 100644
index 0000000..9c0d740
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_mipsle.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x10ef
+	sysSENDMMSG = 0x10f7
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc.go
new file mode 100644
index 0000000..90cfaa9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc.go
@@ -0,0 +1,10 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x157
+	sysSENDMMSG = 0x15d
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc64.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc64.go
new file mode 100644
index 0000000..21c1e3f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc64.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x157
+	sysSENDMMSG = 0x15d
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc64le.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc64le.go
new file mode 100644
index 0000000..21c1e3f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_ppc64le.go
@@ -0,0 +1,10 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+const (
+	sysRECVMMSG = 0x157
+	sysSENDMMSG = 0x15d
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_riscv64.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_riscv64.go
new file mode 100644
index 0000000..0e407d1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_riscv64.go
@@ -0,0 +1,12 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build riscv64
+
+package socket
+
+const (
+	sysRECVMMSG = 0xf3
+	sysSENDMMSG = 0x10d
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go b/server/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
new file mode 100644
index 0000000..c877ef2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
@@ -0,0 +1,28 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+const (
+	sysRECVMMSG = 0x13
+	sysSENDMMSG = 0x14
+)
+
+func socketcall(call, a0, a1, a2, a3, a4, a5 uintptr) (uintptr, syscall.Errno)
+func rawsocketcall(call, a0, a1, a2, a3, a4, a5 uintptr) (uintptr, syscall.Errno)
+
+func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	n, errno := socketcall(sysRECVMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
+	return int(n), errnoErr(errno)
+}
+
+func sendmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	n, errno := socketcall(sysSENDMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
+	return int(n), errnoErr(errno)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.s b/server/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.s
new file mode 100644
index 0000000..06d7562
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.s
@@ -0,0 +1,11 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+#include "textflag.h"
+
+TEXT	·socketcall(SB),NOSPLIT,$0-72
+	JMP	syscall·socketcall(SB)
+
+TEXT	·rawsocketcall(SB),NOSPLIT,$0-72
+	JMP	syscall·rawsocketcall(SB)
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_netbsd.go b/server/vendor/golang.org/x/net/internal/socket/sys_netbsd.go
new file mode 100644
index 0000000..431851c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_netbsd.go
@@ -0,0 +1,25 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+const (
+	sysRECVMMSG = 0x1db
+	sysSENDMMSG = 0x1dc
+)
+
+func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	n, _, errno := syscall.Syscall6(sysRECVMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
+	return int(n), errnoErr(errno)
+}
+
+func sendmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	n, _, errno := syscall.Syscall6(sysSENDMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
+	return int(n), errnoErr(errno)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_posix.go b/server/vendor/golang.org/x/net/internal/socket/sys_posix.go
new file mode 100644
index 0000000..58d8654
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_posix.go
@@ -0,0 +1,184 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows || zos
+
+package socket
+
+import (
+	"encoding/binary"
+	"errors"
+	"net"
+	"runtime"
+	"strconv"
+	"sync"
+	"time"
+)
+
+// marshalInetAddr writes a in sockaddr format into the buffer b.
+// The buffer must be sufficiently large (sizeofSockaddrInet4/6).
+// Returns the number of bytes written.
+func marshalInetAddr(a net.Addr, b []byte) int {
+	switch a := a.(type) {
+	case *net.TCPAddr:
+		return marshalSockaddr(a.IP, a.Port, a.Zone, b)
+	case *net.UDPAddr:
+		return marshalSockaddr(a.IP, a.Port, a.Zone, b)
+	case *net.IPAddr:
+		return marshalSockaddr(a.IP, 0, a.Zone, b)
+	default:
+		return 0
+	}
+}
+
+func marshalSockaddr(ip net.IP, port int, zone string, b []byte) int {
+	if ip4 := ip.To4(); ip4 != nil {
+		switch runtime.GOOS {
+		case "android", "illumos", "linux", "solaris", "windows":
+			NativeEndian.PutUint16(b[:2], uint16(sysAF_INET))
+		default:
+			b[0] = sizeofSockaddrInet4
+			b[1] = sysAF_INET
+		}
+		binary.BigEndian.PutUint16(b[2:4], uint16(port))
+		copy(b[4:8], ip4)
+		return sizeofSockaddrInet4
+	}
+	if ip6 := ip.To16(); ip6 != nil && ip.To4() == nil {
+		switch runtime.GOOS {
+		case "android", "illumos", "linux", "solaris", "windows":
+			NativeEndian.PutUint16(b[:2], uint16(sysAF_INET6))
+		default:
+			b[0] = sizeofSockaddrInet6
+			b[1] = sysAF_INET6
+		}
+		binary.BigEndian.PutUint16(b[2:4], uint16(port))
+		copy(b[8:24], ip6)
+		if zone != "" {
+			NativeEndian.PutUint32(b[24:28], uint32(zoneCache.index(zone)))
+		}
+		return sizeofSockaddrInet6
+	}
+	return 0
+}
+
+func parseInetAddr(b []byte, network string) (net.Addr, error) {
+	if len(b) < 2 {
+		return nil, errors.New("invalid address")
+	}
+	var af int
+	switch runtime.GOOS {
+	case "android", "illumos", "linux", "solaris", "windows":
+		af = int(NativeEndian.Uint16(b[:2]))
+	default:
+		af = int(b[1])
+	}
+	var ip net.IP
+	var zone string
+	if af == sysAF_INET {
+		if len(b) < sizeofSockaddrInet4 {
+			return nil, errors.New("short address")
+		}
+		ip = make(net.IP, net.IPv4len)
+		copy(ip, b[4:8])
+	}
+	if af == sysAF_INET6 {
+		if len(b) < sizeofSockaddrInet6 {
+			return nil, errors.New("short address")
+		}
+		ip = make(net.IP, net.IPv6len)
+		copy(ip, b[8:24])
+		if id := int(NativeEndian.Uint32(b[24:28])); id > 0 {
+			zone = zoneCache.name(id)
+		}
+	}
+	switch network {
+	case "tcp", "tcp4", "tcp6":
+		return &net.TCPAddr{IP: ip, Port: int(binary.BigEndian.Uint16(b[2:4])), Zone: zone}, nil
+	case "udp", "udp4", "udp6":
+		return &net.UDPAddr{IP: ip, Port: int(binary.BigEndian.Uint16(b[2:4])), Zone: zone}, nil
+	default:
+		return &net.IPAddr{IP: ip, Zone: zone}, nil
+	}
+}
+
+// An ipv6ZoneCache represents a cache holding partial network
+// interface information. It is used for reducing the cost of IPv6
+// addressing scope zone resolution.
+//
+// Multiple names sharing the index are managed by first-come
+// first-served basis for consistency.
+type ipv6ZoneCache struct {
+	sync.RWMutex                // guard the following
+	lastFetched  time.Time      // last time routing information was fetched
+	toIndex      map[string]int // interface name to its index
+	toName       map[int]string // interface index to its name
+}
+
+var zoneCache = ipv6ZoneCache{
+	toIndex: make(map[string]int),
+	toName:  make(map[int]string),
+}
+
+// update refreshes the network interface information if the cache was last
+// updated more than 1 minute ago, or if force is set. It returns whether the
+// cache was updated.
+func (zc *ipv6ZoneCache) update(ift []net.Interface, force bool) (updated bool) {
+	zc.Lock()
+	defer zc.Unlock()
+	now := time.Now()
+	if !force && zc.lastFetched.After(now.Add(-60*time.Second)) {
+		return false
+	}
+	zc.lastFetched = now
+	if len(ift) == 0 {
+		var err error
+		if ift, err = net.Interfaces(); err != nil {
+			return false
+		}
+	}
+	zc.toIndex = make(map[string]int, len(ift))
+	zc.toName = make(map[int]string, len(ift))
+	for _, ifi := range ift {
+		zc.toIndex[ifi.Name] = ifi.Index
+		if _, ok := zc.toName[ifi.Index]; !ok {
+			zc.toName[ifi.Index] = ifi.Name
+		}
+	}
+	return true
+}
+
+func (zc *ipv6ZoneCache) name(zone int) string {
+	updated := zoneCache.update(nil, false)
+	zoneCache.RLock()
+	name, ok := zoneCache.toName[zone]
+	zoneCache.RUnlock()
+	if !ok && !updated {
+		zoneCache.update(nil, true)
+		zoneCache.RLock()
+		name, ok = zoneCache.toName[zone]
+		zoneCache.RUnlock()
+	}
+	if !ok { // last resort
+		name = strconv.Itoa(zone)
+	}
+	return name
+}
+
+func (zc *ipv6ZoneCache) index(zone string) int {
+	updated := zoneCache.update(nil, false)
+	zoneCache.RLock()
+	index, ok := zoneCache.toIndex[zone]
+	zoneCache.RUnlock()
+	if !ok && !updated {
+		zoneCache.update(nil, true)
+		zoneCache.RLock()
+		index, ok = zoneCache.toIndex[zone]
+		zoneCache.RUnlock()
+	}
+	if !ok { // last resort
+		index, _ = strconv.Atoi(zone)
+	}
+	return index
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_stub.go b/server/vendor/golang.org/x/net/internal/socket/sys_stub.go
new file mode 100644
index 0000000..2e5b473
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_stub.go
@@ -0,0 +1,52 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package socket
+
+import "net"
+
+const (
+	sysAF_UNSPEC = 0x0
+	sysAF_INET   = 0x2
+	sysAF_INET6  = 0xa
+
+	sysSOCK_RAW = 0x3
+
+	sizeofSockaddrInet4 = 0x10
+	sizeofSockaddrInet6 = 0x1c
+)
+
+func marshalInetAddr(ip net.IP, port int, zone string) []byte {
+	return nil
+}
+
+func parseInetAddr(b []byte, network string) (net.Addr, error) {
+	return nil, errNotImplemented
+}
+
+func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
+	return 0, errNotImplemented
+}
+
+func setsockopt(s uintptr, level, name int, b []byte) error {
+	return errNotImplemented
+}
+
+func recvmsg(s uintptr, buffers [][]byte, oob []byte, flags int, network string) (n, oobn int, recvflags int, from net.Addr, err error) {
+	return 0, 0, 0, nil, errNotImplemented
+}
+
+func sendmsg(s uintptr, buffers [][]byte, oob []byte, to net.Addr, flags int) (int, error) {
+	return 0, errNotImplemented
+}
+
+func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	return 0, errNotImplemented
+}
+
+func sendmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	return 0, errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_unix.go b/server/vendor/golang.org/x/net/internal/socket/sys_unix.go
new file mode 100644
index 0000000..93058db
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_unix.go
@@ -0,0 +1,121 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
+
+package socket
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/sys/unix"
+)
+
+//go:linkname syscall_getsockopt syscall.getsockopt
+func syscall_getsockopt(s, level, name int, val unsafe.Pointer, vallen *uint32) error
+
+//go:linkname syscall_setsockopt syscall.setsockopt
+func syscall_setsockopt(s, level, name int, val unsafe.Pointer, vallen uintptr) error
+
+func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
+	l := uint32(len(b))
+	err := syscall_getsockopt(int(s), level, name, unsafe.Pointer(&b[0]), &l)
+	return int(l), err
+}
+
+func setsockopt(s uintptr, level, name int, b []byte) error {
+	return syscall_setsockopt(int(s), level, name, unsafe.Pointer(&b[0]), uintptr(len(b)))
+}
+
+func recvmsg(s uintptr, buffers [][]byte, oob []byte, flags int, network string) (n, oobn int, recvflags int, from net.Addr, err error) {
+	var unixFrom unix.Sockaddr
+	n, oobn, recvflags, unixFrom, err = unix.RecvmsgBuffers(int(s), buffers, oob, flags)
+	if unixFrom != nil {
+		from = sockaddrToAddr(unixFrom, network)
+	}
+	return
+}
+
+func sendmsg(s uintptr, buffers [][]byte, oob []byte, to net.Addr, flags int) (int, error) {
+	var unixTo unix.Sockaddr
+	if to != nil {
+		unixTo = addrToSockaddr(to)
+	}
+	return unix.SendmsgBuffers(int(s), buffers, oob, unixTo, flags)
+}
+
+// addrToSockaddr converts a net.Addr to a unix.Sockaddr.
+func addrToSockaddr(a net.Addr) unix.Sockaddr {
+	var (
+		ip   net.IP
+		port int
+		zone string
+	)
+	switch a := a.(type) {
+	case *net.TCPAddr:
+		ip = a.IP
+		port = a.Port
+		zone = a.Zone
+	case *net.UDPAddr:
+		ip = a.IP
+		port = a.Port
+		zone = a.Zone
+	case *net.IPAddr:
+		ip = a.IP
+		zone = a.Zone
+	default:
+		return nil
+	}
+
+	if ip4 := ip.To4(); ip4 != nil {
+		sa := unix.SockaddrInet4{Port: port}
+		copy(sa.Addr[:], ip4)
+		return &sa
+	}
+
+	if ip6 := ip.To16(); ip6 != nil && ip.To4() == nil {
+		sa := unix.SockaddrInet6{Port: port}
+		copy(sa.Addr[:], ip6)
+		if zone != "" {
+			sa.ZoneId = uint32(zoneCache.index(zone))
+		}
+		return &sa
+	}
+
+	return nil
+}
+
+// sockaddrToAddr converts a unix.Sockaddr to a net.Addr.
+func sockaddrToAddr(sa unix.Sockaddr, network string) net.Addr {
+	var (
+		ip   net.IP
+		port int
+		zone string
+	)
+	switch sa := sa.(type) {
+	case *unix.SockaddrInet4:
+		ip = make(net.IP, net.IPv4len)
+		copy(ip, sa.Addr[:])
+		port = sa.Port
+	case *unix.SockaddrInet6:
+		ip = make(net.IP, net.IPv6len)
+		copy(ip, sa.Addr[:])
+		port = sa.Port
+		if sa.ZoneId > 0 {
+			zone = zoneCache.name(int(sa.ZoneId))
+		}
+	default:
+		return nil
+	}
+
+	switch network {
+	case "tcp", "tcp4", "tcp6":
+		return &net.TCPAddr{IP: ip, Port: port, Zone: zone}
+	case "udp", "udp4", "udp6":
+		return &net.UDPAddr{IP: ip, Port: port, Zone: zone}
+	default:
+		return &net.IPAddr{IP: ip, Zone: zone}
+	}
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_windows.go b/server/vendor/golang.org/x/net/internal/socket/sys_windows.go
new file mode 100644
index 0000000..b738b89
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_windows.go
@@ -0,0 +1,55 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+)
+
+func probeProtocolStack() int {
+	var p uintptr
+	return int(unsafe.Sizeof(p))
+}
+
+const (
+	sysAF_UNSPEC = windows.AF_UNSPEC
+	sysAF_INET   = windows.AF_INET
+	sysAF_INET6  = windows.AF_INET6
+
+	sysSOCK_RAW = windows.SOCK_RAW
+
+	sizeofSockaddrInet4 = 0x10
+	sizeofSockaddrInet6 = 0x1c
+)
+
+func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
+	l := uint32(len(b))
+	err := syscall.Getsockopt(syscall.Handle(s), int32(level), int32(name), (*byte)(unsafe.Pointer(&b[0])), (*int32)(unsafe.Pointer(&l)))
+	return int(l), err
+}
+
+func setsockopt(s uintptr, level, name int, b []byte) error {
+	return syscall.Setsockopt(syscall.Handle(s), int32(level), int32(name), (*byte)(unsafe.Pointer(&b[0])), int32(len(b)))
+}
+
+func recvmsg(s uintptr, buffers [][]byte, oob []byte, flags int, network string) (n, oobn int, recvflags int, from net.Addr, err error) {
+	return 0, 0, 0, nil, errNotImplemented
+}
+
+func sendmsg(s uintptr, buffers [][]byte, oob []byte, to net.Addr, flags int) (int, error) {
+	return 0, errNotImplemented
+}
+
+func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	return 0, errNotImplemented
+}
+
+func sendmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
+	return 0, errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.go b/server/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.go
new file mode 100644
index 0000000..eaa896c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.go
@@ -0,0 +1,66 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+)
+
+func syscall_syscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err syscall.Errno)
+func syscall_syscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err syscall.Errno)
+
+func probeProtocolStack() int {
+	return 4 // sizeof(int) on GOOS=zos GOARCH=s390x
+}
+
+func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
+	l := uint32(len(b))
+	_, _, errno := syscall_syscall6(syscall.SYS_GETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(unsafe.Pointer(&l)), 0)
+	return int(l), errnoErr(errno)
+}
+
+func setsockopt(s uintptr, level, name int, b []byte) error {
+	_, _, errno := syscall_syscall6(syscall.SYS_SETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(len(b)), 0)
+	return errnoErr(errno)
+}
+
+func recvmsg(s uintptr, buffers [][]byte, oob []byte, flags int, network string) (n, oobn int, recvflags int, from net.Addr, err error) {
+	var h msghdr
+	vs := make([]iovec, len(buffers))
+	var sa []byte
+	if network != "tcp" {
+		sa = make([]byte, sizeofSockaddrInet6)
+	}
+	h.pack(vs, buffers, oob, sa)
+	sn, _, errno := syscall_syscall(syscall.SYS___RECVMSG_A, s, uintptr(unsafe.Pointer(&h)), uintptr(flags))
+	n = int(sn)
+	oobn = h.controllen()
+	recvflags = h.flags()
+	err = errnoErr(errno)
+	if network != "tcp" {
+		var err2 error
+		from, err2 = parseInetAddr(sa, network)
+		if err2 != nil && err == nil {
+			err = err2
+		}
+	}
+	return
+}
+
+func sendmsg(s uintptr, buffers [][]byte, oob []byte, to net.Addr, flags int) (int, error) {
+	var h msghdr
+	vs := make([]iovec, len(buffers))
+	var sa []byte
+	if to != nil {
+		var a [sizeofSockaddrInet6]byte
+		n := marshalInetAddr(to, a[:])
+		sa = a[:n]
+	}
+	h.pack(vs, buffers, oob, sa)
+	n, _, errno := syscall_syscall(syscall.SYS___SENDMSG_A, s, uintptr(unsafe.Pointer(&h)), uintptr(flags))
+	return int(n), errnoErr(errno)
+}
diff --git a/server/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.s b/server/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.s
new file mode 100644
index 0000000..60d5839
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.s
@@ -0,0 +1,11 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+#include "textflag.h"
+
+TEXT ·syscall_syscall(SB),NOSPLIT,$0
+        JMP     syscall·_syscall(SB)
+
+TEXT ·syscall_syscall6(SB),NOSPLIT,$0
+        JMP     syscall·_syscall6(SB)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go
new file mode 100644
index 0000000..45bab00
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go
@@ -0,0 +1,39 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_aix.go
+
+// Added for go1.11 compatibility
+//go:build aix
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     int32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go
new file mode 100644
index 0000000..98dcfe4
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go
@@ -0,0 +1,32 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_darwin.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     int32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go
new file mode 100644
index 0000000..98dcfe4
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go
@@ -0,0 +1,32 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_darwin.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     int32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go
new file mode 100644
index 0000000..636d129
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go
@@ -0,0 +1,32 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_dragonfly.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     int32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go
new file mode 100644
index 0000000..87707fe
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go
@@ -0,0 +1,30 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     int32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go
new file mode 100644
index 0000000..7db7781
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go
@@ -0,0 +1,32 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     int32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go
new file mode 100644
index 0000000..87707fe
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go
@@ -0,0 +1,30 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     int32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go
new file mode 100644
index 0000000..7db7781
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go
@@ -0,0 +1,32 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     int32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_riscv64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_riscv64.go
new file mode 100644
index 0000000..965c0b2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_freebsd_riscv64.go
@@ -0,0 +1,30 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     int32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go
new file mode 100644
index 0000000..4c19269
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go
@@ -0,0 +1,35 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr msghdr
+	Len uint32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go
new file mode 100644
index 0000000..3dcd5c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_1  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go
new file mode 100644
index 0000000..4c19269
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go
@@ -0,0 +1,35 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr msghdr
+	Len uint32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go
new file mode 100644
index 0000000..3dcd5c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_1  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_loong64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_loong64.go
new file mode 100644
index 0000000..b6fc15a
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_loong64.go
@@ -0,0 +1,39 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+//go:build loong64
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_0  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go
new file mode 100644
index 0000000..4c19269
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go
@@ -0,0 +1,35 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr msghdr
+	Len uint32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go
new file mode 100644
index 0000000..3dcd5c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_1  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go
new file mode 100644
index 0000000..3dcd5c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_1  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go
new file mode 100644
index 0000000..4c19269
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go
@@ -0,0 +1,35 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr msghdr
+	Len uint32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc.go
new file mode 100644
index 0000000..4c19269
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc.go
@@ -0,0 +1,35 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr msghdr
+	Len uint32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go
new file mode 100644
index 0000000..3dcd5c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_1  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go
new file mode 100644
index 0000000..3dcd5c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_1  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go
new file mode 100644
index 0000000..e67fc3c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go
@@ -0,0 +1,39 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+//go:build riscv64
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_0  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go
new file mode 100644
index 0000000..3dcd5c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint64
+	Control    *byte
+	Controllen uint64
+	Flags      int32
+	Pad_cgo_1  [4]byte
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x38
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go b/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go
new file mode 100644
index 0000000..f95572d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go
@@ -0,0 +1,35 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_netbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     int32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr msghdr
+	Len uint32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go
new file mode 100644
index 0000000..a92fd60
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_netbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     int32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go b/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go
new file mode 100644
index 0000000..f95572d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go
@@ -0,0 +1,35 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_netbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     int32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr msghdr
+	Len uint32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go
new file mode 100644
index 0000000..a92fd60
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go
@@ -0,0 +1,38 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_netbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     int32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type mmsghdr struct {
+	Hdr       msghdr
+	Len       uint32
+	Pad_cgo_0 [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go
new file mode 100644
index 0000000..e792ec2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go
@@ -0,0 +1,30 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go
new file mode 100644
index 0000000..b68ff2d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go
@@ -0,0 +1,32 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go
new file mode 100644
index 0000000..e792ec2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go
@@ -0,0 +1,30 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint32
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x8
+	sizeofMsghdr = 0x1c
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go
new file mode 100644
index 0000000..b68ff2d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go
@@ -0,0 +1,32 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Pad_cgo_0  [4]byte
+	Iov        *iovec
+	Iovlen     uint32
+	Pad_cgo_1  [4]byte
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go
new file mode 100644
index 0000000..3c9576e
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go
@@ -0,0 +1,30 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Namelen    uint32
+	Iov        *iovec
+	Iovlen     uint32
+	Control    *byte
+	Controllen uint32
+	Flags      int32
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_ppc64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_ppc64.go
new file mode 100644
index 0000000..cebde76
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_ppc64.go
@@ -0,0 +1,30 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package socket
+
+type iovec struct {
+	Base	*byte
+	Len	uint64
+}
+
+type msghdr struct {
+	Name		*byte
+	Namelen		uint32
+	Iov		*iovec
+	Iovlen		uint32
+	Control		*byte
+	Controllen	uint32
+	Flags		int32
+}
+
+type cmsghdr struct {
+	Len	uint32
+	Level	int32
+	Type	int32
+}
+
+const (
+	sizeofIovec	= 0x10
+	sizeofMsghdr	= 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_riscv64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_riscv64.go
new file mode 100644
index 0000000..cebde76
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_openbsd_riscv64.go
@@ -0,0 +1,30 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package socket
+
+type iovec struct {
+	Base	*byte
+	Len	uint64
+}
+
+type msghdr struct {
+	Name		*byte
+	Namelen		uint32
+	Iov		*iovec
+	Iovlen		uint32
+	Control		*byte
+	Controllen	uint32
+	Flags		int32
+}
+
+type cmsghdr struct {
+	Len	uint32
+	Level	int32
+	Type	int32
+}
+
+const (
+	sizeofIovec	= 0x10
+	sizeofMsghdr	= 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go b/server/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go
new file mode 100644
index 0000000..359cfec
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go
@@ -0,0 +1,32 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_solaris.go
+
+package socket
+
+type iovec struct {
+	Base *int8
+	Len  uint64
+}
+
+type msghdr struct {
+	Name         *byte
+	Namelen      uint32
+	Pad_cgo_0    [4]byte
+	Iov          *iovec
+	Iovlen       int32
+	Pad_cgo_1    [4]byte
+	Accrights    *int8
+	Accrightslen int32
+	Pad_cgo_2    [4]byte
+}
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofIovec  = 0x10
+	sizeofMsghdr = 0x30
+)
diff --git a/server/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go b/server/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go
new file mode 100644
index 0000000..49b62c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go
@@ -0,0 +1,28 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+type iovec struct {
+	Base *byte
+	Len  uint64
+}
+
+type msghdr struct {
+	Name       *byte
+	Iov        *iovec
+	Control    *byte
+	Flags      int32
+	Namelen    uint32
+	Iovlen     int32
+	Controllen uint32
+}
+
+type cmsghdr struct {
+	Len   int32
+	Level int32
+	Type  int32
+}
+
+const sizeofCmsghdr = 12
diff --git a/server/vendor/golang.org/x/net/internal/socks/client.go b/server/vendor/golang.org/x/net/internal/socks/client.go
new file mode 100644
index 0000000..3d6f516
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socks/client.go
@@ -0,0 +1,168 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socks
+
+import (
+	"context"
+	"errors"
+	"io"
+	"net"
+	"strconv"
+	"time"
+)
+
+var (
+	noDeadline   = time.Time{}
+	aLongTimeAgo = time.Unix(1, 0)
+)
+
+func (d *Dialer) connect(ctx context.Context, c net.Conn, address string) (_ net.Addr, ctxErr error) {
+	host, port, err := splitHostPort(address)
+	if err != nil {
+		return nil, err
+	}
+	if deadline, ok := ctx.Deadline(); ok && !deadline.IsZero() {
+		c.SetDeadline(deadline)
+		defer c.SetDeadline(noDeadline)
+	}
+	if ctx != context.Background() {
+		errCh := make(chan error, 1)
+		done := make(chan struct{})
+		defer func() {
+			close(done)
+			if ctxErr == nil {
+				ctxErr = <-errCh
+			}
+		}()
+		go func() {
+			select {
+			case <-ctx.Done():
+				c.SetDeadline(aLongTimeAgo)
+				errCh <- ctx.Err()
+			case <-done:
+				errCh <- nil
+			}
+		}()
+	}
+
+	b := make([]byte, 0, 6+len(host)) // the size here is just an estimate
+	b = append(b, Version5)
+	if len(d.AuthMethods) == 0 || d.Authenticate == nil {
+		b = append(b, 1, byte(AuthMethodNotRequired))
+	} else {
+		ams := d.AuthMethods
+		if len(ams) > 255 {
+			return nil, errors.New("too many authentication methods")
+		}
+		b = append(b, byte(len(ams)))
+		for _, am := range ams {
+			b = append(b, byte(am))
+		}
+	}
+	if _, ctxErr = c.Write(b); ctxErr != nil {
+		return
+	}
+
+	if _, ctxErr = io.ReadFull(c, b[:2]); ctxErr != nil {
+		return
+	}
+	if b[0] != Version5 {
+		return nil, errors.New("unexpected protocol version " + strconv.Itoa(int(b[0])))
+	}
+	am := AuthMethod(b[1])
+	if am == AuthMethodNoAcceptableMethods {
+		return nil, errors.New("no acceptable authentication methods")
+	}
+	if d.Authenticate != nil {
+		if ctxErr = d.Authenticate(ctx, c, am); ctxErr != nil {
+			return
+		}
+	}
+
+	b = b[:0]
+	b = append(b, Version5, byte(d.cmd), 0)
+	if ip := net.ParseIP(host); ip != nil {
+		if ip4 := ip.To4(); ip4 != nil {
+			b = append(b, AddrTypeIPv4)
+			b = append(b, ip4...)
+		} else if ip6 := ip.To16(); ip6 != nil {
+			b = append(b, AddrTypeIPv6)
+			b = append(b, ip6...)
+		} else {
+			return nil, errors.New("unknown address type")
+		}
+	} else {
+		if len(host) > 255 {
+			return nil, errors.New("FQDN too long")
+		}
+		b = append(b, AddrTypeFQDN)
+		b = append(b, byte(len(host)))
+		b = append(b, host...)
+	}
+	b = append(b, byte(port>>8), byte(port))
+	if _, ctxErr = c.Write(b); ctxErr != nil {
+		return
+	}
+
+	if _, ctxErr = io.ReadFull(c, b[:4]); ctxErr != nil {
+		return
+	}
+	if b[0] != Version5 {
+		return nil, errors.New("unexpected protocol version " + strconv.Itoa(int(b[0])))
+	}
+	if cmdErr := Reply(b[1]); cmdErr != StatusSucceeded {
+		return nil, errors.New("unknown error " + cmdErr.String())
+	}
+	if b[2] != 0 {
+		return nil, errors.New("non-zero reserved field")
+	}
+	l := 2
+	var a Addr
+	switch b[3] {
+	case AddrTypeIPv4:
+		l += net.IPv4len
+		a.IP = make(net.IP, net.IPv4len)
+	case AddrTypeIPv6:
+		l += net.IPv6len
+		a.IP = make(net.IP, net.IPv6len)
+	case AddrTypeFQDN:
+		if _, err := io.ReadFull(c, b[:1]); err != nil {
+			return nil, err
+		}
+		l += int(b[0])
+	default:
+		return nil, errors.New("unknown address type " + strconv.Itoa(int(b[3])))
+	}
+	if cap(b) < l {
+		b = make([]byte, l)
+	} else {
+		b = b[:l]
+	}
+	if _, ctxErr = io.ReadFull(c, b); ctxErr != nil {
+		return
+	}
+	if a.IP != nil {
+		copy(a.IP, b)
+	} else {
+		a.Name = string(b[:len(b)-2])
+	}
+	a.Port = int(b[len(b)-2])<<8 | int(b[len(b)-1])
+	return &a, nil
+}
+
+func splitHostPort(address string) (string, int, error) {
+	host, port, err := net.SplitHostPort(address)
+	if err != nil {
+		return "", 0, err
+	}
+	portnum, err := strconv.Atoi(port)
+	if err != nil {
+		return "", 0, err
+	}
+	if 1 > portnum || portnum > 0xffff {
+		return "", 0, errors.New("port number out of range " + port)
+	}
+	return host, portnum, nil
+}
diff --git a/server/vendor/golang.org/x/net/internal/socks/socks.go b/server/vendor/golang.org/x/net/internal/socks/socks.go
new file mode 100644
index 0000000..84fcc32
--- /dev/null
+++ b/server/vendor/golang.org/x/net/internal/socks/socks.go
@@ -0,0 +1,317 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package socks provides a SOCKS version 5 client implementation.
+//
+// SOCKS protocol version 5 is defined in RFC 1928.
+// Username/Password authentication for SOCKS version 5 is defined in
+// RFC 1929.
+package socks
+
+import (
+	"context"
+	"errors"
+	"io"
+	"net"
+	"strconv"
+)
+
+// A Command represents a SOCKS command.
+type Command int
+
+func (cmd Command) String() string {
+	switch cmd {
+	case CmdConnect:
+		return "socks connect"
+	case cmdBind:
+		return "socks bind"
+	default:
+		return "socks " + strconv.Itoa(int(cmd))
+	}
+}
+
+// An AuthMethod represents a SOCKS authentication method.
+type AuthMethod int
+
+// A Reply represents a SOCKS command reply code.
+type Reply int
+
+func (code Reply) String() string {
+	switch code {
+	case StatusSucceeded:
+		return "succeeded"
+	case 0x01:
+		return "general SOCKS server failure"
+	case 0x02:
+		return "connection not allowed by ruleset"
+	case 0x03:
+		return "network unreachable"
+	case 0x04:
+		return "host unreachable"
+	case 0x05:
+		return "connection refused"
+	case 0x06:
+		return "TTL expired"
+	case 0x07:
+		return "command not supported"
+	case 0x08:
+		return "address type not supported"
+	default:
+		return "unknown code: " + strconv.Itoa(int(code))
+	}
+}
+
+// Wire protocol constants.
+const (
+	Version5 = 0x05
+
+	AddrTypeIPv4 = 0x01
+	AddrTypeFQDN = 0x03
+	AddrTypeIPv6 = 0x04
+
+	CmdConnect Command = 0x01 // establishes an active-open forward proxy connection
+	cmdBind    Command = 0x02 // establishes a passive-open forward proxy connection
+
+	AuthMethodNotRequired         AuthMethod = 0x00 // no authentication required
+	AuthMethodUsernamePassword    AuthMethod = 0x02 // use username/password
+	AuthMethodNoAcceptableMethods AuthMethod = 0xff // no acceptable authentication methods
+
+	StatusSucceeded Reply = 0x00
+)
+
+// An Addr represents a SOCKS-specific address.
+// Either Name or IP is used exclusively.
+type Addr struct {
+	Name string // fully-qualified domain name
+	IP   net.IP
+	Port int
+}
+
+func (a *Addr) Network() string { return "socks" }
+
+func (a *Addr) String() string {
+	if a == nil {
+		return "<nil>"
+	}
+	port := strconv.Itoa(a.Port)
+	if a.IP == nil {
+		return net.JoinHostPort(a.Name, port)
+	}
+	return net.JoinHostPort(a.IP.String(), port)
+}
+
+// A Conn represents a forward proxy connection.
+type Conn struct {
+	net.Conn
+
+	boundAddr net.Addr
+}
+
+// BoundAddr returns the address assigned by the proxy server for
+// connecting to the command target address from the proxy server.
+func (c *Conn) BoundAddr() net.Addr {
+	if c == nil {
+		return nil
+	}
+	return c.boundAddr
+}
+
+// A Dialer holds SOCKS-specific options.
+type Dialer struct {
+	cmd          Command // either CmdConnect or cmdBind
+	proxyNetwork string  // network between a proxy server and a client
+	proxyAddress string  // proxy server address
+
+	// ProxyDial specifies the optional dial function for
+	// establishing the transport connection.
+	ProxyDial func(context.Context, string, string) (net.Conn, error)
+
+	// AuthMethods specifies the list of request authentication
+	// methods.
+	// If empty, SOCKS client requests only AuthMethodNotRequired.
+	AuthMethods []AuthMethod
+
+	// Authenticate specifies the optional authentication
+	// function. It must be non-nil when AuthMethods is not empty.
+	// It must return an error when the authentication is failed.
+	Authenticate func(context.Context, io.ReadWriter, AuthMethod) error
+}
+
+// DialContext connects to the provided address on the provided
+// network.
+//
+// The returned error value may be a net.OpError. When the Op field of
+// net.OpError contains "socks", the Source field contains a proxy
+// server address and the Addr field contains a command target
+// address.
+//
+// See func Dial of the net package of standard library for a
+// description of the network and address parameters.
+func (d *Dialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+	if err := d.validateTarget(network, address); err != nil {
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+	}
+	if ctx == nil {
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: errors.New("nil context")}
+	}
+	var err error
+	var c net.Conn
+	if d.ProxyDial != nil {
+		c, err = d.ProxyDial(ctx, d.proxyNetwork, d.proxyAddress)
+	} else {
+		var dd net.Dialer
+		c, err = dd.DialContext(ctx, d.proxyNetwork, d.proxyAddress)
+	}
+	if err != nil {
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+	}
+	a, err := d.connect(ctx, c, address)
+	if err != nil {
+		c.Close()
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+	}
+	return &Conn{Conn: c, boundAddr: a}, nil
+}
+
+// DialWithConn initiates a connection from SOCKS server to the target
+// network and address using the connection c that is already
+// connected to the SOCKS server.
+//
+// It returns the connection's local address assigned by the SOCKS
+// server.
+func (d *Dialer) DialWithConn(ctx context.Context, c net.Conn, network, address string) (net.Addr, error) {
+	if err := d.validateTarget(network, address); err != nil {
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+	}
+	if ctx == nil {
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: errors.New("nil context")}
+	}
+	a, err := d.connect(ctx, c, address)
+	if err != nil {
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+	}
+	return a, nil
+}
+
+// Dial connects to the provided address on the provided network.
+//
+// Unlike DialContext, it returns a raw transport connection instead
+// of a forward proxy connection.
+//
+// Deprecated: Use DialContext or DialWithConn instead.
+func (d *Dialer) Dial(network, address string) (net.Conn, error) {
+	if err := d.validateTarget(network, address); err != nil {
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+	}
+	var err error
+	var c net.Conn
+	if d.ProxyDial != nil {
+		c, err = d.ProxyDial(context.Background(), d.proxyNetwork, d.proxyAddress)
+	} else {
+		c, err = net.Dial(d.proxyNetwork, d.proxyAddress)
+	}
+	if err != nil {
+		proxy, dst, _ := d.pathAddrs(address)
+		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+	}
+	if _, err := d.DialWithConn(context.Background(), c, network, address); err != nil {
+		c.Close()
+		return nil, err
+	}
+	return c, nil
+}
+
+func (d *Dialer) validateTarget(network, address string) error {
+	switch network {
+	case "tcp", "tcp6", "tcp4":
+	default:
+		return errors.New("network not implemented")
+	}
+	switch d.cmd {
+	case CmdConnect, cmdBind:
+	default:
+		return errors.New("command not implemented")
+	}
+	return nil
+}
+
+func (d *Dialer) pathAddrs(address string) (proxy, dst net.Addr, err error) {
+	for i, s := range []string{d.proxyAddress, address} {
+		host, port, err := splitHostPort(s)
+		if err != nil {
+			return nil, nil, err
+		}
+		a := &Addr{Port: port}
+		a.IP = net.ParseIP(host)
+		if a.IP == nil {
+			a.Name = host
+		}
+		if i == 0 {
+			proxy = a
+		} else {
+			dst = a
+		}
+	}
+	return
+}
+
+// NewDialer returns a new Dialer that dials through the provided
+// proxy server's network and address.
+func NewDialer(network, address string) *Dialer {
+	return &Dialer{proxyNetwork: network, proxyAddress: address, cmd: CmdConnect}
+}
+
+const (
+	authUsernamePasswordVersion = 0x01
+	authStatusSucceeded         = 0x00
+)
+
+// UsernamePassword are the credentials for the username/password
+// authentication method.
+type UsernamePassword struct {
+	Username string
+	Password string
+}
+
+// Authenticate authenticates a pair of username and password with the
+// proxy server.
+func (up *UsernamePassword) Authenticate(ctx context.Context, rw io.ReadWriter, auth AuthMethod) error {
+	switch auth {
+	case AuthMethodNotRequired:
+		return nil
+	case AuthMethodUsernamePassword:
+		if len(up.Username) == 0 || len(up.Username) > 255 || len(up.Password) > 255 {
+			return errors.New("invalid username/password")
+		}
+		b := []byte{authUsernamePasswordVersion}
+		b = append(b, byte(len(up.Username)))
+		b = append(b, up.Username...)
+		b = append(b, byte(len(up.Password)))
+		b = append(b, up.Password...)
+		// TODO(mikio): handle IO deadlines and cancelation if
+		// necessary
+		if _, err := rw.Write(b); err != nil {
+			return err
+		}
+		if _, err := io.ReadFull(rw, b[:2]); err != nil {
+			return err
+		}
+		if b[0] != authUsernamePasswordVersion {
+			return errors.New("invalid username/password version")
+		}
+		if b[1] != authStatusSucceeded {
+			return errors.New("username/password authentication failed")
+		}
+		return nil
+	}
+	return errors.New("unsupported authentication method " + strconv.Itoa(int(auth)))
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/batch.go b/server/vendor/golang.org/x/net/ipv4/batch.go
new file mode 100644
index 0000000..1a3a4fc
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/batch.go
@@ -0,0 +1,194 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"runtime"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// BUG(mikio): On Windows, the ReadBatch and WriteBatch methods of
+// PacketConn are not implemented.
+
+// BUG(mikio): On Windows, the ReadBatch and WriteBatch methods of
+// RawConn are not implemented.
+
+// A Message represents an IO message.
+//
+//	type Message struct {
+//		Buffers [][]byte
+//		OOB     []byte
+//		Addr    net.Addr
+//		N       int
+//		NN      int
+//		Flags   int
+//	}
+//
+// The Buffers fields represents a list of contiguous buffers, which
+// can be used for vectored IO, for example, putting a header and a
+// payload in each slice.
+// When writing, the Buffers field must contain at least one byte to
+// write.
+// When reading, the Buffers field will always contain a byte to read.
+//
+// The OOB field contains protocol-specific control or miscellaneous
+// ancillary data known as out-of-band data.
+// It can be nil when not required.
+//
+// The Addr field specifies a destination address when writing.
+// It can be nil when the underlying protocol of the endpoint uses
+// connection-oriented communication.
+// After a successful read, it may contain the source address on the
+// received packet.
+//
+// The N field indicates the number of bytes read or written from/to
+// Buffers.
+//
+// The NN field indicates the number of bytes read or written from/to
+// OOB.
+//
+// The Flags field contains protocol-specific information on the
+// received message.
+type Message = socket.Message
+
+// ReadBatch reads a batch of messages.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_PEEK.
+//
+// On a successful read it returns the number of messages received, up
+// to len(ms).
+//
+// On Linux, a batch read will be optimized.
+// On other platforms, this method will read only a single message.
+//
+// Unlike the ReadFrom method, it doesn't strip the IPv4 header
+// followed by option headers from the received IPv4 datagram when the
+// underlying transport is net.IPConn. Each Buffers field of Message
+// must be large enough to accommodate an IPv4 header and option
+// headers.
+func (c *payloadHandler) ReadBatch(ms []Message, flags int) (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	switch runtime.GOOS {
+	case "linux":
+		n, err := c.RecvMsgs([]socket.Message(ms), flags)
+		if err != nil {
+			err = &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	default:
+		n := 1
+		err := c.RecvMsg(&ms[0], flags)
+		if err != nil {
+			n = 0
+			err = &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		if compatFreeBSD32 && ms[0].NN > 0 {
+			adjustFreeBSD32(&ms[0])
+		}
+		return n, err
+	}
+}
+
+// WriteBatch writes a batch of messages.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_DONTROUTE.
+//
+// It returns the number of messages written on a successful write.
+//
+// On Linux, a batch write will be optimized.
+// On other platforms, this method will write only a single message.
+func (c *payloadHandler) WriteBatch(ms []Message, flags int) (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	switch runtime.GOOS {
+	case "linux":
+		n, err := c.SendMsgs([]socket.Message(ms), flags)
+		if err != nil {
+			err = &net.OpError{Op: "write", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	default:
+		n := 1
+		err := c.SendMsg(&ms[0], flags)
+		if err != nil {
+			n = 0
+			err = &net.OpError{Op: "write", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	}
+}
+
+// ReadBatch reads a batch of messages.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_PEEK.
+//
+// On a successful read it returns the number of messages received, up
+// to len(ms).
+//
+// On Linux, a batch read will be optimized.
+// On other platforms, this method will read only a single message.
+func (c *packetHandler) ReadBatch(ms []Message, flags int) (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	switch runtime.GOOS {
+	case "linux":
+		n, err := c.RecvMsgs([]socket.Message(ms), flags)
+		if err != nil {
+			err = &net.OpError{Op: "read", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	default:
+		n := 1
+		err := c.RecvMsg(&ms[0], flags)
+		if err != nil {
+			n = 0
+			err = &net.OpError{Op: "read", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Err: err}
+		}
+		if compatFreeBSD32 && ms[0].NN > 0 {
+			adjustFreeBSD32(&ms[0])
+		}
+		return n, err
+	}
+}
+
+// WriteBatch writes a batch of messages.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_DONTROUTE.
+//
+// It returns the number of messages written on a successful write.
+//
+// On Linux, a batch write will be optimized.
+// On other platforms, this method will write only a single message.
+func (c *packetHandler) WriteBatch(ms []Message, flags int) (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	switch runtime.GOOS {
+	case "linux":
+		n, err := c.SendMsgs([]socket.Message(ms), flags)
+		if err != nil {
+			err = &net.OpError{Op: "write", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	default:
+		n := 1
+		err := c.SendMsg(&ms[0], flags)
+		if err != nil {
+			n = 0
+			err = &net.OpError{Op: "write", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	}
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/control.go b/server/vendor/golang.org/x/net/ipv4/control.go
new file mode 100644
index 0000000..a2b02ca
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/control.go
@@ -0,0 +1,144 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"fmt"
+	"net"
+	"sync"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+)
+
+type rawOpt struct {
+	sync.RWMutex
+	cflags ControlFlags
+}
+
+func (c *rawOpt) set(f ControlFlags)        { c.cflags |= f }
+func (c *rawOpt) clear(f ControlFlags)      { c.cflags &^= f }
+func (c *rawOpt) isset(f ControlFlags) bool { return c.cflags&f != 0 }
+
+type ControlFlags uint
+
+const (
+	FlagTTL       ControlFlags = 1 << iota // pass the TTL on the received packet
+	FlagSrc                                // pass the source address on the received packet
+	FlagDst                                // pass the destination address on the received packet
+	FlagInterface                          // pass the interface index on the received packet
+)
+
+// A ControlMessage represents per packet basis IP-level socket options.
+type ControlMessage struct {
+	// Receiving socket options: SetControlMessage allows to
+	// receive the options from the protocol stack using ReadFrom
+	// method of PacketConn or RawConn.
+	//
+	// Specifying socket options: ControlMessage for WriteTo
+	// method of PacketConn or RawConn allows to send the options
+	// to the protocol stack.
+	//
+	TTL     int    // time-to-live, receiving only
+	Src     net.IP // source address, specifying only
+	Dst     net.IP // destination address, receiving only
+	IfIndex int    // interface index, must be 1 <= value when specifying
+}
+
+func (cm *ControlMessage) String() string {
+	if cm == nil {
+		return "<nil>"
+	}
+	return fmt.Sprintf("ttl=%d src=%v dst=%v ifindex=%d", cm.TTL, cm.Src, cm.Dst, cm.IfIndex)
+}
+
+// Marshal returns the binary encoding of cm.
+func (cm *ControlMessage) Marshal() []byte {
+	if cm == nil {
+		return nil
+	}
+	var m socket.ControlMessage
+	if ctlOpts[ctlPacketInfo].name > 0 && (cm.Src.To4() != nil || cm.IfIndex > 0) {
+		m = socket.NewControlMessage([]int{ctlOpts[ctlPacketInfo].length})
+	}
+	if len(m) > 0 {
+		ctlOpts[ctlPacketInfo].marshal(m, cm)
+	}
+	return m
+}
+
+// Parse parses b as a control message and stores the result in cm.
+func (cm *ControlMessage) Parse(b []byte) error {
+	ms, err := socket.ControlMessage(b).Parse()
+	if err != nil {
+		return err
+	}
+	for _, m := range ms {
+		lvl, typ, l, err := m.ParseHeader()
+		if err != nil {
+			return err
+		}
+		if lvl != iana.ProtocolIP {
+			continue
+		}
+		switch {
+		case typ == ctlOpts[ctlTTL].name && l >= ctlOpts[ctlTTL].length:
+			ctlOpts[ctlTTL].parse(cm, m.Data(l))
+		case typ == ctlOpts[ctlDst].name && l >= ctlOpts[ctlDst].length:
+			ctlOpts[ctlDst].parse(cm, m.Data(l))
+		case typ == ctlOpts[ctlInterface].name && l >= ctlOpts[ctlInterface].length:
+			ctlOpts[ctlInterface].parse(cm, m.Data(l))
+		case typ == ctlOpts[ctlPacketInfo].name && l >= ctlOpts[ctlPacketInfo].length:
+			ctlOpts[ctlPacketInfo].parse(cm, m.Data(l))
+		}
+	}
+	return nil
+}
+
+// NewControlMessage returns a new control message.
+//
+// The returned message is large enough for options specified by cf.
+func NewControlMessage(cf ControlFlags) []byte {
+	opt := rawOpt{cflags: cf}
+	var l int
+	if opt.isset(FlagTTL) && ctlOpts[ctlTTL].name > 0 {
+		l += socket.ControlMessageSpace(ctlOpts[ctlTTL].length)
+	}
+	if ctlOpts[ctlPacketInfo].name > 0 {
+		if opt.isset(FlagSrc | FlagDst | FlagInterface) {
+			l += socket.ControlMessageSpace(ctlOpts[ctlPacketInfo].length)
+		}
+	} else {
+		if opt.isset(FlagDst) && ctlOpts[ctlDst].name > 0 {
+			l += socket.ControlMessageSpace(ctlOpts[ctlDst].length)
+		}
+		if opt.isset(FlagInterface) && ctlOpts[ctlInterface].name > 0 {
+			l += socket.ControlMessageSpace(ctlOpts[ctlInterface].length)
+		}
+	}
+	var b []byte
+	if l > 0 {
+		b = make([]byte, l)
+	}
+	return b
+}
+
+// Ancillary data socket options
+const (
+	ctlTTL        = iota // header field
+	ctlSrc               // header field
+	ctlDst               // header field
+	ctlInterface         // inbound or outbound interface
+	ctlPacketInfo        // inbound or outbound packet path
+	ctlMax
+)
+
+// A ctlOpt represents a binding for ancillary data socket option.
+type ctlOpt struct {
+	name    int // option name, must be equal or greater than 1
+	length  int // option length
+	marshal func([]byte, *ControlMessage) []byte
+	parse   func(*ControlMessage, []byte)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/control_bsd.go b/server/vendor/golang.org/x/net/ipv4/control_bsd.go
new file mode 100644
index 0000000..c88da8c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/control_bsd.go
@@ -0,0 +1,43 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd
+
+package ipv4
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+func marshalDst(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIP, unix.IP_RECVDSTADDR, net.IPv4len)
+	return m.Next(net.IPv4len)
+}
+
+func parseDst(cm *ControlMessage, b []byte) {
+	if len(cm.Dst) < net.IPv4len {
+		cm.Dst = make(net.IP, net.IPv4len)
+	}
+	copy(cm.Dst, b[:net.IPv4len])
+}
+
+func marshalInterface(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIP, sockoptReceiveInterface, syscall.SizeofSockaddrDatalink)
+	return m.Next(syscall.SizeofSockaddrDatalink)
+}
+
+func parseInterface(cm *ControlMessage, b []byte) {
+	var sadl syscall.SockaddrDatalink
+	copy((*[unsafe.Sizeof(sadl)]byte)(unsafe.Pointer(&sadl))[:], b)
+	cm.IfIndex = int(sadl.Index)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/control_pktinfo.go b/server/vendor/golang.org/x/net/ipv4/control_pktinfo.go
new file mode 100644
index 0000000..14ae2da
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/control_pktinfo.go
@@ -0,0 +1,41 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin || linux || solaris
+
+package ipv4
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+func marshalPacketInfo(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIP, unix.IP_PKTINFO, sizeofInetPktinfo)
+	if cm != nil {
+		pi := (*inetPktinfo)(unsafe.Pointer(&m.Data(sizeofInetPktinfo)[0]))
+		if ip := cm.Src.To4(); ip != nil {
+			copy(pi.Spec_dst[:], ip)
+		}
+		if cm.IfIndex > 0 {
+			pi.setIfindex(cm.IfIndex)
+		}
+	}
+	return m.Next(sizeofInetPktinfo)
+}
+
+func parsePacketInfo(cm *ControlMessage, b []byte) {
+	pi := (*inetPktinfo)(unsafe.Pointer(&b[0]))
+	cm.IfIndex = int(pi.Ifindex)
+	if len(cm.Dst) < net.IPv4len {
+		cm.Dst = make(net.IP, net.IPv4len)
+	}
+	copy(cm.Dst, pi.Addr[:])
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/control_stub.go b/server/vendor/golang.org/x/net/ipv4/control_stub.go
new file mode 100644
index 0000000..3ba6611
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/control_stub.go
@@ -0,0 +1,13 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package ipv4
+
+import "golang.org/x/net/internal/socket"
+
+func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/control_unix.go b/server/vendor/golang.org/x/net/ipv4/control_unix.go
new file mode 100644
index 0000000..2e76554
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/control_unix.go
@@ -0,0 +1,75 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
+
+package ipv4
+
+import (
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error {
+	opt.Lock()
+	defer opt.Unlock()
+	if so, ok := sockOpts[ssoReceiveTTL]; ok && cf&FlagTTL != 0 {
+		if err := so.SetInt(c, boolint(on)); err != nil {
+			return err
+		}
+		if on {
+			opt.set(FlagTTL)
+		} else {
+			opt.clear(FlagTTL)
+		}
+	}
+	if so, ok := sockOpts[ssoPacketInfo]; ok {
+		if cf&(FlagSrc|FlagDst|FlagInterface) != 0 {
+			if err := so.SetInt(c, boolint(on)); err != nil {
+				return err
+			}
+			if on {
+				opt.set(cf & (FlagSrc | FlagDst | FlagInterface))
+			} else {
+				opt.clear(cf & (FlagSrc | FlagDst | FlagInterface))
+			}
+		}
+	} else {
+		if so, ok := sockOpts[ssoReceiveDst]; ok && cf&FlagDst != 0 {
+			if err := so.SetInt(c, boolint(on)); err != nil {
+				return err
+			}
+			if on {
+				opt.set(FlagDst)
+			} else {
+				opt.clear(FlagDst)
+			}
+		}
+		if so, ok := sockOpts[ssoReceiveInterface]; ok && cf&FlagInterface != 0 {
+			if err := so.SetInt(c, boolint(on)); err != nil {
+				return err
+			}
+			if on {
+				opt.set(FlagInterface)
+			} else {
+				opt.clear(FlagInterface)
+			}
+		}
+	}
+	return nil
+}
+
+func marshalTTL(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIP, unix.IP_RECVTTL, 1)
+	return m.Next(1)
+}
+
+func parseTTL(cm *ControlMessage, b []byte) {
+	cm.TTL = int(*(*byte)(unsafe.Pointer(&b[:1][0])))
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/control_windows.go b/server/vendor/golang.org/x/net/ipv4/control_windows.go
new file mode 100644
index 0000000..82c6306
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/control_windows.go
@@ -0,0 +1,12 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import "golang.org/x/net/internal/socket"
+
+func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error {
+	// TODO(mikio): implement this
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/control_zos.go b/server/vendor/golang.org/x/net/ipv4/control_zos.go
new file mode 100644
index 0000000..de11c42
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/control_zos.go
@@ -0,0 +1,88 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+func marshalPacketInfo(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIP, unix.IP_PKTINFO, sizeofInetPktinfo)
+	if cm != nil {
+		pi := (*inetPktinfo)(unsafe.Pointer(&m.Data(sizeofInetPktinfo)[0]))
+		if ip := cm.Src.To4(); ip != nil {
+			copy(pi.Addr[:], ip)
+		}
+		if cm.IfIndex > 0 {
+			pi.setIfindex(cm.IfIndex)
+		}
+	}
+	return m.Next(sizeofInetPktinfo)
+}
+
+func parsePacketInfo(cm *ControlMessage, b []byte) {
+	pi := (*inetPktinfo)(unsafe.Pointer(&b[0]))
+	cm.IfIndex = int(pi.Ifindex)
+	if len(cm.Dst) < net.IPv4len {
+		cm.Dst = make(net.IP, net.IPv4len)
+	}
+	copy(cm.Dst, pi.Addr[:])
+}
+
+func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error {
+	opt.Lock()
+	defer opt.Unlock()
+	if so, ok := sockOpts[ssoReceiveTTL]; ok && cf&FlagTTL != 0 {
+		if err := so.SetInt(c, boolint(on)); err != nil {
+			return err
+		}
+		if on {
+			opt.set(FlagTTL)
+		} else {
+			opt.clear(FlagTTL)
+		}
+	}
+	if so, ok := sockOpts[ssoPacketInfo]; ok {
+		if cf&(FlagSrc|FlagDst|FlagInterface) != 0 {
+			if err := so.SetInt(c, boolint(on)); err != nil {
+				return err
+			}
+			if on {
+				opt.set(cf & (FlagSrc | FlagDst | FlagInterface))
+			} else {
+				opt.clear(cf & (FlagSrc | FlagDst | FlagInterface))
+			}
+		}
+	} else {
+		if so, ok := sockOpts[ssoReceiveDst]; ok && cf&FlagDst != 0 {
+			if err := so.SetInt(c, boolint(on)); err != nil {
+				return err
+			}
+			if on {
+				opt.set(FlagDst)
+			} else {
+				opt.clear(FlagDst)
+			}
+		}
+		if so, ok := sockOpts[ssoReceiveInterface]; ok && cf&FlagInterface != 0 {
+			if err := so.SetInt(c, boolint(on)); err != nil {
+				return err
+			}
+			if on {
+				opt.set(FlagInterface)
+			} else {
+				opt.clear(FlagInterface)
+			}
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/dgramopt.go b/server/vendor/golang.org/x/net/ipv4/dgramopt.go
new file mode 100644
index 0000000..c191c22
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/dgramopt.go
@@ -0,0 +1,264 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+
+	"golang.org/x/net/bpf"
+)
+
+// MulticastTTL returns the time-to-live field value for outgoing
+// multicast packets.
+func (c *dgramOpt) MulticastTTL() (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastTTL]
+	if !ok {
+		return 0, errNotImplemented
+	}
+	return so.GetInt(c.Conn)
+}
+
+// SetMulticastTTL sets the time-to-live field value for future
+// outgoing multicast packets.
+func (c *dgramOpt) SetMulticastTTL(ttl int) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastTTL]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.SetInt(c.Conn, ttl)
+}
+
+// MulticastInterface returns the default interface for multicast
+// packet transmissions.
+func (c *dgramOpt) MulticastInterface() (*net.Interface, error) {
+	if !c.ok() {
+		return nil, errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastInterface]
+	if !ok {
+		return nil, errNotImplemented
+	}
+	return so.getMulticastInterface(c.Conn)
+}
+
+// SetMulticastInterface sets the default interface for future
+// multicast packet transmissions.
+func (c *dgramOpt) SetMulticastInterface(ifi *net.Interface) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastInterface]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.setMulticastInterface(c.Conn, ifi)
+}
+
+// MulticastLoopback reports whether transmitted multicast packets
+// should be copied and send back to the originator.
+func (c *dgramOpt) MulticastLoopback() (bool, error) {
+	if !c.ok() {
+		return false, errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastLoopback]
+	if !ok {
+		return false, errNotImplemented
+	}
+	on, err := so.GetInt(c.Conn)
+	if err != nil {
+		return false, err
+	}
+	return on == 1, nil
+}
+
+// SetMulticastLoopback sets whether transmitted multicast packets
+// should be copied and send back to the originator.
+func (c *dgramOpt) SetMulticastLoopback(on bool) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastLoopback]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.SetInt(c.Conn, boolint(on))
+}
+
+// JoinGroup joins the group address group on the interface ifi.
+// By default all sources that can cast data to group are accepted.
+// It's possible to mute and unmute data transmission from a specific
+// source by using ExcludeSourceSpecificGroup and
+// IncludeSourceSpecificGroup.
+// JoinGroup uses the system assigned multicast interface when ifi is
+// nil, although this is not recommended because the assignment
+// depends on platforms and sometimes it might require routing
+// configuration.
+func (c *dgramOpt) JoinGroup(ifi *net.Interface, group net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoJoinGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP4(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	return so.setGroup(c.Conn, ifi, grp)
+}
+
+// LeaveGroup leaves the group address group on the interface ifi
+// regardless of whether the group is any-source group or
+// source-specific group.
+func (c *dgramOpt) LeaveGroup(ifi *net.Interface, group net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoLeaveGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP4(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	return so.setGroup(c.Conn, ifi, grp)
+}
+
+// JoinSourceSpecificGroup joins the source-specific group comprising
+// group and source on the interface ifi.
+// JoinSourceSpecificGroup uses the system assigned multicast
+// interface when ifi is nil, although this is not recommended because
+// the assignment depends on platforms and sometimes it might require
+// routing configuration.
+func (c *dgramOpt) JoinSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoJoinSourceGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP4(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	src := netAddrToIP4(source)
+	if src == nil {
+		return errMissingAddress
+	}
+	return so.setSourceGroup(c.Conn, ifi, grp, src)
+}
+
+// LeaveSourceSpecificGroup leaves the source-specific group on the
+// interface ifi.
+func (c *dgramOpt) LeaveSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoLeaveSourceGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP4(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	src := netAddrToIP4(source)
+	if src == nil {
+		return errMissingAddress
+	}
+	return so.setSourceGroup(c.Conn, ifi, grp, src)
+}
+
+// ExcludeSourceSpecificGroup excludes the source-specific group from
+// the already joined any-source groups by JoinGroup on the interface
+// ifi.
+func (c *dgramOpt) ExcludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoBlockSourceGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP4(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	src := netAddrToIP4(source)
+	if src == nil {
+		return errMissingAddress
+	}
+	return so.setSourceGroup(c.Conn, ifi, grp, src)
+}
+
+// IncludeSourceSpecificGroup includes the excluded source-specific
+// group by ExcludeSourceSpecificGroup again on the interface ifi.
+func (c *dgramOpt) IncludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoUnblockSourceGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP4(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	src := netAddrToIP4(source)
+	if src == nil {
+		return errMissingAddress
+	}
+	return so.setSourceGroup(c.Conn, ifi, grp, src)
+}
+
+// ICMPFilter returns an ICMP filter.
+// Currently only Linux supports this.
+func (c *dgramOpt) ICMPFilter() (*ICMPFilter, error) {
+	if !c.ok() {
+		return nil, errInvalidConn
+	}
+	so, ok := sockOpts[ssoICMPFilter]
+	if !ok {
+		return nil, errNotImplemented
+	}
+	return so.getICMPFilter(c.Conn)
+}
+
+// SetICMPFilter deploys the ICMP filter.
+// Currently only Linux supports this.
+func (c *dgramOpt) SetICMPFilter(f *ICMPFilter) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoICMPFilter]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.setICMPFilter(c.Conn, f)
+}
+
+// SetBPF attaches a BPF program to the connection.
+//
+// Only supported on Linux.
+func (c *dgramOpt) SetBPF(filter []bpf.RawInstruction) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoAttachFilter]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.setBPF(c.Conn, filter)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/doc.go b/server/vendor/golang.org/x/net/ipv4/doc.go
new file mode 100644
index 0000000..6fbdc52
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/doc.go
@@ -0,0 +1,240 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package ipv4 implements IP-level socket options for the Internet
+// Protocol version 4.
+//
+// The package provides IP-level socket options that allow
+// manipulation of IPv4 facilities.
+//
+// The IPv4 protocol and basic host requirements for IPv4 are defined
+// in RFC 791 and RFC 1122.
+// Host extensions for multicasting and socket interface extensions
+// for multicast source filters are defined in RFC 1112 and RFC 3678.
+// IGMPv1, IGMPv2 and IGMPv3 are defined in RFC 1112, RFC 2236 and RFC
+// 3376.
+// Source-specific multicast is defined in RFC 4607.
+//
+// # Unicasting
+//
+// The options for unicasting are available for net.TCPConn,
+// net.UDPConn and net.IPConn which are created as network connections
+// that use the IPv4 transport. When a single TCP connection carrying
+// a data flow of multiple packets needs to indicate the flow is
+// important, Conn is used to set the type-of-service field on the
+// IPv4 header for each packet.
+//
+//	ln, err := net.Listen("tcp4", "0.0.0.0:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer ln.Close()
+//	for {
+//		c, err := ln.Accept()
+//		if err != nil {
+//			// error handling
+//		}
+//		go func(c net.Conn) {
+//			defer c.Close()
+//
+// The outgoing packets will be labeled DiffServ assured forwarding
+// class 1 low drop precedence, known as AF11 packets.
+//
+//			if err := ipv4.NewConn(c).SetTOS(0x28); err != nil {
+//				// error handling
+//			}
+//			if _, err := c.Write(data); err != nil {
+//				// error handling
+//			}
+//		}(c)
+//	}
+//
+// # Multicasting
+//
+// The options for multicasting are available for net.UDPConn and
+// net.IPConn which are created as network connections that use the
+// IPv4 transport. A few network facilities must be prepared before
+// you begin multicasting, at a minimum joining network interfaces and
+// multicast groups.
+//
+//	en0, err := net.InterfaceByName("en0")
+//	if err != nil {
+//		// error handling
+//	}
+//	en1, err := net.InterfaceByIndex(911)
+//	if err != nil {
+//		// error handling
+//	}
+//	group := net.IPv4(224, 0, 0, 250)
+//
+// First, an application listens to an appropriate address with an
+// appropriate service port.
+//
+//	c, err := net.ListenPacket("udp4", "0.0.0.0:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer c.Close()
+//
+// Second, the application joins multicast groups, starts listening to
+// the groups on the specified network interfaces. Note that the
+// service port for transport layer protocol does not matter with this
+// operation as joining groups affects only network and link layer
+// protocols, such as IPv4 and Ethernet.
+//
+//	p := ipv4.NewPacketConn(c)
+//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: group}); err != nil {
+//		// error handling
+//	}
+//	if err := p.JoinGroup(en1, &net.UDPAddr{IP: group}); err != nil {
+//		// error handling
+//	}
+//
+// The application might set per packet control message transmissions
+// between the protocol stack within the kernel. When the application
+// needs a destination address on an incoming packet,
+// SetControlMessage of PacketConn is used to enable control message
+// transmissions.
+//
+//	if err := p.SetControlMessage(ipv4.FlagDst, true); err != nil {
+//		// error handling
+//	}
+//
+// The application could identify whether the received packets are
+// of interest by using the control message that contains the
+// destination address of the received packet.
+//
+//	b := make([]byte, 1500)
+//	for {
+//		n, cm, src, err := p.ReadFrom(b)
+//		if err != nil {
+//			// error handling
+//		}
+//		if cm.Dst.IsMulticast() {
+//			if cm.Dst.Equal(group) {
+//				// joined group, do something
+//			} else {
+//				// unknown group, discard
+//				continue
+//			}
+//		}
+//
+// The application can also send both unicast and multicast packets.
+//
+//		p.SetTOS(0x0)
+//		p.SetTTL(16)
+//		if _, err := p.WriteTo(data, nil, src); err != nil {
+//			// error handling
+//		}
+//		dst := &net.UDPAddr{IP: group, Port: 1024}
+//		for _, ifi := range []*net.Interface{en0, en1} {
+//			if err := p.SetMulticastInterface(ifi); err != nil {
+//				// error handling
+//			}
+//			p.SetMulticastTTL(2)
+//			if _, err := p.WriteTo(data, nil, dst); err != nil {
+//				// error handling
+//			}
+//		}
+//	}
+//
+// # More multicasting
+//
+// An application that uses PacketConn or RawConn may join multiple
+// multicast groups. For example, a UDP listener with port 1024 might
+// join two different groups across over two different network
+// interfaces by using:
+//
+//	c, err := net.ListenPacket("udp4", "0.0.0.0:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer c.Close()
+//	p := ipv4.NewPacketConn(c)
+//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 248)}); err != nil {
+//		// error handling
+//	}
+//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 249)}); err != nil {
+//		// error handling
+//	}
+//	if err := p.JoinGroup(en1, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 249)}); err != nil {
+//		// error handling
+//	}
+//
+// It is possible for multiple UDP listeners that listen on the same
+// UDP port to join the same multicast group. The net package will
+// provide a socket that listens to a wildcard address with reusable
+// UDP port when an appropriate multicast address prefix is passed to
+// the net.ListenPacket or net.ListenUDP.
+//
+//	c1, err := net.ListenPacket("udp4", "224.0.0.0:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer c1.Close()
+//	c2, err := net.ListenPacket("udp4", "224.0.0.0:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer c2.Close()
+//	p1 := ipv4.NewPacketConn(c1)
+//	if err := p1.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 248)}); err != nil {
+//		// error handling
+//	}
+//	p2 := ipv4.NewPacketConn(c2)
+//	if err := p2.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 248)}); err != nil {
+//		// error handling
+//	}
+//
+// Also it is possible for the application to leave or rejoin a
+// multicast group on the network interface.
+//
+//	if err := p.LeaveGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 248)}); err != nil {
+//		// error handling
+//	}
+//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 250)}); err != nil {
+//		// error handling
+//	}
+//
+// # Source-specific multicasting
+//
+// An application that uses PacketConn or RawConn on IGMPv3 supported
+// platform is able to join source-specific multicast groups.
+// The application may use JoinSourceSpecificGroup and
+// LeaveSourceSpecificGroup for the operation known as "include" mode,
+//
+//	ssmgroup := net.UDPAddr{IP: net.IPv4(232, 7, 8, 9)}
+//	ssmsource := net.UDPAddr{IP: net.IPv4(192, 168, 0, 1)}
+//	if err := p.JoinSourceSpecificGroup(en0, &ssmgroup, &ssmsource); err != nil {
+//		// error handling
+//	}
+//	if err := p.LeaveSourceSpecificGroup(en0, &ssmgroup, &ssmsource); err != nil {
+//		// error handling
+//	}
+//
+// or JoinGroup, ExcludeSourceSpecificGroup,
+// IncludeSourceSpecificGroup and LeaveGroup for the operation known
+// as "exclude" mode.
+//
+//	exclsource := net.UDPAddr{IP: net.IPv4(192, 168, 0, 254)}
+//	if err := p.JoinGroup(en0, &ssmgroup); err != nil {
+//		// error handling
+//	}
+//	if err := p.ExcludeSourceSpecificGroup(en0, &ssmgroup, &exclsource); err != nil {
+//		// error handling
+//	}
+//	if err := p.LeaveGroup(en0, &ssmgroup); err != nil {
+//		// error handling
+//	}
+//
+// Note that it depends on each platform implementation what happens
+// when an application which runs on IGMPv3 unsupported platform uses
+// JoinSourceSpecificGroup and LeaveSourceSpecificGroup.
+// In general the platform tries to fall back to conversations using
+// IGMPv1 or IGMPv2 and starts to listen to multicast traffic.
+// In the fallback case, ExcludeSourceSpecificGroup and
+// IncludeSourceSpecificGroup may return an error.
+package ipv4 // import "golang.org/x/net/ipv4"
+
+// BUG(mikio): This package is not implemented on JS, NaCl and Plan 9.
diff --git a/server/vendor/golang.org/x/net/ipv4/endpoint.go b/server/vendor/golang.org/x/net/ipv4/endpoint.go
new file mode 100644
index 0000000..4a6d7a8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/endpoint.go
@@ -0,0 +1,186 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"time"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// BUG(mikio): On Windows, the JoinSourceSpecificGroup,
+// LeaveSourceSpecificGroup, ExcludeSourceSpecificGroup and
+// IncludeSourceSpecificGroup methods of PacketConn and RawConn are
+// not implemented.
+
+// A Conn represents a network endpoint that uses the IPv4 transport.
+// It is used to control basic IP-level socket options such as TOS and
+// TTL.
+type Conn struct {
+	genericOpt
+}
+
+type genericOpt struct {
+	*socket.Conn
+}
+
+func (c *genericOpt) ok() bool { return c != nil && c.Conn != nil }
+
+// NewConn returns a new Conn.
+func NewConn(c net.Conn) *Conn {
+	cc, _ := socket.NewConn(c)
+	return &Conn{
+		genericOpt: genericOpt{Conn: cc},
+	}
+}
+
+// A PacketConn represents a packet network endpoint that uses the
+// IPv4 transport. It is used to control several IP-level socket
+// options including multicasting. It also provides datagram based
+// network I/O methods specific to the IPv4 and higher layer protocols
+// such as UDP.
+type PacketConn struct {
+	genericOpt
+	dgramOpt
+	payloadHandler
+}
+
+type dgramOpt struct {
+	*socket.Conn
+}
+
+func (c *dgramOpt) ok() bool { return c != nil && c.Conn != nil }
+
+// SetControlMessage sets the per packet IP-level socket options.
+func (c *PacketConn) SetControlMessage(cf ControlFlags, on bool) error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return setControlMessage(c.dgramOpt.Conn, &c.payloadHandler.rawOpt, cf, on)
+}
+
+// SetDeadline sets the read and write deadlines associated with the
+// endpoint.
+func (c *PacketConn) SetDeadline(t time.Time) error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return c.payloadHandler.PacketConn.SetDeadline(t)
+}
+
+// SetReadDeadline sets the read deadline associated with the
+// endpoint.
+func (c *PacketConn) SetReadDeadline(t time.Time) error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return c.payloadHandler.PacketConn.SetReadDeadline(t)
+}
+
+// SetWriteDeadline sets the write deadline associated with the
+// endpoint.
+func (c *PacketConn) SetWriteDeadline(t time.Time) error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return c.payloadHandler.PacketConn.SetWriteDeadline(t)
+}
+
+// Close closes the endpoint.
+func (c *PacketConn) Close() error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return c.payloadHandler.PacketConn.Close()
+}
+
+// NewPacketConn returns a new PacketConn using c as its underlying
+// transport.
+func NewPacketConn(c net.PacketConn) *PacketConn {
+	cc, _ := socket.NewConn(c.(net.Conn))
+	p := &PacketConn{
+		genericOpt:     genericOpt{Conn: cc},
+		dgramOpt:       dgramOpt{Conn: cc},
+		payloadHandler: payloadHandler{PacketConn: c, Conn: cc},
+	}
+	return p
+}
+
+// A RawConn represents a packet network endpoint that uses the IPv4
+// transport. It is used to control several IP-level socket options
+// including IPv4 header manipulation. It also provides datagram
+// based network I/O methods specific to the IPv4 and higher layer
+// protocols that handle IPv4 datagram directly such as OSPF, GRE.
+type RawConn struct {
+	genericOpt
+	dgramOpt
+	packetHandler
+}
+
+// SetControlMessage sets the per packet IP-level socket options.
+func (c *RawConn) SetControlMessage(cf ControlFlags, on bool) error {
+	if !c.packetHandler.ok() {
+		return errInvalidConn
+	}
+	return setControlMessage(c.dgramOpt.Conn, &c.packetHandler.rawOpt, cf, on)
+}
+
+// SetDeadline sets the read and write deadlines associated with the
+// endpoint.
+func (c *RawConn) SetDeadline(t time.Time) error {
+	if !c.packetHandler.ok() {
+		return errInvalidConn
+	}
+	return c.packetHandler.IPConn.SetDeadline(t)
+}
+
+// SetReadDeadline sets the read deadline associated with the
+// endpoint.
+func (c *RawConn) SetReadDeadline(t time.Time) error {
+	if !c.packetHandler.ok() {
+		return errInvalidConn
+	}
+	return c.packetHandler.IPConn.SetReadDeadline(t)
+}
+
+// SetWriteDeadline sets the write deadline associated with the
+// endpoint.
+func (c *RawConn) SetWriteDeadline(t time.Time) error {
+	if !c.packetHandler.ok() {
+		return errInvalidConn
+	}
+	return c.packetHandler.IPConn.SetWriteDeadline(t)
+}
+
+// Close closes the endpoint.
+func (c *RawConn) Close() error {
+	if !c.packetHandler.ok() {
+		return errInvalidConn
+	}
+	return c.packetHandler.IPConn.Close()
+}
+
+// NewRawConn returns a new RawConn using c as its underlying
+// transport.
+func NewRawConn(c net.PacketConn) (*RawConn, error) {
+	cc, err := socket.NewConn(c.(net.Conn))
+	if err != nil {
+		return nil, err
+	}
+	r := &RawConn{
+		genericOpt:    genericOpt{Conn: cc},
+		dgramOpt:      dgramOpt{Conn: cc},
+		packetHandler: packetHandler{IPConn: c.(*net.IPConn), Conn: cc},
+	}
+	so, ok := sockOpts[ssoHeaderPrepend]
+	if !ok {
+		return nil, errNotImplemented
+	}
+	if err := so.SetInt(r.dgramOpt.Conn, boolint(true)); err != nil {
+		return nil, err
+	}
+	return r, nil
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/genericopt.go b/server/vendor/golang.org/x/net/ipv4/genericopt.go
new file mode 100644
index 0000000..51c1237
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/genericopt.go
@@ -0,0 +1,55 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+// TOS returns the type-of-service field value for outgoing packets.
+func (c *genericOpt) TOS() (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	so, ok := sockOpts[ssoTOS]
+	if !ok {
+		return 0, errNotImplemented
+	}
+	return so.GetInt(c.Conn)
+}
+
+// SetTOS sets the type-of-service field value for future outgoing
+// packets.
+func (c *genericOpt) SetTOS(tos int) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoTOS]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.SetInt(c.Conn, tos)
+}
+
+// TTL returns the time-to-live field value for outgoing packets.
+func (c *genericOpt) TTL() (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	so, ok := sockOpts[ssoTTL]
+	if !ok {
+		return 0, errNotImplemented
+	}
+	return so.GetInt(c.Conn)
+}
+
+// SetTTL sets the time-to-live field value for future outgoing
+// packets.
+func (c *genericOpt) SetTTL(ttl int) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoTTL]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.SetInt(c.Conn, ttl)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/header.go b/server/vendor/golang.org/x/net/ipv4/header.go
new file mode 100644
index 0000000..a00a3ea
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/header.go
@@ -0,0 +1,172 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"encoding/binary"
+	"fmt"
+	"net"
+	"runtime"
+
+	"golang.org/x/net/internal/socket"
+)
+
+const (
+	Version   = 4  // protocol version
+	HeaderLen = 20 // header length without extension headers
+)
+
+type HeaderFlags int
+
+const (
+	MoreFragments HeaderFlags = 1 << iota // more fragments flag
+	DontFragment                          // don't fragment flag
+)
+
+// A Header represents an IPv4 header.
+type Header struct {
+	Version  int         // protocol version
+	Len      int         // header length
+	TOS      int         // type-of-service
+	TotalLen int         // packet total length
+	ID       int         // identification
+	Flags    HeaderFlags // flags
+	FragOff  int         // fragment offset
+	TTL      int         // time-to-live
+	Protocol int         // next protocol
+	Checksum int         // checksum
+	Src      net.IP      // source address
+	Dst      net.IP      // destination address
+	Options  []byte      // options, extension headers
+}
+
+func (h *Header) String() string {
+	if h == nil {
+		return "<nil>"
+	}
+	return fmt.Sprintf("ver=%d hdrlen=%d tos=%#x totallen=%d id=%#x flags=%#x fragoff=%#x ttl=%d proto=%d cksum=%#x src=%v dst=%v", h.Version, h.Len, h.TOS, h.TotalLen, h.ID, h.Flags, h.FragOff, h.TTL, h.Protocol, h.Checksum, h.Src, h.Dst)
+}
+
+// Marshal returns the binary encoding of h.
+//
+// The returned slice is in the format used by a raw IP socket on the
+// local system.
+// This may differ from the wire format, depending on the system.
+func (h *Header) Marshal() ([]byte, error) {
+	if h == nil {
+		return nil, errNilHeader
+	}
+	if h.Len < HeaderLen {
+		return nil, errHeaderTooShort
+	}
+	hdrlen := HeaderLen + len(h.Options)
+	b := make([]byte, hdrlen)
+	b[0] = byte(Version<<4 | (hdrlen >> 2 & 0x0f))
+	b[1] = byte(h.TOS)
+	flagsAndFragOff := (h.FragOff & 0x1fff) | int(h.Flags<<13)
+	switch runtime.GOOS {
+	case "darwin", "ios", "dragonfly", "netbsd":
+		socket.NativeEndian.PutUint16(b[2:4], uint16(h.TotalLen))
+		socket.NativeEndian.PutUint16(b[6:8], uint16(flagsAndFragOff))
+	case "freebsd":
+		if freebsdVersion < 1100000 {
+			socket.NativeEndian.PutUint16(b[2:4], uint16(h.TotalLen))
+			socket.NativeEndian.PutUint16(b[6:8], uint16(flagsAndFragOff))
+		} else {
+			binary.BigEndian.PutUint16(b[2:4], uint16(h.TotalLen))
+			binary.BigEndian.PutUint16(b[6:8], uint16(flagsAndFragOff))
+		}
+	default:
+		binary.BigEndian.PutUint16(b[2:4], uint16(h.TotalLen))
+		binary.BigEndian.PutUint16(b[6:8], uint16(flagsAndFragOff))
+	}
+	binary.BigEndian.PutUint16(b[4:6], uint16(h.ID))
+	b[8] = byte(h.TTL)
+	b[9] = byte(h.Protocol)
+	binary.BigEndian.PutUint16(b[10:12], uint16(h.Checksum))
+	if ip := h.Src.To4(); ip != nil {
+		copy(b[12:16], ip[:net.IPv4len])
+	}
+	if ip := h.Dst.To4(); ip != nil {
+		copy(b[16:20], ip[:net.IPv4len])
+	} else {
+		return nil, errMissingAddress
+	}
+	if len(h.Options) > 0 {
+		copy(b[HeaderLen:], h.Options)
+	}
+	return b, nil
+}
+
+// Parse parses b as an IPv4 header and stores the result in h.
+//
+// The provided b must be in the format used by a raw IP socket on the
+// local system.
+// This may differ from the wire format, depending on the system.
+func (h *Header) Parse(b []byte) error {
+	if h == nil || b == nil {
+		return errNilHeader
+	}
+	if len(b) < HeaderLen {
+		return errHeaderTooShort
+	}
+	hdrlen := int(b[0]&0x0f) << 2
+	if len(b) < hdrlen {
+		return errExtHeaderTooShort
+	}
+	h.Version = int(b[0] >> 4)
+	h.Len = hdrlen
+	h.TOS = int(b[1])
+	h.ID = int(binary.BigEndian.Uint16(b[4:6]))
+	h.TTL = int(b[8])
+	h.Protocol = int(b[9])
+	h.Checksum = int(binary.BigEndian.Uint16(b[10:12]))
+	h.Src = net.IPv4(b[12], b[13], b[14], b[15])
+	h.Dst = net.IPv4(b[16], b[17], b[18], b[19])
+	switch runtime.GOOS {
+	case "darwin", "ios", "dragonfly", "netbsd":
+		h.TotalLen = int(socket.NativeEndian.Uint16(b[2:4])) + hdrlen
+		h.FragOff = int(socket.NativeEndian.Uint16(b[6:8]))
+	case "freebsd":
+		if freebsdVersion < 1100000 {
+			h.TotalLen = int(socket.NativeEndian.Uint16(b[2:4]))
+			if freebsdVersion < 1000000 {
+				h.TotalLen += hdrlen
+			}
+			h.FragOff = int(socket.NativeEndian.Uint16(b[6:8]))
+		} else {
+			h.TotalLen = int(binary.BigEndian.Uint16(b[2:4]))
+			h.FragOff = int(binary.BigEndian.Uint16(b[6:8]))
+		}
+	default:
+		h.TotalLen = int(binary.BigEndian.Uint16(b[2:4]))
+		h.FragOff = int(binary.BigEndian.Uint16(b[6:8]))
+	}
+	h.Flags = HeaderFlags(h.FragOff&0xe000) >> 13
+	h.FragOff = h.FragOff & 0x1fff
+	optlen := hdrlen - HeaderLen
+	if optlen > 0 && len(b) >= hdrlen {
+		if cap(h.Options) < optlen {
+			h.Options = make([]byte, optlen)
+		} else {
+			h.Options = h.Options[:optlen]
+		}
+		copy(h.Options, b[HeaderLen:hdrlen])
+	}
+	return nil
+}
+
+// ParseHeader parses b as an IPv4 header.
+//
+// The provided b must be in the format used by a raw IP socket on the
+// local system.
+// This may differ from the wire format, depending on the system.
+func ParseHeader(b []byte) (*Header, error) {
+	h := new(Header)
+	if err := h.Parse(b); err != nil {
+		return nil, err
+	}
+	return h, nil
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/helper.go b/server/vendor/golang.org/x/net/ipv4/helper.go
new file mode 100644
index 0000000..e845a73
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/helper.go
@@ -0,0 +1,77 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"errors"
+	"net"
+	"runtime"
+
+	"golang.org/x/net/internal/socket"
+)
+
+var (
+	errInvalidConn       = errors.New("invalid connection")
+	errMissingAddress    = errors.New("missing address")
+	errNilHeader         = errors.New("nil header")
+	errHeaderTooShort    = errors.New("header too short")
+	errExtHeaderTooShort = errors.New("extension header too short")
+	errInvalidConnType   = errors.New("invalid conn type")
+	errNotImplemented    = errors.New("not implemented on " + runtime.GOOS + "/" + runtime.GOARCH)
+
+	// See https://www.freebsd.org/doc/en/books/porters-handbook/versions.html.
+	freebsdVersion  uint32
+	compatFreeBSD32 bool // 386 emulation on amd64
+)
+
+// See golang.org/issue/30899.
+func adjustFreeBSD32(m *socket.Message) {
+	// FreeBSD 12.0-RELEASE is affected by https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=236737
+	if 1200086 <= freebsdVersion && freebsdVersion < 1201000 {
+		l := (m.NN + 4 - 1) &^ (4 - 1)
+		if m.NN < l && l <= len(m.OOB) {
+			m.NN = l
+		}
+	}
+}
+
+func boolint(b bool) int {
+	if b {
+		return 1
+	}
+	return 0
+}
+
+func netAddrToIP4(a net.Addr) net.IP {
+	switch v := a.(type) {
+	case *net.UDPAddr:
+		if ip := v.IP.To4(); ip != nil {
+			return ip
+		}
+	case *net.IPAddr:
+		if ip := v.IP.To4(); ip != nil {
+			return ip
+		}
+	}
+	return nil
+}
+
+func opAddr(a net.Addr) net.Addr {
+	switch a.(type) {
+	case *net.TCPAddr:
+		if a == nil {
+			return nil
+		}
+	case *net.UDPAddr:
+		if a == nil {
+			return nil
+		}
+	case *net.IPAddr:
+		if a == nil {
+			return nil
+		}
+	}
+	return a
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/iana.go b/server/vendor/golang.org/x/net/ipv4/iana.go
new file mode 100644
index 0000000..4375b40
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/iana.go
@@ -0,0 +1,38 @@
+// go generate gen.go
+// Code generated by the command above; DO NOT EDIT.
+
+package ipv4
+
+// Internet Control Message Protocol (ICMP) Parameters, Updated: 2018-02-26
+const (
+	ICMPTypeEchoReply              ICMPType = 0  // Echo Reply
+	ICMPTypeDestinationUnreachable ICMPType = 3  // Destination Unreachable
+	ICMPTypeRedirect               ICMPType = 5  // Redirect
+	ICMPTypeEcho                   ICMPType = 8  // Echo
+	ICMPTypeRouterAdvertisement    ICMPType = 9  // Router Advertisement
+	ICMPTypeRouterSolicitation     ICMPType = 10 // Router Solicitation
+	ICMPTypeTimeExceeded           ICMPType = 11 // Time Exceeded
+	ICMPTypeParameterProblem       ICMPType = 12 // Parameter Problem
+	ICMPTypeTimestamp              ICMPType = 13 // Timestamp
+	ICMPTypeTimestampReply         ICMPType = 14 // Timestamp Reply
+	ICMPTypePhoturis               ICMPType = 40 // Photuris
+	ICMPTypeExtendedEchoRequest    ICMPType = 42 // Extended Echo Request
+	ICMPTypeExtendedEchoReply      ICMPType = 43 // Extended Echo Reply
+)
+
+// Internet Control Message Protocol (ICMP) Parameters, Updated: 2018-02-26
+var icmpTypes = map[ICMPType]string{
+	0:  "echo reply",
+	3:  "destination unreachable",
+	5:  "redirect",
+	8:  "echo",
+	9:  "router advertisement",
+	10: "router solicitation",
+	11: "time exceeded",
+	12: "parameter problem",
+	13: "timestamp",
+	14: "timestamp reply",
+	40: "photuris",
+	42: "extended echo request",
+	43: "extended echo reply",
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/icmp.go b/server/vendor/golang.org/x/net/ipv4/icmp.go
new file mode 100644
index 0000000..9902bb3
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/icmp.go
@@ -0,0 +1,57 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import "golang.org/x/net/internal/iana"
+
+// An ICMPType represents a type of ICMP message.
+type ICMPType int
+
+func (typ ICMPType) String() string {
+	s, ok := icmpTypes[typ]
+	if !ok {
+		return "<nil>"
+	}
+	return s
+}
+
+// Protocol returns the ICMPv4 protocol number.
+func (typ ICMPType) Protocol() int {
+	return iana.ProtocolICMP
+}
+
+// An ICMPFilter represents an ICMP message filter for incoming
+// packets. The filter belongs to a packet delivery path on a host and
+// it cannot interact with forwarding packets or tunnel-outer packets.
+//
+// Note: RFC 8200 defines a reasonable role model and it works not
+// only for IPv6 but IPv4. A node means a device that implements IP.
+// A router means a node that forwards IP packets not explicitly
+// addressed to itself, and a host means a node that is not a router.
+type ICMPFilter struct {
+	icmpFilter
+}
+
+// Accept accepts incoming ICMP packets including the type field value
+// typ.
+func (f *ICMPFilter) Accept(typ ICMPType) {
+	f.accept(typ)
+}
+
+// Block blocks incoming ICMP packets including the type field value
+// typ.
+func (f *ICMPFilter) Block(typ ICMPType) {
+	f.block(typ)
+}
+
+// SetAll sets the filter action to the filter.
+func (f *ICMPFilter) SetAll(block bool) {
+	f.setAll(block)
+}
+
+// WillBlock reports whether the ICMP type will be blocked.
+func (f *ICMPFilter) WillBlock(typ ICMPType) bool {
+	return f.willBlock(typ)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/icmp_linux.go b/server/vendor/golang.org/x/net/ipv4/icmp_linux.go
new file mode 100644
index 0000000..6e1c5c8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/icmp_linux.go
@@ -0,0 +1,25 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+func (f *icmpFilter) accept(typ ICMPType) {
+	f.Data &^= 1 << (uint32(typ) & 31)
+}
+
+func (f *icmpFilter) block(typ ICMPType) {
+	f.Data |= 1 << (uint32(typ) & 31)
+}
+
+func (f *icmpFilter) setAll(block bool) {
+	if block {
+		f.Data = 1<<32 - 1
+	} else {
+		f.Data = 0
+	}
+}
+
+func (f *icmpFilter) willBlock(typ ICMPType) bool {
+	return f.Data&(1<<(uint32(typ)&31)) != 0
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/icmp_stub.go b/server/vendor/golang.org/x/net/ipv4/icmp_stub.go
new file mode 100644
index 0000000..c2c4ce7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/icmp_stub.go
@@ -0,0 +1,25 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !linux
+
+package ipv4
+
+const sizeofICMPFilter = 0x0
+
+type icmpFilter struct {
+}
+
+func (f *icmpFilter) accept(typ ICMPType) {
+}
+
+func (f *icmpFilter) block(typ ICMPType) {
+}
+
+func (f *icmpFilter) setAll(block bool) {
+}
+
+func (f *icmpFilter) willBlock(typ ICMPType) bool {
+	return false
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/packet.go b/server/vendor/golang.org/x/net/ipv4/packet.go
new file mode 100644
index 0000000..7d784e0
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/packet.go
@@ -0,0 +1,117 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// BUG(mikio): On Windows, the ReadFrom and WriteTo methods of RawConn
+// are not implemented.
+
+// A packetHandler represents the IPv4 datagram handler.
+type packetHandler struct {
+	*net.IPConn
+	*socket.Conn
+	rawOpt
+}
+
+func (c *packetHandler) ok() bool { return c != nil && c.IPConn != nil && c.Conn != nil }
+
+// ReadFrom reads an IPv4 datagram from the endpoint c, copying the
+// datagram into b. It returns the received datagram as the IPv4
+// header h, the payload p and the control message cm.
+func (c *packetHandler) ReadFrom(b []byte) (h *Header, p []byte, cm *ControlMessage, err error) {
+	if !c.ok() {
+		return nil, nil, nil, errInvalidConn
+	}
+	c.rawOpt.RLock()
+	m := socket.Message{
+		Buffers: [][]byte{b},
+		OOB:     NewControlMessage(c.rawOpt.cflags),
+	}
+	c.rawOpt.RUnlock()
+	if err := c.RecvMsg(&m, 0); err != nil {
+		return nil, nil, nil, &net.OpError{Op: "read", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Err: err}
+	}
+	var hs []byte
+	if hs, p, err = slicePacket(b[:m.N]); err != nil {
+		return nil, nil, nil, &net.OpError{Op: "read", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Err: err}
+	}
+	if h, err = ParseHeader(hs); err != nil {
+		return nil, nil, nil, &net.OpError{Op: "read", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Err: err}
+	}
+	if m.NN > 0 {
+		if compatFreeBSD32 {
+			adjustFreeBSD32(&m)
+		}
+		cm = new(ControlMessage)
+		if err := cm.Parse(m.OOB[:m.NN]); err != nil {
+			return nil, nil, nil, &net.OpError{Op: "read", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Err: err}
+		}
+	}
+	if src, ok := m.Addr.(*net.IPAddr); ok && cm != nil {
+		cm.Src = src.IP
+	}
+	return
+}
+
+func slicePacket(b []byte) (h, p []byte, err error) {
+	if len(b) < HeaderLen {
+		return nil, nil, errHeaderTooShort
+	}
+	hdrlen := int(b[0]&0x0f) << 2
+	return b[:hdrlen], b[hdrlen:], nil
+}
+
+// WriteTo writes an IPv4 datagram through the endpoint c, copying the
+// datagram from the IPv4 header h and the payload p. The control
+// message cm allows the datagram path and the outgoing interface to be
+// specified.  Currently only Darwin and Linux support this. The cm
+// may be nil if control of the outgoing datagram is not required.
+//
+// The IPv4 header h must contain appropriate fields that include:
+//
+//	Version       = <must be specified>
+//	Len           = <must be specified>
+//	TOS           = <must be specified>
+//	TotalLen      = <must be specified>
+//	ID            = platform sets an appropriate value if ID is zero
+//	FragOff       = <must be specified>
+//	TTL           = <must be specified>
+//	Protocol      = <must be specified>
+//	Checksum      = platform sets an appropriate value if Checksum is zero
+//	Src           = platform sets an appropriate value if Src is nil
+//	Dst           = <must be specified>
+//	Options       = optional
+func (c *packetHandler) WriteTo(h *Header, p []byte, cm *ControlMessage) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	m := socket.Message{
+		OOB: cm.Marshal(),
+	}
+	wh, err := h.Marshal()
+	if err != nil {
+		return err
+	}
+	m.Buffers = [][]byte{wh, p}
+	dst := new(net.IPAddr)
+	if cm != nil {
+		if ip := cm.Dst.To4(); ip != nil {
+			dst.IP = ip
+		}
+	}
+	if dst.IP == nil {
+		dst.IP = h.Dst
+	}
+	m.Addr = dst
+	if err := c.SendMsg(&m, 0); err != nil {
+		return &net.OpError{Op: "write", Net: c.IPConn.LocalAddr().Network(), Source: c.IPConn.LocalAddr(), Addr: opAddr(dst), Err: err}
+	}
+	return nil
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/payload.go b/server/vendor/golang.org/x/net/ipv4/payload.go
new file mode 100644
index 0000000..f95f811
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/payload.go
@@ -0,0 +1,23 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// BUG(mikio): On Windows, the ControlMessage for ReadFrom and WriteTo
+// methods of PacketConn is not implemented.
+
+// A payloadHandler represents the IPv4 datagram payload handler.
+type payloadHandler struct {
+	net.PacketConn
+	*socket.Conn
+	rawOpt
+}
+
+func (c *payloadHandler) ok() bool { return c != nil && c.PacketConn != nil && c.Conn != nil }
diff --git a/server/vendor/golang.org/x/net/ipv4/payload_cmsg.go b/server/vendor/golang.org/x/net/ipv4/payload_cmsg.go
new file mode 100644
index 0000000..91c685e
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/payload_cmsg.go
@@ -0,0 +1,84 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+
+package ipv4
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// ReadFrom reads a payload of the received IPv4 datagram, from the
+// endpoint c, copying the payload into b. It returns the number of
+// bytes copied into b, the control message cm and the source address
+// src of the received datagram.
+func (c *payloadHandler) ReadFrom(b []byte) (n int, cm *ControlMessage, src net.Addr, err error) {
+	if !c.ok() {
+		return 0, nil, nil, errInvalidConn
+	}
+	c.rawOpt.RLock()
+	m := socket.Message{
+		OOB: NewControlMessage(c.rawOpt.cflags),
+	}
+	c.rawOpt.RUnlock()
+	switch c.PacketConn.(type) {
+	case *net.UDPConn:
+		m.Buffers = [][]byte{b}
+		if err := c.RecvMsg(&m, 0); err != nil {
+			return 0, nil, nil, &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+	case *net.IPConn:
+		h := make([]byte, HeaderLen)
+		m.Buffers = [][]byte{h, b}
+		if err := c.RecvMsg(&m, 0); err != nil {
+			return 0, nil, nil, &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		hdrlen := int(h[0]&0x0f) << 2
+		if hdrlen > len(h) {
+			d := hdrlen - len(h)
+			copy(b, b[d:])
+			m.N -= d
+		} else {
+			m.N -= hdrlen
+		}
+	default:
+		return 0, nil, nil, &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: errInvalidConnType}
+	}
+	if m.NN > 0 {
+		if compatFreeBSD32 {
+			adjustFreeBSD32(&m)
+		}
+		cm = new(ControlMessage)
+		if err := cm.Parse(m.OOB[:m.NN]); err != nil {
+			return 0, nil, nil, &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		cm.Src = netAddrToIP4(m.Addr)
+	}
+	return m.N, cm, m.Addr, nil
+}
+
+// WriteTo writes a payload of the IPv4 datagram, to the destination
+// address dst through the endpoint c, copying the payload from b. It
+// returns the number of bytes written. The control message cm allows
+// the datagram path and the outgoing interface to be specified.
+// Currently only Darwin and Linux support this. The cm may be nil if
+// control of the outgoing datagram is not required.
+func (c *payloadHandler) WriteTo(b []byte, cm *ControlMessage, dst net.Addr) (n int, err error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	m := socket.Message{
+		Buffers: [][]byte{b},
+		OOB:     cm.Marshal(),
+		Addr:    dst,
+	}
+	err = c.SendMsg(&m, 0)
+	if err != nil {
+		err = &net.OpError{Op: "write", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Addr: opAddr(dst), Err: err}
+	}
+	return m.N, err
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/payload_nocmsg.go b/server/vendor/golang.org/x/net/ipv4/payload_nocmsg.go
new file mode 100644
index 0000000..2afd4b5
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/payload_nocmsg.go
@@ -0,0 +1,39 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+
+package ipv4
+
+import "net"
+
+// ReadFrom reads a payload of the received IPv4 datagram, from the
+// endpoint c, copying the payload into b. It returns the number of
+// bytes copied into b, the control message cm and the source address
+// src of the received datagram.
+func (c *payloadHandler) ReadFrom(b []byte) (n int, cm *ControlMessage, src net.Addr, err error) {
+	if !c.ok() {
+		return 0, nil, nil, errInvalidConn
+	}
+	if n, src, err = c.PacketConn.ReadFrom(b); err != nil {
+		return 0, nil, nil, err
+	}
+	return
+}
+
+// WriteTo writes a payload of the IPv4 datagram, to the destination
+// address dst through the endpoint c, copying the payload from b. It
+// returns the number of bytes written. The control message cm allows
+// the datagram path and the outgoing interface to be specified.
+// Currently only Darwin and Linux support this. The cm may be nil if
+// control of the outgoing datagram is not required.
+func (c *payloadHandler) WriteTo(b []byte, cm *ControlMessage, dst net.Addr) (n int, err error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	if dst == nil {
+		return 0, errMissingAddress
+	}
+	return c.PacketConn.WriteTo(b, dst)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sockopt.go b/server/vendor/golang.org/x/net/ipv4/sockopt.go
new file mode 100644
index 0000000..22e90c0
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sockopt.go
@@ -0,0 +1,44 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import "golang.org/x/net/internal/socket"
+
+// Sticky socket options
+const (
+	ssoTOS                = iota // header field for unicast packet
+	ssoTTL                       // header field for unicast packet
+	ssoMulticastTTL              // header field for multicast packet
+	ssoMulticastInterface        // outbound interface for multicast packet
+	ssoMulticastLoopback         // loopback for multicast packet
+	ssoReceiveTTL                // header field on received packet
+	ssoReceiveDst                // header field on received packet
+	ssoReceiveInterface          // inbound interface on received packet
+	ssoPacketInfo                // incbound or outbound packet path
+	ssoHeaderPrepend             // ipv4 header prepend
+	ssoStripHeader               // strip ipv4 header
+	ssoICMPFilter                // icmp filter
+	ssoJoinGroup                 // any-source multicast
+	ssoLeaveGroup                // any-source multicast
+	ssoJoinSourceGroup           // source-specific multicast
+	ssoLeaveSourceGroup          // source-specific multicast
+	ssoBlockSourceGroup          // any-source or source-specific multicast
+	ssoUnblockSourceGroup        // any-source or source-specific multicast
+	ssoAttachFilter              // attach BPF for filtering inbound traffic
+)
+
+// Sticky socket option value types
+const (
+	ssoTypeIPMreq = iota + 1
+	ssoTypeIPMreqn
+	ssoTypeGroupReq
+	ssoTypeGroupSourceReq
+)
+
+// A sockOpt represents a binding for sticky socket option.
+type sockOpt struct {
+	socket.Option
+	typ int // hint for option value type; optional
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sockopt_posix.go b/server/vendor/golang.org/x/net/ipv4/sockopt_posix.go
new file mode 100644
index 0000000..82e2c37
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sockopt_posix.go
@@ -0,0 +1,71 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows || zos
+
+package ipv4
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/bpf"
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) getMulticastInterface(c *socket.Conn) (*net.Interface, error) {
+	switch so.typ {
+	case ssoTypeIPMreqn:
+		return so.getIPMreqn(c)
+	default:
+		return so.getMulticastIf(c)
+	}
+}
+
+func (so *sockOpt) setMulticastInterface(c *socket.Conn, ifi *net.Interface) error {
+	switch so.typ {
+	case ssoTypeIPMreqn:
+		return so.setIPMreqn(c, ifi, nil)
+	default:
+		return so.setMulticastIf(c, ifi)
+	}
+}
+
+func (so *sockOpt) getICMPFilter(c *socket.Conn) (*ICMPFilter, error) {
+	b := make([]byte, so.Len)
+	n, err := so.Get(c, b)
+	if err != nil {
+		return nil, err
+	}
+	if n != sizeofICMPFilter {
+		return nil, errNotImplemented
+	}
+	return (*ICMPFilter)(unsafe.Pointer(&b[0])), nil
+}
+
+func (so *sockOpt) setICMPFilter(c *socket.Conn, f *ICMPFilter) error {
+	b := (*[sizeofICMPFilter]byte)(unsafe.Pointer(f))[:sizeofICMPFilter]
+	return so.Set(c, b)
+}
+
+func (so *sockOpt) setGroup(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	switch so.typ {
+	case ssoTypeIPMreq:
+		return so.setIPMreq(c, ifi, grp)
+	case ssoTypeIPMreqn:
+		return so.setIPMreqn(c, ifi, grp)
+	case ssoTypeGroupReq:
+		return so.setGroupReq(c, ifi, grp)
+	default:
+		return errNotImplemented
+	}
+}
+
+func (so *sockOpt) setSourceGroup(c *socket.Conn, ifi *net.Interface, grp, src net.IP) error {
+	return so.setGroupSourceReq(c, ifi, grp, src)
+}
+
+func (so *sockOpt) setBPF(c *socket.Conn, f []bpf.RawInstruction) error {
+	return so.setAttachFilter(c, f)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sockopt_stub.go b/server/vendor/golang.org/x/net/ipv4/sockopt_stub.go
new file mode 100644
index 0000000..840108b
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sockopt_stub.go
@@ -0,0 +1,42 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package ipv4
+
+import (
+	"net"
+
+	"golang.org/x/net/bpf"
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) getMulticastInterface(c *socket.Conn) (*net.Interface, error) {
+	return nil, errNotImplemented
+}
+
+func (so *sockOpt) setMulticastInterface(c *socket.Conn, ifi *net.Interface) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) getICMPFilter(c *socket.Conn) (*ICMPFilter, error) {
+	return nil, errNotImplemented
+}
+
+func (so *sockOpt) setICMPFilter(c *socket.Conn, f *ICMPFilter) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) setGroup(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) setSourceGroup(c *socket.Conn, ifi *net.Interface, grp, src net.IP) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) setBPF(c *socket.Conn, f []bpf.RawInstruction) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_aix.go b/server/vendor/golang.org/x/net/ipv4/sys_aix.go
new file mode 100644
index 0000000..9244a68
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_aix.go
@@ -0,0 +1,43 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Added for go1.11 compatibility
+//go:build aix
+
+package ipv4
+
+import (
+	"net"
+	"syscall"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+// IP_RECVIF is defined on AIX but doesn't work. IP_RECVINTERFACE must be used instead.
+const sockoptReceiveInterface = unix.IP_RECVINTERFACE
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTTL:       {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+		ctlDst:       {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+		ctlInterface: {unix.IP_RECVINTERFACE, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTOS:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+		ssoTTL:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 1}},
+		ssoReceiveTTL:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+		ssoReceiveDst:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+		ssoReceiveInterface:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVINTERFACE, Len: 4}},
+		ssoHeaderPrepend:      {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+	}
+)
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_asmreq.go b/server/vendor/golang.org/x/net/ipv4/sys_asmreq.go
new file mode 100644
index 0000000..645f254
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_asmreq.go
@@ -0,0 +1,122 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd || solaris || windows
+
+package ipv4
+
+import (
+	"errors"
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/internal/socket"
+)
+
+var errNoSuchInterface = errors.New("no such interface")
+
+func (so *sockOpt) setIPMreq(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	mreq := ipMreq{Multiaddr: [4]byte{grp[0], grp[1], grp[2], grp[3]}}
+	if err := setIPMreqInterface(&mreq, ifi); err != nil {
+		return err
+	}
+	b := (*[sizeofIPMreq]byte)(unsafe.Pointer(&mreq))[:sizeofIPMreq]
+	return so.Set(c, b)
+}
+
+func (so *sockOpt) getMulticastIf(c *socket.Conn) (*net.Interface, error) {
+	var b [4]byte
+	if _, err := so.Get(c, b[:]); err != nil {
+		return nil, err
+	}
+	ifi, err := netIP4ToInterface(net.IPv4(b[0], b[1], b[2], b[3]))
+	if err != nil {
+		return nil, err
+	}
+	return ifi, nil
+}
+
+func (so *sockOpt) setMulticastIf(c *socket.Conn, ifi *net.Interface) error {
+	ip, err := netInterfaceToIP4(ifi)
+	if err != nil {
+		return err
+	}
+	var b [4]byte
+	copy(b[:], ip)
+	return so.Set(c, b[:])
+}
+
+func setIPMreqInterface(mreq *ipMreq, ifi *net.Interface) error {
+	if ifi == nil {
+		return nil
+	}
+	ifat, err := ifi.Addrs()
+	if err != nil {
+		return err
+	}
+	for _, ifa := range ifat {
+		switch ifa := ifa.(type) {
+		case *net.IPAddr:
+			if ip := ifa.IP.To4(); ip != nil {
+				copy(mreq.Interface[:], ip)
+				return nil
+			}
+		case *net.IPNet:
+			if ip := ifa.IP.To4(); ip != nil {
+				copy(mreq.Interface[:], ip)
+				return nil
+			}
+		}
+	}
+	return errNoSuchInterface
+}
+
+func netIP4ToInterface(ip net.IP) (*net.Interface, error) {
+	ift, err := net.Interfaces()
+	if err != nil {
+		return nil, err
+	}
+	for _, ifi := range ift {
+		ifat, err := ifi.Addrs()
+		if err != nil {
+			return nil, err
+		}
+		for _, ifa := range ifat {
+			switch ifa := ifa.(type) {
+			case *net.IPAddr:
+				if ip.Equal(ifa.IP) {
+					return &ifi, nil
+				}
+			case *net.IPNet:
+				if ip.Equal(ifa.IP) {
+					return &ifi, nil
+				}
+			}
+		}
+	}
+	return nil, errNoSuchInterface
+}
+
+func netInterfaceToIP4(ifi *net.Interface) (net.IP, error) {
+	if ifi == nil {
+		return net.IPv4zero.To4(), nil
+	}
+	ifat, err := ifi.Addrs()
+	if err != nil {
+		return nil, err
+	}
+	for _, ifa := range ifat {
+		switch ifa := ifa.(type) {
+		case *net.IPAddr:
+			if ip := ifa.IP.To4(); ip != nil {
+				return ip, nil
+			}
+		case *net.IPNet:
+			if ip := ifa.IP.To4(); ip != nil {
+				return ip, nil
+			}
+		}
+	}
+	return nil, errNoSuchInterface
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_asmreq_stub.go b/server/vendor/golang.org/x/net/ipv4/sys_asmreq_stub.go
new file mode 100644
index 0000000..48cfb6d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_asmreq_stub.go
@@ -0,0 +1,25 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !netbsd && !openbsd && !solaris && !windows
+
+package ipv4
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) setIPMreq(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) getMulticastIf(c *socket.Conn) (*net.Interface, error) {
+	return nil, errNotImplemented
+}
+
+func (so *sockOpt) setMulticastIf(c *socket.Conn, ifi *net.Interface) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_asmreqn.go b/server/vendor/golang.org/x/net/ipv4/sys_asmreqn.go
new file mode 100644
index 0000000..0b27b63
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_asmreqn.go
@@ -0,0 +1,44 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin || freebsd || linux
+
+package ipv4
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+func (so *sockOpt) getIPMreqn(c *socket.Conn) (*net.Interface, error) {
+	b := make([]byte, so.Len)
+	if _, err := so.Get(c, b); err != nil {
+		return nil, err
+	}
+	mreqn := (*unix.IPMreqn)(unsafe.Pointer(&b[0]))
+	if mreqn.Ifindex == 0 {
+		return nil, nil
+	}
+	ifi, err := net.InterfaceByIndex(int(mreqn.Ifindex))
+	if err != nil {
+		return nil, err
+	}
+	return ifi, nil
+}
+
+func (so *sockOpt) setIPMreqn(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	var mreqn unix.IPMreqn
+	if ifi != nil {
+		mreqn.Ifindex = int32(ifi.Index)
+	}
+	if grp != nil {
+		mreqn.Multiaddr = [4]byte{grp[0], grp[1], grp[2], grp[3]}
+	}
+	b := (*[unix.SizeofIPMreqn]byte)(unsafe.Pointer(&mreqn))[:unix.SizeofIPMreqn]
+	return so.Set(c, b)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_asmreqn_stub.go b/server/vendor/golang.org/x/net/ipv4/sys_asmreqn_stub.go
new file mode 100644
index 0000000..303a5e2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_asmreqn_stub.go
@@ -0,0 +1,21 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !darwin && !freebsd && !linux
+
+package ipv4
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) getIPMreqn(c *socket.Conn) (*net.Interface, error) {
+	return nil, errNotImplemented
+}
+
+func (so *sockOpt) setIPMreqn(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_bpf.go b/server/vendor/golang.org/x/net/ipv4/sys_bpf.go
new file mode 100644
index 0000000..1b4780d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_bpf.go
@@ -0,0 +1,24 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux
+
+package ipv4
+
+import (
+	"unsafe"
+
+	"golang.org/x/net/bpf"
+	"golang.org/x/net/internal/socket"
+	"golang.org/x/sys/unix"
+)
+
+func (so *sockOpt) setAttachFilter(c *socket.Conn, f []bpf.RawInstruction) error {
+	prog := unix.SockFprog{
+		Len:    uint16(len(f)),
+		Filter: (*unix.SockFilter)(unsafe.Pointer(&f[0])),
+	}
+	b := (*[unix.SizeofSockFprog]byte)(unsafe.Pointer(&prog))[:unix.SizeofSockFprog]
+	return so.Set(c, b)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_bpf_stub.go b/server/vendor/golang.org/x/net/ipv4/sys_bpf_stub.go
new file mode 100644
index 0000000..b1f779b
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_bpf_stub.go
@@ -0,0 +1,16 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !linux
+
+package ipv4
+
+import (
+	"golang.org/x/net/bpf"
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) setAttachFilter(c *socket.Conn, f []bpf.RawInstruction) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_bsd.go b/server/vendor/golang.org/x/net/ipv4/sys_bsd.go
new file mode 100644
index 0000000..b7b032d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_bsd.go
@@ -0,0 +1,41 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build netbsd || openbsd
+
+package ipv4
+
+import (
+	"net"
+	"syscall"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+const sockoptReceiveInterface = unix.IP_RECVIF
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTTL:       {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+		ctlDst:       {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+		ctlInterface: {unix.IP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTOS:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+		ssoTTL:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 1}},
+		ssoReceiveTTL:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+		ssoReceiveDst:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+		ssoReceiveInterface:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVIF, Len: 4}},
+		ssoHeaderPrepend:      {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+	}
+)
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_darwin.go b/server/vendor/golang.org/x/net/ipv4/sys_darwin.go
new file mode 100644
index 0000000..cac6f3c
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_darwin.go
@@ -0,0 +1,69 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+const sockoptReceiveInterface = unix.IP_RECVIF
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTTL:        {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+		ctlDst:        {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+		ctlInterface:  {unix.IP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+		ctlPacketInfo: {unix.IP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTOS:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+		ssoTTL:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: unix.SizeofIPMreqn}, typ: ssoTypeIPMreqn},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTTL:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+		ssoReceiveDst:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+		ssoReceiveInterface:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVIF, Len: 4}},
+		ssoHeaderPrepend:      {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+		ssoStripHeader:        {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_STRIPHDR, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoPacketInfo:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVPKTINFO, Len: 4}},
+	}
+)
+
+func (pi *inetPktinfo) setIfindex(i int) {
+	pi.Ifindex = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet)(unsafe.Pointer(uintptr(unsafe.Pointer(gr)) + 4))
+	sa.Len = sizeofSockaddrInet
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 4))
+	sa.Len = sizeofSockaddrInet
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 132))
+	sa.Len = sizeofSockaddrInet
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_dragonfly.go b/server/vendor/golang.org/x/net/ipv4/sys_dragonfly.go
new file mode 100644
index 0000000..0620d0e
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_dragonfly.go
@@ -0,0 +1,39 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"syscall"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+const sockoptReceiveInterface = unix.IP_RECVIF
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTTL:       {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+		ctlDst:       {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+		ctlInterface: {unix.IP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTOS:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+		ssoTTL:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTTL:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+		ssoReceiveDst:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+		ssoReceiveInterface:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVIF, Len: 4}},
+		ssoHeaderPrepend:      {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+	}
+)
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_freebsd.go b/server/vendor/golang.org/x/net/ipv4/sys_freebsd.go
new file mode 100644
index 0000000..8961228
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_freebsd.go
@@ -0,0 +1,80 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"runtime"
+	"strings"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+const sockoptReceiveInterface = unix.IP_RECVIF
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTTL:       {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+		ctlDst:       {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+		ctlInterface: {unix.IP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTOS:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+		ssoTTL:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTTL:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+		ssoReceiveDst:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+		ssoReceiveInterface:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVIF, Len: 4}},
+		ssoHeaderPrepend:      {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+	}
+)
+
+func init() {
+	freebsdVersion, _ = syscall.SysctlUint32("kern.osreldate")
+	if freebsdVersion >= 1000000 {
+		sockOpts[ssoMulticastInterface] = &sockOpt{Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: unix.SizeofIPMreqn}, typ: ssoTypeIPMreqn}
+	}
+	if runtime.GOOS == "freebsd" && runtime.GOARCH == "386" {
+		archs, _ := syscall.Sysctl("kern.supported_archs")
+		for _, s := range strings.Fields(archs) {
+			if s == "amd64" {
+				compatFreeBSD32 = true
+				break
+			}
+		}
+	}
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet)(unsafe.Pointer(&gr.Group))
+	sa.Len = sizeofSockaddrInet
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet)(unsafe.Pointer(&gsr.Group))
+	sa.Len = sizeofSockaddrInet
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet)(unsafe.Pointer(&gsr.Source))
+	sa.Len = sizeofSockaddrInet
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_linux.go b/server/vendor/golang.org/x/net/ipv4/sys_linux.go
new file mode 100644
index 0000000..4588a5f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_linux.go
@@ -0,0 +1,61 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTTL:        {unix.IP_TTL, 1, marshalTTL, parseTTL},
+		ctlPacketInfo: {unix.IP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTOS:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+		ssoTTL:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 4}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: unix.SizeofIPMreqn}, typ: ssoTypeIPMreqn},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTTL:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+		ssoPacketInfo:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_PKTINFO, Len: 4}},
+		ssoHeaderPrepend:      {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+		ssoICMPFilter:         {Option: socket.Option{Level: iana.ProtocolReserved, Name: unix.ICMP_FILTER, Len: sizeofICMPFilter}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoAttachFilter:       {Option: socket.Option{Level: unix.SOL_SOCKET, Name: unix.SO_ATTACH_FILTER, Len: unix.SizeofSockFprog}},
+	}
+)
+
+func (pi *inetPktinfo) setIfindex(i int) {
+	pi.Ifindex = int32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet)(unsafe.Pointer(&gr.Group))
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet)(unsafe.Pointer(&gsr.Group))
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet)(unsafe.Pointer(&gsr.Source))
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_solaris.go b/server/vendor/golang.org/x/net/ipv4/sys_solaris.go
new file mode 100644
index 0000000..0bb9f3e
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_solaris.go
@@ -0,0 +1,61 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+const sockoptReceiveInterface = unix.IP_RECVIF
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTTL:        {unix.IP_RECVTTL, 4, marshalTTL, parseTTL},
+		ctlPacketInfo: {unix.IP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
+	}
+
+	sockOpts = map[int]sockOpt{
+		ssoTOS:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+		ssoTTL:                {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 1}},
+		ssoReceiveTTL:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+		ssoPacketInfo:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVPKTINFO, Len: 4}},
+		ssoHeaderPrepend:      {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+	}
+)
+
+func (pi *inetPktinfo) setIfindex(i int) {
+	pi.Ifindex = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet)(unsafe.Pointer(uintptr(unsafe.Pointer(gr)) + 4))
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 4))
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 260))
+	sa.Family = syscall.AF_INET
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_ssmreq.go b/server/vendor/golang.org/x/net/ipv4/sys_ssmreq.go
new file mode 100644
index 0000000..a295e15
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_ssmreq.go
@@ -0,0 +1,52 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin || freebsd || linux || solaris
+
+package ipv4
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) setGroupReq(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	var gr groupReq
+	if ifi != nil {
+		gr.Interface = uint32(ifi.Index)
+	}
+	gr.setGroup(grp)
+	var b []byte
+	if compatFreeBSD32 {
+		var d [sizeofGroupReq + 4]byte
+		s := (*[sizeofGroupReq]byte)(unsafe.Pointer(&gr))
+		copy(d[:4], s[:4])
+		copy(d[8:], s[4:])
+		b = d[:]
+	} else {
+		b = (*[sizeofGroupReq]byte)(unsafe.Pointer(&gr))[:sizeofGroupReq]
+	}
+	return so.Set(c, b)
+}
+
+func (so *sockOpt) setGroupSourceReq(c *socket.Conn, ifi *net.Interface, grp, src net.IP) error {
+	var gsr groupSourceReq
+	if ifi != nil {
+		gsr.Interface = uint32(ifi.Index)
+	}
+	gsr.setSourceGroup(grp, src)
+	var b []byte
+	if compatFreeBSD32 {
+		var d [sizeofGroupSourceReq + 4]byte
+		s := (*[sizeofGroupSourceReq]byte)(unsafe.Pointer(&gsr))
+		copy(d[:4], s[:4])
+		copy(d[8:], s[4:])
+		b = d[:]
+	} else {
+		b = (*[sizeofGroupSourceReq]byte)(unsafe.Pointer(&gsr))[:sizeofGroupSourceReq]
+	}
+	return so.Set(c, b)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_ssmreq_stub.go b/server/vendor/golang.org/x/net/ipv4/sys_ssmreq_stub.go
new file mode 100644
index 0000000..74bd454
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_ssmreq_stub.go
@@ -0,0 +1,21 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !darwin && !freebsd && !linux && !solaris
+
+package ipv4
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) setGroupReq(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) setGroupSourceReq(c *socket.Conn, ifi *net.Interface, grp, src net.IP) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_stub.go b/server/vendor/golang.org/x/net/ipv4/sys_stub.go
new file mode 100644
index 0000000..20af407
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_stub.go
@@ -0,0 +1,13 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package ipv4
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{}
+
+	sockOpts = map[int]*sockOpt{}
+)
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_windows.go b/server/vendor/golang.org/x/net/ipv4/sys_windows.go
new file mode 100644
index 0000000..c5e9506
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_windows.go
@@ -0,0 +1,44 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/windows"
+)
+
+const (
+	sizeofIPMreq       = 0x8
+	sizeofIPMreqSource = 0xc
+)
+
+type ipMreq struct {
+	Multiaddr [4]byte
+	Interface [4]byte
+}
+
+type ipMreqSource struct {
+	Multiaddr  [4]byte
+	Sourceaddr [4]byte
+	Interface  [4]byte
+}
+
+// See http://msdn.microsoft.com/en-us/library/windows/desktop/ms738586(v=vs.85).aspx
+var (
+	ctlOpts = [ctlMax]ctlOpt{}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTOS:                {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_TOS, Len: 4}},
+		ssoTTL:                {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_TTL, Len: 4}},
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_MULTICAST_TTL, Len: 4}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_MULTICAST_IF, Len: 4}},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_MULTICAST_LOOP, Len: 4}},
+		ssoHeaderPrepend:      {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_HDRINCL, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+	}
+)
diff --git a/server/vendor/golang.org/x/net/ipv4/sys_zos.go b/server/vendor/golang.org/x/net/ipv4/sys_zos.go
new file mode 100644
index 0000000..be20640
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/sys_zos.go
@@ -0,0 +1,57 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlPacketInfo: {unix.IP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoMulticastTTL:       {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 1}},
+		ssoPacketInfo:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVPKTINFO, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:   {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+	}
+)
+
+func (pi *inetPktinfo) setIfindex(i int) {
+	pi.Ifindex = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet4)(unsafe.Pointer(&gr.Group))
+	sa.Family = syscall.AF_INET
+	sa.Len = sizeofSockaddrInet4
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet4)(unsafe.Pointer(&gsr.Group))
+	sa.Family = syscall.AF_INET
+	sa.Len = sizeofSockaddrInet4
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet4)(unsafe.Pointer(&gsr.Source))
+	sa.Family = syscall.AF_INET
+	sa.Len = sizeofSockaddrInet4
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go b/server/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go
new file mode 100644
index 0000000..dd45402
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go
@@ -0,0 +1,16 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_aix.go
+
+// Added for go1.11 compatibility
+//go:build aix
+
+package ipv4
+
+const (
+	sizeofIPMreq = 0x8
+)
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_darwin.go b/server/vendor/golang.org/x/net/ipv4/zsys_darwin.go
new file mode 100644
index 0000000..6c1b705
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_darwin.go
@@ -0,0 +1,59 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_darwin.go
+
+package ipv4
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet    = 0x10
+	sizeofInetPktinfo     = 0xc
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]int8
+	X__ss_align int64
+	X__ss_pad2  [112]int8
+}
+
+type sockaddrInet struct {
+	Len    uint8
+	Family uint8
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	Zero   [8]int8
+}
+
+type inetPktinfo struct {
+	Ifindex  uint32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  [4]byte /* in_addr */
+	Sourceaddr [4]byte /* in_addr */
+	Interface  [4]byte /* in_addr */
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [128]byte
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [128]byte
+	Pad_cgo_1 [128]byte
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go b/server/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go
new file mode 100644
index 0000000..2155df1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go
@@ -0,0 +1,13 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_dragonfly.go
+
+package ipv4
+
+const (
+	sizeofIPMreq = 0x8
+)
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go
new file mode 100644
index 0000000..ae40482
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go
@@ -0,0 +1,52 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv4
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet    = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]int8
+	X__ss_align int64
+	X__ss_pad2  [112]int8
+}
+
+type sockaddrInet struct {
+	Len    uint8
+	Family uint8
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	Zero   [8]int8
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  [4]byte /* in_addr */
+	Sourceaddr [4]byte /* in_addr */
+	Interface  [4]byte /* in_addr */
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go
new file mode 100644
index 0000000..9018186
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go
@@ -0,0 +1,54 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv4
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet    = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]int8
+	X__ss_align int64
+	X__ss_pad2  [112]int8
+}
+
+type sockaddrInet struct {
+	Len    uint8
+	Family uint8
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	Zero   [8]int8
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  [4]byte /* in_addr */
+	Sourceaddr [4]byte /* in_addr */
+	Interface  [4]byte /* in_addr */
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go
new file mode 100644
index 0000000..9018186
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go
@@ -0,0 +1,54 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv4
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet    = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]int8
+	X__ss_align int64
+	X__ss_pad2  [112]int8
+}
+
+type sockaddrInet struct {
+	Len    uint8
+	Family uint8
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	Zero   [8]int8
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  [4]byte /* in_addr */
+	Sourceaddr [4]byte /* in_addr */
+	Interface  [4]byte /* in_addr */
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go
new file mode 100644
index 0000000..0feb9a7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go
@@ -0,0 +1,52 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv4
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet    = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]uint8
+	X__ss_align int64
+	X__ss_pad2  [112]uint8
+}
+
+type sockaddrInet struct {
+	Len    uint8
+	Family uint8
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	Zero   [8]uint8
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  [4]byte /* in_addr */
+	Sourceaddr [4]byte /* in_addr */
+	Interface  [4]byte /* in_addr */
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_riscv64.go b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_riscv64.go
new file mode 100644
index 0000000..0feb9a7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_freebsd_riscv64.go
@@ -0,0 +1,52 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv4
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet    = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]uint8
+	X__ss_align int64
+	X__ss_pad2  [112]uint8
+}
+
+type sockaddrInet struct {
+	Len    uint8
+	Family uint8
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	Zero   [8]uint8
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  [4]byte /* in_addr */
+	Sourceaddr [4]byte /* in_addr */
+	Interface  [4]byte /* in_addr */
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_386.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_386.go
new file mode 100644
index 0000000..d510357
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_386.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go
new file mode 100644
index 0000000..eb10cc7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go
new file mode 100644
index 0000000..d510357
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go
new file mode 100644
index 0000000..eb10cc7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_loong64.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_loong64.go
new file mode 100644
index 0000000..54f9e13
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_loong64.go
@@ -0,0 +1,76 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+//go:build loong64
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go
new file mode 100644
index 0000000..d510357
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go
new file mode 100644
index 0000000..eb10cc7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go
new file mode 100644
index 0000000..eb10cc7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go
new file mode 100644
index 0000000..d510357
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go
new file mode 100644
index 0000000..29202e4
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]uint8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go
new file mode 100644
index 0000000..eb10cc7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go
new file mode 100644
index 0000000..eb10cc7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go
new file mode 100644
index 0000000..78374a5
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go
@@ -0,0 +1,76 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+//go:build riscv64
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go b/server/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go
new file mode 100644
index 0000000..eb10cc7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv4
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet          = 0x10
+	sizeofInetPktinfo           = 0xc
+	sizeofSockExtendedErr       = 0x10
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPFilter = 0x4
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	X__pad [8]uint8
+}
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type sockExtendedErr struct {
+	Errno  uint32
+	Origin uint8
+	Type   uint8
+	Code   uint8
+	Pad    uint8
+	Info   uint32
+	Data   uint32
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  uint32
+	Interface  uint32
+	Sourceaddr uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpFilter struct {
+	Data uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_netbsd.go b/server/vendor/golang.org/x/net/ipv4/zsys_netbsd.go
new file mode 100644
index 0000000..a2ef2f6
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_netbsd.go
@@ -0,0 +1,13 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_netbsd.go
+
+package ipv4
+
+const (
+	sizeofIPMreq = 0x8
+)
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_openbsd.go b/server/vendor/golang.org/x/net/ipv4/zsys_openbsd.go
new file mode 100644
index 0000000..b293a33
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_openbsd.go
@@ -0,0 +1,13 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package ipv4
+
+const (
+	sizeofIPMreq = 0x8
+)
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_solaris.go b/server/vendor/golang.org/x/net/ipv4/zsys_solaris.go
new file mode 100644
index 0000000..e1a961b
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_solaris.go
@@ -0,0 +1,57 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_solaris.go
+
+package ipv4
+
+const (
+	sizeofSockaddrStorage = 0x100
+	sizeofSockaddrInet    = 0x10
+	sizeofInetPktinfo     = 0xc
+
+	sizeofIPMreq         = 0x8
+	sizeofIPMreqSource   = 0xc
+	sizeofGroupReq       = 0x104
+	sizeofGroupSourceReq = 0x204
+)
+
+type sockaddrStorage struct {
+	Family     uint16
+	X_ss_pad1  [6]int8
+	X_ss_align float64
+	X_ss_pad2  [240]int8
+}
+
+type sockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	Zero   [8]int8
+}
+
+type inetPktinfo struct {
+	Ifindex  uint32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type ipMreqSource struct {
+	Multiaddr  [4]byte /* in_addr */
+	Sourceaddr [4]byte /* in_addr */
+	Interface  [4]byte /* in_addr */
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [256]byte
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [256]byte
+	Pad_cgo_1 [256]byte
+}
diff --git a/server/vendor/golang.org/x/net/ipv4/zsys_zos_s390x.go b/server/vendor/golang.org/x/net/ipv4/zsys_zos_s390x.go
new file mode 100644
index 0000000..692abf6
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv4/zsys_zos_s390x.go
@@ -0,0 +1,56 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Hand edited based on zerrors_zos_s390x.go
+// TODO(Bill O'Farrell): auto-generate.
+
+package ipv4
+
+const (
+	sizeofIPMreq          = 8
+	sizeofSockaddrInet4   = 16
+	sizeofSockaddrStorage = 128
+	sizeofGroupReq        = 136
+	sizeofGroupSourceReq  = 264
+	sizeofInetPktinfo     = 8
+)
+
+type sockaddrInet4 struct {
+	Len    uint8
+	Family uint8
+	Port   uint16
+	Addr   [4]byte
+	Zero   [8]uint8
+}
+
+type inetPktinfo struct {
+	Addr    [4]byte
+	Ifindex uint32
+}
+
+type sockaddrStorage struct {
+	Len      uint8
+	Family   byte
+	ss_pad1  [6]byte
+	ss_align int64
+	ss_pad2  [112]byte
+}
+
+type groupReq struct {
+	Interface uint32
+	reserved  uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	reserved  uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
+
+type ipMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/batch.go b/server/vendor/golang.org/x/net/ipv6/batch.go
new file mode 100644
index 0000000..2ccb984
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/batch.go
@@ -0,0 +1,116 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+	"runtime"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// BUG(mikio): On Windows, the ReadBatch and WriteBatch methods of
+// PacketConn are not implemented.
+
+// A Message represents an IO message.
+//
+//	type Message struct {
+//		Buffers [][]byte
+//		OOB     []byte
+//		Addr    net.Addr
+//		N       int
+//		NN      int
+//		Flags   int
+//	}
+//
+// The Buffers fields represents a list of contiguous buffers, which
+// can be used for vectored IO, for example, putting a header and a
+// payload in each slice.
+// When writing, the Buffers field must contain at least one byte to
+// write.
+// When reading, the Buffers field will always contain a byte to read.
+//
+// The OOB field contains protocol-specific control or miscellaneous
+// ancillary data known as out-of-band data.
+// It can be nil when not required.
+//
+// The Addr field specifies a destination address when writing.
+// It can be nil when the underlying protocol of the endpoint uses
+// connection-oriented communication.
+// After a successful read, it may contain the source address on the
+// received packet.
+//
+// The N field indicates the number of bytes read or written from/to
+// Buffers.
+//
+// The NN field indicates the number of bytes read or written from/to
+// OOB.
+//
+// The Flags field contains protocol-specific information on the
+// received message.
+type Message = socket.Message
+
+// ReadBatch reads a batch of messages.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_PEEK.
+//
+// On a successful read it returns the number of messages received, up
+// to len(ms).
+//
+// On Linux, a batch read will be optimized.
+// On other platforms, this method will read only a single message.
+func (c *payloadHandler) ReadBatch(ms []Message, flags int) (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	switch runtime.GOOS {
+	case "linux":
+		n, err := c.RecvMsgs([]socket.Message(ms), flags)
+		if err != nil {
+			err = &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	default:
+		n := 1
+		err := c.RecvMsg(&ms[0], flags)
+		if err != nil {
+			n = 0
+			err = &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	}
+}
+
+// WriteBatch writes a batch of messages.
+//
+// The provided flags is a set of platform-dependent flags, such as
+// syscall.MSG_DONTROUTE.
+//
+// It returns the number of messages written on a successful write.
+//
+// On Linux, a batch write will be optimized.
+// On other platforms, this method will write only a single message.
+func (c *payloadHandler) WriteBatch(ms []Message, flags int) (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	switch runtime.GOOS {
+	case "linux":
+		n, err := c.SendMsgs([]socket.Message(ms), flags)
+		if err != nil {
+			err = &net.OpError{Op: "write", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	default:
+		n := 1
+		err := c.SendMsg(&ms[0], flags)
+		if err != nil {
+			n = 0
+			err = &net.OpError{Op: "write", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		return n, err
+	}
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/control.go b/server/vendor/golang.org/x/net/ipv6/control.go
new file mode 100644
index 0000000..2da6444
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/control.go
@@ -0,0 +1,187 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"fmt"
+	"net"
+	"sync"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+)
+
+// Note that RFC 3542 obsoletes RFC 2292 but OS X Snow Leopard and the
+// former still support RFC 2292 only. Please be aware that almost
+// all protocol implementations prohibit using a combination of RFC
+// 2292 and RFC 3542 for some practical reasons.
+
+type rawOpt struct {
+	sync.RWMutex
+	cflags ControlFlags
+}
+
+func (c *rawOpt) set(f ControlFlags)        { c.cflags |= f }
+func (c *rawOpt) clear(f ControlFlags)      { c.cflags &^= f }
+func (c *rawOpt) isset(f ControlFlags) bool { return c.cflags&f != 0 }
+
+// A ControlFlags represents per packet basis IP-level socket option
+// control flags.
+type ControlFlags uint
+
+const (
+	FlagTrafficClass ControlFlags = 1 << iota // pass the traffic class on the received packet
+	FlagHopLimit                              // pass the hop limit on the received packet
+	FlagSrc                                   // pass the source address on the received packet
+	FlagDst                                   // pass the destination address on the received packet
+	FlagInterface                             // pass the interface index on the received packet
+	FlagPathMTU                               // pass the path MTU on the received packet path
+)
+
+const flagPacketInfo = FlagDst | FlagInterface
+
+// A ControlMessage represents per packet basis IP-level socket
+// options.
+type ControlMessage struct {
+	// Receiving socket options: SetControlMessage allows to
+	// receive the options from the protocol stack using ReadFrom
+	// method of PacketConn.
+	//
+	// Specifying socket options: ControlMessage for WriteTo
+	// method of PacketConn allows to send the options to the
+	// protocol stack.
+	//
+	TrafficClass int    // traffic class, must be 1 <= value <= 255 when specifying
+	HopLimit     int    // hop limit, must be 1 <= value <= 255 when specifying
+	Src          net.IP // source address, specifying only
+	Dst          net.IP // destination address, receiving only
+	IfIndex      int    // interface index, must be 1 <= value when specifying
+	NextHop      net.IP // next hop address, specifying only
+	MTU          int    // path MTU, receiving only
+}
+
+func (cm *ControlMessage) String() string {
+	if cm == nil {
+		return "<nil>"
+	}
+	return fmt.Sprintf("tclass=%#x hoplim=%d src=%v dst=%v ifindex=%d nexthop=%v mtu=%d", cm.TrafficClass, cm.HopLimit, cm.Src, cm.Dst, cm.IfIndex, cm.NextHop, cm.MTU)
+}
+
+// Marshal returns the binary encoding of cm.
+func (cm *ControlMessage) Marshal() []byte {
+	if cm == nil {
+		return nil
+	}
+	var l int
+	tclass := false
+	if ctlOpts[ctlTrafficClass].name > 0 && cm.TrafficClass > 0 {
+		tclass = true
+		l += socket.ControlMessageSpace(ctlOpts[ctlTrafficClass].length)
+	}
+	hoplimit := false
+	if ctlOpts[ctlHopLimit].name > 0 && cm.HopLimit > 0 {
+		hoplimit = true
+		l += socket.ControlMessageSpace(ctlOpts[ctlHopLimit].length)
+	}
+	pktinfo := false
+	if ctlOpts[ctlPacketInfo].name > 0 && (cm.Src.To16() != nil && cm.Src.To4() == nil || cm.IfIndex > 0) {
+		pktinfo = true
+		l += socket.ControlMessageSpace(ctlOpts[ctlPacketInfo].length)
+	}
+	nexthop := false
+	if ctlOpts[ctlNextHop].name > 0 && cm.NextHop.To16() != nil && cm.NextHop.To4() == nil {
+		nexthop = true
+		l += socket.ControlMessageSpace(ctlOpts[ctlNextHop].length)
+	}
+	var b []byte
+	if l > 0 {
+		b = make([]byte, l)
+		bb := b
+		if tclass {
+			bb = ctlOpts[ctlTrafficClass].marshal(bb, cm)
+		}
+		if hoplimit {
+			bb = ctlOpts[ctlHopLimit].marshal(bb, cm)
+		}
+		if pktinfo {
+			bb = ctlOpts[ctlPacketInfo].marshal(bb, cm)
+		}
+		if nexthop {
+			bb = ctlOpts[ctlNextHop].marshal(bb, cm)
+		}
+	}
+	return b
+}
+
+// Parse parses b as a control message and stores the result in cm.
+func (cm *ControlMessage) Parse(b []byte) error {
+	ms, err := socket.ControlMessage(b).Parse()
+	if err != nil {
+		return err
+	}
+	for _, m := range ms {
+		lvl, typ, l, err := m.ParseHeader()
+		if err != nil {
+			return err
+		}
+		if lvl != iana.ProtocolIPv6 {
+			continue
+		}
+		switch {
+		case typ == ctlOpts[ctlTrafficClass].name && l >= ctlOpts[ctlTrafficClass].length:
+			ctlOpts[ctlTrafficClass].parse(cm, m.Data(l))
+		case typ == ctlOpts[ctlHopLimit].name && l >= ctlOpts[ctlHopLimit].length:
+			ctlOpts[ctlHopLimit].parse(cm, m.Data(l))
+		case typ == ctlOpts[ctlPacketInfo].name && l >= ctlOpts[ctlPacketInfo].length:
+			ctlOpts[ctlPacketInfo].parse(cm, m.Data(l))
+		case typ == ctlOpts[ctlPathMTU].name && l >= ctlOpts[ctlPathMTU].length:
+			ctlOpts[ctlPathMTU].parse(cm, m.Data(l))
+		}
+	}
+	return nil
+}
+
+// NewControlMessage returns a new control message.
+//
+// The returned message is large enough for options specified by cf.
+func NewControlMessage(cf ControlFlags) []byte {
+	opt := rawOpt{cflags: cf}
+	var l int
+	if opt.isset(FlagTrafficClass) && ctlOpts[ctlTrafficClass].name > 0 {
+		l += socket.ControlMessageSpace(ctlOpts[ctlTrafficClass].length)
+	}
+	if opt.isset(FlagHopLimit) && ctlOpts[ctlHopLimit].name > 0 {
+		l += socket.ControlMessageSpace(ctlOpts[ctlHopLimit].length)
+	}
+	if opt.isset(flagPacketInfo) && ctlOpts[ctlPacketInfo].name > 0 {
+		l += socket.ControlMessageSpace(ctlOpts[ctlPacketInfo].length)
+	}
+	if opt.isset(FlagPathMTU) && ctlOpts[ctlPathMTU].name > 0 {
+		l += socket.ControlMessageSpace(ctlOpts[ctlPathMTU].length)
+	}
+	var b []byte
+	if l > 0 {
+		b = make([]byte, l)
+	}
+	return b
+}
+
+// Ancillary data socket options
+const (
+	ctlTrafficClass = iota // header field
+	ctlHopLimit            // header field
+	ctlPacketInfo          // inbound or outbound packet path
+	ctlNextHop             // nexthop
+	ctlPathMTU             // path mtu
+	ctlMax
+)
+
+// A ctlOpt represents a binding for ancillary data socket option.
+type ctlOpt struct {
+	name    int // option name, must be equal or greater than 1
+	length  int // option length
+	marshal func([]byte, *ControlMessage) []byte
+	parse   func(*ControlMessage, []byte)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go b/server/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go
new file mode 100644
index 0000000..a8f04e7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go
@@ -0,0 +1,50 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin
+
+package ipv6
+
+import (
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+func marshal2292HopLimit(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_2292HOPLIMIT, 4)
+	if cm != nil {
+		socket.NativeEndian.PutUint32(m.Data(4), uint32(cm.HopLimit))
+	}
+	return m.Next(4)
+}
+
+func marshal2292PacketInfo(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_2292PKTINFO, sizeofInet6Pktinfo)
+	if cm != nil {
+		pi := (*inet6Pktinfo)(unsafe.Pointer(&m.Data(sizeofInet6Pktinfo)[0]))
+		if ip := cm.Src.To16(); ip != nil && ip.To4() == nil {
+			copy(pi.Addr[:], ip)
+		}
+		if cm.IfIndex > 0 {
+			pi.setIfindex(cm.IfIndex)
+		}
+	}
+	return m.Next(sizeofInet6Pktinfo)
+}
+
+func marshal2292NextHop(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_2292NEXTHOP, sizeofSockaddrInet6)
+	if cm != nil {
+		sa := (*sockaddrInet6)(unsafe.Pointer(&m.Data(sizeofSockaddrInet6)[0]))
+		sa.setSockaddr(cm.NextHop, cm.IfIndex)
+	}
+	return m.Next(sizeofSockaddrInet6)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go b/server/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go
new file mode 100644
index 0000000..51fbbb1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go
@@ -0,0 +1,96 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+
+package ipv6
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+func marshalTrafficClass(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_TCLASS, 4)
+	if cm != nil {
+		socket.NativeEndian.PutUint32(m.Data(4), uint32(cm.TrafficClass))
+	}
+	return m.Next(4)
+}
+
+func parseTrafficClass(cm *ControlMessage, b []byte) {
+	cm.TrafficClass = int(socket.NativeEndian.Uint32(b[:4]))
+}
+
+func marshalHopLimit(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_HOPLIMIT, 4)
+	if cm != nil {
+		socket.NativeEndian.PutUint32(m.Data(4), uint32(cm.HopLimit))
+	}
+	return m.Next(4)
+}
+
+func parseHopLimit(cm *ControlMessage, b []byte) {
+	cm.HopLimit = int(socket.NativeEndian.Uint32(b[:4]))
+}
+
+func marshalPacketInfo(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_PKTINFO, sizeofInet6Pktinfo)
+	if cm != nil {
+		pi := (*inet6Pktinfo)(unsafe.Pointer(&m.Data(sizeofInet6Pktinfo)[0]))
+		if ip := cm.Src.To16(); ip != nil && ip.To4() == nil {
+			copy(pi.Addr[:], ip)
+		}
+		if cm.IfIndex > 0 {
+			pi.setIfindex(cm.IfIndex)
+		}
+	}
+	return m.Next(sizeofInet6Pktinfo)
+}
+
+func parsePacketInfo(cm *ControlMessage, b []byte) {
+	pi := (*inet6Pktinfo)(unsafe.Pointer(&b[0]))
+	if len(cm.Dst) < net.IPv6len {
+		cm.Dst = make(net.IP, net.IPv6len)
+	}
+	copy(cm.Dst, pi.Addr[:])
+	cm.IfIndex = int(pi.Ifindex)
+}
+
+func marshalNextHop(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_NEXTHOP, sizeofSockaddrInet6)
+	if cm != nil {
+		sa := (*sockaddrInet6)(unsafe.Pointer(&m.Data(sizeofSockaddrInet6)[0]))
+		sa.setSockaddr(cm.NextHop, cm.IfIndex)
+	}
+	return m.Next(sizeofSockaddrInet6)
+}
+
+func parseNextHop(cm *ControlMessage, b []byte) {
+}
+
+func marshalPathMTU(b []byte, cm *ControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo)
+	return m.Next(sizeofIPv6Mtuinfo)
+}
+
+func parsePathMTU(cm *ControlMessage, b []byte) {
+	mi := (*ipv6Mtuinfo)(unsafe.Pointer(&b[0]))
+	if len(cm.Dst) < net.IPv6len {
+		cm.Dst = make(net.IP, net.IPv6len)
+	}
+	copy(cm.Dst, mi.Addr.Addr[:])
+	cm.IfIndex = int(mi.Addr.Scope_id)
+	cm.MTU = int(mi.Mtu)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/control_stub.go b/server/vendor/golang.org/x/net/ipv6/control_stub.go
new file mode 100644
index 0000000..eb28ce7
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/control_stub.go
@@ -0,0 +1,13 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package ipv6
+
+import "golang.org/x/net/internal/socket"
+
+func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/control_unix.go b/server/vendor/golang.org/x/net/ipv6/control_unix.go
new file mode 100644
index 0000000..9c73b86
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/control_unix.go
@@ -0,0 +1,55 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+
+package ipv6
+
+import "golang.org/x/net/internal/socket"
+
+func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error {
+	opt.Lock()
+	defer opt.Unlock()
+	if so, ok := sockOpts[ssoReceiveTrafficClass]; ok && cf&FlagTrafficClass != 0 {
+		if err := so.SetInt(c, boolint(on)); err != nil {
+			return err
+		}
+		if on {
+			opt.set(FlagTrafficClass)
+		} else {
+			opt.clear(FlagTrafficClass)
+		}
+	}
+	if so, ok := sockOpts[ssoReceiveHopLimit]; ok && cf&FlagHopLimit != 0 {
+		if err := so.SetInt(c, boolint(on)); err != nil {
+			return err
+		}
+		if on {
+			opt.set(FlagHopLimit)
+		} else {
+			opt.clear(FlagHopLimit)
+		}
+	}
+	if so, ok := sockOpts[ssoReceivePacketInfo]; ok && cf&flagPacketInfo != 0 {
+		if err := so.SetInt(c, boolint(on)); err != nil {
+			return err
+		}
+		if on {
+			opt.set(cf & flagPacketInfo)
+		} else {
+			opt.clear(cf & flagPacketInfo)
+		}
+	}
+	if so, ok := sockOpts[ssoReceivePathMTU]; ok && cf&FlagPathMTU != 0 {
+		if err := so.SetInt(c, boolint(on)); err != nil {
+			return err
+		}
+		if on {
+			opt.set(FlagPathMTU)
+		} else {
+			opt.clear(FlagPathMTU)
+		}
+	}
+	return nil
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/control_windows.go b/server/vendor/golang.org/x/net/ipv6/control_windows.go
new file mode 100644
index 0000000..8882d81
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/control_windows.go
@@ -0,0 +1,12 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import "golang.org/x/net/internal/socket"
+
+func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error {
+	// TODO(mikio): implement this
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/dgramopt.go b/server/vendor/golang.org/x/net/ipv6/dgramopt.go
new file mode 100644
index 0000000..846f0e1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/dgramopt.go
@@ -0,0 +1,301 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+
+	"golang.org/x/net/bpf"
+)
+
+// MulticastHopLimit returns the hop limit field value for outgoing
+// multicast packets.
+func (c *dgramOpt) MulticastHopLimit() (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastHopLimit]
+	if !ok {
+		return 0, errNotImplemented
+	}
+	return so.GetInt(c.Conn)
+}
+
+// SetMulticastHopLimit sets the hop limit field value for future
+// outgoing multicast packets.
+func (c *dgramOpt) SetMulticastHopLimit(hoplim int) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastHopLimit]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.SetInt(c.Conn, hoplim)
+}
+
+// MulticastInterface returns the default interface for multicast
+// packet transmissions.
+func (c *dgramOpt) MulticastInterface() (*net.Interface, error) {
+	if !c.ok() {
+		return nil, errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastInterface]
+	if !ok {
+		return nil, errNotImplemented
+	}
+	return so.getMulticastInterface(c.Conn)
+}
+
+// SetMulticastInterface sets the default interface for future
+// multicast packet transmissions.
+func (c *dgramOpt) SetMulticastInterface(ifi *net.Interface) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastInterface]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.setMulticastInterface(c.Conn, ifi)
+}
+
+// MulticastLoopback reports whether transmitted multicast packets
+// should be copied and send back to the originator.
+func (c *dgramOpt) MulticastLoopback() (bool, error) {
+	if !c.ok() {
+		return false, errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastLoopback]
+	if !ok {
+		return false, errNotImplemented
+	}
+	on, err := so.GetInt(c.Conn)
+	if err != nil {
+		return false, err
+	}
+	return on == 1, nil
+}
+
+// SetMulticastLoopback sets whether transmitted multicast packets
+// should be copied and send back to the originator.
+func (c *dgramOpt) SetMulticastLoopback(on bool) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoMulticastLoopback]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.SetInt(c.Conn, boolint(on))
+}
+
+// JoinGroup joins the group address group on the interface ifi.
+// By default all sources that can cast data to group are accepted.
+// It's possible to mute and unmute data transmission from a specific
+// source by using ExcludeSourceSpecificGroup and
+// IncludeSourceSpecificGroup.
+// JoinGroup uses the system assigned multicast interface when ifi is
+// nil, although this is not recommended because the assignment
+// depends on platforms and sometimes it might require routing
+// configuration.
+func (c *dgramOpt) JoinGroup(ifi *net.Interface, group net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoJoinGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP16(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	return so.setGroup(c.Conn, ifi, grp)
+}
+
+// LeaveGroup leaves the group address group on the interface ifi
+// regardless of whether the group is any-source group or
+// source-specific group.
+func (c *dgramOpt) LeaveGroup(ifi *net.Interface, group net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoLeaveGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP16(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	return so.setGroup(c.Conn, ifi, grp)
+}
+
+// JoinSourceSpecificGroup joins the source-specific group comprising
+// group and source on the interface ifi.
+// JoinSourceSpecificGroup uses the system assigned multicast
+// interface when ifi is nil, although this is not recommended because
+// the assignment depends on platforms and sometimes it might require
+// routing configuration.
+func (c *dgramOpt) JoinSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoJoinSourceGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP16(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	src := netAddrToIP16(source)
+	if src == nil {
+		return errMissingAddress
+	}
+	return so.setSourceGroup(c.Conn, ifi, grp, src)
+}
+
+// LeaveSourceSpecificGroup leaves the source-specific group on the
+// interface ifi.
+func (c *dgramOpt) LeaveSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoLeaveSourceGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP16(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	src := netAddrToIP16(source)
+	if src == nil {
+		return errMissingAddress
+	}
+	return so.setSourceGroup(c.Conn, ifi, grp, src)
+}
+
+// ExcludeSourceSpecificGroup excludes the source-specific group from
+// the already joined any-source groups by JoinGroup on the interface
+// ifi.
+func (c *dgramOpt) ExcludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoBlockSourceGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP16(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	src := netAddrToIP16(source)
+	if src == nil {
+		return errMissingAddress
+	}
+	return so.setSourceGroup(c.Conn, ifi, grp, src)
+}
+
+// IncludeSourceSpecificGroup includes the excluded source-specific
+// group by ExcludeSourceSpecificGroup again on the interface ifi.
+func (c *dgramOpt) IncludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoUnblockSourceGroup]
+	if !ok {
+		return errNotImplemented
+	}
+	grp := netAddrToIP16(group)
+	if grp == nil {
+		return errMissingAddress
+	}
+	src := netAddrToIP16(source)
+	if src == nil {
+		return errMissingAddress
+	}
+	return so.setSourceGroup(c.Conn, ifi, grp, src)
+}
+
+// Checksum reports whether the kernel will compute, store or verify a
+// checksum for both incoming and outgoing packets. If on is true, it
+// returns an offset in bytes into the data of where the checksum
+// field is located.
+func (c *dgramOpt) Checksum() (on bool, offset int, err error) {
+	if !c.ok() {
+		return false, 0, errInvalidConn
+	}
+	so, ok := sockOpts[ssoChecksum]
+	if !ok {
+		return false, 0, errNotImplemented
+	}
+	offset, err = so.GetInt(c.Conn)
+	if err != nil {
+		return false, 0, err
+	}
+	if offset < 0 {
+		return false, 0, nil
+	}
+	return true, offset, nil
+}
+
+// SetChecksum enables the kernel checksum processing. If on is true,
+// the offset should be an offset in bytes into the data of where the
+// checksum field is located.
+func (c *dgramOpt) SetChecksum(on bool, offset int) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoChecksum]
+	if !ok {
+		return errNotImplemented
+	}
+	if !on {
+		offset = -1
+	}
+	return so.SetInt(c.Conn, offset)
+}
+
+// ICMPFilter returns an ICMP filter.
+func (c *dgramOpt) ICMPFilter() (*ICMPFilter, error) {
+	if !c.ok() {
+		return nil, errInvalidConn
+	}
+	so, ok := sockOpts[ssoICMPFilter]
+	if !ok {
+		return nil, errNotImplemented
+	}
+	return so.getICMPFilter(c.Conn)
+}
+
+// SetICMPFilter deploys the ICMP filter.
+func (c *dgramOpt) SetICMPFilter(f *ICMPFilter) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoICMPFilter]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.setICMPFilter(c.Conn, f)
+}
+
+// SetBPF attaches a BPF program to the connection.
+//
+// Only supported on Linux.
+func (c *dgramOpt) SetBPF(filter []bpf.RawInstruction) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoAttachFilter]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.setBPF(c.Conn, filter)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/doc.go b/server/vendor/golang.org/x/net/ipv6/doc.go
new file mode 100644
index 0000000..2148b81
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/doc.go
@@ -0,0 +1,239 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package ipv6 implements IP-level socket options for the Internet
+// Protocol version 6.
+//
+// The package provides IP-level socket options that allow
+// manipulation of IPv6 facilities.
+//
+// The IPv6 protocol is defined in RFC 8200.
+// Socket interface extensions are defined in RFC 3493, RFC 3542 and
+// RFC 3678.
+// MLDv1 and MLDv2 are defined in RFC 2710 and RFC 3810.
+// Source-specific multicast is defined in RFC 4607.
+//
+// On Darwin, this package requires OS X Mavericks version 10.9 or
+// above, or equivalent.
+//
+// # Unicasting
+//
+// The options for unicasting are available for net.TCPConn,
+// net.UDPConn and net.IPConn which are created as network connections
+// that use the IPv6 transport. When a single TCP connection carrying
+// a data flow of multiple packets needs to indicate the flow is
+// important, Conn is used to set the traffic class field on the IPv6
+// header for each packet.
+//
+//	ln, err := net.Listen("tcp6", "[::]:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer ln.Close()
+//	for {
+//		c, err := ln.Accept()
+//		if err != nil {
+//			// error handling
+//		}
+//		go func(c net.Conn) {
+//			defer c.Close()
+//
+// The outgoing packets will be labeled DiffServ assured forwarding
+// class 1 low drop precedence, known as AF11 packets.
+//
+//			if err := ipv6.NewConn(c).SetTrafficClass(0x28); err != nil {
+//				// error handling
+//			}
+//			if _, err := c.Write(data); err != nil {
+//				// error handling
+//			}
+//		}(c)
+//	}
+//
+// # Multicasting
+//
+// The options for multicasting are available for net.UDPConn and
+// net.IPConn which are created as network connections that use the
+// IPv6 transport. A few network facilities must be prepared before
+// you begin multicasting, at a minimum joining network interfaces and
+// multicast groups.
+//
+//	en0, err := net.InterfaceByName("en0")
+//	if err != nil {
+//		// error handling
+//	}
+//	en1, err := net.InterfaceByIndex(911)
+//	if err != nil {
+//		// error handling
+//	}
+//	group := net.ParseIP("ff02::114")
+//
+// First, an application listens to an appropriate address with an
+// appropriate service port.
+//
+//	c, err := net.ListenPacket("udp6", "[::]:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer c.Close()
+//
+// Second, the application joins multicast groups, starts listening to
+// the groups on the specified network interfaces. Note that the
+// service port for transport layer protocol does not matter with this
+// operation as joining groups affects only network and link layer
+// protocols, such as IPv6 and Ethernet.
+//
+//	p := ipv6.NewPacketConn(c)
+//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: group}); err != nil {
+//		// error handling
+//	}
+//	if err := p.JoinGroup(en1, &net.UDPAddr{IP: group}); err != nil {
+//		// error handling
+//	}
+//
+// The application might set per packet control message transmissions
+// between the protocol stack within the kernel. When the application
+// needs a destination address on an incoming packet,
+// SetControlMessage of PacketConn is used to enable control message
+// transmissions.
+//
+//	if err := p.SetControlMessage(ipv6.FlagDst, true); err != nil {
+//		// error handling
+//	}
+//
+// The application could identify whether the received packets are
+// of interest by using the control message that contains the
+// destination address of the received packet.
+//
+//	b := make([]byte, 1500)
+//	for {
+//		n, rcm, src, err := p.ReadFrom(b)
+//		if err != nil {
+//			// error handling
+//		}
+//		if rcm.Dst.IsMulticast() {
+//			if rcm.Dst.Equal(group) {
+//				// joined group, do something
+//			} else {
+//				// unknown group, discard
+//				continue
+//			}
+//		}
+//
+// The application can also send both unicast and multicast packets.
+//
+//		p.SetTrafficClass(0x0)
+//		p.SetHopLimit(16)
+//		if _, err := p.WriteTo(data[:n], nil, src); err != nil {
+//			// error handling
+//		}
+//		dst := &net.UDPAddr{IP: group, Port: 1024}
+//		wcm := ipv6.ControlMessage{TrafficClass: 0xe0, HopLimit: 1}
+//		for _, ifi := range []*net.Interface{en0, en1} {
+//			wcm.IfIndex = ifi.Index
+//			if _, err := p.WriteTo(data[:n], &wcm, dst); err != nil {
+//				// error handling
+//			}
+//		}
+//	}
+//
+// # More multicasting
+//
+// An application that uses PacketConn may join multiple multicast
+// groups. For example, a UDP listener with port 1024 might join two
+// different groups across over two different network interfaces by
+// using:
+//
+//	c, err := net.ListenPacket("udp6", "[::]:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer c.Close()
+//	p := ipv6.NewPacketConn(c)
+//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::1:114")}); err != nil {
+//		// error handling
+//	}
+//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::2:114")}); err != nil {
+//		// error handling
+//	}
+//	if err := p.JoinGroup(en1, &net.UDPAddr{IP: net.ParseIP("ff02::2:114")}); err != nil {
+//		// error handling
+//	}
+//
+// It is possible for multiple UDP listeners that listen on the same
+// UDP port to join the same multicast group. The net package will
+// provide a socket that listens to a wildcard address with reusable
+// UDP port when an appropriate multicast address prefix is passed to
+// the net.ListenPacket or net.ListenUDP.
+//
+//	c1, err := net.ListenPacket("udp6", "[ff02::]:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer c1.Close()
+//	c2, err := net.ListenPacket("udp6", "[ff02::]:1024")
+//	if err != nil {
+//		// error handling
+//	}
+//	defer c2.Close()
+//	p1 := ipv6.NewPacketConn(c1)
+//	if err := p1.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::114")}); err != nil {
+//		// error handling
+//	}
+//	p2 := ipv6.NewPacketConn(c2)
+//	if err := p2.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::114")}); err != nil {
+//		// error handling
+//	}
+//
+// Also it is possible for the application to leave or rejoin a
+// multicast group on the network interface.
+//
+//	if err := p.LeaveGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::114")}); err != nil {
+//		// error handling
+//	}
+//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff01::114")}); err != nil {
+//		// error handling
+//	}
+//
+// # Source-specific multicasting
+//
+// An application that uses PacketConn on MLDv2 supported platform is
+// able to join source-specific multicast groups.
+// The application may use JoinSourceSpecificGroup and
+// LeaveSourceSpecificGroup for the operation known as "include" mode,
+//
+//	ssmgroup := net.UDPAddr{IP: net.ParseIP("ff32::8000:9")}
+//	ssmsource := net.UDPAddr{IP: net.ParseIP("fe80::cafe")}
+//	if err := p.JoinSourceSpecificGroup(en0, &ssmgroup, &ssmsource); err != nil {
+//		// error handling
+//	}
+//	if err := p.LeaveSourceSpecificGroup(en0, &ssmgroup, &ssmsource); err != nil {
+//		// error handling
+//	}
+//
+// or JoinGroup, ExcludeSourceSpecificGroup,
+// IncludeSourceSpecificGroup and LeaveGroup for the operation known
+// as "exclude" mode.
+//
+//	exclsource := net.UDPAddr{IP: net.ParseIP("fe80::dead")}
+//	if err := p.JoinGroup(en0, &ssmgroup); err != nil {
+//		// error handling
+//	}
+//	if err := p.ExcludeSourceSpecificGroup(en0, &ssmgroup, &exclsource); err != nil {
+//		// error handling
+//	}
+//	if err := p.LeaveGroup(en0, &ssmgroup); err != nil {
+//		// error handling
+//	}
+//
+// Note that it depends on each platform implementation what happens
+// when an application which runs on MLDv2 unsupported platform uses
+// JoinSourceSpecificGroup and LeaveSourceSpecificGroup.
+// In general the platform tries to fall back to conversations using
+// MLDv1 and starts to listen to multicast traffic.
+// In the fallback case, ExcludeSourceSpecificGroup and
+// IncludeSourceSpecificGroup may return an error.
+package ipv6 // import "golang.org/x/net/ipv6"
+
+// BUG(mikio): This package is not implemented on JS, NaCl and Plan 9.
diff --git a/server/vendor/golang.org/x/net/ipv6/endpoint.go b/server/vendor/golang.org/x/net/ipv6/endpoint.go
new file mode 100644
index 0000000..f534a0b
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/endpoint.go
@@ -0,0 +1,127 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+	"time"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// BUG(mikio): On Windows, the JoinSourceSpecificGroup,
+// LeaveSourceSpecificGroup, ExcludeSourceSpecificGroup and
+// IncludeSourceSpecificGroup methods of PacketConn are not
+// implemented.
+
+// A Conn represents a network endpoint that uses IPv6 transport.
+// It allows to set basic IP-level socket options such as traffic
+// class and hop limit.
+type Conn struct {
+	genericOpt
+}
+
+type genericOpt struct {
+	*socket.Conn
+}
+
+func (c *genericOpt) ok() bool { return c != nil && c.Conn != nil }
+
+// PathMTU returns a path MTU value for the destination associated
+// with the endpoint.
+func (c *Conn) PathMTU() (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	so, ok := sockOpts[ssoPathMTU]
+	if !ok {
+		return 0, errNotImplemented
+	}
+	_, mtu, err := so.getMTUInfo(c.Conn)
+	if err != nil {
+		return 0, err
+	}
+	return mtu, nil
+}
+
+// NewConn returns a new Conn.
+func NewConn(c net.Conn) *Conn {
+	cc, _ := socket.NewConn(c)
+	return &Conn{
+		genericOpt: genericOpt{Conn: cc},
+	}
+}
+
+// A PacketConn represents a packet network endpoint that uses IPv6
+// transport. It is used to control several IP-level socket options
+// including IPv6 header manipulation. It also provides datagram
+// based network I/O methods specific to the IPv6 and higher layer
+// protocols such as OSPF, GRE, and UDP.
+type PacketConn struct {
+	genericOpt
+	dgramOpt
+	payloadHandler
+}
+
+type dgramOpt struct {
+	*socket.Conn
+}
+
+func (c *dgramOpt) ok() bool { return c != nil && c.Conn != nil }
+
+// SetControlMessage allows to receive the per packet basis IP-level
+// socket options.
+func (c *PacketConn) SetControlMessage(cf ControlFlags, on bool) error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return setControlMessage(c.dgramOpt.Conn, &c.payloadHandler.rawOpt, cf, on)
+}
+
+// SetDeadline sets the read and write deadlines associated with the
+// endpoint.
+func (c *PacketConn) SetDeadline(t time.Time) error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return c.payloadHandler.SetDeadline(t)
+}
+
+// SetReadDeadline sets the read deadline associated with the
+// endpoint.
+func (c *PacketConn) SetReadDeadline(t time.Time) error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return c.payloadHandler.SetReadDeadline(t)
+}
+
+// SetWriteDeadline sets the write deadline associated with the
+// endpoint.
+func (c *PacketConn) SetWriteDeadline(t time.Time) error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return c.payloadHandler.SetWriteDeadline(t)
+}
+
+// Close closes the endpoint.
+func (c *PacketConn) Close() error {
+	if !c.payloadHandler.ok() {
+		return errInvalidConn
+	}
+	return c.payloadHandler.Close()
+}
+
+// NewPacketConn returns a new PacketConn using c as its underlying
+// transport.
+func NewPacketConn(c net.PacketConn) *PacketConn {
+	cc, _ := socket.NewConn(c.(net.Conn))
+	return &PacketConn{
+		genericOpt:     genericOpt{Conn: cc},
+		dgramOpt:       dgramOpt{Conn: cc},
+		payloadHandler: payloadHandler{PacketConn: c, Conn: cc},
+	}
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/genericopt.go b/server/vendor/golang.org/x/net/ipv6/genericopt.go
new file mode 100644
index 0000000..0326aed
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/genericopt.go
@@ -0,0 +1,56 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+// TrafficClass returns the traffic class field value for outgoing
+// packets.
+func (c *genericOpt) TrafficClass() (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	so, ok := sockOpts[ssoTrafficClass]
+	if !ok {
+		return 0, errNotImplemented
+	}
+	return so.GetInt(c.Conn)
+}
+
+// SetTrafficClass sets the traffic class field value for future
+// outgoing packets.
+func (c *genericOpt) SetTrafficClass(tclass int) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoTrafficClass]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.SetInt(c.Conn, tclass)
+}
+
+// HopLimit returns the hop limit field value for outgoing packets.
+func (c *genericOpt) HopLimit() (int, error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	so, ok := sockOpts[ssoHopLimit]
+	if !ok {
+		return 0, errNotImplemented
+	}
+	return so.GetInt(c.Conn)
+}
+
+// SetHopLimit sets the hop limit field value for future outgoing
+// packets.
+func (c *genericOpt) SetHopLimit(hoplim int) error {
+	if !c.ok() {
+		return errInvalidConn
+	}
+	so, ok := sockOpts[ssoHopLimit]
+	if !ok {
+		return errNotImplemented
+	}
+	return so.SetInt(c.Conn, hoplim)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/header.go b/server/vendor/golang.org/x/net/ipv6/header.go
new file mode 100644
index 0000000..e05cb08
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/header.go
@@ -0,0 +1,55 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"encoding/binary"
+	"fmt"
+	"net"
+)
+
+const (
+	Version   = 6  // protocol version
+	HeaderLen = 40 // header length
+)
+
+// A Header represents an IPv6 base header.
+type Header struct {
+	Version      int    // protocol version
+	TrafficClass int    // traffic class
+	FlowLabel    int    // flow label
+	PayloadLen   int    // payload length
+	NextHeader   int    // next header
+	HopLimit     int    // hop limit
+	Src          net.IP // source address
+	Dst          net.IP // destination address
+}
+
+func (h *Header) String() string {
+	if h == nil {
+		return "<nil>"
+	}
+	return fmt.Sprintf("ver=%d tclass=%#x flowlbl=%#x payloadlen=%d nxthdr=%d hoplim=%d src=%v dst=%v", h.Version, h.TrafficClass, h.FlowLabel, h.PayloadLen, h.NextHeader, h.HopLimit, h.Src, h.Dst)
+}
+
+// ParseHeader parses b as an IPv6 base header.
+func ParseHeader(b []byte) (*Header, error) {
+	if len(b) < HeaderLen {
+		return nil, errHeaderTooShort
+	}
+	h := &Header{
+		Version:      int(b[0]) >> 4,
+		TrafficClass: int(b[0]&0x0f)<<4 | int(b[1])>>4,
+		FlowLabel:    int(b[1]&0x0f)<<16 | int(b[2])<<8 | int(b[3]),
+		PayloadLen:   int(binary.BigEndian.Uint16(b[4:6])),
+		NextHeader:   int(b[6]),
+		HopLimit:     int(b[7]),
+	}
+	h.Src = make(net.IP, net.IPv6len)
+	copy(h.Src, b[8:24])
+	h.Dst = make(net.IP, net.IPv6len)
+	copy(h.Dst, b[24:40])
+	return h, nil
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/helper.go b/server/vendor/golang.org/x/net/ipv6/helper.go
new file mode 100644
index 0000000..c2d508f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/helper.go
@@ -0,0 +1,58 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"errors"
+	"net"
+	"runtime"
+)
+
+var (
+	errInvalidConn     = errors.New("invalid connection")
+	errMissingAddress  = errors.New("missing address")
+	errHeaderTooShort  = errors.New("header too short")
+	errInvalidConnType = errors.New("invalid conn type")
+	errNotImplemented  = errors.New("not implemented on " + runtime.GOOS + "/" + runtime.GOARCH)
+)
+
+func boolint(b bool) int {
+	if b {
+		return 1
+	}
+	return 0
+}
+
+func netAddrToIP16(a net.Addr) net.IP {
+	switch v := a.(type) {
+	case *net.UDPAddr:
+		if ip := v.IP.To16(); ip != nil && ip.To4() == nil {
+			return ip
+		}
+	case *net.IPAddr:
+		if ip := v.IP.To16(); ip != nil && ip.To4() == nil {
+			return ip
+		}
+	}
+	return nil
+}
+
+func opAddr(a net.Addr) net.Addr {
+	switch a.(type) {
+	case *net.TCPAddr:
+		if a == nil {
+			return nil
+		}
+	case *net.UDPAddr:
+		if a == nil {
+			return nil
+		}
+	case *net.IPAddr:
+		if a == nil {
+			return nil
+		}
+	}
+	return a
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/iana.go b/server/vendor/golang.org/x/net/ipv6/iana.go
new file mode 100644
index 0000000..32db1aa
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/iana.go
@@ -0,0 +1,86 @@
+// go generate gen.go
+// Code generated by the command above; DO NOT EDIT.
+
+package ipv6
+
+// Internet Control Message Protocol version 6 (ICMPv6) Parameters, Updated: 2018-03-09
+const (
+	ICMPTypeDestinationUnreachable                ICMPType = 1   // Destination Unreachable
+	ICMPTypePacketTooBig                          ICMPType = 2   // Packet Too Big
+	ICMPTypeTimeExceeded                          ICMPType = 3   // Time Exceeded
+	ICMPTypeParameterProblem                      ICMPType = 4   // Parameter Problem
+	ICMPTypeEchoRequest                           ICMPType = 128 // Echo Request
+	ICMPTypeEchoReply                             ICMPType = 129 // Echo Reply
+	ICMPTypeMulticastListenerQuery                ICMPType = 130 // Multicast Listener Query
+	ICMPTypeMulticastListenerReport               ICMPType = 131 // Multicast Listener Report
+	ICMPTypeMulticastListenerDone                 ICMPType = 132 // Multicast Listener Done
+	ICMPTypeRouterSolicitation                    ICMPType = 133 // Router Solicitation
+	ICMPTypeRouterAdvertisement                   ICMPType = 134 // Router Advertisement
+	ICMPTypeNeighborSolicitation                  ICMPType = 135 // Neighbor Solicitation
+	ICMPTypeNeighborAdvertisement                 ICMPType = 136 // Neighbor Advertisement
+	ICMPTypeRedirect                              ICMPType = 137 // Redirect Message
+	ICMPTypeRouterRenumbering                     ICMPType = 138 // Router Renumbering
+	ICMPTypeNodeInformationQuery                  ICMPType = 139 // ICMP Node Information Query
+	ICMPTypeNodeInformationResponse               ICMPType = 140 // ICMP Node Information Response
+	ICMPTypeInverseNeighborDiscoverySolicitation  ICMPType = 141 // Inverse Neighbor Discovery Solicitation Message
+	ICMPTypeInverseNeighborDiscoveryAdvertisement ICMPType = 142 // Inverse Neighbor Discovery Advertisement Message
+	ICMPTypeVersion2MulticastListenerReport       ICMPType = 143 // Version 2 Multicast Listener Report
+	ICMPTypeHomeAgentAddressDiscoveryRequest      ICMPType = 144 // Home Agent Address Discovery Request Message
+	ICMPTypeHomeAgentAddressDiscoveryReply        ICMPType = 145 // Home Agent Address Discovery Reply Message
+	ICMPTypeMobilePrefixSolicitation              ICMPType = 146 // Mobile Prefix Solicitation
+	ICMPTypeMobilePrefixAdvertisement             ICMPType = 147 // Mobile Prefix Advertisement
+	ICMPTypeCertificationPathSolicitation         ICMPType = 148 // Certification Path Solicitation Message
+	ICMPTypeCertificationPathAdvertisement        ICMPType = 149 // Certification Path Advertisement Message
+	ICMPTypeMulticastRouterAdvertisement          ICMPType = 151 // Multicast Router Advertisement
+	ICMPTypeMulticastRouterSolicitation           ICMPType = 152 // Multicast Router Solicitation
+	ICMPTypeMulticastRouterTermination            ICMPType = 153 // Multicast Router Termination
+	ICMPTypeFMIPv6                                ICMPType = 154 // FMIPv6 Messages
+	ICMPTypeRPLControl                            ICMPType = 155 // RPL Control Message
+	ICMPTypeILNPv6LocatorUpdate                   ICMPType = 156 // ILNPv6 Locator Update Message
+	ICMPTypeDuplicateAddressRequest               ICMPType = 157 // Duplicate Address Request
+	ICMPTypeDuplicateAddressConfirmation          ICMPType = 158 // Duplicate Address Confirmation
+	ICMPTypeMPLControl                            ICMPType = 159 // MPL Control Message
+	ICMPTypeExtendedEchoRequest                   ICMPType = 160 // Extended Echo Request
+	ICMPTypeExtendedEchoReply                     ICMPType = 161 // Extended Echo Reply
+)
+
+// Internet Control Message Protocol version 6 (ICMPv6) Parameters, Updated: 2018-03-09
+var icmpTypes = map[ICMPType]string{
+	1:   "destination unreachable",
+	2:   "packet too big",
+	3:   "time exceeded",
+	4:   "parameter problem",
+	128: "echo request",
+	129: "echo reply",
+	130: "multicast listener query",
+	131: "multicast listener report",
+	132: "multicast listener done",
+	133: "router solicitation",
+	134: "router advertisement",
+	135: "neighbor solicitation",
+	136: "neighbor advertisement",
+	137: "redirect message",
+	138: "router renumbering",
+	139: "icmp node information query",
+	140: "icmp node information response",
+	141: "inverse neighbor discovery solicitation message",
+	142: "inverse neighbor discovery advertisement message",
+	143: "version 2 multicast listener report",
+	144: "home agent address discovery request message",
+	145: "home agent address discovery reply message",
+	146: "mobile prefix solicitation",
+	147: "mobile prefix advertisement",
+	148: "certification path solicitation message",
+	149: "certification path advertisement message",
+	151: "multicast router advertisement",
+	152: "multicast router solicitation",
+	153: "multicast router termination",
+	154: "fmipv6 messages",
+	155: "rpl control message",
+	156: "ilnpv6 locator update message",
+	157: "duplicate address request",
+	158: "duplicate address confirmation",
+	159: "mpl control message",
+	160: "extended echo request",
+	161: "extended echo reply",
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/icmp.go b/server/vendor/golang.org/x/net/ipv6/icmp.go
new file mode 100644
index 0000000..b7f48e2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/icmp.go
@@ -0,0 +1,60 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import "golang.org/x/net/internal/iana"
+
+// BUG(mikio): On Windows, methods related to ICMPFilter are not
+// implemented.
+
+// An ICMPType represents a type of ICMP message.
+type ICMPType int
+
+func (typ ICMPType) String() string {
+	s, ok := icmpTypes[typ]
+	if !ok {
+		return "<nil>"
+	}
+	return s
+}
+
+// Protocol returns the ICMPv6 protocol number.
+func (typ ICMPType) Protocol() int {
+	return iana.ProtocolIPv6ICMP
+}
+
+// An ICMPFilter represents an ICMP message filter for incoming
+// packets. The filter belongs to a packet delivery path on a host and
+// it cannot interact with forwarding packets or tunnel-outer packets.
+//
+// Note: RFC 8200 defines a reasonable role model. A node means a
+// device that implements IP. A router means a node that forwards IP
+// packets not explicitly addressed to itself, and a host means a node
+// that is not a router.
+type ICMPFilter struct {
+	icmpv6Filter
+}
+
+// Accept accepts incoming ICMP packets including the type field value
+// typ.
+func (f *ICMPFilter) Accept(typ ICMPType) {
+	f.accept(typ)
+}
+
+// Block blocks incoming ICMP packets including the type field value
+// typ.
+func (f *ICMPFilter) Block(typ ICMPType) {
+	f.block(typ)
+}
+
+// SetAll sets the filter action to the filter.
+func (f *ICMPFilter) SetAll(block bool) {
+	f.setAll(block)
+}
+
+// WillBlock reports whether the ICMP type will be blocked.
+func (f *ICMPFilter) WillBlock(typ ICMPType) bool {
+	return f.willBlock(typ)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/icmp_bsd.go b/server/vendor/golang.org/x/net/ipv6/icmp_bsd.go
new file mode 100644
index 0000000..2814534
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/icmp_bsd.go
@@ -0,0 +1,29 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd
+
+package ipv6
+
+func (f *icmpv6Filter) accept(typ ICMPType) {
+	f.Filt[typ>>5] |= 1 << (uint32(typ) & 31)
+}
+
+func (f *icmpv6Filter) block(typ ICMPType) {
+	f.Filt[typ>>5] &^= 1 << (uint32(typ) & 31)
+}
+
+func (f *icmpv6Filter) setAll(block bool) {
+	for i := range f.Filt {
+		if block {
+			f.Filt[i] = 0
+		} else {
+			f.Filt[i] = 1<<32 - 1
+		}
+	}
+}
+
+func (f *icmpv6Filter) willBlock(typ ICMPType) bool {
+	return f.Filt[typ>>5]&(1<<(uint32(typ)&31)) == 0
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/icmp_linux.go b/server/vendor/golang.org/x/net/ipv6/icmp_linux.go
new file mode 100644
index 0000000..647f6b4
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/icmp_linux.go
@@ -0,0 +1,27 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+func (f *icmpv6Filter) accept(typ ICMPType) {
+	f.Data[typ>>5] &^= 1 << (uint32(typ) & 31)
+}
+
+func (f *icmpv6Filter) block(typ ICMPType) {
+	f.Data[typ>>5] |= 1 << (uint32(typ) & 31)
+}
+
+func (f *icmpv6Filter) setAll(block bool) {
+	for i := range f.Data {
+		if block {
+			f.Data[i] = 1<<32 - 1
+		} else {
+			f.Data[i] = 0
+		}
+	}
+}
+
+func (f *icmpv6Filter) willBlock(typ ICMPType) bool {
+	return f.Data[typ>>5]&(1<<(uint32(typ)&31)) != 0
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/icmp_solaris.go b/server/vendor/golang.org/x/net/ipv6/icmp_solaris.go
new file mode 100644
index 0000000..7c23bb1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/icmp_solaris.go
@@ -0,0 +1,27 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+func (f *icmpv6Filter) accept(typ ICMPType) {
+	f.X__icmp6_filt[typ>>5] |= 1 << (uint32(typ) & 31)
+}
+
+func (f *icmpv6Filter) block(typ ICMPType) {
+	f.X__icmp6_filt[typ>>5] &^= 1 << (uint32(typ) & 31)
+}
+
+func (f *icmpv6Filter) setAll(block bool) {
+	for i := range f.X__icmp6_filt {
+		if block {
+			f.X__icmp6_filt[i] = 0
+		} else {
+			f.X__icmp6_filt[i] = 1<<32 - 1
+		}
+	}
+}
+
+func (f *icmpv6Filter) willBlock(typ ICMPType) bool {
+	return f.X__icmp6_filt[typ>>5]&(1<<(uint32(typ)&31)) == 0
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/icmp_stub.go b/server/vendor/golang.org/x/net/ipv6/icmp_stub.go
new file mode 100644
index 0000000..c92c9b5
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/icmp_stub.go
@@ -0,0 +1,23 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package ipv6
+
+type icmpv6Filter struct {
+}
+
+func (f *icmpv6Filter) accept(typ ICMPType) {
+}
+
+func (f *icmpv6Filter) block(typ ICMPType) {
+}
+
+func (f *icmpv6Filter) setAll(block bool) {
+}
+
+func (f *icmpv6Filter) willBlock(typ ICMPType) bool {
+	return false
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/icmp_windows.go b/server/vendor/golang.org/x/net/ipv6/icmp_windows.go
new file mode 100644
index 0000000..443cd07
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/icmp_windows.go
@@ -0,0 +1,22 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+func (f *icmpv6Filter) accept(typ ICMPType) {
+	// TODO(mikio): implement this
+}
+
+func (f *icmpv6Filter) block(typ ICMPType) {
+	// TODO(mikio): implement this
+}
+
+func (f *icmpv6Filter) setAll(block bool) {
+	// TODO(mikio): implement this
+}
+
+func (f *icmpv6Filter) willBlock(typ ICMPType) bool {
+	// TODO(mikio): implement this
+	return false
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/icmp_zos.go b/server/vendor/golang.org/x/net/ipv6/icmp_zos.go
new file mode 100644
index 0000000..ddf8f09
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/icmp_zos.go
@@ -0,0 +1,29 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+func (f *icmpv6Filter) accept(typ ICMPType) {
+	f.Filt[typ>>5] |= 1 << (uint32(typ) & 31)
+
+}
+
+func (f *icmpv6Filter) block(typ ICMPType) {
+	f.Filt[typ>>5] &^= 1 << (uint32(typ) & 31)
+
+}
+
+func (f *icmpv6Filter) setAll(block bool) {
+	for i := range f.Filt {
+		if block {
+			f.Filt[i] = 0
+		} else {
+			f.Filt[i] = 1<<32 - 1
+		}
+	}
+}
+
+func (f *icmpv6Filter) willBlock(typ ICMPType) bool {
+	return f.Filt[typ>>5]&(1<<(uint32(typ)&31)) == 0
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/payload.go b/server/vendor/golang.org/x/net/ipv6/payload.go
new file mode 100644
index 0000000..a8197f1
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/payload.go
@@ -0,0 +1,23 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// BUG(mikio): On Windows, the ControlMessage for ReadFrom and WriteTo
+// methods of PacketConn is not implemented.
+
+// A payloadHandler represents the IPv6 datagram payload handler.
+type payloadHandler struct {
+	net.PacketConn
+	*socket.Conn
+	rawOpt
+}
+
+func (c *payloadHandler) ok() bool { return c != nil && c.PacketConn != nil && c.Conn != nil }
diff --git a/server/vendor/golang.org/x/net/ipv6/payload_cmsg.go b/server/vendor/golang.org/x/net/ipv6/payload_cmsg.go
new file mode 100644
index 0000000..be04e4d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/payload_cmsg.go
@@ -0,0 +1,70 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+
+package ipv6
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+// ReadFrom reads a payload of the received IPv6 datagram, from the
+// endpoint c, copying the payload into b. It returns the number of
+// bytes copied into b, the control message cm and the source address
+// src of the received datagram.
+func (c *payloadHandler) ReadFrom(b []byte) (n int, cm *ControlMessage, src net.Addr, err error) {
+	if !c.ok() {
+		return 0, nil, nil, errInvalidConn
+	}
+	c.rawOpt.RLock()
+	m := socket.Message{
+		Buffers: [][]byte{b},
+		OOB:     NewControlMessage(c.rawOpt.cflags),
+	}
+	c.rawOpt.RUnlock()
+	switch c.PacketConn.(type) {
+	case *net.UDPConn:
+		if err := c.RecvMsg(&m, 0); err != nil {
+			return 0, nil, nil, &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+	case *net.IPConn:
+		if err := c.RecvMsg(&m, 0); err != nil {
+			return 0, nil, nil, &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+	default:
+		return 0, nil, nil, &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: errInvalidConnType}
+	}
+	if m.NN > 0 {
+		cm = new(ControlMessage)
+		if err := cm.Parse(m.OOB[:m.NN]); err != nil {
+			return 0, nil, nil, &net.OpError{Op: "read", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Err: err}
+		}
+		cm.Src = netAddrToIP16(m.Addr)
+	}
+	return m.N, cm, m.Addr, nil
+}
+
+// WriteTo writes a payload of the IPv6 datagram, to the destination
+// address dst through the endpoint c, copying the payload from b. It
+// returns the number of bytes written. The control message cm allows
+// the IPv6 header fields and the datagram path to be specified. The
+// cm may be nil if control of the outgoing datagram is not required.
+func (c *payloadHandler) WriteTo(b []byte, cm *ControlMessage, dst net.Addr) (n int, err error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	m := socket.Message{
+		Buffers: [][]byte{b},
+		OOB:     cm.Marshal(),
+		Addr:    dst,
+	}
+	err = c.SendMsg(&m, 0)
+	if err != nil {
+		err = &net.OpError{Op: "write", Net: c.PacketConn.LocalAddr().Network(), Source: c.PacketConn.LocalAddr(), Addr: opAddr(dst), Err: err}
+	}
+	return m.N, err
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/payload_nocmsg.go b/server/vendor/golang.org/x/net/ipv6/payload_nocmsg.go
new file mode 100644
index 0000000..29b9ccf
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/payload_nocmsg.go
@@ -0,0 +1,38 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+
+package ipv6
+
+import "net"
+
+// ReadFrom reads a payload of the received IPv6 datagram, from the
+// endpoint c, copying the payload into b. It returns the number of
+// bytes copied into b, the control message cm and the source address
+// src of the received datagram.
+func (c *payloadHandler) ReadFrom(b []byte) (n int, cm *ControlMessage, src net.Addr, err error) {
+	if !c.ok() {
+		return 0, nil, nil, errInvalidConn
+	}
+	if n, src, err = c.PacketConn.ReadFrom(b); err != nil {
+		return 0, nil, nil, err
+	}
+	return
+}
+
+// WriteTo writes a payload of the IPv6 datagram, to the destination
+// address dst through the endpoint c, copying the payload from b. It
+// returns the number of bytes written. The control message cm allows
+// the IPv6 header fields and the datagram path to be specified. The
+// cm may be nil if control of the outgoing datagram is not required.
+func (c *payloadHandler) WriteTo(b []byte, cm *ControlMessage, dst net.Addr) (n int, err error) {
+	if !c.ok() {
+		return 0, errInvalidConn
+	}
+	if dst == nil {
+		return 0, errMissingAddress
+	}
+	return c.PacketConn.WriteTo(b, dst)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sockopt.go b/server/vendor/golang.org/x/net/ipv6/sockopt.go
new file mode 100644
index 0000000..cc3907d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sockopt.go
@@ -0,0 +1,43 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import "golang.org/x/net/internal/socket"
+
+// Sticky socket options
+const (
+	ssoTrafficClass        = iota // header field for unicast packet, RFC 3542
+	ssoHopLimit                   // header field for unicast packet, RFC 3493
+	ssoMulticastInterface         // outbound interface for multicast packet, RFC 3493
+	ssoMulticastHopLimit          // header field for multicast packet, RFC 3493
+	ssoMulticastLoopback          // loopback for multicast packet, RFC 3493
+	ssoReceiveTrafficClass        // header field on received packet, RFC 3542
+	ssoReceiveHopLimit            // header field on received packet, RFC 2292 or 3542
+	ssoReceivePacketInfo          // incbound or outbound packet path, RFC 2292 or 3542
+	ssoReceivePathMTU             // path mtu, RFC 3542
+	ssoPathMTU                    // path mtu, RFC 3542
+	ssoChecksum                   // packet checksum, RFC 2292 or 3542
+	ssoICMPFilter                 // icmp filter, RFC 2292 or 3542
+	ssoJoinGroup                  // any-source multicast, RFC 3493
+	ssoLeaveGroup                 // any-source multicast, RFC 3493
+	ssoJoinSourceGroup            // source-specific multicast
+	ssoLeaveSourceGroup           // source-specific multicast
+	ssoBlockSourceGroup           // any-source or source-specific multicast
+	ssoUnblockSourceGroup         // any-source or source-specific multicast
+	ssoAttachFilter               // attach BPF for filtering inbound traffic
+)
+
+// Sticky socket option value types
+const (
+	ssoTypeIPMreq = iota + 1
+	ssoTypeGroupReq
+	ssoTypeGroupSourceReq
+)
+
+// A sockOpt represents a binding for sticky socket option.
+type sockOpt struct {
+	socket.Option
+	typ int // hint for option value type; optional
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sockopt_posix.go b/server/vendor/golang.org/x/net/ipv6/sockopt_posix.go
new file mode 100644
index 0000000..34dfed5
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sockopt_posix.go
@@ -0,0 +1,89 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows || zos
+
+package ipv6
+
+import (
+	"net"
+	"runtime"
+	"unsafe"
+
+	"golang.org/x/net/bpf"
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) getMulticastInterface(c *socket.Conn) (*net.Interface, error) {
+	n, err := so.GetInt(c)
+	if err != nil {
+		return nil, err
+	}
+	return net.InterfaceByIndex(n)
+}
+
+func (so *sockOpt) setMulticastInterface(c *socket.Conn, ifi *net.Interface) error {
+	var n int
+	if ifi != nil {
+		n = ifi.Index
+	}
+	return so.SetInt(c, n)
+}
+
+func (so *sockOpt) getICMPFilter(c *socket.Conn) (*ICMPFilter, error) {
+	b := make([]byte, so.Len)
+	n, err := so.Get(c, b)
+	if err != nil {
+		return nil, err
+	}
+	if n != sizeofICMPv6Filter {
+		return nil, errNotImplemented
+	}
+	return (*ICMPFilter)(unsafe.Pointer(&b[0])), nil
+}
+
+func (so *sockOpt) setICMPFilter(c *socket.Conn, f *ICMPFilter) error {
+	b := (*[sizeofICMPv6Filter]byte)(unsafe.Pointer(f))[:sizeofICMPv6Filter]
+	return so.Set(c, b)
+}
+
+func (so *sockOpt) getMTUInfo(c *socket.Conn) (*net.Interface, int, error) {
+	b := make([]byte, so.Len)
+	n, err := so.Get(c, b)
+	if err != nil {
+		return nil, 0, err
+	}
+	if n != sizeofIPv6Mtuinfo {
+		return nil, 0, errNotImplemented
+	}
+	mi := (*ipv6Mtuinfo)(unsafe.Pointer(&b[0]))
+	if mi.Addr.Scope_id == 0 || runtime.GOOS == "aix" {
+		// AIX kernel might return a wrong address.
+		return nil, int(mi.Mtu), nil
+	}
+	ifi, err := net.InterfaceByIndex(int(mi.Addr.Scope_id))
+	if err != nil {
+		return nil, 0, err
+	}
+	return ifi, int(mi.Mtu), nil
+}
+
+func (so *sockOpt) setGroup(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	switch so.typ {
+	case ssoTypeIPMreq:
+		return so.setIPMreq(c, ifi, grp)
+	case ssoTypeGroupReq:
+		return so.setGroupReq(c, ifi, grp)
+	default:
+		return errNotImplemented
+	}
+}
+
+func (so *sockOpt) setSourceGroup(c *socket.Conn, ifi *net.Interface, grp, src net.IP) error {
+	return so.setGroupSourceReq(c, ifi, grp, src)
+}
+
+func (so *sockOpt) setBPF(c *socket.Conn, f []bpf.RawInstruction) error {
+	return so.setAttachFilter(c, f)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sockopt_stub.go b/server/vendor/golang.org/x/net/ipv6/sockopt_stub.go
new file mode 100644
index 0000000..a09c3aa
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sockopt_stub.go
@@ -0,0 +1,46 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package ipv6
+
+import (
+	"net"
+
+	"golang.org/x/net/bpf"
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) getMulticastInterface(c *socket.Conn) (*net.Interface, error) {
+	return nil, errNotImplemented
+}
+
+func (so *sockOpt) setMulticastInterface(c *socket.Conn, ifi *net.Interface) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) getICMPFilter(c *socket.Conn) (*ICMPFilter, error) {
+	return nil, errNotImplemented
+}
+
+func (so *sockOpt) setICMPFilter(c *socket.Conn, f *ICMPFilter) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) getMTUInfo(c *socket.Conn) (*net.Interface, int, error) {
+	return nil, 0, errNotImplemented
+}
+
+func (so *sockOpt) setGroup(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) setSourceGroup(c *socket.Conn, ifi *net.Interface, grp, src net.IP) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) setBPF(c *socket.Conn, f []bpf.RawInstruction) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_aix.go b/server/vendor/golang.org/x/net/ipv6/sys_aix.go
new file mode 100644
index 0000000..93c8efc
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_aix.go
@@ -0,0 +1,79 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Added for go1.11 compatibility
+//go:build aix
+
+package ipv6
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+		ctlHopLimit:     {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+		ctlPacketInfo:   {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+		ctlNextHop:      {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+		ctlPathMTU:      {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTrafficClass:        {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+		ssoHopLimit:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+		ssoMulticastInterface:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+		ssoMulticastHopLimit:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+		ssoMulticastLoopback:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+		ssoReceiveHopLimit:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+		ssoReceivePacketInfo:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+		ssoReceivePathMTU:      {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+		ssoPathMTU:             {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+		ssoChecksum:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+		ssoICMPFilter:          {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+		ssoJoinGroup:           {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+		ssoLeaveGroup:          {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+	}
+)
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], ip)
+	sa.Scope_id = uint32(i)
+}
+
+func (pi *inet6Pktinfo) setIfindex(i int) {
+	pi.Ifindex = int32(i)
+}
+
+func (mreq *ipv6Mreq) setIfindex(i int) {
+	mreq.Interface = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gr)) + 4))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 4))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 132))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_asmreq.go b/server/vendor/golang.org/x/net/ipv6/sys_asmreq.go
new file mode 100644
index 0000000..5c9cb44
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_asmreq.go
@@ -0,0 +1,24 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows
+
+package ipv6
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) setIPMreq(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	var mreq ipv6Mreq
+	copy(mreq.Multiaddr[:], grp)
+	if ifi != nil {
+		mreq.setIfindex(ifi.Index)
+	}
+	b := (*[sizeofIPv6Mreq]byte)(unsafe.Pointer(&mreq))[:sizeofIPv6Mreq]
+	return so.Set(c, b)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_asmreq_stub.go b/server/vendor/golang.org/x/net/ipv6/sys_asmreq_stub.go
new file mode 100644
index 0000000..dc70494
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_asmreq_stub.go
@@ -0,0 +1,17 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows
+
+package ipv6
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) setIPMreq(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_bpf.go b/server/vendor/golang.org/x/net/ipv6/sys_bpf.go
new file mode 100644
index 0000000..e39f75f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_bpf.go
@@ -0,0 +1,24 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux
+
+package ipv6
+
+import (
+	"unsafe"
+
+	"golang.org/x/net/bpf"
+	"golang.org/x/net/internal/socket"
+	"golang.org/x/sys/unix"
+)
+
+func (so *sockOpt) setAttachFilter(c *socket.Conn, f []bpf.RawInstruction) error {
+	prog := unix.SockFprog{
+		Len:    uint16(len(f)),
+		Filter: (*unix.SockFilter)(unsafe.Pointer(&f[0])),
+	}
+	b := (*[unix.SizeofSockFprog]byte)(unsafe.Pointer(&prog))[:unix.SizeofSockFprog]
+	return so.Set(c, b)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_bpf_stub.go b/server/vendor/golang.org/x/net/ipv6/sys_bpf_stub.go
new file mode 100644
index 0000000..8532a8f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_bpf_stub.go
@@ -0,0 +1,16 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !linux
+
+package ipv6
+
+import (
+	"golang.org/x/net/bpf"
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) setAttachFilter(c *socket.Conn, f []bpf.RawInstruction) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_bsd.go b/server/vendor/golang.org/x/net/ipv6/sys_bsd.go
new file mode 100644
index 0000000..9f3bc2a
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_bsd.go
@@ -0,0 +1,59 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build dragonfly || netbsd || openbsd
+
+package ipv6
+
+import (
+	"net"
+	"syscall"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+		ctlHopLimit:     {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+		ctlPacketInfo:   {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+		ctlNextHop:      {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+		ctlPathMTU:      {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTrafficClass:        {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+		ssoHopLimit:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+		ssoMulticastInterface:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+		ssoMulticastHopLimit:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+		ssoMulticastLoopback:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+		ssoReceiveHopLimit:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+		ssoReceivePacketInfo:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+		ssoReceivePathMTU:      {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+		ssoPathMTU:             {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+		ssoChecksum:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+		ssoICMPFilter:          {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+		ssoJoinGroup:           {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+		ssoLeaveGroup:          {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+	}
+)
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], ip)
+	sa.Scope_id = uint32(i)
+}
+
+func (pi *inet6Pktinfo) setIfindex(i int) {
+	pi.Ifindex = uint32(i)
+}
+
+func (mreq *ipv6Mreq) setIfindex(i int) {
+	mreq.Interface = uint32(i)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_darwin.go b/server/vendor/golang.org/x/net/ipv6/sys_darwin.go
new file mode 100644
index 0000000..b80ec80
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_darwin.go
@@ -0,0 +1,80 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+		ctlHopLimit:     {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+		ctlPacketInfo:   {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+		ctlNextHop:      {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+		ctlPathMTU:      {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoHopLimit:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+		ssoMulticastInterface:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+		ssoMulticastHopLimit:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+		ssoMulticastLoopback:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+		ssoTrafficClass:        {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+		ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+		ssoReceiveHopLimit:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+		ssoReceivePacketInfo:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+		ssoReceivePathMTU:      {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+		ssoPathMTU:             {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+		ssoChecksum:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+		ssoICMPFilter:          {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+		ssoJoinGroup:           {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:          {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+	}
+)
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], ip)
+	sa.Scope_id = uint32(i)
+}
+
+func (pi *inet6Pktinfo) setIfindex(i int) {
+	pi.Ifindex = uint32(i)
+}
+
+func (mreq *ipv6Mreq) setIfindex(i int) {
+	mreq.Interface = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gr)) + 4))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 4))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 132))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_freebsd.go b/server/vendor/golang.org/x/net/ipv6/sys_freebsd.go
new file mode 100644
index 0000000..6282cf9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_freebsd.go
@@ -0,0 +1,94 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+	"runtime"
+	"strings"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+		ctlHopLimit:     {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+		ctlPacketInfo:   {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+		ctlNextHop:      {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+		ctlPathMTU:      {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+	}
+
+	sockOpts = map[int]sockOpt{
+		ssoTrafficClass:        {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+		ssoHopLimit:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+		ssoMulticastInterface:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+		ssoMulticastHopLimit:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+		ssoMulticastLoopback:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+		ssoReceiveHopLimit:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+		ssoReceivePacketInfo:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+		ssoReceivePathMTU:      {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+		ssoPathMTU:             {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+		ssoChecksum:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+		ssoICMPFilter:          {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+		ssoJoinGroup:           {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:          {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+	}
+)
+
+func init() {
+	if runtime.GOOS == "freebsd" && runtime.GOARCH == "386" {
+		archs, _ := syscall.Sysctl("kern.supported_archs")
+		for _, s := range strings.Fields(archs) {
+			if s == "amd64" {
+				compatFreeBSD32 = true
+				break
+			}
+		}
+	}
+}
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], ip)
+	sa.Scope_id = uint32(i)
+}
+
+func (pi *inet6Pktinfo) setIfindex(i int) {
+	pi.Ifindex = uint32(i)
+}
+
+func (mreq *ipv6Mreq) setIfindex(i int) {
+	mreq.Interface = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(&gr.Group))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(&gsr.Group))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet6)(unsafe.Pointer(&gsr.Source))
+	sa.Len = sizeofSockaddrInet6
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_linux.go b/server/vendor/golang.org/x/net/ipv6/sys_linux.go
new file mode 100644
index 0000000..82e2121
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_linux.go
@@ -0,0 +1,76 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+		ctlHopLimit:     {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+		ctlPacketInfo:   {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+		ctlPathMTU:      {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTrafficClass:        {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+		ssoHopLimit:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+		ssoMulticastInterface:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+		ssoMulticastHopLimit:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+		ssoMulticastLoopback:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+		ssoReceiveHopLimit:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+		ssoReceivePacketInfo:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+		ssoReceivePathMTU:      {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+		ssoPathMTU:             {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+		ssoChecksum:            {Option: socket.Option{Level: iana.ProtocolReserved, Name: unix.IPV6_CHECKSUM, Len: 4}},
+		ssoICMPFilter:          {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMPV6_FILTER, Len: sizeofICMPv6Filter}},
+		ssoJoinGroup:           {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:          {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoAttachFilter:        {Option: socket.Option{Level: unix.SOL_SOCKET, Name: unix.SO_ATTACH_FILTER, Len: unix.SizeofSockFprog}},
+	}
+)
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], ip)
+	sa.Scope_id = uint32(i)
+}
+
+func (pi *inet6Pktinfo) setIfindex(i int) {
+	pi.Ifindex = int32(i)
+}
+
+func (mreq *ipv6Mreq) setIfindex(i int) {
+	mreq.Ifindex = int32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(&gr.Group))
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(&gsr.Group))
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet6)(unsafe.Pointer(&gsr.Source))
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_solaris.go b/server/vendor/golang.org/x/net/ipv6/sys_solaris.go
new file mode 100644
index 0000000..1fc30ad
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_solaris.go
@@ -0,0 +1,76 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+		ctlHopLimit:     {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+		ctlPacketInfo:   {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+		ctlNextHop:      {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+		ctlPathMTU:      {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTrafficClass:        {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+		ssoHopLimit:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+		ssoMulticastInterface:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+		ssoMulticastHopLimit:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+		ssoMulticastLoopback:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+		ssoReceiveHopLimit:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+		ssoReceivePacketInfo:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+		ssoReceivePathMTU:      {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+		ssoPathMTU:             {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+		ssoChecksum:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+		ssoICMPFilter:          {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+		ssoJoinGroup:           {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:          {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+	}
+)
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], ip)
+	sa.Scope_id = uint32(i)
+}
+
+func (pi *inet6Pktinfo) setIfindex(i int) {
+	pi.Ifindex = uint32(i)
+}
+
+func (mreq *ipv6Mreq) setIfindex(i int) {
+	mreq.Interface = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gr)) + 4))
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 4))
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet6)(unsafe.Pointer(uintptr(unsafe.Pointer(gsr)) + 260))
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_ssmreq.go b/server/vendor/golang.org/x/net/ipv6/sys_ssmreq.go
new file mode 100644
index 0000000..b40f5c6
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_ssmreq.go
@@ -0,0 +1,54 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || freebsd || linux || solaris || zos
+
+package ipv6
+
+import (
+	"net"
+	"unsafe"
+
+	"golang.org/x/net/internal/socket"
+)
+
+var compatFreeBSD32 bool // 386 emulation on amd64
+
+func (so *sockOpt) setGroupReq(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	var gr groupReq
+	if ifi != nil {
+		gr.Interface = uint32(ifi.Index)
+	}
+	gr.setGroup(grp)
+	var b []byte
+	if compatFreeBSD32 {
+		var d [sizeofGroupReq + 4]byte
+		s := (*[sizeofGroupReq]byte)(unsafe.Pointer(&gr))
+		copy(d[:4], s[:4])
+		copy(d[8:], s[4:])
+		b = d[:]
+	} else {
+		b = (*[sizeofGroupReq]byte)(unsafe.Pointer(&gr))[:sizeofGroupReq]
+	}
+	return so.Set(c, b)
+}
+
+func (so *sockOpt) setGroupSourceReq(c *socket.Conn, ifi *net.Interface, grp, src net.IP) error {
+	var gsr groupSourceReq
+	if ifi != nil {
+		gsr.Interface = uint32(ifi.Index)
+	}
+	gsr.setSourceGroup(grp, src)
+	var b []byte
+	if compatFreeBSD32 {
+		var d [sizeofGroupSourceReq + 4]byte
+		s := (*[sizeofGroupSourceReq]byte)(unsafe.Pointer(&gsr))
+		copy(d[:4], s[:4])
+		copy(d[8:], s[4:])
+		b = d[:]
+	} else {
+		b = (*[sizeofGroupSourceReq]byte)(unsafe.Pointer(&gsr))[:sizeofGroupSourceReq]
+	}
+	return so.Set(c, b)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_ssmreq_stub.go b/server/vendor/golang.org/x/net/ipv6/sys_ssmreq_stub.go
new file mode 100644
index 0000000..6526aad
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_ssmreq_stub.go
@@ -0,0 +1,21 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !freebsd && !linux && !solaris && !zos
+
+package ipv6
+
+import (
+	"net"
+
+	"golang.org/x/net/internal/socket"
+)
+
+func (so *sockOpt) setGroupReq(c *socket.Conn, ifi *net.Interface, grp net.IP) error {
+	return errNotImplemented
+}
+
+func (so *sockOpt) setGroupSourceReq(c *socket.Conn, ifi *net.Interface, grp, src net.IP) error {
+	return errNotImplemented
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_stub.go b/server/vendor/golang.org/x/net/ipv6/sys_stub.go
new file mode 100644
index 0000000..76602c3
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_stub.go
@@ -0,0 +1,13 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+
+package ipv6
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{}
+
+	sockOpts = map[int]*sockOpt{}
+)
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_windows.go b/server/vendor/golang.org/x/net/ipv6/sys_windows.go
new file mode 100644
index 0000000..fda8a29
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_windows.go
@@ -0,0 +1,68 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+	"syscall"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/windows"
+)
+
+const (
+	sizeofSockaddrInet6 = 0x1c
+
+	sizeofIPv6Mreq     = 0x14
+	sizeofIPv6Mtuinfo  = 0x20
+	sizeofICMPv6Filter = 0
+)
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type icmpv6Filter struct {
+	// TODO(mikio): implement this
+}
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{}
+
+	sockOpts = map[int]*sockOpt{
+		ssoHopLimit:           {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_UNICAST_HOPS, Len: 4}},
+		ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_MULTICAST_IF, Len: 4}},
+		ssoMulticastHopLimit:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_MULTICAST_HOPS, Len: 4}},
+		ssoMulticastLoopback:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_MULTICAST_LOOP, Len: 4}},
+		ssoJoinGroup:          {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+		ssoLeaveGroup:         {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+	}
+)
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], ip)
+	sa.Scope_id = uint32(i)
+}
+
+func (mreq *ipv6Mreq) setIfindex(i int) {
+	mreq.Interface = uint32(i)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/sys_zos.go b/server/vendor/golang.org/x/net/ipv6/sys_zos.go
new file mode 100644
index 0000000..31adc86
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/sys_zos.go
@@ -0,0 +1,72 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/net/internal/iana"
+	"golang.org/x/net/internal/socket"
+
+	"golang.org/x/sys/unix"
+)
+
+var (
+	ctlOpts = [ctlMax]ctlOpt{
+		ctlHopLimit:   {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+		ctlPacketInfo: {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+		ctlPathMTU:    {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+	}
+
+	sockOpts = map[int]*sockOpt{
+		ssoTrafficClass:        {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+		ssoHopLimit:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+		ssoMulticastInterface:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+		ssoMulticastHopLimit:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+		ssoMulticastLoopback:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+		ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+		ssoReceiveHopLimit:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+		ssoReceivePacketInfo:   {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+		ssoReceivePathMTU:      {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+		ssoChecksum:            {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+		ssoICMPFilter:          {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+		ssoJoinGroup:           {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoLeaveGroup:          {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+		ssoJoinSourceGroup:     {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoLeaveSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoBlockSourceGroup:    {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+		ssoUnblockSourceGroup:  {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+	}
+)
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+	sa.Family = syscall.AF_INET6
+	copy(sa.Addr[:], ip)
+	sa.Scope_id = uint32(i)
+}
+
+func (pi *inet6Pktinfo) setIfindex(i int) {
+	pi.Ifindex = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(&gr.Group))
+	sa.Family = syscall.AF_INET6
+	sa.Len = sizeofSockaddrInet6
+	copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+	sa := (*sockaddrInet6)(unsafe.Pointer(&gsr.Group))
+	sa.Family = syscall.AF_INET6
+	sa.Len = sizeofSockaddrInet6
+	copy(sa.Addr[:], grp)
+	sa = (*sockaddrInet6)(unsafe.Pointer(&gsr.Source))
+	sa.Family = syscall.AF_INET6
+	sa.Len = sizeofSockaddrInet6
+	copy(sa.Addr[:], src)
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go b/server/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go
new file mode 100644
index 0000000..668716d
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go
@@ -0,0 +1,68 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_aix.go
+
+// Added for go1.11 compatibility
+//go:build aix
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 0x508
+	sizeofSockaddrInet6   = 0x1c
+	sizeofInet6Pktinfo    = 0x14
+	sizeofIPv6Mtuinfo     = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x510
+	sizeofGroupSourceReq = 0xa18
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrStorage struct {
+	X__ss_len   uint8
+	Family      uint8
+	X__ss_pad1  [6]uint8
+	X__ss_align int64
+	X__ss_pad2  [1265]uint8
+	Pad_cgo_0   [7]byte
+}
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_darwin.go b/server/vendor/golang.org/x/net/ipv6/zsys_darwin.go
new file mode 100644
index 0000000..dd6f7b2
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_darwin.go
@@ -0,0 +1,64 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_darwin.go
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet6   = 0x1c
+	sizeofInet6Pktinfo    = 0x14
+	sizeofIPv6Mtuinfo     = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]int8
+	X__ss_align int64
+	X__ss_pad2  [112]int8
+}
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [128]byte
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [128]byte
+	Pad_cgo_1 [128]byte
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go b/server/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go
new file mode 100644
index 0000000..6b45a94
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go
@@ -0,0 +1,42 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_dragonfly.go
+
+package ipv6
+
+const (
+	sizeofSockaddrInet6 = 0x1c
+	sizeofInet6Pktinfo  = 0x14
+	sizeofIPv6Mtuinfo   = 0x20
+
+	sizeofIPv6Mreq = 0x14
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go
new file mode 100644
index 0000000..8da5592
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go
@@ -0,0 +1,64 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet6   = 0x1c
+	sizeofInet6Pktinfo    = 0x14
+	sizeofIPv6Mtuinfo     = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]int8
+	X__ss_align int64
+	X__ss_pad2  [112]int8
+}
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go
new file mode 100644
index 0000000..72a1a65
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go
@@ -0,0 +1,66 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet6   = 0x1c
+	sizeofInet6Pktinfo    = 0x14
+	sizeofIPv6Mtuinfo     = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]int8
+	X__ss_align int64
+	X__ss_pad2  [112]int8
+}
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go
new file mode 100644
index 0000000..72a1a65
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go
@@ -0,0 +1,66 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet6   = 0x1c
+	sizeofInet6Pktinfo    = 0x14
+	sizeofIPv6Mtuinfo     = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]int8
+	X__ss_align int64
+	X__ss_pad2  [112]int8
+}
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go
new file mode 100644
index 0000000..5b39eb8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go
@@ -0,0 +1,64 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet6   = 0x1c
+	sizeofInet6Pktinfo    = 0x14
+	sizeofIPv6Mtuinfo     = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]uint8
+	X__ss_align int64
+	X__ss_pad2  [112]uint8
+}
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_riscv64.go b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_riscv64.go
new file mode 100644
index 0000000..5b39eb8
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_freebsd_riscv64.go
@@ -0,0 +1,64 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_freebsd.go
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 0x80
+	sizeofSockaddrInet6   = 0x1c
+	sizeofInet6Pktinfo    = 0x14
+	sizeofIPv6Mtuinfo     = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrStorage struct {
+	Len         uint8
+	Family      uint8
+	X__ss_pad1  [6]uint8
+	X__ss_align int64
+	X__ss_pad2  [112]uint8
+}
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_386.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_386.go
new file mode 100644
index 0000000..ad71871
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_386.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go
new file mode 100644
index 0000000..2514ab9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go
new file mode 100644
index 0000000..ad71871
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go
new file mode 100644
index 0000000..2514ab9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_loong64.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_loong64.go
new file mode 100644
index 0000000..6a53284
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_loong64.go
@@ -0,0 +1,76 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+//go:build loong64
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go
new file mode 100644
index 0000000..ad71871
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go
new file mode 100644
index 0000000..2514ab9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go
new file mode 100644
index 0000000..2514ab9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go
new file mode 100644
index 0000000..ad71871
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go
new file mode 100644
index 0000000..d06c2ad
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go
@@ -0,0 +1,72 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x84
+	sizeofGroupSourceReq = 0x104
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]uint8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go
new file mode 100644
index 0000000..2514ab9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go
new file mode 100644
index 0000000..2514ab9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go
new file mode 100644
index 0000000..13b3472
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go
@@ -0,0 +1,76 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+//go:build riscv64
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go b/server/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go
new file mode 100644
index 0000000..2514ab9
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go
@@ -0,0 +1,74 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_linux.go
+
+package ipv6
+
+const (
+	sizeofKernelSockaddrStorage = 0x80
+	sizeofSockaddrInet6         = 0x1c
+	sizeofInet6Pktinfo          = 0x14
+	sizeofIPv6Mtuinfo           = 0x20
+	sizeofIPv6FlowlabelReq      = 0x20
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x88
+	sizeofGroupSourceReq = 0x108
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type kernelSockaddrStorage struct {
+	Family  uint16
+	X__data [126]int8
+}
+
+type sockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6FlowlabelReq struct {
+	Dst        [16]byte /* in6_addr */
+	Label      uint32
+	Action     uint8
+	Share      uint8
+	Flags      uint16
+	Expires    uint16
+	Linger     uint16
+	X__flr_pad uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Ifindex   int32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [4]byte
+	Group     kernelSockaddrStorage
+	Source    kernelSockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Data [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_netbsd.go b/server/vendor/golang.org/x/net/ipv6/zsys_netbsd.go
new file mode 100644
index 0000000..f7335d5
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_netbsd.go
@@ -0,0 +1,42 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_netbsd.go
+
+package ipv6
+
+const (
+	sizeofSockaddrInet6 = 0x1c
+	sizeofInet6Pktinfo  = 0x14
+	sizeofIPv6Mtuinfo   = 0x20
+
+	sizeofIPv6Mreq = 0x14
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_openbsd.go b/server/vendor/golang.org/x/net/ipv6/zsys_openbsd.go
new file mode 100644
index 0000000..6d15928
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_openbsd.go
@@ -0,0 +1,42 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package ipv6
+
+const (
+	sizeofSockaddrInet6 = 0x1c
+	sizeofInet6Pktinfo  = 0x14
+	sizeofIPv6Mtuinfo   = 0x20
+
+	sizeofIPv6Mreq = 0x14
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_solaris.go b/server/vendor/golang.org/x/net/ipv6/zsys_solaris.go
new file mode 100644
index 0000000..1716197
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_solaris.go
@@ -0,0 +1,63 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_solaris.go
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 0x100
+	sizeofSockaddrInet6   = 0x20
+	sizeofInet6Pktinfo    = 0x14
+	sizeofIPv6Mtuinfo     = 0x24
+
+	sizeofIPv6Mreq       = 0x14
+	sizeofGroupReq       = 0x104
+	sizeofGroupSourceReq = 0x204
+
+	sizeofICMPv6Filter = 0x20
+)
+
+type sockaddrStorage struct {
+	Family     uint16
+	X_ss_pad1  [6]int8
+	X_ss_align float64
+	X_ss_pad2  [240]int8
+}
+
+type sockaddrInet6 struct {
+	Family         uint16
+	Port           uint16
+	Flowinfo       uint32
+	Addr           [16]byte /* in6_addr */
+	Scope_id       uint32
+	X__sin6_src_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type ipv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	Pad_cgo_0 [256]byte
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	Pad_cgo_0 [256]byte
+	Pad_cgo_1 [256]byte
+}
+
+type icmpv6Filter struct {
+	X__icmp6_filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go b/server/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go
new file mode 100644
index 0000000..7c75645
--- /dev/null
+++ b/server/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go
@@ -0,0 +1,62 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Hand edited based on zerrors_zos_s390x.go
+// TODO(Bill O'Farrell): auto-generate.
+
+package ipv6
+
+const (
+	sizeofSockaddrStorage = 128
+	sizeofICMPv6Filter    = 32
+	sizeofInet6Pktinfo    = 20
+	sizeofIPv6Mtuinfo     = 32
+	sizeofSockaddrInet6   = 28
+	sizeofGroupReq        = 136
+	sizeofGroupSourceReq  = 264
+)
+
+type sockaddrStorage struct {
+	Len      uint8
+	Family   byte
+	ss_pad1  [6]byte
+	ss_align int64
+	ss_pad2  [112]byte
+}
+
+type sockaddrInet6 struct {
+	Len      uint8
+	Family   uint8
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte
+	Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte
+	Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+	Addr sockaddrInet6
+	Mtu  uint32
+}
+
+type groupReq struct {
+	Interface uint32
+	reserved  uint32
+	Group     sockaddrStorage
+}
+
+type groupSourceReq struct {
+	Interface uint32
+	reserved  uint32
+	Group     sockaddrStorage
+	Source    sockaddrStorage
+}
+
+type icmpv6Filter struct {
+	Filt [8]uint32
+}
diff --git a/server/vendor/golang.org/x/net/proxy/dial.go b/server/vendor/golang.org/x/net/proxy/dial.go
new file mode 100644
index 0000000..811c2e4
--- /dev/null
+++ b/server/vendor/golang.org/x/net/proxy/dial.go
@@ -0,0 +1,54 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proxy
+
+import (
+	"context"
+	"net"
+)
+
+// A ContextDialer dials using a context.
+type ContextDialer interface {
+	DialContext(ctx context.Context, network, address string) (net.Conn, error)
+}
+
+// Dial works like DialContext on net.Dialer but using a dialer returned by FromEnvironment.
+//
+// The passed ctx is only used for returning the Conn, not the lifetime of the Conn.
+//
+// Custom dialers (registered via RegisterDialerType) that do not implement ContextDialer
+// can leak a goroutine for as long as it takes the underlying Dialer implementation to timeout.
+//
+// A Conn returned from a successful Dial after the context has been cancelled will be immediately closed.
+func Dial(ctx context.Context, network, address string) (net.Conn, error) {
+	d := FromEnvironment()
+	if xd, ok := d.(ContextDialer); ok {
+		return xd.DialContext(ctx, network, address)
+	}
+	return dialContext(ctx, d, network, address)
+}
+
+// WARNING: this can leak a goroutine for as long as the underlying Dialer implementation takes to timeout
+// A Conn returned from a successful Dial after the context has been cancelled will be immediately closed.
+func dialContext(ctx context.Context, d Dialer, network, address string) (net.Conn, error) {
+	var (
+		conn net.Conn
+		done = make(chan struct{}, 1)
+		err  error
+	)
+	go func() {
+		conn, err = d.Dial(network, address)
+		close(done)
+		if conn != nil && ctx.Err() != nil {
+			conn.Close()
+		}
+	}()
+	select {
+	case <-ctx.Done():
+		err = ctx.Err()
+	case <-done:
+	}
+	return conn, err
+}
diff --git a/server/vendor/golang.org/x/net/proxy/direct.go b/server/vendor/golang.org/x/net/proxy/direct.go
new file mode 100644
index 0000000..3d66bde
--- /dev/null
+++ b/server/vendor/golang.org/x/net/proxy/direct.go
@@ -0,0 +1,31 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proxy
+
+import (
+	"context"
+	"net"
+)
+
+type direct struct{}
+
+// Direct implements Dialer by making network connections directly using net.Dial or net.DialContext.
+var Direct = direct{}
+
+var (
+	_ Dialer        = Direct
+	_ ContextDialer = Direct
+)
+
+// Dial directly invokes net.Dial with the supplied parameters.
+func (direct) Dial(network, addr string) (net.Conn, error) {
+	return net.Dial(network, addr)
+}
+
+// DialContext instantiates a net.Dialer and invokes its DialContext receiver with the supplied parameters.
+func (direct) DialContext(ctx context.Context, network, addr string) (net.Conn, error) {
+	var d net.Dialer
+	return d.DialContext(ctx, network, addr)
+}
diff --git a/server/vendor/golang.org/x/net/proxy/per_host.go b/server/vendor/golang.org/x/net/proxy/per_host.go
new file mode 100644
index 0000000..573fe79
--- /dev/null
+++ b/server/vendor/golang.org/x/net/proxy/per_host.go
@@ -0,0 +1,155 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proxy
+
+import (
+	"context"
+	"net"
+	"strings"
+)
+
+// A PerHost directs connections to a default Dialer unless the host name
+// requested matches one of a number of exceptions.
+type PerHost struct {
+	def, bypass Dialer
+
+	bypassNetworks []*net.IPNet
+	bypassIPs      []net.IP
+	bypassZones    []string
+	bypassHosts    []string
+}
+
+// NewPerHost returns a PerHost Dialer that directs connections to either
+// defaultDialer or bypass, depending on whether the connection matches one of
+// the configured rules.
+func NewPerHost(defaultDialer, bypass Dialer) *PerHost {
+	return &PerHost{
+		def:    defaultDialer,
+		bypass: bypass,
+	}
+}
+
+// Dial connects to the address addr on the given network through either
+// defaultDialer or bypass.
+func (p *PerHost) Dial(network, addr string) (c net.Conn, err error) {
+	host, _, err := net.SplitHostPort(addr)
+	if err != nil {
+		return nil, err
+	}
+
+	return p.dialerForRequest(host).Dial(network, addr)
+}
+
+// DialContext connects to the address addr on the given network through either
+// defaultDialer or bypass.
+func (p *PerHost) DialContext(ctx context.Context, network, addr string) (c net.Conn, err error) {
+	host, _, err := net.SplitHostPort(addr)
+	if err != nil {
+		return nil, err
+	}
+	d := p.dialerForRequest(host)
+	if x, ok := d.(ContextDialer); ok {
+		return x.DialContext(ctx, network, addr)
+	}
+	return dialContext(ctx, d, network, addr)
+}
+
+func (p *PerHost) dialerForRequest(host string) Dialer {
+	if ip := net.ParseIP(host); ip != nil {
+		for _, net := range p.bypassNetworks {
+			if net.Contains(ip) {
+				return p.bypass
+			}
+		}
+		for _, bypassIP := range p.bypassIPs {
+			if bypassIP.Equal(ip) {
+				return p.bypass
+			}
+		}
+		return p.def
+	}
+
+	for _, zone := range p.bypassZones {
+		if strings.HasSuffix(host, zone) {
+			return p.bypass
+		}
+		if host == zone[1:] {
+			// For a zone ".example.com", we match "example.com"
+			// too.
+			return p.bypass
+		}
+	}
+	for _, bypassHost := range p.bypassHosts {
+		if bypassHost == host {
+			return p.bypass
+		}
+	}
+	return p.def
+}
+
+// AddFromString parses a string that contains comma-separated values
+// specifying hosts that should use the bypass proxy. Each value is either an
+// IP address, a CIDR range, a zone (*.example.com) or a host name
+// (localhost). A best effort is made to parse the string and errors are
+// ignored.
+func (p *PerHost) AddFromString(s string) {
+	hosts := strings.Split(s, ",")
+	for _, host := range hosts {
+		host = strings.TrimSpace(host)
+		if len(host) == 0 {
+			continue
+		}
+		if strings.Contains(host, "/") {
+			// We assume that it's a CIDR address like 127.0.0.0/8
+			if _, net, err := net.ParseCIDR(host); err == nil {
+				p.AddNetwork(net)
+			}
+			continue
+		}
+		if ip := net.ParseIP(host); ip != nil {
+			p.AddIP(ip)
+			continue
+		}
+		if strings.HasPrefix(host, "*.") {
+			p.AddZone(host[1:])
+			continue
+		}
+		p.AddHost(host)
+	}
+}
+
+// AddIP specifies an IP address that will use the bypass proxy. Note that
+// this will only take effect if a literal IP address is dialed. A connection
+// to a named host will never match an IP.
+func (p *PerHost) AddIP(ip net.IP) {
+	p.bypassIPs = append(p.bypassIPs, ip)
+}
+
+// AddNetwork specifies an IP range that will use the bypass proxy. Note that
+// this will only take effect if a literal IP address is dialed. A connection
+// to a named host will never match.
+func (p *PerHost) AddNetwork(net *net.IPNet) {
+	p.bypassNetworks = append(p.bypassNetworks, net)
+}
+
+// AddZone specifies a DNS suffix that will use the bypass proxy. A zone of
+// "example.com" matches "example.com" and all of its subdomains.
+func (p *PerHost) AddZone(zone string) {
+	if strings.HasSuffix(zone, ".") {
+		zone = zone[:len(zone)-1]
+	}
+	if !strings.HasPrefix(zone, ".") {
+		zone = "." + zone
+	}
+	p.bypassZones = append(p.bypassZones, zone)
+}
+
+// AddHost specifies a host name that will use the bypass proxy.
+func (p *PerHost) AddHost(host string) {
+	if strings.HasSuffix(host, ".") {
+		host = host[:len(host)-1]
+	}
+	p.bypassHosts = append(p.bypassHosts, host)
+}
diff --git a/server/vendor/golang.org/x/net/proxy/proxy.go b/server/vendor/golang.org/x/net/proxy/proxy.go
new file mode 100644
index 0000000..9ff4b9a
--- /dev/null
+++ b/server/vendor/golang.org/x/net/proxy/proxy.go
@@ -0,0 +1,149 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package proxy provides support for a variety of protocols to proxy network
+// data.
+package proxy // import "golang.org/x/net/proxy"
+
+import (
+	"errors"
+	"net"
+	"net/url"
+	"os"
+	"sync"
+)
+
+// A Dialer is a means to establish a connection.
+// Custom dialers should also implement ContextDialer.
+type Dialer interface {
+	// Dial connects to the given address via the proxy.
+	Dial(network, addr string) (c net.Conn, err error)
+}
+
+// Auth contains authentication parameters that specific Dialers may require.
+type Auth struct {
+	User, Password string
+}
+
+// FromEnvironment returns the dialer specified by the proxy-related
+// variables in the environment and makes underlying connections
+// directly.
+func FromEnvironment() Dialer {
+	return FromEnvironmentUsing(Direct)
+}
+
+// FromEnvironmentUsing returns the dialer specify by the proxy-related
+// variables in the environment and makes underlying connections
+// using the provided forwarding Dialer (for instance, a *net.Dialer
+// with desired configuration).
+func FromEnvironmentUsing(forward Dialer) Dialer {
+	allProxy := allProxyEnv.Get()
+	if len(allProxy) == 0 {
+		return forward
+	}
+
+	proxyURL, err := url.Parse(allProxy)
+	if err != nil {
+		return forward
+	}
+	proxy, err := FromURL(proxyURL, forward)
+	if err != nil {
+		return forward
+	}
+
+	noProxy := noProxyEnv.Get()
+	if len(noProxy) == 0 {
+		return proxy
+	}
+
+	perHost := NewPerHost(proxy, forward)
+	perHost.AddFromString(noProxy)
+	return perHost
+}
+
+// proxySchemes is a map from URL schemes to a function that creates a Dialer
+// from a URL with such a scheme.
+var proxySchemes map[string]func(*url.URL, Dialer) (Dialer, error)
+
+// RegisterDialerType takes a URL scheme and a function to generate Dialers from
+// a URL with that scheme and a forwarding Dialer. Registered schemes are used
+// by FromURL.
+func RegisterDialerType(scheme string, f func(*url.URL, Dialer) (Dialer, error)) {
+	if proxySchemes == nil {
+		proxySchemes = make(map[string]func(*url.URL, Dialer) (Dialer, error))
+	}
+	proxySchemes[scheme] = f
+}
+
+// FromURL returns a Dialer given a URL specification and an underlying
+// Dialer for it to make network requests.
+func FromURL(u *url.URL, forward Dialer) (Dialer, error) {
+	var auth *Auth
+	if u.User != nil {
+		auth = new(Auth)
+		auth.User = u.User.Username()
+		if p, ok := u.User.Password(); ok {
+			auth.Password = p
+		}
+	}
+
+	switch u.Scheme {
+	case "socks5", "socks5h":
+		addr := u.Hostname()
+		port := u.Port()
+		if port == "" {
+			port = "1080"
+		}
+		return SOCKS5("tcp", net.JoinHostPort(addr, port), auth, forward)
+	}
+
+	// If the scheme doesn't match any of the built-in schemes, see if it
+	// was registered by another package.
+	if proxySchemes != nil {
+		if f, ok := proxySchemes[u.Scheme]; ok {
+			return f(u, forward)
+		}
+	}
+
+	return nil, errors.New("proxy: unknown scheme: " + u.Scheme)
+}
+
+var (
+	allProxyEnv = &envOnce{
+		names: []string{"ALL_PROXY", "all_proxy"},
+	}
+	noProxyEnv = &envOnce{
+		names: []string{"NO_PROXY", "no_proxy"},
+	}
+)
+
+// envOnce looks up an environment variable (optionally by multiple
+// names) once. It mitigates expensive lookups on some platforms
+// (e.g. Windows).
+// (Borrowed from net/http/transport.go)
+type envOnce struct {
+	names []string
+	once  sync.Once
+	val   string
+}
+
+func (e *envOnce) Get() string {
+	e.once.Do(e.init)
+	return e.val
+}
+
+func (e *envOnce) init() {
+	for _, n := range e.names {
+		e.val = os.Getenv(n)
+		if e.val != "" {
+			return
+		}
+	}
+}
+
+// reset is used by tests
+func (e *envOnce) reset() {
+	e.once = sync.Once{}
+	e.val = ""
+}
diff --git a/server/vendor/golang.org/x/net/proxy/socks5.go b/server/vendor/golang.org/x/net/proxy/socks5.go
new file mode 100644
index 0000000..c91651f
--- /dev/null
+++ b/server/vendor/golang.org/x/net/proxy/socks5.go
@@ -0,0 +1,42 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proxy
+
+import (
+	"context"
+	"net"
+
+	"golang.org/x/net/internal/socks"
+)
+
+// SOCKS5 returns a Dialer that makes SOCKSv5 connections to the given
+// address with an optional username and password.
+// See RFC 1928 and RFC 1929.
+func SOCKS5(network, address string, auth *Auth, forward Dialer) (Dialer, error) {
+	d := socks.NewDialer(network, address)
+	if forward != nil {
+		if f, ok := forward.(ContextDialer); ok {
+			d.ProxyDial = func(ctx context.Context, network string, address string) (net.Conn, error) {
+				return f.DialContext(ctx, network, address)
+			}
+		} else {
+			d.ProxyDial = func(ctx context.Context, network string, address string) (net.Conn, error) {
+				return dialContext(ctx, forward, network, address)
+			}
+		}
+	}
+	if auth != nil {
+		up := socks.UsernamePassword{
+			Username: auth.User,
+			Password: auth.Password,
+		}
+		d.AuthMethods = []socks.AuthMethod{
+			socks.AuthMethodNotRequired,
+			socks.AuthMethodUsernamePassword,
+		}
+		d.Authenticate = up.Authenticate
+	}
+	return d, nil
+}
diff --git a/server/vendor/golang.org/x/sys/windows/aliases.go b/server/vendor/golang.org/x/sys/windows/aliases.go
new file mode 100644
index 0000000..16f9056
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/aliases.go
@@ -0,0 +1,12 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build windows
+
+package windows
+
+import "syscall"
+
+type Errno = syscall.Errno
+type SysProcAttr = syscall.SysProcAttr
diff --git a/server/vendor/golang.org/x/sys/windows/dll_windows.go b/server/vendor/golang.org/x/sys/windows/dll_windows.go
new file mode 100644
index 0000000..3ca814f
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/dll_windows.go
@@ -0,0 +1,415 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+import (
+	"sync"
+	"sync/atomic"
+	"syscall"
+	"unsafe"
+)
+
+// We need to use LoadLibrary and GetProcAddress from the Go runtime, because
+// the these symbols are loaded by the system linker and are required to
+// dynamically load additional symbols. Note that in the Go runtime, these
+// return syscall.Handle and syscall.Errno, but these are the same, in fact,
+// as windows.Handle and windows.Errno, and we intend to keep these the same.
+
+//go:linkname syscall_loadlibrary syscall.loadlibrary
+func syscall_loadlibrary(filename *uint16) (handle Handle, err Errno)
+
+//go:linkname syscall_getprocaddress syscall.getprocaddress
+func syscall_getprocaddress(handle Handle, procname *uint8) (proc uintptr, err Errno)
+
+// DLLError describes reasons for DLL load failures.
+type DLLError struct {
+	Err     error
+	ObjName string
+	Msg     string
+}
+
+func (e *DLLError) Error() string { return e.Msg }
+
+func (e *DLLError) Unwrap() error { return e.Err }
+
+// A DLL implements access to a single DLL.
+type DLL struct {
+	Name   string
+	Handle Handle
+}
+
+// LoadDLL loads DLL file into memory.
+//
+// Warning: using LoadDLL without an absolute path name is subject to
+// DLL preloading attacks. To safely load a system DLL, use [NewLazySystemDLL],
+// or use [LoadLibraryEx] directly.
+func LoadDLL(name string) (dll *DLL, err error) {
+	namep, err := UTF16PtrFromString(name)
+	if err != nil {
+		return nil, err
+	}
+	h, e := syscall_loadlibrary(namep)
+	if e != 0 {
+		return nil, &DLLError{
+			Err:     e,
+			ObjName: name,
+			Msg:     "Failed to load " + name + ": " + e.Error(),
+		}
+	}
+	d := &DLL{
+		Name:   name,
+		Handle: h,
+	}
+	return d, nil
+}
+
+// MustLoadDLL is like LoadDLL but panics if load operation fails.
+func MustLoadDLL(name string) *DLL {
+	d, e := LoadDLL(name)
+	if e != nil {
+		panic(e)
+	}
+	return d
+}
+
+// FindProc searches DLL d for procedure named name and returns *Proc
+// if found. It returns an error if search fails.
+func (d *DLL) FindProc(name string) (proc *Proc, err error) {
+	namep, err := BytePtrFromString(name)
+	if err != nil {
+		return nil, err
+	}
+	a, e := syscall_getprocaddress(d.Handle, namep)
+	if e != 0 {
+		return nil, &DLLError{
+			Err:     e,
+			ObjName: name,
+			Msg:     "Failed to find " + name + " procedure in " + d.Name + ": " + e.Error(),
+		}
+	}
+	p := &Proc{
+		Dll:  d,
+		Name: name,
+		addr: a,
+	}
+	return p, nil
+}
+
+// MustFindProc is like FindProc but panics if search fails.
+func (d *DLL) MustFindProc(name string) *Proc {
+	p, e := d.FindProc(name)
+	if e != nil {
+		panic(e)
+	}
+	return p
+}
+
+// FindProcByOrdinal searches DLL d for procedure by ordinal and returns *Proc
+// if found. It returns an error if search fails.
+func (d *DLL) FindProcByOrdinal(ordinal uintptr) (proc *Proc, err error) {
+	a, e := GetProcAddressByOrdinal(d.Handle, ordinal)
+	name := "#" + itoa(int(ordinal))
+	if e != nil {
+		return nil, &DLLError{
+			Err:     e,
+			ObjName: name,
+			Msg:     "Failed to find " + name + " procedure in " + d.Name + ": " + e.Error(),
+		}
+	}
+	p := &Proc{
+		Dll:  d,
+		Name: name,
+		addr: a,
+	}
+	return p, nil
+}
+
+// MustFindProcByOrdinal is like FindProcByOrdinal but panics if search fails.
+func (d *DLL) MustFindProcByOrdinal(ordinal uintptr) *Proc {
+	p, e := d.FindProcByOrdinal(ordinal)
+	if e != nil {
+		panic(e)
+	}
+	return p
+}
+
+// Release unloads DLL d from memory.
+func (d *DLL) Release() (err error) {
+	return FreeLibrary(d.Handle)
+}
+
+// A Proc implements access to a procedure inside a DLL.
+type Proc struct {
+	Dll  *DLL
+	Name string
+	addr uintptr
+}
+
+// Addr returns the address of the procedure represented by p.
+// The return value can be passed to Syscall to run the procedure.
+func (p *Proc) Addr() uintptr {
+	return p.addr
+}
+
+//go:uintptrescapes
+
+// Call executes procedure p with arguments a. It will panic, if more than 15 arguments
+// are supplied.
+//
+// The returned error is always non-nil, constructed from the result of GetLastError.
+// Callers must inspect the primary return value to decide whether an error occurred
+// (according to the semantics of the specific function being called) before consulting
+// the error. The error will be guaranteed to contain windows.Errno.
+func (p *Proc) Call(a ...uintptr) (r1, r2 uintptr, lastErr error) {
+	switch len(a) {
+	case 0:
+		return syscall.Syscall(p.Addr(), uintptr(len(a)), 0, 0, 0)
+	case 1:
+		return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], 0, 0)
+	case 2:
+		return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], a[1], 0)
+	case 3:
+		return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], a[1], a[2])
+	case 4:
+		return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], 0, 0)
+	case 5:
+		return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], 0)
+	case 6:
+		return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5])
+	case 7:
+		return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], 0, 0)
+	case 8:
+		return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], 0)
+	case 9:
+		return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8])
+	case 10:
+		return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], 0, 0)
+	case 11:
+		return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], 0)
+	case 12:
+		return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11])
+	case 13:
+		return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], 0, 0)
+	case 14:
+		return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], 0)
+	case 15:
+		return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14])
+	default:
+		panic("Call " + p.Name + " with too many arguments " + itoa(len(a)) + ".")
+	}
+}
+
+// A LazyDLL implements access to a single DLL.
+// It will delay the load of the DLL until the first
+// call to its Handle method or to one of its
+// LazyProc's Addr method.
+type LazyDLL struct {
+	Name string
+
+	// System determines whether the DLL must be loaded from the
+	// Windows System directory, bypassing the normal DLL search
+	// path.
+	System bool
+
+	mu  sync.Mutex
+	dll *DLL // non nil once DLL is loaded
+}
+
+// Load loads DLL file d.Name into memory. It returns an error if fails.
+// Load will not try to load DLL, if it is already loaded into memory.
+func (d *LazyDLL) Load() error {
+	// Non-racy version of:
+	// if d.dll != nil {
+	if atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(&d.dll))) != nil {
+		return nil
+	}
+	d.mu.Lock()
+	defer d.mu.Unlock()
+	if d.dll != nil {
+		return nil
+	}
+
+	// kernel32.dll is special, since it's where LoadLibraryEx comes from.
+	// The kernel already special-cases its name, so it's always
+	// loaded from system32.
+	var dll *DLL
+	var err error
+	if d.Name == "kernel32.dll" {
+		dll, err = LoadDLL(d.Name)
+	} else {
+		dll, err = loadLibraryEx(d.Name, d.System)
+	}
+	if err != nil {
+		return err
+	}
+
+	// Non-racy version of:
+	// d.dll = dll
+	atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(&d.dll)), unsafe.Pointer(dll))
+	return nil
+}
+
+// mustLoad is like Load but panics if search fails.
+func (d *LazyDLL) mustLoad() {
+	e := d.Load()
+	if e != nil {
+		panic(e)
+	}
+}
+
+// Handle returns d's module handle.
+func (d *LazyDLL) Handle() uintptr {
+	d.mustLoad()
+	return uintptr(d.dll.Handle)
+}
+
+// NewProc returns a LazyProc for accessing the named procedure in the DLL d.
+func (d *LazyDLL) NewProc(name string) *LazyProc {
+	return &LazyProc{l: d, Name: name}
+}
+
+// NewLazyDLL creates new LazyDLL associated with DLL file.
+//
+// Warning: using NewLazyDLL without an absolute path name is subject to
+// DLL preloading attacks. To safely load a system DLL, use [NewLazySystemDLL].
+func NewLazyDLL(name string) *LazyDLL {
+	return &LazyDLL{Name: name}
+}
+
+// NewLazySystemDLL is like NewLazyDLL, but will only
+// search Windows System directory for the DLL if name is
+// a base name (like "advapi32.dll").
+func NewLazySystemDLL(name string) *LazyDLL {
+	return &LazyDLL{Name: name, System: true}
+}
+
+// A LazyProc implements access to a procedure inside a LazyDLL.
+// It delays the lookup until the Addr method is called.
+type LazyProc struct {
+	Name string
+
+	mu   sync.Mutex
+	l    *LazyDLL
+	proc *Proc
+}
+
+// Find searches DLL for procedure named p.Name. It returns
+// an error if search fails. Find will not search procedure,
+// if it is already found and loaded into memory.
+func (p *LazyProc) Find() error {
+	// Non-racy version of:
+	// if p.proc == nil {
+	if atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(&p.proc))) == nil {
+		p.mu.Lock()
+		defer p.mu.Unlock()
+		if p.proc == nil {
+			e := p.l.Load()
+			if e != nil {
+				return e
+			}
+			proc, e := p.l.dll.FindProc(p.Name)
+			if e != nil {
+				return e
+			}
+			// Non-racy version of:
+			// p.proc = proc
+			atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(&p.proc)), unsafe.Pointer(proc))
+		}
+	}
+	return nil
+}
+
+// mustFind is like Find but panics if search fails.
+func (p *LazyProc) mustFind() {
+	e := p.Find()
+	if e != nil {
+		panic(e)
+	}
+}
+
+// Addr returns the address of the procedure represented by p.
+// The return value can be passed to Syscall to run the procedure.
+// It will panic if the procedure cannot be found.
+func (p *LazyProc) Addr() uintptr {
+	p.mustFind()
+	return p.proc.Addr()
+}
+
+//go:uintptrescapes
+
+// Call executes procedure p with arguments a. It will panic, if more than 15 arguments
+// are supplied. It will also panic if the procedure cannot be found.
+//
+// The returned error is always non-nil, constructed from the result of GetLastError.
+// Callers must inspect the primary return value to decide whether an error occurred
+// (according to the semantics of the specific function being called) before consulting
+// the error. The error will be guaranteed to contain windows.Errno.
+func (p *LazyProc) Call(a ...uintptr) (r1, r2 uintptr, lastErr error) {
+	p.mustFind()
+	return p.proc.Call(a...)
+}
+
+var canDoSearchSystem32Once struct {
+	sync.Once
+	v bool
+}
+
+func initCanDoSearchSystem32() {
+	// https://msdn.microsoft.com/en-us/library/ms684179(v=vs.85).aspx says:
+	// "Windows 7, Windows Server 2008 R2, Windows Vista, and Windows
+	// Server 2008: The LOAD_LIBRARY_SEARCH_* flags are available on
+	// systems that have KB2533623 installed. To determine whether the
+	// flags are available, use GetProcAddress to get the address of the
+	// AddDllDirectory, RemoveDllDirectory, or SetDefaultDllDirectories
+	// function. If GetProcAddress succeeds, the LOAD_LIBRARY_SEARCH_*
+	// flags can be used with LoadLibraryEx."
+	canDoSearchSystem32Once.v = (modkernel32.NewProc("AddDllDirectory").Find() == nil)
+}
+
+func canDoSearchSystem32() bool {
+	canDoSearchSystem32Once.Do(initCanDoSearchSystem32)
+	return canDoSearchSystem32Once.v
+}
+
+func isBaseName(name string) bool {
+	for _, c := range name {
+		if c == ':' || c == '/' || c == '\\' {
+			return false
+		}
+	}
+	return true
+}
+
+// loadLibraryEx wraps the Windows LoadLibraryEx function.
+//
+// See https://msdn.microsoft.com/en-us/library/windows/desktop/ms684179(v=vs.85).aspx
+//
+// If name is not an absolute path, LoadLibraryEx searches for the DLL
+// in a variety of automatic locations unless constrained by flags.
+// See: https://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx
+func loadLibraryEx(name string, system bool) (*DLL, error) {
+	loadDLL := name
+	var flags uintptr
+	if system {
+		if canDoSearchSystem32() {
+			flags = LOAD_LIBRARY_SEARCH_SYSTEM32
+		} else if isBaseName(name) {
+			// WindowsXP or unpatched Windows machine
+			// trying to load "foo.dll" out of the system
+			// folder, but LoadLibraryEx doesn't support
+			// that yet on their system, so emulate it.
+			systemdir, err := GetSystemDirectory()
+			if err != nil {
+				return nil, err
+			}
+			loadDLL = systemdir + "\\" + name
+		}
+	}
+	h, err := LoadLibraryEx(loadDLL, 0, flags)
+	if err != nil {
+		return nil, err
+	}
+	return &DLL{Name: name, Handle: h}, nil
+}
diff --git a/server/vendor/golang.org/x/sys/windows/env_windows.go b/server/vendor/golang.org/x/sys/windows/env_windows.go
new file mode 100644
index 0000000..d4577a4
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/env_windows.go
@@ -0,0 +1,57 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Windows environment variables.
+
+package windows
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+func Getenv(key string) (value string, found bool) {
+	return syscall.Getenv(key)
+}
+
+func Setenv(key, value string) error {
+	return syscall.Setenv(key, value)
+}
+
+func Clearenv() {
+	syscall.Clearenv()
+}
+
+func Environ() []string {
+	return syscall.Environ()
+}
+
+// Returns a default environment associated with the token, rather than the current
+// process. If inheritExisting is true, then this environment also inherits the
+// environment of the current process.
+func (token Token) Environ(inheritExisting bool) (env []string, err error) {
+	var block *uint16
+	err = CreateEnvironmentBlock(&block, token, inheritExisting)
+	if err != nil {
+		return nil, err
+	}
+	defer DestroyEnvironmentBlock(block)
+	size := unsafe.Sizeof(*block)
+	for *block != 0 {
+		// find NUL terminator
+		end := unsafe.Pointer(block)
+		for *(*uint16)(end) != 0 {
+			end = unsafe.Add(end, size)
+		}
+
+		entry := unsafe.Slice(block, (uintptr(end)-uintptr(unsafe.Pointer(block)))/size)
+		env = append(env, UTF16ToString(entry))
+		block = (*uint16)(unsafe.Add(end, size))
+	}
+	return env, nil
+}
+
+func Unsetenv(key string) error {
+	return syscall.Unsetenv(key)
+}
diff --git a/server/vendor/golang.org/x/sys/windows/eventlog.go b/server/vendor/golang.org/x/sys/windows/eventlog.go
new file mode 100644
index 0000000..6c36695
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/eventlog.go
@@ -0,0 +1,20 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build windows
+
+package windows
+
+const (
+	EVENTLOG_SUCCESS          = 0
+	EVENTLOG_ERROR_TYPE       = 1
+	EVENTLOG_WARNING_TYPE     = 2
+	EVENTLOG_INFORMATION_TYPE = 4
+	EVENTLOG_AUDIT_SUCCESS    = 8
+	EVENTLOG_AUDIT_FAILURE    = 16
+)
+
+//sys	RegisterEventSource(uncServerName *uint16, sourceName *uint16) (handle Handle, err error) [failretval==0] = advapi32.RegisterEventSourceW
+//sys	DeregisterEventSource(handle Handle) (err error) = advapi32.DeregisterEventSource
+//sys	ReportEvent(log Handle, etype uint16, category uint16, eventId uint32, usrSId uintptr, numStrings uint16, dataSize uint32, strings **uint16, rawData *byte) (err error) = advapi32.ReportEventW
diff --git a/server/vendor/golang.org/x/sys/windows/exec_windows.go b/server/vendor/golang.org/x/sys/windows/exec_windows.go
new file mode 100644
index 0000000..9cabbb6
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/exec_windows.go
@@ -0,0 +1,248 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Fork, exec, wait, etc.
+
+package windows
+
+import (
+	errorspkg "errors"
+	"unsafe"
+)
+
+// EscapeArg rewrites command line argument s as prescribed
+// in http://msdn.microsoft.com/en-us/library/ms880421.
+// This function returns "" (2 double quotes) if s is empty.
+// Alternatively, these transformations are done:
+//   - every back slash (\) is doubled, but only if immediately
+//     followed by double quote (");
+//   - every double quote (") is escaped by back slash (\);
+//   - finally, s is wrapped with double quotes (arg -> "arg"),
+//     but only if there is space or tab inside s.
+func EscapeArg(s string) string {
+	if len(s) == 0 {
+		return `""`
+	}
+	n := len(s)
+	hasSpace := false
+	for i := 0; i < len(s); i++ {
+		switch s[i] {
+		case '"', '\\':
+			n++
+		case ' ', '\t':
+			hasSpace = true
+		}
+	}
+	if hasSpace {
+		n += 2 // Reserve space for quotes.
+	}
+	if n == len(s) {
+		return s
+	}
+
+	qs := make([]byte, n)
+	j := 0
+	if hasSpace {
+		qs[j] = '"'
+		j++
+	}
+	slashes := 0
+	for i := 0; i < len(s); i++ {
+		switch s[i] {
+		default:
+			slashes = 0
+			qs[j] = s[i]
+		case '\\':
+			slashes++
+			qs[j] = s[i]
+		case '"':
+			for ; slashes > 0; slashes-- {
+				qs[j] = '\\'
+				j++
+			}
+			qs[j] = '\\'
+			j++
+			qs[j] = s[i]
+		}
+		j++
+	}
+	if hasSpace {
+		for ; slashes > 0; slashes-- {
+			qs[j] = '\\'
+			j++
+		}
+		qs[j] = '"'
+		j++
+	}
+	return string(qs[:j])
+}
+
+// ComposeCommandLine escapes and joins the given arguments suitable for use as a Windows command line,
+// in CreateProcess's CommandLine argument, CreateService/ChangeServiceConfig's BinaryPathName argument,
+// or any program that uses CommandLineToArgv.
+func ComposeCommandLine(args []string) string {
+	if len(args) == 0 {
+		return ""
+	}
+
+	// Per https://learn.microsoft.com/en-us/windows/win32/api/shellapi/nf-shellapi-commandlinetoargvw:
+	// “This function accepts command lines that contain a program name; the
+	// program name can be enclosed in quotation marks or not.”
+	//
+	// Unfortunately, it provides no means of escaping interior quotation marks
+	// within that program name, and we have no way to report them here.
+	prog := args[0]
+	mustQuote := len(prog) == 0
+	for i := 0; i < len(prog); i++ {
+		c := prog[i]
+		if c <= ' ' || (c == '"' && i == 0) {
+			// Force quotes for not only the ASCII space and tab as described in the
+			// MSDN article, but also ASCII control characters.
+			// The documentation for CommandLineToArgvW doesn't say what happens when
+			// the first argument is not a valid program name, but it empirically
+			// seems to drop unquoted control characters.
+			mustQuote = true
+			break
+		}
+	}
+	var commandLine []byte
+	if mustQuote {
+		commandLine = make([]byte, 0, len(prog)+2)
+		commandLine = append(commandLine, '"')
+		for i := 0; i < len(prog); i++ {
+			c := prog[i]
+			if c == '"' {
+				// This quote would interfere with our surrounding quotes.
+				// We have no way to report an error, so just strip out
+				// the offending character instead.
+				continue
+			}
+			commandLine = append(commandLine, c)
+		}
+		commandLine = append(commandLine, '"')
+	} else {
+		if len(args) == 1 {
+			// args[0] is a valid command line representing itself.
+			// No need to allocate a new slice or string for it.
+			return prog
+		}
+		commandLine = []byte(prog)
+	}
+
+	for _, arg := range args[1:] {
+		commandLine = append(commandLine, ' ')
+		// TODO(bcmills): since we're already appending to a slice, it would be nice
+		// to avoid the intermediate allocations of EscapeArg.
+		// Perhaps we can factor out an appendEscapedArg function.
+		commandLine = append(commandLine, EscapeArg(arg)...)
+	}
+	return string(commandLine)
+}
+
+// DecomposeCommandLine breaks apart its argument command line into unescaped parts using CommandLineToArgv,
+// as gathered from GetCommandLine, QUERY_SERVICE_CONFIG's BinaryPathName argument, or elsewhere that
+// command lines are passed around.
+// DecomposeCommandLine returns an error if commandLine contains NUL.
+func DecomposeCommandLine(commandLine string) ([]string, error) {
+	if len(commandLine) == 0 {
+		return []string{}, nil
+	}
+	utf16CommandLine, err := UTF16FromString(commandLine)
+	if err != nil {
+		return nil, errorspkg.New("string with NUL passed to DecomposeCommandLine")
+	}
+	var argc int32
+	argv, err := commandLineToArgv(&utf16CommandLine[0], &argc)
+	if err != nil {
+		return nil, err
+	}
+	defer LocalFree(Handle(unsafe.Pointer(argv)))
+
+	var args []string
+	for _, p := range unsafe.Slice(argv, argc) {
+		args = append(args, UTF16PtrToString(p))
+	}
+	return args, nil
+}
+
+// CommandLineToArgv parses a Unicode command line string and sets
+// argc to the number of parsed arguments.
+//
+// The returned memory should be freed using a single call to LocalFree.
+//
+// Note that although the return type of CommandLineToArgv indicates 8192
+// entries of up to 8192 characters each, the actual count of parsed arguments
+// may exceed 8192, and the documentation for CommandLineToArgvW does not mention
+// any bound on the lengths of the individual argument strings.
+// (See https://go.dev/issue/63236.)
+func CommandLineToArgv(cmd *uint16, argc *int32) (argv *[8192]*[8192]uint16, err error) {
+	argp, err := commandLineToArgv(cmd, argc)
+	argv = (*[8192]*[8192]uint16)(unsafe.Pointer(argp))
+	return argv, err
+}
+
+func CloseOnExec(fd Handle) {
+	SetHandleInformation(Handle(fd), HANDLE_FLAG_INHERIT, 0)
+}
+
+// FullPath retrieves the full path of the specified file.
+func FullPath(name string) (path string, err error) {
+	p, err := UTF16PtrFromString(name)
+	if err != nil {
+		return "", err
+	}
+	n := uint32(100)
+	for {
+		buf := make([]uint16, n)
+		n, err = GetFullPathName(p, uint32(len(buf)), &buf[0], nil)
+		if err != nil {
+			return "", err
+		}
+		if n <= uint32(len(buf)) {
+			return UTF16ToString(buf[:n]), nil
+		}
+	}
+}
+
+// NewProcThreadAttributeList allocates a new ProcThreadAttributeListContainer, with the requested maximum number of attributes.
+func NewProcThreadAttributeList(maxAttrCount uint32) (*ProcThreadAttributeListContainer, error) {
+	var size uintptr
+	err := initializeProcThreadAttributeList(nil, maxAttrCount, 0, &size)
+	if err != ERROR_INSUFFICIENT_BUFFER {
+		if err == nil {
+			return nil, errorspkg.New("unable to query buffer size from InitializeProcThreadAttributeList")
+		}
+		return nil, err
+	}
+	alloc, err := LocalAlloc(LMEM_FIXED, uint32(size))
+	if err != nil {
+		return nil, err
+	}
+	// size is guaranteed to be ≥1 by InitializeProcThreadAttributeList.
+	al := &ProcThreadAttributeListContainer{data: (*ProcThreadAttributeList)(unsafe.Pointer(alloc))}
+	err = initializeProcThreadAttributeList(al.data, maxAttrCount, 0, &size)
+	if err != nil {
+		return nil, err
+	}
+	return al, err
+}
+
+// Update modifies the ProcThreadAttributeList using UpdateProcThreadAttribute.
+func (al *ProcThreadAttributeListContainer) Update(attribute uintptr, value unsafe.Pointer, size uintptr) error {
+	al.pointers = append(al.pointers, value)
+	return updateProcThreadAttribute(al.data, 0, attribute, value, size, nil, nil)
+}
+
+// Delete frees ProcThreadAttributeList's resources.
+func (al *ProcThreadAttributeListContainer) Delete() {
+	deleteProcThreadAttributeList(al.data)
+	LocalFree(Handle(unsafe.Pointer(al.data)))
+	al.data = nil
+	al.pointers = nil
+}
+
+// List returns the actual ProcThreadAttributeList to be passed to StartupInfoEx.
+func (al *ProcThreadAttributeListContainer) List() *ProcThreadAttributeList {
+	return al.data
+}
diff --git a/server/vendor/golang.org/x/sys/windows/memory_windows.go b/server/vendor/golang.org/x/sys/windows/memory_windows.go
new file mode 100644
index 0000000..6dc0920
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/memory_windows.go
@@ -0,0 +1,48 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+const (
+	MEM_COMMIT      = 0x00001000
+	MEM_RESERVE     = 0x00002000
+	MEM_DECOMMIT    = 0x00004000
+	MEM_RELEASE     = 0x00008000
+	MEM_RESET       = 0x00080000
+	MEM_TOP_DOWN    = 0x00100000
+	MEM_WRITE_WATCH = 0x00200000
+	MEM_PHYSICAL    = 0x00400000
+	MEM_RESET_UNDO  = 0x01000000
+	MEM_LARGE_PAGES = 0x20000000
+
+	PAGE_NOACCESS          = 0x00000001
+	PAGE_READONLY          = 0x00000002
+	PAGE_READWRITE         = 0x00000004
+	PAGE_WRITECOPY         = 0x00000008
+	PAGE_EXECUTE           = 0x00000010
+	PAGE_EXECUTE_READ      = 0x00000020
+	PAGE_EXECUTE_READWRITE = 0x00000040
+	PAGE_EXECUTE_WRITECOPY = 0x00000080
+	PAGE_GUARD             = 0x00000100
+	PAGE_NOCACHE           = 0x00000200
+	PAGE_WRITECOMBINE      = 0x00000400
+	PAGE_TARGETS_INVALID   = 0x40000000
+	PAGE_TARGETS_NO_UPDATE = 0x40000000
+
+	QUOTA_LIMITS_HARDWS_MIN_DISABLE = 0x00000002
+	QUOTA_LIMITS_HARDWS_MIN_ENABLE  = 0x00000001
+	QUOTA_LIMITS_HARDWS_MAX_DISABLE = 0x00000008
+	QUOTA_LIMITS_HARDWS_MAX_ENABLE  = 0x00000004
+)
+
+type MemoryBasicInformation struct {
+	BaseAddress       uintptr
+	AllocationBase    uintptr
+	AllocationProtect uint32
+	PartitionId       uint16
+	RegionSize        uintptr
+	State             uint32
+	Protect           uint32
+	Type              uint32
+}
diff --git a/server/vendor/golang.org/x/sys/windows/mkerrors.bash b/server/vendor/golang.org/x/sys/windows/mkerrors.bash
new file mode 100644
index 0000000..58e0188
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/mkerrors.bash
@@ -0,0 +1,70 @@
+#!/bin/bash
+
+# Copyright 2019 The Go Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style
+# license that can be found in the LICENSE file.
+
+set -e
+shopt -s nullglob
+
+winerror="$(printf '%s\n' "/mnt/c/Program Files (x86)/Windows Kits/"/*/Include/*/shared/winerror.h | sort -Vr | head -n 1)"
+[[ -n $winerror ]] || { echo "Unable to find winerror.h" >&2; exit 1; }
+ntstatus="$(printf '%s\n' "/mnt/c/Program Files (x86)/Windows Kits/"/*/Include/*/shared/ntstatus.h | sort -Vr | head -n 1)"
+[[ -n $ntstatus ]] || { echo "Unable to find ntstatus.h" >&2; exit 1; }
+
+declare -A errors
+
+{
+	echo "// Code generated by 'mkerrors.bash'; DO NOT EDIT."
+	echo
+	echo "package windows"
+	echo "import \"syscall\""
+	echo "const ("
+
+	while read -r line; do
+		unset vtype
+		if [[ $line =~ ^#define\ +([A-Z0-9_]+k?)\ +([A-Z0-9_]+\()?([A-Z][A-Z0-9_]+k?)\)? ]]; then
+			key="${BASH_REMATCH[1]}"
+			value="${BASH_REMATCH[3]}"
+		elif [[ $line =~ ^#define\ +([A-Z0-9_]+k?)\ +([A-Z0-9_]+\()?((0x)?[0-9A-Fa-f]+)L?\)? ]]; then
+			key="${BASH_REMATCH[1]}"
+			value="${BASH_REMATCH[3]}"
+			vtype="${BASH_REMATCH[2]}"
+		elif [[ $line =~ ^#define\ +([A-Z0-9_]+k?)\ +\(\(([A-Z]+)\)((0x)?[0-9A-Fa-f]+)L?\) ]]; then
+			key="${BASH_REMATCH[1]}"
+			value="${BASH_REMATCH[3]}"
+			vtype="${BASH_REMATCH[2]}"
+		else
+			continue
+		fi
+		[[ -n $key && -n $value ]] || continue
+		[[ -z ${errors["$key"]} ]] || continue
+		errors["$key"]="$value"
+		if [[ -v vtype ]]; then
+			if [[ $key == FACILITY_* || $key == NO_ERROR ]]; then
+				vtype=""
+			elif [[ $vtype == *HANDLE* || $vtype == *HRESULT* ]]; then
+				vtype="Handle"
+			else
+				vtype="syscall.Errno"
+			fi
+			last_vtype="$vtype"
+		else
+			vtype=""
+			if [[ $last_vtype == Handle && $value == NO_ERROR ]]; then
+				value="S_OK"
+			elif [[ $last_vtype == syscall.Errno && $value == NO_ERROR ]]; then
+				value="ERROR_SUCCESS"
+			fi
+		fi
+
+		echo "$key $vtype = $value"
+	done < "$winerror"
+
+	while read -r line; do
+		[[ $line =~ ^#define\ (STATUS_[^\s]+)\ +\(\(NTSTATUS\)((0x)?[0-9a-fA-F]+)L?\) ]] || continue
+		echo "${BASH_REMATCH[1]} NTStatus = ${BASH_REMATCH[2]}"
+	done < "$ntstatus"
+
+	echo ")"
+} | gofmt > "zerrors_windows.go"
diff --git a/server/vendor/golang.org/x/sys/windows/mkknownfolderids.bash b/server/vendor/golang.org/x/sys/windows/mkknownfolderids.bash
new file mode 100644
index 0000000..ab8924e
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/mkknownfolderids.bash
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+# Copyright 2019 The Go Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style
+# license that can be found in the LICENSE file.
+
+set -e
+shopt -s nullglob
+
+knownfolders="$(printf '%s\n' "/mnt/c/Program Files (x86)/Windows Kits/"/*/Include/*/um/KnownFolders.h | sort -Vr | head -n 1)"
+[[ -n $knownfolders ]] || { echo "Unable to find KnownFolders.h" >&2; exit 1; }
+
+{
+	echo "// Code generated by 'mkknownfolderids.bash'; DO NOT EDIT."
+	echo
+	echo "package windows"
+	echo "type KNOWNFOLDERID GUID"
+	echo "var ("
+	while read -r line; do
+		[[ $line =~ DEFINE_KNOWN_FOLDER\((FOLDERID_[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+)\) ]] || continue
+		printf "%s = &KNOWNFOLDERID{0x%08x, 0x%04x, 0x%04x, [8]byte{0x%02x, 0x%02x, 0x%02x, 0x%02x, 0x%02x, 0x%02x, 0x%02x, 0x%02x}}\n" \
+			"${BASH_REMATCH[1]}" $(( "${BASH_REMATCH[2]}" )) $(( "${BASH_REMATCH[3]}" )) $(( "${BASH_REMATCH[4]}" )) \
+			$(( "${BASH_REMATCH[5]}" )) $(( "${BASH_REMATCH[6]}" )) $(( "${BASH_REMATCH[7]}" )) $(( "${BASH_REMATCH[8]}" )) \
+			$(( "${BASH_REMATCH[9]}" )) $(( "${BASH_REMATCH[10]}" )) $(( "${BASH_REMATCH[11]}" )) $(( "${BASH_REMATCH[12]}" ))
+	done < "$knownfolders"
+	echo ")"
+} | gofmt > "zknownfolderids_windows.go"
diff --git a/server/vendor/golang.org/x/sys/windows/mksyscall.go b/server/vendor/golang.org/x/sys/windows/mksyscall.go
new file mode 100644
index 0000000..dbcdb09
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/mksyscall.go
@@ -0,0 +1,9 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build generate
+
+package windows
+
+//go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go eventlog.go service.go syscall_windows.go security_windows.go setupapi_windows.go
diff --git a/server/vendor/golang.org/x/sys/windows/race.go b/server/vendor/golang.org/x/sys/windows/race.go
new file mode 100644
index 0000000..0f1bdc3
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/race.go
@@ -0,0 +1,30 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build windows && race
+
+package windows
+
+import (
+	"runtime"
+	"unsafe"
+)
+
+const raceenabled = true
+
+func raceAcquire(addr unsafe.Pointer) {
+	runtime.RaceAcquire(addr)
+}
+
+func raceReleaseMerge(addr unsafe.Pointer) {
+	runtime.RaceReleaseMerge(addr)
+}
+
+func raceReadRange(addr unsafe.Pointer, len int) {
+	runtime.RaceReadRange(addr, len)
+}
+
+func raceWriteRange(addr unsafe.Pointer, len int) {
+	runtime.RaceWriteRange(addr, len)
+}
diff --git a/server/vendor/golang.org/x/sys/windows/race0.go b/server/vendor/golang.org/x/sys/windows/race0.go
new file mode 100644
index 0000000..0c78da7
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/race0.go
@@ -0,0 +1,25 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build windows && !race
+
+package windows
+
+import (
+	"unsafe"
+)
+
+const raceenabled = false
+
+func raceAcquire(addr unsafe.Pointer) {
+}
+
+func raceReleaseMerge(addr unsafe.Pointer) {
+}
+
+func raceReadRange(addr unsafe.Pointer, len int) {
+}
+
+func raceWriteRange(addr unsafe.Pointer, len int) {
+}
diff --git a/server/vendor/golang.org/x/sys/windows/security_windows.go b/server/vendor/golang.org/x/sys/windows/security_windows.go
new file mode 100644
index 0000000..b6e1ab7
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/security_windows.go
@@ -0,0 +1,1458 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+const (
+	NameUnknown          = 0
+	NameFullyQualifiedDN = 1
+	NameSamCompatible    = 2
+	NameDisplay          = 3
+	NameUniqueId         = 6
+	NameCanonical        = 7
+	NameUserPrincipal    = 8
+	NameCanonicalEx      = 9
+	NameServicePrincipal = 10
+	NameDnsDomain        = 12
+)
+
+// This function returns 1 byte BOOLEAN rather than the 4 byte BOOL.
+// http://blogs.msdn.com/b/drnick/archive/2007/12/19/windows-and-upn-format-credentials.aspx
+//sys	TranslateName(accName *uint16, accNameFormat uint32, desiredNameFormat uint32, translatedName *uint16, nSize *uint32) (err error) [failretval&0xff==0] = secur32.TranslateNameW
+//sys	GetUserNameEx(nameFormat uint32, nameBuffre *uint16, nSize *uint32) (err error) [failretval&0xff==0] = secur32.GetUserNameExW
+
+// TranslateAccountName converts a directory service
+// object name from one format to another.
+func TranslateAccountName(username string, from, to uint32, initSize int) (string, error) {
+	u, e := UTF16PtrFromString(username)
+	if e != nil {
+		return "", e
+	}
+	n := uint32(50)
+	for {
+		b := make([]uint16, n)
+		e = TranslateName(u, from, to, &b[0], &n)
+		if e == nil {
+			return UTF16ToString(b[:n]), nil
+		}
+		if e != ERROR_INSUFFICIENT_BUFFER {
+			return "", e
+		}
+		if n <= uint32(len(b)) {
+			return "", e
+		}
+	}
+}
+
+const (
+	// do not reorder
+	NetSetupUnknownStatus = iota
+	NetSetupUnjoined
+	NetSetupWorkgroupName
+	NetSetupDomainName
+)
+
+type UserInfo10 struct {
+	Name       *uint16
+	Comment    *uint16
+	UsrComment *uint16
+	FullName   *uint16
+}
+
+//sys	NetUserGetInfo(serverName *uint16, userName *uint16, level uint32, buf **byte) (neterr error) = netapi32.NetUserGetInfo
+//sys	NetGetJoinInformation(server *uint16, name **uint16, bufType *uint32) (neterr error) = netapi32.NetGetJoinInformation
+//sys	NetApiBufferFree(buf *byte) (neterr error) = netapi32.NetApiBufferFree
+//sys   NetUserEnum(serverName *uint16, level uint32, filter uint32, buf **byte, prefMaxLen uint32, entriesRead *uint32, totalEntries *uint32, resumeHandle *uint32) (neterr error) = netapi32.NetUserEnum
+
+const (
+	// do not reorder
+	SidTypeUser = 1 + iota
+	SidTypeGroup
+	SidTypeDomain
+	SidTypeAlias
+	SidTypeWellKnownGroup
+	SidTypeDeletedAccount
+	SidTypeInvalid
+	SidTypeUnknown
+	SidTypeComputer
+	SidTypeLabel
+)
+
+type SidIdentifierAuthority struct {
+	Value [6]byte
+}
+
+var (
+	SECURITY_NULL_SID_AUTHORITY        = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 0}}
+	SECURITY_WORLD_SID_AUTHORITY       = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 1}}
+	SECURITY_LOCAL_SID_AUTHORITY       = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 2}}
+	SECURITY_CREATOR_SID_AUTHORITY     = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 3}}
+	SECURITY_NON_UNIQUE_AUTHORITY      = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 4}}
+	SECURITY_NT_AUTHORITY              = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 5}}
+	SECURITY_MANDATORY_LABEL_AUTHORITY = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 16}}
+)
+
+const (
+	SECURITY_NULL_RID                   = 0
+	SECURITY_WORLD_RID                  = 0
+	SECURITY_LOCAL_RID                  = 0
+	SECURITY_CREATOR_OWNER_RID          = 0
+	SECURITY_CREATOR_GROUP_RID          = 1
+	SECURITY_DIALUP_RID                 = 1
+	SECURITY_NETWORK_RID                = 2
+	SECURITY_BATCH_RID                  = 3
+	SECURITY_INTERACTIVE_RID            = 4
+	SECURITY_LOGON_IDS_RID              = 5
+	SECURITY_SERVICE_RID                = 6
+	SECURITY_LOCAL_SYSTEM_RID           = 18
+	SECURITY_BUILTIN_DOMAIN_RID         = 32
+	SECURITY_PRINCIPAL_SELF_RID         = 10
+	SECURITY_CREATOR_OWNER_SERVER_RID   = 0x2
+	SECURITY_CREATOR_GROUP_SERVER_RID   = 0x3
+	SECURITY_LOGON_IDS_RID_COUNT        = 0x3
+	SECURITY_ANONYMOUS_LOGON_RID        = 0x7
+	SECURITY_PROXY_RID                  = 0x8
+	SECURITY_ENTERPRISE_CONTROLLERS_RID = 0x9
+	SECURITY_SERVER_LOGON_RID           = SECURITY_ENTERPRISE_CONTROLLERS_RID
+	SECURITY_AUTHENTICATED_USER_RID     = 0xb
+	SECURITY_RESTRICTED_CODE_RID        = 0xc
+	SECURITY_NT_NON_UNIQUE_RID          = 0x15
+)
+
+// Predefined domain-relative RIDs for local groups.
+// See https://msdn.microsoft.com/en-us/library/windows/desktop/aa379649(v=vs.85).aspx
+const (
+	DOMAIN_ALIAS_RID_ADMINS                         = 0x220
+	DOMAIN_ALIAS_RID_USERS                          = 0x221
+	DOMAIN_ALIAS_RID_GUESTS                         = 0x222
+	DOMAIN_ALIAS_RID_POWER_USERS                    = 0x223
+	DOMAIN_ALIAS_RID_ACCOUNT_OPS                    = 0x224
+	DOMAIN_ALIAS_RID_SYSTEM_OPS                     = 0x225
+	DOMAIN_ALIAS_RID_PRINT_OPS                      = 0x226
+	DOMAIN_ALIAS_RID_BACKUP_OPS                     = 0x227
+	DOMAIN_ALIAS_RID_REPLICATOR                     = 0x228
+	DOMAIN_ALIAS_RID_RAS_SERVERS                    = 0x229
+	DOMAIN_ALIAS_RID_PREW2KCOMPACCESS               = 0x22a
+	DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS           = 0x22b
+	DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS      = 0x22c
+	DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS = 0x22d
+	DOMAIN_ALIAS_RID_MONITORING_USERS               = 0x22e
+	DOMAIN_ALIAS_RID_LOGGING_USERS                  = 0x22f
+	DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS            = 0x230
+	DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS             = 0x231
+	DOMAIN_ALIAS_RID_DCOM_USERS                     = 0x232
+	DOMAIN_ALIAS_RID_IUSERS                         = 0x238
+	DOMAIN_ALIAS_RID_CRYPTO_OPERATORS               = 0x239
+	DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP     = 0x23b
+	DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP = 0x23c
+	DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP        = 0x23d
+	DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP      = 0x23e
+)
+
+//sys	LookupAccountSid(systemName *uint16, sid *SID, name *uint16, nameLen *uint32, refdDomainName *uint16, refdDomainNameLen *uint32, use *uint32) (err error) = advapi32.LookupAccountSidW
+//sys	LookupAccountName(systemName *uint16, accountName *uint16, sid *SID, sidLen *uint32, refdDomainName *uint16, refdDomainNameLen *uint32, use *uint32) (err error) = advapi32.LookupAccountNameW
+//sys	ConvertSidToStringSid(sid *SID, stringSid **uint16) (err error) = advapi32.ConvertSidToStringSidW
+//sys	ConvertStringSidToSid(stringSid *uint16, sid **SID) (err error) = advapi32.ConvertStringSidToSidW
+//sys	GetLengthSid(sid *SID) (len uint32) = advapi32.GetLengthSid
+//sys	CopySid(destSidLen uint32, destSid *SID, srcSid *SID) (err error) = advapi32.CopySid
+//sys	AllocateAndInitializeSid(identAuth *SidIdentifierAuthority, subAuth byte, subAuth0 uint32, subAuth1 uint32, subAuth2 uint32, subAuth3 uint32, subAuth4 uint32, subAuth5 uint32, subAuth6 uint32, subAuth7 uint32, sid **SID) (err error) = advapi32.AllocateAndInitializeSid
+//sys	createWellKnownSid(sidType WELL_KNOWN_SID_TYPE, domainSid *SID, sid *SID, sizeSid *uint32) (err error) = advapi32.CreateWellKnownSid
+//sys	isWellKnownSid(sid *SID, sidType WELL_KNOWN_SID_TYPE) (isWellKnown bool) = advapi32.IsWellKnownSid
+//sys	FreeSid(sid *SID) (err error) [failretval!=0] = advapi32.FreeSid
+//sys	EqualSid(sid1 *SID, sid2 *SID) (isEqual bool) = advapi32.EqualSid
+//sys	getSidIdentifierAuthority(sid *SID) (authority *SidIdentifierAuthority) = advapi32.GetSidIdentifierAuthority
+//sys	getSidSubAuthorityCount(sid *SID) (count *uint8) = advapi32.GetSidSubAuthorityCount
+//sys	getSidSubAuthority(sid *SID, index uint32) (subAuthority *uint32) = advapi32.GetSidSubAuthority
+//sys	isValidSid(sid *SID) (isValid bool) = advapi32.IsValidSid
+
+// The security identifier (SID) structure is a variable-length
+// structure used to uniquely identify users or groups.
+type SID struct{}
+
+// StringToSid converts a string-format security identifier
+// SID into a valid, functional SID.
+func StringToSid(s string) (*SID, error) {
+	var sid *SID
+	p, e := UTF16PtrFromString(s)
+	if e != nil {
+		return nil, e
+	}
+	e = ConvertStringSidToSid(p, &sid)
+	if e != nil {
+		return nil, e
+	}
+	defer LocalFree((Handle)(unsafe.Pointer(sid)))
+	return sid.Copy()
+}
+
+// LookupSID retrieves a security identifier SID for the account
+// and the name of the domain on which the account was found.
+// System specify target computer to search.
+func LookupSID(system, account string) (sid *SID, domain string, accType uint32, err error) {
+	if len(account) == 0 {
+		return nil, "", 0, syscall.EINVAL
+	}
+	acc, e := UTF16PtrFromString(account)
+	if e != nil {
+		return nil, "", 0, e
+	}
+	var sys *uint16
+	if len(system) > 0 {
+		sys, e = UTF16PtrFromString(system)
+		if e != nil {
+			return nil, "", 0, e
+		}
+	}
+	n := uint32(50)
+	dn := uint32(50)
+	for {
+		b := make([]byte, n)
+		db := make([]uint16, dn)
+		sid = (*SID)(unsafe.Pointer(&b[0]))
+		e = LookupAccountName(sys, acc, sid, &n, &db[0], &dn, &accType)
+		if e == nil {
+			return sid, UTF16ToString(db), accType, nil
+		}
+		if e != ERROR_INSUFFICIENT_BUFFER {
+			return nil, "", 0, e
+		}
+		if n <= uint32(len(b)) {
+			return nil, "", 0, e
+		}
+	}
+}
+
+// String converts SID to a string format suitable for display, storage, or transmission.
+func (sid *SID) String() string {
+	var s *uint16
+	e := ConvertSidToStringSid(sid, &s)
+	if e != nil {
+		return ""
+	}
+	defer LocalFree((Handle)(unsafe.Pointer(s)))
+	return UTF16ToString((*[256]uint16)(unsafe.Pointer(s))[:])
+}
+
+// Len returns the length, in bytes, of a valid security identifier SID.
+func (sid *SID) Len() int {
+	return int(GetLengthSid(sid))
+}
+
+// Copy creates a duplicate of security identifier SID.
+func (sid *SID) Copy() (*SID, error) {
+	b := make([]byte, sid.Len())
+	sid2 := (*SID)(unsafe.Pointer(&b[0]))
+	e := CopySid(uint32(len(b)), sid2, sid)
+	if e != nil {
+		return nil, e
+	}
+	return sid2, nil
+}
+
+// IdentifierAuthority returns the identifier authority of the SID.
+func (sid *SID) IdentifierAuthority() SidIdentifierAuthority {
+	return *getSidIdentifierAuthority(sid)
+}
+
+// SubAuthorityCount returns the number of sub-authorities in the SID.
+func (sid *SID) SubAuthorityCount() uint8 {
+	return *getSidSubAuthorityCount(sid)
+}
+
+// SubAuthority returns the sub-authority of the SID as specified by
+// the index, which must be less than sid.SubAuthorityCount().
+func (sid *SID) SubAuthority(idx uint32) uint32 {
+	if idx >= uint32(sid.SubAuthorityCount()) {
+		panic("sub-authority index out of range")
+	}
+	return *getSidSubAuthority(sid, idx)
+}
+
+// IsValid returns whether the SID has a valid revision and length.
+func (sid *SID) IsValid() bool {
+	return isValidSid(sid)
+}
+
+// Equals compares two SIDs for equality.
+func (sid *SID) Equals(sid2 *SID) bool {
+	return EqualSid(sid, sid2)
+}
+
+// IsWellKnown determines whether the SID matches the well-known sidType.
+func (sid *SID) IsWellKnown(sidType WELL_KNOWN_SID_TYPE) bool {
+	return isWellKnownSid(sid, sidType)
+}
+
+// LookupAccount retrieves the name of the account for this SID
+// and the name of the first domain on which this SID is found.
+// System specify target computer to search for.
+func (sid *SID) LookupAccount(system string) (account, domain string, accType uint32, err error) {
+	var sys *uint16
+	if len(system) > 0 {
+		sys, err = UTF16PtrFromString(system)
+		if err != nil {
+			return "", "", 0, err
+		}
+	}
+	n := uint32(50)
+	dn := uint32(50)
+	for {
+		b := make([]uint16, n)
+		db := make([]uint16, dn)
+		e := LookupAccountSid(sys, sid, &b[0], &n, &db[0], &dn, &accType)
+		if e == nil {
+			return UTF16ToString(b), UTF16ToString(db), accType, nil
+		}
+		if e != ERROR_INSUFFICIENT_BUFFER {
+			return "", "", 0, e
+		}
+		if n <= uint32(len(b)) {
+			return "", "", 0, e
+		}
+	}
+}
+
+// Various types of pre-specified SIDs that can be synthesized and compared at runtime.
+type WELL_KNOWN_SID_TYPE uint32
+
+const (
+	WinNullSid                                    = 0
+	WinWorldSid                                   = 1
+	WinLocalSid                                   = 2
+	WinCreatorOwnerSid                            = 3
+	WinCreatorGroupSid                            = 4
+	WinCreatorOwnerServerSid                      = 5
+	WinCreatorGroupServerSid                      = 6
+	WinNtAuthoritySid                             = 7
+	WinDialupSid                                  = 8
+	WinNetworkSid                                 = 9
+	WinBatchSid                                   = 10
+	WinInteractiveSid                             = 11
+	WinServiceSid                                 = 12
+	WinAnonymousSid                               = 13
+	WinProxySid                                   = 14
+	WinEnterpriseControllersSid                   = 15
+	WinSelfSid                                    = 16
+	WinAuthenticatedUserSid                       = 17
+	WinRestrictedCodeSid                          = 18
+	WinTerminalServerSid                          = 19
+	WinRemoteLogonIdSid                           = 20
+	WinLogonIdsSid                                = 21
+	WinLocalSystemSid                             = 22
+	WinLocalServiceSid                            = 23
+	WinNetworkServiceSid                          = 24
+	WinBuiltinDomainSid                           = 25
+	WinBuiltinAdministratorsSid                   = 26
+	WinBuiltinUsersSid                            = 27
+	WinBuiltinGuestsSid                           = 28
+	WinBuiltinPowerUsersSid                       = 29
+	WinBuiltinAccountOperatorsSid                 = 30
+	WinBuiltinSystemOperatorsSid                  = 31
+	WinBuiltinPrintOperatorsSid                   = 32
+	WinBuiltinBackupOperatorsSid                  = 33
+	WinBuiltinReplicatorSid                       = 34
+	WinBuiltinPreWindows2000CompatibleAccessSid   = 35
+	WinBuiltinRemoteDesktopUsersSid               = 36
+	WinBuiltinNetworkConfigurationOperatorsSid    = 37
+	WinAccountAdministratorSid                    = 38
+	WinAccountGuestSid                            = 39
+	WinAccountKrbtgtSid                           = 40
+	WinAccountDomainAdminsSid                     = 41
+	WinAccountDomainUsersSid                      = 42
+	WinAccountDomainGuestsSid                     = 43
+	WinAccountComputersSid                        = 44
+	WinAccountControllersSid                      = 45
+	WinAccountCertAdminsSid                       = 46
+	WinAccountSchemaAdminsSid                     = 47
+	WinAccountEnterpriseAdminsSid                 = 48
+	WinAccountPolicyAdminsSid                     = 49
+	WinAccountRasAndIasServersSid                 = 50
+	WinNTLMAuthenticationSid                      = 51
+	WinDigestAuthenticationSid                    = 52
+	WinSChannelAuthenticationSid                  = 53
+	WinThisOrganizationSid                        = 54
+	WinOtherOrganizationSid                       = 55
+	WinBuiltinIncomingForestTrustBuildersSid      = 56
+	WinBuiltinPerfMonitoringUsersSid              = 57
+	WinBuiltinPerfLoggingUsersSid                 = 58
+	WinBuiltinAuthorizationAccessSid              = 59
+	WinBuiltinTerminalServerLicenseServersSid     = 60
+	WinBuiltinDCOMUsersSid                        = 61
+	WinBuiltinIUsersSid                           = 62
+	WinIUserSid                                   = 63
+	WinBuiltinCryptoOperatorsSid                  = 64
+	WinUntrustedLabelSid                          = 65
+	WinLowLabelSid                                = 66
+	WinMediumLabelSid                             = 67
+	WinHighLabelSid                               = 68
+	WinSystemLabelSid                             = 69
+	WinWriteRestrictedCodeSid                     = 70
+	WinCreatorOwnerRightsSid                      = 71
+	WinCacheablePrincipalsGroupSid                = 72
+	WinNonCacheablePrincipalsGroupSid             = 73
+	WinEnterpriseReadonlyControllersSid           = 74
+	WinAccountReadonlyControllersSid              = 75
+	WinBuiltinEventLogReadersGroup                = 76
+	WinNewEnterpriseReadonlyControllersSid        = 77
+	WinBuiltinCertSvcDComAccessGroup              = 78
+	WinMediumPlusLabelSid                         = 79
+	WinLocalLogonSid                              = 80
+	WinConsoleLogonSid                            = 81
+	WinThisOrganizationCertificateSid             = 82
+	WinApplicationPackageAuthoritySid             = 83
+	WinBuiltinAnyPackageSid                       = 84
+	WinCapabilityInternetClientSid                = 85
+	WinCapabilityInternetClientServerSid          = 86
+	WinCapabilityPrivateNetworkClientServerSid    = 87
+	WinCapabilityPicturesLibrarySid               = 88
+	WinCapabilityVideosLibrarySid                 = 89
+	WinCapabilityMusicLibrarySid                  = 90
+	WinCapabilityDocumentsLibrarySid              = 91
+	WinCapabilitySharedUserCertificatesSid        = 92
+	WinCapabilityEnterpriseAuthenticationSid      = 93
+	WinCapabilityRemovableStorageSid              = 94
+	WinBuiltinRDSRemoteAccessServersSid           = 95
+	WinBuiltinRDSEndpointServersSid               = 96
+	WinBuiltinRDSManagementServersSid             = 97
+	WinUserModeDriversSid                         = 98
+	WinBuiltinHyperVAdminsSid                     = 99
+	WinAccountCloneableControllersSid             = 100
+	WinBuiltinAccessControlAssistanceOperatorsSid = 101
+	WinBuiltinRemoteManagementUsersSid            = 102
+	WinAuthenticationAuthorityAssertedSid         = 103
+	WinAuthenticationServiceAssertedSid           = 104
+	WinLocalAccountSid                            = 105
+	WinLocalAccountAndAdministratorSid            = 106
+	WinAccountProtectedUsersSid                   = 107
+	WinCapabilityAppointmentsSid                  = 108
+	WinCapabilityContactsSid                      = 109
+	WinAccountDefaultSystemManagedSid             = 110
+	WinBuiltinDefaultSystemManagedGroupSid        = 111
+	WinBuiltinStorageReplicaAdminsSid             = 112
+	WinAccountKeyAdminsSid                        = 113
+	WinAccountEnterpriseKeyAdminsSid              = 114
+	WinAuthenticationKeyTrustSid                  = 115
+	WinAuthenticationKeyPropertyMFASid            = 116
+	WinAuthenticationKeyPropertyAttestationSid    = 117
+	WinAuthenticationFreshKeyAuthSid              = 118
+	WinBuiltinDeviceOwnersSid                     = 119
+)
+
+// Creates a SID for a well-known predefined alias, generally using the constants of the form
+// Win*Sid, for the local machine.
+func CreateWellKnownSid(sidType WELL_KNOWN_SID_TYPE) (*SID, error) {
+	return CreateWellKnownDomainSid(sidType, nil)
+}
+
+// Creates a SID for a well-known predefined alias, generally using the constants of the form
+// Win*Sid, for the domain specified by the domainSid parameter.
+func CreateWellKnownDomainSid(sidType WELL_KNOWN_SID_TYPE, domainSid *SID) (*SID, error) {
+	n := uint32(50)
+	for {
+		b := make([]byte, n)
+		sid := (*SID)(unsafe.Pointer(&b[0]))
+		err := createWellKnownSid(sidType, domainSid, sid, &n)
+		if err == nil {
+			return sid, nil
+		}
+		if err != ERROR_INSUFFICIENT_BUFFER {
+			return nil, err
+		}
+		if n <= uint32(len(b)) {
+			return nil, err
+		}
+	}
+}
+
+const (
+	// do not reorder
+	TOKEN_ASSIGN_PRIMARY = 1 << iota
+	TOKEN_DUPLICATE
+	TOKEN_IMPERSONATE
+	TOKEN_QUERY
+	TOKEN_QUERY_SOURCE
+	TOKEN_ADJUST_PRIVILEGES
+	TOKEN_ADJUST_GROUPS
+	TOKEN_ADJUST_DEFAULT
+	TOKEN_ADJUST_SESSIONID
+
+	TOKEN_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED |
+		TOKEN_ASSIGN_PRIMARY |
+		TOKEN_DUPLICATE |
+		TOKEN_IMPERSONATE |
+		TOKEN_QUERY |
+		TOKEN_QUERY_SOURCE |
+		TOKEN_ADJUST_PRIVILEGES |
+		TOKEN_ADJUST_GROUPS |
+		TOKEN_ADJUST_DEFAULT |
+		TOKEN_ADJUST_SESSIONID
+	TOKEN_READ  = STANDARD_RIGHTS_READ | TOKEN_QUERY
+	TOKEN_WRITE = STANDARD_RIGHTS_WRITE |
+		TOKEN_ADJUST_PRIVILEGES |
+		TOKEN_ADJUST_GROUPS |
+		TOKEN_ADJUST_DEFAULT
+	TOKEN_EXECUTE = STANDARD_RIGHTS_EXECUTE
+)
+
+const (
+	// do not reorder
+	TokenUser = 1 + iota
+	TokenGroups
+	TokenPrivileges
+	TokenOwner
+	TokenPrimaryGroup
+	TokenDefaultDacl
+	TokenSource
+	TokenType
+	TokenImpersonationLevel
+	TokenStatistics
+	TokenRestrictedSids
+	TokenSessionId
+	TokenGroupsAndPrivileges
+	TokenSessionReference
+	TokenSandBoxInert
+	TokenAuditPolicy
+	TokenOrigin
+	TokenElevationType
+	TokenLinkedToken
+	TokenElevation
+	TokenHasRestrictions
+	TokenAccessInformation
+	TokenVirtualizationAllowed
+	TokenVirtualizationEnabled
+	TokenIntegrityLevel
+	TokenUIAccess
+	TokenMandatoryPolicy
+	TokenLogonSid
+	MaxTokenInfoClass
+)
+
+// Group attributes inside of Tokengroups.Groups[i].Attributes
+const (
+	SE_GROUP_MANDATORY          = 0x00000001
+	SE_GROUP_ENABLED_BY_DEFAULT = 0x00000002
+	SE_GROUP_ENABLED            = 0x00000004
+	SE_GROUP_OWNER              = 0x00000008
+	SE_GROUP_USE_FOR_DENY_ONLY  = 0x00000010
+	SE_GROUP_INTEGRITY          = 0x00000020
+	SE_GROUP_INTEGRITY_ENABLED  = 0x00000040
+	SE_GROUP_LOGON_ID           = 0xC0000000
+	SE_GROUP_RESOURCE           = 0x20000000
+	SE_GROUP_VALID_ATTRIBUTES   = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED | SE_GROUP_OWNER | SE_GROUP_USE_FOR_DENY_ONLY | SE_GROUP_LOGON_ID | SE_GROUP_RESOURCE | SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED
+)
+
+// Privilege attributes
+const (
+	SE_PRIVILEGE_ENABLED_BY_DEFAULT = 0x00000001
+	SE_PRIVILEGE_ENABLED            = 0x00000002
+	SE_PRIVILEGE_REMOVED            = 0x00000004
+	SE_PRIVILEGE_USED_FOR_ACCESS    = 0x80000000
+	SE_PRIVILEGE_VALID_ATTRIBUTES   = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_REMOVED | SE_PRIVILEGE_USED_FOR_ACCESS
+)
+
+// Token types
+const (
+	TokenPrimary       = 1
+	TokenImpersonation = 2
+)
+
+// Impersonation levels
+const (
+	SecurityAnonymous      = 0
+	SecurityIdentification = 1
+	SecurityImpersonation  = 2
+	SecurityDelegation     = 3
+)
+
+type LUID struct {
+	LowPart  uint32
+	HighPart int32
+}
+
+type LUIDAndAttributes struct {
+	Luid       LUID
+	Attributes uint32
+}
+
+type SIDAndAttributes struct {
+	Sid        *SID
+	Attributes uint32
+}
+
+type Tokenuser struct {
+	User SIDAndAttributes
+}
+
+type Tokenprimarygroup struct {
+	PrimaryGroup *SID
+}
+
+type Tokengroups struct {
+	GroupCount uint32
+	Groups     [1]SIDAndAttributes // Use AllGroups() for iterating.
+}
+
+// AllGroups returns a slice that can be used to iterate over the groups in g.
+func (g *Tokengroups) AllGroups() []SIDAndAttributes {
+	return (*[(1 << 28) - 1]SIDAndAttributes)(unsafe.Pointer(&g.Groups[0]))[:g.GroupCount:g.GroupCount]
+}
+
+type Tokenprivileges struct {
+	PrivilegeCount uint32
+	Privileges     [1]LUIDAndAttributes // Use AllPrivileges() for iterating.
+}
+
+// AllPrivileges returns a slice that can be used to iterate over the privileges in p.
+func (p *Tokenprivileges) AllPrivileges() []LUIDAndAttributes {
+	return (*[(1 << 27) - 1]LUIDAndAttributes)(unsafe.Pointer(&p.Privileges[0]))[:p.PrivilegeCount:p.PrivilegeCount]
+}
+
+type Tokenmandatorylabel struct {
+	Label SIDAndAttributes
+}
+
+func (tml *Tokenmandatorylabel) Size() uint32 {
+	return uint32(unsafe.Sizeof(Tokenmandatorylabel{})) + GetLengthSid(tml.Label.Sid)
+}
+
+// Authorization Functions
+//sys	checkTokenMembership(tokenHandle Token, sidToCheck *SID, isMember *int32) (err error) = advapi32.CheckTokenMembership
+//sys	isTokenRestricted(tokenHandle Token) (ret bool, err error) [!failretval] = advapi32.IsTokenRestricted
+//sys	OpenProcessToken(process Handle, access uint32, token *Token) (err error) = advapi32.OpenProcessToken
+//sys	OpenThreadToken(thread Handle, access uint32, openAsSelf bool, token *Token) (err error) = advapi32.OpenThreadToken
+//sys	ImpersonateSelf(impersonationlevel uint32) (err error) = advapi32.ImpersonateSelf
+//sys	RevertToSelf() (err error) = advapi32.RevertToSelf
+//sys	SetThreadToken(thread *Handle, token Token) (err error) = advapi32.SetThreadToken
+//sys	LookupPrivilegeValue(systemname *uint16, name *uint16, luid *LUID) (err error) = advapi32.LookupPrivilegeValueW
+//sys	AdjustTokenPrivileges(token Token, disableAllPrivileges bool, newstate *Tokenprivileges, buflen uint32, prevstate *Tokenprivileges, returnlen *uint32) (err error) = advapi32.AdjustTokenPrivileges
+//sys	AdjustTokenGroups(token Token, resetToDefault bool, newstate *Tokengroups, buflen uint32, prevstate *Tokengroups, returnlen *uint32) (err error) = advapi32.AdjustTokenGroups
+//sys	GetTokenInformation(token Token, infoClass uint32, info *byte, infoLen uint32, returnedLen *uint32) (err error) = advapi32.GetTokenInformation
+//sys	SetTokenInformation(token Token, infoClass uint32, info *byte, infoLen uint32) (err error) = advapi32.SetTokenInformation
+//sys	DuplicateTokenEx(existingToken Token, desiredAccess uint32, tokenAttributes *SecurityAttributes, impersonationLevel uint32, tokenType uint32, newToken *Token) (err error) = advapi32.DuplicateTokenEx
+//sys	GetUserProfileDirectory(t Token, dir *uint16, dirLen *uint32) (err error) = userenv.GetUserProfileDirectoryW
+//sys	getSystemDirectory(dir *uint16, dirLen uint32) (len uint32, err error) = kernel32.GetSystemDirectoryW
+//sys	getWindowsDirectory(dir *uint16, dirLen uint32) (len uint32, err error) = kernel32.GetWindowsDirectoryW
+//sys	getSystemWindowsDirectory(dir *uint16, dirLen uint32) (len uint32, err error) = kernel32.GetSystemWindowsDirectoryW
+
+// An access token contains the security information for a logon session.
+// The system creates an access token when a user logs on, and every
+// process executed on behalf of the user has a copy of the token.
+// The token identifies the user, the user's groups, and the user's
+// privileges. The system uses the token to control access to securable
+// objects and to control the ability of the user to perform various
+// system-related operations on the local computer.
+type Token Handle
+
+// OpenCurrentProcessToken opens an access token associated with current
+// process with TOKEN_QUERY access. It is a real token that needs to be closed.
+//
+// Deprecated: Explicitly call OpenProcessToken(CurrentProcess(), ...)
+// with the desired access instead, or use GetCurrentProcessToken for a
+// TOKEN_QUERY token.
+func OpenCurrentProcessToken() (Token, error) {
+	var token Token
+	err := OpenProcessToken(CurrentProcess(), TOKEN_QUERY, &token)
+	return token, err
+}
+
+// GetCurrentProcessToken returns the access token associated with
+// the current process. It is a pseudo token that does not need
+// to be closed.
+func GetCurrentProcessToken() Token {
+	return Token(^uintptr(4 - 1))
+}
+
+// GetCurrentThreadToken return the access token associated with
+// the current thread. It is a pseudo token that does not need
+// to be closed.
+func GetCurrentThreadToken() Token {
+	return Token(^uintptr(5 - 1))
+}
+
+// GetCurrentThreadEffectiveToken returns the effective access token
+// associated with the current thread. It is a pseudo token that does
+// not need to be closed.
+func GetCurrentThreadEffectiveToken() Token {
+	return Token(^uintptr(6 - 1))
+}
+
+// Close releases access to access token.
+func (t Token) Close() error {
+	return CloseHandle(Handle(t))
+}
+
+// getInfo retrieves a specified type of information about an access token.
+func (t Token) getInfo(class uint32, initSize int) (unsafe.Pointer, error) {
+	n := uint32(initSize)
+	for {
+		b := make([]byte, n)
+		e := GetTokenInformation(t, class, &b[0], uint32(len(b)), &n)
+		if e == nil {
+			return unsafe.Pointer(&b[0]), nil
+		}
+		if e != ERROR_INSUFFICIENT_BUFFER {
+			return nil, e
+		}
+		if n <= uint32(len(b)) {
+			return nil, e
+		}
+	}
+}
+
+// GetTokenUser retrieves access token t user account information.
+func (t Token) GetTokenUser() (*Tokenuser, error) {
+	i, e := t.getInfo(TokenUser, 50)
+	if e != nil {
+		return nil, e
+	}
+	return (*Tokenuser)(i), nil
+}
+
+// GetTokenGroups retrieves group accounts associated with access token t.
+func (t Token) GetTokenGroups() (*Tokengroups, error) {
+	i, e := t.getInfo(TokenGroups, 50)
+	if e != nil {
+		return nil, e
+	}
+	return (*Tokengroups)(i), nil
+}
+
+// GetTokenPrimaryGroup retrieves access token t primary group information.
+// A pointer to a SID structure representing a group that will become
+// the primary group of any objects created by a process using this access token.
+func (t Token) GetTokenPrimaryGroup() (*Tokenprimarygroup, error) {
+	i, e := t.getInfo(TokenPrimaryGroup, 50)
+	if e != nil {
+		return nil, e
+	}
+	return (*Tokenprimarygroup)(i), nil
+}
+
+// GetUserProfileDirectory retrieves path to the
+// root directory of the access token t user's profile.
+func (t Token) GetUserProfileDirectory() (string, error) {
+	n := uint32(100)
+	for {
+		b := make([]uint16, n)
+		e := GetUserProfileDirectory(t, &b[0], &n)
+		if e == nil {
+			return UTF16ToString(b), nil
+		}
+		if e != ERROR_INSUFFICIENT_BUFFER {
+			return "", e
+		}
+		if n <= uint32(len(b)) {
+			return "", e
+		}
+	}
+}
+
+// IsElevated returns whether the current token is elevated from a UAC perspective.
+func (token Token) IsElevated() bool {
+	var isElevated uint32
+	var outLen uint32
+	err := GetTokenInformation(token, TokenElevation, (*byte)(unsafe.Pointer(&isElevated)), uint32(unsafe.Sizeof(isElevated)), &outLen)
+	if err != nil {
+		return false
+	}
+	return outLen == uint32(unsafe.Sizeof(isElevated)) && isElevated != 0
+}
+
+// GetLinkedToken returns the linked token, which may be an elevated UAC token.
+func (token Token) GetLinkedToken() (Token, error) {
+	var linkedToken Token
+	var outLen uint32
+	err := GetTokenInformation(token, TokenLinkedToken, (*byte)(unsafe.Pointer(&linkedToken)), uint32(unsafe.Sizeof(linkedToken)), &outLen)
+	if err != nil {
+		return Token(0), err
+	}
+	return linkedToken, nil
+}
+
+// GetSystemDirectory retrieves the path to current location of the system
+// directory, which is typically, though not always, `C:\Windows\System32`.
+func GetSystemDirectory() (string, error) {
+	n := uint32(MAX_PATH)
+	for {
+		b := make([]uint16, n)
+		l, e := getSystemDirectory(&b[0], n)
+		if e != nil {
+			return "", e
+		}
+		if l <= n {
+			return UTF16ToString(b[:l]), nil
+		}
+		n = l
+	}
+}
+
+// GetWindowsDirectory retrieves the path to current location of the Windows
+// directory, which is typically, though not always, `C:\Windows`. This may
+// be a private user directory in the case that the application is running
+// under a terminal server.
+func GetWindowsDirectory() (string, error) {
+	n := uint32(MAX_PATH)
+	for {
+		b := make([]uint16, n)
+		l, e := getWindowsDirectory(&b[0], n)
+		if e != nil {
+			return "", e
+		}
+		if l <= n {
+			return UTF16ToString(b[:l]), nil
+		}
+		n = l
+	}
+}
+
+// GetSystemWindowsDirectory retrieves the path to current location of the
+// Windows directory, which is typically, though not always, `C:\Windows`.
+func GetSystemWindowsDirectory() (string, error) {
+	n := uint32(MAX_PATH)
+	for {
+		b := make([]uint16, n)
+		l, e := getSystemWindowsDirectory(&b[0], n)
+		if e != nil {
+			return "", e
+		}
+		if l <= n {
+			return UTF16ToString(b[:l]), nil
+		}
+		n = l
+	}
+}
+
+// IsMember reports whether the access token t is a member of the provided SID.
+func (t Token) IsMember(sid *SID) (bool, error) {
+	var b int32
+	if e := checkTokenMembership(t, sid, &b); e != nil {
+		return false, e
+	}
+	return b != 0, nil
+}
+
+// IsRestricted reports whether the access token t is a restricted token.
+func (t Token) IsRestricted() (isRestricted bool, err error) {
+	isRestricted, err = isTokenRestricted(t)
+	if !isRestricted && err == syscall.EINVAL {
+		// If err is EINVAL, this returned ERROR_SUCCESS indicating a non-restricted token.
+		err = nil
+	}
+	return
+}
+
+const (
+	WTS_CONSOLE_CONNECT        = 0x1
+	WTS_CONSOLE_DISCONNECT     = 0x2
+	WTS_REMOTE_CONNECT         = 0x3
+	WTS_REMOTE_DISCONNECT      = 0x4
+	WTS_SESSION_LOGON          = 0x5
+	WTS_SESSION_LOGOFF         = 0x6
+	WTS_SESSION_LOCK           = 0x7
+	WTS_SESSION_UNLOCK         = 0x8
+	WTS_SESSION_REMOTE_CONTROL = 0x9
+	WTS_SESSION_CREATE         = 0xa
+	WTS_SESSION_TERMINATE      = 0xb
+)
+
+const (
+	WTSActive       = 0
+	WTSConnected    = 1
+	WTSConnectQuery = 2
+	WTSShadow       = 3
+	WTSDisconnected = 4
+	WTSIdle         = 5
+	WTSListen       = 6
+	WTSReset        = 7
+	WTSDown         = 8
+	WTSInit         = 9
+)
+
+type WTSSESSION_NOTIFICATION struct {
+	Size      uint32
+	SessionID uint32
+}
+
+type WTS_SESSION_INFO struct {
+	SessionID         uint32
+	WindowStationName *uint16
+	State             uint32
+}
+
+//sys WTSQueryUserToken(session uint32, token *Token) (err error) = wtsapi32.WTSQueryUserToken
+//sys WTSEnumerateSessions(handle Handle, reserved uint32, version uint32, sessions **WTS_SESSION_INFO, count *uint32) (err error) = wtsapi32.WTSEnumerateSessionsW
+//sys WTSFreeMemory(ptr uintptr) = wtsapi32.WTSFreeMemory
+//sys WTSGetActiveConsoleSessionId() (sessionID uint32)
+
+type ACL struct {
+	aclRevision byte
+	sbz1        byte
+	aclSize     uint16
+	AceCount    uint16
+	sbz2        uint16
+}
+
+type SECURITY_DESCRIPTOR struct {
+	revision byte
+	sbz1     byte
+	control  SECURITY_DESCRIPTOR_CONTROL
+	owner    *SID
+	group    *SID
+	sacl     *ACL
+	dacl     *ACL
+}
+
+type SECURITY_QUALITY_OF_SERVICE struct {
+	Length              uint32
+	ImpersonationLevel  uint32
+	ContextTrackingMode byte
+	EffectiveOnly       byte
+}
+
+// Constants for the ContextTrackingMode field of SECURITY_QUALITY_OF_SERVICE.
+const (
+	SECURITY_STATIC_TRACKING  = 0
+	SECURITY_DYNAMIC_TRACKING = 1
+)
+
+type SecurityAttributes struct {
+	Length             uint32
+	SecurityDescriptor *SECURITY_DESCRIPTOR
+	InheritHandle      uint32
+}
+
+type SE_OBJECT_TYPE uint32
+
+// Constants for type SE_OBJECT_TYPE
+const (
+	SE_UNKNOWN_OBJECT_TYPE     = 0
+	SE_FILE_OBJECT             = 1
+	SE_SERVICE                 = 2
+	SE_PRINTER                 = 3
+	SE_REGISTRY_KEY            = 4
+	SE_LMSHARE                 = 5
+	SE_KERNEL_OBJECT           = 6
+	SE_WINDOW_OBJECT           = 7
+	SE_DS_OBJECT               = 8
+	SE_DS_OBJECT_ALL           = 9
+	SE_PROVIDER_DEFINED_OBJECT = 10
+	SE_WMIGUID_OBJECT          = 11
+	SE_REGISTRY_WOW64_32KEY    = 12
+	SE_REGISTRY_WOW64_64KEY    = 13
+)
+
+type SECURITY_INFORMATION uint32
+
+// Constants for type SECURITY_INFORMATION
+const (
+	OWNER_SECURITY_INFORMATION            = 0x00000001
+	GROUP_SECURITY_INFORMATION            = 0x00000002
+	DACL_SECURITY_INFORMATION             = 0x00000004
+	SACL_SECURITY_INFORMATION             = 0x00000008
+	LABEL_SECURITY_INFORMATION            = 0x00000010
+	ATTRIBUTE_SECURITY_INFORMATION        = 0x00000020
+	SCOPE_SECURITY_INFORMATION            = 0x00000040
+	BACKUP_SECURITY_INFORMATION           = 0x00010000
+	PROTECTED_DACL_SECURITY_INFORMATION   = 0x80000000
+	PROTECTED_SACL_SECURITY_INFORMATION   = 0x40000000
+	UNPROTECTED_DACL_SECURITY_INFORMATION = 0x20000000
+	UNPROTECTED_SACL_SECURITY_INFORMATION = 0x10000000
+)
+
+type SECURITY_DESCRIPTOR_CONTROL uint16
+
+// Constants for type SECURITY_DESCRIPTOR_CONTROL
+const (
+	SE_OWNER_DEFAULTED       = 0x0001
+	SE_GROUP_DEFAULTED       = 0x0002
+	SE_DACL_PRESENT          = 0x0004
+	SE_DACL_DEFAULTED        = 0x0008
+	SE_SACL_PRESENT          = 0x0010
+	SE_SACL_DEFAULTED        = 0x0020
+	SE_DACL_AUTO_INHERIT_REQ = 0x0100
+	SE_SACL_AUTO_INHERIT_REQ = 0x0200
+	SE_DACL_AUTO_INHERITED   = 0x0400
+	SE_SACL_AUTO_INHERITED   = 0x0800
+	SE_DACL_PROTECTED        = 0x1000
+	SE_SACL_PROTECTED        = 0x2000
+	SE_RM_CONTROL_VALID      = 0x4000
+	SE_SELF_RELATIVE         = 0x8000
+)
+
+type ACCESS_MASK uint32
+
+// Constants for type ACCESS_MASK
+const (
+	DELETE                   = 0x00010000
+	READ_CONTROL             = 0x00020000
+	WRITE_DAC                = 0x00040000
+	WRITE_OWNER              = 0x00080000
+	SYNCHRONIZE              = 0x00100000
+	STANDARD_RIGHTS_REQUIRED = 0x000F0000
+	STANDARD_RIGHTS_READ     = READ_CONTROL
+	STANDARD_RIGHTS_WRITE    = READ_CONTROL
+	STANDARD_RIGHTS_EXECUTE  = READ_CONTROL
+	STANDARD_RIGHTS_ALL      = 0x001F0000
+	SPECIFIC_RIGHTS_ALL      = 0x0000FFFF
+	ACCESS_SYSTEM_SECURITY   = 0x01000000
+	MAXIMUM_ALLOWED          = 0x02000000
+	GENERIC_READ             = 0x80000000
+	GENERIC_WRITE            = 0x40000000
+	GENERIC_EXECUTE          = 0x20000000
+	GENERIC_ALL              = 0x10000000
+)
+
+type ACCESS_MODE uint32
+
+// Constants for type ACCESS_MODE
+const (
+	NOT_USED_ACCESS   = 0
+	GRANT_ACCESS      = 1
+	SET_ACCESS        = 2
+	DENY_ACCESS       = 3
+	REVOKE_ACCESS     = 4
+	SET_AUDIT_SUCCESS = 5
+	SET_AUDIT_FAILURE = 6
+)
+
+// Constants for AceFlags and Inheritance fields
+const (
+	NO_INHERITANCE                     = 0x0
+	SUB_OBJECTS_ONLY_INHERIT           = 0x1
+	SUB_CONTAINERS_ONLY_INHERIT        = 0x2
+	SUB_CONTAINERS_AND_OBJECTS_INHERIT = 0x3
+	INHERIT_NO_PROPAGATE               = 0x4
+	INHERIT_ONLY                       = 0x8
+	INHERITED_ACCESS_ENTRY             = 0x10
+	INHERITED_PARENT                   = 0x10000000
+	INHERITED_GRANDPARENT              = 0x20000000
+	OBJECT_INHERIT_ACE                 = 0x1
+	CONTAINER_INHERIT_ACE              = 0x2
+	NO_PROPAGATE_INHERIT_ACE           = 0x4
+	INHERIT_ONLY_ACE                   = 0x8
+	INHERITED_ACE                      = 0x10
+	VALID_INHERIT_FLAGS                = 0x1F
+)
+
+type MULTIPLE_TRUSTEE_OPERATION uint32
+
+// Constants for MULTIPLE_TRUSTEE_OPERATION
+const (
+	NO_MULTIPLE_TRUSTEE    = 0
+	TRUSTEE_IS_IMPERSONATE = 1
+)
+
+type TRUSTEE_FORM uint32
+
+// Constants for TRUSTEE_FORM
+const (
+	TRUSTEE_IS_SID              = 0
+	TRUSTEE_IS_NAME             = 1
+	TRUSTEE_BAD_FORM            = 2
+	TRUSTEE_IS_OBJECTS_AND_SID  = 3
+	TRUSTEE_IS_OBJECTS_AND_NAME = 4
+)
+
+type TRUSTEE_TYPE uint32
+
+// Constants for TRUSTEE_TYPE
+const (
+	TRUSTEE_IS_UNKNOWN          = 0
+	TRUSTEE_IS_USER             = 1
+	TRUSTEE_IS_GROUP            = 2
+	TRUSTEE_IS_DOMAIN           = 3
+	TRUSTEE_IS_ALIAS            = 4
+	TRUSTEE_IS_WELL_KNOWN_GROUP = 5
+	TRUSTEE_IS_DELETED          = 6
+	TRUSTEE_IS_INVALID          = 7
+	TRUSTEE_IS_COMPUTER         = 8
+)
+
+// Constants for ObjectsPresent field
+const (
+	ACE_OBJECT_TYPE_PRESENT           = 0x1
+	ACE_INHERITED_OBJECT_TYPE_PRESENT = 0x2
+)
+
+type EXPLICIT_ACCESS struct {
+	AccessPermissions ACCESS_MASK
+	AccessMode        ACCESS_MODE
+	Inheritance       uint32
+	Trustee           TRUSTEE
+}
+
+// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-ace_header
+type ACE_HEADER struct {
+	AceType  uint8
+	AceFlags uint8
+	AceSize  uint16
+}
+
+// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-access_allowed_ace
+type ACCESS_ALLOWED_ACE struct {
+	Header   ACE_HEADER
+	Mask     ACCESS_MASK
+	SidStart uint32
+}
+
+const (
+	// Constants for AceType
+	// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-ace_header
+	ACCESS_ALLOWED_ACE_TYPE = 0
+	ACCESS_DENIED_ACE_TYPE  = 1
+)
+
+// This type is the union inside of TRUSTEE and must be created using one of the TrusteeValueFrom* functions.
+type TrusteeValue uintptr
+
+func TrusteeValueFromString(str string) TrusteeValue {
+	return TrusteeValue(unsafe.Pointer(StringToUTF16Ptr(str)))
+}
+func TrusteeValueFromSID(sid *SID) TrusteeValue {
+	return TrusteeValue(unsafe.Pointer(sid))
+}
+func TrusteeValueFromObjectsAndSid(objectsAndSid *OBJECTS_AND_SID) TrusteeValue {
+	return TrusteeValue(unsafe.Pointer(objectsAndSid))
+}
+func TrusteeValueFromObjectsAndName(objectsAndName *OBJECTS_AND_NAME) TrusteeValue {
+	return TrusteeValue(unsafe.Pointer(objectsAndName))
+}
+
+type TRUSTEE struct {
+	MultipleTrustee          *TRUSTEE
+	MultipleTrusteeOperation MULTIPLE_TRUSTEE_OPERATION
+	TrusteeForm              TRUSTEE_FORM
+	TrusteeType              TRUSTEE_TYPE
+	TrusteeValue             TrusteeValue
+}
+
+type OBJECTS_AND_SID struct {
+	ObjectsPresent          uint32
+	ObjectTypeGuid          GUID
+	InheritedObjectTypeGuid GUID
+	Sid                     *SID
+}
+
+type OBJECTS_AND_NAME struct {
+	ObjectsPresent          uint32
+	ObjectType              SE_OBJECT_TYPE
+	ObjectTypeName          *uint16
+	InheritedObjectTypeName *uint16
+	Name                    *uint16
+}
+
+//sys	getSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetSecurityInfo
+//sys	SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) = advapi32.SetSecurityInfo
+//sys	getNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetNamedSecurityInfoW
+//sys	SetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) = advapi32.SetNamedSecurityInfoW
+//sys	SetKernelObjectSecurity(handle Handle, securityInformation SECURITY_INFORMATION, securityDescriptor *SECURITY_DESCRIPTOR) (err error) = advapi32.SetKernelObjectSecurity
+
+//sys	buildSecurityDescriptor(owner *TRUSTEE, group *TRUSTEE, countAccessEntries uint32, accessEntries *EXPLICIT_ACCESS, countAuditEntries uint32, auditEntries *EXPLICIT_ACCESS, oldSecurityDescriptor *SECURITY_DESCRIPTOR, sizeNewSecurityDescriptor *uint32, newSecurityDescriptor **SECURITY_DESCRIPTOR) (ret error) = advapi32.BuildSecurityDescriptorW
+//sys	initializeSecurityDescriptor(absoluteSD *SECURITY_DESCRIPTOR, revision uint32) (err error) = advapi32.InitializeSecurityDescriptor
+
+//sys	getSecurityDescriptorControl(sd *SECURITY_DESCRIPTOR, control *SECURITY_DESCRIPTOR_CONTROL, revision *uint32) (err error) = advapi32.GetSecurityDescriptorControl
+//sys	getSecurityDescriptorDacl(sd *SECURITY_DESCRIPTOR, daclPresent *bool, dacl **ACL, daclDefaulted *bool) (err error) = advapi32.GetSecurityDescriptorDacl
+//sys	getSecurityDescriptorSacl(sd *SECURITY_DESCRIPTOR, saclPresent *bool, sacl **ACL, saclDefaulted *bool) (err error) = advapi32.GetSecurityDescriptorSacl
+//sys	getSecurityDescriptorOwner(sd *SECURITY_DESCRIPTOR, owner **SID, ownerDefaulted *bool) (err error) = advapi32.GetSecurityDescriptorOwner
+//sys	getSecurityDescriptorGroup(sd *SECURITY_DESCRIPTOR, group **SID, groupDefaulted *bool) (err error) = advapi32.GetSecurityDescriptorGroup
+//sys	getSecurityDescriptorLength(sd *SECURITY_DESCRIPTOR) (len uint32) = advapi32.GetSecurityDescriptorLength
+//sys	getSecurityDescriptorRMControl(sd *SECURITY_DESCRIPTOR, rmControl *uint8) (ret error) [failretval!=0] = advapi32.GetSecurityDescriptorRMControl
+//sys	isValidSecurityDescriptor(sd *SECURITY_DESCRIPTOR) (isValid bool) = advapi32.IsValidSecurityDescriptor
+
+//sys	setSecurityDescriptorControl(sd *SECURITY_DESCRIPTOR, controlBitsOfInterest SECURITY_DESCRIPTOR_CONTROL, controlBitsToSet SECURITY_DESCRIPTOR_CONTROL) (err error) = advapi32.SetSecurityDescriptorControl
+//sys	setSecurityDescriptorDacl(sd *SECURITY_DESCRIPTOR, daclPresent bool, dacl *ACL, daclDefaulted bool) (err error) = advapi32.SetSecurityDescriptorDacl
+//sys	setSecurityDescriptorSacl(sd *SECURITY_DESCRIPTOR, saclPresent bool, sacl *ACL, saclDefaulted bool) (err error) = advapi32.SetSecurityDescriptorSacl
+//sys	setSecurityDescriptorOwner(sd *SECURITY_DESCRIPTOR, owner *SID, ownerDefaulted bool) (err error) = advapi32.SetSecurityDescriptorOwner
+//sys	setSecurityDescriptorGroup(sd *SECURITY_DESCRIPTOR, group *SID, groupDefaulted bool) (err error) = advapi32.SetSecurityDescriptorGroup
+//sys	setSecurityDescriptorRMControl(sd *SECURITY_DESCRIPTOR, rmControl *uint8) = advapi32.SetSecurityDescriptorRMControl
+
+//sys	convertStringSecurityDescriptorToSecurityDescriptor(str string, revision uint32, sd **SECURITY_DESCRIPTOR, size *uint32) (err error) = advapi32.ConvertStringSecurityDescriptorToSecurityDescriptorW
+//sys	convertSecurityDescriptorToStringSecurityDescriptor(sd *SECURITY_DESCRIPTOR, revision uint32, securityInformation SECURITY_INFORMATION, str **uint16, strLen *uint32) (err error) = advapi32.ConvertSecurityDescriptorToStringSecurityDescriptorW
+
+//sys	makeAbsoluteSD(selfRelativeSD *SECURITY_DESCRIPTOR, absoluteSD *SECURITY_DESCRIPTOR, absoluteSDSize *uint32, dacl *ACL, daclSize *uint32, sacl *ACL, saclSize *uint32, owner *SID, ownerSize *uint32, group *SID, groupSize *uint32) (err error) = advapi32.MakeAbsoluteSD
+//sys	makeSelfRelativeSD(absoluteSD *SECURITY_DESCRIPTOR, selfRelativeSD *SECURITY_DESCRIPTOR, selfRelativeSDSize *uint32) (err error) = advapi32.MakeSelfRelativeSD
+
+//sys	setEntriesInAcl(countExplicitEntries uint32, explicitEntries *EXPLICIT_ACCESS, oldACL *ACL, newACL **ACL) (ret error) = advapi32.SetEntriesInAclW
+//sys	GetAce(acl *ACL, aceIndex uint32, pAce **ACCESS_ALLOWED_ACE) (err error) = advapi32.GetAce
+
+// Control returns the security descriptor control bits.
+func (sd *SECURITY_DESCRIPTOR) Control() (control SECURITY_DESCRIPTOR_CONTROL, revision uint32, err error) {
+	err = getSecurityDescriptorControl(sd, &control, &revision)
+	return
+}
+
+// SetControl sets the security descriptor control bits.
+func (sd *SECURITY_DESCRIPTOR) SetControl(controlBitsOfInterest SECURITY_DESCRIPTOR_CONTROL, controlBitsToSet SECURITY_DESCRIPTOR_CONTROL) error {
+	return setSecurityDescriptorControl(sd, controlBitsOfInterest, controlBitsToSet)
+}
+
+// RMControl returns the security descriptor resource manager control bits.
+func (sd *SECURITY_DESCRIPTOR) RMControl() (control uint8, err error) {
+	err = getSecurityDescriptorRMControl(sd, &control)
+	return
+}
+
+// SetRMControl sets the security descriptor resource manager control bits.
+func (sd *SECURITY_DESCRIPTOR) SetRMControl(rmControl uint8) {
+	setSecurityDescriptorRMControl(sd, &rmControl)
+}
+
+// DACL returns the security descriptor DACL and whether it was defaulted. The dacl return value may be nil
+// if a DACL exists but is an "empty DACL", meaning fully permissive. If the DACL does not exist, err returns
+// ERROR_OBJECT_NOT_FOUND.
+func (sd *SECURITY_DESCRIPTOR) DACL() (dacl *ACL, defaulted bool, err error) {
+	var present bool
+	err = getSecurityDescriptorDacl(sd, &present, &dacl, &defaulted)
+	if !present {
+		err = ERROR_OBJECT_NOT_FOUND
+	}
+	return
+}
+
+// SetDACL sets the absolute security descriptor DACL.
+func (absoluteSD *SECURITY_DESCRIPTOR) SetDACL(dacl *ACL, present, defaulted bool) error {
+	return setSecurityDescriptorDacl(absoluteSD, present, dacl, defaulted)
+}
+
+// SACL returns the security descriptor SACL and whether it was defaulted. The sacl return value may be nil
+// if a SACL exists but is an "empty SACL", meaning fully permissive. If the SACL does not exist, err returns
+// ERROR_OBJECT_NOT_FOUND.
+func (sd *SECURITY_DESCRIPTOR) SACL() (sacl *ACL, defaulted bool, err error) {
+	var present bool
+	err = getSecurityDescriptorSacl(sd, &present, &sacl, &defaulted)
+	if !present {
+		err = ERROR_OBJECT_NOT_FOUND
+	}
+	return
+}
+
+// SetSACL sets the absolute security descriptor SACL.
+func (absoluteSD *SECURITY_DESCRIPTOR) SetSACL(sacl *ACL, present, defaulted bool) error {
+	return setSecurityDescriptorSacl(absoluteSD, present, sacl, defaulted)
+}
+
+// Owner returns the security descriptor owner and whether it was defaulted.
+func (sd *SECURITY_DESCRIPTOR) Owner() (owner *SID, defaulted bool, err error) {
+	err = getSecurityDescriptorOwner(sd, &owner, &defaulted)
+	return
+}
+
+// SetOwner sets the absolute security descriptor owner.
+func (absoluteSD *SECURITY_DESCRIPTOR) SetOwner(owner *SID, defaulted bool) error {
+	return setSecurityDescriptorOwner(absoluteSD, owner, defaulted)
+}
+
+// Group returns the security descriptor group and whether it was defaulted.
+func (sd *SECURITY_DESCRIPTOR) Group() (group *SID, defaulted bool, err error) {
+	err = getSecurityDescriptorGroup(sd, &group, &defaulted)
+	return
+}
+
+// SetGroup sets the absolute security descriptor owner.
+func (absoluteSD *SECURITY_DESCRIPTOR) SetGroup(group *SID, defaulted bool) error {
+	return setSecurityDescriptorGroup(absoluteSD, group, defaulted)
+}
+
+// Length returns the length of the security descriptor.
+func (sd *SECURITY_DESCRIPTOR) Length() uint32 {
+	return getSecurityDescriptorLength(sd)
+}
+
+// IsValid returns whether the security descriptor is valid.
+func (sd *SECURITY_DESCRIPTOR) IsValid() bool {
+	return isValidSecurityDescriptor(sd)
+}
+
+// String returns the SDDL form of the security descriptor, with a function signature that can be
+// used with %v formatting directives.
+func (sd *SECURITY_DESCRIPTOR) String() string {
+	var sddl *uint16
+	err := convertSecurityDescriptorToStringSecurityDescriptor(sd, 1, 0xff, &sddl, nil)
+	if err != nil {
+		return ""
+	}
+	defer LocalFree(Handle(unsafe.Pointer(sddl)))
+	return UTF16PtrToString(sddl)
+}
+
+// ToAbsolute converts a self-relative security descriptor into an absolute one.
+func (selfRelativeSD *SECURITY_DESCRIPTOR) ToAbsolute() (absoluteSD *SECURITY_DESCRIPTOR, err error) {
+	control, _, err := selfRelativeSD.Control()
+	if err != nil {
+		return
+	}
+	if control&SE_SELF_RELATIVE == 0 {
+		err = ERROR_INVALID_PARAMETER
+		return
+	}
+	var absoluteSDSize, daclSize, saclSize, ownerSize, groupSize uint32
+	err = makeAbsoluteSD(selfRelativeSD, nil, &absoluteSDSize,
+		nil, &daclSize, nil, &saclSize, nil, &ownerSize, nil, &groupSize)
+	switch err {
+	case ERROR_INSUFFICIENT_BUFFER:
+	case nil:
+		// makeAbsoluteSD is expected to fail, but it succeeds.
+		return nil, ERROR_INTERNAL_ERROR
+	default:
+		return nil, err
+	}
+	if absoluteSDSize > 0 {
+		absoluteSD = (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&make([]byte, absoluteSDSize)[0]))
+	}
+	var (
+		dacl  *ACL
+		sacl  *ACL
+		owner *SID
+		group *SID
+	)
+	if daclSize > 0 {
+		dacl = (*ACL)(unsafe.Pointer(&make([]byte, daclSize)[0]))
+	}
+	if saclSize > 0 {
+		sacl = (*ACL)(unsafe.Pointer(&make([]byte, saclSize)[0]))
+	}
+	if ownerSize > 0 {
+		owner = (*SID)(unsafe.Pointer(&make([]byte, ownerSize)[0]))
+	}
+	if groupSize > 0 {
+		group = (*SID)(unsafe.Pointer(&make([]byte, groupSize)[0]))
+	}
+	err = makeAbsoluteSD(selfRelativeSD, absoluteSD, &absoluteSDSize,
+		dacl, &daclSize, sacl, &saclSize, owner, &ownerSize, group, &groupSize)
+	return
+}
+
+// ToSelfRelative converts an absolute security descriptor into a self-relative one.
+func (absoluteSD *SECURITY_DESCRIPTOR) ToSelfRelative() (selfRelativeSD *SECURITY_DESCRIPTOR, err error) {
+	control, _, err := absoluteSD.Control()
+	if err != nil {
+		return
+	}
+	if control&SE_SELF_RELATIVE != 0 {
+		err = ERROR_INVALID_PARAMETER
+		return
+	}
+	var selfRelativeSDSize uint32
+	err = makeSelfRelativeSD(absoluteSD, nil, &selfRelativeSDSize)
+	switch err {
+	case ERROR_INSUFFICIENT_BUFFER:
+	case nil:
+		// makeSelfRelativeSD is expected to fail, but it succeeds.
+		return nil, ERROR_INTERNAL_ERROR
+	default:
+		return nil, err
+	}
+	if selfRelativeSDSize > 0 {
+		selfRelativeSD = (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&make([]byte, selfRelativeSDSize)[0]))
+	}
+	err = makeSelfRelativeSD(absoluteSD, selfRelativeSD, &selfRelativeSDSize)
+	return
+}
+
+func (selfRelativeSD *SECURITY_DESCRIPTOR) copySelfRelativeSecurityDescriptor() *SECURITY_DESCRIPTOR {
+	sdLen := int(selfRelativeSD.Length())
+	const min = int(unsafe.Sizeof(SECURITY_DESCRIPTOR{}))
+	if sdLen < min {
+		sdLen = min
+	}
+
+	src := unsafe.Slice((*byte)(unsafe.Pointer(selfRelativeSD)), sdLen)
+	// SECURITY_DESCRIPTOR has pointers in it, which means checkptr expects for it to
+	// be aligned properly. When we're copying a Windows-allocated struct to a
+	// Go-allocated one, make sure that the Go allocation is aligned to the
+	// pointer size.
+	const psize = int(unsafe.Sizeof(uintptr(0)))
+	alloc := make([]uintptr, (sdLen+psize-1)/psize)
+	dst := unsafe.Slice((*byte)(unsafe.Pointer(&alloc[0])), sdLen)
+	copy(dst, src)
+	return (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&dst[0]))
+}
+
+// SecurityDescriptorFromString converts an SDDL string describing a security descriptor into a
+// self-relative security descriptor object allocated on the Go heap.
+func SecurityDescriptorFromString(sddl string) (sd *SECURITY_DESCRIPTOR, err error) {
+	var winHeapSD *SECURITY_DESCRIPTOR
+	err = convertStringSecurityDescriptorToSecurityDescriptor(sddl, 1, &winHeapSD, nil)
+	if err != nil {
+		return
+	}
+	defer LocalFree(Handle(unsafe.Pointer(winHeapSD)))
+	return winHeapSD.copySelfRelativeSecurityDescriptor(), nil
+}
+
+// GetSecurityInfo queries the security information for a given handle and returns the self-relative security
+// descriptor result on the Go heap.
+func GetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION) (sd *SECURITY_DESCRIPTOR, err error) {
+	var winHeapSD *SECURITY_DESCRIPTOR
+	err = getSecurityInfo(handle, objectType, securityInformation, nil, nil, nil, nil, &winHeapSD)
+	if err != nil {
+		return
+	}
+	defer LocalFree(Handle(unsafe.Pointer(winHeapSD)))
+	return winHeapSD.copySelfRelativeSecurityDescriptor(), nil
+}
+
+// GetNamedSecurityInfo queries the security information for a given named object and returns the self-relative security
+// descriptor result on the Go heap.
+func GetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION) (sd *SECURITY_DESCRIPTOR, err error) {
+	var winHeapSD *SECURITY_DESCRIPTOR
+	err = getNamedSecurityInfo(objectName, objectType, securityInformation, nil, nil, nil, nil, &winHeapSD)
+	if err != nil {
+		return
+	}
+	defer LocalFree(Handle(unsafe.Pointer(winHeapSD)))
+	return winHeapSD.copySelfRelativeSecurityDescriptor(), nil
+}
+
+// BuildSecurityDescriptor makes a new security descriptor using the input trustees, explicit access lists, and
+// prior security descriptor to be merged, any of which can be nil, returning the self-relative security descriptor
+// result on the Go heap.
+func BuildSecurityDescriptor(owner *TRUSTEE, group *TRUSTEE, accessEntries []EXPLICIT_ACCESS, auditEntries []EXPLICIT_ACCESS, mergedSecurityDescriptor *SECURITY_DESCRIPTOR) (sd *SECURITY_DESCRIPTOR, err error) {
+	var winHeapSD *SECURITY_DESCRIPTOR
+	var winHeapSDSize uint32
+	var firstAccessEntry *EXPLICIT_ACCESS
+	if len(accessEntries) > 0 {
+		firstAccessEntry = &accessEntries[0]
+	}
+	var firstAuditEntry *EXPLICIT_ACCESS
+	if len(auditEntries) > 0 {
+		firstAuditEntry = &auditEntries[0]
+	}
+	err = buildSecurityDescriptor(owner, group, uint32(len(accessEntries)), firstAccessEntry, uint32(len(auditEntries)), firstAuditEntry, mergedSecurityDescriptor, &winHeapSDSize, &winHeapSD)
+	if err != nil {
+		return
+	}
+	defer LocalFree(Handle(unsafe.Pointer(winHeapSD)))
+	return winHeapSD.copySelfRelativeSecurityDescriptor(), nil
+}
+
+// NewSecurityDescriptor creates and initializes a new absolute security descriptor.
+func NewSecurityDescriptor() (absoluteSD *SECURITY_DESCRIPTOR, err error) {
+	absoluteSD = &SECURITY_DESCRIPTOR{}
+	err = initializeSecurityDescriptor(absoluteSD, 1)
+	return
+}
+
+// ACLFromEntries returns a new ACL on the Go heap containing a list of explicit entries as well as those of another ACL.
+// Both explicitEntries and mergedACL are optional and can be nil.
+func ACLFromEntries(explicitEntries []EXPLICIT_ACCESS, mergedACL *ACL) (acl *ACL, err error) {
+	var firstExplicitEntry *EXPLICIT_ACCESS
+	if len(explicitEntries) > 0 {
+		firstExplicitEntry = &explicitEntries[0]
+	}
+	var winHeapACL *ACL
+	err = setEntriesInAcl(uint32(len(explicitEntries)), firstExplicitEntry, mergedACL, &winHeapACL)
+	if err != nil {
+		return
+	}
+	defer LocalFree(Handle(unsafe.Pointer(winHeapACL)))
+	aclBytes := make([]byte, winHeapACL.aclSize)
+	copy(aclBytes, (*[(1 << 31) - 1]byte)(unsafe.Pointer(winHeapACL))[:len(aclBytes):len(aclBytes)])
+	return (*ACL)(unsafe.Pointer(&aclBytes[0])), nil
+}
diff --git a/server/vendor/golang.org/x/sys/windows/service.go b/server/vendor/golang.org/x/sys/windows/service.go
new file mode 100644
index 0000000..a9dc630
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/service.go
@@ -0,0 +1,257 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build windows
+
+package windows
+
+const (
+	SC_MANAGER_CONNECT            = 1
+	SC_MANAGER_CREATE_SERVICE     = 2
+	SC_MANAGER_ENUMERATE_SERVICE  = 4
+	SC_MANAGER_LOCK               = 8
+	SC_MANAGER_QUERY_LOCK_STATUS  = 16
+	SC_MANAGER_MODIFY_BOOT_CONFIG = 32
+	SC_MANAGER_ALL_ACCESS         = 0xf003f
+)
+
+const (
+	SERVICE_KERNEL_DRIVER       = 1
+	SERVICE_FILE_SYSTEM_DRIVER  = 2
+	SERVICE_ADAPTER             = 4
+	SERVICE_RECOGNIZER_DRIVER   = 8
+	SERVICE_WIN32_OWN_PROCESS   = 16
+	SERVICE_WIN32_SHARE_PROCESS = 32
+	SERVICE_WIN32               = SERVICE_WIN32_OWN_PROCESS | SERVICE_WIN32_SHARE_PROCESS
+	SERVICE_INTERACTIVE_PROCESS = 256
+	SERVICE_DRIVER              = SERVICE_KERNEL_DRIVER | SERVICE_FILE_SYSTEM_DRIVER | SERVICE_RECOGNIZER_DRIVER
+	SERVICE_TYPE_ALL            = SERVICE_WIN32 | SERVICE_ADAPTER | SERVICE_DRIVER | SERVICE_INTERACTIVE_PROCESS
+
+	SERVICE_BOOT_START   = 0
+	SERVICE_SYSTEM_START = 1
+	SERVICE_AUTO_START   = 2
+	SERVICE_DEMAND_START = 3
+	SERVICE_DISABLED     = 4
+
+	SERVICE_ERROR_IGNORE   = 0
+	SERVICE_ERROR_NORMAL   = 1
+	SERVICE_ERROR_SEVERE   = 2
+	SERVICE_ERROR_CRITICAL = 3
+
+	SC_STATUS_PROCESS_INFO = 0
+
+	SC_ACTION_NONE        = 0
+	SC_ACTION_RESTART     = 1
+	SC_ACTION_REBOOT      = 2
+	SC_ACTION_RUN_COMMAND = 3
+
+	SERVICE_STOPPED          = 1
+	SERVICE_START_PENDING    = 2
+	SERVICE_STOP_PENDING     = 3
+	SERVICE_RUNNING          = 4
+	SERVICE_CONTINUE_PENDING = 5
+	SERVICE_PAUSE_PENDING    = 6
+	SERVICE_PAUSED           = 7
+	SERVICE_NO_CHANGE        = 0xffffffff
+
+	SERVICE_ACCEPT_STOP                  = 1
+	SERVICE_ACCEPT_PAUSE_CONTINUE        = 2
+	SERVICE_ACCEPT_SHUTDOWN              = 4
+	SERVICE_ACCEPT_PARAMCHANGE           = 8
+	SERVICE_ACCEPT_NETBINDCHANGE         = 16
+	SERVICE_ACCEPT_HARDWAREPROFILECHANGE = 32
+	SERVICE_ACCEPT_POWEREVENT            = 64
+	SERVICE_ACCEPT_SESSIONCHANGE         = 128
+	SERVICE_ACCEPT_PRESHUTDOWN           = 256
+
+	SERVICE_CONTROL_STOP                  = 1
+	SERVICE_CONTROL_PAUSE                 = 2
+	SERVICE_CONTROL_CONTINUE              = 3
+	SERVICE_CONTROL_INTERROGATE           = 4
+	SERVICE_CONTROL_SHUTDOWN              = 5
+	SERVICE_CONTROL_PARAMCHANGE           = 6
+	SERVICE_CONTROL_NETBINDADD            = 7
+	SERVICE_CONTROL_NETBINDREMOVE         = 8
+	SERVICE_CONTROL_NETBINDENABLE         = 9
+	SERVICE_CONTROL_NETBINDDISABLE        = 10
+	SERVICE_CONTROL_DEVICEEVENT           = 11
+	SERVICE_CONTROL_HARDWAREPROFILECHANGE = 12
+	SERVICE_CONTROL_POWEREVENT            = 13
+	SERVICE_CONTROL_SESSIONCHANGE         = 14
+	SERVICE_CONTROL_PRESHUTDOWN           = 15
+
+	SERVICE_ACTIVE    = 1
+	SERVICE_INACTIVE  = 2
+	SERVICE_STATE_ALL = 3
+
+	SERVICE_QUERY_CONFIG         = 1
+	SERVICE_CHANGE_CONFIG        = 2
+	SERVICE_QUERY_STATUS         = 4
+	SERVICE_ENUMERATE_DEPENDENTS = 8
+	SERVICE_START                = 16
+	SERVICE_STOP                 = 32
+	SERVICE_PAUSE_CONTINUE       = 64
+	SERVICE_INTERROGATE          = 128
+	SERVICE_USER_DEFINED_CONTROL = 256
+	SERVICE_ALL_ACCESS           = STANDARD_RIGHTS_REQUIRED | SERVICE_QUERY_CONFIG | SERVICE_CHANGE_CONFIG | SERVICE_QUERY_STATUS | SERVICE_ENUMERATE_DEPENDENTS | SERVICE_START | SERVICE_STOP | SERVICE_PAUSE_CONTINUE | SERVICE_INTERROGATE | SERVICE_USER_DEFINED_CONTROL
+
+	SERVICE_RUNS_IN_SYSTEM_PROCESS = 1
+
+	SERVICE_CONFIG_DESCRIPTION              = 1
+	SERVICE_CONFIG_FAILURE_ACTIONS          = 2
+	SERVICE_CONFIG_DELAYED_AUTO_START_INFO  = 3
+	SERVICE_CONFIG_FAILURE_ACTIONS_FLAG     = 4
+	SERVICE_CONFIG_SERVICE_SID_INFO         = 5
+	SERVICE_CONFIG_REQUIRED_PRIVILEGES_INFO = 6
+	SERVICE_CONFIG_PRESHUTDOWN_INFO         = 7
+	SERVICE_CONFIG_TRIGGER_INFO             = 8
+	SERVICE_CONFIG_PREFERRED_NODE           = 9
+	SERVICE_CONFIG_LAUNCH_PROTECTED         = 12
+
+	SERVICE_SID_TYPE_NONE         = 0
+	SERVICE_SID_TYPE_UNRESTRICTED = 1
+	SERVICE_SID_TYPE_RESTRICTED   = 2 | SERVICE_SID_TYPE_UNRESTRICTED
+
+	SC_ENUM_PROCESS_INFO = 0
+
+	SERVICE_NOTIFY_STATUS_CHANGE    = 2
+	SERVICE_NOTIFY_STOPPED          = 0x00000001
+	SERVICE_NOTIFY_START_PENDING    = 0x00000002
+	SERVICE_NOTIFY_STOP_PENDING     = 0x00000004
+	SERVICE_NOTIFY_RUNNING          = 0x00000008
+	SERVICE_NOTIFY_CONTINUE_PENDING = 0x00000010
+	SERVICE_NOTIFY_PAUSE_PENDING    = 0x00000020
+	SERVICE_NOTIFY_PAUSED           = 0x00000040
+	SERVICE_NOTIFY_CREATED          = 0x00000080
+	SERVICE_NOTIFY_DELETED          = 0x00000100
+	SERVICE_NOTIFY_DELETE_PENDING   = 0x00000200
+
+	SC_EVENT_DATABASE_CHANGE = 0
+	SC_EVENT_PROPERTY_CHANGE = 1
+	SC_EVENT_STATUS_CHANGE   = 2
+
+	SERVICE_START_REASON_DEMAND             = 0x00000001
+	SERVICE_START_REASON_AUTO               = 0x00000002
+	SERVICE_START_REASON_TRIGGER            = 0x00000004
+	SERVICE_START_REASON_RESTART_ON_FAILURE = 0x00000008
+	SERVICE_START_REASON_DELAYEDAUTO        = 0x00000010
+
+	SERVICE_DYNAMIC_INFORMATION_LEVEL_START_REASON = 1
+)
+
+type ENUM_SERVICE_STATUS struct {
+	ServiceName   *uint16
+	DisplayName   *uint16
+	ServiceStatus SERVICE_STATUS
+}
+
+type SERVICE_STATUS struct {
+	ServiceType             uint32
+	CurrentState            uint32
+	ControlsAccepted        uint32
+	Win32ExitCode           uint32
+	ServiceSpecificExitCode uint32
+	CheckPoint              uint32
+	WaitHint                uint32
+}
+
+type SERVICE_TABLE_ENTRY struct {
+	ServiceName *uint16
+	ServiceProc uintptr
+}
+
+type QUERY_SERVICE_CONFIG struct {
+	ServiceType      uint32
+	StartType        uint32
+	ErrorControl     uint32
+	BinaryPathName   *uint16
+	LoadOrderGroup   *uint16
+	TagId            uint32
+	Dependencies     *uint16
+	ServiceStartName *uint16
+	DisplayName      *uint16
+}
+
+type SERVICE_DESCRIPTION struct {
+	Description *uint16
+}
+
+type SERVICE_DELAYED_AUTO_START_INFO struct {
+	IsDelayedAutoStartUp uint32
+}
+
+type SERVICE_STATUS_PROCESS struct {
+	ServiceType             uint32
+	CurrentState            uint32
+	ControlsAccepted        uint32
+	Win32ExitCode           uint32
+	ServiceSpecificExitCode uint32
+	CheckPoint              uint32
+	WaitHint                uint32
+	ProcessId               uint32
+	ServiceFlags            uint32
+}
+
+type ENUM_SERVICE_STATUS_PROCESS struct {
+	ServiceName          *uint16
+	DisplayName          *uint16
+	ServiceStatusProcess SERVICE_STATUS_PROCESS
+}
+
+type SERVICE_NOTIFY struct {
+	Version               uint32
+	NotifyCallback        uintptr
+	Context               uintptr
+	NotificationStatus    uint32
+	ServiceStatus         SERVICE_STATUS_PROCESS
+	NotificationTriggered uint32
+	ServiceNames          *uint16
+}
+
+type SERVICE_FAILURE_ACTIONS struct {
+	ResetPeriod  uint32
+	RebootMsg    *uint16
+	Command      *uint16
+	ActionsCount uint32
+	Actions      *SC_ACTION
+}
+
+type SERVICE_FAILURE_ACTIONS_FLAG struct {
+	FailureActionsOnNonCrashFailures int32
+}
+
+type SC_ACTION struct {
+	Type  uint32
+	Delay uint32
+}
+
+type QUERY_SERVICE_LOCK_STATUS struct {
+	IsLocked     uint32
+	LockOwner    *uint16
+	LockDuration uint32
+}
+
+//sys	OpenSCManager(machineName *uint16, databaseName *uint16, access uint32) (handle Handle, err error) [failretval==0] = advapi32.OpenSCManagerW
+//sys	CloseServiceHandle(handle Handle) (err error) = advapi32.CloseServiceHandle
+//sys	CreateService(mgr Handle, serviceName *uint16, displayName *uint16, access uint32, srvType uint32, startType uint32, errCtl uint32, pathName *uint16, loadOrderGroup *uint16, tagId *uint32, dependencies *uint16, serviceStartName *uint16, password *uint16) (handle Handle, err error) [failretval==0] = advapi32.CreateServiceW
+//sys	OpenService(mgr Handle, serviceName *uint16, access uint32) (handle Handle, err error) [failretval==0] = advapi32.OpenServiceW
+//sys	DeleteService(service Handle) (err error) = advapi32.DeleteService
+//sys	StartService(service Handle, numArgs uint32, argVectors **uint16) (err error) = advapi32.StartServiceW
+//sys	QueryServiceStatus(service Handle, status *SERVICE_STATUS) (err error) = advapi32.QueryServiceStatus
+//sys	QueryServiceLockStatus(mgr Handle, lockStatus *QUERY_SERVICE_LOCK_STATUS, bufSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceLockStatusW
+//sys	ControlService(service Handle, control uint32, status *SERVICE_STATUS) (err error) = advapi32.ControlService
+//sys	StartServiceCtrlDispatcher(serviceTable *SERVICE_TABLE_ENTRY) (err error) = advapi32.StartServiceCtrlDispatcherW
+//sys	SetServiceStatus(service Handle, serviceStatus *SERVICE_STATUS) (err error) = advapi32.SetServiceStatus
+//sys	ChangeServiceConfig(service Handle, serviceType uint32, startType uint32, errorControl uint32, binaryPathName *uint16, loadOrderGroup *uint16, tagId *uint32, dependencies *uint16, serviceStartName *uint16, password *uint16, displayName *uint16) (err error) = advapi32.ChangeServiceConfigW
+//sys	QueryServiceConfig(service Handle, serviceConfig *QUERY_SERVICE_CONFIG, bufSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceConfigW
+//sys	ChangeServiceConfig2(service Handle, infoLevel uint32, info *byte) (err error) = advapi32.ChangeServiceConfig2W
+//sys	QueryServiceConfig2(service Handle, infoLevel uint32, buff *byte, buffSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceConfig2W
+//sys	EnumServicesStatusEx(mgr Handle, infoLevel uint32, serviceType uint32, serviceState uint32, services *byte, bufSize uint32, bytesNeeded *uint32, servicesReturned *uint32, resumeHandle *uint32, groupName *uint16) (err error) = advapi32.EnumServicesStatusExW
+//sys	QueryServiceStatusEx(service Handle, infoLevel uint32, buff *byte, buffSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceStatusEx
+//sys	NotifyServiceStatusChange(service Handle, notifyMask uint32, notifier *SERVICE_NOTIFY) (ret error) = advapi32.NotifyServiceStatusChangeW
+//sys	SubscribeServiceChangeNotifications(service Handle, eventType uint32, callback uintptr, callbackCtx uintptr, subscription *uintptr) (ret error) = sechost.SubscribeServiceChangeNotifications?
+//sys	UnsubscribeServiceChangeNotifications(subscription uintptr) = sechost.UnsubscribeServiceChangeNotifications?
+//sys	RegisterServiceCtrlHandlerEx(serviceName *uint16, handlerProc uintptr, context uintptr) (handle Handle, err error) = advapi32.RegisterServiceCtrlHandlerExW
+//sys	QueryServiceDynamicInformation(service Handle, infoLevel uint32, dynamicInfo unsafe.Pointer) (err error) = advapi32.QueryServiceDynamicInformation?
+//sys	EnumDependentServices(service Handle, activityState uint32, services *ENUM_SERVICE_STATUS, buffSize uint32, bytesNeeded *uint32, servicesReturned *uint32) (err error) = advapi32.EnumDependentServicesW
diff --git a/server/vendor/golang.org/x/sys/windows/setupapi_windows.go b/server/vendor/golang.org/x/sys/windows/setupapi_windows.go
new file mode 100644
index 0000000..f812648
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/setupapi_windows.go
@@ -0,0 +1,1425 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"runtime"
+	"strings"
+	"syscall"
+	"unsafe"
+)
+
+// This file contains functions that wrap SetupAPI.dll and CfgMgr32.dll,
+// core system functions for managing hardware devices, drivers, and the PnP tree.
+// Information about these APIs can be found at:
+//     https://docs.microsoft.com/en-us/windows-hardware/drivers/install/setupapi
+//     https://docs.microsoft.com/en-us/windows/win32/devinst/cfgmgr32-
+
+const (
+	ERROR_EXPECTED_SECTION_NAME                  Errno = 0x20000000 | 0xC0000000 | 0
+	ERROR_BAD_SECTION_NAME_LINE                  Errno = 0x20000000 | 0xC0000000 | 1
+	ERROR_SECTION_NAME_TOO_LONG                  Errno = 0x20000000 | 0xC0000000 | 2
+	ERROR_GENERAL_SYNTAX                         Errno = 0x20000000 | 0xC0000000 | 3
+	ERROR_WRONG_INF_STYLE                        Errno = 0x20000000 | 0xC0000000 | 0x100
+	ERROR_SECTION_NOT_FOUND                      Errno = 0x20000000 | 0xC0000000 | 0x101
+	ERROR_LINE_NOT_FOUND                         Errno = 0x20000000 | 0xC0000000 | 0x102
+	ERROR_NO_BACKUP                              Errno = 0x20000000 | 0xC0000000 | 0x103
+	ERROR_NO_ASSOCIATED_CLASS                    Errno = 0x20000000 | 0xC0000000 | 0x200
+	ERROR_CLASS_MISMATCH                         Errno = 0x20000000 | 0xC0000000 | 0x201
+	ERROR_DUPLICATE_FOUND                        Errno = 0x20000000 | 0xC0000000 | 0x202
+	ERROR_NO_DRIVER_SELECTED                     Errno = 0x20000000 | 0xC0000000 | 0x203
+	ERROR_KEY_DOES_NOT_EXIST                     Errno = 0x20000000 | 0xC0000000 | 0x204
+	ERROR_INVALID_DEVINST_NAME                   Errno = 0x20000000 | 0xC0000000 | 0x205
+	ERROR_INVALID_CLASS                          Errno = 0x20000000 | 0xC0000000 | 0x206
+	ERROR_DEVINST_ALREADY_EXISTS                 Errno = 0x20000000 | 0xC0000000 | 0x207
+	ERROR_DEVINFO_NOT_REGISTERED                 Errno = 0x20000000 | 0xC0000000 | 0x208
+	ERROR_INVALID_REG_PROPERTY                   Errno = 0x20000000 | 0xC0000000 | 0x209
+	ERROR_NO_INF                                 Errno = 0x20000000 | 0xC0000000 | 0x20A
+	ERROR_NO_SUCH_DEVINST                        Errno = 0x20000000 | 0xC0000000 | 0x20B
+	ERROR_CANT_LOAD_CLASS_ICON                   Errno = 0x20000000 | 0xC0000000 | 0x20C
+	ERROR_INVALID_CLASS_INSTALLER                Errno = 0x20000000 | 0xC0000000 | 0x20D
+	ERROR_DI_DO_DEFAULT                          Errno = 0x20000000 | 0xC0000000 | 0x20E
+	ERROR_DI_NOFILECOPY                          Errno = 0x20000000 | 0xC0000000 | 0x20F
+	ERROR_INVALID_HWPROFILE                      Errno = 0x20000000 | 0xC0000000 | 0x210
+	ERROR_NO_DEVICE_SELECTED                     Errno = 0x20000000 | 0xC0000000 | 0x211
+	ERROR_DEVINFO_LIST_LOCKED                    Errno = 0x20000000 | 0xC0000000 | 0x212
+	ERROR_DEVINFO_DATA_LOCKED                    Errno = 0x20000000 | 0xC0000000 | 0x213
+	ERROR_DI_BAD_PATH                            Errno = 0x20000000 | 0xC0000000 | 0x214
+	ERROR_NO_CLASSINSTALL_PARAMS                 Errno = 0x20000000 | 0xC0000000 | 0x215
+	ERROR_FILEQUEUE_LOCKED                       Errno = 0x20000000 | 0xC0000000 | 0x216
+	ERROR_BAD_SERVICE_INSTALLSECT                Errno = 0x20000000 | 0xC0000000 | 0x217
+	ERROR_NO_CLASS_DRIVER_LIST                   Errno = 0x20000000 | 0xC0000000 | 0x218
+	ERROR_NO_ASSOCIATED_SERVICE                  Errno = 0x20000000 | 0xC0000000 | 0x219
+	ERROR_NO_DEFAULT_DEVICE_INTERFACE            Errno = 0x20000000 | 0xC0000000 | 0x21A
+	ERROR_DEVICE_INTERFACE_ACTIVE                Errno = 0x20000000 | 0xC0000000 | 0x21B
+	ERROR_DEVICE_INTERFACE_REMOVED               Errno = 0x20000000 | 0xC0000000 | 0x21C
+	ERROR_BAD_INTERFACE_INSTALLSECT              Errno = 0x20000000 | 0xC0000000 | 0x21D
+	ERROR_NO_SUCH_INTERFACE_CLASS                Errno = 0x20000000 | 0xC0000000 | 0x21E
+	ERROR_INVALID_REFERENCE_STRING               Errno = 0x20000000 | 0xC0000000 | 0x21F
+	ERROR_INVALID_MACHINENAME                    Errno = 0x20000000 | 0xC0000000 | 0x220
+	ERROR_REMOTE_COMM_FAILURE                    Errno = 0x20000000 | 0xC0000000 | 0x221
+	ERROR_MACHINE_UNAVAILABLE                    Errno = 0x20000000 | 0xC0000000 | 0x222
+	ERROR_NO_CONFIGMGR_SERVICES                  Errno = 0x20000000 | 0xC0000000 | 0x223
+	ERROR_INVALID_PROPPAGE_PROVIDER              Errno = 0x20000000 | 0xC0000000 | 0x224
+	ERROR_NO_SUCH_DEVICE_INTERFACE               Errno = 0x20000000 | 0xC0000000 | 0x225
+	ERROR_DI_POSTPROCESSING_REQUIRED             Errno = 0x20000000 | 0xC0000000 | 0x226
+	ERROR_INVALID_COINSTALLER                    Errno = 0x20000000 | 0xC0000000 | 0x227
+	ERROR_NO_COMPAT_DRIVERS                      Errno = 0x20000000 | 0xC0000000 | 0x228
+	ERROR_NO_DEVICE_ICON                         Errno = 0x20000000 | 0xC0000000 | 0x229
+	ERROR_INVALID_INF_LOGCONFIG                  Errno = 0x20000000 | 0xC0000000 | 0x22A
+	ERROR_DI_DONT_INSTALL                        Errno = 0x20000000 | 0xC0000000 | 0x22B
+	ERROR_INVALID_FILTER_DRIVER                  Errno = 0x20000000 | 0xC0000000 | 0x22C
+	ERROR_NON_WINDOWS_NT_DRIVER                  Errno = 0x20000000 | 0xC0000000 | 0x22D
+	ERROR_NON_WINDOWS_DRIVER                     Errno = 0x20000000 | 0xC0000000 | 0x22E
+	ERROR_NO_CATALOG_FOR_OEM_INF                 Errno = 0x20000000 | 0xC0000000 | 0x22F
+	ERROR_DEVINSTALL_QUEUE_NONNATIVE             Errno = 0x20000000 | 0xC0000000 | 0x230
+	ERROR_NOT_DISABLEABLE                        Errno = 0x20000000 | 0xC0000000 | 0x231
+	ERROR_CANT_REMOVE_DEVINST                    Errno = 0x20000000 | 0xC0000000 | 0x232
+	ERROR_INVALID_TARGET                         Errno = 0x20000000 | 0xC0000000 | 0x233
+	ERROR_DRIVER_NONNATIVE                       Errno = 0x20000000 | 0xC0000000 | 0x234
+	ERROR_IN_WOW64                               Errno = 0x20000000 | 0xC0000000 | 0x235
+	ERROR_SET_SYSTEM_RESTORE_POINT               Errno = 0x20000000 | 0xC0000000 | 0x236
+	ERROR_SCE_DISABLED                           Errno = 0x20000000 | 0xC0000000 | 0x238
+	ERROR_UNKNOWN_EXCEPTION                      Errno = 0x20000000 | 0xC0000000 | 0x239
+	ERROR_PNP_REGISTRY_ERROR                     Errno = 0x20000000 | 0xC0000000 | 0x23A
+	ERROR_REMOTE_REQUEST_UNSUPPORTED             Errno = 0x20000000 | 0xC0000000 | 0x23B
+	ERROR_NOT_AN_INSTALLED_OEM_INF               Errno = 0x20000000 | 0xC0000000 | 0x23C
+	ERROR_INF_IN_USE_BY_DEVICES                  Errno = 0x20000000 | 0xC0000000 | 0x23D
+	ERROR_DI_FUNCTION_OBSOLETE                   Errno = 0x20000000 | 0xC0000000 | 0x23E
+	ERROR_NO_AUTHENTICODE_CATALOG                Errno = 0x20000000 | 0xC0000000 | 0x23F
+	ERROR_AUTHENTICODE_DISALLOWED                Errno = 0x20000000 | 0xC0000000 | 0x240
+	ERROR_AUTHENTICODE_TRUSTED_PUBLISHER         Errno = 0x20000000 | 0xC0000000 | 0x241
+	ERROR_AUTHENTICODE_TRUST_NOT_ESTABLISHED     Errno = 0x20000000 | 0xC0000000 | 0x242
+	ERROR_AUTHENTICODE_PUBLISHER_NOT_TRUSTED     Errno = 0x20000000 | 0xC0000000 | 0x243
+	ERROR_SIGNATURE_OSATTRIBUTE_MISMATCH         Errno = 0x20000000 | 0xC0000000 | 0x244
+	ERROR_ONLY_VALIDATE_VIA_AUTHENTICODE         Errno = 0x20000000 | 0xC0000000 | 0x245
+	ERROR_DEVICE_INSTALLER_NOT_READY             Errno = 0x20000000 | 0xC0000000 | 0x246
+	ERROR_DRIVER_STORE_ADD_FAILED                Errno = 0x20000000 | 0xC0000000 | 0x247
+	ERROR_DEVICE_INSTALL_BLOCKED                 Errno = 0x20000000 | 0xC0000000 | 0x248
+	ERROR_DRIVER_INSTALL_BLOCKED                 Errno = 0x20000000 | 0xC0000000 | 0x249
+	ERROR_WRONG_INF_TYPE                         Errno = 0x20000000 | 0xC0000000 | 0x24A
+	ERROR_FILE_HASH_NOT_IN_CATALOG               Errno = 0x20000000 | 0xC0000000 | 0x24B
+	ERROR_DRIVER_STORE_DELETE_FAILED             Errno = 0x20000000 | 0xC0000000 | 0x24C
+	ERROR_UNRECOVERABLE_STACK_OVERFLOW           Errno = 0x20000000 | 0xC0000000 | 0x300
+	EXCEPTION_SPAPI_UNRECOVERABLE_STACK_OVERFLOW Errno = ERROR_UNRECOVERABLE_STACK_OVERFLOW
+	ERROR_NO_DEFAULT_INTERFACE_DEVICE            Errno = ERROR_NO_DEFAULT_DEVICE_INTERFACE
+	ERROR_INTERFACE_DEVICE_ACTIVE                Errno = ERROR_DEVICE_INTERFACE_ACTIVE
+	ERROR_INTERFACE_DEVICE_REMOVED               Errno = ERROR_DEVICE_INTERFACE_REMOVED
+	ERROR_NO_SUCH_INTERFACE_DEVICE               Errno = ERROR_NO_SUCH_DEVICE_INTERFACE
+)
+
+const (
+	MAX_DEVICE_ID_LEN   = 200
+	MAX_DEVNODE_ID_LEN  = MAX_DEVICE_ID_LEN
+	MAX_GUID_STRING_LEN = 39 // 38 chars + terminator null
+	MAX_CLASS_NAME_LEN  = 32
+	MAX_PROFILE_LEN     = 80
+	MAX_CONFIG_VALUE    = 9999
+	MAX_INSTANCE_VALUE  = 9999
+	CONFIGMG_VERSION    = 0x0400
+)
+
+// Maximum string length constants
+const (
+	LINE_LEN                    = 256  // Windows 9x-compatible maximum for displayable strings coming from a device INF.
+	MAX_INF_STRING_LENGTH       = 4096 // Actual maximum size of an INF string (including string substitutions).
+	MAX_INF_SECTION_NAME_LENGTH = 255  // For Windows 9x compatibility, INF section names should be constrained to 32 characters.
+	MAX_TITLE_LEN               = 60
+	MAX_INSTRUCTION_LEN         = 256
+	MAX_LABEL_LEN               = 30
+	MAX_SERVICE_NAME_LEN        = 256
+	MAX_SUBTITLE_LEN            = 256
+)
+
+const (
+	// SP_MAX_MACHINENAME_LENGTH defines maximum length of a machine name in the format expected by ConfigMgr32 CM_Connect_Machine (i.e., "\\\\MachineName\0").
+	SP_MAX_MACHINENAME_LENGTH = MAX_PATH + 3
+)
+
+// HSPFILEQ is type for setup file queue
+type HSPFILEQ uintptr
+
+// DevInfo holds reference to device information set
+type DevInfo Handle
+
+// DEVINST is a handle usually recognized by cfgmgr32 APIs
+type DEVINST uint32
+
+// DevInfoData is a device information structure (references a device instance that is a member of a device information set)
+type DevInfoData struct {
+	size      uint32
+	ClassGUID GUID
+	DevInst   DEVINST
+	_         uintptr
+}
+
+// DevInfoListDetailData is a structure for detailed information on a device information set (used for SetupDiGetDeviceInfoListDetail which supersedes the functionality of SetupDiGetDeviceInfoListClass).
+type DevInfoListDetailData struct {
+	size                uint32 // Use unsafeSizeOf method
+	ClassGUID           GUID
+	RemoteMachineHandle Handle
+	remoteMachineName   [SP_MAX_MACHINENAME_LENGTH]uint16
+}
+
+func (*DevInfoListDetailData) unsafeSizeOf() uint32 {
+	if unsafe.Sizeof(uintptr(0)) == 4 {
+		// Windows declares this with pshpack1.h
+		return uint32(unsafe.Offsetof(DevInfoListDetailData{}.remoteMachineName) + unsafe.Sizeof(DevInfoListDetailData{}.remoteMachineName))
+	}
+	return uint32(unsafe.Sizeof(DevInfoListDetailData{}))
+}
+
+func (data *DevInfoListDetailData) RemoteMachineName() string {
+	return UTF16ToString(data.remoteMachineName[:])
+}
+
+func (data *DevInfoListDetailData) SetRemoteMachineName(remoteMachineName string) error {
+	str, err := UTF16FromString(remoteMachineName)
+	if err != nil {
+		return err
+	}
+	copy(data.remoteMachineName[:], str)
+	return nil
+}
+
+// DI_FUNCTION is function type for device installer
+type DI_FUNCTION uint32
+
+const (
+	DIF_SELECTDEVICE                   DI_FUNCTION = 0x00000001
+	DIF_INSTALLDEVICE                  DI_FUNCTION = 0x00000002
+	DIF_ASSIGNRESOURCES                DI_FUNCTION = 0x00000003
+	DIF_PROPERTIES                     DI_FUNCTION = 0x00000004
+	DIF_REMOVE                         DI_FUNCTION = 0x00000005
+	DIF_FIRSTTIMESETUP                 DI_FUNCTION = 0x00000006
+	DIF_FOUNDDEVICE                    DI_FUNCTION = 0x00000007
+	DIF_SELECTCLASSDRIVERS             DI_FUNCTION = 0x00000008
+	DIF_VALIDATECLASSDRIVERS           DI_FUNCTION = 0x00000009
+	DIF_INSTALLCLASSDRIVERS            DI_FUNCTION = 0x0000000A
+	DIF_CALCDISKSPACE                  DI_FUNCTION = 0x0000000B
+	DIF_DESTROYPRIVATEDATA             DI_FUNCTION = 0x0000000C
+	DIF_VALIDATEDRIVER                 DI_FUNCTION = 0x0000000D
+	DIF_DETECT                         DI_FUNCTION = 0x0000000F
+	DIF_INSTALLWIZARD                  DI_FUNCTION = 0x00000010
+	DIF_DESTROYWIZARDDATA              DI_FUNCTION = 0x00000011
+	DIF_PROPERTYCHANGE                 DI_FUNCTION = 0x00000012
+	DIF_ENABLECLASS                    DI_FUNCTION = 0x00000013
+	DIF_DETECTVERIFY                   DI_FUNCTION = 0x00000014
+	DIF_INSTALLDEVICEFILES             DI_FUNCTION = 0x00000015
+	DIF_UNREMOVE                       DI_FUNCTION = 0x00000016
+	DIF_SELECTBESTCOMPATDRV            DI_FUNCTION = 0x00000017
+	DIF_ALLOW_INSTALL                  DI_FUNCTION = 0x00000018
+	DIF_REGISTERDEVICE                 DI_FUNCTION = 0x00000019
+	DIF_NEWDEVICEWIZARD_PRESELECT      DI_FUNCTION = 0x0000001A
+	DIF_NEWDEVICEWIZARD_SELECT         DI_FUNCTION = 0x0000001B
+	DIF_NEWDEVICEWIZARD_PREANALYZE     DI_FUNCTION = 0x0000001C
+	DIF_NEWDEVICEWIZARD_POSTANALYZE    DI_FUNCTION = 0x0000001D
+	DIF_NEWDEVICEWIZARD_FINISHINSTALL  DI_FUNCTION = 0x0000001E
+	DIF_INSTALLINTERFACES              DI_FUNCTION = 0x00000020
+	DIF_DETECTCANCEL                   DI_FUNCTION = 0x00000021
+	DIF_REGISTER_COINSTALLERS          DI_FUNCTION = 0x00000022
+	DIF_ADDPROPERTYPAGE_ADVANCED       DI_FUNCTION = 0x00000023
+	DIF_ADDPROPERTYPAGE_BASIC          DI_FUNCTION = 0x00000024
+	DIF_TROUBLESHOOTER                 DI_FUNCTION = 0x00000026
+	DIF_POWERMESSAGEWAKE               DI_FUNCTION = 0x00000027
+	DIF_ADDREMOTEPROPERTYPAGE_ADVANCED DI_FUNCTION = 0x00000028
+	DIF_UPDATEDRIVER_UI                DI_FUNCTION = 0x00000029
+	DIF_FINISHINSTALL_ACTION           DI_FUNCTION = 0x0000002A
+)
+
+// DevInstallParams is device installation parameters structure (associated with a particular device information element, or globally with a device information set)
+type DevInstallParams struct {
+	size                     uint32
+	Flags                    DI_FLAGS
+	FlagsEx                  DI_FLAGSEX
+	hwndParent               uintptr
+	InstallMsgHandler        uintptr
+	InstallMsgHandlerContext uintptr
+	FileQueue                HSPFILEQ
+	_                        uintptr
+	_                        uint32
+	driverPath               [MAX_PATH]uint16
+}
+
+func (params *DevInstallParams) DriverPath() string {
+	return UTF16ToString(params.driverPath[:])
+}
+
+func (params *DevInstallParams) SetDriverPath(driverPath string) error {
+	str, err := UTF16FromString(driverPath)
+	if err != nil {
+		return err
+	}
+	copy(params.driverPath[:], str)
+	return nil
+}
+
+// DI_FLAGS is SP_DEVINSTALL_PARAMS.Flags values
+type DI_FLAGS uint32
+
+const (
+	// Flags for choosing a device
+	DI_SHOWOEM       DI_FLAGS = 0x00000001 // support Other... button
+	DI_SHOWCOMPAT    DI_FLAGS = 0x00000002 // show compatibility list
+	DI_SHOWCLASS     DI_FLAGS = 0x00000004 // show class list
+	DI_SHOWALL       DI_FLAGS = 0x00000007 // both class & compat list shown
+	DI_NOVCP         DI_FLAGS = 0x00000008 // don't create a new copy queue--use caller-supplied FileQueue
+	DI_DIDCOMPAT     DI_FLAGS = 0x00000010 // Searched for compatible devices
+	DI_DIDCLASS      DI_FLAGS = 0x00000020 // Searched for class devices
+	DI_AUTOASSIGNRES DI_FLAGS = 0x00000040 // No UI for resources if possible
+
+	// Flags returned by DiInstallDevice to indicate need to reboot/restart
+	DI_NEEDRESTART DI_FLAGS = 0x00000080 // Reboot required to take effect
+	DI_NEEDREBOOT  DI_FLAGS = 0x00000100 // ""
+
+	// Flags for device installation
+	DI_NOBROWSE DI_FLAGS = 0x00000200 // no Browse... in InsertDisk
+
+	// Flags set by DiBuildDriverInfoList
+	DI_MULTMFGS DI_FLAGS = 0x00000400 // Set if multiple manufacturers in class driver list
+
+	// Flag indicates that device is disabled
+	DI_DISABLED DI_FLAGS = 0x00000800 // Set if device disabled
+
+	// Flags for Device/Class Properties
+	DI_GENERALPAGE_ADDED  DI_FLAGS = 0x00001000
+	DI_RESOURCEPAGE_ADDED DI_FLAGS = 0x00002000
+
+	// Flag to indicate the setting properties for this Device (or class) caused a change so the Dev Mgr UI probably needs to be updated.
+	DI_PROPERTIES_CHANGE DI_FLAGS = 0x00004000
+
+	// Flag to indicate that the sorting from the INF file should be used.
+	DI_INF_IS_SORTED DI_FLAGS = 0x00008000
+
+	// Flag to indicate that only the INF specified by SP_DEVINSTALL_PARAMS.DriverPath should be searched.
+	DI_ENUMSINGLEINF DI_FLAGS = 0x00010000
+
+	// Flag that prevents ConfigMgr from removing/re-enumerating devices during device
+	// registration, installation, and deletion.
+	DI_DONOTCALLCONFIGMG DI_FLAGS = 0x00020000
+
+	// The following flag can be used to install a device disabled
+	DI_INSTALLDISABLED DI_FLAGS = 0x00040000
+
+	// Flag that causes SetupDiBuildDriverInfoList to build a device's compatible driver
+	// list from its existing class driver list, instead of the normal INF search.
+	DI_COMPAT_FROM_CLASS DI_FLAGS = 0x00080000
+
+	// This flag is set if the Class Install params should be used.
+	DI_CLASSINSTALLPARAMS DI_FLAGS = 0x00100000
+
+	// This flag is set if the caller of DiCallClassInstaller does NOT want the internal default action performed if the Class installer returns ERROR_DI_DO_DEFAULT.
+	DI_NODI_DEFAULTACTION DI_FLAGS = 0x00200000
+
+	// Flags for device installation
+	DI_QUIETINSTALL        DI_FLAGS = 0x00800000 // don't confuse the user with questions or excess info
+	DI_NOFILECOPY          DI_FLAGS = 0x01000000 // No file Copy necessary
+	DI_FORCECOPY           DI_FLAGS = 0x02000000 // Force files to be copied from install path
+	DI_DRIVERPAGE_ADDED    DI_FLAGS = 0x04000000 // Prop provider added Driver page.
+	DI_USECI_SELECTSTRINGS DI_FLAGS = 0x08000000 // Use Class Installer Provided strings in the Select Device Dlg
+	DI_OVERRIDE_INFFLAGS   DI_FLAGS = 0x10000000 // Override INF flags
+	DI_PROPS_NOCHANGEUSAGE DI_FLAGS = 0x20000000 // No Enable/Disable in General Props
+
+	DI_NOSELECTICONS DI_FLAGS = 0x40000000 // No small icons in select device dialogs
+
+	DI_NOWRITE_IDS DI_FLAGS = 0x80000000 // Don't write HW & Compat IDs on install
+)
+
+// DI_FLAGSEX is SP_DEVINSTALL_PARAMS.FlagsEx values
+type DI_FLAGSEX uint32
+
+const (
+	DI_FLAGSEX_CI_FAILED                DI_FLAGSEX = 0x00000004 // Failed to Load/Call class installer
+	DI_FLAGSEX_FINISHINSTALL_ACTION     DI_FLAGSEX = 0x00000008 // Class/co-installer wants to get a DIF_FINISH_INSTALL action in client context.
+	DI_FLAGSEX_DIDINFOLIST              DI_FLAGSEX = 0x00000010 // Did the Class Info List
+	DI_FLAGSEX_DIDCOMPATINFO            DI_FLAGSEX = 0x00000020 // Did the Compat Info List
+	DI_FLAGSEX_FILTERCLASSES            DI_FLAGSEX = 0x00000040
+	DI_FLAGSEX_SETFAILEDINSTALL         DI_FLAGSEX = 0x00000080
+	DI_FLAGSEX_DEVICECHANGE             DI_FLAGSEX = 0x00000100
+	DI_FLAGSEX_ALWAYSWRITEIDS           DI_FLAGSEX = 0x00000200
+	DI_FLAGSEX_PROPCHANGE_PENDING       DI_FLAGSEX = 0x00000400 // One or more device property sheets have had changes made to them, and need to have a DIF_PROPERTYCHANGE occur.
+	DI_FLAGSEX_ALLOWEXCLUDEDDRVS        DI_FLAGSEX = 0x00000800
+	DI_FLAGSEX_NOUIONQUERYREMOVE        DI_FLAGSEX = 0x00001000
+	DI_FLAGSEX_USECLASSFORCOMPAT        DI_FLAGSEX = 0x00002000 // Use the device's class when building compat drv list. (Ignored if DI_COMPAT_FROM_CLASS flag is specified.)
+	DI_FLAGSEX_NO_DRVREG_MODIFY         DI_FLAGSEX = 0x00008000 // Don't run AddReg and DelReg for device's software (driver) key.
+	DI_FLAGSEX_IN_SYSTEM_SETUP          DI_FLAGSEX = 0x00010000 // Installation is occurring during initial system setup.
+	DI_FLAGSEX_INET_DRIVER              DI_FLAGSEX = 0x00020000 // Driver came from Windows Update
+	DI_FLAGSEX_APPENDDRIVERLIST         DI_FLAGSEX = 0x00040000 // Cause SetupDiBuildDriverInfoList to append a new driver list to an existing list.
+	DI_FLAGSEX_PREINSTALLBACKUP         DI_FLAGSEX = 0x00080000 // not used
+	DI_FLAGSEX_BACKUPONREPLACE          DI_FLAGSEX = 0x00100000 // not used
+	DI_FLAGSEX_DRIVERLIST_FROM_URL      DI_FLAGSEX = 0x00200000 // build driver list from INF(s) retrieved from URL specified in SP_DEVINSTALL_PARAMS.DriverPath (empty string means Windows Update website)
+	DI_FLAGSEX_EXCLUDE_OLD_INET_DRIVERS DI_FLAGSEX = 0x00800000 // Don't include old Internet drivers when building a driver list. Ignored on Windows Vista and later.
+	DI_FLAGSEX_POWERPAGE_ADDED          DI_FLAGSEX = 0x01000000 // class installer added their own power page
+	DI_FLAGSEX_FILTERSIMILARDRIVERS     DI_FLAGSEX = 0x02000000 // only include similar drivers in class list
+	DI_FLAGSEX_INSTALLEDDRIVER          DI_FLAGSEX = 0x04000000 // only add the installed driver to the class or compat driver list.  Used in calls to SetupDiBuildDriverInfoList
+	DI_FLAGSEX_NO_CLASSLIST_NODE_MERGE  DI_FLAGSEX = 0x08000000 // Don't remove identical driver nodes from the class list
+	DI_FLAGSEX_ALTPLATFORM_DRVSEARCH    DI_FLAGSEX = 0x10000000 // Build driver list based on alternate platform information specified in associated file queue
+	DI_FLAGSEX_RESTART_DEVICE_ONLY      DI_FLAGSEX = 0x20000000 // only restart the device drivers are being installed on as opposed to restarting all devices using those drivers.
+	DI_FLAGSEX_RECURSIVESEARCH          DI_FLAGSEX = 0x40000000 // Tell SetupDiBuildDriverInfoList to do a recursive search
+	DI_FLAGSEX_SEARCH_PUBLISHED_INFS    DI_FLAGSEX = 0x80000000 // Tell SetupDiBuildDriverInfoList to do a "published INF" search
+)
+
+// ClassInstallHeader is the first member of any class install parameters structure. It contains the device installation request code that defines the format of the rest of the install parameters structure.
+type ClassInstallHeader struct {
+	size            uint32
+	InstallFunction DI_FUNCTION
+}
+
+func MakeClassInstallHeader(installFunction DI_FUNCTION) *ClassInstallHeader {
+	hdr := &ClassInstallHeader{InstallFunction: installFunction}
+	hdr.size = uint32(unsafe.Sizeof(*hdr))
+	return hdr
+}
+
+// DICS_STATE specifies values indicating a change in a device's state
+type DICS_STATE uint32
+
+const (
+	DICS_ENABLE     DICS_STATE = 0x00000001 // The device is being enabled.
+	DICS_DISABLE    DICS_STATE = 0x00000002 // The device is being disabled.
+	DICS_PROPCHANGE DICS_STATE = 0x00000003 // The properties of the device have changed.
+	DICS_START      DICS_STATE = 0x00000004 // The device is being started (if the request is for the currently active hardware profile).
+	DICS_STOP       DICS_STATE = 0x00000005 // The device is being stopped. The driver stack will be unloaded and the CSCONFIGFLAG_DO_NOT_START flag will be set for the device.
+)
+
+// DICS_FLAG specifies the scope of a device property change
+type DICS_FLAG uint32
+
+const (
+	DICS_FLAG_GLOBAL         DICS_FLAG = 0x00000001 // make change in all hardware profiles
+	DICS_FLAG_CONFIGSPECIFIC DICS_FLAG = 0x00000002 // make change in specified profile only
+	DICS_FLAG_CONFIGGENERAL  DICS_FLAG = 0x00000004 // 1 or more hardware profile-specific changes to follow (obsolete)
+)
+
+// PropChangeParams is a structure corresponding to a DIF_PROPERTYCHANGE install function.
+type PropChangeParams struct {
+	ClassInstallHeader ClassInstallHeader
+	StateChange        DICS_STATE
+	Scope              DICS_FLAG
+	HwProfile          uint32
+}
+
+// DI_REMOVEDEVICE specifies the scope of the device removal
+type DI_REMOVEDEVICE uint32
+
+const (
+	DI_REMOVEDEVICE_GLOBAL         DI_REMOVEDEVICE = 0x00000001 // Make this change in all hardware profiles. Remove information about the device from the registry.
+	DI_REMOVEDEVICE_CONFIGSPECIFIC DI_REMOVEDEVICE = 0x00000002 // Make this change to only the hardware profile specified by HwProfile. this flag only applies to root-enumerated devices. When Windows removes the device from the last hardware profile in which it was configured, Windows performs a global removal.
+)
+
+// RemoveDeviceParams is a structure corresponding to a DIF_REMOVE install function.
+type RemoveDeviceParams struct {
+	ClassInstallHeader ClassInstallHeader
+	Scope              DI_REMOVEDEVICE
+	HwProfile          uint32
+}
+
+// DrvInfoData is driver information structure (member of a driver info list that may be associated with a particular device instance, or (globally) with a device information set)
+type DrvInfoData struct {
+	size          uint32
+	DriverType    uint32
+	_             uintptr
+	description   [LINE_LEN]uint16
+	mfgName       [LINE_LEN]uint16
+	providerName  [LINE_LEN]uint16
+	DriverDate    Filetime
+	DriverVersion uint64
+}
+
+func (data *DrvInfoData) Description() string {
+	return UTF16ToString(data.description[:])
+}
+
+func (data *DrvInfoData) SetDescription(description string) error {
+	str, err := UTF16FromString(description)
+	if err != nil {
+		return err
+	}
+	copy(data.description[:], str)
+	return nil
+}
+
+func (data *DrvInfoData) MfgName() string {
+	return UTF16ToString(data.mfgName[:])
+}
+
+func (data *DrvInfoData) SetMfgName(mfgName string) error {
+	str, err := UTF16FromString(mfgName)
+	if err != nil {
+		return err
+	}
+	copy(data.mfgName[:], str)
+	return nil
+}
+
+func (data *DrvInfoData) ProviderName() string {
+	return UTF16ToString(data.providerName[:])
+}
+
+func (data *DrvInfoData) SetProviderName(providerName string) error {
+	str, err := UTF16FromString(providerName)
+	if err != nil {
+		return err
+	}
+	copy(data.providerName[:], str)
+	return nil
+}
+
+// IsNewer method returns true if DrvInfoData date and version is newer than supplied parameters.
+func (data *DrvInfoData) IsNewer(driverDate Filetime, driverVersion uint64) bool {
+	if data.DriverDate.HighDateTime > driverDate.HighDateTime {
+		return true
+	}
+	if data.DriverDate.HighDateTime < driverDate.HighDateTime {
+		return false
+	}
+
+	if data.DriverDate.LowDateTime > driverDate.LowDateTime {
+		return true
+	}
+	if data.DriverDate.LowDateTime < driverDate.LowDateTime {
+		return false
+	}
+
+	if data.DriverVersion > driverVersion {
+		return true
+	}
+	if data.DriverVersion < driverVersion {
+		return false
+	}
+
+	return false
+}
+
+// DrvInfoDetailData is driver information details structure (provides detailed information about a particular driver information structure)
+type DrvInfoDetailData struct {
+	size            uint32 // Use unsafeSizeOf method
+	InfDate         Filetime
+	compatIDsOffset uint32
+	compatIDsLength uint32
+	_               uintptr
+	sectionName     [LINE_LEN]uint16
+	infFileName     [MAX_PATH]uint16
+	drvDescription  [LINE_LEN]uint16
+	hardwareID      [1]uint16
+}
+
+func (*DrvInfoDetailData) unsafeSizeOf() uint32 {
+	if unsafe.Sizeof(uintptr(0)) == 4 {
+		// Windows declares this with pshpack1.h
+		return uint32(unsafe.Offsetof(DrvInfoDetailData{}.hardwareID) + unsafe.Sizeof(DrvInfoDetailData{}.hardwareID))
+	}
+	return uint32(unsafe.Sizeof(DrvInfoDetailData{}))
+}
+
+func (data *DrvInfoDetailData) SectionName() string {
+	return UTF16ToString(data.sectionName[:])
+}
+
+func (data *DrvInfoDetailData) InfFileName() string {
+	return UTF16ToString(data.infFileName[:])
+}
+
+func (data *DrvInfoDetailData) DrvDescription() string {
+	return UTF16ToString(data.drvDescription[:])
+}
+
+func (data *DrvInfoDetailData) HardwareID() string {
+	if data.compatIDsOffset > 1 {
+		bufW := data.getBuf()
+		return UTF16ToString(bufW[:wcslen(bufW)])
+	}
+
+	return ""
+}
+
+func (data *DrvInfoDetailData) CompatIDs() []string {
+	a := make([]string, 0)
+
+	if data.compatIDsLength > 0 {
+		bufW := data.getBuf()
+		bufW = bufW[data.compatIDsOffset : data.compatIDsOffset+data.compatIDsLength]
+		for i := 0; i < len(bufW); {
+			j := i + wcslen(bufW[i:])
+			if i < j {
+				a = append(a, UTF16ToString(bufW[i:j]))
+			}
+			i = j + 1
+		}
+	}
+
+	return a
+}
+
+func (data *DrvInfoDetailData) getBuf() []uint16 {
+	len := (data.size - uint32(unsafe.Offsetof(data.hardwareID))) / 2
+	sl := struct {
+		addr *uint16
+		len  int
+		cap  int
+	}{&data.hardwareID[0], int(len), int(len)}
+	return *(*[]uint16)(unsafe.Pointer(&sl))
+}
+
+// IsCompatible method tests if given hardware ID matches the driver or is listed on the compatible ID list.
+func (data *DrvInfoDetailData) IsCompatible(hwid string) bool {
+	hwidLC := strings.ToLower(hwid)
+	if strings.ToLower(data.HardwareID()) == hwidLC {
+		return true
+	}
+	a := data.CompatIDs()
+	for i := range a {
+		if strings.ToLower(a[i]) == hwidLC {
+			return true
+		}
+	}
+
+	return false
+}
+
+// DICD flags control SetupDiCreateDeviceInfo
+type DICD uint32
+
+const (
+	DICD_GENERATE_ID       DICD = 0x00000001
+	DICD_INHERIT_CLASSDRVS DICD = 0x00000002
+)
+
+// SUOI flags control SetupUninstallOEMInf
+type SUOI uint32
+
+const (
+	SUOI_FORCEDELETE SUOI = 0x0001
+)
+
+// SPDIT flags to distinguish between class drivers and
+// device drivers. (Passed in 'DriverType' parameter of
+// driver information list APIs)
+type SPDIT uint32
+
+const (
+	SPDIT_NODRIVER     SPDIT = 0x00000000
+	SPDIT_CLASSDRIVER  SPDIT = 0x00000001
+	SPDIT_COMPATDRIVER SPDIT = 0x00000002
+)
+
+// DIGCF flags control what is included in the device information set built by SetupDiGetClassDevs
+type DIGCF uint32
+
+const (
+	DIGCF_DEFAULT         DIGCF = 0x00000001 // only valid with DIGCF_DEVICEINTERFACE
+	DIGCF_PRESENT         DIGCF = 0x00000002
+	DIGCF_ALLCLASSES      DIGCF = 0x00000004
+	DIGCF_PROFILE         DIGCF = 0x00000008
+	DIGCF_DEVICEINTERFACE DIGCF = 0x00000010
+)
+
+// DIREG specifies values for SetupDiCreateDevRegKey, SetupDiOpenDevRegKey, and SetupDiDeleteDevRegKey.
+type DIREG uint32
+
+const (
+	DIREG_DEV  DIREG = 0x00000001 // Open/Create/Delete device key
+	DIREG_DRV  DIREG = 0x00000002 // Open/Create/Delete driver key
+	DIREG_BOTH DIREG = 0x00000004 // Delete both driver and Device key
+)
+
+// SPDRP specifies device registry property codes
+// (Codes marked as read-only (R) may only be used for
+// SetupDiGetDeviceRegistryProperty)
+//
+// These values should cover the same set of registry properties
+// as defined by the CM_DRP codes in cfgmgr32.h.
+//
+// Note that SPDRP codes are zero based while CM_DRP codes are one based!
+type SPDRP uint32
+
+const (
+	SPDRP_DEVICEDESC                  SPDRP = 0x00000000 // DeviceDesc (R/W)
+	SPDRP_HARDWAREID                  SPDRP = 0x00000001 // HardwareID (R/W)
+	SPDRP_COMPATIBLEIDS               SPDRP = 0x00000002 // CompatibleIDs (R/W)
+	SPDRP_SERVICE                     SPDRP = 0x00000004 // Service (R/W)
+	SPDRP_CLASS                       SPDRP = 0x00000007 // Class (R--tied to ClassGUID)
+	SPDRP_CLASSGUID                   SPDRP = 0x00000008 // ClassGUID (R/W)
+	SPDRP_DRIVER                      SPDRP = 0x00000009 // Driver (R/W)
+	SPDRP_CONFIGFLAGS                 SPDRP = 0x0000000A // ConfigFlags (R/W)
+	SPDRP_MFG                         SPDRP = 0x0000000B // Mfg (R/W)
+	SPDRP_FRIENDLYNAME                SPDRP = 0x0000000C // FriendlyName (R/W)
+	SPDRP_LOCATION_INFORMATION        SPDRP = 0x0000000D // LocationInformation (R/W)
+	SPDRP_PHYSICAL_DEVICE_OBJECT_NAME SPDRP = 0x0000000E // PhysicalDeviceObjectName (R)
+	SPDRP_CAPABILITIES                SPDRP = 0x0000000F // Capabilities (R)
+	SPDRP_UI_NUMBER                   SPDRP = 0x00000010 // UiNumber (R)
+	SPDRP_UPPERFILTERS                SPDRP = 0x00000011 // UpperFilters (R/W)
+	SPDRP_LOWERFILTERS                SPDRP = 0x00000012 // LowerFilters (R/W)
+	SPDRP_BUSTYPEGUID                 SPDRP = 0x00000013 // BusTypeGUID (R)
+	SPDRP_LEGACYBUSTYPE               SPDRP = 0x00000014 // LegacyBusType (R)
+	SPDRP_BUSNUMBER                   SPDRP = 0x00000015 // BusNumber (R)
+	SPDRP_ENUMERATOR_NAME             SPDRP = 0x00000016 // Enumerator Name (R)
+	SPDRP_SECURITY                    SPDRP = 0x00000017 // Security (R/W, binary form)
+	SPDRP_SECURITY_SDS                SPDRP = 0x00000018 // Security (W, SDS form)
+	SPDRP_DEVTYPE                     SPDRP = 0x00000019 // Device Type (R/W)
+	SPDRP_EXCLUSIVE                   SPDRP = 0x0000001A // Device is exclusive-access (R/W)
+	SPDRP_CHARACTERISTICS             SPDRP = 0x0000001B // Device Characteristics (R/W)
+	SPDRP_ADDRESS                     SPDRP = 0x0000001C // Device Address (R)
+	SPDRP_UI_NUMBER_DESC_FORMAT       SPDRP = 0x0000001D // UiNumberDescFormat (R/W)
+	SPDRP_DEVICE_POWER_DATA           SPDRP = 0x0000001E // Device Power Data (R)
+	SPDRP_REMOVAL_POLICY              SPDRP = 0x0000001F // Removal Policy (R)
+	SPDRP_REMOVAL_POLICY_HW_DEFAULT   SPDRP = 0x00000020 // Hardware Removal Policy (R)
+	SPDRP_REMOVAL_POLICY_OVERRIDE     SPDRP = 0x00000021 // Removal Policy Override (RW)
+	SPDRP_INSTALL_STATE               SPDRP = 0x00000022 // Device Install State (R)
+	SPDRP_LOCATION_PATHS              SPDRP = 0x00000023 // Device Location Paths (R)
+	SPDRP_BASE_CONTAINERID            SPDRP = 0x00000024 // Base ContainerID (R)
+
+	SPDRP_MAXIMUM_PROPERTY SPDRP = 0x00000025 // Upper bound on ordinals
+)
+
+// DEVPROPTYPE represents the property-data-type identifier that specifies the
+// data type of a device property value in the unified device property model.
+type DEVPROPTYPE uint32
+
+const (
+	DEVPROP_TYPEMOD_ARRAY DEVPROPTYPE = 0x00001000
+	DEVPROP_TYPEMOD_LIST  DEVPROPTYPE = 0x00002000
+
+	DEVPROP_TYPE_EMPTY                      DEVPROPTYPE = 0x00000000
+	DEVPROP_TYPE_NULL                       DEVPROPTYPE = 0x00000001
+	DEVPROP_TYPE_SBYTE                      DEVPROPTYPE = 0x00000002
+	DEVPROP_TYPE_BYTE                       DEVPROPTYPE = 0x00000003
+	DEVPROP_TYPE_INT16                      DEVPROPTYPE = 0x00000004
+	DEVPROP_TYPE_UINT16                     DEVPROPTYPE = 0x00000005
+	DEVPROP_TYPE_INT32                      DEVPROPTYPE = 0x00000006
+	DEVPROP_TYPE_UINT32                     DEVPROPTYPE = 0x00000007
+	DEVPROP_TYPE_INT64                      DEVPROPTYPE = 0x00000008
+	DEVPROP_TYPE_UINT64                     DEVPROPTYPE = 0x00000009
+	DEVPROP_TYPE_FLOAT                      DEVPROPTYPE = 0x0000000A
+	DEVPROP_TYPE_DOUBLE                     DEVPROPTYPE = 0x0000000B
+	DEVPROP_TYPE_DECIMAL                    DEVPROPTYPE = 0x0000000C
+	DEVPROP_TYPE_GUID                       DEVPROPTYPE = 0x0000000D
+	DEVPROP_TYPE_CURRENCY                   DEVPROPTYPE = 0x0000000E
+	DEVPROP_TYPE_DATE                       DEVPROPTYPE = 0x0000000F
+	DEVPROP_TYPE_FILETIME                   DEVPROPTYPE = 0x00000010
+	DEVPROP_TYPE_BOOLEAN                    DEVPROPTYPE = 0x00000011
+	DEVPROP_TYPE_STRING                     DEVPROPTYPE = 0x00000012
+	DEVPROP_TYPE_STRING_LIST                DEVPROPTYPE = DEVPROP_TYPE_STRING | DEVPROP_TYPEMOD_LIST
+	DEVPROP_TYPE_SECURITY_DESCRIPTOR        DEVPROPTYPE = 0x00000013
+	DEVPROP_TYPE_SECURITY_DESCRIPTOR_STRING DEVPROPTYPE = 0x00000014
+	DEVPROP_TYPE_DEVPROPKEY                 DEVPROPTYPE = 0x00000015
+	DEVPROP_TYPE_DEVPROPTYPE                DEVPROPTYPE = 0x00000016
+	DEVPROP_TYPE_BINARY                     DEVPROPTYPE = DEVPROP_TYPE_BYTE | DEVPROP_TYPEMOD_ARRAY
+	DEVPROP_TYPE_ERROR                      DEVPROPTYPE = 0x00000017
+	DEVPROP_TYPE_NTSTATUS                   DEVPROPTYPE = 0x00000018
+	DEVPROP_TYPE_STRING_INDIRECT            DEVPROPTYPE = 0x00000019
+
+	MAX_DEVPROP_TYPE    DEVPROPTYPE = 0x00000019
+	MAX_DEVPROP_TYPEMOD DEVPROPTYPE = 0x00002000
+
+	DEVPROP_MASK_TYPE    DEVPROPTYPE = 0x00000FFF
+	DEVPROP_MASK_TYPEMOD DEVPROPTYPE = 0x0000F000
+)
+
+// DEVPROPGUID specifies a property category.
+type DEVPROPGUID GUID
+
+// DEVPROPID uniquely identifies the property within the property category.
+type DEVPROPID uint32
+
+const DEVPROPID_FIRST_USABLE DEVPROPID = 2
+
+// DEVPROPKEY represents a device property key for a device property in the
+// unified device property model.
+type DEVPROPKEY struct {
+	FmtID DEVPROPGUID
+	PID   DEVPROPID
+}
+
+// CONFIGRET is a return value or error code from cfgmgr32 APIs
+type CONFIGRET uint32
+
+func (ret CONFIGRET) Error() string {
+	if win32Error, ok := ret.Unwrap().(Errno); ok {
+		return fmt.Sprintf("%s (CfgMgr error: 0x%08x)", win32Error.Error(), uint32(ret))
+	}
+	return fmt.Sprintf("CfgMgr error: 0x%08x", uint32(ret))
+}
+
+func (ret CONFIGRET) Win32Error(defaultError Errno) Errno {
+	return cm_MapCrToWin32Err(ret, defaultError)
+}
+
+func (ret CONFIGRET) Unwrap() error {
+	const noMatch = Errno(^uintptr(0))
+	win32Error := ret.Win32Error(noMatch)
+	if win32Error == noMatch {
+		return nil
+	}
+	return win32Error
+}
+
+const (
+	CR_SUCCESS                  CONFIGRET = 0x00000000
+	CR_DEFAULT                  CONFIGRET = 0x00000001
+	CR_OUT_OF_MEMORY            CONFIGRET = 0x00000002
+	CR_INVALID_POINTER          CONFIGRET = 0x00000003
+	CR_INVALID_FLAG             CONFIGRET = 0x00000004
+	CR_INVALID_DEVNODE          CONFIGRET = 0x00000005
+	CR_INVALID_DEVINST                    = CR_INVALID_DEVNODE
+	CR_INVALID_RES_DES          CONFIGRET = 0x00000006
+	CR_INVALID_LOG_CONF         CONFIGRET = 0x00000007
+	CR_INVALID_ARBITRATOR       CONFIGRET = 0x00000008
+	CR_INVALID_NODELIST         CONFIGRET = 0x00000009
+	CR_DEVNODE_HAS_REQS         CONFIGRET = 0x0000000A
+	CR_DEVINST_HAS_REQS                   = CR_DEVNODE_HAS_REQS
+	CR_INVALID_RESOURCEID       CONFIGRET = 0x0000000B
+	CR_DLVXD_NOT_FOUND          CONFIGRET = 0x0000000C
+	CR_NO_SUCH_DEVNODE          CONFIGRET = 0x0000000D
+	CR_NO_SUCH_DEVINST                    = CR_NO_SUCH_DEVNODE
+	CR_NO_MORE_LOG_CONF         CONFIGRET = 0x0000000E
+	CR_NO_MORE_RES_DES          CONFIGRET = 0x0000000F
+	CR_ALREADY_SUCH_DEVNODE     CONFIGRET = 0x00000010
+	CR_ALREADY_SUCH_DEVINST               = CR_ALREADY_SUCH_DEVNODE
+	CR_INVALID_RANGE_LIST       CONFIGRET = 0x00000011
+	CR_INVALID_RANGE            CONFIGRET = 0x00000012
+	CR_FAILURE                  CONFIGRET = 0x00000013
+	CR_NO_SUCH_LOGICAL_DEV      CONFIGRET = 0x00000014
+	CR_CREATE_BLOCKED           CONFIGRET = 0x00000015
+	CR_NOT_SYSTEM_VM            CONFIGRET = 0x00000016
+	CR_REMOVE_VETOED            CONFIGRET = 0x00000017
+	CR_APM_VETOED               CONFIGRET = 0x00000018
+	CR_INVALID_LOAD_TYPE        CONFIGRET = 0x00000019
+	CR_BUFFER_SMALL             CONFIGRET = 0x0000001A
+	CR_NO_ARBITRATOR            CONFIGRET = 0x0000001B
+	CR_NO_REGISTRY_HANDLE       CONFIGRET = 0x0000001C
+	CR_REGISTRY_ERROR           CONFIGRET = 0x0000001D
+	CR_INVALID_DEVICE_ID        CONFIGRET = 0x0000001E
+	CR_INVALID_DATA             CONFIGRET = 0x0000001F
+	CR_INVALID_API              CONFIGRET = 0x00000020
+	CR_DEVLOADER_NOT_READY      CONFIGRET = 0x00000021
+	CR_NEED_RESTART             CONFIGRET = 0x00000022
+	CR_NO_MORE_HW_PROFILES      CONFIGRET = 0x00000023
+	CR_DEVICE_NOT_THERE         CONFIGRET = 0x00000024
+	CR_NO_SUCH_VALUE            CONFIGRET = 0x00000025
+	CR_WRONG_TYPE               CONFIGRET = 0x00000026
+	CR_INVALID_PRIORITY         CONFIGRET = 0x00000027
+	CR_NOT_DISABLEABLE          CONFIGRET = 0x00000028
+	CR_FREE_RESOURCES           CONFIGRET = 0x00000029
+	CR_QUERY_VETOED             CONFIGRET = 0x0000002A
+	CR_CANT_SHARE_IRQ           CONFIGRET = 0x0000002B
+	CR_NO_DEPENDENT             CONFIGRET = 0x0000002C
+	CR_SAME_RESOURCES           CONFIGRET = 0x0000002D
+	CR_NO_SUCH_REGISTRY_KEY     CONFIGRET = 0x0000002E
+	CR_INVALID_MACHINENAME      CONFIGRET = 0x0000002F
+	CR_REMOTE_COMM_FAILURE      CONFIGRET = 0x00000030
+	CR_MACHINE_UNAVAILABLE      CONFIGRET = 0x00000031
+	CR_NO_CM_SERVICES           CONFIGRET = 0x00000032
+	CR_ACCESS_DENIED            CONFIGRET = 0x00000033
+	CR_CALL_NOT_IMPLEMENTED     CONFIGRET = 0x00000034
+	CR_INVALID_PROPERTY         CONFIGRET = 0x00000035
+	CR_DEVICE_INTERFACE_ACTIVE  CONFIGRET = 0x00000036
+	CR_NO_SUCH_DEVICE_INTERFACE CONFIGRET = 0x00000037
+	CR_INVALID_REFERENCE_STRING CONFIGRET = 0x00000038
+	CR_INVALID_CONFLICT_LIST    CONFIGRET = 0x00000039
+	CR_INVALID_INDEX            CONFIGRET = 0x0000003A
+	CR_INVALID_STRUCTURE_SIZE   CONFIGRET = 0x0000003B
+	NUM_CR_RESULTS              CONFIGRET = 0x0000003C
+)
+
+const (
+	CM_GET_DEVICE_INTERFACE_LIST_PRESENT     = 0 // only currently 'live' device interfaces
+	CM_GET_DEVICE_INTERFACE_LIST_ALL_DEVICES = 1 // all registered device interfaces, live or not
+)
+
+const (
+	DN_ROOT_ENUMERATED       = 0x00000001        // Was enumerated by ROOT
+	DN_DRIVER_LOADED         = 0x00000002        // Has Register_Device_Driver
+	DN_ENUM_LOADED           = 0x00000004        // Has Register_Enumerator
+	DN_STARTED               = 0x00000008        // Is currently configured
+	DN_MANUAL                = 0x00000010        // Manually installed
+	DN_NEED_TO_ENUM          = 0x00000020        // May need reenumeration
+	DN_NOT_FIRST_TIME        = 0x00000040        // Has received a config
+	DN_HARDWARE_ENUM         = 0x00000080        // Enum generates hardware ID
+	DN_LIAR                  = 0x00000100        // Lied about can reconfig once
+	DN_HAS_MARK              = 0x00000200        // Not CM_Create_DevInst lately
+	DN_HAS_PROBLEM           = 0x00000400        // Need device installer
+	DN_FILTERED              = 0x00000800        // Is filtered
+	DN_MOVED                 = 0x00001000        // Has been moved
+	DN_DISABLEABLE           = 0x00002000        // Can be disabled
+	DN_REMOVABLE             = 0x00004000        // Can be removed
+	DN_PRIVATE_PROBLEM       = 0x00008000        // Has a private problem
+	DN_MF_PARENT             = 0x00010000        // Multi function parent
+	DN_MF_CHILD              = 0x00020000        // Multi function child
+	DN_WILL_BE_REMOVED       = 0x00040000        // DevInst is being removed
+	DN_NOT_FIRST_TIMEE       = 0x00080000        // Has received a config enumerate
+	DN_STOP_FREE_RES         = 0x00100000        // When child is stopped, free resources
+	DN_REBAL_CANDIDATE       = 0x00200000        // Don't skip during rebalance
+	DN_BAD_PARTIAL           = 0x00400000        // This devnode's log_confs do not have same resources
+	DN_NT_ENUMERATOR         = 0x00800000        // This devnode's is an NT enumerator
+	DN_NT_DRIVER             = 0x01000000        // This devnode's is an NT driver
+	DN_NEEDS_LOCKING         = 0x02000000        // Devnode need lock resume processing
+	DN_ARM_WAKEUP            = 0x04000000        // Devnode can be the wakeup device
+	DN_APM_ENUMERATOR        = 0x08000000        // APM aware enumerator
+	DN_APM_DRIVER            = 0x10000000        // APM aware driver
+	DN_SILENT_INSTALL        = 0x20000000        // Silent install
+	DN_NO_SHOW_IN_DM         = 0x40000000        // No show in device manager
+	DN_BOOT_LOG_PROB         = 0x80000000        // Had a problem during preassignment of boot log conf
+	DN_NEED_RESTART          = DN_LIAR           // System needs to be restarted for this Devnode to work properly
+	DN_DRIVER_BLOCKED        = DN_NOT_FIRST_TIME // One or more drivers are blocked from loading for this Devnode
+	DN_LEGACY_DRIVER         = DN_MOVED          // This device is using a legacy driver
+	DN_CHILD_WITH_INVALID_ID = DN_HAS_MARK       // One or more children have invalid IDs
+	DN_DEVICE_DISCONNECTED   = DN_NEEDS_LOCKING  // The function driver for a device reported that the device is not connected.  Typically this means a wireless device is out of range.
+	DN_QUERY_REMOVE_PENDING  = DN_MF_PARENT      // Device is part of a set of related devices collectively pending query-removal
+	DN_QUERY_REMOVE_ACTIVE   = DN_MF_CHILD       // Device is actively engaged in a query-remove IRP
+	DN_CHANGEABLE_FLAGS      = DN_NOT_FIRST_TIME | DN_HARDWARE_ENUM | DN_HAS_MARK | DN_DISABLEABLE | DN_REMOVABLE | DN_MF_CHILD | DN_MF_PARENT | DN_NOT_FIRST_TIMEE | DN_STOP_FREE_RES | DN_REBAL_CANDIDATE | DN_NT_ENUMERATOR | DN_NT_DRIVER | DN_SILENT_INSTALL | DN_NO_SHOW_IN_DM
+)
+
+//sys	setupDiCreateDeviceInfoListEx(classGUID *GUID, hwndParent uintptr, machineName *uint16, reserved uintptr) (handle DevInfo, err error) [failretval==DevInfo(InvalidHandle)] = setupapi.SetupDiCreateDeviceInfoListExW
+
+// SetupDiCreateDeviceInfoListEx function creates an empty device information set on a remote or a local computer and optionally associates the set with a device setup class.
+func SetupDiCreateDeviceInfoListEx(classGUID *GUID, hwndParent uintptr, machineName string) (deviceInfoSet DevInfo, err error) {
+	var machineNameUTF16 *uint16
+	if machineName != "" {
+		machineNameUTF16, err = UTF16PtrFromString(machineName)
+		if err != nil {
+			return
+		}
+	}
+	return setupDiCreateDeviceInfoListEx(classGUID, hwndParent, machineNameUTF16, 0)
+}
+
+//sys	setupDiGetDeviceInfoListDetail(deviceInfoSet DevInfo, deviceInfoSetDetailData *DevInfoListDetailData) (err error) = setupapi.SetupDiGetDeviceInfoListDetailW
+
+// SetupDiGetDeviceInfoListDetail function retrieves information associated with a device information set including the class GUID, remote computer handle, and remote computer name.
+func SetupDiGetDeviceInfoListDetail(deviceInfoSet DevInfo) (deviceInfoSetDetailData *DevInfoListDetailData, err error) {
+	data := &DevInfoListDetailData{}
+	data.size = data.unsafeSizeOf()
+
+	return data, setupDiGetDeviceInfoListDetail(deviceInfoSet, data)
+}
+
+// DeviceInfoListDetail method retrieves information associated with a device information set including the class GUID, remote computer handle, and remote computer name.
+func (deviceInfoSet DevInfo) DeviceInfoListDetail() (*DevInfoListDetailData, error) {
+	return SetupDiGetDeviceInfoListDetail(deviceInfoSet)
+}
+
+//sys	setupDiCreateDeviceInfo(deviceInfoSet DevInfo, DeviceName *uint16, classGUID *GUID, DeviceDescription *uint16, hwndParent uintptr, CreationFlags DICD, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiCreateDeviceInfoW
+
+// SetupDiCreateDeviceInfo function creates a new device information element and adds it as a new member to the specified device information set.
+func SetupDiCreateDeviceInfo(deviceInfoSet DevInfo, deviceName string, classGUID *GUID, deviceDescription string, hwndParent uintptr, creationFlags DICD) (deviceInfoData *DevInfoData, err error) {
+	deviceNameUTF16, err := UTF16PtrFromString(deviceName)
+	if err != nil {
+		return
+	}
+
+	var deviceDescriptionUTF16 *uint16
+	if deviceDescription != "" {
+		deviceDescriptionUTF16, err = UTF16PtrFromString(deviceDescription)
+		if err != nil {
+			return
+		}
+	}
+
+	data := &DevInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiCreateDeviceInfo(deviceInfoSet, deviceNameUTF16, classGUID, deviceDescriptionUTF16, hwndParent, creationFlags, data)
+}
+
+// CreateDeviceInfo method creates a new device information element and adds it as a new member to the specified device information set.
+func (deviceInfoSet DevInfo) CreateDeviceInfo(deviceName string, classGUID *GUID, deviceDescription string, hwndParent uintptr, creationFlags DICD) (*DevInfoData, error) {
+	return SetupDiCreateDeviceInfo(deviceInfoSet, deviceName, classGUID, deviceDescription, hwndParent, creationFlags)
+}
+
+//sys	setupDiEnumDeviceInfo(deviceInfoSet DevInfo, memberIndex uint32, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiEnumDeviceInfo
+
+// SetupDiEnumDeviceInfo function returns a DevInfoData structure that specifies a device information element in a device information set.
+func SetupDiEnumDeviceInfo(deviceInfoSet DevInfo, memberIndex int) (*DevInfoData, error) {
+	data := &DevInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiEnumDeviceInfo(deviceInfoSet, uint32(memberIndex), data)
+}
+
+// EnumDeviceInfo method returns a DevInfoData structure that specifies a device information element in a device information set.
+func (deviceInfoSet DevInfo) EnumDeviceInfo(memberIndex int) (*DevInfoData, error) {
+	return SetupDiEnumDeviceInfo(deviceInfoSet, memberIndex)
+}
+
+// SetupDiDestroyDeviceInfoList function deletes a device information set and frees all associated memory.
+//sys	SetupDiDestroyDeviceInfoList(deviceInfoSet DevInfo) (err error) = setupapi.SetupDiDestroyDeviceInfoList
+
+// Close method deletes a device information set and frees all associated memory.
+func (deviceInfoSet DevInfo) Close() error {
+	return SetupDiDestroyDeviceInfoList(deviceInfoSet)
+}
+
+//sys	SetupDiBuildDriverInfoList(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT) (err error) = setupapi.SetupDiBuildDriverInfoList
+
+// BuildDriverInfoList method builds a list of drivers that is associated with a specific device or with the global class driver list for a device information set.
+func (deviceInfoSet DevInfo) BuildDriverInfoList(deviceInfoData *DevInfoData, driverType SPDIT) error {
+	return SetupDiBuildDriverInfoList(deviceInfoSet, deviceInfoData, driverType)
+}
+
+//sys	SetupDiCancelDriverInfoSearch(deviceInfoSet DevInfo) (err error) = setupapi.SetupDiCancelDriverInfoSearch
+
+// CancelDriverInfoSearch method cancels a driver list search that is currently in progress in a different thread.
+func (deviceInfoSet DevInfo) CancelDriverInfoSearch() error {
+	return SetupDiCancelDriverInfoSearch(deviceInfoSet)
+}
+
+//sys	setupDiEnumDriverInfo(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT, memberIndex uint32, driverInfoData *DrvInfoData) (err error) = setupapi.SetupDiEnumDriverInfoW
+
+// SetupDiEnumDriverInfo function enumerates the members of a driver list.
+func SetupDiEnumDriverInfo(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT, memberIndex int) (*DrvInfoData, error) {
+	data := &DrvInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiEnumDriverInfo(deviceInfoSet, deviceInfoData, driverType, uint32(memberIndex), data)
+}
+
+// EnumDriverInfo method enumerates the members of a driver list.
+func (deviceInfoSet DevInfo) EnumDriverInfo(deviceInfoData *DevInfoData, driverType SPDIT, memberIndex int) (*DrvInfoData, error) {
+	return SetupDiEnumDriverInfo(deviceInfoSet, deviceInfoData, driverType, memberIndex)
+}
+
+//sys	setupDiGetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (err error) = setupapi.SetupDiGetSelectedDriverW
+
+// SetupDiGetSelectedDriver function retrieves the selected driver for a device information set or a particular device information element.
+func SetupDiGetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (*DrvInfoData, error) {
+	data := &DrvInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiGetSelectedDriver(deviceInfoSet, deviceInfoData, data)
+}
+
+// SelectedDriver method retrieves the selected driver for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) SelectedDriver(deviceInfoData *DevInfoData) (*DrvInfoData, error) {
+	return SetupDiGetSelectedDriver(deviceInfoSet, deviceInfoData)
+}
+
+//sys	SetupDiSetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (err error) = setupapi.SetupDiSetSelectedDriverW
+
+// SetSelectedDriver method sets, or resets, the selected driver for a device information element or the selected class driver for a device information set.
+func (deviceInfoSet DevInfo) SetSelectedDriver(deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) error {
+	return SetupDiSetSelectedDriver(deviceInfoSet, deviceInfoData, driverInfoData)
+}
+
+//sys	setupDiGetDriverInfoDetail(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData, driverInfoDetailData *DrvInfoDetailData, driverInfoDetailDataSize uint32, requiredSize *uint32) (err error) = setupapi.SetupDiGetDriverInfoDetailW
+
+// SetupDiGetDriverInfoDetail function retrieves driver information detail for a device information set or a particular device information element in the device information set.
+func SetupDiGetDriverInfoDetail(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (*DrvInfoDetailData, error) {
+	reqSize := uint32(2048)
+	for {
+		buf := make([]byte, reqSize)
+		data := (*DrvInfoDetailData)(unsafe.Pointer(&buf[0]))
+		data.size = data.unsafeSizeOf()
+		err := setupDiGetDriverInfoDetail(deviceInfoSet, deviceInfoData, driverInfoData, data, uint32(len(buf)), &reqSize)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return nil, err
+		}
+		data.size = reqSize
+		return data, nil
+	}
+}
+
+// DriverInfoDetail method retrieves driver information detail for a device information set or a particular device information element in the device information set.
+func (deviceInfoSet DevInfo) DriverInfoDetail(deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (*DrvInfoDetailData, error) {
+	return SetupDiGetDriverInfoDetail(deviceInfoSet, deviceInfoData, driverInfoData)
+}
+
+//sys	SetupDiDestroyDriverInfoList(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT) (err error) = setupapi.SetupDiDestroyDriverInfoList
+
+// DestroyDriverInfoList method deletes a driver list.
+func (deviceInfoSet DevInfo) DestroyDriverInfoList(deviceInfoData *DevInfoData, driverType SPDIT) error {
+	return SetupDiDestroyDriverInfoList(deviceInfoSet, deviceInfoData, driverType)
+}
+
+//sys	setupDiGetClassDevsEx(classGUID *GUID, Enumerator *uint16, hwndParent uintptr, Flags DIGCF, deviceInfoSet DevInfo, machineName *uint16, reserved uintptr) (handle DevInfo, err error) [failretval==DevInfo(InvalidHandle)] = setupapi.SetupDiGetClassDevsExW
+
+// SetupDiGetClassDevsEx function returns a handle to a device information set that contains requested device information elements for a local or a remote computer.
+func SetupDiGetClassDevsEx(classGUID *GUID, enumerator string, hwndParent uintptr, flags DIGCF, deviceInfoSet DevInfo, machineName string) (handle DevInfo, err error) {
+	var enumeratorUTF16 *uint16
+	if enumerator != "" {
+		enumeratorUTF16, err = UTF16PtrFromString(enumerator)
+		if err != nil {
+			return
+		}
+	}
+	var machineNameUTF16 *uint16
+	if machineName != "" {
+		machineNameUTF16, err = UTF16PtrFromString(machineName)
+		if err != nil {
+			return
+		}
+	}
+	return setupDiGetClassDevsEx(classGUID, enumeratorUTF16, hwndParent, flags, deviceInfoSet, machineNameUTF16, 0)
+}
+
+// SetupDiCallClassInstaller function calls the appropriate class installer, and any registered co-installers, with the specified installation request (DIF code).
+//sys	SetupDiCallClassInstaller(installFunction DI_FUNCTION, deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiCallClassInstaller
+
+// CallClassInstaller member calls the appropriate class installer, and any registered co-installers, with the specified installation request (DIF code).
+func (deviceInfoSet DevInfo) CallClassInstaller(installFunction DI_FUNCTION, deviceInfoData *DevInfoData) error {
+	return SetupDiCallClassInstaller(installFunction, deviceInfoSet, deviceInfoData)
+}
+
+// SetupDiOpenDevRegKey function opens a registry key for device-specific configuration information.
+//sys	SetupDiOpenDevRegKey(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, Scope DICS_FLAG, HwProfile uint32, KeyType DIREG, samDesired uint32) (key Handle, err error) [failretval==InvalidHandle] = setupapi.SetupDiOpenDevRegKey
+
+// OpenDevRegKey method opens a registry key for device-specific configuration information.
+func (deviceInfoSet DevInfo) OpenDevRegKey(DeviceInfoData *DevInfoData, Scope DICS_FLAG, HwProfile uint32, KeyType DIREG, samDesired uint32) (Handle, error) {
+	return SetupDiOpenDevRegKey(deviceInfoSet, DeviceInfoData, Scope, HwProfile, KeyType, samDesired)
+}
+
+//sys	setupDiGetDeviceProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, propertyKey *DEVPROPKEY, propertyType *DEVPROPTYPE, propertyBuffer *byte, propertyBufferSize uint32, requiredSize *uint32, flags uint32) (err error) = setupapi.SetupDiGetDevicePropertyW
+
+// SetupDiGetDeviceProperty function retrieves a specified device instance property.
+func SetupDiGetDeviceProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, propertyKey *DEVPROPKEY) (value interface{}, err error) {
+	reqSize := uint32(256)
+	for {
+		var dataType DEVPROPTYPE
+		buf := make([]byte, reqSize)
+		err = setupDiGetDeviceProperty(deviceInfoSet, deviceInfoData, propertyKey, &dataType, &buf[0], uint32(len(buf)), &reqSize, 0)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return
+		}
+		switch dataType {
+		case DEVPROP_TYPE_STRING:
+			ret := UTF16ToString(bufToUTF16(buf))
+			runtime.KeepAlive(buf)
+			return ret, nil
+		}
+		return nil, errors.New("unimplemented property type")
+	}
+}
+
+//sys	setupDiGetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyRegDataType *uint32, propertyBuffer *byte, propertyBufferSize uint32, requiredSize *uint32) (err error) = setupapi.SetupDiGetDeviceRegistryPropertyW
+
+// SetupDiGetDeviceRegistryProperty function retrieves a specified Plug and Play device property.
+func SetupDiGetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP) (value interface{}, err error) {
+	reqSize := uint32(256)
+	for {
+		var dataType uint32
+		buf := make([]byte, reqSize)
+		err = setupDiGetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property, &dataType, &buf[0], uint32(len(buf)), &reqSize)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return
+		}
+		return getRegistryValue(buf[:reqSize], dataType)
+	}
+}
+
+func getRegistryValue(buf []byte, dataType uint32) (interface{}, error) {
+	switch dataType {
+	case REG_SZ:
+		ret := UTF16ToString(bufToUTF16(buf))
+		runtime.KeepAlive(buf)
+		return ret, nil
+	case REG_EXPAND_SZ:
+		value := UTF16ToString(bufToUTF16(buf))
+		if value == "" {
+			return "", nil
+		}
+		p, err := syscall.UTF16PtrFromString(value)
+		if err != nil {
+			return "", err
+		}
+		ret := make([]uint16, 100)
+		for {
+			n, err := ExpandEnvironmentStrings(p, &ret[0], uint32(len(ret)))
+			if err != nil {
+				return "", err
+			}
+			if n <= uint32(len(ret)) {
+				return UTF16ToString(ret[:n]), nil
+			}
+			ret = make([]uint16, n)
+		}
+	case REG_BINARY:
+		return buf, nil
+	case REG_DWORD_LITTLE_ENDIAN:
+		return binary.LittleEndian.Uint32(buf), nil
+	case REG_DWORD_BIG_ENDIAN:
+		return binary.BigEndian.Uint32(buf), nil
+	case REG_MULTI_SZ:
+		bufW := bufToUTF16(buf)
+		a := []string{}
+		for i := 0; i < len(bufW); {
+			j := i + wcslen(bufW[i:])
+			if i < j {
+				a = append(a, UTF16ToString(bufW[i:j]))
+			}
+			i = j + 1
+		}
+		runtime.KeepAlive(buf)
+		return a, nil
+	case REG_QWORD_LITTLE_ENDIAN:
+		return binary.LittleEndian.Uint64(buf), nil
+	default:
+		return nil, fmt.Errorf("Unsupported registry value type: %v", dataType)
+	}
+}
+
+// bufToUTF16 function reinterprets []byte buffer as []uint16
+func bufToUTF16(buf []byte) []uint16 {
+	sl := struct {
+		addr *uint16
+		len  int
+		cap  int
+	}{(*uint16)(unsafe.Pointer(&buf[0])), len(buf) / 2, cap(buf) / 2}
+	return *(*[]uint16)(unsafe.Pointer(&sl))
+}
+
+// utf16ToBuf function reinterprets []uint16 as []byte
+func utf16ToBuf(buf []uint16) []byte {
+	sl := struct {
+		addr *byte
+		len  int
+		cap  int
+	}{(*byte)(unsafe.Pointer(&buf[0])), len(buf) * 2, cap(buf) * 2}
+	return *(*[]byte)(unsafe.Pointer(&sl))
+}
+
+func wcslen(str []uint16) int {
+	for i := 0; i < len(str); i++ {
+		if str[i] == 0 {
+			return i
+		}
+	}
+	return len(str)
+}
+
+// DeviceRegistryProperty method retrieves a specified Plug and Play device property.
+func (deviceInfoSet DevInfo) DeviceRegistryProperty(deviceInfoData *DevInfoData, property SPDRP) (interface{}, error) {
+	return SetupDiGetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property)
+}
+
+//sys	setupDiSetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyBuffer *byte, propertyBufferSize uint32) (err error) = setupapi.SetupDiSetDeviceRegistryPropertyW
+
+// SetupDiSetDeviceRegistryProperty function sets a Plug and Play device property for a device.
+func SetupDiSetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyBuffers []byte) error {
+	return setupDiSetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property, &propertyBuffers[0], uint32(len(propertyBuffers)))
+}
+
+// SetDeviceRegistryProperty function sets a Plug and Play device property for a device.
+func (deviceInfoSet DevInfo) SetDeviceRegistryProperty(deviceInfoData *DevInfoData, property SPDRP, propertyBuffers []byte) error {
+	return SetupDiSetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property, propertyBuffers)
+}
+
+// SetDeviceRegistryPropertyString method sets a Plug and Play device property string for a device.
+func (deviceInfoSet DevInfo) SetDeviceRegistryPropertyString(deviceInfoData *DevInfoData, property SPDRP, str string) error {
+	str16, err := UTF16FromString(str)
+	if err != nil {
+		return err
+	}
+	err = SetupDiSetDeviceRegistryProperty(deviceInfoSet, deviceInfoData, property, utf16ToBuf(append(str16, 0)))
+	runtime.KeepAlive(str16)
+	return err
+}
+
+//sys	setupDiGetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) (err error) = setupapi.SetupDiGetDeviceInstallParamsW
+
+// SetupDiGetDeviceInstallParams function retrieves device installation parameters for a device information set or a particular device information element.
+func SetupDiGetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (*DevInstallParams, error) {
+	params := &DevInstallParams{}
+	params.size = uint32(unsafe.Sizeof(*params))
+
+	return params, setupDiGetDeviceInstallParams(deviceInfoSet, deviceInfoData, params)
+}
+
+// DeviceInstallParams method retrieves device installation parameters for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) DeviceInstallParams(deviceInfoData *DevInfoData) (*DevInstallParams, error) {
+	return SetupDiGetDeviceInstallParams(deviceInfoSet, deviceInfoData)
+}
+
+//sys	setupDiGetDeviceInstanceId(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, instanceId *uint16, instanceIdSize uint32, instanceIdRequiredSize *uint32) (err error) = setupapi.SetupDiGetDeviceInstanceIdW
+
+// SetupDiGetDeviceInstanceId function retrieves the instance ID of the device.
+func SetupDiGetDeviceInstanceId(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (string, error) {
+	reqSize := uint32(1024)
+	for {
+		buf := make([]uint16, reqSize)
+		err := setupDiGetDeviceInstanceId(deviceInfoSet, deviceInfoData, &buf[0], uint32(len(buf)), &reqSize)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return "", err
+		}
+		return UTF16ToString(buf), nil
+	}
+}
+
+// DeviceInstanceID method retrieves the instance ID of the device.
+func (deviceInfoSet DevInfo) DeviceInstanceID(deviceInfoData *DevInfoData) (string, error) {
+	return SetupDiGetDeviceInstanceId(deviceInfoSet, deviceInfoData)
+}
+
+// SetupDiGetClassInstallParams function retrieves class installation parameters for a device information set or a particular device information element.
+//sys	SetupDiGetClassInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32, requiredSize *uint32) (err error) = setupapi.SetupDiGetClassInstallParamsW
+
+// ClassInstallParams method retrieves class installation parameters for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) ClassInstallParams(deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32, requiredSize *uint32) error {
+	return SetupDiGetClassInstallParams(deviceInfoSet, deviceInfoData, classInstallParams, classInstallParamsSize, requiredSize)
+}
+
+//sys	SetupDiSetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) (err error) = setupapi.SetupDiSetDeviceInstallParamsW
+
+// SetDeviceInstallParams member sets device installation parameters for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) SetDeviceInstallParams(deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) error {
+	return SetupDiSetDeviceInstallParams(deviceInfoSet, deviceInfoData, deviceInstallParams)
+}
+
+// SetupDiSetClassInstallParams function sets or clears class install parameters for a device information set or a particular device information element.
+//sys	SetupDiSetClassInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32) (err error) = setupapi.SetupDiSetClassInstallParamsW
+
+// SetClassInstallParams method sets or clears class install parameters for a device information set or a particular device information element.
+func (deviceInfoSet DevInfo) SetClassInstallParams(deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32) error {
+	return SetupDiSetClassInstallParams(deviceInfoSet, deviceInfoData, classInstallParams, classInstallParamsSize)
+}
+
+//sys	setupDiClassNameFromGuidEx(classGUID *GUID, className *uint16, classNameSize uint32, requiredSize *uint32, machineName *uint16, reserved uintptr) (err error) = setupapi.SetupDiClassNameFromGuidExW
+
+// SetupDiClassNameFromGuidEx function retrieves the class name associated with a class GUID. The class can be installed on a local or remote computer.
+func SetupDiClassNameFromGuidEx(classGUID *GUID, machineName string) (className string, err error) {
+	var classNameUTF16 [MAX_CLASS_NAME_LEN]uint16
+
+	var machineNameUTF16 *uint16
+	if machineName != "" {
+		machineNameUTF16, err = UTF16PtrFromString(machineName)
+		if err != nil {
+			return
+		}
+	}
+
+	err = setupDiClassNameFromGuidEx(classGUID, &classNameUTF16[0], MAX_CLASS_NAME_LEN, nil, machineNameUTF16, 0)
+	if err != nil {
+		return
+	}
+
+	className = UTF16ToString(classNameUTF16[:])
+	return
+}
+
+//sys	setupDiClassGuidsFromNameEx(className *uint16, classGuidList *GUID, classGuidListSize uint32, requiredSize *uint32, machineName *uint16, reserved uintptr) (err error) = setupapi.SetupDiClassGuidsFromNameExW
+
+// SetupDiClassGuidsFromNameEx function retrieves the GUIDs associated with the specified class name. This resulting list contains the classes currently installed on a local or remote computer.
+func SetupDiClassGuidsFromNameEx(className string, machineName string) ([]GUID, error) {
+	classNameUTF16, err := UTF16PtrFromString(className)
+	if err != nil {
+		return nil, err
+	}
+
+	var machineNameUTF16 *uint16
+	if machineName != "" {
+		machineNameUTF16, err = UTF16PtrFromString(machineName)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	reqSize := uint32(4)
+	for {
+		buf := make([]GUID, reqSize)
+		err = setupDiClassGuidsFromNameEx(classNameUTF16, &buf[0], uint32(len(buf)), &reqSize, machineNameUTF16, 0)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return nil, err
+		}
+		return buf[:reqSize], nil
+	}
+}
+
+//sys	setupDiGetSelectedDevice(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiGetSelectedDevice
+
+// SetupDiGetSelectedDevice function retrieves the selected device information element in a device information set.
+func SetupDiGetSelectedDevice(deviceInfoSet DevInfo) (*DevInfoData, error) {
+	data := &DevInfoData{}
+	data.size = uint32(unsafe.Sizeof(*data))
+
+	return data, setupDiGetSelectedDevice(deviceInfoSet, data)
+}
+
+// SelectedDevice method retrieves the selected device information element in a device information set.
+func (deviceInfoSet DevInfo) SelectedDevice() (*DevInfoData, error) {
+	return SetupDiGetSelectedDevice(deviceInfoSet)
+}
+
+// SetupDiSetSelectedDevice function sets a device information element as the selected member of a device information set. This function is typically used by an installation wizard.
+//sys	SetupDiSetSelectedDevice(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) = setupapi.SetupDiSetSelectedDevice
+
+// SetSelectedDevice method sets a device information element as the selected member of a device information set. This function is typically used by an installation wizard.
+func (deviceInfoSet DevInfo) SetSelectedDevice(deviceInfoData *DevInfoData) error {
+	return SetupDiSetSelectedDevice(deviceInfoSet, deviceInfoData)
+}
+
+//sys	setupUninstallOEMInf(infFileName *uint16, flags SUOI, reserved uintptr) (err error) = setupapi.SetupUninstallOEMInfW
+
+// SetupUninstallOEMInf uninstalls the specified driver.
+func SetupUninstallOEMInf(infFileName string, flags SUOI) error {
+	infFileName16, err := UTF16PtrFromString(infFileName)
+	if err != nil {
+		return err
+	}
+	return setupUninstallOEMInf(infFileName16, flags, 0)
+}
+
+//sys cm_MapCrToWin32Err(configRet CONFIGRET, defaultWin32Error Errno) (ret Errno) = CfgMgr32.CM_MapCrToWin32Err
+
+//sys cm_Get_Device_Interface_List_Size(len *uint32, interfaceClass *GUID, deviceID *uint16, flags uint32) (ret CONFIGRET) = CfgMgr32.CM_Get_Device_Interface_List_SizeW
+//sys cm_Get_Device_Interface_List(interfaceClass *GUID, deviceID *uint16, buffer *uint16, bufferLen uint32, flags uint32) (ret CONFIGRET) = CfgMgr32.CM_Get_Device_Interface_ListW
+
+func CM_Get_Device_Interface_List(deviceID string, interfaceClass *GUID, flags uint32) ([]string, error) {
+	deviceID16, err := UTF16PtrFromString(deviceID)
+	if err != nil {
+		return nil, err
+	}
+	var buf []uint16
+	var buflen uint32
+	for {
+		if ret := cm_Get_Device_Interface_List_Size(&buflen, interfaceClass, deviceID16, flags); ret != CR_SUCCESS {
+			return nil, ret
+		}
+		buf = make([]uint16, buflen)
+		if ret := cm_Get_Device_Interface_List(interfaceClass, deviceID16, &buf[0], buflen, flags); ret == CR_SUCCESS {
+			break
+		} else if ret != CR_BUFFER_SMALL {
+			return nil, ret
+		}
+	}
+	var interfaces []string
+	for i := 0; i < len(buf); {
+		j := i + wcslen(buf[i:])
+		if i < j {
+			interfaces = append(interfaces, UTF16ToString(buf[i:j]))
+		}
+		i = j + 1
+	}
+	if interfaces == nil {
+		return nil, ERROR_NO_SUCH_DEVICE_INTERFACE
+	}
+	return interfaces, nil
+}
+
+//sys cm_Get_DevNode_Status(status *uint32, problemNumber *uint32, devInst DEVINST, flags uint32) (ret CONFIGRET) = CfgMgr32.CM_Get_DevNode_Status
+
+func CM_Get_DevNode_Status(status *uint32, problemNumber *uint32, devInst DEVINST, flags uint32) error {
+	ret := cm_Get_DevNode_Status(status, problemNumber, devInst, flags)
+	if ret == CR_SUCCESS {
+		return nil
+	}
+	return ret
+}
diff --git a/server/vendor/golang.org/x/sys/windows/str.go b/server/vendor/golang.org/x/sys/windows/str.go
new file mode 100644
index 0000000..6a4f9ce
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/str.go
@@ -0,0 +1,22 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build windows
+
+package windows
+
+func itoa(val int) string { // do it here rather than with fmt to avoid dependency
+	if val < 0 {
+		return "-" + itoa(-val)
+	}
+	var buf [32]byte // big enough for int64
+	i := len(buf) - 1
+	for val >= 10 {
+		buf[i] = byte(val%10 + '0')
+		i--
+		val /= 10
+	}
+	buf[i] = byte(val + '0')
+	return string(buf[i:])
+}
diff --git a/server/vendor/golang.org/x/sys/windows/syscall.go b/server/vendor/golang.org/x/sys/windows/syscall.go
new file mode 100644
index 0000000..e85ed6b
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/syscall.go
@@ -0,0 +1,104 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build windows
+
+// Package windows contains an interface to the low-level operating system
+// primitives. OS details vary depending on the underlying system, and
+// by default, godoc will display the OS-specific documentation for the current
+// system. If you want godoc to display syscall documentation for another
+// system, set $GOOS and $GOARCH to the desired system. For example, if
+// you want to view documentation for freebsd/arm on linux/amd64, set $GOOS
+// to freebsd and $GOARCH to arm.
+//
+// The primary use of this package is inside other packages that provide a more
+// portable interface to the system, such as "os", "time" and "net".  Use
+// those packages rather than this one if you can.
+//
+// For details of the functions and data types in this package consult
+// the manuals for the appropriate operating system.
+//
+// These calls return err == nil to indicate success; otherwise
+// err represents an operating system error describing the failure and
+// holds a value of type syscall.Errno.
+package windows // import "golang.org/x/sys/windows"
+
+import (
+	"bytes"
+	"strings"
+	"syscall"
+	"unsafe"
+)
+
+// ByteSliceFromString returns a NUL-terminated slice of bytes
+// containing the text of s. If s contains a NUL byte at any
+// location, it returns (nil, syscall.EINVAL).
+func ByteSliceFromString(s string) ([]byte, error) {
+	if strings.IndexByte(s, 0) != -1 {
+		return nil, syscall.EINVAL
+	}
+	a := make([]byte, len(s)+1)
+	copy(a, s)
+	return a, nil
+}
+
+// BytePtrFromString returns a pointer to a NUL-terminated array of
+// bytes containing the text of s. If s contains a NUL byte at any
+// location, it returns (nil, syscall.EINVAL).
+func BytePtrFromString(s string) (*byte, error) {
+	a, err := ByteSliceFromString(s)
+	if err != nil {
+		return nil, err
+	}
+	return &a[0], nil
+}
+
+// ByteSliceToString returns a string form of the text represented by the slice s, with a terminating NUL and any
+// bytes after the NUL removed.
+func ByteSliceToString(s []byte) string {
+	if i := bytes.IndexByte(s, 0); i != -1 {
+		s = s[:i]
+	}
+	return string(s)
+}
+
+// BytePtrToString takes a pointer to a sequence of text and returns the corresponding string.
+// If the pointer is nil, it returns the empty string. It assumes that the text sequence is terminated
+// at a zero byte; if the zero byte is not present, the program may crash.
+func BytePtrToString(p *byte) string {
+	if p == nil {
+		return ""
+	}
+	if *p == 0 {
+		return ""
+	}
+
+	// Find NUL terminator.
+	n := 0
+	for ptr := unsafe.Pointer(p); *(*byte)(ptr) != 0; n++ {
+		ptr = unsafe.Pointer(uintptr(ptr) + 1)
+	}
+
+	return string(unsafe.Slice(p, n))
+}
+
+// Single-word zero for use when we need a valid pointer to 0 bytes.
+// See mksyscall.pl.
+var _zero uintptr
+
+func (ts *Timespec) Unix() (sec int64, nsec int64) {
+	return int64(ts.Sec), int64(ts.Nsec)
+}
+
+func (tv *Timeval) Unix() (sec int64, nsec int64) {
+	return int64(tv.Sec), int64(tv.Usec) * 1000
+}
+
+func (ts *Timespec) Nano() int64 {
+	return int64(ts.Sec)*1e9 + int64(ts.Nsec)
+}
+
+func (tv *Timeval) Nano() int64 {
+	return int64(tv.Sec)*1e9 + int64(tv.Usec)*1000
+}
diff --git a/server/vendor/golang.org/x/sys/windows/syscall_windows.go b/server/vendor/golang.org/x/sys/windows/syscall_windows.go
new file mode 100644
index 0000000..4a32543
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -0,0 +1,1932 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Windows system calls.
+
+package windows
+
+import (
+	errorspkg "errors"
+	"fmt"
+	"runtime"
+	"sync"
+	"syscall"
+	"time"
+	"unicode/utf16"
+	"unsafe"
+)
+
+type (
+	Handle uintptr
+	HWND   uintptr
+)
+
+const (
+	InvalidHandle = ^Handle(0)
+	InvalidHWND   = ^HWND(0)
+
+	// Flags for DefineDosDevice.
+	DDD_EXACT_MATCH_ON_REMOVE = 0x00000004
+	DDD_NO_BROADCAST_SYSTEM   = 0x00000008
+	DDD_RAW_TARGET_PATH       = 0x00000001
+	DDD_REMOVE_DEFINITION     = 0x00000002
+
+	// Return values for GetDriveType.
+	DRIVE_UNKNOWN     = 0
+	DRIVE_NO_ROOT_DIR = 1
+	DRIVE_REMOVABLE   = 2
+	DRIVE_FIXED       = 3
+	DRIVE_REMOTE      = 4
+	DRIVE_CDROM       = 5
+	DRIVE_RAMDISK     = 6
+
+	// File system flags from GetVolumeInformation and GetVolumeInformationByHandle.
+	FILE_CASE_SENSITIVE_SEARCH        = 0x00000001
+	FILE_CASE_PRESERVED_NAMES         = 0x00000002
+	FILE_FILE_COMPRESSION             = 0x00000010
+	FILE_DAX_VOLUME                   = 0x20000000
+	FILE_NAMED_STREAMS                = 0x00040000
+	FILE_PERSISTENT_ACLS              = 0x00000008
+	FILE_READ_ONLY_VOLUME             = 0x00080000
+	FILE_SEQUENTIAL_WRITE_ONCE        = 0x00100000
+	FILE_SUPPORTS_ENCRYPTION          = 0x00020000
+	FILE_SUPPORTS_EXTENDED_ATTRIBUTES = 0x00800000
+	FILE_SUPPORTS_HARD_LINKS          = 0x00400000
+	FILE_SUPPORTS_OBJECT_IDS          = 0x00010000
+	FILE_SUPPORTS_OPEN_BY_FILE_ID     = 0x01000000
+	FILE_SUPPORTS_REPARSE_POINTS      = 0x00000080
+	FILE_SUPPORTS_SPARSE_FILES        = 0x00000040
+	FILE_SUPPORTS_TRANSACTIONS        = 0x00200000
+	FILE_SUPPORTS_USN_JOURNAL         = 0x02000000
+	FILE_UNICODE_ON_DISK              = 0x00000004
+	FILE_VOLUME_IS_COMPRESSED         = 0x00008000
+	FILE_VOLUME_QUOTAS                = 0x00000020
+
+	// Flags for LockFileEx.
+	LOCKFILE_FAIL_IMMEDIATELY = 0x00000001
+	LOCKFILE_EXCLUSIVE_LOCK   = 0x00000002
+
+	// Return value of SleepEx and other APC functions
+	WAIT_IO_COMPLETION = 0x000000C0
+)
+
+// StringToUTF16 is deprecated. Use UTF16FromString instead.
+// If s contains a NUL byte this function panics instead of
+// returning an error.
+func StringToUTF16(s string) []uint16 {
+	a, err := UTF16FromString(s)
+	if err != nil {
+		panic("windows: string with NUL passed to StringToUTF16")
+	}
+	return a
+}
+
+// UTF16FromString returns the UTF-16 encoding of the UTF-8 string
+// s, with a terminating NUL added. If s contains a NUL byte at any
+// location, it returns (nil, syscall.EINVAL).
+func UTF16FromString(s string) ([]uint16, error) {
+	return syscall.UTF16FromString(s)
+}
+
+// UTF16ToString returns the UTF-8 encoding of the UTF-16 sequence s,
+// with a terminating NUL and any bytes after the NUL removed.
+func UTF16ToString(s []uint16) string {
+	return syscall.UTF16ToString(s)
+}
+
+// StringToUTF16Ptr is deprecated. Use UTF16PtrFromString instead.
+// If s contains a NUL byte this function panics instead of
+// returning an error.
+func StringToUTF16Ptr(s string) *uint16 { return &StringToUTF16(s)[0] }
+
+// UTF16PtrFromString returns pointer to the UTF-16 encoding of
+// the UTF-8 string s, with a terminating NUL added. If s
+// contains a NUL byte at any location, it returns (nil, syscall.EINVAL).
+func UTF16PtrFromString(s string) (*uint16, error) {
+	a, err := UTF16FromString(s)
+	if err != nil {
+		return nil, err
+	}
+	return &a[0], nil
+}
+
+// UTF16PtrToString takes a pointer to a UTF-16 sequence and returns the corresponding UTF-8 encoded string.
+// If the pointer is nil, it returns the empty string. It assumes that the UTF-16 sequence is terminated
+// at a zero word; if the zero word is not present, the program may crash.
+func UTF16PtrToString(p *uint16) string {
+	if p == nil {
+		return ""
+	}
+	if *p == 0 {
+		return ""
+	}
+
+	// Find NUL terminator.
+	n := 0
+	for ptr := unsafe.Pointer(p); *(*uint16)(ptr) != 0; n++ {
+		ptr = unsafe.Pointer(uintptr(ptr) + unsafe.Sizeof(*p))
+	}
+	return UTF16ToString(unsafe.Slice(p, n))
+}
+
+func Getpagesize() int { return 4096 }
+
+// NewCallback converts a Go function to a function pointer conforming to the stdcall calling convention.
+// This is useful when interoperating with Windows code requiring callbacks.
+// The argument is expected to be a function with one uintptr-sized result. The function must not have arguments with size larger than the size of uintptr.
+func NewCallback(fn interface{}) uintptr {
+	return syscall.NewCallback(fn)
+}
+
+// NewCallbackCDecl converts a Go function to a function pointer conforming to the cdecl calling convention.
+// This is useful when interoperating with Windows code requiring callbacks.
+// The argument is expected to be a function with one uintptr-sized result. The function must not have arguments with size larger than the size of uintptr.
+func NewCallbackCDecl(fn interface{}) uintptr {
+	return syscall.NewCallbackCDecl(fn)
+}
+
+// windows api calls
+
+//sys	GetLastError() (lasterr error)
+//sys	LoadLibrary(libname string) (handle Handle, err error) = LoadLibraryW
+//sys	LoadLibraryEx(libname string, zero Handle, flags uintptr) (handle Handle, err error) = LoadLibraryExW
+//sys	FreeLibrary(handle Handle) (err error)
+//sys	GetProcAddress(module Handle, procname string) (proc uintptr, err error)
+//sys	GetModuleFileName(module Handle, filename *uint16, size uint32) (n uint32, err error) = kernel32.GetModuleFileNameW
+//sys	GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err error) = kernel32.GetModuleHandleExW
+//sys	SetDefaultDllDirectories(directoryFlags uint32) (err error)
+//sys	AddDllDirectory(path *uint16) (cookie uintptr, err error) = kernel32.AddDllDirectory
+//sys	RemoveDllDirectory(cookie uintptr) (err error) = kernel32.RemoveDllDirectory
+//sys	SetDllDirectory(path string) (err error) = kernel32.SetDllDirectoryW
+//sys	GetVersion() (ver uint32, err error)
+//sys	FormatMessage(flags uint32, msgsrc uintptr, msgid uint32, langid uint32, buf []uint16, args *byte) (n uint32, err error) = FormatMessageW
+//sys	ExitProcess(exitcode uint32)
+//sys	IsWow64Process(handle Handle, isWow64 *bool) (err error) = IsWow64Process
+//sys	IsWow64Process2(handle Handle, processMachine *uint16, nativeMachine *uint16) (err error) = IsWow64Process2?
+//sys	CreateFile(name *uint16, access uint32, mode uint32, sa *SecurityAttributes, createmode uint32, attrs uint32, templatefile Handle) (handle Handle, err error) [failretval==InvalidHandle] = CreateFileW
+//sys	CreateNamedPipe(name *uint16, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *SecurityAttributes) (handle Handle, err error)  [failretval==InvalidHandle] = CreateNamedPipeW
+//sys	ConnectNamedPipe(pipe Handle, overlapped *Overlapped) (err error)
+//sys	DisconnectNamedPipe(pipe Handle) (err error)
+//sys   GetNamedPipeClientProcessId(pipe Handle, clientProcessID *uint32) (err error)
+//sys   GetNamedPipeServerProcessId(pipe Handle, serverProcessID *uint32) (err error)
+//sys	GetNamedPipeInfo(pipe Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error)
+//sys	GetNamedPipeHandleState(pipe Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) = GetNamedPipeHandleStateW
+//sys	SetNamedPipeHandleState(pipe Handle, state *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32) (err error) = SetNamedPipeHandleState
+//sys	readFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error) = ReadFile
+//sys	writeFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error) = WriteFile
+//sys	GetOverlappedResult(handle Handle, overlapped *Overlapped, done *uint32, wait bool) (err error)
+//sys	SetFilePointer(handle Handle, lowoffset int32, highoffsetptr *int32, whence uint32) (newlowoffset uint32, err error) [failretval==0xffffffff]
+//sys	CloseHandle(handle Handle) (err error)
+//sys	GetStdHandle(stdhandle uint32) (handle Handle, err error) [failretval==InvalidHandle]
+//sys	SetStdHandle(stdhandle uint32, handle Handle) (err error)
+//sys	findFirstFile1(name *uint16, data *win32finddata1) (handle Handle, err error) [failretval==InvalidHandle] = FindFirstFileW
+//sys	findNextFile1(handle Handle, data *win32finddata1) (err error) = FindNextFileW
+//sys	FindClose(handle Handle) (err error)
+//sys	GetFileInformationByHandle(handle Handle, data *ByHandleFileInformation) (err error)
+//sys	GetFileInformationByHandleEx(handle Handle, class uint32, outBuffer *byte, outBufferLen uint32) (err error)
+//sys	SetFileInformationByHandle(handle Handle, class uint32, inBuffer *byte, inBufferLen uint32) (err error)
+//sys	GetCurrentDirectory(buflen uint32, buf *uint16) (n uint32, err error) = GetCurrentDirectoryW
+//sys	SetCurrentDirectory(path *uint16) (err error) = SetCurrentDirectoryW
+//sys	CreateDirectory(path *uint16, sa *SecurityAttributes) (err error) = CreateDirectoryW
+//sys	RemoveDirectory(path *uint16) (err error) = RemoveDirectoryW
+//sys	DeleteFile(path *uint16) (err error) = DeleteFileW
+//sys	MoveFile(from *uint16, to *uint16) (err error) = MoveFileW
+//sys	MoveFileEx(from *uint16, to *uint16, flags uint32) (err error) = MoveFileExW
+//sys	LockFileEx(file Handle, flags uint32, reserved uint32, bytesLow uint32, bytesHigh uint32, overlapped *Overlapped) (err error)
+//sys	UnlockFileEx(file Handle, reserved uint32, bytesLow uint32, bytesHigh uint32, overlapped *Overlapped) (err error)
+//sys	GetComputerName(buf *uint16, n *uint32) (err error) = GetComputerNameW
+//sys	GetComputerNameEx(nametype uint32, buf *uint16, n *uint32) (err error) = GetComputerNameExW
+//sys	SetEndOfFile(handle Handle) (err error)
+//sys	SetFileValidData(handle Handle, validDataLength int64) (err error)
+//sys	GetSystemTimeAsFileTime(time *Filetime)
+//sys	GetSystemTimePreciseAsFileTime(time *Filetime)
+//sys	GetTimeZoneInformation(tzi *Timezoneinformation) (rc uint32, err error) [failretval==0xffffffff]
+//sys	CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uintptr, threadcnt uint32) (handle Handle, err error)
+//sys	GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uintptr, overlapped **Overlapped, timeout uint32) (err error)
+//sys	PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uintptr, overlapped *Overlapped) (err error)
+//sys	CancelIo(s Handle) (err error)
+//sys	CancelIoEx(s Handle, o *Overlapped) (err error)
+//sys	CreateProcess(appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) = CreateProcessW
+//sys	CreateProcessAsUser(token Token, appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) = advapi32.CreateProcessAsUserW
+//sys   initializeProcThreadAttributeList(attrlist *ProcThreadAttributeList, attrcount uint32, flags uint32, size *uintptr) (err error) = InitializeProcThreadAttributeList
+//sys   deleteProcThreadAttributeList(attrlist *ProcThreadAttributeList) = DeleteProcThreadAttributeList
+//sys   updateProcThreadAttribute(attrlist *ProcThreadAttributeList, flags uint32, attr uintptr, value unsafe.Pointer, size uintptr, prevvalue unsafe.Pointer, returnedsize *uintptr) (err error) = UpdateProcThreadAttribute
+//sys	OpenProcess(desiredAccess uint32, inheritHandle bool, processId uint32) (handle Handle, err error)
+//sys	ShellExecute(hwnd Handle, verb *uint16, file *uint16, args *uint16, cwd *uint16, showCmd int32) (err error) [failretval<=32] = shell32.ShellExecuteW
+//sys	GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32, err error) = user32.GetWindowThreadProcessId
+//sys	LoadKeyboardLayout(name *uint16, flags uint32) (hkl Handle, err error) [failretval==0] = user32.LoadKeyboardLayoutW
+//sys	UnloadKeyboardLayout(hkl Handle) (err error) = user32.UnloadKeyboardLayout
+//sys	GetKeyboardLayout(tid uint32) (hkl Handle) = user32.GetKeyboardLayout
+//sys	ToUnicodeEx(vkey uint32, scancode uint32, keystate *byte, pwszBuff *uint16, cchBuff int32, flags uint32, hkl Handle) (ret int32) = user32.ToUnicodeEx
+//sys	GetShellWindow() (shellWindow HWND) = user32.GetShellWindow
+//sys	MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW
+//sys	ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx
+//sys	shGetKnownFolderPath(id *KNOWNFOLDERID, flags uint32, token Token, path **uint16) (ret error) = shell32.SHGetKnownFolderPath
+//sys	TerminateProcess(handle Handle, exitcode uint32) (err error)
+//sys	GetExitCodeProcess(handle Handle, exitcode *uint32) (err error)
+//sys	getStartupInfo(startupInfo *StartupInfo) = GetStartupInfoW
+//sys	GetProcessTimes(handle Handle, creationTime *Filetime, exitTime *Filetime, kernelTime *Filetime, userTime *Filetime) (err error)
+//sys	DuplicateHandle(hSourceProcessHandle Handle, hSourceHandle Handle, hTargetProcessHandle Handle, lpTargetHandle *Handle, dwDesiredAccess uint32, bInheritHandle bool, dwOptions uint32) (err error)
+//sys	WaitForSingleObject(handle Handle, waitMilliseconds uint32) (event uint32, err error) [failretval==0xffffffff]
+//sys	waitForMultipleObjects(count uint32, handles uintptr, waitAll bool, waitMilliseconds uint32) (event uint32, err error) [failretval==0xffffffff] = WaitForMultipleObjects
+//sys	GetTempPath(buflen uint32, buf *uint16) (n uint32, err error) = GetTempPathW
+//sys	CreatePipe(readhandle *Handle, writehandle *Handle, sa *SecurityAttributes, size uint32) (err error)
+//sys	GetFileType(filehandle Handle) (n uint32, err error)
+//sys	CryptAcquireContext(provhandle *Handle, container *uint16, provider *uint16, provtype uint32, flags uint32) (err error) = advapi32.CryptAcquireContextW
+//sys	CryptReleaseContext(provhandle Handle, flags uint32) (err error) = advapi32.CryptReleaseContext
+//sys	CryptGenRandom(provhandle Handle, buflen uint32, buf *byte) (err error) = advapi32.CryptGenRandom
+//sys	GetEnvironmentStrings() (envs *uint16, err error) [failretval==nil] = kernel32.GetEnvironmentStringsW
+//sys	FreeEnvironmentStrings(envs *uint16) (err error) = kernel32.FreeEnvironmentStringsW
+//sys	GetEnvironmentVariable(name *uint16, buffer *uint16, size uint32) (n uint32, err error) = kernel32.GetEnvironmentVariableW
+//sys	SetEnvironmentVariable(name *uint16, value *uint16) (err error) = kernel32.SetEnvironmentVariableW
+//sys	ExpandEnvironmentStrings(src *uint16, dst *uint16, size uint32) (n uint32, err error) = kernel32.ExpandEnvironmentStringsW
+//sys	CreateEnvironmentBlock(block **uint16, token Token, inheritExisting bool) (err error) = userenv.CreateEnvironmentBlock
+//sys	DestroyEnvironmentBlock(block *uint16) (err error) = userenv.DestroyEnvironmentBlock
+//sys	getTickCount64() (ms uint64) = kernel32.GetTickCount64
+//sys   GetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error)
+//sys	SetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error)
+//sys	GetFileAttributes(name *uint16) (attrs uint32, err error) [failretval==INVALID_FILE_ATTRIBUTES] = kernel32.GetFileAttributesW
+//sys	SetFileAttributes(name *uint16, attrs uint32) (err error) = kernel32.SetFileAttributesW
+//sys	GetFileAttributesEx(name *uint16, level uint32, info *byte) (err error) = kernel32.GetFileAttributesExW
+//sys	GetCommandLine() (cmd *uint16) = kernel32.GetCommandLineW
+//sys	commandLineToArgv(cmd *uint16, argc *int32) (argv **uint16, err error) [failretval==nil] = shell32.CommandLineToArgvW
+//sys	LocalFree(hmem Handle) (handle Handle, err error) [failretval!=0]
+//sys	LocalAlloc(flags uint32, length uint32) (ptr uintptr, err error)
+//sys	SetHandleInformation(handle Handle, mask uint32, flags uint32) (err error)
+//sys	FlushFileBuffers(handle Handle) (err error)
+//sys	GetFullPathName(path *uint16, buflen uint32, buf *uint16, fname **uint16) (n uint32, err error) = kernel32.GetFullPathNameW
+//sys	GetLongPathName(path *uint16, buf *uint16, buflen uint32) (n uint32, err error) = kernel32.GetLongPathNameW
+//sys	GetShortPathName(longpath *uint16, shortpath *uint16, buflen uint32) (n uint32, err error) = kernel32.GetShortPathNameW
+//sys	GetFinalPathNameByHandle(file Handle, filePath *uint16, filePathSize uint32, flags uint32) (n uint32, err error) = kernel32.GetFinalPathNameByHandleW
+//sys	CreateFileMapping(fhandle Handle, sa *SecurityAttributes, prot uint32, maxSizeHigh uint32, maxSizeLow uint32, name *uint16) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateFileMappingW
+//sys	MapViewOfFile(handle Handle, access uint32, offsetHigh uint32, offsetLow uint32, length uintptr) (addr uintptr, err error)
+//sys	UnmapViewOfFile(addr uintptr) (err error)
+//sys	FlushViewOfFile(addr uintptr, length uintptr) (err error)
+//sys	VirtualLock(addr uintptr, length uintptr) (err error)
+//sys	VirtualUnlock(addr uintptr, length uintptr) (err error)
+//sys	VirtualAlloc(address uintptr, size uintptr, alloctype uint32, protect uint32) (value uintptr, err error) = kernel32.VirtualAlloc
+//sys	VirtualFree(address uintptr, size uintptr, freetype uint32) (err error) = kernel32.VirtualFree
+//sys	VirtualProtect(address uintptr, size uintptr, newprotect uint32, oldprotect *uint32) (err error) = kernel32.VirtualProtect
+//sys	VirtualProtectEx(process Handle, address uintptr, size uintptr, newProtect uint32, oldProtect *uint32) (err error) = kernel32.VirtualProtectEx
+//sys	VirtualQuery(address uintptr, buffer *MemoryBasicInformation, length uintptr) (err error) = kernel32.VirtualQuery
+//sys	VirtualQueryEx(process Handle, address uintptr, buffer *MemoryBasicInformation, length uintptr) (err error) = kernel32.VirtualQueryEx
+//sys	ReadProcessMemory(process Handle, baseAddress uintptr, buffer *byte, size uintptr, numberOfBytesRead *uintptr) (err error) = kernel32.ReadProcessMemory
+//sys	WriteProcessMemory(process Handle, baseAddress uintptr, buffer *byte, size uintptr, numberOfBytesWritten *uintptr) (err error) = kernel32.WriteProcessMemory
+//sys	TransmitFile(s Handle, handle Handle, bytesToWrite uint32, bytsPerSend uint32, overlapped *Overlapped, transmitFileBuf *TransmitFileBuffers, flags uint32) (err error) = mswsock.TransmitFile
+//sys	ReadDirectoryChanges(handle Handle, buf *byte, buflen uint32, watchSubTree bool, mask uint32, retlen *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) = kernel32.ReadDirectoryChangesW
+//sys	FindFirstChangeNotification(path string, watchSubtree bool, notifyFilter uint32) (handle Handle, err error) [failretval==InvalidHandle] = kernel32.FindFirstChangeNotificationW
+//sys	FindNextChangeNotification(handle Handle) (err error)
+//sys	FindCloseChangeNotification(handle Handle) (err error)
+//sys	CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) = crypt32.CertOpenSystemStoreW
+//sys	CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) = crypt32.CertOpenStore
+//sys	CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) [failretval==nil] = crypt32.CertEnumCertificatesInStore
+//sys	CertAddCertificateContextToStore(store Handle, certContext *CertContext, addDisposition uint32, storeContext **CertContext) (err error) = crypt32.CertAddCertificateContextToStore
+//sys	CertCloseStore(store Handle, flags uint32) (err error) = crypt32.CertCloseStore
+//sys	CertDeleteCertificateFromStore(certContext *CertContext) (err error) = crypt32.CertDeleteCertificateFromStore
+//sys	CertDuplicateCertificateContext(certContext *CertContext) (dupContext *CertContext) = crypt32.CertDuplicateCertificateContext
+//sys	PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) = crypt32.PFXImportCertStore
+//sys	CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, additionalStore Handle, para *CertChainPara, flags uint32, reserved uintptr, chainCtx **CertChainContext) (err error) = crypt32.CertGetCertificateChain
+//sys	CertFreeCertificateChain(ctx *CertChainContext) = crypt32.CertFreeCertificateChain
+//sys	CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, encodedLen uint32) (context *CertContext, err error) [failretval==nil] = crypt32.CertCreateCertificateContext
+//sys	CertFreeCertificateContext(ctx *CertContext) (err error) = crypt32.CertFreeCertificateContext
+//sys	CertVerifyCertificateChainPolicy(policyOID uintptr, chain *CertChainContext, para *CertChainPolicyPara, status *CertChainPolicyStatus) (err error) = crypt32.CertVerifyCertificateChainPolicy
+//sys	CertGetNameString(certContext *CertContext, nameType uint32, flags uint32, typePara unsafe.Pointer, name *uint16, size uint32) (chars uint32) = crypt32.CertGetNameStringW
+//sys	CertFindExtension(objId *byte, countExtensions uint32, extensions *CertExtension) (ret *CertExtension) = crypt32.CertFindExtension
+//sys   CertFindCertificateInStore(store Handle, certEncodingType uint32, findFlags uint32, findType uint32, findPara unsafe.Pointer, prevCertContext *CertContext) (cert *CertContext, err error) [failretval==nil] = crypt32.CertFindCertificateInStore
+//sys   CertFindChainInStore(store Handle, certEncodingType uint32, findFlags uint32, findType uint32, findPara unsafe.Pointer, prevChainContext *CertChainContext) (certchain *CertChainContext, err error) [failretval==nil] = crypt32.CertFindChainInStore
+//sys   CryptAcquireCertificatePrivateKey(cert *CertContext, flags uint32, parameters unsafe.Pointer, cryptProvOrNCryptKey *Handle, keySpec *uint32, callerFreeProvOrNCryptKey *bool) (err error) = crypt32.CryptAcquireCertificatePrivateKey
+//sys	CryptQueryObject(objectType uint32, object unsafe.Pointer, expectedContentTypeFlags uint32, expectedFormatTypeFlags uint32, flags uint32, msgAndCertEncodingType *uint32, contentType *uint32, formatType *uint32, certStore *Handle, msg *Handle, context *unsafe.Pointer) (err error) = crypt32.CryptQueryObject
+//sys	CryptDecodeObject(encodingType uint32, structType *byte, encodedBytes *byte, lenEncodedBytes uint32, flags uint32, decoded unsafe.Pointer, decodedLen *uint32) (err error) = crypt32.CryptDecodeObject
+//sys	CryptProtectData(dataIn *DataBlob, name *uint16, optionalEntropy *DataBlob, reserved uintptr, promptStruct *CryptProtectPromptStruct, flags uint32, dataOut *DataBlob) (err error) = crypt32.CryptProtectData
+//sys	CryptUnprotectData(dataIn *DataBlob, name **uint16, optionalEntropy *DataBlob, reserved uintptr, promptStruct *CryptProtectPromptStruct, flags uint32, dataOut *DataBlob) (err error) = crypt32.CryptUnprotectData
+//sys	WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) = wintrust.WinVerifyTrustEx
+//sys	RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno error) = advapi32.RegOpenKeyExW
+//sys	RegCloseKey(key Handle) (regerrno error) = advapi32.RegCloseKey
+//sys	RegQueryInfoKey(key Handle, class *uint16, classLen *uint32, reserved *uint32, subkeysLen *uint32, maxSubkeyLen *uint32, maxClassLen *uint32, valuesLen *uint32, maxValueNameLen *uint32, maxValueLen *uint32, saLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegQueryInfoKeyW
+//sys	RegEnumKeyEx(key Handle, index uint32, name *uint16, nameLen *uint32, reserved *uint32, class *uint16, classLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegEnumKeyExW
+//sys	RegQueryValueEx(key Handle, name *uint16, reserved *uint32, valtype *uint32, buf *byte, buflen *uint32) (regerrno error) = advapi32.RegQueryValueExW
+//sys	RegNotifyChangeKeyValue(key Handle, watchSubtree bool, notifyFilter uint32, event Handle, asynchronous bool) (regerrno error) = advapi32.RegNotifyChangeKeyValue
+//sys	GetCurrentProcessId() (pid uint32) = kernel32.GetCurrentProcessId
+//sys	ProcessIdToSessionId(pid uint32, sessionid *uint32) (err error) = kernel32.ProcessIdToSessionId
+//sys	ClosePseudoConsole(console Handle) = kernel32.ClosePseudoConsole
+//sys	createPseudoConsole(size uint32, in Handle, out Handle, flags uint32, pconsole *Handle) (hr error) = kernel32.CreatePseudoConsole
+//sys	GetConsoleMode(console Handle, mode *uint32) (err error) = kernel32.GetConsoleMode
+//sys	SetConsoleMode(console Handle, mode uint32) (err error) = kernel32.SetConsoleMode
+//sys	GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) = kernel32.GetConsoleScreenBufferInfo
+//sys	setConsoleCursorPosition(console Handle, position uint32) (err error) = kernel32.SetConsoleCursorPosition
+//sys	GetConsoleCP() (cp uint32, err error) = kernel32.GetConsoleCP
+//sys	GetConsoleOutputCP() (cp uint32, err error) = kernel32.GetConsoleOutputCP
+//sys	SetConsoleCP(cp uint32) (err error) = kernel32.SetConsoleCP
+//sys	SetConsoleOutputCP(cp uint32) (err error) = kernel32.SetConsoleOutputCP
+//sys	WriteConsole(console Handle, buf *uint16, towrite uint32, written *uint32, reserved *byte) (err error) = kernel32.WriteConsoleW
+//sys	ReadConsole(console Handle, buf *uint16, toread uint32, read *uint32, inputControl *byte) (err error) = kernel32.ReadConsoleW
+//sys	resizePseudoConsole(pconsole Handle, size uint32) (hr error) = kernel32.ResizePseudoConsole
+//sys	CreateToolhelp32Snapshot(flags uint32, processId uint32) (handle Handle, err error) [failretval==InvalidHandle] = kernel32.CreateToolhelp32Snapshot
+//sys	Module32First(snapshot Handle, moduleEntry *ModuleEntry32) (err error) = kernel32.Module32FirstW
+//sys	Module32Next(snapshot Handle, moduleEntry *ModuleEntry32) (err error) = kernel32.Module32NextW
+//sys	Process32First(snapshot Handle, procEntry *ProcessEntry32) (err error) = kernel32.Process32FirstW
+//sys	Process32Next(snapshot Handle, procEntry *ProcessEntry32) (err error) = kernel32.Process32NextW
+//sys	Thread32First(snapshot Handle, threadEntry *ThreadEntry32) (err error)
+//sys	Thread32Next(snapshot Handle, threadEntry *ThreadEntry32) (err error)
+//sys	DeviceIoControl(handle Handle, ioControlCode uint32, inBuffer *byte, inBufferSize uint32, outBuffer *byte, outBufferSize uint32, bytesReturned *uint32, overlapped *Overlapped) (err error)
+// This function returns 1 byte BOOLEAN rather than the 4 byte BOOL.
+//sys	CreateSymbolicLink(symlinkfilename *uint16, targetfilename *uint16, flags uint32) (err error) [failretval&0xff==0] = CreateSymbolicLinkW
+//sys	CreateHardLink(filename *uint16, existingfilename *uint16, reserved uintptr) (err error) [failretval&0xff==0] = CreateHardLinkW
+//sys	GetCurrentThreadId() (id uint32)
+//sys	CreateEvent(eventAttrs *SecurityAttributes, manualReset uint32, initialState uint32, name *uint16) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateEventW
+//sys	CreateEventEx(eventAttrs *SecurityAttributes, name *uint16, flags uint32, desiredAccess uint32) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateEventExW
+//sys	OpenEvent(desiredAccess uint32, inheritHandle bool, name *uint16) (handle Handle, err error) = kernel32.OpenEventW
+//sys	SetEvent(event Handle) (err error) = kernel32.SetEvent
+//sys	ResetEvent(event Handle) (err error) = kernel32.ResetEvent
+//sys	PulseEvent(event Handle) (err error) = kernel32.PulseEvent
+//sys	CreateMutex(mutexAttrs *SecurityAttributes, initialOwner bool, name *uint16) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateMutexW
+//sys	CreateMutexEx(mutexAttrs *SecurityAttributes, name *uint16, flags uint32, desiredAccess uint32) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateMutexExW
+//sys	OpenMutex(desiredAccess uint32, inheritHandle bool, name *uint16) (handle Handle, err error) = kernel32.OpenMutexW
+//sys	ReleaseMutex(mutex Handle) (err error) = kernel32.ReleaseMutex
+//sys	SleepEx(milliseconds uint32, alertable bool) (ret uint32) = kernel32.SleepEx
+//sys	CreateJobObject(jobAttr *SecurityAttributes, name *uint16) (handle Handle, err error) = kernel32.CreateJobObjectW
+//sys	AssignProcessToJobObject(job Handle, process Handle) (err error) = kernel32.AssignProcessToJobObject
+//sys	TerminateJobObject(job Handle, exitCode uint32) (err error) = kernel32.TerminateJobObject
+//sys	SetErrorMode(mode uint32) (ret uint32) = kernel32.SetErrorMode
+//sys	ResumeThread(thread Handle) (ret uint32, err error) [failretval==0xffffffff] = kernel32.ResumeThread
+//sys	SetPriorityClass(process Handle, priorityClass uint32) (err error) = kernel32.SetPriorityClass
+//sys	GetPriorityClass(process Handle) (ret uint32, err error) = kernel32.GetPriorityClass
+//sys	QueryInformationJobObject(job Handle, JobObjectInformationClass int32, JobObjectInformation uintptr, JobObjectInformationLength uint32, retlen *uint32) (err error) = kernel32.QueryInformationJobObject
+//sys	SetInformationJobObject(job Handle, JobObjectInformationClass uint32, JobObjectInformation uintptr, JobObjectInformationLength uint32) (ret int, err error)
+//sys	GenerateConsoleCtrlEvent(ctrlEvent uint32, processGroupID uint32) (err error)
+//sys	GetProcessId(process Handle) (id uint32, err error)
+//sys	QueryFullProcessImageName(proc Handle, flags uint32, exeName *uint16, size *uint32) (err error) = kernel32.QueryFullProcessImageNameW
+//sys	OpenThread(desiredAccess uint32, inheritHandle bool, threadId uint32) (handle Handle, err error)
+//sys	SetProcessPriorityBoost(process Handle, disable bool) (err error) = kernel32.SetProcessPriorityBoost
+//sys	GetProcessWorkingSetSizeEx(hProcess Handle, lpMinimumWorkingSetSize *uintptr, lpMaximumWorkingSetSize *uintptr, flags *uint32)
+//sys	SetProcessWorkingSetSizeEx(hProcess Handle, dwMinimumWorkingSetSize uintptr, dwMaximumWorkingSetSize uintptr, flags uint32) (err error)
+//sys	ClearCommBreak(handle Handle) (err error)
+//sys	ClearCommError(handle Handle, lpErrors *uint32, lpStat *ComStat) (err error)
+//sys	EscapeCommFunction(handle Handle, dwFunc uint32) (err error)
+//sys	GetCommState(handle Handle, lpDCB *DCB) (err error)
+//sys	GetCommModemStatus(handle Handle, lpModemStat *uint32) (err error)
+//sys	GetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error)
+//sys	PurgeComm(handle Handle, dwFlags uint32) (err error)
+//sys	SetCommBreak(handle Handle) (err error)
+//sys	SetCommMask(handle Handle, dwEvtMask uint32) (err error)
+//sys	SetCommState(handle Handle, lpDCB *DCB) (err error)
+//sys	SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error)
+//sys	SetupComm(handle Handle, dwInQueue uint32, dwOutQueue uint32) (err error)
+//sys	WaitCommEvent(handle Handle, lpEvtMask *uint32, lpOverlapped *Overlapped) (err error)
+//sys	GetActiveProcessorCount(groupNumber uint16) (ret uint32)
+//sys	GetMaximumProcessorCount(groupNumber uint16) (ret uint32)
+//sys	EnumWindows(enumFunc uintptr, param unsafe.Pointer) (err error) = user32.EnumWindows
+//sys	EnumChildWindows(hwnd HWND, enumFunc uintptr, param unsafe.Pointer) = user32.EnumChildWindows
+//sys	GetClassName(hwnd HWND, className *uint16, maxCount int32) (copied int32, err error) = user32.GetClassNameW
+//sys	GetDesktopWindow() (hwnd HWND) = user32.GetDesktopWindow
+//sys	GetForegroundWindow() (hwnd HWND) = user32.GetForegroundWindow
+//sys	IsWindow(hwnd HWND) (isWindow bool) = user32.IsWindow
+//sys	IsWindowUnicode(hwnd HWND) (isUnicode bool) = user32.IsWindowUnicode
+//sys	IsWindowVisible(hwnd HWND) (isVisible bool) = user32.IsWindowVisible
+//sys	GetGUIThreadInfo(thread uint32, info *GUIThreadInfo) (err error) = user32.GetGUIThreadInfo
+//sys	GetLargePageMinimum() (size uintptr)
+
+// Volume Management Functions
+//sys	DefineDosDevice(flags uint32, deviceName *uint16, targetPath *uint16) (err error) = DefineDosDeviceW
+//sys	DeleteVolumeMountPoint(volumeMountPoint *uint16) (err error) = DeleteVolumeMountPointW
+//sys	FindFirstVolume(volumeName *uint16, bufferLength uint32) (handle Handle, err error) [failretval==InvalidHandle] = FindFirstVolumeW
+//sys	FindFirstVolumeMountPoint(rootPathName *uint16, volumeMountPoint *uint16, bufferLength uint32) (handle Handle, err error) [failretval==InvalidHandle] = FindFirstVolumeMountPointW
+//sys	FindNextVolume(findVolume Handle, volumeName *uint16, bufferLength uint32) (err error) = FindNextVolumeW
+//sys	FindNextVolumeMountPoint(findVolumeMountPoint Handle, volumeMountPoint *uint16, bufferLength uint32) (err error) = FindNextVolumeMountPointW
+//sys	FindVolumeClose(findVolume Handle) (err error)
+//sys	FindVolumeMountPointClose(findVolumeMountPoint Handle) (err error)
+//sys	GetDiskFreeSpaceEx(directoryName *uint16, freeBytesAvailableToCaller *uint64, totalNumberOfBytes *uint64, totalNumberOfFreeBytes *uint64) (err error) = GetDiskFreeSpaceExW
+//sys	GetDriveType(rootPathName *uint16) (driveType uint32) = GetDriveTypeW
+//sys	GetLogicalDrives() (drivesBitMask uint32, err error) [failretval==0]
+//sys	GetLogicalDriveStrings(bufferLength uint32, buffer *uint16) (n uint32, err error) [failretval==0] = GetLogicalDriveStringsW
+//sys	GetVolumeInformation(rootPathName *uint16, volumeNameBuffer *uint16, volumeNameSize uint32, volumeNameSerialNumber *uint32, maximumComponentLength *uint32, fileSystemFlags *uint32, fileSystemNameBuffer *uint16, fileSystemNameSize uint32) (err error) = GetVolumeInformationW
+//sys	GetVolumeInformationByHandle(file Handle, volumeNameBuffer *uint16, volumeNameSize uint32, volumeNameSerialNumber *uint32, maximumComponentLength *uint32, fileSystemFlags *uint32, fileSystemNameBuffer *uint16, fileSystemNameSize uint32) (err error) = GetVolumeInformationByHandleW
+//sys	GetVolumeNameForVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16, bufferlength uint32) (err error) = GetVolumeNameForVolumeMountPointW
+//sys	GetVolumePathName(fileName *uint16, volumePathName *uint16, bufferLength uint32) (err error) = GetVolumePathNameW
+//sys	GetVolumePathNamesForVolumeName(volumeName *uint16, volumePathNames *uint16, bufferLength uint32, returnLength *uint32) (err error) = GetVolumePathNamesForVolumeNameW
+//sys	QueryDosDevice(deviceName *uint16, targetPath *uint16, max uint32) (n uint32, err error) [failretval==0] = QueryDosDeviceW
+//sys	SetVolumeLabel(rootPathName *uint16, volumeName *uint16) (err error) = SetVolumeLabelW
+//sys	SetVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16) (err error) = SetVolumeMountPointW
+//sys	InitiateSystemShutdownEx(machineName *uint16, message *uint16, timeout uint32, forceAppsClosed bool, rebootAfterShutdown bool, reason uint32) (err error) = advapi32.InitiateSystemShutdownExW
+//sys	SetProcessShutdownParameters(level uint32, flags uint32) (err error) = kernel32.SetProcessShutdownParameters
+//sys	GetProcessShutdownParameters(level *uint32, flags *uint32) (err error) = kernel32.GetProcessShutdownParameters
+//sys	clsidFromString(lpsz *uint16, pclsid *GUID) (ret error) = ole32.CLSIDFromString
+//sys	stringFromGUID2(rguid *GUID, lpsz *uint16, cchMax int32) (chars int32) = ole32.StringFromGUID2
+//sys	coCreateGuid(pguid *GUID) (ret error) = ole32.CoCreateGuid
+//sys	CoTaskMemFree(address unsafe.Pointer) = ole32.CoTaskMemFree
+//sys	CoInitializeEx(reserved uintptr, coInit uint32) (ret error) = ole32.CoInitializeEx
+//sys	CoUninitialize() = ole32.CoUninitialize
+//sys	CoGetObject(name *uint16, bindOpts *BIND_OPTS3, guid *GUID, functionTable **uintptr) (ret error) = ole32.CoGetObject
+//sys	getProcessPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) = kernel32.GetProcessPreferredUILanguages
+//sys	getThreadPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) = kernel32.GetThreadPreferredUILanguages
+//sys	getUserPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) = kernel32.GetUserPreferredUILanguages
+//sys	getSystemPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) = kernel32.GetSystemPreferredUILanguages
+//sys	findResource(module Handle, name uintptr, resType uintptr) (resInfo Handle, err error) = kernel32.FindResourceW
+//sys	SizeofResource(module Handle, resInfo Handle) (size uint32, err error) = kernel32.SizeofResource
+//sys	LoadResource(module Handle, resInfo Handle) (resData Handle, err error) = kernel32.LoadResource
+//sys	LockResource(resData Handle) (addr uintptr, err error) = kernel32.LockResource
+
+// Version APIs
+//sys	GetFileVersionInfoSize(filename string, zeroHandle *Handle) (bufSize uint32, err error) = version.GetFileVersionInfoSizeW
+//sys	GetFileVersionInfo(filename string, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) = version.GetFileVersionInfoW
+//sys	VerQueryValue(block unsafe.Pointer, subBlock string, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) = version.VerQueryValueW
+
+// Process Status API (PSAPI)
+//sys	enumProcesses(processIds *uint32, nSize uint32, bytesReturned *uint32) (err error) = psapi.EnumProcesses
+//sys	EnumProcessModules(process Handle, module *Handle, cb uint32, cbNeeded *uint32) (err error) = psapi.EnumProcessModules
+//sys	EnumProcessModulesEx(process Handle, module *Handle, cb uint32, cbNeeded *uint32, filterFlag uint32) (err error) = psapi.EnumProcessModulesEx
+//sys	GetModuleInformation(process Handle, module Handle, modinfo *ModuleInfo, cb uint32) (err error) = psapi.GetModuleInformation
+//sys	GetModuleFileNameEx(process Handle, module Handle, filename *uint16, size uint32) (err error) = psapi.GetModuleFileNameExW
+//sys	GetModuleBaseName(process Handle, module Handle, baseName *uint16, size uint32) (err error) = psapi.GetModuleBaseNameW
+//sys   QueryWorkingSetEx(process Handle, pv uintptr, cb uint32) (err error) = psapi.QueryWorkingSetEx
+
+// NT Native APIs
+//sys	rtlNtStatusToDosErrorNoTeb(ntstatus NTStatus) (ret syscall.Errno) = ntdll.RtlNtStatusToDosErrorNoTeb
+//sys	rtlGetVersion(info *OsVersionInfoEx) (ntstatus error) = ntdll.RtlGetVersion
+//sys	rtlGetNtVersionNumbers(majorVersion *uint32, minorVersion *uint32, buildNumber *uint32) = ntdll.RtlGetNtVersionNumbers
+//sys	RtlGetCurrentPeb() (peb *PEB) = ntdll.RtlGetCurrentPeb
+//sys	RtlInitUnicodeString(destinationString *NTUnicodeString, sourceString *uint16) = ntdll.RtlInitUnicodeString
+//sys	RtlInitString(destinationString *NTString, sourceString *byte) = ntdll.RtlInitString
+//sys	NtCreateFile(handle *Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, allocationSize *int64, attributes uint32, share uint32, disposition uint32, options uint32, eabuffer uintptr, ealength uint32) (ntstatus error) = ntdll.NtCreateFile
+//sys	NtCreateNamedPipeFile(pipe *Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (ntstatus error) = ntdll.NtCreateNamedPipeFile
+//sys	NtSetInformationFile(handle Handle, iosb *IO_STATUS_BLOCK, inBuffer *byte, inBufferLen uint32, class uint32) (ntstatus error) = ntdll.NtSetInformationFile
+//sys	RtlDosPathNameToNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) = ntdll.RtlDosPathNameToNtPathName_U_WithStatus
+//sys	RtlDosPathNameToRelativeNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) = ntdll.RtlDosPathNameToRelativeNtPathName_U_WithStatus
+//sys	RtlDefaultNpAcl(acl **ACL) (ntstatus error) = ntdll.RtlDefaultNpAcl
+//sys	NtQueryInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32, retLen *uint32) (ntstatus error) = ntdll.NtQueryInformationProcess
+//sys	NtSetInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32) (ntstatus error) = ntdll.NtSetInformationProcess
+//sys	NtQuerySystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32, retLen *uint32) (ntstatus error) = ntdll.NtQuerySystemInformation
+//sys	NtSetSystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32) (ntstatus error) = ntdll.NtSetSystemInformation
+//sys	RtlAddFunctionTable(functionTable *RUNTIME_FUNCTION, entryCount uint32, baseAddress uintptr) (ret bool) = ntdll.RtlAddFunctionTable
+//sys	RtlDeleteFunctionTable(functionTable *RUNTIME_FUNCTION) (ret bool) = ntdll.RtlDeleteFunctionTable
+
+// Desktop Window Manager API (Dwmapi)
+//sys	DwmGetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, size uint32) (ret error) = dwmapi.DwmGetWindowAttribute
+//sys	DwmSetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, size uint32) (ret error) = dwmapi.DwmSetWindowAttribute
+
+// Windows Multimedia API
+//sys TimeBeginPeriod (period uint32) (err error) [failretval != 0] = winmm.timeBeginPeriod
+//sys TimeEndPeriod (period uint32) (err error) [failretval != 0] = winmm.timeEndPeriod
+
+// syscall interface implementation for other packages
+
+// GetCurrentProcess returns the handle for the current process.
+// It is a pseudo handle that does not need to be closed.
+// The returned error is always nil.
+//
+// Deprecated: use CurrentProcess for the same Handle without the nil
+// error.
+func GetCurrentProcess() (Handle, error) {
+	return CurrentProcess(), nil
+}
+
+// CurrentProcess returns the handle for the current process.
+// It is a pseudo handle that does not need to be closed.
+func CurrentProcess() Handle { return Handle(^uintptr(1 - 1)) }
+
+// GetCurrentThread returns the handle for the current thread.
+// It is a pseudo handle that does not need to be closed.
+// The returned error is always nil.
+//
+// Deprecated: use CurrentThread for the same Handle without the nil
+// error.
+func GetCurrentThread() (Handle, error) {
+	return CurrentThread(), nil
+}
+
+// CurrentThread returns the handle for the current thread.
+// It is a pseudo handle that does not need to be closed.
+func CurrentThread() Handle { return Handle(^uintptr(2 - 1)) }
+
+// GetProcAddressByOrdinal retrieves the address of the exported
+// function from module by ordinal.
+func GetProcAddressByOrdinal(module Handle, ordinal uintptr) (proc uintptr, err error) {
+	r0, _, e1 := syscall.Syscall(procGetProcAddress.Addr(), 2, uintptr(module), ordinal, 0)
+	proc = uintptr(r0)
+	if proc == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Exit(code int) { ExitProcess(uint32(code)) }
+
+func makeInheritSa() *SecurityAttributes {
+	var sa SecurityAttributes
+	sa.Length = uint32(unsafe.Sizeof(sa))
+	sa.InheritHandle = 1
+	return &sa
+}
+
+func Open(path string, mode int, perm uint32) (fd Handle, err error) {
+	if len(path) == 0 {
+		return InvalidHandle, ERROR_FILE_NOT_FOUND
+	}
+	pathp, err := UTF16PtrFromString(path)
+	if err != nil {
+		return InvalidHandle, err
+	}
+	var access uint32
+	switch mode & (O_RDONLY | O_WRONLY | O_RDWR) {
+	case O_RDONLY:
+		access = GENERIC_READ
+	case O_WRONLY:
+		access = GENERIC_WRITE
+	case O_RDWR:
+		access = GENERIC_READ | GENERIC_WRITE
+	}
+	if mode&O_CREAT != 0 {
+		access |= GENERIC_WRITE
+	}
+	if mode&O_APPEND != 0 {
+		access &^= GENERIC_WRITE
+		access |= FILE_APPEND_DATA
+	}
+	sharemode := uint32(FILE_SHARE_READ | FILE_SHARE_WRITE)
+	var sa *SecurityAttributes
+	if mode&O_CLOEXEC == 0 {
+		sa = makeInheritSa()
+	}
+	var createmode uint32
+	switch {
+	case mode&(O_CREAT|O_EXCL) == (O_CREAT | O_EXCL):
+		createmode = CREATE_NEW
+	case mode&(O_CREAT|O_TRUNC) == (O_CREAT | O_TRUNC):
+		createmode = CREATE_ALWAYS
+	case mode&O_CREAT == O_CREAT:
+		createmode = OPEN_ALWAYS
+	case mode&O_TRUNC == O_TRUNC:
+		createmode = TRUNCATE_EXISTING
+	default:
+		createmode = OPEN_EXISTING
+	}
+	var attrs uint32 = FILE_ATTRIBUTE_NORMAL
+	if perm&S_IWRITE == 0 {
+		attrs = FILE_ATTRIBUTE_READONLY
+	}
+	h, e := CreateFile(pathp, access, sharemode, sa, createmode, attrs, 0)
+	return h, e
+}
+
+func Read(fd Handle, p []byte) (n int, err error) {
+	var done uint32
+	e := ReadFile(fd, p, &done, nil)
+	if e != nil {
+		if e == ERROR_BROKEN_PIPE {
+			// NOTE(brainman): work around ERROR_BROKEN_PIPE is returned on reading EOF from stdin
+			return 0, nil
+		}
+		return 0, e
+	}
+	return int(done), nil
+}
+
+func Write(fd Handle, p []byte) (n int, err error) {
+	if raceenabled {
+		raceReleaseMerge(unsafe.Pointer(&ioSync))
+	}
+	var done uint32
+	e := WriteFile(fd, p, &done, nil)
+	if e != nil {
+		return 0, e
+	}
+	return int(done), nil
+}
+
+func ReadFile(fd Handle, p []byte, done *uint32, overlapped *Overlapped) error {
+	err := readFile(fd, p, done, overlapped)
+	if raceenabled {
+		if *done > 0 {
+			raceWriteRange(unsafe.Pointer(&p[0]), int(*done))
+		}
+		raceAcquire(unsafe.Pointer(&ioSync))
+	}
+	return err
+}
+
+func WriteFile(fd Handle, p []byte, done *uint32, overlapped *Overlapped) error {
+	if raceenabled {
+		raceReleaseMerge(unsafe.Pointer(&ioSync))
+	}
+	err := writeFile(fd, p, done, overlapped)
+	if raceenabled && *done > 0 {
+		raceReadRange(unsafe.Pointer(&p[0]), int(*done))
+	}
+	return err
+}
+
+var ioSync int64
+
+func Seek(fd Handle, offset int64, whence int) (newoffset int64, err error) {
+	var w uint32
+	switch whence {
+	case 0:
+		w = FILE_BEGIN
+	case 1:
+		w = FILE_CURRENT
+	case 2:
+		w = FILE_END
+	}
+	hi := int32(offset >> 32)
+	lo := int32(offset)
+	// use GetFileType to check pipe, pipe can't do seek
+	ft, _ := GetFileType(fd)
+	if ft == FILE_TYPE_PIPE {
+		return 0, syscall.EPIPE
+	}
+	rlo, e := SetFilePointer(fd, lo, &hi, w)
+	if e != nil {
+		return 0, e
+	}
+	return int64(hi)<<32 + int64(rlo), nil
+}
+
+func Close(fd Handle) (err error) {
+	return CloseHandle(fd)
+}
+
+var (
+	Stdin  = getStdHandle(STD_INPUT_HANDLE)
+	Stdout = getStdHandle(STD_OUTPUT_HANDLE)
+	Stderr = getStdHandle(STD_ERROR_HANDLE)
+)
+
+func getStdHandle(stdhandle uint32) (fd Handle) {
+	r, _ := GetStdHandle(stdhandle)
+	return r
+}
+
+const ImplementsGetwd = true
+
+func Getwd() (wd string, err error) {
+	b := make([]uint16, 300)
+	n, e := GetCurrentDirectory(uint32(len(b)), &b[0])
+	if e != nil {
+		return "", e
+	}
+	return string(utf16.Decode(b[0:n])), nil
+}
+
+func Chdir(path string) (err error) {
+	pathp, err := UTF16PtrFromString(path)
+	if err != nil {
+		return err
+	}
+	return SetCurrentDirectory(pathp)
+}
+
+func Mkdir(path string, mode uint32) (err error) {
+	pathp, err := UTF16PtrFromString(path)
+	if err != nil {
+		return err
+	}
+	return CreateDirectory(pathp, nil)
+}
+
+func Rmdir(path string) (err error) {
+	pathp, err := UTF16PtrFromString(path)
+	if err != nil {
+		return err
+	}
+	return RemoveDirectory(pathp)
+}
+
+func Unlink(path string) (err error) {
+	pathp, err := UTF16PtrFromString(path)
+	if err != nil {
+		return err
+	}
+	return DeleteFile(pathp)
+}
+
+func Rename(oldpath, newpath string) (err error) {
+	from, err := UTF16PtrFromString(oldpath)
+	if err != nil {
+		return err
+	}
+	to, err := UTF16PtrFromString(newpath)
+	if err != nil {
+		return err
+	}
+	return MoveFileEx(from, to, MOVEFILE_REPLACE_EXISTING)
+}
+
+func ComputerName() (name string, err error) {
+	var n uint32 = MAX_COMPUTERNAME_LENGTH + 1
+	b := make([]uint16, n)
+	e := GetComputerName(&b[0], &n)
+	if e != nil {
+		return "", e
+	}
+	return string(utf16.Decode(b[0:n])), nil
+}
+
+func DurationSinceBoot() time.Duration {
+	return time.Duration(getTickCount64()) * time.Millisecond
+}
+
+func Ftruncate(fd Handle, length int64) (err error) {
+	type _FILE_END_OF_FILE_INFO struct {
+		EndOfFile int64
+	}
+	var info _FILE_END_OF_FILE_INFO
+	info.EndOfFile = length
+	return SetFileInformationByHandle(fd, FileEndOfFileInfo, (*byte)(unsafe.Pointer(&info)), uint32(unsafe.Sizeof(info)))
+}
+
+func Gettimeofday(tv *Timeval) (err error) {
+	var ft Filetime
+	GetSystemTimeAsFileTime(&ft)
+	*tv = NsecToTimeval(ft.Nanoseconds())
+	return nil
+}
+
+func Pipe(p []Handle) (err error) {
+	if len(p) != 2 {
+		return syscall.EINVAL
+	}
+	var r, w Handle
+	e := CreatePipe(&r, &w, makeInheritSa(), 0)
+	if e != nil {
+		return e
+	}
+	p[0] = r
+	p[1] = w
+	return nil
+}
+
+func Utimes(path string, tv []Timeval) (err error) {
+	if len(tv) != 2 {
+		return syscall.EINVAL
+	}
+	pathp, e := UTF16PtrFromString(path)
+	if e != nil {
+		return e
+	}
+	h, e := CreateFile(pathp,
+		FILE_WRITE_ATTRIBUTES, FILE_SHARE_WRITE, nil,
+		OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, 0)
+	if e != nil {
+		return e
+	}
+	defer CloseHandle(h)
+	a := NsecToFiletime(tv[0].Nanoseconds())
+	w := NsecToFiletime(tv[1].Nanoseconds())
+	return SetFileTime(h, nil, &a, &w)
+}
+
+func UtimesNano(path string, ts []Timespec) (err error) {
+	if len(ts) != 2 {
+		return syscall.EINVAL
+	}
+	pathp, e := UTF16PtrFromString(path)
+	if e != nil {
+		return e
+	}
+	h, e := CreateFile(pathp,
+		FILE_WRITE_ATTRIBUTES, FILE_SHARE_WRITE, nil,
+		OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, 0)
+	if e != nil {
+		return e
+	}
+	defer CloseHandle(h)
+	a := NsecToFiletime(TimespecToNsec(ts[0]))
+	w := NsecToFiletime(TimespecToNsec(ts[1]))
+	return SetFileTime(h, nil, &a, &w)
+}
+
+func Fsync(fd Handle) (err error) {
+	return FlushFileBuffers(fd)
+}
+
+func Chmod(path string, mode uint32) (err error) {
+	p, e := UTF16PtrFromString(path)
+	if e != nil {
+		return e
+	}
+	attrs, e := GetFileAttributes(p)
+	if e != nil {
+		return e
+	}
+	if mode&S_IWRITE != 0 {
+		attrs &^= FILE_ATTRIBUTE_READONLY
+	} else {
+		attrs |= FILE_ATTRIBUTE_READONLY
+	}
+	return SetFileAttributes(p, attrs)
+}
+
+func LoadGetSystemTimePreciseAsFileTime() error {
+	return procGetSystemTimePreciseAsFileTime.Find()
+}
+
+func LoadCancelIoEx() error {
+	return procCancelIoEx.Find()
+}
+
+func LoadSetFileCompletionNotificationModes() error {
+	return procSetFileCompletionNotificationModes.Find()
+}
+
+func WaitForMultipleObjects(handles []Handle, waitAll bool, waitMilliseconds uint32) (event uint32, err error) {
+	// Every other win32 array API takes arguments as "pointer, count", except for this function. So we
+	// can't declare it as a usual [] type, because mksyscall will use the opposite order. We therefore
+	// trivially stub this ourselves.
+
+	var handlePtr *Handle
+	if len(handles) > 0 {
+		handlePtr = &handles[0]
+	}
+	return waitForMultipleObjects(uint32(len(handles)), uintptr(unsafe.Pointer(handlePtr)), waitAll, waitMilliseconds)
+}
+
+// net api calls
+
+const socket_error = uintptr(^uint32(0))
+
+//sys	WSAStartup(verreq uint32, data *WSAData) (sockerr error) = ws2_32.WSAStartup
+//sys	WSACleanup() (err error) [failretval==socket_error] = ws2_32.WSACleanup
+//sys	WSAIoctl(s Handle, iocc uint32, inbuf *byte, cbif uint32, outbuf *byte, cbob uint32, cbbr *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) [failretval==socket_error] = ws2_32.WSAIoctl
+//sys	WSALookupServiceBegin(querySet *WSAQUERYSET, flags uint32, handle *Handle) (err error) [failretval==socket_error] = ws2_32.WSALookupServiceBeginW
+//sys	WSALookupServiceNext(handle Handle, flags uint32, size *int32, querySet *WSAQUERYSET) (err error) [failretval==socket_error] = ws2_32.WSALookupServiceNextW
+//sys	WSALookupServiceEnd(handle Handle) (err error) [failretval==socket_error] = ws2_32.WSALookupServiceEnd
+//sys	socket(af int32, typ int32, protocol int32) (handle Handle, err error) [failretval==InvalidHandle] = ws2_32.socket
+//sys	sendto(s Handle, buf []byte, flags int32, to unsafe.Pointer, tolen int32) (err error) [failretval==socket_error] = ws2_32.sendto
+//sys	recvfrom(s Handle, buf []byte, flags int32, from *RawSockaddrAny, fromlen *int32) (n int32, err error) [failretval==-1] = ws2_32.recvfrom
+//sys	Setsockopt(s Handle, level int32, optname int32, optval *byte, optlen int32) (err error) [failretval==socket_error] = ws2_32.setsockopt
+//sys	Getsockopt(s Handle, level int32, optname int32, optval *byte, optlen *int32) (err error) [failretval==socket_error] = ws2_32.getsockopt
+//sys	bind(s Handle, name unsafe.Pointer, namelen int32) (err error) [failretval==socket_error] = ws2_32.bind
+//sys	connect(s Handle, name unsafe.Pointer, namelen int32) (err error) [failretval==socket_error] = ws2_32.connect
+//sys	getsockname(s Handle, rsa *RawSockaddrAny, addrlen *int32) (err error) [failretval==socket_error] = ws2_32.getsockname
+//sys	getpeername(s Handle, rsa *RawSockaddrAny, addrlen *int32) (err error) [failretval==socket_error] = ws2_32.getpeername
+//sys	listen(s Handle, backlog int32) (err error) [failretval==socket_error] = ws2_32.listen
+//sys	shutdown(s Handle, how int32) (err error) [failretval==socket_error] = ws2_32.shutdown
+//sys	Closesocket(s Handle) (err error) [failretval==socket_error] = ws2_32.closesocket
+//sys	AcceptEx(ls Handle, as Handle, buf *byte, rxdatalen uint32, laddrlen uint32, raddrlen uint32, recvd *uint32, overlapped *Overlapped) (err error) = mswsock.AcceptEx
+//sys	GetAcceptExSockaddrs(buf *byte, rxdatalen uint32, laddrlen uint32, raddrlen uint32, lrsa **RawSockaddrAny, lrsalen *int32, rrsa **RawSockaddrAny, rrsalen *int32) = mswsock.GetAcceptExSockaddrs
+//sys	WSARecv(s Handle, bufs *WSABuf, bufcnt uint32, recvd *uint32, flags *uint32, overlapped *Overlapped, croutine *byte) (err error) [failretval==socket_error] = ws2_32.WSARecv
+//sys	WSASend(s Handle, bufs *WSABuf, bufcnt uint32, sent *uint32, flags uint32, overlapped *Overlapped, croutine *byte) (err error) [failretval==socket_error] = ws2_32.WSASend
+//sys	WSARecvFrom(s Handle, bufs *WSABuf, bufcnt uint32, recvd *uint32, flags *uint32,  from *RawSockaddrAny, fromlen *int32, overlapped *Overlapped, croutine *byte) (err error) [failretval==socket_error] = ws2_32.WSARecvFrom
+//sys	WSASendTo(s Handle, bufs *WSABuf, bufcnt uint32, sent *uint32, flags uint32, to *RawSockaddrAny, tolen int32,  overlapped *Overlapped, croutine *byte) (err error) [failretval==socket_error] = ws2_32.WSASendTo
+//sys	WSASocket(af int32, typ int32, protocol int32, protoInfo *WSAProtocolInfo, group uint32, flags uint32) (handle Handle, err error) [failretval==InvalidHandle] = ws2_32.WSASocketW
+//sys	GetHostByName(name string) (h *Hostent, err error) [failretval==nil] = ws2_32.gethostbyname
+//sys	GetServByName(name string, proto string) (s *Servent, err error) [failretval==nil] = ws2_32.getservbyname
+//sys	Ntohs(netshort uint16) (u uint16) = ws2_32.ntohs
+//sys	GetProtoByName(name string) (p *Protoent, err error) [failretval==nil] = ws2_32.getprotobyname
+//sys	DnsQuery(name string, qtype uint16, options uint32, extra *byte, qrs **DNSRecord, pr *byte) (status error) = dnsapi.DnsQuery_W
+//sys	DnsRecordListFree(rl *DNSRecord, freetype uint32) = dnsapi.DnsRecordListFree
+//sys	DnsNameCompare(name1 *uint16, name2 *uint16) (same bool) = dnsapi.DnsNameCompare_W
+//sys	GetAddrInfoW(nodename *uint16, servicename *uint16, hints *AddrinfoW, result **AddrinfoW) (sockerr error) = ws2_32.GetAddrInfoW
+//sys	FreeAddrInfoW(addrinfo *AddrinfoW) = ws2_32.FreeAddrInfoW
+//sys	GetIfEntry(pIfRow *MibIfRow) (errcode error) = iphlpapi.GetIfEntry
+//sys	GetAdaptersInfo(ai *IpAdapterInfo, ol *uint32) (errcode error) = iphlpapi.GetAdaptersInfo
+//sys	SetFileCompletionNotificationModes(handle Handle, flags uint8) (err error) = kernel32.SetFileCompletionNotificationModes
+//sys	WSAEnumProtocols(protocols *int32, protocolBuffer *WSAProtocolInfo, bufferLength *uint32) (n int32, err error) [failretval==-1] = ws2_32.WSAEnumProtocolsW
+//sys	WSAGetOverlappedResult(h Handle, o *Overlapped, bytes *uint32, wait bool, flags *uint32) (err error) = ws2_32.WSAGetOverlappedResult
+//sys	GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizePointer *uint32) (errcode error) = iphlpapi.GetAdaptersAddresses
+//sys	GetACP() (acp uint32) = kernel32.GetACP
+//sys	MultiByteToWideChar(codePage uint32, dwFlags uint32, str *byte, nstr int32, wchar *uint16, nwchar int32) (nwrite int32, err error) = kernel32.MultiByteToWideChar
+//sys	getBestInterfaceEx(sockaddr unsafe.Pointer, pdwBestIfIndex *uint32) (errcode error) = iphlpapi.GetBestInterfaceEx
+//sys   GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) = iphlpapi.GetIfEntry2Ex
+//sys   GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) = iphlpapi.GetUnicastIpAddressEntry
+//sys   NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyIpInterfaceChange
+//sys   NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyUnicastIpAddressChange
+//sys   CancelMibChangeNotify2(notificationHandle Handle) (errcode error) = iphlpapi.CancelMibChangeNotify2
+
+// For testing: clients can set this flag to force
+// creation of IPv6 sockets to return EAFNOSUPPORT.
+var SocketDisableIPv6 bool
+
+type RawSockaddrInet4 struct {
+	Family uint16
+	Port   uint16
+	Addr   [4]byte /* in_addr */
+	Zero   [8]uint8
+}
+
+type RawSockaddrInet6 struct {
+	Family   uint16
+	Port     uint16
+	Flowinfo uint32
+	Addr     [16]byte /* in6_addr */
+	Scope_id uint32
+}
+
+type RawSockaddr struct {
+	Family uint16
+	Data   [14]int8
+}
+
+type RawSockaddrAny struct {
+	Addr RawSockaddr
+	Pad  [100]int8
+}
+
+type Sockaddr interface {
+	sockaddr() (ptr unsafe.Pointer, len int32, err error) // lowercase; only we can define Sockaddrs
+}
+
+type SockaddrInet4 struct {
+	Port int
+	Addr [4]byte
+	raw  RawSockaddrInet4
+}
+
+func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, int32, error) {
+	if sa.Port < 0 || sa.Port > 0xFFFF {
+		return nil, 0, syscall.EINVAL
+	}
+	sa.raw.Family = AF_INET
+	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
+	p[0] = byte(sa.Port >> 8)
+	p[1] = byte(sa.Port)
+	sa.raw.Addr = sa.Addr
+	return unsafe.Pointer(&sa.raw), int32(unsafe.Sizeof(sa.raw)), nil
+}
+
+type SockaddrInet6 struct {
+	Port   int
+	ZoneId uint32
+	Addr   [16]byte
+	raw    RawSockaddrInet6
+}
+
+func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, int32, error) {
+	if sa.Port < 0 || sa.Port > 0xFFFF {
+		return nil, 0, syscall.EINVAL
+	}
+	sa.raw.Family = AF_INET6
+	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
+	p[0] = byte(sa.Port >> 8)
+	p[1] = byte(sa.Port)
+	sa.raw.Scope_id = sa.ZoneId
+	sa.raw.Addr = sa.Addr
+	return unsafe.Pointer(&sa.raw), int32(unsafe.Sizeof(sa.raw)), nil
+}
+
+type RawSockaddrUnix struct {
+	Family uint16
+	Path   [UNIX_PATH_MAX]int8
+}
+
+type SockaddrUnix struct {
+	Name string
+	raw  RawSockaddrUnix
+}
+
+func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, int32, error) {
+	name := sa.Name
+	n := len(name)
+	if n > len(sa.raw.Path) {
+		return nil, 0, syscall.EINVAL
+	}
+	if n == len(sa.raw.Path) && name[0] != '@' {
+		return nil, 0, syscall.EINVAL
+	}
+	sa.raw.Family = AF_UNIX
+	for i := 0; i < n; i++ {
+		sa.raw.Path[i] = int8(name[i])
+	}
+	// length is family (uint16), name, NUL.
+	sl := int32(2)
+	if n > 0 {
+		sl += int32(n) + 1
+	}
+	if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) {
+		// Check sl > 3 so we don't change unnamed socket behavior.
+		sa.raw.Path[0] = 0
+		// Don't count trailing NUL for abstract address.
+		sl--
+	}
+
+	return unsafe.Pointer(&sa.raw), sl, nil
+}
+
+type RawSockaddrBth struct {
+	AddressFamily  [2]byte
+	BtAddr         [8]byte
+	ServiceClassId [16]byte
+	Port           [4]byte
+}
+
+type SockaddrBth struct {
+	BtAddr         uint64
+	ServiceClassId GUID
+	Port           uint32
+
+	raw RawSockaddrBth
+}
+
+func (sa *SockaddrBth) sockaddr() (unsafe.Pointer, int32, error) {
+	family := AF_BTH
+	sa.raw = RawSockaddrBth{
+		AddressFamily:  *(*[2]byte)(unsafe.Pointer(&family)),
+		BtAddr:         *(*[8]byte)(unsafe.Pointer(&sa.BtAddr)),
+		Port:           *(*[4]byte)(unsafe.Pointer(&sa.Port)),
+		ServiceClassId: *(*[16]byte)(unsafe.Pointer(&sa.ServiceClassId)),
+	}
+	return unsafe.Pointer(&sa.raw), int32(unsafe.Sizeof(sa.raw)), nil
+}
+
+func (rsa *RawSockaddrAny) Sockaddr() (Sockaddr, error) {
+	switch rsa.Addr.Family {
+	case AF_UNIX:
+		pp := (*RawSockaddrUnix)(unsafe.Pointer(rsa))
+		sa := new(SockaddrUnix)
+		if pp.Path[0] == 0 {
+			// "Abstract" Unix domain socket.
+			// Rewrite leading NUL as @ for textual display.
+			// (This is the standard convention.)
+			// Not friendly to overwrite in place,
+			// but the callers below don't care.
+			pp.Path[0] = '@'
+		}
+
+		// Assume path ends at NUL.
+		// This is not technically the Linux semantics for
+		// abstract Unix domain sockets--they are supposed
+		// to be uninterpreted fixed-size binary blobs--but
+		// everyone uses this convention.
+		n := 0
+		for n < len(pp.Path) && pp.Path[n] != 0 {
+			n++
+		}
+		sa.Name = string(unsafe.Slice((*byte)(unsafe.Pointer(&pp.Path[0])), n))
+		return sa, nil
+
+	case AF_INET:
+		pp := (*RawSockaddrInet4)(unsafe.Pointer(rsa))
+		sa := new(SockaddrInet4)
+		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
+		sa.Port = int(p[0])<<8 + int(p[1])
+		sa.Addr = pp.Addr
+		return sa, nil
+
+	case AF_INET6:
+		pp := (*RawSockaddrInet6)(unsafe.Pointer(rsa))
+		sa := new(SockaddrInet6)
+		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
+		sa.Port = int(p[0])<<8 + int(p[1])
+		sa.ZoneId = pp.Scope_id
+		sa.Addr = pp.Addr
+		return sa, nil
+	}
+	return nil, syscall.EAFNOSUPPORT
+}
+
+func Socket(domain, typ, proto int) (fd Handle, err error) {
+	if domain == AF_INET6 && SocketDisableIPv6 {
+		return InvalidHandle, syscall.EAFNOSUPPORT
+	}
+	return socket(int32(domain), int32(typ), int32(proto))
+}
+
+func SetsockoptInt(fd Handle, level, opt int, value int) (err error) {
+	v := int32(value)
+	return Setsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(&v)), int32(unsafe.Sizeof(v)))
+}
+
+func Bind(fd Handle, sa Sockaddr) (err error) {
+	ptr, n, err := sa.sockaddr()
+	if err != nil {
+		return err
+	}
+	return bind(fd, ptr, n)
+}
+
+func Connect(fd Handle, sa Sockaddr) (err error) {
+	ptr, n, err := sa.sockaddr()
+	if err != nil {
+		return err
+	}
+	return connect(fd, ptr, n)
+}
+
+func GetBestInterfaceEx(sa Sockaddr, pdwBestIfIndex *uint32) (err error) {
+	ptr, _, err := sa.sockaddr()
+	if err != nil {
+		return err
+	}
+	return getBestInterfaceEx(ptr, pdwBestIfIndex)
+}
+
+func Getsockname(fd Handle) (sa Sockaddr, err error) {
+	var rsa RawSockaddrAny
+	l := int32(unsafe.Sizeof(rsa))
+	if err = getsockname(fd, &rsa, &l); err != nil {
+		return
+	}
+	return rsa.Sockaddr()
+}
+
+func Getpeername(fd Handle) (sa Sockaddr, err error) {
+	var rsa RawSockaddrAny
+	l := int32(unsafe.Sizeof(rsa))
+	if err = getpeername(fd, &rsa, &l); err != nil {
+		return
+	}
+	return rsa.Sockaddr()
+}
+
+func Listen(s Handle, n int) (err error) {
+	return listen(s, int32(n))
+}
+
+func Shutdown(fd Handle, how int) (err error) {
+	return shutdown(fd, int32(how))
+}
+
+func WSASendto(s Handle, bufs *WSABuf, bufcnt uint32, sent *uint32, flags uint32, to Sockaddr, overlapped *Overlapped, croutine *byte) (err error) {
+	var rsa unsafe.Pointer
+	var l int32
+	if to != nil {
+		rsa, l, err = to.sockaddr()
+		if err != nil {
+			return err
+		}
+	}
+	return WSASendTo(s, bufs, bufcnt, sent, flags, (*RawSockaddrAny)(unsafe.Pointer(rsa)), l, overlapped, croutine)
+}
+
+func LoadGetAddrInfo() error {
+	return procGetAddrInfoW.Find()
+}
+
+var connectExFunc struct {
+	once sync.Once
+	addr uintptr
+	err  error
+}
+
+func LoadConnectEx() error {
+	connectExFunc.once.Do(func() {
+		var s Handle
+		s, connectExFunc.err = Socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)
+		if connectExFunc.err != nil {
+			return
+		}
+		defer CloseHandle(s)
+		var n uint32
+		connectExFunc.err = WSAIoctl(s,
+			SIO_GET_EXTENSION_FUNCTION_POINTER,
+			(*byte)(unsafe.Pointer(&WSAID_CONNECTEX)),
+			uint32(unsafe.Sizeof(WSAID_CONNECTEX)),
+			(*byte)(unsafe.Pointer(&connectExFunc.addr)),
+			uint32(unsafe.Sizeof(connectExFunc.addr)),
+			&n, nil, 0)
+	})
+	return connectExFunc.err
+}
+
+func connectEx(s Handle, name unsafe.Pointer, namelen int32, sendBuf *byte, sendDataLen uint32, bytesSent *uint32, overlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall9(connectExFunc.addr, 7, uintptr(s), uintptr(name), uintptr(namelen), uintptr(unsafe.Pointer(sendBuf)), uintptr(sendDataLen), uintptr(unsafe.Pointer(bytesSent)), uintptr(unsafe.Pointer(overlapped)), 0, 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = error(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func ConnectEx(fd Handle, sa Sockaddr, sendBuf *byte, sendDataLen uint32, bytesSent *uint32, overlapped *Overlapped) error {
+	err := LoadConnectEx()
+	if err != nil {
+		return errorspkg.New("failed to find ConnectEx: " + err.Error())
+	}
+	ptr, n, err := sa.sockaddr()
+	if err != nil {
+		return err
+	}
+	return connectEx(fd, ptr, n, sendBuf, sendDataLen, bytesSent, overlapped)
+}
+
+var sendRecvMsgFunc struct {
+	once     sync.Once
+	sendAddr uintptr
+	recvAddr uintptr
+	err      error
+}
+
+func loadWSASendRecvMsg() error {
+	sendRecvMsgFunc.once.Do(func() {
+		var s Handle
+		s, sendRecvMsgFunc.err = Socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)
+		if sendRecvMsgFunc.err != nil {
+			return
+		}
+		defer CloseHandle(s)
+		var n uint32
+		sendRecvMsgFunc.err = WSAIoctl(s,
+			SIO_GET_EXTENSION_FUNCTION_POINTER,
+			(*byte)(unsafe.Pointer(&WSAID_WSARECVMSG)),
+			uint32(unsafe.Sizeof(WSAID_WSARECVMSG)),
+			(*byte)(unsafe.Pointer(&sendRecvMsgFunc.recvAddr)),
+			uint32(unsafe.Sizeof(sendRecvMsgFunc.recvAddr)),
+			&n, nil, 0)
+		if sendRecvMsgFunc.err != nil {
+			return
+		}
+		sendRecvMsgFunc.err = WSAIoctl(s,
+			SIO_GET_EXTENSION_FUNCTION_POINTER,
+			(*byte)(unsafe.Pointer(&WSAID_WSASENDMSG)),
+			uint32(unsafe.Sizeof(WSAID_WSASENDMSG)),
+			(*byte)(unsafe.Pointer(&sendRecvMsgFunc.sendAddr)),
+			uint32(unsafe.Sizeof(sendRecvMsgFunc.sendAddr)),
+			&n, nil, 0)
+	})
+	return sendRecvMsgFunc.err
+}
+
+func WSASendMsg(fd Handle, msg *WSAMsg, flags uint32, bytesSent *uint32, overlapped *Overlapped, croutine *byte) error {
+	err := loadWSASendRecvMsg()
+	if err != nil {
+		return err
+	}
+	r1, _, e1 := syscall.Syscall6(sendRecvMsgFunc.sendAddr, 6, uintptr(fd), uintptr(unsafe.Pointer(msg)), uintptr(flags), uintptr(unsafe.Pointer(bytesSent)), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(croutine)))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return err
+}
+
+func WSARecvMsg(fd Handle, msg *WSAMsg, bytesReceived *uint32, overlapped *Overlapped, croutine *byte) error {
+	err := loadWSASendRecvMsg()
+	if err != nil {
+		return err
+	}
+	r1, _, e1 := syscall.Syscall6(sendRecvMsgFunc.recvAddr, 5, uintptr(fd), uintptr(unsafe.Pointer(msg)), uintptr(unsafe.Pointer(bytesReceived)), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(croutine)), 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return err
+}
+
+// Invented structures to support what package os expects.
+type Rusage struct {
+	CreationTime Filetime
+	ExitTime     Filetime
+	KernelTime   Filetime
+	UserTime     Filetime
+}
+
+type WaitStatus struct {
+	ExitCode uint32
+}
+
+func (w WaitStatus) Exited() bool { return true }
+
+func (w WaitStatus) ExitStatus() int { return int(w.ExitCode) }
+
+func (w WaitStatus) Signal() Signal { return -1 }
+
+func (w WaitStatus) CoreDump() bool { return false }
+
+func (w WaitStatus) Stopped() bool { return false }
+
+func (w WaitStatus) Continued() bool { return false }
+
+func (w WaitStatus) StopSignal() Signal { return -1 }
+
+func (w WaitStatus) Signaled() bool { return false }
+
+func (w WaitStatus) TrapCause() int { return -1 }
+
+// Timespec is an invented structure on Windows, but here for
+// consistency with the corresponding package for other operating systems.
+type Timespec struct {
+	Sec  int64
+	Nsec int64
+}
+
+func TimespecToNsec(ts Timespec) int64 { return int64(ts.Sec)*1e9 + int64(ts.Nsec) }
+
+func NsecToTimespec(nsec int64) (ts Timespec) {
+	ts.Sec = nsec / 1e9
+	ts.Nsec = nsec % 1e9
+	return
+}
+
+// TODO(brainman): fix all needed for net
+
+func Accept(fd Handle) (nfd Handle, sa Sockaddr, err error) { return 0, nil, syscall.EWINDOWS }
+
+func Recvfrom(fd Handle, p []byte, flags int) (n int, from Sockaddr, err error) {
+	var rsa RawSockaddrAny
+	l := int32(unsafe.Sizeof(rsa))
+	n32, err := recvfrom(fd, p, int32(flags), &rsa, &l)
+	n = int(n32)
+	if err != nil {
+		return
+	}
+	from, err = rsa.Sockaddr()
+	return
+}
+
+func Sendto(fd Handle, p []byte, flags int, to Sockaddr) (err error) {
+	ptr, l, err := to.sockaddr()
+	if err != nil {
+		return err
+	}
+	return sendto(fd, p, int32(flags), ptr, l)
+}
+
+func SetsockoptTimeval(fd Handle, level, opt int, tv *Timeval) (err error) { return syscall.EWINDOWS }
+
+// The Linger struct is wrong but we only noticed after Go 1.
+// sysLinger is the real system call structure.
+
+// BUG(brainman): The definition of Linger is not appropriate for direct use
+// with Setsockopt and Getsockopt.
+// Use SetsockoptLinger instead.
+
+type Linger struct {
+	Onoff  int32
+	Linger int32
+}
+
+type sysLinger struct {
+	Onoff  uint16
+	Linger uint16
+}
+
+type IPMreq struct {
+	Multiaddr [4]byte /* in_addr */
+	Interface [4]byte /* in_addr */
+}
+
+type IPv6Mreq struct {
+	Multiaddr [16]byte /* in6_addr */
+	Interface uint32
+}
+
+func GetsockoptInt(fd Handle, level, opt int) (int, error) {
+	v := int32(0)
+	l := int32(unsafe.Sizeof(v))
+	err := Getsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(&v)), &l)
+	return int(v), err
+}
+
+func SetsockoptLinger(fd Handle, level, opt int, l *Linger) (err error) {
+	sys := sysLinger{Onoff: uint16(l.Onoff), Linger: uint16(l.Linger)}
+	return Setsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(&sys)), int32(unsafe.Sizeof(sys)))
+}
+
+func SetsockoptInet4Addr(fd Handle, level, opt int, value [4]byte) (err error) {
+	return Setsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(&value[0])), 4)
+}
+
+func SetsockoptIPMreq(fd Handle, level, opt int, mreq *IPMreq) (err error) {
+	return Setsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(mreq)), int32(unsafe.Sizeof(*mreq)))
+}
+
+func SetsockoptIPv6Mreq(fd Handle, level, opt int, mreq *IPv6Mreq) (err error) {
+	return syscall.EWINDOWS
+}
+
+func EnumProcesses(processIds []uint32, bytesReturned *uint32) error {
+	// EnumProcesses syscall expects the size parameter to be in bytes, but the code generated with mksyscall uses
+	// the length of the processIds slice instead. Hence, this wrapper function is added to fix the discrepancy.
+	var p *uint32
+	if len(processIds) > 0 {
+		p = &processIds[0]
+	}
+	size := uint32(len(processIds) * 4)
+	return enumProcesses(p, size, bytesReturned)
+}
+
+func Getpid() (pid int) { return int(GetCurrentProcessId()) }
+
+func FindFirstFile(name *uint16, data *Win32finddata) (handle Handle, err error) {
+	// NOTE(rsc): The Win32finddata struct is wrong for the system call:
+	// the two paths are each one uint16 short. Use the correct struct,
+	// a win32finddata1, and then copy the results out.
+	// There is no loss of expressivity here, because the final
+	// uint16, if it is used, is supposed to be a NUL, and Go doesn't need that.
+	// For Go 1.1, we might avoid the allocation of win32finddata1 here
+	// by adding a final Bug [2]uint16 field to the struct and then
+	// adjusting the fields in the result directly.
+	var data1 win32finddata1
+	handle, err = findFirstFile1(name, &data1)
+	if err == nil {
+		copyFindData(data, &data1)
+	}
+	return
+}
+
+func FindNextFile(handle Handle, data *Win32finddata) (err error) {
+	var data1 win32finddata1
+	err = findNextFile1(handle, &data1)
+	if err == nil {
+		copyFindData(data, &data1)
+	}
+	return
+}
+
+func getProcessEntry(pid int) (*ProcessEntry32, error) {
+	snapshot, err := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
+	if err != nil {
+		return nil, err
+	}
+	defer CloseHandle(snapshot)
+	var procEntry ProcessEntry32
+	procEntry.Size = uint32(unsafe.Sizeof(procEntry))
+	if err = Process32First(snapshot, &procEntry); err != nil {
+		return nil, err
+	}
+	for {
+		if procEntry.ProcessID == uint32(pid) {
+			return &procEntry, nil
+		}
+		err = Process32Next(snapshot, &procEntry)
+		if err != nil {
+			return nil, err
+		}
+	}
+}
+
+func Getppid() (ppid int) {
+	pe, err := getProcessEntry(Getpid())
+	if err != nil {
+		return -1
+	}
+	return int(pe.ParentProcessID)
+}
+
+// TODO(brainman): fix all needed for os
+func Fchdir(fd Handle) (err error)             { return syscall.EWINDOWS }
+func Link(oldpath, newpath string) (err error) { return syscall.EWINDOWS }
+func Symlink(path, link string) (err error)    { return syscall.EWINDOWS }
+
+func Fchmod(fd Handle, mode uint32) (err error)        { return syscall.EWINDOWS }
+func Chown(path string, uid int, gid int) (err error)  { return syscall.EWINDOWS }
+func Lchown(path string, uid int, gid int) (err error) { return syscall.EWINDOWS }
+func Fchown(fd Handle, uid int, gid int) (err error)   { return syscall.EWINDOWS }
+
+func Getuid() (uid int)                  { return -1 }
+func Geteuid() (euid int)                { return -1 }
+func Getgid() (gid int)                  { return -1 }
+func Getegid() (egid int)                { return -1 }
+func Getgroups() (gids []int, err error) { return nil, syscall.EWINDOWS }
+
+type Signal int
+
+func (s Signal) Signal() {}
+
+func (s Signal) String() string {
+	if 0 <= s && int(s) < len(signals) {
+		str := signals[s]
+		if str != "" {
+			return str
+		}
+	}
+	return "signal " + itoa(int(s))
+}
+
+func LoadCreateSymbolicLink() error {
+	return procCreateSymbolicLinkW.Find()
+}
+
+// Readlink returns the destination of the named symbolic link.
+func Readlink(path string, buf []byte) (n int, err error) {
+	fd, err := CreateFile(StringToUTF16Ptr(path), GENERIC_READ, 0, nil, OPEN_EXISTING,
+		FILE_FLAG_OPEN_REPARSE_POINT|FILE_FLAG_BACKUP_SEMANTICS, 0)
+	if err != nil {
+		return -1, err
+	}
+	defer CloseHandle(fd)
+
+	rdbbuf := make([]byte, MAXIMUM_REPARSE_DATA_BUFFER_SIZE)
+	var bytesReturned uint32
+	err = DeviceIoControl(fd, FSCTL_GET_REPARSE_POINT, nil, 0, &rdbbuf[0], uint32(len(rdbbuf)), &bytesReturned, nil)
+	if err != nil {
+		return -1, err
+	}
+
+	rdb := (*reparseDataBuffer)(unsafe.Pointer(&rdbbuf[0]))
+	var s string
+	switch rdb.ReparseTag {
+	case IO_REPARSE_TAG_SYMLINK:
+		data := (*symbolicLinkReparseBuffer)(unsafe.Pointer(&rdb.reparseBuffer))
+		p := (*[0xffff]uint16)(unsafe.Pointer(&data.PathBuffer[0]))
+		s = UTF16ToString(p[data.PrintNameOffset/2 : (data.PrintNameLength-data.PrintNameOffset)/2])
+	case IO_REPARSE_TAG_MOUNT_POINT:
+		data := (*mountPointReparseBuffer)(unsafe.Pointer(&rdb.reparseBuffer))
+		p := (*[0xffff]uint16)(unsafe.Pointer(&data.PathBuffer[0]))
+		s = UTF16ToString(p[data.PrintNameOffset/2 : (data.PrintNameLength-data.PrintNameOffset)/2])
+	default:
+		// the path is not a symlink or junction but another type of reparse
+		// point
+		return -1, syscall.ENOENT
+	}
+	n = copy(buf, []byte(s))
+
+	return n, nil
+}
+
+// GUIDFromString parses a string in the form of
+// "{XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}" into a GUID.
+func GUIDFromString(str string) (GUID, error) {
+	guid := GUID{}
+	str16, err := syscall.UTF16PtrFromString(str)
+	if err != nil {
+		return guid, err
+	}
+	err = clsidFromString(str16, &guid)
+	if err != nil {
+		return guid, err
+	}
+	return guid, nil
+}
+
+// GenerateGUID creates a new random GUID.
+func GenerateGUID() (GUID, error) {
+	guid := GUID{}
+	err := coCreateGuid(&guid)
+	if err != nil {
+		return guid, err
+	}
+	return guid, nil
+}
+
+// String returns the canonical string form of the GUID,
+// in the form of "{XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}".
+func (guid GUID) String() string {
+	var str [100]uint16
+	chars := stringFromGUID2(&guid, &str[0], int32(len(str)))
+	if chars <= 1 {
+		return ""
+	}
+	return string(utf16.Decode(str[:chars-1]))
+}
+
+// KnownFolderPath returns a well-known folder path for the current user, specified by one of
+// the FOLDERID_ constants, and chosen and optionally created based on a KF_ flag.
+func KnownFolderPath(folderID *KNOWNFOLDERID, flags uint32) (string, error) {
+	return Token(0).KnownFolderPath(folderID, flags)
+}
+
+// KnownFolderPath returns a well-known folder path for the user token, specified by one of
+// the FOLDERID_ constants, and chosen and optionally created based on a KF_ flag.
+func (t Token) KnownFolderPath(folderID *KNOWNFOLDERID, flags uint32) (string, error) {
+	var p *uint16
+	err := shGetKnownFolderPath(folderID, flags, t, &p)
+	if err != nil {
+		return "", err
+	}
+	defer CoTaskMemFree(unsafe.Pointer(p))
+	return UTF16PtrToString(p), nil
+}
+
+// RtlGetVersion returns the version of the underlying operating system, ignoring
+// manifest semantics but is affected by the application compatibility layer.
+func RtlGetVersion() *OsVersionInfoEx {
+	info := &OsVersionInfoEx{}
+	info.osVersionInfoSize = uint32(unsafe.Sizeof(*info))
+	// According to documentation, this function always succeeds.
+	// The function doesn't even check the validity of the
+	// osVersionInfoSize member. Disassembling ntdll.dll indicates
+	// that the documentation is indeed correct about that.
+	_ = rtlGetVersion(info)
+	return info
+}
+
+// RtlGetNtVersionNumbers returns the version of the underlying operating system,
+// ignoring manifest semantics and the application compatibility layer.
+func RtlGetNtVersionNumbers() (majorVersion, minorVersion, buildNumber uint32) {
+	rtlGetNtVersionNumbers(&majorVersion, &minorVersion, &buildNumber)
+	buildNumber &= 0xffff
+	return
+}
+
+// GetProcessPreferredUILanguages retrieves the process preferred UI languages.
+func GetProcessPreferredUILanguages(flags uint32) ([]string, error) {
+	return getUILanguages(flags, getProcessPreferredUILanguages)
+}
+
+// GetThreadPreferredUILanguages retrieves the thread preferred UI languages for the current thread.
+func GetThreadPreferredUILanguages(flags uint32) ([]string, error) {
+	return getUILanguages(flags, getThreadPreferredUILanguages)
+}
+
+// GetUserPreferredUILanguages retrieves information about the user preferred UI languages.
+func GetUserPreferredUILanguages(flags uint32) ([]string, error) {
+	return getUILanguages(flags, getUserPreferredUILanguages)
+}
+
+// GetSystemPreferredUILanguages retrieves the system preferred UI languages.
+func GetSystemPreferredUILanguages(flags uint32) ([]string, error) {
+	return getUILanguages(flags, getSystemPreferredUILanguages)
+}
+
+func getUILanguages(flags uint32, f func(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) error) ([]string, error) {
+	size := uint32(128)
+	for {
+		var numLanguages uint32
+		buf := make([]uint16, size)
+		err := f(flags, &numLanguages, &buf[0], &size)
+		if err == ERROR_INSUFFICIENT_BUFFER {
+			continue
+		}
+		if err != nil {
+			return nil, err
+		}
+		buf = buf[:size]
+		if numLanguages == 0 || len(buf) == 0 { // GetProcessPreferredUILanguages may return numLanguages==0 with "\0\0"
+			return []string{}, nil
+		}
+		if buf[len(buf)-1] == 0 {
+			buf = buf[:len(buf)-1] // remove terminating null
+		}
+		languages := make([]string, 0, numLanguages)
+		from := 0
+		for i, c := range buf {
+			if c == 0 {
+				languages = append(languages, string(utf16.Decode(buf[from:i])))
+				from = i + 1
+			}
+		}
+		return languages, nil
+	}
+}
+
+func SetConsoleCursorPosition(console Handle, position Coord) error {
+	return setConsoleCursorPosition(console, *((*uint32)(unsafe.Pointer(&position))))
+}
+
+func GetStartupInfo(startupInfo *StartupInfo) error {
+	getStartupInfo(startupInfo)
+	return nil
+}
+
+func (s NTStatus) Errno() syscall.Errno {
+	return rtlNtStatusToDosErrorNoTeb(s)
+}
+
+func langID(pri, sub uint16) uint32 { return uint32(sub)<<10 | uint32(pri) }
+
+func (s NTStatus) Error() string {
+	b := make([]uint16, 300)
+	n, err := FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_FROM_HMODULE|FORMAT_MESSAGE_ARGUMENT_ARRAY, modntdll.Handle(), uint32(s), langID(LANG_ENGLISH, SUBLANG_ENGLISH_US), b, nil)
+	if err != nil {
+		return fmt.Sprintf("NTSTATUS 0x%08x", uint32(s))
+	}
+	// trim terminating \r and \n
+	for ; n > 0 && (b[n-1] == '\n' || b[n-1] == '\r'); n-- {
+	}
+	return string(utf16.Decode(b[:n]))
+}
+
+// NewNTUnicodeString returns a new NTUnicodeString structure for use with native
+// NT APIs that work over the NTUnicodeString type. Note that most Windows APIs
+// do not use NTUnicodeString, and instead UTF16PtrFromString should be used for
+// the more common *uint16 string type.
+func NewNTUnicodeString(s string) (*NTUnicodeString, error) {
+	s16, err := UTF16FromString(s)
+	if err != nil {
+		return nil, err
+	}
+	n := uint16(len(s16) * 2)
+	return &NTUnicodeString{
+		Length:        n - 2, // subtract 2 bytes for the NULL terminator
+		MaximumLength: n,
+		Buffer:        &s16[0],
+	}, nil
+}
+
+// Slice returns a uint16 slice that aliases the data in the NTUnicodeString.
+func (s *NTUnicodeString) Slice() []uint16 {
+	slice := unsafe.Slice(s.Buffer, s.MaximumLength)
+	return slice[:s.Length]
+}
+
+func (s *NTUnicodeString) String() string {
+	return UTF16ToString(s.Slice())
+}
+
+// NewNTString returns a new NTString structure for use with native
+// NT APIs that work over the NTString type. Note that most Windows APIs
+// do not use NTString, and instead UTF16PtrFromString should be used for
+// the more common *uint16 string type.
+func NewNTString(s string) (*NTString, error) {
+	var nts NTString
+	s8, err := BytePtrFromString(s)
+	if err != nil {
+		return nil, err
+	}
+	RtlInitString(&nts, s8)
+	return &nts, nil
+}
+
+// Slice returns a byte slice that aliases the data in the NTString.
+func (s *NTString) Slice() []byte {
+	slice := unsafe.Slice(s.Buffer, s.MaximumLength)
+	return slice[:s.Length]
+}
+
+func (s *NTString) String() string {
+	return ByteSliceToString(s.Slice())
+}
+
+// FindResource resolves a resource of the given name and resource type.
+func FindResource(module Handle, name, resType ResourceIDOrString) (Handle, error) {
+	var namePtr, resTypePtr uintptr
+	var name16, resType16 *uint16
+	var err error
+	resolvePtr := func(i interface{}, keep **uint16) (uintptr, error) {
+		switch v := i.(type) {
+		case string:
+			*keep, err = UTF16PtrFromString(v)
+			if err != nil {
+				return 0, err
+			}
+			return uintptr(unsafe.Pointer(*keep)), nil
+		case ResourceID:
+			return uintptr(v), nil
+		}
+		return 0, errorspkg.New("parameter must be a ResourceID or a string")
+	}
+	namePtr, err = resolvePtr(name, &name16)
+	if err != nil {
+		return 0, err
+	}
+	resTypePtr, err = resolvePtr(resType, &resType16)
+	if err != nil {
+		return 0, err
+	}
+	resInfo, err := findResource(module, namePtr, resTypePtr)
+	runtime.KeepAlive(name16)
+	runtime.KeepAlive(resType16)
+	return resInfo, err
+}
+
+func LoadResourceData(module, resInfo Handle) (data []byte, err error) {
+	size, err := SizeofResource(module, resInfo)
+	if err != nil {
+		return
+	}
+	resData, err := LoadResource(module, resInfo)
+	if err != nil {
+		return
+	}
+	ptr, err := LockResource(resData)
+	if err != nil {
+		return
+	}
+	data = unsafe.Slice((*byte)(unsafe.Pointer(ptr)), size)
+	return
+}
+
+// PSAPI_WORKING_SET_EX_BLOCK contains extended working set information for a page.
+type PSAPI_WORKING_SET_EX_BLOCK uint64
+
+// Valid returns the validity of this page.
+// If this bit is 1, the subsequent members are valid; otherwise they should be ignored.
+func (b PSAPI_WORKING_SET_EX_BLOCK) Valid() bool {
+	return (b & 1) == 1
+}
+
+// ShareCount is the number of processes that share this page. The maximum value of this member is 7.
+func (b PSAPI_WORKING_SET_EX_BLOCK) ShareCount() uint64 {
+	return b.intField(1, 3)
+}
+
+// Win32Protection is the memory protection attributes of the page. For a list of values, see
+// https://docs.microsoft.com/en-us/windows/win32/memory/memory-protection-constants
+func (b PSAPI_WORKING_SET_EX_BLOCK) Win32Protection() uint64 {
+	return b.intField(4, 11)
+}
+
+// Shared returns the shared status of this page.
+// If this bit is 1, the page can be shared.
+func (b PSAPI_WORKING_SET_EX_BLOCK) Shared() bool {
+	return (b & (1 << 15)) == 1
+}
+
+// Node is the NUMA node. The maximum value of this member is 63.
+func (b PSAPI_WORKING_SET_EX_BLOCK) Node() uint64 {
+	return b.intField(16, 6)
+}
+
+// Locked returns the locked status of this page.
+// If this bit is 1, the virtual page is locked in physical memory.
+func (b PSAPI_WORKING_SET_EX_BLOCK) Locked() bool {
+	return (b & (1 << 22)) == 1
+}
+
+// LargePage returns the large page status of this page.
+// If this bit is 1, the page is a large page.
+func (b PSAPI_WORKING_SET_EX_BLOCK) LargePage() bool {
+	return (b & (1 << 23)) == 1
+}
+
+// Bad returns the bad status of this page.
+// If this bit is 1, the page is has been reported as bad.
+func (b PSAPI_WORKING_SET_EX_BLOCK) Bad() bool {
+	return (b & (1 << 31)) == 1
+}
+
+// intField extracts an integer field in the PSAPI_WORKING_SET_EX_BLOCK union.
+func (b PSAPI_WORKING_SET_EX_BLOCK) intField(start, length int) uint64 {
+	var mask PSAPI_WORKING_SET_EX_BLOCK
+	for pos := start; pos < start+length; pos++ {
+		mask |= (1 << pos)
+	}
+
+	masked := b & mask
+	return uint64(masked >> start)
+}
+
+// PSAPI_WORKING_SET_EX_INFORMATION contains extended working set information for a process.
+type PSAPI_WORKING_SET_EX_INFORMATION struct {
+	// The virtual address.
+	VirtualAddress Pointer
+	// A PSAPI_WORKING_SET_EX_BLOCK union that indicates the attributes of the page at VirtualAddress.
+	VirtualAttributes PSAPI_WORKING_SET_EX_BLOCK
+}
+
+// CreatePseudoConsole creates a windows pseudo console.
+func CreatePseudoConsole(size Coord, in Handle, out Handle, flags uint32, pconsole *Handle) error {
+	// We need this wrapper to manually cast Coord to uint32. The autogenerated wrappers only
+	// accept arguments that can be casted to uintptr, and Coord can't.
+	return createPseudoConsole(*((*uint32)(unsafe.Pointer(&size))), in, out, flags, pconsole)
+}
+
+// ResizePseudoConsole resizes the internal buffers of the pseudo console to the width and height specified in `size`.
+func ResizePseudoConsole(pconsole Handle, size Coord) error {
+	// We need this wrapper to manually cast Coord to uint32. The autogenerated wrappers only
+	// accept arguments that can be casted to uintptr, and Coord can't.
+	return resizePseudoConsole(pconsole, *((*uint32)(unsafe.Pointer(&size))))
+}
+
+// DCB constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/ns-winbase-dcb.
+const (
+	CBR_110    = 110
+	CBR_300    = 300
+	CBR_600    = 600
+	CBR_1200   = 1200
+	CBR_2400   = 2400
+	CBR_4800   = 4800
+	CBR_9600   = 9600
+	CBR_14400  = 14400
+	CBR_19200  = 19200
+	CBR_38400  = 38400
+	CBR_57600  = 57600
+	CBR_115200 = 115200
+	CBR_128000 = 128000
+	CBR_256000 = 256000
+
+	DTR_CONTROL_DISABLE   = 0x00000000
+	DTR_CONTROL_ENABLE    = 0x00000010
+	DTR_CONTROL_HANDSHAKE = 0x00000020
+
+	RTS_CONTROL_DISABLE   = 0x00000000
+	RTS_CONTROL_ENABLE    = 0x00001000
+	RTS_CONTROL_HANDSHAKE = 0x00002000
+	RTS_CONTROL_TOGGLE    = 0x00003000
+
+	NOPARITY    = 0
+	ODDPARITY   = 1
+	EVENPARITY  = 2
+	MARKPARITY  = 3
+	SPACEPARITY = 4
+
+	ONESTOPBIT   = 0
+	ONE5STOPBITS = 1
+	TWOSTOPBITS  = 2
+)
+
+// EscapeCommFunction constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-escapecommfunction.
+const (
+	SETXOFF  = 1
+	SETXON   = 2
+	SETRTS   = 3
+	CLRRTS   = 4
+	SETDTR   = 5
+	CLRDTR   = 6
+	SETBREAK = 8
+	CLRBREAK = 9
+)
+
+// PurgeComm constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-purgecomm.
+const (
+	PURGE_TXABORT = 0x0001
+	PURGE_RXABORT = 0x0002
+	PURGE_TXCLEAR = 0x0004
+	PURGE_RXCLEAR = 0x0008
+)
+
+// SetCommMask constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-setcommmask.
+const (
+	EV_RXCHAR  = 0x0001
+	EV_RXFLAG  = 0x0002
+	EV_TXEMPTY = 0x0004
+	EV_CTS     = 0x0008
+	EV_DSR     = 0x0010
+	EV_RLSD    = 0x0020
+	EV_BREAK   = 0x0040
+	EV_ERR     = 0x0080
+	EV_RING    = 0x0100
+)
diff --git a/server/vendor/golang.org/x/sys/windows/types_windows.go b/server/vendor/golang.org/x/sys/windows/types_windows.go
new file mode 100644
index 0000000..9d138de
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/types_windows.go
@@ -0,0 +1,3603 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+)
+
+// NTStatus corresponds with NTSTATUS, error values returned by ntdll.dll and
+// other native functions.
+type NTStatus uint32
+
+const (
+	// Invented values to support what package os expects.
+	O_RDONLY   = 0x00000
+	O_WRONLY   = 0x00001
+	O_RDWR     = 0x00002
+	O_CREAT    = 0x00040
+	O_EXCL     = 0x00080
+	O_NOCTTY   = 0x00100
+	O_TRUNC    = 0x00200
+	O_NONBLOCK = 0x00800
+	O_APPEND   = 0x00400
+	O_SYNC     = 0x01000
+	O_ASYNC    = 0x02000
+	O_CLOEXEC  = 0x80000
+)
+
+const (
+	// More invented values for signals
+	SIGHUP  = Signal(0x1)
+	SIGINT  = Signal(0x2)
+	SIGQUIT = Signal(0x3)
+	SIGILL  = Signal(0x4)
+	SIGTRAP = Signal(0x5)
+	SIGABRT = Signal(0x6)
+	SIGBUS  = Signal(0x7)
+	SIGFPE  = Signal(0x8)
+	SIGKILL = Signal(0x9)
+	SIGSEGV = Signal(0xb)
+	SIGPIPE = Signal(0xd)
+	SIGALRM = Signal(0xe)
+	SIGTERM = Signal(0xf)
+)
+
+var signals = [...]string{
+	1:  "hangup",
+	2:  "interrupt",
+	3:  "quit",
+	4:  "illegal instruction",
+	5:  "trace/breakpoint trap",
+	6:  "aborted",
+	7:  "bus error",
+	8:  "floating point exception",
+	9:  "killed",
+	10: "user defined signal 1",
+	11: "segmentation fault",
+	12: "user defined signal 2",
+	13: "broken pipe",
+	14: "alarm clock",
+	15: "terminated",
+}
+
+const (
+	FILE_READ_DATA        = 0x00000001
+	FILE_READ_ATTRIBUTES  = 0x00000080
+	FILE_READ_EA          = 0x00000008
+	FILE_WRITE_DATA       = 0x00000002
+	FILE_WRITE_ATTRIBUTES = 0x00000100
+	FILE_WRITE_EA         = 0x00000010
+	FILE_APPEND_DATA      = 0x00000004
+	FILE_EXECUTE          = 0x00000020
+
+	FILE_GENERIC_READ    = STANDARD_RIGHTS_READ | FILE_READ_DATA | FILE_READ_ATTRIBUTES | FILE_READ_EA | SYNCHRONIZE
+	FILE_GENERIC_WRITE   = STANDARD_RIGHTS_WRITE | FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA | FILE_APPEND_DATA | SYNCHRONIZE
+	FILE_GENERIC_EXECUTE = STANDARD_RIGHTS_EXECUTE | FILE_READ_ATTRIBUTES | FILE_EXECUTE | SYNCHRONIZE
+
+	FILE_LIST_DIRECTORY = 0x00000001
+	FILE_TRAVERSE       = 0x00000020
+
+	FILE_SHARE_READ   = 0x00000001
+	FILE_SHARE_WRITE  = 0x00000002
+	FILE_SHARE_DELETE = 0x00000004
+
+	FILE_ATTRIBUTE_READONLY              = 0x00000001
+	FILE_ATTRIBUTE_HIDDEN                = 0x00000002
+	FILE_ATTRIBUTE_SYSTEM                = 0x00000004
+	FILE_ATTRIBUTE_DIRECTORY             = 0x00000010
+	FILE_ATTRIBUTE_ARCHIVE               = 0x00000020
+	FILE_ATTRIBUTE_DEVICE                = 0x00000040
+	FILE_ATTRIBUTE_NORMAL                = 0x00000080
+	FILE_ATTRIBUTE_TEMPORARY             = 0x00000100
+	FILE_ATTRIBUTE_SPARSE_FILE           = 0x00000200
+	FILE_ATTRIBUTE_REPARSE_POINT         = 0x00000400
+	FILE_ATTRIBUTE_COMPRESSED            = 0x00000800
+	FILE_ATTRIBUTE_OFFLINE               = 0x00001000
+	FILE_ATTRIBUTE_NOT_CONTENT_INDEXED   = 0x00002000
+	FILE_ATTRIBUTE_ENCRYPTED             = 0x00004000
+	FILE_ATTRIBUTE_INTEGRITY_STREAM      = 0x00008000
+	FILE_ATTRIBUTE_VIRTUAL               = 0x00010000
+	FILE_ATTRIBUTE_NO_SCRUB_DATA         = 0x00020000
+	FILE_ATTRIBUTE_RECALL_ON_OPEN        = 0x00040000
+	FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS = 0x00400000
+
+	INVALID_FILE_ATTRIBUTES = 0xffffffff
+
+	CREATE_NEW        = 1
+	CREATE_ALWAYS     = 2
+	OPEN_EXISTING     = 3
+	OPEN_ALWAYS       = 4
+	TRUNCATE_EXISTING = 5
+
+	FILE_FLAG_OPEN_REQUIRING_OPLOCK = 0x00040000
+	FILE_FLAG_FIRST_PIPE_INSTANCE   = 0x00080000
+	FILE_FLAG_OPEN_NO_RECALL        = 0x00100000
+	FILE_FLAG_OPEN_REPARSE_POINT    = 0x00200000
+	FILE_FLAG_SESSION_AWARE         = 0x00800000
+	FILE_FLAG_POSIX_SEMANTICS       = 0x01000000
+	FILE_FLAG_BACKUP_SEMANTICS      = 0x02000000
+	FILE_FLAG_DELETE_ON_CLOSE       = 0x04000000
+	FILE_FLAG_SEQUENTIAL_SCAN       = 0x08000000
+	FILE_FLAG_RANDOM_ACCESS         = 0x10000000
+	FILE_FLAG_NO_BUFFERING          = 0x20000000
+	FILE_FLAG_OVERLAPPED            = 0x40000000
+	FILE_FLAG_WRITE_THROUGH         = 0x80000000
+
+	HANDLE_FLAG_INHERIT    = 0x00000001
+	STARTF_USESTDHANDLES   = 0x00000100
+	STARTF_USESHOWWINDOW   = 0x00000001
+	DUPLICATE_CLOSE_SOURCE = 0x00000001
+	DUPLICATE_SAME_ACCESS  = 0x00000002
+
+	STD_INPUT_HANDLE  = -10 & (1<<32 - 1)
+	STD_OUTPUT_HANDLE = -11 & (1<<32 - 1)
+	STD_ERROR_HANDLE  = -12 & (1<<32 - 1)
+
+	FILE_BEGIN   = 0
+	FILE_CURRENT = 1
+	FILE_END     = 2
+
+	LANG_ENGLISH       = 0x09
+	SUBLANG_ENGLISH_US = 0x01
+
+	FORMAT_MESSAGE_ALLOCATE_BUFFER = 256
+	FORMAT_MESSAGE_IGNORE_INSERTS  = 512
+	FORMAT_MESSAGE_FROM_STRING     = 1024
+	FORMAT_MESSAGE_FROM_HMODULE    = 2048
+	FORMAT_MESSAGE_FROM_SYSTEM     = 4096
+	FORMAT_MESSAGE_ARGUMENT_ARRAY  = 8192
+	FORMAT_MESSAGE_MAX_WIDTH_MASK  = 255
+
+	MAX_PATH      = 260
+	MAX_LONG_PATH = 32768
+
+	MAX_MODULE_NAME32 = 255
+
+	MAX_COMPUTERNAME_LENGTH = 15
+
+	MAX_DHCPV6_DUID_LENGTH = 130
+
+	MAX_DNS_SUFFIX_STRING_LENGTH = 256
+
+	TIME_ZONE_ID_UNKNOWN  = 0
+	TIME_ZONE_ID_STANDARD = 1
+
+	TIME_ZONE_ID_DAYLIGHT = 2
+	IGNORE                = 0
+	INFINITE              = 0xffffffff
+
+	WAIT_ABANDONED = 0x00000080
+	WAIT_OBJECT_0  = 0x00000000
+	WAIT_FAILED    = 0xFFFFFFFF
+
+	// Access rights for process.
+	PROCESS_ALL_ACCESS                = 0xFFFF
+	PROCESS_CREATE_PROCESS            = 0x0080
+	PROCESS_CREATE_THREAD             = 0x0002
+	PROCESS_DUP_HANDLE                = 0x0040
+	PROCESS_QUERY_INFORMATION         = 0x0400
+	PROCESS_QUERY_LIMITED_INFORMATION = 0x1000
+	PROCESS_SET_INFORMATION           = 0x0200
+	PROCESS_SET_QUOTA                 = 0x0100
+	PROCESS_SUSPEND_RESUME            = 0x0800
+	PROCESS_TERMINATE                 = 0x0001
+	PROCESS_VM_OPERATION              = 0x0008
+	PROCESS_VM_READ                   = 0x0010
+	PROCESS_VM_WRITE                  = 0x0020
+
+	// Access rights for thread.
+	THREAD_DIRECT_IMPERSONATION      = 0x0200
+	THREAD_GET_CONTEXT               = 0x0008
+	THREAD_IMPERSONATE               = 0x0100
+	THREAD_QUERY_INFORMATION         = 0x0040
+	THREAD_QUERY_LIMITED_INFORMATION = 0x0800
+	THREAD_SET_CONTEXT               = 0x0010
+	THREAD_SET_INFORMATION           = 0x0020
+	THREAD_SET_LIMITED_INFORMATION   = 0x0400
+	THREAD_SET_THREAD_TOKEN          = 0x0080
+	THREAD_SUSPEND_RESUME            = 0x0002
+	THREAD_TERMINATE                 = 0x0001
+
+	FILE_MAP_COPY    = 0x01
+	FILE_MAP_WRITE   = 0x02
+	FILE_MAP_READ    = 0x04
+	FILE_MAP_EXECUTE = 0x20
+
+	CTRL_C_EVENT        = 0
+	CTRL_BREAK_EVENT    = 1
+	CTRL_CLOSE_EVENT    = 2
+	CTRL_LOGOFF_EVENT   = 5
+	CTRL_SHUTDOWN_EVENT = 6
+
+	// Windows reserves errors >= 1<<29 for application use.
+	APPLICATION_ERROR = 1 << 29
+)
+
+const (
+	// Process creation flags.
+	CREATE_BREAKAWAY_FROM_JOB        = 0x01000000
+	CREATE_DEFAULT_ERROR_MODE        = 0x04000000
+	CREATE_NEW_CONSOLE               = 0x00000010
+	CREATE_NEW_PROCESS_GROUP         = 0x00000200
+	CREATE_NO_WINDOW                 = 0x08000000
+	CREATE_PROTECTED_PROCESS         = 0x00040000
+	CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 0x02000000
+	CREATE_SEPARATE_WOW_VDM          = 0x00000800
+	CREATE_SHARED_WOW_VDM            = 0x00001000
+	CREATE_SUSPENDED                 = 0x00000004
+	CREATE_UNICODE_ENVIRONMENT       = 0x00000400
+	DEBUG_ONLY_THIS_PROCESS          = 0x00000002
+	DEBUG_PROCESS                    = 0x00000001
+	DETACHED_PROCESS                 = 0x00000008
+	EXTENDED_STARTUPINFO_PRESENT     = 0x00080000
+	INHERIT_PARENT_AFFINITY          = 0x00010000
+)
+
+const (
+	// attributes for ProcThreadAttributeList
+	PROC_THREAD_ATTRIBUTE_PARENT_PROCESS    = 0x00020000
+	PROC_THREAD_ATTRIBUTE_HANDLE_LIST       = 0x00020002
+	PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY    = 0x00030003
+	PROC_THREAD_ATTRIBUTE_PREFERRED_NODE    = 0x00020004
+	PROC_THREAD_ATTRIBUTE_IDEAL_PROCESSOR   = 0x00030005
+	PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = 0x00020007
+	PROC_THREAD_ATTRIBUTE_UMS_THREAD        = 0x00030006
+	PROC_THREAD_ATTRIBUTE_PROTECTION_LEVEL  = 0x0002000b
+	PROC_THREAD_ATTRIBUTE_PSEUDOCONSOLE     = 0x00020016
+)
+
+const (
+	// flags for CreateToolhelp32Snapshot
+	TH32CS_SNAPHEAPLIST = 0x01
+	TH32CS_SNAPPROCESS  = 0x02
+	TH32CS_SNAPTHREAD   = 0x04
+	TH32CS_SNAPMODULE   = 0x08
+	TH32CS_SNAPMODULE32 = 0x10
+	TH32CS_SNAPALL      = TH32CS_SNAPHEAPLIST | TH32CS_SNAPMODULE | TH32CS_SNAPPROCESS | TH32CS_SNAPTHREAD
+	TH32CS_INHERIT      = 0x80000000
+)
+
+const (
+	// flags for EnumProcessModulesEx
+	LIST_MODULES_32BIT   = 0x01
+	LIST_MODULES_64BIT   = 0x02
+	LIST_MODULES_ALL     = 0x03
+	LIST_MODULES_DEFAULT = 0x00
+)
+
+const (
+	// filters for ReadDirectoryChangesW and FindFirstChangeNotificationW
+	FILE_NOTIFY_CHANGE_FILE_NAME   = 0x001
+	FILE_NOTIFY_CHANGE_DIR_NAME    = 0x002
+	FILE_NOTIFY_CHANGE_ATTRIBUTES  = 0x004
+	FILE_NOTIFY_CHANGE_SIZE        = 0x008
+	FILE_NOTIFY_CHANGE_LAST_WRITE  = 0x010
+	FILE_NOTIFY_CHANGE_LAST_ACCESS = 0x020
+	FILE_NOTIFY_CHANGE_CREATION    = 0x040
+	FILE_NOTIFY_CHANGE_SECURITY    = 0x100
+)
+
+const (
+	// do not reorder
+	FILE_ACTION_ADDED = iota + 1
+	FILE_ACTION_REMOVED
+	FILE_ACTION_MODIFIED
+	FILE_ACTION_RENAMED_OLD_NAME
+	FILE_ACTION_RENAMED_NEW_NAME
+)
+
+const (
+	// wincrypt.h
+	/* certenrolld_begin -- PROV_RSA_*/
+	PROV_RSA_FULL      = 1
+	PROV_RSA_SIG       = 2
+	PROV_DSS           = 3
+	PROV_FORTEZZA      = 4
+	PROV_MS_EXCHANGE   = 5
+	PROV_SSL           = 6
+	PROV_RSA_SCHANNEL  = 12
+	PROV_DSS_DH        = 13
+	PROV_EC_ECDSA_SIG  = 14
+	PROV_EC_ECNRA_SIG  = 15
+	PROV_EC_ECDSA_FULL = 16
+	PROV_EC_ECNRA_FULL = 17
+	PROV_DH_SCHANNEL   = 18
+	PROV_SPYRUS_LYNKS  = 20
+	PROV_RNG           = 21
+	PROV_INTEL_SEC     = 22
+	PROV_REPLACE_OWF   = 23
+	PROV_RSA_AES       = 24
+
+	/* dwFlags definitions for CryptAcquireContext */
+	CRYPT_VERIFYCONTEXT              = 0xF0000000
+	CRYPT_NEWKEYSET                  = 0x00000008
+	CRYPT_DELETEKEYSET               = 0x00000010
+	CRYPT_MACHINE_KEYSET             = 0x00000020
+	CRYPT_SILENT                     = 0x00000040
+	CRYPT_DEFAULT_CONTAINER_OPTIONAL = 0x00000080
+
+	/* Flags for PFXImportCertStore */
+	CRYPT_EXPORTABLE                   = 0x00000001
+	CRYPT_USER_PROTECTED               = 0x00000002
+	CRYPT_USER_KEYSET                  = 0x00001000
+	PKCS12_PREFER_CNG_KSP              = 0x00000100
+	PKCS12_ALWAYS_CNG_KSP              = 0x00000200
+	PKCS12_ALLOW_OVERWRITE_KEY         = 0x00004000
+	PKCS12_NO_PERSIST_KEY              = 0x00008000
+	PKCS12_INCLUDE_EXTENDED_PROPERTIES = 0x00000010
+
+	/* Flags for CryptAcquireCertificatePrivateKey */
+	CRYPT_ACQUIRE_CACHE_FLAG             = 0x00000001
+	CRYPT_ACQUIRE_USE_PROV_INFO_FLAG     = 0x00000002
+	CRYPT_ACQUIRE_COMPARE_KEY_FLAG       = 0x00000004
+	CRYPT_ACQUIRE_NO_HEALING             = 0x00000008
+	CRYPT_ACQUIRE_SILENT_FLAG            = 0x00000040
+	CRYPT_ACQUIRE_WINDOW_HANDLE_FLAG     = 0x00000080
+	CRYPT_ACQUIRE_NCRYPT_KEY_FLAGS_MASK  = 0x00070000
+	CRYPT_ACQUIRE_ALLOW_NCRYPT_KEY_FLAG  = 0x00010000
+	CRYPT_ACQUIRE_PREFER_NCRYPT_KEY_FLAG = 0x00020000
+	CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG   = 0x00040000
+
+	/* pdwKeySpec for CryptAcquireCertificatePrivateKey */
+	AT_KEYEXCHANGE       = 1
+	AT_SIGNATURE         = 2
+	CERT_NCRYPT_KEY_SPEC = 0xFFFFFFFF
+
+	/* Default usage match type is AND with value zero */
+	USAGE_MATCH_TYPE_AND = 0
+	USAGE_MATCH_TYPE_OR  = 1
+
+	/* msgAndCertEncodingType values for CertOpenStore function */
+	X509_ASN_ENCODING   = 0x00000001
+	PKCS_7_ASN_ENCODING = 0x00010000
+
+	/* storeProvider values for CertOpenStore function */
+	CERT_STORE_PROV_MSG               = 1
+	CERT_STORE_PROV_MEMORY            = 2
+	CERT_STORE_PROV_FILE              = 3
+	CERT_STORE_PROV_REG               = 4
+	CERT_STORE_PROV_PKCS7             = 5
+	CERT_STORE_PROV_SERIALIZED        = 6
+	CERT_STORE_PROV_FILENAME_A        = 7
+	CERT_STORE_PROV_FILENAME_W        = 8
+	CERT_STORE_PROV_FILENAME          = CERT_STORE_PROV_FILENAME_W
+	CERT_STORE_PROV_SYSTEM_A          = 9
+	CERT_STORE_PROV_SYSTEM_W          = 10
+	CERT_STORE_PROV_SYSTEM            = CERT_STORE_PROV_SYSTEM_W
+	CERT_STORE_PROV_COLLECTION        = 11
+	CERT_STORE_PROV_SYSTEM_REGISTRY_A = 12
+	CERT_STORE_PROV_SYSTEM_REGISTRY_W = 13
+	CERT_STORE_PROV_SYSTEM_REGISTRY   = CERT_STORE_PROV_SYSTEM_REGISTRY_W
+	CERT_STORE_PROV_PHYSICAL_W        = 14
+	CERT_STORE_PROV_PHYSICAL          = CERT_STORE_PROV_PHYSICAL_W
+	CERT_STORE_PROV_SMART_CARD_W      = 15
+	CERT_STORE_PROV_SMART_CARD        = CERT_STORE_PROV_SMART_CARD_W
+	CERT_STORE_PROV_LDAP_W            = 16
+	CERT_STORE_PROV_LDAP              = CERT_STORE_PROV_LDAP_W
+	CERT_STORE_PROV_PKCS12            = 17
+
+	/* store characteristics (low WORD of flag) for CertOpenStore function */
+	CERT_STORE_NO_CRYPT_RELEASE_FLAG            = 0x00000001
+	CERT_STORE_SET_LOCALIZED_NAME_FLAG          = 0x00000002
+	CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG = 0x00000004
+	CERT_STORE_DELETE_FLAG                      = 0x00000010
+	CERT_STORE_UNSAFE_PHYSICAL_FLAG             = 0x00000020
+	CERT_STORE_SHARE_STORE_FLAG                 = 0x00000040
+	CERT_STORE_SHARE_CONTEXT_FLAG               = 0x00000080
+	CERT_STORE_MANIFOLD_FLAG                    = 0x00000100
+	CERT_STORE_ENUM_ARCHIVED_FLAG               = 0x00000200
+	CERT_STORE_UPDATE_KEYID_FLAG                = 0x00000400
+	CERT_STORE_BACKUP_RESTORE_FLAG              = 0x00000800
+	CERT_STORE_MAXIMUM_ALLOWED_FLAG             = 0x00001000
+	CERT_STORE_CREATE_NEW_FLAG                  = 0x00002000
+	CERT_STORE_OPEN_EXISTING_FLAG               = 0x00004000
+	CERT_STORE_READONLY_FLAG                    = 0x00008000
+
+	/* store locations (high WORD of flag) for CertOpenStore function */
+	CERT_SYSTEM_STORE_CURRENT_USER               = 0x00010000
+	CERT_SYSTEM_STORE_LOCAL_MACHINE              = 0x00020000
+	CERT_SYSTEM_STORE_CURRENT_SERVICE            = 0x00040000
+	CERT_SYSTEM_STORE_SERVICES                   = 0x00050000
+	CERT_SYSTEM_STORE_USERS                      = 0x00060000
+	CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY  = 0x00070000
+	CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY = 0x00080000
+	CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE   = 0x00090000
+	CERT_SYSTEM_STORE_UNPROTECTED_FLAG           = 0x40000000
+	CERT_SYSTEM_STORE_RELOCATE_FLAG              = 0x80000000
+
+	/* Miscellaneous high-WORD flags for CertOpenStore function */
+	CERT_REGISTRY_STORE_REMOTE_FLAG      = 0x00010000
+	CERT_REGISTRY_STORE_SERIALIZED_FLAG  = 0x00020000
+	CERT_REGISTRY_STORE_ROAMING_FLAG     = 0x00040000
+	CERT_REGISTRY_STORE_MY_IE_DIRTY_FLAG = 0x00080000
+	CERT_REGISTRY_STORE_LM_GPT_FLAG      = 0x01000000
+	CERT_REGISTRY_STORE_CLIENT_GPT_FLAG  = 0x80000000
+	CERT_FILE_STORE_COMMIT_ENABLE_FLAG   = 0x00010000
+	CERT_LDAP_STORE_SIGN_FLAG            = 0x00010000
+	CERT_LDAP_STORE_AREC_EXCLUSIVE_FLAG  = 0x00020000
+	CERT_LDAP_STORE_OPENED_FLAG          = 0x00040000
+	CERT_LDAP_STORE_UNBIND_FLAG          = 0x00080000
+
+	/* addDisposition values for CertAddCertificateContextToStore function */
+	CERT_STORE_ADD_NEW                                 = 1
+	CERT_STORE_ADD_USE_EXISTING                        = 2
+	CERT_STORE_ADD_REPLACE_EXISTING                    = 3
+	CERT_STORE_ADD_ALWAYS                              = 4
+	CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES = 5
+	CERT_STORE_ADD_NEWER                               = 6
+	CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES            = 7
+
+	/* ErrorStatus values for CertTrustStatus struct */
+	CERT_TRUST_NO_ERROR                          = 0x00000000
+	CERT_TRUST_IS_NOT_TIME_VALID                 = 0x00000001
+	CERT_TRUST_IS_REVOKED                        = 0x00000004
+	CERT_TRUST_IS_NOT_SIGNATURE_VALID            = 0x00000008
+	CERT_TRUST_IS_NOT_VALID_FOR_USAGE            = 0x00000010
+	CERT_TRUST_IS_UNTRUSTED_ROOT                 = 0x00000020
+	CERT_TRUST_REVOCATION_STATUS_UNKNOWN         = 0x00000040
+	CERT_TRUST_IS_CYCLIC                         = 0x00000080
+	CERT_TRUST_INVALID_EXTENSION                 = 0x00000100
+	CERT_TRUST_INVALID_POLICY_CONSTRAINTS        = 0x00000200
+	CERT_TRUST_INVALID_BASIC_CONSTRAINTS         = 0x00000400
+	CERT_TRUST_INVALID_NAME_CONSTRAINTS          = 0x00000800
+	CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT = 0x00001000
+	CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT   = 0x00002000
+	CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT = 0x00004000
+	CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT      = 0x00008000
+	CERT_TRUST_IS_PARTIAL_CHAIN                  = 0x00010000
+	CERT_TRUST_CTL_IS_NOT_TIME_VALID             = 0x00020000
+	CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID        = 0x00040000
+	CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE        = 0x00080000
+	CERT_TRUST_HAS_WEAK_SIGNATURE                = 0x00100000
+	CERT_TRUST_IS_OFFLINE_REVOCATION             = 0x01000000
+	CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY          = 0x02000000
+	CERT_TRUST_IS_EXPLICIT_DISTRUST              = 0x04000000
+	CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT    = 0x08000000
+
+	/* InfoStatus values for CertTrustStatus struct */
+	CERT_TRUST_HAS_EXACT_MATCH_ISSUER        = 0x00000001
+	CERT_TRUST_HAS_KEY_MATCH_ISSUER          = 0x00000002
+	CERT_TRUST_HAS_NAME_MATCH_ISSUER         = 0x00000004
+	CERT_TRUST_IS_SELF_SIGNED                = 0x00000008
+	CERT_TRUST_HAS_PREFERRED_ISSUER          = 0x00000100
+	CERT_TRUST_HAS_ISSUANCE_CHAIN_POLICY     = 0x00000400
+	CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS    = 0x00000400
+	CERT_TRUST_IS_PEER_TRUSTED               = 0x00000800
+	CERT_TRUST_HAS_CRL_VALIDITY_EXTENDED     = 0x00001000
+	CERT_TRUST_IS_FROM_EXCLUSIVE_TRUST_STORE = 0x00002000
+	CERT_TRUST_IS_CA_TRUSTED                 = 0x00004000
+	CERT_TRUST_IS_COMPLEX_CHAIN              = 0x00010000
+
+	/* Certificate Information Flags */
+	CERT_INFO_VERSION_FLAG                 = 1
+	CERT_INFO_SERIAL_NUMBER_FLAG           = 2
+	CERT_INFO_SIGNATURE_ALGORITHM_FLAG     = 3
+	CERT_INFO_ISSUER_FLAG                  = 4
+	CERT_INFO_NOT_BEFORE_FLAG              = 5
+	CERT_INFO_NOT_AFTER_FLAG               = 6
+	CERT_INFO_SUBJECT_FLAG                 = 7
+	CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG = 8
+	CERT_INFO_ISSUER_UNIQUE_ID_FLAG        = 9
+	CERT_INFO_SUBJECT_UNIQUE_ID_FLAG       = 10
+	CERT_INFO_EXTENSION_FLAG               = 11
+
+	/* dwFindType for CertFindCertificateInStore  */
+	CERT_COMPARE_MASK                     = 0xFFFF
+	CERT_COMPARE_SHIFT                    = 16
+	CERT_COMPARE_ANY                      = 0
+	CERT_COMPARE_SHA1_HASH                = 1
+	CERT_COMPARE_NAME                     = 2
+	CERT_COMPARE_ATTR                     = 3
+	CERT_COMPARE_MD5_HASH                 = 4
+	CERT_COMPARE_PROPERTY                 = 5
+	CERT_COMPARE_PUBLIC_KEY               = 6
+	CERT_COMPARE_HASH                     = CERT_COMPARE_SHA1_HASH
+	CERT_COMPARE_NAME_STR_A               = 7
+	CERT_COMPARE_NAME_STR_W               = 8
+	CERT_COMPARE_KEY_SPEC                 = 9
+	CERT_COMPARE_ENHKEY_USAGE             = 10
+	CERT_COMPARE_CTL_USAGE                = CERT_COMPARE_ENHKEY_USAGE
+	CERT_COMPARE_SUBJECT_CERT             = 11
+	CERT_COMPARE_ISSUER_OF                = 12
+	CERT_COMPARE_EXISTING                 = 13
+	CERT_COMPARE_SIGNATURE_HASH           = 14
+	CERT_COMPARE_KEY_IDENTIFIER           = 15
+	CERT_COMPARE_CERT_ID                  = 16
+	CERT_COMPARE_CROSS_CERT_DIST_POINTS   = 17
+	CERT_COMPARE_PUBKEY_MD5_HASH          = 18
+	CERT_COMPARE_SUBJECT_INFO_ACCESS      = 19
+	CERT_COMPARE_HASH_STR                 = 20
+	CERT_COMPARE_HAS_PRIVATE_KEY          = 21
+	CERT_FIND_ANY                         = (CERT_COMPARE_ANY << CERT_COMPARE_SHIFT)
+	CERT_FIND_SHA1_HASH                   = (CERT_COMPARE_SHA1_HASH << CERT_COMPARE_SHIFT)
+	CERT_FIND_MD5_HASH                    = (CERT_COMPARE_MD5_HASH << CERT_COMPARE_SHIFT)
+	CERT_FIND_SIGNATURE_HASH              = (CERT_COMPARE_SIGNATURE_HASH << CERT_COMPARE_SHIFT)
+	CERT_FIND_KEY_IDENTIFIER              = (CERT_COMPARE_KEY_IDENTIFIER << CERT_COMPARE_SHIFT)
+	CERT_FIND_HASH                        = CERT_FIND_SHA1_HASH
+	CERT_FIND_PROPERTY                    = (CERT_COMPARE_PROPERTY << CERT_COMPARE_SHIFT)
+	CERT_FIND_PUBLIC_KEY                  = (CERT_COMPARE_PUBLIC_KEY << CERT_COMPARE_SHIFT)
+	CERT_FIND_SUBJECT_NAME                = (CERT_COMPARE_NAME<<CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
+	CERT_FIND_SUBJECT_ATTR                = (CERT_COMPARE_ATTR<<CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
+	CERT_FIND_ISSUER_NAME                 = (CERT_COMPARE_NAME<<CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
+	CERT_FIND_ISSUER_ATTR                 = (CERT_COMPARE_ATTR<<CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
+	CERT_FIND_SUBJECT_STR_A               = (CERT_COMPARE_NAME_STR_A<<CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
+	CERT_FIND_SUBJECT_STR_W               = (CERT_COMPARE_NAME_STR_W<<CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
+	CERT_FIND_SUBJECT_STR                 = CERT_FIND_SUBJECT_STR_W
+	CERT_FIND_ISSUER_STR_A                = (CERT_COMPARE_NAME_STR_A<<CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
+	CERT_FIND_ISSUER_STR_W                = (CERT_COMPARE_NAME_STR_W<<CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
+	CERT_FIND_ISSUER_STR                  = CERT_FIND_ISSUER_STR_W
+	CERT_FIND_KEY_SPEC                    = (CERT_COMPARE_KEY_SPEC << CERT_COMPARE_SHIFT)
+	CERT_FIND_ENHKEY_USAGE                = (CERT_COMPARE_ENHKEY_USAGE << CERT_COMPARE_SHIFT)
+	CERT_FIND_CTL_USAGE                   = CERT_FIND_ENHKEY_USAGE
+	CERT_FIND_SUBJECT_CERT                = (CERT_COMPARE_SUBJECT_CERT << CERT_COMPARE_SHIFT)
+	CERT_FIND_ISSUER_OF                   = (CERT_COMPARE_ISSUER_OF << CERT_COMPARE_SHIFT)
+	CERT_FIND_EXISTING                    = (CERT_COMPARE_EXISTING << CERT_COMPARE_SHIFT)
+	CERT_FIND_CERT_ID                     = (CERT_COMPARE_CERT_ID << CERT_COMPARE_SHIFT)
+	CERT_FIND_CROSS_CERT_DIST_POINTS      = (CERT_COMPARE_CROSS_CERT_DIST_POINTS << CERT_COMPARE_SHIFT)
+	CERT_FIND_PUBKEY_MD5_HASH             = (CERT_COMPARE_PUBKEY_MD5_HASH << CERT_COMPARE_SHIFT)
+	CERT_FIND_SUBJECT_INFO_ACCESS         = (CERT_COMPARE_SUBJECT_INFO_ACCESS << CERT_COMPARE_SHIFT)
+	CERT_FIND_HASH_STR                    = (CERT_COMPARE_HASH_STR << CERT_COMPARE_SHIFT)
+	CERT_FIND_HAS_PRIVATE_KEY             = (CERT_COMPARE_HAS_PRIVATE_KEY << CERT_COMPARE_SHIFT)
+	CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG  = 0x1
+	CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG  = 0x2
+	CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG = 0x4
+	CERT_FIND_NO_ENHKEY_USAGE_FLAG        = 0x8
+	CERT_FIND_OR_ENHKEY_USAGE_FLAG        = 0x10
+	CERT_FIND_VALID_ENHKEY_USAGE_FLAG     = 0x20
+	CERT_FIND_OPTIONAL_CTL_USAGE_FLAG     = CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG
+	CERT_FIND_EXT_ONLY_CTL_USAGE_FLAG     = CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG
+	CERT_FIND_PROP_ONLY_CTL_USAGE_FLAG    = CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG
+	CERT_FIND_NO_CTL_USAGE_FLAG           = CERT_FIND_NO_ENHKEY_USAGE_FLAG
+	CERT_FIND_OR_CTL_USAGE_FLAG           = CERT_FIND_OR_ENHKEY_USAGE_FLAG
+	CERT_FIND_VALID_CTL_USAGE_FLAG        = CERT_FIND_VALID_ENHKEY_USAGE_FLAG
+
+	/* policyOID values for CertVerifyCertificateChainPolicy function */
+	CERT_CHAIN_POLICY_BASE              = 1
+	CERT_CHAIN_POLICY_AUTHENTICODE      = 2
+	CERT_CHAIN_POLICY_AUTHENTICODE_TS   = 3
+	CERT_CHAIN_POLICY_SSL               = 4
+	CERT_CHAIN_POLICY_BASIC_CONSTRAINTS = 5
+	CERT_CHAIN_POLICY_NT_AUTH           = 6
+	CERT_CHAIN_POLICY_MICROSOFT_ROOT    = 7
+	CERT_CHAIN_POLICY_EV                = 8
+	CERT_CHAIN_POLICY_SSL_F12           = 9
+
+	/* flag for dwFindType CertFindChainInStore  */
+	CERT_CHAIN_FIND_BY_ISSUER = 1
+
+	/* dwFindFlags for CertFindChainInStore when dwFindType == CERT_CHAIN_FIND_BY_ISSUER */
+	CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG    = 0x0001
+	CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG  = 0x0002
+	CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG = 0x0004
+	CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG  = 0x0008
+	CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG         = 0x4000
+	CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG     = 0x8000
+
+	/* Certificate Store close flags */
+	CERT_CLOSE_STORE_FORCE_FLAG = 0x00000001
+	CERT_CLOSE_STORE_CHECK_FLAG = 0x00000002
+
+	/* CryptQueryObject object type */
+	CERT_QUERY_OBJECT_FILE = 1
+	CERT_QUERY_OBJECT_BLOB = 2
+
+	/* CryptQueryObject content type flags */
+	CERT_QUERY_CONTENT_CERT                    = 1
+	CERT_QUERY_CONTENT_CTL                     = 2
+	CERT_QUERY_CONTENT_CRL                     = 3
+	CERT_QUERY_CONTENT_SERIALIZED_STORE        = 4
+	CERT_QUERY_CONTENT_SERIALIZED_CERT         = 5
+	CERT_QUERY_CONTENT_SERIALIZED_CTL          = 6
+	CERT_QUERY_CONTENT_SERIALIZED_CRL          = 7
+	CERT_QUERY_CONTENT_PKCS7_SIGNED            = 8
+	CERT_QUERY_CONTENT_PKCS7_UNSIGNED          = 9
+	CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED      = 10
+	CERT_QUERY_CONTENT_PKCS10                  = 11
+	CERT_QUERY_CONTENT_PFX                     = 12
+	CERT_QUERY_CONTENT_CERT_PAIR               = 13
+	CERT_QUERY_CONTENT_PFX_AND_LOAD            = 14
+	CERT_QUERY_CONTENT_FLAG_CERT               = (1 << CERT_QUERY_CONTENT_CERT)
+	CERT_QUERY_CONTENT_FLAG_CTL                = (1 << CERT_QUERY_CONTENT_CTL)
+	CERT_QUERY_CONTENT_FLAG_CRL                = (1 << CERT_QUERY_CONTENT_CRL)
+	CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE   = (1 << CERT_QUERY_CONTENT_SERIALIZED_STORE)
+	CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT    = (1 << CERT_QUERY_CONTENT_SERIALIZED_CERT)
+	CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL     = (1 << CERT_QUERY_CONTENT_SERIALIZED_CTL)
+	CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL     = (1 << CERT_QUERY_CONTENT_SERIALIZED_CRL)
+	CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED       = (1 << CERT_QUERY_CONTENT_PKCS7_SIGNED)
+	CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED     = (1 << CERT_QUERY_CONTENT_PKCS7_UNSIGNED)
+	CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED = (1 << CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED)
+	CERT_QUERY_CONTENT_FLAG_PKCS10             = (1 << CERT_QUERY_CONTENT_PKCS10)
+	CERT_QUERY_CONTENT_FLAG_PFX                = (1 << CERT_QUERY_CONTENT_PFX)
+	CERT_QUERY_CONTENT_FLAG_CERT_PAIR          = (1 << CERT_QUERY_CONTENT_CERT_PAIR)
+	CERT_QUERY_CONTENT_FLAG_PFX_AND_LOAD       = (1 << CERT_QUERY_CONTENT_PFX_AND_LOAD)
+	CERT_QUERY_CONTENT_FLAG_ALL                = (CERT_QUERY_CONTENT_FLAG_CERT | CERT_QUERY_CONTENT_FLAG_CTL | CERT_QUERY_CONTENT_FLAG_CRL | CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED | CERT_QUERY_CONTENT_FLAG_PKCS10 | CERT_QUERY_CONTENT_FLAG_PFX | CERT_QUERY_CONTENT_FLAG_CERT_PAIR)
+	CERT_QUERY_CONTENT_FLAG_ALL_ISSUER_CERT    = (CERT_QUERY_CONTENT_FLAG_CERT | CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED)
+
+	/* CryptQueryObject format type flags */
+	CERT_QUERY_FORMAT_BINARY                     = 1
+	CERT_QUERY_FORMAT_BASE64_ENCODED             = 2
+	CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED      = 3
+	CERT_QUERY_FORMAT_FLAG_BINARY                = (1 << CERT_QUERY_FORMAT_BINARY)
+	CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED        = (1 << CERT_QUERY_FORMAT_BASE64_ENCODED)
+	CERT_QUERY_FORMAT_FLAG_ASN_ASCII_HEX_ENCODED = (1 << CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED)
+	CERT_QUERY_FORMAT_FLAG_ALL                   = (CERT_QUERY_FORMAT_FLAG_BINARY | CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED | CERT_QUERY_FORMAT_FLAG_ASN_ASCII_HEX_ENCODED)
+
+	/* CertGetNameString name types */
+	CERT_NAME_EMAIL_TYPE            = 1
+	CERT_NAME_RDN_TYPE              = 2
+	CERT_NAME_ATTR_TYPE             = 3
+	CERT_NAME_SIMPLE_DISPLAY_TYPE   = 4
+	CERT_NAME_FRIENDLY_DISPLAY_TYPE = 5
+	CERT_NAME_DNS_TYPE              = 6
+	CERT_NAME_URL_TYPE              = 7
+	CERT_NAME_UPN_TYPE              = 8
+
+	/* CertGetNameString flags */
+	CERT_NAME_ISSUER_FLAG              = 0x1
+	CERT_NAME_DISABLE_IE4_UTF8_FLAG    = 0x10000
+	CERT_NAME_SEARCH_ALL_NAMES_FLAG    = 0x2
+	CERT_NAME_STR_ENABLE_PUNYCODE_FLAG = 0x00200000
+
+	/* AuthType values for SSLExtraCertChainPolicyPara struct */
+	AUTHTYPE_CLIENT = 1
+	AUTHTYPE_SERVER = 2
+
+	/* Checks values for SSLExtraCertChainPolicyPara struct */
+	SECURITY_FLAG_IGNORE_REVOCATION        = 0x00000080
+	SECURITY_FLAG_IGNORE_UNKNOWN_CA        = 0x00000100
+	SECURITY_FLAG_IGNORE_WRONG_USAGE       = 0x00000200
+	SECURITY_FLAG_IGNORE_CERT_CN_INVALID   = 0x00001000
+	SECURITY_FLAG_IGNORE_CERT_DATE_INVALID = 0x00002000
+
+	/* Flags for Crypt[Un]ProtectData */
+	CRYPTPROTECT_UI_FORBIDDEN      = 0x1
+	CRYPTPROTECT_LOCAL_MACHINE     = 0x4
+	CRYPTPROTECT_CRED_SYNC         = 0x8
+	CRYPTPROTECT_AUDIT             = 0x10
+	CRYPTPROTECT_NO_RECOVERY       = 0x20
+	CRYPTPROTECT_VERIFY_PROTECTION = 0x40
+	CRYPTPROTECT_CRED_REGENERATE   = 0x80
+
+	/* Flags for CryptProtectPromptStruct */
+	CRYPTPROTECT_PROMPT_ON_UNPROTECT   = 1
+	CRYPTPROTECT_PROMPT_ON_PROTECT     = 2
+	CRYPTPROTECT_PROMPT_RESERVED       = 4
+	CRYPTPROTECT_PROMPT_STRONG         = 8
+	CRYPTPROTECT_PROMPT_REQUIRE_STRONG = 16
+)
+
+const (
+	// flags for SetErrorMode
+	SEM_FAILCRITICALERRORS     = 0x0001
+	SEM_NOALIGNMENTFAULTEXCEPT = 0x0004
+	SEM_NOGPFAULTERRORBOX      = 0x0002
+	SEM_NOOPENFILEERRORBOX     = 0x8000
+)
+
+const (
+	// Priority class.
+	ABOVE_NORMAL_PRIORITY_CLASS   = 0x00008000
+	BELOW_NORMAL_PRIORITY_CLASS   = 0x00004000
+	HIGH_PRIORITY_CLASS           = 0x00000080
+	IDLE_PRIORITY_CLASS           = 0x00000040
+	NORMAL_PRIORITY_CLASS         = 0x00000020
+	PROCESS_MODE_BACKGROUND_BEGIN = 0x00100000
+	PROCESS_MODE_BACKGROUND_END   = 0x00200000
+	REALTIME_PRIORITY_CLASS       = 0x00000100
+)
+
+/* wintrust.h constants for WinVerifyTrustEx */
+const (
+	WTD_UI_ALL    = 1
+	WTD_UI_NONE   = 2
+	WTD_UI_NOBAD  = 3
+	WTD_UI_NOGOOD = 4
+
+	WTD_REVOKE_NONE       = 0
+	WTD_REVOKE_WHOLECHAIN = 1
+
+	WTD_CHOICE_FILE    = 1
+	WTD_CHOICE_CATALOG = 2
+	WTD_CHOICE_BLOB    = 3
+	WTD_CHOICE_SIGNER  = 4
+	WTD_CHOICE_CERT    = 5
+
+	WTD_STATEACTION_IGNORE           = 0x00000000
+	WTD_STATEACTION_VERIFY           = 0x00000001
+	WTD_STATEACTION_CLOSE            = 0x00000002
+	WTD_STATEACTION_AUTO_CACHE       = 0x00000003
+	WTD_STATEACTION_AUTO_CACHE_FLUSH = 0x00000004
+
+	WTD_USE_IE4_TRUST_FLAG                  = 0x1
+	WTD_NO_IE4_CHAIN_FLAG                   = 0x2
+	WTD_NO_POLICY_USAGE_FLAG                = 0x4
+	WTD_REVOCATION_CHECK_NONE               = 0x10
+	WTD_REVOCATION_CHECK_END_CERT           = 0x20
+	WTD_REVOCATION_CHECK_CHAIN              = 0x40
+	WTD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT = 0x80
+	WTD_SAFER_FLAG                          = 0x100
+	WTD_HASH_ONLY_FLAG                      = 0x200
+	WTD_USE_DEFAULT_OSVER_CHECK             = 0x400
+	WTD_LIFETIME_SIGNING_FLAG               = 0x800
+	WTD_CACHE_ONLY_URL_RETRIEVAL            = 0x1000
+	WTD_DISABLE_MD2_MD4                     = 0x2000
+	WTD_MOTW                                = 0x4000
+
+	WTD_UICONTEXT_EXECUTE = 0
+	WTD_UICONTEXT_INSTALL = 1
+)
+
+var (
+	OID_PKIX_KP_SERVER_AUTH = []byte("1.3.6.1.5.5.7.3.1\x00")
+	OID_SERVER_GATED_CRYPTO = []byte("1.3.6.1.4.1.311.10.3.3\x00")
+	OID_SGC_NETSCAPE        = []byte("2.16.840.1.113730.4.1\x00")
+
+	WINTRUST_ACTION_GENERIC_VERIFY_V2 = GUID{
+		Data1: 0xaac56b,
+		Data2: 0xcd44,
+		Data3: 0x11d0,
+		Data4: [8]byte{0x8c, 0xc2, 0x0, 0xc0, 0x4f, 0xc2, 0x95, 0xee},
+	}
+)
+
+// Pointer represents a pointer to an arbitrary Windows type.
+//
+// Pointer-typed fields may point to one of many different types. It's
+// up to the caller to provide a pointer to the appropriate type, cast
+// to Pointer. The caller must obey the unsafe.Pointer rules while
+// doing so.
+type Pointer *struct{}
+
+// Invented values to support what package os expects.
+type Timeval struct {
+	Sec  int32
+	Usec int32
+}
+
+func (tv *Timeval) Nanoseconds() int64 {
+	return (int64(tv.Sec)*1e6 + int64(tv.Usec)) * 1e3
+}
+
+func NsecToTimeval(nsec int64) (tv Timeval) {
+	tv.Sec = int32(nsec / 1e9)
+	tv.Usec = int32(nsec % 1e9 / 1e3)
+	return
+}
+
+type Overlapped struct {
+	Internal     uintptr
+	InternalHigh uintptr
+	Offset       uint32
+	OffsetHigh   uint32
+	HEvent       Handle
+}
+
+type FileNotifyInformation struct {
+	NextEntryOffset uint32
+	Action          uint32
+	FileNameLength  uint32
+	FileName        uint16
+}
+
+type Filetime struct {
+	LowDateTime  uint32
+	HighDateTime uint32
+}
+
+// Nanoseconds returns Filetime ft in nanoseconds
+// since Epoch (00:00:00 UTC, January 1, 1970).
+func (ft *Filetime) Nanoseconds() int64 {
+	// 100-nanosecond intervals since January 1, 1601
+	nsec := int64(ft.HighDateTime)<<32 + int64(ft.LowDateTime)
+	// change starting time to the Epoch (00:00:00 UTC, January 1, 1970)
+	nsec -= 116444736000000000
+	// convert into nanoseconds
+	nsec *= 100
+	return nsec
+}
+
+func NsecToFiletime(nsec int64) (ft Filetime) {
+	// convert into 100-nanosecond
+	nsec /= 100
+	// change starting time to January 1, 1601
+	nsec += 116444736000000000
+	// split into high / low
+	ft.LowDateTime = uint32(nsec & 0xffffffff)
+	ft.HighDateTime = uint32(nsec >> 32 & 0xffffffff)
+	return ft
+}
+
+type Win32finddata struct {
+	FileAttributes    uint32
+	CreationTime      Filetime
+	LastAccessTime    Filetime
+	LastWriteTime     Filetime
+	FileSizeHigh      uint32
+	FileSizeLow       uint32
+	Reserved0         uint32
+	Reserved1         uint32
+	FileName          [MAX_PATH - 1]uint16
+	AlternateFileName [13]uint16
+}
+
+// This is the actual system call structure.
+// Win32finddata is what we committed to in Go 1.
+type win32finddata1 struct {
+	FileAttributes    uint32
+	CreationTime      Filetime
+	LastAccessTime    Filetime
+	LastWriteTime     Filetime
+	FileSizeHigh      uint32
+	FileSizeLow       uint32
+	Reserved0         uint32
+	Reserved1         uint32
+	FileName          [MAX_PATH]uint16
+	AlternateFileName [14]uint16
+
+	// The Microsoft documentation for this struct¹ describes three additional
+	// fields: dwFileType, dwCreatorType, and wFinderFlags. However, those fields
+	// are empirically only present in the macOS port of the Win32 API,² and thus
+	// not needed for binaries built for Windows.
+	//
+	// ¹ https://docs.microsoft.com/en-us/windows/win32/api/minwinbase/ns-minwinbase-win32_find_dataw describe
+	// ² https://golang.org/issue/42637#issuecomment-760715755.
+}
+
+func copyFindData(dst *Win32finddata, src *win32finddata1) {
+	dst.FileAttributes = src.FileAttributes
+	dst.CreationTime = src.CreationTime
+	dst.LastAccessTime = src.LastAccessTime
+	dst.LastWriteTime = src.LastWriteTime
+	dst.FileSizeHigh = src.FileSizeHigh
+	dst.FileSizeLow = src.FileSizeLow
+	dst.Reserved0 = src.Reserved0
+	dst.Reserved1 = src.Reserved1
+
+	// The src is 1 element bigger than dst, but it must be NUL.
+	copy(dst.FileName[:], src.FileName[:])
+	copy(dst.AlternateFileName[:], src.AlternateFileName[:])
+}
+
+type ByHandleFileInformation struct {
+	FileAttributes     uint32
+	CreationTime       Filetime
+	LastAccessTime     Filetime
+	LastWriteTime      Filetime
+	VolumeSerialNumber uint32
+	FileSizeHigh       uint32
+	FileSizeLow        uint32
+	NumberOfLinks      uint32
+	FileIndexHigh      uint32
+	FileIndexLow       uint32
+}
+
+const (
+	GetFileExInfoStandard = 0
+	GetFileExMaxInfoLevel = 1
+)
+
+type Win32FileAttributeData struct {
+	FileAttributes uint32
+	CreationTime   Filetime
+	LastAccessTime Filetime
+	LastWriteTime  Filetime
+	FileSizeHigh   uint32
+	FileSizeLow    uint32
+}
+
+// ShowWindow constants
+const (
+	// winuser.h
+	SW_HIDE            = 0
+	SW_NORMAL          = 1
+	SW_SHOWNORMAL      = 1
+	SW_SHOWMINIMIZED   = 2
+	SW_SHOWMAXIMIZED   = 3
+	SW_MAXIMIZE        = 3
+	SW_SHOWNOACTIVATE  = 4
+	SW_SHOW            = 5
+	SW_MINIMIZE        = 6
+	SW_SHOWMINNOACTIVE = 7
+	SW_SHOWNA          = 8
+	SW_RESTORE         = 9
+	SW_SHOWDEFAULT     = 10
+	SW_FORCEMINIMIZE   = 11
+)
+
+type StartupInfo struct {
+	Cb            uint32
+	_             *uint16
+	Desktop       *uint16
+	Title         *uint16
+	X             uint32
+	Y             uint32
+	XSize         uint32
+	YSize         uint32
+	XCountChars   uint32
+	YCountChars   uint32
+	FillAttribute uint32
+	Flags         uint32
+	ShowWindow    uint16
+	_             uint16
+	_             *byte
+	StdInput      Handle
+	StdOutput     Handle
+	StdErr        Handle
+}
+
+type StartupInfoEx struct {
+	StartupInfo
+	ProcThreadAttributeList *ProcThreadAttributeList
+}
+
+// ProcThreadAttributeList is a placeholder type to represent a PROC_THREAD_ATTRIBUTE_LIST.
+//
+// To create a *ProcThreadAttributeList, use NewProcThreadAttributeList, update
+// it with ProcThreadAttributeListContainer.Update, free its memory using
+// ProcThreadAttributeListContainer.Delete, and access the list itself using
+// ProcThreadAttributeListContainer.List.
+type ProcThreadAttributeList struct{}
+
+type ProcThreadAttributeListContainer struct {
+	data     *ProcThreadAttributeList
+	pointers []unsafe.Pointer
+}
+
+type ProcessInformation struct {
+	Process   Handle
+	Thread    Handle
+	ProcessId uint32
+	ThreadId  uint32
+}
+
+type ProcessEntry32 struct {
+	Size            uint32
+	Usage           uint32
+	ProcessID       uint32
+	DefaultHeapID   uintptr
+	ModuleID        uint32
+	Threads         uint32
+	ParentProcessID uint32
+	PriClassBase    int32
+	Flags           uint32
+	ExeFile         [MAX_PATH]uint16
+}
+
+type ThreadEntry32 struct {
+	Size           uint32
+	Usage          uint32
+	ThreadID       uint32
+	OwnerProcessID uint32
+	BasePri        int32
+	DeltaPri       int32
+	Flags          uint32
+}
+
+type ModuleEntry32 struct {
+	Size         uint32
+	ModuleID     uint32
+	ProcessID    uint32
+	GlblcntUsage uint32
+	ProccntUsage uint32
+	ModBaseAddr  uintptr
+	ModBaseSize  uint32
+	ModuleHandle Handle
+	Module       [MAX_MODULE_NAME32 + 1]uint16
+	ExePath      [MAX_PATH]uint16
+}
+
+const SizeofModuleEntry32 = unsafe.Sizeof(ModuleEntry32{})
+
+type Systemtime struct {
+	Year         uint16
+	Month        uint16
+	DayOfWeek    uint16
+	Day          uint16
+	Hour         uint16
+	Minute       uint16
+	Second       uint16
+	Milliseconds uint16
+}
+
+type Timezoneinformation struct {
+	Bias         int32
+	StandardName [32]uint16
+	StandardDate Systemtime
+	StandardBias int32
+	DaylightName [32]uint16
+	DaylightDate Systemtime
+	DaylightBias int32
+}
+
+// Socket related.
+
+const (
+	AF_UNSPEC  = 0
+	AF_UNIX    = 1
+	AF_INET    = 2
+	AF_NETBIOS = 17
+	AF_INET6   = 23
+	AF_IRDA    = 26
+	AF_BTH     = 32
+
+	SOCK_STREAM    = 1
+	SOCK_DGRAM     = 2
+	SOCK_RAW       = 3
+	SOCK_RDM       = 4
+	SOCK_SEQPACKET = 5
+
+	IPPROTO_IP      = 0
+	IPPROTO_ICMP    = 1
+	IPPROTO_IGMP    = 2
+	BTHPROTO_RFCOMM = 3
+	IPPROTO_TCP     = 6
+	IPPROTO_UDP     = 17
+	IPPROTO_IPV6    = 41
+	IPPROTO_ICMPV6  = 58
+	IPPROTO_RM      = 113
+
+	SOL_SOCKET                = 0xffff
+	SO_REUSEADDR              = 4
+	SO_KEEPALIVE              = 8
+	SO_DONTROUTE              = 16
+	SO_BROADCAST              = 32
+	SO_LINGER                 = 128
+	SO_RCVBUF                 = 0x1002
+	SO_RCVTIMEO               = 0x1006
+	SO_SNDBUF                 = 0x1001
+	SO_UPDATE_ACCEPT_CONTEXT  = 0x700b
+	SO_UPDATE_CONNECT_CONTEXT = 0x7010
+
+	IOC_OUT                            = 0x40000000
+	IOC_IN                             = 0x80000000
+	IOC_VENDOR                         = 0x18000000
+	IOC_INOUT                          = IOC_IN | IOC_OUT
+	IOC_WS2                            = 0x08000000
+	SIO_GET_EXTENSION_FUNCTION_POINTER = IOC_INOUT | IOC_WS2 | 6
+	SIO_KEEPALIVE_VALS                 = IOC_IN | IOC_VENDOR | 4
+	SIO_UDP_CONNRESET                  = IOC_IN | IOC_VENDOR | 12
+	SIO_UDP_NETRESET                   = IOC_IN | IOC_VENDOR | 15
+
+	// cf. http://support.microsoft.com/default.aspx?scid=kb;en-us;257460
+
+	IP_HDRINCL         = 0x2
+	IP_TOS             = 0x3
+	IP_TTL             = 0x4
+	IP_MULTICAST_IF    = 0x9
+	IP_MULTICAST_TTL   = 0xa
+	IP_MULTICAST_LOOP  = 0xb
+	IP_ADD_MEMBERSHIP  = 0xc
+	IP_DROP_MEMBERSHIP = 0xd
+	IP_PKTINFO         = 0x13
+
+	IPV6_V6ONLY         = 0x1b
+	IPV6_UNICAST_HOPS   = 0x4
+	IPV6_MULTICAST_IF   = 0x9
+	IPV6_MULTICAST_HOPS = 0xa
+	IPV6_MULTICAST_LOOP = 0xb
+	IPV6_JOIN_GROUP     = 0xc
+	IPV6_LEAVE_GROUP    = 0xd
+	IPV6_PKTINFO        = 0x13
+
+	MSG_OOB       = 0x1
+	MSG_PEEK      = 0x2
+	MSG_DONTROUTE = 0x4
+	MSG_WAITALL   = 0x8
+
+	MSG_TRUNC  = 0x0100
+	MSG_CTRUNC = 0x0200
+	MSG_BCAST  = 0x0400
+	MSG_MCAST  = 0x0800
+
+	SOMAXCONN = 0x7fffffff
+
+	TCP_NODELAY                    = 1
+	TCP_EXPEDITED_1122             = 2
+	TCP_KEEPALIVE                  = 3
+	TCP_MAXSEG                     = 4
+	TCP_MAXRT                      = 5
+	TCP_STDURG                     = 6
+	TCP_NOURG                      = 7
+	TCP_ATMARK                     = 8
+	TCP_NOSYNRETRIES               = 9
+	TCP_TIMESTAMPS                 = 10
+	TCP_OFFLOAD_PREFERENCE         = 11
+	TCP_CONGESTION_ALGORITHM       = 12
+	TCP_DELAY_FIN_ACK              = 13
+	TCP_MAXRTMS                    = 14
+	TCP_FASTOPEN                   = 15
+	TCP_KEEPCNT                    = 16
+	TCP_KEEPIDLE                   = TCP_KEEPALIVE
+	TCP_KEEPINTVL                  = 17
+	TCP_FAIL_CONNECT_ON_ICMP_ERROR = 18
+	TCP_ICMP_ERROR_INFO            = 19
+
+	UDP_NOCHECKSUM              = 1
+	UDP_SEND_MSG_SIZE           = 2
+	UDP_RECV_MAX_COALESCED_SIZE = 3
+	UDP_CHECKSUM_COVERAGE       = 20
+
+	UDP_COALESCED_INFO = 3
+
+	SHUT_RD   = 0
+	SHUT_WR   = 1
+	SHUT_RDWR = 2
+
+	WSADESCRIPTION_LEN = 256
+	WSASYS_STATUS_LEN  = 128
+)
+
+type WSABuf struct {
+	Len uint32
+	Buf *byte
+}
+
+type WSAMsg struct {
+	Name        *syscall.RawSockaddrAny
+	Namelen     int32
+	Buffers     *WSABuf
+	BufferCount uint32
+	Control     WSABuf
+	Flags       uint32
+}
+
+// Flags for WSASocket
+const (
+	WSA_FLAG_OVERLAPPED             = 0x01
+	WSA_FLAG_MULTIPOINT_C_ROOT      = 0x02
+	WSA_FLAG_MULTIPOINT_C_LEAF      = 0x04
+	WSA_FLAG_MULTIPOINT_D_ROOT      = 0x08
+	WSA_FLAG_MULTIPOINT_D_LEAF      = 0x10
+	WSA_FLAG_ACCESS_SYSTEM_SECURITY = 0x40
+	WSA_FLAG_NO_HANDLE_INHERIT      = 0x80
+	WSA_FLAG_REGISTERED_IO          = 0x100
+)
+
+// Invented values to support what package os expects.
+const (
+	S_IFMT   = 0x1f000
+	S_IFIFO  = 0x1000
+	S_IFCHR  = 0x2000
+	S_IFDIR  = 0x4000
+	S_IFBLK  = 0x6000
+	S_IFREG  = 0x8000
+	S_IFLNK  = 0xa000
+	S_IFSOCK = 0xc000
+	S_ISUID  = 0x800
+	S_ISGID  = 0x400
+	S_ISVTX  = 0x200
+	S_IRUSR  = 0x100
+	S_IWRITE = 0x80
+	S_IWUSR  = 0x80
+	S_IXUSR  = 0x40
+)
+
+const (
+	FILE_TYPE_CHAR    = 0x0002
+	FILE_TYPE_DISK    = 0x0001
+	FILE_TYPE_PIPE    = 0x0003
+	FILE_TYPE_REMOTE  = 0x8000
+	FILE_TYPE_UNKNOWN = 0x0000
+)
+
+type Hostent struct {
+	Name     *byte
+	Aliases  **byte
+	AddrType uint16
+	Length   uint16
+	AddrList **byte
+}
+
+type Protoent struct {
+	Name    *byte
+	Aliases **byte
+	Proto   uint16
+}
+
+const (
+	DNS_TYPE_A       = 0x0001
+	DNS_TYPE_NS      = 0x0002
+	DNS_TYPE_MD      = 0x0003
+	DNS_TYPE_MF      = 0x0004
+	DNS_TYPE_CNAME   = 0x0005
+	DNS_TYPE_SOA     = 0x0006
+	DNS_TYPE_MB      = 0x0007
+	DNS_TYPE_MG      = 0x0008
+	DNS_TYPE_MR      = 0x0009
+	DNS_TYPE_NULL    = 0x000a
+	DNS_TYPE_WKS     = 0x000b
+	DNS_TYPE_PTR     = 0x000c
+	DNS_TYPE_HINFO   = 0x000d
+	DNS_TYPE_MINFO   = 0x000e
+	DNS_TYPE_MX      = 0x000f
+	DNS_TYPE_TEXT    = 0x0010
+	DNS_TYPE_RP      = 0x0011
+	DNS_TYPE_AFSDB   = 0x0012
+	DNS_TYPE_X25     = 0x0013
+	DNS_TYPE_ISDN    = 0x0014
+	DNS_TYPE_RT      = 0x0015
+	DNS_TYPE_NSAP    = 0x0016
+	DNS_TYPE_NSAPPTR = 0x0017
+	DNS_TYPE_SIG     = 0x0018
+	DNS_TYPE_KEY     = 0x0019
+	DNS_TYPE_PX      = 0x001a
+	DNS_TYPE_GPOS    = 0x001b
+	DNS_TYPE_AAAA    = 0x001c
+	DNS_TYPE_LOC     = 0x001d
+	DNS_TYPE_NXT     = 0x001e
+	DNS_TYPE_EID     = 0x001f
+	DNS_TYPE_NIMLOC  = 0x0020
+	DNS_TYPE_SRV     = 0x0021
+	DNS_TYPE_ATMA    = 0x0022
+	DNS_TYPE_NAPTR   = 0x0023
+	DNS_TYPE_KX      = 0x0024
+	DNS_TYPE_CERT    = 0x0025
+	DNS_TYPE_A6      = 0x0026
+	DNS_TYPE_DNAME   = 0x0027
+	DNS_TYPE_SINK    = 0x0028
+	DNS_TYPE_OPT     = 0x0029
+	DNS_TYPE_DS      = 0x002B
+	DNS_TYPE_RRSIG   = 0x002E
+	DNS_TYPE_NSEC    = 0x002F
+	DNS_TYPE_DNSKEY  = 0x0030
+	DNS_TYPE_DHCID   = 0x0031
+	DNS_TYPE_UINFO   = 0x0064
+	DNS_TYPE_UID     = 0x0065
+	DNS_TYPE_GID     = 0x0066
+	DNS_TYPE_UNSPEC  = 0x0067
+	DNS_TYPE_ADDRS   = 0x00f8
+	DNS_TYPE_TKEY    = 0x00f9
+	DNS_TYPE_TSIG    = 0x00fa
+	DNS_TYPE_IXFR    = 0x00fb
+	DNS_TYPE_AXFR    = 0x00fc
+	DNS_TYPE_MAILB   = 0x00fd
+	DNS_TYPE_MAILA   = 0x00fe
+	DNS_TYPE_ALL     = 0x00ff
+	DNS_TYPE_ANY     = 0x00ff
+	DNS_TYPE_WINS    = 0xff01
+	DNS_TYPE_WINSR   = 0xff02
+	DNS_TYPE_NBSTAT  = 0xff01
+)
+
+const (
+	// flags inside DNSRecord.Dw
+	DnsSectionQuestion   = 0x0000
+	DnsSectionAnswer     = 0x0001
+	DnsSectionAuthority  = 0x0002
+	DnsSectionAdditional = 0x0003
+)
+
+const (
+	// flags of WSALookupService
+	LUP_DEEP                = 0x0001
+	LUP_CONTAINERS          = 0x0002
+	LUP_NOCONTAINERS        = 0x0004
+	LUP_NEAREST             = 0x0008
+	LUP_RETURN_NAME         = 0x0010
+	LUP_RETURN_TYPE         = 0x0020
+	LUP_RETURN_VERSION      = 0x0040
+	LUP_RETURN_COMMENT      = 0x0080
+	LUP_RETURN_ADDR         = 0x0100
+	LUP_RETURN_BLOB         = 0x0200
+	LUP_RETURN_ALIASES      = 0x0400
+	LUP_RETURN_QUERY_STRING = 0x0800
+	LUP_RETURN_ALL          = 0x0FF0
+	LUP_RES_SERVICE         = 0x8000
+
+	LUP_FLUSHCACHE    = 0x1000
+	LUP_FLUSHPREVIOUS = 0x2000
+
+	LUP_NON_AUTHORITATIVE      = 0x4000
+	LUP_SECURE                 = 0x8000
+	LUP_RETURN_PREFERRED_NAMES = 0x10000
+	LUP_DNS_ONLY               = 0x20000
+
+	LUP_ADDRCONFIG           = 0x100000
+	LUP_DUAL_ADDR            = 0x200000
+	LUP_FILESERVER           = 0x400000
+	LUP_DISABLE_IDN_ENCODING = 0x00800000
+	LUP_API_ANSI             = 0x01000000
+
+	LUP_RESOLUTION_HANDLE = 0x80000000
+)
+
+const (
+	// values of WSAQUERYSET's namespace
+	NS_ALL       = 0
+	NS_DNS       = 12
+	NS_NLA       = 15
+	NS_BTH       = 16
+	NS_EMAIL     = 37
+	NS_PNRPNAME  = 38
+	NS_PNRPCLOUD = 39
+)
+
+type DNSSRVData struct {
+	Target   *uint16
+	Priority uint16
+	Weight   uint16
+	Port     uint16
+	Pad      uint16
+}
+
+type DNSPTRData struct {
+	Host *uint16
+}
+
+type DNSMXData struct {
+	NameExchange *uint16
+	Preference   uint16
+	Pad          uint16
+}
+
+type DNSTXTData struct {
+	StringCount uint16
+	StringArray [1]*uint16
+}
+
+type DNSRecord struct {
+	Next     *DNSRecord
+	Name     *uint16
+	Type     uint16
+	Length   uint16
+	Dw       uint32
+	Ttl      uint32
+	Reserved uint32
+	Data     [40]byte
+}
+
+const (
+	TF_DISCONNECT         = 1
+	TF_REUSE_SOCKET       = 2
+	TF_WRITE_BEHIND       = 4
+	TF_USE_DEFAULT_WORKER = 0
+	TF_USE_SYSTEM_THREAD  = 16
+	TF_USE_KERNEL_APC     = 32
+)
+
+type TransmitFileBuffers struct {
+	Head       uintptr
+	HeadLength uint32
+	Tail       uintptr
+	TailLength uint32
+}
+
+const (
+	IFF_UP           = 1
+	IFF_BROADCAST    = 2
+	IFF_LOOPBACK     = 4
+	IFF_POINTTOPOINT = 8
+	IFF_MULTICAST    = 16
+)
+
+const SIO_GET_INTERFACE_LIST = 0x4004747F
+
+// TODO(mattn): SockaddrGen is union of sockaddr/sockaddr_in/sockaddr_in6_old.
+// will be fixed to change variable type as suitable.
+
+type SockaddrGen [24]byte
+
+type InterfaceInfo struct {
+	Flags            uint32
+	Address          SockaddrGen
+	BroadcastAddress SockaddrGen
+	Netmask          SockaddrGen
+}
+
+type IpAddressString struct {
+	String [16]byte
+}
+
+type IpMaskString IpAddressString
+
+type IpAddrString struct {
+	Next      *IpAddrString
+	IpAddress IpAddressString
+	IpMask    IpMaskString
+	Context   uint32
+}
+
+const MAX_ADAPTER_NAME_LENGTH = 256
+const MAX_ADAPTER_DESCRIPTION_LENGTH = 128
+const MAX_ADAPTER_ADDRESS_LENGTH = 8
+
+type IpAdapterInfo struct {
+	Next                *IpAdapterInfo
+	ComboIndex          uint32
+	AdapterName         [MAX_ADAPTER_NAME_LENGTH + 4]byte
+	Description         [MAX_ADAPTER_DESCRIPTION_LENGTH + 4]byte
+	AddressLength       uint32
+	Address             [MAX_ADAPTER_ADDRESS_LENGTH]byte
+	Index               uint32
+	Type                uint32
+	DhcpEnabled         uint32
+	CurrentIpAddress    *IpAddrString
+	IpAddressList       IpAddrString
+	GatewayList         IpAddrString
+	DhcpServer          IpAddrString
+	HaveWins            bool
+	PrimaryWinsServer   IpAddrString
+	SecondaryWinsServer IpAddrString
+	LeaseObtained       int64
+	LeaseExpires        int64
+}
+
+const MAXLEN_PHYSADDR = 8
+const MAX_INTERFACE_NAME_LEN = 256
+const MAXLEN_IFDESCR = 256
+
+type MibIfRow struct {
+	Name            [MAX_INTERFACE_NAME_LEN]uint16
+	Index           uint32
+	Type            uint32
+	Mtu             uint32
+	Speed           uint32
+	PhysAddrLen     uint32
+	PhysAddr        [MAXLEN_PHYSADDR]byte
+	AdminStatus     uint32
+	OperStatus      uint32
+	LastChange      uint32
+	InOctets        uint32
+	InUcastPkts     uint32
+	InNUcastPkts    uint32
+	InDiscards      uint32
+	InErrors        uint32
+	InUnknownProtos uint32
+	OutOctets       uint32
+	OutUcastPkts    uint32
+	OutNUcastPkts   uint32
+	OutDiscards     uint32
+	OutErrors       uint32
+	OutQLen         uint32
+	DescrLen        uint32
+	Descr           [MAXLEN_IFDESCR]byte
+}
+
+type CertInfo struct {
+	Version              uint32
+	SerialNumber         CryptIntegerBlob
+	SignatureAlgorithm   CryptAlgorithmIdentifier
+	Issuer               CertNameBlob
+	NotBefore            Filetime
+	NotAfter             Filetime
+	Subject              CertNameBlob
+	SubjectPublicKeyInfo CertPublicKeyInfo
+	IssuerUniqueId       CryptBitBlob
+	SubjectUniqueId      CryptBitBlob
+	CountExtensions      uint32
+	Extensions           *CertExtension
+}
+
+type CertExtension struct {
+	ObjId    *byte
+	Critical int32
+	Value    CryptObjidBlob
+}
+
+type CryptAlgorithmIdentifier struct {
+	ObjId      *byte
+	Parameters CryptObjidBlob
+}
+
+type CertPublicKeyInfo struct {
+	Algorithm CryptAlgorithmIdentifier
+	PublicKey CryptBitBlob
+}
+
+type DataBlob struct {
+	Size uint32
+	Data *byte
+}
+type CryptIntegerBlob DataBlob
+type CryptUintBlob DataBlob
+type CryptObjidBlob DataBlob
+type CertNameBlob DataBlob
+type CertRdnValueBlob DataBlob
+type CertBlob DataBlob
+type CrlBlob DataBlob
+type CryptDataBlob DataBlob
+type CryptHashBlob DataBlob
+type CryptDigestBlob DataBlob
+type CryptDerBlob DataBlob
+type CryptAttrBlob DataBlob
+
+type CryptBitBlob struct {
+	Size       uint32
+	Data       *byte
+	UnusedBits uint32
+}
+
+type CertContext struct {
+	EncodingType uint32
+	EncodedCert  *byte
+	Length       uint32
+	CertInfo     *CertInfo
+	Store        Handle
+}
+
+type CertChainContext struct {
+	Size                       uint32
+	TrustStatus                CertTrustStatus
+	ChainCount                 uint32
+	Chains                     **CertSimpleChain
+	LowerQualityChainCount     uint32
+	LowerQualityChains         **CertChainContext
+	HasRevocationFreshnessTime uint32
+	RevocationFreshnessTime    uint32
+}
+
+type CertTrustListInfo struct {
+	// Not implemented
+}
+
+type CertSimpleChain struct {
+	Size                       uint32
+	TrustStatus                CertTrustStatus
+	NumElements                uint32
+	Elements                   **CertChainElement
+	TrustListInfo              *CertTrustListInfo
+	HasRevocationFreshnessTime uint32
+	RevocationFreshnessTime    uint32
+}
+
+type CertChainElement struct {
+	Size              uint32
+	CertContext       *CertContext
+	TrustStatus       CertTrustStatus
+	RevocationInfo    *CertRevocationInfo
+	IssuanceUsage     *CertEnhKeyUsage
+	ApplicationUsage  *CertEnhKeyUsage
+	ExtendedErrorInfo *uint16
+}
+
+type CertRevocationCrlInfo struct {
+	// Not implemented
+}
+
+type CertRevocationInfo struct {
+	Size             uint32
+	RevocationResult uint32
+	RevocationOid    *byte
+	OidSpecificInfo  Pointer
+	HasFreshnessTime uint32
+	FreshnessTime    uint32
+	CrlInfo          *CertRevocationCrlInfo
+}
+
+type CertTrustStatus struct {
+	ErrorStatus uint32
+	InfoStatus  uint32
+}
+
+type CertUsageMatch struct {
+	Type  uint32
+	Usage CertEnhKeyUsage
+}
+
+type CertEnhKeyUsage struct {
+	Length           uint32
+	UsageIdentifiers **byte
+}
+
+type CertChainPara struct {
+	Size                         uint32
+	RequestedUsage               CertUsageMatch
+	RequstedIssuancePolicy       CertUsageMatch
+	URLRetrievalTimeout          uint32
+	CheckRevocationFreshnessTime uint32
+	RevocationFreshnessTime      uint32
+	CacheResync                  *Filetime
+}
+
+type CertChainPolicyPara struct {
+	Size            uint32
+	Flags           uint32
+	ExtraPolicyPara Pointer
+}
+
+type SSLExtraCertChainPolicyPara struct {
+	Size       uint32
+	AuthType   uint32
+	Checks     uint32
+	ServerName *uint16
+}
+
+type CertChainPolicyStatus struct {
+	Size              uint32
+	Error             uint32
+	ChainIndex        uint32
+	ElementIndex      uint32
+	ExtraPolicyStatus Pointer
+}
+
+type CertPolicyInfo struct {
+	Identifier      *byte
+	CountQualifiers uint32
+	Qualifiers      *CertPolicyQualifierInfo
+}
+
+type CertPoliciesInfo struct {
+	Count       uint32
+	PolicyInfos *CertPolicyInfo
+}
+
+type CertPolicyQualifierInfo struct {
+	// Not implemented
+}
+
+type CertStrongSignPara struct {
+	Size                      uint32
+	InfoChoice                uint32
+	InfoOrSerializedInfoOrOID unsafe.Pointer
+}
+
+type CryptProtectPromptStruct struct {
+	Size        uint32
+	PromptFlags uint32
+	App         HWND
+	Prompt      *uint16
+}
+
+type CertChainFindByIssuerPara struct {
+	Size                   uint32
+	UsageIdentifier        *byte
+	KeySpec                uint32
+	AcquirePrivateKeyFlags uint32
+	IssuerCount            uint32
+	Issuer                 Pointer
+	FindCallback           Pointer
+	FindArg                Pointer
+	IssuerChainIndex       *uint32
+	IssuerElementIndex     *uint32
+}
+
+type WinTrustData struct {
+	Size                            uint32
+	PolicyCallbackData              uintptr
+	SIPClientData                   uintptr
+	UIChoice                        uint32
+	RevocationChecks                uint32
+	UnionChoice                     uint32
+	FileOrCatalogOrBlobOrSgnrOrCert unsafe.Pointer
+	StateAction                     uint32
+	StateData                       Handle
+	URLReference                    *uint16
+	ProvFlags                       uint32
+	UIContext                       uint32
+	SignatureSettings               *WinTrustSignatureSettings
+}
+
+type WinTrustFileInfo struct {
+	Size         uint32
+	FilePath     *uint16
+	File         Handle
+	KnownSubject *GUID
+}
+
+type WinTrustSignatureSettings struct {
+	Size             uint32
+	Index            uint32
+	Flags            uint32
+	SecondarySigs    uint32
+	VerifiedSigIndex uint32
+	CryptoPolicy     *CertStrongSignPara
+}
+
+const (
+	// do not reorder
+	HKEY_CLASSES_ROOT = 0x80000000 + iota
+	HKEY_CURRENT_USER
+	HKEY_LOCAL_MACHINE
+	HKEY_USERS
+	HKEY_PERFORMANCE_DATA
+	HKEY_CURRENT_CONFIG
+	HKEY_DYN_DATA
+
+	KEY_QUERY_VALUE        = 1
+	KEY_SET_VALUE          = 2
+	KEY_CREATE_SUB_KEY     = 4
+	KEY_ENUMERATE_SUB_KEYS = 8
+	KEY_NOTIFY             = 16
+	KEY_CREATE_LINK        = 32
+	KEY_WRITE              = 0x20006
+	KEY_EXECUTE            = 0x20019
+	KEY_READ               = 0x20019
+	KEY_WOW64_64KEY        = 0x0100
+	KEY_WOW64_32KEY        = 0x0200
+	KEY_ALL_ACCESS         = 0xf003f
+)
+
+const (
+	// do not reorder
+	REG_NONE = iota
+	REG_SZ
+	REG_EXPAND_SZ
+	REG_BINARY
+	REG_DWORD_LITTLE_ENDIAN
+	REG_DWORD_BIG_ENDIAN
+	REG_LINK
+	REG_MULTI_SZ
+	REG_RESOURCE_LIST
+	REG_FULL_RESOURCE_DESCRIPTOR
+	REG_RESOURCE_REQUIREMENTS_LIST
+	REG_QWORD_LITTLE_ENDIAN
+	REG_DWORD = REG_DWORD_LITTLE_ENDIAN
+	REG_QWORD = REG_QWORD_LITTLE_ENDIAN
+)
+
+const (
+	EVENT_MODIFY_STATE = 0x0002
+	EVENT_ALL_ACCESS   = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3
+
+	MUTANT_QUERY_STATE = 0x0001
+	MUTANT_ALL_ACCESS  = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | MUTANT_QUERY_STATE
+
+	SEMAPHORE_MODIFY_STATE = 0x0002
+	SEMAPHORE_ALL_ACCESS   = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3
+
+	TIMER_QUERY_STATE  = 0x0001
+	TIMER_MODIFY_STATE = 0x0002
+	TIMER_ALL_ACCESS   = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | TIMER_QUERY_STATE | TIMER_MODIFY_STATE
+
+	MUTEX_MODIFY_STATE = MUTANT_QUERY_STATE
+	MUTEX_ALL_ACCESS   = MUTANT_ALL_ACCESS
+
+	CREATE_EVENT_MANUAL_RESET  = 0x1
+	CREATE_EVENT_INITIAL_SET   = 0x2
+	CREATE_MUTEX_INITIAL_OWNER = 0x1
+)
+
+type AddrinfoW struct {
+	Flags     int32
+	Family    int32
+	Socktype  int32
+	Protocol  int32
+	Addrlen   uintptr
+	Canonname *uint16
+	Addr      uintptr
+	Next      *AddrinfoW
+}
+
+const (
+	AI_PASSIVE     = 1
+	AI_CANONNAME   = 2
+	AI_NUMERICHOST = 4
+)
+
+type GUID struct {
+	Data1 uint32
+	Data2 uint16
+	Data3 uint16
+	Data4 [8]byte
+}
+
+var WSAID_CONNECTEX = GUID{
+	0x25a207b9,
+	0xddf3,
+	0x4660,
+	[8]byte{0x8e, 0xe9, 0x76, 0xe5, 0x8c, 0x74, 0x06, 0x3e},
+}
+
+var WSAID_WSASENDMSG = GUID{
+	0xa441e712,
+	0x754f,
+	0x43ca,
+	[8]byte{0x84, 0xa7, 0x0d, 0xee, 0x44, 0xcf, 0x60, 0x6d},
+}
+
+var WSAID_WSARECVMSG = GUID{
+	0xf689d7c8,
+	0x6f1f,
+	0x436b,
+	[8]byte{0x8a, 0x53, 0xe5, 0x4f, 0xe3, 0x51, 0xc3, 0x22},
+}
+
+const (
+	FILE_SKIP_COMPLETION_PORT_ON_SUCCESS = 1
+	FILE_SKIP_SET_EVENT_ON_HANDLE        = 2
+)
+
+const (
+	WSAPROTOCOL_LEN    = 255
+	MAX_PROTOCOL_CHAIN = 7
+	BASE_PROTOCOL      = 1
+	LAYERED_PROTOCOL   = 0
+
+	XP1_CONNECTIONLESS           = 0x00000001
+	XP1_GUARANTEED_DELIVERY      = 0x00000002
+	XP1_GUARANTEED_ORDER         = 0x00000004
+	XP1_MESSAGE_ORIENTED         = 0x00000008
+	XP1_PSEUDO_STREAM            = 0x00000010
+	XP1_GRACEFUL_CLOSE           = 0x00000020
+	XP1_EXPEDITED_DATA           = 0x00000040
+	XP1_CONNECT_DATA             = 0x00000080
+	XP1_DISCONNECT_DATA          = 0x00000100
+	XP1_SUPPORT_BROADCAST        = 0x00000200
+	XP1_SUPPORT_MULTIPOINT       = 0x00000400
+	XP1_MULTIPOINT_CONTROL_PLANE = 0x00000800
+	XP1_MULTIPOINT_DATA_PLANE    = 0x00001000
+	XP1_QOS_SUPPORTED            = 0x00002000
+	XP1_UNI_SEND                 = 0x00008000
+	XP1_UNI_RECV                 = 0x00010000
+	XP1_IFS_HANDLES              = 0x00020000
+	XP1_PARTIAL_MESSAGE          = 0x00040000
+	XP1_SAN_SUPPORT_SDP          = 0x00080000
+
+	PFL_MULTIPLE_PROTO_ENTRIES  = 0x00000001
+	PFL_RECOMMENDED_PROTO_ENTRY = 0x00000002
+	PFL_HIDDEN                  = 0x00000004
+	PFL_MATCHES_PROTOCOL_ZERO   = 0x00000008
+	PFL_NETWORKDIRECT_PROVIDER  = 0x00000010
+)
+
+type WSAProtocolInfo struct {
+	ServiceFlags1     uint32
+	ServiceFlags2     uint32
+	ServiceFlags3     uint32
+	ServiceFlags4     uint32
+	ProviderFlags     uint32
+	ProviderId        GUID
+	CatalogEntryId    uint32
+	ProtocolChain     WSAProtocolChain
+	Version           int32
+	AddressFamily     int32
+	MaxSockAddr       int32
+	MinSockAddr       int32
+	SocketType        int32
+	Protocol          int32
+	ProtocolMaxOffset int32
+	NetworkByteOrder  int32
+	SecurityScheme    int32
+	MessageSize       uint32
+	ProviderReserved  uint32
+	ProtocolName      [WSAPROTOCOL_LEN + 1]uint16
+}
+
+type WSAProtocolChain struct {
+	ChainLen     int32
+	ChainEntries [MAX_PROTOCOL_CHAIN]uint32
+}
+
+type TCPKeepalive struct {
+	OnOff    uint32
+	Time     uint32
+	Interval uint32
+}
+
+type symbolicLinkReparseBuffer struct {
+	SubstituteNameOffset uint16
+	SubstituteNameLength uint16
+	PrintNameOffset      uint16
+	PrintNameLength      uint16
+	Flags                uint32
+	PathBuffer           [1]uint16
+}
+
+type mountPointReparseBuffer struct {
+	SubstituteNameOffset uint16
+	SubstituteNameLength uint16
+	PrintNameOffset      uint16
+	PrintNameLength      uint16
+	PathBuffer           [1]uint16
+}
+
+type reparseDataBuffer struct {
+	ReparseTag        uint32
+	ReparseDataLength uint16
+	Reserved          uint16
+
+	// GenericReparseBuffer
+	reparseBuffer byte
+}
+
+const (
+	FSCTL_CREATE_OR_GET_OBJECT_ID             = 0x0900C0
+	FSCTL_DELETE_OBJECT_ID                    = 0x0900A0
+	FSCTL_DELETE_REPARSE_POINT                = 0x0900AC
+	FSCTL_DUPLICATE_EXTENTS_TO_FILE           = 0x098344
+	FSCTL_DUPLICATE_EXTENTS_TO_FILE_EX        = 0x0983E8
+	FSCTL_FILESYSTEM_GET_STATISTICS           = 0x090060
+	FSCTL_FILE_LEVEL_TRIM                     = 0x098208
+	FSCTL_FIND_FILES_BY_SID                   = 0x09008F
+	FSCTL_GET_COMPRESSION                     = 0x09003C
+	FSCTL_GET_INTEGRITY_INFORMATION           = 0x09027C
+	FSCTL_GET_NTFS_VOLUME_DATA                = 0x090064
+	FSCTL_GET_REFS_VOLUME_DATA                = 0x0902D8
+	FSCTL_GET_OBJECT_ID                       = 0x09009C
+	FSCTL_GET_REPARSE_POINT                   = 0x0900A8
+	FSCTL_GET_RETRIEVAL_POINTER_COUNT         = 0x09042B
+	FSCTL_GET_RETRIEVAL_POINTERS              = 0x090073
+	FSCTL_GET_RETRIEVAL_POINTERS_AND_REFCOUNT = 0x0903D3
+	FSCTL_IS_PATHNAME_VALID                   = 0x09002C
+	FSCTL_LMR_SET_LINK_TRACKING_INFORMATION   = 0x1400EC
+	FSCTL_MARK_HANDLE                         = 0x0900FC
+	FSCTL_OFFLOAD_READ                        = 0x094264
+	FSCTL_OFFLOAD_WRITE                       = 0x098268
+	FSCTL_PIPE_PEEK                           = 0x11400C
+	FSCTL_PIPE_TRANSCEIVE                     = 0x11C017
+	FSCTL_PIPE_WAIT                           = 0x110018
+	FSCTL_QUERY_ALLOCATED_RANGES              = 0x0940CF
+	FSCTL_QUERY_FAT_BPB                       = 0x090058
+	FSCTL_QUERY_FILE_REGIONS                  = 0x090284
+	FSCTL_QUERY_ON_DISK_VOLUME_INFO           = 0x09013C
+	FSCTL_QUERY_SPARING_INFO                  = 0x090138
+	FSCTL_READ_FILE_USN_DATA                  = 0x0900EB
+	FSCTL_RECALL_FILE                         = 0x090117
+	FSCTL_REFS_STREAM_SNAPSHOT_MANAGEMENT     = 0x090440
+	FSCTL_SET_COMPRESSION                     = 0x09C040
+	FSCTL_SET_DEFECT_MANAGEMENT               = 0x098134
+	FSCTL_SET_ENCRYPTION                      = 0x0900D7
+	FSCTL_SET_INTEGRITY_INFORMATION           = 0x09C280
+	FSCTL_SET_INTEGRITY_INFORMATION_EX        = 0x090380
+	FSCTL_SET_OBJECT_ID                       = 0x090098
+	FSCTL_SET_OBJECT_ID_EXTENDED              = 0x0900BC
+	FSCTL_SET_REPARSE_POINT                   = 0x0900A4
+	FSCTL_SET_SPARSE                          = 0x0900C4
+	FSCTL_SET_ZERO_DATA                       = 0x0980C8
+	FSCTL_SET_ZERO_ON_DEALLOCATION            = 0x090194
+	FSCTL_SIS_COPYFILE                        = 0x090100
+	FSCTL_WRITE_USN_CLOSE_RECORD              = 0x0900EF
+
+	MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 16 * 1024
+	IO_REPARSE_TAG_MOUNT_POINT       = 0xA0000003
+	IO_REPARSE_TAG_SYMLINK           = 0xA000000C
+	SYMBOLIC_LINK_FLAG_DIRECTORY     = 0x1
+)
+
+const (
+	ComputerNameNetBIOS                   = 0
+	ComputerNameDnsHostname               = 1
+	ComputerNameDnsDomain                 = 2
+	ComputerNameDnsFullyQualified         = 3
+	ComputerNamePhysicalNetBIOS           = 4
+	ComputerNamePhysicalDnsHostname       = 5
+	ComputerNamePhysicalDnsDomain         = 6
+	ComputerNamePhysicalDnsFullyQualified = 7
+	ComputerNameMax                       = 8
+)
+
+// For MessageBox()
+const (
+	MB_OK                   = 0x00000000
+	MB_OKCANCEL             = 0x00000001
+	MB_ABORTRETRYIGNORE     = 0x00000002
+	MB_YESNOCANCEL          = 0x00000003
+	MB_YESNO                = 0x00000004
+	MB_RETRYCANCEL          = 0x00000005
+	MB_CANCELTRYCONTINUE    = 0x00000006
+	MB_ICONHAND             = 0x00000010
+	MB_ICONQUESTION         = 0x00000020
+	MB_ICONEXCLAMATION      = 0x00000030
+	MB_ICONASTERISK         = 0x00000040
+	MB_USERICON             = 0x00000080
+	MB_ICONWARNING          = MB_ICONEXCLAMATION
+	MB_ICONERROR            = MB_ICONHAND
+	MB_ICONINFORMATION      = MB_ICONASTERISK
+	MB_ICONSTOP             = MB_ICONHAND
+	MB_DEFBUTTON1           = 0x00000000
+	MB_DEFBUTTON2           = 0x00000100
+	MB_DEFBUTTON3           = 0x00000200
+	MB_DEFBUTTON4           = 0x00000300
+	MB_APPLMODAL            = 0x00000000
+	MB_SYSTEMMODAL          = 0x00001000
+	MB_TASKMODAL            = 0x00002000
+	MB_HELP                 = 0x00004000
+	MB_NOFOCUS              = 0x00008000
+	MB_SETFOREGROUND        = 0x00010000
+	MB_DEFAULT_DESKTOP_ONLY = 0x00020000
+	MB_TOPMOST              = 0x00040000
+	MB_RIGHT                = 0x00080000
+	MB_RTLREADING           = 0x00100000
+	MB_SERVICE_NOTIFICATION = 0x00200000
+)
+
+const (
+	MOVEFILE_REPLACE_EXISTING      = 0x1
+	MOVEFILE_COPY_ALLOWED          = 0x2
+	MOVEFILE_DELAY_UNTIL_REBOOT    = 0x4
+	MOVEFILE_WRITE_THROUGH         = 0x8
+	MOVEFILE_CREATE_HARDLINK       = 0x10
+	MOVEFILE_FAIL_IF_NOT_TRACKABLE = 0x20
+)
+
+// Flags for GetAdaptersAddresses, see
+// https://learn.microsoft.com/en-us/windows/win32/api/iphlpapi/nf-iphlpapi-getadaptersaddresses.
+const (
+	GAA_FLAG_SKIP_UNICAST                = 0x1
+	GAA_FLAG_SKIP_ANYCAST                = 0x2
+	GAA_FLAG_SKIP_MULTICAST              = 0x4
+	GAA_FLAG_SKIP_DNS_SERVER             = 0x8
+	GAA_FLAG_INCLUDE_PREFIX              = 0x10
+	GAA_FLAG_SKIP_FRIENDLY_NAME          = 0x20
+	GAA_FLAG_INCLUDE_WINS_INFO           = 0x40
+	GAA_FLAG_INCLUDE_GATEWAYS            = 0x80
+	GAA_FLAG_INCLUDE_ALL_INTERFACES      = 0x100
+	GAA_FLAG_INCLUDE_ALL_COMPARTMENTS    = 0x200
+	GAA_FLAG_INCLUDE_TUNNEL_BINDINGORDER = 0x400
+)
+
+const (
+	IF_TYPE_OTHER              = 1
+	IF_TYPE_ETHERNET_CSMACD    = 6
+	IF_TYPE_ISO88025_TOKENRING = 9
+	IF_TYPE_PPP                = 23
+	IF_TYPE_SOFTWARE_LOOPBACK  = 24
+	IF_TYPE_ATM                = 37
+	IF_TYPE_IEEE80211          = 71
+	IF_TYPE_TUNNEL             = 131
+	IF_TYPE_IEEE1394           = 144
+)
+
+// Enum NL_PREFIX_ORIGIN for [IpAdapterUnicastAddress], see
+// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_prefix_origin
+const (
+	IpPrefixOriginOther               = 0
+	IpPrefixOriginManual              = 1
+	IpPrefixOriginWellKnown           = 2
+	IpPrefixOriginDhcp                = 3
+	IpPrefixOriginRouterAdvertisement = 4
+	IpPrefixOriginUnchanged           = 1 << 4
+)
+
+// Enum NL_SUFFIX_ORIGIN for [IpAdapterUnicastAddress], see
+// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_suffix_origin
+const (
+	NlsoOther                      = 0
+	NlsoManual                     = 1
+	NlsoWellKnown                  = 2
+	NlsoDhcp                       = 3
+	NlsoLinkLayerAddress           = 4
+	NlsoRandom                     = 5
+	IpSuffixOriginOther            = 0
+	IpSuffixOriginManual           = 1
+	IpSuffixOriginWellKnown        = 2
+	IpSuffixOriginDhcp             = 3
+	IpSuffixOriginLinkLayerAddress = 4
+	IpSuffixOriginRandom           = 5
+	IpSuffixOriginUnchanged        = 1 << 4
+)
+
+// Enum NL_DAD_STATE for [IpAdapterUnicastAddress], see
+// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_dad_state
+const (
+	NldsInvalid          = 0
+	NldsTentative        = 1
+	NldsDuplicate        = 2
+	NldsDeprecated       = 3
+	NldsPreferred        = 4
+	IpDadStateInvalid    = 0
+	IpDadStateTentative  = 1
+	IpDadStateDuplicate  = 2
+	IpDadStateDeprecated = 3
+	IpDadStatePreferred  = 4
+)
+
+type SocketAddress struct {
+	Sockaddr       *syscall.RawSockaddrAny
+	SockaddrLength int32
+}
+
+// IP returns an IPv4 or IPv6 address, or nil if the underlying SocketAddress is neither.
+func (addr *SocketAddress) IP() net.IP {
+	if uintptr(addr.SockaddrLength) >= unsafe.Sizeof(RawSockaddrInet4{}) && addr.Sockaddr.Addr.Family == AF_INET {
+		return (*RawSockaddrInet4)(unsafe.Pointer(addr.Sockaddr)).Addr[:]
+	} else if uintptr(addr.SockaddrLength) >= unsafe.Sizeof(RawSockaddrInet6{}) && addr.Sockaddr.Addr.Family == AF_INET6 {
+		return (*RawSockaddrInet6)(unsafe.Pointer(addr.Sockaddr)).Addr[:]
+	}
+	return nil
+}
+
+type IpAdapterUnicastAddress struct {
+	Length             uint32
+	Flags              uint32
+	Next               *IpAdapterUnicastAddress
+	Address            SocketAddress
+	PrefixOrigin       int32
+	SuffixOrigin       int32
+	DadState           int32
+	ValidLifetime      uint32
+	PreferredLifetime  uint32
+	LeaseLifetime      uint32
+	OnLinkPrefixLength uint8
+}
+
+type IpAdapterAnycastAddress struct {
+	Length  uint32
+	Flags   uint32
+	Next    *IpAdapterAnycastAddress
+	Address SocketAddress
+}
+
+type IpAdapterMulticastAddress struct {
+	Length  uint32
+	Flags   uint32
+	Next    *IpAdapterMulticastAddress
+	Address SocketAddress
+}
+
+type IpAdapterDnsServerAdapter struct {
+	Length   uint32
+	Reserved uint32
+	Next     *IpAdapterDnsServerAdapter
+	Address  SocketAddress
+}
+
+type IpAdapterPrefix struct {
+	Length       uint32
+	Flags        uint32
+	Next         *IpAdapterPrefix
+	Address      SocketAddress
+	PrefixLength uint32
+}
+
+type IpAdapterAddresses struct {
+	Length                 uint32
+	IfIndex                uint32
+	Next                   *IpAdapterAddresses
+	AdapterName            *byte
+	FirstUnicastAddress    *IpAdapterUnicastAddress
+	FirstAnycastAddress    *IpAdapterAnycastAddress
+	FirstMulticastAddress  *IpAdapterMulticastAddress
+	FirstDnsServerAddress  *IpAdapterDnsServerAdapter
+	DnsSuffix              *uint16
+	Description            *uint16
+	FriendlyName           *uint16
+	PhysicalAddress        [syscall.MAX_ADAPTER_ADDRESS_LENGTH]byte
+	PhysicalAddressLength  uint32
+	Flags                  uint32
+	Mtu                    uint32
+	IfType                 uint32
+	OperStatus             uint32
+	Ipv6IfIndex            uint32
+	ZoneIndices            [16]uint32
+	FirstPrefix            *IpAdapterPrefix
+	TransmitLinkSpeed      uint64
+	ReceiveLinkSpeed       uint64
+	FirstWinsServerAddress *IpAdapterWinsServerAddress
+	FirstGatewayAddress    *IpAdapterGatewayAddress
+	Ipv4Metric             uint32
+	Ipv6Metric             uint32
+	Luid                   uint64
+	Dhcpv4Server           SocketAddress
+	CompartmentId          uint32
+	NetworkGuid            GUID
+	ConnectionType         uint32
+	TunnelType             uint32
+	Dhcpv6Server           SocketAddress
+	Dhcpv6ClientDuid       [MAX_DHCPV6_DUID_LENGTH]byte
+	Dhcpv6ClientDuidLength uint32
+	Dhcpv6Iaid             uint32
+	FirstDnsSuffix         *IpAdapterDNSSuffix
+}
+
+type IpAdapterWinsServerAddress struct {
+	Length   uint32
+	Reserved uint32
+	Next     *IpAdapterWinsServerAddress
+	Address  SocketAddress
+}
+
+type IpAdapterGatewayAddress struct {
+	Length   uint32
+	Reserved uint32
+	Next     *IpAdapterGatewayAddress
+	Address  SocketAddress
+}
+
+type IpAdapterDNSSuffix struct {
+	Next   *IpAdapterDNSSuffix
+	String [MAX_DNS_SUFFIX_STRING_LENGTH]uint16
+}
+
+const (
+	IfOperStatusUp             = 1
+	IfOperStatusDown           = 2
+	IfOperStatusTesting        = 3
+	IfOperStatusUnknown        = 4
+	IfOperStatusDormant        = 5
+	IfOperStatusNotPresent     = 6
+	IfOperStatusLowerLayerDown = 7
+)
+
+const (
+	IF_MAX_PHYS_ADDRESS_LENGTH = 32
+	IF_MAX_STRING_SIZE         = 256
+)
+
+// MIB_IF_ENTRY_LEVEL enumeration from netioapi.h or
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/nf-netioapi-getifentry2ex.
+const (
+	MibIfEntryNormal                  = 0
+	MibIfEntryNormalWithoutStatistics = 2
+)
+
+// MIB_NOTIFICATION_TYPE enumeration from netioapi.h or
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ne-netioapi-mib_notification_type.
+const (
+	MibParameterNotification = 0
+	MibAddInstance           = 1
+	MibDeleteInstance        = 2
+	MibInitialNotification   = 3
+)
+
+// MibIfRow2 stores information about a particular interface. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_if_row2.
+type MibIfRow2 struct {
+	InterfaceLuid               uint64
+	InterfaceIndex              uint32
+	InterfaceGuid               GUID
+	Alias                       [IF_MAX_STRING_SIZE + 1]uint16
+	Description                 [IF_MAX_STRING_SIZE + 1]uint16
+	PhysicalAddressLength       uint32
+	PhysicalAddress             [IF_MAX_PHYS_ADDRESS_LENGTH]uint8
+	PermanentPhysicalAddress    [IF_MAX_PHYS_ADDRESS_LENGTH]uint8
+	Mtu                         uint32
+	Type                        uint32
+	TunnelType                  uint32
+	MediaType                   uint32
+	PhysicalMediumType          uint32
+	AccessType                  uint32
+	DirectionType               uint32
+	InterfaceAndOperStatusFlags uint8
+	OperStatus                  uint32
+	AdminStatus                 uint32
+	MediaConnectState           uint32
+	NetworkGuid                 GUID
+	ConnectionType              uint32
+	TransmitLinkSpeed           uint64
+	ReceiveLinkSpeed            uint64
+	InOctets                    uint64
+	InUcastPkts                 uint64
+	InNUcastPkts                uint64
+	InDiscards                  uint64
+	InErrors                    uint64
+	InUnknownProtos             uint64
+	InUcastOctets               uint64
+	InMulticastOctets           uint64
+	InBroadcastOctets           uint64
+	OutOctets                   uint64
+	OutUcastPkts                uint64
+	OutNUcastPkts               uint64
+	OutDiscards                 uint64
+	OutErrors                   uint64
+	OutUcastOctets              uint64
+	OutMulticastOctets          uint64
+	OutBroadcastOctets          uint64
+	OutQLen                     uint64
+}
+
+// MIB_UNICASTIPADDRESS_ROW stores information about a unicast IP address. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_unicastipaddress_row.
+type MibUnicastIpAddressRow struct {
+	Address            RawSockaddrInet6 // SOCKADDR_INET union
+	InterfaceLuid      uint64
+	InterfaceIndex     uint32
+	PrefixOrigin       uint32
+	SuffixOrigin       uint32
+	ValidLifetime      uint32
+	PreferredLifetime  uint32
+	OnLinkPrefixLength uint8
+	SkipAsSource       uint8
+	DadState           uint32
+	ScopeId            uint32
+	CreationTimeStamp  Filetime
+}
+
+const ScopeLevelCount = 16
+
+// MIB_IPINTERFACE_ROW stores interface management information for a particular IP address family on a network interface.
+// See https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_ipinterface_row.
+type MibIpInterfaceRow struct {
+	Family                               uint16
+	InterfaceLuid                        uint64
+	InterfaceIndex                       uint32
+	MaxReassemblySize                    uint32
+	InterfaceIdentifier                  uint64
+	MinRouterAdvertisementInterval       uint32
+	MaxRouterAdvertisementInterval       uint32
+	AdvertisingEnabled                   uint8
+	ForwardingEnabled                    uint8
+	WeakHostSend                         uint8
+	WeakHostReceive                      uint8
+	UseAutomaticMetric                   uint8
+	UseNeighborUnreachabilityDetection   uint8
+	ManagedAddressConfigurationSupported uint8
+	OtherStatefulConfigurationSupported  uint8
+	AdvertiseDefaultRoute                uint8
+	RouterDiscoveryBehavior              uint32
+	DadTransmits                         uint32
+	BaseReachableTime                    uint32
+	RetransmitTime                       uint32
+	PathMtuDiscoveryTimeout              uint32
+	LinkLocalAddressBehavior             uint32
+	LinkLocalAddressTimeout              uint32
+	ZoneIndices                          [ScopeLevelCount]uint32
+	SitePrefixLength                     uint32
+	Metric                               uint32
+	NlMtu                                uint32
+	Connected                            uint8
+	SupportsWakeUpPatterns               uint8
+	SupportsNeighborDiscovery            uint8
+	SupportsRouterDiscovery              uint8
+	ReachableTime                        uint32
+	TransmitOffload                      uint32
+	ReceiveOffload                       uint32
+	DisableDefaultRoutes                 uint8
+}
+
+// Console related constants used for the mode parameter to SetConsoleMode. See
+// https://docs.microsoft.com/en-us/windows/console/setconsolemode for details.
+
+const (
+	ENABLE_PROCESSED_INPUT        = 0x1
+	ENABLE_LINE_INPUT             = 0x2
+	ENABLE_ECHO_INPUT             = 0x4
+	ENABLE_WINDOW_INPUT           = 0x8
+	ENABLE_MOUSE_INPUT            = 0x10
+	ENABLE_INSERT_MODE            = 0x20
+	ENABLE_QUICK_EDIT_MODE        = 0x40
+	ENABLE_EXTENDED_FLAGS         = 0x80
+	ENABLE_AUTO_POSITION          = 0x100
+	ENABLE_VIRTUAL_TERMINAL_INPUT = 0x200
+
+	ENABLE_PROCESSED_OUTPUT            = 0x1
+	ENABLE_WRAP_AT_EOL_OUTPUT          = 0x2
+	ENABLE_VIRTUAL_TERMINAL_PROCESSING = 0x4
+	DISABLE_NEWLINE_AUTO_RETURN        = 0x8
+	ENABLE_LVB_GRID_WORLDWIDE          = 0x10
+)
+
+// Pseudo console related constants used for the flags parameter to
+// CreatePseudoConsole. See: https://learn.microsoft.com/en-us/windows/console/createpseudoconsole
+const (
+	PSEUDOCONSOLE_INHERIT_CURSOR = 0x1
+)
+
+type Coord struct {
+	X int16
+	Y int16
+}
+
+type SmallRect struct {
+	Left   int16
+	Top    int16
+	Right  int16
+	Bottom int16
+}
+
+// Used with GetConsoleScreenBuffer to retrieve information about a console
+// screen buffer. See
+// https://docs.microsoft.com/en-us/windows/console/console-screen-buffer-info-str
+// for details.
+
+type ConsoleScreenBufferInfo struct {
+	Size              Coord
+	CursorPosition    Coord
+	Attributes        uint16
+	Window            SmallRect
+	MaximumWindowSize Coord
+}
+
+const UNIX_PATH_MAX = 108 // defined in afunix.h
+
+const (
+	// flags for JOBOBJECT_BASIC_LIMIT_INFORMATION.LimitFlags
+	JOB_OBJECT_LIMIT_ACTIVE_PROCESS             = 0x00000008
+	JOB_OBJECT_LIMIT_AFFINITY                   = 0x00000010
+	JOB_OBJECT_LIMIT_BREAKAWAY_OK               = 0x00000800
+	JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION = 0x00000400
+	JOB_OBJECT_LIMIT_JOB_MEMORY                 = 0x00000200
+	JOB_OBJECT_LIMIT_JOB_TIME                   = 0x00000004
+	JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE          = 0x00002000
+	JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME          = 0x00000040
+	JOB_OBJECT_LIMIT_PRIORITY_CLASS             = 0x00000020
+	JOB_OBJECT_LIMIT_PROCESS_MEMORY             = 0x00000100
+	JOB_OBJECT_LIMIT_PROCESS_TIME               = 0x00000002
+	JOB_OBJECT_LIMIT_SCHEDULING_CLASS           = 0x00000080
+	JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK        = 0x00001000
+	JOB_OBJECT_LIMIT_SUBSET_AFFINITY            = 0x00004000
+	JOB_OBJECT_LIMIT_WORKINGSET                 = 0x00000001
+)
+
+type IO_COUNTERS struct {
+	ReadOperationCount  uint64
+	WriteOperationCount uint64
+	OtherOperationCount uint64
+	ReadTransferCount   uint64
+	WriteTransferCount  uint64
+	OtherTransferCount  uint64
+}
+
+type JOBOBJECT_EXTENDED_LIMIT_INFORMATION struct {
+	BasicLimitInformation JOBOBJECT_BASIC_LIMIT_INFORMATION
+	IoInfo                IO_COUNTERS
+	ProcessMemoryLimit    uintptr
+	JobMemoryLimit        uintptr
+	PeakProcessMemoryUsed uintptr
+	PeakJobMemoryUsed     uintptr
+}
+
+const (
+	// UIRestrictionsClass
+	JOB_OBJECT_UILIMIT_DESKTOP          = 0x00000040
+	JOB_OBJECT_UILIMIT_DISPLAYSETTINGS  = 0x00000010
+	JOB_OBJECT_UILIMIT_EXITWINDOWS      = 0x00000080
+	JOB_OBJECT_UILIMIT_GLOBALATOMS      = 0x00000020
+	JOB_OBJECT_UILIMIT_HANDLES          = 0x00000001
+	JOB_OBJECT_UILIMIT_READCLIPBOARD    = 0x00000002
+	JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS = 0x00000008
+	JOB_OBJECT_UILIMIT_WRITECLIPBOARD   = 0x00000004
+)
+
+type JOBOBJECT_BASIC_UI_RESTRICTIONS struct {
+	UIRestrictionsClass uint32
+}
+
+const (
+	// JobObjectInformationClass for QueryInformationJobObject and SetInformationJobObject
+	JobObjectAssociateCompletionPortInformation = 7
+	JobObjectBasicAccountingInformation         = 1
+	JobObjectBasicAndIoAccountingInformation    = 8
+	JobObjectBasicLimitInformation              = 2
+	JobObjectBasicProcessIdList                 = 3
+	JobObjectBasicUIRestrictions                = 4
+	JobObjectCpuRateControlInformation          = 15
+	JobObjectEndOfJobTimeInformation            = 6
+	JobObjectExtendedLimitInformation           = 9
+	JobObjectGroupInformation                   = 11
+	JobObjectGroupInformationEx                 = 14
+	JobObjectLimitViolationInformation          = 13
+	JobObjectLimitViolationInformation2         = 34
+	JobObjectNetRateControlInformation          = 32
+	JobObjectNotificationLimitInformation       = 12
+	JobObjectNotificationLimitInformation2      = 33
+	JobObjectSecurityLimitInformation           = 5
+)
+
+const (
+	KF_FLAG_DEFAULT                          = 0x00000000
+	KF_FLAG_FORCE_APP_DATA_REDIRECTION       = 0x00080000
+	KF_FLAG_RETURN_FILTER_REDIRECTION_TARGET = 0x00040000
+	KF_FLAG_FORCE_PACKAGE_REDIRECTION        = 0x00020000
+	KF_FLAG_NO_PACKAGE_REDIRECTION           = 0x00010000
+	KF_FLAG_FORCE_APPCONTAINER_REDIRECTION   = 0x00020000
+	KF_FLAG_NO_APPCONTAINER_REDIRECTION      = 0x00010000
+	KF_FLAG_CREATE                           = 0x00008000
+	KF_FLAG_DONT_VERIFY                      = 0x00004000
+	KF_FLAG_DONT_UNEXPAND                    = 0x00002000
+	KF_FLAG_NO_ALIAS                         = 0x00001000
+	KF_FLAG_INIT                             = 0x00000800
+	KF_FLAG_DEFAULT_PATH                     = 0x00000400
+	KF_FLAG_NOT_PARENT_RELATIVE              = 0x00000200
+	KF_FLAG_SIMPLE_IDLIST                    = 0x00000100
+	KF_FLAG_ALIAS_ONLY                       = 0x80000000
+)
+
+type OsVersionInfoEx struct {
+	osVersionInfoSize uint32
+	MajorVersion      uint32
+	MinorVersion      uint32
+	BuildNumber       uint32
+	PlatformId        uint32
+	CsdVersion        [128]uint16
+	ServicePackMajor  uint16
+	ServicePackMinor  uint16
+	SuiteMask         uint16
+	ProductType       byte
+	_                 byte
+}
+
+const (
+	EWX_LOGOFF          = 0x00000000
+	EWX_SHUTDOWN        = 0x00000001
+	EWX_REBOOT          = 0x00000002
+	EWX_FORCE           = 0x00000004
+	EWX_POWEROFF        = 0x00000008
+	EWX_FORCEIFHUNG     = 0x00000010
+	EWX_QUICKRESOLVE    = 0x00000020
+	EWX_RESTARTAPPS     = 0x00000040
+	EWX_HYBRID_SHUTDOWN = 0x00400000
+	EWX_BOOTOPTIONS     = 0x01000000
+
+	SHTDN_REASON_FLAG_COMMENT_REQUIRED          = 0x01000000
+	SHTDN_REASON_FLAG_DIRTY_PROBLEM_ID_REQUIRED = 0x02000000
+	SHTDN_REASON_FLAG_CLEAN_UI                  = 0x04000000
+	SHTDN_REASON_FLAG_DIRTY_UI                  = 0x08000000
+	SHTDN_REASON_FLAG_USER_DEFINED              = 0x40000000
+	SHTDN_REASON_FLAG_PLANNED                   = 0x80000000
+	SHTDN_REASON_MAJOR_OTHER                    = 0x00000000
+	SHTDN_REASON_MAJOR_NONE                     = 0x00000000
+	SHTDN_REASON_MAJOR_HARDWARE                 = 0x00010000
+	SHTDN_REASON_MAJOR_OPERATINGSYSTEM          = 0x00020000
+	SHTDN_REASON_MAJOR_SOFTWARE                 = 0x00030000
+	SHTDN_REASON_MAJOR_APPLICATION              = 0x00040000
+	SHTDN_REASON_MAJOR_SYSTEM                   = 0x00050000
+	SHTDN_REASON_MAJOR_POWER                    = 0x00060000
+	SHTDN_REASON_MAJOR_LEGACY_API               = 0x00070000
+	SHTDN_REASON_MINOR_OTHER                    = 0x00000000
+	SHTDN_REASON_MINOR_NONE                     = 0x000000ff
+	SHTDN_REASON_MINOR_MAINTENANCE              = 0x00000001
+	SHTDN_REASON_MINOR_INSTALLATION             = 0x00000002
+	SHTDN_REASON_MINOR_UPGRADE                  = 0x00000003
+	SHTDN_REASON_MINOR_RECONFIG                 = 0x00000004
+	SHTDN_REASON_MINOR_HUNG                     = 0x00000005
+	SHTDN_REASON_MINOR_UNSTABLE                 = 0x00000006
+	SHTDN_REASON_MINOR_DISK                     = 0x00000007
+	SHTDN_REASON_MINOR_PROCESSOR                = 0x00000008
+	SHTDN_REASON_MINOR_NETWORKCARD              = 0x00000009
+	SHTDN_REASON_MINOR_POWER_SUPPLY             = 0x0000000a
+	SHTDN_REASON_MINOR_CORDUNPLUGGED            = 0x0000000b
+	SHTDN_REASON_MINOR_ENVIRONMENT              = 0x0000000c
+	SHTDN_REASON_MINOR_HARDWARE_DRIVER          = 0x0000000d
+	SHTDN_REASON_MINOR_OTHERDRIVER              = 0x0000000e
+	SHTDN_REASON_MINOR_BLUESCREEN               = 0x0000000F
+	SHTDN_REASON_MINOR_SERVICEPACK              = 0x00000010
+	SHTDN_REASON_MINOR_HOTFIX                   = 0x00000011
+	SHTDN_REASON_MINOR_SECURITYFIX              = 0x00000012
+	SHTDN_REASON_MINOR_SECURITY                 = 0x00000013
+	SHTDN_REASON_MINOR_NETWORK_CONNECTIVITY     = 0x00000014
+	SHTDN_REASON_MINOR_WMI                      = 0x00000015
+	SHTDN_REASON_MINOR_SERVICEPACK_UNINSTALL    = 0x00000016
+	SHTDN_REASON_MINOR_HOTFIX_UNINSTALL         = 0x00000017
+	SHTDN_REASON_MINOR_SECURITYFIX_UNINSTALL    = 0x00000018
+	SHTDN_REASON_MINOR_MMC                      = 0x00000019
+	SHTDN_REASON_MINOR_SYSTEMRESTORE            = 0x0000001a
+	SHTDN_REASON_MINOR_TERMSRV                  = 0x00000020
+	SHTDN_REASON_MINOR_DC_PROMOTION             = 0x00000021
+	SHTDN_REASON_MINOR_DC_DEMOTION              = 0x00000022
+	SHTDN_REASON_UNKNOWN                        = SHTDN_REASON_MINOR_NONE
+	SHTDN_REASON_LEGACY_API                     = SHTDN_REASON_MAJOR_LEGACY_API | SHTDN_REASON_FLAG_PLANNED
+	SHTDN_REASON_VALID_BIT_MASK                 = 0xc0ffffff
+
+	SHUTDOWN_NORETRY = 0x1
+)
+
+// Flags used for GetModuleHandleEx
+const (
+	GET_MODULE_HANDLE_EX_FLAG_PIN                = 1
+	GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT = 2
+	GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS       = 4
+)
+
+// MUI function flag values
+const (
+	MUI_LANGUAGE_ID                    = 0x4
+	MUI_LANGUAGE_NAME                  = 0x8
+	MUI_MERGE_SYSTEM_FALLBACK          = 0x10
+	MUI_MERGE_USER_FALLBACK            = 0x20
+	MUI_UI_FALLBACK                    = MUI_MERGE_SYSTEM_FALLBACK | MUI_MERGE_USER_FALLBACK
+	MUI_THREAD_LANGUAGES               = 0x40
+	MUI_CONSOLE_FILTER                 = 0x100
+	MUI_COMPLEX_SCRIPT_FILTER          = 0x200
+	MUI_RESET_FILTERS                  = 0x001
+	MUI_USER_PREFERRED_UI_LANGUAGES    = 0x10
+	MUI_USE_INSTALLED_LANGUAGES        = 0x20
+	MUI_USE_SEARCH_ALL_LANGUAGES       = 0x40
+	MUI_LANG_NEUTRAL_PE_FILE           = 0x100
+	MUI_NON_LANG_NEUTRAL_FILE          = 0x200
+	MUI_MACHINE_LANGUAGE_SETTINGS      = 0x400
+	MUI_FILETYPE_NOT_LANGUAGE_NEUTRAL  = 0x001
+	MUI_FILETYPE_LANGUAGE_NEUTRAL_MAIN = 0x002
+	MUI_FILETYPE_LANGUAGE_NEUTRAL_MUI  = 0x004
+	MUI_QUERY_TYPE                     = 0x001
+	MUI_QUERY_CHECKSUM                 = 0x002
+	MUI_QUERY_LANGUAGE_NAME            = 0x004
+	MUI_QUERY_RESOURCE_TYPES           = 0x008
+	MUI_FILEINFO_VERSION               = 0x001
+
+	MUI_FULL_LANGUAGE      = 0x01
+	MUI_PARTIAL_LANGUAGE   = 0x02
+	MUI_LIP_LANGUAGE       = 0x04
+	MUI_LANGUAGE_INSTALLED = 0x20
+	MUI_LANGUAGE_LICENSED  = 0x40
+)
+
+// FILE_INFO_BY_HANDLE_CLASS constants for SetFileInformationByHandle/GetFileInformationByHandleEx
+const (
+	FileBasicInfo                  = 0
+	FileStandardInfo               = 1
+	FileNameInfo                   = 2
+	FileRenameInfo                 = 3
+	FileDispositionInfo            = 4
+	FileAllocationInfo             = 5
+	FileEndOfFileInfo              = 6
+	FileStreamInfo                 = 7
+	FileCompressionInfo            = 8
+	FileAttributeTagInfo           = 9
+	FileIdBothDirectoryInfo        = 10
+	FileIdBothDirectoryRestartInfo = 11
+	FileIoPriorityHintInfo         = 12
+	FileRemoteProtocolInfo         = 13
+	FileFullDirectoryInfo          = 14
+	FileFullDirectoryRestartInfo   = 15
+	FileStorageInfo                = 16
+	FileAlignmentInfo              = 17
+	FileIdInfo                     = 18
+	FileIdExtdDirectoryInfo        = 19
+	FileIdExtdDirectoryRestartInfo = 20
+	FileDispositionInfoEx          = 21
+	FileRenameInfoEx               = 22
+	FileCaseSensitiveInfo          = 23
+	FileNormalizedNameInfo         = 24
+)
+
+// LoadLibrary flags for determining from where to search for a DLL
+const (
+	DONT_RESOLVE_DLL_REFERENCES               = 0x1
+	LOAD_LIBRARY_AS_DATAFILE                  = 0x2
+	LOAD_WITH_ALTERED_SEARCH_PATH             = 0x8
+	LOAD_IGNORE_CODE_AUTHZ_LEVEL              = 0x10
+	LOAD_LIBRARY_AS_IMAGE_RESOURCE            = 0x20
+	LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE        = 0x40
+	LOAD_LIBRARY_REQUIRE_SIGNED_TARGET        = 0x80
+	LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR          = 0x100
+	LOAD_LIBRARY_SEARCH_APPLICATION_DIR       = 0x200
+	LOAD_LIBRARY_SEARCH_USER_DIRS             = 0x400
+	LOAD_LIBRARY_SEARCH_SYSTEM32              = 0x800
+	LOAD_LIBRARY_SEARCH_DEFAULT_DIRS          = 0x1000
+	LOAD_LIBRARY_SAFE_CURRENT_DIRS            = 0x00002000
+	LOAD_LIBRARY_SEARCH_SYSTEM32_NO_FORWARDER = 0x00004000
+	LOAD_LIBRARY_OS_INTEGRITY_CONTINUITY      = 0x00008000
+)
+
+// RegNotifyChangeKeyValue notifyFilter flags.
+const (
+	// REG_NOTIFY_CHANGE_NAME notifies the caller if a subkey is added or deleted.
+	REG_NOTIFY_CHANGE_NAME = 0x00000001
+
+	// REG_NOTIFY_CHANGE_ATTRIBUTES notifies the caller of changes to the attributes of the key, such as the security descriptor information.
+	REG_NOTIFY_CHANGE_ATTRIBUTES = 0x00000002
+
+	// REG_NOTIFY_CHANGE_LAST_SET notifies the caller of changes to a value of the key. This can include adding or deleting a value, or changing an existing value.
+	REG_NOTIFY_CHANGE_LAST_SET = 0x00000004
+
+	// REG_NOTIFY_CHANGE_SECURITY notifies the caller of changes to the security descriptor of the key.
+	REG_NOTIFY_CHANGE_SECURITY = 0x00000008
+
+	// REG_NOTIFY_THREAD_AGNOSTIC indicates that the lifetime of the registration must not be tied to the lifetime of the thread issuing the RegNotifyChangeKeyValue call. Note: This flag value is only supported in Windows 8 and later.
+	REG_NOTIFY_THREAD_AGNOSTIC = 0x10000000
+)
+
+type CommTimeouts struct {
+	ReadIntervalTimeout         uint32
+	ReadTotalTimeoutMultiplier  uint32
+	ReadTotalTimeoutConstant    uint32
+	WriteTotalTimeoutMultiplier uint32
+	WriteTotalTimeoutConstant   uint32
+}
+
+// NTUnicodeString is a UTF-16 string for NT native APIs, corresponding to UNICODE_STRING.
+type NTUnicodeString struct {
+	Length        uint16
+	MaximumLength uint16
+	Buffer        *uint16
+}
+
+// NTString is an ANSI string for NT native APIs, corresponding to STRING.
+type NTString struct {
+	Length        uint16
+	MaximumLength uint16
+	Buffer        *byte
+}
+
+type LIST_ENTRY struct {
+	Flink *LIST_ENTRY
+	Blink *LIST_ENTRY
+}
+
+type RUNTIME_FUNCTION struct {
+	BeginAddress uint32
+	EndAddress   uint32
+	UnwindData   uint32
+}
+
+type LDR_DATA_TABLE_ENTRY struct {
+	reserved1          [2]uintptr
+	InMemoryOrderLinks LIST_ENTRY
+	reserved2          [2]uintptr
+	DllBase            uintptr
+	reserved3          [2]uintptr
+	FullDllName        NTUnicodeString
+	reserved4          [8]byte
+	reserved5          [3]uintptr
+	reserved6          uintptr
+	TimeDateStamp      uint32
+}
+
+type PEB_LDR_DATA struct {
+	reserved1               [8]byte
+	reserved2               [3]uintptr
+	InMemoryOrderModuleList LIST_ENTRY
+}
+
+type CURDIR struct {
+	DosPath NTUnicodeString
+	Handle  Handle
+}
+
+type RTL_DRIVE_LETTER_CURDIR struct {
+	Flags     uint16
+	Length    uint16
+	TimeStamp uint32
+	DosPath   NTString
+}
+
+type RTL_USER_PROCESS_PARAMETERS struct {
+	MaximumLength, Length uint32
+
+	Flags, DebugFlags uint32
+
+	ConsoleHandle                                Handle
+	ConsoleFlags                                 uint32
+	StandardInput, StandardOutput, StandardError Handle
+
+	CurrentDirectory CURDIR
+	DllPath          NTUnicodeString
+	ImagePathName    NTUnicodeString
+	CommandLine      NTUnicodeString
+	Environment      unsafe.Pointer
+
+	StartingX, StartingY, CountX, CountY, CountCharsX, CountCharsY, FillAttribute uint32
+
+	WindowFlags, ShowWindowFlags                     uint32
+	WindowTitle, DesktopInfo, ShellInfo, RuntimeData NTUnicodeString
+	CurrentDirectories                               [32]RTL_DRIVE_LETTER_CURDIR
+
+	EnvironmentSize, EnvironmentVersion uintptr
+
+	PackageDependencyData unsafe.Pointer
+	ProcessGroupId        uint32
+	LoaderThreads         uint32
+
+	RedirectionDllName               NTUnicodeString
+	HeapPartitionName                NTUnicodeString
+	DefaultThreadpoolCpuSetMasks     uintptr
+	DefaultThreadpoolCpuSetMaskCount uint32
+}
+
+type PEB struct {
+	reserved1              [2]byte
+	BeingDebugged          byte
+	BitField               byte
+	reserved3              uintptr
+	ImageBaseAddress       uintptr
+	Ldr                    *PEB_LDR_DATA
+	ProcessParameters      *RTL_USER_PROCESS_PARAMETERS
+	reserved4              [3]uintptr
+	AtlThunkSListPtr       uintptr
+	reserved5              uintptr
+	reserved6              uint32
+	reserved7              uintptr
+	reserved8              uint32
+	AtlThunkSListPtr32     uint32
+	reserved9              [45]uintptr
+	reserved10             [96]byte
+	PostProcessInitRoutine uintptr
+	reserved11             [128]byte
+	reserved12             [1]uintptr
+	SessionId              uint32
+}
+
+type OBJECT_ATTRIBUTES struct {
+	Length             uint32
+	RootDirectory      Handle
+	ObjectName         *NTUnicodeString
+	Attributes         uint32
+	SecurityDescriptor *SECURITY_DESCRIPTOR
+	SecurityQoS        *SECURITY_QUALITY_OF_SERVICE
+}
+
+// Values for the Attributes member of OBJECT_ATTRIBUTES.
+const (
+	OBJ_INHERIT                       = 0x00000002
+	OBJ_PERMANENT                     = 0x00000010
+	OBJ_EXCLUSIVE                     = 0x00000020
+	OBJ_CASE_INSENSITIVE              = 0x00000040
+	OBJ_OPENIF                        = 0x00000080
+	OBJ_OPENLINK                      = 0x00000100
+	OBJ_KERNEL_HANDLE                 = 0x00000200
+	OBJ_FORCE_ACCESS_CHECK            = 0x00000400
+	OBJ_IGNORE_IMPERSONATED_DEVICEMAP = 0x00000800
+	OBJ_DONT_REPARSE                  = 0x00001000
+	OBJ_VALID_ATTRIBUTES              = 0x00001FF2
+)
+
+type IO_STATUS_BLOCK struct {
+	Status      NTStatus
+	Information uintptr
+}
+
+type RTLP_CURDIR_REF struct {
+	RefCount int32
+	Handle   Handle
+}
+
+type RTL_RELATIVE_NAME struct {
+	RelativeName        NTUnicodeString
+	ContainingDirectory Handle
+	CurDirRef           *RTLP_CURDIR_REF
+}
+
+const (
+	// CreateDisposition flags for NtCreateFile and NtCreateNamedPipeFile.
+	FILE_SUPERSEDE           = 0x00000000
+	FILE_OPEN                = 0x00000001
+	FILE_CREATE              = 0x00000002
+	FILE_OPEN_IF             = 0x00000003
+	FILE_OVERWRITE           = 0x00000004
+	FILE_OVERWRITE_IF        = 0x00000005
+	FILE_MAXIMUM_DISPOSITION = 0x00000005
+
+	// CreateOptions flags for NtCreateFile and NtCreateNamedPipeFile.
+	FILE_DIRECTORY_FILE            = 0x00000001
+	FILE_WRITE_THROUGH             = 0x00000002
+	FILE_SEQUENTIAL_ONLY           = 0x00000004
+	FILE_NO_INTERMEDIATE_BUFFERING = 0x00000008
+	FILE_SYNCHRONOUS_IO_ALERT      = 0x00000010
+	FILE_SYNCHRONOUS_IO_NONALERT   = 0x00000020
+	FILE_NON_DIRECTORY_FILE        = 0x00000040
+	FILE_CREATE_TREE_CONNECTION    = 0x00000080
+	FILE_COMPLETE_IF_OPLOCKED      = 0x00000100
+	FILE_NO_EA_KNOWLEDGE           = 0x00000200
+	FILE_OPEN_REMOTE_INSTANCE      = 0x00000400
+	FILE_RANDOM_ACCESS             = 0x00000800
+	FILE_DELETE_ON_CLOSE           = 0x00001000
+	FILE_OPEN_BY_FILE_ID           = 0x00002000
+	FILE_OPEN_FOR_BACKUP_INTENT    = 0x00004000
+	FILE_NO_COMPRESSION            = 0x00008000
+	FILE_OPEN_REQUIRING_OPLOCK     = 0x00010000
+	FILE_DISALLOW_EXCLUSIVE        = 0x00020000
+	FILE_RESERVE_OPFILTER          = 0x00100000
+	FILE_OPEN_REPARSE_POINT        = 0x00200000
+	FILE_OPEN_NO_RECALL            = 0x00400000
+	FILE_OPEN_FOR_FREE_SPACE_QUERY = 0x00800000
+
+	// Parameter constants for NtCreateNamedPipeFile.
+
+	FILE_PIPE_BYTE_STREAM_TYPE = 0x00000000
+	FILE_PIPE_MESSAGE_TYPE     = 0x00000001
+
+	FILE_PIPE_ACCEPT_REMOTE_CLIENTS = 0x00000000
+	FILE_PIPE_REJECT_REMOTE_CLIENTS = 0x00000002
+
+	FILE_PIPE_TYPE_VALID_MASK = 0x00000003
+
+	FILE_PIPE_BYTE_STREAM_MODE = 0x00000000
+	FILE_PIPE_MESSAGE_MODE     = 0x00000001
+
+	FILE_PIPE_QUEUE_OPERATION    = 0x00000000
+	FILE_PIPE_COMPLETE_OPERATION = 0x00000001
+
+	FILE_PIPE_INBOUND     = 0x00000000
+	FILE_PIPE_OUTBOUND    = 0x00000001
+	FILE_PIPE_FULL_DUPLEX = 0x00000002
+
+	FILE_PIPE_DISCONNECTED_STATE = 0x00000001
+	FILE_PIPE_LISTENING_STATE    = 0x00000002
+	FILE_PIPE_CONNECTED_STATE    = 0x00000003
+	FILE_PIPE_CLOSING_STATE      = 0x00000004
+
+	FILE_PIPE_CLIENT_END = 0x00000000
+	FILE_PIPE_SERVER_END = 0x00000001
+)
+
+const (
+	// FileInformationClass for NtSetInformationFile
+	FileBasicInformation                         = 4
+	FileRenameInformation                        = 10
+	FileDispositionInformation                   = 13
+	FilePositionInformation                      = 14
+	FileEndOfFileInformation                     = 20
+	FileValidDataLengthInformation               = 39
+	FileShortNameInformation                     = 40
+	FileIoPriorityHintInformation                = 43
+	FileReplaceCompletionInformation             = 61
+	FileDispositionInformationEx                 = 64
+	FileCaseSensitiveInformation                 = 71
+	FileLinkInformation                          = 72
+	FileCaseSensitiveInformationForceAccessCheck = 75
+	FileKnownFolderInformation                   = 76
+
+	// Flags for FILE_RENAME_INFORMATION
+	FILE_RENAME_REPLACE_IF_EXISTS                    = 0x00000001
+	FILE_RENAME_POSIX_SEMANTICS                      = 0x00000002
+	FILE_RENAME_SUPPRESS_PIN_STATE_INHERITANCE       = 0x00000004
+	FILE_RENAME_SUPPRESS_STORAGE_RESERVE_INHERITANCE = 0x00000008
+	FILE_RENAME_NO_INCREASE_AVAILABLE_SPACE          = 0x00000010
+	FILE_RENAME_NO_DECREASE_AVAILABLE_SPACE          = 0x00000020
+	FILE_RENAME_PRESERVE_AVAILABLE_SPACE             = 0x00000030
+	FILE_RENAME_IGNORE_READONLY_ATTRIBUTE            = 0x00000040
+	FILE_RENAME_FORCE_RESIZE_TARGET_SR               = 0x00000080
+	FILE_RENAME_FORCE_RESIZE_SOURCE_SR               = 0x00000100
+	FILE_RENAME_FORCE_RESIZE_SR                      = 0x00000180
+
+	// Flags for FILE_DISPOSITION_INFORMATION_EX
+	FILE_DISPOSITION_DO_NOT_DELETE             = 0x00000000
+	FILE_DISPOSITION_DELETE                    = 0x00000001
+	FILE_DISPOSITION_POSIX_SEMANTICS           = 0x00000002
+	FILE_DISPOSITION_FORCE_IMAGE_SECTION_CHECK = 0x00000004
+	FILE_DISPOSITION_ON_CLOSE                  = 0x00000008
+	FILE_DISPOSITION_IGNORE_READONLY_ATTRIBUTE = 0x00000010
+
+	// Flags for FILE_CASE_SENSITIVE_INFORMATION
+	FILE_CS_FLAG_CASE_SENSITIVE_DIR = 0x00000001
+
+	// Flags for FILE_LINK_INFORMATION
+	FILE_LINK_REPLACE_IF_EXISTS                    = 0x00000001
+	FILE_LINK_POSIX_SEMANTICS                      = 0x00000002
+	FILE_LINK_SUPPRESS_STORAGE_RESERVE_INHERITANCE = 0x00000008
+	FILE_LINK_NO_INCREASE_AVAILABLE_SPACE          = 0x00000010
+	FILE_LINK_NO_DECREASE_AVAILABLE_SPACE          = 0x00000020
+	FILE_LINK_PRESERVE_AVAILABLE_SPACE             = 0x00000030
+	FILE_LINK_IGNORE_READONLY_ATTRIBUTE            = 0x00000040
+	FILE_LINK_FORCE_RESIZE_TARGET_SR               = 0x00000080
+	FILE_LINK_FORCE_RESIZE_SOURCE_SR               = 0x00000100
+	FILE_LINK_FORCE_RESIZE_SR                      = 0x00000180
+)
+
+// ProcessInformationClasses for NtQueryInformationProcess and NtSetInformationProcess.
+const (
+	ProcessBasicInformation = iota
+	ProcessQuotaLimits
+	ProcessIoCounters
+	ProcessVmCounters
+	ProcessTimes
+	ProcessBasePriority
+	ProcessRaisePriority
+	ProcessDebugPort
+	ProcessExceptionPort
+	ProcessAccessToken
+	ProcessLdtInformation
+	ProcessLdtSize
+	ProcessDefaultHardErrorMode
+	ProcessIoPortHandlers
+	ProcessPooledUsageAndLimits
+	ProcessWorkingSetWatch
+	ProcessUserModeIOPL
+	ProcessEnableAlignmentFaultFixup
+	ProcessPriorityClass
+	ProcessWx86Information
+	ProcessHandleCount
+	ProcessAffinityMask
+	ProcessPriorityBoost
+	ProcessDeviceMap
+	ProcessSessionInformation
+	ProcessForegroundInformation
+	ProcessWow64Information
+	ProcessImageFileName
+	ProcessLUIDDeviceMapsEnabled
+	ProcessBreakOnTermination
+	ProcessDebugObjectHandle
+	ProcessDebugFlags
+	ProcessHandleTracing
+	ProcessIoPriority
+	ProcessExecuteFlags
+	ProcessTlsInformation
+	ProcessCookie
+	ProcessImageInformation
+	ProcessCycleTime
+	ProcessPagePriority
+	ProcessInstrumentationCallback
+	ProcessThreadStackAllocation
+	ProcessWorkingSetWatchEx
+	ProcessImageFileNameWin32
+	ProcessImageFileMapping
+	ProcessAffinityUpdateMode
+	ProcessMemoryAllocationMode
+	ProcessGroupInformation
+	ProcessTokenVirtualizationEnabled
+	ProcessConsoleHostProcess
+	ProcessWindowInformation
+	ProcessHandleInformation
+	ProcessMitigationPolicy
+	ProcessDynamicFunctionTableInformation
+	ProcessHandleCheckingMode
+	ProcessKeepAliveCount
+	ProcessRevokeFileHandles
+	ProcessWorkingSetControl
+	ProcessHandleTable
+	ProcessCheckStackExtentsMode
+	ProcessCommandLineInformation
+	ProcessProtectionInformation
+	ProcessMemoryExhaustion
+	ProcessFaultInformation
+	ProcessTelemetryIdInformation
+	ProcessCommitReleaseInformation
+	ProcessDefaultCpuSetsInformation
+	ProcessAllowedCpuSetsInformation
+	ProcessSubsystemProcess
+	ProcessJobMemoryInformation
+	ProcessInPrivate
+	ProcessRaiseUMExceptionOnInvalidHandleClose
+	ProcessIumChallengeResponse
+	ProcessChildProcessInformation
+	ProcessHighGraphicsPriorityInformation
+	ProcessSubsystemInformation
+	ProcessEnergyValues
+	ProcessActivityThrottleState
+	ProcessActivityThrottlePolicy
+	ProcessWin32kSyscallFilterInformation
+	ProcessDisableSystemAllowedCpuSets
+	ProcessWakeInformation
+	ProcessEnergyTrackingState
+	ProcessManageWritesToExecutableMemory
+	ProcessCaptureTrustletLiveDump
+	ProcessTelemetryCoverage
+	ProcessEnclaveInformation
+	ProcessEnableReadWriteVmLogging
+	ProcessUptimeInformation
+	ProcessImageSection
+	ProcessDebugAuthInformation
+	ProcessSystemResourceManagement
+	ProcessSequenceNumber
+	ProcessLoaderDetour
+	ProcessSecurityDomainInformation
+	ProcessCombineSecurityDomainsInformation
+	ProcessEnableLogging
+	ProcessLeapSecondInformation
+	ProcessFiberShadowStackAllocation
+	ProcessFreeFiberShadowStackAllocation
+	ProcessAltSystemCallInformation
+	ProcessDynamicEHContinuationTargets
+	ProcessDynamicEnforcedCetCompatibleRanges
+)
+
+type PROCESS_BASIC_INFORMATION struct {
+	ExitStatus                   NTStatus
+	PebBaseAddress               *PEB
+	AffinityMask                 uintptr
+	BasePriority                 int32
+	UniqueProcessId              uintptr
+	InheritedFromUniqueProcessId uintptr
+}
+
+type SYSTEM_PROCESS_INFORMATION struct {
+	NextEntryOffset              uint32
+	NumberOfThreads              uint32
+	WorkingSetPrivateSize        int64
+	HardFaultCount               uint32
+	NumberOfThreadsHighWatermark uint32
+	CycleTime                    uint64
+	CreateTime                   int64
+	UserTime                     int64
+	KernelTime                   int64
+	ImageName                    NTUnicodeString
+	BasePriority                 int32
+	UniqueProcessID              uintptr
+	InheritedFromUniqueProcessID uintptr
+	HandleCount                  uint32
+	SessionID                    uint32
+	UniqueProcessKey             *uint32
+	PeakVirtualSize              uintptr
+	VirtualSize                  uintptr
+	PageFaultCount               uint32
+	PeakWorkingSetSize           uintptr
+	WorkingSetSize               uintptr
+	QuotaPeakPagedPoolUsage      uintptr
+	QuotaPagedPoolUsage          uintptr
+	QuotaPeakNonPagedPoolUsage   uintptr
+	QuotaNonPagedPoolUsage       uintptr
+	PagefileUsage                uintptr
+	PeakPagefileUsage            uintptr
+	PrivatePageCount             uintptr
+	ReadOperationCount           int64
+	WriteOperationCount          int64
+	OtherOperationCount          int64
+	ReadTransferCount            int64
+	WriteTransferCount           int64
+	OtherTransferCount           int64
+}
+
+// SystemInformationClasses for NtQuerySystemInformation and NtSetSystemInformation
+const (
+	SystemBasicInformation = iota
+	SystemProcessorInformation
+	SystemPerformanceInformation
+	SystemTimeOfDayInformation
+	SystemPathInformation
+	SystemProcessInformation
+	SystemCallCountInformation
+	SystemDeviceInformation
+	SystemProcessorPerformanceInformation
+	SystemFlagsInformation
+	SystemCallTimeInformation
+	SystemModuleInformation
+	SystemLocksInformation
+	SystemStackTraceInformation
+	SystemPagedPoolInformation
+	SystemNonPagedPoolInformation
+	SystemHandleInformation
+	SystemObjectInformation
+	SystemPageFileInformation
+	SystemVdmInstemulInformation
+	SystemVdmBopInformation
+	SystemFileCacheInformation
+	SystemPoolTagInformation
+	SystemInterruptInformation
+	SystemDpcBehaviorInformation
+	SystemFullMemoryInformation
+	SystemLoadGdiDriverInformation
+	SystemUnloadGdiDriverInformation
+	SystemTimeAdjustmentInformation
+	SystemSummaryMemoryInformation
+	SystemMirrorMemoryInformation
+	SystemPerformanceTraceInformation
+	systemObsolete0
+	SystemExceptionInformation
+	SystemCrashDumpStateInformation
+	SystemKernelDebuggerInformation
+	SystemContextSwitchInformation
+	SystemRegistryQuotaInformation
+	SystemExtendServiceTableInformation
+	SystemPrioritySeperation
+	SystemVerifierAddDriverInformation
+	SystemVerifierRemoveDriverInformation
+	SystemProcessorIdleInformation
+	SystemLegacyDriverInformation
+	SystemCurrentTimeZoneInformation
+	SystemLookasideInformation
+	SystemTimeSlipNotification
+	SystemSessionCreate
+	SystemSessionDetach
+	SystemSessionInformation
+	SystemRangeStartInformation
+	SystemVerifierInformation
+	SystemVerifierThunkExtend
+	SystemSessionProcessInformation
+	SystemLoadGdiDriverInSystemSpace
+	SystemNumaProcessorMap
+	SystemPrefetcherInformation
+	SystemExtendedProcessInformation
+	SystemRecommendedSharedDataAlignment
+	SystemComPlusPackage
+	SystemNumaAvailableMemory
+	SystemProcessorPowerInformation
+	SystemEmulationBasicInformation
+	SystemEmulationProcessorInformation
+	SystemExtendedHandleInformation
+	SystemLostDelayedWriteInformation
+	SystemBigPoolInformation
+	SystemSessionPoolTagInformation
+	SystemSessionMappedViewInformation
+	SystemHotpatchInformation
+	SystemObjectSecurityMode
+	SystemWatchdogTimerHandler
+	SystemWatchdogTimerInformation
+	SystemLogicalProcessorInformation
+	SystemWow64SharedInformationObsolete
+	SystemRegisterFirmwareTableInformationHandler
+	SystemFirmwareTableInformation
+	SystemModuleInformationEx
+	SystemVerifierTriageInformation
+	SystemSuperfetchInformation
+	SystemMemoryListInformation
+	SystemFileCacheInformationEx
+	SystemThreadPriorityClientIdInformation
+	SystemProcessorIdleCycleTimeInformation
+	SystemVerifierCancellationInformation
+	SystemProcessorPowerInformationEx
+	SystemRefTraceInformation
+	SystemSpecialPoolInformation
+	SystemProcessIdInformation
+	SystemErrorPortInformation
+	SystemBootEnvironmentInformation
+	SystemHypervisorInformation
+	SystemVerifierInformationEx
+	SystemTimeZoneInformation
+	SystemImageFileExecutionOptionsInformation
+	SystemCoverageInformation
+	SystemPrefetchPatchInformation
+	SystemVerifierFaultsInformation
+	SystemSystemPartitionInformation
+	SystemSystemDiskInformation
+	SystemProcessorPerformanceDistribution
+	SystemNumaProximityNodeInformation
+	SystemDynamicTimeZoneInformation
+	SystemCodeIntegrityInformation
+	SystemProcessorMicrocodeUpdateInformation
+	SystemProcessorBrandString
+	SystemVirtualAddressInformation
+	SystemLogicalProcessorAndGroupInformation
+	SystemProcessorCycleTimeInformation
+	SystemStoreInformation
+	SystemRegistryAppendString
+	SystemAitSamplingValue
+	SystemVhdBootInformation
+	SystemCpuQuotaInformation
+	SystemNativeBasicInformation
+	systemSpare1
+	SystemLowPriorityIoInformation
+	SystemTpmBootEntropyInformation
+	SystemVerifierCountersInformation
+	SystemPagedPoolInformationEx
+	SystemSystemPtesInformationEx
+	SystemNodeDistanceInformation
+	SystemAcpiAuditInformation
+	SystemBasicPerformanceInformation
+	SystemQueryPerformanceCounterInformation
+	SystemSessionBigPoolInformation
+	SystemBootGraphicsInformation
+	SystemScrubPhysicalMemoryInformation
+	SystemBadPageInformation
+	SystemProcessorProfileControlArea
+	SystemCombinePhysicalMemoryInformation
+	SystemEntropyInterruptTimingCallback
+	SystemConsoleInformation
+	SystemPlatformBinaryInformation
+	SystemThrottleNotificationInformation
+	SystemHypervisorProcessorCountInformation
+	SystemDeviceDataInformation
+	SystemDeviceDataEnumerationInformation
+	SystemMemoryTopologyInformation
+	SystemMemoryChannelInformation
+	SystemBootLogoInformation
+	SystemProcessorPerformanceInformationEx
+	systemSpare0
+	SystemSecureBootPolicyInformation
+	SystemPageFileInformationEx
+	SystemSecureBootInformation
+	SystemEntropyInterruptTimingRawInformation
+	SystemPortableWorkspaceEfiLauncherInformation
+	SystemFullProcessInformation
+	SystemKernelDebuggerInformationEx
+	SystemBootMetadataInformation
+	SystemSoftRebootInformation
+	SystemElamCertificateInformation
+	SystemOfflineDumpConfigInformation
+	SystemProcessorFeaturesInformation
+	SystemRegistryReconciliationInformation
+	SystemEdidInformation
+	SystemManufacturingInformation
+	SystemEnergyEstimationConfigInformation
+	SystemHypervisorDetailInformation
+	SystemProcessorCycleStatsInformation
+	SystemVmGenerationCountInformation
+	SystemTrustedPlatformModuleInformation
+	SystemKernelDebuggerFlags
+	SystemCodeIntegrityPolicyInformation
+	SystemIsolatedUserModeInformation
+	SystemHardwareSecurityTestInterfaceResultsInformation
+	SystemSingleModuleInformation
+	SystemAllowedCpuSetsInformation
+	SystemDmaProtectionInformation
+	SystemInterruptCpuSetsInformation
+	SystemSecureBootPolicyFullInformation
+	SystemCodeIntegrityPolicyFullInformation
+	SystemAffinitizedInterruptProcessorInformation
+	SystemRootSiloInformation
+)
+
+type RTL_PROCESS_MODULE_INFORMATION struct {
+	Section          Handle
+	MappedBase       uintptr
+	ImageBase        uintptr
+	ImageSize        uint32
+	Flags            uint32
+	LoadOrderIndex   uint16
+	InitOrderIndex   uint16
+	LoadCount        uint16
+	OffsetToFileName uint16
+	FullPathName     [256]byte
+}
+
+type RTL_PROCESS_MODULES struct {
+	NumberOfModules uint32
+	Modules         [1]RTL_PROCESS_MODULE_INFORMATION
+}
+
+// Constants for LocalAlloc flags.
+const (
+	LMEM_FIXED          = 0x0
+	LMEM_MOVEABLE       = 0x2
+	LMEM_NOCOMPACT      = 0x10
+	LMEM_NODISCARD      = 0x20
+	LMEM_ZEROINIT       = 0x40
+	LMEM_MODIFY         = 0x80
+	LMEM_DISCARDABLE    = 0xf00
+	LMEM_VALID_FLAGS    = 0xf72
+	LMEM_INVALID_HANDLE = 0x8000
+	LHND                = LMEM_MOVEABLE | LMEM_ZEROINIT
+	LPTR                = LMEM_FIXED | LMEM_ZEROINIT
+	NONZEROLHND         = LMEM_MOVEABLE
+	NONZEROLPTR         = LMEM_FIXED
+)
+
+// Constants for the CreateNamedPipe-family of functions.
+const (
+	PIPE_ACCESS_INBOUND  = 0x1
+	PIPE_ACCESS_OUTBOUND = 0x2
+	PIPE_ACCESS_DUPLEX   = 0x3
+
+	PIPE_CLIENT_END = 0x0
+	PIPE_SERVER_END = 0x1
+
+	PIPE_WAIT                  = 0x0
+	PIPE_NOWAIT                = 0x1
+	PIPE_READMODE_BYTE         = 0x0
+	PIPE_READMODE_MESSAGE      = 0x2
+	PIPE_TYPE_BYTE             = 0x0
+	PIPE_TYPE_MESSAGE          = 0x4
+	PIPE_ACCEPT_REMOTE_CLIENTS = 0x0
+	PIPE_REJECT_REMOTE_CLIENTS = 0x8
+
+	PIPE_UNLIMITED_INSTANCES = 255
+)
+
+// Constants for security attributes when opening named pipes.
+const (
+	SECURITY_ANONYMOUS      = SecurityAnonymous << 16
+	SECURITY_IDENTIFICATION = SecurityIdentification << 16
+	SECURITY_IMPERSONATION  = SecurityImpersonation << 16
+	SECURITY_DELEGATION     = SecurityDelegation << 16
+
+	SECURITY_CONTEXT_TRACKING = 0x40000
+	SECURITY_EFFECTIVE_ONLY   = 0x80000
+
+	SECURITY_SQOS_PRESENT     = 0x100000
+	SECURITY_VALID_SQOS_FLAGS = 0x1f0000
+)
+
+// ResourceID represents a 16-bit resource identifier, traditionally created with the MAKEINTRESOURCE macro.
+type ResourceID uint16
+
+// ResourceIDOrString must be either a ResourceID, to specify a resource or resource type by ID,
+// or a string, to specify a resource or resource type by name.
+type ResourceIDOrString interface{}
+
+// Predefined resource names and types.
+var (
+	// Predefined names.
+	CREATEPROCESS_MANIFEST_RESOURCE_ID                 ResourceID = 1
+	ISOLATIONAWARE_MANIFEST_RESOURCE_ID                ResourceID = 2
+	ISOLATIONAWARE_NOSTATICIMPORT_MANIFEST_RESOURCE_ID ResourceID = 3
+	ISOLATIONPOLICY_MANIFEST_RESOURCE_ID               ResourceID = 4
+	ISOLATIONPOLICY_BROWSER_MANIFEST_RESOURCE_ID       ResourceID = 5
+	MINIMUM_RESERVED_MANIFEST_RESOURCE_ID              ResourceID = 1  // inclusive
+	MAXIMUM_RESERVED_MANIFEST_RESOURCE_ID              ResourceID = 16 // inclusive
+
+	// Predefined types.
+	RT_CURSOR       ResourceID = 1
+	RT_BITMAP       ResourceID = 2
+	RT_ICON         ResourceID = 3
+	RT_MENU         ResourceID = 4
+	RT_DIALOG       ResourceID = 5
+	RT_STRING       ResourceID = 6
+	RT_FONTDIR      ResourceID = 7
+	RT_FONT         ResourceID = 8
+	RT_ACCELERATOR  ResourceID = 9
+	RT_RCDATA       ResourceID = 10
+	RT_MESSAGETABLE ResourceID = 11
+	RT_GROUP_CURSOR ResourceID = 12
+	RT_GROUP_ICON   ResourceID = 14
+	RT_VERSION      ResourceID = 16
+	RT_DLGINCLUDE   ResourceID = 17
+	RT_PLUGPLAY     ResourceID = 19
+	RT_VXD          ResourceID = 20
+	RT_ANICURSOR    ResourceID = 21
+	RT_ANIICON      ResourceID = 22
+	RT_HTML         ResourceID = 23
+	RT_MANIFEST     ResourceID = 24
+)
+
+type VS_FIXEDFILEINFO struct {
+	Signature        uint32
+	StrucVersion     uint32
+	FileVersionMS    uint32
+	FileVersionLS    uint32
+	ProductVersionMS uint32
+	ProductVersionLS uint32
+	FileFlagsMask    uint32
+	FileFlags        uint32
+	FileOS           uint32
+	FileType         uint32
+	FileSubtype      uint32
+	FileDateMS       uint32
+	FileDateLS       uint32
+}
+
+type COAUTHIDENTITY struct {
+	User           *uint16
+	UserLength     uint32
+	Domain         *uint16
+	DomainLength   uint32
+	Password       *uint16
+	PasswordLength uint32
+	Flags          uint32
+}
+
+type COAUTHINFO struct {
+	AuthnSvc           uint32
+	AuthzSvc           uint32
+	ServerPrincName    *uint16
+	AuthnLevel         uint32
+	ImpersonationLevel uint32
+	AuthIdentityData   *COAUTHIDENTITY
+	Capabilities       uint32
+}
+
+type COSERVERINFO struct {
+	Reserved1 uint32
+	Aame      *uint16
+	AuthInfo  *COAUTHINFO
+	Reserved2 uint32
+}
+
+type BIND_OPTS3 struct {
+	CbStruct          uint32
+	Flags             uint32
+	Mode              uint32
+	TickCountDeadline uint32
+	TrackFlags        uint32
+	ClassContext      uint32
+	Locale            uint32
+	ServerInfo        *COSERVERINFO
+	Hwnd              HWND
+}
+
+const (
+	CLSCTX_INPROC_SERVER          = 0x1
+	CLSCTX_INPROC_HANDLER         = 0x2
+	CLSCTX_LOCAL_SERVER           = 0x4
+	CLSCTX_INPROC_SERVER16        = 0x8
+	CLSCTX_REMOTE_SERVER          = 0x10
+	CLSCTX_INPROC_HANDLER16       = 0x20
+	CLSCTX_RESERVED1              = 0x40
+	CLSCTX_RESERVED2              = 0x80
+	CLSCTX_RESERVED3              = 0x100
+	CLSCTX_RESERVED4              = 0x200
+	CLSCTX_NO_CODE_DOWNLOAD       = 0x400
+	CLSCTX_RESERVED5              = 0x800
+	CLSCTX_NO_CUSTOM_MARSHAL      = 0x1000
+	CLSCTX_ENABLE_CODE_DOWNLOAD   = 0x2000
+	CLSCTX_NO_FAILURE_LOG         = 0x4000
+	CLSCTX_DISABLE_AAA            = 0x8000
+	CLSCTX_ENABLE_AAA             = 0x10000
+	CLSCTX_FROM_DEFAULT_CONTEXT   = 0x20000
+	CLSCTX_ACTIVATE_32_BIT_SERVER = 0x40000
+	CLSCTX_ACTIVATE_64_BIT_SERVER = 0x80000
+	CLSCTX_ENABLE_CLOAKING        = 0x100000
+	CLSCTX_APPCONTAINER           = 0x400000
+	CLSCTX_ACTIVATE_AAA_AS_IU     = 0x800000
+	CLSCTX_PS_DLL                 = 0x80000000
+
+	COINIT_MULTITHREADED     = 0x0
+	COINIT_APARTMENTTHREADED = 0x2
+	COINIT_DISABLE_OLE1DDE   = 0x4
+	COINIT_SPEED_OVER_MEMORY = 0x8
+)
+
+// Flag for QueryFullProcessImageName.
+const PROCESS_NAME_NATIVE = 1
+
+type ModuleInfo struct {
+	BaseOfDll   uintptr
+	SizeOfImage uint32
+	EntryPoint  uintptr
+}
+
+const ALL_PROCESSOR_GROUPS = 0xFFFF
+
+type Rect struct {
+	Left   int32
+	Top    int32
+	Right  int32
+	Bottom int32
+}
+
+type GUIThreadInfo struct {
+	Size        uint32
+	Flags       uint32
+	Active      HWND
+	Focus       HWND
+	Capture     HWND
+	MenuOwner   HWND
+	MoveSize    HWND
+	CaretHandle HWND
+	CaretRect   Rect
+}
+
+const (
+	DWMWA_NCRENDERING_ENABLED            = 1
+	DWMWA_NCRENDERING_POLICY             = 2
+	DWMWA_TRANSITIONS_FORCEDISABLED      = 3
+	DWMWA_ALLOW_NCPAINT                  = 4
+	DWMWA_CAPTION_BUTTON_BOUNDS          = 5
+	DWMWA_NONCLIENT_RTL_LAYOUT           = 6
+	DWMWA_FORCE_ICONIC_REPRESENTATION    = 7
+	DWMWA_FLIP3D_POLICY                  = 8
+	DWMWA_EXTENDED_FRAME_BOUNDS          = 9
+	DWMWA_HAS_ICONIC_BITMAP              = 10
+	DWMWA_DISALLOW_PEEK                  = 11
+	DWMWA_EXCLUDED_FROM_PEEK             = 12
+	DWMWA_CLOAK                          = 13
+	DWMWA_CLOAKED                        = 14
+	DWMWA_FREEZE_REPRESENTATION          = 15
+	DWMWA_PASSIVE_UPDATE_MODE            = 16
+	DWMWA_USE_HOSTBACKDROPBRUSH          = 17
+	DWMWA_USE_IMMERSIVE_DARK_MODE        = 20
+	DWMWA_WINDOW_CORNER_PREFERENCE       = 33
+	DWMWA_BORDER_COLOR                   = 34
+	DWMWA_CAPTION_COLOR                  = 35
+	DWMWA_TEXT_COLOR                     = 36
+	DWMWA_VISIBLE_FRAME_BORDER_THICKNESS = 37
+)
+
+type WSAQUERYSET struct {
+	Size                uint32
+	ServiceInstanceName *uint16
+	ServiceClassId      *GUID
+	Version             *WSAVersion
+	Comment             *uint16
+	NameSpace           uint32
+	NSProviderId        *GUID
+	Context             *uint16
+	NumberOfProtocols   uint32
+	AfpProtocols        *AFProtocols
+	QueryString         *uint16
+	NumberOfCsAddrs     uint32
+	SaBuffer            *CSAddrInfo
+	OutputFlags         uint32
+	Blob                *BLOB
+}
+
+type WSAVersion struct {
+	Version                 uint32
+	EnumerationOfComparison int32
+}
+
+type AFProtocols struct {
+	AddressFamily int32
+	Protocol      int32
+}
+
+type CSAddrInfo struct {
+	LocalAddr  SocketAddress
+	RemoteAddr SocketAddress
+	SocketType int32
+	Protocol   int32
+}
+
+type BLOB struct {
+	Size     uint32
+	BlobData *byte
+}
+
+type ComStat struct {
+	Flags    uint32
+	CBInQue  uint32
+	CBOutQue uint32
+}
+
+type DCB struct {
+	DCBlength  uint32
+	BaudRate   uint32
+	Flags      uint32
+	wReserved  uint16
+	XonLim     uint16
+	XoffLim    uint16
+	ByteSize   uint8
+	Parity     uint8
+	StopBits   uint8
+	XonChar    byte
+	XoffChar   byte
+	ErrorChar  byte
+	EofChar    byte
+	EvtChar    byte
+	wReserved1 uint16
+}
+
+// Keyboard Layout Flags.
+// See https://learn.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-loadkeyboardlayoutw
+const (
+	KLF_ACTIVATE      = 0x00000001
+	KLF_SUBSTITUTE_OK = 0x00000002
+	KLF_REORDER       = 0x00000008
+	KLF_REPLACELANG   = 0x00000010
+	KLF_NOTELLSHELL   = 0x00000080
+	KLF_SETFORPROCESS = 0x00000100
+)
diff --git a/server/vendor/golang.org/x/sys/windows/types_windows_386.go b/server/vendor/golang.org/x/sys/windows/types_windows_386.go
new file mode 100644
index 0000000..8bce3e2
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/types_windows_386.go
@@ -0,0 +1,35 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+type WSAData struct {
+	Version      uint16
+	HighVersion  uint16
+	Description  [WSADESCRIPTION_LEN + 1]byte
+	SystemStatus [WSASYS_STATUS_LEN + 1]byte
+	MaxSockets   uint16
+	MaxUdpDg     uint16
+	VendorInfo   *byte
+}
+
+type Servent struct {
+	Name    *byte
+	Aliases **byte
+	Port    uint16
+	Proto   *byte
+}
+
+type JOBOBJECT_BASIC_LIMIT_INFORMATION struct {
+	PerProcessUserTimeLimit int64
+	PerJobUserTimeLimit     int64
+	LimitFlags              uint32
+	MinimumWorkingSetSize   uintptr
+	MaximumWorkingSetSize   uintptr
+	ActiveProcessLimit      uint32
+	Affinity                uintptr
+	PriorityClass           uint32
+	SchedulingClass         uint32
+	_                       uint32 // pad to 8 byte boundary
+}
diff --git a/server/vendor/golang.org/x/sys/windows/types_windows_amd64.go b/server/vendor/golang.org/x/sys/windows/types_windows_amd64.go
new file mode 100644
index 0000000..fdddc0c
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/types_windows_amd64.go
@@ -0,0 +1,34 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+type WSAData struct {
+	Version      uint16
+	HighVersion  uint16
+	MaxSockets   uint16
+	MaxUdpDg     uint16
+	VendorInfo   *byte
+	Description  [WSADESCRIPTION_LEN + 1]byte
+	SystemStatus [WSASYS_STATUS_LEN + 1]byte
+}
+
+type Servent struct {
+	Name    *byte
+	Aliases **byte
+	Proto   *byte
+	Port    uint16
+}
+
+type JOBOBJECT_BASIC_LIMIT_INFORMATION struct {
+	PerProcessUserTimeLimit int64
+	PerJobUserTimeLimit     int64
+	LimitFlags              uint32
+	MinimumWorkingSetSize   uintptr
+	MaximumWorkingSetSize   uintptr
+	ActiveProcessLimit      uint32
+	Affinity                uintptr
+	PriorityClass           uint32
+	SchedulingClass         uint32
+}
diff --git a/server/vendor/golang.org/x/sys/windows/types_windows_arm.go b/server/vendor/golang.org/x/sys/windows/types_windows_arm.go
new file mode 100644
index 0000000..321872c
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/types_windows_arm.go
@@ -0,0 +1,35 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+type WSAData struct {
+	Version      uint16
+	HighVersion  uint16
+	Description  [WSADESCRIPTION_LEN + 1]byte
+	SystemStatus [WSASYS_STATUS_LEN + 1]byte
+	MaxSockets   uint16
+	MaxUdpDg     uint16
+	VendorInfo   *byte
+}
+
+type Servent struct {
+	Name    *byte
+	Aliases **byte
+	Port    uint16
+	Proto   *byte
+}
+
+type JOBOBJECT_BASIC_LIMIT_INFORMATION struct {
+	PerProcessUserTimeLimit int64
+	PerJobUserTimeLimit     int64
+	LimitFlags              uint32
+	MinimumWorkingSetSize   uintptr
+	MaximumWorkingSetSize   uintptr
+	ActiveProcessLimit      uint32
+	Affinity                uintptr
+	PriorityClass           uint32
+	SchedulingClass         uint32
+	_                       uint32 // pad to 8 byte boundary
+}
diff --git a/server/vendor/golang.org/x/sys/windows/types_windows_arm64.go b/server/vendor/golang.org/x/sys/windows/types_windows_arm64.go
new file mode 100644
index 0000000..fdddc0c
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/types_windows_arm64.go
@@ -0,0 +1,34 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package windows
+
+type WSAData struct {
+	Version      uint16
+	HighVersion  uint16
+	MaxSockets   uint16
+	MaxUdpDg     uint16
+	VendorInfo   *byte
+	Description  [WSADESCRIPTION_LEN + 1]byte
+	SystemStatus [WSASYS_STATUS_LEN + 1]byte
+}
+
+type Servent struct {
+	Name    *byte
+	Aliases **byte
+	Proto   *byte
+	Port    uint16
+}
+
+type JOBOBJECT_BASIC_LIMIT_INFORMATION struct {
+	PerProcessUserTimeLimit int64
+	PerJobUserTimeLimit     int64
+	LimitFlags              uint32
+	MinimumWorkingSetSize   uintptr
+	MaximumWorkingSetSize   uintptr
+	ActiveProcessLimit      uint32
+	Affinity                uintptr
+	PriorityClass           uint32
+	SchedulingClass         uint32
+}
diff --git a/server/vendor/golang.org/x/sys/windows/zerrors_windows.go b/server/vendor/golang.org/x/sys/windows/zerrors_windows.go
new file mode 100644
index 0000000..0cf658f
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/zerrors_windows.go
@@ -0,0 +1,9468 @@
+// Code generated by 'mkerrors.bash'; DO NOT EDIT.
+
+package windows
+
+import "syscall"
+
+const (
+	FACILITY_NULL                                                                           = 0
+	FACILITY_RPC                                                                            = 1
+	FACILITY_DISPATCH                                                                       = 2
+	FACILITY_STORAGE                                                                        = 3
+	FACILITY_ITF                                                                            = 4
+	FACILITY_WIN32                                                                          = 7
+	FACILITY_WINDOWS                                                                        = 8
+	FACILITY_SSPI                                                                           = 9
+	FACILITY_SECURITY                                                                       = 9
+	FACILITY_CONTROL                                                                        = 10
+	FACILITY_CERT                                                                           = 11
+	FACILITY_INTERNET                                                                       = 12
+	FACILITY_MEDIASERVER                                                                    = 13
+	FACILITY_MSMQ                                                                           = 14
+	FACILITY_SETUPAPI                                                                       = 15
+	FACILITY_SCARD                                                                          = 16
+	FACILITY_COMPLUS                                                                        = 17
+	FACILITY_AAF                                                                            = 18
+	FACILITY_URT                                                                            = 19
+	FACILITY_ACS                                                                            = 20
+	FACILITY_DPLAY                                                                          = 21
+	FACILITY_UMI                                                                            = 22
+	FACILITY_SXS                                                                            = 23
+	FACILITY_WINDOWS_CE                                                                     = 24
+	FACILITY_HTTP                                                                           = 25
+	FACILITY_USERMODE_COMMONLOG                                                             = 26
+	FACILITY_WER                                                                            = 27
+	FACILITY_USERMODE_FILTER_MANAGER                                                        = 31
+	FACILITY_BACKGROUNDCOPY                                                                 = 32
+	FACILITY_CONFIGURATION                                                                  = 33
+	FACILITY_WIA                                                                            = 33
+	FACILITY_STATE_MANAGEMENT                                                               = 34
+	FACILITY_METADIRECTORY                                                                  = 35
+	FACILITY_WINDOWSUPDATE                                                                  = 36
+	FACILITY_DIRECTORYSERVICE                                                               = 37
+	FACILITY_GRAPHICS                                                                       = 38
+	FACILITY_SHELL                                                                          = 39
+	FACILITY_NAP                                                                            = 39
+	FACILITY_TPM_SERVICES                                                                   = 40
+	FACILITY_TPM_SOFTWARE                                                                   = 41
+	FACILITY_UI                                                                             = 42
+	FACILITY_XAML                                                                           = 43
+	FACILITY_ACTION_QUEUE                                                                   = 44
+	FACILITY_PLA                                                                            = 48
+	FACILITY_WINDOWS_SETUP                                                                  = 48
+	FACILITY_FVE                                                                            = 49
+	FACILITY_FWP                                                                            = 50
+	FACILITY_WINRM                                                                          = 51
+	FACILITY_NDIS                                                                           = 52
+	FACILITY_USERMODE_HYPERVISOR                                                            = 53
+	FACILITY_CMI                                                                            = 54
+	FACILITY_USERMODE_VIRTUALIZATION                                                        = 55
+	FACILITY_USERMODE_VOLMGR                                                                = 56
+	FACILITY_BCD                                                                            = 57
+	FACILITY_USERMODE_VHD                                                                   = 58
+	FACILITY_USERMODE_HNS                                                                   = 59
+	FACILITY_SDIAG                                                                          = 60
+	FACILITY_WEBSERVICES                                                                    = 61
+	FACILITY_WINPE                                                                          = 61
+	FACILITY_WPN                                                                            = 62
+	FACILITY_WINDOWS_STORE                                                                  = 63
+	FACILITY_INPUT                                                                          = 64
+	FACILITY_EAP                                                                            = 66
+	FACILITY_WINDOWS_DEFENDER                                                               = 80
+	FACILITY_OPC                                                                            = 81
+	FACILITY_XPS                                                                            = 82
+	FACILITY_MBN                                                                            = 84
+	FACILITY_POWERSHELL                                                                     = 84
+	FACILITY_RAS                                                                            = 83
+	FACILITY_P2P_INT                                                                        = 98
+	FACILITY_P2P                                                                            = 99
+	FACILITY_DAF                                                                            = 100
+	FACILITY_BLUETOOTH_ATT                                                                  = 101
+	FACILITY_AUDIO                                                                          = 102
+	FACILITY_STATEREPOSITORY                                                                = 103
+	FACILITY_VISUALCPP                                                                      = 109
+	FACILITY_SCRIPT                                                                         = 112
+	FACILITY_PARSE                                                                          = 113
+	FACILITY_BLB                                                                            = 120
+	FACILITY_BLB_CLI                                                                        = 121
+	FACILITY_WSBAPP                                                                         = 122
+	FACILITY_BLBUI                                                                          = 128
+	FACILITY_USN                                                                            = 129
+	FACILITY_USERMODE_VOLSNAP                                                               = 130
+	FACILITY_TIERING                                                                        = 131
+	FACILITY_WSB_ONLINE                                                                     = 133
+	FACILITY_ONLINE_ID                                                                      = 134
+	FACILITY_DEVICE_UPDATE_AGENT                                                            = 135
+	FACILITY_DRVSERVICING                                                                   = 136
+	FACILITY_DLS                                                                            = 153
+	FACILITY_DELIVERY_OPTIMIZATION                                                          = 208
+	FACILITY_USERMODE_SPACES                                                                = 231
+	FACILITY_USER_MODE_SECURITY_CORE                                                        = 232
+	FACILITY_USERMODE_LICENSING                                                             = 234
+	FACILITY_SOS                                                                            = 160
+	FACILITY_DEBUGGERS                                                                      = 176
+	FACILITY_SPP                                                                            = 256
+	FACILITY_RESTORE                                                                        = 256
+	FACILITY_DMSERVER                                                                       = 256
+	FACILITY_DEPLOYMENT_SERVICES_SERVER                                                     = 257
+	FACILITY_DEPLOYMENT_SERVICES_IMAGING                                                    = 258
+	FACILITY_DEPLOYMENT_SERVICES_MANAGEMENT                                                 = 259
+	FACILITY_DEPLOYMENT_SERVICES_UTIL                                                       = 260
+	FACILITY_DEPLOYMENT_SERVICES_BINLSVC                                                    = 261
+	FACILITY_DEPLOYMENT_SERVICES_PXE                                                        = 263
+	FACILITY_DEPLOYMENT_SERVICES_TFTP                                                       = 264
+	FACILITY_DEPLOYMENT_SERVICES_TRANSPORT_MANAGEMENT                                       = 272
+	FACILITY_DEPLOYMENT_SERVICES_DRIVER_PROVISIONING                                        = 278
+	FACILITY_DEPLOYMENT_SERVICES_MULTICAST_SERVER                                           = 289
+	FACILITY_DEPLOYMENT_SERVICES_MULTICAST_CLIENT                                           = 290
+	FACILITY_DEPLOYMENT_SERVICES_CONTENT_PROVIDER                                           = 293
+	FACILITY_LINGUISTIC_SERVICES                                                            = 305
+	FACILITY_AUDIOSTREAMING                                                                 = 1094
+	FACILITY_ACCELERATOR                                                                    = 1536
+	FACILITY_WMAAECMA                                                                       = 1996
+	FACILITY_DIRECTMUSIC                                                                    = 2168
+	FACILITY_DIRECT3D10                                                                     = 2169
+	FACILITY_DXGI                                                                           = 2170
+	FACILITY_DXGI_DDI                                                                       = 2171
+	FACILITY_DIRECT3D11                                                                     = 2172
+	FACILITY_DIRECT3D11_DEBUG                                                               = 2173
+	FACILITY_DIRECT3D12                                                                     = 2174
+	FACILITY_DIRECT3D12_DEBUG                                                               = 2175
+	FACILITY_LEAP                                                                           = 2184
+	FACILITY_AUDCLNT                                                                        = 2185
+	FACILITY_WINCODEC_DWRITE_DWM                                                            = 2200
+	FACILITY_WINML                                                                          = 2192
+	FACILITY_DIRECT2D                                                                       = 2201
+	FACILITY_DEFRAG                                                                         = 2304
+	FACILITY_USERMODE_SDBUS                                                                 = 2305
+	FACILITY_JSCRIPT                                                                        = 2306
+	FACILITY_PIDGENX                                                                        = 2561
+	FACILITY_EAS                                                                            = 85
+	FACILITY_WEB                                                                            = 885
+	FACILITY_WEB_SOCKET                                                                     = 886
+	FACILITY_MOBILE                                                                         = 1793
+	FACILITY_SQLITE                                                                         = 1967
+	FACILITY_UTC                                                                            = 1989
+	FACILITY_WEP                                                                            = 2049
+	FACILITY_SYNCENGINE                                                                     = 2050
+	FACILITY_XBOX                                                                           = 2339
+	FACILITY_GAME                                                                           = 2340
+	FACILITY_PIX                                                                            = 2748
+	ERROR_SUCCESS                                                             syscall.Errno = 0
+	NO_ERROR                                                                                = 0
+	SEC_E_OK                                                                  Handle        = 0x00000000
+	ERROR_INVALID_FUNCTION                                                    syscall.Errno = 1
+	ERROR_FILE_NOT_FOUND                                                      syscall.Errno = 2
+	ERROR_PATH_NOT_FOUND                                                      syscall.Errno = 3
+	ERROR_TOO_MANY_OPEN_FILES                                                 syscall.Errno = 4
+	ERROR_ACCESS_DENIED                                                       syscall.Errno = 5
+	ERROR_INVALID_HANDLE                                                      syscall.Errno = 6
+	ERROR_ARENA_TRASHED                                                       syscall.Errno = 7
+	ERROR_NOT_ENOUGH_MEMORY                                                   syscall.Errno = 8
+	ERROR_INVALID_BLOCK                                                       syscall.Errno = 9
+	ERROR_BAD_ENVIRONMENT                                                     syscall.Errno = 10
+	ERROR_BAD_FORMAT                                                          syscall.Errno = 11
+	ERROR_INVALID_ACCESS                                                      syscall.Errno = 12
+	ERROR_INVALID_DATA                                                        syscall.Errno = 13
+	ERROR_OUTOFMEMORY                                                         syscall.Errno = 14
+	ERROR_INVALID_DRIVE                                                       syscall.Errno = 15
+	ERROR_CURRENT_DIRECTORY                                                   syscall.Errno = 16
+	ERROR_NOT_SAME_DEVICE                                                     syscall.Errno = 17
+	ERROR_NO_MORE_FILES                                                       syscall.Errno = 18
+	ERROR_WRITE_PROTECT                                                       syscall.Errno = 19
+	ERROR_BAD_UNIT                                                            syscall.Errno = 20
+	ERROR_NOT_READY                                                           syscall.Errno = 21
+	ERROR_BAD_COMMAND                                                         syscall.Errno = 22
+	ERROR_CRC                                                                 syscall.Errno = 23
+	ERROR_BAD_LENGTH                                                          syscall.Errno = 24
+	ERROR_SEEK                                                                syscall.Errno = 25
+	ERROR_NOT_DOS_DISK                                                        syscall.Errno = 26
+	ERROR_SECTOR_NOT_FOUND                                                    syscall.Errno = 27
+	ERROR_OUT_OF_PAPER                                                        syscall.Errno = 28
+	ERROR_WRITE_FAULT                                                         syscall.Errno = 29
+	ERROR_READ_FAULT                                                          syscall.Errno = 30
+	ERROR_GEN_FAILURE                                                         syscall.Errno = 31
+	ERROR_SHARING_VIOLATION                                                   syscall.Errno = 32
+	ERROR_LOCK_VIOLATION                                                      syscall.Errno = 33
+	ERROR_WRONG_DISK                                                          syscall.Errno = 34
+	ERROR_SHARING_BUFFER_EXCEEDED                                             syscall.Errno = 36
+	ERROR_HANDLE_EOF                                                          syscall.Errno = 38
+	ERROR_HANDLE_DISK_FULL                                                    syscall.Errno = 39
+	ERROR_NOT_SUPPORTED                                                       syscall.Errno = 50
+	ERROR_REM_NOT_LIST                                                        syscall.Errno = 51
+	ERROR_DUP_NAME                                                            syscall.Errno = 52
+	ERROR_BAD_NETPATH                                                         syscall.Errno = 53
+	ERROR_NETWORK_BUSY                                                        syscall.Errno = 54
+	ERROR_DEV_NOT_EXIST                                                       syscall.Errno = 55
+	ERROR_TOO_MANY_CMDS                                                       syscall.Errno = 56
+	ERROR_ADAP_HDW_ERR                                                        syscall.Errno = 57
+	ERROR_BAD_NET_RESP                                                        syscall.Errno = 58
+	ERROR_UNEXP_NET_ERR                                                       syscall.Errno = 59
+	ERROR_BAD_REM_ADAP                                                        syscall.Errno = 60
+	ERROR_PRINTQ_FULL                                                         syscall.Errno = 61
+	ERROR_NO_SPOOL_SPACE                                                      syscall.Errno = 62
+	ERROR_PRINT_CANCELLED                                                     syscall.Errno = 63
+	ERROR_NETNAME_DELETED                                                     syscall.Errno = 64
+	ERROR_NETWORK_ACCESS_DENIED                                               syscall.Errno = 65
+	ERROR_BAD_DEV_TYPE                                                        syscall.Errno = 66
+	ERROR_BAD_NET_NAME                                                        syscall.Errno = 67
+	ERROR_TOO_MANY_NAMES                                                      syscall.Errno = 68
+	ERROR_TOO_MANY_SESS                                                       syscall.Errno = 69
+	ERROR_SHARING_PAUSED                                                      syscall.Errno = 70
+	ERROR_REQ_NOT_ACCEP                                                       syscall.Errno = 71
+	ERROR_REDIR_PAUSED                                                        syscall.Errno = 72
+	ERROR_FILE_EXISTS                                                         syscall.Errno = 80
+	ERROR_CANNOT_MAKE                                                         syscall.Errno = 82
+	ERROR_FAIL_I24                                                            syscall.Errno = 83
+	ERROR_OUT_OF_STRUCTURES                                                   syscall.Errno = 84
+	ERROR_ALREADY_ASSIGNED                                                    syscall.Errno = 85
+	ERROR_INVALID_PASSWORD                                                    syscall.Errno = 86
+	ERROR_INVALID_PARAMETER                                                   syscall.Errno = 87
+	ERROR_NET_WRITE_FAULT                                                     syscall.Errno = 88
+	ERROR_NO_PROC_SLOTS                                                       syscall.Errno = 89
+	ERROR_TOO_MANY_SEMAPHORES                                                 syscall.Errno = 100
+	ERROR_EXCL_SEM_ALREADY_OWNED                                              syscall.Errno = 101
+	ERROR_SEM_IS_SET                                                          syscall.Errno = 102
+	ERROR_TOO_MANY_SEM_REQUESTS                                               syscall.Errno = 103
+	ERROR_INVALID_AT_INTERRUPT_TIME                                           syscall.Errno = 104
+	ERROR_SEM_OWNER_DIED                                                      syscall.Errno = 105
+	ERROR_SEM_USER_LIMIT                                                      syscall.Errno = 106
+	ERROR_DISK_CHANGE                                                         syscall.Errno = 107
+	ERROR_DRIVE_LOCKED                                                        syscall.Errno = 108
+	ERROR_BROKEN_PIPE                                                         syscall.Errno = 109
+	ERROR_OPEN_FAILED                                                         syscall.Errno = 110
+	ERROR_BUFFER_OVERFLOW                                                     syscall.Errno = 111
+	ERROR_DISK_FULL                                                           syscall.Errno = 112
+	ERROR_NO_MORE_SEARCH_HANDLES                                              syscall.Errno = 113
+	ERROR_INVALID_TARGET_HANDLE                                               syscall.Errno = 114
+	ERROR_INVALID_CATEGORY                                                    syscall.Errno = 117
+	ERROR_INVALID_VERIFY_SWITCH                                               syscall.Errno = 118
+	ERROR_BAD_DRIVER_LEVEL                                                    syscall.Errno = 119
+	ERROR_CALL_NOT_IMPLEMENTED                                                syscall.Errno = 120
+	ERROR_SEM_TIMEOUT                                                         syscall.Errno = 121
+	ERROR_INSUFFICIENT_BUFFER                                                 syscall.Errno = 122
+	ERROR_INVALID_NAME                                                        syscall.Errno = 123
+	ERROR_INVALID_LEVEL                                                       syscall.Errno = 124
+	ERROR_NO_VOLUME_LABEL                                                     syscall.Errno = 125
+	ERROR_MOD_NOT_FOUND                                                       syscall.Errno = 126
+	ERROR_PROC_NOT_FOUND                                                      syscall.Errno = 127
+	ERROR_WAIT_NO_CHILDREN                                                    syscall.Errno = 128
+	ERROR_CHILD_NOT_COMPLETE                                                  syscall.Errno = 129
+	ERROR_DIRECT_ACCESS_HANDLE                                                syscall.Errno = 130
+	ERROR_NEGATIVE_SEEK                                                       syscall.Errno = 131
+	ERROR_SEEK_ON_DEVICE                                                      syscall.Errno = 132
+	ERROR_IS_JOIN_TARGET                                                      syscall.Errno = 133
+	ERROR_IS_JOINED                                                           syscall.Errno = 134
+	ERROR_IS_SUBSTED                                                          syscall.Errno = 135
+	ERROR_NOT_JOINED                                                          syscall.Errno = 136
+	ERROR_NOT_SUBSTED                                                         syscall.Errno = 137
+	ERROR_JOIN_TO_JOIN                                                        syscall.Errno = 138
+	ERROR_SUBST_TO_SUBST                                                      syscall.Errno = 139
+	ERROR_JOIN_TO_SUBST                                                       syscall.Errno = 140
+	ERROR_SUBST_TO_JOIN                                                       syscall.Errno = 141
+	ERROR_BUSY_DRIVE                                                          syscall.Errno = 142
+	ERROR_SAME_DRIVE                                                          syscall.Errno = 143
+	ERROR_DIR_NOT_ROOT                                                        syscall.Errno = 144
+	ERROR_DIR_NOT_EMPTY                                                       syscall.Errno = 145
+	ERROR_IS_SUBST_PATH                                                       syscall.Errno = 146
+	ERROR_IS_JOIN_PATH                                                        syscall.Errno = 147
+	ERROR_PATH_BUSY                                                           syscall.Errno = 148
+	ERROR_IS_SUBST_TARGET                                                     syscall.Errno = 149
+	ERROR_SYSTEM_TRACE                                                        syscall.Errno = 150
+	ERROR_INVALID_EVENT_COUNT                                                 syscall.Errno = 151
+	ERROR_TOO_MANY_MUXWAITERS                                                 syscall.Errno = 152
+	ERROR_INVALID_LIST_FORMAT                                                 syscall.Errno = 153
+	ERROR_LABEL_TOO_LONG                                                      syscall.Errno = 154
+	ERROR_TOO_MANY_TCBS                                                       syscall.Errno = 155
+	ERROR_SIGNAL_REFUSED                                                      syscall.Errno = 156
+	ERROR_DISCARDED                                                           syscall.Errno = 157
+	ERROR_NOT_LOCKED                                                          syscall.Errno = 158
+	ERROR_BAD_THREADID_ADDR                                                   syscall.Errno = 159
+	ERROR_BAD_ARGUMENTS                                                       syscall.Errno = 160
+	ERROR_BAD_PATHNAME                                                        syscall.Errno = 161
+	ERROR_SIGNAL_PENDING                                                      syscall.Errno = 162
+	ERROR_MAX_THRDS_REACHED                                                   syscall.Errno = 164
+	ERROR_LOCK_FAILED                                                         syscall.Errno = 167
+	ERROR_BUSY                                                                syscall.Errno = 170
+	ERROR_DEVICE_SUPPORT_IN_PROGRESS                                          syscall.Errno = 171
+	ERROR_CANCEL_VIOLATION                                                    syscall.Errno = 173
+	ERROR_ATOMIC_LOCKS_NOT_SUPPORTED                                          syscall.Errno = 174
+	ERROR_INVALID_SEGMENT_NUMBER                                              syscall.Errno = 180
+	ERROR_INVALID_ORDINAL                                                     syscall.Errno = 182
+	ERROR_ALREADY_EXISTS                                                      syscall.Errno = 183
+	ERROR_INVALID_FLAG_NUMBER                                                 syscall.Errno = 186
+	ERROR_SEM_NOT_FOUND                                                       syscall.Errno = 187
+	ERROR_INVALID_STARTING_CODESEG                                            syscall.Errno = 188
+	ERROR_INVALID_STACKSEG                                                    syscall.Errno = 189
+	ERROR_INVALID_MODULETYPE                                                  syscall.Errno = 190
+	ERROR_INVALID_EXE_SIGNATURE                                               syscall.Errno = 191
+	ERROR_EXE_MARKED_INVALID                                                  syscall.Errno = 192
+	ERROR_BAD_EXE_FORMAT                                                      syscall.Errno = 193
+	ERROR_ITERATED_DATA_EXCEEDS_64k                                           syscall.Errno = 194
+	ERROR_INVALID_MINALLOCSIZE                                                syscall.Errno = 195
+	ERROR_DYNLINK_FROM_INVALID_RING                                           syscall.Errno = 196
+	ERROR_IOPL_NOT_ENABLED                                                    syscall.Errno = 197
+	ERROR_INVALID_SEGDPL                                                      syscall.Errno = 198
+	ERROR_AUTODATASEG_EXCEEDS_64k                                             syscall.Errno = 199
+	ERROR_RING2SEG_MUST_BE_MOVABLE                                            syscall.Errno = 200
+	ERROR_RELOC_CHAIN_XEEDS_SEGLIM                                            syscall.Errno = 201
+	ERROR_INFLOOP_IN_RELOC_CHAIN                                              syscall.Errno = 202
+	ERROR_ENVVAR_NOT_FOUND                                                    syscall.Errno = 203
+	ERROR_NO_SIGNAL_SENT                                                      syscall.Errno = 205
+	ERROR_FILENAME_EXCED_RANGE                                                syscall.Errno = 206
+	ERROR_RING2_STACK_IN_USE                                                  syscall.Errno = 207
+	ERROR_META_EXPANSION_TOO_LONG                                             syscall.Errno = 208
+	ERROR_INVALID_SIGNAL_NUMBER                                               syscall.Errno = 209
+	ERROR_THREAD_1_INACTIVE                                                   syscall.Errno = 210
+	ERROR_LOCKED                                                              syscall.Errno = 212
+	ERROR_TOO_MANY_MODULES                                                    syscall.Errno = 214
+	ERROR_NESTING_NOT_ALLOWED                                                 syscall.Errno = 215
+	ERROR_EXE_MACHINE_TYPE_MISMATCH                                           syscall.Errno = 216
+	ERROR_EXE_CANNOT_MODIFY_SIGNED_BINARY                                     syscall.Errno = 217
+	ERROR_EXE_CANNOT_MODIFY_STRONG_SIGNED_BINARY                              syscall.Errno = 218
+	ERROR_FILE_CHECKED_OUT                                                    syscall.Errno = 220
+	ERROR_CHECKOUT_REQUIRED                                                   syscall.Errno = 221
+	ERROR_BAD_FILE_TYPE                                                       syscall.Errno = 222
+	ERROR_FILE_TOO_LARGE                                                      syscall.Errno = 223
+	ERROR_FORMS_AUTH_REQUIRED                                                 syscall.Errno = 224
+	ERROR_VIRUS_INFECTED                                                      syscall.Errno = 225
+	ERROR_VIRUS_DELETED                                                       syscall.Errno = 226
+	ERROR_PIPE_LOCAL                                                          syscall.Errno = 229
+	ERROR_BAD_PIPE                                                            syscall.Errno = 230
+	ERROR_PIPE_BUSY                                                           syscall.Errno = 231
+	ERROR_NO_DATA                                                             syscall.Errno = 232
+	ERROR_PIPE_NOT_CONNECTED                                                  syscall.Errno = 233
+	ERROR_MORE_DATA                                                           syscall.Errno = 234
+	ERROR_NO_WORK_DONE                                                        syscall.Errno = 235
+	ERROR_VC_DISCONNECTED                                                     syscall.Errno = 240
+	ERROR_INVALID_EA_NAME                                                     syscall.Errno = 254
+	ERROR_EA_LIST_INCONSISTENT                                                syscall.Errno = 255
+	WAIT_TIMEOUT                                                              syscall.Errno = 258
+	ERROR_NO_MORE_ITEMS                                                       syscall.Errno = 259
+	ERROR_CANNOT_COPY                                                         syscall.Errno = 266
+	ERROR_DIRECTORY                                                           syscall.Errno = 267
+	ERROR_EAS_DIDNT_FIT                                                       syscall.Errno = 275
+	ERROR_EA_FILE_CORRUPT                                                     syscall.Errno = 276
+	ERROR_EA_TABLE_FULL                                                       syscall.Errno = 277
+	ERROR_INVALID_EA_HANDLE                                                   syscall.Errno = 278
+	ERROR_EAS_NOT_SUPPORTED                                                   syscall.Errno = 282
+	ERROR_NOT_OWNER                                                           syscall.Errno = 288
+	ERROR_TOO_MANY_POSTS                                                      syscall.Errno = 298
+	ERROR_PARTIAL_COPY                                                        syscall.Errno = 299
+	ERROR_OPLOCK_NOT_GRANTED                                                  syscall.Errno = 300
+	ERROR_INVALID_OPLOCK_PROTOCOL                                             syscall.Errno = 301
+	ERROR_DISK_TOO_FRAGMENTED                                                 syscall.Errno = 302
+	ERROR_DELETE_PENDING                                                      syscall.Errno = 303
+	ERROR_INCOMPATIBLE_WITH_GLOBAL_SHORT_NAME_REGISTRY_SETTING                syscall.Errno = 304
+	ERROR_SHORT_NAMES_NOT_ENABLED_ON_VOLUME                                   syscall.Errno = 305
+	ERROR_SECURITY_STREAM_IS_INCONSISTENT                                     syscall.Errno = 306
+	ERROR_INVALID_LOCK_RANGE                                                  syscall.Errno = 307
+	ERROR_IMAGE_SUBSYSTEM_NOT_PRESENT                                         syscall.Errno = 308
+	ERROR_NOTIFICATION_GUID_ALREADY_DEFINED                                   syscall.Errno = 309
+	ERROR_INVALID_EXCEPTION_HANDLER                                           syscall.Errno = 310
+	ERROR_DUPLICATE_PRIVILEGES                                                syscall.Errno = 311
+	ERROR_NO_RANGES_PROCESSED                                                 syscall.Errno = 312
+	ERROR_NOT_ALLOWED_ON_SYSTEM_FILE                                          syscall.Errno = 313
+	ERROR_DISK_RESOURCES_EXHAUSTED                                            syscall.Errno = 314
+	ERROR_INVALID_TOKEN                                                       syscall.Errno = 315
+	ERROR_DEVICE_FEATURE_NOT_SUPPORTED                                        syscall.Errno = 316
+	ERROR_MR_MID_NOT_FOUND                                                    syscall.Errno = 317
+	ERROR_SCOPE_NOT_FOUND                                                     syscall.Errno = 318
+	ERROR_UNDEFINED_SCOPE                                                     syscall.Errno = 319
+	ERROR_INVALID_CAP                                                         syscall.Errno = 320
+	ERROR_DEVICE_UNREACHABLE                                                  syscall.Errno = 321
+	ERROR_DEVICE_NO_RESOURCES                                                 syscall.Errno = 322
+	ERROR_DATA_CHECKSUM_ERROR                                                 syscall.Errno = 323
+	ERROR_INTERMIXED_KERNEL_EA_OPERATION                                      syscall.Errno = 324
+	ERROR_FILE_LEVEL_TRIM_NOT_SUPPORTED                                       syscall.Errno = 326
+	ERROR_OFFSET_ALIGNMENT_VIOLATION                                          syscall.Errno = 327
+	ERROR_INVALID_FIELD_IN_PARAMETER_LIST                                     syscall.Errno = 328
+	ERROR_OPERATION_IN_PROGRESS                                               syscall.Errno = 329
+	ERROR_BAD_DEVICE_PATH                                                     syscall.Errno = 330
+	ERROR_TOO_MANY_DESCRIPTORS                                                syscall.Errno = 331
+	ERROR_SCRUB_DATA_DISABLED                                                 syscall.Errno = 332
+	ERROR_NOT_REDUNDANT_STORAGE                                               syscall.Errno = 333
+	ERROR_RESIDENT_FILE_NOT_SUPPORTED                                         syscall.Errno = 334
+	ERROR_COMPRESSED_FILE_NOT_SUPPORTED                                       syscall.Errno = 335
+	ERROR_DIRECTORY_NOT_SUPPORTED                                             syscall.Errno = 336
+	ERROR_NOT_READ_FROM_COPY                                                  syscall.Errno = 337
+	ERROR_FT_WRITE_FAILURE                                                    syscall.Errno = 338
+	ERROR_FT_DI_SCAN_REQUIRED                                                 syscall.Errno = 339
+	ERROR_INVALID_KERNEL_INFO_VERSION                                         syscall.Errno = 340
+	ERROR_INVALID_PEP_INFO_VERSION                                            syscall.Errno = 341
+	ERROR_OBJECT_NOT_EXTERNALLY_BACKED                                        syscall.Errno = 342
+	ERROR_EXTERNAL_BACKING_PROVIDER_UNKNOWN                                   syscall.Errno = 343
+	ERROR_COMPRESSION_NOT_BENEFICIAL                                          syscall.Errno = 344
+	ERROR_STORAGE_TOPOLOGY_ID_MISMATCH                                        syscall.Errno = 345
+	ERROR_BLOCKED_BY_PARENTAL_CONTROLS                                        syscall.Errno = 346
+	ERROR_BLOCK_TOO_MANY_REFERENCES                                           syscall.Errno = 347
+	ERROR_MARKED_TO_DISALLOW_WRITES                                           syscall.Errno = 348
+	ERROR_ENCLAVE_FAILURE                                                     syscall.Errno = 349
+	ERROR_FAIL_NOACTION_REBOOT                                                syscall.Errno = 350
+	ERROR_FAIL_SHUTDOWN                                                       syscall.Errno = 351
+	ERROR_FAIL_RESTART                                                        syscall.Errno = 352
+	ERROR_MAX_SESSIONS_REACHED                                                syscall.Errno = 353
+	ERROR_NETWORK_ACCESS_DENIED_EDP                                           syscall.Errno = 354
+	ERROR_DEVICE_HINT_NAME_BUFFER_TOO_SMALL                                   syscall.Errno = 355
+	ERROR_EDP_POLICY_DENIES_OPERATION                                         syscall.Errno = 356
+	ERROR_EDP_DPL_POLICY_CANT_BE_SATISFIED                                    syscall.Errno = 357
+	ERROR_CLOUD_FILE_SYNC_ROOT_METADATA_CORRUPT                               syscall.Errno = 358
+	ERROR_DEVICE_IN_MAINTENANCE                                               syscall.Errno = 359
+	ERROR_NOT_SUPPORTED_ON_DAX                                                syscall.Errno = 360
+	ERROR_DAX_MAPPING_EXISTS                                                  syscall.Errno = 361
+	ERROR_CLOUD_FILE_PROVIDER_NOT_RUNNING                                     syscall.Errno = 362
+	ERROR_CLOUD_FILE_METADATA_CORRUPT                                         syscall.Errno = 363
+	ERROR_CLOUD_FILE_METADATA_TOO_LARGE                                       syscall.Errno = 364
+	ERROR_CLOUD_FILE_PROPERTY_BLOB_TOO_LARGE                                  syscall.Errno = 365
+	ERROR_CLOUD_FILE_PROPERTY_BLOB_CHECKSUM_MISMATCH                          syscall.Errno = 366
+	ERROR_CHILD_PROCESS_BLOCKED                                               syscall.Errno = 367
+	ERROR_STORAGE_LOST_DATA_PERSISTENCE                                       syscall.Errno = 368
+	ERROR_FILE_SYSTEM_VIRTUALIZATION_UNAVAILABLE                              syscall.Errno = 369
+	ERROR_FILE_SYSTEM_VIRTUALIZATION_METADATA_CORRUPT                         syscall.Errno = 370
+	ERROR_FILE_SYSTEM_VIRTUALIZATION_BUSY                                     syscall.Errno = 371
+	ERROR_FILE_SYSTEM_VIRTUALIZATION_PROVIDER_UNKNOWN                         syscall.Errno = 372
+	ERROR_GDI_HANDLE_LEAK                                                     syscall.Errno = 373
+	ERROR_CLOUD_FILE_TOO_MANY_PROPERTY_BLOBS                                  syscall.Errno = 374
+	ERROR_CLOUD_FILE_PROPERTY_VERSION_NOT_SUPPORTED                           syscall.Errno = 375
+	ERROR_NOT_A_CLOUD_FILE                                                    syscall.Errno = 376
+	ERROR_CLOUD_FILE_NOT_IN_SYNC                                              syscall.Errno = 377
+	ERROR_CLOUD_FILE_ALREADY_CONNECTED                                        syscall.Errno = 378
+	ERROR_CLOUD_FILE_NOT_SUPPORTED                                            syscall.Errno = 379
+	ERROR_CLOUD_FILE_INVALID_REQUEST                                          syscall.Errno = 380
+	ERROR_CLOUD_FILE_READ_ONLY_VOLUME                                         syscall.Errno = 381
+	ERROR_CLOUD_FILE_CONNECTED_PROVIDER_ONLY                                  syscall.Errno = 382
+	ERROR_CLOUD_FILE_VALIDATION_FAILED                                        syscall.Errno = 383
+	ERROR_SMB1_NOT_AVAILABLE                                                  syscall.Errno = 384
+	ERROR_FILE_SYSTEM_VIRTUALIZATION_INVALID_OPERATION                        syscall.Errno = 385
+	ERROR_CLOUD_FILE_AUTHENTICATION_FAILED                                    syscall.Errno = 386
+	ERROR_CLOUD_FILE_INSUFFICIENT_RESOURCES                                   syscall.Errno = 387
+	ERROR_CLOUD_FILE_NETWORK_UNAVAILABLE                                      syscall.Errno = 388
+	ERROR_CLOUD_FILE_UNSUCCESSFUL                                             syscall.Errno = 389
+	ERROR_CLOUD_FILE_NOT_UNDER_SYNC_ROOT                                      syscall.Errno = 390
+	ERROR_CLOUD_FILE_IN_USE                                                   syscall.Errno = 391
+	ERROR_CLOUD_FILE_PINNED                                                   syscall.Errno = 392
+	ERROR_CLOUD_FILE_REQUEST_ABORTED                                          syscall.Errno = 393
+	ERROR_CLOUD_FILE_PROPERTY_CORRUPT                                         syscall.Errno = 394
+	ERROR_CLOUD_FILE_ACCESS_DENIED                                            syscall.Errno = 395
+	ERROR_CLOUD_FILE_INCOMPATIBLE_HARDLINKS                                   syscall.Errno = 396
+	ERROR_CLOUD_FILE_PROPERTY_LOCK_CONFLICT                                   syscall.Errno = 397
+	ERROR_CLOUD_FILE_REQUEST_CANCELED                                         syscall.Errno = 398
+	ERROR_EXTERNAL_SYSKEY_NOT_SUPPORTED                                       syscall.Errno = 399
+	ERROR_THREAD_MODE_ALREADY_BACKGROUND                                      syscall.Errno = 400
+	ERROR_THREAD_MODE_NOT_BACKGROUND                                          syscall.Errno = 401
+	ERROR_PROCESS_MODE_ALREADY_BACKGROUND                                     syscall.Errno = 402
+	ERROR_PROCESS_MODE_NOT_BACKGROUND                                         syscall.Errno = 403
+	ERROR_CLOUD_FILE_PROVIDER_TERMINATED                                      syscall.Errno = 404
+	ERROR_NOT_A_CLOUD_SYNC_ROOT                                               syscall.Errno = 405
+	ERROR_FILE_PROTECTED_UNDER_DPL                                            syscall.Errno = 406
+	ERROR_VOLUME_NOT_CLUSTER_ALIGNED                                          syscall.Errno = 407
+	ERROR_NO_PHYSICALLY_ALIGNED_FREE_SPACE_FOUND                              syscall.Errno = 408
+	ERROR_APPX_FILE_NOT_ENCRYPTED                                             syscall.Errno = 409
+	ERROR_RWRAW_ENCRYPTED_FILE_NOT_ENCRYPTED                                  syscall.Errno = 410
+	ERROR_RWRAW_ENCRYPTED_INVALID_EDATAINFO_FILEOFFSET                        syscall.Errno = 411
+	ERROR_RWRAW_ENCRYPTED_INVALID_EDATAINFO_FILERANGE                         syscall.Errno = 412
+	ERROR_RWRAW_ENCRYPTED_INVALID_EDATAINFO_PARAMETER                         syscall.Errno = 413
+	ERROR_LINUX_SUBSYSTEM_NOT_PRESENT                                         syscall.Errno = 414
+	ERROR_FT_READ_FAILURE                                                     syscall.Errno = 415
+	ERROR_STORAGE_RESERVE_ID_INVALID                                          syscall.Errno = 416
+	ERROR_STORAGE_RESERVE_DOES_NOT_EXIST                                      syscall.Errno = 417
+	ERROR_STORAGE_RESERVE_ALREADY_EXISTS                                      syscall.Errno = 418
+	ERROR_STORAGE_RESERVE_NOT_EMPTY                                           syscall.Errno = 419
+	ERROR_NOT_A_DAX_VOLUME                                                    syscall.Errno = 420
+	ERROR_NOT_DAX_MAPPABLE                                                    syscall.Errno = 421
+	ERROR_TIME_SENSITIVE_THREAD                                               syscall.Errno = 422
+	ERROR_DPL_NOT_SUPPORTED_FOR_USER                                          syscall.Errno = 423
+	ERROR_CASE_DIFFERING_NAMES_IN_DIR                                         syscall.Errno = 424
+	ERROR_FILE_NOT_SUPPORTED                                                  syscall.Errno = 425
+	ERROR_CLOUD_FILE_REQUEST_TIMEOUT                                          syscall.Errno = 426
+	ERROR_NO_TASK_QUEUE                                                       syscall.Errno = 427
+	ERROR_SRC_SRV_DLL_LOAD_FAILED                                             syscall.Errno = 428
+	ERROR_NOT_SUPPORTED_WITH_BTT                                              syscall.Errno = 429
+	ERROR_ENCRYPTION_DISABLED                                                 syscall.Errno = 430
+	ERROR_ENCRYPTING_METADATA_DISALLOWED                                      syscall.Errno = 431
+	ERROR_CANT_CLEAR_ENCRYPTION_FLAG                                          syscall.Errno = 432
+	ERROR_NO_SUCH_DEVICE                                                      syscall.Errno = 433
+	ERROR_CAPAUTHZ_NOT_DEVUNLOCKED                                            syscall.Errno = 450
+	ERROR_CAPAUTHZ_CHANGE_TYPE                                                syscall.Errno = 451
+	ERROR_CAPAUTHZ_NOT_PROVISIONED                                            syscall.Errno = 452
+	ERROR_CAPAUTHZ_NOT_AUTHORIZED                                             syscall.Errno = 453
+	ERROR_CAPAUTHZ_NO_POLICY                                                  syscall.Errno = 454
+	ERROR_CAPAUTHZ_DB_CORRUPTED                                               syscall.Errno = 455
+	ERROR_CAPAUTHZ_SCCD_INVALID_CATALOG                                       syscall.Errno = 456
+	ERROR_CAPAUTHZ_SCCD_NO_AUTH_ENTITY                                        syscall.Errno = 457
+	ERROR_CAPAUTHZ_SCCD_PARSE_ERROR                                           syscall.Errno = 458
+	ERROR_CAPAUTHZ_SCCD_DEV_MODE_REQUIRED                                     syscall.Errno = 459
+	ERROR_CAPAUTHZ_SCCD_NO_CAPABILITY_MATCH                                   syscall.Errno = 460
+	ERROR_PNP_QUERY_REMOVE_DEVICE_TIMEOUT                                     syscall.Errno = 480
+	ERROR_PNP_QUERY_REMOVE_RELATED_DEVICE_TIMEOUT                             syscall.Errno = 481
+	ERROR_PNP_QUERY_REMOVE_UNRELATED_DEVICE_TIMEOUT                           syscall.Errno = 482
+	ERROR_DEVICE_HARDWARE_ERROR                                               syscall.Errno = 483
+	ERROR_INVALID_ADDRESS                                                     syscall.Errno = 487
+	ERROR_VRF_CFG_ENABLED                                                     syscall.Errno = 1183
+	ERROR_PARTITION_TERMINATING                                               syscall.Errno = 1184
+	ERROR_USER_PROFILE_LOAD                                                   syscall.Errno = 500
+	ERROR_ARITHMETIC_OVERFLOW                                                 syscall.Errno = 534
+	ERROR_PIPE_CONNECTED                                                      syscall.Errno = 535
+	ERROR_PIPE_LISTENING                                                      syscall.Errno = 536
+	ERROR_VERIFIER_STOP                                                       syscall.Errno = 537
+	ERROR_ABIOS_ERROR                                                         syscall.Errno = 538
+	ERROR_WX86_WARNING                                                        syscall.Errno = 539
+	ERROR_WX86_ERROR                                                          syscall.Errno = 540
+	ERROR_TIMER_NOT_CANCELED                                                  syscall.Errno = 541
+	ERROR_UNWIND                                                              syscall.Errno = 542
+	ERROR_BAD_STACK                                                           syscall.Errno = 543
+	ERROR_INVALID_UNWIND_TARGET                                               syscall.Errno = 544
+	ERROR_INVALID_PORT_ATTRIBUTES                                             syscall.Errno = 545
+	ERROR_PORT_MESSAGE_TOO_LONG                                               syscall.Errno = 546
+	ERROR_INVALID_QUOTA_LOWER                                                 syscall.Errno = 547
+	ERROR_DEVICE_ALREADY_ATTACHED                                             syscall.Errno = 548
+	ERROR_INSTRUCTION_MISALIGNMENT                                            syscall.Errno = 549
+	ERROR_PROFILING_NOT_STARTED                                               syscall.Errno = 550
+	ERROR_PROFILING_NOT_STOPPED                                               syscall.Errno = 551
+	ERROR_COULD_NOT_INTERPRET                                                 syscall.Errno = 552
+	ERROR_PROFILING_AT_LIMIT                                                  syscall.Errno = 553
+	ERROR_CANT_WAIT                                                           syscall.Errno = 554
+	ERROR_CANT_TERMINATE_SELF                                                 syscall.Errno = 555
+	ERROR_UNEXPECTED_MM_CREATE_ERR                                            syscall.Errno = 556
+	ERROR_UNEXPECTED_MM_MAP_ERROR                                             syscall.Errno = 557
+	ERROR_UNEXPECTED_MM_EXTEND_ERR                                            syscall.Errno = 558
+	ERROR_BAD_FUNCTION_TABLE                                                  syscall.Errno = 559
+	ERROR_NO_GUID_TRANSLATION                                                 syscall.Errno = 560
+	ERROR_INVALID_LDT_SIZE                                                    syscall.Errno = 561
+	ERROR_INVALID_LDT_OFFSET                                                  syscall.Errno = 563
+	ERROR_INVALID_LDT_DESCRIPTOR                                              syscall.Errno = 564
+	ERROR_TOO_MANY_THREADS                                                    syscall.Errno = 565
+	ERROR_THREAD_NOT_IN_PROCESS                                               syscall.Errno = 566
+	ERROR_PAGEFILE_QUOTA_EXCEEDED                                             syscall.Errno = 567
+	ERROR_LOGON_SERVER_CONFLICT                                               syscall.Errno = 568
+	ERROR_SYNCHRONIZATION_REQUIRED                                            syscall.Errno = 569
+	ERROR_NET_OPEN_FAILED                                                     syscall.Errno = 570
+	ERROR_IO_PRIVILEGE_FAILED                                                 syscall.Errno = 571
+	ERROR_CONTROL_C_EXIT                                                      syscall.Errno = 572
+	ERROR_MISSING_SYSTEMFILE                                                  syscall.Errno = 573
+	ERROR_UNHANDLED_EXCEPTION                                                 syscall.Errno = 574
+	ERROR_APP_INIT_FAILURE                                                    syscall.Errno = 575
+	ERROR_PAGEFILE_CREATE_FAILED                                              syscall.Errno = 576
+	ERROR_INVALID_IMAGE_HASH                                                  syscall.Errno = 577
+	ERROR_NO_PAGEFILE                                                         syscall.Errno = 578
+	ERROR_ILLEGAL_FLOAT_CONTEXT                                               syscall.Errno = 579
+	ERROR_NO_EVENT_PAIR                                                       syscall.Errno = 580
+	ERROR_DOMAIN_CTRLR_CONFIG_ERROR                                           syscall.Errno = 581
+	ERROR_ILLEGAL_CHARACTER                                                   syscall.Errno = 582
+	ERROR_UNDEFINED_CHARACTER                                                 syscall.Errno = 583
+	ERROR_FLOPPY_VOLUME                                                       syscall.Errno = 584
+	ERROR_BIOS_FAILED_TO_CONNECT_INTERRUPT                                    syscall.Errno = 585
+	ERROR_BACKUP_CONTROLLER                                                   syscall.Errno = 586
+	ERROR_MUTANT_LIMIT_EXCEEDED                                               syscall.Errno = 587
+	ERROR_FS_DRIVER_REQUIRED                                                  syscall.Errno = 588
+	ERROR_CANNOT_LOAD_REGISTRY_FILE                                           syscall.Errno = 589
+	ERROR_DEBUG_ATTACH_FAILED                                                 syscall.Errno = 590
+	ERROR_SYSTEM_PROCESS_TERMINATED                                           syscall.Errno = 591
+	ERROR_DATA_NOT_ACCEPTED                                                   syscall.Errno = 592
+	ERROR_VDM_HARD_ERROR                                                      syscall.Errno = 593
+	ERROR_DRIVER_CANCEL_TIMEOUT                                               syscall.Errno = 594
+	ERROR_REPLY_MESSAGE_MISMATCH                                              syscall.Errno = 595
+	ERROR_LOST_WRITEBEHIND_DATA                                               syscall.Errno = 596
+	ERROR_CLIENT_SERVER_PARAMETERS_INVALID                                    syscall.Errno = 597
+	ERROR_NOT_TINY_STREAM                                                     syscall.Errno = 598
+	ERROR_STACK_OVERFLOW_READ                                                 syscall.Errno = 599
+	ERROR_CONVERT_TO_LARGE                                                    syscall.Errno = 600
+	ERROR_FOUND_OUT_OF_SCOPE                                                  syscall.Errno = 601
+	ERROR_ALLOCATE_BUCKET                                                     syscall.Errno = 602
+	ERROR_MARSHALL_OVERFLOW                                                   syscall.Errno = 603
+	ERROR_INVALID_VARIANT                                                     syscall.Errno = 604
+	ERROR_BAD_COMPRESSION_BUFFER                                              syscall.Errno = 605
+	ERROR_AUDIT_FAILED                                                        syscall.Errno = 606
+	ERROR_TIMER_RESOLUTION_NOT_SET                                            syscall.Errno = 607
+	ERROR_INSUFFICIENT_LOGON_INFO                                             syscall.Errno = 608
+	ERROR_BAD_DLL_ENTRYPOINT                                                  syscall.Errno = 609
+	ERROR_BAD_SERVICE_ENTRYPOINT                                              syscall.Errno = 610
+	ERROR_IP_ADDRESS_CONFLICT1                                                syscall.Errno = 611
+	ERROR_IP_ADDRESS_CONFLICT2                                                syscall.Errno = 612
+	ERROR_REGISTRY_QUOTA_LIMIT                                                syscall.Errno = 613
+	ERROR_NO_CALLBACK_ACTIVE                                                  syscall.Errno = 614
+	ERROR_PWD_TOO_SHORT                                                       syscall.Errno = 615
+	ERROR_PWD_TOO_RECENT                                                      syscall.Errno = 616
+	ERROR_PWD_HISTORY_CONFLICT                                                syscall.Errno = 617
+	ERROR_UNSUPPORTED_COMPRESSION                                             syscall.Errno = 618
+	ERROR_INVALID_HW_PROFILE                                                  syscall.Errno = 619
+	ERROR_INVALID_PLUGPLAY_DEVICE_PATH                                        syscall.Errno = 620
+	ERROR_QUOTA_LIST_INCONSISTENT                                             syscall.Errno = 621
+	ERROR_EVALUATION_EXPIRATION                                               syscall.Errno = 622
+	ERROR_ILLEGAL_DLL_RELOCATION                                              syscall.Errno = 623
+	ERROR_DLL_INIT_FAILED_LOGOFF                                              syscall.Errno = 624
+	ERROR_VALIDATE_CONTINUE                                                   syscall.Errno = 625
+	ERROR_NO_MORE_MATCHES                                                     syscall.Errno = 626
+	ERROR_RANGE_LIST_CONFLICT                                                 syscall.Errno = 627
+	ERROR_SERVER_SID_MISMATCH                                                 syscall.Errno = 628
+	ERROR_CANT_ENABLE_DENY_ONLY                                               syscall.Errno = 629
+	ERROR_FLOAT_MULTIPLE_FAULTS                                               syscall.Errno = 630
+	ERROR_FLOAT_MULTIPLE_TRAPS                                                syscall.Errno = 631
+	ERROR_NOINTERFACE                                                         syscall.Errno = 632
+	ERROR_DRIVER_FAILED_SLEEP                                                 syscall.Errno = 633
+	ERROR_CORRUPT_SYSTEM_FILE                                                 syscall.Errno = 634
+	ERROR_COMMITMENT_MINIMUM                                                  syscall.Errno = 635
+	ERROR_PNP_RESTART_ENUMERATION                                             syscall.Errno = 636
+	ERROR_SYSTEM_IMAGE_BAD_SIGNATURE                                          syscall.Errno = 637
+	ERROR_PNP_REBOOT_REQUIRED                                                 syscall.Errno = 638
+	ERROR_INSUFFICIENT_POWER                                                  syscall.Errno = 639
+	ERROR_MULTIPLE_FAULT_VIOLATION                                            syscall.Errno = 640
+	ERROR_SYSTEM_SHUTDOWN                                                     syscall.Errno = 641
+	ERROR_PORT_NOT_SET                                                        syscall.Errno = 642
+	ERROR_DS_VERSION_CHECK_FAILURE                                            syscall.Errno = 643
+	ERROR_RANGE_NOT_FOUND                                                     syscall.Errno = 644
+	ERROR_NOT_SAFE_MODE_DRIVER                                                syscall.Errno = 646
+	ERROR_FAILED_DRIVER_ENTRY                                                 syscall.Errno = 647
+	ERROR_DEVICE_ENUMERATION_ERROR                                            syscall.Errno = 648
+	ERROR_MOUNT_POINT_NOT_RESOLVED                                            syscall.Errno = 649
+	ERROR_INVALID_DEVICE_OBJECT_PARAMETER                                     syscall.Errno = 650
+	ERROR_MCA_OCCURED                                                         syscall.Errno = 651
+	ERROR_DRIVER_DATABASE_ERROR                                               syscall.Errno = 652
+	ERROR_SYSTEM_HIVE_TOO_LARGE                                               syscall.Errno = 653
+	ERROR_DRIVER_FAILED_PRIOR_UNLOAD                                          syscall.Errno = 654
+	ERROR_VOLSNAP_PREPARE_HIBERNATE                                           syscall.Errno = 655
+	ERROR_HIBERNATION_FAILURE                                                 syscall.Errno = 656
+	ERROR_PWD_TOO_LONG                                                        syscall.Errno = 657
+	ERROR_FILE_SYSTEM_LIMITATION                                              syscall.Errno = 665
+	ERROR_ASSERTION_FAILURE                                                   syscall.Errno = 668
+	ERROR_ACPI_ERROR                                                          syscall.Errno = 669
+	ERROR_WOW_ASSERTION                                                       syscall.Errno = 670
+	ERROR_PNP_BAD_MPS_TABLE                                                   syscall.Errno = 671
+	ERROR_PNP_TRANSLATION_FAILED                                              syscall.Errno = 672
+	ERROR_PNP_IRQ_TRANSLATION_FAILED                                          syscall.Errno = 673
+	ERROR_PNP_INVALID_ID                                                      syscall.Errno = 674
+	ERROR_WAKE_SYSTEM_DEBUGGER                                                syscall.Errno = 675
+	ERROR_HANDLES_CLOSED                                                      syscall.Errno = 676
+	ERROR_EXTRANEOUS_INFORMATION                                              syscall.Errno = 677
+	ERROR_RXACT_COMMIT_NECESSARY                                              syscall.Errno = 678
+	ERROR_MEDIA_CHECK                                                         syscall.Errno = 679
+	ERROR_GUID_SUBSTITUTION_MADE                                              syscall.Errno = 680
+	ERROR_STOPPED_ON_SYMLINK                                                  syscall.Errno = 681
+	ERROR_LONGJUMP                                                            syscall.Errno = 682
+	ERROR_PLUGPLAY_QUERY_VETOED                                               syscall.Errno = 683
+	ERROR_UNWIND_CONSOLIDATE                                                  syscall.Errno = 684
+	ERROR_REGISTRY_HIVE_RECOVERED                                             syscall.Errno = 685
+	ERROR_DLL_MIGHT_BE_INSECURE                                               syscall.Errno = 686
+	ERROR_DLL_MIGHT_BE_INCOMPATIBLE                                           syscall.Errno = 687
+	ERROR_DBG_EXCEPTION_NOT_HANDLED                                           syscall.Errno = 688
+	ERROR_DBG_REPLY_LATER                                                     syscall.Errno = 689
+	ERROR_DBG_UNABLE_TO_PROVIDE_HANDLE                                        syscall.Errno = 690
+	ERROR_DBG_TERMINATE_THREAD                                                syscall.Errno = 691
+	ERROR_DBG_TERMINATE_PROCESS                                               syscall.Errno = 692
+	ERROR_DBG_CONTROL_C                                                       syscall.Errno = 693
+	ERROR_DBG_PRINTEXCEPTION_C                                                syscall.Errno = 694
+	ERROR_DBG_RIPEXCEPTION                                                    syscall.Errno = 695
+	ERROR_DBG_CONTROL_BREAK                                                   syscall.Errno = 696
+	ERROR_DBG_COMMAND_EXCEPTION                                               syscall.Errno = 697
+	ERROR_OBJECT_NAME_EXISTS                                                  syscall.Errno = 698
+	ERROR_THREAD_WAS_SUSPENDED                                                syscall.Errno = 699
+	ERROR_IMAGE_NOT_AT_BASE                                                   syscall.Errno = 700
+	ERROR_RXACT_STATE_CREATED                                                 syscall.Errno = 701
+	ERROR_SEGMENT_NOTIFICATION                                                syscall.Errno = 702
+	ERROR_BAD_CURRENT_DIRECTORY                                               syscall.Errno = 703
+	ERROR_FT_READ_RECOVERY_FROM_BACKUP                                        syscall.Errno = 704
+	ERROR_FT_WRITE_RECOVERY                                                   syscall.Errno = 705
+	ERROR_IMAGE_MACHINE_TYPE_MISMATCH                                         syscall.Errno = 706
+	ERROR_RECEIVE_PARTIAL                                                     syscall.Errno = 707
+	ERROR_RECEIVE_EXPEDITED                                                   syscall.Errno = 708
+	ERROR_RECEIVE_PARTIAL_EXPEDITED                                           syscall.Errno = 709
+	ERROR_EVENT_DONE                                                          syscall.Errno = 710
+	ERROR_EVENT_PENDING                                                       syscall.Errno = 711
+	ERROR_CHECKING_FILE_SYSTEM                                                syscall.Errno = 712
+	ERROR_FATAL_APP_EXIT                                                      syscall.Errno = 713
+	ERROR_PREDEFINED_HANDLE                                                   syscall.Errno = 714
+	ERROR_WAS_UNLOCKED                                                        syscall.Errno = 715
+	ERROR_SERVICE_NOTIFICATION                                                syscall.Errno = 716
+	ERROR_WAS_LOCKED                                                          syscall.Errno = 717
+	ERROR_LOG_HARD_ERROR                                                      syscall.Errno = 718
+	ERROR_ALREADY_WIN32                                                       syscall.Errno = 719
+	ERROR_IMAGE_MACHINE_TYPE_MISMATCH_EXE                                     syscall.Errno = 720
+	ERROR_NO_YIELD_PERFORMED                                                  syscall.Errno = 721
+	ERROR_TIMER_RESUME_IGNORED                                                syscall.Errno = 722
+	ERROR_ARBITRATION_UNHANDLED                                               syscall.Errno = 723
+	ERROR_CARDBUS_NOT_SUPPORTED                                               syscall.Errno = 724
+	ERROR_MP_PROCESSOR_MISMATCH                                               syscall.Errno = 725
+	ERROR_HIBERNATED                                                          syscall.Errno = 726
+	ERROR_RESUME_HIBERNATION                                                  syscall.Errno = 727
+	ERROR_FIRMWARE_UPDATED                                                    syscall.Errno = 728
+	ERROR_DRIVERS_LEAKING_LOCKED_PAGES                                        syscall.Errno = 729
+	ERROR_WAKE_SYSTEM                                                         syscall.Errno = 730
+	ERROR_WAIT_1                                                              syscall.Errno = 731
+	ERROR_WAIT_2                                                              syscall.Errno = 732
+	ERROR_WAIT_3                                                              syscall.Errno = 733
+	ERROR_WAIT_63                                                             syscall.Errno = 734
+	ERROR_ABANDONED_WAIT_0                                                    syscall.Errno = 735
+	ERROR_ABANDONED_WAIT_63                                                   syscall.Errno = 736
+	ERROR_USER_APC                                                            syscall.Errno = 737
+	ERROR_KERNEL_APC                                                          syscall.Errno = 738
+	ERROR_ALERTED                                                             syscall.Errno = 739
+	ERROR_ELEVATION_REQUIRED                                                  syscall.Errno = 740
+	ERROR_REPARSE                                                             syscall.Errno = 741
+	ERROR_OPLOCK_BREAK_IN_PROGRESS                                            syscall.Errno = 742
+	ERROR_VOLUME_MOUNTED                                                      syscall.Errno = 743
+	ERROR_RXACT_COMMITTED                                                     syscall.Errno = 744
+	ERROR_NOTIFY_CLEANUP                                                      syscall.Errno = 745
+	ERROR_PRIMARY_TRANSPORT_CONNECT_FAILED                                    syscall.Errno = 746
+	ERROR_PAGE_FAULT_TRANSITION                                               syscall.Errno = 747
+	ERROR_PAGE_FAULT_DEMAND_ZERO                                              syscall.Errno = 748
+	ERROR_PAGE_FAULT_COPY_ON_WRITE                                            syscall.Errno = 749
+	ERROR_PAGE_FAULT_GUARD_PAGE                                               syscall.Errno = 750
+	ERROR_PAGE_FAULT_PAGING_FILE                                              syscall.Errno = 751
+	ERROR_CACHE_PAGE_LOCKED                                                   syscall.Errno = 752
+	ERROR_CRASH_DUMP                                                          syscall.Errno = 753
+	ERROR_BUFFER_ALL_ZEROS                                                    syscall.Errno = 754
+	ERROR_REPARSE_OBJECT                                                      syscall.Errno = 755
+	ERROR_RESOURCE_REQUIREMENTS_CHANGED                                       syscall.Errno = 756
+	ERROR_TRANSLATION_COMPLETE                                                syscall.Errno = 757
+	ERROR_NOTHING_TO_TERMINATE                                                syscall.Errno = 758
+	ERROR_PROCESS_NOT_IN_JOB                                                  syscall.Errno = 759
+	ERROR_PROCESS_IN_JOB                                                      syscall.Errno = 760
+	ERROR_VOLSNAP_HIBERNATE_READY                                             syscall.Errno = 761
+	ERROR_FSFILTER_OP_COMPLETED_SUCCESSFULLY                                  syscall.Errno = 762
+	ERROR_INTERRUPT_VECTOR_ALREADY_CONNECTED                                  syscall.Errno = 763
+	ERROR_INTERRUPT_STILL_CONNECTED                                           syscall.Errno = 764
+	ERROR_WAIT_FOR_OPLOCK                                                     syscall.Errno = 765
+	ERROR_DBG_EXCEPTION_HANDLED                                               syscall.Errno = 766
+	ERROR_DBG_CONTINUE                                                        syscall.Errno = 767
+	ERROR_CALLBACK_POP_STACK                                                  syscall.Errno = 768
+	ERROR_COMPRESSION_DISABLED                                                syscall.Errno = 769
+	ERROR_CANTFETCHBACKWARDS                                                  syscall.Errno = 770
+	ERROR_CANTSCROLLBACKWARDS                                                 syscall.Errno = 771
+	ERROR_ROWSNOTRELEASED                                                     syscall.Errno = 772
+	ERROR_BAD_ACCESSOR_FLAGS                                                  syscall.Errno = 773
+	ERROR_ERRORS_ENCOUNTERED                                                  syscall.Errno = 774
+	ERROR_NOT_CAPABLE                                                         syscall.Errno = 775
+	ERROR_REQUEST_OUT_OF_SEQUENCE                                             syscall.Errno = 776
+	ERROR_VERSION_PARSE_ERROR                                                 syscall.Errno = 777
+	ERROR_BADSTARTPOSITION                                                    syscall.Errno = 778
+	ERROR_MEMORY_HARDWARE                                                     syscall.Errno = 779
+	ERROR_DISK_REPAIR_DISABLED                                                syscall.Errno = 780
+	ERROR_INSUFFICIENT_RESOURCE_FOR_SPECIFIED_SHARED_SECTION_SIZE             syscall.Errno = 781
+	ERROR_SYSTEM_POWERSTATE_TRANSITION                                        syscall.Errno = 782
+	ERROR_SYSTEM_POWERSTATE_COMPLEX_TRANSITION                                syscall.Errno = 783
+	ERROR_MCA_EXCEPTION                                                       syscall.Errno = 784
+	ERROR_ACCESS_AUDIT_BY_POLICY                                              syscall.Errno = 785
+	ERROR_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY                               syscall.Errno = 786
+	ERROR_ABANDON_HIBERFILE                                                   syscall.Errno = 787
+	ERROR_LOST_WRITEBEHIND_DATA_NETWORK_DISCONNECTED                          syscall.Errno = 788
+	ERROR_LOST_WRITEBEHIND_DATA_NETWORK_SERVER_ERROR                          syscall.Errno = 789
+	ERROR_LOST_WRITEBEHIND_DATA_LOCAL_DISK_ERROR                              syscall.Errno = 790
+	ERROR_BAD_MCFG_TABLE                                                      syscall.Errno = 791
+	ERROR_DISK_REPAIR_REDIRECTED                                              syscall.Errno = 792
+	ERROR_DISK_REPAIR_UNSUCCESSFUL                                            syscall.Errno = 793
+	ERROR_CORRUPT_LOG_OVERFULL                                                syscall.Errno = 794
+	ERROR_CORRUPT_LOG_CORRUPTED                                               syscall.Errno = 795
+	ERROR_CORRUPT_LOG_UNAVAILABLE                                             syscall.Errno = 796
+	ERROR_CORRUPT_LOG_DELETED_FULL                                            syscall.Errno = 797
+	ERROR_CORRUPT_LOG_CLEARED                                                 syscall.Errno = 798
+	ERROR_ORPHAN_NAME_EXHAUSTED                                               syscall.Errno = 799
+	ERROR_OPLOCK_SWITCHED_TO_NEW_HANDLE                                       syscall.Errno = 800
+	ERROR_CANNOT_GRANT_REQUESTED_OPLOCK                                       syscall.Errno = 801
+	ERROR_CANNOT_BREAK_OPLOCK                                                 syscall.Errno = 802
+	ERROR_OPLOCK_HANDLE_CLOSED                                                syscall.Errno = 803
+	ERROR_NO_ACE_CONDITION                                                    syscall.Errno = 804
+	ERROR_INVALID_ACE_CONDITION                                               syscall.Errno = 805
+	ERROR_FILE_HANDLE_REVOKED                                                 syscall.Errno = 806
+	ERROR_IMAGE_AT_DIFFERENT_BASE                                             syscall.Errno = 807
+	ERROR_ENCRYPTED_IO_NOT_POSSIBLE                                           syscall.Errno = 808
+	ERROR_FILE_METADATA_OPTIMIZATION_IN_PROGRESS                              syscall.Errno = 809
+	ERROR_QUOTA_ACTIVITY                                                      syscall.Errno = 810
+	ERROR_HANDLE_REVOKED                                                      syscall.Errno = 811
+	ERROR_CALLBACK_INVOKE_INLINE                                              syscall.Errno = 812
+	ERROR_CPU_SET_INVALID                                                     syscall.Errno = 813
+	ERROR_ENCLAVE_NOT_TERMINATED                                              syscall.Errno = 814
+	ERROR_ENCLAVE_VIOLATION                                                   syscall.Errno = 815
+	ERROR_EA_ACCESS_DENIED                                                    syscall.Errno = 994
+	ERROR_OPERATION_ABORTED                                                   syscall.Errno = 995
+	ERROR_IO_INCOMPLETE                                                       syscall.Errno = 996
+	ERROR_IO_PENDING                                                          syscall.Errno = 997
+	ERROR_NOACCESS                                                            syscall.Errno = 998
+	ERROR_SWAPERROR                                                           syscall.Errno = 999
+	ERROR_STACK_OVERFLOW                                                      syscall.Errno = 1001
+	ERROR_INVALID_MESSAGE                                                     syscall.Errno = 1002
+	ERROR_CAN_NOT_COMPLETE                                                    syscall.Errno = 1003
+	ERROR_INVALID_FLAGS                                                       syscall.Errno = 1004
+	ERROR_UNRECOGNIZED_VOLUME                                                 syscall.Errno = 1005
+	ERROR_FILE_INVALID                                                        syscall.Errno = 1006
+	ERROR_FULLSCREEN_MODE                                                     syscall.Errno = 1007
+	ERROR_NO_TOKEN                                                            syscall.Errno = 1008
+	ERROR_BADDB                                                               syscall.Errno = 1009
+	ERROR_BADKEY                                                              syscall.Errno = 1010
+	ERROR_CANTOPEN                                                            syscall.Errno = 1011
+	ERROR_CANTREAD                                                            syscall.Errno = 1012
+	ERROR_CANTWRITE                                                           syscall.Errno = 1013
+	ERROR_REGISTRY_RECOVERED                                                  syscall.Errno = 1014
+	ERROR_REGISTRY_CORRUPT                                                    syscall.Errno = 1015
+	ERROR_REGISTRY_IO_FAILED                                                  syscall.Errno = 1016
+	ERROR_NOT_REGISTRY_FILE                                                   syscall.Errno = 1017
+	ERROR_KEY_DELETED                                                         syscall.Errno = 1018
+	ERROR_NO_LOG_SPACE                                                        syscall.Errno = 1019
+	ERROR_KEY_HAS_CHILDREN                                                    syscall.Errno = 1020
+	ERROR_CHILD_MUST_BE_VOLATILE                                              syscall.Errno = 1021
+	ERROR_NOTIFY_ENUM_DIR                                                     syscall.Errno = 1022
+	ERROR_DEPENDENT_SERVICES_RUNNING                                          syscall.Errno = 1051
+	ERROR_INVALID_SERVICE_CONTROL                                             syscall.Errno = 1052
+	ERROR_SERVICE_REQUEST_TIMEOUT                                             syscall.Errno = 1053
+	ERROR_SERVICE_NO_THREAD                                                   syscall.Errno = 1054
+	ERROR_SERVICE_DATABASE_LOCKED                                             syscall.Errno = 1055
+	ERROR_SERVICE_ALREADY_RUNNING                                             syscall.Errno = 1056
+	ERROR_INVALID_SERVICE_ACCOUNT                                             syscall.Errno = 1057
+	ERROR_SERVICE_DISABLED                                                    syscall.Errno = 1058
+	ERROR_CIRCULAR_DEPENDENCY                                                 syscall.Errno = 1059
+	ERROR_SERVICE_DOES_NOT_EXIST                                              syscall.Errno = 1060
+	ERROR_SERVICE_CANNOT_ACCEPT_CTRL                                          syscall.Errno = 1061
+	ERROR_SERVICE_NOT_ACTIVE                                                  syscall.Errno = 1062
+	ERROR_FAILED_SERVICE_CONTROLLER_CONNECT                                   syscall.Errno = 1063
+	ERROR_EXCEPTION_IN_SERVICE                                                syscall.Errno = 1064
+	ERROR_DATABASE_DOES_NOT_EXIST                                             syscall.Errno = 1065
+	ERROR_SERVICE_SPECIFIC_ERROR                                              syscall.Errno = 1066
+	ERROR_PROCESS_ABORTED                                                     syscall.Errno = 1067
+	ERROR_SERVICE_DEPENDENCY_FAIL                                             syscall.Errno = 1068
+	ERROR_SERVICE_LOGON_FAILED                                                syscall.Errno = 1069
+	ERROR_SERVICE_START_HANG                                                  syscall.Errno = 1070
+	ERROR_INVALID_SERVICE_LOCK                                                syscall.Errno = 1071
+	ERROR_SERVICE_MARKED_FOR_DELETE                                           syscall.Errno = 1072
+	ERROR_SERVICE_EXISTS                                                      syscall.Errno = 1073
+	ERROR_ALREADY_RUNNING_LKG                                                 syscall.Errno = 1074
+	ERROR_SERVICE_DEPENDENCY_DELETED                                          syscall.Errno = 1075
+	ERROR_BOOT_ALREADY_ACCEPTED                                               syscall.Errno = 1076
+	ERROR_SERVICE_NEVER_STARTED                                               syscall.Errno = 1077
+	ERROR_DUPLICATE_SERVICE_NAME                                              syscall.Errno = 1078
+	ERROR_DIFFERENT_SERVICE_ACCOUNT                                           syscall.Errno = 1079
+	ERROR_CANNOT_DETECT_DRIVER_FAILURE                                        syscall.Errno = 1080
+	ERROR_CANNOT_DETECT_PROCESS_ABORT                                         syscall.Errno = 1081
+	ERROR_NO_RECOVERY_PROGRAM                                                 syscall.Errno = 1082
+	ERROR_SERVICE_NOT_IN_EXE                                                  syscall.Errno = 1083
+	ERROR_NOT_SAFEBOOT_SERVICE                                                syscall.Errno = 1084
+	ERROR_END_OF_MEDIA                                                        syscall.Errno = 1100
+	ERROR_FILEMARK_DETECTED                                                   syscall.Errno = 1101
+	ERROR_BEGINNING_OF_MEDIA                                                  syscall.Errno = 1102
+	ERROR_SETMARK_DETECTED                                                    syscall.Errno = 1103
+	ERROR_NO_DATA_DETECTED                                                    syscall.Errno = 1104
+	ERROR_PARTITION_FAILURE                                                   syscall.Errno = 1105
+	ERROR_INVALID_BLOCK_LENGTH                                                syscall.Errno = 1106
+	ERROR_DEVICE_NOT_PARTITIONED                                              syscall.Errno = 1107
+	ERROR_UNABLE_TO_LOCK_MEDIA                                                syscall.Errno = 1108
+	ERROR_UNABLE_TO_UNLOAD_MEDIA                                              syscall.Errno = 1109
+	ERROR_MEDIA_CHANGED                                                       syscall.Errno = 1110
+	ERROR_BUS_RESET                                                           syscall.Errno = 1111
+	ERROR_NO_MEDIA_IN_DRIVE                                                   syscall.Errno = 1112
+	ERROR_NO_UNICODE_TRANSLATION                                              syscall.Errno = 1113
+	ERROR_DLL_INIT_FAILED                                                     syscall.Errno = 1114
+	ERROR_SHUTDOWN_IN_PROGRESS                                                syscall.Errno = 1115
+	ERROR_NO_SHUTDOWN_IN_PROGRESS                                             syscall.Errno = 1116
+	ERROR_IO_DEVICE                                                           syscall.Errno = 1117
+	ERROR_SERIAL_NO_DEVICE                                                    syscall.Errno = 1118
+	ERROR_IRQ_BUSY                                                            syscall.Errno = 1119
+	ERROR_MORE_WRITES                                                         syscall.Errno = 1120
+	ERROR_COUNTER_TIMEOUT                                                     syscall.Errno = 1121
+	ERROR_FLOPPY_ID_MARK_NOT_FOUND                                            syscall.Errno = 1122
+	ERROR_FLOPPY_WRONG_CYLINDER                                               syscall.Errno = 1123
+	ERROR_FLOPPY_UNKNOWN_ERROR                                                syscall.Errno = 1124
+	ERROR_FLOPPY_BAD_REGISTERS                                                syscall.Errno = 1125
+	ERROR_DISK_RECALIBRATE_FAILED                                             syscall.Errno = 1126
+	ERROR_DISK_OPERATION_FAILED                                               syscall.Errno = 1127
+	ERROR_DISK_RESET_FAILED                                                   syscall.Errno = 1128
+	ERROR_EOM_OVERFLOW                                                        syscall.Errno = 1129
+	ERROR_NOT_ENOUGH_SERVER_MEMORY                                            syscall.Errno = 1130
+	ERROR_POSSIBLE_DEADLOCK                                                   syscall.Errno = 1131
+	ERROR_MAPPED_ALIGNMENT                                                    syscall.Errno = 1132
+	ERROR_SET_POWER_STATE_VETOED                                              syscall.Errno = 1140
+	ERROR_SET_POWER_STATE_FAILED                                              syscall.Errno = 1141
+	ERROR_TOO_MANY_LINKS                                                      syscall.Errno = 1142
+	ERROR_OLD_WIN_VERSION                                                     syscall.Errno = 1150
+	ERROR_APP_WRONG_OS                                                        syscall.Errno = 1151
+	ERROR_SINGLE_INSTANCE_APP                                                 syscall.Errno = 1152
+	ERROR_RMODE_APP                                                           syscall.Errno = 1153
+	ERROR_INVALID_DLL                                                         syscall.Errno = 1154
+	ERROR_NO_ASSOCIATION                                                      syscall.Errno = 1155
+	ERROR_DDE_FAIL                                                            syscall.Errno = 1156
+	ERROR_DLL_NOT_FOUND                                                       syscall.Errno = 1157
+	ERROR_NO_MORE_USER_HANDLES                                                syscall.Errno = 1158
+	ERROR_MESSAGE_SYNC_ONLY                                                   syscall.Errno = 1159
+	ERROR_SOURCE_ELEMENT_EMPTY                                                syscall.Errno = 1160
+	ERROR_DESTINATION_ELEMENT_FULL                                            syscall.Errno = 1161
+	ERROR_ILLEGAL_ELEMENT_ADDRESS                                             syscall.Errno = 1162
+	ERROR_MAGAZINE_NOT_PRESENT                                                syscall.Errno = 1163
+	ERROR_DEVICE_REINITIALIZATION_NEEDED                                      syscall.Errno = 1164
+	ERROR_DEVICE_REQUIRES_CLEANING                                            syscall.Errno = 1165
+	ERROR_DEVICE_DOOR_OPEN                                                    syscall.Errno = 1166
+	ERROR_DEVICE_NOT_CONNECTED                                                syscall.Errno = 1167
+	ERROR_NOT_FOUND                                                           syscall.Errno = 1168
+	ERROR_NO_MATCH                                                            syscall.Errno = 1169
+	ERROR_SET_NOT_FOUND                                                       syscall.Errno = 1170
+	ERROR_POINT_NOT_FOUND                                                     syscall.Errno = 1171
+	ERROR_NO_TRACKING_SERVICE                                                 syscall.Errno = 1172
+	ERROR_NO_VOLUME_ID                                                        syscall.Errno = 1173
+	ERROR_UNABLE_TO_REMOVE_REPLACED                                           syscall.Errno = 1175
+	ERROR_UNABLE_TO_MOVE_REPLACEMENT                                          syscall.Errno = 1176
+	ERROR_UNABLE_TO_MOVE_REPLACEMENT_2                                        syscall.Errno = 1177
+	ERROR_JOURNAL_DELETE_IN_PROGRESS                                          syscall.Errno = 1178
+	ERROR_JOURNAL_NOT_ACTIVE                                                  syscall.Errno = 1179
+	ERROR_POTENTIAL_FILE_FOUND                                                syscall.Errno = 1180
+	ERROR_JOURNAL_ENTRY_DELETED                                               syscall.Errno = 1181
+	ERROR_SHUTDOWN_IS_SCHEDULED                                               syscall.Errno = 1190
+	ERROR_SHUTDOWN_USERS_LOGGED_ON                                            syscall.Errno = 1191
+	ERROR_BAD_DEVICE                                                          syscall.Errno = 1200
+	ERROR_CONNECTION_UNAVAIL                                                  syscall.Errno = 1201
+	ERROR_DEVICE_ALREADY_REMEMBERED                                           syscall.Errno = 1202
+	ERROR_NO_NET_OR_BAD_PATH                                                  syscall.Errno = 1203
+	ERROR_BAD_PROVIDER                                                        syscall.Errno = 1204
+	ERROR_CANNOT_OPEN_PROFILE                                                 syscall.Errno = 1205
+	ERROR_BAD_PROFILE                                                         syscall.Errno = 1206
+	ERROR_NOT_CONTAINER                                                       syscall.Errno = 1207
+	ERROR_EXTENDED_ERROR                                                      syscall.Errno = 1208
+	ERROR_INVALID_GROUPNAME                                                   syscall.Errno = 1209
+	ERROR_INVALID_COMPUTERNAME                                                syscall.Errno = 1210
+	ERROR_INVALID_EVENTNAME                                                   syscall.Errno = 1211
+	ERROR_INVALID_DOMAINNAME                                                  syscall.Errno = 1212
+	ERROR_INVALID_SERVICENAME                                                 syscall.Errno = 1213
+	ERROR_INVALID_NETNAME                                                     syscall.Errno = 1214
+	ERROR_INVALID_SHARENAME                                                   syscall.Errno = 1215
+	ERROR_INVALID_PASSWORDNAME                                                syscall.Errno = 1216
+	ERROR_INVALID_MESSAGENAME                                                 syscall.Errno = 1217
+	ERROR_INVALID_MESSAGEDEST                                                 syscall.Errno = 1218
+	ERROR_SESSION_CREDENTIAL_CONFLICT                                         syscall.Errno = 1219
+	ERROR_REMOTE_SESSION_LIMIT_EXCEEDED                                       syscall.Errno = 1220
+	ERROR_DUP_DOMAINNAME                                                      syscall.Errno = 1221
+	ERROR_NO_NETWORK                                                          syscall.Errno = 1222
+	ERROR_CANCELLED                                                           syscall.Errno = 1223
+	ERROR_USER_MAPPED_FILE                                                    syscall.Errno = 1224
+	ERROR_CONNECTION_REFUSED                                                  syscall.Errno = 1225
+	ERROR_GRACEFUL_DISCONNECT                                                 syscall.Errno = 1226
+	ERROR_ADDRESS_ALREADY_ASSOCIATED                                          syscall.Errno = 1227
+	ERROR_ADDRESS_NOT_ASSOCIATED                                              syscall.Errno = 1228
+	ERROR_CONNECTION_INVALID                                                  syscall.Errno = 1229
+	ERROR_CONNECTION_ACTIVE                                                   syscall.Errno = 1230
+	ERROR_NETWORK_UNREACHABLE                                                 syscall.Errno = 1231
+	ERROR_HOST_UNREACHABLE                                                    syscall.Errno = 1232
+	ERROR_PROTOCOL_UNREACHABLE                                                syscall.Errno = 1233
+	ERROR_PORT_UNREACHABLE                                                    syscall.Errno = 1234
+	ERROR_REQUEST_ABORTED                                                     syscall.Errno = 1235
+	ERROR_CONNECTION_ABORTED                                                  syscall.Errno = 1236
+	ERROR_RETRY                                                               syscall.Errno = 1237
+	ERROR_CONNECTION_COUNT_LIMIT                                              syscall.Errno = 1238
+	ERROR_LOGIN_TIME_RESTRICTION                                              syscall.Errno = 1239
+	ERROR_LOGIN_WKSTA_RESTRICTION                                             syscall.Errno = 1240
+	ERROR_INCORRECT_ADDRESS                                                   syscall.Errno = 1241
+	ERROR_ALREADY_REGISTERED                                                  syscall.Errno = 1242
+	ERROR_SERVICE_NOT_FOUND                                                   syscall.Errno = 1243
+	ERROR_NOT_AUTHENTICATED                                                   syscall.Errno = 1244
+	ERROR_NOT_LOGGED_ON                                                       syscall.Errno = 1245
+	ERROR_CONTINUE                                                            syscall.Errno = 1246
+	ERROR_ALREADY_INITIALIZED                                                 syscall.Errno = 1247
+	ERROR_NO_MORE_DEVICES                                                     syscall.Errno = 1248
+	ERROR_NO_SUCH_SITE                                                        syscall.Errno = 1249
+	ERROR_DOMAIN_CONTROLLER_EXISTS                                            syscall.Errno = 1250
+	ERROR_ONLY_IF_CONNECTED                                                   syscall.Errno = 1251
+	ERROR_OVERRIDE_NOCHANGES                                                  syscall.Errno = 1252
+	ERROR_BAD_USER_PROFILE                                                    syscall.Errno = 1253
+	ERROR_NOT_SUPPORTED_ON_SBS                                                syscall.Errno = 1254
+	ERROR_SERVER_SHUTDOWN_IN_PROGRESS                                         syscall.Errno = 1255
+	ERROR_HOST_DOWN                                                           syscall.Errno = 1256
+	ERROR_NON_ACCOUNT_SID                                                     syscall.Errno = 1257
+	ERROR_NON_DOMAIN_SID                                                      syscall.Errno = 1258
+	ERROR_APPHELP_BLOCK                                                       syscall.Errno = 1259
+	ERROR_ACCESS_DISABLED_BY_POLICY                                           syscall.Errno = 1260
+	ERROR_REG_NAT_CONSUMPTION                                                 syscall.Errno = 1261
+	ERROR_CSCSHARE_OFFLINE                                                    syscall.Errno = 1262
+	ERROR_PKINIT_FAILURE                                                      syscall.Errno = 1263
+	ERROR_SMARTCARD_SUBSYSTEM_FAILURE                                         syscall.Errno = 1264
+	ERROR_DOWNGRADE_DETECTED                                                  syscall.Errno = 1265
+	ERROR_MACHINE_LOCKED                                                      syscall.Errno = 1271
+	ERROR_SMB_GUEST_LOGON_BLOCKED                                             syscall.Errno = 1272
+	ERROR_CALLBACK_SUPPLIED_INVALID_DATA                                      syscall.Errno = 1273
+	ERROR_SYNC_FOREGROUND_REFRESH_REQUIRED                                    syscall.Errno = 1274
+	ERROR_DRIVER_BLOCKED                                                      syscall.Errno = 1275
+	ERROR_INVALID_IMPORT_OF_NON_DLL                                           syscall.Errno = 1276
+	ERROR_ACCESS_DISABLED_WEBBLADE                                            syscall.Errno = 1277
+	ERROR_ACCESS_DISABLED_WEBBLADE_TAMPER                                     syscall.Errno = 1278
+	ERROR_RECOVERY_FAILURE                                                    syscall.Errno = 1279
+	ERROR_ALREADY_FIBER                                                       syscall.Errno = 1280
+	ERROR_ALREADY_THREAD                                                      syscall.Errno = 1281
+	ERROR_STACK_BUFFER_OVERRUN                                                syscall.Errno = 1282
+	ERROR_PARAMETER_QUOTA_EXCEEDED                                            syscall.Errno = 1283
+	ERROR_DEBUGGER_INACTIVE                                                   syscall.Errno = 1284
+	ERROR_DELAY_LOAD_FAILED                                                   syscall.Errno = 1285
+	ERROR_VDM_DISALLOWED                                                      syscall.Errno = 1286
+	ERROR_UNIDENTIFIED_ERROR                                                  syscall.Errno = 1287
+	ERROR_INVALID_CRUNTIME_PARAMETER                                          syscall.Errno = 1288
+	ERROR_BEYOND_VDL                                                          syscall.Errno = 1289
+	ERROR_INCOMPATIBLE_SERVICE_SID_TYPE                                       syscall.Errno = 1290
+	ERROR_DRIVER_PROCESS_TERMINATED                                           syscall.Errno = 1291
+	ERROR_IMPLEMENTATION_LIMIT                                                syscall.Errno = 1292
+	ERROR_PROCESS_IS_PROTECTED                                                syscall.Errno = 1293
+	ERROR_SERVICE_NOTIFY_CLIENT_LAGGING                                       syscall.Errno = 1294
+	ERROR_DISK_QUOTA_EXCEEDED                                                 syscall.Errno = 1295
+	ERROR_CONTENT_BLOCKED                                                     syscall.Errno = 1296
+	ERROR_INCOMPATIBLE_SERVICE_PRIVILEGE                                      syscall.Errno = 1297
+	ERROR_APP_HANG                                                            syscall.Errno = 1298
+	ERROR_INVALID_LABEL                                                       syscall.Errno = 1299
+	ERROR_NOT_ALL_ASSIGNED                                                    syscall.Errno = 1300
+	ERROR_SOME_NOT_MAPPED                                                     syscall.Errno = 1301
+	ERROR_NO_QUOTAS_FOR_ACCOUNT                                               syscall.Errno = 1302
+	ERROR_LOCAL_USER_SESSION_KEY                                              syscall.Errno = 1303
+	ERROR_NULL_LM_PASSWORD                                                    syscall.Errno = 1304
+	ERROR_UNKNOWN_REVISION                                                    syscall.Errno = 1305
+	ERROR_REVISION_MISMATCH                                                   syscall.Errno = 1306
+	ERROR_INVALID_OWNER                                                       syscall.Errno = 1307
+	ERROR_INVALID_PRIMARY_GROUP                                               syscall.Errno = 1308
+	ERROR_NO_IMPERSONATION_TOKEN                                              syscall.Errno = 1309
+	ERROR_CANT_DISABLE_MANDATORY                                              syscall.Errno = 1310
+	ERROR_NO_LOGON_SERVERS                                                    syscall.Errno = 1311
+	ERROR_NO_SUCH_LOGON_SESSION                                               syscall.Errno = 1312
+	ERROR_NO_SUCH_PRIVILEGE                                                   syscall.Errno = 1313
+	ERROR_PRIVILEGE_NOT_HELD                                                  syscall.Errno = 1314
+	ERROR_INVALID_ACCOUNT_NAME                                                syscall.Errno = 1315
+	ERROR_USER_EXISTS                                                         syscall.Errno = 1316
+	ERROR_NO_SUCH_USER                                                        syscall.Errno = 1317
+	ERROR_GROUP_EXISTS                                                        syscall.Errno = 1318
+	ERROR_NO_SUCH_GROUP                                                       syscall.Errno = 1319
+	ERROR_MEMBER_IN_GROUP                                                     syscall.Errno = 1320
+	ERROR_MEMBER_NOT_IN_GROUP                                                 syscall.Errno = 1321
+	ERROR_LAST_ADMIN                                                          syscall.Errno = 1322
+	ERROR_WRONG_PASSWORD                                                      syscall.Errno = 1323
+	ERROR_ILL_FORMED_PASSWORD                                                 syscall.Errno = 1324
+	ERROR_PASSWORD_RESTRICTION                                                syscall.Errno = 1325
+	ERROR_LOGON_FAILURE                                                       syscall.Errno = 1326
+	ERROR_ACCOUNT_RESTRICTION                                                 syscall.Errno = 1327
+	ERROR_INVALID_LOGON_HOURS                                                 syscall.Errno = 1328
+	ERROR_INVALID_WORKSTATION                                                 syscall.Errno = 1329
+	ERROR_PASSWORD_EXPIRED                                                    syscall.Errno = 1330
+	ERROR_ACCOUNT_DISABLED                                                    syscall.Errno = 1331
+	ERROR_NONE_MAPPED                                                         syscall.Errno = 1332
+	ERROR_TOO_MANY_LUIDS_REQUESTED                                            syscall.Errno = 1333
+	ERROR_LUIDS_EXHAUSTED                                                     syscall.Errno = 1334
+	ERROR_INVALID_SUB_AUTHORITY                                               syscall.Errno = 1335
+	ERROR_INVALID_ACL                                                         syscall.Errno = 1336
+	ERROR_INVALID_SID                                                         syscall.Errno = 1337
+	ERROR_INVALID_SECURITY_DESCR                                              syscall.Errno = 1338
+	ERROR_BAD_INHERITANCE_ACL                                                 syscall.Errno = 1340
+	ERROR_SERVER_DISABLED                                                     syscall.Errno = 1341
+	ERROR_SERVER_NOT_DISABLED                                                 syscall.Errno = 1342
+	ERROR_INVALID_ID_AUTHORITY                                                syscall.Errno = 1343
+	ERROR_ALLOTTED_SPACE_EXCEEDED                                             syscall.Errno = 1344
+	ERROR_INVALID_GROUP_ATTRIBUTES                                            syscall.Errno = 1345
+	ERROR_BAD_IMPERSONATION_LEVEL                                             syscall.Errno = 1346
+	ERROR_CANT_OPEN_ANONYMOUS                                                 syscall.Errno = 1347
+	ERROR_BAD_VALIDATION_CLASS                                                syscall.Errno = 1348
+	ERROR_BAD_TOKEN_TYPE                                                      syscall.Errno = 1349
+	ERROR_NO_SECURITY_ON_OBJECT                                               syscall.Errno = 1350
+	ERROR_CANT_ACCESS_DOMAIN_INFO                                             syscall.Errno = 1351
+	ERROR_INVALID_SERVER_STATE                                                syscall.Errno = 1352
+	ERROR_INVALID_DOMAIN_STATE                                                syscall.Errno = 1353
+	ERROR_INVALID_DOMAIN_ROLE                                                 syscall.Errno = 1354
+	ERROR_NO_SUCH_DOMAIN                                                      syscall.Errno = 1355
+	ERROR_DOMAIN_EXISTS                                                       syscall.Errno = 1356
+	ERROR_DOMAIN_LIMIT_EXCEEDED                                               syscall.Errno = 1357
+	ERROR_INTERNAL_DB_CORRUPTION                                              syscall.Errno = 1358
+	ERROR_INTERNAL_ERROR                                                      syscall.Errno = 1359
+	ERROR_GENERIC_NOT_MAPPED                                                  syscall.Errno = 1360
+	ERROR_BAD_DESCRIPTOR_FORMAT                                               syscall.Errno = 1361
+	ERROR_NOT_LOGON_PROCESS                                                   syscall.Errno = 1362
+	ERROR_LOGON_SESSION_EXISTS                                                syscall.Errno = 1363
+	ERROR_NO_SUCH_PACKAGE                                                     syscall.Errno = 1364
+	ERROR_BAD_LOGON_SESSION_STATE                                             syscall.Errno = 1365
+	ERROR_LOGON_SESSION_COLLISION                                             syscall.Errno = 1366
+	ERROR_INVALID_LOGON_TYPE                                                  syscall.Errno = 1367
+	ERROR_CANNOT_IMPERSONATE                                                  syscall.Errno = 1368
+	ERROR_RXACT_INVALID_STATE                                                 syscall.Errno = 1369
+	ERROR_RXACT_COMMIT_FAILURE                                                syscall.Errno = 1370
+	ERROR_SPECIAL_ACCOUNT                                                     syscall.Errno = 1371
+	ERROR_SPECIAL_GROUP                                                       syscall.Errno = 1372
+	ERROR_SPECIAL_USER                                                        syscall.Errno = 1373
+	ERROR_MEMBERS_PRIMARY_GROUP                                               syscall.Errno = 1374
+	ERROR_TOKEN_ALREADY_IN_USE                                                syscall.Errno = 1375
+	ERROR_NO_SUCH_ALIAS                                                       syscall.Errno = 1376
+	ERROR_MEMBER_NOT_IN_ALIAS                                                 syscall.Errno = 1377
+	ERROR_MEMBER_IN_ALIAS                                                     syscall.Errno = 1378
+	ERROR_ALIAS_EXISTS                                                        syscall.Errno = 1379
+	ERROR_LOGON_NOT_GRANTED                                                   syscall.Errno = 1380
+	ERROR_TOO_MANY_SECRETS                                                    syscall.Errno = 1381
+	ERROR_SECRET_TOO_LONG                                                     syscall.Errno = 1382
+	ERROR_INTERNAL_DB_ERROR                                                   syscall.Errno = 1383
+	ERROR_TOO_MANY_CONTEXT_IDS                                                syscall.Errno = 1384
+	ERROR_LOGON_TYPE_NOT_GRANTED                                              syscall.Errno = 1385
+	ERROR_NT_CROSS_ENCRYPTION_REQUIRED                                        syscall.Errno = 1386
+	ERROR_NO_SUCH_MEMBER                                                      syscall.Errno = 1387
+	ERROR_INVALID_MEMBER                                                      syscall.Errno = 1388
+	ERROR_TOO_MANY_SIDS                                                       syscall.Errno = 1389
+	ERROR_LM_CROSS_ENCRYPTION_REQUIRED                                        syscall.Errno = 1390
+	ERROR_NO_INHERITANCE                                                      syscall.Errno = 1391
+	ERROR_FILE_CORRUPT                                                        syscall.Errno = 1392
+	ERROR_DISK_CORRUPT                                                        syscall.Errno = 1393
+	ERROR_NO_USER_SESSION_KEY                                                 syscall.Errno = 1394
+	ERROR_LICENSE_QUOTA_EXCEEDED                                              syscall.Errno = 1395
+	ERROR_WRONG_TARGET_NAME                                                   syscall.Errno = 1396
+	ERROR_MUTUAL_AUTH_FAILED                                                  syscall.Errno = 1397
+	ERROR_TIME_SKEW                                                           syscall.Errno = 1398
+	ERROR_CURRENT_DOMAIN_NOT_ALLOWED                                          syscall.Errno = 1399
+	ERROR_INVALID_WINDOW_HANDLE                                               syscall.Errno = 1400
+	ERROR_INVALID_MENU_HANDLE                                                 syscall.Errno = 1401
+	ERROR_INVALID_CURSOR_HANDLE                                               syscall.Errno = 1402
+	ERROR_INVALID_ACCEL_HANDLE                                                syscall.Errno = 1403
+	ERROR_INVALID_HOOK_HANDLE                                                 syscall.Errno = 1404
+	ERROR_INVALID_DWP_HANDLE                                                  syscall.Errno = 1405
+	ERROR_TLW_WITH_WSCHILD                                                    syscall.Errno = 1406
+	ERROR_CANNOT_FIND_WND_CLASS                                               syscall.Errno = 1407
+	ERROR_WINDOW_OF_OTHER_THREAD                                              syscall.Errno = 1408
+	ERROR_HOTKEY_ALREADY_REGISTERED                                           syscall.Errno = 1409
+	ERROR_CLASS_ALREADY_EXISTS                                                syscall.Errno = 1410
+	ERROR_CLASS_DOES_NOT_EXIST                                                syscall.Errno = 1411
+	ERROR_CLASS_HAS_WINDOWS                                                   syscall.Errno = 1412
+	ERROR_INVALID_INDEX                                                       syscall.Errno = 1413
+	ERROR_INVALID_ICON_HANDLE                                                 syscall.Errno = 1414
+	ERROR_PRIVATE_DIALOG_INDEX                                                syscall.Errno = 1415
+	ERROR_LISTBOX_ID_NOT_FOUND                                                syscall.Errno = 1416
+	ERROR_NO_WILDCARD_CHARACTERS                                              syscall.Errno = 1417
+	ERROR_CLIPBOARD_NOT_OPEN                                                  syscall.Errno = 1418
+	ERROR_HOTKEY_NOT_REGISTERED                                               syscall.Errno = 1419
+	ERROR_WINDOW_NOT_DIALOG                                                   syscall.Errno = 1420
+	ERROR_CONTROL_ID_NOT_FOUND                                                syscall.Errno = 1421
+	ERROR_INVALID_COMBOBOX_MESSAGE                                            syscall.Errno = 1422
+	ERROR_WINDOW_NOT_COMBOBOX                                                 syscall.Errno = 1423
+	ERROR_INVALID_EDIT_HEIGHT                                                 syscall.Errno = 1424
+	ERROR_DC_NOT_FOUND                                                        syscall.Errno = 1425
+	ERROR_INVALID_HOOK_FILTER                                                 syscall.Errno = 1426
+	ERROR_INVALID_FILTER_PROC                                                 syscall.Errno = 1427
+	ERROR_HOOK_NEEDS_HMOD                                                     syscall.Errno = 1428
+	ERROR_GLOBAL_ONLY_HOOK                                                    syscall.Errno = 1429
+	ERROR_JOURNAL_HOOK_SET                                                    syscall.Errno = 1430
+	ERROR_HOOK_NOT_INSTALLED                                                  syscall.Errno = 1431
+	ERROR_INVALID_LB_MESSAGE                                                  syscall.Errno = 1432
+	ERROR_SETCOUNT_ON_BAD_LB                                                  syscall.Errno = 1433
+	ERROR_LB_WITHOUT_TABSTOPS                                                 syscall.Errno = 1434
+	ERROR_DESTROY_OBJECT_OF_OTHER_THREAD                                      syscall.Errno = 1435
+	ERROR_CHILD_WINDOW_MENU                                                   syscall.Errno = 1436
+	ERROR_NO_SYSTEM_MENU                                                      syscall.Errno = 1437
+	ERROR_INVALID_MSGBOX_STYLE                                                syscall.Errno = 1438
+	ERROR_INVALID_SPI_VALUE                                                   syscall.Errno = 1439
+	ERROR_SCREEN_ALREADY_LOCKED                                               syscall.Errno = 1440
+	ERROR_HWNDS_HAVE_DIFF_PARENT                                              syscall.Errno = 1441
+	ERROR_NOT_CHILD_WINDOW                                                    syscall.Errno = 1442
+	ERROR_INVALID_GW_COMMAND                                                  syscall.Errno = 1443
+	ERROR_INVALID_THREAD_ID                                                   syscall.Errno = 1444
+	ERROR_NON_MDICHILD_WINDOW                                                 syscall.Errno = 1445
+	ERROR_POPUP_ALREADY_ACTIVE                                                syscall.Errno = 1446
+	ERROR_NO_SCROLLBARS                                                       syscall.Errno = 1447
+	ERROR_INVALID_SCROLLBAR_RANGE                                             syscall.Errno = 1448
+	ERROR_INVALID_SHOWWIN_COMMAND                                             syscall.Errno = 1449
+	ERROR_NO_SYSTEM_RESOURCES                                                 syscall.Errno = 1450
+	ERROR_NONPAGED_SYSTEM_RESOURCES                                           syscall.Errno = 1451
+	ERROR_PAGED_SYSTEM_RESOURCES                                              syscall.Errno = 1452
+	ERROR_WORKING_SET_QUOTA                                                   syscall.Errno = 1453
+	ERROR_PAGEFILE_QUOTA                                                      syscall.Errno = 1454
+	ERROR_COMMITMENT_LIMIT                                                    syscall.Errno = 1455
+	ERROR_MENU_ITEM_NOT_FOUND                                                 syscall.Errno = 1456
+	ERROR_INVALID_KEYBOARD_HANDLE                                             syscall.Errno = 1457
+	ERROR_HOOK_TYPE_NOT_ALLOWED                                               syscall.Errno = 1458
+	ERROR_REQUIRES_INTERACTIVE_WINDOWSTATION                                  syscall.Errno = 1459
+	ERROR_TIMEOUT                                                             syscall.Errno = 1460
+	ERROR_INVALID_MONITOR_HANDLE                                              syscall.Errno = 1461
+	ERROR_INCORRECT_SIZE                                                      syscall.Errno = 1462
+	ERROR_SYMLINK_CLASS_DISABLED                                              syscall.Errno = 1463
+	ERROR_SYMLINK_NOT_SUPPORTED                                               syscall.Errno = 1464
+	ERROR_XML_PARSE_ERROR                                                     syscall.Errno = 1465
+	ERROR_XMLDSIG_ERROR                                                       syscall.Errno = 1466
+	ERROR_RESTART_APPLICATION                                                 syscall.Errno = 1467
+	ERROR_WRONG_COMPARTMENT                                                   syscall.Errno = 1468
+	ERROR_AUTHIP_FAILURE                                                      syscall.Errno = 1469
+	ERROR_NO_NVRAM_RESOURCES                                                  syscall.Errno = 1470
+	ERROR_NOT_GUI_PROCESS                                                     syscall.Errno = 1471
+	ERROR_EVENTLOG_FILE_CORRUPT                                               syscall.Errno = 1500
+	ERROR_EVENTLOG_CANT_START                                                 syscall.Errno = 1501
+	ERROR_LOG_FILE_FULL                                                       syscall.Errno = 1502
+	ERROR_EVENTLOG_FILE_CHANGED                                               syscall.Errno = 1503
+	ERROR_CONTAINER_ASSIGNED                                                  syscall.Errno = 1504
+	ERROR_JOB_NO_CONTAINER                                                    syscall.Errno = 1505
+	ERROR_INVALID_TASK_NAME                                                   syscall.Errno = 1550
+	ERROR_INVALID_TASK_INDEX                                                  syscall.Errno = 1551
+	ERROR_THREAD_ALREADY_IN_TASK                                              syscall.Errno = 1552
+	ERROR_INSTALL_SERVICE_FAILURE                                             syscall.Errno = 1601
+	ERROR_INSTALL_USEREXIT                                                    syscall.Errno = 1602
+	ERROR_INSTALL_FAILURE                                                     syscall.Errno = 1603
+	ERROR_INSTALL_SUSPEND                                                     syscall.Errno = 1604
+	ERROR_UNKNOWN_PRODUCT                                                     syscall.Errno = 1605
+	ERROR_UNKNOWN_FEATURE                                                     syscall.Errno = 1606
+	ERROR_UNKNOWN_COMPONENT                                                   syscall.Errno = 1607
+	ERROR_UNKNOWN_PROPERTY                                                    syscall.Errno = 1608
+	ERROR_INVALID_HANDLE_STATE                                                syscall.Errno = 1609
+	ERROR_BAD_CONFIGURATION                                                   syscall.Errno = 1610
+	ERROR_INDEX_ABSENT                                                        syscall.Errno = 1611
+	ERROR_INSTALL_SOURCE_ABSENT                                               syscall.Errno = 1612
+	ERROR_INSTALL_PACKAGE_VERSION                                             syscall.Errno = 1613
+	ERROR_PRODUCT_UNINSTALLED                                                 syscall.Errno = 1614
+	ERROR_BAD_QUERY_SYNTAX                                                    syscall.Errno = 1615
+	ERROR_INVALID_FIELD                                                       syscall.Errno = 1616
+	ERROR_DEVICE_REMOVED                                                      syscall.Errno = 1617
+	ERROR_INSTALL_ALREADY_RUNNING                                             syscall.Errno = 1618
+	ERROR_INSTALL_PACKAGE_OPEN_FAILED                                         syscall.Errno = 1619
+	ERROR_INSTALL_PACKAGE_INVALID                                             syscall.Errno = 1620
+	ERROR_INSTALL_UI_FAILURE                                                  syscall.Errno = 1621
+	ERROR_INSTALL_LOG_FAILURE                                                 syscall.Errno = 1622
+	ERROR_INSTALL_LANGUAGE_UNSUPPORTED                                        syscall.Errno = 1623
+	ERROR_INSTALL_TRANSFORM_FAILURE                                           syscall.Errno = 1624
+	ERROR_INSTALL_PACKAGE_REJECTED                                            syscall.Errno = 1625
+	ERROR_FUNCTION_NOT_CALLED                                                 syscall.Errno = 1626
+	ERROR_FUNCTION_FAILED                                                     syscall.Errno = 1627
+	ERROR_INVALID_TABLE                                                       syscall.Errno = 1628
+	ERROR_DATATYPE_MISMATCH                                                   syscall.Errno = 1629
+	ERROR_UNSUPPORTED_TYPE                                                    syscall.Errno = 1630
+	ERROR_CREATE_FAILED                                                       syscall.Errno = 1631
+	ERROR_INSTALL_TEMP_UNWRITABLE                                             syscall.Errno = 1632
+	ERROR_INSTALL_PLATFORM_UNSUPPORTED                                        syscall.Errno = 1633
+	ERROR_INSTALL_NOTUSED                                                     syscall.Errno = 1634
+	ERROR_PATCH_PACKAGE_OPEN_FAILED                                           syscall.Errno = 1635
+	ERROR_PATCH_PACKAGE_INVALID                                               syscall.Errno = 1636
+	ERROR_PATCH_PACKAGE_UNSUPPORTED                                           syscall.Errno = 1637
+	ERROR_PRODUCT_VERSION                                                     syscall.Errno = 1638
+	ERROR_INVALID_COMMAND_LINE                                                syscall.Errno = 1639
+	ERROR_INSTALL_REMOTE_DISALLOWED                                           syscall.Errno = 1640
+	ERROR_SUCCESS_REBOOT_INITIATED                                            syscall.Errno = 1641
+	ERROR_PATCH_TARGET_NOT_FOUND                                              syscall.Errno = 1642
+	ERROR_PATCH_PACKAGE_REJECTED                                              syscall.Errno = 1643
+	ERROR_INSTALL_TRANSFORM_REJECTED                                          syscall.Errno = 1644
+	ERROR_INSTALL_REMOTE_PROHIBITED                                           syscall.Errno = 1645
+	ERROR_PATCH_REMOVAL_UNSUPPORTED                                           syscall.Errno = 1646
+	ERROR_UNKNOWN_PATCH                                                       syscall.Errno = 1647
+	ERROR_PATCH_NO_SEQUENCE                                                   syscall.Errno = 1648
+	ERROR_PATCH_REMOVAL_DISALLOWED                                            syscall.Errno = 1649
+	ERROR_INVALID_PATCH_XML                                                   syscall.Errno = 1650
+	ERROR_PATCH_MANAGED_ADVERTISED_PRODUCT                                    syscall.Errno = 1651
+	ERROR_INSTALL_SERVICE_SAFEBOOT                                            syscall.Errno = 1652
+	ERROR_FAIL_FAST_EXCEPTION                                                 syscall.Errno = 1653
+	ERROR_INSTALL_REJECTED                                                    syscall.Errno = 1654
+	ERROR_DYNAMIC_CODE_BLOCKED                                                syscall.Errno = 1655
+	ERROR_NOT_SAME_OBJECT                                                     syscall.Errno = 1656
+	ERROR_STRICT_CFG_VIOLATION                                                syscall.Errno = 1657
+	ERROR_SET_CONTEXT_DENIED                                                  syscall.Errno = 1660
+	ERROR_CROSS_PARTITION_VIOLATION                                           syscall.Errno = 1661
+	RPC_S_INVALID_STRING_BINDING                                              syscall.Errno = 1700
+	RPC_S_WRONG_KIND_OF_BINDING                                               syscall.Errno = 1701
+	RPC_S_INVALID_BINDING                                                     syscall.Errno = 1702
+	RPC_S_PROTSEQ_NOT_SUPPORTED                                               syscall.Errno = 1703
+	RPC_S_INVALID_RPC_PROTSEQ                                                 syscall.Errno = 1704
+	RPC_S_INVALID_STRING_UUID                                                 syscall.Errno = 1705
+	RPC_S_INVALID_ENDPOINT_FORMAT                                             syscall.Errno = 1706
+	RPC_S_INVALID_NET_ADDR                                                    syscall.Errno = 1707
+	RPC_S_NO_ENDPOINT_FOUND                                                   syscall.Errno = 1708
+	RPC_S_INVALID_TIMEOUT                                                     syscall.Errno = 1709
+	RPC_S_OBJECT_NOT_FOUND                                                    syscall.Errno = 1710
+	RPC_S_ALREADY_REGISTERED                                                  syscall.Errno = 1711
+	RPC_S_TYPE_ALREADY_REGISTERED                                             syscall.Errno = 1712
+	RPC_S_ALREADY_LISTENING                                                   syscall.Errno = 1713
+	RPC_S_NO_PROTSEQS_REGISTERED                                              syscall.Errno = 1714
+	RPC_S_NOT_LISTENING                                                       syscall.Errno = 1715
+	RPC_S_UNKNOWN_MGR_TYPE                                                    syscall.Errno = 1716
+	RPC_S_UNKNOWN_IF                                                          syscall.Errno = 1717
+	RPC_S_NO_BINDINGS                                                         syscall.Errno = 1718
+	RPC_S_NO_PROTSEQS                                                         syscall.Errno = 1719
+	RPC_S_CANT_CREATE_ENDPOINT                                                syscall.Errno = 1720
+	RPC_S_OUT_OF_RESOURCES                                                    syscall.Errno = 1721
+	RPC_S_SERVER_UNAVAILABLE                                                  syscall.Errno = 1722
+	RPC_S_SERVER_TOO_BUSY                                                     syscall.Errno = 1723
+	RPC_S_INVALID_NETWORK_OPTIONS                                             syscall.Errno = 1724
+	RPC_S_NO_CALL_ACTIVE                                                      syscall.Errno = 1725
+	RPC_S_CALL_FAILED                                                         syscall.Errno = 1726
+	RPC_S_CALL_FAILED_DNE                                                     syscall.Errno = 1727
+	RPC_S_PROTOCOL_ERROR                                                      syscall.Errno = 1728
+	RPC_S_PROXY_ACCESS_DENIED                                                 syscall.Errno = 1729
+	RPC_S_UNSUPPORTED_TRANS_SYN                                               syscall.Errno = 1730
+	RPC_S_UNSUPPORTED_TYPE                                                    syscall.Errno = 1732
+	RPC_S_INVALID_TAG                                                         syscall.Errno = 1733
+	RPC_S_INVALID_BOUND                                                       syscall.Errno = 1734
+	RPC_S_NO_ENTRY_NAME                                                       syscall.Errno = 1735
+	RPC_S_INVALID_NAME_SYNTAX                                                 syscall.Errno = 1736
+	RPC_S_UNSUPPORTED_NAME_SYNTAX                                             syscall.Errno = 1737
+	RPC_S_UUID_NO_ADDRESS                                                     syscall.Errno = 1739
+	RPC_S_DUPLICATE_ENDPOINT                                                  syscall.Errno = 1740
+	RPC_S_UNKNOWN_AUTHN_TYPE                                                  syscall.Errno = 1741
+	RPC_S_MAX_CALLS_TOO_SMALL                                                 syscall.Errno = 1742
+	RPC_S_STRING_TOO_LONG                                                     syscall.Errno = 1743
+	RPC_S_PROTSEQ_NOT_FOUND                                                   syscall.Errno = 1744
+	RPC_S_PROCNUM_OUT_OF_RANGE                                                syscall.Errno = 1745
+	RPC_S_BINDING_HAS_NO_AUTH                                                 syscall.Errno = 1746
+	RPC_S_UNKNOWN_AUTHN_SERVICE                                               syscall.Errno = 1747
+	RPC_S_UNKNOWN_AUTHN_LEVEL                                                 syscall.Errno = 1748
+	RPC_S_INVALID_AUTH_IDENTITY                                               syscall.Errno = 1749
+	RPC_S_UNKNOWN_AUTHZ_SERVICE                                               syscall.Errno = 1750
+	EPT_S_INVALID_ENTRY                                                       syscall.Errno = 1751
+	EPT_S_CANT_PERFORM_OP                                                     syscall.Errno = 1752
+	EPT_S_NOT_REGISTERED                                                      syscall.Errno = 1753
+	RPC_S_NOTHING_TO_EXPORT                                                   syscall.Errno = 1754
+	RPC_S_INCOMPLETE_NAME                                                     syscall.Errno = 1755
+	RPC_S_INVALID_VERS_OPTION                                                 syscall.Errno = 1756
+	RPC_S_NO_MORE_MEMBERS                                                     syscall.Errno = 1757
+	RPC_S_NOT_ALL_OBJS_UNEXPORTED                                             syscall.Errno = 1758
+	RPC_S_INTERFACE_NOT_FOUND                                                 syscall.Errno = 1759
+	RPC_S_ENTRY_ALREADY_EXISTS                                                syscall.Errno = 1760
+	RPC_S_ENTRY_NOT_FOUND                                                     syscall.Errno = 1761
+	RPC_S_NAME_SERVICE_UNAVAILABLE                                            syscall.Errno = 1762
+	RPC_S_INVALID_NAF_ID                                                      syscall.Errno = 1763
+	RPC_S_CANNOT_SUPPORT                                                      syscall.Errno = 1764
+	RPC_S_NO_CONTEXT_AVAILABLE                                                syscall.Errno = 1765
+	RPC_S_INTERNAL_ERROR                                                      syscall.Errno = 1766
+	RPC_S_ZERO_DIVIDE                                                         syscall.Errno = 1767
+	RPC_S_ADDRESS_ERROR                                                       syscall.Errno = 1768
+	RPC_S_FP_DIV_ZERO                                                         syscall.Errno = 1769
+	RPC_S_FP_UNDERFLOW                                                        syscall.Errno = 1770
+	RPC_S_FP_OVERFLOW                                                         syscall.Errno = 1771
+	RPC_X_NO_MORE_ENTRIES                                                     syscall.Errno = 1772
+	RPC_X_SS_CHAR_TRANS_OPEN_FAIL                                             syscall.Errno = 1773
+	RPC_X_SS_CHAR_TRANS_SHORT_FILE                                            syscall.Errno = 1774
+	RPC_X_SS_IN_NULL_CONTEXT                                                  syscall.Errno = 1775
+	RPC_X_SS_CONTEXT_DAMAGED                                                  syscall.Errno = 1777
+	RPC_X_SS_HANDLES_MISMATCH                                                 syscall.Errno = 1778
+	RPC_X_SS_CANNOT_GET_CALL_HANDLE                                           syscall.Errno = 1779
+	RPC_X_NULL_REF_POINTER                                                    syscall.Errno = 1780
+	RPC_X_ENUM_VALUE_OUT_OF_RANGE                                             syscall.Errno = 1781
+	RPC_X_BYTE_COUNT_TOO_SMALL                                                syscall.Errno = 1782
+	RPC_X_BAD_STUB_DATA                                                       syscall.Errno = 1783
+	ERROR_INVALID_USER_BUFFER                                                 syscall.Errno = 1784
+	ERROR_UNRECOGNIZED_MEDIA                                                  syscall.Errno = 1785
+	ERROR_NO_TRUST_LSA_SECRET                                                 syscall.Errno = 1786
+	ERROR_NO_TRUST_SAM_ACCOUNT                                                syscall.Errno = 1787
+	ERROR_TRUSTED_DOMAIN_FAILURE                                              syscall.Errno = 1788
+	ERROR_TRUSTED_RELATIONSHIP_FAILURE                                        syscall.Errno = 1789
+	ERROR_TRUST_FAILURE                                                       syscall.Errno = 1790
+	RPC_S_CALL_IN_PROGRESS                                                    syscall.Errno = 1791
+	ERROR_NETLOGON_NOT_STARTED                                                syscall.Errno = 1792
+	ERROR_ACCOUNT_EXPIRED                                                     syscall.Errno = 1793
+	ERROR_REDIRECTOR_HAS_OPEN_HANDLES                                         syscall.Errno = 1794
+	ERROR_PRINTER_DRIVER_ALREADY_INSTALLED                                    syscall.Errno = 1795
+	ERROR_UNKNOWN_PORT                                                        syscall.Errno = 1796
+	ERROR_UNKNOWN_PRINTER_DRIVER                                              syscall.Errno = 1797
+	ERROR_UNKNOWN_PRINTPROCESSOR                                              syscall.Errno = 1798
+	ERROR_INVALID_SEPARATOR_FILE                                              syscall.Errno = 1799
+	ERROR_INVALID_PRIORITY                                                    syscall.Errno = 1800
+	ERROR_INVALID_PRINTER_NAME                                                syscall.Errno = 1801
+	ERROR_PRINTER_ALREADY_EXISTS                                              syscall.Errno = 1802
+	ERROR_INVALID_PRINTER_COMMAND                                             syscall.Errno = 1803
+	ERROR_INVALID_DATATYPE                                                    syscall.Errno = 1804
+	ERROR_INVALID_ENVIRONMENT                                                 syscall.Errno = 1805
+	RPC_S_NO_MORE_BINDINGS                                                    syscall.Errno = 1806
+	ERROR_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT                                   syscall.Errno = 1807
+	ERROR_NOLOGON_WORKSTATION_TRUST_ACCOUNT                                   syscall.Errno = 1808
+	ERROR_NOLOGON_SERVER_TRUST_ACCOUNT                                        syscall.Errno = 1809
+	ERROR_DOMAIN_TRUST_INCONSISTENT                                           syscall.Errno = 1810
+	ERROR_SERVER_HAS_OPEN_HANDLES                                             syscall.Errno = 1811
+	ERROR_RESOURCE_DATA_NOT_FOUND                                             syscall.Errno = 1812
+	ERROR_RESOURCE_TYPE_NOT_FOUND                                             syscall.Errno = 1813
+	ERROR_RESOURCE_NAME_NOT_FOUND                                             syscall.Errno = 1814
+	ERROR_RESOURCE_LANG_NOT_FOUND                                             syscall.Errno = 1815
+	ERROR_NOT_ENOUGH_QUOTA                                                    syscall.Errno = 1816
+	RPC_S_NO_INTERFACES                                                       syscall.Errno = 1817
+	RPC_S_CALL_CANCELLED                                                      syscall.Errno = 1818
+	RPC_S_BINDING_INCOMPLETE                                                  syscall.Errno = 1819
+	RPC_S_COMM_FAILURE                                                        syscall.Errno = 1820
+	RPC_S_UNSUPPORTED_AUTHN_LEVEL                                             syscall.Errno = 1821
+	RPC_S_NO_PRINC_NAME                                                       syscall.Errno = 1822
+	RPC_S_NOT_RPC_ERROR                                                       syscall.Errno = 1823
+	RPC_S_UUID_LOCAL_ONLY                                                     syscall.Errno = 1824
+	RPC_S_SEC_PKG_ERROR                                                       syscall.Errno = 1825
+	RPC_S_NOT_CANCELLED                                                       syscall.Errno = 1826
+	RPC_X_INVALID_ES_ACTION                                                   syscall.Errno = 1827
+	RPC_X_WRONG_ES_VERSION                                                    syscall.Errno = 1828
+	RPC_X_WRONG_STUB_VERSION                                                  syscall.Errno = 1829
+	RPC_X_INVALID_PIPE_OBJECT                                                 syscall.Errno = 1830
+	RPC_X_WRONG_PIPE_ORDER                                                    syscall.Errno = 1831
+	RPC_X_WRONG_PIPE_VERSION                                                  syscall.Errno = 1832
+	RPC_S_COOKIE_AUTH_FAILED                                                  syscall.Errno = 1833
+	RPC_S_DO_NOT_DISTURB                                                      syscall.Errno = 1834
+	RPC_S_SYSTEM_HANDLE_COUNT_EXCEEDED                                        syscall.Errno = 1835
+	RPC_S_SYSTEM_HANDLE_TYPE_MISMATCH                                         syscall.Errno = 1836
+	RPC_S_GROUP_MEMBER_NOT_FOUND                                              syscall.Errno = 1898
+	EPT_S_CANT_CREATE                                                         syscall.Errno = 1899
+	RPC_S_INVALID_OBJECT                                                      syscall.Errno = 1900
+	ERROR_INVALID_TIME                                                        syscall.Errno = 1901
+	ERROR_INVALID_FORM_NAME                                                   syscall.Errno = 1902
+	ERROR_INVALID_FORM_SIZE                                                   syscall.Errno = 1903
+	ERROR_ALREADY_WAITING                                                     syscall.Errno = 1904
+	ERROR_PRINTER_DELETED                                                     syscall.Errno = 1905
+	ERROR_INVALID_PRINTER_STATE                                               syscall.Errno = 1906
+	ERROR_PASSWORD_MUST_CHANGE                                                syscall.Errno = 1907
+	ERROR_DOMAIN_CONTROLLER_NOT_FOUND                                         syscall.Errno = 1908
+	ERROR_ACCOUNT_LOCKED_OUT                                                  syscall.Errno = 1909
+	OR_INVALID_OXID                                                           syscall.Errno = 1910
+	OR_INVALID_OID                                                            syscall.Errno = 1911
+	OR_INVALID_SET                                                            syscall.Errno = 1912
+	RPC_S_SEND_INCOMPLETE                                                     syscall.Errno = 1913
+	RPC_S_INVALID_ASYNC_HANDLE                                                syscall.Errno = 1914
+	RPC_S_INVALID_ASYNC_CALL                                                  syscall.Errno = 1915
+	RPC_X_PIPE_CLOSED                                                         syscall.Errno = 1916
+	RPC_X_PIPE_DISCIPLINE_ERROR                                               syscall.Errno = 1917
+	RPC_X_PIPE_EMPTY                                                          syscall.Errno = 1918
+	ERROR_NO_SITENAME                                                         syscall.Errno = 1919
+	ERROR_CANT_ACCESS_FILE                                                    syscall.Errno = 1920
+	ERROR_CANT_RESOLVE_FILENAME                                               syscall.Errno = 1921
+	RPC_S_ENTRY_TYPE_MISMATCH                                                 syscall.Errno = 1922
+	RPC_S_NOT_ALL_OBJS_EXPORTED                                               syscall.Errno = 1923
+	RPC_S_INTERFACE_NOT_EXPORTED                                              syscall.Errno = 1924
+	RPC_S_PROFILE_NOT_ADDED                                                   syscall.Errno = 1925
+	RPC_S_PRF_ELT_NOT_ADDED                                                   syscall.Errno = 1926
+	RPC_S_PRF_ELT_NOT_REMOVED                                                 syscall.Errno = 1927
+	RPC_S_GRP_ELT_NOT_ADDED                                                   syscall.Errno = 1928
+	RPC_S_GRP_ELT_NOT_REMOVED                                                 syscall.Errno = 1929
+	ERROR_KM_DRIVER_BLOCKED                                                   syscall.Errno = 1930
+	ERROR_CONTEXT_EXPIRED                                                     syscall.Errno = 1931
+	ERROR_PER_USER_TRUST_QUOTA_EXCEEDED                                       syscall.Errno = 1932
+	ERROR_ALL_USER_TRUST_QUOTA_EXCEEDED                                       syscall.Errno = 1933
+	ERROR_USER_DELETE_TRUST_QUOTA_EXCEEDED                                    syscall.Errno = 1934
+	ERROR_AUTHENTICATION_FIREWALL_FAILED                                      syscall.Errno = 1935
+	ERROR_REMOTE_PRINT_CONNECTIONS_BLOCKED                                    syscall.Errno = 1936
+	ERROR_NTLM_BLOCKED                                                        syscall.Errno = 1937
+	ERROR_PASSWORD_CHANGE_REQUIRED                                            syscall.Errno = 1938
+	ERROR_LOST_MODE_LOGON_RESTRICTION                                         syscall.Errno = 1939
+	ERROR_INVALID_PIXEL_FORMAT                                                syscall.Errno = 2000
+	ERROR_BAD_DRIVER                                                          syscall.Errno = 2001
+	ERROR_INVALID_WINDOW_STYLE                                                syscall.Errno = 2002
+	ERROR_METAFILE_NOT_SUPPORTED                                              syscall.Errno = 2003
+	ERROR_TRANSFORM_NOT_SUPPORTED                                             syscall.Errno = 2004
+	ERROR_CLIPPING_NOT_SUPPORTED                                              syscall.Errno = 2005
+	ERROR_INVALID_CMM                                                         syscall.Errno = 2010
+	ERROR_INVALID_PROFILE                                                     syscall.Errno = 2011
+	ERROR_TAG_NOT_FOUND                                                       syscall.Errno = 2012
+	ERROR_TAG_NOT_PRESENT                                                     syscall.Errno = 2013
+	ERROR_DUPLICATE_TAG                                                       syscall.Errno = 2014
+	ERROR_PROFILE_NOT_ASSOCIATED_WITH_DEVICE                                  syscall.Errno = 2015
+	ERROR_PROFILE_NOT_FOUND                                                   syscall.Errno = 2016
+	ERROR_INVALID_COLORSPACE                                                  syscall.Errno = 2017
+	ERROR_ICM_NOT_ENABLED                                                     syscall.Errno = 2018
+	ERROR_DELETING_ICM_XFORM                                                  syscall.Errno = 2019
+	ERROR_INVALID_TRANSFORM                                                   syscall.Errno = 2020
+	ERROR_COLORSPACE_MISMATCH                                                 syscall.Errno = 2021
+	ERROR_INVALID_COLORINDEX                                                  syscall.Errno = 2022
+	ERROR_PROFILE_DOES_NOT_MATCH_DEVICE                                       syscall.Errno = 2023
+	ERROR_CONNECTED_OTHER_PASSWORD                                            syscall.Errno = 2108
+	ERROR_CONNECTED_OTHER_PASSWORD_DEFAULT                                    syscall.Errno = 2109
+	ERROR_BAD_USERNAME                                                        syscall.Errno = 2202
+	ERROR_NOT_CONNECTED                                                       syscall.Errno = 2250
+	ERROR_OPEN_FILES                                                          syscall.Errno = 2401
+	ERROR_ACTIVE_CONNECTIONS                                                  syscall.Errno = 2402
+	ERROR_DEVICE_IN_USE                                                       syscall.Errno = 2404
+	ERROR_UNKNOWN_PRINT_MONITOR                                               syscall.Errno = 3000
+	ERROR_PRINTER_DRIVER_IN_USE                                               syscall.Errno = 3001
+	ERROR_SPOOL_FILE_NOT_FOUND                                                syscall.Errno = 3002
+	ERROR_SPL_NO_STARTDOC                                                     syscall.Errno = 3003
+	ERROR_SPL_NO_ADDJOB                                                       syscall.Errno = 3004
+	ERROR_PRINT_PROCESSOR_ALREADY_INSTALLED                                   syscall.Errno = 3005
+	ERROR_PRINT_MONITOR_ALREADY_INSTALLED                                     syscall.Errno = 3006
+	ERROR_INVALID_PRINT_MONITOR                                               syscall.Errno = 3007
+	ERROR_PRINT_MONITOR_IN_USE                                                syscall.Errno = 3008
+	ERROR_PRINTER_HAS_JOBS_QUEUED                                             syscall.Errno = 3009
+	ERROR_SUCCESS_REBOOT_REQUIRED                                             syscall.Errno = 3010
+	ERROR_SUCCESS_RESTART_REQUIRED                                            syscall.Errno = 3011
+	ERROR_PRINTER_NOT_FOUND                                                   syscall.Errno = 3012
+	ERROR_PRINTER_DRIVER_WARNED                                               syscall.Errno = 3013
+	ERROR_PRINTER_DRIVER_BLOCKED                                              syscall.Errno = 3014
+	ERROR_PRINTER_DRIVER_PACKAGE_IN_USE                                       syscall.Errno = 3015
+	ERROR_CORE_DRIVER_PACKAGE_NOT_FOUND                                       syscall.Errno = 3016
+	ERROR_FAIL_REBOOT_REQUIRED                                                syscall.Errno = 3017
+	ERROR_FAIL_REBOOT_INITIATED                                               syscall.Errno = 3018
+	ERROR_PRINTER_DRIVER_DOWNLOAD_NEEDED                                      syscall.Errno = 3019
+	ERROR_PRINT_JOB_RESTART_REQUIRED                                          syscall.Errno = 3020
+	ERROR_INVALID_PRINTER_DRIVER_MANIFEST                                     syscall.Errno = 3021
+	ERROR_PRINTER_NOT_SHAREABLE                                               syscall.Errno = 3022
+	ERROR_REQUEST_PAUSED                                                      syscall.Errno = 3050
+	ERROR_APPEXEC_CONDITION_NOT_SATISFIED                                     syscall.Errno = 3060
+	ERROR_APPEXEC_HANDLE_INVALIDATED                                          syscall.Errno = 3061
+	ERROR_APPEXEC_INVALID_HOST_GENERATION                                     syscall.Errno = 3062
+	ERROR_APPEXEC_UNEXPECTED_PROCESS_REGISTRATION                             syscall.Errno = 3063
+	ERROR_APPEXEC_INVALID_HOST_STATE                                          syscall.Errno = 3064
+	ERROR_APPEXEC_NO_DONOR                                                    syscall.Errno = 3065
+	ERROR_APPEXEC_HOST_ID_MISMATCH                                            syscall.Errno = 3066
+	ERROR_APPEXEC_UNKNOWN_USER                                                syscall.Errno = 3067
+	ERROR_IO_REISSUE_AS_CACHED                                                syscall.Errno = 3950
+	ERROR_WINS_INTERNAL                                                       syscall.Errno = 4000
+	ERROR_CAN_NOT_DEL_LOCAL_WINS                                              syscall.Errno = 4001
+	ERROR_STATIC_INIT                                                         syscall.Errno = 4002
+	ERROR_INC_BACKUP                                                          syscall.Errno = 4003
+	ERROR_FULL_BACKUP                                                         syscall.Errno = 4004
+	ERROR_REC_NON_EXISTENT                                                    syscall.Errno = 4005
+	ERROR_RPL_NOT_ALLOWED                                                     syscall.Errno = 4006
+	PEERDIST_ERROR_CONTENTINFO_VERSION_UNSUPPORTED                            syscall.Errno = 4050
+	PEERDIST_ERROR_CANNOT_PARSE_CONTENTINFO                                   syscall.Errno = 4051
+	PEERDIST_ERROR_MISSING_DATA                                               syscall.Errno = 4052
+	PEERDIST_ERROR_NO_MORE                                                    syscall.Errno = 4053
+	PEERDIST_ERROR_NOT_INITIALIZED                                            syscall.Errno = 4054
+	PEERDIST_ERROR_ALREADY_INITIALIZED                                        syscall.Errno = 4055
+	PEERDIST_ERROR_SHUTDOWN_IN_PROGRESS                                       syscall.Errno = 4056
+	PEERDIST_ERROR_INVALIDATED                                                syscall.Errno = 4057
+	PEERDIST_ERROR_ALREADY_EXISTS                                             syscall.Errno = 4058
+	PEERDIST_ERROR_OPERATION_NOTFOUND                                         syscall.Errno = 4059
+	PEERDIST_ERROR_ALREADY_COMPLETED                                          syscall.Errno = 4060
+	PEERDIST_ERROR_OUT_OF_BOUNDS                                              syscall.Errno = 4061
+	PEERDIST_ERROR_VERSION_UNSUPPORTED                                        syscall.Errno = 4062
+	PEERDIST_ERROR_INVALID_CONFIGURATION                                      syscall.Errno = 4063
+	PEERDIST_ERROR_NOT_LICENSED                                               syscall.Errno = 4064
+	PEERDIST_ERROR_SERVICE_UNAVAILABLE                                        syscall.Errno = 4065
+	PEERDIST_ERROR_TRUST_FAILURE                                              syscall.Errno = 4066
+	ERROR_DHCP_ADDRESS_CONFLICT                                               syscall.Errno = 4100
+	ERROR_WMI_GUID_NOT_FOUND                                                  syscall.Errno = 4200
+	ERROR_WMI_INSTANCE_NOT_FOUND                                              syscall.Errno = 4201
+	ERROR_WMI_ITEMID_NOT_FOUND                                                syscall.Errno = 4202
+	ERROR_WMI_TRY_AGAIN                                                       syscall.Errno = 4203
+	ERROR_WMI_DP_NOT_FOUND                                                    syscall.Errno = 4204
+	ERROR_WMI_UNRESOLVED_INSTANCE_REF                                         syscall.Errno = 4205
+	ERROR_WMI_ALREADY_ENABLED                                                 syscall.Errno = 4206
+	ERROR_WMI_GUID_DISCONNECTED                                               syscall.Errno = 4207
+	ERROR_WMI_SERVER_UNAVAILABLE                                              syscall.Errno = 4208
+	ERROR_WMI_DP_FAILED                                                       syscall.Errno = 4209
+	ERROR_WMI_INVALID_MOF                                                     syscall.Errno = 4210
+	ERROR_WMI_INVALID_REGINFO                                                 syscall.Errno = 4211
+	ERROR_WMI_ALREADY_DISABLED                                                syscall.Errno = 4212
+	ERROR_WMI_READ_ONLY                                                       syscall.Errno = 4213
+	ERROR_WMI_SET_FAILURE                                                     syscall.Errno = 4214
+	ERROR_NOT_APPCONTAINER                                                    syscall.Errno = 4250
+	ERROR_APPCONTAINER_REQUIRED                                               syscall.Errno = 4251
+	ERROR_NOT_SUPPORTED_IN_APPCONTAINER                                       syscall.Errno = 4252
+	ERROR_INVALID_PACKAGE_SID_LENGTH                                          syscall.Errno = 4253
+	ERROR_INVALID_MEDIA                                                       syscall.Errno = 4300
+	ERROR_INVALID_LIBRARY                                                     syscall.Errno = 4301
+	ERROR_INVALID_MEDIA_POOL                                                  syscall.Errno = 4302
+	ERROR_DRIVE_MEDIA_MISMATCH                                                syscall.Errno = 4303
+	ERROR_MEDIA_OFFLINE                                                       syscall.Errno = 4304
+	ERROR_LIBRARY_OFFLINE                                                     syscall.Errno = 4305
+	ERROR_EMPTY                                                               syscall.Errno = 4306
+	ERROR_NOT_EMPTY                                                           syscall.Errno = 4307
+	ERROR_MEDIA_UNAVAILABLE                                                   syscall.Errno = 4308
+	ERROR_RESOURCE_DISABLED                                                   syscall.Errno = 4309
+	ERROR_INVALID_CLEANER                                                     syscall.Errno = 4310
+	ERROR_UNABLE_TO_CLEAN                                                     syscall.Errno = 4311
+	ERROR_OBJECT_NOT_FOUND                                                    syscall.Errno = 4312
+	ERROR_DATABASE_FAILURE                                                    syscall.Errno = 4313
+	ERROR_DATABASE_FULL                                                       syscall.Errno = 4314
+	ERROR_MEDIA_INCOMPATIBLE                                                  syscall.Errno = 4315
+	ERROR_RESOURCE_NOT_PRESENT                                                syscall.Errno = 4316
+	ERROR_INVALID_OPERATION                                                   syscall.Errno = 4317
+	ERROR_MEDIA_NOT_AVAILABLE                                                 syscall.Errno = 4318
+	ERROR_DEVICE_NOT_AVAILABLE                                                syscall.Errno = 4319
+	ERROR_REQUEST_REFUSED                                                     syscall.Errno = 4320
+	ERROR_INVALID_DRIVE_OBJECT                                                syscall.Errno = 4321
+	ERROR_LIBRARY_FULL                                                        syscall.Errno = 4322
+	ERROR_MEDIUM_NOT_ACCESSIBLE                                               syscall.Errno = 4323
+	ERROR_UNABLE_TO_LOAD_MEDIUM                                               syscall.Errno = 4324
+	ERROR_UNABLE_TO_INVENTORY_DRIVE                                           syscall.Errno = 4325
+	ERROR_UNABLE_TO_INVENTORY_SLOT                                            syscall.Errno = 4326
+	ERROR_UNABLE_TO_INVENTORY_TRANSPORT                                       syscall.Errno = 4327
+	ERROR_TRANSPORT_FULL                                                      syscall.Errno = 4328
+	ERROR_CONTROLLING_IEPORT                                                  syscall.Errno = 4329
+	ERROR_UNABLE_TO_EJECT_MOUNTED_MEDIA                                       syscall.Errno = 4330
+	ERROR_CLEANER_SLOT_SET                                                    syscall.Errno = 4331
+	ERROR_CLEANER_SLOT_NOT_SET                                                syscall.Errno = 4332
+	ERROR_CLEANER_CARTRIDGE_SPENT                                             syscall.Errno = 4333
+	ERROR_UNEXPECTED_OMID                                                     syscall.Errno = 4334
+	ERROR_CANT_DELETE_LAST_ITEM                                               syscall.Errno = 4335
+	ERROR_MESSAGE_EXCEEDS_MAX_SIZE                                            syscall.Errno = 4336
+	ERROR_VOLUME_CONTAINS_SYS_FILES                                           syscall.Errno = 4337
+	ERROR_INDIGENOUS_TYPE                                                     syscall.Errno = 4338
+	ERROR_NO_SUPPORTING_DRIVES                                                syscall.Errno = 4339
+	ERROR_CLEANER_CARTRIDGE_INSTALLED                                         syscall.Errno = 4340
+	ERROR_IEPORT_FULL                                                         syscall.Errno = 4341
+	ERROR_FILE_OFFLINE                                                        syscall.Errno = 4350
+	ERROR_REMOTE_STORAGE_NOT_ACTIVE                                           syscall.Errno = 4351
+	ERROR_REMOTE_STORAGE_MEDIA_ERROR                                          syscall.Errno = 4352
+	ERROR_NOT_A_REPARSE_POINT                                                 syscall.Errno = 4390
+	ERROR_REPARSE_ATTRIBUTE_CONFLICT                                          syscall.Errno = 4391
+	ERROR_INVALID_REPARSE_DATA                                                syscall.Errno = 4392
+	ERROR_REPARSE_TAG_INVALID                                                 syscall.Errno = 4393
+	ERROR_REPARSE_TAG_MISMATCH                                                syscall.Errno = 4394
+	ERROR_REPARSE_POINT_ENCOUNTERED                                           syscall.Errno = 4395
+	ERROR_APP_DATA_NOT_FOUND                                                  syscall.Errno = 4400
+	ERROR_APP_DATA_EXPIRED                                                    syscall.Errno = 4401
+	ERROR_APP_DATA_CORRUPT                                                    syscall.Errno = 4402
+	ERROR_APP_DATA_LIMIT_EXCEEDED                                             syscall.Errno = 4403
+	ERROR_APP_DATA_REBOOT_REQUIRED                                            syscall.Errno = 4404
+	ERROR_SECUREBOOT_ROLLBACK_DETECTED                                        syscall.Errno = 4420
+	ERROR_SECUREBOOT_POLICY_VIOLATION                                         syscall.Errno = 4421
+	ERROR_SECUREBOOT_INVALID_POLICY                                           syscall.Errno = 4422
+	ERROR_SECUREBOOT_POLICY_PUBLISHER_NOT_FOUND                               syscall.Errno = 4423
+	ERROR_SECUREBOOT_POLICY_NOT_SIGNED                                        syscall.Errno = 4424
+	ERROR_SECUREBOOT_NOT_ENABLED                                              syscall.Errno = 4425
+	ERROR_SECUREBOOT_FILE_REPLACED                                            syscall.Errno = 4426
+	ERROR_SECUREBOOT_POLICY_NOT_AUTHORIZED                                    syscall.Errno = 4427
+	ERROR_SECUREBOOT_POLICY_UNKNOWN                                           syscall.Errno = 4428
+	ERROR_SECUREBOOT_POLICY_MISSING_ANTIROLLBACKVERSION                       syscall.Errno = 4429
+	ERROR_SECUREBOOT_PLATFORM_ID_MISMATCH                                     syscall.Errno = 4430
+	ERROR_SECUREBOOT_POLICY_ROLLBACK_DETECTED                                 syscall.Errno = 4431
+	ERROR_SECUREBOOT_POLICY_UPGRADE_MISMATCH                                  syscall.Errno = 4432
+	ERROR_SECUREBOOT_REQUIRED_POLICY_FILE_MISSING                             syscall.Errno = 4433
+	ERROR_SECUREBOOT_NOT_BASE_POLICY                                          syscall.Errno = 4434
+	ERROR_SECUREBOOT_NOT_SUPPLEMENTAL_POLICY                                  syscall.Errno = 4435
+	ERROR_OFFLOAD_READ_FLT_NOT_SUPPORTED                                      syscall.Errno = 4440
+	ERROR_OFFLOAD_WRITE_FLT_NOT_SUPPORTED                                     syscall.Errno = 4441
+	ERROR_OFFLOAD_READ_FILE_NOT_SUPPORTED                                     syscall.Errno = 4442
+	ERROR_OFFLOAD_WRITE_FILE_NOT_SUPPORTED                                    syscall.Errno = 4443
+	ERROR_ALREADY_HAS_STREAM_ID                                               syscall.Errno = 4444
+	ERROR_SMR_GARBAGE_COLLECTION_REQUIRED                                     syscall.Errno = 4445
+	ERROR_WOF_WIM_HEADER_CORRUPT                                              syscall.Errno = 4446
+	ERROR_WOF_WIM_RESOURCE_TABLE_CORRUPT                                      syscall.Errno = 4447
+	ERROR_WOF_FILE_RESOURCE_TABLE_CORRUPT                                     syscall.Errno = 4448
+	ERROR_VOLUME_NOT_SIS_ENABLED                                              syscall.Errno = 4500
+	ERROR_SYSTEM_INTEGRITY_ROLLBACK_DETECTED                                  syscall.Errno = 4550
+	ERROR_SYSTEM_INTEGRITY_POLICY_VIOLATION                                   syscall.Errno = 4551
+	ERROR_SYSTEM_INTEGRITY_INVALID_POLICY                                     syscall.Errno = 4552
+	ERROR_SYSTEM_INTEGRITY_POLICY_NOT_SIGNED                                  syscall.Errno = 4553
+	ERROR_SYSTEM_INTEGRITY_TOO_MANY_POLICIES                                  syscall.Errno = 4554
+	ERROR_SYSTEM_INTEGRITY_SUPPLEMENTAL_POLICY_NOT_AUTHORIZED                 syscall.Errno = 4555
+	ERROR_VSM_NOT_INITIALIZED                                                 syscall.Errno = 4560
+	ERROR_VSM_DMA_PROTECTION_NOT_IN_USE                                       syscall.Errno = 4561
+	ERROR_PLATFORM_MANIFEST_NOT_AUTHORIZED                                    syscall.Errno = 4570
+	ERROR_PLATFORM_MANIFEST_INVALID                                           syscall.Errno = 4571
+	ERROR_PLATFORM_MANIFEST_FILE_NOT_AUTHORIZED                               syscall.Errno = 4572
+	ERROR_PLATFORM_MANIFEST_CATALOG_NOT_AUTHORIZED                            syscall.Errno = 4573
+	ERROR_PLATFORM_MANIFEST_BINARY_ID_NOT_FOUND                               syscall.Errno = 4574
+	ERROR_PLATFORM_MANIFEST_NOT_ACTIVE                                        syscall.Errno = 4575
+	ERROR_PLATFORM_MANIFEST_NOT_SIGNED                                        syscall.Errno = 4576
+	ERROR_DEPENDENT_RESOURCE_EXISTS                                           syscall.Errno = 5001
+	ERROR_DEPENDENCY_NOT_FOUND                                                syscall.Errno = 5002
+	ERROR_DEPENDENCY_ALREADY_EXISTS                                           syscall.Errno = 5003
+	ERROR_RESOURCE_NOT_ONLINE                                                 syscall.Errno = 5004
+	ERROR_HOST_NODE_NOT_AVAILABLE                                             syscall.Errno = 5005
+	ERROR_RESOURCE_NOT_AVAILABLE                                              syscall.Errno = 5006
+	ERROR_RESOURCE_NOT_FOUND                                                  syscall.Errno = 5007
+	ERROR_SHUTDOWN_CLUSTER                                                    syscall.Errno = 5008
+	ERROR_CANT_EVICT_ACTIVE_NODE                                              syscall.Errno = 5009
+	ERROR_OBJECT_ALREADY_EXISTS                                               syscall.Errno = 5010
+	ERROR_OBJECT_IN_LIST                                                      syscall.Errno = 5011
+	ERROR_GROUP_NOT_AVAILABLE                                                 syscall.Errno = 5012
+	ERROR_GROUP_NOT_FOUND                                                     syscall.Errno = 5013
+	ERROR_GROUP_NOT_ONLINE                                                    syscall.Errno = 5014
+	ERROR_HOST_NODE_NOT_RESOURCE_OWNER                                        syscall.Errno = 5015
+	ERROR_HOST_NODE_NOT_GROUP_OWNER                                           syscall.Errno = 5016
+	ERROR_RESMON_CREATE_FAILED                                                syscall.Errno = 5017
+	ERROR_RESMON_ONLINE_FAILED                                                syscall.Errno = 5018
+	ERROR_RESOURCE_ONLINE                                                     syscall.Errno = 5019
+	ERROR_QUORUM_RESOURCE                                                     syscall.Errno = 5020
+	ERROR_NOT_QUORUM_CAPABLE                                                  syscall.Errno = 5021
+	ERROR_CLUSTER_SHUTTING_DOWN                                               syscall.Errno = 5022
+	ERROR_INVALID_STATE                                                       syscall.Errno = 5023
+	ERROR_RESOURCE_PROPERTIES_STORED                                          syscall.Errno = 5024
+	ERROR_NOT_QUORUM_CLASS                                                    syscall.Errno = 5025
+	ERROR_CORE_RESOURCE                                                       syscall.Errno = 5026
+	ERROR_QUORUM_RESOURCE_ONLINE_FAILED                                       syscall.Errno = 5027
+	ERROR_QUORUMLOG_OPEN_FAILED                                               syscall.Errno = 5028
+	ERROR_CLUSTERLOG_CORRUPT                                                  syscall.Errno = 5029
+	ERROR_CLUSTERLOG_RECORD_EXCEEDS_MAXSIZE                                   syscall.Errno = 5030
+	ERROR_CLUSTERLOG_EXCEEDS_MAXSIZE                                          syscall.Errno = 5031
+	ERROR_CLUSTERLOG_CHKPOINT_NOT_FOUND                                       syscall.Errno = 5032
+	ERROR_CLUSTERLOG_NOT_ENOUGH_SPACE                                         syscall.Errno = 5033
+	ERROR_QUORUM_OWNER_ALIVE                                                  syscall.Errno = 5034
+	ERROR_NETWORK_NOT_AVAILABLE                                               syscall.Errno = 5035
+	ERROR_NODE_NOT_AVAILABLE                                                  syscall.Errno = 5036
+	ERROR_ALL_NODES_NOT_AVAILABLE                                             syscall.Errno = 5037
+	ERROR_RESOURCE_FAILED                                                     syscall.Errno = 5038
+	ERROR_CLUSTER_INVALID_NODE                                                syscall.Errno = 5039
+	ERROR_CLUSTER_NODE_EXISTS                                                 syscall.Errno = 5040
+	ERROR_CLUSTER_JOIN_IN_PROGRESS                                            syscall.Errno = 5041
+	ERROR_CLUSTER_NODE_NOT_FOUND                                              syscall.Errno = 5042
+	ERROR_CLUSTER_LOCAL_NODE_NOT_FOUND                                        syscall.Errno = 5043
+	ERROR_CLUSTER_NETWORK_EXISTS                                              syscall.Errno = 5044
+	ERROR_CLUSTER_NETWORK_NOT_FOUND                                           syscall.Errno = 5045
+	ERROR_CLUSTER_NETINTERFACE_EXISTS                                         syscall.Errno = 5046
+	ERROR_CLUSTER_NETINTERFACE_NOT_FOUND                                      syscall.Errno = 5047
+	ERROR_CLUSTER_INVALID_REQUEST                                             syscall.Errno = 5048
+	ERROR_CLUSTER_INVALID_NETWORK_PROVIDER                                    syscall.Errno = 5049
+	ERROR_CLUSTER_NODE_DOWN                                                   syscall.Errno = 5050
+	ERROR_CLUSTER_NODE_UNREACHABLE                                            syscall.Errno = 5051
+	ERROR_CLUSTER_NODE_NOT_MEMBER                                             syscall.Errno = 5052
+	ERROR_CLUSTER_JOIN_NOT_IN_PROGRESS                                        syscall.Errno = 5053
+	ERROR_CLUSTER_INVALID_NETWORK                                             syscall.Errno = 5054
+	ERROR_CLUSTER_NODE_UP                                                     syscall.Errno = 5056
+	ERROR_CLUSTER_IPADDR_IN_USE                                               syscall.Errno = 5057
+	ERROR_CLUSTER_NODE_NOT_PAUSED                                             syscall.Errno = 5058
+	ERROR_CLUSTER_NO_SECURITY_CONTEXT                                         syscall.Errno = 5059
+	ERROR_CLUSTER_NETWORK_NOT_INTERNAL                                        syscall.Errno = 5060
+	ERROR_CLUSTER_NODE_ALREADY_UP                                             syscall.Errno = 5061
+	ERROR_CLUSTER_NODE_ALREADY_DOWN                                           syscall.Errno = 5062
+	ERROR_CLUSTER_NETWORK_ALREADY_ONLINE                                      syscall.Errno = 5063
+	ERROR_CLUSTER_NETWORK_ALREADY_OFFLINE                                     syscall.Errno = 5064
+	ERROR_CLUSTER_NODE_ALREADY_MEMBER                                         syscall.Errno = 5065
+	ERROR_CLUSTER_LAST_INTERNAL_NETWORK                                       syscall.Errno = 5066
+	ERROR_CLUSTER_NETWORK_HAS_DEPENDENTS                                      syscall.Errno = 5067
+	ERROR_INVALID_OPERATION_ON_QUORUM                                         syscall.Errno = 5068
+	ERROR_DEPENDENCY_NOT_ALLOWED                                              syscall.Errno = 5069
+	ERROR_CLUSTER_NODE_PAUSED                                                 syscall.Errno = 5070
+	ERROR_NODE_CANT_HOST_RESOURCE                                             syscall.Errno = 5071
+	ERROR_CLUSTER_NODE_NOT_READY                                              syscall.Errno = 5072
+	ERROR_CLUSTER_NODE_SHUTTING_DOWN                                          syscall.Errno = 5073
+	ERROR_CLUSTER_JOIN_ABORTED                                                syscall.Errno = 5074
+	ERROR_CLUSTER_INCOMPATIBLE_VERSIONS                                       syscall.Errno = 5075
+	ERROR_CLUSTER_MAXNUM_OF_RESOURCES_EXCEEDED                                syscall.Errno = 5076
+	ERROR_CLUSTER_SYSTEM_CONFIG_CHANGED                                       syscall.Errno = 5077
+	ERROR_CLUSTER_RESOURCE_TYPE_NOT_FOUND                                     syscall.Errno = 5078
+	ERROR_CLUSTER_RESTYPE_NOT_SUPPORTED                                       syscall.Errno = 5079
+	ERROR_CLUSTER_RESNAME_NOT_FOUND                                           syscall.Errno = 5080
+	ERROR_CLUSTER_NO_RPC_PACKAGES_REGISTERED                                  syscall.Errno = 5081
+	ERROR_CLUSTER_OWNER_NOT_IN_PREFLIST                                       syscall.Errno = 5082
+	ERROR_CLUSTER_DATABASE_SEQMISMATCH                                        syscall.Errno = 5083
+	ERROR_RESMON_INVALID_STATE                                                syscall.Errno = 5084
+	ERROR_CLUSTER_GUM_NOT_LOCKER                                              syscall.Errno = 5085
+	ERROR_QUORUM_DISK_NOT_FOUND                                               syscall.Errno = 5086
+	ERROR_DATABASE_BACKUP_CORRUPT                                             syscall.Errno = 5087
+	ERROR_CLUSTER_NODE_ALREADY_HAS_DFS_ROOT                                   syscall.Errno = 5088
+	ERROR_RESOURCE_PROPERTY_UNCHANGEABLE                                      syscall.Errno = 5089
+	ERROR_NO_ADMIN_ACCESS_POINT                                               syscall.Errno = 5090
+	ERROR_CLUSTER_MEMBERSHIP_INVALID_STATE                                    syscall.Errno = 5890
+	ERROR_CLUSTER_QUORUMLOG_NOT_FOUND                                         syscall.Errno = 5891
+	ERROR_CLUSTER_MEMBERSHIP_HALT                                             syscall.Errno = 5892
+	ERROR_CLUSTER_INSTANCE_ID_MISMATCH                                        syscall.Errno = 5893
+	ERROR_CLUSTER_NETWORK_NOT_FOUND_FOR_IP                                    syscall.Errno = 5894
+	ERROR_CLUSTER_PROPERTY_DATA_TYPE_MISMATCH                                 syscall.Errno = 5895
+	ERROR_CLUSTER_EVICT_WITHOUT_CLEANUP                                       syscall.Errno = 5896
+	ERROR_CLUSTER_PARAMETER_MISMATCH                                          syscall.Errno = 5897
+	ERROR_NODE_CANNOT_BE_CLUSTERED                                            syscall.Errno = 5898
+	ERROR_CLUSTER_WRONG_OS_VERSION                                            syscall.Errno = 5899
+	ERROR_CLUSTER_CANT_CREATE_DUP_CLUSTER_NAME                                syscall.Errno = 5900
+	ERROR_CLUSCFG_ALREADY_COMMITTED                                           syscall.Errno = 5901
+	ERROR_CLUSCFG_ROLLBACK_FAILED                                             syscall.Errno = 5902
+	ERROR_CLUSCFG_SYSTEM_DISK_DRIVE_LETTER_CONFLICT                           syscall.Errno = 5903
+	ERROR_CLUSTER_OLD_VERSION                                                 syscall.Errno = 5904
+	ERROR_CLUSTER_MISMATCHED_COMPUTER_ACCT_NAME                               syscall.Errno = 5905
+	ERROR_CLUSTER_NO_NET_ADAPTERS                                             syscall.Errno = 5906
+	ERROR_CLUSTER_POISONED                                                    syscall.Errno = 5907
+	ERROR_CLUSTER_GROUP_MOVING                                                syscall.Errno = 5908
+	ERROR_CLUSTER_RESOURCE_TYPE_BUSY                                          syscall.Errno = 5909
+	ERROR_RESOURCE_CALL_TIMED_OUT                                             syscall.Errno = 5910
+	ERROR_INVALID_CLUSTER_IPV6_ADDRESS                                        syscall.Errno = 5911
+	ERROR_CLUSTER_INTERNAL_INVALID_FUNCTION                                   syscall.Errno = 5912
+	ERROR_CLUSTER_PARAMETER_OUT_OF_BOUNDS                                     syscall.Errno = 5913
+	ERROR_CLUSTER_PARTIAL_SEND                                                syscall.Errno = 5914
+	ERROR_CLUSTER_REGISTRY_INVALID_FUNCTION                                   syscall.Errno = 5915
+	ERROR_CLUSTER_INVALID_STRING_TERMINATION                                  syscall.Errno = 5916
+	ERROR_CLUSTER_INVALID_STRING_FORMAT                                       syscall.Errno = 5917
+	ERROR_CLUSTER_DATABASE_TRANSACTION_IN_PROGRESS                            syscall.Errno = 5918
+	ERROR_CLUSTER_DATABASE_TRANSACTION_NOT_IN_PROGRESS                        syscall.Errno = 5919
+	ERROR_CLUSTER_NULL_DATA                                                   syscall.Errno = 5920
+	ERROR_CLUSTER_PARTIAL_READ                                                syscall.Errno = 5921
+	ERROR_CLUSTER_PARTIAL_WRITE                                               syscall.Errno = 5922
+	ERROR_CLUSTER_CANT_DESERIALIZE_DATA                                       syscall.Errno = 5923
+	ERROR_DEPENDENT_RESOURCE_PROPERTY_CONFLICT                                syscall.Errno = 5924
+	ERROR_CLUSTER_NO_QUORUM                                                   syscall.Errno = 5925
+	ERROR_CLUSTER_INVALID_IPV6_NETWORK                                        syscall.Errno = 5926
+	ERROR_CLUSTER_INVALID_IPV6_TUNNEL_NETWORK                                 syscall.Errno = 5927
+	ERROR_QUORUM_NOT_ALLOWED_IN_THIS_GROUP                                    syscall.Errno = 5928
+	ERROR_DEPENDENCY_TREE_TOO_COMPLEX                                         syscall.Errno = 5929
+	ERROR_EXCEPTION_IN_RESOURCE_CALL                                          syscall.Errno = 5930
+	ERROR_CLUSTER_RHS_FAILED_INITIALIZATION                                   syscall.Errno = 5931
+	ERROR_CLUSTER_NOT_INSTALLED                                               syscall.Errno = 5932
+	ERROR_CLUSTER_RESOURCES_MUST_BE_ONLINE_ON_THE_SAME_NODE                   syscall.Errno = 5933
+	ERROR_CLUSTER_MAX_NODES_IN_CLUSTER                                        syscall.Errno = 5934
+	ERROR_CLUSTER_TOO_MANY_NODES                                              syscall.Errno = 5935
+	ERROR_CLUSTER_OBJECT_ALREADY_USED                                         syscall.Errno = 5936
+	ERROR_NONCORE_GROUPS_FOUND                                                syscall.Errno = 5937
+	ERROR_FILE_SHARE_RESOURCE_CONFLICT                                        syscall.Errno = 5938
+	ERROR_CLUSTER_EVICT_INVALID_REQUEST                                       syscall.Errno = 5939
+	ERROR_CLUSTER_SINGLETON_RESOURCE                                          syscall.Errno = 5940
+	ERROR_CLUSTER_GROUP_SINGLETON_RESOURCE                                    syscall.Errno = 5941
+	ERROR_CLUSTER_RESOURCE_PROVIDER_FAILED                                    syscall.Errno = 5942
+	ERROR_CLUSTER_RESOURCE_CONFIGURATION_ERROR                                syscall.Errno = 5943
+	ERROR_CLUSTER_GROUP_BUSY                                                  syscall.Errno = 5944
+	ERROR_CLUSTER_NOT_SHARED_VOLUME                                           syscall.Errno = 5945
+	ERROR_CLUSTER_INVALID_SECURITY_DESCRIPTOR                                 syscall.Errno = 5946
+	ERROR_CLUSTER_SHARED_VOLUMES_IN_USE                                       syscall.Errno = 5947
+	ERROR_CLUSTER_USE_SHARED_VOLUMES_API                                      syscall.Errno = 5948
+	ERROR_CLUSTER_BACKUP_IN_PROGRESS                                          syscall.Errno = 5949
+	ERROR_NON_CSV_PATH                                                        syscall.Errno = 5950
+	ERROR_CSV_VOLUME_NOT_LOCAL                                                syscall.Errno = 5951
+	ERROR_CLUSTER_WATCHDOG_TERMINATING                                        syscall.Errno = 5952
+	ERROR_CLUSTER_RESOURCE_VETOED_MOVE_INCOMPATIBLE_NODES                     syscall.Errno = 5953
+	ERROR_CLUSTER_INVALID_NODE_WEIGHT                                         syscall.Errno = 5954
+	ERROR_CLUSTER_RESOURCE_VETOED_CALL                                        syscall.Errno = 5955
+	ERROR_RESMON_SYSTEM_RESOURCES_LACKING                                     syscall.Errno = 5956
+	ERROR_CLUSTER_RESOURCE_VETOED_MOVE_NOT_ENOUGH_RESOURCES_ON_DESTINATION    syscall.Errno = 5957
+	ERROR_CLUSTER_RESOURCE_VETOED_MOVE_NOT_ENOUGH_RESOURCES_ON_SOURCE         syscall.Errno = 5958
+	ERROR_CLUSTER_GROUP_QUEUED                                                syscall.Errno = 5959
+	ERROR_CLUSTER_RESOURCE_LOCKED_STATUS                                      syscall.Errno = 5960
+	ERROR_CLUSTER_SHARED_VOLUME_FAILOVER_NOT_ALLOWED                          syscall.Errno = 5961
+	ERROR_CLUSTER_NODE_DRAIN_IN_PROGRESS                                      syscall.Errno = 5962
+	ERROR_CLUSTER_DISK_NOT_CONNECTED                                          syscall.Errno = 5963
+	ERROR_DISK_NOT_CSV_CAPABLE                                                syscall.Errno = 5964
+	ERROR_RESOURCE_NOT_IN_AVAILABLE_STORAGE                                   syscall.Errno = 5965
+	ERROR_CLUSTER_SHARED_VOLUME_REDIRECTED                                    syscall.Errno = 5966
+	ERROR_CLUSTER_SHARED_VOLUME_NOT_REDIRECTED                                syscall.Errno = 5967
+	ERROR_CLUSTER_CANNOT_RETURN_PROPERTIES                                    syscall.Errno = 5968
+	ERROR_CLUSTER_RESOURCE_CONTAINS_UNSUPPORTED_DIFF_AREA_FOR_SHARED_VOLUMES  syscall.Errno = 5969
+	ERROR_CLUSTER_RESOURCE_IS_IN_MAINTENANCE_MODE                             syscall.Errno = 5970
+	ERROR_CLUSTER_AFFINITY_CONFLICT                                           syscall.Errno = 5971
+	ERROR_CLUSTER_RESOURCE_IS_REPLICA_VIRTUAL_MACHINE                         syscall.Errno = 5972
+	ERROR_CLUSTER_UPGRADE_INCOMPATIBLE_VERSIONS                               syscall.Errno = 5973
+	ERROR_CLUSTER_UPGRADE_FIX_QUORUM_NOT_SUPPORTED                            syscall.Errno = 5974
+	ERROR_CLUSTER_UPGRADE_RESTART_REQUIRED                                    syscall.Errno = 5975
+	ERROR_CLUSTER_UPGRADE_IN_PROGRESS                                         syscall.Errno = 5976
+	ERROR_CLUSTER_UPGRADE_INCOMPLETE                                          syscall.Errno = 5977
+	ERROR_CLUSTER_NODE_IN_GRACE_PERIOD                                        syscall.Errno = 5978
+	ERROR_CLUSTER_CSV_IO_PAUSE_TIMEOUT                                        syscall.Errno = 5979
+	ERROR_NODE_NOT_ACTIVE_CLUSTER_MEMBER                                      syscall.Errno = 5980
+	ERROR_CLUSTER_RESOURCE_NOT_MONITORED                                      syscall.Errno = 5981
+	ERROR_CLUSTER_RESOURCE_DOES_NOT_SUPPORT_UNMONITORED                       syscall.Errno = 5982
+	ERROR_CLUSTER_RESOURCE_IS_REPLICATED                                      syscall.Errno = 5983
+	ERROR_CLUSTER_NODE_ISOLATED                                               syscall.Errno = 5984
+	ERROR_CLUSTER_NODE_QUARANTINED                                            syscall.Errno = 5985
+	ERROR_CLUSTER_DATABASE_UPDATE_CONDITION_FAILED                            syscall.Errno = 5986
+	ERROR_CLUSTER_SPACE_DEGRADED                                              syscall.Errno = 5987
+	ERROR_CLUSTER_TOKEN_DELEGATION_NOT_SUPPORTED                              syscall.Errno = 5988
+	ERROR_CLUSTER_CSV_INVALID_HANDLE                                          syscall.Errno = 5989
+	ERROR_CLUSTER_CSV_SUPPORTED_ONLY_ON_COORDINATOR                           syscall.Errno = 5990
+	ERROR_GROUPSET_NOT_AVAILABLE                                              syscall.Errno = 5991
+	ERROR_GROUPSET_NOT_FOUND                                                  syscall.Errno = 5992
+	ERROR_GROUPSET_CANT_PROVIDE                                               syscall.Errno = 5993
+	ERROR_CLUSTER_FAULT_DOMAIN_PARENT_NOT_FOUND                               syscall.Errno = 5994
+	ERROR_CLUSTER_FAULT_DOMAIN_INVALID_HIERARCHY                              syscall.Errno = 5995
+	ERROR_CLUSTER_FAULT_DOMAIN_FAILED_S2D_VALIDATION                          syscall.Errno = 5996
+	ERROR_CLUSTER_FAULT_DOMAIN_S2D_CONNECTIVITY_LOSS                          syscall.Errno = 5997
+	ERROR_CLUSTER_INVALID_INFRASTRUCTURE_FILESERVER_NAME                      syscall.Errno = 5998
+	ERROR_CLUSTERSET_MANAGEMENT_CLUSTER_UNREACHABLE                           syscall.Errno = 5999
+	ERROR_ENCRYPTION_FAILED                                                   syscall.Errno = 6000
+	ERROR_DECRYPTION_FAILED                                                   syscall.Errno = 6001
+	ERROR_FILE_ENCRYPTED                                                      syscall.Errno = 6002
+	ERROR_NO_RECOVERY_POLICY                                                  syscall.Errno = 6003
+	ERROR_NO_EFS                                                              syscall.Errno = 6004
+	ERROR_WRONG_EFS                                                           syscall.Errno = 6005
+	ERROR_NO_USER_KEYS                                                        syscall.Errno = 6006
+	ERROR_FILE_NOT_ENCRYPTED                                                  syscall.Errno = 6007
+	ERROR_NOT_EXPORT_FORMAT                                                   syscall.Errno = 6008
+	ERROR_FILE_READ_ONLY                                                      syscall.Errno = 6009
+	ERROR_DIR_EFS_DISALLOWED                                                  syscall.Errno = 6010
+	ERROR_EFS_SERVER_NOT_TRUSTED                                              syscall.Errno = 6011
+	ERROR_BAD_RECOVERY_POLICY                                                 syscall.Errno = 6012
+	ERROR_EFS_ALG_BLOB_TOO_BIG                                                syscall.Errno = 6013
+	ERROR_VOLUME_NOT_SUPPORT_EFS                                              syscall.Errno = 6014
+	ERROR_EFS_DISABLED                                                        syscall.Errno = 6015
+	ERROR_EFS_VERSION_NOT_SUPPORT                                             syscall.Errno = 6016
+	ERROR_CS_ENCRYPTION_INVALID_SERVER_RESPONSE                               syscall.Errno = 6017
+	ERROR_CS_ENCRYPTION_UNSUPPORTED_SERVER                                    syscall.Errno = 6018
+	ERROR_CS_ENCRYPTION_EXISTING_ENCRYPTED_FILE                               syscall.Errno = 6019
+	ERROR_CS_ENCRYPTION_NEW_ENCRYPTED_FILE                                    syscall.Errno = 6020
+	ERROR_CS_ENCRYPTION_FILE_NOT_CSE                                          syscall.Errno = 6021
+	ERROR_ENCRYPTION_POLICY_DENIES_OPERATION                                  syscall.Errno = 6022
+	ERROR_WIP_ENCRYPTION_FAILED                                               syscall.Errno = 6023
+	ERROR_NO_BROWSER_SERVERS_FOUND                                            syscall.Errno = 6118
+	SCHED_E_SERVICE_NOT_LOCALSYSTEM                                           syscall.Errno = 6200
+	ERROR_LOG_SECTOR_INVALID                                                  syscall.Errno = 6600
+	ERROR_LOG_SECTOR_PARITY_INVALID                                           syscall.Errno = 6601
+	ERROR_LOG_SECTOR_REMAPPED                                                 syscall.Errno = 6602
+	ERROR_LOG_BLOCK_INCOMPLETE                                                syscall.Errno = 6603
+	ERROR_LOG_INVALID_RANGE                                                   syscall.Errno = 6604
+	ERROR_LOG_BLOCKS_EXHAUSTED                                                syscall.Errno = 6605
+	ERROR_LOG_READ_CONTEXT_INVALID                                            syscall.Errno = 6606
+	ERROR_LOG_RESTART_INVALID                                                 syscall.Errno = 6607
+	ERROR_LOG_BLOCK_VERSION                                                   syscall.Errno = 6608
+	ERROR_LOG_BLOCK_INVALID                                                   syscall.Errno = 6609
+	ERROR_LOG_READ_MODE_INVALID                                               syscall.Errno = 6610
+	ERROR_LOG_NO_RESTART                                                      syscall.Errno = 6611
+	ERROR_LOG_METADATA_CORRUPT                                                syscall.Errno = 6612
+	ERROR_LOG_METADATA_INVALID                                                syscall.Errno = 6613
+	ERROR_LOG_METADATA_INCONSISTENT                                           syscall.Errno = 6614
+	ERROR_LOG_RESERVATION_INVALID                                             syscall.Errno = 6615
+	ERROR_LOG_CANT_DELETE                                                     syscall.Errno = 6616
+	ERROR_LOG_CONTAINER_LIMIT_EXCEEDED                                        syscall.Errno = 6617
+	ERROR_LOG_START_OF_LOG                                                    syscall.Errno = 6618
+	ERROR_LOG_POLICY_ALREADY_INSTALLED                                        syscall.Errno = 6619
+	ERROR_LOG_POLICY_NOT_INSTALLED                                            syscall.Errno = 6620
+	ERROR_LOG_POLICY_INVALID                                                  syscall.Errno = 6621
+	ERROR_LOG_POLICY_CONFLICT                                                 syscall.Errno = 6622
+	ERROR_LOG_PINNED_ARCHIVE_TAIL                                             syscall.Errno = 6623
+	ERROR_LOG_RECORD_NONEXISTENT                                              syscall.Errno = 6624
+	ERROR_LOG_RECORDS_RESERVED_INVALID                                        syscall.Errno = 6625
+	ERROR_LOG_SPACE_RESERVED_INVALID                                          syscall.Errno = 6626
+	ERROR_LOG_TAIL_INVALID                                                    syscall.Errno = 6627
+	ERROR_LOG_FULL                                                            syscall.Errno = 6628
+	ERROR_COULD_NOT_RESIZE_LOG                                                syscall.Errno = 6629
+	ERROR_LOG_MULTIPLEXED                                                     syscall.Errno = 6630
+	ERROR_LOG_DEDICATED                                                       syscall.Errno = 6631
+	ERROR_LOG_ARCHIVE_NOT_IN_PROGRESS                                         syscall.Errno = 6632
+	ERROR_LOG_ARCHIVE_IN_PROGRESS                                             syscall.Errno = 6633
+	ERROR_LOG_EPHEMERAL                                                       syscall.Errno = 6634
+	ERROR_LOG_NOT_ENOUGH_CONTAINERS                                           syscall.Errno = 6635
+	ERROR_LOG_CLIENT_ALREADY_REGISTERED                                       syscall.Errno = 6636
+	ERROR_LOG_CLIENT_NOT_REGISTERED                                           syscall.Errno = 6637
+	ERROR_LOG_FULL_HANDLER_IN_PROGRESS                                        syscall.Errno = 6638
+	ERROR_LOG_CONTAINER_READ_FAILED                                           syscall.Errno = 6639
+	ERROR_LOG_CONTAINER_WRITE_FAILED                                          syscall.Errno = 6640
+	ERROR_LOG_CONTAINER_OPEN_FAILED                                           syscall.Errno = 6641
+	ERROR_LOG_CONTAINER_STATE_INVALID                                         syscall.Errno = 6642
+	ERROR_LOG_STATE_INVALID                                                   syscall.Errno = 6643
+	ERROR_LOG_PINNED                                                          syscall.Errno = 6644
+	ERROR_LOG_METADATA_FLUSH_FAILED                                           syscall.Errno = 6645
+	ERROR_LOG_INCONSISTENT_SECURITY                                           syscall.Errno = 6646
+	ERROR_LOG_APPENDED_FLUSH_FAILED                                           syscall.Errno = 6647
+	ERROR_LOG_PINNED_RESERVATION                                              syscall.Errno = 6648
+	ERROR_INVALID_TRANSACTION                                                 syscall.Errno = 6700
+	ERROR_TRANSACTION_NOT_ACTIVE                                              syscall.Errno = 6701
+	ERROR_TRANSACTION_REQUEST_NOT_VALID                                       syscall.Errno = 6702
+	ERROR_TRANSACTION_NOT_REQUESTED                                           syscall.Errno = 6703
+	ERROR_TRANSACTION_ALREADY_ABORTED                                         syscall.Errno = 6704
+	ERROR_TRANSACTION_ALREADY_COMMITTED                                       syscall.Errno = 6705
+	ERROR_TM_INITIALIZATION_FAILED                                            syscall.Errno = 6706
+	ERROR_RESOURCEMANAGER_READ_ONLY                                           syscall.Errno = 6707
+	ERROR_TRANSACTION_NOT_JOINED                                              syscall.Errno = 6708
+	ERROR_TRANSACTION_SUPERIOR_EXISTS                                         syscall.Errno = 6709
+	ERROR_CRM_PROTOCOL_ALREADY_EXISTS                                         syscall.Errno = 6710
+	ERROR_TRANSACTION_PROPAGATION_FAILED                                      syscall.Errno = 6711
+	ERROR_CRM_PROTOCOL_NOT_FOUND                                              syscall.Errno = 6712
+	ERROR_TRANSACTION_INVALID_MARSHALL_BUFFER                                 syscall.Errno = 6713
+	ERROR_CURRENT_TRANSACTION_NOT_VALID                                       syscall.Errno = 6714
+	ERROR_TRANSACTION_NOT_FOUND                                               syscall.Errno = 6715
+	ERROR_RESOURCEMANAGER_NOT_FOUND                                           syscall.Errno = 6716
+	ERROR_ENLISTMENT_NOT_FOUND                                                syscall.Errno = 6717
+	ERROR_TRANSACTIONMANAGER_NOT_FOUND                                        syscall.Errno = 6718
+	ERROR_TRANSACTIONMANAGER_NOT_ONLINE                                       syscall.Errno = 6719
+	ERROR_TRANSACTIONMANAGER_RECOVERY_NAME_COLLISION                          syscall.Errno = 6720
+	ERROR_TRANSACTION_NOT_ROOT                                                syscall.Errno = 6721
+	ERROR_TRANSACTION_OBJECT_EXPIRED                                          syscall.Errno = 6722
+	ERROR_TRANSACTION_RESPONSE_NOT_ENLISTED                                   syscall.Errno = 6723
+	ERROR_TRANSACTION_RECORD_TOO_LONG                                         syscall.Errno = 6724
+	ERROR_IMPLICIT_TRANSACTION_NOT_SUPPORTED                                  syscall.Errno = 6725
+	ERROR_TRANSACTION_INTEGRITY_VIOLATED                                      syscall.Errno = 6726
+	ERROR_TRANSACTIONMANAGER_IDENTITY_MISMATCH                                syscall.Errno = 6727
+	ERROR_RM_CANNOT_BE_FROZEN_FOR_SNAPSHOT                                    syscall.Errno = 6728
+	ERROR_TRANSACTION_MUST_WRITETHROUGH                                       syscall.Errno = 6729
+	ERROR_TRANSACTION_NO_SUPERIOR                                             syscall.Errno = 6730
+	ERROR_HEURISTIC_DAMAGE_POSSIBLE                                           syscall.Errno = 6731
+	ERROR_TRANSACTIONAL_CONFLICT                                              syscall.Errno = 6800
+	ERROR_RM_NOT_ACTIVE                                                       syscall.Errno = 6801
+	ERROR_RM_METADATA_CORRUPT                                                 syscall.Errno = 6802
+	ERROR_DIRECTORY_NOT_RM                                                    syscall.Errno = 6803
+	ERROR_TRANSACTIONS_UNSUPPORTED_REMOTE                                     syscall.Errno = 6805
+	ERROR_LOG_RESIZE_INVALID_SIZE                                             syscall.Errno = 6806
+	ERROR_OBJECT_NO_LONGER_EXISTS                                             syscall.Errno = 6807
+	ERROR_STREAM_MINIVERSION_NOT_FOUND                                        syscall.Errno = 6808
+	ERROR_STREAM_MINIVERSION_NOT_VALID                                        syscall.Errno = 6809
+	ERROR_MINIVERSION_INACCESSIBLE_FROM_SPECIFIED_TRANSACTION                 syscall.Errno = 6810
+	ERROR_CANT_OPEN_MINIVERSION_WITH_MODIFY_INTENT                            syscall.Errno = 6811
+	ERROR_CANT_CREATE_MORE_STREAM_MINIVERSIONS                                syscall.Errno = 6812
+	ERROR_REMOTE_FILE_VERSION_MISMATCH                                        syscall.Errno = 6814
+	ERROR_HANDLE_NO_LONGER_VALID                                              syscall.Errno = 6815
+	ERROR_NO_TXF_METADATA                                                     syscall.Errno = 6816
+	ERROR_LOG_CORRUPTION_DETECTED                                             syscall.Errno = 6817
+	ERROR_CANT_RECOVER_WITH_HANDLE_OPEN                                       syscall.Errno = 6818
+	ERROR_RM_DISCONNECTED                                                     syscall.Errno = 6819
+	ERROR_ENLISTMENT_NOT_SUPERIOR                                             syscall.Errno = 6820
+	ERROR_RECOVERY_NOT_NEEDED                                                 syscall.Errno = 6821
+	ERROR_RM_ALREADY_STARTED                                                  syscall.Errno = 6822
+	ERROR_FILE_IDENTITY_NOT_PERSISTENT                                        syscall.Errno = 6823
+	ERROR_CANT_BREAK_TRANSACTIONAL_DEPENDENCY                                 syscall.Errno = 6824
+	ERROR_CANT_CROSS_RM_BOUNDARY                                              syscall.Errno = 6825
+	ERROR_TXF_DIR_NOT_EMPTY                                                   syscall.Errno = 6826
+	ERROR_INDOUBT_TRANSACTIONS_EXIST                                          syscall.Errno = 6827
+	ERROR_TM_VOLATILE                                                         syscall.Errno = 6828
+	ERROR_ROLLBACK_TIMER_EXPIRED                                              syscall.Errno = 6829
+	ERROR_TXF_ATTRIBUTE_CORRUPT                                               syscall.Errno = 6830
+	ERROR_EFS_NOT_ALLOWED_IN_TRANSACTION                                      syscall.Errno = 6831
+	ERROR_TRANSACTIONAL_OPEN_NOT_ALLOWED                                      syscall.Errno = 6832
+	ERROR_LOG_GROWTH_FAILED                                                   syscall.Errno = 6833
+	ERROR_TRANSACTED_MAPPING_UNSUPPORTED_REMOTE                               syscall.Errno = 6834
+	ERROR_TXF_METADATA_ALREADY_PRESENT                                        syscall.Errno = 6835
+	ERROR_TRANSACTION_SCOPE_CALLBACKS_NOT_SET                                 syscall.Errno = 6836
+	ERROR_TRANSACTION_REQUIRED_PROMOTION                                      syscall.Errno = 6837
+	ERROR_CANNOT_EXECUTE_FILE_IN_TRANSACTION                                  syscall.Errno = 6838
+	ERROR_TRANSACTIONS_NOT_FROZEN                                             syscall.Errno = 6839
+	ERROR_TRANSACTION_FREEZE_IN_PROGRESS                                      syscall.Errno = 6840
+	ERROR_NOT_SNAPSHOT_VOLUME                                                 syscall.Errno = 6841
+	ERROR_NO_SAVEPOINT_WITH_OPEN_FILES                                        syscall.Errno = 6842
+	ERROR_DATA_LOST_REPAIR                                                    syscall.Errno = 6843
+	ERROR_SPARSE_NOT_ALLOWED_IN_TRANSACTION                                   syscall.Errno = 6844
+	ERROR_TM_IDENTITY_MISMATCH                                                syscall.Errno = 6845
+	ERROR_FLOATED_SECTION                                                     syscall.Errno = 6846
+	ERROR_CANNOT_ACCEPT_TRANSACTED_WORK                                       syscall.Errno = 6847
+	ERROR_CANNOT_ABORT_TRANSACTIONS                                           syscall.Errno = 6848
+	ERROR_BAD_CLUSTERS                                                        syscall.Errno = 6849
+	ERROR_COMPRESSION_NOT_ALLOWED_IN_TRANSACTION                              syscall.Errno = 6850
+	ERROR_VOLUME_DIRTY                                                        syscall.Errno = 6851
+	ERROR_NO_LINK_TRACKING_IN_TRANSACTION                                     syscall.Errno = 6852
+	ERROR_OPERATION_NOT_SUPPORTED_IN_TRANSACTION                              syscall.Errno = 6853
+	ERROR_EXPIRED_HANDLE                                                      syscall.Errno = 6854
+	ERROR_TRANSACTION_NOT_ENLISTED                                            syscall.Errno = 6855
+	ERROR_CTX_WINSTATION_NAME_INVALID                                         syscall.Errno = 7001
+	ERROR_CTX_INVALID_PD                                                      syscall.Errno = 7002
+	ERROR_CTX_PD_NOT_FOUND                                                    syscall.Errno = 7003
+	ERROR_CTX_WD_NOT_FOUND                                                    syscall.Errno = 7004
+	ERROR_CTX_CANNOT_MAKE_EVENTLOG_ENTRY                                      syscall.Errno = 7005
+	ERROR_CTX_SERVICE_NAME_COLLISION                                          syscall.Errno = 7006
+	ERROR_CTX_CLOSE_PENDING                                                   syscall.Errno = 7007
+	ERROR_CTX_NO_OUTBUF                                                       syscall.Errno = 7008
+	ERROR_CTX_MODEM_INF_NOT_FOUND                                             syscall.Errno = 7009
+	ERROR_CTX_INVALID_MODEMNAME                                               syscall.Errno = 7010
+	ERROR_CTX_MODEM_RESPONSE_ERROR                                            syscall.Errno = 7011
+	ERROR_CTX_MODEM_RESPONSE_TIMEOUT                                          syscall.Errno = 7012
+	ERROR_CTX_MODEM_RESPONSE_NO_CARRIER                                       syscall.Errno = 7013
+	ERROR_CTX_MODEM_RESPONSE_NO_DIALTONE                                      syscall.Errno = 7014
+	ERROR_CTX_MODEM_RESPONSE_BUSY                                             syscall.Errno = 7015
+	ERROR_CTX_MODEM_RESPONSE_VOICE                                            syscall.Errno = 7016
+	ERROR_CTX_TD_ERROR                                                        syscall.Errno = 7017
+	ERROR_CTX_WINSTATION_NOT_FOUND                                            syscall.Errno = 7022
+	ERROR_CTX_WINSTATION_ALREADY_EXISTS                                       syscall.Errno = 7023
+	ERROR_CTX_WINSTATION_BUSY                                                 syscall.Errno = 7024
+	ERROR_CTX_BAD_VIDEO_MODE                                                  syscall.Errno = 7025
+	ERROR_CTX_GRAPHICS_INVALID                                                syscall.Errno = 7035
+	ERROR_CTX_LOGON_DISABLED                                                  syscall.Errno = 7037
+	ERROR_CTX_NOT_CONSOLE                                                     syscall.Errno = 7038
+	ERROR_CTX_CLIENT_QUERY_TIMEOUT                                            syscall.Errno = 7040
+	ERROR_CTX_CONSOLE_DISCONNECT                                              syscall.Errno = 7041
+	ERROR_CTX_CONSOLE_CONNECT                                                 syscall.Errno = 7042
+	ERROR_CTX_SHADOW_DENIED                                                   syscall.Errno = 7044
+	ERROR_CTX_WINSTATION_ACCESS_DENIED                                        syscall.Errno = 7045
+	ERROR_CTX_INVALID_WD                                                      syscall.Errno = 7049
+	ERROR_CTX_SHADOW_INVALID                                                  syscall.Errno = 7050
+	ERROR_CTX_SHADOW_DISABLED                                                 syscall.Errno = 7051
+	ERROR_CTX_CLIENT_LICENSE_IN_USE                                           syscall.Errno = 7052
+	ERROR_CTX_CLIENT_LICENSE_NOT_SET                                          syscall.Errno = 7053
+	ERROR_CTX_LICENSE_NOT_AVAILABLE                                           syscall.Errno = 7054
+	ERROR_CTX_LICENSE_CLIENT_INVALID                                          syscall.Errno = 7055
+	ERROR_CTX_LICENSE_EXPIRED                                                 syscall.Errno = 7056
+	ERROR_CTX_SHADOW_NOT_RUNNING                                              syscall.Errno = 7057
+	ERROR_CTX_SHADOW_ENDED_BY_MODE_CHANGE                                     syscall.Errno = 7058
+	ERROR_ACTIVATION_COUNT_EXCEEDED                                           syscall.Errno = 7059
+	ERROR_CTX_WINSTATIONS_DISABLED                                            syscall.Errno = 7060
+	ERROR_CTX_ENCRYPTION_LEVEL_REQUIRED                                       syscall.Errno = 7061
+	ERROR_CTX_SESSION_IN_USE                                                  syscall.Errno = 7062
+	ERROR_CTX_NO_FORCE_LOGOFF                                                 syscall.Errno = 7063
+	ERROR_CTX_ACCOUNT_RESTRICTION                                             syscall.Errno = 7064
+	ERROR_RDP_PROTOCOL_ERROR                                                  syscall.Errno = 7065
+	ERROR_CTX_CDM_CONNECT                                                     syscall.Errno = 7066
+	ERROR_CTX_CDM_DISCONNECT                                                  syscall.Errno = 7067
+	ERROR_CTX_SECURITY_LAYER_ERROR                                            syscall.Errno = 7068
+	ERROR_TS_INCOMPATIBLE_SESSIONS                                            syscall.Errno = 7069
+	ERROR_TS_VIDEO_SUBSYSTEM_ERROR                                            syscall.Errno = 7070
+	FRS_ERR_INVALID_API_SEQUENCE                                              syscall.Errno = 8001
+	FRS_ERR_STARTING_SERVICE                                                  syscall.Errno = 8002
+	FRS_ERR_STOPPING_SERVICE                                                  syscall.Errno = 8003
+	FRS_ERR_INTERNAL_API                                                      syscall.Errno = 8004
+	FRS_ERR_INTERNAL                                                          syscall.Errno = 8005
+	FRS_ERR_SERVICE_COMM                                                      syscall.Errno = 8006
+	FRS_ERR_INSUFFICIENT_PRIV                                                 syscall.Errno = 8007
+	FRS_ERR_AUTHENTICATION                                                    syscall.Errno = 8008
+	FRS_ERR_PARENT_INSUFFICIENT_PRIV                                          syscall.Errno = 8009
+	FRS_ERR_PARENT_AUTHENTICATION                                             syscall.Errno = 8010
+	FRS_ERR_CHILD_TO_PARENT_COMM                                              syscall.Errno = 8011
+	FRS_ERR_PARENT_TO_CHILD_COMM                                              syscall.Errno = 8012
+	FRS_ERR_SYSVOL_POPULATE                                                   syscall.Errno = 8013
+	FRS_ERR_SYSVOL_POPULATE_TIMEOUT                                           syscall.Errno = 8014
+	FRS_ERR_SYSVOL_IS_BUSY                                                    syscall.Errno = 8015
+	FRS_ERR_SYSVOL_DEMOTE                                                     syscall.Errno = 8016
+	FRS_ERR_INVALID_SERVICE_PARAMETER                                         syscall.Errno = 8017
+	DS_S_SUCCESS                                                                            = ERROR_SUCCESS
+	ERROR_DS_NOT_INSTALLED                                                    syscall.Errno = 8200
+	ERROR_DS_MEMBERSHIP_EVALUATED_LOCALLY                                     syscall.Errno = 8201
+	ERROR_DS_NO_ATTRIBUTE_OR_VALUE                                            syscall.Errno = 8202
+	ERROR_DS_INVALID_ATTRIBUTE_SYNTAX                                         syscall.Errno = 8203
+	ERROR_DS_ATTRIBUTE_TYPE_UNDEFINED                                         syscall.Errno = 8204
+	ERROR_DS_ATTRIBUTE_OR_VALUE_EXISTS                                        syscall.Errno = 8205
+	ERROR_DS_BUSY                                                             syscall.Errno = 8206
+	ERROR_DS_UNAVAILABLE                                                      syscall.Errno = 8207
+	ERROR_DS_NO_RIDS_ALLOCATED                                                syscall.Errno = 8208
+	ERROR_DS_NO_MORE_RIDS                                                     syscall.Errno = 8209
+	ERROR_DS_INCORRECT_ROLE_OWNER                                             syscall.Errno = 8210
+	ERROR_DS_RIDMGR_INIT_ERROR                                                syscall.Errno = 8211
+	ERROR_DS_OBJ_CLASS_VIOLATION                                              syscall.Errno = 8212
+	ERROR_DS_CANT_ON_NON_LEAF                                                 syscall.Errno = 8213
+	ERROR_DS_CANT_ON_RDN                                                      syscall.Errno = 8214
+	ERROR_DS_CANT_MOD_OBJ_CLASS                                               syscall.Errno = 8215
+	ERROR_DS_CROSS_DOM_MOVE_ERROR                                             syscall.Errno = 8216
+	ERROR_DS_GC_NOT_AVAILABLE                                                 syscall.Errno = 8217
+	ERROR_SHARED_POLICY                                                       syscall.Errno = 8218
+	ERROR_POLICY_OBJECT_NOT_FOUND                                             syscall.Errno = 8219
+	ERROR_POLICY_ONLY_IN_DS                                                   syscall.Errno = 8220
+	ERROR_PROMOTION_ACTIVE                                                    syscall.Errno = 8221
+	ERROR_NO_PROMOTION_ACTIVE                                                 syscall.Errno = 8222
+	ERROR_DS_OPERATIONS_ERROR                                                 syscall.Errno = 8224
+	ERROR_DS_PROTOCOL_ERROR                                                   syscall.Errno = 8225
+	ERROR_DS_TIMELIMIT_EXCEEDED                                               syscall.Errno = 8226
+	ERROR_DS_SIZELIMIT_EXCEEDED                                               syscall.Errno = 8227
+	ERROR_DS_ADMIN_LIMIT_EXCEEDED                                             syscall.Errno = 8228
+	ERROR_DS_COMPARE_FALSE                                                    syscall.Errno = 8229
+	ERROR_DS_COMPARE_TRUE                                                     syscall.Errno = 8230
+	ERROR_DS_AUTH_METHOD_NOT_SUPPORTED                                        syscall.Errno = 8231
+	ERROR_DS_STRONG_AUTH_REQUIRED                                             syscall.Errno = 8232
+	ERROR_DS_INAPPROPRIATE_AUTH                                               syscall.Errno = 8233
+	ERROR_DS_AUTH_UNKNOWN                                                     syscall.Errno = 8234
+	ERROR_DS_REFERRAL                                                         syscall.Errno = 8235
+	ERROR_DS_UNAVAILABLE_CRIT_EXTENSION                                       syscall.Errno = 8236
+	ERROR_DS_CONFIDENTIALITY_REQUIRED                                         syscall.Errno = 8237
+	ERROR_DS_INAPPROPRIATE_MATCHING                                           syscall.Errno = 8238
+	ERROR_DS_CONSTRAINT_VIOLATION                                             syscall.Errno = 8239
+	ERROR_DS_NO_SUCH_OBJECT                                                   syscall.Errno = 8240
+	ERROR_DS_ALIAS_PROBLEM                                                    syscall.Errno = 8241
+	ERROR_DS_INVALID_DN_SYNTAX                                                syscall.Errno = 8242
+	ERROR_DS_IS_LEAF                                                          syscall.Errno = 8243
+	ERROR_DS_ALIAS_DEREF_PROBLEM                                              syscall.Errno = 8244
+	ERROR_DS_UNWILLING_TO_PERFORM                                             syscall.Errno = 8245
+	ERROR_DS_LOOP_DETECT                                                      syscall.Errno = 8246
+	ERROR_DS_NAMING_VIOLATION                                                 syscall.Errno = 8247
+	ERROR_DS_OBJECT_RESULTS_TOO_LARGE                                         syscall.Errno = 8248
+	ERROR_DS_AFFECTS_MULTIPLE_DSAS                                            syscall.Errno = 8249
+	ERROR_DS_SERVER_DOWN                                                      syscall.Errno = 8250
+	ERROR_DS_LOCAL_ERROR                                                      syscall.Errno = 8251
+	ERROR_DS_ENCODING_ERROR                                                   syscall.Errno = 8252
+	ERROR_DS_DECODING_ERROR                                                   syscall.Errno = 8253
+	ERROR_DS_FILTER_UNKNOWN                                                   syscall.Errno = 8254
+	ERROR_DS_PARAM_ERROR                                                      syscall.Errno = 8255
+	ERROR_DS_NOT_SUPPORTED                                                    syscall.Errno = 8256
+	ERROR_DS_NO_RESULTS_RETURNED                                              syscall.Errno = 8257
+	ERROR_DS_CONTROL_NOT_FOUND                                                syscall.Errno = 8258
+	ERROR_DS_CLIENT_LOOP                                                      syscall.Errno = 8259
+	ERROR_DS_REFERRAL_LIMIT_EXCEEDED                                          syscall.Errno = 8260
+	ERROR_DS_SORT_CONTROL_MISSING                                             syscall.Errno = 8261
+	ERROR_DS_OFFSET_RANGE_ERROR                                               syscall.Errno = 8262
+	ERROR_DS_RIDMGR_DISABLED                                                  syscall.Errno = 8263
+	ERROR_DS_ROOT_MUST_BE_NC                                                  syscall.Errno = 8301
+	ERROR_DS_ADD_REPLICA_INHIBITED                                            syscall.Errno = 8302
+	ERROR_DS_ATT_NOT_DEF_IN_SCHEMA                                            syscall.Errno = 8303
+	ERROR_DS_MAX_OBJ_SIZE_EXCEEDED                                            syscall.Errno = 8304
+	ERROR_DS_OBJ_STRING_NAME_EXISTS                                           syscall.Errno = 8305
+	ERROR_DS_NO_RDN_DEFINED_IN_SCHEMA                                         syscall.Errno = 8306
+	ERROR_DS_RDN_DOESNT_MATCH_SCHEMA                                          syscall.Errno = 8307
+	ERROR_DS_NO_REQUESTED_ATTS_FOUND                                          syscall.Errno = 8308
+	ERROR_DS_USER_BUFFER_TO_SMALL                                             syscall.Errno = 8309
+	ERROR_DS_ATT_IS_NOT_ON_OBJ                                                syscall.Errno = 8310
+	ERROR_DS_ILLEGAL_MOD_OPERATION                                            syscall.Errno = 8311
+	ERROR_DS_OBJ_TOO_LARGE                                                    syscall.Errno = 8312
+	ERROR_DS_BAD_INSTANCE_TYPE                                                syscall.Errno = 8313
+	ERROR_DS_MASTERDSA_REQUIRED                                               syscall.Errno = 8314
+	ERROR_DS_OBJECT_CLASS_REQUIRED                                            syscall.Errno = 8315
+	ERROR_DS_MISSING_REQUIRED_ATT                                             syscall.Errno = 8316
+	ERROR_DS_ATT_NOT_DEF_FOR_CLASS                                            syscall.Errno = 8317
+	ERROR_DS_ATT_ALREADY_EXISTS                                               syscall.Errno = 8318
+	ERROR_DS_CANT_ADD_ATT_VALUES                                              syscall.Errno = 8320
+	ERROR_DS_SINGLE_VALUE_CONSTRAINT                                          syscall.Errno = 8321
+	ERROR_DS_RANGE_CONSTRAINT                                                 syscall.Errno = 8322
+	ERROR_DS_ATT_VAL_ALREADY_EXISTS                                           syscall.Errno = 8323
+	ERROR_DS_CANT_REM_MISSING_ATT                                             syscall.Errno = 8324
+	ERROR_DS_CANT_REM_MISSING_ATT_VAL                                         syscall.Errno = 8325
+	ERROR_DS_ROOT_CANT_BE_SUBREF                                              syscall.Errno = 8326
+	ERROR_DS_NO_CHAINING                                                      syscall.Errno = 8327
+	ERROR_DS_NO_CHAINED_EVAL                                                  syscall.Errno = 8328
+	ERROR_DS_NO_PARENT_OBJECT                                                 syscall.Errno = 8329
+	ERROR_DS_PARENT_IS_AN_ALIAS                                               syscall.Errno = 8330
+	ERROR_DS_CANT_MIX_MASTER_AND_REPS                                         syscall.Errno = 8331
+	ERROR_DS_CHILDREN_EXIST                                                   syscall.Errno = 8332
+	ERROR_DS_OBJ_NOT_FOUND                                                    syscall.Errno = 8333
+	ERROR_DS_ALIASED_OBJ_MISSING                                              syscall.Errno = 8334
+	ERROR_DS_BAD_NAME_SYNTAX                                                  syscall.Errno = 8335
+	ERROR_DS_ALIAS_POINTS_TO_ALIAS                                            syscall.Errno = 8336
+	ERROR_DS_CANT_DEREF_ALIAS                                                 syscall.Errno = 8337
+	ERROR_DS_OUT_OF_SCOPE                                                     syscall.Errno = 8338
+	ERROR_DS_OBJECT_BEING_REMOVED                                             syscall.Errno = 8339
+	ERROR_DS_CANT_DELETE_DSA_OBJ                                              syscall.Errno = 8340
+	ERROR_DS_GENERIC_ERROR                                                    syscall.Errno = 8341
+	ERROR_DS_DSA_MUST_BE_INT_MASTER                                           syscall.Errno = 8342
+	ERROR_DS_CLASS_NOT_DSA                                                    syscall.Errno = 8343
+	ERROR_DS_INSUFF_ACCESS_RIGHTS                                             syscall.Errno = 8344
+	ERROR_DS_ILLEGAL_SUPERIOR                                                 syscall.Errno = 8345
+	ERROR_DS_ATTRIBUTE_OWNED_BY_SAM                                           syscall.Errno = 8346
+	ERROR_DS_NAME_TOO_MANY_PARTS                                              syscall.Errno = 8347
+	ERROR_DS_NAME_TOO_LONG                                                    syscall.Errno = 8348
+	ERROR_DS_NAME_VALUE_TOO_LONG                                              syscall.Errno = 8349
+	ERROR_DS_NAME_UNPARSEABLE                                                 syscall.Errno = 8350
+	ERROR_DS_NAME_TYPE_UNKNOWN                                                syscall.Errno = 8351
+	ERROR_DS_NOT_AN_OBJECT                                                    syscall.Errno = 8352
+	ERROR_DS_SEC_DESC_TOO_SHORT                                               syscall.Errno = 8353
+	ERROR_DS_SEC_DESC_INVALID                                                 syscall.Errno = 8354
+	ERROR_DS_NO_DELETED_NAME                                                  syscall.Errno = 8355
+	ERROR_DS_SUBREF_MUST_HAVE_PARENT                                          syscall.Errno = 8356
+	ERROR_DS_NCNAME_MUST_BE_NC                                                syscall.Errno = 8357
+	ERROR_DS_CANT_ADD_SYSTEM_ONLY                                             syscall.Errno = 8358
+	ERROR_DS_CLASS_MUST_BE_CONCRETE                                           syscall.Errno = 8359
+	ERROR_DS_INVALID_DMD                                                      syscall.Errno = 8360
+	ERROR_DS_OBJ_GUID_EXISTS                                                  syscall.Errno = 8361
+	ERROR_DS_NOT_ON_BACKLINK                                                  syscall.Errno = 8362
+	ERROR_DS_NO_CROSSREF_FOR_NC                                               syscall.Errno = 8363
+	ERROR_DS_SHUTTING_DOWN                                                    syscall.Errno = 8364
+	ERROR_DS_UNKNOWN_OPERATION                                                syscall.Errno = 8365
+	ERROR_DS_INVALID_ROLE_OWNER                                               syscall.Errno = 8366
+	ERROR_DS_COULDNT_CONTACT_FSMO                                             syscall.Errno = 8367
+	ERROR_DS_CROSS_NC_DN_RENAME                                               syscall.Errno = 8368
+	ERROR_DS_CANT_MOD_SYSTEM_ONLY                                             syscall.Errno = 8369
+	ERROR_DS_REPLICATOR_ONLY                                                  syscall.Errno = 8370
+	ERROR_DS_OBJ_CLASS_NOT_DEFINED                                            syscall.Errno = 8371
+	ERROR_DS_OBJ_CLASS_NOT_SUBCLASS                                           syscall.Errno = 8372
+	ERROR_DS_NAME_REFERENCE_INVALID                                           syscall.Errno = 8373
+	ERROR_DS_CROSS_REF_EXISTS                                                 syscall.Errno = 8374
+	ERROR_DS_CANT_DEL_MASTER_CROSSREF                                         syscall.Errno = 8375
+	ERROR_DS_SUBTREE_NOTIFY_NOT_NC_HEAD                                       syscall.Errno = 8376
+	ERROR_DS_NOTIFY_FILTER_TOO_COMPLEX                                        syscall.Errno = 8377
+	ERROR_DS_DUP_RDN                                                          syscall.Errno = 8378
+	ERROR_DS_DUP_OID                                                          syscall.Errno = 8379
+	ERROR_DS_DUP_MAPI_ID                                                      syscall.Errno = 8380
+	ERROR_DS_DUP_SCHEMA_ID_GUID                                               syscall.Errno = 8381
+	ERROR_DS_DUP_LDAP_DISPLAY_NAME                                            syscall.Errno = 8382
+	ERROR_DS_SEMANTIC_ATT_TEST                                                syscall.Errno = 8383
+	ERROR_DS_SYNTAX_MISMATCH                                                  syscall.Errno = 8384
+	ERROR_DS_EXISTS_IN_MUST_HAVE                                              syscall.Errno = 8385
+	ERROR_DS_EXISTS_IN_MAY_HAVE                                               syscall.Errno = 8386
+	ERROR_DS_NONEXISTENT_MAY_HAVE                                             syscall.Errno = 8387
+	ERROR_DS_NONEXISTENT_MUST_HAVE                                            syscall.Errno = 8388
+	ERROR_DS_AUX_CLS_TEST_FAIL                                                syscall.Errno = 8389
+	ERROR_DS_NONEXISTENT_POSS_SUP                                             syscall.Errno = 8390
+	ERROR_DS_SUB_CLS_TEST_FAIL                                                syscall.Errno = 8391
+	ERROR_DS_BAD_RDN_ATT_ID_SYNTAX                                            syscall.Errno = 8392
+	ERROR_DS_EXISTS_IN_AUX_CLS                                                syscall.Errno = 8393
+	ERROR_DS_EXISTS_IN_SUB_CLS                                                syscall.Errno = 8394
+	ERROR_DS_EXISTS_IN_POSS_SUP                                               syscall.Errno = 8395
+	ERROR_DS_RECALCSCHEMA_FAILED                                              syscall.Errno = 8396
+	ERROR_DS_TREE_DELETE_NOT_FINISHED                                         syscall.Errno = 8397
+	ERROR_DS_CANT_DELETE                                                      syscall.Errno = 8398
+	ERROR_DS_ATT_SCHEMA_REQ_ID                                                syscall.Errno = 8399
+	ERROR_DS_BAD_ATT_SCHEMA_SYNTAX                                            syscall.Errno = 8400
+	ERROR_DS_CANT_CACHE_ATT                                                   syscall.Errno = 8401
+	ERROR_DS_CANT_CACHE_CLASS                                                 syscall.Errno = 8402
+	ERROR_DS_CANT_REMOVE_ATT_CACHE                                            syscall.Errno = 8403
+	ERROR_DS_CANT_REMOVE_CLASS_CACHE                                          syscall.Errno = 8404
+	ERROR_DS_CANT_RETRIEVE_DN                                                 syscall.Errno = 8405
+	ERROR_DS_MISSING_SUPREF                                                   syscall.Errno = 8406
+	ERROR_DS_CANT_RETRIEVE_INSTANCE                                           syscall.Errno = 8407
+	ERROR_DS_CODE_INCONSISTENCY                                               syscall.Errno = 8408
+	ERROR_DS_DATABASE_ERROR                                                   syscall.Errno = 8409
+	ERROR_DS_GOVERNSID_MISSING                                                syscall.Errno = 8410
+	ERROR_DS_MISSING_EXPECTED_ATT                                             syscall.Errno = 8411
+	ERROR_DS_NCNAME_MISSING_CR_REF                                            syscall.Errno = 8412
+	ERROR_DS_SECURITY_CHECKING_ERROR                                          syscall.Errno = 8413
+	ERROR_DS_SCHEMA_NOT_LOADED                                                syscall.Errno = 8414
+	ERROR_DS_SCHEMA_ALLOC_FAILED                                              syscall.Errno = 8415
+	ERROR_DS_ATT_SCHEMA_REQ_SYNTAX                                            syscall.Errno = 8416
+	ERROR_DS_GCVERIFY_ERROR                                                   syscall.Errno = 8417
+	ERROR_DS_DRA_SCHEMA_MISMATCH                                              syscall.Errno = 8418
+	ERROR_DS_CANT_FIND_DSA_OBJ                                                syscall.Errno = 8419
+	ERROR_DS_CANT_FIND_EXPECTED_NC                                            syscall.Errno = 8420
+	ERROR_DS_CANT_FIND_NC_IN_CACHE                                            syscall.Errno = 8421
+	ERROR_DS_CANT_RETRIEVE_CHILD                                              syscall.Errno = 8422
+	ERROR_DS_SECURITY_ILLEGAL_MODIFY                                          syscall.Errno = 8423
+	ERROR_DS_CANT_REPLACE_HIDDEN_REC                                          syscall.Errno = 8424
+	ERROR_DS_BAD_HIERARCHY_FILE                                               syscall.Errno = 8425
+	ERROR_DS_BUILD_HIERARCHY_TABLE_FAILED                                     syscall.Errno = 8426
+	ERROR_DS_CONFIG_PARAM_MISSING                                             syscall.Errno = 8427
+	ERROR_DS_COUNTING_AB_INDICES_FAILED                                       syscall.Errno = 8428
+	ERROR_DS_HIERARCHY_TABLE_MALLOC_FAILED                                    syscall.Errno = 8429
+	ERROR_DS_INTERNAL_FAILURE                                                 syscall.Errno = 8430
+	ERROR_DS_UNKNOWN_ERROR                                                    syscall.Errno = 8431
+	ERROR_DS_ROOT_REQUIRES_CLASS_TOP                                          syscall.Errno = 8432
+	ERROR_DS_REFUSING_FSMO_ROLES                                              syscall.Errno = 8433
+	ERROR_DS_MISSING_FSMO_SETTINGS                                            syscall.Errno = 8434
+	ERROR_DS_UNABLE_TO_SURRENDER_ROLES                                        syscall.Errno = 8435
+	ERROR_DS_DRA_GENERIC                                                      syscall.Errno = 8436
+	ERROR_DS_DRA_INVALID_PARAMETER                                            syscall.Errno = 8437
+	ERROR_DS_DRA_BUSY                                                         syscall.Errno = 8438
+	ERROR_DS_DRA_BAD_DN                                                       syscall.Errno = 8439
+	ERROR_DS_DRA_BAD_NC                                                       syscall.Errno = 8440
+	ERROR_DS_DRA_DN_EXISTS                                                    syscall.Errno = 8441
+	ERROR_DS_DRA_INTERNAL_ERROR                                               syscall.Errno = 8442
+	ERROR_DS_DRA_INCONSISTENT_DIT                                             syscall.Errno = 8443
+	ERROR_DS_DRA_CONNECTION_FAILED                                            syscall.Errno = 8444
+	ERROR_DS_DRA_BAD_INSTANCE_TYPE                                            syscall.Errno = 8445
+	ERROR_DS_DRA_OUT_OF_MEM                                                   syscall.Errno = 8446
+	ERROR_DS_DRA_MAIL_PROBLEM                                                 syscall.Errno = 8447
+	ERROR_DS_DRA_REF_ALREADY_EXISTS                                           syscall.Errno = 8448
+	ERROR_DS_DRA_REF_NOT_FOUND                                                syscall.Errno = 8449
+	ERROR_DS_DRA_OBJ_IS_REP_SOURCE                                            syscall.Errno = 8450
+	ERROR_DS_DRA_DB_ERROR                                                     syscall.Errno = 8451
+	ERROR_DS_DRA_NO_REPLICA                                                   syscall.Errno = 8452
+	ERROR_DS_DRA_ACCESS_DENIED                                                syscall.Errno = 8453
+	ERROR_DS_DRA_NOT_SUPPORTED                                                syscall.Errno = 8454
+	ERROR_DS_DRA_RPC_CANCELLED                                                syscall.Errno = 8455
+	ERROR_DS_DRA_SOURCE_DISABLED                                              syscall.Errno = 8456
+	ERROR_DS_DRA_SINK_DISABLED                                                syscall.Errno = 8457
+	ERROR_DS_DRA_NAME_COLLISION                                               syscall.Errno = 8458
+	ERROR_DS_DRA_SOURCE_REINSTALLED                                           syscall.Errno = 8459
+	ERROR_DS_DRA_MISSING_PARENT                                               syscall.Errno = 8460
+	ERROR_DS_DRA_PREEMPTED                                                    syscall.Errno = 8461
+	ERROR_DS_DRA_ABANDON_SYNC                                                 syscall.Errno = 8462
+	ERROR_DS_DRA_SHUTDOWN                                                     syscall.Errno = 8463
+	ERROR_DS_DRA_INCOMPATIBLE_PARTIAL_SET                                     syscall.Errno = 8464
+	ERROR_DS_DRA_SOURCE_IS_PARTIAL_REPLICA                                    syscall.Errno = 8465
+	ERROR_DS_DRA_EXTN_CONNECTION_FAILED                                       syscall.Errno = 8466
+	ERROR_DS_INSTALL_SCHEMA_MISMATCH                                          syscall.Errno = 8467
+	ERROR_DS_DUP_LINK_ID                                                      syscall.Errno = 8468
+	ERROR_DS_NAME_ERROR_RESOLVING                                             syscall.Errno = 8469
+	ERROR_DS_NAME_ERROR_NOT_FOUND                                             syscall.Errno = 8470
+	ERROR_DS_NAME_ERROR_NOT_UNIQUE                                            syscall.Errno = 8471
+	ERROR_DS_NAME_ERROR_NO_MAPPING                                            syscall.Errno = 8472
+	ERROR_DS_NAME_ERROR_DOMAIN_ONLY                                           syscall.Errno = 8473
+	ERROR_DS_NAME_ERROR_NO_SYNTACTICAL_MAPPING                                syscall.Errno = 8474
+	ERROR_DS_CONSTRUCTED_ATT_MOD                                              syscall.Errno = 8475
+	ERROR_DS_WRONG_OM_OBJ_CLASS                                               syscall.Errno = 8476
+	ERROR_DS_DRA_REPL_PENDING                                                 syscall.Errno = 8477
+	ERROR_DS_DS_REQUIRED                                                      syscall.Errno = 8478
+	ERROR_DS_INVALID_LDAP_DISPLAY_NAME                                        syscall.Errno = 8479
+	ERROR_DS_NON_BASE_SEARCH                                                  syscall.Errno = 8480
+	ERROR_DS_CANT_RETRIEVE_ATTS                                               syscall.Errno = 8481
+	ERROR_DS_BACKLINK_WITHOUT_LINK                                            syscall.Errno = 8482
+	ERROR_DS_EPOCH_MISMATCH                                                   syscall.Errno = 8483
+	ERROR_DS_SRC_NAME_MISMATCH                                                syscall.Errno = 8484
+	ERROR_DS_SRC_AND_DST_NC_IDENTICAL                                         syscall.Errno = 8485
+	ERROR_DS_DST_NC_MISMATCH                                                  syscall.Errno = 8486
+	ERROR_DS_NOT_AUTHORITIVE_FOR_DST_NC                                       syscall.Errno = 8487
+	ERROR_DS_SRC_GUID_MISMATCH                                                syscall.Errno = 8488
+	ERROR_DS_CANT_MOVE_DELETED_OBJECT                                         syscall.Errno = 8489
+	ERROR_DS_PDC_OPERATION_IN_PROGRESS                                        syscall.Errno = 8490
+	ERROR_DS_CROSS_DOMAIN_CLEANUP_REQD                                        syscall.Errno = 8491
+	ERROR_DS_ILLEGAL_XDOM_MOVE_OPERATION                                      syscall.Errno = 8492
+	ERROR_DS_CANT_WITH_ACCT_GROUP_MEMBERSHPS                                  syscall.Errno = 8493
+	ERROR_DS_NC_MUST_HAVE_NC_PARENT                                           syscall.Errno = 8494
+	ERROR_DS_CR_IMPOSSIBLE_TO_VALIDATE                                        syscall.Errno = 8495
+	ERROR_DS_DST_DOMAIN_NOT_NATIVE                                            syscall.Errno = 8496
+	ERROR_DS_MISSING_INFRASTRUCTURE_CONTAINER                                 syscall.Errno = 8497
+	ERROR_DS_CANT_MOVE_ACCOUNT_GROUP                                          syscall.Errno = 8498
+	ERROR_DS_CANT_MOVE_RESOURCE_GROUP                                         syscall.Errno = 8499
+	ERROR_DS_INVALID_SEARCH_FLAG                                              syscall.Errno = 8500
+	ERROR_DS_NO_TREE_DELETE_ABOVE_NC                                          syscall.Errno = 8501
+	ERROR_DS_COULDNT_LOCK_TREE_FOR_DELETE                                     syscall.Errno = 8502
+	ERROR_DS_COULDNT_IDENTIFY_OBJECTS_FOR_TREE_DELETE                         syscall.Errno = 8503
+	ERROR_DS_SAM_INIT_FAILURE                                                 syscall.Errno = 8504
+	ERROR_DS_SENSITIVE_GROUP_VIOLATION                                        syscall.Errno = 8505
+	ERROR_DS_CANT_MOD_PRIMARYGROUPID                                          syscall.Errno = 8506
+	ERROR_DS_ILLEGAL_BASE_SCHEMA_MOD                                          syscall.Errno = 8507
+	ERROR_DS_NONSAFE_SCHEMA_CHANGE                                            syscall.Errno = 8508
+	ERROR_DS_SCHEMA_UPDATE_DISALLOWED                                         syscall.Errno = 8509
+	ERROR_DS_CANT_CREATE_UNDER_SCHEMA                                         syscall.Errno = 8510
+	ERROR_DS_INSTALL_NO_SRC_SCH_VERSION                                       syscall.Errno = 8511
+	ERROR_DS_INSTALL_NO_SCH_VERSION_IN_INIFILE                                syscall.Errno = 8512
+	ERROR_DS_INVALID_GROUP_TYPE                                               syscall.Errno = 8513
+	ERROR_DS_NO_NEST_GLOBALGROUP_IN_MIXEDDOMAIN                               syscall.Errno = 8514
+	ERROR_DS_NO_NEST_LOCALGROUP_IN_MIXEDDOMAIN                                syscall.Errno = 8515
+	ERROR_DS_GLOBAL_CANT_HAVE_LOCAL_MEMBER                                    syscall.Errno = 8516
+	ERROR_DS_GLOBAL_CANT_HAVE_UNIVERSAL_MEMBER                                syscall.Errno = 8517
+	ERROR_DS_UNIVERSAL_CANT_HAVE_LOCAL_MEMBER                                 syscall.Errno = 8518
+	ERROR_DS_GLOBAL_CANT_HAVE_CROSSDOMAIN_MEMBER                              syscall.Errno = 8519
+	ERROR_DS_LOCAL_CANT_HAVE_CROSSDOMAIN_LOCAL_MEMBER                         syscall.Errno = 8520
+	ERROR_DS_HAVE_PRIMARY_MEMBERS                                             syscall.Errno = 8521
+	ERROR_DS_STRING_SD_CONVERSION_FAILED                                      syscall.Errno = 8522
+	ERROR_DS_NAMING_MASTER_GC                                                 syscall.Errno = 8523
+	ERROR_DS_DNS_LOOKUP_FAILURE                                               syscall.Errno = 8524
+	ERROR_DS_COULDNT_UPDATE_SPNS                                              syscall.Errno = 8525
+	ERROR_DS_CANT_RETRIEVE_SD                                                 syscall.Errno = 8526
+	ERROR_DS_KEY_NOT_UNIQUE                                                   syscall.Errno = 8527
+	ERROR_DS_WRONG_LINKED_ATT_SYNTAX                                          syscall.Errno = 8528
+	ERROR_DS_SAM_NEED_BOOTKEY_PASSWORD                                        syscall.Errno = 8529
+	ERROR_DS_SAM_NEED_BOOTKEY_FLOPPY                                          syscall.Errno = 8530
+	ERROR_DS_CANT_START                                                       syscall.Errno = 8531
+	ERROR_DS_INIT_FAILURE                                                     syscall.Errno = 8532
+	ERROR_DS_NO_PKT_PRIVACY_ON_CONNECTION                                     syscall.Errno = 8533
+	ERROR_DS_SOURCE_DOMAIN_IN_FOREST                                          syscall.Errno = 8534
+	ERROR_DS_DESTINATION_DOMAIN_NOT_IN_FOREST                                 syscall.Errno = 8535
+	ERROR_DS_DESTINATION_AUDITING_NOT_ENABLED                                 syscall.Errno = 8536
+	ERROR_DS_CANT_FIND_DC_FOR_SRC_DOMAIN                                      syscall.Errno = 8537
+	ERROR_DS_SRC_OBJ_NOT_GROUP_OR_USER                                        syscall.Errno = 8538
+	ERROR_DS_SRC_SID_EXISTS_IN_FOREST                                         syscall.Errno = 8539
+	ERROR_DS_SRC_AND_DST_OBJECT_CLASS_MISMATCH                                syscall.Errno = 8540
+	ERROR_SAM_INIT_FAILURE                                                    syscall.Errno = 8541
+	ERROR_DS_DRA_SCHEMA_INFO_SHIP                                             syscall.Errno = 8542
+	ERROR_DS_DRA_SCHEMA_CONFLICT                                              syscall.Errno = 8543
+	ERROR_DS_DRA_EARLIER_SCHEMA_CONFLICT                                      syscall.Errno = 8544
+	ERROR_DS_DRA_OBJ_NC_MISMATCH                                              syscall.Errno = 8545
+	ERROR_DS_NC_STILL_HAS_DSAS                                                syscall.Errno = 8546
+	ERROR_DS_GC_REQUIRED                                                      syscall.Errno = 8547
+	ERROR_DS_LOCAL_MEMBER_OF_LOCAL_ONLY                                       syscall.Errno = 8548
+	ERROR_DS_NO_FPO_IN_UNIVERSAL_GROUPS                                       syscall.Errno = 8549
+	ERROR_DS_CANT_ADD_TO_GC                                                   syscall.Errno = 8550
+	ERROR_DS_NO_CHECKPOINT_WITH_PDC                                           syscall.Errno = 8551
+	ERROR_DS_SOURCE_AUDITING_NOT_ENABLED                                      syscall.Errno = 8552
+	ERROR_DS_CANT_CREATE_IN_NONDOMAIN_NC                                      syscall.Errno = 8553
+	ERROR_DS_INVALID_NAME_FOR_SPN                                             syscall.Errno = 8554
+	ERROR_DS_FILTER_USES_CONTRUCTED_ATTRS                                     syscall.Errno = 8555
+	ERROR_DS_UNICODEPWD_NOT_IN_QUOTES                                         syscall.Errno = 8556
+	ERROR_DS_MACHINE_ACCOUNT_QUOTA_EXCEEDED                                   syscall.Errno = 8557
+	ERROR_DS_MUST_BE_RUN_ON_DST_DC                                            syscall.Errno = 8558
+	ERROR_DS_SRC_DC_MUST_BE_SP4_OR_GREATER                                    syscall.Errno = 8559
+	ERROR_DS_CANT_TREE_DELETE_CRITICAL_OBJ                                    syscall.Errno = 8560
+	ERROR_DS_INIT_FAILURE_CONSOLE                                             syscall.Errno = 8561
+	ERROR_DS_SAM_INIT_FAILURE_CONSOLE                                         syscall.Errno = 8562
+	ERROR_DS_FOREST_VERSION_TOO_HIGH                                          syscall.Errno = 8563
+	ERROR_DS_DOMAIN_VERSION_TOO_HIGH                                          syscall.Errno = 8564
+	ERROR_DS_FOREST_VERSION_TOO_LOW                                           syscall.Errno = 8565
+	ERROR_DS_DOMAIN_VERSION_TOO_LOW                                           syscall.Errno = 8566
+	ERROR_DS_INCOMPATIBLE_VERSION                                             syscall.Errno = 8567
+	ERROR_DS_LOW_DSA_VERSION                                                  syscall.Errno = 8568
+	ERROR_DS_NO_BEHAVIOR_VERSION_IN_MIXEDDOMAIN                               syscall.Errno = 8569
+	ERROR_DS_NOT_SUPPORTED_SORT_ORDER                                         syscall.Errno = 8570
+	ERROR_DS_NAME_NOT_UNIQUE                                                  syscall.Errno = 8571
+	ERROR_DS_MACHINE_ACCOUNT_CREATED_PRENT4                                   syscall.Errno = 8572
+	ERROR_DS_OUT_OF_VERSION_STORE                                             syscall.Errno = 8573
+	ERROR_DS_INCOMPATIBLE_CONTROLS_USED                                       syscall.Errno = 8574
+	ERROR_DS_NO_REF_DOMAIN                                                    syscall.Errno = 8575
+	ERROR_DS_RESERVED_LINK_ID                                                 syscall.Errno = 8576
+	ERROR_DS_LINK_ID_NOT_AVAILABLE                                            syscall.Errno = 8577
+	ERROR_DS_AG_CANT_HAVE_UNIVERSAL_MEMBER                                    syscall.Errno = 8578
+	ERROR_DS_MODIFYDN_DISALLOWED_BY_INSTANCE_TYPE                             syscall.Errno = 8579
+	ERROR_DS_NO_OBJECT_MOVE_IN_SCHEMA_NC                                      syscall.Errno = 8580
+	ERROR_DS_MODIFYDN_DISALLOWED_BY_FLAG                                      syscall.Errno = 8581
+	ERROR_DS_MODIFYDN_WRONG_GRANDPARENT                                       syscall.Errno = 8582
+	ERROR_DS_NAME_ERROR_TRUST_REFERRAL                                        syscall.Errno = 8583
+	ERROR_NOT_SUPPORTED_ON_STANDARD_SERVER                                    syscall.Errno = 8584
+	ERROR_DS_CANT_ACCESS_REMOTE_PART_OF_AD                                    syscall.Errno = 8585
+	ERROR_DS_CR_IMPOSSIBLE_TO_VALIDATE_V2                                     syscall.Errno = 8586
+	ERROR_DS_THREAD_LIMIT_EXCEEDED                                            syscall.Errno = 8587
+	ERROR_DS_NOT_CLOSEST                                                      syscall.Errno = 8588
+	ERROR_DS_CANT_DERIVE_SPN_WITHOUT_SERVER_REF                               syscall.Errno = 8589
+	ERROR_DS_SINGLE_USER_MODE_FAILED                                          syscall.Errno = 8590
+	ERROR_DS_NTDSCRIPT_SYNTAX_ERROR                                           syscall.Errno = 8591
+	ERROR_DS_NTDSCRIPT_PROCESS_ERROR                                          syscall.Errno = 8592
+	ERROR_DS_DIFFERENT_REPL_EPOCHS                                            syscall.Errno = 8593
+	ERROR_DS_DRS_EXTENSIONS_CHANGED                                           syscall.Errno = 8594
+	ERROR_DS_REPLICA_SET_CHANGE_NOT_ALLOWED_ON_DISABLED_CR                    syscall.Errno = 8595
+	ERROR_DS_NO_MSDS_INTID                                                    syscall.Errno = 8596
+	ERROR_DS_DUP_MSDS_INTID                                                   syscall.Errno = 8597
+	ERROR_DS_EXISTS_IN_RDNATTID                                               syscall.Errno = 8598
+	ERROR_DS_AUTHORIZATION_FAILED                                             syscall.Errno = 8599
+	ERROR_DS_INVALID_SCRIPT                                                   syscall.Errno = 8600
+	ERROR_DS_REMOTE_CROSSREF_OP_FAILED                                        syscall.Errno = 8601
+	ERROR_DS_CROSS_REF_BUSY                                                   syscall.Errno = 8602
+	ERROR_DS_CANT_DERIVE_SPN_FOR_DELETED_DOMAIN                               syscall.Errno = 8603
+	ERROR_DS_CANT_DEMOTE_WITH_WRITEABLE_NC                                    syscall.Errno = 8604
+	ERROR_DS_DUPLICATE_ID_FOUND                                               syscall.Errno = 8605
+	ERROR_DS_INSUFFICIENT_ATTR_TO_CREATE_OBJECT                               syscall.Errno = 8606
+	ERROR_DS_GROUP_CONVERSION_ERROR                                           syscall.Errno = 8607
+	ERROR_DS_CANT_MOVE_APP_BASIC_GROUP                                        syscall.Errno = 8608
+	ERROR_DS_CANT_MOVE_APP_QUERY_GROUP                                        syscall.Errno = 8609
+	ERROR_DS_ROLE_NOT_VERIFIED                                                syscall.Errno = 8610
+	ERROR_DS_WKO_CONTAINER_CANNOT_BE_SPECIAL                                  syscall.Errno = 8611
+	ERROR_DS_DOMAIN_RENAME_IN_PROGRESS                                        syscall.Errno = 8612
+	ERROR_DS_EXISTING_AD_CHILD_NC                                             syscall.Errno = 8613
+	ERROR_DS_REPL_LIFETIME_EXCEEDED                                           syscall.Errno = 8614
+	ERROR_DS_DISALLOWED_IN_SYSTEM_CONTAINER                                   syscall.Errno = 8615
+	ERROR_DS_LDAP_SEND_QUEUE_FULL                                             syscall.Errno = 8616
+	ERROR_DS_DRA_OUT_SCHEDULE_WINDOW                                          syscall.Errno = 8617
+	ERROR_DS_POLICY_NOT_KNOWN                                                 syscall.Errno = 8618
+	ERROR_NO_SITE_SETTINGS_OBJECT                                             syscall.Errno = 8619
+	ERROR_NO_SECRETS                                                          syscall.Errno = 8620
+	ERROR_NO_WRITABLE_DC_FOUND                                                syscall.Errno = 8621
+	ERROR_DS_NO_SERVER_OBJECT                                                 syscall.Errno = 8622
+	ERROR_DS_NO_NTDSA_OBJECT                                                  syscall.Errno = 8623
+	ERROR_DS_NON_ASQ_SEARCH                                                   syscall.Errno = 8624
+	ERROR_DS_AUDIT_FAILURE                                                    syscall.Errno = 8625
+	ERROR_DS_INVALID_SEARCH_FLAG_SUBTREE                                      syscall.Errno = 8626
+	ERROR_DS_INVALID_SEARCH_FLAG_TUPLE                                        syscall.Errno = 8627
+	ERROR_DS_HIERARCHY_TABLE_TOO_DEEP                                         syscall.Errno = 8628
+	ERROR_DS_DRA_CORRUPT_UTD_VECTOR                                           syscall.Errno = 8629
+	ERROR_DS_DRA_SECRETS_DENIED                                               syscall.Errno = 8630
+	ERROR_DS_RESERVED_MAPI_ID                                                 syscall.Errno = 8631
+	ERROR_DS_MAPI_ID_NOT_AVAILABLE                                            syscall.Errno = 8632
+	ERROR_DS_DRA_MISSING_KRBTGT_SECRET                                        syscall.Errno = 8633
+	ERROR_DS_DOMAIN_NAME_EXISTS_IN_FOREST                                     syscall.Errno = 8634
+	ERROR_DS_FLAT_NAME_EXISTS_IN_FOREST                                       syscall.Errno = 8635
+	ERROR_INVALID_USER_PRINCIPAL_NAME                                         syscall.Errno = 8636
+	ERROR_DS_OID_MAPPED_GROUP_CANT_HAVE_MEMBERS                               syscall.Errno = 8637
+	ERROR_DS_OID_NOT_FOUND                                                    syscall.Errno = 8638
+	ERROR_DS_DRA_RECYCLED_TARGET                                              syscall.Errno = 8639
+	ERROR_DS_DISALLOWED_NC_REDIRECT                                           syscall.Errno = 8640
+	ERROR_DS_HIGH_ADLDS_FFL                                                   syscall.Errno = 8641
+	ERROR_DS_HIGH_DSA_VERSION                                                 syscall.Errno = 8642
+	ERROR_DS_LOW_ADLDS_FFL                                                    syscall.Errno = 8643
+	ERROR_DOMAIN_SID_SAME_AS_LOCAL_WORKSTATION                                syscall.Errno = 8644
+	ERROR_DS_UNDELETE_SAM_VALIDATION_FAILED                                   syscall.Errno = 8645
+	ERROR_INCORRECT_ACCOUNT_TYPE                                              syscall.Errno = 8646
+	ERROR_DS_SPN_VALUE_NOT_UNIQUE_IN_FOREST                                   syscall.Errno = 8647
+	ERROR_DS_UPN_VALUE_NOT_UNIQUE_IN_FOREST                                   syscall.Errno = 8648
+	ERROR_DS_MISSING_FOREST_TRUST                                             syscall.Errno = 8649
+	ERROR_DS_VALUE_KEY_NOT_UNIQUE                                             syscall.Errno = 8650
+	DNS_ERROR_RESPONSE_CODES_BASE                                             syscall.Errno = 9000
+	DNS_ERROR_RCODE_NO_ERROR                                                                = ERROR_SUCCESS
+	DNS_ERROR_MASK                                                            syscall.Errno = 0x00002328
+	DNS_ERROR_RCODE_FORMAT_ERROR                                              syscall.Errno = 9001
+	DNS_ERROR_RCODE_SERVER_FAILURE                                            syscall.Errno = 9002
+	DNS_ERROR_RCODE_NAME_ERROR                                                syscall.Errno = 9003
+	DNS_ERROR_RCODE_NOT_IMPLEMENTED                                           syscall.Errno = 9004
+	DNS_ERROR_RCODE_REFUSED                                                   syscall.Errno = 9005
+	DNS_ERROR_RCODE_YXDOMAIN                                                  syscall.Errno = 9006
+	DNS_ERROR_RCODE_YXRRSET                                                   syscall.Errno = 9007
+	DNS_ERROR_RCODE_NXRRSET                                                   syscall.Errno = 9008
+	DNS_ERROR_RCODE_NOTAUTH                                                   syscall.Errno = 9009
+	DNS_ERROR_RCODE_NOTZONE                                                   syscall.Errno = 9010
+	DNS_ERROR_RCODE_BADSIG                                                    syscall.Errno = 9016
+	DNS_ERROR_RCODE_BADKEY                                                    syscall.Errno = 9017
+	DNS_ERROR_RCODE_BADTIME                                                   syscall.Errno = 9018
+	DNS_ERROR_RCODE_LAST                                                                    = DNS_ERROR_RCODE_BADTIME
+	DNS_ERROR_DNSSEC_BASE                                                     syscall.Errno = 9100
+	DNS_ERROR_KEYMASTER_REQUIRED                                              syscall.Errno = 9101
+	DNS_ERROR_NOT_ALLOWED_ON_SIGNED_ZONE                                      syscall.Errno = 9102
+	DNS_ERROR_NSEC3_INCOMPATIBLE_WITH_RSA_SHA1                                syscall.Errno = 9103
+	DNS_ERROR_NOT_ENOUGH_SIGNING_KEY_DESCRIPTORS                              syscall.Errno = 9104
+	DNS_ERROR_UNSUPPORTED_ALGORITHM                                           syscall.Errno = 9105
+	DNS_ERROR_INVALID_KEY_SIZE                                                syscall.Errno = 9106
+	DNS_ERROR_SIGNING_KEY_NOT_ACCESSIBLE                                      syscall.Errno = 9107
+	DNS_ERROR_KSP_DOES_NOT_SUPPORT_PROTECTION                                 syscall.Errno = 9108
+	DNS_ERROR_UNEXPECTED_DATA_PROTECTION_ERROR                                syscall.Errno = 9109
+	DNS_ERROR_UNEXPECTED_CNG_ERROR                                            syscall.Errno = 9110
+	DNS_ERROR_UNKNOWN_SIGNING_PARAMETER_VERSION                               syscall.Errno = 9111
+	DNS_ERROR_KSP_NOT_ACCESSIBLE                                              syscall.Errno = 9112
+	DNS_ERROR_TOO_MANY_SKDS                                                   syscall.Errno = 9113
+	DNS_ERROR_INVALID_ROLLOVER_PERIOD                                         syscall.Errno = 9114
+	DNS_ERROR_INVALID_INITIAL_ROLLOVER_OFFSET                                 syscall.Errno = 9115
+	DNS_ERROR_ROLLOVER_IN_PROGRESS                                            syscall.Errno = 9116
+	DNS_ERROR_STANDBY_KEY_NOT_PRESENT                                         syscall.Errno = 9117
+	DNS_ERROR_NOT_ALLOWED_ON_ZSK                                              syscall.Errno = 9118
+	DNS_ERROR_NOT_ALLOWED_ON_ACTIVE_SKD                                       syscall.Errno = 9119
+	DNS_ERROR_ROLLOVER_ALREADY_QUEUED                                         syscall.Errno = 9120
+	DNS_ERROR_NOT_ALLOWED_ON_UNSIGNED_ZONE                                    syscall.Errno = 9121
+	DNS_ERROR_BAD_KEYMASTER                                                   syscall.Errno = 9122
+	DNS_ERROR_INVALID_SIGNATURE_VALIDITY_PERIOD                               syscall.Errno = 9123
+	DNS_ERROR_INVALID_NSEC3_ITERATION_COUNT                                   syscall.Errno = 9124
+	DNS_ERROR_DNSSEC_IS_DISABLED                                              syscall.Errno = 9125
+	DNS_ERROR_INVALID_XML                                                     syscall.Errno = 9126
+	DNS_ERROR_NO_VALID_TRUST_ANCHORS                                          syscall.Errno = 9127
+	DNS_ERROR_ROLLOVER_NOT_POKEABLE                                           syscall.Errno = 9128
+	DNS_ERROR_NSEC3_NAME_COLLISION                                            syscall.Errno = 9129
+	DNS_ERROR_NSEC_INCOMPATIBLE_WITH_NSEC3_RSA_SHA1                           syscall.Errno = 9130
+	DNS_ERROR_PACKET_FMT_BASE                                                 syscall.Errno = 9500
+	DNS_INFO_NO_RECORDS                                                       syscall.Errno = 9501
+	DNS_ERROR_BAD_PACKET                                                      syscall.Errno = 9502
+	DNS_ERROR_NO_PACKET                                                       syscall.Errno = 9503
+	DNS_ERROR_RCODE                                                           syscall.Errno = 9504
+	DNS_ERROR_UNSECURE_PACKET                                                 syscall.Errno = 9505
+	DNS_STATUS_PACKET_UNSECURE                                                              = DNS_ERROR_UNSECURE_PACKET
+	DNS_REQUEST_PENDING                                                       syscall.Errno = 9506
+	DNS_ERROR_NO_MEMORY                                                                     = ERROR_OUTOFMEMORY
+	DNS_ERROR_INVALID_NAME                                                                  = ERROR_INVALID_NAME
+	DNS_ERROR_INVALID_DATA                                                                  = ERROR_INVALID_DATA
+	DNS_ERROR_GENERAL_API_BASE                                                syscall.Errno = 9550
+	DNS_ERROR_INVALID_TYPE                                                    syscall.Errno = 9551
+	DNS_ERROR_INVALID_IP_ADDRESS                                              syscall.Errno = 9552
+	DNS_ERROR_INVALID_PROPERTY                                                syscall.Errno = 9553
+	DNS_ERROR_TRY_AGAIN_LATER                                                 syscall.Errno = 9554
+	DNS_ERROR_NOT_UNIQUE                                                      syscall.Errno = 9555
+	DNS_ERROR_NON_RFC_NAME                                                    syscall.Errno = 9556
+	DNS_STATUS_FQDN                                                           syscall.Errno = 9557
+	DNS_STATUS_DOTTED_NAME                                                    syscall.Errno = 9558
+	DNS_STATUS_SINGLE_PART_NAME                                               syscall.Errno = 9559
+	DNS_ERROR_INVALID_NAME_CHAR                                               syscall.Errno = 9560
+	DNS_ERROR_NUMERIC_NAME                                                    syscall.Errno = 9561
+	DNS_ERROR_NOT_ALLOWED_ON_ROOT_SERVER                                      syscall.Errno = 9562
+	DNS_ERROR_NOT_ALLOWED_UNDER_DELEGATION                                    syscall.Errno = 9563
+	DNS_ERROR_CANNOT_FIND_ROOT_HINTS                                          syscall.Errno = 9564
+	DNS_ERROR_INCONSISTENT_ROOT_HINTS                                         syscall.Errno = 9565
+	DNS_ERROR_DWORD_VALUE_TOO_SMALL                                           syscall.Errno = 9566
+	DNS_ERROR_DWORD_VALUE_TOO_LARGE                                           syscall.Errno = 9567
+	DNS_ERROR_BACKGROUND_LOADING                                              syscall.Errno = 9568
+	DNS_ERROR_NOT_ALLOWED_ON_RODC                                             syscall.Errno = 9569
+	DNS_ERROR_NOT_ALLOWED_UNDER_DNAME                                         syscall.Errno = 9570
+	DNS_ERROR_DELEGATION_REQUIRED                                             syscall.Errno = 9571
+	DNS_ERROR_INVALID_POLICY_TABLE                                            syscall.Errno = 9572
+	DNS_ERROR_ADDRESS_REQUIRED                                                syscall.Errno = 9573
+	DNS_ERROR_ZONE_BASE                                                       syscall.Errno = 9600
+	DNS_ERROR_ZONE_DOES_NOT_EXIST                                             syscall.Errno = 9601
+	DNS_ERROR_NO_ZONE_INFO                                                    syscall.Errno = 9602
+	DNS_ERROR_INVALID_ZONE_OPERATION                                          syscall.Errno = 9603
+	DNS_ERROR_ZONE_CONFIGURATION_ERROR                                        syscall.Errno = 9604
+	DNS_ERROR_ZONE_HAS_NO_SOA_RECORD                                          syscall.Errno = 9605
+	DNS_ERROR_ZONE_HAS_NO_NS_RECORDS                                          syscall.Errno = 9606
+	DNS_ERROR_ZONE_LOCKED                                                     syscall.Errno = 9607
+	DNS_ERROR_ZONE_CREATION_FAILED                                            syscall.Errno = 9608
+	DNS_ERROR_ZONE_ALREADY_EXISTS                                             syscall.Errno = 9609
+	DNS_ERROR_AUTOZONE_ALREADY_EXISTS                                         syscall.Errno = 9610
+	DNS_ERROR_INVALID_ZONE_TYPE                                               syscall.Errno = 9611
+	DNS_ERROR_SECONDARY_REQUIRES_MASTER_IP                                    syscall.Errno = 9612
+	DNS_ERROR_ZONE_NOT_SECONDARY                                              syscall.Errno = 9613
+	DNS_ERROR_NEED_SECONDARY_ADDRESSES                                        syscall.Errno = 9614
+	DNS_ERROR_WINS_INIT_FAILED                                                syscall.Errno = 9615
+	DNS_ERROR_NEED_WINS_SERVERS                                               syscall.Errno = 9616
+	DNS_ERROR_NBSTAT_INIT_FAILED                                              syscall.Errno = 9617
+	DNS_ERROR_SOA_DELETE_INVALID                                              syscall.Errno = 9618
+	DNS_ERROR_FORWARDER_ALREADY_EXISTS                                        syscall.Errno = 9619
+	DNS_ERROR_ZONE_REQUIRES_MASTER_IP                                         syscall.Errno = 9620
+	DNS_ERROR_ZONE_IS_SHUTDOWN                                                syscall.Errno = 9621
+	DNS_ERROR_ZONE_LOCKED_FOR_SIGNING                                         syscall.Errno = 9622
+	DNS_ERROR_DATAFILE_BASE                                                   syscall.Errno = 9650
+	DNS_ERROR_PRIMARY_REQUIRES_DATAFILE                                       syscall.Errno = 9651
+	DNS_ERROR_INVALID_DATAFILE_NAME                                           syscall.Errno = 9652
+	DNS_ERROR_DATAFILE_OPEN_FAILURE                                           syscall.Errno = 9653
+	DNS_ERROR_FILE_WRITEBACK_FAILED                                           syscall.Errno = 9654
+	DNS_ERROR_DATAFILE_PARSING                                                syscall.Errno = 9655
+	DNS_ERROR_DATABASE_BASE                                                   syscall.Errno = 9700
+	DNS_ERROR_RECORD_DOES_NOT_EXIST                                           syscall.Errno = 9701
+	DNS_ERROR_RECORD_FORMAT                                                   syscall.Errno = 9702
+	DNS_ERROR_NODE_CREATION_FAILED                                            syscall.Errno = 9703
+	DNS_ERROR_UNKNOWN_RECORD_TYPE                                             syscall.Errno = 9704
+	DNS_ERROR_RECORD_TIMED_OUT                                                syscall.Errno = 9705
+	DNS_ERROR_NAME_NOT_IN_ZONE                                                syscall.Errno = 9706
+	DNS_ERROR_CNAME_LOOP                                                      syscall.Errno = 9707
+	DNS_ERROR_NODE_IS_CNAME                                                   syscall.Errno = 9708
+	DNS_ERROR_CNAME_COLLISION                                                 syscall.Errno = 9709
+	DNS_ERROR_RECORD_ONLY_AT_ZONE_ROOT                                        syscall.Errno = 9710
+	DNS_ERROR_RECORD_ALREADY_EXISTS                                           syscall.Errno = 9711
+	DNS_ERROR_SECONDARY_DATA                                                  syscall.Errno = 9712
+	DNS_ERROR_NO_CREATE_CACHE_DATA                                            syscall.Errno = 9713
+	DNS_ERROR_NAME_DOES_NOT_EXIST                                             syscall.Errno = 9714
+	DNS_WARNING_PTR_CREATE_FAILED                                             syscall.Errno = 9715
+	DNS_WARNING_DOMAIN_UNDELETED                                              syscall.Errno = 9716
+	DNS_ERROR_DS_UNAVAILABLE                                                  syscall.Errno = 9717
+	DNS_ERROR_DS_ZONE_ALREADY_EXISTS                                          syscall.Errno = 9718
+	DNS_ERROR_NO_BOOTFILE_IF_DS_ZONE                                          syscall.Errno = 9719
+	DNS_ERROR_NODE_IS_DNAME                                                   syscall.Errno = 9720
+	DNS_ERROR_DNAME_COLLISION                                                 syscall.Errno = 9721
+	DNS_ERROR_ALIAS_LOOP                                                      syscall.Errno = 9722
+	DNS_ERROR_OPERATION_BASE                                                  syscall.Errno = 9750
+	DNS_INFO_AXFR_COMPLETE                                                    syscall.Errno = 9751
+	DNS_ERROR_AXFR                                                            syscall.Errno = 9752
+	DNS_INFO_ADDED_LOCAL_WINS                                                 syscall.Errno = 9753
+	DNS_ERROR_SECURE_BASE                                                     syscall.Errno = 9800
+	DNS_STATUS_CONTINUE_NEEDED                                                syscall.Errno = 9801
+	DNS_ERROR_SETUP_BASE                                                      syscall.Errno = 9850
+	DNS_ERROR_NO_TCPIP                                                        syscall.Errno = 9851
+	DNS_ERROR_NO_DNS_SERVERS                                                  syscall.Errno = 9852
+	DNS_ERROR_DP_BASE                                                         syscall.Errno = 9900
+	DNS_ERROR_DP_DOES_NOT_EXIST                                               syscall.Errno = 9901
+	DNS_ERROR_DP_ALREADY_EXISTS                                               syscall.Errno = 9902
+	DNS_ERROR_DP_NOT_ENLISTED                                                 syscall.Errno = 9903
+	DNS_ERROR_DP_ALREADY_ENLISTED                                             syscall.Errno = 9904
+	DNS_ERROR_DP_NOT_AVAILABLE                                                syscall.Errno = 9905
+	DNS_ERROR_DP_FSMO_ERROR                                                   syscall.Errno = 9906
+	DNS_ERROR_RRL_NOT_ENABLED                                                 syscall.Errno = 9911
+	DNS_ERROR_RRL_INVALID_WINDOW_SIZE                                         syscall.Errno = 9912
+	DNS_ERROR_RRL_INVALID_IPV4_PREFIX                                         syscall.Errno = 9913
+	DNS_ERROR_RRL_INVALID_IPV6_PREFIX                                         syscall.Errno = 9914
+	DNS_ERROR_RRL_INVALID_TC_RATE                                             syscall.Errno = 9915
+	DNS_ERROR_RRL_INVALID_LEAK_RATE                                           syscall.Errno = 9916
+	DNS_ERROR_RRL_LEAK_RATE_LESSTHAN_TC_RATE                                  syscall.Errno = 9917
+	DNS_ERROR_VIRTUALIZATION_INSTANCE_ALREADY_EXISTS                          syscall.Errno = 9921
+	DNS_ERROR_VIRTUALIZATION_INSTANCE_DOES_NOT_EXIST                          syscall.Errno = 9922
+	DNS_ERROR_VIRTUALIZATION_TREE_LOCKED                                      syscall.Errno = 9923
+	DNS_ERROR_INVAILD_VIRTUALIZATION_INSTANCE_NAME                            syscall.Errno = 9924
+	DNS_ERROR_DEFAULT_VIRTUALIZATION_INSTANCE                                 syscall.Errno = 9925
+	DNS_ERROR_ZONESCOPE_ALREADY_EXISTS                                        syscall.Errno = 9951
+	DNS_ERROR_ZONESCOPE_DOES_NOT_EXIST                                        syscall.Errno = 9952
+	DNS_ERROR_DEFAULT_ZONESCOPE                                               syscall.Errno = 9953
+	DNS_ERROR_INVALID_ZONESCOPE_NAME                                          syscall.Errno = 9954
+	DNS_ERROR_NOT_ALLOWED_WITH_ZONESCOPES                                     syscall.Errno = 9955
+	DNS_ERROR_LOAD_ZONESCOPE_FAILED                                           syscall.Errno = 9956
+	DNS_ERROR_ZONESCOPE_FILE_WRITEBACK_FAILED                                 syscall.Errno = 9957
+	DNS_ERROR_INVALID_SCOPE_NAME                                              syscall.Errno = 9958
+	DNS_ERROR_SCOPE_DOES_NOT_EXIST                                            syscall.Errno = 9959
+	DNS_ERROR_DEFAULT_SCOPE                                                   syscall.Errno = 9960
+	DNS_ERROR_INVALID_SCOPE_OPERATION                                         syscall.Errno = 9961
+	DNS_ERROR_SCOPE_LOCKED                                                    syscall.Errno = 9962
+	DNS_ERROR_SCOPE_ALREADY_EXISTS                                            syscall.Errno = 9963
+	DNS_ERROR_POLICY_ALREADY_EXISTS                                           syscall.Errno = 9971
+	DNS_ERROR_POLICY_DOES_NOT_EXIST                                           syscall.Errno = 9972
+	DNS_ERROR_POLICY_INVALID_CRITERIA                                         syscall.Errno = 9973
+	DNS_ERROR_POLICY_INVALID_SETTINGS                                         syscall.Errno = 9974
+	DNS_ERROR_CLIENT_SUBNET_IS_ACCESSED                                       syscall.Errno = 9975
+	DNS_ERROR_CLIENT_SUBNET_DOES_NOT_EXIST                                    syscall.Errno = 9976
+	DNS_ERROR_CLIENT_SUBNET_ALREADY_EXISTS                                    syscall.Errno = 9977
+	DNS_ERROR_SUBNET_DOES_NOT_EXIST                                           syscall.Errno = 9978
+	DNS_ERROR_SUBNET_ALREADY_EXISTS                                           syscall.Errno = 9979
+	DNS_ERROR_POLICY_LOCKED                                                   syscall.Errno = 9980
+	DNS_ERROR_POLICY_INVALID_WEIGHT                                           syscall.Errno = 9981
+	DNS_ERROR_POLICY_INVALID_NAME                                             syscall.Errno = 9982
+	DNS_ERROR_POLICY_MISSING_CRITERIA                                         syscall.Errno = 9983
+	DNS_ERROR_INVALID_CLIENT_SUBNET_NAME                                      syscall.Errno = 9984
+	DNS_ERROR_POLICY_PROCESSING_ORDER_INVALID                                 syscall.Errno = 9985
+	DNS_ERROR_POLICY_SCOPE_MISSING                                            syscall.Errno = 9986
+	DNS_ERROR_POLICY_SCOPE_NOT_ALLOWED                                        syscall.Errno = 9987
+	DNS_ERROR_SERVERSCOPE_IS_REFERENCED                                       syscall.Errno = 9988
+	DNS_ERROR_ZONESCOPE_IS_REFERENCED                                         syscall.Errno = 9989
+	DNS_ERROR_POLICY_INVALID_CRITERIA_CLIENT_SUBNET                           syscall.Errno = 9990
+	DNS_ERROR_POLICY_INVALID_CRITERIA_TRANSPORT_PROTOCOL                      syscall.Errno = 9991
+	DNS_ERROR_POLICY_INVALID_CRITERIA_NETWORK_PROTOCOL                        syscall.Errno = 9992
+	DNS_ERROR_POLICY_INVALID_CRITERIA_INTERFACE                               syscall.Errno = 9993
+	DNS_ERROR_POLICY_INVALID_CRITERIA_FQDN                                    syscall.Errno = 9994
+	DNS_ERROR_POLICY_INVALID_CRITERIA_QUERY_TYPE                              syscall.Errno = 9995
+	DNS_ERROR_POLICY_INVALID_CRITERIA_TIME_OF_DAY                             syscall.Errno = 9996
+	WSABASEERR                                                                syscall.Errno = 10000
+	WSAEINTR                                                                  syscall.Errno = 10004
+	WSAEBADF                                                                  syscall.Errno = 10009
+	WSAEACCES                                                                 syscall.Errno = 10013
+	WSAEFAULT                                                                 syscall.Errno = 10014
+	WSAEINVAL                                                                 syscall.Errno = 10022
+	WSAEMFILE                                                                 syscall.Errno = 10024
+	WSAEWOULDBLOCK                                                            syscall.Errno = 10035
+	WSAEINPROGRESS                                                            syscall.Errno = 10036
+	WSAEALREADY                                                               syscall.Errno = 10037
+	WSAENOTSOCK                                                               syscall.Errno = 10038
+	WSAEDESTADDRREQ                                                           syscall.Errno = 10039
+	WSAEMSGSIZE                                                               syscall.Errno = 10040
+	WSAEPROTOTYPE                                                             syscall.Errno = 10041
+	WSAENOPROTOOPT                                                            syscall.Errno = 10042
+	WSAEPROTONOSUPPORT                                                        syscall.Errno = 10043
+	WSAESOCKTNOSUPPORT                                                        syscall.Errno = 10044
+	WSAEOPNOTSUPP                                                             syscall.Errno = 10045
+	WSAEPFNOSUPPORT                                                           syscall.Errno = 10046
+	WSAEAFNOSUPPORT                                                           syscall.Errno = 10047
+	WSAEADDRINUSE                                                             syscall.Errno = 10048
+	WSAEADDRNOTAVAIL                                                          syscall.Errno = 10049
+	WSAENETDOWN                                                               syscall.Errno = 10050
+	WSAENETUNREACH                                                            syscall.Errno = 10051
+	WSAENETRESET                                                              syscall.Errno = 10052
+	WSAECONNABORTED                                                           syscall.Errno = 10053
+	WSAECONNRESET                                                             syscall.Errno = 10054
+	WSAENOBUFS                                                                syscall.Errno = 10055
+	WSAEISCONN                                                                syscall.Errno = 10056
+	WSAENOTCONN                                                               syscall.Errno = 10057
+	WSAESHUTDOWN                                                              syscall.Errno = 10058
+	WSAETOOMANYREFS                                                           syscall.Errno = 10059
+	WSAETIMEDOUT                                                              syscall.Errno = 10060
+	WSAECONNREFUSED                                                           syscall.Errno = 10061
+	WSAELOOP                                                                  syscall.Errno = 10062
+	WSAENAMETOOLONG                                                           syscall.Errno = 10063
+	WSAEHOSTDOWN                                                              syscall.Errno = 10064
+	WSAEHOSTUNREACH                                                           syscall.Errno = 10065
+	WSAENOTEMPTY                                                              syscall.Errno = 10066
+	WSAEPROCLIM                                                               syscall.Errno = 10067
+	WSAEUSERS                                                                 syscall.Errno = 10068
+	WSAEDQUOT                                                                 syscall.Errno = 10069
+	WSAESTALE                                                                 syscall.Errno = 10070
+	WSAEREMOTE                                                                syscall.Errno = 10071
+	WSASYSNOTREADY                                                            syscall.Errno = 10091
+	WSAVERNOTSUPPORTED                                                        syscall.Errno = 10092
+	WSANOTINITIALISED                                                         syscall.Errno = 10093
+	WSAEDISCON                                                                syscall.Errno = 10101
+	WSAENOMORE                                                                syscall.Errno = 10102
+	WSAECANCELLED                                                             syscall.Errno = 10103
+	WSAEINVALIDPROCTABLE                                                      syscall.Errno = 10104
+	WSAEINVALIDPROVIDER                                                       syscall.Errno = 10105
+	WSAEPROVIDERFAILEDINIT                                                    syscall.Errno = 10106
+	WSASYSCALLFAILURE                                                         syscall.Errno = 10107
+	WSASERVICE_NOT_FOUND                                                      syscall.Errno = 10108
+	WSATYPE_NOT_FOUND                                                         syscall.Errno = 10109
+	WSA_E_NO_MORE                                                             syscall.Errno = 10110
+	WSA_E_CANCELLED                                                           syscall.Errno = 10111
+	WSAEREFUSED                                                               syscall.Errno = 10112
+	WSAHOST_NOT_FOUND                                                         syscall.Errno = 11001
+	WSATRY_AGAIN                                                              syscall.Errno = 11002
+	WSANO_RECOVERY                                                            syscall.Errno = 11003
+	WSANO_DATA                                                                syscall.Errno = 11004
+	WSA_QOS_RECEIVERS                                                         syscall.Errno = 11005
+	WSA_QOS_SENDERS                                                           syscall.Errno = 11006
+	WSA_QOS_NO_SENDERS                                                        syscall.Errno = 11007
+	WSA_QOS_NO_RECEIVERS                                                      syscall.Errno = 11008
+	WSA_QOS_REQUEST_CONFIRMED                                                 syscall.Errno = 11009
+	WSA_QOS_ADMISSION_FAILURE                                                 syscall.Errno = 11010
+	WSA_QOS_POLICY_FAILURE                                                    syscall.Errno = 11011
+	WSA_QOS_BAD_STYLE                                                         syscall.Errno = 11012
+	WSA_QOS_BAD_OBJECT                                                        syscall.Errno = 11013
+	WSA_QOS_TRAFFIC_CTRL_ERROR                                                syscall.Errno = 11014
+	WSA_QOS_GENERIC_ERROR                                                     syscall.Errno = 11015
+	WSA_QOS_ESERVICETYPE                                                      syscall.Errno = 11016
+	WSA_QOS_EFLOWSPEC                                                         syscall.Errno = 11017
+	WSA_QOS_EPROVSPECBUF                                                      syscall.Errno = 11018
+	WSA_QOS_EFILTERSTYLE                                                      syscall.Errno = 11019
+	WSA_QOS_EFILTERTYPE                                                       syscall.Errno = 11020
+	WSA_QOS_EFILTERCOUNT                                                      syscall.Errno = 11021
+	WSA_QOS_EOBJLENGTH                                                        syscall.Errno = 11022
+	WSA_QOS_EFLOWCOUNT                                                        syscall.Errno = 11023
+	WSA_QOS_EUNKOWNPSOBJ                                                      syscall.Errno = 11024
+	WSA_QOS_EPOLICYOBJ                                                        syscall.Errno = 11025
+	WSA_QOS_EFLOWDESC                                                         syscall.Errno = 11026
+	WSA_QOS_EPSFLOWSPEC                                                       syscall.Errno = 11027
+	WSA_QOS_EPSFILTERSPEC                                                     syscall.Errno = 11028
+	WSA_QOS_ESDMODEOBJ                                                        syscall.Errno = 11029
+	WSA_QOS_ESHAPERATEOBJ                                                     syscall.Errno = 11030
+	WSA_QOS_RESERVED_PETYPE                                                   syscall.Errno = 11031
+	WSA_SECURE_HOST_NOT_FOUND                                                 syscall.Errno = 11032
+	WSA_IPSEC_NAME_POLICY_ERROR                                               syscall.Errno = 11033
+	ERROR_IPSEC_QM_POLICY_EXISTS                                              syscall.Errno = 13000
+	ERROR_IPSEC_QM_POLICY_NOT_FOUND                                           syscall.Errno = 13001
+	ERROR_IPSEC_QM_POLICY_IN_USE                                              syscall.Errno = 13002
+	ERROR_IPSEC_MM_POLICY_EXISTS                                              syscall.Errno = 13003
+	ERROR_IPSEC_MM_POLICY_NOT_FOUND                                           syscall.Errno = 13004
+	ERROR_IPSEC_MM_POLICY_IN_USE                                              syscall.Errno = 13005
+	ERROR_IPSEC_MM_FILTER_EXISTS                                              syscall.Errno = 13006
+	ERROR_IPSEC_MM_FILTER_NOT_FOUND                                           syscall.Errno = 13007
+	ERROR_IPSEC_TRANSPORT_FILTER_EXISTS                                       syscall.Errno = 13008
+	ERROR_IPSEC_TRANSPORT_FILTER_NOT_FOUND                                    syscall.Errno = 13009
+	ERROR_IPSEC_MM_AUTH_EXISTS                                                syscall.Errno = 13010
+	ERROR_IPSEC_MM_AUTH_NOT_FOUND                                             syscall.Errno = 13011
+	ERROR_IPSEC_MM_AUTH_IN_USE                                                syscall.Errno = 13012
+	ERROR_IPSEC_DEFAULT_MM_POLICY_NOT_FOUND                                   syscall.Errno = 13013
+	ERROR_IPSEC_DEFAULT_MM_AUTH_NOT_FOUND                                     syscall.Errno = 13014
+	ERROR_IPSEC_DEFAULT_QM_POLICY_NOT_FOUND                                   syscall.Errno = 13015
+	ERROR_IPSEC_TUNNEL_FILTER_EXISTS                                          syscall.Errno = 13016
+	ERROR_IPSEC_TUNNEL_FILTER_NOT_FOUND                                       syscall.Errno = 13017
+	ERROR_IPSEC_MM_FILTER_PENDING_DELETION                                    syscall.Errno = 13018
+	ERROR_IPSEC_TRANSPORT_FILTER_PENDING_DELETION                             syscall.Errno = 13019
+	ERROR_IPSEC_TUNNEL_FILTER_PENDING_DELETION                                syscall.Errno = 13020
+	ERROR_IPSEC_MM_POLICY_PENDING_DELETION                                    syscall.Errno = 13021
+	ERROR_IPSEC_MM_AUTH_PENDING_DELETION                                      syscall.Errno = 13022
+	ERROR_IPSEC_QM_POLICY_PENDING_DELETION                                    syscall.Errno = 13023
+	WARNING_IPSEC_MM_POLICY_PRUNED                                            syscall.Errno = 13024
+	WARNING_IPSEC_QM_POLICY_PRUNED                                            syscall.Errno = 13025
+	ERROR_IPSEC_IKE_NEG_STATUS_BEGIN                                          syscall.Errno = 13800
+	ERROR_IPSEC_IKE_AUTH_FAIL                                                 syscall.Errno = 13801
+	ERROR_IPSEC_IKE_ATTRIB_FAIL                                               syscall.Errno = 13802
+	ERROR_IPSEC_IKE_NEGOTIATION_PENDING                                       syscall.Errno = 13803
+	ERROR_IPSEC_IKE_GENERAL_PROCESSING_ERROR                                  syscall.Errno = 13804
+	ERROR_IPSEC_IKE_TIMED_OUT                                                 syscall.Errno = 13805
+	ERROR_IPSEC_IKE_NO_CERT                                                   syscall.Errno = 13806
+	ERROR_IPSEC_IKE_SA_DELETED                                                syscall.Errno = 13807
+	ERROR_IPSEC_IKE_SA_REAPED                                                 syscall.Errno = 13808
+	ERROR_IPSEC_IKE_MM_ACQUIRE_DROP                                           syscall.Errno = 13809
+	ERROR_IPSEC_IKE_QM_ACQUIRE_DROP                                           syscall.Errno = 13810
+	ERROR_IPSEC_IKE_QUEUE_DROP_MM                                             syscall.Errno = 13811
+	ERROR_IPSEC_IKE_QUEUE_DROP_NO_MM                                          syscall.Errno = 13812
+	ERROR_IPSEC_IKE_DROP_NO_RESPONSE                                          syscall.Errno = 13813
+	ERROR_IPSEC_IKE_MM_DELAY_DROP                                             syscall.Errno = 13814
+	ERROR_IPSEC_IKE_QM_DELAY_DROP                                             syscall.Errno = 13815
+	ERROR_IPSEC_IKE_ERROR                                                     syscall.Errno = 13816
+	ERROR_IPSEC_IKE_CRL_FAILED                                                syscall.Errno = 13817
+	ERROR_IPSEC_IKE_INVALID_KEY_USAGE                                         syscall.Errno = 13818
+	ERROR_IPSEC_IKE_INVALID_CERT_TYPE                                         syscall.Errno = 13819
+	ERROR_IPSEC_IKE_NO_PRIVATE_KEY                                            syscall.Errno = 13820
+	ERROR_IPSEC_IKE_SIMULTANEOUS_REKEY                                        syscall.Errno = 13821
+	ERROR_IPSEC_IKE_DH_FAIL                                                   syscall.Errno = 13822
+	ERROR_IPSEC_IKE_CRITICAL_PAYLOAD_NOT_RECOGNIZED                           syscall.Errno = 13823
+	ERROR_IPSEC_IKE_INVALID_HEADER                                            syscall.Errno = 13824
+	ERROR_IPSEC_IKE_NO_POLICY                                                 syscall.Errno = 13825
+	ERROR_IPSEC_IKE_INVALID_SIGNATURE                                         syscall.Errno = 13826
+	ERROR_IPSEC_IKE_KERBEROS_ERROR                                            syscall.Errno = 13827
+	ERROR_IPSEC_IKE_NO_PUBLIC_KEY                                             syscall.Errno = 13828
+	ERROR_IPSEC_IKE_PROCESS_ERR                                               syscall.Errno = 13829
+	ERROR_IPSEC_IKE_PROCESS_ERR_SA                                            syscall.Errno = 13830
+	ERROR_IPSEC_IKE_PROCESS_ERR_PROP                                          syscall.Errno = 13831
+	ERROR_IPSEC_IKE_PROCESS_ERR_TRANS                                         syscall.Errno = 13832
+	ERROR_IPSEC_IKE_PROCESS_ERR_KE                                            syscall.Errno = 13833
+	ERROR_IPSEC_IKE_PROCESS_ERR_ID                                            syscall.Errno = 13834
+	ERROR_IPSEC_IKE_PROCESS_ERR_CERT                                          syscall.Errno = 13835
+	ERROR_IPSEC_IKE_PROCESS_ERR_CERT_REQ                                      syscall.Errno = 13836
+	ERROR_IPSEC_IKE_PROCESS_ERR_HASH                                          syscall.Errno = 13837
+	ERROR_IPSEC_IKE_PROCESS_ERR_SIG                                           syscall.Errno = 13838
+	ERROR_IPSEC_IKE_PROCESS_ERR_NONCE                                         syscall.Errno = 13839
+	ERROR_IPSEC_IKE_PROCESS_ERR_NOTIFY                                        syscall.Errno = 13840
+	ERROR_IPSEC_IKE_PROCESS_ERR_DELETE                                        syscall.Errno = 13841
+	ERROR_IPSEC_IKE_PROCESS_ERR_VENDOR                                        syscall.Errno = 13842
+	ERROR_IPSEC_IKE_INVALID_PAYLOAD                                           syscall.Errno = 13843
+	ERROR_IPSEC_IKE_LOAD_SOFT_SA                                              syscall.Errno = 13844
+	ERROR_IPSEC_IKE_SOFT_SA_TORN_DOWN                                         syscall.Errno = 13845
+	ERROR_IPSEC_IKE_INVALID_COOKIE                                            syscall.Errno = 13846
+	ERROR_IPSEC_IKE_NO_PEER_CERT                                              syscall.Errno = 13847
+	ERROR_IPSEC_IKE_PEER_CRL_FAILED                                           syscall.Errno = 13848
+	ERROR_IPSEC_IKE_POLICY_CHANGE                                             syscall.Errno = 13849
+	ERROR_IPSEC_IKE_NO_MM_POLICY                                              syscall.Errno = 13850
+	ERROR_IPSEC_IKE_NOTCBPRIV                                                 syscall.Errno = 13851
+	ERROR_IPSEC_IKE_SECLOADFAIL                                               syscall.Errno = 13852
+	ERROR_IPSEC_IKE_FAILSSPINIT                                               syscall.Errno = 13853
+	ERROR_IPSEC_IKE_FAILQUERYSSP                                              syscall.Errno = 13854
+	ERROR_IPSEC_IKE_SRVACQFAIL                                                syscall.Errno = 13855
+	ERROR_IPSEC_IKE_SRVQUERYCRED                                              syscall.Errno = 13856
+	ERROR_IPSEC_IKE_GETSPIFAIL                                                syscall.Errno = 13857
+	ERROR_IPSEC_IKE_INVALID_FILTER                                            syscall.Errno = 13858
+	ERROR_IPSEC_IKE_OUT_OF_MEMORY                                             syscall.Errno = 13859
+	ERROR_IPSEC_IKE_ADD_UPDATE_KEY_FAILED                                     syscall.Errno = 13860
+	ERROR_IPSEC_IKE_INVALID_POLICY                                            syscall.Errno = 13861
+	ERROR_IPSEC_IKE_UNKNOWN_DOI                                               syscall.Errno = 13862
+	ERROR_IPSEC_IKE_INVALID_SITUATION                                         syscall.Errno = 13863
+	ERROR_IPSEC_IKE_DH_FAILURE                                                syscall.Errno = 13864
+	ERROR_IPSEC_IKE_INVALID_GROUP                                             syscall.Errno = 13865
+	ERROR_IPSEC_IKE_ENCRYPT                                                   syscall.Errno = 13866
+	ERROR_IPSEC_IKE_DECRYPT                                                   syscall.Errno = 13867
+	ERROR_IPSEC_IKE_POLICY_MATCH                                              syscall.Errno = 13868
+	ERROR_IPSEC_IKE_UNSUPPORTED_ID                                            syscall.Errno = 13869
+	ERROR_IPSEC_IKE_INVALID_HASH                                              syscall.Errno = 13870
+	ERROR_IPSEC_IKE_INVALID_HASH_ALG                                          syscall.Errno = 13871
+	ERROR_IPSEC_IKE_INVALID_HASH_SIZE                                         syscall.Errno = 13872
+	ERROR_IPSEC_IKE_INVALID_ENCRYPT_ALG                                       syscall.Errno = 13873
+	ERROR_IPSEC_IKE_INVALID_AUTH_ALG                                          syscall.Errno = 13874
+	ERROR_IPSEC_IKE_INVALID_SIG                                               syscall.Errno = 13875
+	ERROR_IPSEC_IKE_LOAD_FAILED                                               syscall.Errno = 13876
+	ERROR_IPSEC_IKE_RPC_DELETE                                                syscall.Errno = 13877
+	ERROR_IPSEC_IKE_BENIGN_REINIT                                             syscall.Errno = 13878
+	ERROR_IPSEC_IKE_INVALID_RESPONDER_LIFETIME_NOTIFY                         syscall.Errno = 13879
+	ERROR_IPSEC_IKE_INVALID_MAJOR_VERSION                                     syscall.Errno = 13880
+	ERROR_IPSEC_IKE_INVALID_CERT_KEYLEN                                       syscall.Errno = 13881
+	ERROR_IPSEC_IKE_MM_LIMIT                                                  syscall.Errno = 13882
+	ERROR_IPSEC_IKE_NEGOTIATION_DISABLED                                      syscall.Errno = 13883
+	ERROR_IPSEC_IKE_QM_LIMIT                                                  syscall.Errno = 13884
+	ERROR_IPSEC_IKE_MM_EXPIRED                                                syscall.Errno = 13885
+	ERROR_IPSEC_IKE_PEER_MM_ASSUMED_INVALID                                   syscall.Errno = 13886
+	ERROR_IPSEC_IKE_CERT_CHAIN_POLICY_MISMATCH                                syscall.Errno = 13887
+	ERROR_IPSEC_IKE_UNEXPECTED_MESSAGE_ID                                     syscall.Errno = 13888
+	ERROR_IPSEC_IKE_INVALID_AUTH_PAYLOAD                                      syscall.Errno = 13889
+	ERROR_IPSEC_IKE_DOS_COOKIE_SENT                                           syscall.Errno = 13890
+	ERROR_IPSEC_IKE_SHUTTING_DOWN                                             syscall.Errno = 13891
+	ERROR_IPSEC_IKE_CGA_AUTH_FAILED                                           syscall.Errno = 13892
+	ERROR_IPSEC_IKE_PROCESS_ERR_NATOA                                         syscall.Errno = 13893
+	ERROR_IPSEC_IKE_INVALID_MM_FOR_QM                                         syscall.Errno = 13894
+	ERROR_IPSEC_IKE_QM_EXPIRED                                                syscall.Errno = 13895
+	ERROR_IPSEC_IKE_TOO_MANY_FILTERS                                          syscall.Errno = 13896
+	ERROR_IPSEC_IKE_NEG_STATUS_END                                            syscall.Errno = 13897
+	ERROR_IPSEC_IKE_KILL_DUMMY_NAP_TUNNEL                                     syscall.Errno = 13898
+	ERROR_IPSEC_IKE_INNER_IP_ASSIGNMENT_FAILURE                               syscall.Errno = 13899
+	ERROR_IPSEC_IKE_REQUIRE_CP_PAYLOAD_MISSING                                syscall.Errno = 13900
+	ERROR_IPSEC_KEY_MODULE_IMPERSONATION_NEGOTIATION_PENDING                  syscall.Errno = 13901
+	ERROR_IPSEC_IKE_COEXISTENCE_SUPPRESS                                      syscall.Errno = 13902
+	ERROR_IPSEC_IKE_RATELIMIT_DROP                                            syscall.Errno = 13903
+	ERROR_IPSEC_IKE_PEER_DOESNT_SUPPORT_MOBIKE                                syscall.Errno = 13904
+	ERROR_IPSEC_IKE_AUTHORIZATION_FAILURE                                     syscall.Errno = 13905
+	ERROR_IPSEC_IKE_STRONG_CRED_AUTHORIZATION_FAILURE                         syscall.Errno = 13906
+	ERROR_IPSEC_IKE_AUTHORIZATION_FAILURE_WITH_OPTIONAL_RETRY                 syscall.Errno = 13907
+	ERROR_IPSEC_IKE_STRONG_CRED_AUTHORIZATION_AND_CERTMAP_FAILURE             syscall.Errno = 13908
+	ERROR_IPSEC_IKE_NEG_STATUS_EXTENDED_END                                   syscall.Errno = 13909
+	ERROR_IPSEC_BAD_SPI                                                       syscall.Errno = 13910
+	ERROR_IPSEC_SA_LIFETIME_EXPIRED                                           syscall.Errno = 13911
+	ERROR_IPSEC_WRONG_SA                                                      syscall.Errno = 13912
+	ERROR_IPSEC_REPLAY_CHECK_FAILED                                           syscall.Errno = 13913
+	ERROR_IPSEC_INVALID_PACKET                                                syscall.Errno = 13914
+	ERROR_IPSEC_INTEGRITY_CHECK_FAILED                                        syscall.Errno = 13915
+	ERROR_IPSEC_CLEAR_TEXT_DROP                                               syscall.Errno = 13916
+	ERROR_IPSEC_AUTH_FIREWALL_DROP                                            syscall.Errno = 13917
+	ERROR_IPSEC_THROTTLE_DROP                                                 syscall.Errno = 13918
+	ERROR_IPSEC_DOSP_BLOCK                                                    syscall.Errno = 13925
+	ERROR_IPSEC_DOSP_RECEIVED_MULTICAST                                       syscall.Errno = 13926
+	ERROR_IPSEC_DOSP_INVALID_PACKET                                           syscall.Errno = 13927
+	ERROR_IPSEC_DOSP_STATE_LOOKUP_FAILED                                      syscall.Errno = 13928
+	ERROR_IPSEC_DOSP_MAX_ENTRIES                                              syscall.Errno = 13929
+	ERROR_IPSEC_DOSP_KEYMOD_NOT_ALLOWED                                       syscall.Errno = 13930
+	ERROR_IPSEC_DOSP_NOT_INSTALLED                                            syscall.Errno = 13931
+	ERROR_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES                              syscall.Errno = 13932
+	ERROR_SXS_SECTION_NOT_FOUND                                               syscall.Errno = 14000
+	ERROR_SXS_CANT_GEN_ACTCTX                                                 syscall.Errno = 14001
+	ERROR_SXS_INVALID_ACTCTXDATA_FORMAT                                       syscall.Errno = 14002
+	ERROR_SXS_ASSEMBLY_NOT_FOUND                                              syscall.Errno = 14003
+	ERROR_SXS_MANIFEST_FORMAT_ERROR                                           syscall.Errno = 14004
+	ERROR_SXS_MANIFEST_PARSE_ERROR                                            syscall.Errno = 14005
+	ERROR_SXS_ACTIVATION_CONTEXT_DISABLED                                     syscall.Errno = 14006
+	ERROR_SXS_KEY_NOT_FOUND                                                   syscall.Errno = 14007
+	ERROR_SXS_VERSION_CONFLICT                                                syscall.Errno = 14008
+	ERROR_SXS_WRONG_SECTION_TYPE                                              syscall.Errno = 14009
+	ERROR_SXS_THREAD_QUERIES_DISABLED                                         syscall.Errno = 14010
+	ERROR_SXS_PROCESS_DEFAULT_ALREADY_SET                                     syscall.Errno = 14011
+	ERROR_SXS_UNKNOWN_ENCODING_GROUP                                          syscall.Errno = 14012
+	ERROR_SXS_UNKNOWN_ENCODING                                                syscall.Errno = 14013
+	ERROR_SXS_INVALID_XML_NAMESPACE_URI                                       syscall.Errno = 14014
+	ERROR_SXS_ROOT_MANIFEST_DEPENDENCY_NOT_INSTALLED                          syscall.Errno = 14015
+	ERROR_SXS_LEAF_MANIFEST_DEPENDENCY_NOT_INSTALLED                          syscall.Errno = 14016
+	ERROR_SXS_INVALID_ASSEMBLY_IDENTITY_ATTRIBUTE                             syscall.Errno = 14017
+	ERROR_SXS_MANIFEST_MISSING_REQUIRED_DEFAULT_NAMESPACE                     syscall.Errno = 14018
+	ERROR_SXS_MANIFEST_INVALID_REQUIRED_DEFAULT_NAMESPACE                     syscall.Errno = 14019
+	ERROR_SXS_PRIVATE_MANIFEST_CROSS_PATH_WITH_REPARSE_POINT                  syscall.Errno = 14020
+	ERROR_SXS_DUPLICATE_DLL_NAME                                              syscall.Errno = 14021
+	ERROR_SXS_DUPLICATE_WINDOWCLASS_NAME                                      syscall.Errno = 14022
+	ERROR_SXS_DUPLICATE_CLSID                                                 syscall.Errno = 14023
+	ERROR_SXS_DUPLICATE_IID                                                   syscall.Errno = 14024
+	ERROR_SXS_DUPLICATE_TLBID                                                 syscall.Errno = 14025
+	ERROR_SXS_DUPLICATE_PROGID                                                syscall.Errno = 14026
+	ERROR_SXS_DUPLICATE_ASSEMBLY_NAME                                         syscall.Errno = 14027
+	ERROR_SXS_FILE_HASH_MISMATCH                                              syscall.Errno = 14028
+	ERROR_SXS_POLICY_PARSE_ERROR                                              syscall.Errno = 14029
+	ERROR_SXS_XML_E_MISSINGQUOTE                                              syscall.Errno = 14030
+	ERROR_SXS_XML_E_COMMENTSYNTAX                                             syscall.Errno = 14031
+	ERROR_SXS_XML_E_BADSTARTNAMECHAR                                          syscall.Errno = 14032
+	ERROR_SXS_XML_E_BADNAMECHAR                                               syscall.Errno = 14033
+	ERROR_SXS_XML_E_BADCHARINSTRING                                           syscall.Errno = 14034
+	ERROR_SXS_XML_E_XMLDECLSYNTAX                                             syscall.Errno = 14035
+	ERROR_SXS_XML_E_BADCHARDATA                                               syscall.Errno = 14036
+	ERROR_SXS_XML_E_MISSINGWHITESPACE                                         syscall.Errno = 14037
+	ERROR_SXS_XML_E_EXPECTINGTAGEND                                           syscall.Errno = 14038
+	ERROR_SXS_XML_E_MISSINGSEMICOLON                                          syscall.Errno = 14039
+	ERROR_SXS_XML_E_UNBALANCEDPAREN                                           syscall.Errno = 14040
+	ERROR_SXS_XML_E_INTERNALERROR                                             syscall.Errno = 14041
+	ERROR_SXS_XML_E_UNEXPECTED_WHITESPACE                                     syscall.Errno = 14042
+	ERROR_SXS_XML_E_INCOMPLETE_ENCODING                                       syscall.Errno = 14043
+	ERROR_SXS_XML_E_MISSING_PAREN                                             syscall.Errno = 14044
+	ERROR_SXS_XML_E_EXPECTINGCLOSEQUOTE                                       syscall.Errno = 14045
+	ERROR_SXS_XML_E_MULTIPLE_COLONS                                           syscall.Errno = 14046
+	ERROR_SXS_XML_E_INVALID_DECIMAL                                           syscall.Errno = 14047
+	ERROR_SXS_XML_E_INVALID_HEXIDECIMAL                                       syscall.Errno = 14048
+	ERROR_SXS_XML_E_INVALID_UNICODE                                           syscall.Errno = 14049
+	ERROR_SXS_XML_E_WHITESPACEORQUESTIONMARK                                  syscall.Errno = 14050
+	ERROR_SXS_XML_E_UNEXPECTEDENDTAG                                          syscall.Errno = 14051
+	ERROR_SXS_XML_E_UNCLOSEDTAG                                               syscall.Errno = 14052
+	ERROR_SXS_XML_E_DUPLICATEATTRIBUTE                                        syscall.Errno = 14053
+	ERROR_SXS_XML_E_MULTIPLEROOTS                                             syscall.Errno = 14054
+	ERROR_SXS_XML_E_INVALIDATROOTLEVEL                                        syscall.Errno = 14055
+	ERROR_SXS_XML_E_BADXMLDECL                                                syscall.Errno = 14056
+	ERROR_SXS_XML_E_MISSINGROOT                                               syscall.Errno = 14057
+	ERROR_SXS_XML_E_UNEXPECTEDEOF                                             syscall.Errno = 14058
+	ERROR_SXS_XML_E_BADPEREFINSUBSET                                          syscall.Errno = 14059
+	ERROR_SXS_XML_E_UNCLOSEDSTARTTAG                                          syscall.Errno = 14060
+	ERROR_SXS_XML_E_UNCLOSEDENDTAG                                            syscall.Errno = 14061
+	ERROR_SXS_XML_E_UNCLOSEDSTRING                                            syscall.Errno = 14062
+	ERROR_SXS_XML_E_UNCLOSEDCOMMENT                                           syscall.Errno = 14063
+	ERROR_SXS_XML_E_UNCLOSEDDECL                                              syscall.Errno = 14064
+	ERROR_SXS_XML_E_UNCLOSEDCDATA                                             syscall.Errno = 14065
+	ERROR_SXS_XML_E_RESERVEDNAMESPACE                                         syscall.Errno = 14066
+	ERROR_SXS_XML_E_INVALIDENCODING                                           syscall.Errno = 14067
+	ERROR_SXS_XML_E_INVALIDSWITCH                                             syscall.Errno = 14068
+	ERROR_SXS_XML_E_BADXMLCASE                                                syscall.Errno = 14069
+	ERROR_SXS_XML_E_INVALID_STANDALONE                                        syscall.Errno = 14070
+	ERROR_SXS_XML_E_UNEXPECTED_STANDALONE                                     syscall.Errno = 14071
+	ERROR_SXS_XML_E_INVALID_VERSION                                           syscall.Errno = 14072
+	ERROR_SXS_XML_E_MISSINGEQUALS                                             syscall.Errno = 14073
+	ERROR_SXS_PROTECTION_RECOVERY_FAILED                                      syscall.Errno = 14074
+	ERROR_SXS_PROTECTION_PUBLIC_KEY_TOO_SHORT                                 syscall.Errno = 14075
+	ERROR_SXS_PROTECTION_CATALOG_NOT_VALID                                    syscall.Errno = 14076
+	ERROR_SXS_UNTRANSLATABLE_HRESULT                                          syscall.Errno = 14077
+	ERROR_SXS_PROTECTION_CATALOG_FILE_MISSING                                 syscall.Errno = 14078
+	ERROR_SXS_MISSING_ASSEMBLY_IDENTITY_ATTRIBUTE                             syscall.Errno = 14079
+	ERROR_SXS_INVALID_ASSEMBLY_IDENTITY_ATTRIBUTE_NAME                        syscall.Errno = 14080
+	ERROR_SXS_ASSEMBLY_MISSING                                                syscall.Errno = 14081
+	ERROR_SXS_CORRUPT_ACTIVATION_STACK                                        syscall.Errno = 14082
+	ERROR_SXS_CORRUPTION                                                      syscall.Errno = 14083
+	ERROR_SXS_EARLY_DEACTIVATION                                              syscall.Errno = 14084
+	ERROR_SXS_INVALID_DEACTIVATION                                            syscall.Errno = 14085
+	ERROR_SXS_MULTIPLE_DEACTIVATION                                           syscall.Errno = 14086
+	ERROR_SXS_PROCESS_TERMINATION_REQUESTED                                   syscall.Errno = 14087
+	ERROR_SXS_RELEASE_ACTIVATION_CONTEXT                                      syscall.Errno = 14088
+	ERROR_SXS_SYSTEM_DEFAULT_ACTIVATION_CONTEXT_EMPTY                         syscall.Errno = 14089
+	ERROR_SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE                                syscall.Errno = 14090
+	ERROR_SXS_INVALID_IDENTITY_ATTRIBUTE_NAME                                 syscall.Errno = 14091
+	ERROR_SXS_IDENTITY_DUPLICATE_ATTRIBUTE                                    syscall.Errno = 14092
+	ERROR_SXS_IDENTITY_PARSE_ERROR                                            syscall.Errno = 14093
+	ERROR_MALFORMED_SUBSTITUTION_STRING                                       syscall.Errno = 14094
+	ERROR_SXS_INCORRECT_PUBLIC_KEY_TOKEN                                      syscall.Errno = 14095
+	ERROR_UNMAPPED_SUBSTITUTION_STRING                                        syscall.Errno = 14096
+	ERROR_SXS_ASSEMBLY_NOT_LOCKED                                             syscall.Errno = 14097
+	ERROR_SXS_COMPONENT_STORE_CORRUPT                                         syscall.Errno = 14098
+	ERROR_ADVANCED_INSTALLER_FAILED                                           syscall.Errno = 14099
+	ERROR_XML_ENCODING_MISMATCH                                               syscall.Errno = 14100
+	ERROR_SXS_MANIFEST_IDENTITY_SAME_BUT_CONTENTS_DIFFERENT                   syscall.Errno = 14101
+	ERROR_SXS_IDENTITIES_DIFFERENT                                            syscall.Errno = 14102
+	ERROR_SXS_ASSEMBLY_IS_NOT_A_DEPLOYMENT                                    syscall.Errno = 14103
+	ERROR_SXS_FILE_NOT_PART_OF_ASSEMBLY                                       syscall.Errno = 14104
+	ERROR_SXS_MANIFEST_TOO_BIG                                                syscall.Errno = 14105
+	ERROR_SXS_SETTING_NOT_REGISTERED                                          syscall.Errno = 14106
+	ERROR_SXS_TRANSACTION_CLOSURE_INCOMPLETE                                  syscall.Errno = 14107
+	ERROR_SMI_PRIMITIVE_INSTALLER_FAILED                                      syscall.Errno = 14108
+	ERROR_GENERIC_COMMAND_FAILED                                              syscall.Errno = 14109
+	ERROR_SXS_FILE_HASH_MISSING                                               syscall.Errno = 14110
+	ERROR_SXS_DUPLICATE_ACTIVATABLE_CLASS                                     syscall.Errno = 14111
+	ERROR_EVT_INVALID_CHANNEL_PATH                                            syscall.Errno = 15000
+	ERROR_EVT_INVALID_QUERY                                                   syscall.Errno = 15001
+	ERROR_EVT_PUBLISHER_METADATA_NOT_FOUND                                    syscall.Errno = 15002
+	ERROR_EVT_EVENT_TEMPLATE_NOT_FOUND                                        syscall.Errno = 15003
+	ERROR_EVT_INVALID_PUBLISHER_NAME                                          syscall.Errno = 15004
+	ERROR_EVT_INVALID_EVENT_DATA                                              syscall.Errno = 15005
+	ERROR_EVT_CHANNEL_NOT_FOUND                                               syscall.Errno = 15007
+	ERROR_EVT_MALFORMED_XML_TEXT                                              syscall.Errno = 15008
+	ERROR_EVT_SUBSCRIPTION_TO_DIRECT_CHANNEL                                  syscall.Errno = 15009
+	ERROR_EVT_CONFIGURATION_ERROR                                             syscall.Errno = 15010
+	ERROR_EVT_QUERY_RESULT_STALE                                              syscall.Errno = 15011
+	ERROR_EVT_QUERY_RESULT_INVALID_POSITION                                   syscall.Errno = 15012
+	ERROR_EVT_NON_VALIDATING_MSXML                                            syscall.Errno = 15013
+	ERROR_EVT_FILTER_ALREADYSCOPED                                            syscall.Errno = 15014
+	ERROR_EVT_FILTER_NOTELTSET                                                syscall.Errno = 15015
+	ERROR_EVT_FILTER_INVARG                                                   syscall.Errno = 15016
+	ERROR_EVT_FILTER_INVTEST                                                  syscall.Errno = 15017
+	ERROR_EVT_FILTER_INVTYPE                                                  syscall.Errno = 15018
+	ERROR_EVT_FILTER_PARSEERR                                                 syscall.Errno = 15019
+	ERROR_EVT_FILTER_UNSUPPORTEDOP                                            syscall.Errno = 15020
+	ERROR_EVT_FILTER_UNEXPECTEDTOKEN                                          syscall.Errno = 15021
+	ERROR_EVT_INVALID_OPERATION_OVER_ENABLED_DIRECT_CHANNEL                   syscall.Errno = 15022
+	ERROR_EVT_INVALID_CHANNEL_PROPERTY_VALUE                                  syscall.Errno = 15023
+	ERROR_EVT_INVALID_PUBLISHER_PROPERTY_VALUE                                syscall.Errno = 15024
+	ERROR_EVT_CHANNEL_CANNOT_ACTIVATE                                         syscall.Errno = 15025
+	ERROR_EVT_FILTER_TOO_COMPLEX                                              syscall.Errno = 15026
+	ERROR_EVT_MESSAGE_NOT_FOUND                                               syscall.Errno = 15027
+	ERROR_EVT_MESSAGE_ID_NOT_FOUND                                            syscall.Errno = 15028
+	ERROR_EVT_UNRESOLVED_VALUE_INSERT                                         syscall.Errno = 15029
+	ERROR_EVT_UNRESOLVED_PARAMETER_INSERT                                     syscall.Errno = 15030
+	ERROR_EVT_MAX_INSERTS_REACHED                                             syscall.Errno = 15031
+	ERROR_EVT_EVENT_DEFINITION_NOT_FOUND                                      syscall.Errno = 15032
+	ERROR_EVT_MESSAGE_LOCALE_NOT_FOUND                                        syscall.Errno = 15033
+	ERROR_EVT_VERSION_TOO_OLD                                                 syscall.Errno = 15034
+	ERROR_EVT_VERSION_TOO_NEW                                                 syscall.Errno = 15035
+	ERROR_EVT_CANNOT_OPEN_CHANNEL_OF_QUERY                                    syscall.Errno = 15036
+	ERROR_EVT_PUBLISHER_DISABLED                                              syscall.Errno = 15037
+	ERROR_EVT_FILTER_OUT_OF_RANGE                                             syscall.Errno = 15038
+	ERROR_EC_SUBSCRIPTION_CANNOT_ACTIVATE                                     syscall.Errno = 15080
+	ERROR_EC_LOG_DISABLED                                                     syscall.Errno = 15081
+	ERROR_EC_CIRCULAR_FORWARDING                                              syscall.Errno = 15082
+	ERROR_EC_CREDSTORE_FULL                                                   syscall.Errno = 15083
+	ERROR_EC_CRED_NOT_FOUND                                                   syscall.Errno = 15084
+	ERROR_EC_NO_ACTIVE_CHANNEL                                                syscall.Errno = 15085
+	ERROR_MUI_FILE_NOT_FOUND                                                  syscall.Errno = 15100
+	ERROR_MUI_INVALID_FILE                                                    syscall.Errno = 15101
+	ERROR_MUI_INVALID_RC_CONFIG                                               syscall.Errno = 15102
+	ERROR_MUI_INVALID_LOCALE_NAME                                             syscall.Errno = 15103
+	ERROR_MUI_INVALID_ULTIMATEFALLBACK_NAME                                   syscall.Errno = 15104
+	ERROR_MUI_FILE_NOT_LOADED                                                 syscall.Errno = 15105
+	ERROR_RESOURCE_ENUM_USER_STOP                                             syscall.Errno = 15106
+	ERROR_MUI_INTLSETTINGS_UILANG_NOT_INSTALLED                               syscall.Errno = 15107
+	ERROR_MUI_INTLSETTINGS_INVALID_LOCALE_NAME                                syscall.Errno = 15108
+	ERROR_MRM_RUNTIME_NO_DEFAULT_OR_NEUTRAL_RESOURCE                          syscall.Errno = 15110
+	ERROR_MRM_INVALID_PRICONFIG                                               syscall.Errno = 15111
+	ERROR_MRM_INVALID_FILE_TYPE                                               syscall.Errno = 15112
+	ERROR_MRM_UNKNOWN_QUALIFIER                                               syscall.Errno = 15113
+	ERROR_MRM_INVALID_QUALIFIER_VALUE                                         syscall.Errno = 15114
+	ERROR_MRM_NO_CANDIDATE                                                    syscall.Errno = 15115
+	ERROR_MRM_NO_MATCH_OR_DEFAULT_CANDIDATE                                   syscall.Errno = 15116
+	ERROR_MRM_RESOURCE_TYPE_MISMATCH                                          syscall.Errno = 15117
+	ERROR_MRM_DUPLICATE_MAP_NAME                                              syscall.Errno = 15118
+	ERROR_MRM_DUPLICATE_ENTRY                                                 syscall.Errno = 15119
+	ERROR_MRM_INVALID_RESOURCE_IDENTIFIER                                     syscall.Errno = 15120
+	ERROR_MRM_FILEPATH_TOO_LONG                                               syscall.Errno = 15121
+	ERROR_MRM_UNSUPPORTED_DIRECTORY_TYPE                                      syscall.Errno = 15122
+	ERROR_MRM_INVALID_PRI_FILE                                                syscall.Errno = 15126
+	ERROR_MRM_NAMED_RESOURCE_NOT_FOUND                                        syscall.Errno = 15127
+	ERROR_MRM_MAP_NOT_FOUND                                                   syscall.Errno = 15135
+	ERROR_MRM_UNSUPPORTED_PROFILE_TYPE                                        syscall.Errno = 15136
+	ERROR_MRM_INVALID_QUALIFIER_OPERATOR                                      syscall.Errno = 15137
+	ERROR_MRM_INDETERMINATE_QUALIFIER_VALUE                                   syscall.Errno = 15138
+	ERROR_MRM_AUTOMERGE_ENABLED                                               syscall.Errno = 15139
+	ERROR_MRM_TOO_MANY_RESOURCES                                              syscall.Errno = 15140
+	ERROR_MRM_UNSUPPORTED_FILE_TYPE_FOR_MERGE                                 syscall.Errno = 15141
+	ERROR_MRM_UNSUPPORTED_FILE_TYPE_FOR_LOAD_UNLOAD_PRI_FILE                  syscall.Errno = 15142
+	ERROR_MRM_NO_CURRENT_VIEW_ON_THREAD                                       syscall.Errno = 15143
+	ERROR_DIFFERENT_PROFILE_RESOURCE_MANAGER_EXIST                            syscall.Errno = 15144
+	ERROR_OPERATION_NOT_ALLOWED_FROM_SYSTEM_COMPONENT                         syscall.Errno = 15145
+	ERROR_MRM_DIRECT_REF_TO_NON_DEFAULT_RESOURCE                              syscall.Errno = 15146
+	ERROR_MRM_GENERATION_COUNT_MISMATCH                                       syscall.Errno = 15147
+	ERROR_PRI_MERGE_VERSION_MISMATCH                                          syscall.Errno = 15148
+	ERROR_PRI_MERGE_MISSING_SCHEMA                                            syscall.Errno = 15149
+	ERROR_PRI_MERGE_LOAD_FILE_FAILED                                          syscall.Errno = 15150
+	ERROR_PRI_MERGE_ADD_FILE_FAILED                                           syscall.Errno = 15151
+	ERROR_PRI_MERGE_WRITE_FILE_FAILED                                         syscall.Errno = 15152
+	ERROR_PRI_MERGE_MULTIPLE_PACKAGE_FAMILIES_NOT_ALLOWED                     syscall.Errno = 15153
+	ERROR_PRI_MERGE_MULTIPLE_MAIN_PACKAGES_NOT_ALLOWED                        syscall.Errno = 15154
+	ERROR_PRI_MERGE_BUNDLE_PACKAGES_NOT_ALLOWED                               syscall.Errno = 15155
+	ERROR_PRI_MERGE_MAIN_PACKAGE_REQUIRED                                     syscall.Errno = 15156
+	ERROR_PRI_MERGE_RESOURCE_PACKAGE_REQUIRED                                 syscall.Errno = 15157
+	ERROR_PRI_MERGE_INVALID_FILE_NAME                                         syscall.Errno = 15158
+	ERROR_MRM_PACKAGE_NOT_FOUND                                               syscall.Errno = 15159
+	ERROR_MRM_MISSING_DEFAULT_LANGUAGE                                        syscall.Errno = 15160
+	ERROR_MCA_INVALID_CAPABILITIES_STRING                                     syscall.Errno = 15200
+	ERROR_MCA_INVALID_VCP_VERSION                                             syscall.Errno = 15201
+	ERROR_MCA_MONITOR_VIOLATES_MCCS_SPECIFICATION                             syscall.Errno = 15202
+	ERROR_MCA_MCCS_VERSION_MISMATCH                                           syscall.Errno = 15203
+	ERROR_MCA_UNSUPPORTED_MCCS_VERSION                                        syscall.Errno = 15204
+	ERROR_MCA_INTERNAL_ERROR                                                  syscall.Errno = 15205
+	ERROR_MCA_INVALID_TECHNOLOGY_TYPE_RETURNED                                syscall.Errno = 15206
+	ERROR_MCA_UNSUPPORTED_COLOR_TEMPERATURE                                   syscall.Errno = 15207
+	ERROR_AMBIGUOUS_SYSTEM_DEVICE                                             syscall.Errno = 15250
+	ERROR_SYSTEM_DEVICE_NOT_FOUND                                             syscall.Errno = 15299
+	ERROR_HASH_NOT_SUPPORTED                                                  syscall.Errno = 15300
+	ERROR_HASH_NOT_PRESENT                                                    syscall.Errno = 15301
+	ERROR_SECONDARY_IC_PROVIDER_NOT_REGISTERED                                syscall.Errno = 15321
+	ERROR_GPIO_CLIENT_INFORMATION_INVALID                                     syscall.Errno = 15322
+	ERROR_GPIO_VERSION_NOT_SUPPORTED                                          syscall.Errno = 15323
+	ERROR_GPIO_INVALID_REGISTRATION_PACKET                                    syscall.Errno = 15324
+	ERROR_GPIO_OPERATION_DENIED                                               syscall.Errno = 15325
+	ERROR_GPIO_INCOMPATIBLE_CONNECT_MODE                                      syscall.Errno = 15326
+	ERROR_GPIO_INTERRUPT_ALREADY_UNMASKED                                     syscall.Errno = 15327
+	ERROR_CANNOT_SWITCH_RUNLEVEL                                              syscall.Errno = 15400
+	ERROR_INVALID_RUNLEVEL_SETTING                                            syscall.Errno = 15401
+	ERROR_RUNLEVEL_SWITCH_TIMEOUT                                             syscall.Errno = 15402
+	ERROR_RUNLEVEL_SWITCH_AGENT_TIMEOUT                                       syscall.Errno = 15403
+	ERROR_RUNLEVEL_SWITCH_IN_PROGRESS                                         syscall.Errno = 15404
+	ERROR_SERVICES_FAILED_AUTOSTART                                           syscall.Errno = 15405
+	ERROR_COM_TASK_STOP_PENDING                                               syscall.Errno = 15501
+	ERROR_INSTALL_OPEN_PACKAGE_FAILED                                         syscall.Errno = 15600
+	ERROR_INSTALL_PACKAGE_NOT_FOUND                                           syscall.Errno = 15601
+	ERROR_INSTALL_INVALID_PACKAGE                                             syscall.Errno = 15602
+	ERROR_INSTALL_RESOLVE_DEPENDENCY_FAILED                                   syscall.Errno = 15603
+	ERROR_INSTALL_OUT_OF_DISK_SPACE                                           syscall.Errno = 15604
+	ERROR_INSTALL_NETWORK_FAILURE                                             syscall.Errno = 15605
+	ERROR_INSTALL_REGISTRATION_FAILURE                                        syscall.Errno = 15606
+	ERROR_INSTALL_DEREGISTRATION_FAILURE                                      syscall.Errno = 15607
+	ERROR_INSTALL_CANCEL                                                      syscall.Errno = 15608
+	ERROR_INSTALL_FAILED                                                      syscall.Errno = 15609
+	ERROR_REMOVE_FAILED                                                       syscall.Errno = 15610
+	ERROR_PACKAGE_ALREADY_EXISTS                                              syscall.Errno = 15611
+	ERROR_NEEDS_REMEDIATION                                                   syscall.Errno = 15612
+	ERROR_INSTALL_PREREQUISITE_FAILED                                         syscall.Errno = 15613
+	ERROR_PACKAGE_REPOSITORY_CORRUPTED                                        syscall.Errno = 15614
+	ERROR_INSTALL_POLICY_FAILURE                                              syscall.Errno = 15615
+	ERROR_PACKAGE_UPDATING                                                    syscall.Errno = 15616
+	ERROR_DEPLOYMENT_BLOCKED_BY_POLICY                                        syscall.Errno = 15617
+	ERROR_PACKAGES_IN_USE                                                     syscall.Errno = 15618
+	ERROR_RECOVERY_FILE_CORRUPT                                               syscall.Errno = 15619
+	ERROR_INVALID_STAGED_SIGNATURE                                            syscall.Errno = 15620
+	ERROR_DELETING_EXISTING_APPLICATIONDATA_STORE_FAILED                      syscall.Errno = 15621
+	ERROR_INSTALL_PACKAGE_DOWNGRADE                                           syscall.Errno = 15622
+	ERROR_SYSTEM_NEEDS_REMEDIATION                                            syscall.Errno = 15623
+	ERROR_APPX_INTEGRITY_FAILURE_CLR_NGEN                                     syscall.Errno = 15624
+	ERROR_RESILIENCY_FILE_CORRUPT                                             syscall.Errno = 15625
+	ERROR_INSTALL_FIREWALL_SERVICE_NOT_RUNNING                                syscall.Errno = 15626
+	ERROR_PACKAGE_MOVE_FAILED                                                 syscall.Errno = 15627
+	ERROR_INSTALL_VOLUME_NOT_EMPTY                                            syscall.Errno = 15628
+	ERROR_INSTALL_VOLUME_OFFLINE                                              syscall.Errno = 15629
+	ERROR_INSTALL_VOLUME_CORRUPT                                              syscall.Errno = 15630
+	ERROR_NEEDS_REGISTRATION                                                  syscall.Errno = 15631
+	ERROR_INSTALL_WRONG_PROCESSOR_ARCHITECTURE                                syscall.Errno = 15632
+	ERROR_DEV_SIDELOAD_LIMIT_EXCEEDED                                         syscall.Errno = 15633
+	ERROR_INSTALL_OPTIONAL_PACKAGE_REQUIRES_MAIN_PACKAGE                      syscall.Errno = 15634
+	ERROR_PACKAGE_NOT_SUPPORTED_ON_FILESYSTEM                                 syscall.Errno = 15635
+	ERROR_PACKAGE_MOVE_BLOCKED_BY_STREAMING                                   syscall.Errno = 15636
+	ERROR_INSTALL_OPTIONAL_PACKAGE_APPLICATIONID_NOT_UNIQUE                   syscall.Errno = 15637
+	ERROR_PACKAGE_STAGING_ONHOLD                                              syscall.Errno = 15638
+	ERROR_INSTALL_INVALID_RELATED_SET_UPDATE                                  syscall.Errno = 15639
+	ERROR_INSTALL_OPTIONAL_PACKAGE_REQUIRES_MAIN_PACKAGE_FULLTRUST_CAPABILITY syscall.Errno = 15640
+	ERROR_DEPLOYMENT_BLOCKED_BY_USER_LOG_OFF                                  syscall.Errno = 15641
+	ERROR_PROVISION_OPTIONAL_PACKAGE_REQUIRES_MAIN_PACKAGE_PROVISIONED        syscall.Errno = 15642
+	ERROR_PACKAGES_REPUTATION_CHECK_FAILED                                    syscall.Errno = 15643
+	ERROR_PACKAGES_REPUTATION_CHECK_TIMEDOUT                                  syscall.Errno = 15644
+	ERROR_DEPLOYMENT_OPTION_NOT_SUPPORTED                                     syscall.Errno = 15645
+	ERROR_APPINSTALLER_ACTIVATION_BLOCKED                                     syscall.Errno = 15646
+	ERROR_REGISTRATION_FROM_REMOTE_DRIVE_NOT_SUPPORTED                        syscall.Errno = 15647
+	ERROR_APPX_RAW_DATA_WRITE_FAILED                                          syscall.Errno = 15648
+	ERROR_DEPLOYMENT_BLOCKED_BY_VOLUME_POLICY_PACKAGE                         syscall.Errno = 15649
+	ERROR_DEPLOYMENT_BLOCKED_BY_VOLUME_POLICY_MACHINE                         syscall.Errno = 15650
+	ERROR_DEPLOYMENT_BLOCKED_BY_PROFILE_POLICY                                syscall.Errno = 15651
+	ERROR_DEPLOYMENT_FAILED_CONFLICTING_MUTABLE_PACKAGE_DIRECTORY             syscall.Errno = 15652
+	ERROR_SINGLETON_RESOURCE_INSTALLED_IN_ACTIVE_USER                         syscall.Errno = 15653
+	ERROR_DIFFERENT_VERSION_OF_PACKAGED_SERVICE_INSTALLED                     syscall.Errno = 15654
+	ERROR_SERVICE_EXISTS_AS_NON_PACKAGED_SERVICE                              syscall.Errno = 15655
+	ERROR_PACKAGED_SERVICE_REQUIRES_ADMIN_PRIVILEGES                          syscall.Errno = 15656
+	APPMODEL_ERROR_NO_PACKAGE                                                 syscall.Errno = 15700
+	APPMODEL_ERROR_PACKAGE_RUNTIME_CORRUPT                                    syscall.Errno = 15701
+	APPMODEL_ERROR_PACKAGE_IDENTITY_CORRUPT                                   syscall.Errno = 15702
+	APPMODEL_ERROR_NO_APPLICATION                                             syscall.Errno = 15703
+	APPMODEL_ERROR_DYNAMIC_PROPERTY_READ_FAILED                               syscall.Errno = 15704
+	APPMODEL_ERROR_DYNAMIC_PROPERTY_INVALID                                   syscall.Errno = 15705
+	APPMODEL_ERROR_PACKAGE_NOT_AVAILABLE                                      syscall.Errno = 15706
+	APPMODEL_ERROR_NO_MUTABLE_DIRECTORY                                       syscall.Errno = 15707
+	ERROR_STATE_LOAD_STORE_FAILED                                             syscall.Errno = 15800
+	ERROR_STATE_GET_VERSION_FAILED                                            syscall.Errno = 15801
+	ERROR_STATE_SET_VERSION_FAILED                                            syscall.Errno = 15802
+	ERROR_STATE_STRUCTURED_RESET_FAILED                                       syscall.Errno = 15803
+	ERROR_STATE_OPEN_CONTAINER_FAILED                                         syscall.Errno = 15804
+	ERROR_STATE_CREATE_CONTAINER_FAILED                                       syscall.Errno = 15805
+	ERROR_STATE_DELETE_CONTAINER_FAILED                                       syscall.Errno = 15806
+	ERROR_STATE_READ_SETTING_FAILED                                           syscall.Errno = 15807
+	ERROR_STATE_WRITE_SETTING_FAILED                                          syscall.Errno = 15808
+	ERROR_STATE_DELETE_SETTING_FAILED                                         syscall.Errno = 15809
+	ERROR_STATE_QUERY_SETTING_FAILED                                          syscall.Errno = 15810
+	ERROR_STATE_READ_COMPOSITE_SETTING_FAILED                                 syscall.Errno = 15811
+	ERROR_STATE_WRITE_COMPOSITE_SETTING_FAILED                                syscall.Errno = 15812
+	ERROR_STATE_ENUMERATE_CONTAINER_FAILED                                    syscall.Errno = 15813
+	ERROR_STATE_ENUMERATE_SETTINGS_FAILED                                     syscall.Errno = 15814
+	ERROR_STATE_COMPOSITE_SETTING_VALUE_SIZE_LIMIT_EXCEEDED                   syscall.Errno = 15815
+	ERROR_STATE_SETTING_VALUE_SIZE_LIMIT_EXCEEDED                             syscall.Errno = 15816
+	ERROR_STATE_SETTING_NAME_SIZE_LIMIT_EXCEEDED                              syscall.Errno = 15817
+	ERROR_STATE_CONTAINER_NAME_SIZE_LIMIT_EXCEEDED                            syscall.Errno = 15818
+	ERROR_API_UNAVAILABLE                                                     syscall.Errno = 15841
+	STORE_ERROR_UNLICENSED                                                    syscall.Errno = 15861
+	STORE_ERROR_UNLICENSED_USER                                               syscall.Errno = 15862
+	STORE_ERROR_PENDING_COM_TRANSACTION                                       syscall.Errno = 15863
+	STORE_ERROR_LICENSE_REVOKED                                               syscall.Errno = 15864
+	SEVERITY_SUCCESS                                                          syscall.Errno = 0
+	SEVERITY_ERROR                                                            syscall.Errno = 1
+	FACILITY_NT_BIT                                                                         = 0x10000000
+	E_NOT_SET                                                                               = ERROR_NOT_FOUND
+	E_NOT_VALID_STATE                                                                       = ERROR_INVALID_STATE
+	E_NOT_SUFFICIENT_BUFFER                                                                 = ERROR_INSUFFICIENT_BUFFER
+	E_TIME_SENSITIVE_THREAD                                                                 = ERROR_TIME_SENSITIVE_THREAD
+	E_NO_TASK_QUEUE                                                                         = ERROR_NO_TASK_QUEUE
+	NOERROR                                                                   syscall.Errno = 0
+	E_UNEXPECTED                                                              Handle        = 0x8000FFFF
+	E_NOTIMPL                                                                 Handle        = 0x80004001
+	E_OUTOFMEMORY                                                             Handle        = 0x8007000E
+	E_INVALIDARG                                                              Handle        = 0x80070057
+	E_NOINTERFACE                                                             Handle        = 0x80004002
+	E_POINTER                                                                 Handle        = 0x80004003
+	E_HANDLE                                                                  Handle        = 0x80070006
+	E_ABORT                                                                   Handle        = 0x80004004
+	E_FAIL                                                                    Handle        = 0x80004005
+	E_ACCESSDENIED                                                            Handle        = 0x80070005
+	E_PENDING                                                                 Handle        = 0x8000000A
+	E_BOUNDS                                                                  Handle        = 0x8000000B
+	E_CHANGED_STATE                                                           Handle        = 0x8000000C
+	E_ILLEGAL_STATE_CHANGE                                                    Handle        = 0x8000000D
+	E_ILLEGAL_METHOD_CALL                                                     Handle        = 0x8000000E
+	RO_E_METADATA_NAME_NOT_FOUND                                              Handle        = 0x8000000F
+	RO_E_METADATA_NAME_IS_NAMESPACE                                           Handle        = 0x80000010
+	RO_E_METADATA_INVALID_TYPE_FORMAT                                         Handle        = 0x80000011
+	RO_E_INVALID_METADATA_FILE                                                Handle        = 0x80000012
+	RO_E_CLOSED                                                               Handle        = 0x80000013
+	RO_E_EXCLUSIVE_WRITE                                                      Handle        = 0x80000014
+	RO_E_CHANGE_NOTIFICATION_IN_PROGRESS                                      Handle        = 0x80000015
+	RO_E_ERROR_STRING_NOT_FOUND                                               Handle        = 0x80000016
+	E_STRING_NOT_NULL_TERMINATED                                              Handle        = 0x80000017
+	E_ILLEGAL_DELEGATE_ASSIGNMENT                                             Handle        = 0x80000018
+	E_ASYNC_OPERATION_NOT_STARTED                                             Handle        = 0x80000019
+	E_APPLICATION_EXITING                                                     Handle        = 0x8000001A
+	E_APPLICATION_VIEW_EXITING                                                Handle        = 0x8000001B
+	RO_E_MUST_BE_AGILE                                                        Handle        = 0x8000001C
+	RO_E_UNSUPPORTED_FROM_MTA                                                 Handle        = 0x8000001D
+	RO_E_COMMITTED                                                            Handle        = 0x8000001E
+	RO_E_BLOCKED_CROSS_ASTA_CALL                                              Handle        = 0x8000001F
+	RO_E_CANNOT_ACTIVATE_FULL_TRUST_SERVER                                    Handle        = 0x80000020
+	RO_E_CANNOT_ACTIVATE_UNIVERSAL_APPLICATION_SERVER                         Handle        = 0x80000021
+	CO_E_INIT_TLS                                                             Handle        = 0x80004006
+	CO_E_INIT_SHARED_ALLOCATOR                                                Handle        = 0x80004007
+	CO_E_INIT_MEMORY_ALLOCATOR                                                Handle        = 0x80004008
+	CO_E_INIT_CLASS_CACHE                                                     Handle        = 0x80004009
+	CO_E_INIT_RPC_CHANNEL                                                     Handle        = 0x8000400A
+	CO_E_INIT_TLS_SET_CHANNEL_CONTROL                                         Handle        = 0x8000400B
+	CO_E_INIT_TLS_CHANNEL_CONTROL                                             Handle        = 0x8000400C
+	CO_E_INIT_UNACCEPTED_USER_ALLOCATOR                                       Handle        = 0x8000400D
+	CO_E_INIT_SCM_MUTEX_EXISTS                                                Handle        = 0x8000400E
+	CO_E_INIT_SCM_FILE_MAPPING_EXISTS                                         Handle        = 0x8000400F
+	CO_E_INIT_SCM_MAP_VIEW_OF_FILE                                            Handle        = 0x80004010
+	CO_E_INIT_SCM_EXEC_FAILURE                                                Handle        = 0x80004011
+	CO_E_INIT_ONLY_SINGLE_THREADED                                            Handle        = 0x80004012
+	CO_E_CANT_REMOTE                                                          Handle        = 0x80004013
+	CO_E_BAD_SERVER_NAME                                                      Handle        = 0x80004014
+	CO_E_WRONG_SERVER_IDENTITY                                                Handle        = 0x80004015
+	CO_E_OLE1DDE_DISABLED                                                     Handle        = 0x80004016
+	CO_E_RUNAS_SYNTAX                                                         Handle        = 0x80004017
+	CO_E_CREATEPROCESS_FAILURE                                                Handle        = 0x80004018
+	CO_E_RUNAS_CREATEPROCESS_FAILURE                                          Handle        = 0x80004019
+	CO_E_RUNAS_LOGON_FAILURE                                                  Handle        = 0x8000401A
+	CO_E_LAUNCH_PERMSSION_DENIED                                              Handle        = 0x8000401B
+	CO_E_START_SERVICE_FAILURE                                                Handle        = 0x8000401C
+	CO_E_REMOTE_COMMUNICATION_FAILURE                                         Handle        = 0x8000401D
+	CO_E_SERVER_START_TIMEOUT                                                 Handle        = 0x8000401E
+	CO_E_CLSREG_INCONSISTENT                                                  Handle        = 0x8000401F
+	CO_E_IIDREG_INCONSISTENT                                                  Handle        = 0x80004020
+	CO_E_NOT_SUPPORTED                                                        Handle        = 0x80004021
+	CO_E_RELOAD_DLL                                                           Handle        = 0x80004022
+	CO_E_MSI_ERROR                                                            Handle        = 0x80004023
+	CO_E_ATTEMPT_TO_CREATE_OUTSIDE_CLIENT_CONTEXT                             Handle        = 0x80004024
+	CO_E_SERVER_PAUSED                                                        Handle        = 0x80004025
+	CO_E_SERVER_NOT_PAUSED                                                    Handle        = 0x80004026
+	CO_E_CLASS_DISABLED                                                       Handle        = 0x80004027
+	CO_E_CLRNOTAVAILABLE                                                      Handle        = 0x80004028
+	CO_E_ASYNC_WORK_REJECTED                                                  Handle        = 0x80004029
+	CO_E_SERVER_INIT_TIMEOUT                                                  Handle        = 0x8000402A
+	CO_E_NO_SECCTX_IN_ACTIVATE                                                Handle        = 0x8000402B
+	CO_E_TRACKER_CONFIG                                                       Handle        = 0x80004030
+	CO_E_THREADPOOL_CONFIG                                                    Handle        = 0x80004031
+	CO_E_SXS_CONFIG                                                           Handle        = 0x80004032
+	CO_E_MALFORMED_SPN                                                        Handle        = 0x80004033
+	CO_E_UNREVOKED_REGISTRATION_ON_APARTMENT_SHUTDOWN                         Handle        = 0x80004034
+	CO_E_PREMATURE_STUB_RUNDOWN                                               Handle        = 0x80004035
+	S_OK                                                                      Handle        = 0
+	S_FALSE                                                                   Handle        = 1
+	OLE_E_FIRST                                                               Handle        = 0x80040000
+	OLE_E_LAST                                                                Handle        = 0x800400FF
+	OLE_S_FIRST                                                               Handle        = 0x00040000
+	OLE_S_LAST                                                                Handle        = 0x000400FF
+	OLE_E_OLEVERB                                                             Handle        = 0x80040000
+	OLE_E_ADVF                                                                Handle        = 0x80040001
+	OLE_E_ENUM_NOMORE                                                         Handle        = 0x80040002
+	OLE_E_ADVISENOTSUPPORTED                                                  Handle        = 0x80040003
+	OLE_E_NOCONNECTION                                                        Handle        = 0x80040004
+	OLE_E_NOTRUNNING                                                          Handle        = 0x80040005
+	OLE_E_NOCACHE                                                             Handle        = 0x80040006
+	OLE_E_BLANK                                                               Handle        = 0x80040007
+	OLE_E_CLASSDIFF                                                           Handle        = 0x80040008
+	OLE_E_CANT_GETMONIKER                                                     Handle        = 0x80040009
+	OLE_E_CANT_BINDTOSOURCE                                                   Handle        = 0x8004000A
+	OLE_E_STATIC                                                              Handle        = 0x8004000B
+	OLE_E_PROMPTSAVECANCELLED                                                 Handle        = 0x8004000C
+	OLE_E_INVALIDRECT                                                         Handle        = 0x8004000D
+	OLE_E_WRONGCOMPOBJ                                                        Handle        = 0x8004000E
+	OLE_E_INVALIDHWND                                                         Handle        = 0x8004000F
+	OLE_E_NOT_INPLACEACTIVE                                                   Handle        = 0x80040010
+	OLE_E_CANTCONVERT                                                         Handle        = 0x80040011
+	OLE_E_NOSTORAGE                                                           Handle        = 0x80040012
+	DV_E_FORMATETC                                                            Handle        = 0x80040064
+	DV_E_DVTARGETDEVICE                                                       Handle        = 0x80040065
+	DV_E_STGMEDIUM                                                            Handle        = 0x80040066
+	DV_E_STATDATA                                                             Handle        = 0x80040067
+	DV_E_LINDEX                                                               Handle        = 0x80040068
+	DV_E_TYMED                                                                Handle        = 0x80040069
+	DV_E_CLIPFORMAT                                                           Handle        = 0x8004006A
+	DV_E_DVASPECT                                                             Handle        = 0x8004006B
+	DV_E_DVTARGETDEVICE_SIZE                                                  Handle        = 0x8004006C
+	DV_E_NOIVIEWOBJECT                                                        Handle        = 0x8004006D
+	DRAGDROP_E_FIRST                                                          syscall.Errno = 0x80040100
+	DRAGDROP_E_LAST                                                           syscall.Errno = 0x8004010F
+	DRAGDROP_S_FIRST                                                          syscall.Errno = 0x00040100
+	DRAGDROP_S_LAST                                                           syscall.Errno = 0x0004010F
+	DRAGDROP_E_NOTREGISTERED                                                  Handle        = 0x80040100
+	DRAGDROP_E_ALREADYREGISTERED                                              Handle        = 0x80040101
+	DRAGDROP_E_INVALIDHWND                                                    Handle        = 0x80040102
+	DRAGDROP_E_CONCURRENT_DRAG_ATTEMPTED                                      Handle        = 0x80040103
+	CLASSFACTORY_E_FIRST                                                      syscall.Errno = 0x80040110
+	CLASSFACTORY_E_LAST                                                       syscall.Errno = 0x8004011F
+	CLASSFACTORY_S_FIRST                                                      syscall.Errno = 0x00040110
+	CLASSFACTORY_S_LAST                                                       syscall.Errno = 0x0004011F
+	CLASS_E_NOAGGREGATION                                                     Handle        = 0x80040110
+	CLASS_E_CLASSNOTAVAILABLE                                                 Handle        = 0x80040111
+	CLASS_E_NOTLICENSED                                                       Handle        = 0x80040112
+	MARSHAL_E_FIRST                                                           syscall.Errno = 0x80040120
+	MARSHAL_E_LAST                                                            syscall.Errno = 0x8004012F
+	MARSHAL_S_FIRST                                                           syscall.Errno = 0x00040120
+	MARSHAL_S_LAST                                                            syscall.Errno = 0x0004012F
+	DATA_E_FIRST                                                              syscall.Errno = 0x80040130
+	DATA_E_LAST                                                               syscall.Errno = 0x8004013F
+	DATA_S_FIRST                                                              syscall.Errno = 0x00040130
+	DATA_S_LAST                                                               syscall.Errno = 0x0004013F
+	VIEW_E_FIRST                                                              syscall.Errno = 0x80040140
+	VIEW_E_LAST                                                               syscall.Errno = 0x8004014F
+	VIEW_S_FIRST                                                              syscall.Errno = 0x00040140
+	VIEW_S_LAST                                                               syscall.Errno = 0x0004014F
+	VIEW_E_DRAW                                                               Handle        = 0x80040140
+	REGDB_E_FIRST                                                             syscall.Errno = 0x80040150
+	REGDB_E_LAST                                                              syscall.Errno = 0x8004015F
+	REGDB_S_FIRST                                                             syscall.Errno = 0x00040150
+	REGDB_S_LAST                                                              syscall.Errno = 0x0004015F
+	REGDB_E_READREGDB                                                         Handle        = 0x80040150
+	REGDB_E_WRITEREGDB                                                        Handle        = 0x80040151
+	REGDB_E_KEYMISSING                                                        Handle        = 0x80040152
+	REGDB_E_INVALIDVALUE                                                      Handle        = 0x80040153
+	REGDB_E_CLASSNOTREG                                                       Handle        = 0x80040154
+	REGDB_E_IIDNOTREG                                                         Handle        = 0x80040155
+	REGDB_E_BADTHREADINGMODEL                                                 Handle        = 0x80040156
+	REGDB_E_PACKAGEPOLICYVIOLATION                                            Handle        = 0x80040157
+	CAT_E_FIRST                                                               syscall.Errno = 0x80040160
+	CAT_E_LAST                                                                syscall.Errno = 0x80040161
+	CAT_E_CATIDNOEXIST                                                        Handle        = 0x80040160
+	CAT_E_NODESCRIPTION                                                       Handle        = 0x80040161
+	CS_E_FIRST                                                                syscall.Errno = 0x80040164
+	CS_E_LAST                                                                 syscall.Errno = 0x8004016F
+	CS_E_PACKAGE_NOTFOUND                                                     Handle        = 0x80040164
+	CS_E_NOT_DELETABLE                                                        Handle        = 0x80040165
+	CS_E_CLASS_NOTFOUND                                                       Handle        = 0x80040166
+	CS_E_INVALID_VERSION                                                      Handle        = 0x80040167
+	CS_E_NO_CLASSSTORE                                                        Handle        = 0x80040168
+	CS_E_OBJECT_NOTFOUND                                                      Handle        = 0x80040169
+	CS_E_OBJECT_ALREADY_EXISTS                                                Handle        = 0x8004016A
+	CS_E_INVALID_PATH                                                         Handle        = 0x8004016B
+	CS_E_NETWORK_ERROR                                                        Handle        = 0x8004016C
+	CS_E_ADMIN_LIMIT_EXCEEDED                                                 Handle        = 0x8004016D
+	CS_E_SCHEMA_MISMATCH                                                      Handle        = 0x8004016E
+	CS_E_INTERNAL_ERROR                                                       Handle        = 0x8004016F
+	CACHE_E_FIRST                                                             syscall.Errno = 0x80040170
+	CACHE_E_LAST                                                              syscall.Errno = 0x8004017F
+	CACHE_S_FIRST                                                             syscall.Errno = 0x00040170
+	CACHE_S_LAST                                                              syscall.Errno = 0x0004017F
+	CACHE_E_NOCACHE_UPDATED                                                   Handle        = 0x80040170
+	OLEOBJ_E_FIRST                                                            syscall.Errno = 0x80040180
+	OLEOBJ_E_LAST                                                             syscall.Errno = 0x8004018F
+	OLEOBJ_S_FIRST                                                            syscall.Errno = 0x00040180
+	OLEOBJ_S_LAST                                                             syscall.Errno = 0x0004018F
+	OLEOBJ_E_NOVERBS                                                          Handle        = 0x80040180
+	OLEOBJ_E_INVALIDVERB                                                      Handle        = 0x80040181
+	CLIENTSITE_E_FIRST                                                        syscall.Errno = 0x80040190
+	CLIENTSITE_E_LAST                                                         syscall.Errno = 0x8004019F
+	CLIENTSITE_S_FIRST                                                        syscall.Errno = 0x00040190
+	CLIENTSITE_S_LAST                                                         syscall.Errno = 0x0004019F
+	INPLACE_E_NOTUNDOABLE                                                     Handle        = 0x800401A0
+	INPLACE_E_NOTOOLSPACE                                                     Handle        = 0x800401A1
+	INPLACE_E_FIRST                                                           syscall.Errno = 0x800401A0
+	INPLACE_E_LAST                                                            syscall.Errno = 0x800401AF
+	INPLACE_S_FIRST                                                           syscall.Errno = 0x000401A0
+	INPLACE_S_LAST                                                            syscall.Errno = 0x000401AF
+	ENUM_E_FIRST                                                              syscall.Errno = 0x800401B0
+	ENUM_E_LAST                                                               syscall.Errno = 0x800401BF
+	ENUM_S_FIRST                                                              syscall.Errno = 0x000401B0
+	ENUM_S_LAST                                                               syscall.Errno = 0x000401BF
+	CONVERT10_E_FIRST                                                         syscall.Errno = 0x800401C0
+	CONVERT10_E_LAST                                                          syscall.Errno = 0x800401CF
+	CONVERT10_S_FIRST                                                         syscall.Errno = 0x000401C0
+	CONVERT10_S_LAST                                                          syscall.Errno = 0x000401CF
+	CONVERT10_E_OLESTREAM_GET                                                 Handle        = 0x800401C0
+	CONVERT10_E_OLESTREAM_PUT                                                 Handle        = 0x800401C1
+	CONVERT10_E_OLESTREAM_FMT                                                 Handle        = 0x800401C2
+	CONVERT10_E_OLESTREAM_BITMAP_TO_DIB                                       Handle        = 0x800401C3
+	CONVERT10_E_STG_FMT                                                       Handle        = 0x800401C4
+	CONVERT10_E_STG_NO_STD_STREAM                                             Handle        = 0x800401C5
+	CONVERT10_E_STG_DIB_TO_BITMAP                                             Handle        = 0x800401C6
+	CLIPBRD_E_FIRST                                                           syscall.Errno = 0x800401D0
+	CLIPBRD_E_LAST                                                            syscall.Errno = 0x800401DF
+	CLIPBRD_S_FIRST                                                           syscall.Errno = 0x000401D0
+	CLIPBRD_S_LAST                                                            syscall.Errno = 0x000401DF
+	CLIPBRD_E_CANT_OPEN                                                       Handle        = 0x800401D0
+	CLIPBRD_E_CANT_EMPTY                                                      Handle        = 0x800401D1
+	CLIPBRD_E_CANT_SET                                                        Handle        = 0x800401D2
+	CLIPBRD_E_BAD_DATA                                                        Handle        = 0x800401D3
+	CLIPBRD_E_CANT_CLOSE                                                      Handle        = 0x800401D4
+	MK_E_FIRST                                                                syscall.Errno = 0x800401E0
+	MK_E_LAST                                                                 syscall.Errno = 0x800401EF
+	MK_S_FIRST                                                                syscall.Errno = 0x000401E0
+	MK_S_LAST                                                                 syscall.Errno = 0x000401EF
+	MK_E_CONNECTMANUALLY                                                      Handle        = 0x800401E0
+	MK_E_EXCEEDEDDEADLINE                                                     Handle        = 0x800401E1
+	MK_E_NEEDGENERIC                                                          Handle        = 0x800401E2
+	MK_E_UNAVAILABLE                                                          Handle        = 0x800401E3
+	MK_E_SYNTAX                                                               Handle        = 0x800401E4
+	MK_E_NOOBJECT                                                             Handle        = 0x800401E5
+	MK_E_INVALIDEXTENSION                                                     Handle        = 0x800401E6
+	MK_E_INTERMEDIATEINTERFACENOTSUPPORTED                                    Handle        = 0x800401E7
+	MK_E_NOTBINDABLE                                                          Handle        = 0x800401E8
+	MK_E_NOTBOUND                                                             Handle        = 0x800401E9
+	MK_E_CANTOPENFILE                                                         Handle        = 0x800401EA
+	MK_E_MUSTBOTHERUSER                                                       Handle        = 0x800401EB
+	MK_E_NOINVERSE                                                            Handle        = 0x800401EC
+	MK_E_NOSTORAGE                                                            Handle        = 0x800401ED
+	MK_E_NOPREFIX                                                             Handle        = 0x800401EE
+	MK_E_ENUMERATION_FAILED                                                   Handle        = 0x800401EF
+	CO_E_FIRST                                                                syscall.Errno = 0x800401F0
+	CO_E_LAST                                                                 syscall.Errno = 0x800401FF
+	CO_S_FIRST                                                                syscall.Errno = 0x000401F0
+	CO_S_LAST                                                                 syscall.Errno = 0x000401FF
+	CO_E_NOTINITIALIZED                                                       Handle        = 0x800401F0
+	CO_E_ALREADYINITIALIZED                                                   Handle        = 0x800401F1
+	CO_E_CANTDETERMINECLASS                                                   Handle        = 0x800401F2
+	CO_E_CLASSSTRING                                                          Handle        = 0x800401F3
+	CO_E_IIDSTRING                                                            Handle        = 0x800401F4
+	CO_E_APPNOTFOUND                                                          Handle        = 0x800401F5
+	CO_E_APPSINGLEUSE                                                         Handle        = 0x800401F6
+	CO_E_ERRORINAPP                                                           Handle        = 0x800401F7
+	CO_E_DLLNOTFOUND                                                          Handle        = 0x800401F8
+	CO_E_ERRORINDLL                                                           Handle        = 0x800401F9
+	CO_E_WRONGOSFORAPP                                                        Handle        = 0x800401FA
+	CO_E_OBJNOTREG                                                            Handle        = 0x800401FB
+	CO_E_OBJISREG                                                             Handle        = 0x800401FC
+	CO_E_OBJNOTCONNECTED                                                      Handle        = 0x800401FD
+	CO_E_APPDIDNTREG                                                          Handle        = 0x800401FE
+	CO_E_RELEASED                                                             Handle        = 0x800401FF
+	EVENT_E_FIRST                                                             syscall.Errno = 0x80040200
+	EVENT_E_LAST                                                              syscall.Errno = 0x8004021F
+	EVENT_S_FIRST                                                             syscall.Errno = 0x00040200
+	EVENT_S_LAST                                                              syscall.Errno = 0x0004021F
+	EVENT_S_SOME_SUBSCRIBERS_FAILED                                           Handle        = 0x00040200
+	EVENT_E_ALL_SUBSCRIBERS_FAILED                                            Handle        = 0x80040201
+	EVENT_S_NOSUBSCRIBERS                                                     Handle        = 0x00040202
+	EVENT_E_QUERYSYNTAX                                                       Handle        = 0x80040203
+	EVENT_E_QUERYFIELD                                                        Handle        = 0x80040204
+	EVENT_E_INTERNALEXCEPTION                                                 Handle        = 0x80040205
+	EVENT_E_INTERNALERROR                                                     Handle        = 0x80040206
+	EVENT_E_INVALID_PER_USER_SID                                              Handle        = 0x80040207
+	EVENT_E_USER_EXCEPTION                                                    Handle        = 0x80040208
+	EVENT_E_TOO_MANY_METHODS                                                  Handle        = 0x80040209
+	EVENT_E_MISSING_EVENTCLASS                                                Handle        = 0x8004020A
+	EVENT_E_NOT_ALL_REMOVED                                                   Handle        = 0x8004020B
+	EVENT_E_COMPLUS_NOT_INSTALLED                                             Handle        = 0x8004020C
+	EVENT_E_CANT_MODIFY_OR_DELETE_UNCONFIGURED_OBJECT                         Handle        = 0x8004020D
+	EVENT_E_CANT_MODIFY_OR_DELETE_CONFIGURED_OBJECT                           Handle        = 0x8004020E
+	EVENT_E_INVALID_EVENT_CLASS_PARTITION                                     Handle        = 0x8004020F
+	EVENT_E_PER_USER_SID_NOT_LOGGED_ON                                        Handle        = 0x80040210
+	TPC_E_INVALID_PROPERTY                                                    Handle        = 0x80040241
+	TPC_E_NO_DEFAULT_TABLET                                                   Handle        = 0x80040212
+	TPC_E_UNKNOWN_PROPERTY                                                    Handle        = 0x8004021B
+	TPC_E_INVALID_INPUT_RECT                                                  Handle        = 0x80040219
+	TPC_E_INVALID_STROKE                                                      Handle        = 0x80040222
+	TPC_E_INITIALIZE_FAIL                                                     Handle        = 0x80040223
+	TPC_E_NOT_RELEVANT                                                        Handle        = 0x80040232
+	TPC_E_INVALID_PACKET_DESCRIPTION                                          Handle        = 0x80040233
+	TPC_E_RECOGNIZER_NOT_REGISTERED                                           Handle        = 0x80040235
+	TPC_E_INVALID_RIGHTS                                                      Handle        = 0x80040236
+	TPC_E_OUT_OF_ORDER_CALL                                                   Handle        = 0x80040237
+	TPC_E_QUEUE_FULL                                                          Handle        = 0x80040238
+	TPC_E_INVALID_CONFIGURATION                                               Handle        = 0x80040239
+	TPC_E_INVALID_DATA_FROM_RECOGNIZER                                        Handle        = 0x8004023A
+	TPC_S_TRUNCATED                                                           Handle        = 0x00040252
+	TPC_S_INTERRUPTED                                                         Handle        = 0x00040253
+	TPC_S_NO_DATA_TO_PROCESS                                                  Handle        = 0x00040254
+	XACT_E_FIRST                                                              syscall.Errno = 0x8004D000
+	XACT_E_LAST                                                               syscall.Errno = 0x8004D02B
+	XACT_S_FIRST                                                              syscall.Errno = 0x0004D000
+	XACT_S_LAST                                                               syscall.Errno = 0x0004D010
+	XACT_E_ALREADYOTHERSINGLEPHASE                                            Handle        = 0x8004D000
+	XACT_E_CANTRETAIN                                                         Handle        = 0x8004D001
+	XACT_E_COMMITFAILED                                                       Handle        = 0x8004D002
+	XACT_E_COMMITPREVENTED                                                    Handle        = 0x8004D003
+	XACT_E_HEURISTICABORT                                                     Handle        = 0x8004D004
+	XACT_E_HEURISTICCOMMIT                                                    Handle        = 0x8004D005
+	XACT_E_HEURISTICDAMAGE                                                    Handle        = 0x8004D006
+	XACT_E_HEURISTICDANGER                                                    Handle        = 0x8004D007
+	XACT_E_ISOLATIONLEVEL                                                     Handle        = 0x8004D008
+	XACT_E_NOASYNC                                                            Handle        = 0x8004D009
+	XACT_E_NOENLIST                                                           Handle        = 0x8004D00A
+	XACT_E_NOISORETAIN                                                        Handle        = 0x8004D00B
+	XACT_E_NORESOURCE                                                         Handle        = 0x8004D00C
+	XACT_E_NOTCURRENT                                                         Handle        = 0x8004D00D
+	XACT_E_NOTRANSACTION                                                      Handle        = 0x8004D00E
+	XACT_E_NOTSUPPORTED                                                       Handle        = 0x8004D00F
+	XACT_E_UNKNOWNRMGRID                                                      Handle        = 0x8004D010
+	XACT_E_WRONGSTATE                                                         Handle        = 0x8004D011
+	XACT_E_WRONGUOW                                                           Handle        = 0x8004D012
+	XACT_E_XTIONEXISTS                                                        Handle        = 0x8004D013
+	XACT_E_NOIMPORTOBJECT                                                     Handle        = 0x8004D014
+	XACT_E_INVALIDCOOKIE                                                      Handle        = 0x8004D015
+	XACT_E_INDOUBT                                                            Handle        = 0x8004D016
+	XACT_E_NOTIMEOUT                                                          Handle        = 0x8004D017
+	XACT_E_ALREADYINPROGRESS                                                  Handle        = 0x8004D018
+	XACT_E_ABORTED                                                            Handle        = 0x8004D019
+	XACT_E_LOGFULL                                                            Handle        = 0x8004D01A
+	XACT_E_TMNOTAVAILABLE                                                     Handle        = 0x8004D01B
+	XACT_E_CONNECTION_DOWN                                                    Handle        = 0x8004D01C
+	XACT_E_CONNECTION_DENIED                                                  Handle        = 0x8004D01D
+	XACT_E_REENLISTTIMEOUT                                                    Handle        = 0x8004D01E
+	XACT_E_TIP_CONNECT_FAILED                                                 Handle        = 0x8004D01F
+	XACT_E_TIP_PROTOCOL_ERROR                                                 Handle        = 0x8004D020
+	XACT_E_TIP_PULL_FAILED                                                    Handle        = 0x8004D021
+	XACT_E_DEST_TMNOTAVAILABLE                                                Handle        = 0x8004D022
+	XACT_E_TIP_DISABLED                                                       Handle        = 0x8004D023
+	XACT_E_NETWORK_TX_DISABLED                                                Handle        = 0x8004D024
+	XACT_E_PARTNER_NETWORK_TX_DISABLED                                        Handle        = 0x8004D025
+	XACT_E_XA_TX_DISABLED                                                     Handle        = 0x8004D026
+	XACT_E_UNABLE_TO_READ_DTC_CONFIG                                          Handle        = 0x8004D027
+	XACT_E_UNABLE_TO_LOAD_DTC_PROXY                                           Handle        = 0x8004D028
+	XACT_E_ABORTING                                                           Handle        = 0x8004D029
+	XACT_E_PUSH_COMM_FAILURE                                                  Handle        = 0x8004D02A
+	XACT_E_PULL_COMM_FAILURE                                                  Handle        = 0x8004D02B
+	XACT_E_LU_TX_DISABLED                                                     Handle        = 0x8004D02C
+	XACT_E_CLERKNOTFOUND                                                      Handle        = 0x8004D080
+	XACT_E_CLERKEXISTS                                                        Handle        = 0x8004D081
+	XACT_E_RECOVERYINPROGRESS                                                 Handle        = 0x8004D082
+	XACT_E_TRANSACTIONCLOSED                                                  Handle        = 0x8004D083
+	XACT_E_INVALIDLSN                                                         Handle        = 0x8004D084
+	XACT_E_REPLAYREQUEST                                                      Handle        = 0x8004D085
+	XACT_S_ASYNC                                                              Handle        = 0x0004D000
+	XACT_S_DEFECT                                                             Handle        = 0x0004D001
+	XACT_S_READONLY                                                           Handle        = 0x0004D002
+	XACT_S_SOMENORETAIN                                                       Handle        = 0x0004D003
+	XACT_S_OKINFORM                                                           Handle        = 0x0004D004
+	XACT_S_MADECHANGESCONTENT                                                 Handle        = 0x0004D005
+	XACT_S_MADECHANGESINFORM                                                  Handle        = 0x0004D006
+	XACT_S_ALLNORETAIN                                                        Handle        = 0x0004D007
+	XACT_S_ABORTING                                                           Handle        = 0x0004D008
+	XACT_S_SINGLEPHASE                                                        Handle        = 0x0004D009
+	XACT_S_LOCALLY_OK                                                         Handle        = 0x0004D00A
+	XACT_S_LASTRESOURCEMANAGER                                                Handle        = 0x0004D010
+	CONTEXT_E_FIRST                                                           syscall.Errno = 0x8004E000
+	CONTEXT_E_LAST                                                            syscall.Errno = 0x8004E02F
+	CONTEXT_S_FIRST                                                           syscall.Errno = 0x0004E000
+	CONTEXT_S_LAST                                                            syscall.Errno = 0x0004E02F
+	CONTEXT_E_ABORTED                                                         Handle        = 0x8004E002
+	CONTEXT_E_ABORTING                                                        Handle        = 0x8004E003
+	CONTEXT_E_NOCONTEXT                                                       Handle        = 0x8004E004
+	CONTEXT_E_WOULD_DEADLOCK                                                  Handle        = 0x8004E005
+	CONTEXT_E_SYNCH_TIMEOUT                                                   Handle        = 0x8004E006
+	CONTEXT_E_OLDREF                                                          Handle        = 0x8004E007
+	CONTEXT_E_ROLENOTFOUND                                                    Handle        = 0x8004E00C
+	CONTEXT_E_TMNOTAVAILABLE                                                  Handle        = 0x8004E00F
+	CO_E_ACTIVATIONFAILED                                                     Handle        = 0x8004E021
+	CO_E_ACTIVATIONFAILED_EVENTLOGGED                                         Handle        = 0x8004E022
+	CO_E_ACTIVATIONFAILED_CATALOGERROR                                        Handle        = 0x8004E023
+	CO_E_ACTIVATIONFAILED_TIMEOUT                                             Handle        = 0x8004E024
+	CO_E_INITIALIZATIONFAILED                                                 Handle        = 0x8004E025
+	CONTEXT_E_NOJIT                                                           Handle        = 0x8004E026
+	CONTEXT_E_NOTRANSACTION                                                   Handle        = 0x8004E027
+	CO_E_THREADINGMODEL_CHANGED                                               Handle        = 0x8004E028
+	CO_E_NOIISINTRINSICS                                                      Handle        = 0x8004E029
+	CO_E_NOCOOKIES                                                            Handle        = 0x8004E02A
+	CO_E_DBERROR                                                              Handle        = 0x8004E02B
+	CO_E_NOTPOOLED                                                            Handle        = 0x8004E02C
+	CO_E_NOTCONSTRUCTED                                                       Handle        = 0x8004E02D
+	CO_E_NOSYNCHRONIZATION                                                    Handle        = 0x8004E02E
+	CO_E_ISOLEVELMISMATCH                                                     Handle        = 0x8004E02F
+	CO_E_CALL_OUT_OF_TX_SCOPE_NOT_ALLOWED                                     Handle        = 0x8004E030
+	CO_E_EXIT_TRANSACTION_SCOPE_NOT_CALLED                                    Handle        = 0x8004E031
+	OLE_S_USEREG                                                              Handle        = 0x00040000
+	OLE_S_STATIC                                                              Handle        = 0x00040001
+	OLE_S_MAC_CLIPFORMAT                                                      Handle        = 0x00040002
+	DRAGDROP_S_DROP                                                           Handle        = 0x00040100
+	DRAGDROP_S_CANCEL                                                         Handle        = 0x00040101
+	DRAGDROP_S_USEDEFAULTCURSORS                                              Handle        = 0x00040102
+	DATA_S_SAMEFORMATETC                                                      Handle        = 0x00040130
+	VIEW_S_ALREADY_FROZEN                                                     Handle        = 0x00040140
+	CACHE_S_FORMATETC_NOTSUPPORTED                                            Handle        = 0x00040170
+	CACHE_S_SAMECACHE                                                         Handle        = 0x00040171
+	CACHE_S_SOMECACHES_NOTUPDATED                                             Handle        = 0x00040172
+	OLEOBJ_S_INVALIDVERB                                                      Handle        = 0x00040180
+	OLEOBJ_S_CANNOT_DOVERB_NOW                                                Handle        = 0x00040181
+	OLEOBJ_S_INVALIDHWND                                                      Handle        = 0x00040182
+	INPLACE_S_TRUNCATED                                                       Handle        = 0x000401A0
+	CONVERT10_S_NO_PRESENTATION                                               Handle        = 0x000401C0
+	MK_S_REDUCED_TO_SELF                                                      Handle        = 0x000401E2
+	MK_S_ME                                                                   Handle        = 0x000401E4
+	MK_S_HIM                                                                  Handle        = 0x000401E5
+	MK_S_US                                                                   Handle        = 0x000401E6
+	MK_S_MONIKERALREADYREGISTERED                                             Handle        = 0x000401E7
+	SCHED_S_TASK_READY                                                        Handle        = 0x00041300
+	SCHED_S_TASK_RUNNING                                                      Handle        = 0x00041301
+	SCHED_S_TASK_DISABLED                                                     Handle        = 0x00041302
+	SCHED_S_TASK_HAS_NOT_RUN                                                  Handle        = 0x00041303
+	SCHED_S_TASK_NO_MORE_RUNS                                                 Handle        = 0x00041304
+	SCHED_S_TASK_NOT_SCHEDULED                                                Handle        = 0x00041305
+	SCHED_S_TASK_TERMINATED                                                   Handle        = 0x00041306
+	SCHED_S_TASK_NO_VALID_TRIGGERS                                            Handle        = 0x00041307
+	SCHED_S_EVENT_TRIGGER                                                     Handle        = 0x00041308
+	SCHED_E_TRIGGER_NOT_FOUND                                                 Handle        = 0x80041309
+	SCHED_E_TASK_NOT_READY                                                    Handle        = 0x8004130A
+	SCHED_E_TASK_NOT_RUNNING                                                  Handle        = 0x8004130B
+	SCHED_E_SERVICE_NOT_INSTALLED                                             Handle        = 0x8004130C
+	SCHED_E_CANNOT_OPEN_TASK                                                  Handle        = 0x8004130D
+	SCHED_E_INVALID_TASK                                                      Handle        = 0x8004130E
+	SCHED_E_ACCOUNT_INFORMATION_NOT_SET                                       Handle        = 0x8004130F
+	SCHED_E_ACCOUNT_NAME_NOT_FOUND                                            Handle        = 0x80041310
+	SCHED_E_ACCOUNT_DBASE_CORRUPT                                             Handle        = 0x80041311
+	SCHED_E_NO_SECURITY_SERVICES                                              Handle        = 0x80041312
+	SCHED_E_UNKNOWN_OBJECT_VERSION                                            Handle        = 0x80041313
+	SCHED_E_UNSUPPORTED_ACCOUNT_OPTION                                        Handle        = 0x80041314
+	SCHED_E_SERVICE_NOT_RUNNING                                               Handle        = 0x80041315
+	SCHED_E_UNEXPECTEDNODE                                                    Handle        = 0x80041316
+	SCHED_E_NAMESPACE                                                         Handle        = 0x80041317
+	SCHED_E_INVALIDVALUE                                                      Handle        = 0x80041318
+	SCHED_E_MISSINGNODE                                                       Handle        = 0x80041319
+	SCHED_E_MALFORMEDXML                                                      Handle        = 0x8004131A
+	SCHED_S_SOME_TRIGGERS_FAILED                                              Handle        = 0x0004131B
+	SCHED_S_BATCH_LOGON_PROBLEM                                               Handle        = 0x0004131C
+	SCHED_E_TOO_MANY_NODES                                                    Handle        = 0x8004131D
+	SCHED_E_PAST_END_BOUNDARY                                                 Handle        = 0x8004131E
+	SCHED_E_ALREADY_RUNNING                                                   Handle        = 0x8004131F
+	SCHED_E_USER_NOT_LOGGED_ON                                                Handle        = 0x80041320
+	SCHED_E_INVALID_TASK_HASH                                                 Handle        = 0x80041321
+	SCHED_E_SERVICE_NOT_AVAILABLE                                             Handle        = 0x80041322
+	SCHED_E_SERVICE_TOO_BUSY                                                  Handle        = 0x80041323
+	SCHED_E_TASK_ATTEMPTED                                                    Handle        = 0x80041324
+	SCHED_S_TASK_QUEUED                                                       Handle        = 0x00041325
+	SCHED_E_TASK_DISABLED                                                     Handle        = 0x80041326
+	SCHED_E_TASK_NOT_V1_COMPAT                                                Handle        = 0x80041327
+	SCHED_E_START_ON_DEMAND                                                   Handle        = 0x80041328
+	SCHED_E_TASK_NOT_UBPM_COMPAT                                              Handle        = 0x80041329
+	SCHED_E_DEPRECATED_FEATURE_USED                                           Handle        = 0x80041330
+	CO_E_CLASS_CREATE_FAILED                                                  Handle        = 0x80080001
+	CO_E_SCM_ERROR                                                            Handle        = 0x80080002
+	CO_E_SCM_RPC_FAILURE                                                      Handle        = 0x80080003
+	CO_E_BAD_PATH                                                             Handle        = 0x80080004
+	CO_E_SERVER_EXEC_FAILURE                                                  Handle        = 0x80080005
+	CO_E_OBJSRV_RPC_FAILURE                                                   Handle        = 0x80080006
+	MK_E_NO_NORMALIZED                                                        Handle        = 0x80080007
+	CO_E_SERVER_STOPPING                                                      Handle        = 0x80080008
+	MEM_E_INVALID_ROOT                                                        Handle        = 0x80080009
+	MEM_E_INVALID_LINK                                                        Handle        = 0x80080010
+	MEM_E_INVALID_SIZE                                                        Handle        = 0x80080011
+	CO_S_NOTALLINTERFACES                                                     Handle        = 0x00080012
+	CO_S_MACHINENAMENOTFOUND                                                  Handle        = 0x00080013
+	CO_E_MISSING_DISPLAYNAME                                                  Handle        = 0x80080015
+	CO_E_RUNAS_VALUE_MUST_BE_AAA                                              Handle        = 0x80080016
+	CO_E_ELEVATION_DISABLED                                                   Handle        = 0x80080017
+	APPX_E_PACKAGING_INTERNAL                                                 Handle        = 0x80080200
+	APPX_E_INTERLEAVING_NOT_ALLOWED                                           Handle        = 0x80080201
+	APPX_E_RELATIONSHIPS_NOT_ALLOWED                                          Handle        = 0x80080202
+	APPX_E_MISSING_REQUIRED_FILE                                              Handle        = 0x80080203
+	APPX_E_INVALID_MANIFEST                                                   Handle        = 0x80080204
+	APPX_E_INVALID_BLOCKMAP                                                   Handle        = 0x80080205
+	APPX_E_CORRUPT_CONTENT                                                    Handle        = 0x80080206
+	APPX_E_BLOCK_HASH_INVALID                                                 Handle        = 0x80080207
+	APPX_E_REQUESTED_RANGE_TOO_LARGE                                          Handle        = 0x80080208
+	APPX_E_INVALID_SIP_CLIENT_DATA                                            Handle        = 0x80080209
+	APPX_E_INVALID_KEY_INFO                                                   Handle        = 0x8008020A
+	APPX_E_INVALID_CONTENTGROUPMAP                                            Handle        = 0x8008020B
+	APPX_E_INVALID_APPINSTALLER                                               Handle        = 0x8008020C
+	APPX_E_DELTA_BASELINE_VERSION_MISMATCH                                    Handle        = 0x8008020D
+	APPX_E_DELTA_PACKAGE_MISSING_FILE                                         Handle        = 0x8008020E
+	APPX_E_INVALID_DELTA_PACKAGE                                              Handle        = 0x8008020F
+	APPX_E_DELTA_APPENDED_PACKAGE_NOT_ALLOWED                                 Handle        = 0x80080210
+	APPX_E_INVALID_PACKAGING_LAYOUT                                           Handle        = 0x80080211
+	APPX_E_INVALID_PACKAGESIGNCONFIG                                          Handle        = 0x80080212
+	APPX_E_RESOURCESPRI_NOT_ALLOWED                                           Handle        = 0x80080213
+	APPX_E_FILE_COMPRESSION_MISMATCH                                          Handle        = 0x80080214
+	APPX_E_INVALID_PAYLOAD_PACKAGE_EXTENSION                                  Handle        = 0x80080215
+	APPX_E_INVALID_ENCRYPTION_EXCLUSION_FILE_LIST                             Handle        = 0x80080216
+	BT_E_SPURIOUS_ACTIVATION                                                  Handle        = 0x80080300
+	DISP_E_UNKNOWNINTERFACE                                                   Handle        = 0x80020001
+	DISP_E_MEMBERNOTFOUND                                                     Handle        = 0x80020003
+	DISP_E_PARAMNOTFOUND                                                      Handle        = 0x80020004
+	DISP_E_TYPEMISMATCH                                                       Handle        = 0x80020005
+	DISP_E_UNKNOWNNAME                                                        Handle        = 0x80020006
+	DISP_E_NONAMEDARGS                                                        Handle        = 0x80020007
+	DISP_E_BADVARTYPE                                                         Handle        = 0x80020008
+	DISP_E_EXCEPTION                                                          Handle        = 0x80020009
+	DISP_E_OVERFLOW                                                           Handle        = 0x8002000A
+	DISP_E_BADINDEX                                                           Handle        = 0x8002000B
+	DISP_E_UNKNOWNLCID                                                        Handle        = 0x8002000C
+	DISP_E_ARRAYISLOCKED                                                      Handle        = 0x8002000D
+	DISP_E_BADPARAMCOUNT                                                      Handle        = 0x8002000E
+	DISP_E_PARAMNOTOPTIONAL                                                   Handle        = 0x8002000F
+	DISP_E_BADCALLEE                                                          Handle        = 0x80020010
+	DISP_E_NOTACOLLECTION                                                     Handle        = 0x80020011
+	DISP_E_DIVBYZERO                                                          Handle        = 0x80020012
+	DISP_E_BUFFERTOOSMALL                                                     Handle        = 0x80020013
+	TYPE_E_BUFFERTOOSMALL                                                     Handle        = 0x80028016
+	TYPE_E_FIELDNOTFOUND                                                      Handle        = 0x80028017
+	TYPE_E_INVDATAREAD                                                        Handle        = 0x80028018
+	TYPE_E_UNSUPFORMAT                                                        Handle        = 0x80028019
+	TYPE_E_REGISTRYACCESS                                                     Handle        = 0x8002801C
+	TYPE_E_LIBNOTREGISTERED                                                   Handle        = 0x8002801D
+	TYPE_E_UNDEFINEDTYPE                                                      Handle        = 0x80028027
+	TYPE_E_QUALIFIEDNAMEDISALLOWED                                            Handle        = 0x80028028
+	TYPE_E_INVALIDSTATE                                                       Handle        = 0x80028029
+	TYPE_E_WRONGTYPEKIND                                                      Handle        = 0x8002802A
+	TYPE_E_ELEMENTNOTFOUND                                                    Handle        = 0x8002802B
+	TYPE_E_AMBIGUOUSNAME                                                      Handle        = 0x8002802C
+	TYPE_E_NAMECONFLICT                                                       Handle        = 0x8002802D
+	TYPE_E_UNKNOWNLCID                                                        Handle        = 0x8002802E
+	TYPE_E_DLLFUNCTIONNOTFOUND                                                Handle        = 0x8002802F
+	TYPE_E_BADMODULEKIND                                                      Handle        = 0x800288BD
+	TYPE_E_SIZETOOBIG                                                         Handle        = 0x800288C5
+	TYPE_E_DUPLICATEID                                                        Handle        = 0x800288C6
+	TYPE_E_INVALIDID                                                          Handle        = 0x800288CF
+	TYPE_E_TYPEMISMATCH                                                       Handle        = 0x80028CA0
+	TYPE_E_OUTOFBOUNDS                                                        Handle        = 0x80028CA1
+	TYPE_E_IOERROR                                                            Handle        = 0x80028CA2
+	TYPE_E_CANTCREATETMPFILE                                                  Handle        = 0x80028CA3
+	TYPE_E_CANTLOADLIBRARY                                                    Handle        = 0x80029C4A
+	TYPE_E_INCONSISTENTPROPFUNCS                                              Handle        = 0x80029C83
+	TYPE_E_CIRCULARTYPE                                                       Handle        = 0x80029C84
+	STG_E_INVALIDFUNCTION                                                     Handle        = 0x80030001
+	STG_E_FILENOTFOUND                                                        Handle        = 0x80030002
+	STG_E_PATHNOTFOUND                                                        Handle        = 0x80030003
+	STG_E_TOOMANYOPENFILES                                                    Handle        = 0x80030004
+	STG_E_ACCESSDENIED                                                        Handle        = 0x80030005
+	STG_E_INVALIDHANDLE                                                       Handle        = 0x80030006
+	STG_E_INSUFFICIENTMEMORY                                                  Handle        = 0x80030008
+	STG_E_INVALIDPOINTER                                                      Handle        = 0x80030009
+	STG_E_NOMOREFILES                                                         Handle        = 0x80030012
+	STG_E_DISKISWRITEPROTECTED                                                Handle        = 0x80030013
+	STG_E_SEEKERROR                                                           Handle        = 0x80030019
+	STG_E_WRITEFAULT                                                          Handle        = 0x8003001D
+	STG_E_READFAULT                                                           Handle        = 0x8003001E
+	STG_E_SHAREVIOLATION                                                      Handle        = 0x80030020
+	STG_E_LOCKVIOLATION                                                       Handle        = 0x80030021
+	STG_E_FILEALREADYEXISTS                                                   Handle        = 0x80030050
+	STG_E_INVALIDPARAMETER                                                    Handle        = 0x80030057
+	STG_E_MEDIUMFULL                                                          Handle        = 0x80030070
+	STG_E_PROPSETMISMATCHED                                                   Handle        = 0x800300F0
+	STG_E_ABNORMALAPIEXIT                                                     Handle        = 0x800300FA
+	STG_E_INVALIDHEADER                                                       Handle        = 0x800300FB
+	STG_E_INVALIDNAME                                                         Handle        = 0x800300FC
+	STG_E_UNKNOWN                                                             Handle        = 0x800300FD
+	STG_E_UNIMPLEMENTEDFUNCTION                                               Handle        = 0x800300FE
+	STG_E_INVALIDFLAG                                                         Handle        = 0x800300FF
+	STG_E_INUSE                                                               Handle        = 0x80030100
+	STG_E_NOTCURRENT                                                          Handle        = 0x80030101
+	STG_E_REVERTED                                                            Handle        = 0x80030102
+	STG_E_CANTSAVE                                                            Handle        = 0x80030103
+	STG_E_OLDFORMAT                                                           Handle        = 0x80030104
+	STG_E_OLDDLL                                                              Handle        = 0x80030105
+	STG_E_SHAREREQUIRED                                                       Handle        = 0x80030106
+	STG_E_NOTFILEBASEDSTORAGE                                                 Handle        = 0x80030107
+	STG_E_EXTANTMARSHALLINGS                                                  Handle        = 0x80030108
+	STG_E_DOCFILECORRUPT                                                      Handle        = 0x80030109
+	STG_E_BADBASEADDRESS                                                      Handle        = 0x80030110
+	STG_E_DOCFILETOOLARGE                                                     Handle        = 0x80030111
+	STG_E_NOTSIMPLEFORMAT                                                     Handle        = 0x80030112
+	STG_E_INCOMPLETE                                                          Handle        = 0x80030201
+	STG_E_TERMINATED                                                          Handle        = 0x80030202
+	STG_S_CONVERTED                                                           Handle        = 0x00030200
+	STG_S_BLOCK                                                               Handle        = 0x00030201
+	STG_S_RETRYNOW                                                            Handle        = 0x00030202
+	STG_S_MONITORING                                                          Handle        = 0x00030203
+	STG_S_MULTIPLEOPENS                                                       Handle        = 0x00030204
+	STG_S_CONSOLIDATIONFAILED                                                 Handle        = 0x00030205
+	STG_S_CANNOTCONSOLIDATE                                                   Handle        = 0x00030206
+	STG_S_POWER_CYCLE_REQUIRED                                                Handle        = 0x00030207
+	STG_E_FIRMWARE_SLOT_INVALID                                               Handle        = 0x80030208
+	STG_E_FIRMWARE_IMAGE_INVALID                                              Handle        = 0x80030209
+	STG_E_DEVICE_UNRESPONSIVE                                                 Handle        = 0x8003020A
+	STG_E_STATUS_COPY_PROTECTION_FAILURE                                      Handle        = 0x80030305
+	STG_E_CSS_AUTHENTICATION_FAILURE                                          Handle        = 0x80030306
+	STG_E_CSS_KEY_NOT_PRESENT                                                 Handle        = 0x80030307
+	STG_E_CSS_KEY_NOT_ESTABLISHED                                             Handle        = 0x80030308
+	STG_E_CSS_SCRAMBLED_SECTOR                                                Handle        = 0x80030309
+	STG_E_CSS_REGION_MISMATCH                                                 Handle        = 0x8003030A
+	STG_E_RESETS_EXHAUSTED                                                    Handle        = 0x8003030B
+	RPC_E_CALL_REJECTED                                                       Handle        = 0x80010001
+	RPC_E_CALL_CANCELED                                                       Handle        = 0x80010002
+	RPC_E_CANTPOST_INSENDCALL                                                 Handle        = 0x80010003
+	RPC_E_CANTCALLOUT_INASYNCCALL                                             Handle        = 0x80010004
+	RPC_E_CANTCALLOUT_INEXTERNALCALL                                          Handle        = 0x80010005
+	RPC_E_CONNECTION_TERMINATED                                               Handle        = 0x80010006
+	RPC_E_SERVER_DIED                                                         Handle        = 0x80010007
+	RPC_E_CLIENT_DIED                                                         Handle        = 0x80010008
+	RPC_E_INVALID_DATAPACKET                                                  Handle        = 0x80010009
+	RPC_E_CANTTRANSMIT_CALL                                                   Handle        = 0x8001000A
+	RPC_E_CLIENT_CANTMARSHAL_DATA                                             Handle        = 0x8001000B
+	RPC_E_CLIENT_CANTUNMARSHAL_DATA                                           Handle        = 0x8001000C
+	RPC_E_SERVER_CANTMARSHAL_DATA                                             Handle        = 0x8001000D
+	RPC_E_SERVER_CANTUNMARSHAL_DATA                                           Handle        = 0x8001000E
+	RPC_E_INVALID_DATA                                                        Handle        = 0x8001000F
+	RPC_E_INVALID_PARAMETER                                                   Handle        = 0x80010010
+	RPC_E_CANTCALLOUT_AGAIN                                                   Handle        = 0x80010011
+	RPC_E_SERVER_DIED_DNE                                                     Handle        = 0x80010012
+	RPC_E_SYS_CALL_FAILED                                                     Handle        = 0x80010100
+	RPC_E_OUT_OF_RESOURCES                                                    Handle        = 0x80010101
+	RPC_E_ATTEMPTED_MULTITHREAD                                               Handle        = 0x80010102
+	RPC_E_NOT_REGISTERED                                                      Handle        = 0x80010103
+	RPC_E_FAULT                                                               Handle        = 0x80010104
+	RPC_E_SERVERFAULT                                                         Handle        = 0x80010105
+	RPC_E_CHANGED_MODE                                                        Handle        = 0x80010106
+	RPC_E_INVALIDMETHOD                                                       Handle        = 0x80010107
+	RPC_E_DISCONNECTED                                                        Handle        = 0x80010108
+	RPC_E_RETRY                                                               Handle        = 0x80010109
+	RPC_E_SERVERCALL_RETRYLATER                                               Handle        = 0x8001010A
+	RPC_E_SERVERCALL_REJECTED                                                 Handle        = 0x8001010B
+	RPC_E_INVALID_CALLDATA                                                    Handle        = 0x8001010C
+	RPC_E_CANTCALLOUT_ININPUTSYNCCALL                                         Handle        = 0x8001010D
+	RPC_E_WRONG_THREAD                                                        Handle        = 0x8001010E
+	RPC_E_THREAD_NOT_INIT                                                     Handle        = 0x8001010F
+	RPC_E_VERSION_MISMATCH                                                    Handle        = 0x80010110
+	RPC_E_INVALID_HEADER                                                      Handle        = 0x80010111
+	RPC_E_INVALID_EXTENSION                                                   Handle        = 0x80010112
+	RPC_E_INVALID_IPID                                                        Handle        = 0x80010113
+	RPC_E_INVALID_OBJECT                                                      Handle        = 0x80010114
+	RPC_S_CALLPENDING                                                         Handle        = 0x80010115
+	RPC_S_WAITONTIMER                                                         Handle        = 0x80010116
+	RPC_E_CALL_COMPLETE                                                       Handle        = 0x80010117
+	RPC_E_UNSECURE_CALL                                                       Handle        = 0x80010118
+	RPC_E_TOO_LATE                                                            Handle        = 0x80010119
+	RPC_E_NO_GOOD_SECURITY_PACKAGES                                           Handle        = 0x8001011A
+	RPC_E_ACCESS_DENIED                                                       Handle        = 0x8001011B
+	RPC_E_REMOTE_DISABLED                                                     Handle        = 0x8001011C
+	RPC_E_INVALID_OBJREF                                                      Handle        = 0x8001011D
+	RPC_E_NO_CONTEXT                                                          Handle        = 0x8001011E
+	RPC_E_TIMEOUT                                                             Handle        = 0x8001011F
+	RPC_E_NO_SYNC                                                             Handle        = 0x80010120
+	RPC_E_FULLSIC_REQUIRED                                                    Handle        = 0x80010121
+	RPC_E_INVALID_STD_NAME                                                    Handle        = 0x80010122
+	CO_E_FAILEDTOIMPERSONATE                                                  Handle        = 0x80010123
+	CO_E_FAILEDTOGETSECCTX                                                    Handle        = 0x80010124
+	CO_E_FAILEDTOOPENTHREADTOKEN                                              Handle        = 0x80010125
+	CO_E_FAILEDTOGETTOKENINFO                                                 Handle        = 0x80010126
+	CO_E_TRUSTEEDOESNTMATCHCLIENT                                             Handle        = 0x80010127
+	CO_E_FAILEDTOQUERYCLIENTBLANKET                                           Handle        = 0x80010128
+	CO_E_FAILEDTOSETDACL                                                      Handle        = 0x80010129
+	CO_E_ACCESSCHECKFAILED                                                    Handle        = 0x8001012A
+	CO_E_NETACCESSAPIFAILED                                                   Handle        = 0x8001012B
+	CO_E_WRONGTRUSTEENAMESYNTAX                                               Handle        = 0x8001012C
+	CO_E_INVALIDSID                                                           Handle        = 0x8001012D
+	CO_E_CONVERSIONFAILED                                                     Handle        = 0x8001012E
+	CO_E_NOMATCHINGSIDFOUND                                                   Handle        = 0x8001012F
+	CO_E_LOOKUPACCSIDFAILED                                                   Handle        = 0x80010130
+	CO_E_NOMATCHINGNAMEFOUND                                                  Handle        = 0x80010131
+	CO_E_LOOKUPACCNAMEFAILED                                                  Handle        = 0x80010132
+	CO_E_SETSERLHNDLFAILED                                                    Handle        = 0x80010133
+	CO_E_FAILEDTOGETWINDIR                                                    Handle        = 0x80010134
+	CO_E_PATHTOOLONG                                                          Handle        = 0x80010135
+	CO_E_FAILEDTOGENUUID                                                      Handle        = 0x80010136
+	CO_E_FAILEDTOCREATEFILE                                                   Handle        = 0x80010137
+	CO_E_FAILEDTOCLOSEHANDLE                                                  Handle        = 0x80010138
+	CO_E_EXCEEDSYSACLLIMIT                                                    Handle        = 0x80010139
+	CO_E_ACESINWRONGORDER                                                     Handle        = 0x8001013A
+	CO_E_INCOMPATIBLESTREAMVERSION                                            Handle        = 0x8001013B
+	CO_E_FAILEDTOOPENPROCESSTOKEN                                             Handle        = 0x8001013C
+	CO_E_DECODEFAILED                                                         Handle        = 0x8001013D
+	CO_E_ACNOTINITIALIZED                                                     Handle        = 0x8001013F
+	CO_E_CANCEL_DISABLED                                                      Handle        = 0x80010140
+	RPC_E_UNEXPECTED                                                          Handle        = 0x8001FFFF
+	ERROR_AUDITING_DISABLED                                                   Handle        = 0xC0090001
+	ERROR_ALL_SIDS_FILTERED                                                   Handle        = 0xC0090002
+	ERROR_BIZRULES_NOT_ENABLED                                                Handle        = 0xC0090003
+	NTE_BAD_UID                                                               Handle        = 0x80090001
+	NTE_BAD_HASH                                                              Handle        = 0x80090002
+	NTE_BAD_KEY                                                               Handle        = 0x80090003
+	NTE_BAD_LEN                                                               Handle        = 0x80090004
+	NTE_BAD_DATA                                                              Handle        = 0x80090005
+	NTE_BAD_SIGNATURE                                                         Handle        = 0x80090006
+	NTE_BAD_VER                                                               Handle        = 0x80090007
+	NTE_BAD_ALGID                                                             Handle        = 0x80090008
+	NTE_BAD_FLAGS                                                             Handle        = 0x80090009
+	NTE_BAD_TYPE                                                              Handle        = 0x8009000A
+	NTE_BAD_KEY_STATE                                                         Handle        = 0x8009000B
+	NTE_BAD_HASH_STATE                                                        Handle        = 0x8009000C
+	NTE_NO_KEY                                                                Handle        = 0x8009000D
+	NTE_NO_MEMORY                                                             Handle        = 0x8009000E
+	NTE_EXISTS                                                                Handle        = 0x8009000F
+	NTE_PERM                                                                  Handle        = 0x80090010
+	NTE_NOT_FOUND                                                             Handle        = 0x80090011
+	NTE_DOUBLE_ENCRYPT                                                        Handle        = 0x80090012
+	NTE_BAD_PROVIDER                                                          Handle        = 0x80090013
+	NTE_BAD_PROV_TYPE                                                         Handle        = 0x80090014
+	NTE_BAD_PUBLIC_KEY                                                        Handle        = 0x80090015
+	NTE_BAD_KEYSET                                                            Handle        = 0x80090016
+	NTE_PROV_TYPE_NOT_DEF                                                     Handle        = 0x80090017
+	NTE_PROV_TYPE_ENTRY_BAD                                                   Handle        = 0x80090018
+	NTE_KEYSET_NOT_DEF                                                        Handle        = 0x80090019
+	NTE_KEYSET_ENTRY_BAD                                                      Handle        = 0x8009001A
+	NTE_PROV_TYPE_NO_MATCH                                                    Handle        = 0x8009001B
+	NTE_SIGNATURE_FILE_BAD                                                    Handle        = 0x8009001C
+	NTE_PROVIDER_DLL_FAIL                                                     Handle        = 0x8009001D
+	NTE_PROV_DLL_NOT_FOUND                                                    Handle        = 0x8009001E
+	NTE_BAD_KEYSET_PARAM                                                      Handle        = 0x8009001F
+	NTE_FAIL                                                                  Handle        = 0x80090020
+	NTE_SYS_ERR                                                               Handle        = 0x80090021
+	NTE_SILENT_CONTEXT                                                        Handle        = 0x80090022
+	NTE_TOKEN_KEYSET_STORAGE_FULL                                             Handle        = 0x80090023
+	NTE_TEMPORARY_PROFILE                                                     Handle        = 0x80090024
+	NTE_FIXEDPARAMETER                                                        Handle        = 0x80090025
+	NTE_INVALID_HANDLE                                                        Handle        = 0x80090026
+	NTE_INVALID_PARAMETER                                                     Handle        = 0x80090027
+	NTE_BUFFER_TOO_SMALL                                                      Handle        = 0x80090028
+	NTE_NOT_SUPPORTED                                                         Handle        = 0x80090029
+	NTE_NO_MORE_ITEMS                                                         Handle        = 0x8009002A
+	NTE_BUFFERS_OVERLAP                                                       Handle        = 0x8009002B
+	NTE_DECRYPTION_FAILURE                                                    Handle        = 0x8009002C
+	NTE_INTERNAL_ERROR                                                        Handle        = 0x8009002D
+	NTE_UI_REQUIRED                                                           Handle        = 0x8009002E
+	NTE_HMAC_NOT_SUPPORTED                                                    Handle        = 0x8009002F
+	NTE_DEVICE_NOT_READY                                                      Handle        = 0x80090030
+	NTE_AUTHENTICATION_IGNORED                                                Handle        = 0x80090031
+	NTE_VALIDATION_FAILED                                                     Handle        = 0x80090032
+	NTE_INCORRECT_PASSWORD                                                    Handle        = 0x80090033
+	NTE_ENCRYPTION_FAILURE                                                    Handle        = 0x80090034
+	NTE_DEVICE_NOT_FOUND                                                      Handle        = 0x80090035
+	NTE_USER_CANCELLED                                                        Handle        = 0x80090036
+	NTE_PASSWORD_CHANGE_REQUIRED                                              Handle        = 0x80090037
+	NTE_NOT_ACTIVE_CONSOLE                                                    Handle        = 0x80090038
+	SEC_E_INSUFFICIENT_MEMORY                                                 Handle        = 0x80090300
+	SEC_E_INVALID_HANDLE                                                      Handle        = 0x80090301
+	SEC_E_UNSUPPORTED_FUNCTION                                                Handle        = 0x80090302
+	SEC_E_TARGET_UNKNOWN                                                      Handle        = 0x80090303
+	SEC_E_INTERNAL_ERROR                                                      Handle        = 0x80090304
+	SEC_E_SECPKG_NOT_FOUND                                                    Handle        = 0x80090305
+	SEC_E_NOT_OWNER                                                           Handle        = 0x80090306
+	SEC_E_CANNOT_INSTALL                                                      Handle        = 0x80090307
+	SEC_E_INVALID_TOKEN                                                       Handle        = 0x80090308
+	SEC_E_CANNOT_PACK                                                         Handle        = 0x80090309
+	SEC_E_QOP_NOT_SUPPORTED                                                   Handle        = 0x8009030A
+	SEC_E_NO_IMPERSONATION                                                    Handle        = 0x8009030B
+	SEC_E_LOGON_DENIED                                                        Handle        = 0x8009030C
+	SEC_E_UNKNOWN_CREDENTIALS                                                 Handle        = 0x8009030D
+	SEC_E_NO_CREDENTIALS                                                      Handle        = 0x8009030E
+	SEC_E_MESSAGE_ALTERED                                                     Handle        = 0x8009030F
+	SEC_E_OUT_OF_SEQUENCE                                                     Handle        = 0x80090310
+	SEC_E_NO_AUTHENTICATING_AUTHORITY                                         Handle        = 0x80090311
+	SEC_I_CONTINUE_NEEDED                                                     Handle        = 0x00090312
+	SEC_I_COMPLETE_NEEDED                                                     Handle        = 0x00090313
+	SEC_I_COMPLETE_AND_CONTINUE                                               Handle        = 0x00090314
+	SEC_I_LOCAL_LOGON                                                         Handle        = 0x00090315
+	SEC_I_GENERIC_EXTENSION_RECEIVED                                          Handle        = 0x00090316
+	SEC_E_BAD_PKGID                                                           Handle        = 0x80090316
+	SEC_E_CONTEXT_EXPIRED                                                     Handle        = 0x80090317
+	SEC_I_CONTEXT_EXPIRED                                                     Handle        = 0x00090317
+	SEC_E_INCOMPLETE_MESSAGE                                                  Handle        = 0x80090318
+	SEC_E_INCOMPLETE_CREDENTIALS                                              Handle        = 0x80090320
+	SEC_E_BUFFER_TOO_SMALL                                                    Handle        = 0x80090321
+	SEC_I_INCOMPLETE_CREDENTIALS                                              Handle        = 0x00090320
+	SEC_I_RENEGOTIATE                                                         Handle        = 0x00090321
+	SEC_E_WRONG_PRINCIPAL                                                     Handle        = 0x80090322
+	SEC_I_NO_LSA_CONTEXT                                                      Handle        = 0x00090323
+	SEC_E_TIME_SKEW                                                           Handle        = 0x80090324
+	SEC_E_UNTRUSTED_ROOT                                                      Handle        = 0x80090325
+	SEC_E_ILLEGAL_MESSAGE                                                     Handle        = 0x80090326
+	SEC_E_CERT_UNKNOWN                                                        Handle        = 0x80090327
+	SEC_E_CERT_EXPIRED                                                        Handle        = 0x80090328
+	SEC_E_ENCRYPT_FAILURE                                                     Handle        = 0x80090329
+	SEC_E_DECRYPT_FAILURE                                                     Handle        = 0x80090330
+	SEC_E_ALGORITHM_MISMATCH                                                  Handle        = 0x80090331
+	SEC_E_SECURITY_QOS_FAILED                                                 Handle        = 0x80090332
+	SEC_E_UNFINISHED_CONTEXT_DELETED                                          Handle        = 0x80090333
+	SEC_E_NO_TGT_REPLY                                                        Handle        = 0x80090334
+	SEC_E_NO_IP_ADDRESSES                                                     Handle        = 0x80090335
+	SEC_E_WRONG_CREDENTIAL_HANDLE                                             Handle        = 0x80090336
+	SEC_E_CRYPTO_SYSTEM_INVALID                                               Handle        = 0x80090337
+	SEC_E_MAX_REFERRALS_EXCEEDED                                              Handle        = 0x80090338
+	SEC_E_MUST_BE_KDC                                                         Handle        = 0x80090339
+	SEC_E_STRONG_CRYPTO_NOT_SUPPORTED                                         Handle        = 0x8009033A
+	SEC_E_TOO_MANY_PRINCIPALS                                                 Handle        = 0x8009033B
+	SEC_E_NO_PA_DATA                                                          Handle        = 0x8009033C
+	SEC_E_PKINIT_NAME_MISMATCH                                                Handle        = 0x8009033D
+	SEC_E_SMARTCARD_LOGON_REQUIRED                                            Handle        = 0x8009033E
+	SEC_E_SHUTDOWN_IN_PROGRESS                                                Handle        = 0x8009033F
+	SEC_E_KDC_INVALID_REQUEST                                                 Handle        = 0x80090340
+	SEC_E_KDC_UNABLE_TO_REFER                                                 Handle        = 0x80090341
+	SEC_E_KDC_UNKNOWN_ETYPE                                                   Handle        = 0x80090342
+	SEC_E_UNSUPPORTED_PREAUTH                                                 Handle        = 0x80090343
+	SEC_E_DELEGATION_REQUIRED                                                 Handle        = 0x80090345
+	SEC_E_BAD_BINDINGS                                                        Handle        = 0x80090346
+	SEC_E_MULTIPLE_ACCOUNTS                                                   Handle        = 0x80090347
+	SEC_E_NO_KERB_KEY                                                         Handle        = 0x80090348
+	SEC_E_CERT_WRONG_USAGE                                                    Handle        = 0x80090349
+	SEC_E_DOWNGRADE_DETECTED                                                  Handle        = 0x80090350
+	SEC_E_SMARTCARD_CERT_REVOKED                                              Handle        = 0x80090351
+	SEC_E_ISSUING_CA_UNTRUSTED                                                Handle        = 0x80090352
+	SEC_E_REVOCATION_OFFLINE_C                                                Handle        = 0x80090353
+	SEC_E_PKINIT_CLIENT_FAILURE                                               Handle        = 0x80090354
+	SEC_E_SMARTCARD_CERT_EXPIRED                                              Handle        = 0x80090355
+	SEC_E_NO_S4U_PROT_SUPPORT                                                 Handle        = 0x80090356
+	SEC_E_CROSSREALM_DELEGATION_FAILURE                                       Handle        = 0x80090357
+	SEC_E_REVOCATION_OFFLINE_KDC                                              Handle        = 0x80090358
+	SEC_E_ISSUING_CA_UNTRUSTED_KDC                                            Handle        = 0x80090359
+	SEC_E_KDC_CERT_EXPIRED                                                    Handle        = 0x8009035A
+	SEC_E_KDC_CERT_REVOKED                                                    Handle        = 0x8009035B
+	SEC_I_SIGNATURE_NEEDED                                                    Handle        = 0x0009035C
+	SEC_E_INVALID_PARAMETER                                                   Handle        = 0x8009035D
+	SEC_E_DELEGATION_POLICY                                                   Handle        = 0x8009035E
+	SEC_E_POLICY_NLTM_ONLY                                                    Handle        = 0x8009035F
+	SEC_I_NO_RENEGOTIATION                                                    Handle        = 0x00090360
+	SEC_E_NO_CONTEXT                                                          Handle        = 0x80090361
+	SEC_E_PKU2U_CERT_FAILURE                                                  Handle        = 0x80090362
+	SEC_E_MUTUAL_AUTH_FAILED                                                  Handle        = 0x80090363
+	SEC_I_MESSAGE_FRAGMENT                                                    Handle        = 0x00090364
+	SEC_E_ONLY_HTTPS_ALLOWED                                                  Handle        = 0x80090365
+	SEC_I_CONTINUE_NEEDED_MESSAGE_OK                                          Handle        = 0x00090366
+	SEC_E_APPLICATION_PROTOCOL_MISMATCH                                       Handle        = 0x80090367
+	SEC_I_ASYNC_CALL_PENDING                                                  Handle        = 0x00090368
+	SEC_E_INVALID_UPN_NAME                                                    Handle        = 0x80090369
+	SEC_E_EXT_BUFFER_TOO_SMALL                                                Handle        = 0x8009036A
+	SEC_E_INSUFFICIENT_BUFFERS                                                Handle        = 0x8009036B
+	SEC_E_NO_SPM                                                                            = SEC_E_INTERNAL_ERROR
+	SEC_E_NOT_SUPPORTED                                                                     = SEC_E_UNSUPPORTED_FUNCTION
+	CRYPT_E_MSG_ERROR                                                         Handle        = 0x80091001
+	CRYPT_E_UNKNOWN_ALGO                                                      Handle        = 0x80091002
+	CRYPT_E_OID_FORMAT                                                        Handle        = 0x80091003
+	CRYPT_E_INVALID_MSG_TYPE                                                  Handle        = 0x80091004
+	CRYPT_E_UNEXPECTED_ENCODING                                               Handle        = 0x80091005
+	CRYPT_E_AUTH_ATTR_MISSING                                                 Handle        = 0x80091006
+	CRYPT_E_HASH_VALUE                                                        Handle        = 0x80091007
+	CRYPT_E_INVALID_INDEX                                                     Handle        = 0x80091008
+	CRYPT_E_ALREADY_DECRYPTED                                                 Handle        = 0x80091009
+	CRYPT_E_NOT_DECRYPTED                                                     Handle        = 0x8009100A
+	CRYPT_E_RECIPIENT_NOT_FOUND                                               Handle        = 0x8009100B
+	CRYPT_E_CONTROL_TYPE                                                      Handle        = 0x8009100C
+	CRYPT_E_ISSUER_SERIALNUMBER                                               Handle        = 0x8009100D
+	CRYPT_E_SIGNER_NOT_FOUND                                                  Handle        = 0x8009100E
+	CRYPT_E_ATTRIBUTES_MISSING                                                Handle        = 0x8009100F
+	CRYPT_E_STREAM_MSG_NOT_READY                                              Handle        = 0x80091010
+	CRYPT_E_STREAM_INSUFFICIENT_DATA                                          Handle        = 0x80091011
+	CRYPT_I_NEW_PROTECTION_REQUIRED                                           Handle        = 0x00091012
+	CRYPT_E_BAD_LEN                                                           Handle        = 0x80092001
+	CRYPT_E_BAD_ENCODE                                                        Handle        = 0x80092002
+	CRYPT_E_FILE_ERROR                                                        Handle        = 0x80092003
+	CRYPT_E_NOT_FOUND                                                         Handle        = 0x80092004
+	CRYPT_E_EXISTS                                                            Handle        = 0x80092005
+	CRYPT_E_NO_PROVIDER                                                       Handle        = 0x80092006
+	CRYPT_E_SELF_SIGNED                                                       Handle        = 0x80092007
+	CRYPT_E_DELETED_PREV                                                      Handle        = 0x80092008
+	CRYPT_E_NO_MATCH                                                          Handle        = 0x80092009
+	CRYPT_E_UNEXPECTED_MSG_TYPE                                               Handle        = 0x8009200A
+	CRYPT_E_NO_KEY_PROPERTY                                                   Handle        = 0x8009200B
+	CRYPT_E_NO_DECRYPT_CERT                                                   Handle        = 0x8009200C
+	CRYPT_E_BAD_MSG                                                           Handle        = 0x8009200D
+	CRYPT_E_NO_SIGNER                                                         Handle        = 0x8009200E
+	CRYPT_E_PENDING_CLOSE                                                     Handle        = 0x8009200F
+	CRYPT_E_REVOKED                                                           Handle        = 0x80092010
+	CRYPT_E_NO_REVOCATION_DLL                                                 Handle        = 0x80092011
+	CRYPT_E_NO_REVOCATION_CHECK                                               Handle        = 0x80092012
+	CRYPT_E_REVOCATION_OFFLINE                                                Handle        = 0x80092013
+	CRYPT_E_NOT_IN_REVOCATION_DATABASE                                        Handle        = 0x80092014
+	CRYPT_E_INVALID_NUMERIC_STRING                                            Handle        = 0x80092020
+	CRYPT_E_INVALID_PRINTABLE_STRING                                          Handle        = 0x80092021
+	CRYPT_E_INVALID_IA5_STRING                                                Handle        = 0x80092022
+	CRYPT_E_INVALID_X500_STRING                                               Handle        = 0x80092023
+	CRYPT_E_NOT_CHAR_STRING                                                   Handle        = 0x80092024
+	CRYPT_E_FILERESIZED                                                       Handle        = 0x80092025
+	CRYPT_E_SECURITY_SETTINGS                                                 Handle        = 0x80092026
+	CRYPT_E_NO_VERIFY_USAGE_DLL                                               Handle        = 0x80092027
+	CRYPT_E_NO_VERIFY_USAGE_CHECK                                             Handle        = 0x80092028
+	CRYPT_E_VERIFY_USAGE_OFFLINE                                              Handle        = 0x80092029
+	CRYPT_E_NOT_IN_CTL                                                        Handle        = 0x8009202A
+	CRYPT_E_NO_TRUSTED_SIGNER                                                 Handle        = 0x8009202B
+	CRYPT_E_MISSING_PUBKEY_PARA                                               Handle        = 0x8009202C
+	CRYPT_E_OBJECT_LOCATOR_OBJECT_NOT_FOUND                                   Handle        = 0x8009202D
+	CRYPT_E_OSS_ERROR                                                         Handle        = 0x80093000
+	OSS_MORE_BUF                                                              Handle        = 0x80093001
+	OSS_NEGATIVE_UINTEGER                                                     Handle        = 0x80093002
+	OSS_PDU_RANGE                                                             Handle        = 0x80093003
+	OSS_MORE_INPUT                                                            Handle        = 0x80093004
+	OSS_DATA_ERROR                                                            Handle        = 0x80093005
+	OSS_BAD_ARG                                                               Handle        = 0x80093006
+	OSS_BAD_VERSION                                                           Handle        = 0x80093007
+	OSS_OUT_MEMORY                                                            Handle        = 0x80093008
+	OSS_PDU_MISMATCH                                                          Handle        = 0x80093009
+	OSS_LIMITED                                                               Handle        = 0x8009300A
+	OSS_BAD_PTR                                                               Handle        = 0x8009300B
+	OSS_BAD_TIME                                                              Handle        = 0x8009300C
+	OSS_INDEFINITE_NOT_SUPPORTED                                              Handle        = 0x8009300D
+	OSS_MEM_ERROR                                                             Handle        = 0x8009300E
+	OSS_BAD_TABLE                                                             Handle        = 0x8009300F
+	OSS_TOO_LONG                                                              Handle        = 0x80093010
+	OSS_CONSTRAINT_VIOLATED                                                   Handle        = 0x80093011
+	OSS_FATAL_ERROR                                                           Handle        = 0x80093012
+	OSS_ACCESS_SERIALIZATION_ERROR                                            Handle        = 0x80093013
+	OSS_NULL_TBL                                                              Handle        = 0x80093014
+	OSS_NULL_FCN                                                              Handle        = 0x80093015
+	OSS_BAD_ENCRULES                                                          Handle        = 0x80093016
+	OSS_UNAVAIL_ENCRULES                                                      Handle        = 0x80093017
+	OSS_CANT_OPEN_TRACE_WINDOW                                                Handle        = 0x80093018
+	OSS_UNIMPLEMENTED                                                         Handle        = 0x80093019
+	OSS_OID_DLL_NOT_LINKED                                                    Handle        = 0x8009301A
+	OSS_CANT_OPEN_TRACE_FILE                                                  Handle        = 0x8009301B
+	OSS_TRACE_FILE_ALREADY_OPEN                                               Handle        = 0x8009301C
+	OSS_TABLE_MISMATCH                                                        Handle        = 0x8009301D
+	OSS_TYPE_NOT_SUPPORTED                                                    Handle        = 0x8009301E
+	OSS_REAL_DLL_NOT_LINKED                                                   Handle        = 0x8009301F
+	OSS_REAL_CODE_NOT_LINKED                                                  Handle        = 0x80093020
+	OSS_OUT_OF_RANGE                                                          Handle        = 0x80093021
+	OSS_COPIER_DLL_NOT_LINKED                                                 Handle        = 0x80093022
+	OSS_CONSTRAINT_DLL_NOT_LINKED                                             Handle        = 0x80093023
+	OSS_COMPARATOR_DLL_NOT_LINKED                                             Handle        = 0x80093024
+	OSS_COMPARATOR_CODE_NOT_LINKED                                            Handle        = 0x80093025
+	OSS_MEM_MGR_DLL_NOT_LINKED                                                Handle        = 0x80093026
+	OSS_PDV_DLL_NOT_LINKED                                                    Handle        = 0x80093027
+	OSS_PDV_CODE_NOT_LINKED                                                   Handle        = 0x80093028
+	OSS_API_DLL_NOT_LINKED                                                    Handle        = 0x80093029
+	OSS_BERDER_DLL_NOT_LINKED                                                 Handle        = 0x8009302A
+	OSS_PER_DLL_NOT_LINKED                                                    Handle        = 0x8009302B
+	OSS_OPEN_TYPE_ERROR                                                       Handle        = 0x8009302C
+	OSS_MUTEX_NOT_CREATED                                                     Handle        = 0x8009302D
+	OSS_CANT_CLOSE_TRACE_FILE                                                 Handle        = 0x8009302E
+	CRYPT_E_ASN1_ERROR                                                        Handle        = 0x80093100
+	CRYPT_E_ASN1_INTERNAL                                                     Handle        = 0x80093101
+	CRYPT_E_ASN1_EOD                                                          Handle        = 0x80093102
+	CRYPT_E_ASN1_CORRUPT                                                      Handle        = 0x80093103
+	CRYPT_E_ASN1_LARGE                                                        Handle        = 0x80093104
+	CRYPT_E_ASN1_CONSTRAINT                                                   Handle        = 0x80093105
+	CRYPT_E_ASN1_MEMORY                                                       Handle        = 0x80093106
+	CRYPT_E_ASN1_OVERFLOW                                                     Handle        = 0x80093107
+	CRYPT_E_ASN1_BADPDU                                                       Handle        = 0x80093108
+	CRYPT_E_ASN1_BADARGS                                                      Handle        = 0x80093109
+	CRYPT_E_ASN1_BADREAL                                                      Handle        = 0x8009310A
+	CRYPT_E_ASN1_BADTAG                                                       Handle        = 0x8009310B
+	CRYPT_E_ASN1_CHOICE                                                       Handle        = 0x8009310C
+	CRYPT_E_ASN1_RULE                                                         Handle        = 0x8009310D
+	CRYPT_E_ASN1_UTF8                                                         Handle        = 0x8009310E
+	CRYPT_E_ASN1_PDU_TYPE                                                     Handle        = 0x80093133
+	CRYPT_E_ASN1_NYI                                                          Handle        = 0x80093134
+	CRYPT_E_ASN1_EXTENDED                                                     Handle        = 0x80093201
+	CRYPT_E_ASN1_NOEOD                                                        Handle        = 0x80093202
+	CERTSRV_E_BAD_REQUESTSUBJECT                                              Handle        = 0x80094001
+	CERTSRV_E_NO_REQUEST                                                      Handle        = 0x80094002
+	CERTSRV_E_BAD_REQUESTSTATUS                                               Handle        = 0x80094003
+	CERTSRV_E_PROPERTY_EMPTY                                                  Handle        = 0x80094004
+	CERTSRV_E_INVALID_CA_CERTIFICATE                                          Handle        = 0x80094005
+	CERTSRV_E_SERVER_SUSPENDED                                                Handle        = 0x80094006
+	CERTSRV_E_ENCODING_LENGTH                                                 Handle        = 0x80094007
+	CERTSRV_E_ROLECONFLICT                                                    Handle        = 0x80094008
+	CERTSRV_E_RESTRICTEDOFFICER                                               Handle        = 0x80094009
+	CERTSRV_E_KEY_ARCHIVAL_NOT_CONFIGURED                                     Handle        = 0x8009400A
+	CERTSRV_E_NO_VALID_KRA                                                    Handle        = 0x8009400B
+	CERTSRV_E_BAD_REQUEST_KEY_ARCHIVAL                                        Handle        = 0x8009400C
+	CERTSRV_E_NO_CAADMIN_DEFINED                                              Handle        = 0x8009400D
+	CERTSRV_E_BAD_RENEWAL_CERT_ATTRIBUTE                                      Handle        = 0x8009400E
+	CERTSRV_E_NO_DB_SESSIONS                                                  Handle        = 0x8009400F
+	CERTSRV_E_ALIGNMENT_FAULT                                                 Handle        = 0x80094010
+	CERTSRV_E_ENROLL_DENIED                                                   Handle        = 0x80094011
+	CERTSRV_E_TEMPLATE_DENIED                                                 Handle        = 0x80094012
+	CERTSRV_E_DOWNLEVEL_DC_SSL_OR_UPGRADE                                     Handle        = 0x80094013
+	CERTSRV_E_ADMIN_DENIED_REQUEST                                            Handle        = 0x80094014
+	CERTSRV_E_NO_POLICY_SERVER                                                Handle        = 0x80094015
+	CERTSRV_E_WEAK_SIGNATURE_OR_KEY                                           Handle        = 0x80094016
+	CERTSRV_E_KEY_ATTESTATION_NOT_SUPPORTED                                   Handle        = 0x80094017
+	CERTSRV_E_ENCRYPTION_CERT_REQUIRED                                        Handle        = 0x80094018
+	CERTSRV_E_UNSUPPORTED_CERT_TYPE                                           Handle        = 0x80094800
+	CERTSRV_E_NO_CERT_TYPE                                                    Handle        = 0x80094801
+	CERTSRV_E_TEMPLATE_CONFLICT                                               Handle        = 0x80094802
+	CERTSRV_E_SUBJECT_ALT_NAME_REQUIRED                                       Handle        = 0x80094803
+	CERTSRV_E_ARCHIVED_KEY_REQUIRED                                           Handle        = 0x80094804
+	CERTSRV_E_SMIME_REQUIRED                                                  Handle        = 0x80094805
+	CERTSRV_E_BAD_RENEWAL_SUBJECT                                             Handle        = 0x80094806
+	CERTSRV_E_BAD_TEMPLATE_VERSION                                            Handle        = 0x80094807
+	CERTSRV_E_TEMPLATE_POLICY_REQUIRED                                        Handle        = 0x80094808
+	CERTSRV_E_SIGNATURE_POLICY_REQUIRED                                       Handle        = 0x80094809
+	CERTSRV_E_SIGNATURE_COUNT                                                 Handle        = 0x8009480A
+	CERTSRV_E_SIGNATURE_REJECTED                                              Handle        = 0x8009480B
+	CERTSRV_E_ISSUANCE_POLICY_REQUIRED                                        Handle        = 0x8009480C
+	CERTSRV_E_SUBJECT_UPN_REQUIRED                                            Handle        = 0x8009480D
+	CERTSRV_E_SUBJECT_DIRECTORY_GUID_REQUIRED                                 Handle        = 0x8009480E
+	CERTSRV_E_SUBJECT_DNS_REQUIRED                                            Handle        = 0x8009480F
+	CERTSRV_E_ARCHIVED_KEY_UNEXPECTED                                         Handle        = 0x80094810
+	CERTSRV_E_KEY_LENGTH                                                      Handle        = 0x80094811
+	CERTSRV_E_SUBJECT_EMAIL_REQUIRED                                          Handle        = 0x80094812
+	CERTSRV_E_UNKNOWN_CERT_TYPE                                               Handle        = 0x80094813
+	CERTSRV_E_CERT_TYPE_OVERLAP                                               Handle        = 0x80094814
+	CERTSRV_E_TOO_MANY_SIGNATURES                                             Handle        = 0x80094815
+	CERTSRV_E_RENEWAL_BAD_PUBLIC_KEY                                          Handle        = 0x80094816
+	CERTSRV_E_INVALID_EK                                                      Handle        = 0x80094817
+	CERTSRV_E_INVALID_IDBINDING                                               Handle        = 0x80094818
+	CERTSRV_E_INVALID_ATTESTATION                                             Handle        = 0x80094819
+	CERTSRV_E_KEY_ATTESTATION                                                 Handle        = 0x8009481A
+	CERTSRV_E_CORRUPT_KEY_ATTESTATION                                         Handle        = 0x8009481B
+	CERTSRV_E_EXPIRED_CHALLENGE                                               Handle        = 0x8009481C
+	CERTSRV_E_INVALID_RESPONSE                                                Handle        = 0x8009481D
+	CERTSRV_E_INVALID_REQUESTID                                               Handle        = 0x8009481E
+	CERTSRV_E_REQUEST_PRECERTIFICATE_MISMATCH                                 Handle        = 0x8009481F
+	CERTSRV_E_PENDING_CLIENT_RESPONSE                                         Handle        = 0x80094820
+	XENROLL_E_KEY_NOT_EXPORTABLE                                              Handle        = 0x80095000
+	XENROLL_E_CANNOT_ADD_ROOT_CERT                                            Handle        = 0x80095001
+	XENROLL_E_RESPONSE_KA_HASH_NOT_FOUND                                      Handle        = 0x80095002
+	XENROLL_E_RESPONSE_UNEXPECTED_KA_HASH                                     Handle        = 0x80095003
+	XENROLL_E_RESPONSE_KA_HASH_MISMATCH                                       Handle        = 0x80095004
+	XENROLL_E_KEYSPEC_SMIME_MISMATCH                                          Handle        = 0x80095005
+	TRUST_E_SYSTEM_ERROR                                                      Handle        = 0x80096001
+	TRUST_E_NO_SIGNER_CERT                                                    Handle        = 0x80096002
+	TRUST_E_COUNTER_SIGNER                                                    Handle        = 0x80096003
+	TRUST_E_CERT_SIGNATURE                                                    Handle        = 0x80096004
+	TRUST_E_TIME_STAMP                                                        Handle        = 0x80096005
+	TRUST_E_BAD_DIGEST                                                        Handle        = 0x80096010
+	TRUST_E_MALFORMED_SIGNATURE                                               Handle        = 0x80096011
+	TRUST_E_BASIC_CONSTRAINTS                                                 Handle        = 0x80096019
+	TRUST_E_FINANCIAL_CRITERIA                                                Handle        = 0x8009601E
+	MSSIPOTF_E_OUTOFMEMRANGE                                                  Handle        = 0x80097001
+	MSSIPOTF_E_CANTGETOBJECT                                                  Handle        = 0x80097002
+	MSSIPOTF_E_NOHEADTABLE                                                    Handle        = 0x80097003
+	MSSIPOTF_E_BAD_MAGICNUMBER                                                Handle        = 0x80097004
+	MSSIPOTF_E_BAD_OFFSET_TABLE                                               Handle        = 0x80097005
+	MSSIPOTF_E_TABLE_TAGORDER                                                 Handle        = 0x80097006
+	MSSIPOTF_E_TABLE_LONGWORD                                                 Handle        = 0x80097007
+	MSSIPOTF_E_BAD_FIRST_TABLE_PLACEMENT                                      Handle        = 0x80097008
+	MSSIPOTF_E_TABLES_OVERLAP                                                 Handle        = 0x80097009
+	MSSIPOTF_E_TABLE_PADBYTES                                                 Handle        = 0x8009700A
+	MSSIPOTF_E_FILETOOSMALL                                                   Handle        = 0x8009700B
+	MSSIPOTF_E_TABLE_CHECKSUM                                                 Handle        = 0x8009700C
+	MSSIPOTF_E_FILE_CHECKSUM                                                  Handle        = 0x8009700D
+	MSSIPOTF_E_FAILED_POLICY                                                  Handle        = 0x80097010
+	MSSIPOTF_E_FAILED_HINTS_CHECK                                             Handle        = 0x80097011
+	MSSIPOTF_E_NOT_OPENTYPE                                                   Handle        = 0x80097012
+	MSSIPOTF_E_FILE                                                           Handle        = 0x80097013
+	MSSIPOTF_E_CRYPT                                                          Handle        = 0x80097014
+	MSSIPOTF_E_BADVERSION                                                     Handle        = 0x80097015
+	MSSIPOTF_E_DSIG_STRUCTURE                                                 Handle        = 0x80097016
+	MSSIPOTF_E_PCONST_CHECK                                                   Handle        = 0x80097017
+	MSSIPOTF_E_STRUCTURE                                                      Handle        = 0x80097018
+	ERROR_CRED_REQUIRES_CONFIRMATION                                          Handle        = 0x80097019
+	NTE_OP_OK                                                                 syscall.Errno = 0
+	TRUST_E_PROVIDER_UNKNOWN                                                  Handle        = 0x800B0001
+	TRUST_E_ACTION_UNKNOWN                                                    Handle        = 0x800B0002
+	TRUST_E_SUBJECT_FORM_UNKNOWN                                              Handle        = 0x800B0003
+	TRUST_E_SUBJECT_NOT_TRUSTED                                               Handle        = 0x800B0004
+	DIGSIG_E_ENCODE                                                           Handle        = 0x800B0005
+	DIGSIG_E_DECODE                                                           Handle        = 0x800B0006
+	DIGSIG_E_EXTENSIBILITY                                                    Handle        = 0x800B0007
+	DIGSIG_E_CRYPTO                                                           Handle        = 0x800B0008
+	PERSIST_E_SIZEDEFINITE                                                    Handle        = 0x800B0009
+	PERSIST_E_SIZEINDEFINITE                                                  Handle        = 0x800B000A
+	PERSIST_E_NOTSELFSIZING                                                   Handle        = 0x800B000B
+	TRUST_E_NOSIGNATURE                                                       Handle        = 0x800B0100
+	CERT_E_EXPIRED                                                            Handle        = 0x800B0101
+	CERT_E_VALIDITYPERIODNESTING                                              Handle        = 0x800B0102
+	CERT_E_ROLE                                                               Handle        = 0x800B0103
+	CERT_E_PATHLENCONST                                                       Handle        = 0x800B0104
+	CERT_E_CRITICAL                                                           Handle        = 0x800B0105
+	CERT_E_PURPOSE                                                            Handle        = 0x800B0106
+	CERT_E_ISSUERCHAINING                                                     Handle        = 0x800B0107
+	CERT_E_MALFORMED                                                          Handle        = 0x800B0108
+	CERT_E_UNTRUSTEDROOT                                                      Handle        = 0x800B0109
+	CERT_E_CHAINING                                                           Handle        = 0x800B010A
+	TRUST_E_FAIL                                                              Handle        = 0x800B010B
+	CERT_E_REVOKED                                                            Handle        = 0x800B010C
+	CERT_E_UNTRUSTEDTESTROOT                                                  Handle        = 0x800B010D
+	CERT_E_REVOCATION_FAILURE                                                 Handle        = 0x800B010E
+	CERT_E_CN_NO_MATCH                                                        Handle        = 0x800B010F
+	CERT_E_WRONG_USAGE                                                        Handle        = 0x800B0110
+	TRUST_E_EXPLICIT_DISTRUST                                                 Handle        = 0x800B0111
+	CERT_E_UNTRUSTEDCA                                                        Handle        = 0x800B0112
+	CERT_E_INVALID_POLICY                                                     Handle        = 0x800B0113
+	CERT_E_INVALID_NAME                                                       Handle        = 0x800B0114
+	SPAPI_E_EXPECTED_SECTION_NAME                                             Handle        = 0x800F0000
+	SPAPI_E_BAD_SECTION_NAME_LINE                                             Handle        = 0x800F0001
+	SPAPI_E_SECTION_NAME_TOO_LONG                                             Handle        = 0x800F0002
+	SPAPI_E_GENERAL_SYNTAX                                                    Handle        = 0x800F0003
+	SPAPI_E_WRONG_INF_STYLE                                                   Handle        = 0x800F0100
+	SPAPI_E_SECTION_NOT_FOUND                                                 Handle        = 0x800F0101
+	SPAPI_E_LINE_NOT_FOUND                                                    Handle        = 0x800F0102
+	SPAPI_E_NO_BACKUP                                                         Handle        = 0x800F0103
+	SPAPI_E_NO_ASSOCIATED_CLASS                                               Handle        = 0x800F0200
+	SPAPI_E_CLASS_MISMATCH                                                    Handle        = 0x800F0201
+	SPAPI_E_DUPLICATE_FOUND                                                   Handle        = 0x800F0202
+	SPAPI_E_NO_DRIVER_SELECTED                                                Handle        = 0x800F0203
+	SPAPI_E_KEY_DOES_NOT_EXIST                                                Handle        = 0x800F0204
+	SPAPI_E_INVALID_DEVINST_NAME                                              Handle        = 0x800F0205
+	SPAPI_E_INVALID_CLASS                                                     Handle        = 0x800F0206
+	SPAPI_E_DEVINST_ALREADY_EXISTS                                            Handle        = 0x800F0207
+	SPAPI_E_DEVINFO_NOT_REGISTERED                                            Handle        = 0x800F0208
+	SPAPI_E_INVALID_REG_PROPERTY                                              Handle        = 0x800F0209
+	SPAPI_E_NO_INF                                                            Handle        = 0x800F020A
+	SPAPI_E_NO_SUCH_DEVINST                                                   Handle        = 0x800F020B
+	SPAPI_E_CANT_LOAD_CLASS_ICON                                              Handle        = 0x800F020C
+	SPAPI_E_INVALID_CLASS_INSTALLER                                           Handle        = 0x800F020D
+	SPAPI_E_DI_DO_DEFAULT                                                     Handle        = 0x800F020E
+	SPAPI_E_DI_NOFILECOPY                                                     Handle        = 0x800F020F
+	SPAPI_E_INVALID_HWPROFILE                                                 Handle        = 0x800F0210
+	SPAPI_E_NO_DEVICE_SELECTED                                                Handle        = 0x800F0211
+	SPAPI_E_DEVINFO_LIST_LOCKED                                               Handle        = 0x800F0212
+	SPAPI_E_DEVINFO_DATA_LOCKED                                               Handle        = 0x800F0213
+	SPAPI_E_DI_BAD_PATH                                                       Handle        = 0x800F0214
+	SPAPI_E_NO_CLASSINSTALL_PARAMS                                            Handle        = 0x800F0215
+	SPAPI_E_FILEQUEUE_LOCKED                                                  Handle        = 0x800F0216
+	SPAPI_E_BAD_SERVICE_INSTALLSECT                                           Handle        = 0x800F0217
+	SPAPI_E_NO_CLASS_DRIVER_LIST                                              Handle        = 0x800F0218
+	SPAPI_E_NO_ASSOCIATED_SERVICE                                             Handle        = 0x800F0219
+	SPAPI_E_NO_DEFAULT_DEVICE_INTERFACE                                       Handle        = 0x800F021A
+	SPAPI_E_DEVICE_INTERFACE_ACTIVE                                           Handle        = 0x800F021B
+	SPAPI_E_DEVICE_INTERFACE_REMOVED                                          Handle        = 0x800F021C
+	SPAPI_E_BAD_INTERFACE_INSTALLSECT                                         Handle        = 0x800F021D
+	SPAPI_E_NO_SUCH_INTERFACE_CLASS                                           Handle        = 0x800F021E
+	SPAPI_E_INVALID_REFERENCE_STRING                                          Handle        = 0x800F021F
+	SPAPI_E_INVALID_MACHINENAME                                               Handle        = 0x800F0220
+	SPAPI_E_REMOTE_COMM_FAILURE                                               Handle        = 0x800F0221
+	SPAPI_E_MACHINE_UNAVAILABLE                                               Handle        = 0x800F0222
+	SPAPI_E_NO_CONFIGMGR_SERVICES                                             Handle        = 0x800F0223
+	SPAPI_E_INVALID_PROPPAGE_PROVIDER                                         Handle        = 0x800F0224
+	SPAPI_E_NO_SUCH_DEVICE_INTERFACE                                          Handle        = 0x800F0225
+	SPAPI_E_DI_POSTPROCESSING_REQUIRED                                        Handle        = 0x800F0226
+	SPAPI_E_INVALID_COINSTALLER                                               Handle        = 0x800F0227
+	SPAPI_E_NO_COMPAT_DRIVERS                                                 Handle        = 0x800F0228
+	SPAPI_E_NO_DEVICE_ICON                                                    Handle        = 0x800F0229
+	SPAPI_E_INVALID_INF_LOGCONFIG                                             Handle        = 0x800F022A
+	SPAPI_E_DI_DONT_INSTALL                                                   Handle        = 0x800F022B
+	SPAPI_E_INVALID_FILTER_DRIVER                                             Handle        = 0x800F022C
+	SPAPI_E_NON_WINDOWS_NT_DRIVER                                             Handle        = 0x800F022D
+	SPAPI_E_NON_WINDOWS_DRIVER                                                Handle        = 0x800F022E
+	SPAPI_E_NO_CATALOG_FOR_OEM_INF                                            Handle        = 0x800F022F
+	SPAPI_E_DEVINSTALL_QUEUE_NONNATIVE                                        Handle        = 0x800F0230
+	SPAPI_E_NOT_DISABLEABLE                                                   Handle        = 0x800F0231
+	SPAPI_E_CANT_REMOVE_DEVINST                                               Handle        = 0x800F0232
+	SPAPI_E_INVALID_TARGET                                                    Handle        = 0x800F0233
+	SPAPI_E_DRIVER_NONNATIVE                                                  Handle        = 0x800F0234
+	SPAPI_E_IN_WOW64                                                          Handle        = 0x800F0235
+	SPAPI_E_SET_SYSTEM_RESTORE_POINT                                          Handle        = 0x800F0236
+	SPAPI_E_INCORRECTLY_COPIED_INF                                            Handle        = 0x800F0237
+	SPAPI_E_SCE_DISABLED                                                      Handle        = 0x800F0238
+	SPAPI_E_UNKNOWN_EXCEPTION                                                 Handle        = 0x800F0239
+	SPAPI_E_PNP_REGISTRY_ERROR                                                Handle        = 0x800F023A
+	SPAPI_E_REMOTE_REQUEST_UNSUPPORTED                                        Handle        = 0x800F023B
+	SPAPI_E_NOT_AN_INSTALLED_OEM_INF                                          Handle        = 0x800F023C
+	SPAPI_E_INF_IN_USE_BY_DEVICES                                             Handle        = 0x800F023D
+	SPAPI_E_DI_FUNCTION_OBSOLETE                                              Handle        = 0x800F023E
+	SPAPI_E_NO_AUTHENTICODE_CATALOG                                           Handle        = 0x800F023F
+	SPAPI_E_AUTHENTICODE_DISALLOWED                                           Handle        = 0x800F0240
+	SPAPI_E_AUTHENTICODE_TRUSTED_PUBLISHER                                    Handle        = 0x800F0241
+	SPAPI_E_AUTHENTICODE_TRUST_NOT_ESTABLISHED                                Handle        = 0x800F0242
+	SPAPI_E_AUTHENTICODE_PUBLISHER_NOT_TRUSTED                                Handle        = 0x800F0243
+	SPAPI_E_SIGNATURE_OSATTRIBUTE_MISMATCH                                    Handle        = 0x800F0244
+	SPAPI_E_ONLY_VALIDATE_VIA_AUTHENTICODE                                    Handle        = 0x800F0245
+	SPAPI_E_DEVICE_INSTALLER_NOT_READY                                        Handle        = 0x800F0246
+	SPAPI_E_DRIVER_STORE_ADD_FAILED                                           Handle        = 0x800F0247
+	SPAPI_E_DEVICE_INSTALL_BLOCKED                                            Handle        = 0x800F0248
+	SPAPI_E_DRIVER_INSTALL_BLOCKED                                            Handle        = 0x800F0249
+	SPAPI_E_WRONG_INF_TYPE                                                    Handle        = 0x800F024A
+	SPAPI_E_FILE_HASH_NOT_IN_CATALOG                                          Handle        = 0x800F024B
+	SPAPI_E_DRIVER_STORE_DELETE_FAILED                                        Handle        = 0x800F024C
+	SPAPI_E_UNRECOVERABLE_STACK_OVERFLOW                                      Handle        = 0x800F0300
+	SPAPI_E_ERROR_NOT_INSTALLED                                               Handle        = 0x800F1000
+	SCARD_S_SUCCESS                                                                         = S_OK
+	SCARD_F_INTERNAL_ERROR                                                    Handle        = 0x80100001
+	SCARD_E_CANCELLED                                                         Handle        = 0x80100002
+	SCARD_E_INVALID_HANDLE                                                    Handle        = 0x80100003
+	SCARD_E_INVALID_PARAMETER                                                 Handle        = 0x80100004
+	SCARD_E_INVALID_TARGET                                                    Handle        = 0x80100005
+	SCARD_E_NO_MEMORY                                                         Handle        = 0x80100006
+	SCARD_F_WAITED_TOO_LONG                                                   Handle        = 0x80100007
+	SCARD_E_INSUFFICIENT_BUFFER                                               Handle        = 0x80100008
+	SCARD_E_UNKNOWN_READER                                                    Handle        = 0x80100009
+	SCARD_E_TIMEOUT                                                           Handle        = 0x8010000A
+	SCARD_E_SHARING_VIOLATION                                                 Handle        = 0x8010000B
+	SCARD_E_NO_SMARTCARD                                                      Handle        = 0x8010000C
+	SCARD_E_UNKNOWN_CARD                                                      Handle        = 0x8010000D
+	SCARD_E_CANT_DISPOSE                                                      Handle        = 0x8010000E
+	SCARD_E_PROTO_MISMATCH                                                    Handle        = 0x8010000F
+	SCARD_E_NOT_READY                                                         Handle        = 0x80100010
+	SCARD_E_INVALID_VALUE                                                     Handle        = 0x80100011
+	SCARD_E_SYSTEM_CANCELLED                                                  Handle        = 0x80100012
+	SCARD_F_COMM_ERROR                                                        Handle        = 0x80100013
+	SCARD_F_UNKNOWN_ERROR                                                     Handle        = 0x80100014
+	SCARD_E_INVALID_ATR                                                       Handle        = 0x80100015
+	SCARD_E_NOT_TRANSACTED                                                    Handle        = 0x80100016
+	SCARD_E_READER_UNAVAILABLE                                                Handle        = 0x80100017
+	SCARD_P_SHUTDOWN                                                          Handle        = 0x80100018
+	SCARD_E_PCI_TOO_SMALL                                                     Handle        = 0x80100019
+	SCARD_E_READER_UNSUPPORTED                                                Handle        = 0x8010001A
+	SCARD_E_DUPLICATE_READER                                                  Handle        = 0x8010001B
+	SCARD_E_CARD_UNSUPPORTED                                                  Handle        = 0x8010001C
+	SCARD_E_NO_SERVICE                                                        Handle        = 0x8010001D
+	SCARD_E_SERVICE_STOPPED                                                   Handle        = 0x8010001E
+	SCARD_E_UNEXPECTED                                                        Handle        = 0x8010001F
+	SCARD_E_ICC_INSTALLATION                                                  Handle        = 0x80100020
+	SCARD_E_ICC_CREATEORDER                                                   Handle        = 0x80100021
+	SCARD_E_UNSUPPORTED_FEATURE                                               Handle        = 0x80100022
+	SCARD_E_DIR_NOT_FOUND                                                     Handle        = 0x80100023
+	SCARD_E_FILE_NOT_FOUND                                                    Handle        = 0x80100024
+	SCARD_E_NO_DIR                                                            Handle        = 0x80100025
+	SCARD_E_NO_FILE                                                           Handle        = 0x80100026
+	SCARD_E_NO_ACCESS                                                         Handle        = 0x80100027
+	SCARD_E_WRITE_TOO_MANY                                                    Handle        = 0x80100028
+	SCARD_E_BAD_SEEK                                                          Handle        = 0x80100029
+	SCARD_E_INVALID_CHV                                                       Handle        = 0x8010002A
+	SCARD_E_UNKNOWN_RES_MNG                                                   Handle        = 0x8010002B
+	SCARD_E_NO_SUCH_CERTIFICATE                                               Handle        = 0x8010002C
+	SCARD_E_CERTIFICATE_UNAVAILABLE                                           Handle        = 0x8010002D
+	SCARD_E_NO_READERS_AVAILABLE                                              Handle        = 0x8010002E
+	SCARD_E_COMM_DATA_LOST                                                    Handle        = 0x8010002F
+	SCARD_E_NO_KEY_CONTAINER                                                  Handle        = 0x80100030
+	SCARD_E_SERVER_TOO_BUSY                                                   Handle        = 0x80100031
+	SCARD_E_PIN_CACHE_EXPIRED                                                 Handle        = 0x80100032
+	SCARD_E_NO_PIN_CACHE                                                      Handle        = 0x80100033
+	SCARD_E_READ_ONLY_CARD                                                    Handle        = 0x80100034
+	SCARD_W_UNSUPPORTED_CARD                                                  Handle        = 0x80100065
+	SCARD_W_UNRESPONSIVE_CARD                                                 Handle        = 0x80100066
+	SCARD_W_UNPOWERED_CARD                                                    Handle        = 0x80100067
+	SCARD_W_RESET_CARD                                                        Handle        = 0x80100068
+	SCARD_W_REMOVED_CARD                                                      Handle        = 0x80100069
+	SCARD_W_SECURITY_VIOLATION                                                Handle        = 0x8010006A
+	SCARD_W_WRONG_CHV                                                         Handle        = 0x8010006B
+	SCARD_W_CHV_BLOCKED                                                       Handle        = 0x8010006C
+	SCARD_W_EOF                                                               Handle        = 0x8010006D
+	SCARD_W_CANCELLED_BY_USER                                                 Handle        = 0x8010006E
+	SCARD_W_CARD_NOT_AUTHENTICATED                                            Handle        = 0x8010006F
+	SCARD_W_CACHE_ITEM_NOT_FOUND                                              Handle        = 0x80100070
+	SCARD_W_CACHE_ITEM_STALE                                                  Handle        = 0x80100071
+	SCARD_W_CACHE_ITEM_TOO_BIG                                                Handle        = 0x80100072
+	COMADMIN_E_OBJECTERRORS                                                   Handle        = 0x80110401
+	COMADMIN_E_OBJECTINVALID                                                  Handle        = 0x80110402
+	COMADMIN_E_KEYMISSING                                                     Handle        = 0x80110403
+	COMADMIN_E_ALREADYINSTALLED                                               Handle        = 0x80110404
+	COMADMIN_E_APP_FILE_WRITEFAIL                                             Handle        = 0x80110407
+	COMADMIN_E_APP_FILE_READFAIL                                              Handle        = 0x80110408
+	COMADMIN_E_APP_FILE_VERSION                                               Handle        = 0x80110409
+	COMADMIN_E_BADPATH                                                        Handle        = 0x8011040A
+	COMADMIN_E_APPLICATIONEXISTS                                              Handle        = 0x8011040B
+	COMADMIN_E_ROLEEXISTS                                                     Handle        = 0x8011040C
+	COMADMIN_E_CANTCOPYFILE                                                   Handle        = 0x8011040D
+	COMADMIN_E_NOUSER                                                         Handle        = 0x8011040F
+	COMADMIN_E_INVALIDUSERIDS                                                 Handle        = 0x80110410
+	COMADMIN_E_NOREGISTRYCLSID                                                Handle        = 0x80110411
+	COMADMIN_E_BADREGISTRYPROGID                                              Handle        = 0x80110412
+	COMADMIN_E_AUTHENTICATIONLEVEL                                            Handle        = 0x80110413
+	COMADMIN_E_USERPASSWDNOTVALID                                             Handle        = 0x80110414
+	COMADMIN_E_CLSIDORIIDMISMATCH                                             Handle        = 0x80110418
+	COMADMIN_E_REMOTEINTERFACE                                                Handle        = 0x80110419
+	COMADMIN_E_DLLREGISTERSERVER                                              Handle        = 0x8011041A
+	COMADMIN_E_NOSERVERSHARE                                                  Handle        = 0x8011041B
+	COMADMIN_E_DLLLOADFAILED                                                  Handle        = 0x8011041D
+	COMADMIN_E_BADREGISTRYLIBID                                               Handle        = 0x8011041E
+	COMADMIN_E_APPDIRNOTFOUND                                                 Handle        = 0x8011041F
+	COMADMIN_E_REGISTRARFAILED                                                Handle        = 0x80110423
+	COMADMIN_E_COMPFILE_DOESNOTEXIST                                          Handle        = 0x80110424
+	COMADMIN_E_COMPFILE_LOADDLLFAIL                                           Handle        = 0x80110425
+	COMADMIN_E_COMPFILE_GETCLASSOBJ                                           Handle        = 0x80110426
+	COMADMIN_E_COMPFILE_CLASSNOTAVAIL                                         Handle        = 0x80110427
+	COMADMIN_E_COMPFILE_BADTLB                                                Handle        = 0x80110428
+	COMADMIN_E_COMPFILE_NOTINSTALLABLE                                        Handle        = 0x80110429
+	COMADMIN_E_NOTCHANGEABLE                                                  Handle        = 0x8011042A
+	COMADMIN_E_NOTDELETEABLE                                                  Handle        = 0x8011042B
+	COMADMIN_E_SESSION                                                        Handle        = 0x8011042C
+	COMADMIN_E_COMP_MOVE_LOCKED                                               Handle        = 0x8011042D
+	COMADMIN_E_COMP_MOVE_BAD_DEST                                             Handle        = 0x8011042E
+	COMADMIN_E_REGISTERTLB                                                    Handle        = 0x80110430
+	COMADMIN_E_SYSTEMAPP                                                      Handle        = 0x80110433
+	COMADMIN_E_COMPFILE_NOREGISTRAR                                           Handle        = 0x80110434
+	COMADMIN_E_COREQCOMPINSTALLED                                             Handle        = 0x80110435
+	COMADMIN_E_SERVICENOTINSTALLED                                            Handle        = 0x80110436
+	COMADMIN_E_PROPERTYSAVEFAILED                                             Handle        = 0x80110437
+	COMADMIN_E_OBJECTEXISTS                                                   Handle        = 0x80110438
+	COMADMIN_E_COMPONENTEXISTS                                                Handle        = 0x80110439
+	COMADMIN_E_REGFILE_CORRUPT                                                Handle        = 0x8011043B
+	COMADMIN_E_PROPERTY_OVERFLOW                                              Handle        = 0x8011043C
+	COMADMIN_E_NOTINREGISTRY                                                  Handle        = 0x8011043E
+	COMADMIN_E_OBJECTNOTPOOLABLE                                              Handle        = 0x8011043F
+	COMADMIN_E_APPLID_MATCHES_CLSID                                           Handle        = 0x80110446
+	COMADMIN_E_ROLE_DOES_NOT_EXIST                                            Handle        = 0x80110447
+	COMADMIN_E_START_APP_NEEDS_COMPONENTS                                     Handle        = 0x80110448
+	COMADMIN_E_REQUIRES_DIFFERENT_PLATFORM                                    Handle        = 0x80110449
+	COMADMIN_E_CAN_NOT_EXPORT_APP_PROXY                                       Handle        = 0x8011044A
+	COMADMIN_E_CAN_NOT_START_APP                                              Handle        = 0x8011044B
+	COMADMIN_E_CAN_NOT_EXPORT_SYS_APP                                         Handle        = 0x8011044C
+	COMADMIN_E_CANT_SUBSCRIBE_TO_COMPONENT                                    Handle        = 0x8011044D
+	COMADMIN_E_EVENTCLASS_CANT_BE_SUBSCRIBER                                  Handle        = 0x8011044E
+	COMADMIN_E_LIB_APP_PROXY_INCOMPATIBLE                                     Handle        = 0x8011044F
+	COMADMIN_E_BASE_PARTITION_ONLY                                            Handle        = 0x80110450
+	COMADMIN_E_START_APP_DISABLED                                             Handle        = 0x80110451
+	COMADMIN_E_CAT_DUPLICATE_PARTITION_NAME                                   Handle        = 0x80110457
+	COMADMIN_E_CAT_INVALID_PARTITION_NAME                                     Handle        = 0x80110458
+	COMADMIN_E_CAT_PARTITION_IN_USE                                           Handle        = 0x80110459
+	COMADMIN_E_FILE_PARTITION_DUPLICATE_FILES                                 Handle        = 0x8011045A
+	COMADMIN_E_CAT_IMPORTED_COMPONENTS_NOT_ALLOWED                            Handle        = 0x8011045B
+	COMADMIN_E_AMBIGUOUS_APPLICATION_NAME                                     Handle        = 0x8011045C
+	COMADMIN_E_AMBIGUOUS_PARTITION_NAME                                       Handle        = 0x8011045D
+	COMADMIN_E_REGDB_NOTINITIALIZED                                           Handle        = 0x80110472
+	COMADMIN_E_REGDB_NOTOPEN                                                  Handle        = 0x80110473
+	COMADMIN_E_REGDB_SYSTEMERR                                                Handle        = 0x80110474
+	COMADMIN_E_REGDB_ALREADYRUNNING                                           Handle        = 0x80110475
+	COMADMIN_E_MIG_VERSIONNOTSUPPORTED                                        Handle        = 0x80110480
+	COMADMIN_E_MIG_SCHEMANOTFOUND                                             Handle        = 0x80110481
+	COMADMIN_E_CAT_BITNESSMISMATCH                                            Handle        = 0x80110482
+	COMADMIN_E_CAT_UNACCEPTABLEBITNESS                                        Handle        = 0x80110483
+	COMADMIN_E_CAT_WRONGAPPBITNESS                                            Handle        = 0x80110484
+	COMADMIN_E_CAT_PAUSE_RESUME_NOT_SUPPORTED                                 Handle        = 0x80110485
+	COMADMIN_E_CAT_SERVERFAULT                                                Handle        = 0x80110486
+	COMQC_E_APPLICATION_NOT_QUEUED                                            Handle        = 0x80110600
+	COMQC_E_NO_QUEUEABLE_INTERFACES                                           Handle        = 0x80110601
+	COMQC_E_QUEUING_SERVICE_NOT_AVAILABLE                                     Handle        = 0x80110602
+	COMQC_E_NO_IPERSISTSTREAM                                                 Handle        = 0x80110603
+	COMQC_E_BAD_MESSAGE                                                       Handle        = 0x80110604
+	COMQC_E_UNAUTHENTICATED                                                   Handle        = 0x80110605
+	COMQC_E_UNTRUSTED_ENQUEUER                                                Handle        = 0x80110606
+	MSDTC_E_DUPLICATE_RESOURCE                                                Handle        = 0x80110701
+	COMADMIN_E_OBJECT_PARENT_MISSING                                          Handle        = 0x80110808
+	COMADMIN_E_OBJECT_DOES_NOT_EXIST                                          Handle        = 0x80110809
+	COMADMIN_E_APP_NOT_RUNNING                                                Handle        = 0x8011080A
+	COMADMIN_E_INVALID_PARTITION                                              Handle        = 0x8011080B
+	COMADMIN_E_SVCAPP_NOT_POOLABLE_OR_RECYCLABLE                              Handle        = 0x8011080D
+	COMADMIN_E_USER_IN_SET                                                    Handle        = 0x8011080E
+	COMADMIN_E_CANTRECYCLELIBRARYAPPS                                         Handle        = 0x8011080F
+	COMADMIN_E_CANTRECYCLESERVICEAPPS                                         Handle        = 0x80110811
+	COMADMIN_E_PROCESSALREADYRECYCLED                                         Handle        = 0x80110812
+	COMADMIN_E_PAUSEDPROCESSMAYNOTBERECYCLED                                  Handle        = 0x80110813
+	COMADMIN_E_CANTMAKEINPROCSERVICE                                          Handle        = 0x80110814
+	COMADMIN_E_PROGIDINUSEBYCLSID                                             Handle        = 0x80110815
+	COMADMIN_E_DEFAULT_PARTITION_NOT_IN_SET                                   Handle        = 0x80110816
+	COMADMIN_E_RECYCLEDPROCESSMAYNOTBEPAUSED                                  Handle        = 0x80110817
+	COMADMIN_E_PARTITION_ACCESSDENIED                                         Handle        = 0x80110818
+	COMADMIN_E_PARTITION_MSI_ONLY                                             Handle        = 0x80110819
+	COMADMIN_E_LEGACYCOMPS_NOT_ALLOWED_IN_1_0_FORMAT                          Handle        = 0x8011081A
+	COMADMIN_E_LEGACYCOMPS_NOT_ALLOWED_IN_NONBASE_PARTITIONS                  Handle        = 0x8011081B
+	COMADMIN_E_COMP_MOVE_SOURCE                                               Handle        = 0x8011081C
+	COMADMIN_E_COMP_MOVE_DEST                                                 Handle        = 0x8011081D
+	COMADMIN_E_COMP_MOVE_PRIVATE                                              Handle        = 0x8011081E
+	COMADMIN_E_BASEPARTITION_REQUIRED_IN_SET                                  Handle        = 0x8011081F
+	COMADMIN_E_CANNOT_ALIAS_EVENTCLASS                                        Handle        = 0x80110820
+	COMADMIN_E_PRIVATE_ACCESSDENIED                                           Handle        = 0x80110821
+	COMADMIN_E_SAFERINVALID                                                   Handle        = 0x80110822
+	COMADMIN_E_REGISTRY_ACCESSDENIED                                          Handle        = 0x80110823
+	COMADMIN_E_PARTITIONS_DISABLED                                            Handle        = 0x80110824
+	WER_S_REPORT_DEBUG                                                        Handle        = 0x001B0000
+	WER_S_REPORT_UPLOADED                                                     Handle        = 0x001B0001
+	WER_S_REPORT_QUEUED                                                       Handle        = 0x001B0002
+	WER_S_DISABLED                                                            Handle        = 0x001B0003
+	WER_S_SUSPENDED_UPLOAD                                                    Handle        = 0x001B0004
+	WER_S_DISABLED_QUEUE                                                      Handle        = 0x001B0005
+	WER_S_DISABLED_ARCHIVE                                                    Handle        = 0x001B0006
+	WER_S_REPORT_ASYNC                                                        Handle        = 0x001B0007
+	WER_S_IGNORE_ASSERT_INSTANCE                                              Handle        = 0x001B0008
+	WER_S_IGNORE_ALL_ASSERTS                                                  Handle        = 0x001B0009
+	WER_S_ASSERT_CONTINUE                                                     Handle        = 0x001B000A
+	WER_S_THROTTLED                                                           Handle        = 0x001B000B
+	WER_S_REPORT_UPLOADED_CAB                                                 Handle        = 0x001B000C
+	WER_E_CRASH_FAILURE                                                       Handle        = 0x801B8000
+	WER_E_CANCELED                                                            Handle        = 0x801B8001
+	WER_E_NETWORK_FAILURE                                                     Handle        = 0x801B8002
+	WER_E_NOT_INITIALIZED                                                     Handle        = 0x801B8003
+	WER_E_ALREADY_REPORTING                                                   Handle        = 0x801B8004
+	WER_E_DUMP_THROTTLED                                                      Handle        = 0x801B8005
+	WER_E_INSUFFICIENT_CONSENT                                                Handle        = 0x801B8006
+	WER_E_TOO_HEAVY                                                           Handle        = 0x801B8007
+	ERROR_FLT_IO_COMPLETE                                                     Handle        = 0x001F0001
+	ERROR_FLT_NO_HANDLER_DEFINED                                              Handle        = 0x801F0001
+	ERROR_FLT_CONTEXT_ALREADY_DEFINED                                         Handle        = 0x801F0002
+	ERROR_FLT_INVALID_ASYNCHRONOUS_REQUEST                                    Handle        = 0x801F0003
+	ERROR_FLT_DISALLOW_FAST_IO                                                Handle        = 0x801F0004
+	ERROR_FLT_INVALID_NAME_REQUEST                                            Handle        = 0x801F0005
+	ERROR_FLT_NOT_SAFE_TO_POST_OPERATION                                      Handle        = 0x801F0006
+	ERROR_FLT_NOT_INITIALIZED                                                 Handle        = 0x801F0007
+	ERROR_FLT_FILTER_NOT_READY                                                Handle        = 0x801F0008
+	ERROR_FLT_POST_OPERATION_CLEANUP                                          Handle        = 0x801F0009
+	ERROR_FLT_INTERNAL_ERROR                                                  Handle        = 0x801F000A
+	ERROR_FLT_DELETING_OBJECT                                                 Handle        = 0x801F000B
+	ERROR_FLT_MUST_BE_NONPAGED_POOL                                           Handle        = 0x801F000C
+	ERROR_FLT_DUPLICATE_ENTRY                                                 Handle        = 0x801F000D
+	ERROR_FLT_CBDQ_DISABLED                                                   Handle        = 0x801F000E
+	ERROR_FLT_DO_NOT_ATTACH                                                   Handle        = 0x801F000F
+	ERROR_FLT_DO_NOT_DETACH                                                   Handle        = 0x801F0010
+	ERROR_FLT_INSTANCE_ALTITUDE_COLLISION                                     Handle        = 0x801F0011
+	ERROR_FLT_INSTANCE_NAME_COLLISION                                         Handle        = 0x801F0012
+	ERROR_FLT_FILTER_NOT_FOUND                                                Handle        = 0x801F0013
+	ERROR_FLT_VOLUME_NOT_FOUND                                                Handle        = 0x801F0014
+	ERROR_FLT_INSTANCE_NOT_FOUND                                              Handle        = 0x801F0015
+	ERROR_FLT_CONTEXT_ALLOCATION_NOT_FOUND                                    Handle        = 0x801F0016
+	ERROR_FLT_INVALID_CONTEXT_REGISTRATION                                    Handle        = 0x801F0017
+	ERROR_FLT_NAME_CACHE_MISS                                                 Handle        = 0x801F0018
+	ERROR_FLT_NO_DEVICE_OBJECT                                                Handle        = 0x801F0019
+	ERROR_FLT_VOLUME_ALREADY_MOUNTED                                          Handle        = 0x801F001A
+	ERROR_FLT_ALREADY_ENLISTED                                                Handle        = 0x801F001B
+	ERROR_FLT_CONTEXT_ALREADY_LINKED                                          Handle        = 0x801F001C
+	ERROR_FLT_NO_WAITER_FOR_REPLY                                             Handle        = 0x801F0020
+	ERROR_FLT_REGISTRATION_BUSY                                               Handle        = 0x801F0023
+	ERROR_HUNG_DISPLAY_DRIVER_THREAD                                          Handle        = 0x80260001
+	DWM_E_COMPOSITIONDISABLED                                                 Handle        = 0x80263001
+	DWM_E_REMOTING_NOT_SUPPORTED                                              Handle        = 0x80263002
+	DWM_E_NO_REDIRECTION_SURFACE_AVAILABLE                                    Handle        = 0x80263003
+	DWM_E_NOT_QUEUING_PRESENTS                                                Handle        = 0x80263004
+	DWM_E_ADAPTER_NOT_FOUND                                                   Handle        = 0x80263005
+	DWM_S_GDI_REDIRECTION_SURFACE                                             Handle        = 0x00263005
+	DWM_E_TEXTURE_TOO_LARGE                                                   Handle        = 0x80263007
+	DWM_S_GDI_REDIRECTION_SURFACE_BLT_VIA_GDI                                 Handle        = 0x00263008
+	ERROR_MONITOR_NO_DESCRIPTOR                                               Handle        = 0x00261001
+	ERROR_MONITOR_UNKNOWN_DESCRIPTOR_FORMAT                                   Handle        = 0x00261002
+	ERROR_MONITOR_INVALID_DESCRIPTOR_CHECKSUM                                 Handle        = 0xC0261003
+	ERROR_MONITOR_INVALID_STANDARD_TIMING_BLOCK                               Handle        = 0xC0261004
+	ERROR_MONITOR_WMI_DATABLOCK_REGISTRATION_FAILED                           Handle        = 0xC0261005
+	ERROR_MONITOR_INVALID_SERIAL_NUMBER_MONDSC_BLOCK                          Handle        = 0xC0261006
+	ERROR_MONITOR_INVALID_USER_FRIENDLY_MONDSC_BLOCK                          Handle        = 0xC0261007
+	ERROR_MONITOR_NO_MORE_DESCRIPTOR_DATA                                     Handle        = 0xC0261008
+	ERROR_MONITOR_INVALID_DETAILED_TIMING_BLOCK                               Handle        = 0xC0261009
+	ERROR_MONITOR_INVALID_MANUFACTURE_DATE                                    Handle        = 0xC026100A
+	ERROR_GRAPHICS_NOT_EXCLUSIVE_MODE_OWNER                                   Handle        = 0xC0262000
+	ERROR_GRAPHICS_INSUFFICIENT_DMA_BUFFER                                    Handle        = 0xC0262001
+	ERROR_GRAPHICS_INVALID_DISPLAY_ADAPTER                                    Handle        = 0xC0262002
+	ERROR_GRAPHICS_ADAPTER_WAS_RESET                                          Handle        = 0xC0262003
+	ERROR_GRAPHICS_INVALID_DRIVER_MODEL                                       Handle        = 0xC0262004
+	ERROR_GRAPHICS_PRESENT_MODE_CHANGED                                       Handle        = 0xC0262005
+	ERROR_GRAPHICS_PRESENT_OCCLUDED                                           Handle        = 0xC0262006
+	ERROR_GRAPHICS_PRESENT_DENIED                                             Handle        = 0xC0262007
+	ERROR_GRAPHICS_CANNOTCOLORCONVERT                                         Handle        = 0xC0262008
+	ERROR_GRAPHICS_DRIVER_MISMATCH                                            Handle        = 0xC0262009
+	ERROR_GRAPHICS_PARTIAL_DATA_POPULATED                                     Handle        = 0x4026200A
+	ERROR_GRAPHICS_PRESENT_REDIRECTION_DISABLED                               Handle        = 0xC026200B
+	ERROR_GRAPHICS_PRESENT_UNOCCLUDED                                         Handle        = 0xC026200C
+	ERROR_GRAPHICS_WINDOWDC_NOT_AVAILABLE                                     Handle        = 0xC026200D
+	ERROR_GRAPHICS_WINDOWLESS_PRESENT_DISABLED                                Handle        = 0xC026200E
+	ERROR_GRAPHICS_PRESENT_INVALID_WINDOW                                     Handle        = 0xC026200F
+	ERROR_GRAPHICS_PRESENT_BUFFER_NOT_BOUND                                   Handle        = 0xC0262010
+	ERROR_GRAPHICS_VAIL_STATE_CHANGED                                         Handle        = 0xC0262011
+	ERROR_GRAPHICS_INDIRECT_DISPLAY_ABANDON_SWAPCHAIN                         Handle        = 0xC0262012
+	ERROR_GRAPHICS_INDIRECT_DISPLAY_DEVICE_STOPPED                            Handle        = 0xC0262013
+	ERROR_GRAPHICS_NO_VIDEO_MEMORY                                            Handle        = 0xC0262100
+	ERROR_GRAPHICS_CANT_LOCK_MEMORY                                           Handle        = 0xC0262101
+	ERROR_GRAPHICS_ALLOCATION_BUSY                                            Handle        = 0xC0262102
+	ERROR_GRAPHICS_TOO_MANY_REFERENCES                                        Handle        = 0xC0262103
+	ERROR_GRAPHICS_TRY_AGAIN_LATER                                            Handle        = 0xC0262104
+	ERROR_GRAPHICS_TRY_AGAIN_NOW                                              Handle        = 0xC0262105
+	ERROR_GRAPHICS_ALLOCATION_INVALID                                         Handle        = 0xC0262106
+	ERROR_GRAPHICS_UNSWIZZLING_APERTURE_UNAVAILABLE                           Handle        = 0xC0262107
+	ERROR_GRAPHICS_UNSWIZZLING_APERTURE_UNSUPPORTED                           Handle        = 0xC0262108
+	ERROR_GRAPHICS_CANT_EVICT_PINNED_ALLOCATION                               Handle        = 0xC0262109
+	ERROR_GRAPHICS_INVALID_ALLOCATION_USAGE                                   Handle        = 0xC0262110
+	ERROR_GRAPHICS_CANT_RENDER_LOCKED_ALLOCATION                              Handle        = 0xC0262111
+	ERROR_GRAPHICS_ALLOCATION_CLOSED                                          Handle        = 0xC0262112
+	ERROR_GRAPHICS_INVALID_ALLOCATION_INSTANCE                                Handle        = 0xC0262113
+	ERROR_GRAPHICS_INVALID_ALLOCATION_HANDLE                                  Handle        = 0xC0262114
+	ERROR_GRAPHICS_WRONG_ALLOCATION_DEVICE                                    Handle        = 0xC0262115
+	ERROR_GRAPHICS_ALLOCATION_CONTENT_LOST                                    Handle        = 0xC0262116
+	ERROR_GRAPHICS_GPU_EXCEPTION_ON_DEVICE                                    Handle        = 0xC0262200
+	ERROR_GRAPHICS_SKIP_ALLOCATION_PREPARATION                                Handle        = 0x40262201
+	ERROR_GRAPHICS_INVALID_VIDPN_TOPOLOGY                                     Handle        = 0xC0262300
+	ERROR_GRAPHICS_VIDPN_TOPOLOGY_NOT_SUPPORTED                               Handle        = 0xC0262301
+	ERROR_GRAPHICS_VIDPN_TOPOLOGY_CURRENTLY_NOT_SUPPORTED                     Handle        = 0xC0262302
+	ERROR_GRAPHICS_INVALID_VIDPN                                              Handle        = 0xC0262303
+	ERROR_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE                               Handle        = 0xC0262304
+	ERROR_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET                               Handle        = 0xC0262305
+	ERROR_GRAPHICS_VIDPN_MODALITY_NOT_SUPPORTED                               Handle        = 0xC0262306
+	ERROR_GRAPHICS_MODE_NOT_PINNED                                            Handle        = 0x00262307
+	ERROR_GRAPHICS_INVALID_VIDPN_SOURCEMODESET                                Handle        = 0xC0262308
+	ERROR_GRAPHICS_INVALID_VIDPN_TARGETMODESET                                Handle        = 0xC0262309
+	ERROR_GRAPHICS_INVALID_FREQUENCY                                          Handle        = 0xC026230A
+	ERROR_GRAPHICS_INVALID_ACTIVE_REGION                                      Handle        = 0xC026230B
+	ERROR_GRAPHICS_INVALID_TOTAL_REGION                                       Handle        = 0xC026230C
+	ERROR_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE_MODE                          Handle        = 0xC0262310
+	ERROR_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET_MODE                          Handle        = 0xC0262311
+	ERROR_GRAPHICS_PINNED_MODE_MUST_REMAIN_IN_SET                             Handle        = 0xC0262312
+	ERROR_GRAPHICS_PATH_ALREADY_IN_TOPOLOGY                                   Handle        = 0xC0262313
+	ERROR_GRAPHICS_MODE_ALREADY_IN_MODESET                                    Handle        = 0xC0262314
+	ERROR_GRAPHICS_INVALID_VIDEOPRESENTSOURCESET                              Handle        = 0xC0262315
+	ERROR_GRAPHICS_INVALID_VIDEOPRESENTTARGETSET                              Handle        = 0xC0262316
+	ERROR_GRAPHICS_SOURCE_ALREADY_IN_SET                                      Handle        = 0xC0262317
+	ERROR_GRAPHICS_TARGET_ALREADY_IN_SET                                      Handle        = 0xC0262318
+	ERROR_GRAPHICS_INVALID_VIDPN_PRESENT_PATH                                 Handle        = 0xC0262319
+	ERROR_GRAPHICS_NO_RECOMMENDED_VIDPN_TOPOLOGY                              Handle        = 0xC026231A
+	ERROR_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGESET                          Handle        = 0xC026231B
+	ERROR_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE                             Handle        = 0xC026231C
+	ERROR_GRAPHICS_FREQUENCYRANGE_NOT_IN_SET                                  Handle        = 0xC026231D
+	ERROR_GRAPHICS_NO_PREFERRED_MODE                                          Handle        = 0x0026231E
+	ERROR_GRAPHICS_FREQUENCYRANGE_ALREADY_IN_SET                              Handle        = 0xC026231F
+	ERROR_GRAPHICS_STALE_MODESET                                              Handle        = 0xC0262320
+	ERROR_GRAPHICS_INVALID_MONITOR_SOURCEMODESET                              Handle        = 0xC0262321
+	ERROR_GRAPHICS_INVALID_MONITOR_SOURCE_MODE                                Handle        = 0xC0262322
+	ERROR_GRAPHICS_NO_RECOMMENDED_FUNCTIONAL_VIDPN                            Handle        = 0xC0262323
+	ERROR_GRAPHICS_MODE_ID_MUST_BE_UNIQUE                                     Handle        = 0xC0262324
+	ERROR_GRAPHICS_EMPTY_ADAPTER_MONITOR_MODE_SUPPORT_INTERSECTION            Handle        = 0xC0262325
+	ERROR_GRAPHICS_VIDEO_PRESENT_TARGETS_LESS_THAN_SOURCES                    Handle        = 0xC0262326
+	ERROR_GRAPHICS_PATH_NOT_IN_TOPOLOGY                                       Handle        = 0xC0262327
+	ERROR_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_SOURCE                      Handle        = 0xC0262328
+	ERROR_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_TARGET                      Handle        = 0xC0262329
+	ERROR_GRAPHICS_INVALID_MONITORDESCRIPTORSET                               Handle        = 0xC026232A
+	ERROR_GRAPHICS_INVALID_MONITORDESCRIPTOR                                  Handle        = 0xC026232B
+	ERROR_GRAPHICS_MONITORDESCRIPTOR_NOT_IN_SET                               Handle        = 0xC026232C
+	ERROR_GRAPHICS_MONITORDESCRIPTOR_ALREADY_IN_SET                           Handle        = 0xC026232D
+	ERROR_GRAPHICS_MONITORDESCRIPTOR_ID_MUST_BE_UNIQUE                        Handle        = 0xC026232E
+	ERROR_GRAPHICS_INVALID_VIDPN_TARGET_SUBSET_TYPE                           Handle        = 0xC026232F
+	ERROR_GRAPHICS_RESOURCES_NOT_RELATED                                      Handle        = 0xC0262330
+	ERROR_GRAPHICS_SOURCE_ID_MUST_BE_UNIQUE                                   Handle        = 0xC0262331
+	ERROR_GRAPHICS_TARGET_ID_MUST_BE_UNIQUE                                   Handle        = 0xC0262332
+	ERROR_GRAPHICS_NO_AVAILABLE_VIDPN_TARGET                                  Handle        = 0xC0262333
+	ERROR_GRAPHICS_MONITOR_COULD_NOT_BE_ASSOCIATED_WITH_ADAPTER               Handle        = 0xC0262334
+	ERROR_GRAPHICS_NO_VIDPNMGR                                                Handle        = 0xC0262335
+	ERROR_GRAPHICS_NO_ACTIVE_VIDPN                                            Handle        = 0xC0262336
+	ERROR_GRAPHICS_STALE_VIDPN_TOPOLOGY                                       Handle        = 0xC0262337
+	ERROR_GRAPHICS_MONITOR_NOT_CONNECTED                                      Handle        = 0xC0262338
+	ERROR_GRAPHICS_SOURCE_NOT_IN_TOPOLOGY                                     Handle        = 0xC0262339
+	ERROR_GRAPHICS_INVALID_PRIMARYSURFACE_SIZE                                Handle        = 0xC026233A
+	ERROR_GRAPHICS_INVALID_VISIBLEREGION_SIZE                                 Handle        = 0xC026233B
+	ERROR_GRAPHICS_INVALID_STRIDE                                             Handle        = 0xC026233C
+	ERROR_GRAPHICS_INVALID_PIXELFORMAT                                        Handle        = 0xC026233D
+	ERROR_GRAPHICS_INVALID_COLORBASIS                                         Handle        = 0xC026233E
+	ERROR_GRAPHICS_INVALID_PIXELVALUEACCESSMODE                               Handle        = 0xC026233F
+	ERROR_GRAPHICS_TARGET_NOT_IN_TOPOLOGY                                     Handle        = 0xC0262340
+	ERROR_GRAPHICS_NO_DISPLAY_MODE_MANAGEMENT_SUPPORT                         Handle        = 0xC0262341
+	ERROR_GRAPHICS_VIDPN_SOURCE_IN_USE                                        Handle        = 0xC0262342
+	ERROR_GRAPHICS_CANT_ACCESS_ACTIVE_VIDPN                                   Handle        = 0xC0262343
+	ERROR_GRAPHICS_INVALID_PATH_IMPORTANCE_ORDINAL                            Handle        = 0xC0262344
+	ERROR_GRAPHICS_INVALID_PATH_CONTENT_GEOMETRY_TRANSFORMATION               Handle        = 0xC0262345
+	ERROR_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_SUPPORTED         Handle        = 0xC0262346
+	ERROR_GRAPHICS_INVALID_GAMMA_RAMP                                         Handle        = 0xC0262347
+	ERROR_GRAPHICS_GAMMA_RAMP_NOT_SUPPORTED                                   Handle        = 0xC0262348
+	ERROR_GRAPHICS_MULTISAMPLING_NOT_SUPPORTED                                Handle        = 0xC0262349
+	ERROR_GRAPHICS_MODE_NOT_IN_MODESET                                        Handle        = 0xC026234A
+	ERROR_GRAPHICS_DATASET_IS_EMPTY                                           Handle        = 0x0026234B
+	ERROR_GRAPHICS_NO_MORE_ELEMENTS_IN_DATASET                                Handle        = 0x0026234C
+	ERROR_GRAPHICS_INVALID_VIDPN_TOPOLOGY_RECOMMENDATION_REASON               Handle        = 0xC026234D
+	ERROR_GRAPHICS_INVALID_PATH_CONTENT_TYPE                                  Handle        = 0xC026234E
+	ERROR_GRAPHICS_INVALID_COPYPROTECTION_TYPE                                Handle        = 0xC026234F
+	ERROR_GRAPHICS_UNASSIGNED_MODESET_ALREADY_EXISTS                          Handle        = 0xC0262350
+	ERROR_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_PINNED            Handle        = 0x00262351
+	ERROR_GRAPHICS_INVALID_SCANLINE_ORDERING                                  Handle        = 0xC0262352
+	ERROR_GRAPHICS_TOPOLOGY_CHANGES_NOT_ALLOWED                               Handle        = 0xC0262353
+	ERROR_GRAPHICS_NO_AVAILABLE_IMPORTANCE_ORDINALS                           Handle        = 0xC0262354
+	ERROR_GRAPHICS_INCOMPATIBLE_PRIVATE_FORMAT                                Handle        = 0xC0262355
+	ERROR_GRAPHICS_INVALID_MODE_PRUNING_ALGORITHM                             Handle        = 0xC0262356
+	ERROR_GRAPHICS_INVALID_MONITOR_CAPABILITY_ORIGIN                          Handle        = 0xC0262357
+	ERROR_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE_CONSTRAINT                  Handle        = 0xC0262358
+	ERROR_GRAPHICS_MAX_NUM_PATHS_REACHED                                      Handle        = 0xC0262359
+	ERROR_GRAPHICS_CANCEL_VIDPN_TOPOLOGY_AUGMENTATION                         Handle        = 0xC026235A
+	ERROR_GRAPHICS_INVALID_CLIENT_TYPE                                        Handle        = 0xC026235B
+	ERROR_GRAPHICS_CLIENTVIDPN_NOT_SET                                        Handle        = 0xC026235C
+	ERROR_GRAPHICS_SPECIFIED_CHILD_ALREADY_CONNECTED                          Handle        = 0xC0262400
+	ERROR_GRAPHICS_CHILD_DESCRIPTOR_NOT_SUPPORTED                             Handle        = 0xC0262401
+	ERROR_GRAPHICS_UNKNOWN_CHILD_STATUS                                       Handle        = 0x4026242F
+	ERROR_GRAPHICS_NOT_A_LINKED_ADAPTER                                       Handle        = 0xC0262430
+	ERROR_GRAPHICS_LEADLINK_NOT_ENUMERATED                                    Handle        = 0xC0262431
+	ERROR_GRAPHICS_CHAINLINKS_NOT_ENUMERATED                                  Handle        = 0xC0262432
+	ERROR_GRAPHICS_ADAPTER_CHAIN_NOT_READY                                    Handle        = 0xC0262433
+	ERROR_GRAPHICS_CHAINLINKS_NOT_STARTED                                     Handle        = 0xC0262434
+	ERROR_GRAPHICS_CHAINLINKS_NOT_POWERED_ON                                  Handle        = 0xC0262435
+	ERROR_GRAPHICS_INCONSISTENT_DEVICE_LINK_STATE                             Handle        = 0xC0262436
+	ERROR_GRAPHICS_LEADLINK_START_DEFERRED                                    Handle        = 0x40262437
+	ERROR_GRAPHICS_NOT_POST_DEVICE_DRIVER                                     Handle        = 0xC0262438
+	ERROR_GRAPHICS_POLLING_TOO_FREQUENTLY                                     Handle        = 0x40262439
+	ERROR_GRAPHICS_START_DEFERRED                                             Handle        = 0x4026243A
+	ERROR_GRAPHICS_ADAPTER_ACCESS_NOT_EXCLUDED                                Handle        = 0xC026243B
+	ERROR_GRAPHICS_DEPENDABLE_CHILD_STATUS                                    Handle        = 0x4026243C
+	ERROR_GRAPHICS_OPM_NOT_SUPPORTED                                          Handle        = 0xC0262500
+	ERROR_GRAPHICS_COPP_NOT_SUPPORTED                                         Handle        = 0xC0262501
+	ERROR_GRAPHICS_UAB_NOT_SUPPORTED                                          Handle        = 0xC0262502
+	ERROR_GRAPHICS_OPM_INVALID_ENCRYPTED_PARAMETERS                           Handle        = 0xC0262503
+	ERROR_GRAPHICS_OPM_NO_VIDEO_OUTPUTS_EXIST                                 Handle        = 0xC0262505
+	ERROR_GRAPHICS_OPM_INTERNAL_ERROR                                         Handle        = 0xC026250B
+	ERROR_GRAPHICS_OPM_INVALID_HANDLE                                         Handle        = 0xC026250C
+	ERROR_GRAPHICS_PVP_INVALID_CERTIFICATE_LENGTH                             Handle        = 0xC026250E
+	ERROR_GRAPHICS_OPM_SPANNING_MODE_ENABLED                                  Handle        = 0xC026250F
+	ERROR_GRAPHICS_OPM_THEATER_MODE_ENABLED                                   Handle        = 0xC0262510
+	ERROR_GRAPHICS_PVP_HFS_FAILED                                             Handle        = 0xC0262511
+	ERROR_GRAPHICS_OPM_INVALID_SRM                                            Handle        = 0xC0262512
+	ERROR_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_HDCP                           Handle        = 0xC0262513
+	ERROR_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_ACP                            Handle        = 0xC0262514
+	ERROR_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_CGMSA                          Handle        = 0xC0262515
+	ERROR_GRAPHICS_OPM_HDCP_SRM_NEVER_SET                                     Handle        = 0xC0262516
+	ERROR_GRAPHICS_OPM_RESOLUTION_TOO_HIGH                                    Handle        = 0xC0262517
+	ERROR_GRAPHICS_OPM_ALL_HDCP_HARDWARE_ALREADY_IN_USE                       Handle        = 0xC0262518
+	ERROR_GRAPHICS_OPM_VIDEO_OUTPUT_NO_LONGER_EXISTS                          Handle        = 0xC026251A
+	ERROR_GRAPHICS_OPM_SESSION_TYPE_CHANGE_IN_PROGRESS                        Handle        = 0xC026251B
+	ERROR_GRAPHICS_OPM_VIDEO_OUTPUT_DOES_NOT_HAVE_COPP_SEMANTICS              Handle        = 0xC026251C
+	ERROR_GRAPHICS_OPM_INVALID_INFORMATION_REQUEST                            Handle        = 0xC026251D
+	ERROR_GRAPHICS_OPM_DRIVER_INTERNAL_ERROR                                  Handle        = 0xC026251E
+	ERROR_GRAPHICS_OPM_VIDEO_OUTPUT_DOES_NOT_HAVE_OPM_SEMANTICS               Handle        = 0xC026251F
+	ERROR_GRAPHICS_OPM_SIGNALING_NOT_SUPPORTED                                Handle        = 0xC0262520
+	ERROR_GRAPHICS_OPM_INVALID_CONFIGURATION_REQUEST                          Handle        = 0xC0262521
+	ERROR_GRAPHICS_I2C_NOT_SUPPORTED                                          Handle        = 0xC0262580
+	ERROR_GRAPHICS_I2C_DEVICE_DOES_NOT_EXIST                                  Handle        = 0xC0262581
+	ERROR_GRAPHICS_I2C_ERROR_TRANSMITTING_DATA                                Handle        = 0xC0262582
+	ERROR_GRAPHICS_I2C_ERROR_RECEIVING_DATA                                   Handle        = 0xC0262583
+	ERROR_GRAPHICS_DDCCI_VCP_NOT_SUPPORTED                                    Handle        = 0xC0262584
+	ERROR_GRAPHICS_DDCCI_INVALID_DATA                                         Handle        = 0xC0262585
+	ERROR_GRAPHICS_DDCCI_MONITOR_RETURNED_INVALID_TIMING_STATUS_BYTE          Handle        = 0xC0262586
+	ERROR_GRAPHICS_MCA_INVALID_CAPABILITIES_STRING                            Handle        = 0xC0262587
+	ERROR_GRAPHICS_MCA_INTERNAL_ERROR                                         Handle        = 0xC0262588
+	ERROR_GRAPHICS_DDCCI_INVALID_MESSAGE_COMMAND                              Handle        = 0xC0262589
+	ERROR_GRAPHICS_DDCCI_INVALID_MESSAGE_LENGTH                               Handle        = 0xC026258A
+	ERROR_GRAPHICS_DDCCI_INVALID_MESSAGE_CHECKSUM                             Handle        = 0xC026258B
+	ERROR_GRAPHICS_INVALID_PHYSICAL_MONITOR_HANDLE                            Handle        = 0xC026258C
+	ERROR_GRAPHICS_MONITOR_NO_LONGER_EXISTS                                   Handle        = 0xC026258D
+	ERROR_GRAPHICS_DDCCI_CURRENT_CURRENT_VALUE_GREATER_THAN_MAXIMUM_VALUE     Handle        = 0xC02625D8
+	ERROR_GRAPHICS_MCA_INVALID_VCP_VERSION                                    Handle        = 0xC02625D9
+	ERROR_GRAPHICS_MCA_MONITOR_VIOLATES_MCCS_SPECIFICATION                    Handle        = 0xC02625DA
+	ERROR_GRAPHICS_MCA_MCCS_VERSION_MISMATCH                                  Handle        = 0xC02625DB
+	ERROR_GRAPHICS_MCA_UNSUPPORTED_MCCS_VERSION                               Handle        = 0xC02625DC
+	ERROR_GRAPHICS_MCA_INVALID_TECHNOLOGY_TYPE_RETURNED                       Handle        = 0xC02625DE
+	ERROR_GRAPHICS_MCA_UNSUPPORTED_COLOR_TEMPERATURE                          Handle        = 0xC02625DF
+	ERROR_GRAPHICS_ONLY_CONSOLE_SESSION_SUPPORTED                             Handle        = 0xC02625E0
+	ERROR_GRAPHICS_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME                      Handle        = 0xC02625E1
+	ERROR_GRAPHICS_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP                     Handle        = 0xC02625E2
+	ERROR_GRAPHICS_MIRRORING_DEVICES_NOT_SUPPORTED                            Handle        = 0xC02625E3
+	ERROR_GRAPHICS_INVALID_POINTER                                            Handle        = 0xC02625E4
+	ERROR_GRAPHICS_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE                   Handle        = 0xC02625E5
+	ERROR_GRAPHICS_PARAMETER_ARRAY_TOO_SMALL                                  Handle        = 0xC02625E6
+	ERROR_GRAPHICS_INTERNAL_ERROR                                             Handle        = 0xC02625E7
+	ERROR_GRAPHICS_SESSION_TYPE_CHANGE_IN_PROGRESS                            Handle        = 0xC02605E8
+	NAP_E_INVALID_PACKET                                                      Handle        = 0x80270001
+	NAP_E_MISSING_SOH                                                         Handle        = 0x80270002
+	NAP_E_CONFLICTING_ID                                                      Handle        = 0x80270003
+	NAP_E_NO_CACHED_SOH                                                       Handle        = 0x80270004
+	NAP_E_STILL_BOUND                                                         Handle        = 0x80270005
+	NAP_E_NOT_REGISTERED                                                      Handle        = 0x80270006
+	NAP_E_NOT_INITIALIZED                                                     Handle        = 0x80270007
+	NAP_E_MISMATCHED_ID                                                       Handle        = 0x80270008
+	NAP_E_NOT_PENDING                                                         Handle        = 0x80270009
+	NAP_E_ID_NOT_FOUND                                                        Handle        = 0x8027000A
+	NAP_E_MAXSIZE_TOO_SMALL                                                   Handle        = 0x8027000B
+	NAP_E_SERVICE_NOT_RUNNING                                                 Handle        = 0x8027000C
+	NAP_S_CERT_ALREADY_PRESENT                                                Handle        = 0x0027000D
+	NAP_E_ENTITY_DISABLED                                                     Handle        = 0x8027000E
+	NAP_E_NETSH_GROUPPOLICY_ERROR                                             Handle        = 0x8027000F
+	NAP_E_TOO_MANY_CALLS                                                      Handle        = 0x80270010
+	NAP_E_SHV_CONFIG_EXISTED                                                  Handle        = 0x80270011
+	NAP_E_SHV_CONFIG_NOT_FOUND                                                Handle        = 0x80270012
+	NAP_E_SHV_TIMEOUT                                                         Handle        = 0x80270013
+	TPM_E_ERROR_MASK                                                          Handle        = 0x80280000
+	TPM_E_AUTHFAIL                                                            Handle        = 0x80280001
+	TPM_E_BADINDEX                                                            Handle        = 0x80280002
+	TPM_E_BAD_PARAMETER                                                       Handle        = 0x80280003
+	TPM_E_AUDITFAILURE                                                        Handle        = 0x80280004
+	TPM_E_CLEAR_DISABLED                                                      Handle        = 0x80280005
+	TPM_E_DEACTIVATED                                                         Handle        = 0x80280006
+	TPM_E_DISABLED                                                            Handle        = 0x80280007
+	TPM_E_DISABLED_CMD                                                        Handle        = 0x80280008
+	TPM_E_FAIL                                                                Handle        = 0x80280009
+	TPM_E_BAD_ORDINAL                                                         Handle        = 0x8028000A
+	TPM_E_INSTALL_DISABLED                                                    Handle        = 0x8028000B
+	TPM_E_INVALID_KEYHANDLE                                                   Handle        = 0x8028000C
+	TPM_E_KEYNOTFOUND                                                         Handle        = 0x8028000D
+	TPM_E_INAPPROPRIATE_ENC                                                   Handle        = 0x8028000E
+	TPM_E_MIGRATEFAIL                                                         Handle        = 0x8028000F
+	TPM_E_INVALID_PCR_INFO                                                    Handle        = 0x80280010
+	TPM_E_NOSPACE                                                             Handle        = 0x80280011
+	TPM_E_NOSRK                                                               Handle        = 0x80280012
+	TPM_E_NOTSEALED_BLOB                                                      Handle        = 0x80280013
+	TPM_E_OWNER_SET                                                           Handle        = 0x80280014
+	TPM_E_RESOURCES                                                           Handle        = 0x80280015
+	TPM_E_SHORTRANDOM                                                         Handle        = 0x80280016
+	TPM_E_SIZE                                                                Handle        = 0x80280017
+	TPM_E_WRONGPCRVAL                                                         Handle        = 0x80280018
+	TPM_E_BAD_PARAM_SIZE                                                      Handle        = 0x80280019
+	TPM_E_SHA_THREAD                                                          Handle        = 0x8028001A
+	TPM_E_SHA_ERROR                                                           Handle        = 0x8028001B
+	TPM_E_FAILEDSELFTEST                                                      Handle        = 0x8028001C
+	TPM_E_AUTH2FAIL                                                           Handle        = 0x8028001D
+	TPM_E_BADTAG                                                              Handle        = 0x8028001E
+	TPM_E_IOERROR                                                             Handle        = 0x8028001F
+	TPM_E_ENCRYPT_ERROR                                                       Handle        = 0x80280020
+	TPM_E_DECRYPT_ERROR                                                       Handle        = 0x80280021
+	TPM_E_INVALID_AUTHHANDLE                                                  Handle        = 0x80280022
+	TPM_E_NO_ENDORSEMENT                                                      Handle        = 0x80280023
+	TPM_E_INVALID_KEYUSAGE                                                    Handle        = 0x80280024
+	TPM_E_WRONG_ENTITYTYPE                                                    Handle        = 0x80280025
+	TPM_E_INVALID_POSTINIT                                                    Handle        = 0x80280026
+	TPM_E_INAPPROPRIATE_SIG                                                   Handle        = 0x80280027
+	TPM_E_BAD_KEY_PROPERTY                                                    Handle        = 0x80280028
+	TPM_E_BAD_MIGRATION                                                       Handle        = 0x80280029
+	TPM_E_BAD_SCHEME                                                          Handle        = 0x8028002A
+	TPM_E_BAD_DATASIZE                                                        Handle        = 0x8028002B
+	TPM_E_BAD_MODE                                                            Handle        = 0x8028002C
+	TPM_E_BAD_PRESENCE                                                        Handle        = 0x8028002D
+	TPM_E_BAD_VERSION                                                         Handle        = 0x8028002E
+	TPM_E_NO_WRAP_TRANSPORT                                                   Handle        = 0x8028002F
+	TPM_E_AUDITFAIL_UNSUCCESSFUL                                              Handle        = 0x80280030
+	TPM_E_AUDITFAIL_SUCCESSFUL                                                Handle        = 0x80280031
+	TPM_E_NOTRESETABLE                                                        Handle        = 0x80280032
+	TPM_E_NOTLOCAL                                                            Handle        = 0x80280033
+	TPM_E_BAD_TYPE                                                            Handle        = 0x80280034
+	TPM_E_INVALID_RESOURCE                                                    Handle        = 0x80280035
+	TPM_E_NOTFIPS                                                             Handle        = 0x80280036
+	TPM_E_INVALID_FAMILY                                                      Handle        = 0x80280037
+	TPM_E_NO_NV_PERMISSION                                                    Handle        = 0x80280038
+	TPM_E_REQUIRES_SIGN                                                       Handle        = 0x80280039
+	TPM_E_KEY_NOTSUPPORTED                                                    Handle        = 0x8028003A
+	TPM_E_AUTH_CONFLICT                                                       Handle        = 0x8028003B
+	TPM_E_AREA_LOCKED                                                         Handle        = 0x8028003C
+	TPM_E_BAD_LOCALITY                                                        Handle        = 0x8028003D
+	TPM_E_READ_ONLY                                                           Handle        = 0x8028003E
+	TPM_E_PER_NOWRITE                                                         Handle        = 0x8028003F
+	TPM_E_FAMILYCOUNT                                                         Handle        = 0x80280040
+	TPM_E_WRITE_LOCKED                                                        Handle        = 0x80280041
+	TPM_E_BAD_ATTRIBUTES                                                      Handle        = 0x80280042
+	TPM_E_INVALID_STRUCTURE                                                   Handle        = 0x80280043
+	TPM_E_KEY_OWNER_CONTROL                                                   Handle        = 0x80280044
+	TPM_E_BAD_COUNTER                                                         Handle        = 0x80280045
+	TPM_E_NOT_FULLWRITE                                                       Handle        = 0x80280046
+	TPM_E_CONTEXT_GAP                                                         Handle        = 0x80280047
+	TPM_E_MAXNVWRITES                                                         Handle        = 0x80280048
+	TPM_E_NOOPERATOR                                                          Handle        = 0x80280049
+	TPM_E_RESOURCEMISSING                                                     Handle        = 0x8028004A
+	TPM_E_DELEGATE_LOCK                                                       Handle        = 0x8028004B
+	TPM_E_DELEGATE_FAMILY                                                     Handle        = 0x8028004C
+	TPM_E_DELEGATE_ADMIN                                                      Handle        = 0x8028004D
+	TPM_E_TRANSPORT_NOTEXCLUSIVE                                              Handle        = 0x8028004E
+	TPM_E_OWNER_CONTROL                                                       Handle        = 0x8028004F
+	TPM_E_DAA_RESOURCES                                                       Handle        = 0x80280050
+	TPM_E_DAA_INPUT_DATA0                                                     Handle        = 0x80280051
+	TPM_E_DAA_INPUT_DATA1                                                     Handle        = 0x80280052
+	TPM_E_DAA_ISSUER_SETTINGS                                                 Handle        = 0x80280053
+	TPM_E_DAA_TPM_SETTINGS                                                    Handle        = 0x80280054
+	TPM_E_DAA_STAGE                                                           Handle        = 0x80280055
+	TPM_E_DAA_ISSUER_VALIDITY                                                 Handle        = 0x80280056
+	TPM_E_DAA_WRONG_W                                                         Handle        = 0x80280057
+	TPM_E_BAD_HANDLE                                                          Handle        = 0x80280058
+	TPM_E_BAD_DELEGATE                                                        Handle        = 0x80280059
+	TPM_E_BADCONTEXT                                                          Handle        = 0x8028005A
+	TPM_E_TOOMANYCONTEXTS                                                     Handle        = 0x8028005B
+	TPM_E_MA_TICKET_SIGNATURE                                                 Handle        = 0x8028005C
+	TPM_E_MA_DESTINATION                                                      Handle        = 0x8028005D
+	TPM_E_MA_SOURCE                                                           Handle        = 0x8028005E
+	TPM_E_MA_AUTHORITY                                                        Handle        = 0x8028005F
+	TPM_E_PERMANENTEK                                                         Handle        = 0x80280061
+	TPM_E_BAD_SIGNATURE                                                       Handle        = 0x80280062
+	TPM_E_NOCONTEXTSPACE                                                      Handle        = 0x80280063
+	TPM_20_E_ASYMMETRIC                                                       Handle        = 0x80280081
+	TPM_20_E_ATTRIBUTES                                                       Handle        = 0x80280082
+	TPM_20_E_HASH                                                             Handle        = 0x80280083
+	TPM_20_E_VALUE                                                            Handle        = 0x80280084
+	TPM_20_E_HIERARCHY                                                        Handle        = 0x80280085
+	TPM_20_E_KEY_SIZE                                                         Handle        = 0x80280087
+	TPM_20_E_MGF                                                              Handle        = 0x80280088
+	TPM_20_E_MODE                                                             Handle        = 0x80280089
+	TPM_20_E_TYPE                                                             Handle        = 0x8028008A
+	TPM_20_E_HANDLE                                                           Handle        = 0x8028008B
+	TPM_20_E_KDF                                                              Handle        = 0x8028008C
+	TPM_20_E_RANGE                                                            Handle        = 0x8028008D
+	TPM_20_E_AUTH_FAIL                                                        Handle        = 0x8028008E
+	TPM_20_E_NONCE                                                            Handle        = 0x8028008F
+	TPM_20_E_PP                                                               Handle        = 0x80280090
+	TPM_20_E_SCHEME                                                           Handle        = 0x80280092
+	TPM_20_E_SIZE                                                             Handle        = 0x80280095
+	TPM_20_E_SYMMETRIC                                                        Handle        = 0x80280096
+	TPM_20_E_TAG                                                              Handle        = 0x80280097
+	TPM_20_E_SELECTOR                                                         Handle        = 0x80280098
+	TPM_20_E_INSUFFICIENT                                                     Handle        = 0x8028009A
+	TPM_20_E_SIGNATURE                                                        Handle        = 0x8028009B
+	TPM_20_E_KEY                                                              Handle        = 0x8028009C
+	TPM_20_E_POLICY_FAIL                                                      Handle        = 0x8028009D
+	TPM_20_E_INTEGRITY                                                        Handle        = 0x8028009F
+	TPM_20_E_TICKET                                                           Handle        = 0x802800A0
+	TPM_20_E_RESERVED_BITS                                                    Handle        = 0x802800A1
+	TPM_20_E_BAD_AUTH                                                         Handle        = 0x802800A2
+	TPM_20_E_EXPIRED                                                          Handle        = 0x802800A3
+	TPM_20_E_POLICY_CC                                                        Handle        = 0x802800A4
+	TPM_20_E_BINDING                                                          Handle        = 0x802800A5
+	TPM_20_E_CURVE                                                            Handle        = 0x802800A6
+	TPM_20_E_ECC_POINT                                                        Handle        = 0x802800A7
+	TPM_20_E_INITIALIZE                                                       Handle        = 0x80280100
+	TPM_20_E_FAILURE                                                          Handle        = 0x80280101
+	TPM_20_E_SEQUENCE                                                         Handle        = 0x80280103
+	TPM_20_E_PRIVATE                                                          Handle        = 0x8028010B
+	TPM_20_E_HMAC                                                             Handle        = 0x80280119
+	TPM_20_E_DISABLED                                                         Handle        = 0x80280120
+	TPM_20_E_EXCLUSIVE                                                        Handle        = 0x80280121
+	TPM_20_E_ECC_CURVE                                                        Handle        = 0x80280123
+	TPM_20_E_AUTH_TYPE                                                        Handle        = 0x80280124
+	TPM_20_E_AUTH_MISSING                                                     Handle        = 0x80280125
+	TPM_20_E_POLICY                                                           Handle        = 0x80280126
+	TPM_20_E_PCR                                                              Handle        = 0x80280127
+	TPM_20_E_PCR_CHANGED                                                      Handle        = 0x80280128
+	TPM_20_E_UPGRADE                                                          Handle        = 0x8028012D
+	TPM_20_E_TOO_MANY_CONTEXTS                                                Handle        = 0x8028012E
+	TPM_20_E_AUTH_UNAVAILABLE                                                 Handle        = 0x8028012F
+	TPM_20_E_REBOOT                                                           Handle        = 0x80280130
+	TPM_20_E_UNBALANCED                                                       Handle        = 0x80280131
+	TPM_20_E_COMMAND_SIZE                                                     Handle        = 0x80280142
+	TPM_20_E_COMMAND_CODE                                                     Handle        = 0x80280143
+	TPM_20_E_AUTHSIZE                                                         Handle        = 0x80280144
+	TPM_20_E_AUTH_CONTEXT                                                     Handle        = 0x80280145
+	TPM_20_E_NV_RANGE                                                         Handle        = 0x80280146
+	TPM_20_E_NV_SIZE                                                          Handle        = 0x80280147
+	TPM_20_E_NV_LOCKED                                                        Handle        = 0x80280148
+	TPM_20_E_NV_AUTHORIZATION                                                 Handle        = 0x80280149
+	TPM_20_E_NV_UNINITIALIZED                                                 Handle        = 0x8028014A
+	TPM_20_E_NV_SPACE                                                         Handle        = 0x8028014B
+	TPM_20_E_NV_DEFINED                                                       Handle        = 0x8028014C
+	TPM_20_E_BAD_CONTEXT                                                      Handle        = 0x80280150
+	TPM_20_E_CPHASH                                                           Handle        = 0x80280151
+	TPM_20_E_PARENT                                                           Handle        = 0x80280152
+	TPM_20_E_NEEDS_TEST                                                       Handle        = 0x80280153
+	TPM_20_E_NO_RESULT                                                        Handle        = 0x80280154
+	TPM_20_E_SENSITIVE                                                        Handle        = 0x80280155
+	TPM_E_COMMAND_BLOCKED                                                     Handle        = 0x80280400
+	TPM_E_INVALID_HANDLE                                                      Handle        = 0x80280401
+	TPM_E_DUPLICATE_VHANDLE                                                   Handle        = 0x80280402
+	TPM_E_EMBEDDED_COMMAND_BLOCKED                                            Handle        = 0x80280403
+	TPM_E_EMBEDDED_COMMAND_UNSUPPORTED                                        Handle        = 0x80280404
+	TPM_E_RETRY                                                               Handle        = 0x80280800
+	TPM_E_NEEDS_SELFTEST                                                      Handle        = 0x80280801
+	TPM_E_DOING_SELFTEST                                                      Handle        = 0x80280802
+	TPM_E_DEFEND_LOCK_RUNNING                                                 Handle        = 0x80280803
+	TPM_20_E_CONTEXT_GAP                                                      Handle        = 0x80280901
+	TPM_20_E_OBJECT_MEMORY                                                    Handle        = 0x80280902
+	TPM_20_E_SESSION_MEMORY                                                   Handle        = 0x80280903
+	TPM_20_E_MEMORY                                                           Handle        = 0x80280904
+	TPM_20_E_SESSION_HANDLES                                                  Handle        = 0x80280905
+	TPM_20_E_OBJECT_HANDLES                                                   Handle        = 0x80280906
+	TPM_20_E_LOCALITY                                                         Handle        = 0x80280907
+	TPM_20_E_YIELDED                                                          Handle        = 0x80280908
+	TPM_20_E_CANCELED                                                         Handle        = 0x80280909
+	TPM_20_E_TESTING                                                          Handle        = 0x8028090A
+	TPM_20_E_NV_RATE                                                          Handle        = 0x80280920
+	TPM_20_E_LOCKOUT                                                          Handle        = 0x80280921
+	TPM_20_E_RETRY                                                            Handle        = 0x80280922
+	TPM_20_E_NV_UNAVAILABLE                                                   Handle        = 0x80280923
+	TBS_E_INTERNAL_ERROR                                                      Handle        = 0x80284001
+	TBS_E_BAD_PARAMETER                                                       Handle        = 0x80284002
+	TBS_E_INVALID_OUTPUT_POINTER                                              Handle        = 0x80284003
+	TBS_E_INVALID_CONTEXT                                                     Handle        = 0x80284004
+	TBS_E_INSUFFICIENT_BUFFER                                                 Handle        = 0x80284005
+	TBS_E_IOERROR                                                             Handle        = 0x80284006
+	TBS_E_INVALID_CONTEXT_PARAM                                               Handle        = 0x80284007
+	TBS_E_SERVICE_NOT_RUNNING                                                 Handle        = 0x80284008
+	TBS_E_TOO_MANY_TBS_CONTEXTS                                               Handle        = 0x80284009
+	TBS_E_TOO_MANY_RESOURCES                                                  Handle        = 0x8028400A
+	TBS_E_SERVICE_START_PENDING                                               Handle        = 0x8028400B
+	TBS_E_PPI_NOT_SUPPORTED                                                   Handle        = 0x8028400C
+	TBS_E_COMMAND_CANCELED                                                    Handle        = 0x8028400D
+	TBS_E_BUFFER_TOO_LARGE                                                    Handle        = 0x8028400E
+	TBS_E_TPM_NOT_FOUND                                                       Handle        = 0x8028400F
+	TBS_E_SERVICE_DISABLED                                                    Handle        = 0x80284010
+	TBS_E_NO_EVENT_LOG                                                        Handle        = 0x80284011
+	TBS_E_ACCESS_DENIED                                                       Handle        = 0x80284012
+	TBS_E_PROVISIONING_NOT_ALLOWED                                            Handle        = 0x80284013
+	TBS_E_PPI_FUNCTION_UNSUPPORTED                                            Handle        = 0x80284014
+	TBS_E_OWNERAUTH_NOT_FOUND                                                 Handle        = 0x80284015
+	TBS_E_PROVISIONING_INCOMPLETE                                             Handle        = 0x80284016
+	TPMAPI_E_INVALID_STATE                                                    Handle        = 0x80290100
+	TPMAPI_E_NOT_ENOUGH_DATA                                                  Handle        = 0x80290101
+	TPMAPI_E_TOO_MUCH_DATA                                                    Handle        = 0x80290102
+	TPMAPI_E_INVALID_OUTPUT_POINTER                                           Handle        = 0x80290103
+	TPMAPI_E_INVALID_PARAMETER                                                Handle        = 0x80290104
+	TPMAPI_E_OUT_OF_MEMORY                                                    Handle        = 0x80290105
+	TPMAPI_E_BUFFER_TOO_SMALL                                                 Handle        = 0x80290106
+	TPMAPI_E_INTERNAL_ERROR                                                   Handle        = 0x80290107
+	TPMAPI_E_ACCESS_DENIED                                                    Handle        = 0x80290108
+	TPMAPI_E_AUTHORIZATION_FAILED                                             Handle        = 0x80290109
+	TPMAPI_E_INVALID_CONTEXT_HANDLE                                           Handle        = 0x8029010A
+	TPMAPI_E_TBS_COMMUNICATION_ERROR                                          Handle        = 0x8029010B
+	TPMAPI_E_TPM_COMMAND_ERROR                                                Handle        = 0x8029010C
+	TPMAPI_E_MESSAGE_TOO_LARGE                                                Handle        = 0x8029010D
+	TPMAPI_E_INVALID_ENCODING                                                 Handle        = 0x8029010E
+	TPMAPI_E_INVALID_KEY_SIZE                                                 Handle        = 0x8029010F
+	TPMAPI_E_ENCRYPTION_FAILED                                                Handle        = 0x80290110
+	TPMAPI_E_INVALID_KEY_PARAMS                                               Handle        = 0x80290111
+	TPMAPI_E_INVALID_MIGRATION_AUTHORIZATION_BLOB                             Handle        = 0x80290112
+	TPMAPI_E_INVALID_PCR_INDEX                                                Handle        = 0x80290113
+	TPMAPI_E_INVALID_DELEGATE_BLOB                                            Handle        = 0x80290114
+	TPMAPI_E_INVALID_CONTEXT_PARAMS                                           Handle        = 0x80290115
+	TPMAPI_E_INVALID_KEY_BLOB                                                 Handle        = 0x80290116
+	TPMAPI_E_INVALID_PCR_DATA                                                 Handle        = 0x80290117
+	TPMAPI_E_INVALID_OWNER_AUTH                                               Handle        = 0x80290118
+	TPMAPI_E_FIPS_RNG_CHECK_FAILED                                            Handle        = 0x80290119
+	TPMAPI_E_EMPTY_TCG_LOG                                                    Handle        = 0x8029011A
+	TPMAPI_E_INVALID_TCG_LOG_ENTRY                                            Handle        = 0x8029011B
+	TPMAPI_E_TCG_SEPARATOR_ABSENT                                             Handle        = 0x8029011C
+	TPMAPI_E_TCG_INVALID_DIGEST_ENTRY                                         Handle        = 0x8029011D
+	TPMAPI_E_POLICY_DENIES_OPERATION                                          Handle        = 0x8029011E
+	TPMAPI_E_NV_BITS_NOT_DEFINED                                              Handle        = 0x8029011F
+	TPMAPI_E_NV_BITS_NOT_READY                                                Handle        = 0x80290120
+	TPMAPI_E_SEALING_KEY_NOT_AVAILABLE                                        Handle        = 0x80290121
+	TPMAPI_E_NO_AUTHORIZATION_CHAIN_FOUND                                     Handle        = 0x80290122
+	TPMAPI_E_SVN_COUNTER_NOT_AVAILABLE                                        Handle        = 0x80290123
+	TPMAPI_E_OWNER_AUTH_NOT_NULL                                              Handle        = 0x80290124
+	TPMAPI_E_ENDORSEMENT_AUTH_NOT_NULL                                        Handle        = 0x80290125
+	TPMAPI_E_AUTHORIZATION_REVOKED                                            Handle        = 0x80290126
+	TPMAPI_E_MALFORMED_AUTHORIZATION_KEY                                      Handle        = 0x80290127
+	TPMAPI_E_AUTHORIZING_KEY_NOT_SUPPORTED                                    Handle        = 0x80290128
+	TPMAPI_E_INVALID_AUTHORIZATION_SIGNATURE                                  Handle        = 0x80290129
+	TPMAPI_E_MALFORMED_AUTHORIZATION_POLICY                                   Handle        = 0x8029012A
+	TPMAPI_E_MALFORMED_AUTHORIZATION_OTHER                                    Handle        = 0x8029012B
+	TPMAPI_E_SEALING_KEY_CHANGED                                              Handle        = 0x8029012C
+	TBSIMP_E_BUFFER_TOO_SMALL                                                 Handle        = 0x80290200
+	TBSIMP_E_CLEANUP_FAILED                                                   Handle        = 0x80290201
+	TBSIMP_E_INVALID_CONTEXT_HANDLE                                           Handle        = 0x80290202
+	TBSIMP_E_INVALID_CONTEXT_PARAM                                            Handle        = 0x80290203
+	TBSIMP_E_TPM_ERROR                                                        Handle        = 0x80290204
+	TBSIMP_E_HASH_BAD_KEY                                                     Handle        = 0x80290205
+	TBSIMP_E_DUPLICATE_VHANDLE                                                Handle        = 0x80290206
+	TBSIMP_E_INVALID_OUTPUT_POINTER                                           Handle        = 0x80290207
+	TBSIMP_E_INVALID_PARAMETER                                                Handle        = 0x80290208
+	TBSIMP_E_RPC_INIT_FAILED                                                  Handle        = 0x80290209
+	TBSIMP_E_SCHEDULER_NOT_RUNNING                                            Handle        = 0x8029020A
+	TBSIMP_E_COMMAND_CANCELED                                                 Handle        = 0x8029020B
+	TBSIMP_E_OUT_OF_MEMORY                                                    Handle        = 0x8029020C
+	TBSIMP_E_LIST_NO_MORE_ITEMS                                               Handle        = 0x8029020D
+	TBSIMP_E_LIST_NOT_FOUND                                                   Handle        = 0x8029020E
+	TBSIMP_E_NOT_ENOUGH_SPACE                                                 Handle        = 0x8029020F
+	TBSIMP_E_NOT_ENOUGH_TPM_CONTEXTS                                          Handle        = 0x80290210
+	TBSIMP_E_COMMAND_FAILED                                                   Handle        = 0x80290211
+	TBSIMP_E_UNKNOWN_ORDINAL                                                  Handle        = 0x80290212
+	TBSIMP_E_RESOURCE_EXPIRED                                                 Handle        = 0x80290213
+	TBSIMP_E_INVALID_RESOURCE                                                 Handle        = 0x80290214
+	TBSIMP_E_NOTHING_TO_UNLOAD                                                Handle        = 0x80290215
+	TBSIMP_E_HASH_TABLE_FULL                                                  Handle        = 0x80290216
+	TBSIMP_E_TOO_MANY_TBS_CONTEXTS                                            Handle        = 0x80290217
+	TBSIMP_E_TOO_MANY_RESOURCES                                               Handle        = 0x80290218
+	TBSIMP_E_PPI_NOT_SUPPORTED                                                Handle        = 0x80290219
+	TBSIMP_E_TPM_INCOMPATIBLE                                                 Handle        = 0x8029021A
+	TBSIMP_E_NO_EVENT_LOG                                                     Handle        = 0x8029021B
+	TPM_E_PPI_ACPI_FAILURE                                                    Handle        = 0x80290300
+	TPM_E_PPI_USER_ABORT                                                      Handle        = 0x80290301
+	TPM_E_PPI_BIOS_FAILURE                                                    Handle        = 0x80290302
+	TPM_E_PPI_NOT_SUPPORTED                                                   Handle        = 0x80290303
+	TPM_E_PPI_BLOCKED_IN_BIOS                                                 Handle        = 0x80290304
+	TPM_E_PCP_ERROR_MASK                                                      Handle        = 0x80290400
+	TPM_E_PCP_DEVICE_NOT_READY                                                Handle        = 0x80290401
+	TPM_E_PCP_INVALID_HANDLE                                                  Handle        = 0x80290402
+	TPM_E_PCP_INVALID_PARAMETER                                               Handle        = 0x80290403
+	TPM_E_PCP_FLAG_NOT_SUPPORTED                                              Handle        = 0x80290404
+	TPM_E_PCP_NOT_SUPPORTED                                                   Handle        = 0x80290405
+	TPM_E_PCP_BUFFER_TOO_SMALL                                                Handle        = 0x80290406
+	TPM_E_PCP_INTERNAL_ERROR                                                  Handle        = 0x80290407
+	TPM_E_PCP_AUTHENTICATION_FAILED                                           Handle        = 0x80290408
+	TPM_E_PCP_AUTHENTICATION_IGNORED                                          Handle        = 0x80290409
+	TPM_E_PCP_POLICY_NOT_FOUND                                                Handle        = 0x8029040A
+	TPM_E_PCP_PROFILE_NOT_FOUND                                               Handle        = 0x8029040B
+	TPM_E_PCP_VALIDATION_FAILED                                               Handle        = 0x8029040C
+	TPM_E_PCP_WRONG_PARENT                                                    Handle        = 0x8029040E
+	TPM_E_KEY_NOT_LOADED                                                      Handle        = 0x8029040F
+	TPM_E_NO_KEY_CERTIFICATION                                                Handle        = 0x80290410
+	TPM_E_KEY_NOT_FINALIZED                                                   Handle        = 0x80290411
+	TPM_E_ATTESTATION_CHALLENGE_NOT_SET                                       Handle        = 0x80290412
+	TPM_E_NOT_PCR_BOUND                                                       Handle        = 0x80290413
+	TPM_E_KEY_ALREADY_FINALIZED                                               Handle        = 0x80290414
+	TPM_E_KEY_USAGE_POLICY_NOT_SUPPORTED                                      Handle        = 0x80290415
+	TPM_E_KEY_USAGE_POLICY_INVALID                                            Handle        = 0x80290416
+	TPM_E_SOFT_KEY_ERROR                                                      Handle        = 0x80290417
+	TPM_E_KEY_NOT_AUTHENTICATED                                               Handle        = 0x80290418
+	TPM_E_PCP_KEY_NOT_AIK                                                     Handle        = 0x80290419
+	TPM_E_KEY_NOT_SIGNING_KEY                                                 Handle        = 0x8029041A
+	TPM_E_LOCKED_OUT                                                          Handle        = 0x8029041B
+	TPM_E_CLAIM_TYPE_NOT_SUPPORTED                                            Handle        = 0x8029041C
+	TPM_E_VERSION_NOT_SUPPORTED                                               Handle        = 0x8029041D
+	TPM_E_BUFFER_LENGTH_MISMATCH                                              Handle        = 0x8029041E
+	TPM_E_PCP_IFX_RSA_KEY_CREATION_BLOCKED                                    Handle        = 0x8029041F
+	TPM_E_PCP_TICKET_MISSING                                                  Handle        = 0x80290420
+	TPM_E_PCP_RAW_POLICY_NOT_SUPPORTED                                        Handle        = 0x80290421
+	TPM_E_PCP_KEY_HANDLE_INVALIDATED                                          Handle        = 0x80290422
+	TPM_E_PCP_UNSUPPORTED_PSS_SALT                                            Handle        = 0x40290423
+	TPM_E_ZERO_EXHAUST_ENABLED                                                Handle        = 0x80290500
+	PLA_E_DCS_NOT_FOUND                                                       Handle        = 0x80300002
+	PLA_E_DCS_IN_USE                                                          Handle        = 0x803000AA
+	PLA_E_TOO_MANY_FOLDERS                                                    Handle        = 0x80300045
+	PLA_E_NO_MIN_DISK                                                         Handle        = 0x80300070
+	PLA_E_DCS_ALREADY_EXISTS                                                  Handle        = 0x803000B7
+	PLA_S_PROPERTY_IGNORED                                                    Handle        = 0x00300100
+	PLA_E_PROPERTY_CONFLICT                                                   Handle        = 0x80300101
+	PLA_E_DCS_SINGLETON_REQUIRED                                              Handle        = 0x80300102
+	PLA_E_CREDENTIALS_REQUIRED                                                Handle        = 0x80300103
+	PLA_E_DCS_NOT_RUNNING                                                     Handle        = 0x80300104
+	PLA_E_CONFLICT_INCL_EXCL_API                                              Handle        = 0x80300105
+	PLA_E_NETWORK_EXE_NOT_VALID                                               Handle        = 0x80300106
+	PLA_E_EXE_ALREADY_CONFIGURED                                              Handle        = 0x80300107
+	PLA_E_EXE_PATH_NOT_VALID                                                  Handle        = 0x80300108
+	PLA_E_DC_ALREADY_EXISTS                                                   Handle        = 0x80300109
+	PLA_E_DCS_START_WAIT_TIMEOUT                                              Handle        = 0x8030010A
+	PLA_E_DC_START_WAIT_TIMEOUT                                               Handle        = 0x8030010B
+	PLA_E_REPORT_WAIT_TIMEOUT                                                 Handle        = 0x8030010C
+	PLA_E_NO_DUPLICATES                                                       Handle        = 0x8030010D
+	PLA_E_EXE_FULL_PATH_REQUIRED                                              Handle        = 0x8030010E
+	PLA_E_INVALID_SESSION_NAME                                                Handle        = 0x8030010F
+	PLA_E_PLA_CHANNEL_NOT_ENABLED                                             Handle        = 0x80300110
+	PLA_E_TASKSCHED_CHANNEL_NOT_ENABLED                                       Handle        = 0x80300111
+	PLA_E_RULES_MANAGER_FAILED                                                Handle        = 0x80300112
+	PLA_E_CABAPI_FAILURE                                                      Handle        = 0x80300113
+	FVE_E_LOCKED_VOLUME                                                       Handle        = 0x80310000
+	FVE_E_NOT_ENCRYPTED                                                       Handle        = 0x80310001
+	FVE_E_NO_TPM_BIOS                                                         Handle        = 0x80310002
+	FVE_E_NO_MBR_METRIC                                                       Handle        = 0x80310003
+	FVE_E_NO_BOOTSECTOR_METRIC                                                Handle        = 0x80310004
+	FVE_E_NO_BOOTMGR_METRIC                                                   Handle        = 0x80310005
+	FVE_E_WRONG_BOOTMGR                                                       Handle        = 0x80310006
+	FVE_E_SECURE_KEY_REQUIRED                                                 Handle        = 0x80310007
+	FVE_E_NOT_ACTIVATED                                                       Handle        = 0x80310008
+	FVE_E_ACTION_NOT_ALLOWED                                                  Handle        = 0x80310009
+	FVE_E_AD_SCHEMA_NOT_INSTALLED                                             Handle        = 0x8031000A
+	FVE_E_AD_INVALID_DATATYPE                                                 Handle        = 0x8031000B
+	FVE_E_AD_INVALID_DATASIZE                                                 Handle        = 0x8031000C
+	FVE_E_AD_NO_VALUES                                                        Handle        = 0x8031000D
+	FVE_E_AD_ATTR_NOT_SET                                                     Handle        = 0x8031000E
+	FVE_E_AD_GUID_NOT_FOUND                                                   Handle        = 0x8031000F
+	FVE_E_BAD_INFORMATION                                                     Handle        = 0x80310010
+	FVE_E_TOO_SMALL                                                           Handle        = 0x80310011
+	FVE_E_SYSTEM_VOLUME                                                       Handle        = 0x80310012
+	FVE_E_FAILED_WRONG_FS                                                     Handle        = 0x80310013
+	FVE_E_BAD_PARTITION_SIZE                                                  Handle        = 0x80310014
+	FVE_E_NOT_SUPPORTED                                                       Handle        = 0x80310015
+	FVE_E_BAD_DATA                                                            Handle        = 0x80310016
+	FVE_E_VOLUME_NOT_BOUND                                                    Handle        = 0x80310017
+	FVE_E_TPM_NOT_OWNED                                                       Handle        = 0x80310018
+	FVE_E_NOT_DATA_VOLUME                                                     Handle        = 0x80310019
+	FVE_E_AD_INSUFFICIENT_BUFFER                                              Handle        = 0x8031001A
+	FVE_E_CONV_READ                                                           Handle        = 0x8031001B
+	FVE_E_CONV_WRITE                                                          Handle        = 0x8031001C
+	FVE_E_KEY_REQUIRED                                                        Handle        = 0x8031001D
+	FVE_E_CLUSTERING_NOT_SUPPORTED                                            Handle        = 0x8031001E
+	FVE_E_VOLUME_BOUND_ALREADY                                                Handle        = 0x8031001F
+	FVE_E_OS_NOT_PROTECTED                                                    Handle        = 0x80310020
+	FVE_E_PROTECTION_DISABLED                                                 Handle        = 0x80310021
+	FVE_E_RECOVERY_KEY_REQUIRED                                               Handle        = 0x80310022
+	FVE_E_FOREIGN_VOLUME                                                      Handle        = 0x80310023
+	FVE_E_OVERLAPPED_UPDATE                                                   Handle        = 0x80310024
+	FVE_E_TPM_SRK_AUTH_NOT_ZERO                                               Handle        = 0x80310025
+	FVE_E_FAILED_SECTOR_SIZE                                                  Handle        = 0x80310026
+	FVE_E_FAILED_AUTHENTICATION                                               Handle        = 0x80310027
+	FVE_E_NOT_OS_VOLUME                                                       Handle        = 0x80310028
+	FVE_E_AUTOUNLOCK_ENABLED                                                  Handle        = 0x80310029
+	FVE_E_WRONG_BOOTSECTOR                                                    Handle        = 0x8031002A
+	FVE_E_WRONG_SYSTEM_FS                                                     Handle        = 0x8031002B
+	FVE_E_POLICY_PASSWORD_REQUIRED                                            Handle        = 0x8031002C
+	FVE_E_CANNOT_SET_FVEK_ENCRYPTED                                           Handle        = 0x8031002D
+	FVE_E_CANNOT_ENCRYPT_NO_KEY                                               Handle        = 0x8031002E
+	FVE_E_BOOTABLE_CDDVD                                                      Handle        = 0x80310030
+	FVE_E_PROTECTOR_EXISTS                                                    Handle        = 0x80310031
+	FVE_E_RELATIVE_PATH                                                       Handle        = 0x80310032
+	FVE_E_PROTECTOR_NOT_FOUND                                                 Handle        = 0x80310033
+	FVE_E_INVALID_KEY_FORMAT                                                  Handle        = 0x80310034
+	FVE_E_INVALID_PASSWORD_FORMAT                                             Handle        = 0x80310035
+	FVE_E_FIPS_RNG_CHECK_FAILED                                               Handle        = 0x80310036
+	FVE_E_FIPS_PREVENTS_RECOVERY_PASSWORD                                     Handle        = 0x80310037
+	FVE_E_FIPS_PREVENTS_EXTERNAL_KEY_EXPORT                                   Handle        = 0x80310038
+	FVE_E_NOT_DECRYPTED                                                       Handle        = 0x80310039
+	FVE_E_INVALID_PROTECTOR_TYPE                                              Handle        = 0x8031003A
+	FVE_E_NO_PROTECTORS_TO_TEST                                               Handle        = 0x8031003B
+	FVE_E_KEYFILE_NOT_FOUND                                                   Handle        = 0x8031003C
+	FVE_E_KEYFILE_INVALID                                                     Handle        = 0x8031003D
+	FVE_E_KEYFILE_NO_VMK                                                      Handle        = 0x8031003E
+	FVE_E_TPM_DISABLED                                                        Handle        = 0x8031003F
+	FVE_E_NOT_ALLOWED_IN_SAFE_MODE                                            Handle        = 0x80310040
+	FVE_E_TPM_INVALID_PCR                                                     Handle        = 0x80310041
+	FVE_E_TPM_NO_VMK                                                          Handle        = 0x80310042
+	FVE_E_PIN_INVALID                                                         Handle        = 0x80310043
+	FVE_E_AUTH_INVALID_APPLICATION                                            Handle        = 0x80310044
+	FVE_E_AUTH_INVALID_CONFIG                                                 Handle        = 0x80310045
+	FVE_E_FIPS_DISABLE_PROTECTION_NOT_ALLOWED                                 Handle        = 0x80310046
+	FVE_E_FS_NOT_EXTENDED                                                     Handle        = 0x80310047
+	FVE_E_FIRMWARE_TYPE_NOT_SUPPORTED                                         Handle        = 0x80310048
+	FVE_E_NO_LICENSE                                                          Handle        = 0x80310049
+	FVE_E_NOT_ON_STACK                                                        Handle        = 0x8031004A
+	FVE_E_FS_MOUNTED                                                          Handle        = 0x8031004B
+	FVE_E_TOKEN_NOT_IMPERSONATED                                              Handle        = 0x8031004C
+	FVE_E_DRY_RUN_FAILED                                                      Handle        = 0x8031004D
+	FVE_E_REBOOT_REQUIRED                                                     Handle        = 0x8031004E
+	FVE_E_DEBUGGER_ENABLED                                                    Handle        = 0x8031004F
+	FVE_E_RAW_ACCESS                                                          Handle        = 0x80310050
+	FVE_E_RAW_BLOCKED                                                         Handle        = 0x80310051
+	FVE_E_BCD_APPLICATIONS_PATH_INCORRECT                                     Handle        = 0x80310052
+	FVE_E_NOT_ALLOWED_IN_VERSION                                              Handle        = 0x80310053
+	FVE_E_NO_AUTOUNLOCK_MASTER_KEY                                            Handle        = 0x80310054
+	FVE_E_MOR_FAILED                                                          Handle        = 0x80310055
+	FVE_E_HIDDEN_VOLUME                                                       Handle        = 0x80310056
+	FVE_E_TRANSIENT_STATE                                                     Handle        = 0x80310057
+	FVE_E_PUBKEY_NOT_ALLOWED                                                  Handle        = 0x80310058
+	FVE_E_VOLUME_HANDLE_OPEN                                                  Handle        = 0x80310059
+	FVE_E_NO_FEATURE_LICENSE                                                  Handle        = 0x8031005A
+	FVE_E_INVALID_STARTUP_OPTIONS                                             Handle        = 0x8031005B
+	FVE_E_POLICY_RECOVERY_PASSWORD_NOT_ALLOWED                                Handle        = 0x8031005C
+	FVE_E_POLICY_RECOVERY_PASSWORD_REQUIRED                                   Handle        = 0x8031005D
+	FVE_E_POLICY_RECOVERY_KEY_NOT_ALLOWED                                     Handle        = 0x8031005E
+	FVE_E_POLICY_RECOVERY_KEY_REQUIRED                                        Handle        = 0x8031005F
+	FVE_E_POLICY_STARTUP_PIN_NOT_ALLOWED                                      Handle        = 0x80310060
+	FVE_E_POLICY_STARTUP_PIN_REQUIRED                                         Handle        = 0x80310061
+	FVE_E_POLICY_STARTUP_KEY_NOT_ALLOWED                                      Handle        = 0x80310062
+	FVE_E_POLICY_STARTUP_KEY_REQUIRED                                         Handle        = 0x80310063
+	FVE_E_POLICY_STARTUP_PIN_KEY_NOT_ALLOWED                                  Handle        = 0x80310064
+	FVE_E_POLICY_STARTUP_PIN_KEY_REQUIRED                                     Handle        = 0x80310065
+	FVE_E_POLICY_STARTUP_TPM_NOT_ALLOWED                                      Handle        = 0x80310066
+	FVE_E_POLICY_STARTUP_TPM_REQUIRED                                         Handle        = 0x80310067
+	FVE_E_POLICY_INVALID_PIN_LENGTH                                           Handle        = 0x80310068
+	FVE_E_KEY_PROTECTOR_NOT_SUPPORTED                                         Handle        = 0x80310069
+	FVE_E_POLICY_PASSPHRASE_NOT_ALLOWED                                       Handle        = 0x8031006A
+	FVE_E_POLICY_PASSPHRASE_REQUIRED                                          Handle        = 0x8031006B
+	FVE_E_FIPS_PREVENTS_PASSPHRASE                                            Handle        = 0x8031006C
+	FVE_E_OS_VOLUME_PASSPHRASE_NOT_ALLOWED                                    Handle        = 0x8031006D
+	FVE_E_INVALID_BITLOCKER_OID                                               Handle        = 0x8031006E
+	FVE_E_VOLUME_TOO_SMALL                                                    Handle        = 0x8031006F
+	FVE_E_DV_NOT_SUPPORTED_ON_FS                                              Handle        = 0x80310070
+	FVE_E_DV_NOT_ALLOWED_BY_GP                                                Handle        = 0x80310071
+	FVE_E_POLICY_USER_CERTIFICATE_NOT_ALLOWED                                 Handle        = 0x80310072
+	FVE_E_POLICY_USER_CERTIFICATE_REQUIRED                                    Handle        = 0x80310073
+	FVE_E_POLICY_USER_CERT_MUST_BE_HW                                         Handle        = 0x80310074
+	FVE_E_POLICY_USER_CONFIGURE_FDV_AUTOUNLOCK_NOT_ALLOWED                    Handle        = 0x80310075
+	FVE_E_POLICY_USER_CONFIGURE_RDV_AUTOUNLOCK_NOT_ALLOWED                    Handle        = 0x80310076
+	FVE_E_POLICY_USER_CONFIGURE_RDV_NOT_ALLOWED                               Handle        = 0x80310077
+	FVE_E_POLICY_USER_ENABLE_RDV_NOT_ALLOWED                                  Handle        = 0x80310078
+	FVE_E_POLICY_USER_DISABLE_RDV_NOT_ALLOWED                                 Handle        = 0x80310079
+	FVE_E_POLICY_INVALID_PASSPHRASE_LENGTH                                    Handle        = 0x80310080
+	FVE_E_POLICY_PASSPHRASE_TOO_SIMPLE                                        Handle        = 0x80310081
+	FVE_E_RECOVERY_PARTITION                                                  Handle        = 0x80310082
+	FVE_E_POLICY_CONFLICT_FDV_RK_OFF_AUK_ON                                   Handle        = 0x80310083
+	FVE_E_POLICY_CONFLICT_RDV_RK_OFF_AUK_ON                                   Handle        = 0x80310084
+	FVE_E_NON_BITLOCKER_OID                                                   Handle        = 0x80310085
+	FVE_E_POLICY_PROHIBITS_SELFSIGNED                                         Handle        = 0x80310086
+	FVE_E_POLICY_CONFLICT_RO_AND_STARTUP_KEY_REQUIRED                         Handle        = 0x80310087
+	FVE_E_CONV_RECOVERY_FAILED                                                Handle        = 0x80310088
+	FVE_E_VIRTUALIZED_SPACE_TOO_BIG                                           Handle        = 0x80310089
+	FVE_E_POLICY_CONFLICT_OSV_RP_OFF_ADB_ON                                   Handle        = 0x80310090
+	FVE_E_POLICY_CONFLICT_FDV_RP_OFF_ADB_ON                                   Handle        = 0x80310091
+	FVE_E_POLICY_CONFLICT_RDV_RP_OFF_ADB_ON                                   Handle        = 0x80310092
+	FVE_E_NON_BITLOCKER_KU                                                    Handle        = 0x80310093
+	FVE_E_PRIVATEKEY_AUTH_FAILED                                              Handle        = 0x80310094
+	FVE_E_REMOVAL_OF_DRA_FAILED                                               Handle        = 0x80310095
+	FVE_E_OPERATION_NOT_SUPPORTED_ON_VISTA_VOLUME                             Handle        = 0x80310096
+	FVE_E_CANT_LOCK_AUTOUNLOCK_ENABLED_VOLUME                                 Handle        = 0x80310097
+	FVE_E_FIPS_HASH_KDF_NOT_ALLOWED                                           Handle        = 0x80310098
+	FVE_E_ENH_PIN_INVALID                                                     Handle        = 0x80310099
+	FVE_E_INVALID_PIN_CHARS                                                   Handle        = 0x8031009A
+	FVE_E_INVALID_DATUM_TYPE                                                  Handle        = 0x8031009B
+	FVE_E_EFI_ONLY                                                            Handle        = 0x8031009C
+	FVE_E_MULTIPLE_NKP_CERTS                                                  Handle        = 0x8031009D
+	FVE_E_REMOVAL_OF_NKP_FAILED                                               Handle        = 0x8031009E
+	FVE_E_INVALID_NKP_CERT                                                    Handle        = 0x8031009F
+	FVE_E_NO_EXISTING_PIN                                                     Handle        = 0x803100A0
+	FVE_E_PROTECTOR_CHANGE_PIN_MISMATCH                                       Handle        = 0x803100A1
+	FVE_E_PIN_PROTECTOR_CHANGE_BY_STD_USER_DISALLOWED                         Handle        = 0x803100A2
+	FVE_E_PROTECTOR_CHANGE_MAX_PIN_CHANGE_ATTEMPTS_REACHED                    Handle        = 0x803100A3
+	FVE_E_POLICY_PASSPHRASE_REQUIRES_ASCII                                    Handle        = 0x803100A4
+	FVE_E_FULL_ENCRYPTION_NOT_ALLOWED_ON_TP_STORAGE                           Handle        = 0x803100A5
+	FVE_E_WIPE_NOT_ALLOWED_ON_TP_STORAGE                                      Handle        = 0x803100A6
+	FVE_E_KEY_LENGTH_NOT_SUPPORTED_BY_EDRIVE                                  Handle        = 0x803100A7
+	FVE_E_NO_EXISTING_PASSPHRASE                                              Handle        = 0x803100A8
+	FVE_E_PROTECTOR_CHANGE_PASSPHRASE_MISMATCH                                Handle        = 0x803100A9
+	FVE_E_PASSPHRASE_TOO_LONG                                                 Handle        = 0x803100AA
+	FVE_E_NO_PASSPHRASE_WITH_TPM                                              Handle        = 0x803100AB
+	FVE_E_NO_TPM_WITH_PASSPHRASE                                              Handle        = 0x803100AC
+	FVE_E_NOT_ALLOWED_ON_CSV_STACK                                            Handle        = 0x803100AD
+	FVE_E_NOT_ALLOWED_ON_CLUSTER                                              Handle        = 0x803100AE
+	FVE_E_EDRIVE_NO_FAILOVER_TO_SW                                            Handle        = 0x803100AF
+	FVE_E_EDRIVE_BAND_IN_USE                                                  Handle        = 0x803100B0
+	FVE_E_EDRIVE_DISALLOWED_BY_GP                                             Handle        = 0x803100B1
+	FVE_E_EDRIVE_INCOMPATIBLE_VOLUME                                          Handle        = 0x803100B2
+	FVE_E_NOT_ALLOWED_TO_UPGRADE_WHILE_CONVERTING                             Handle        = 0x803100B3
+	FVE_E_EDRIVE_DV_NOT_SUPPORTED                                             Handle        = 0x803100B4
+	FVE_E_NO_PREBOOT_KEYBOARD_DETECTED                                        Handle        = 0x803100B5
+	FVE_E_NO_PREBOOT_KEYBOARD_OR_WINRE_DETECTED                               Handle        = 0x803100B6
+	FVE_E_POLICY_REQUIRES_STARTUP_PIN_ON_TOUCH_DEVICE                         Handle        = 0x803100B7
+	FVE_E_POLICY_REQUIRES_RECOVERY_PASSWORD_ON_TOUCH_DEVICE                   Handle        = 0x803100B8
+	FVE_E_WIPE_CANCEL_NOT_APPLICABLE                                          Handle        = 0x803100B9
+	FVE_E_SECUREBOOT_DISABLED                                                 Handle        = 0x803100BA
+	FVE_E_SECUREBOOT_CONFIGURATION_INVALID                                    Handle        = 0x803100BB
+	FVE_E_EDRIVE_DRY_RUN_FAILED                                               Handle        = 0x803100BC
+	FVE_E_SHADOW_COPY_PRESENT                                                 Handle        = 0x803100BD
+	FVE_E_POLICY_INVALID_ENHANCED_BCD_SETTINGS                                Handle        = 0x803100BE
+	FVE_E_EDRIVE_INCOMPATIBLE_FIRMWARE                                        Handle        = 0x803100BF
+	FVE_E_PROTECTOR_CHANGE_MAX_PASSPHRASE_CHANGE_ATTEMPTS_REACHED             Handle        = 0x803100C0
+	FVE_E_PASSPHRASE_PROTECTOR_CHANGE_BY_STD_USER_DISALLOWED                  Handle        = 0x803100C1
+	FVE_E_LIVEID_ACCOUNT_SUSPENDED                                            Handle        = 0x803100C2
+	FVE_E_LIVEID_ACCOUNT_BLOCKED                                              Handle        = 0x803100C3
+	FVE_E_NOT_PROVISIONED_ON_ALL_VOLUMES                                      Handle        = 0x803100C4
+	FVE_E_DE_FIXED_DATA_NOT_SUPPORTED                                         Handle        = 0x803100C5
+	FVE_E_DE_HARDWARE_NOT_COMPLIANT                                           Handle        = 0x803100C6
+	FVE_E_DE_WINRE_NOT_CONFIGURED                                             Handle        = 0x803100C7
+	FVE_E_DE_PROTECTION_SUSPENDED                                             Handle        = 0x803100C8
+	FVE_E_DE_OS_VOLUME_NOT_PROTECTED                                          Handle        = 0x803100C9
+	FVE_E_DE_DEVICE_LOCKEDOUT                                                 Handle        = 0x803100CA
+	FVE_E_DE_PROTECTION_NOT_YET_ENABLED                                       Handle        = 0x803100CB
+	FVE_E_INVALID_PIN_CHARS_DETAILED                                          Handle        = 0x803100CC
+	FVE_E_DEVICE_LOCKOUT_COUNTER_UNAVAILABLE                                  Handle        = 0x803100CD
+	FVE_E_DEVICELOCKOUT_COUNTER_MISMATCH                                      Handle        = 0x803100CE
+	FVE_E_BUFFER_TOO_LARGE                                                    Handle        = 0x803100CF
+	FVE_E_NO_SUCH_CAPABILITY_ON_TARGET                                        Handle        = 0x803100D0
+	FVE_E_DE_PREVENTED_FOR_OS                                                 Handle        = 0x803100D1
+	FVE_E_DE_VOLUME_OPTED_OUT                                                 Handle        = 0x803100D2
+	FVE_E_DE_VOLUME_NOT_SUPPORTED                                             Handle        = 0x803100D3
+	FVE_E_EOW_NOT_SUPPORTED_IN_VERSION                                        Handle        = 0x803100D4
+	FVE_E_ADBACKUP_NOT_ENABLED                                                Handle        = 0x803100D5
+	FVE_E_VOLUME_EXTEND_PREVENTS_EOW_DECRYPT                                  Handle        = 0x803100D6
+	FVE_E_NOT_DE_VOLUME                                                       Handle        = 0x803100D7
+	FVE_E_PROTECTION_CANNOT_BE_DISABLED                                       Handle        = 0x803100D8
+	FVE_E_OSV_KSR_NOT_ALLOWED                                                 Handle        = 0x803100D9
+	FVE_E_AD_BACKUP_REQUIRED_POLICY_NOT_SET_OS_DRIVE                          Handle        = 0x803100DA
+	FVE_E_AD_BACKUP_REQUIRED_POLICY_NOT_SET_FIXED_DRIVE                       Handle        = 0x803100DB
+	FVE_E_AD_BACKUP_REQUIRED_POLICY_NOT_SET_REMOVABLE_DRIVE                   Handle        = 0x803100DC
+	FVE_E_KEY_ROTATION_NOT_SUPPORTED                                          Handle        = 0x803100DD
+	FVE_E_EXECUTE_REQUEST_SENT_TOO_SOON                                       Handle        = 0x803100DE
+	FVE_E_KEY_ROTATION_NOT_ENABLED                                            Handle        = 0x803100DF
+	FVE_E_DEVICE_NOT_JOINED                                                   Handle        = 0x803100E0
+	FWP_E_CALLOUT_NOT_FOUND                                                   Handle        = 0x80320001
+	FWP_E_CONDITION_NOT_FOUND                                                 Handle        = 0x80320002
+	FWP_E_FILTER_NOT_FOUND                                                    Handle        = 0x80320003
+	FWP_E_LAYER_NOT_FOUND                                                     Handle        = 0x80320004
+	FWP_E_PROVIDER_NOT_FOUND                                                  Handle        = 0x80320005
+	FWP_E_PROVIDER_CONTEXT_NOT_FOUND                                          Handle        = 0x80320006
+	FWP_E_SUBLAYER_NOT_FOUND                                                  Handle        = 0x80320007
+	FWP_E_NOT_FOUND                                                           Handle        = 0x80320008
+	FWP_E_ALREADY_EXISTS                                                      Handle        = 0x80320009
+	FWP_E_IN_USE                                                              Handle        = 0x8032000A
+	FWP_E_DYNAMIC_SESSION_IN_PROGRESS                                         Handle        = 0x8032000B
+	FWP_E_WRONG_SESSION                                                       Handle        = 0x8032000C
+	FWP_E_NO_TXN_IN_PROGRESS                                                  Handle        = 0x8032000D
+	FWP_E_TXN_IN_PROGRESS                                                     Handle        = 0x8032000E
+	FWP_E_TXN_ABORTED                                                         Handle        = 0x8032000F
+	FWP_E_SESSION_ABORTED                                                     Handle        = 0x80320010
+	FWP_E_INCOMPATIBLE_TXN                                                    Handle        = 0x80320011
+	FWP_E_TIMEOUT                                                             Handle        = 0x80320012
+	FWP_E_NET_EVENTS_DISABLED                                                 Handle        = 0x80320013
+	FWP_E_INCOMPATIBLE_LAYER                                                  Handle        = 0x80320014
+	FWP_E_KM_CLIENTS_ONLY                                                     Handle        = 0x80320015
+	FWP_E_LIFETIME_MISMATCH                                                   Handle        = 0x80320016
+	FWP_E_BUILTIN_OBJECT                                                      Handle        = 0x80320017
+	FWP_E_TOO_MANY_CALLOUTS                                                   Handle        = 0x80320018
+	FWP_E_NOTIFICATION_DROPPED                                                Handle        = 0x80320019
+	FWP_E_TRAFFIC_MISMATCH                                                    Handle        = 0x8032001A
+	FWP_E_INCOMPATIBLE_SA_STATE                                               Handle        = 0x8032001B
+	FWP_E_NULL_POINTER                                                        Handle        = 0x8032001C
+	FWP_E_INVALID_ENUMERATOR                                                  Handle        = 0x8032001D
+	FWP_E_INVALID_FLAGS                                                       Handle        = 0x8032001E
+	FWP_E_INVALID_NET_MASK                                                    Handle        = 0x8032001F
+	FWP_E_INVALID_RANGE                                                       Handle        = 0x80320020
+	FWP_E_INVALID_INTERVAL                                                    Handle        = 0x80320021
+	FWP_E_ZERO_LENGTH_ARRAY                                                   Handle        = 0x80320022
+	FWP_E_NULL_DISPLAY_NAME                                                   Handle        = 0x80320023
+	FWP_E_INVALID_ACTION_TYPE                                                 Handle        = 0x80320024
+	FWP_E_INVALID_WEIGHT                                                      Handle        = 0x80320025
+	FWP_E_MATCH_TYPE_MISMATCH                                                 Handle        = 0x80320026
+	FWP_E_TYPE_MISMATCH                                                       Handle        = 0x80320027
+	FWP_E_OUT_OF_BOUNDS                                                       Handle        = 0x80320028
+	FWP_E_RESERVED                                                            Handle        = 0x80320029
+	FWP_E_DUPLICATE_CONDITION                                                 Handle        = 0x8032002A
+	FWP_E_DUPLICATE_KEYMOD                                                    Handle        = 0x8032002B
+	FWP_E_ACTION_INCOMPATIBLE_WITH_LAYER                                      Handle        = 0x8032002C
+	FWP_E_ACTION_INCOMPATIBLE_WITH_SUBLAYER                                   Handle        = 0x8032002D
+	FWP_E_CONTEXT_INCOMPATIBLE_WITH_LAYER                                     Handle        = 0x8032002E
+	FWP_E_CONTEXT_INCOMPATIBLE_WITH_CALLOUT                                   Handle        = 0x8032002F
+	FWP_E_INCOMPATIBLE_AUTH_METHOD                                            Handle        = 0x80320030
+	FWP_E_INCOMPATIBLE_DH_GROUP                                               Handle        = 0x80320031
+	FWP_E_EM_NOT_SUPPORTED                                                    Handle        = 0x80320032
+	FWP_E_NEVER_MATCH                                                         Handle        = 0x80320033
+	FWP_E_PROVIDER_CONTEXT_MISMATCH                                           Handle        = 0x80320034
+	FWP_E_INVALID_PARAMETER                                                   Handle        = 0x80320035
+	FWP_E_TOO_MANY_SUBLAYERS                                                  Handle        = 0x80320036
+	FWP_E_CALLOUT_NOTIFICATION_FAILED                                         Handle        = 0x80320037
+	FWP_E_INVALID_AUTH_TRANSFORM                                              Handle        = 0x80320038
+	FWP_E_INVALID_CIPHER_TRANSFORM                                            Handle        = 0x80320039
+	FWP_E_INCOMPATIBLE_CIPHER_TRANSFORM                                       Handle        = 0x8032003A
+	FWP_E_INVALID_TRANSFORM_COMBINATION                                       Handle        = 0x8032003B
+	FWP_E_DUPLICATE_AUTH_METHOD                                               Handle        = 0x8032003C
+	FWP_E_INVALID_TUNNEL_ENDPOINT                                             Handle        = 0x8032003D
+	FWP_E_L2_DRIVER_NOT_READY                                                 Handle        = 0x8032003E
+	FWP_E_KEY_DICTATOR_ALREADY_REGISTERED                                     Handle        = 0x8032003F
+	FWP_E_KEY_DICTATION_INVALID_KEYING_MATERIAL                               Handle        = 0x80320040
+	FWP_E_CONNECTIONS_DISABLED                                                Handle        = 0x80320041
+	FWP_E_INVALID_DNS_NAME                                                    Handle        = 0x80320042
+	FWP_E_STILL_ON                                                            Handle        = 0x80320043
+	FWP_E_IKEEXT_NOT_RUNNING                                                  Handle        = 0x80320044
+	FWP_E_DROP_NOICMP                                                         Handle        = 0x80320104
+	WS_S_ASYNC                                                                Handle        = 0x003D0000
+	WS_S_END                                                                  Handle        = 0x003D0001
+	WS_E_INVALID_FORMAT                                                       Handle        = 0x803D0000
+	WS_E_OBJECT_FAULTED                                                       Handle        = 0x803D0001
+	WS_E_NUMERIC_OVERFLOW                                                     Handle        = 0x803D0002
+	WS_E_INVALID_OPERATION                                                    Handle        = 0x803D0003
+	WS_E_OPERATION_ABORTED                                                    Handle        = 0x803D0004
+	WS_E_ENDPOINT_ACCESS_DENIED                                               Handle        = 0x803D0005
+	WS_E_OPERATION_TIMED_OUT                                                  Handle        = 0x803D0006
+	WS_E_OPERATION_ABANDONED                                                  Handle        = 0x803D0007
+	WS_E_QUOTA_EXCEEDED                                                       Handle        = 0x803D0008
+	WS_E_NO_TRANSLATION_AVAILABLE                                             Handle        = 0x803D0009
+	WS_E_SECURITY_VERIFICATION_FAILURE                                        Handle        = 0x803D000A
+	WS_E_ADDRESS_IN_USE                                                       Handle        = 0x803D000B
+	WS_E_ADDRESS_NOT_AVAILABLE                                                Handle        = 0x803D000C
+	WS_E_ENDPOINT_NOT_FOUND                                                   Handle        = 0x803D000D
+	WS_E_ENDPOINT_NOT_AVAILABLE                                               Handle        = 0x803D000E
+	WS_E_ENDPOINT_FAILURE                                                     Handle        = 0x803D000F
+	WS_E_ENDPOINT_UNREACHABLE                                                 Handle        = 0x803D0010
+	WS_E_ENDPOINT_ACTION_NOT_SUPPORTED                                        Handle        = 0x803D0011
+	WS_E_ENDPOINT_TOO_BUSY                                                    Handle        = 0x803D0012
+	WS_E_ENDPOINT_FAULT_RECEIVED                                              Handle        = 0x803D0013
+	WS_E_ENDPOINT_DISCONNECTED                                                Handle        = 0x803D0014
+	WS_E_PROXY_FAILURE                                                        Handle        = 0x803D0015
+	WS_E_PROXY_ACCESS_DENIED                                                  Handle        = 0x803D0016
+	WS_E_NOT_SUPPORTED                                                        Handle        = 0x803D0017
+	WS_E_PROXY_REQUIRES_BASIC_AUTH                                            Handle        = 0x803D0018
+	WS_E_PROXY_REQUIRES_DIGEST_AUTH                                           Handle        = 0x803D0019
+	WS_E_PROXY_REQUIRES_NTLM_AUTH                                             Handle        = 0x803D001A
+	WS_E_PROXY_REQUIRES_NEGOTIATE_AUTH                                        Handle        = 0x803D001B
+	WS_E_SERVER_REQUIRES_BASIC_AUTH                                           Handle        = 0x803D001C
+	WS_E_SERVER_REQUIRES_DIGEST_AUTH                                          Handle        = 0x803D001D
+	WS_E_SERVER_REQUIRES_NTLM_AUTH                                            Handle        = 0x803D001E
+	WS_E_SERVER_REQUIRES_NEGOTIATE_AUTH                                       Handle        = 0x803D001F
+	WS_E_INVALID_ENDPOINT_URL                                                 Handle        = 0x803D0020
+	WS_E_OTHER                                                                Handle        = 0x803D0021
+	WS_E_SECURITY_TOKEN_EXPIRED                                               Handle        = 0x803D0022
+	WS_E_SECURITY_SYSTEM_FAILURE                                              Handle        = 0x803D0023
+	ERROR_NDIS_INTERFACE_CLOSING                                              syscall.Errno = 0x80340002
+	ERROR_NDIS_BAD_VERSION                                                    syscall.Errno = 0x80340004
+	ERROR_NDIS_BAD_CHARACTERISTICS                                            syscall.Errno = 0x80340005
+	ERROR_NDIS_ADAPTER_NOT_FOUND                                              syscall.Errno = 0x80340006
+	ERROR_NDIS_OPEN_FAILED                                                    syscall.Errno = 0x80340007
+	ERROR_NDIS_DEVICE_FAILED                                                  syscall.Errno = 0x80340008
+	ERROR_NDIS_MULTICAST_FULL                                                 syscall.Errno = 0x80340009
+	ERROR_NDIS_MULTICAST_EXISTS                                               syscall.Errno = 0x8034000A
+	ERROR_NDIS_MULTICAST_NOT_FOUND                                            syscall.Errno = 0x8034000B
+	ERROR_NDIS_REQUEST_ABORTED                                                syscall.Errno = 0x8034000C
+	ERROR_NDIS_RESET_IN_PROGRESS                                              syscall.Errno = 0x8034000D
+	ERROR_NDIS_NOT_SUPPORTED                                                  syscall.Errno = 0x803400BB
+	ERROR_NDIS_INVALID_PACKET                                                 syscall.Errno = 0x8034000F
+	ERROR_NDIS_ADAPTER_NOT_READY                                              syscall.Errno = 0x80340011
+	ERROR_NDIS_INVALID_LENGTH                                                 syscall.Errno = 0x80340014
+	ERROR_NDIS_INVALID_DATA                                                   syscall.Errno = 0x80340015
+	ERROR_NDIS_BUFFER_TOO_SHORT                                               syscall.Errno = 0x80340016
+	ERROR_NDIS_INVALID_OID                                                    syscall.Errno = 0x80340017
+	ERROR_NDIS_ADAPTER_REMOVED                                                syscall.Errno = 0x80340018
+	ERROR_NDIS_UNSUPPORTED_MEDIA                                              syscall.Errno = 0x80340019
+	ERROR_NDIS_GROUP_ADDRESS_IN_USE                                           syscall.Errno = 0x8034001A
+	ERROR_NDIS_FILE_NOT_FOUND                                                 syscall.Errno = 0x8034001B
+	ERROR_NDIS_ERROR_READING_FILE                                             syscall.Errno = 0x8034001C
+	ERROR_NDIS_ALREADY_MAPPED                                                 syscall.Errno = 0x8034001D
+	ERROR_NDIS_RESOURCE_CONFLICT                                              syscall.Errno = 0x8034001E
+	ERROR_NDIS_MEDIA_DISCONNECTED                                             syscall.Errno = 0x8034001F
+	ERROR_NDIS_INVALID_ADDRESS                                                syscall.Errno = 0x80340022
+	ERROR_NDIS_INVALID_DEVICE_REQUEST                                         syscall.Errno = 0x80340010
+	ERROR_NDIS_PAUSED                                                         syscall.Errno = 0x8034002A
+	ERROR_NDIS_INTERFACE_NOT_FOUND                                            syscall.Errno = 0x8034002B
+	ERROR_NDIS_UNSUPPORTED_REVISION                                           syscall.Errno = 0x8034002C
+	ERROR_NDIS_INVALID_PORT                                                   syscall.Errno = 0x8034002D
+	ERROR_NDIS_INVALID_PORT_STATE                                             syscall.Errno = 0x8034002E
+	ERROR_NDIS_LOW_POWER_STATE                                                syscall.Errno = 0x8034002F
+	ERROR_NDIS_REINIT_REQUIRED                                                syscall.Errno = 0x80340030
+	ERROR_NDIS_NO_QUEUES                                                      syscall.Errno = 0x80340031
+	ERROR_NDIS_DOT11_AUTO_CONFIG_ENABLED                                      syscall.Errno = 0x80342000
+	ERROR_NDIS_DOT11_MEDIA_IN_USE                                             syscall.Errno = 0x80342001
+	ERROR_NDIS_DOT11_POWER_STATE_INVALID                                      syscall.Errno = 0x80342002
+	ERROR_NDIS_PM_WOL_PATTERN_LIST_FULL                                       syscall.Errno = 0x80342003
+	ERROR_NDIS_PM_PROTOCOL_OFFLOAD_LIST_FULL                                  syscall.Errno = 0x80342004
+	ERROR_NDIS_DOT11_AP_CHANNEL_CURRENTLY_NOT_AVAILABLE                       syscall.Errno = 0x80342005
+	ERROR_NDIS_DOT11_AP_BAND_CURRENTLY_NOT_AVAILABLE                          syscall.Errno = 0x80342006
+	ERROR_NDIS_DOT11_AP_CHANNEL_NOT_ALLOWED                                   syscall.Errno = 0x80342007
+	ERROR_NDIS_DOT11_AP_BAND_NOT_ALLOWED                                      syscall.Errno = 0x80342008
+	ERROR_NDIS_INDICATION_REQUIRED                                            syscall.Errno = 0x00340001
+	ERROR_NDIS_OFFLOAD_POLICY                                                 syscall.Errno = 0xC034100F
+	ERROR_NDIS_OFFLOAD_CONNECTION_REJECTED                                    syscall.Errno = 0xC0341012
+	ERROR_NDIS_OFFLOAD_PATH_REJECTED                                          syscall.Errno = 0xC0341013
+	ERROR_HV_INVALID_HYPERCALL_CODE                                           syscall.Errno = 0xC0350002
+	ERROR_HV_INVALID_HYPERCALL_INPUT                                          syscall.Errno = 0xC0350003
+	ERROR_HV_INVALID_ALIGNMENT                                                syscall.Errno = 0xC0350004
+	ERROR_HV_INVALID_PARAMETER                                                syscall.Errno = 0xC0350005
+	ERROR_HV_ACCESS_DENIED                                                    syscall.Errno = 0xC0350006
+	ERROR_HV_INVALID_PARTITION_STATE                                          syscall.Errno = 0xC0350007
+	ERROR_HV_OPERATION_DENIED                                                 syscall.Errno = 0xC0350008
+	ERROR_HV_UNKNOWN_PROPERTY                                                 syscall.Errno = 0xC0350009
+	ERROR_HV_PROPERTY_VALUE_OUT_OF_RANGE                                      syscall.Errno = 0xC035000A
+	ERROR_HV_INSUFFICIENT_MEMORY                                              syscall.Errno = 0xC035000B
+	ERROR_HV_PARTITION_TOO_DEEP                                               syscall.Errno = 0xC035000C
+	ERROR_HV_INVALID_PARTITION_ID                                             syscall.Errno = 0xC035000D
+	ERROR_HV_INVALID_VP_INDEX                                                 syscall.Errno = 0xC035000E
+	ERROR_HV_INVALID_PORT_ID                                                  syscall.Errno = 0xC0350011
+	ERROR_HV_INVALID_CONNECTION_ID                                            syscall.Errno = 0xC0350012
+	ERROR_HV_INSUFFICIENT_BUFFERS                                             syscall.Errno = 0xC0350013
+	ERROR_HV_NOT_ACKNOWLEDGED                                                 syscall.Errno = 0xC0350014
+	ERROR_HV_INVALID_VP_STATE                                                 syscall.Errno = 0xC0350015
+	ERROR_HV_ACKNOWLEDGED                                                     syscall.Errno = 0xC0350016
+	ERROR_HV_INVALID_SAVE_RESTORE_STATE                                       syscall.Errno = 0xC0350017
+	ERROR_HV_INVALID_SYNIC_STATE                                              syscall.Errno = 0xC0350018
+	ERROR_HV_OBJECT_IN_USE                                                    syscall.Errno = 0xC0350019
+	ERROR_HV_INVALID_PROXIMITY_DOMAIN_INFO                                    syscall.Errno = 0xC035001A
+	ERROR_HV_NO_DATA                                                          syscall.Errno = 0xC035001B
+	ERROR_HV_INACTIVE                                                         syscall.Errno = 0xC035001C
+	ERROR_HV_NO_RESOURCES                                                     syscall.Errno = 0xC035001D
+	ERROR_HV_FEATURE_UNAVAILABLE                                              syscall.Errno = 0xC035001E
+	ERROR_HV_INSUFFICIENT_BUFFER                                              syscall.Errno = 0xC0350033
+	ERROR_HV_INSUFFICIENT_DEVICE_DOMAINS                                      syscall.Errno = 0xC0350038
+	ERROR_HV_CPUID_FEATURE_VALIDATION                                         syscall.Errno = 0xC035003C
+	ERROR_HV_CPUID_XSAVE_FEATURE_VALIDATION                                   syscall.Errno = 0xC035003D
+	ERROR_HV_PROCESSOR_STARTUP_TIMEOUT                                        syscall.Errno = 0xC035003E
+	ERROR_HV_SMX_ENABLED                                                      syscall.Errno = 0xC035003F
+	ERROR_HV_INVALID_LP_INDEX                                                 syscall.Errno = 0xC0350041
+	ERROR_HV_INVALID_REGISTER_VALUE                                           syscall.Errno = 0xC0350050
+	ERROR_HV_INVALID_VTL_STATE                                                syscall.Errno = 0xC0350051
+	ERROR_HV_NX_NOT_DETECTED                                                  syscall.Errno = 0xC0350055
+	ERROR_HV_INVALID_DEVICE_ID                                                syscall.Errno = 0xC0350057
+	ERROR_HV_INVALID_DEVICE_STATE                                             syscall.Errno = 0xC0350058
+	ERROR_HV_PENDING_PAGE_REQUESTS                                            syscall.Errno = 0x00350059
+	ERROR_HV_PAGE_REQUEST_INVALID                                             syscall.Errno = 0xC0350060
+	ERROR_HV_INVALID_CPU_GROUP_ID                                             syscall.Errno = 0xC035006F
+	ERROR_HV_INVALID_CPU_GROUP_STATE                                          syscall.Errno = 0xC0350070
+	ERROR_HV_OPERATION_FAILED                                                 syscall.Errno = 0xC0350071
+	ERROR_HV_NOT_ALLOWED_WITH_NESTED_VIRT_ACTIVE                              syscall.Errno = 0xC0350072
+	ERROR_HV_INSUFFICIENT_ROOT_MEMORY                                         syscall.Errno = 0xC0350073
+	ERROR_HV_NOT_PRESENT                                                      syscall.Errno = 0xC0351000
+	ERROR_VID_DUPLICATE_HANDLER                                               syscall.Errno = 0xC0370001
+	ERROR_VID_TOO_MANY_HANDLERS                                               syscall.Errno = 0xC0370002
+	ERROR_VID_QUEUE_FULL                                                      syscall.Errno = 0xC0370003
+	ERROR_VID_HANDLER_NOT_PRESENT                                             syscall.Errno = 0xC0370004
+	ERROR_VID_INVALID_OBJECT_NAME                                             syscall.Errno = 0xC0370005
+	ERROR_VID_PARTITION_NAME_TOO_LONG                                         syscall.Errno = 0xC0370006
+	ERROR_VID_MESSAGE_QUEUE_NAME_TOO_LONG                                     syscall.Errno = 0xC0370007
+	ERROR_VID_PARTITION_ALREADY_EXISTS                                        syscall.Errno = 0xC0370008
+	ERROR_VID_PARTITION_DOES_NOT_EXIST                                        syscall.Errno = 0xC0370009
+	ERROR_VID_PARTITION_NAME_NOT_FOUND                                        syscall.Errno = 0xC037000A
+	ERROR_VID_MESSAGE_QUEUE_ALREADY_EXISTS                                    syscall.Errno = 0xC037000B
+	ERROR_VID_EXCEEDED_MBP_ENTRY_MAP_LIMIT                                    syscall.Errno = 0xC037000C
+	ERROR_VID_MB_STILL_REFERENCED                                             syscall.Errno = 0xC037000D
+	ERROR_VID_CHILD_GPA_PAGE_SET_CORRUPTED                                    syscall.Errno = 0xC037000E
+	ERROR_VID_INVALID_NUMA_SETTINGS                                           syscall.Errno = 0xC037000F
+	ERROR_VID_INVALID_NUMA_NODE_INDEX                                         syscall.Errno = 0xC0370010
+	ERROR_VID_NOTIFICATION_QUEUE_ALREADY_ASSOCIATED                           syscall.Errno = 0xC0370011
+	ERROR_VID_INVALID_MEMORY_BLOCK_HANDLE                                     syscall.Errno = 0xC0370012
+	ERROR_VID_PAGE_RANGE_OVERFLOW                                             syscall.Errno = 0xC0370013
+	ERROR_VID_INVALID_MESSAGE_QUEUE_HANDLE                                    syscall.Errno = 0xC0370014
+	ERROR_VID_INVALID_GPA_RANGE_HANDLE                                        syscall.Errno = 0xC0370015
+	ERROR_VID_NO_MEMORY_BLOCK_NOTIFICATION_QUEUE                              syscall.Errno = 0xC0370016
+	ERROR_VID_MEMORY_BLOCK_LOCK_COUNT_EXCEEDED                                syscall.Errno = 0xC0370017
+	ERROR_VID_INVALID_PPM_HANDLE                                              syscall.Errno = 0xC0370018
+	ERROR_VID_MBPS_ARE_LOCKED                                                 syscall.Errno = 0xC0370019
+	ERROR_VID_MESSAGE_QUEUE_CLOSED                                            syscall.Errno = 0xC037001A
+	ERROR_VID_VIRTUAL_PROCESSOR_LIMIT_EXCEEDED                                syscall.Errno = 0xC037001B
+	ERROR_VID_STOP_PENDING                                                    syscall.Errno = 0xC037001C
+	ERROR_VID_INVALID_PROCESSOR_STATE                                         syscall.Errno = 0xC037001D
+	ERROR_VID_EXCEEDED_KM_CONTEXT_COUNT_LIMIT                                 syscall.Errno = 0xC037001E
+	ERROR_VID_KM_INTERFACE_ALREADY_INITIALIZED                                syscall.Errno = 0xC037001F
+	ERROR_VID_MB_PROPERTY_ALREADY_SET_RESET                                   syscall.Errno = 0xC0370020
+	ERROR_VID_MMIO_RANGE_DESTROYED                                            syscall.Errno = 0xC0370021
+	ERROR_VID_INVALID_CHILD_GPA_PAGE_SET                                      syscall.Errno = 0xC0370022
+	ERROR_VID_RESERVE_PAGE_SET_IS_BEING_USED                                  syscall.Errno = 0xC0370023
+	ERROR_VID_RESERVE_PAGE_SET_TOO_SMALL                                      syscall.Errno = 0xC0370024
+	ERROR_VID_MBP_ALREADY_LOCKED_USING_RESERVED_PAGE                          syscall.Errno = 0xC0370025
+	ERROR_VID_MBP_COUNT_EXCEEDED_LIMIT                                        syscall.Errno = 0xC0370026
+	ERROR_VID_SAVED_STATE_CORRUPT                                             syscall.Errno = 0xC0370027
+	ERROR_VID_SAVED_STATE_UNRECOGNIZED_ITEM                                   syscall.Errno = 0xC0370028
+	ERROR_VID_SAVED_STATE_INCOMPATIBLE                                        syscall.Errno = 0xC0370029
+	ERROR_VID_VTL_ACCESS_DENIED                                               syscall.Errno = 0xC037002A
+	ERROR_VMCOMPUTE_TERMINATED_DURING_START                                   syscall.Errno = 0xC0370100
+	ERROR_VMCOMPUTE_IMAGE_MISMATCH                                            syscall.Errno = 0xC0370101
+	ERROR_VMCOMPUTE_HYPERV_NOT_INSTALLED                                      syscall.Errno = 0xC0370102
+	ERROR_VMCOMPUTE_OPERATION_PENDING                                         syscall.Errno = 0xC0370103
+	ERROR_VMCOMPUTE_TOO_MANY_NOTIFICATIONS                                    syscall.Errno = 0xC0370104
+	ERROR_VMCOMPUTE_INVALID_STATE                                             syscall.Errno = 0xC0370105
+	ERROR_VMCOMPUTE_UNEXPECTED_EXIT                                           syscall.Errno = 0xC0370106
+	ERROR_VMCOMPUTE_TERMINATED                                                syscall.Errno = 0xC0370107
+	ERROR_VMCOMPUTE_CONNECT_FAILED                                            syscall.Errno = 0xC0370108
+	ERROR_VMCOMPUTE_TIMEOUT                                                   syscall.Errno = 0xC0370109
+	ERROR_VMCOMPUTE_CONNECTION_CLOSED                                         syscall.Errno = 0xC037010A
+	ERROR_VMCOMPUTE_UNKNOWN_MESSAGE                                           syscall.Errno = 0xC037010B
+	ERROR_VMCOMPUTE_UNSUPPORTED_PROTOCOL_VERSION                              syscall.Errno = 0xC037010C
+	ERROR_VMCOMPUTE_INVALID_JSON                                              syscall.Errno = 0xC037010D
+	ERROR_VMCOMPUTE_SYSTEM_NOT_FOUND                                          syscall.Errno = 0xC037010E
+	ERROR_VMCOMPUTE_SYSTEM_ALREADY_EXISTS                                     syscall.Errno = 0xC037010F
+	ERROR_VMCOMPUTE_SYSTEM_ALREADY_STOPPED                                    syscall.Errno = 0xC0370110
+	ERROR_VMCOMPUTE_PROTOCOL_ERROR                                            syscall.Errno = 0xC0370111
+	ERROR_VMCOMPUTE_INVALID_LAYER                                             syscall.Errno = 0xC0370112
+	ERROR_VMCOMPUTE_WINDOWS_INSIDER_REQUIRED                                  syscall.Errno = 0xC0370113
+	HCS_E_TERMINATED_DURING_START                                             Handle        = 0x80370100
+	HCS_E_IMAGE_MISMATCH                                                      Handle        = 0x80370101
+	HCS_E_HYPERV_NOT_INSTALLED                                                Handle        = 0x80370102
+	HCS_E_INVALID_STATE                                                       Handle        = 0x80370105
+	HCS_E_UNEXPECTED_EXIT                                                     Handle        = 0x80370106
+	HCS_E_TERMINATED                                                          Handle        = 0x80370107
+	HCS_E_CONNECT_FAILED                                                      Handle        = 0x80370108
+	HCS_E_CONNECTION_TIMEOUT                                                  Handle        = 0x80370109
+	HCS_E_CONNECTION_CLOSED                                                   Handle        = 0x8037010A
+	HCS_E_UNKNOWN_MESSAGE                                                     Handle        = 0x8037010B
+	HCS_E_UNSUPPORTED_PROTOCOL_VERSION                                        Handle        = 0x8037010C
+	HCS_E_INVALID_JSON                                                        Handle        = 0x8037010D
+	HCS_E_SYSTEM_NOT_FOUND                                                    Handle        = 0x8037010E
+	HCS_E_SYSTEM_ALREADY_EXISTS                                               Handle        = 0x8037010F
+	HCS_E_SYSTEM_ALREADY_STOPPED                                              Handle        = 0x80370110
+	HCS_E_PROTOCOL_ERROR                                                      Handle        = 0x80370111
+	HCS_E_INVALID_LAYER                                                       Handle        = 0x80370112
+	HCS_E_WINDOWS_INSIDER_REQUIRED                                            Handle        = 0x80370113
+	HCS_E_SERVICE_NOT_AVAILABLE                                               Handle        = 0x80370114
+	HCS_E_OPERATION_NOT_STARTED                                               Handle        = 0x80370115
+	HCS_E_OPERATION_ALREADY_STARTED                                           Handle        = 0x80370116
+	HCS_E_OPERATION_PENDING                                                   Handle        = 0x80370117
+	HCS_E_OPERATION_TIMEOUT                                                   Handle        = 0x80370118
+	HCS_E_OPERATION_SYSTEM_CALLBACK_ALREADY_SET                               Handle        = 0x80370119
+	HCS_E_OPERATION_RESULT_ALLOCATION_FAILED                                  Handle        = 0x8037011A
+	HCS_E_ACCESS_DENIED                                                       Handle        = 0x8037011B
+	HCS_E_GUEST_CRITICAL_ERROR                                                Handle        = 0x8037011C
+	ERROR_VNET_VIRTUAL_SWITCH_NAME_NOT_FOUND                                  syscall.Errno = 0xC0370200
+	ERROR_VID_REMOTE_NODE_PARENT_GPA_PAGES_USED                               syscall.Errno = 0x80370001
+	WHV_E_UNKNOWN_CAPABILITY                                                  Handle        = 0x80370300
+	WHV_E_INSUFFICIENT_BUFFER                                                 Handle        = 0x80370301
+	WHV_E_UNKNOWN_PROPERTY                                                    Handle        = 0x80370302
+	WHV_E_UNSUPPORTED_HYPERVISOR_CONFIG                                       Handle        = 0x80370303
+	WHV_E_INVALID_PARTITION_CONFIG                                            Handle        = 0x80370304
+	WHV_E_GPA_RANGE_NOT_FOUND                                                 Handle        = 0x80370305
+	WHV_E_VP_ALREADY_EXISTS                                                   Handle        = 0x80370306
+	WHV_E_VP_DOES_NOT_EXIST                                                   Handle        = 0x80370307
+	WHV_E_INVALID_VP_STATE                                                    Handle        = 0x80370308
+	WHV_E_INVALID_VP_REGISTER_NAME                                            Handle        = 0x80370309
+	ERROR_VSMB_SAVED_STATE_FILE_NOT_FOUND                                     syscall.Errno = 0xC0370400
+	ERROR_VSMB_SAVED_STATE_CORRUPT                                            syscall.Errno = 0xC0370401
+	ERROR_VOLMGR_INCOMPLETE_REGENERATION                                      syscall.Errno = 0x80380001
+	ERROR_VOLMGR_INCOMPLETE_DISK_MIGRATION                                    syscall.Errno = 0x80380002
+	ERROR_VOLMGR_DATABASE_FULL                                                syscall.Errno = 0xC0380001
+	ERROR_VOLMGR_DISK_CONFIGURATION_CORRUPTED                                 syscall.Errno = 0xC0380002
+	ERROR_VOLMGR_DISK_CONFIGURATION_NOT_IN_SYNC                               syscall.Errno = 0xC0380003
+	ERROR_VOLMGR_PACK_CONFIG_UPDATE_FAILED                                    syscall.Errno = 0xC0380004
+	ERROR_VOLMGR_DISK_CONTAINS_NON_SIMPLE_VOLUME                              syscall.Errno = 0xC0380005
+	ERROR_VOLMGR_DISK_DUPLICATE                                               syscall.Errno = 0xC0380006
+	ERROR_VOLMGR_DISK_DYNAMIC                                                 syscall.Errno = 0xC0380007
+	ERROR_VOLMGR_DISK_ID_INVALID                                              syscall.Errno = 0xC0380008
+	ERROR_VOLMGR_DISK_INVALID                                                 syscall.Errno = 0xC0380009
+	ERROR_VOLMGR_DISK_LAST_VOTER                                              syscall.Errno = 0xC038000A
+	ERROR_VOLMGR_DISK_LAYOUT_INVALID                                          syscall.Errno = 0xC038000B
+	ERROR_VOLMGR_DISK_LAYOUT_NON_BASIC_BETWEEN_BASIC_PARTITIONS               syscall.Errno = 0xC038000C
+	ERROR_VOLMGR_DISK_LAYOUT_NOT_CYLINDER_ALIGNED                             syscall.Errno = 0xC038000D
+	ERROR_VOLMGR_DISK_LAYOUT_PARTITIONS_TOO_SMALL                             syscall.Errno = 0xC038000E
+	ERROR_VOLMGR_DISK_LAYOUT_PRIMARY_BETWEEN_LOGICAL_PARTITIONS               syscall.Errno = 0xC038000F
+	ERROR_VOLMGR_DISK_LAYOUT_TOO_MANY_PARTITIONS                              syscall.Errno = 0xC0380010
+	ERROR_VOLMGR_DISK_MISSING                                                 syscall.Errno = 0xC0380011
+	ERROR_VOLMGR_DISK_NOT_EMPTY                                               syscall.Errno = 0xC0380012
+	ERROR_VOLMGR_DISK_NOT_ENOUGH_SPACE                                        syscall.Errno = 0xC0380013
+	ERROR_VOLMGR_DISK_REVECTORING_FAILED                                      syscall.Errno = 0xC0380014
+	ERROR_VOLMGR_DISK_SECTOR_SIZE_INVALID                                     syscall.Errno = 0xC0380015
+	ERROR_VOLMGR_DISK_SET_NOT_CONTAINED                                       syscall.Errno = 0xC0380016
+	ERROR_VOLMGR_DISK_USED_BY_MULTIPLE_MEMBERS                                syscall.Errno = 0xC0380017
+	ERROR_VOLMGR_DISK_USED_BY_MULTIPLE_PLEXES                                 syscall.Errno = 0xC0380018
+	ERROR_VOLMGR_DYNAMIC_DISK_NOT_SUPPORTED                                   syscall.Errno = 0xC0380019
+	ERROR_VOLMGR_EXTENT_ALREADY_USED                                          syscall.Errno = 0xC038001A
+	ERROR_VOLMGR_EXTENT_NOT_CONTIGUOUS                                        syscall.Errno = 0xC038001B
+	ERROR_VOLMGR_EXTENT_NOT_IN_PUBLIC_REGION                                  syscall.Errno = 0xC038001C
+	ERROR_VOLMGR_EXTENT_NOT_SECTOR_ALIGNED                                    syscall.Errno = 0xC038001D
+	ERROR_VOLMGR_EXTENT_OVERLAPS_EBR_PARTITION                                syscall.Errno = 0xC038001E
+	ERROR_VOLMGR_EXTENT_VOLUME_LENGTHS_DO_NOT_MATCH                           syscall.Errno = 0xC038001F
+	ERROR_VOLMGR_FAULT_TOLERANT_NOT_SUPPORTED                                 syscall.Errno = 0xC0380020
+	ERROR_VOLMGR_INTERLEAVE_LENGTH_INVALID                                    syscall.Errno = 0xC0380021
+	ERROR_VOLMGR_MAXIMUM_REGISTERED_USERS                                     syscall.Errno = 0xC0380022
+	ERROR_VOLMGR_MEMBER_IN_SYNC                                               syscall.Errno = 0xC0380023
+	ERROR_VOLMGR_MEMBER_INDEX_DUPLICATE                                       syscall.Errno = 0xC0380024
+	ERROR_VOLMGR_MEMBER_INDEX_INVALID                                         syscall.Errno = 0xC0380025
+	ERROR_VOLMGR_MEMBER_MISSING                                               syscall.Errno = 0xC0380026
+	ERROR_VOLMGR_MEMBER_NOT_DETACHED                                          syscall.Errno = 0xC0380027
+	ERROR_VOLMGR_MEMBER_REGENERATING                                          syscall.Errno = 0xC0380028
+	ERROR_VOLMGR_ALL_DISKS_FAILED                                             syscall.Errno = 0xC0380029
+	ERROR_VOLMGR_NO_REGISTERED_USERS                                          syscall.Errno = 0xC038002A
+	ERROR_VOLMGR_NO_SUCH_USER                                                 syscall.Errno = 0xC038002B
+	ERROR_VOLMGR_NOTIFICATION_RESET                                           syscall.Errno = 0xC038002C
+	ERROR_VOLMGR_NUMBER_OF_MEMBERS_INVALID                                    syscall.Errno = 0xC038002D
+	ERROR_VOLMGR_NUMBER_OF_PLEXES_INVALID                                     syscall.Errno = 0xC038002E
+	ERROR_VOLMGR_PACK_DUPLICATE                                               syscall.Errno = 0xC038002F
+	ERROR_VOLMGR_PACK_ID_INVALID                                              syscall.Errno = 0xC0380030
+	ERROR_VOLMGR_PACK_INVALID                                                 syscall.Errno = 0xC0380031
+	ERROR_VOLMGR_PACK_NAME_INVALID                                            syscall.Errno = 0xC0380032
+	ERROR_VOLMGR_PACK_OFFLINE                                                 syscall.Errno = 0xC0380033
+	ERROR_VOLMGR_PACK_HAS_QUORUM                                              syscall.Errno = 0xC0380034
+	ERROR_VOLMGR_PACK_WITHOUT_QUORUM                                          syscall.Errno = 0xC0380035
+	ERROR_VOLMGR_PARTITION_STYLE_INVALID                                      syscall.Errno = 0xC0380036
+	ERROR_VOLMGR_PARTITION_UPDATE_FAILED                                      syscall.Errno = 0xC0380037
+	ERROR_VOLMGR_PLEX_IN_SYNC                                                 syscall.Errno = 0xC0380038
+	ERROR_VOLMGR_PLEX_INDEX_DUPLICATE                                         syscall.Errno = 0xC0380039
+	ERROR_VOLMGR_PLEX_INDEX_INVALID                                           syscall.Errno = 0xC038003A
+	ERROR_VOLMGR_PLEX_LAST_ACTIVE                                             syscall.Errno = 0xC038003B
+	ERROR_VOLMGR_PLEX_MISSING                                                 syscall.Errno = 0xC038003C
+	ERROR_VOLMGR_PLEX_REGENERATING                                            syscall.Errno = 0xC038003D
+	ERROR_VOLMGR_PLEX_TYPE_INVALID                                            syscall.Errno = 0xC038003E
+	ERROR_VOLMGR_PLEX_NOT_RAID5                                               syscall.Errno = 0xC038003F
+	ERROR_VOLMGR_PLEX_NOT_SIMPLE                                              syscall.Errno = 0xC0380040
+	ERROR_VOLMGR_STRUCTURE_SIZE_INVALID                                       syscall.Errno = 0xC0380041
+	ERROR_VOLMGR_TOO_MANY_NOTIFICATION_REQUESTS                               syscall.Errno = 0xC0380042
+	ERROR_VOLMGR_TRANSACTION_IN_PROGRESS                                      syscall.Errno = 0xC0380043
+	ERROR_VOLMGR_UNEXPECTED_DISK_LAYOUT_CHANGE                                syscall.Errno = 0xC0380044
+	ERROR_VOLMGR_VOLUME_CONTAINS_MISSING_DISK                                 syscall.Errno = 0xC0380045
+	ERROR_VOLMGR_VOLUME_ID_INVALID                                            syscall.Errno = 0xC0380046
+	ERROR_VOLMGR_VOLUME_LENGTH_INVALID                                        syscall.Errno = 0xC0380047
+	ERROR_VOLMGR_VOLUME_LENGTH_NOT_SECTOR_SIZE_MULTIPLE                       syscall.Errno = 0xC0380048
+	ERROR_VOLMGR_VOLUME_NOT_MIRRORED                                          syscall.Errno = 0xC0380049
+	ERROR_VOLMGR_VOLUME_NOT_RETAINED                                          syscall.Errno = 0xC038004A
+	ERROR_VOLMGR_VOLUME_OFFLINE                                               syscall.Errno = 0xC038004B
+	ERROR_VOLMGR_VOLUME_RETAINED                                              syscall.Errno = 0xC038004C
+	ERROR_VOLMGR_NUMBER_OF_EXTENTS_INVALID                                    syscall.Errno = 0xC038004D
+	ERROR_VOLMGR_DIFFERENT_SECTOR_SIZE                                        syscall.Errno = 0xC038004E
+	ERROR_VOLMGR_BAD_BOOT_DISK                                                syscall.Errno = 0xC038004F
+	ERROR_VOLMGR_PACK_CONFIG_OFFLINE                                          syscall.Errno = 0xC0380050
+	ERROR_VOLMGR_PACK_CONFIG_ONLINE                                           syscall.Errno = 0xC0380051
+	ERROR_VOLMGR_NOT_PRIMARY_PACK                                             syscall.Errno = 0xC0380052
+	ERROR_VOLMGR_PACK_LOG_UPDATE_FAILED                                       syscall.Errno = 0xC0380053
+	ERROR_VOLMGR_NUMBER_OF_DISKS_IN_PLEX_INVALID                              syscall.Errno = 0xC0380054
+	ERROR_VOLMGR_NUMBER_OF_DISKS_IN_MEMBER_INVALID                            syscall.Errno = 0xC0380055
+	ERROR_VOLMGR_VOLUME_MIRRORED                                              syscall.Errno = 0xC0380056
+	ERROR_VOLMGR_PLEX_NOT_SIMPLE_SPANNED                                      syscall.Errno = 0xC0380057
+	ERROR_VOLMGR_NO_VALID_LOG_COPIES                                          syscall.Errno = 0xC0380058
+	ERROR_VOLMGR_PRIMARY_PACK_PRESENT                                         syscall.Errno = 0xC0380059
+	ERROR_VOLMGR_NUMBER_OF_DISKS_INVALID                                      syscall.Errno = 0xC038005A
+	ERROR_VOLMGR_MIRROR_NOT_SUPPORTED                                         syscall.Errno = 0xC038005B
+	ERROR_VOLMGR_RAID5_NOT_SUPPORTED                                          syscall.Errno = 0xC038005C
+	ERROR_BCD_NOT_ALL_ENTRIES_IMPORTED                                        syscall.Errno = 0x80390001
+	ERROR_BCD_TOO_MANY_ELEMENTS                                               syscall.Errno = 0xC0390002
+	ERROR_BCD_NOT_ALL_ENTRIES_SYNCHRONIZED                                    syscall.Errno = 0x80390003
+	ERROR_VHD_DRIVE_FOOTER_MISSING                                            syscall.Errno = 0xC03A0001
+	ERROR_VHD_DRIVE_FOOTER_CHECKSUM_MISMATCH                                  syscall.Errno = 0xC03A0002
+	ERROR_VHD_DRIVE_FOOTER_CORRUPT                                            syscall.Errno = 0xC03A0003
+	ERROR_VHD_FORMAT_UNKNOWN                                                  syscall.Errno = 0xC03A0004
+	ERROR_VHD_FORMAT_UNSUPPORTED_VERSION                                      syscall.Errno = 0xC03A0005
+	ERROR_VHD_SPARSE_HEADER_CHECKSUM_MISMATCH                                 syscall.Errno = 0xC03A0006
+	ERROR_VHD_SPARSE_HEADER_UNSUPPORTED_VERSION                               syscall.Errno = 0xC03A0007
+	ERROR_VHD_SPARSE_HEADER_CORRUPT                                           syscall.Errno = 0xC03A0008
+	ERROR_VHD_BLOCK_ALLOCATION_FAILURE                                        syscall.Errno = 0xC03A0009
+	ERROR_VHD_BLOCK_ALLOCATION_TABLE_CORRUPT                                  syscall.Errno = 0xC03A000A
+	ERROR_VHD_INVALID_BLOCK_SIZE                                              syscall.Errno = 0xC03A000B
+	ERROR_VHD_BITMAP_MISMATCH                                                 syscall.Errno = 0xC03A000C
+	ERROR_VHD_PARENT_VHD_NOT_FOUND                                            syscall.Errno = 0xC03A000D
+	ERROR_VHD_CHILD_PARENT_ID_MISMATCH                                        syscall.Errno = 0xC03A000E
+	ERROR_VHD_CHILD_PARENT_TIMESTAMP_MISMATCH                                 syscall.Errno = 0xC03A000F
+	ERROR_VHD_METADATA_READ_FAILURE                                           syscall.Errno = 0xC03A0010
+	ERROR_VHD_METADATA_WRITE_FAILURE                                          syscall.Errno = 0xC03A0011
+	ERROR_VHD_INVALID_SIZE                                                    syscall.Errno = 0xC03A0012
+	ERROR_VHD_INVALID_FILE_SIZE                                               syscall.Errno = 0xC03A0013
+	ERROR_VIRTDISK_PROVIDER_NOT_FOUND                                         syscall.Errno = 0xC03A0014
+	ERROR_VIRTDISK_NOT_VIRTUAL_DISK                                           syscall.Errno = 0xC03A0015
+	ERROR_VHD_PARENT_VHD_ACCESS_DENIED                                        syscall.Errno = 0xC03A0016
+	ERROR_VHD_CHILD_PARENT_SIZE_MISMATCH                                      syscall.Errno = 0xC03A0017
+	ERROR_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED                               syscall.Errno = 0xC03A0018
+	ERROR_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT                              syscall.Errno = 0xC03A0019
+	ERROR_VIRTUAL_DISK_LIMITATION                                             syscall.Errno = 0xC03A001A
+	ERROR_VHD_INVALID_TYPE                                                    syscall.Errno = 0xC03A001B
+	ERROR_VHD_INVALID_STATE                                                   syscall.Errno = 0xC03A001C
+	ERROR_VIRTDISK_UNSUPPORTED_DISK_SECTOR_SIZE                               syscall.Errno = 0xC03A001D
+	ERROR_VIRTDISK_DISK_ALREADY_OWNED                                         syscall.Errno = 0xC03A001E
+	ERROR_VIRTDISK_DISK_ONLINE_AND_WRITABLE                                   syscall.Errno = 0xC03A001F
+	ERROR_CTLOG_TRACKING_NOT_INITIALIZED                                      syscall.Errno = 0xC03A0020
+	ERROR_CTLOG_LOGFILE_SIZE_EXCEEDED_MAXSIZE                                 syscall.Errno = 0xC03A0021
+	ERROR_CTLOG_VHD_CHANGED_OFFLINE                                           syscall.Errno = 0xC03A0022
+	ERROR_CTLOG_INVALID_TRACKING_STATE                                        syscall.Errno = 0xC03A0023
+	ERROR_CTLOG_INCONSISTENT_TRACKING_FILE                                    syscall.Errno = 0xC03A0024
+	ERROR_VHD_RESIZE_WOULD_TRUNCATE_DATA                                      syscall.Errno = 0xC03A0025
+	ERROR_VHD_COULD_NOT_COMPUTE_MINIMUM_VIRTUAL_SIZE                          syscall.Errno = 0xC03A0026
+	ERROR_VHD_ALREADY_AT_OR_BELOW_MINIMUM_VIRTUAL_SIZE                        syscall.Errno = 0xC03A0027
+	ERROR_VHD_METADATA_FULL                                                   syscall.Errno = 0xC03A0028
+	ERROR_VHD_INVALID_CHANGE_TRACKING_ID                                      syscall.Errno = 0xC03A0029
+	ERROR_VHD_CHANGE_TRACKING_DISABLED                                        syscall.Errno = 0xC03A002A
+	ERROR_VHD_MISSING_CHANGE_TRACKING_INFORMATION                             syscall.Errno = 0xC03A0030
+	ERROR_QUERY_STORAGE_ERROR                                                 syscall.Errno = 0x803A0001
+	HCN_E_NETWORK_NOT_FOUND                                                   Handle        = 0x803B0001
+	HCN_E_ENDPOINT_NOT_FOUND                                                  Handle        = 0x803B0002
+	HCN_E_LAYER_NOT_FOUND                                                     Handle        = 0x803B0003
+	HCN_E_SWITCH_NOT_FOUND                                                    Handle        = 0x803B0004
+	HCN_E_SUBNET_NOT_FOUND                                                    Handle        = 0x803B0005
+	HCN_E_ADAPTER_NOT_FOUND                                                   Handle        = 0x803B0006
+	HCN_E_PORT_NOT_FOUND                                                      Handle        = 0x803B0007
+	HCN_E_POLICY_NOT_FOUND                                                    Handle        = 0x803B0008
+	HCN_E_VFP_PORTSETTING_NOT_FOUND                                           Handle        = 0x803B0009
+	HCN_E_INVALID_NETWORK                                                     Handle        = 0x803B000A
+	HCN_E_INVALID_NETWORK_TYPE                                                Handle        = 0x803B000B
+	HCN_E_INVALID_ENDPOINT                                                    Handle        = 0x803B000C
+	HCN_E_INVALID_POLICY                                                      Handle        = 0x803B000D
+	HCN_E_INVALID_POLICY_TYPE                                                 Handle        = 0x803B000E
+	HCN_E_INVALID_REMOTE_ENDPOINT_OPERATION                                   Handle        = 0x803B000F
+	HCN_E_NETWORK_ALREADY_EXISTS                                              Handle        = 0x803B0010
+	HCN_E_LAYER_ALREADY_EXISTS                                                Handle        = 0x803B0011
+	HCN_E_POLICY_ALREADY_EXISTS                                               Handle        = 0x803B0012
+	HCN_E_PORT_ALREADY_EXISTS                                                 Handle        = 0x803B0013
+	HCN_E_ENDPOINT_ALREADY_ATTACHED                                           Handle        = 0x803B0014
+	HCN_E_REQUEST_UNSUPPORTED                                                 Handle        = 0x803B0015
+	HCN_E_MAPPING_NOT_SUPPORTED                                               Handle        = 0x803B0016
+	HCN_E_DEGRADED_OPERATION                                                  Handle        = 0x803B0017
+	HCN_E_SHARED_SWITCH_MODIFICATION                                          Handle        = 0x803B0018
+	HCN_E_GUID_CONVERSION_FAILURE                                             Handle        = 0x803B0019
+	HCN_E_REGKEY_FAILURE                                                      Handle        = 0x803B001A
+	HCN_E_INVALID_JSON                                                        Handle        = 0x803B001B
+	HCN_E_INVALID_JSON_REFERENCE                                              Handle        = 0x803B001C
+	HCN_E_ENDPOINT_SHARING_DISABLED                                           Handle        = 0x803B001D
+	HCN_E_INVALID_IP                                                          Handle        = 0x803B001E
+	HCN_E_SWITCH_EXTENSION_NOT_FOUND                                          Handle        = 0x803B001F
+	HCN_E_MANAGER_STOPPED                                                     Handle        = 0x803B0020
+	GCN_E_MODULE_NOT_FOUND                                                    Handle        = 0x803B0021
+	GCN_E_NO_REQUEST_HANDLERS                                                 Handle        = 0x803B0022
+	GCN_E_REQUEST_UNSUPPORTED                                                 Handle        = 0x803B0023
+	GCN_E_RUNTIMEKEYS_FAILED                                                  Handle        = 0x803B0024
+	GCN_E_NETADAPTER_TIMEOUT                                                  Handle        = 0x803B0025
+	GCN_E_NETADAPTER_NOT_FOUND                                                Handle        = 0x803B0026
+	GCN_E_NETCOMPARTMENT_NOT_FOUND                                            Handle        = 0x803B0027
+	GCN_E_NETINTERFACE_NOT_FOUND                                              Handle        = 0x803B0028
+	GCN_E_DEFAULTNAMESPACE_EXISTS                                             Handle        = 0x803B0029
+	HCN_E_ICS_DISABLED                                                        Handle        = 0x803B002A
+	HCN_E_ENDPOINT_NAMESPACE_ALREADY_EXISTS                                   Handle        = 0x803B002B
+	HCN_E_ENTITY_HAS_REFERENCES                                               Handle        = 0x803B002C
+	HCN_E_INVALID_INTERNAL_PORT                                               Handle        = 0x803B002D
+	HCN_E_NAMESPACE_ATTACH_FAILED                                             Handle        = 0x803B002E
+	HCN_E_ADDR_INVALID_OR_RESERVED                                            Handle        = 0x803B002F
+	SDIAG_E_CANCELLED                                                         syscall.Errno = 0x803C0100
+	SDIAG_E_SCRIPT                                                            syscall.Errno = 0x803C0101
+	SDIAG_E_POWERSHELL                                                        syscall.Errno = 0x803C0102
+	SDIAG_E_MANAGEDHOST                                                       syscall.Errno = 0x803C0103
+	SDIAG_E_NOVERIFIER                                                        syscall.Errno = 0x803C0104
+	SDIAG_S_CANNOTRUN                                                         syscall.Errno = 0x003C0105
+	SDIAG_E_DISABLED                                                          syscall.Errno = 0x803C0106
+	SDIAG_E_TRUST                                                             syscall.Errno = 0x803C0107
+	SDIAG_E_CANNOTRUN                                                         syscall.Errno = 0x803C0108
+	SDIAG_E_VERSION                                                           syscall.Errno = 0x803C0109
+	SDIAG_E_RESOURCE                                                          syscall.Errno = 0x803C010A
+	SDIAG_E_ROOTCAUSE                                                         syscall.Errno = 0x803C010B
+	WPN_E_CHANNEL_CLOSED                                                      Handle        = 0x803E0100
+	WPN_E_CHANNEL_REQUEST_NOT_COMPLETE                                        Handle        = 0x803E0101
+	WPN_E_INVALID_APP                                                         Handle        = 0x803E0102
+	WPN_E_OUTSTANDING_CHANNEL_REQUEST                                         Handle        = 0x803E0103
+	WPN_E_DUPLICATE_CHANNEL                                                   Handle        = 0x803E0104
+	WPN_E_PLATFORM_UNAVAILABLE                                                Handle        = 0x803E0105
+	WPN_E_NOTIFICATION_POSTED                                                 Handle        = 0x803E0106
+	WPN_E_NOTIFICATION_HIDDEN                                                 Handle        = 0x803E0107
+	WPN_E_NOTIFICATION_NOT_POSTED                                             Handle        = 0x803E0108
+	WPN_E_CLOUD_DISABLED                                                      Handle        = 0x803E0109
+	WPN_E_CLOUD_INCAPABLE                                                     Handle        = 0x803E0110
+	WPN_E_CLOUD_AUTH_UNAVAILABLE                                              Handle        = 0x803E011A
+	WPN_E_CLOUD_SERVICE_UNAVAILABLE                                           Handle        = 0x803E011B
+	WPN_E_FAILED_LOCK_SCREEN_UPDATE_INTIALIZATION                             Handle        = 0x803E011C
+	WPN_E_NOTIFICATION_DISABLED                                               Handle        = 0x803E0111
+	WPN_E_NOTIFICATION_INCAPABLE                                              Handle        = 0x803E0112
+	WPN_E_INTERNET_INCAPABLE                                                  Handle        = 0x803E0113
+	WPN_E_NOTIFICATION_TYPE_DISABLED                                          Handle        = 0x803E0114
+	WPN_E_NOTIFICATION_SIZE                                                   Handle        = 0x803E0115
+	WPN_E_TAG_SIZE                                                            Handle        = 0x803E0116
+	WPN_E_ACCESS_DENIED                                                       Handle        = 0x803E0117
+	WPN_E_DUPLICATE_REGISTRATION                                              Handle        = 0x803E0118
+	WPN_E_PUSH_NOTIFICATION_INCAPABLE                                         Handle        = 0x803E0119
+	WPN_E_DEV_ID_SIZE                                                         Handle        = 0x803E0120
+	WPN_E_TAG_ALPHANUMERIC                                                    Handle        = 0x803E012A
+	WPN_E_INVALID_HTTP_STATUS_CODE                                            Handle        = 0x803E012B
+	WPN_E_OUT_OF_SESSION                                                      Handle        = 0x803E0200
+	WPN_E_POWER_SAVE                                                          Handle        = 0x803E0201
+	WPN_E_IMAGE_NOT_FOUND_IN_CACHE                                            Handle        = 0x803E0202
+	WPN_E_ALL_URL_NOT_COMPLETED                                               Handle        = 0x803E0203
+	WPN_E_INVALID_CLOUD_IMAGE                                                 Handle        = 0x803E0204
+	WPN_E_NOTIFICATION_ID_MATCHED                                             Handle        = 0x803E0205
+	WPN_E_CALLBACK_ALREADY_REGISTERED                                         Handle        = 0x803E0206
+	WPN_E_TOAST_NOTIFICATION_DROPPED                                          Handle        = 0x803E0207
+	WPN_E_STORAGE_LOCKED                                                      Handle        = 0x803E0208
+	WPN_E_GROUP_SIZE                                                          Handle        = 0x803E0209
+	WPN_E_GROUP_ALPHANUMERIC                                                  Handle        = 0x803E020A
+	WPN_E_CLOUD_DISABLED_FOR_APP                                              Handle        = 0x803E020B
+	E_MBN_CONTEXT_NOT_ACTIVATED                                               Handle        = 0x80548201
+	E_MBN_BAD_SIM                                                             Handle        = 0x80548202
+	E_MBN_DATA_CLASS_NOT_AVAILABLE                                            Handle        = 0x80548203
+	E_MBN_INVALID_ACCESS_STRING                                               Handle        = 0x80548204
+	E_MBN_MAX_ACTIVATED_CONTEXTS                                              Handle        = 0x80548205
+	E_MBN_PACKET_SVC_DETACHED                                                 Handle        = 0x80548206
+	E_MBN_PROVIDER_NOT_VISIBLE                                                Handle        = 0x80548207
+	E_MBN_RADIO_POWER_OFF                                                     Handle        = 0x80548208
+	E_MBN_SERVICE_NOT_ACTIVATED                                               Handle        = 0x80548209
+	E_MBN_SIM_NOT_INSERTED                                                    Handle        = 0x8054820A
+	E_MBN_VOICE_CALL_IN_PROGRESS                                              Handle        = 0x8054820B
+	E_MBN_INVALID_CACHE                                                       Handle        = 0x8054820C
+	E_MBN_NOT_REGISTERED                                                      Handle        = 0x8054820D
+	E_MBN_PROVIDERS_NOT_FOUND                                                 Handle        = 0x8054820E
+	E_MBN_PIN_NOT_SUPPORTED                                                   Handle        = 0x8054820F
+	E_MBN_PIN_REQUIRED                                                        Handle        = 0x80548210
+	E_MBN_PIN_DISABLED                                                        Handle        = 0x80548211
+	E_MBN_FAILURE                                                             Handle        = 0x80548212
+	E_MBN_INVALID_PROFILE                                                     Handle        = 0x80548218
+	E_MBN_DEFAULT_PROFILE_EXIST                                               Handle        = 0x80548219
+	E_MBN_SMS_ENCODING_NOT_SUPPORTED                                          Handle        = 0x80548220
+	E_MBN_SMS_FILTER_NOT_SUPPORTED                                            Handle        = 0x80548221
+	E_MBN_SMS_INVALID_MEMORY_INDEX                                            Handle        = 0x80548222
+	E_MBN_SMS_LANG_NOT_SUPPORTED                                              Handle        = 0x80548223
+	E_MBN_SMS_MEMORY_FAILURE                                                  Handle        = 0x80548224
+	E_MBN_SMS_NETWORK_TIMEOUT                                                 Handle        = 0x80548225
+	E_MBN_SMS_UNKNOWN_SMSC_ADDRESS                                            Handle        = 0x80548226
+	E_MBN_SMS_FORMAT_NOT_SUPPORTED                                            Handle        = 0x80548227
+	E_MBN_SMS_OPERATION_NOT_ALLOWED                                           Handle        = 0x80548228
+	E_MBN_SMS_MEMORY_FULL                                                     Handle        = 0x80548229
+	PEER_E_IPV6_NOT_INSTALLED                                                 Handle        = 0x80630001
+	PEER_E_NOT_INITIALIZED                                                    Handle        = 0x80630002
+	PEER_E_CANNOT_START_SERVICE                                               Handle        = 0x80630003
+	PEER_E_NOT_LICENSED                                                       Handle        = 0x80630004
+	PEER_E_INVALID_GRAPH                                                      Handle        = 0x80630010
+	PEER_E_DBNAME_CHANGED                                                     Handle        = 0x80630011
+	PEER_E_DUPLICATE_GRAPH                                                    Handle        = 0x80630012
+	PEER_E_GRAPH_NOT_READY                                                    Handle        = 0x80630013
+	PEER_E_GRAPH_SHUTTING_DOWN                                                Handle        = 0x80630014
+	PEER_E_GRAPH_IN_USE                                                       Handle        = 0x80630015
+	PEER_E_INVALID_DATABASE                                                   Handle        = 0x80630016
+	PEER_E_TOO_MANY_ATTRIBUTES                                                Handle        = 0x80630017
+	PEER_E_CONNECTION_NOT_FOUND                                               Handle        = 0x80630103
+	PEER_E_CONNECT_SELF                                                       Handle        = 0x80630106
+	PEER_E_ALREADY_LISTENING                                                  Handle        = 0x80630107
+	PEER_E_NODE_NOT_FOUND                                                     Handle        = 0x80630108
+	PEER_E_CONNECTION_FAILED                                                  Handle        = 0x80630109
+	PEER_E_CONNECTION_NOT_AUTHENTICATED                                       Handle        = 0x8063010A
+	PEER_E_CONNECTION_REFUSED                                                 Handle        = 0x8063010B
+	PEER_E_CLASSIFIER_TOO_LONG                                                Handle        = 0x80630201
+	PEER_E_TOO_MANY_IDENTITIES                                                Handle        = 0x80630202
+	PEER_E_NO_KEY_ACCESS                                                      Handle        = 0x80630203
+	PEER_E_GROUPS_EXIST                                                       Handle        = 0x80630204
+	PEER_E_RECORD_NOT_FOUND                                                   Handle        = 0x80630301
+	PEER_E_DATABASE_ACCESSDENIED                                              Handle        = 0x80630302
+	PEER_E_DBINITIALIZATION_FAILED                                            Handle        = 0x80630303
+	PEER_E_MAX_RECORD_SIZE_EXCEEDED                                           Handle        = 0x80630304
+	PEER_E_DATABASE_ALREADY_PRESENT                                           Handle        = 0x80630305
+	PEER_E_DATABASE_NOT_PRESENT                                               Handle        = 0x80630306
+	PEER_E_IDENTITY_NOT_FOUND                                                 Handle        = 0x80630401
+	PEER_E_EVENT_HANDLE_NOT_FOUND                                             Handle        = 0x80630501
+	PEER_E_INVALID_SEARCH                                                     Handle        = 0x80630601
+	PEER_E_INVALID_ATTRIBUTES                                                 Handle        = 0x80630602
+	PEER_E_INVITATION_NOT_TRUSTED                                             Handle        = 0x80630701
+	PEER_E_CHAIN_TOO_LONG                                                     Handle        = 0x80630703
+	PEER_E_INVALID_TIME_PERIOD                                                Handle        = 0x80630705
+	PEER_E_CIRCULAR_CHAIN_DETECTED                                            Handle        = 0x80630706
+	PEER_E_CERT_STORE_CORRUPTED                                               Handle        = 0x80630801
+	PEER_E_NO_CLOUD                                                           Handle        = 0x80631001
+	PEER_E_CLOUD_NAME_AMBIGUOUS                                               Handle        = 0x80631005
+	PEER_E_INVALID_RECORD                                                     Handle        = 0x80632010
+	PEER_E_NOT_AUTHORIZED                                                     Handle        = 0x80632020
+	PEER_E_PASSWORD_DOES_NOT_MEET_POLICY                                      Handle        = 0x80632021
+	PEER_E_DEFERRED_VALIDATION                                                Handle        = 0x80632030
+	PEER_E_INVALID_GROUP_PROPERTIES                                           Handle        = 0x80632040
+	PEER_E_INVALID_PEER_NAME                                                  Handle        = 0x80632050
+	PEER_E_INVALID_CLASSIFIER                                                 Handle        = 0x80632060
+	PEER_E_INVALID_FRIENDLY_NAME                                              Handle        = 0x80632070
+	PEER_E_INVALID_ROLE_PROPERTY                                              Handle        = 0x80632071
+	PEER_E_INVALID_CLASSIFIER_PROPERTY                                        Handle        = 0x80632072
+	PEER_E_INVALID_RECORD_EXPIRATION                                          Handle        = 0x80632080
+	PEER_E_INVALID_CREDENTIAL_INFO                                            Handle        = 0x80632081
+	PEER_E_INVALID_CREDENTIAL                                                 Handle        = 0x80632082
+	PEER_E_INVALID_RECORD_SIZE                                                Handle        = 0x80632083
+	PEER_E_UNSUPPORTED_VERSION                                                Handle        = 0x80632090
+	PEER_E_GROUP_NOT_READY                                                    Handle        = 0x80632091
+	PEER_E_GROUP_IN_USE                                                       Handle        = 0x80632092
+	PEER_E_INVALID_GROUP                                                      Handle        = 0x80632093
+	PEER_E_NO_MEMBERS_FOUND                                                   Handle        = 0x80632094
+	PEER_E_NO_MEMBER_CONNECTIONS                                              Handle        = 0x80632095
+	PEER_E_UNABLE_TO_LISTEN                                                   Handle        = 0x80632096
+	PEER_E_IDENTITY_DELETED                                                   Handle        = 0x806320A0
+	PEER_E_SERVICE_NOT_AVAILABLE                                              Handle        = 0x806320A1
+	PEER_E_CONTACT_NOT_FOUND                                                  Handle        = 0x80636001
+	PEER_S_GRAPH_DATA_CREATED                                                 Handle        = 0x00630001
+	PEER_S_NO_EVENT_DATA                                                      Handle        = 0x00630002
+	PEER_S_ALREADY_CONNECTED                                                  Handle        = 0x00632000
+	PEER_S_SUBSCRIPTION_EXISTS                                                Handle        = 0x00636000
+	PEER_S_NO_CONNECTIVITY                                                    Handle        = 0x00630005
+	PEER_S_ALREADY_A_MEMBER                                                   Handle        = 0x00630006
+	PEER_E_CANNOT_CONVERT_PEER_NAME                                           Handle        = 0x80634001
+	PEER_E_INVALID_PEER_HOST_NAME                                             Handle        = 0x80634002
+	PEER_E_NO_MORE                                                            Handle        = 0x80634003
+	PEER_E_PNRP_DUPLICATE_PEER_NAME                                           Handle        = 0x80634005
+	PEER_E_INVITE_CANCELLED                                                   Handle        = 0x80637000
+	PEER_E_INVITE_RESPONSE_NOT_AVAILABLE                                      Handle        = 0x80637001
+	PEER_E_NOT_SIGNED_IN                                                      Handle        = 0x80637003
+	PEER_E_PRIVACY_DECLINED                                                   Handle        = 0x80637004
+	PEER_E_TIMEOUT                                                            Handle        = 0x80637005
+	PEER_E_INVALID_ADDRESS                                                    Handle        = 0x80637007
+	PEER_E_FW_EXCEPTION_DISABLED                                              Handle        = 0x80637008
+	PEER_E_FW_BLOCKED_BY_POLICY                                               Handle        = 0x80637009
+	PEER_E_FW_BLOCKED_BY_SHIELDS_UP                                           Handle        = 0x8063700A
+	PEER_E_FW_DECLINED                                                        Handle        = 0x8063700B
+	UI_E_CREATE_FAILED                                                        Handle        = 0x802A0001
+	UI_E_SHUTDOWN_CALLED                                                      Handle        = 0x802A0002
+	UI_E_ILLEGAL_REENTRANCY                                                   Handle        = 0x802A0003
+	UI_E_OBJECT_SEALED                                                        Handle        = 0x802A0004
+	UI_E_VALUE_NOT_SET                                                        Handle        = 0x802A0005
+	UI_E_VALUE_NOT_DETERMINED                                                 Handle        = 0x802A0006
+	UI_E_INVALID_OUTPUT                                                       Handle        = 0x802A0007
+	UI_E_BOOLEAN_EXPECTED                                                     Handle        = 0x802A0008
+	UI_E_DIFFERENT_OWNER                                                      Handle        = 0x802A0009
+	UI_E_AMBIGUOUS_MATCH                                                      Handle        = 0x802A000A
+	UI_E_FP_OVERFLOW                                                          Handle        = 0x802A000B
+	UI_E_WRONG_THREAD                                                         Handle        = 0x802A000C
+	UI_E_STORYBOARD_ACTIVE                                                    Handle        = 0x802A0101
+	UI_E_STORYBOARD_NOT_PLAYING                                               Handle        = 0x802A0102
+	UI_E_START_KEYFRAME_AFTER_END                                             Handle        = 0x802A0103
+	UI_E_END_KEYFRAME_NOT_DETERMINED                                          Handle        = 0x802A0104
+	UI_E_LOOPS_OVERLAP                                                        Handle        = 0x802A0105
+	UI_E_TRANSITION_ALREADY_USED                                              Handle        = 0x802A0106
+	UI_E_TRANSITION_NOT_IN_STORYBOARD                                         Handle        = 0x802A0107
+	UI_E_TRANSITION_ECLIPSED                                                  Handle        = 0x802A0108
+	UI_E_TIME_BEFORE_LAST_UPDATE                                              Handle        = 0x802A0109
+	UI_E_TIMER_CLIENT_ALREADY_CONNECTED                                       Handle        = 0x802A010A
+	UI_E_INVALID_DIMENSION                                                    Handle        = 0x802A010B
+	UI_E_PRIMITIVE_OUT_OF_BOUNDS                                              Handle        = 0x802A010C
+	UI_E_WINDOW_CLOSED                                                        Handle        = 0x802A0201
+	E_BLUETOOTH_ATT_INVALID_HANDLE                                            Handle        = 0x80650001
+	E_BLUETOOTH_ATT_READ_NOT_PERMITTED                                        Handle        = 0x80650002
+	E_BLUETOOTH_ATT_WRITE_NOT_PERMITTED                                       Handle        = 0x80650003
+	E_BLUETOOTH_ATT_INVALID_PDU                                               Handle        = 0x80650004
+	E_BLUETOOTH_ATT_INSUFFICIENT_AUTHENTICATION                               Handle        = 0x80650005
+	E_BLUETOOTH_ATT_REQUEST_NOT_SUPPORTED                                     Handle        = 0x80650006
+	E_BLUETOOTH_ATT_INVALID_OFFSET                                            Handle        = 0x80650007
+	E_BLUETOOTH_ATT_INSUFFICIENT_AUTHORIZATION                                Handle        = 0x80650008
+	E_BLUETOOTH_ATT_PREPARE_QUEUE_FULL                                        Handle        = 0x80650009
+	E_BLUETOOTH_ATT_ATTRIBUTE_NOT_FOUND                                       Handle        = 0x8065000A
+	E_BLUETOOTH_ATT_ATTRIBUTE_NOT_LONG                                        Handle        = 0x8065000B
+	E_BLUETOOTH_ATT_INSUFFICIENT_ENCRYPTION_KEY_SIZE                          Handle        = 0x8065000C
+	E_BLUETOOTH_ATT_INVALID_ATTRIBUTE_VALUE_LENGTH                            Handle        = 0x8065000D
+	E_BLUETOOTH_ATT_UNLIKELY                                                  Handle        = 0x8065000E
+	E_BLUETOOTH_ATT_INSUFFICIENT_ENCRYPTION                                   Handle        = 0x8065000F
+	E_BLUETOOTH_ATT_UNSUPPORTED_GROUP_TYPE                                    Handle        = 0x80650010
+	E_BLUETOOTH_ATT_INSUFFICIENT_RESOURCES                                    Handle        = 0x80650011
+	E_BLUETOOTH_ATT_UNKNOWN_ERROR                                             Handle        = 0x80651000
+	E_AUDIO_ENGINE_NODE_NOT_FOUND                                             Handle        = 0x80660001
+	E_HDAUDIO_EMPTY_CONNECTION_LIST                                           Handle        = 0x80660002
+	E_HDAUDIO_CONNECTION_LIST_NOT_SUPPORTED                                   Handle        = 0x80660003
+	E_HDAUDIO_NO_LOGICAL_DEVICES_CREATED                                      Handle        = 0x80660004
+	E_HDAUDIO_NULL_LINKED_LIST_ENTRY                                          Handle        = 0x80660005
+	STATEREPOSITORY_E_CONCURRENCY_LOCKING_FAILURE                             Handle        = 0x80670001
+	STATEREPOSITORY_E_STATEMENT_INPROGRESS                                    Handle        = 0x80670002
+	STATEREPOSITORY_E_CONFIGURATION_INVALID                                   Handle        = 0x80670003
+	STATEREPOSITORY_E_UNKNOWN_SCHEMA_VERSION                                  Handle        = 0x80670004
+	STATEREPOSITORY_ERROR_DICTIONARY_CORRUPTED                                Handle        = 0x80670005
+	STATEREPOSITORY_E_BLOCKED                                                 Handle        = 0x80670006
+	STATEREPOSITORY_E_BUSY_RETRY                                              Handle        = 0x80670007
+	STATEREPOSITORY_E_BUSY_RECOVERY_RETRY                                     Handle        = 0x80670008
+	STATEREPOSITORY_E_LOCKED_RETRY                                            Handle        = 0x80670009
+	STATEREPOSITORY_E_LOCKED_SHAREDCACHE_RETRY                                Handle        = 0x8067000A
+	STATEREPOSITORY_E_TRANSACTION_REQUIRED                                    Handle        = 0x8067000B
+	STATEREPOSITORY_E_BUSY_TIMEOUT_EXCEEDED                                   Handle        = 0x8067000C
+	STATEREPOSITORY_E_BUSY_RECOVERY_TIMEOUT_EXCEEDED                          Handle        = 0x8067000D
+	STATEREPOSITORY_E_LOCKED_TIMEOUT_EXCEEDED                                 Handle        = 0x8067000E
+	STATEREPOSITORY_E_LOCKED_SHAREDCACHE_TIMEOUT_EXCEEDED                     Handle        = 0x8067000F
+	STATEREPOSITORY_E_SERVICE_STOP_IN_PROGRESS                                Handle        = 0x80670010
+	STATEREPOSTORY_E_NESTED_TRANSACTION_NOT_SUPPORTED                         Handle        = 0x80670011
+	STATEREPOSITORY_ERROR_CACHE_CORRUPTED                                     Handle        = 0x80670012
+	STATEREPOSITORY_TRANSACTION_CALLER_ID_CHANGED                             Handle        = 0x00670013
+	STATEREPOSITORY_TRANSACTION_IN_PROGRESS                                   Handle        = 0x00670014
+	ERROR_SPACES_POOL_WAS_DELETED                                             Handle        = 0x00E70001
+	ERROR_SPACES_FAULT_DOMAIN_TYPE_INVALID                                    Handle        = 0x80E70001
+	ERROR_SPACES_INTERNAL_ERROR                                               Handle        = 0x80E70002
+	ERROR_SPACES_RESILIENCY_TYPE_INVALID                                      Handle        = 0x80E70003
+	ERROR_SPACES_DRIVE_SECTOR_SIZE_INVALID                                    Handle        = 0x80E70004
+	ERROR_SPACES_DRIVE_REDUNDANCY_INVALID                                     Handle        = 0x80E70006
+	ERROR_SPACES_NUMBER_OF_DATA_COPIES_INVALID                                Handle        = 0x80E70007
+	ERROR_SPACES_PARITY_LAYOUT_INVALID                                        Handle        = 0x80E70008
+	ERROR_SPACES_INTERLEAVE_LENGTH_INVALID                                    Handle        = 0x80E70009
+	ERROR_SPACES_NUMBER_OF_COLUMNS_INVALID                                    Handle        = 0x80E7000A
+	ERROR_SPACES_NOT_ENOUGH_DRIVES                                            Handle        = 0x80E7000B
+	ERROR_SPACES_EXTENDED_ERROR                                               Handle        = 0x80E7000C
+	ERROR_SPACES_PROVISIONING_TYPE_INVALID                                    Handle        = 0x80E7000D
+	ERROR_SPACES_ALLOCATION_SIZE_INVALID                                      Handle        = 0x80E7000E
+	ERROR_SPACES_ENCLOSURE_AWARE_INVALID                                      Handle        = 0x80E7000F
+	ERROR_SPACES_WRITE_CACHE_SIZE_INVALID                                     Handle        = 0x80E70010
+	ERROR_SPACES_NUMBER_OF_GROUPS_INVALID                                     Handle        = 0x80E70011
+	ERROR_SPACES_DRIVE_OPERATIONAL_STATE_INVALID                              Handle        = 0x80E70012
+	ERROR_SPACES_ENTRY_INCOMPLETE                                             Handle        = 0x80E70013
+	ERROR_SPACES_ENTRY_INVALID                                                Handle        = 0x80E70014
+	ERROR_VOLSNAP_BOOTFILE_NOT_VALID                                          Handle        = 0x80820001
+	ERROR_VOLSNAP_ACTIVATION_TIMEOUT                                          Handle        = 0x80820002
+	ERROR_TIERING_NOT_SUPPORTED_ON_VOLUME                                     Handle        = 0x80830001
+	ERROR_TIERING_VOLUME_DISMOUNT_IN_PROGRESS                                 Handle        = 0x80830002
+	ERROR_TIERING_STORAGE_TIER_NOT_FOUND                                      Handle        = 0x80830003
+	ERROR_TIERING_INVALID_FILE_ID                                             Handle        = 0x80830004
+	ERROR_TIERING_WRONG_CLUSTER_NODE                                          Handle        = 0x80830005
+	ERROR_TIERING_ALREADY_PROCESSING                                          Handle        = 0x80830006
+	ERROR_TIERING_CANNOT_PIN_OBJECT                                           Handle        = 0x80830007
+	ERROR_TIERING_FILE_IS_NOT_PINNED                                          Handle        = 0x80830008
+	ERROR_NOT_A_TIERED_VOLUME                                                 Handle        = 0x80830009
+	ERROR_ATTRIBUTE_NOT_PRESENT                                               Handle        = 0x8083000A
+	ERROR_SECCORE_INVALID_COMMAND                                             Handle        = 0xC0E80000
+	ERROR_NO_APPLICABLE_APP_LICENSES_FOUND                                    Handle        = 0xC0EA0001
+	ERROR_CLIP_LICENSE_NOT_FOUND                                              Handle        = 0xC0EA0002
+	ERROR_CLIP_DEVICE_LICENSE_MISSING                                         Handle        = 0xC0EA0003
+	ERROR_CLIP_LICENSE_INVALID_SIGNATURE                                      Handle        = 0xC0EA0004
+	ERROR_CLIP_KEYHOLDER_LICENSE_MISSING_OR_INVALID                           Handle        = 0xC0EA0005
+	ERROR_CLIP_LICENSE_EXPIRED                                                Handle        = 0xC0EA0006
+	ERROR_CLIP_LICENSE_SIGNED_BY_UNKNOWN_SOURCE                               Handle        = 0xC0EA0007
+	ERROR_CLIP_LICENSE_NOT_SIGNED                                             Handle        = 0xC0EA0008
+	ERROR_CLIP_LICENSE_HARDWARE_ID_OUT_OF_TOLERANCE                           Handle        = 0xC0EA0009
+	ERROR_CLIP_LICENSE_DEVICE_ID_MISMATCH                                     Handle        = 0xC0EA000A
+	DXGI_STATUS_OCCLUDED                                                      Handle        = 0x087A0001
+	DXGI_STATUS_CLIPPED                                                       Handle        = 0x087A0002
+	DXGI_STATUS_NO_REDIRECTION                                                Handle        = 0x087A0004
+	DXGI_STATUS_NO_DESKTOP_ACCESS                                             Handle        = 0x087A0005
+	DXGI_STATUS_GRAPHICS_VIDPN_SOURCE_IN_USE                                  Handle        = 0x087A0006
+	DXGI_STATUS_MODE_CHANGED                                                  Handle        = 0x087A0007
+	DXGI_STATUS_MODE_CHANGE_IN_PROGRESS                                       Handle        = 0x087A0008
+	DXGI_ERROR_INVALID_CALL                                                   Handle        = 0x887A0001
+	DXGI_ERROR_NOT_FOUND                                                      Handle        = 0x887A0002
+	DXGI_ERROR_MORE_DATA                                                      Handle        = 0x887A0003
+	DXGI_ERROR_UNSUPPORTED                                                    Handle        = 0x887A0004
+	DXGI_ERROR_DEVICE_REMOVED                                                 Handle        = 0x887A0005
+	DXGI_ERROR_DEVICE_HUNG                                                    Handle        = 0x887A0006
+	DXGI_ERROR_DEVICE_RESET                                                   Handle        = 0x887A0007
+	DXGI_ERROR_WAS_STILL_DRAWING                                              Handle        = 0x887A000A
+	DXGI_ERROR_FRAME_STATISTICS_DISJOINT                                      Handle        = 0x887A000B
+	DXGI_ERROR_GRAPHICS_VIDPN_SOURCE_IN_USE                                   Handle        = 0x887A000C
+	DXGI_ERROR_DRIVER_INTERNAL_ERROR                                          Handle        = 0x887A0020
+	DXGI_ERROR_NONEXCLUSIVE                                                   Handle        = 0x887A0021
+	DXGI_ERROR_NOT_CURRENTLY_AVAILABLE                                        Handle        = 0x887A0022
+	DXGI_ERROR_REMOTE_CLIENT_DISCONNECTED                                     Handle        = 0x887A0023
+	DXGI_ERROR_REMOTE_OUTOFMEMORY                                             Handle        = 0x887A0024
+	DXGI_ERROR_ACCESS_LOST                                                    Handle        = 0x887A0026
+	DXGI_ERROR_WAIT_TIMEOUT                                                   Handle        = 0x887A0027
+	DXGI_ERROR_SESSION_DISCONNECTED                                           Handle        = 0x887A0028
+	DXGI_ERROR_RESTRICT_TO_OUTPUT_STALE                                       Handle        = 0x887A0029
+	DXGI_ERROR_CANNOT_PROTECT_CONTENT                                         Handle        = 0x887A002A
+	DXGI_ERROR_ACCESS_DENIED                                                  Handle        = 0x887A002B
+	DXGI_ERROR_NAME_ALREADY_EXISTS                                            Handle        = 0x887A002C
+	DXGI_ERROR_SDK_COMPONENT_MISSING                                          Handle        = 0x887A002D
+	DXGI_ERROR_NOT_CURRENT                                                    Handle        = 0x887A002E
+	DXGI_ERROR_HW_PROTECTION_OUTOFMEMORY                                      Handle        = 0x887A0030
+	DXGI_ERROR_DYNAMIC_CODE_POLICY_VIOLATION                                  Handle        = 0x887A0031
+	DXGI_ERROR_NON_COMPOSITED_UI                                              Handle        = 0x887A0032
+	DXGI_STATUS_UNOCCLUDED                                                    Handle        = 0x087A0009
+	DXGI_STATUS_DDA_WAS_STILL_DRAWING                                         Handle        = 0x087A000A
+	DXGI_ERROR_MODE_CHANGE_IN_PROGRESS                                        Handle        = 0x887A0025
+	DXGI_STATUS_PRESENT_REQUIRED                                              Handle        = 0x087A002F
+	DXGI_ERROR_CACHE_CORRUPT                                                  Handle        = 0x887A0033
+	DXGI_ERROR_CACHE_FULL                                                     Handle        = 0x887A0034
+	DXGI_ERROR_CACHE_HASH_COLLISION                                           Handle        = 0x887A0035
+	DXGI_ERROR_ALREADY_EXISTS                                                 Handle        = 0x887A0036
+	DXGI_DDI_ERR_WASSTILLDRAWING                                              Handle        = 0x887B0001
+	DXGI_DDI_ERR_UNSUPPORTED                                                  Handle        = 0x887B0002
+	DXGI_DDI_ERR_NONEXCLUSIVE                                                 Handle        = 0x887B0003
+	D3D10_ERROR_TOO_MANY_UNIQUE_STATE_OBJECTS                                 Handle        = 0x88790001
+	D3D10_ERROR_FILE_NOT_FOUND                                                Handle        = 0x88790002
+	D3D11_ERROR_TOO_MANY_UNIQUE_STATE_OBJECTS                                 Handle        = 0x887C0001
+	D3D11_ERROR_FILE_NOT_FOUND                                                Handle        = 0x887C0002
+	D3D11_ERROR_TOO_MANY_UNIQUE_VIEW_OBJECTS                                  Handle        = 0x887C0003
+	D3D11_ERROR_DEFERRED_CONTEXT_MAP_WITHOUT_INITIAL_DISCARD                  Handle        = 0x887C0004
+	D3D12_ERROR_ADAPTER_NOT_FOUND                                             Handle        = 0x887E0001
+	D3D12_ERROR_DRIVER_VERSION_MISMATCH                                       Handle        = 0x887E0002
+	D2DERR_WRONG_STATE                                                        Handle        = 0x88990001
+	D2DERR_NOT_INITIALIZED                                                    Handle        = 0x88990002
+	D2DERR_UNSUPPORTED_OPERATION                                              Handle        = 0x88990003
+	D2DERR_SCANNER_FAILED                                                     Handle        = 0x88990004
+	D2DERR_SCREEN_ACCESS_DENIED                                               Handle        = 0x88990005
+	D2DERR_DISPLAY_STATE_INVALID                                              Handle        = 0x88990006
+	D2DERR_ZERO_VECTOR                                                        Handle        = 0x88990007
+	D2DERR_INTERNAL_ERROR                                                     Handle        = 0x88990008
+	D2DERR_DISPLAY_FORMAT_NOT_SUPPORTED                                       Handle        = 0x88990009
+	D2DERR_INVALID_CALL                                                       Handle        = 0x8899000A
+	D2DERR_NO_HARDWARE_DEVICE                                                 Handle        = 0x8899000B
+	D2DERR_RECREATE_TARGET                                                    Handle        = 0x8899000C
+	D2DERR_TOO_MANY_SHADER_ELEMENTS                                           Handle        = 0x8899000D
+	D2DERR_SHADER_COMPILE_FAILED                                              Handle        = 0x8899000E
+	D2DERR_MAX_TEXTURE_SIZE_EXCEEDED                                          Handle        = 0x8899000F
+	D2DERR_UNSUPPORTED_VERSION                                                Handle        = 0x88990010
+	D2DERR_BAD_NUMBER                                                         Handle        = 0x88990011
+	D2DERR_WRONG_FACTORY                                                      Handle        = 0x88990012
+	D2DERR_LAYER_ALREADY_IN_USE                                               Handle        = 0x88990013
+	D2DERR_POP_CALL_DID_NOT_MATCH_PUSH                                        Handle        = 0x88990014
+	D2DERR_WRONG_RESOURCE_DOMAIN                                              Handle        = 0x88990015
+	D2DERR_PUSH_POP_UNBALANCED                                                Handle        = 0x88990016
+	D2DERR_RENDER_TARGET_HAS_LAYER_OR_CLIPRECT                                Handle        = 0x88990017
+	D2DERR_INCOMPATIBLE_BRUSH_TYPES                                           Handle        = 0x88990018
+	D2DERR_WIN32_ERROR                                                        Handle        = 0x88990019
+	D2DERR_TARGET_NOT_GDI_COMPATIBLE                                          Handle        = 0x8899001A
+	D2DERR_TEXT_EFFECT_IS_WRONG_TYPE                                          Handle        = 0x8899001B
+	D2DERR_TEXT_RENDERER_NOT_RELEASED                                         Handle        = 0x8899001C
+	D2DERR_EXCEEDS_MAX_BITMAP_SIZE                                            Handle        = 0x8899001D
+	D2DERR_INVALID_GRAPH_CONFIGURATION                                        Handle        = 0x8899001E
+	D2DERR_INVALID_INTERNAL_GRAPH_CONFIGURATION                               Handle        = 0x8899001F
+	D2DERR_CYCLIC_GRAPH                                                       Handle        = 0x88990020
+	D2DERR_BITMAP_CANNOT_DRAW                                                 Handle        = 0x88990021
+	D2DERR_OUTSTANDING_BITMAP_REFERENCES                                      Handle        = 0x88990022
+	D2DERR_ORIGINAL_TARGET_NOT_BOUND                                          Handle        = 0x88990023
+	D2DERR_INVALID_TARGET                                                     Handle        = 0x88990024
+	D2DERR_BITMAP_BOUND_AS_TARGET                                             Handle        = 0x88990025
+	D2DERR_INSUFFICIENT_DEVICE_CAPABILITIES                                   Handle        = 0x88990026
+	D2DERR_INTERMEDIATE_TOO_LARGE                                             Handle        = 0x88990027
+	D2DERR_EFFECT_IS_NOT_REGISTERED                                           Handle        = 0x88990028
+	D2DERR_INVALID_PROPERTY                                                   Handle        = 0x88990029
+	D2DERR_NO_SUBPROPERTIES                                                   Handle        = 0x8899002A
+	D2DERR_PRINT_JOB_CLOSED                                                   Handle        = 0x8899002B
+	D2DERR_PRINT_FORMAT_NOT_SUPPORTED                                         Handle        = 0x8899002C
+	D2DERR_TOO_MANY_TRANSFORM_INPUTS                                          Handle        = 0x8899002D
+	D2DERR_INVALID_GLYPH_IMAGE                                                Handle        = 0x8899002E
+	DWRITE_E_FILEFORMAT                                                       Handle        = 0x88985000
+	DWRITE_E_UNEXPECTED                                                       Handle        = 0x88985001
+	DWRITE_E_NOFONT                                                           Handle        = 0x88985002
+	DWRITE_E_FILENOTFOUND                                                     Handle        = 0x88985003
+	DWRITE_E_FILEACCESS                                                       Handle        = 0x88985004
+	DWRITE_E_FONTCOLLECTIONOBSOLETE                                           Handle        = 0x88985005
+	DWRITE_E_ALREADYREGISTERED                                                Handle        = 0x88985006
+	DWRITE_E_CACHEFORMAT                                                      Handle        = 0x88985007
+	DWRITE_E_CACHEVERSION                                                     Handle        = 0x88985008
+	DWRITE_E_UNSUPPORTEDOPERATION                                             Handle        = 0x88985009
+	DWRITE_E_TEXTRENDERERINCOMPATIBLE                                         Handle        = 0x8898500A
+	DWRITE_E_FLOWDIRECTIONCONFLICTS                                           Handle        = 0x8898500B
+	DWRITE_E_NOCOLOR                                                          Handle        = 0x8898500C
+	DWRITE_E_REMOTEFONT                                                       Handle        = 0x8898500D
+	DWRITE_E_DOWNLOADCANCELLED                                                Handle        = 0x8898500E
+	DWRITE_E_DOWNLOADFAILED                                                   Handle        = 0x8898500F
+	DWRITE_E_TOOMANYDOWNLOADS                                                 Handle        = 0x88985010
+	WINCODEC_ERR_WRONGSTATE                                                   Handle        = 0x88982F04
+	WINCODEC_ERR_VALUEOUTOFRANGE                                              Handle        = 0x88982F05
+	WINCODEC_ERR_UNKNOWNIMAGEFORMAT                                           Handle        = 0x88982F07
+	WINCODEC_ERR_UNSUPPORTEDVERSION                                           Handle        = 0x88982F0B
+	WINCODEC_ERR_NOTINITIALIZED                                               Handle        = 0x88982F0C
+	WINCODEC_ERR_ALREADYLOCKED                                                Handle        = 0x88982F0D
+	WINCODEC_ERR_PROPERTYNOTFOUND                                             Handle        = 0x88982F40
+	WINCODEC_ERR_PROPERTYNOTSUPPORTED                                         Handle        = 0x88982F41
+	WINCODEC_ERR_PROPERTYSIZE                                                 Handle        = 0x88982F42
+	WINCODEC_ERR_CODECPRESENT                                                 Handle        = 0x88982F43
+	WINCODEC_ERR_CODECNOTHUMBNAIL                                             Handle        = 0x88982F44
+	WINCODEC_ERR_PALETTEUNAVAILABLE                                           Handle        = 0x88982F45
+	WINCODEC_ERR_CODECTOOMANYSCANLINES                                        Handle        = 0x88982F46
+	WINCODEC_ERR_INTERNALERROR                                                Handle        = 0x88982F48
+	WINCODEC_ERR_SOURCERECTDOESNOTMATCHDIMENSIONS                             Handle        = 0x88982F49
+	WINCODEC_ERR_COMPONENTNOTFOUND                                            Handle        = 0x88982F50
+	WINCODEC_ERR_IMAGESIZEOUTOFRANGE                                          Handle        = 0x88982F51
+	WINCODEC_ERR_TOOMUCHMETADATA                                              Handle        = 0x88982F52
+	WINCODEC_ERR_BADIMAGE                                                     Handle        = 0x88982F60
+	WINCODEC_ERR_BADHEADER                                                    Handle        = 0x88982F61
+	WINCODEC_ERR_FRAMEMISSING                                                 Handle        = 0x88982F62
+	WINCODEC_ERR_BADMETADATAHEADER                                            Handle        = 0x88982F63
+	WINCODEC_ERR_BADSTREAMDATA                                                Handle        = 0x88982F70
+	WINCODEC_ERR_STREAMWRITE                                                  Handle        = 0x88982F71
+	WINCODEC_ERR_STREAMREAD                                                   Handle        = 0x88982F72
+	WINCODEC_ERR_STREAMNOTAVAILABLE                                           Handle        = 0x88982F73
+	WINCODEC_ERR_UNSUPPORTEDPIXELFORMAT                                       Handle        = 0x88982F80
+	WINCODEC_ERR_UNSUPPORTEDOPERATION                                         Handle        = 0x88982F81
+	WINCODEC_ERR_INVALIDREGISTRATION                                          Handle        = 0x88982F8A
+	WINCODEC_ERR_COMPONENTINITIALIZEFAILURE                                   Handle        = 0x88982F8B
+	WINCODEC_ERR_INSUFFICIENTBUFFER                                           Handle        = 0x88982F8C
+	WINCODEC_ERR_DUPLICATEMETADATAPRESENT                                     Handle        = 0x88982F8D
+	WINCODEC_ERR_PROPERTYUNEXPECTEDTYPE                                       Handle        = 0x88982F8E
+	WINCODEC_ERR_UNEXPECTEDSIZE                                               Handle        = 0x88982F8F
+	WINCODEC_ERR_INVALIDQUERYREQUEST                                          Handle        = 0x88982F90
+	WINCODEC_ERR_UNEXPECTEDMETADATATYPE                                       Handle        = 0x88982F91
+	WINCODEC_ERR_REQUESTONLYVALIDATMETADATAROOT                               Handle        = 0x88982F92
+	WINCODEC_ERR_INVALIDQUERYCHARACTER                                        Handle        = 0x88982F93
+	WINCODEC_ERR_WIN32ERROR                                                   Handle        = 0x88982F94
+	WINCODEC_ERR_INVALIDPROGRESSIVELEVEL                                      Handle        = 0x88982F95
+	WINCODEC_ERR_INVALIDJPEGSCANINDEX                                         Handle        = 0x88982F96
+	MILERR_OBJECTBUSY                                                         Handle        = 0x88980001
+	MILERR_INSUFFICIENTBUFFER                                                 Handle        = 0x88980002
+	MILERR_WIN32ERROR                                                         Handle        = 0x88980003
+	MILERR_SCANNER_FAILED                                                     Handle        = 0x88980004
+	MILERR_SCREENACCESSDENIED                                                 Handle        = 0x88980005
+	MILERR_DISPLAYSTATEINVALID                                                Handle        = 0x88980006
+	MILERR_NONINVERTIBLEMATRIX                                                Handle        = 0x88980007
+	MILERR_ZEROVECTOR                                                         Handle        = 0x88980008
+	MILERR_TERMINATED                                                         Handle        = 0x88980009
+	MILERR_BADNUMBER                                                          Handle        = 0x8898000A
+	MILERR_INTERNALERROR                                                      Handle        = 0x88980080
+	MILERR_DISPLAYFORMATNOTSUPPORTED                                          Handle        = 0x88980084
+	MILERR_INVALIDCALL                                                        Handle        = 0x88980085
+	MILERR_ALREADYLOCKED                                                      Handle        = 0x88980086
+	MILERR_NOTLOCKED                                                          Handle        = 0x88980087
+	MILERR_DEVICECANNOTRENDERTEXT                                             Handle        = 0x88980088
+	MILERR_GLYPHBITMAPMISSED                                                  Handle        = 0x88980089
+	MILERR_MALFORMEDGLYPHCACHE                                                Handle        = 0x8898008A
+	MILERR_GENERIC_IGNORE                                                     Handle        = 0x8898008B
+	MILERR_MALFORMED_GUIDELINE_DATA                                           Handle        = 0x8898008C
+	MILERR_NO_HARDWARE_DEVICE                                                 Handle        = 0x8898008D
+	MILERR_NEED_RECREATE_AND_PRESENT                                          Handle        = 0x8898008E
+	MILERR_ALREADY_INITIALIZED                                                Handle        = 0x8898008F
+	MILERR_MISMATCHED_SIZE                                                    Handle        = 0x88980090
+	MILERR_NO_REDIRECTION_SURFACE_AVAILABLE                                   Handle        = 0x88980091
+	MILERR_REMOTING_NOT_SUPPORTED                                             Handle        = 0x88980092
+	MILERR_QUEUED_PRESENT_NOT_SUPPORTED                                       Handle        = 0x88980093
+	MILERR_NOT_QUEUING_PRESENTS                                               Handle        = 0x88980094
+	MILERR_NO_REDIRECTION_SURFACE_RETRY_LATER                                 Handle        = 0x88980095
+	MILERR_TOOMANYSHADERELEMNTS                                               Handle        = 0x88980096
+	MILERR_MROW_READLOCK_FAILED                                               Handle        = 0x88980097
+	MILERR_MROW_UPDATE_FAILED                                                 Handle        = 0x88980098
+	MILERR_SHADER_COMPILE_FAILED                                              Handle        = 0x88980099
+	MILERR_MAX_TEXTURE_SIZE_EXCEEDED                                          Handle        = 0x8898009A
+	MILERR_QPC_TIME_WENT_BACKWARD                                             Handle        = 0x8898009B
+	MILERR_DXGI_ENUMERATION_OUT_OF_SYNC                                       Handle        = 0x8898009D
+	MILERR_ADAPTER_NOT_FOUND                                                  Handle        = 0x8898009E
+	MILERR_COLORSPACE_NOT_SUPPORTED                                           Handle        = 0x8898009F
+	MILERR_PREFILTER_NOT_SUPPORTED                                            Handle        = 0x889800A0
+	MILERR_DISPLAYID_ACCESS_DENIED                                            Handle        = 0x889800A1
+	UCEERR_INVALIDPACKETHEADER                                                Handle        = 0x88980400
+	UCEERR_UNKNOWNPACKET                                                      Handle        = 0x88980401
+	UCEERR_ILLEGALPACKET                                                      Handle        = 0x88980402
+	UCEERR_MALFORMEDPACKET                                                    Handle        = 0x88980403
+	UCEERR_ILLEGALHANDLE                                                      Handle        = 0x88980404
+	UCEERR_HANDLELOOKUPFAILED                                                 Handle        = 0x88980405
+	UCEERR_RENDERTHREADFAILURE                                                Handle        = 0x88980406
+	UCEERR_CTXSTACKFRSTTARGETNULL                                             Handle        = 0x88980407
+	UCEERR_CONNECTIONIDLOOKUPFAILED                                           Handle        = 0x88980408
+	UCEERR_BLOCKSFULL                                                         Handle        = 0x88980409
+	UCEERR_MEMORYFAILURE                                                      Handle        = 0x8898040A
+	UCEERR_PACKETRECORDOUTOFRANGE                                             Handle        = 0x8898040B
+	UCEERR_ILLEGALRECORDTYPE                                                  Handle        = 0x8898040C
+	UCEERR_OUTOFHANDLES                                                       Handle        = 0x8898040D
+	UCEERR_UNCHANGABLE_UPDATE_ATTEMPTED                                       Handle        = 0x8898040E
+	UCEERR_NO_MULTIPLE_WORKER_THREADS                                         Handle        = 0x8898040F
+	UCEERR_REMOTINGNOTSUPPORTED                                               Handle        = 0x88980410
+	UCEERR_MISSINGENDCOMMAND                                                  Handle        = 0x88980411
+	UCEERR_MISSINGBEGINCOMMAND                                                Handle        = 0x88980412
+	UCEERR_CHANNELSYNCTIMEDOUT                                                Handle        = 0x88980413
+	UCEERR_CHANNELSYNCABANDONED                                               Handle        = 0x88980414
+	UCEERR_UNSUPPORTEDTRANSPORTVERSION                                        Handle        = 0x88980415
+	UCEERR_TRANSPORTUNAVAILABLE                                               Handle        = 0x88980416
+	UCEERR_FEEDBACK_UNSUPPORTED                                               Handle        = 0x88980417
+	UCEERR_COMMANDTRANSPORTDENIED                                             Handle        = 0x88980418
+	UCEERR_GRAPHICSSTREAMUNAVAILABLE                                          Handle        = 0x88980419
+	UCEERR_GRAPHICSSTREAMALREADYOPEN                                          Handle        = 0x88980420
+	UCEERR_TRANSPORTDISCONNECTED                                              Handle        = 0x88980421
+	UCEERR_TRANSPORTOVERLOADED                                                Handle        = 0x88980422
+	UCEERR_PARTITION_ZOMBIED                                                  Handle        = 0x88980423
+	MILAVERR_NOCLOCK                                                          Handle        = 0x88980500
+	MILAVERR_NOMEDIATYPE                                                      Handle        = 0x88980501
+	MILAVERR_NOVIDEOMIXER                                                     Handle        = 0x88980502
+	MILAVERR_NOVIDEOPRESENTER                                                 Handle        = 0x88980503
+	MILAVERR_NOREADYFRAMES                                                    Handle        = 0x88980504
+	MILAVERR_MODULENOTLOADED                                                  Handle        = 0x88980505
+	MILAVERR_WMPFACTORYNOTREGISTERED                                          Handle        = 0x88980506
+	MILAVERR_INVALIDWMPVERSION                                                Handle        = 0x88980507
+	MILAVERR_INSUFFICIENTVIDEORESOURCES                                       Handle        = 0x88980508
+	MILAVERR_VIDEOACCELERATIONNOTAVAILABLE                                    Handle        = 0x88980509
+	MILAVERR_REQUESTEDTEXTURETOOBIG                                           Handle        = 0x8898050A
+	MILAVERR_SEEKFAILED                                                       Handle        = 0x8898050B
+	MILAVERR_UNEXPECTEDWMPFAILURE                                             Handle        = 0x8898050C
+	MILAVERR_MEDIAPLAYERCLOSED                                                Handle        = 0x8898050D
+	MILAVERR_UNKNOWNHARDWAREERROR                                             Handle        = 0x8898050E
+	MILEFFECTSERR_UNKNOWNPROPERTY                                             Handle        = 0x8898060E
+	MILEFFECTSERR_EFFECTNOTPARTOFGROUP                                        Handle        = 0x8898060F
+	MILEFFECTSERR_NOINPUTSOURCEATTACHED                                       Handle        = 0x88980610
+	MILEFFECTSERR_CONNECTORNOTCONNECTED                                       Handle        = 0x88980611
+	MILEFFECTSERR_CONNECTORNOTASSOCIATEDWITHEFFECT                            Handle        = 0x88980612
+	MILEFFECTSERR_RESERVED                                                    Handle        = 0x88980613
+	MILEFFECTSERR_CYCLEDETECTED                                               Handle        = 0x88980614
+	MILEFFECTSERR_EFFECTINMORETHANONEGRAPH                                    Handle        = 0x88980615
+	MILEFFECTSERR_EFFECTALREADYINAGRAPH                                       Handle        = 0x88980616
+	MILEFFECTSERR_EFFECTHASNOCHILDREN                                         Handle        = 0x88980617
+	MILEFFECTSERR_ALREADYATTACHEDTOLISTENER                                   Handle        = 0x88980618
+	MILEFFECTSERR_NOTAFFINETRANSFORM                                          Handle        = 0x88980619
+	MILEFFECTSERR_EMPTYBOUNDS                                                 Handle        = 0x8898061A
+	MILEFFECTSERR_OUTPUTSIZETOOLARGE                                          Handle        = 0x8898061B
+	DWMERR_STATE_TRANSITION_FAILED                                            Handle        = 0x88980700
+	DWMERR_THEME_FAILED                                                       Handle        = 0x88980701
+	DWMERR_CATASTROPHIC_FAILURE                                               Handle        = 0x88980702
+	DCOMPOSITION_ERROR_WINDOW_ALREADY_COMPOSED                                Handle        = 0x88980800
+	DCOMPOSITION_ERROR_SURFACE_BEING_RENDERED                                 Handle        = 0x88980801
+	DCOMPOSITION_ERROR_SURFACE_NOT_BEING_RENDERED                             Handle        = 0x88980802
+	ONL_E_INVALID_AUTHENTICATION_TARGET                                       Handle        = 0x80860001
+	ONL_E_ACCESS_DENIED_BY_TOU                                                Handle        = 0x80860002
+	ONL_E_INVALID_APPLICATION                                                 Handle        = 0x80860003
+	ONL_E_PASSWORD_UPDATE_REQUIRED                                            Handle        = 0x80860004
+	ONL_E_ACCOUNT_UPDATE_REQUIRED                                             Handle        = 0x80860005
+	ONL_E_FORCESIGNIN                                                         Handle        = 0x80860006
+	ONL_E_ACCOUNT_LOCKED                                                      Handle        = 0x80860007
+	ONL_E_PARENTAL_CONSENT_REQUIRED                                           Handle        = 0x80860008
+	ONL_E_EMAIL_VERIFICATION_REQUIRED                                         Handle        = 0x80860009
+	ONL_E_ACCOUNT_SUSPENDED_COMPROIMISE                                       Handle        = 0x8086000A
+	ONL_E_ACCOUNT_SUSPENDED_ABUSE                                             Handle        = 0x8086000B
+	ONL_E_ACTION_REQUIRED                                                     Handle        = 0x8086000C
+	ONL_CONNECTION_COUNT_LIMIT                                                Handle        = 0x8086000D
+	ONL_E_CONNECTED_ACCOUNT_CAN_NOT_SIGNOUT                                   Handle        = 0x8086000E
+	ONL_E_USER_AUTHENTICATION_REQUIRED                                        Handle        = 0x8086000F
+	ONL_E_REQUEST_THROTTLED                                                   Handle        = 0x80860010
+	FA_E_MAX_PERSISTED_ITEMS_REACHED                                          Handle        = 0x80270220
+	FA_E_HOMEGROUP_NOT_AVAILABLE                                              Handle        = 0x80270222
+	E_MONITOR_RESOLUTION_TOO_LOW                                              Handle        = 0x80270250
+	E_ELEVATED_ACTIVATION_NOT_SUPPORTED                                       Handle        = 0x80270251
+	E_UAC_DISABLED                                                            Handle        = 0x80270252
+	E_FULL_ADMIN_NOT_SUPPORTED                                                Handle        = 0x80270253
+	E_APPLICATION_NOT_REGISTERED                                              Handle        = 0x80270254
+	E_MULTIPLE_EXTENSIONS_FOR_APPLICATION                                     Handle        = 0x80270255
+	E_MULTIPLE_PACKAGES_FOR_FAMILY                                            Handle        = 0x80270256
+	E_APPLICATION_MANAGER_NOT_RUNNING                                         Handle        = 0x80270257
+	S_STORE_LAUNCHED_FOR_REMEDIATION                                          Handle        = 0x00270258
+	S_APPLICATION_ACTIVATION_ERROR_HANDLED_BY_DIALOG                          Handle        = 0x00270259
+	E_APPLICATION_ACTIVATION_TIMED_OUT                                        Handle        = 0x8027025A
+	E_APPLICATION_ACTIVATION_EXEC_FAILURE                                     Handle        = 0x8027025B
+	E_APPLICATION_TEMPORARY_LICENSE_ERROR                                     Handle        = 0x8027025C
+	E_APPLICATION_TRIAL_LICENSE_EXPIRED                                       Handle        = 0x8027025D
+	E_SKYDRIVE_ROOT_TARGET_FILE_SYSTEM_NOT_SUPPORTED                          Handle        = 0x80270260
+	E_SKYDRIVE_ROOT_TARGET_OVERLAP                                            Handle        = 0x80270261
+	E_SKYDRIVE_ROOT_TARGET_CANNOT_INDEX                                       Handle        = 0x80270262
+	E_SKYDRIVE_FILE_NOT_UPLOADED                                              Handle        = 0x80270263
+	E_SKYDRIVE_UPDATE_AVAILABILITY_FAIL                                       Handle        = 0x80270264
+	E_SKYDRIVE_ROOT_TARGET_VOLUME_ROOT_NOT_SUPPORTED                          Handle        = 0x80270265
+	E_SYNCENGINE_FILE_SIZE_OVER_LIMIT                                         Handle        = 0x8802B001
+	E_SYNCENGINE_FILE_SIZE_EXCEEDS_REMAINING_QUOTA                            Handle        = 0x8802B002
+	E_SYNCENGINE_UNSUPPORTED_FILE_NAME                                        Handle        = 0x8802B003
+	E_SYNCENGINE_FOLDER_ITEM_COUNT_LIMIT_EXCEEDED                             Handle        = 0x8802B004
+	E_SYNCENGINE_FILE_SYNC_PARTNER_ERROR                                      Handle        = 0x8802B005
+	E_SYNCENGINE_SYNC_PAUSED_BY_SERVICE                                       Handle        = 0x8802B006
+	E_SYNCENGINE_FILE_IDENTIFIER_UNKNOWN                                      Handle        = 0x8802C002
+	E_SYNCENGINE_SERVICE_AUTHENTICATION_FAILED                                Handle        = 0x8802C003
+	E_SYNCENGINE_UNKNOWN_SERVICE_ERROR                                        Handle        = 0x8802C004
+	E_SYNCENGINE_SERVICE_RETURNED_UNEXPECTED_SIZE                             Handle        = 0x8802C005
+	E_SYNCENGINE_REQUEST_BLOCKED_BY_SERVICE                                   Handle        = 0x8802C006
+	E_SYNCENGINE_REQUEST_BLOCKED_DUE_TO_CLIENT_ERROR                          Handle        = 0x8802C007
+	E_SYNCENGINE_FOLDER_INACCESSIBLE                                          Handle        = 0x8802D001
+	E_SYNCENGINE_UNSUPPORTED_FOLDER_NAME                                      Handle        = 0x8802D002
+	E_SYNCENGINE_UNSUPPORTED_MARKET                                           Handle        = 0x8802D003
+	E_SYNCENGINE_PATH_LENGTH_LIMIT_EXCEEDED                                   Handle        = 0x8802D004
+	E_SYNCENGINE_REMOTE_PATH_LENGTH_LIMIT_EXCEEDED                            Handle        = 0x8802D005
+	E_SYNCENGINE_CLIENT_UPDATE_NEEDED                                         Handle        = 0x8802D006
+	E_SYNCENGINE_PROXY_AUTHENTICATION_REQUIRED                                Handle        = 0x8802D007
+	E_SYNCENGINE_STORAGE_SERVICE_PROVISIONING_FAILED                          Handle        = 0x8802D008
+	E_SYNCENGINE_UNSUPPORTED_REPARSE_POINT                                    Handle        = 0x8802D009
+	E_SYNCENGINE_STORAGE_SERVICE_BLOCKED                                      Handle        = 0x8802D00A
+	E_SYNCENGINE_FOLDER_IN_REDIRECTION                                        Handle        = 0x8802D00B
+	EAS_E_POLICY_NOT_MANAGED_BY_OS                                            Handle        = 0x80550001
+	EAS_E_POLICY_COMPLIANT_WITH_ACTIONS                                       Handle        = 0x80550002
+	EAS_E_REQUESTED_POLICY_NOT_ENFORCEABLE                                    Handle        = 0x80550003
+	EAS_E_CURRENT_USER_HAS_BLANK_PASSWORD                                     Handle        = 0x80550004
+	EAS_E_REQUESTED_POLICY_PASSWORD_EXPIRATION_INCOMPATIBLE                   Handle        = 0x80550005
+	EAS_E_USER_CANNOT_CHANGE_PASSWORD                                         Handle        = 0x80550006
+	EAS_E_ADMINS_HAVE_BLANK_PASSWORD                                          Handle        = 0x80550007
+	EAS_E_ADMINS_CANNOT_CHANGE_PASSWORD                                       Handle        = 0x80550008
+	EAS_E_LOCAL_CONTROLLED_USERS_CANNOT_CHANGE_PASSWORD                       Handle        = 0x80550009
+	EAS_E_PASSWORD_POLICY_NOT_ENFORCEABLE_FOR_CONNECTED_ADMINS                Handle        = 0x8055000A
+	EAS_E_CONNECTED_ADMINS_NEED_TO_CHANGE_PASSWORD                            Handle        = 0x8055000B
+	EAS_E_PASSWORD_POLICY_NOT_ENFORCEABLE_FOR_CURRENT_CONNECTED_USER          Handle        = 0x8055000C
+	EAS_E_CURRENT_CONNECTED_USER_NEED_TO_CHANGE_PASSWORD                      Handle        = 0x8055000D
+	WEB_E_UNSUPPORTED_FORMAT                                                  Handle        = 0x83750001
+	WEB_E_INVALID_XML                                                         Handle        = 0x83750002
+	WEB_E_MISSING_REQUIRED_ELEMENT                                            Handle        = 0x83750003
+	WEB_E_MISSING_REQUIRED_ATTRIBUTE                                          Handle        = 0x83750004
+	WEB_E_UNEXPECTED_CONTENT                                                  Handle        = 0x83750005
+	WEB_E_RESOURCE_TOO_LARGE                                                  Handle        = 0x83750006
+	WEB_E_INVALID_JSON_STRING                                                 Handle        = 0x83750007
+	WEB_E_INVALID_JSON_NUMBER                                                 Handle        = 0x83750008
+	WEB_E_JSON_VALUE_NOT_FOUND                                                Handle        = 0x83750009
+	HTTP_E_STATUS_UNEXPECTED                                                  Handle        = 0x80190001
+	HTTP_E_STATUS_UNEXPECTED_REDIRECTION                                      Handle        = 0x80190003
+	HTTP_E_STATUS_UNEXPECTED_CLIENT_ERROR                                     Handle        = 0x80190004
+	HTTP_E_STATUS_UNEXPECTED_SERVER_ERROR                                     Handle        = 0x80190005
+	HTTP_E_STATUS_AMBIGUOUS                                                   Handle        = 0x8019012C
+	HTTP_E_STATUS_MOVED                                                       Handle        = 0x8019012D
+	HTTP_E_STATUS_REDIRECT                                                    Handle        = 0x8019012E
+	HTTP_E_STATUS_REDIRECT_METHOD                                             Handle        = 0x8019012F
+	HTTP_E_STATUS_NOT_MODIFIED                                                Handle        = 0x80190130
+	HTTP_E_STATUS_USE_PROXY                                                   Handle        = 0x80190131
+	HTTP_E_STATUS_REDIRECT_KEEP_VERB                                          Handle        = 0x80190133
+	HTTP_E_STATUS_BAD_REQUEST                                                 Handle        = 0x80190190
+	HTTP_E_STATUS_DENIED                                                      Handle        = 0x80190191
+	HTTP_E_STATUS_PAYMENT_REQ                                                 Handle        = 0x80190192
+	HTTP_E_STATUS_FORBIDDEN                                                   Handle        = 0x80190193
+	HTTP_E_STATUS_NOT_FOUND                                                   Handle        = 0x80190194
+	HTTP_E_STATUS_BAD_METHOD                                                  Handle        = 0x80190195
+	HTTP_E_STATUS_NONE_ACCEPTABLE                                             Handle        = 0x80190196
+	HTTP_E_STATUS_PROXY_AUTH_REQ                                              Handle        = 0x80190197
+	HTTP_E_STATUS_REQUEST_TIMEOUT                                             Handle        = 0x80190198
+	HTTP_E_STATUS_CONFLICT                                                    Handle        = 0x80190199
+	HTTP_E_STATUS_GONE                                                        Handle        = 0x8019019A
+	HTTP_E_STATUS_LENGTH_REQUIRED                                             Handle        = 0x8019019B
+	HTTP_E_STATUS_PRECOND_FAILED                                              Handle        = 0x8019019C
+	HTTP_E_STATUS_REQUEST_TOO_LARGE                                           Handle        = 0x8019019D
+	HTTP_E_STATUS_URI_TOO_LONG                                                Handle        = 0x8019019E
+	HTTP_E_STATUS_UNSUPPORTED_MEDIA                                           Handle        = 0x8019019F
+	HTTP_E_STATUS_RANGE_NOT_SATISFIABLE                                       Handle        = 0x801901A0
+	HTTP_E_STATUS_EXPECTATION_FAILED                                          Handle        = 0x801901A1
+	HTTP_E_STATUS_SERVER_ERROR                                                Handle        = 0x801901F4
+	HTTP_E_STATUS_NOT_SUPPORTED                                               Handle        = 0x801901F5
+	HTTP_E_STATUS_BAD_GATEWAY                                                 Handle        = 0x801901F6
+	HTTP_E_STATUS_SERVICE_UNAVAIL                                             Handle        = 0x801901F7
+	HTTP_E_STATUS_GATEWAY_TIMEOUT                                             Handle        = 0x801901F8
+	HTTP_E_STATUS_VERSION_NOT_SUP                                             Handle        = 0x801901F9
+	E_INVALID_PROTOCOL_OPERATION                                              Handle        = 0x83760001
+	E_INVALID_PROTOCOL_FORMAT                                                 Handle        = 0x83760002
+	E_PROTOCOL_EXTENSIONS_NOT_SUPPORTED                                       Handle        = 0x83760003
+	E_SUBPROTOCOL_NOT_SUPPORTED                                               Handle        = 0x83760004
+	E_PROTOCOL_VERSION_NOT_SUPPORTED                                          Handle        = 0x83760005
+	INPUT_E_OUT_OF_ORDER                                                      Handle        = 0x80400000
+	INPUT_E_REENTRANCY                                                        Handle        = 0x80400001
+	INPUT_E_MULTIMODAL                                                        Handle        = 0x80400002
+	INPUT_E_PACKET                                                            Handle        = 0x80400003
+	INPUT_E_FRAME                                                             Handle        = 0x80400004
+	INPUT_E_HISTORY                                                           Handle        = 0x80400005
+	INPUT_E_DEVICE_INFO                                                       Handle        = 0x80400006
+	INPUT_E_TRANSFORM                                                         Handle        = 0x80400007
+	INPUT_E_DEVICE_PROPERTY                                                   Handle        = 0x80400008
+	INET_E_INVALID_URL                                                        Handle        = 0x800C0002
+	INET_E_NO_SESSION                                                         Handle        = 0x800C0003
+	INET_E_CANNOT_CONNECT                                                     Handle        = 0x800C0004
+	INET_E_RESOURCE_NOT_FOUND                                                 Handle        = 0x800C0005
+	INET_E_OBJECT_NOT_FOUND                                                   Handle        = 0x800C0006
+	INET_E_DATA_NOT_AVAILABLE                                                 Handle        = 0x800C0007
+	INET_E_DOWNLOAD_FAILURE                                                   Handle        = 0x800C0008
+	INET_E_AUTHENTICATION_REQUIRED                                            Handle        = 0x800C0009
+	INET_E_NO_VALID_MEDIA                                                     Handle        = 0x800C000A
+	INET_E_CONNECTION_TIMEOUT                                                 Handle        = 0x800C000B
+	INET_E_INVALID_REQUEST                                                    Handle        = 0x800C000C
+	INET_E_UNKNOWN_PROTOCOL                                                   Handle        = 0x800C000D
+	INET_E_SECURITY_PROBLEM                                                   Handle        = 0x800C000E
+	INET_E_CANNOT_LOAD_DATA                                                   Handle        = 0x800C000F
+	INET_E_CANNOT_INSTANTIATE_OBJECT                                          Handle        = 0x800C0010
+	INET_E_INVALID_CERTIFICATE                                                Handle        = 0x800C0019
+	INET_E_REDIRECT_FAILED                                                    Handle        = 0x800C0014
+	INET_E_REDIRECT_TO_DIR                                                    Handle        = 0x800C0015
+	ERROR_DBG_CREATE_PROCESS_FAILURE_LOCKDOWN                                 Handle        = 0x80B00001
+	ERROR_DBG_ATTACH_PROCESS_FAILURE_LOCKDOWN                                 Handle        = 0x80B00002
+	ERROR_DBG_CONNECT_SERVER_FAILURE_LOCKDOWN                                 Handle        = 0x80B00003
+	ERROR_DBG_START_SERVER_FAILURE_LOCKDOWN                                   Handle        = 0x80B00004
+	ERROR_IO_PREEMPTED                                                        Handle        = 0x89010001
+	JSCRIPT_E_CANTEXECUTE                                                     Handle        = 0x89020001
+	WEP_E_NOT_PROVISIONED_ON_ALL_VOLUMES                                      Handle        = 0x88010001
+	WEP_E_FIXED_DATA_NOT_SUPPORTED                                            Handle        = 0x88010002
+	WEP_E_HARDWARE_NOT_COMPLIANT                                              Handle        = 0x88010003
+	WEP_E_LOCK_NOT_CONFIGURED                                                 Handle        = 0x88010004
+	WEP_E_PROTECTION_SUSPENDED                                                Handle        = 0x88010005
+	WEP_E_NO_LICENSE                                                          Handle        = 0x88010006
+	WEP_E_OS_NOT_PROTECTED                                                    Handle        = 0x88010007
+	WEP_E_UNEXPECTED_FAIL                                                     Handle        = 0x88010008
+	WEP_E_BUFFER_TOO_LARGE                                                    Handle        = 0x88010009
+	ERROR_SVHDX_ERROR_STORED                                                  Handle        = 0xC05C0000
+	ERROR_SVHDX_ERROR_NOT_AVAILABLE                                           Handle        = 0xC05CFF00
+	ERROR_SVHDX_UNIT_ATTENTION_AVAILABLE                                      Handle        = 0xC05CFF01
+	ERROR_SVHDX_UNIT_ATTENTION_CAPACITY_DATA_CHANGED                          Handle        = 0xC05CFF02
+	ERROR_SVHDX_UNIT_ATTENTION_RESERVATIONS_PREEMPTED                         Handle        = 0xC05CFF03
+	ERROR_SVHDX_UNIT_ATTENTION_RESERVATIONS_RELEASED                          Handle        = 0xC05CFF04
+	ERROR_SVHDX_UNIT_ATTENTION_REGISTRATIONS_PREEMPTED                        Handle        = 0xC05CFF05
+	ERROR_SVHDX_UNIT_ATTENTION_OPERATING_DEFINITION_CHANGED                   Handle        = 0xC05CFF06
+	ERROR_SVHDX_RESERVATION_CONFLICT                                          Handle        = 0xC05CFF07
+	ERROR_SVHDX_WRONG_FILE_TYPE                                               Handle        = 0xC05CFF08
+	ERROR_SVHDX_VERSION_MISMATCH                                              Handle        = 0xC05CFF09
+	ERROR_VHD_SHARED                                                          Handle        = 0xC05CFF0A
+	ERROR_SVHDX_NO_INITIATOR                                                  Handle        = 0xC05CFF0B
+	ERROR_VHDSET_BACKING_STORAGE_NOT_FOUND                                    Handle        = 0xC05CFF0C
+	ERROR_SMB_NO_PREAUTH_INTEGRITY_HASH_OVERLAP                               Handle        = 0xC05D0000
+	ERROR_SMB_BAD_CLUSTER_DIALECT                                             Handle        = 0xC05D0001
+	WININET_E_OUT_OF_HANDLES                                                  Handle        = 0x80072EE1
+	WININET_E_TIMEOUT                                                         Handle        = 0x80072EE2
+	WININET_E_EXTENDED_ERROR                                                  Handle        = 0x80072EE3
+	WININET_E_INTERNAL_ERROR                                                  Handle        = 0x80072EE4
+	WININET_E_INVALID_URL                                                     Handle        = 0x80072EE5
+	WININET_E_UNRECOGNIZED_SCHEME                                             Handle        = 0x80072EE6
+	WININET_E_NAME_NOT_RESOLVED                                               Handle        = 0x80072EE7
+	WININET_E_PROTOCOL_NOT_FOUND                                              Handle        = 0x80072EE8
+	WININET_E_INVALID_OPTION                                                  Handle        = 0x80072EE9
+	WININET_E_BAD_OPTION_LENGTH                                               Handle        = 0x80072EEA
+	WININET_E_OPTION_NOT_SETTABLE                                             Handle        = 0x80072EEB
+	WININET_E_SHUTDOWN                                                        Handle        = 0x80072EEC
+	WININET_E_INCORRECT_USER_NAME                                             Handle        = 0x80072EED
+	WININET_E_INCORRECT_PASSWORD                                              Handle        = 0x80072EEE
+	WININET_E_LOGIN_FAILURE                                                   Handle        = 0x80072EEF
+	WININET_E_INVALID_OPERATION                                               Handle        = 0x80072EF0
+	WININET_E_OPERATION_CANCELLED                                             Handle        = 0x80072EF1
+	WININET_E_INCORRECT_HANDLE_TYPE                                           Handle        = 0x80072EF2
+	WININET_E_INCORRECT_HANDLE_STATE                                          Handle        = 0x80072EF3
+	WININET_E_NOT_PROXY_REQUEST                                               Handle        = 0x80072EF4
+	WININET_E_REGISTRY_VALUE_NOT_FOUND                                        Handle        = 0x80072EF5
+	WININET_E_BAD_REGISTRY_PARAMETER                                          Handle        = 0x80072EF6
+	WININET_E_NO_DIRECT_ACCESS                                                Handle        = 0x80072EF7
+	WININET_E_NO_CONTEXT                                                      Handle        = 0x80072EF8
+	WININET_E_NO_CALLBACK                                                     Handle        = 0x80072EF9
+	WININET_E_REQUEST_PENDING                                                 Handle        = 0x80072EFA
+	WININET_E_INCORRECT_FORMAT                                                Handle        = 0x80072EFB
+	WININET_E_ITEM_NOT_FOUND                                                  Handle        = 0x80072EFC
+	WININET_E_CANNOT_CONNECT                                                  Handle        = 0x80072EFD
+	WININET_E_CONNECTION_ABORTED                                              Handle        = 0x80072EFE
+	WININET_E_CONNECTION_RESET                                                Handle        = 0x80072EFF
+	WININET_E_FORCE_RETRY                                                     Handle        = 0x80072F00
+	WININET_E_INVALID_PROXY_REQUEST                                           Handle        = 0x80072F01
+	WININET_E_NEED_UI                                                         Handle        = 0x80072F02
+	WININET_E_HANDLE_EXISTS                                                   Handle        = 0x80072F04
+	WININET_E_SEC_CERT_DATE_INVALID                                           Handle        = 0x80072F05
+	WININET_E_SEC_CERT_CN_INVALID                                             Handle        = 0x80072F06
+	WININET_E_HTTP_TO_HTTPS_ON_REDIR                                          Handle        = 0x80072F07
+	WININET_E_HTTPS_TO_HTTP_ON_REDIR                                          Handle        = 0x80072F08
+	WININET_E_MIXED_SECURITY                                                  Handle        = 0x80072F09
+	WININET_E_CHG_POST_IS_NON_SECURE                                          Handle        = 0x80072F0A
+	WININET_E_POST_IS_NON_SECURE                                              Handle        = 0x80072F0B
+	WININET_E_CLIENT_AUTH_CERT_NEEDED                                         Handle        = 0x80072F0C
+	WININET_E_INVALID_CA                                                      Handle        = 0x80072F0D
+	WININET_E_CLIENT_AUTH_NOT_SETUP                                           Handle        = 0x80072F0E
+	WININET_E_ASYNC_THREAD_FAILED                                             Handle        = 0x80072F0F
+	WININET_E_REDIRECT_SCHEME_CHANGE                                          Handle        = 0x80072F10
+	WININET_E_DIALOG_PENDING                                                  Handle        = 0x80072F11
+	WININET_E_RETRY_DIALOG                                                    Handle        = 0x80072F12
+	WININET_E_NO_NEW_CONTAINERS                                               Handle        = 0x80072F13
+	WININET_E_HTTPS_HTTP_SUBMIT_REDIR                                         Handle        = 0x80072F14
+	WININET_E_SEC_CERT_ERRORS                                                 Handle        = 0x80072F17
+	WININET_E_SEC_CERT_REV_FAILED                                             Handle        = 0x80072F19
+	WININET_E_HEADER_NOT_FOUND                                                Handle        = 0x80072F76
+	WININET_E_DOWNLEVEL_SERVER                                                Handle        = 0x80072F77
+	WININET_E_INVALID_SERVER_RESPONSE                                         Handle        = 0x80072F78
+	WININET_E_INVALID_HEADER                                                  Handle        = 0x80072F79
+	WININET_E_INVALID_QUERY_REQUEST                                           Handle        = 0x80072F7A
+	WININET_E_HEADER_ALREADY_EXISTS                                           Handle        = 0x80072F7B
+	WININET_E_REDIRECT_FAILED                                                 Handle        = 0x80072F7C
+	WININET_E_SECURITY_CHANNEL_ERROR                                          Handle        = 0x80072F7D
+	WININET_E_UNABLE_TO_CACHE_FILE                                            Handle        = 0x80072F7E
+	WININET_E_TCPIP_NOT_INSTALLED                                             Handle        = 0x80072F7F
+	WININET_E_DISCONNECTED                                                    Handle        = 0x80072F83
+	WININET_E_SERVER_UNREACHABLE                                              Handle        = 0x80072F84
+	WININET_E_PROXY_SERVER_UNREACHABLE                                        Handle        = 0x80072F85
+	WININET_E_BAD_AUTO_PROXY_SCRIPT                                           Handle        = 0x80072F86
+	WININET_E_UNABLE_TO_DOWNLOAD_SCRIPT                                       Handle        = 0x80072F87
+	WININET_E_SEC_INVALID_CERT                                                Handle        = 0x80072F89
+	WININET_E_SEC_CERT_REVOKED                                                Handle        = 0x80072F8A
+	WININET_E_FAILED_DUETOSECURITYCHECK                                       Handle        = 0x80072F8B
+	WININET_E_NOT_INITIALIZED                                                 Handle        = 0x80072F8C
+	WININET_E_LOGIN_FAILURE_DISPLAY_ENTITY_BODY                               Handle        = 0x80072F8E
+	WININET_E_DECODING_FAILED                                                 Handle        = 0x80072F8F
+	WININET_E_NOT_REDIRECTED                                                  Handle        = 0x80072F80
+	WININET_E_COOKIE_NEEDS_CONFIRMATION                                       Handle        = 0x80072F81
+	WININET_E_COOKIE_DECLINED                                                 Handle        = 0x80072F82
+	WININET_E_REDIRECT_NEEDS_CONFIRMATION                                     Handle        = 0x80072F88
+	SQLITE_E_ERROR                                                            Handle        = 0x87AF0001
+	SQLITE_E_INTERNAL                                                         Handle        = 0x87AF0002
+	SQLITE_E_PERM                                                             Handle        = 0x87AF0003
+	SQLITE_E_ABORT                                                            Handle        = 0x87AF0004
+	SQLITE_E_BUSY                                                             Handle        = 0x87AF0005
+	SQLITE_E_LOCKED                                                           Handle        = 0x87AF0006
+	SQLITE_E_NOMEM                                                            Handle        = 0x87AF0007
+	SQLITE_E_READONLY                                                         Handle        = 0x87AF0008
+	SQLITE_E_INTERRUPT                                                        Handle        = 0x87AF0009
+	SQLITE_E_IOERR                                                            Handle        = 0x87AF000A
+	SQLITE_E_CORRUPT                                                          Handle        = 0x87AF000B
+	SQLITE_E_NOTFOUND                                                         Handle        = 0x87AF000C
+	SQLITE_E_FULL                                                             Handle        = 0x87AF000D
+	SQLITE_E_CANTOPEN                                                         Handle        = 0x87AF000E
+	SQLITE_E_PROTOCOL                                                         Handle        = 0x87AF000F
+	SQLITE_E_EMPTY                                                            Handle        = 0x87AF0010
+	SQLITE_E_SCHEMA                                                           Handle        = 0x87AF0011
+	SQLITE_E_TOOBIG                                                           Handle        = 0x87AF0012
+	SQLITE_E_CONSTRAINT                                                       Handle        = 0x87AF0013
+	SQLITE_E_MISMATCH                                                         Handle        = 0x87AF0014
+	SQLITE_E_MISUSE                                                           Handle        = 0x87AF0015
+	SQLITE_E_NOLFS                                                            Handle        = 0x87AF0016
+	SQLITE_E_AUTH                                                             Handle        = 0x87AF0017
+	SQLITE_E_FORMAT                                                           Handle        = 0x87AF0018
+	SQLITE_E_RANGE                                                            Handle        = 0x87AF0019
+	SQLITE_E_NOTADB                                                           Handle        = 0x87AF001A
+	SQLITE_E_NOTICE                                                           Handle        = 0x87AF001B
+	SQLITE_E_WARNING                                                          Handle        = 0x87AF001C
+	SQLITE_E_ROW                                                              Handle        = 0x87AF0064
+	SQLITE_E_DONE                                                             Handle        = 0x87AF0065
+	SQLITE_E_IOERR_READ                                                       Handle        = 0x87AF010A
+	SQLITE_E_IOERR_SHORT_READ                                                 Handle        = 0x87AF020A
+	SQLITE_E_IOERR_WRITE                                                      Handle        = 0x87AF030A
+	SQLITE_E_IOERR_FSYNC                                                      Handle        = 0x87AF040A
+	SQLITE_E_IOERR_DIR_FSYNC                                                  Handle        = 0x87AF050A
+	SQLITE_E_IOERR_TRUNCATE                                                   Handle        = 0x87AF060A
+	SQLITE_E_IOERR_FSTAT                                                      Handle        = 0x87AF070A
+	SQLITE_E_IOERR_UNLOCK                                                     Handle        = 0x87AF080A
+	SQLITE_E_IOERR_RDLOCK                                                     Handle        = 0x87AF090A
+	SQLITE_E_IOERR_DELETE                                                     Handle        = 0x87AF0A0A
+	SQLITE_E_IOERR_BLOCKED                                                    Handle        = 0x87AF0B0A
+	SQLITE_E_IOERR_NOMEM                                                      Handle        = 0x87AF0C0A
+	SQLITE_E_IOERR_ACCESS                                                     Handle        = 0x87AF0D0A
+	SQLITE_E_IOERR_CHECKRESERVEDLOCK                                          Handle        = 0x87AF0E0A
+	SQLITE_E_IOERR_LOCK                                                       Handle        = 0x87AF0F0A
+	SQLITE_E_IOERR_CLOSE                                                      Handle        = 0x87AF100A
+	SQLITE_E_IOERR_DIR_CLOSE                                                  Handle        = 0x87AF110A
+	SQLITE_E_IOERR_SHMOPEN                                                    Handle        = 0x87AF120A
+	SQLITE_E_IOERR_SHMSIZE                                                    Handle        = 0x87AF130A
+	SQLITE_E_IOERR_SHMLOCK                                                    Handle        = 0x87AF140A
+	SQLITE_E_IOERR_SHMMAP                                                     Handle        = 0x87AF150A
+	SQLITE_E_IOERR_SEEK                                                       Handle        = 0x87AF160A
+	SQLITE_E_IOERR_DELETE_NOENT                                               Handle        = 0x87AF170A
+	SQLITE_E_IOERR_MMAP                                                       Handle        = 0x87AF180A
+	SQLITE_E_IOERR_GETTEMPPATH                                                Handle        = 0x87AF190A
+	SQLITE_E_IOERR_CONVPATH                                                   Handle        = 0x87AF1A0A
+	SQLITE_E_IOERR_VNODE                                                      Handle        = 0x87AF1A02
+	SQLITE_E_IOERR_AUTH                                                       Handle        = 0x87AF1A03
+	SQLITE_E_LOCKED_SHAREDCACHE                                               Handle        = 0x87AF0106
+	SQLITE_E_BUSY_RECOVERY                                                    Handle        = 0x87AF0105
+	SQLITE_E_BUSY_SNAPSHOT                                                    Handle        = 0x87AF0205
+	SQLITE_E_CANTOPEN_NOTEMPDIR                                               Handle        = 0x87AF010E
+	SQLITE_E_CANTOPEN_ISDIR                                                   Handle        = 0x87AF020E
+	SQLITE_E_CANTOPEN_FULLPATH                                                Handle        = 0x87AF030E
+	SQLITE_E_CANTOPEN_CONVPATH                                                Handle        = 0x87AF040E
+	SQLITE_E_CORRUPT_VTAB                                                     Handle        = 0x87AF010B
+	SQLITE_E_READONLY_RECOVERY                                                Handle        = 0x87AF0108
+	SQLITE_E_READONLY_CANTLOCK                                                Handle        = 0x87AF0208
+	SQLITE_E_READONLY_ROLLBACK                                                Handle        = 0x87AF0308
+	SQLITE_E_READONLY_DBMOVED                                                 Handle        = 0x87AF0408
+	SQLITE_E_ABORT_ROLLBACK                                                   Handle        = 0x87AF0204
+	SQLITE_E_CONSTRAINT_CHECK                                                 Handle        = 0x87AF0113
+	SQLITE_E_CONSTRAINT_COMMITHOOK                                            Handle        = 0x87AF0213
+	SQLITE_E_CONSTRAINT_FOREIGNKEY                                            Handle        = 0x87AF0313
+	SQLITE_E_CONSTRAINT_FUNCTION                                              Handle        = 0x87AF0413
+	SQLITE_E_CONSTRAINT_NOTNULL                                               Handle        = 0x87AF0513
+	SQLITE_E_CONSTRAINT_PRIMARYKEY                                            Handle        = 0x87AF0613
+	SQLITE_E_CONSTRAINT_TRIGGER                                               Handle        = 0x87AF0713
+	SQLITE_E_CONSTRAINT_UNIQUE                                                Handle        = 0x87AF0813
+	SQLITE_E_CONSTRAINT_VTAB                                                  Handle        = 0x87AF0913
+	SQLITE_E_CONSTRAINT_ROWID                                                 Handle        = 0x87AF0A13
+	SQLITE_E_NOTICE_RECOVER_WAL                                               Handle        = 0x87AF011B
+	SQLITE_E_NOTICE_RECOVER_ROLLBACK                                          Handle        = 0x87AF021B
+	SQLITE_E_WARNING_AUTOINDEX                                                Handle        = 0x87AF011C
+	UTC_E_TOGGLE_TRACE_STARTED                                                Handle        = 0x87C51001
+	UTC_E_ALTERNATIVE_TRACE_CANNOT_PREEMPT                                    Handle        = 0x87C51002
+	UTC_E_AOT_NOT_RUNNING                                                     Handle        = 0x87C51003
+	UTC_E_SCRIPT_TYPE_INVALID                                                 Handle        = 0x87C51004
+	UTC_E_SCENARIODEF_NOT_FOUND                                               Handle        = 0x87C51005
+	UTC_E_TRACEPROFILE_NOT_FOUND                                              Handle        = 0x87C51006
+	UTC_E_FORWARDER_ALREADY_ENABLED                                           Handle        = 0x87C51007
+	UTC_E_FORWARDER_ALREADY_DISABLED                                          Handle        = 0x87C51008
+	UTC_E_EVENTLOG_ENTRY_MALFORMED                                            Handle        = 0x87C51009
+	UTC_E_DIAGRULES_SCHEMAVERSION_MISMATCH                                    Handle        = 0x87C5100A
+	UTC_E_SCRIPT_TERMINATED                                                   Handle        = 0x87C5100B
+	UTC_E_INVALID_CUSTOM_FILTER                                               Handle        = 0x87C5100C
+	UTC_E_TRACE_NOT_RUNNING                                                   Handle        = 0x87C5100D
+	UTC_E_REESCALATED_TOO_QUICKLY                                             Handle        = 0x87C5100E
+	UTC_E_ESCALATION_ALREADY_RUNNING                                          Handle        = 0x87C5100F
+	UTC_E_PERFTRACK_ALREADY_TRACING                                           Handle        = 0x87C51010
+	UTC_E_REACHED_MAX_ESCALATIONS                                             Handle        = 0x87C51011
+	UTC_E_FORWARDER_PRODUCER_MISMATCH                                         Handle        = 0x87C51012
+	UTC_E_INTENTIONAL_SCRIPT_FAILURE                                          Handle        = 0x87C51013
+	UTC_E_SQM_INIT_FAILED                                                     Handle        = 0x87C51014
+	UTC_E_NO_WER_LOGGER_SUPPORTED                                             Handle        = 0x87C51015
+	UTC_E_TRACERS_DONT_EXIST                                                  Handle        = 0x87C51016
+	UTC_E_WINRT_INIT_FAILED                                                   Handle        = 0x87C51017
+	UTC_E_SCENARIODEF_SCHEMAVERSION_MISMATCH                                  Handle        = 0x87C51018
+	UTC_E_INVALID_FILTER                                                      Handle        = 0x87C51019
+	UTC_E_EXE_TERMINATED                                                      Handle        = 0x87C5101A
+	UTC_E_ESCALATION_NOT_AUTHORIZED                                           Handle        = 0x87C5101B
+	UTC_E_SETUP_NOT_AUTHORIZED                                                Handle        = 0x87C5101C
+	UTC_E_CHILD_PROCESS_FAILED                                                Handle        = 0x87C5101D
+	UTC_E_COMMAND_LINE_NOT_AUTHORIZED                                         Handle        = 0x87C5101E
+	UTC_E_CANNOT_LOAD_SCENARIO_EDITOR_XML                                     Handle        = 0x87C5101F
+	UTC_E_ESCALATION_TIMED_OUT                                                Handle        = 0x87C51020
+	UTC_E_SETUP_TIMED_OUT                                                     Handle        = 0x87C51021
+	UTC_E_TRIGGER_MISMATCH                                                    Handle        = 0x87C51022
+	UTC_E_TRIGGER_NOT_FOUND                                                   Handle        = 0x87C51023
+	UTC_E_SIF_NOT_SUPPORTED                                                   Handle        = 0x87C51024
+	UTC_E_DELAY_TERMINATED                                                    Handle        = 0x87C51025
+	UTC_E_DEVICE_TICKET_ERROR                                                 Handle        = 0x87C51026
+	UTC_E_TRACE_BUFFER_LIMIT_EXCEEDED                                         Handle        = 0x87C51027
+	UTC_E_API_RESULT_UNAVAILABLE                                              Handle        = 0x87C51028
+	UTC_E_RPC_TIMEOUT                                                         Handle        = 0x87C51029
+	UTC_E_RPC_WAIT_FAILED                                                     Handle        = 0x87C5102A
+	UTC_E_API_BUSY                                                            Handle        = 0x87C5102B
+	UTC_E_TRACE_MIN_DURATION_REQUIREMENT_NOT_MET                              Handle        = 0x87C5102C
+	UTC_E_EXCLUSIVITY_NOT_AVAILABLE                                           Handle        = 0x87C5102D
+	UTC_E_GETFILE_FILE_PATH_NOT_APPROVED                                      Handle        = 0x87C5102E
+	UTC_E_ESCALATION_DIRECTORY_ALREADY_EXISTS                                 Handle        = 0x87C5102F
+	UTC_E_TIME_TRIGGER_ON_START_INVALID                                       Handle        = 0x87C51030
+	UTC_E_TIME_TRIGGER_ONLY_VALID_ON_SINGLE_TRANSITION                        Handle        = 0x87C51031
+	UTC_E_TIME_TRIGGER_INVALID_TIME_RANGE                                     Handle        = 0x87C51032
+	UTC_E_MULTIPLE_TIME_TRIGGER_ON_SINGLE_STATE                               Handle        = 0x87C51033
+	UTC_E_BINARY_MISSING                                                      Handle        = 0x87C51034
+	UTC_E_NETWORK_CAPTURE_NOT_ALLOWED                                         Handle        = 0x87C51035
+	UTC_E_FAILED_TO_RESOLVE_CONTAINER_ID                                      Handle        = 0x87C51036
+	UTC_E_UNABLE_TO_RESOLVE_SESSION                                           Handle        = 0x87C51037
+	UTC_E_THROTTLED                                                           Handle        = 0x87C51038
+	UTC_E_UNAPPROVED_SCRIPT                                                   Handle        = 0x87C51039
+	UTC_E_SCRIPT_MISSING                                                      Handle        = 0x87C5103A
+	UTC_E_SCENARIO_THROTTLED                                                  Handle        = 0x87C5103B
+	UTC_E_API_NOT_SUPPORTED                                                   Handle        = 0x87C5103C
+	UTC_E_GETFILE_EXTERNAL_PATH_NOT_APPROVED                                  Handle        = 0x87C5103D
+	UTC_E_TRY_GET_SCENARIO_TIMEOUT_EXCEEDED                                   Handle        = 0x87C5103E
+	UTC_E_CERT_REV_FAILED                                                     Handle        = 0x87C5103F
+	UTC_E_FAILED_TO_START_NDISCAP                                             Handle        = 0x87C51040
+	UTC_E_KERNELDUMP_LIMIT_REACHED                                            Handle        = 0x87C51041
+	UTC_E_MISSING_AGGREGATE_EVENT_TAG                                         Handle        = 0x87C51042
+	UTC_E_INVALID_AGGREGATION_STRUCT                                          Handle        = 0x87C51043
+	UTC_E_ACTION_NOT_SUPPORTED_IN_DESTINATION                                 Handle        = 0x87C51044
+	UTC_E_FILTER_MISSING_ATTRIBUTE                                            Handle        = 0x87C51045
+	UTC_E_FILTER_INVALID_TYPE                                                 Handle        = 0x87C51046
+	UTC_E_FILTER_VARIABLE_NOT_FOUND                                           Handle        = 0x87C51047
+	UTC_E_FILTER_FUNCTION_RESTRICTED                                          Handle        = 0x87C51048
+	UTC_E_FILTER_VERSION_MISMATCH                                             Handle        = 0x87C51049
+	UTC_E_FILTER_INVALID_FUNCTION                                             Handle        = 0x87C51050
+	UTC_E_FILTER_INVALID_FUNCTION_PARAMS                                      Handle        = 0x87C51051
+	UTC_E_FILTER_INVALID_COMMAND                                              Handle        = 0x87C51052
+	UTC_E_FILTER_ILLEGAL_EVAL                                                 Handle        = 0x87C51053
+	UTC_E_TTTRACER_RETURNED_ERROR                                             Handle        = 0x87C51054
+	UTC_E_AGENT_DIAGNOSTICS_TOO_LARGE                                         Handle        = 0x87C51055
+	UTC_E_FAILED_TO_RECEIVE_AGENT_DIAGNOSTICS                                 Handle        = 0x87C51056
+	UTC_E_SCENARIO_HAS_NO_ACTIONS                                             Handle        = 0x87C51057
+	UTC_E_TTTRACER_STORAGE_FULL                                               Handle        = 0x87C51058
+	UTC_E_INSUFFICIENT_SPACE_TO_START_TRACE                                   Handle        = 0x87C51059
+	UTC_E_ESCALATION_CANCELLED_AT_SHUTDOWN                                    Handle        = 0x87C5105A
+	UTC_E_GETFILEINFOACTION_FILE_NOT_APPROVED                                 Handle        = 0x87C5105B
+	UTC_E_SETREGKEYACTION_TYPE_NOT_APPROVED                                   Handle        = 0x87C5105C
+	WINML_ERR_INVALID_DEVICE                                                  Handle        = 0x88900001
+	WINML_ERR_INVALID_BINDING                                                 Handle        = 0x88900002
+	WINML_ERR_VALUE_NOTFOUND                                                  Handle        = 0x88900003
+	WINML_ERR_SIZE_MISMATCH                                                   Handle        = 0x88900004
+	STATUS_WAIT_0                                                             NTStatus      = 0x00000000
+	STATUS_SUCCESS                                                            NTStatus      = 0x00000000
+	STATUS_WAIT_1                                                             NTStatus      = 0x00000001
+	STATUS_WAIT_2                                                             NTStatus      = 0x00000002
+	STATUS_WAIT_3                                                             NTStatus      = 0x00000003
+	STATUS_WAIT_63                                                            NTStatus      = 0x0000003F
+	STATUS_ABANDONED                                                          NTStatus      = 0x00000080
+	STATUS_ABANDONED_WAIT_0                                                   NTStatus      = 0x00000080
+	STATUS_ABANDONED_WAIT_63                                                  NTStatus      = 0x000000BF
+	STATUS_USER_APC                                                           NTStatus      = 0x000000C0
+	STATUS_ALREADY_COMPLETE                                                   NTStatus      = 0x000000FF
+	STATUS_KERNEL_APC                                                         NTStatus      = 0x00000100
+	STATUS_ALERTED                                                            NTStatus      = 0x00000101
+	STATUS_TIMEOUT                                                            NTStatus      = 0x00000102
+	STATUS_PENDING                                                            NTStatus      = 0x00000103
+	STATUS_REPARSE                                                            NTStatus      = 0x00000104
+	STATUS_MORE_ENTRIES                                                       NTStatus      = 0x00000105
+	STATUS_NOT_ALL_ASSIGNED                                                   NTStatus      = 0x00000106
+	STATUS_SOME_NOT_MAPPED                                                    NTStatus      = 0x00000107
+	STATUS_OPLOCK_BREAK_IN_PROGRESS                                           NTStatus      = 0x00000108
+	STATUS_VOLUME_MOUNTED                                                     NTStatus      = 0x00000109
+	STATUS_RXACT_COMMITTED                                                    NTStatus      = 0x0000010A
+	STATUS_NOTIFY_CLEANUP                                                     NTStatus      = 0x0000010B
+	STATUS_NOTIFY_ENUM_DIR                                                    NTStatus      = 0x0000010C
+	STATUS_NO_QUOTAS_FOR_ACCOUNT                                              NTStatus      = 0x0000010D
+	STATUS_PRIMARY_TRANSPORT_CONNECT_FAILED                                   NTStatus      = 0x0000010E
+	STATUS_PAGE_FAULT_TRANSITION                                              NTStatus      = 0x00000110
+	STATUS_PAGE_FAULT_DEMAND_ZERO                                             NTStatus      = 0x00000111
+	STATUS_PAGE_FAULT_COPY_ON_WRITE                                           NTStatus      = 0x00000112
+	STATUS_PAGE_FAULT_GUARD_PAGE                                              NTStatus      = 0x00000113
+	STATUS_PAGE_FAULT_PAGING_FILE                                             NTStatus      = 0x00000114
+	STATUS_CACHE_PAGE_LOCKED                                                  NTStatus      = 0x00000115
+	STATUS_CRASH_DUMP                                                         NTStatus      = 0x00000116
+	STATUS_BUFFER_ALL_ZEROS                                                   NTStatus      = 0x00000117
+	STATUS_REPARSE_OBJECT                                                     NTStatus      = 0x00000118
+	STATUS_RESOURCE_REQUIREMENTS_CHANGED                                      NTStatus      = 0x00000119
+	STATUS_TRANSLATION_COMPLETE                                               NTStatus      = 0x00000120
+	STATUS_DS_MEMBERSHIP_EVALUATED_LOCALLY                                    NTStatus      = 0x00000121
+	STATUS_NOTHING_TO_TERMINATE                                               NTStatus      = 0x00000122
+	STATUS_PROCESS_NOT_IN_JOB                                                 NTStatus      = 0x00000123
+	STATUS_PROCESS_IN_JOB                                                     NTStatus      = 0x00000124
+	STATUS_VOLSNAP_HIBERNATE_READY                                            NTStatus      = 0x00000125
+	STATUS_FSFILTER_OP_COMPLETED_SUCCESSFULLY                                 NTStatus      = 0x00000126
+	STATUS_INTERRUPT_VECTOR_ALREADY_CONNECTED                                 NTStatus      = 0x00000127
+	STATUS_INTERRUPT_STILL_CONNECTED                                          NTStatus      = 0x00000128
+	STATUS_PROCESS_CLONED                                                     NTStatus      = 0x00000129
+	STATUS_FILE_LOCKED_WITH_ONLY_READERS                                      NTStatus      = 0x0000012A
+	STATUS_FILE_LOCKED_WITH_WRITERS                                           NTStatus      = 0x0000012B
+	STATUS_VALID_IMAGE_HASH                                                   NTStatus      = 0x0000012C
+	STATUS_VALID_CATALOG_HASH                                                 NTStatus      = 0x0000012D
+	STATUS_VALID_STRONG_CODE_HASH                                             NTStatus      = 0x0000012E
+	STATUS_GHOSTED                                                            NTStatus      = 0x0000012F
+	STATUS_DATA_OVERWRITTEN                                                   NTStatus      = 0x00000130
+	STATUS_RESOURCEMANAGER_READ_ONLY                                          NTStatus      = 0x00000202
+	STATUS_RING_PREVIOUSLY_EMPTY                                              NTStatus      = 0x00000210
+	STATUS_RING_PREVIOUSLY_FULL                                               NTStatus      = 0x00000211
+	STATUS_RING_PREVIOUSLY_ABOVE_QUOTA                                        NTStatus      = 0x00000212
+	STATUS_RING_NEWLY_EMPTY                                                   NTStatus      = 0x00000213
+	STATUS_RING_SIGNAL_OPPOSITE_ENDPOINT                                      NTStatus      = 0x00000214
+	STATUS_OPLOCK_SWITCHED_TO_NEW_HANDLE                                      NTStatus      = 0x00000215
+	STATUS_OPLOCK_HANDLE_CLOSED                                               NTStatus      = 0x00000216
+	STATUS_WAIT_FOR_OPLOCK                                                    NTStatus      = 0x00000367
+	STATUS_REPARSE_GLOBAL                                                     NTStatus      = 0x00000368
+	STATUS_FLT_IO_COMPLETE                                                    NTStatus      = 0x001C0001
+	STATUS_OBJECT_NAME_EXISTS                                                 NTStatus      = 0x40000000
+	STATUS_THREAD_WAS_SUSPENDED                                               NTStatus      = 0x40000001
+	STATUS_WORKING_SET_LIMIT_RANGE                                            NTStatus      = 0x40000002
+	STATUS_IMAGE_NOT_AT_BASE                                                  NTStatus      = 0x40000003
+	STATUS_RXACT_STATE_CREATED                                                NTStatus      = 0x40000004
+	STATUS_SEGMENT_NOTIFICATION                                               NTStatus      = 0x40000005
+	STATUS_LOCAL_USER_SESSION_KEY                                             NTStatus      = 0x40000006
+	STATUS_BAD_CURRENT_DIRECTORY                                              NTStatus      = 0x40000007
+	STATUS_SERIAL_MORE_WRITES                                                 NTStatus      = 0x40000008
+	STATUS_REGISTRY_RECOVERED                                                 NTStatus      = 0x40000009
+	STATUS_FT_READ_RECOVERY_FROM_BACKUP                                       NTStatus      = 0x4000000A
+	STATUS_FT_WRITE_RECOVERY                                                  NTStatus      = 0x4000000B
+	STATUS_SERIAL_COUNTER_TIMEOUT                                             NTStatus      = 0x4000000C
+	STATUS_NULL_LM_PASSWORD                                                   NTStatus      = 0x4000000D
+	STATUS_IMAGE_MACHINE_TYPE_MISMATCH                                        NTStatus      = 0x4000000E
+	STATUS_RECEIVE_PARTIAL                                                    NTStatus      = 0x4000000F
+	STATUS_RECEIVE_EXPEDITED                                                  NTStatus      = 0x40000010
+	STATUS_RECEIVE_PARTIAL_EXPEDITED                                          NTStatus      = 0x40000011
+	STATUS_EVENT_DONE                                                         NTStatus      = 0x40000012
+	STATUS_EVENT_PENDING                                                      NTStatus      = 0x40000013
+	STATUS_CHECKING_FILE_SYSTEM                                               NTStatus      = 0x40000014
+	STATUS_FATAL_APP_EXIT                                                     NTStatus      = 0x40000015
+	STATUS_PREDEFINED_HANDLE                                                  NTStatus      = 0x40000016
+	STATUS_WAS_UNLOCKED                                                       NTStatus      = 0x40000017
+	STATUS_SERVICE_NOTIFICATION                                               NTStatus      = 0x40000018
+	STATUS_WAS_LOCKED                                                         NTStatus      = 0x40000019
+	STATUS_LOG_HARD_ERROR                                                     NTStatus      = 0x4000001A
+	STATUS_ALREADY_WIN32                                                      NTStatus      = 0x4000001B
+	STATUS_WX86_UNSIMULATE                                                    NTStatus      = 0x4000001C
+	STATUS_WX86_CONTINUE                                                      NTStatus      = 0x4000001D
+	STATUS_WX86_SINGLE_STEP                                                   NTStatus      = 0x4000001E
+	STATUS_WX86_BREAKPOINT                                                    NTStatus      = 0x4000001F
+	STATUS_WX86_EXCEPTION_CONTINUE                                            NTStatus      = 0x40000020
+	STATUS_WX86_EXCEPTION_LASTCHANCE                                          NTStatus      = 0x40000021
+	STATUS_WX86_EXCEPTION_CHAIN                                               NTStatus      = 0x40000022
+	STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE                                    NTStatus      = 0x40000023
+	STATUS_NO_YIELD_PERFORMED                                                 NTStatus      = 0x40000024
+	STATUS_TIMER_RESUME_IGNORED                                               NTStatus      = 0x40000025
+	STATUS_ARBITRATION_UNHANDLED                                              NTStatus      = 0x40000026
+	STATUS_CARDBUS_NOT_SUPPORTED                                              NTStatus      = 0x40000027
+	STATUS_WX86_CREATEWX86TIB                                                 NTStatus      = 0x40000028
+	STATUS_MP_PROCESSOR_MISMATCH                                              NTStatus      = 0x40000029
+	STATUS_HIBERNATED                                                         NTStatus      = 0x4000002A
+	STATUS_RESUME_HIBERNATION                                                 NTStatus      = 0x4000002B
+	STATUS_FIRMWARE_UPDATED                                                   NTStatus      = 0x4000002C
+	STATUS_DRIVERS_LEAKING_LOCKED_PAGES                                       NTStatus      = 0x4000002D
+	STATUS_MESSAGE_RETRIEVED                                                  NTStatus      = 0x4000002E
+	STATUS_SYSTEM_POWERSTATE_TRANSITION                                       NTStatus      = 0x4000002F
+	STATUS_ALPC_CHECK_COMPLETION_LIST                                         NTStatus      = 0x40000030
+	STATUS_SYSTEM_POWERSTATE_COMPLEX_TRANSITION                               NTStatus      = 0x40000031
+	STATUS_ACCESS_AUDIT_BY_POLICY                                             NTStatus      = 0x40000032
+	STATUS_ABANDON_HIBERFILE                                                  NTStatus      = 0x40000033
+	STATUS_BIZRULES_NOT_ENABLED                                               NTStatus      = 0x40000034
+	STATUS_FT_READ_FROM_COPY                                                  NTStatus      = 0x40000035
+	STATUS_IMAGE_AT_DIFFERENT_BASE                                            NTStatus      = 0x40000036
+	STATUS_PATCH_DEFERRED                                                     NTStatus      = 0x40000037
+	STATUS_HEURISTIC_DAMAGE_POSSIBLE                                          NTStatus      = 0x40190001
+	STATUS_GUARD_PAGE_VIOLATION                                               NTStatus      = 0x80000001
+	STATUS_DATATYPE_MISALIGNMENT                                              NTStatus      = 0x80000002
+	STATUS_BREAKPOINT                                                         NTStatus      = 0x80000003
+	STATUS_SINGLE_STEP                                                        NTStatus      = 0x80000004
+	STATUS_BUFFER_OVERFLOW                                                    NTStatus      = 0x80000005
+	STATUS_NO_MORE_FILES                                                      NTStatus      = 0x80000006
+	STATUS_WAKE_SYSTEM_DEBUGGER                                               NTStatus      = 0x80000007
+	STATUS_HANDLES_CLOSED                                                     NTStatus      = 0x8000000A
+	STATUS_NO_INHERITANCE                                                     NTStatus      = 0x8000000B
+	STATUS_GUID_SUBSTITUTION_MADE                                             NTStatus      = 0x8000000C
+	STATUS_PARTIAL_COPY                                                       NTStatus      = 0x8000000D
+	STATUS_DEVICE_PAPER_EMPTY                                                 NTStatus      = 0x8000000E
+	STATUS_DEVICE_POWERED_OFF                                                 NTStatus      = 0x8000000F
+	STATUS_DEVICE_OFF_LINE                                                    NTStatus      = 0x80000010
+	STATUS_DEVICE_BUSY                                                        NTStatus      = 0x80000011
+	STATUS_NO_MORE_EAS                                                        NTStatus      = 0x80000012
+	STATUS_INVALID_EA_NAME                                                    NTStatus      = 0x80000013
+	STATUS_EA_LIST_INCONSISTENT                                               NTStatus      = 0x80000014
+	STATUS_INVALID_EA_FLAG                                                    NTStatus      = 0x80000015
+	STATUS_VERIFY_REQUIRED                                                    NTStatus      = 0x80000016
+	STATUS_EXTRANEOUS_INFORMATION                                             NTStatus      = 0x80000017
+	STATUS_RXACT_COMMIT_NECESSARY                                             NTStatus      = 0x80000018
+	STATUS_NO_MORE_ENTRIES                                                    NTStatus      = 0x8000001A
+	STATUS_FILEMARK_DETECTED                                                  NTStatus      = 0x8000001B
+	STATUS_MEDIA_CHANGED                                                      NTStatus      = 0x8000001C
+	STATUS_BUS_RESET                                                          NTStatus      = 0x8000001D
+	STATUS_END_OF_MEDIA                                                       NTStatus      = 0x8000001E
+	STATUS_BEGINNING_OF_MEDIA                                                 NTStatus      = 0x8000001F
+	STATUS_MEDIA_CHECK                                                        NTStatus      = 0x80000020
+	STATUS_SETMARK_DETECTED                                                   NTStatus      = 0x80000021
+	STATUS_NO_DATA_DETECTED                                                   NTStatus      = 0x80000022
+	STATUS_REDIRECTOR_HAS_OPEN_HANDLES                                        NTStatus      = 0x80000023
+	STATUS_SERVER_HAS_OPEN_HANDLES                                            NTStatus      = 0x80000024
+	STATUS_ALREADY_DISCONNECTED                                               NTStatus      = 0x80000025
+	STATUS_LONGJUMP                                                           NTStatus      = 0x80000026
+	STATUS_CLEANER_CARTRIDGE_INSTALLED                                        NTStatus      = 0x80000027
+	STATUS_PLUGPLAY_QUERY_VETOED                                              NTStatus      = 0x80000028
+	STATUS_UNWIND_CONSOLIDATE                                                 NTStatus      = 0x80000029
+	STATUS_REGISTRY_HIVE_RECOVERED                                            NTStatus      = 0x8000002A
+	STATUS_DLL_MIGHT_BE_INSECURE                                              NTStatus      = 0x8000002B
+	STATUS_DLL_MIGHT_BE_INCOMPATIBLE                                          NTStatus      = 0x8000002C
+	STATUS_STOPPED_ON_SYMLINK                                                 NTStatus      = 0x8000002D
+	STATUS_CANNOT_GRANT_REQUESTED_OPLOCK                                      NTStatus      = 0x8000002E
+	STATUS_NO_ACE_CONDITION                                                   NTStatus      = 0x8000002F
+	STATUS_DEVICE_SUPPORT_IN_PROGRESS                                         NTStatus      = 0x80000030
+	STATUS_DEVICE_POWER_CYCLE_REQUIRED                                        NTStatus      = 0x80000031
+	STATUS_NO_WORK_DONE                                                       NTStatus      = 0x80000032
+	STATUS_CLUSTER_NODE_ALREADY_UP                                            NTStatus      = 0x80130001
+	STATUS_CLUSTER_NODE_ALREADY_DOWN                                          NTStatus      = 0x80130002
+	STATUS_CLUSTER_NETWORK_ALREADY_ONLINE                                     NTStatus      = 0x80130003
+	STATUS_CLUSTER_NETWORK_ALREADY_OFFLINE                                    NTStatus      = 0x80130004
+	STATUS_CLUSTER_NODE_ALREADY_MEMBER                                        NTStatus      = 0x80130005
+	STATUS_FLT_BUFFER_TOO_SMALL                                               NTStatus      = 0x801C0001
+	STATUS_FVE_PARTIAL_METADATA                                               NTStatus      = 0x80210001
+	STATUS_FVE_TRANSIENT_STATE                                                NTStatus      = 0x80210002
+	STATUS_CLOUD_FILE_PROPERTY_BLOB_CHECKSUM_MISMATCH                         NTStatus      = 0x8000CF00
+	STATUS_UNSUCCESSFUL                                                       NTStatus      = 0xC0000001
+	STATUS_NOT_IMPLEMENTED                                                    NTStatus      = 0xC0000002
+	STATUS_INVALID_INFO_CLASS                                                 NTStatus      = 0xC0000003
+	STATUS_INFO_LENGTH_MISMATCH                                               NTStatus      = 0xC0000004
+	STATUS_ACCESS_VIOLATION                                                   NTStatus      = 0xC0000005
+	STATUS_IN_PAGE_ERROR                                                      NTStatus      = 0xC0000006
+	STATUS_PAGEFILE_QUOTA                                                     NTStatus      = 0xC0000007
+	STATUS_INVALID_HANDLE                                                     NTStatus      = 0xC0000008
+	STATUS_BAD_INITIAL_STACK                                                  NTStatus      = 0xC0000009
+	STATUS_BAD_INITIAL_PC                                                     NTStatus      = 0xC000000A
+	STATUS_INVALID_CID                                                        NTStatus      = 0xC000000B
+	STATUS_TIMER_NOT_CANCELED                                                 NTStatus      = 0xC000000C
+	STATUS_INVALID_PARAMETER                                                  NTStatus      = 0xC000000D
+	STATUS_NO_SUCH_DEVICE                                                     NTStatus      = 0xC000000E
+	STATUS_NO_SUCH_FILE                                                       NTStatus      = 0xC000000F
+	STATUS_INVALID_DEVICE_REQUEST                                             NTStatus      = 0xC0000010
+	STATUS_END_OF_FILE                                                        NTStatus      = 0xC0000011
+	STATUS_WRONG_VOLUME                                                       NTStatus      = 0xC0000012
+	STATUS_NO_MEDIA_IN_DEVICE                                                 NTStatus      = 0xC0000013
+	STATUS_UNRECOGNIZED_MEDIA                                                 NTStatus      = 0xC0000014
+	STATUS_NONEXISTENT_SECTOR                                                 NTStatus      = 0xC0000015
+	STATUS_MORE_PROCESSING_REQUIRED                                           NTStatus      = 0xC0000016
+	STATUS_NO_MEMORY                                                          NTStatus      = 0xC0000017
+	STATUS_CONFLICTING_ADDRESSES                                              NTStatus      = 0xC0000018
+	STATUS_NOT_MAPPED_VIEW                                                    NTStatus      = 0xC0000019
+	STATUS_UNABLE_TO_FREE_VM                                                  NTStatus      = 0xC000001A
+	STATUS_UNABLE_TO_DELETE_SECTION                                           NTStatus      = 0xC000001B
+	STATUS_INVALID_SYSTEM_SERVICE                                             NTStatus      = 0xC000001C
+	STATUS_ILLEGAL_INSTRUCTION                                                NTStatus      = 0xC000001D
+	STATUS_INVALID_LOCK_SEQUENCE                                              NTStatus      = 0xC000001E
+	STATUS_INVALID_VIEW_SIZE                                                  NTStatus      = 0xC000001F
+	STATUS_INVALID_FILE_FOR_SECTION                                           NTStatus      = 0xC0000020
+	STATUS_ALREADY_COMMITTED                                                  NTStatus      = 0xC0000021
+	STATUS_ACCESS_DENIED                                                      NTStatus      = 0xC0000022
+	STATUS_BUFFER_TOO_SMALL                                                   NTStatus      = 0xC0000023
+	STATUS_OBJECT_TYPE_MISMATCH                                               NTStatus      = 0xC0000024
+	STATUS_NONCONTINUABLE_EXCEPTION                                           NTStatus      = 0xC0000025
+	STATUS_INVALID_DISPOSITION                                                NTStatus      = 0xC0000026
+	STATUS_UNWIND                                                             NTStatus      = 0xC0000027
+	STATUS_BAD_STACK                                                          NTStatus      = 0xC0000028
+	STATUS_INVALID_UNWIND_TARGET                                              NTStatus      = 0xC0000029
+	STATUS_NOT_LOCKED                                                         NTStatus      = 0xC000002A
+	STATUS_PARITY_ERROR                                                       NTStatus      = 0xC000002B
+	STATUS_UNABLE_TO_DECOMMIT_VM                                              NTStatus      = 0xC000002C
+	STATUS_NOT_COMMITTED                                                      NTStatus      = 0xC000002D
+	STATUS_INVALID_PORT_ATTRIBUTES                                            NTStatus      = 0xC000002E
+	STATUS_PORT_MESSAGE_TOO_LONG                                              NTStatus      = 0xC000002F
+	STATUS_INVALID_PARAMETER_MIX                                              NTStatus      = 0xC0000030
+	STATUS_INVALID_QUOTA_LOWER                                                NTStatus      = 0xC0000031
+	STATUS_DISK_CORRUPT_ERROR                                                 NTStatus      = 0xC0000032
+	STATUS_OBJECT_NAME_INVALID                                                NTStatus      = 0xC0000033
+	STATUS_OBJECT_NAME_NOT_FOUND                                              NTStatus      = 0xC0000034
+	STATUS_OBJECT_NAME_COLLISION                                              NTStatus      = 0xC0000035
+	STATUS_PORT_DO_NOT_DISTURB                                                NTStatus      = 0xC0000036
+	STATUS_PORT_DISCONNECTED                                                  NTStatus      = 0xC0000037
+	STATUS_DEVICE_ALREADY_ATTACHED                                            NTStatus      = 0xC0000038
+	STATUS_OBJECT_PATH_INVALID                                                NTStatus      = 0xC0000039
+	STATUS_OBJECT_PATH_NOT_FOUND                                              NTStatus      = 0xC000003A
+	STATUS_OBJECT_PATH_SYNTAX_BAD                                             NTStatus      = 0xC000003B
+	STATUS_DATA_OVERRUN                                                       NTStatus      = 0xC000003C
+	STATUS_DATA_LATE_ERROR                                                    NTStatus      = 0xC000003D
+	STATUS_DATA_ERROR                                                         NTStatus      = 0xC000003E
+	STATUS_CRC_ERROR                                                          NTStatus      = 0xC000003F
+	STATUS_SECTION_TOO_BIG                                                    NTStatus      = 0xC0000040
+	STATUS_PORT_CONNECTION_REFUSED                                            NTStatus      = 0xC0000041
+	STATUS_INVALID_PORT_HANDLE                                                NTStatus      = 0xC0000042
+	STATUS_SHARING_VIOLATION                                                  NTStatus      = 0xC0000043
+	STATUS_QUOTA_EXCEEDED                                                     NTStatus      = 0xC0000044
+	STATUS_INVALID_PAGE_PROTECTION                                            NTStatus      = 0xC0000045
+	STATUS_MUTANT_NOT_OWNED                                                   NTStatus      = 0xC0000046
+	STATUS_SEMAPHORE_LIMIT_EXCEEDED                                           NTStatus      = 0xC0000047
+	STATUS_PORT_ALREADY_SET                                                   NTStatus      = 0xC0000048
+	STATUS_SECTION_NOT_IMAGE                                                  NTStatus      = 0xC0000049
+	STATUS_SUSPEND_COUNT_EXCEEDED                                             NTStatus      = 0xC000004A
+	STATUS_THREAD_IS_TERMINATING                                              NTStatus      = 0xC000004B
+	STATUS_BAD_WORKING_SET_LIMIT                                              NTStatus      = 0xC000004C
+	STATUS_INCOMPATIBLE_FILE_MAP                                              NTStatus      = 0xC000004D
+	STATUS_SECTION_PROTECTION                                                 NTStatus      = 0xC000004E
+	STATUS_EAS_NOT_SUPPORTED                                                  NTStatus      = 0xC000004F
+	STATUS_EA_TOO_LARGE                                                       NTStatus      = 0xC0000050
+	STATUS_NONEXISTENT_EA_ENTRY                                               NTStatus      = 0xC0000051
+	STATUS_NO_EAS_ON_FILE                                                     NTStatus      = 0xC0000052
+	STATUS_EA_CORRUPT_ERROR                                                   NTStatus      = 0xC0000053
+	STATUS_FILE_LOCK_CONFLICT                                                 NTStatus      = 0xC0000054
+	STATUS_LOCK_NOT_GRANTED                                                   NTStatus      = 0xC0000055
+	STATUS_DELETE_PENDING                                                     NTStatus      = 0xC0000056
+	STATUS_CTL_FILE_NOT_SUPPORTED                                             NTStatus      = 0xC0000057
+	STATUS_UNKNOWN_REVISION                                                   NTStatus      = 0xC0000058
+	STATUS_REVISION_MISMATCH                                                  NTStatus      = 0xC0000059
+	STATUS_INVALID_OWNER                                                      NTStatus      = 0xC000005A
+	STATUS_INVALID_PRIMARY_GROUP                                              NTStatus      = 0xC000005B
+	STATUS_NO_IMPERSONATION_TOKEN                                             NTStatus      = 0xC000005C
+	STATUS_CANT_DISABLE_MANDATORY                                             NTStatus      = 0xC000005D
+	STATUS_NO_LOGON_SERVERS                                                   NTStatus      = 0xC000005E
+	STATUS_NO_SUCH_LOGON_SESSION                                              NTStatus      = 0xC000005F
+	STATUS_NO_SUCH_PRIVILEGE                                                  NTStatus      = 0xC0000060
+	STATUS_PRIVILEGE_NOT_HELD                                                 NTStatus      = 0xC0000061
+	STATUS_INVALID_ACCOUNT_NAME                                               NTStatus      = 0xC0000062
+	STATUS_USER_EXISTS                                                        NTStatus      = 0xC0000063
+	STATUS_NO_SUCH_USER                                                       NTStatus      = 0xC0000064
+	STATUS_GROUP_EXISTS                                                       NTStatus      = 0xC0000065
+	STATUS_NO_SUCH_GROUP                                                      NTStatus      = 0xC0000066
+	STATUS_MEMBER_IN_GROUP                                                    NTStatus      = 0xC0000067
+	STATUS_MEMBER_NOT_IN_GROUP                                                NTStatus      = 0xC0000068
+	STATUS_LAST_ADMIN                                                         NTStatus      = 0xC0000069
+	STATUS_WRONG_PASSWORD                                                     NTStatus      = 0xC000006A
+	STATUS_ILL_FORMED_PASSWORD                                                NTStatus      = 0xC000006B
+	STATUS_PASSWORD_RESTRICTION                                               NTStatus      = 0xC000006C
+	STATUS_LOGON_FAILURE                                                      NTStatus      = 0xC000006D
+	STATUS_ACCOUNT_RESTRICTION                                                NTStatus      = 0xC000006E
+	STATUS_INVALID_LOGON_HOURS                                                NTStatus      = 0xC000006F
+	STATUS_INVALID_WORKSTATION                                                NTStatus      = 0xC0000070
+	STATUS_PASSWORD_EXPIRED                                                   NTStatus      = 0xC0000071
+	STATUS_ACCOUNT_DISABLED                                                   NTStatus      = 0xC0000072
+	STATUS_NONE_MAPPED                                                        NTStatus      = 0xC0000073
+	STATUS_TOO_MANY_LUIDS_REQUESTED                                           NTStatus      = 0xC0000074
+	STATUS_LUIDS_EXHAUSTED                                                    NTStatus      = 0xC0000075
+	STATUS_INVALID_SUB_AUTHORITY                                              NTStatus      = 0xC0000076
+	STATUS_INVALID_ACL                                                        NTStatus      = 0xC0000077
+	STATUS_INVALID_SID                                                        NTStatus      = 0xC0000078
+	STATUS_INVALID_SECURITY_DESCR                                             NTStatus      = 0xC0000079
+	STATUS_PROCEDURE_NOT_FOUND                                                NTStatus      = 0xC000007A
+	STATUS_INVALID_IMAGE_FORMAT                                               NTStatus      = 0xC000007B
+	STATUS_NO_TOKEN                                                           NTStatus      = 0xC000007C
+	STATUS_BAD_INHERITANCE_ACL                                                NTStatus      = 0xC000007D
+	STATUS_RANGE_NOT_LOCKED                                                   NTStatus      = 0xC000007E
+	STATUS_DISK_FULL                                                          NTStatus      = 0xC000007F
+	STATUS_SERVER_DISABLED                                                    NTStatus      = 0xC0000080
+	STATUS_SERVER_NOT_DISABLED                                                NTStatus      = 0xC0000081
+	STATUS_TOO_MANY_GUIDS_REQUESTED                                           NTStatus      = 0xC0000082
+	STATUS_GUIDS_EXHAUSTED                                                    NTStatus      = 0xC0000083
+	STATUS_INVALID_ID_AUTHORITY                                               NTStatus      = 0xC0000084
+	STATUS_AGENTS_EXHAUSTED                                                   NTStatus      = 0xC0000085
+	STATUS_INVALID_VOLUME_LABEL                                               NTStatus      = 0xC0000086
+	STATUS_SECTION_NOT_EXTENDED                                               NTStatus      = 0xC0000087
+	STATUS_NOT_MAPPED_DATA                                                    NTStatus      = 0xC0000088
+	STATUS_RESOURCE_DATA_NOT_FOUND                                            NTStatus      = 0xC0000089
+	STATUS_RESOURCE_TYPE_NOT_FOUND                                            NTStatus      = 0xC000008A
+	STATUS_RESOURCE_NAME_NOT_FOUND                                            NTStatus      = 0xC000008B
+	STATUS_ARRAY_BOUNDS_EXCEEDED                                              NTStatus      = 0xC000008C
+	STATUS_FLOAT_DENORMAL_OPERAND                                             NTStatus      = 0xC000008D
+	STATUS_FLOAT_DIVIDE_BY_ZERO                                               NTStatus      = 0xC000008E
+	STATUS_FLOAT_INEXACT_RESULT                                               NTStatus      = 0xC000008F
+	STATUS_FLOAT_INVALID_OPERATION                                            NTStatus      = 0xC0000090
+	STATUS_FLOAT_OVERFLOW                                                     NTStatus      = 0xC0000091
+	STATUS_FLOAT_STACK_CHECK                                                  NTStatus      = 0xC0000092
+	STATUS_FLOAT_UNDERFLOW                                                    NTStatus      = 0xC0000093
+	STATUS_INTEGER_DIVIDE_BY_ZERO                                             NTStatus      = 0xC0000094
+	STATUS_INTEGER_OVERFLOW                                                   NTStatus      = 0xC0000095
+	STATUS_PRIVILEGED_INSTRUCTION                                             NTStatus      = 0xC0000096
+	STATUS_TOO_MANY_PAGING_FILES                                              NTStatus      = 0xC0000097
+	STATUS_FILE_INVALID                                                       NTStatus      = 0xC0000098
+	STATUS_ALLOTTED_SPACE_EXCEEDED                                            NTStatus      = 0xC0000099
+	STATUS_INSUFFICIENT_RESOURCES                                             NTStatus      = 0xC000009A
+	STATUS_DFS_EXIT_PATH_FOUND                                                NTStatus      = 0xC000009B
+	STATUS_DEVICE_DATA_ERROR                                                  NTStatus      = 0xC000009C
+	STATUS_DEVICE_NOT_CONNECTED                                               NTStatus      = 0xC000009D
+	STATUS_DEVICE_POWER_FAILURE                                               NTStatus      = 0xC000009E
+	STATUS_FREE_VM_NOT_AT_BASE                                                NTStatus      = 0xC000009F
+	STATUS_MEMORY_NOT_ALLOCATED                                               NTStatus      = 0xC00000A0
+	STATUS_WORKING_SET_QUOTA                                                  NTStatus      = 0xC00000A1
+	STATUS_MEDIA_WRITE_PROTECTED                                              NTStatus      = 0xC00000A2
+	STATUS_DEVICE_NOT_READY                                                   NTStatus      = 0xC00000A3
+	STATUS_INVALID_GROUP_ATTRIBUTES                                           NTStatus      = 0xC00000A4
+	STATUS_BAD_IMPERSONATION_LEVEL                                            NTStatus      = 0xC00000A5
+	STATUS_CANT_OPEN_ANONYMOUS                                                NTStatus      = 0xC00000A6
+	STATUS_BAD_VALIDATION_CLASS                                               NTStatus      = 0xC00000A7
+	STATUS_BAD_TOKEN_TYPE                                                     NTStatus      = 0xC00000A8
+	STATUS_BAD_MASTER_BOOT_RECORD                                             NTStatus      = 0xC00000A9
+	STATUS_INSTRUCTION_MISALIGNMENT                                           NTStatus      = 0xC00000AA
+	STATUS_INSTANCE_NOT_AVAILABLE                                             NTStatus      = 0xC00000AB
+	STATUS_PIPE_NOT_AVAILABLE                                                 NTStatus      = 0xC00000AC
+	STATUS_INVALID_PIPE_STATE                                                 NTStatus      = 0xC00000AD
+	STATUS_PIPE_BUSY                                                          NTStatus      = 0xC00000AE
+	STATUS_ILLEGAL_FUNCTION                                                   NTStatus      = 0xC00000AF
+	STATUS_PIPE_DISCONNECTED                                                  NTStatus      = 0xC00000B0
+	STATUS_PIPE_CLOSING                                                       NTStatus      = 0xC00000B1
+	STATUS_PIPE_CONNECTED                                                     NTStatus      = 0xC00000B2
+	STATUS_PIPE_LISTENING                                                     NTStatus      = 0xC00000B3
+	STATUS_INVALID_READ_MODE                                                  NTStatus      = 0xC00000B4
+	STATUS_IO_TIMEOUT                                                         NTStatus      = 0xC00000B5
+	STATUS_FILE_FORCED_CLOSED                                                 NTStatus      = 0xC00000B6
+	STATUS_PROFILING_NOT_STARTED                                              NTStatus      = 0xC00000B7
+	STATUS_PROFILING_NOT_STOPPED                                              NTStatus      = 0xC00000B8
+	STATUS_COULD_NOT_INTERPRET                                                NTStatus      = 0xC00000B9
+	STATUS_FILE_IS_A_DIRECTORY                                                NTStatus      = 0xC00000BA
+	STATUS_NOT_SUPPORTED                                                      NTStatus      = 0xC00000BB
+	STATUS_REMOTE_NOT_LISTENING                                               NTStatus      = 0xC00000BC
+	STATUS_DUPLICATE_NAME                                                     NTStatus      = 0xC00000BD
+	STATUS_BAD_NETWORK_PATH                                                   NTStatus      = 0xC00000BE
+	STATUS_NETWORK_BUSY                                                       NTStatus      = 0xC00000BF
+	STATUS_DEVICE_DOES_NOT_EXIST                                              NTStatus      = 0xC00000C0
+	STATUS_TOO_MANY_COMMANDS                                                  NTStatus      = 0xC00000C1
+	STATUS_ADAPTER_HARDWARE_ERROR                                             NTStatus      = 0xC00000C2
+	STATUS_INVALID_NETWORK_RESPONSE                                           NTStatus      = 0xC00000C3
+	STATUS_UNEXPECTED_NETWORK_ERROR                                           NTStatus      = 0xC00000C4
+	STATUS_BAD_REMOTE_ADAPTER                                                 NTStatus      = 0xC00000C5
+	STATUS_PRINT_QUEUE_FULL                                                   NTStatus      = 0xC00000C6
+	STATUS_NO_SPOOL_SPACE                                                     NTStatus      = 0xC00000C7
+	STATUS_PRINT_CANCELLED                                                    NTStatus      = 0xC00000C8
+	STATUS_NETWORK_NAME_DELETED                                               NTStatus      = 0xC00000C9
+	STATUS_NETWORK_ACCESS_DENIED                                              NTStatus      = 0xC00000CA
+	STATUS_BAD_DEVICE_TYPE                                                    NTStatus      = 0xC00000CB
+	STATUS_BAD_NETWORK_NAME                                                   NTStatus      = 0xC00000CC
+	STATUS_TOO_MANY_NAMES                                                     NTStatus      = 0xC00000CD
+	STATUS_TOO_MANY_SESSIONS                                                  NTStatus      = 0xC00000CE
+	STATUS_SHARING_PAUSED                                                     NTStatus      = 0xC00000CF
+	STATUS_REQUEST_NOT_ACCEPTED                                               NTStatus      = 0xC00000D0
+	STATUS_REDIRECTOR_PAUSED                                                  NTStatus      = 0xC00000D1
+	STATUS_NET_WRITE_FAULT                                                    NTStatus      = 0xC00000D2
+	STATUS_PROFILING_AT_LIMIT                                                 NTStatus      = 0xC00000D3
+	STATUS_NOT_SAME_DEVICE                                                    NTStatus      = 0xC00000D4
+	STATUS_FILE_RENAMED                                                       NTStatus      = 0xC00000D5
+	STATUS_VIRTUAL_CIRCUIT_CLOSED                                             NTStatus      = 0xC00000D6
+	STATUS_NO_SECURITY_ON_OBJECT                                              NTStatus      = 0xC00000D7
+	STATUS_CANT_WAIT                                                          NTStatus      = 0xC00000D8
+	STATUS_PIPE_EMPTY                                                         NTStatus      = 0xC00000D9
+	STATUS_CANT_ACCESS_DOMAIN_INFO                                            NTStatus      = 0xC00000DA
+	STATUS_CANT_TERMINATE_SELF                                                NTStatus      = 0xC00000DB
+	STATUS_INVALID_SERVER_STATE                                               NTStatus      = 0xC00000DC
+	STATUS_INVALID_DOMAIN_STATE                                               NTStatus      = 0xC00000DD
+	STATUS_INVALID_DOMAIN_ROLE                                                NTStatus      = 0xC00000DE
+	STATUS_NO_SUCH_DOMAIN                                                     NTStatus      = 0xC00000DF
+	STATUS_DOMAIN_EXISTS                                                      NTStatus      = 0xC00000E0
+	STATUS_DOMAIN_LIMIT_EXCEEDED                                              NTStatus      = 0xC00000E1
+	STATUS_OPLOCK_NOT_GRANTED                                                 NTStatus      = 0xC00000E2
+	STATUS_INVALID_OPLOCK_PROTOCOL                                            NTStatus      = 0xC00000E3
+	STATUS_INTERNAL_DB_CORRUPTION                                             NTStatus      = 0xC00000E4
+	STATUS_INTERNAL_ERROR                                                     NTStatus      = 0xC00000E5
+	STATUS_GENERIC_NOT_MAPPED                                                 NTStatus      = 0xC00000E6
+	STATUS_BAD_DESCRIPTOR_FORMAT                                              NTStatus      = 0xC00000E7
+	STATUS_INVALID_USER_BUFFER                                                NTStatus      = 0xC00000E8
+	STATUS_UNEXPECTED_IO_ERROR                                                NTStatus      = 0xC00000E9
+	STATUS_UNEXPECTED_MM_CREATE_ERR                                           NTStatus      = 0xC00000EA
+	STATUS_UNEXPECTED_MM_MAP_ERROR                                            NTStatus      = 0xC00000EB
+	STATUS_UNEXPECTED_MM_EXTEND_ERR                                           NTStatus      = 0xC00000EC
+	STATUS_NOT_LOGON_PROCESS                                                  NTStatus      = 0xC00000ED
+	STATUS_LOGON_SESSION_EXISTS                                               NTStatus      = 0xC00000EE
+	STATUS_INVALID_PARAMETER_1                                                NTStatus      = 0xC00000EF
+	STATUS_INVALID_PARAMETER_2                                                NTStatus      = 0xC00000F0
+	STATUS_INVALID_PARAMETER_3                                                NTStatus      = 0xC00000F1
+	STATUS_INVALID_PARAMETER_4                                                NTStatus      = 0xC00000F2
+	STATUS_INVALID_PARAMETER_5                                                NTStatus      = 0xC00000F3
+	STATUS_INVALID_PARAMETER_6                                                NTStatus      = 0xC00000F4
+	STATUS_INVALID_PARAMETER_7                                                NTStatus      = 0xC00000F5
+	STATUS_INVALID_PARAMETER_8                                                NTStatus      = 0xC00000F6
+	STATUS_INVALID_PARAMETER_9                                                NTStatus      = 0xC00000F7
+	STATUS_INVALID_PARAMETER_10                                               NTStatus      = 0xC00000F8
+	STATUS_INVALID_PARAMETER_11                                               NTStatus      = 0xC00000F9
+	STATUS_INVALID_PARAMETER_12                                               NTStatus      = 0xC00000FA
+	STATUS_REDIRECTOR_NOT_STARTED                                             NTStatus      = 0xC00000FB
+	STATUS_REDIRECTOR_STARTED                                                 NTStatus      = 0xC00000FC
+	STATUS_STACK_OVERFLOW                                                     NTStatus      = 0xC00000FD
+	STATUS_NO_SUCH_PACKAGE                                                    NTStatus      = 0xC00000FE
+	STATUS_BAD_FUNCTION_TABLE                                                 NTStatus      = 0xC00000FF
+	STATUS_VARIABLE_NOT_FOUND                                                 NTStatus      = 0xC0000100
+	STATUS_DIRECTORY_NOT_EMPTY                                                NTStatus      = 0xC0000101
+	STATUS_FILE_CORRUPT_ERROR                                                 NTStatus      = 0xC0000102
+	STATUS_NOT_A_DIRECTORY                                                    NTStatus      = 0xC0000103
+	STATUS_BAD_LOGON_SESSION_STATE                                            NTStatus      = 0xC0000104
+	STATUS_LOGON_SESSION_COLLISION                                            NTStatus      = 0xC0000105
+	STATUS_NAME_TOO_LONG                                                      NTStatus      = 0xC0000106
+	STATUS_FILES_OPEN                                                         NTStatus      = 0xC0000107
+	STATUS_CONNECTION_IN_USE                                                  NTStatus      = 0xC0000108
+	STATUS_MESSAGE_NOT_FOUND                                                  NTStatus      = 0xC0000109
+	STATUS_PROCESS_IS_TERMINATING                                             NTStatus      = 0xC000010A
+	STATUS_INVALID_LOGON_TYPE                                                 NTStatus      = 0xC000010B
+	STATUS_NO_GUID_TRANSLATION                                                NTStatus      = 0xC000010C
+	STATUS_CANNOT_IMPERSONATE                                                 NTStatus      = 0xC000010D
+	STATUS_IMAGE_ALREADY_LOADED                                               NTStatus      = 0xC000010E
+	STATUS_ABIOS_NOT_PRESENT                                                  NTStatus      = 0xC000010F
+	STATUS_ABIOS_LID_NOT_EXIST                                                NTStatus      = 0xC0000110
+	STATUS_ABIOS_LID_ALREADY_OWNED                                            NTStatus      = 0xC0000111
+	STATUS_ABIOS_NOT_LID_OWNER                                                NTStatus      = 0xC0000112
+	STATUS_ABIOS_INVALID_COMMAND                                              NTStatus      = 0xC0000113
+	STATUS_ABIOS_INVALID_LID                                                  NTStatus      = 0xC0000114
+	STATUS_ABIOS_SELECTOR_NOT_AVAILABLE                                       NTStatus      = 0xC0000115
+	STATUS_ABIOS_INVALID_SELECTOR                                             NTStatus      = 0xC0000116
+	STATUS_NO_LDT                                                             NTStatus      = 0xC0000117
+	STATUS_INVALID_LDT_SIZE                                                   NTStatus      = 0xC0000118
+	STATUS_INVALID_LDT_OFFSET                                                 NTStatus      = 0xC0000119
+	STATUS_INVALID_LDT_DESCRIPTOR                                             NTStatus      = 0xC000011A
+	STATUS_INVALID_IMAGE_NE_FORMAT                                            NTStatus      = 0xC000011B
+	STATUS_RXACT_INVALID_STATE                                                NTStatus      = 0xC000011C
+	STATUS_RXACT_COMMIT_FAILURE                                               NTStatus      = 0xC000011D
+	STATUS_MAPPED_FILE_SIZE_ZERO                                              NTStatus      = 0xC000011E
+	STATUS_TOO_MANY_OPENED_FILES                                              NTStatus      = 0xC000011F
+	STATUS_CANCELLED                                                          NTStatus      = 0xC0000120
+	STATUS_CANNOT_DELETE                                                      NTStatus      = 0xC0000121
+	STATUS_INVALID_COMPUTER_NAME                                              NTStatus      = 0xC0000122
+	STATUS_FILE_DELETED                                                       NTStatus      = 0xC0000123
+	STATUS_SPECIAL_ACCOUNT                                                    NTStatus      = 0xC0000124
+	STATUS_SPECIAL_GROUP                                                      NTStatus      = 0xC0000125
+	STATUS_SPECIAL_USER                                                       NTStatus      = 0xC0000126
+	STATUS_MEMBERS_PRIMARY_GROUP                                              NTStatus      = 0xC0000127
+	STATUS_FILE_CLOSED                                                        NTStatus      = 0xC0000128
+	STATUS_TOO_MANY_THREADS                                                   NTStatus      = 0xC0000129
+	STATUS_THREAD_NOT_IN_PROCESS                                              NTStatus      = 0xC000012A
+	STATUS_TOKEN_ALREADY_IN_USE                                               NTStatus      = 0xC000012B
+	STATUS_PAGEFILE_QUOTA_EXCEEDED                                            NTStatus      = 0xC000012C
+	STATUS_COMMITMENT_LIMIT                                                   NTStatus      = 0xC000012D
+	STATUS_INVALID_IMAGE_LE_FORMAT                                            NTStatus      = 0xC000012E
+	STATUS_INVALID_IMAGE_NOT_MZ                                               NTStatus      = 0xC000012F
+	STATUS_INVALID_IMAGE_PROTECT                                              NTStatus      = 0xC0000130
+	STATUS_INVALID_IMAGE_WIN_16                                               NTStatus      = 0xC0000131
+	STATUS_LOGON_SERVER_CONFLICT                                              NTStatus      = 0xC0000132
+	STATUS_TIME_DIFFERENCE_AT_DC                                              NTStatus      = 0xC0000133
+	STATUS_SYNCHRONIZATION_REQUIRED                                           NTStatus      = 0xC0000134
+	STATUS_DLL_NOT_FOUND                                                      NTStatus      = 0xC0000135
+	STATUS_OPEN_FAILED                                                        NTStatus      = 0xC0000136
+	STATUS_IO_PRIVILEGE_FAILED                                                NTStatus      = 0xC0000137
+	STATUS_ORDINAL_NOT_FOUND                                                  NTStatus      = 0xC0000138
+	STATUS_ENTRYPOINT_NOT_FOUND                                               NTStatus      = 0xC0000139
+	STATUS_CONTROL_C_EXIT                                                     NTStatus      = 0xC000013A
+	STATUS_LOCAL_DISCONNECT                                                   NTStatus      = 0xC000013B
+	STATUS_REMOTE_DISCONNECT                                                  NTStatus      = 0xC000013C
+	STATUS_REMOTE_RESOURCES                                                   NTStatus      = 0xC000013D
+	STATUS_LINK_FAILED                                                        NTStatus      = 0xC000013E
+	STATUS_LINK_TIMEOUT                                                       NTStatus      = 0xC000013F
+	STATUS_INVALID_CONNECTION                                                 NTStatus      = 0xC0000140
+	STATUS_INVALID_ADDRESS                                                    NTStatus      = 0xC0000141
+	STATUS_DLL_INIT_FAILED                                                    NTStatus      = 0xC0000142
+	STATUS_MISSING_SYSTEMFILE                                                 NTStatus      = 0xC0000143
+	STATUS_UNHANDLED_EXCEPTION                                                NTStatus      = 0xC0000144
+	STATUS_APP_INIT_FAILURE                                                   NTStatus      = 0xC0000145
+	STATUS_PAGEFILE_CREATE_FAILED                                             NTStatus      = 0xC0000146
+	STATUS_NO_PAGEFILE                                                        NTStatus      = 0xC0000147
+	STATUS_INVALID_LEVEL                                                      NTStatus      = 0xC0000148
+	STATUS_WRONG_PASSWORD_CORE                                                NTStatus      = 0xC0000149
+	STATUS_ILLEGAL_FLOAT_CONTEXT                                              NTStatus      = 0xC000014A
+	STATUS_PIPE_BROKEN                                                        NTStatus      = 0xC000014B
+	STATUS_REGISTRY_CORRUPT                                                   NTStatus      = 0xC000014C
+	STATUS_REGISTRY_IO_FAILED                                                 NTStatus      = 0xC000014D
+	STATUS_NO_EVENT_PAIR                                                      NTStatus      = 0xC000014E
+	STATUS_UNRECOGNIZED_VOLUME                                                NTStatus      = 0xC000014F
+	STATUS_SERIAL_NO_DEVICE_INITED                                            NTStatus      = 0xC0000150
+	STATUS_NO_SUCH_ALIAS                                                      NTStatus      = 0xC0000151
+	STATUS_MEMBER_NOT_IN_ALIAS                                                NTStatus      = 0xC0000152
+	STATUS_MEMBER_IN_ALIAS                                                    NTStatus      = 0xC0000153
+	STATUS_ALIAS_EXISTS                                                       NTStatus      = 0xC0000154
+	STATUS_LOGON_NOT_GRANTED                                                  NTStatus      = 0xC0000155
+	STATUS_TOO_MANY_SECRETS                                                   NTStatus      = 0xC0000156
+	STATUS_SECRET_TOO_LONG                                                    NTStatus      = 0xC0000157
+	STATUS_INTERNAL_DB_ERROR                                                  NTStatus      = 0xC0000158
+	STATUS_FULLSCREEN_MODE                                                    NTStatus      = 0xC0000159
+	STATUS_TOO_MANY_CONTEXT_IDS                                               NTStatus      = 0xC000015A
+	STATUS_LOGON_TYPE_NOT_GRANTED                                             NTStatus      = 0xC000015B
+	STATUS_NOT_REGISTRY_FILE                                                  NTStatus      = 0xC000015C
+	STATUS_NT_CROSS_ENCRYPTION_REQUIRED                                       NTStatus      = 0xC000015D
+	STATUS_DOMAIN_CTRLR_CONFIG_ERROR                                          NTStatus      = 0xC000015E
+	STATUS_FT_MISSING_MEMBER                                                  NTStatus      = 0xC000015F
+	STATUS_ILL_FORMED_SERVICE_ENTRY                                           NTStatus      = 0xC0000160
+	STATUS_ILLEGAL_CHARACTER                                                  NTStatus      = 0xC0000161
+	STATUS_UNMAPPABLE_CHARACTER                                               NTStatus      = 0xC0000162
+	STATUS_UNDEFINED_CHARACTER                                                NTStatus      = 0xC0000163
+	STATUS_FLOPPY_VOLUME                                                      NTStatus      = 0xC0000164
+	STATUS_FLOPPY_ID_MARK_NOT_FOUND                                           NTStatus      = 0xC0000165
+	STATUS_FLOPPY_WRONG_CYLINDER                                              NTStatus      = 0xC0000166
+	STATUS_FLOPPY_UNKNOWN_ERROR                                               NTStatus      = 0xC0000167
+	STATUS_FLOPPY_BAD_REGISTERS                                               NTStatus      = 0xC0000168
+	STATUS_DISK_RECALIBRATE_FAILED                                            NTStatus      = 0xC0000169
+	STATUS_DISK_OPERATION_FAILED                                              NTStatus      = 0xC000016A
+	STATUS_DISK_RESET_FAILED                                                  NTStatus      = 0xC000016B
+	STATUS_SHARED_IRQ_BUSY                                                    NTStatus      = 0xC000016C
+	STATUS_FT_ORPHANING                                                       NTStatus      = 0xC000016D
+	STATUS_BIOS_FAILED_TO_CONNECT_INTERRUPT                                   NTStatus      = 0xC000016E
+	STATUS_PARTITION_FAILURE                                                  NTStatus      = 0xC0000172
+	STATUS_INVALID_BLOCK_LENGTH                                               NTStatus      = 0xC0000173
+	STATUS_DEVICE_NOT_PARTITIONED                                             NTStatus      = 0xC0000174
+	STATUS_UNABLE_TO_LOCK_MEDIA                                               NTStatus      = 0xC0000175
+	STATUS_UNABLE_TO_UNLOAD_MEDIA                                             NTStatus      = 0xC0000176
+	STATUS_EOM_OVERFLOW                                                       NTStatus      = 0xC0000177
+	STATUS_NO_MEDIA                                                           NTStatus      = 0xC0000178
+	STATUS_NO_SUCH_MEMBER                                                     NTStatus      = 0xC000017A
+	STATUS_INVALID_MEMBER                                                     NTStatus      = 0xC000017B
+	STATUS_KEY_DELETED                                                        NTStatus      = 0xC000017C
+	STATUS_NO_LOG_SPACE                                                       NTStatus      = 0xC000017D
+	STATUS_TOO_MANY_SIDS                                                      NTStatus      = 0xC000017E
+	STATUS_LM_CROSS_ENCRYPTION_REQUIRED                                       NTStatus      = 0xC000017F
+	STATUS_KEY_HAS_CHILDREN                                                   NTStatus      = 0xC0000180
+	STATUS_CHILD_MUST_BE_VOLATILE                                             NTStatus      = 0xC0000181
+	STATUS_DEVICE_CONFIGURATION_ERROR                                         NTStatus      = 0xC0000182
+	STATUS_DRIVER_INTERNAL_ERROR                                              NTStatus      = 0xC0000183
+	STATUS_INVALID_DEVICE_STATE                                               NTStatus      = 0xC0000184
+	STATUS_IO_DEVICE_ERROR                                                    NTStatus      = 0xC0000185
+	STATUS_DEVICE_PROTOCOL_ERROR                                              NTStatus      = 0xC0000186
+	STATUS_BACKUP_CONTROLLER                                                  NTStatus      = 0xC0000187
+	STATUS_LOG_FILE_FULL                                                      NTStatus      = 0xC0000188
+	STATUS_TOO_LATE                                                           NTStatus      = 0xC0000189
+	STATUS_NO_TRUST_LSA_SECRET                                                NTStatus      = 0xC000018A
+	STATUS_NO_TRUST_SAM_ACCOUNT                                               NTStatus      = 0xC000018B
+	STATUS_TRUSTED_DOMAIN_FAILURE                                             NTStatus      = 0xC000018C
+	STATUS_TRUSTED_RELATIONSHIP_FAILURE                                       NTStatus      = 0xC000018D
+	STATUS_EVENTLOG_FILE_CORRUPT                                              NTStatus      = 0xC000018E
+	STATUS_EVENTLOG_CANT_START                                                NTStatus      = 0xC000018F
+	STATUS_TRUST_FAILURE                                                      NTStatus      = 0xC0000190
+	STATUS_MUTANT_LIMIT_EXCEEDED                                              NTStatus      = 0xC0000191
+	STATUS_NETLOGON_NOT_STARTED                                               NTStatus      = 0xC0000192
+	STATUS_ACCOUNT_EXPIRED                                                    NTStatus      = 0xC0000193
+	STATUS_POSSIBLE_DEADLOCK                                                  NTStatus      = 0xC0000194
+	STATUS_NETWORK_CREDENTIAL_CONFLICT                                        NTStatus      = 0xC0000195
+	STATUS_REMOTE_SESSION_LIMIT                                               NTStatus      = 0xC0000196
+	STATUS_EVENTLOG_FILE_CHANGED                                              NTStatus      = 0xC0000197
+	STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT                                  NTStatus      = 0xC0000198
+	STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT                                  NTStatus      = 0xC0000199
+	STATUS_NOLOGON_SERVER_TRUST_ACCOUNT                                       NTStatus      = 0xC000019A
+	STATUS_DOMAIN_TRUST_INCONSISTENT                                          NTStatus      = 0xC000019B
+	STATUS_FS_DRIVER_REQUIRED                                                 NTStatus      = 0xC000019C
+	STATUS_IMAGE_ALREADY_LOADED_AS_DLL                                        NTStatus      = 0xC000019D
+	STATUS_INCOMPATIBLE_WITH_GLOBAL_SHORT_NAME_REGISTRY_SETTING               NTStatus      = 0xC000019E
+	STATUS_SHORT_NAMES_NOT_ENABLED_ON_VOLUME                                  NTStatus      = 0xC000019F
+	STATUS_SECURITY_STREAM_IS_INCONSISTENT                                    NTStatus      = 0xC00001A0
+	STATUS_INVALID_LOCK_RANGE                                                 NTStatus      = 0xC00001A1
+	STATUS_INVALID_ACE_CONDITION                                              NTStatus      = 0xC00001A2
+	STATUS_IMAGE_SUBSYSTEM_NOT_PRESENT                                        NTStatus      = 0xC00001A3
+	STATUS_NOTIFICATION_GUID_ALREADY_DEFINED                                  NTStatus      = 0xC00001A4
+	STATUS_INVALID_EXCEPTION_HANDLER                                          NTStatus      = 0xC00001A5
+	STATUS_DUPLICATE_PRIVILEGES                                               NTStatus      = 0xC00001A6
+	STATUS_NOT_ALLOWED_ON_SYSTEM_FILE                                         NTStatus      = 0xC00001A7
+	STATUS_REPAIR_NEEDED                                                      NTStatus      = 0xC00001A8
+	STATUS_QUOTA_NOT_ENABLED                                                  NTStatus      = 0xC00001A9
+	STATUS_NO_APPLICATION_PACKAGE                                             NTStatus      = 0xC00001AA
+	STATUS_FILE_METADATA_OPTIMIZATION_IN_PROGRESS                             NTStatus      = 0xC00001AB
+	STATUS_NOT_SAME_OBJECT                                                    NTStatus      = 0xC00001AC
+	STATUS_FATAL_MEMORY_EXHAUSTION                                            NTStatus      = 0xC00001AD
+	STATUS_ERROR_PROCESS_NOT_IN_JOB                                           NTStatus      = 0xC00001AE
+	STATUS_CPU_SET_INVALID                                                    NTStatus      = 0xC00001AF
+	STATUS_IO_DEVICE_INVALID_DATA                                             NTStatus      = 0xC00001B0
+	STATUS_IO_UNALIGNED_WRITE                                                 NTStatus      = 0xC00001B1
+	STATUS_NETWORK_OPEN_RESTRICTION                                           NTStatus      = 0xC0000201
+	STATUS_NO_USER_SESSION_KEY                                                NTStatus      = 0xC0000202
+	STATUS_USER_SESSION_DELETED                                               NTStatus      = 0xC0000203
+	STATUS_RESOURCE_LANG_NOT_FOUND                                            NTStatus      = 0xC0000204
+	STATUS_INSUFF_SERVER_RESOURCES                                            NTStatus      = 0xC0000205
+	STATUS_INVALID_BUFFER_SIZE                                                NTStatus      = 0xC0000206
+	STATUS_INVALID_ADDRESS_COMPONENT                                          NTStatus      = 0xC0000207
+	STATUS_INVALID_ADDRESS_WILDCARD                                           NTStatus      = 0xC0000208
+	STATUS_TOO_MANY_ADDRESSES                                                 NTStatus      = 0xC0000209
+	STATUS_ADDRESS_ALREADY_EXISTS                                             NTStatus      = 0xC000020A
+	STATUS_ADDRESS_CLOSED                                                     NTStatus      = 0xC000020B
+	STATUS_CONNECTION_DISCONNECTED                                            NTStatus      = 0xC000020C
+	STATUS_CONNECTION_RESET                                                   NTStatus      = 0xC000020D
+	STATUS_TOO_MANY_NODES                                                     NTStatus      = 0xC000020E
+	STATUS_TRANSACTION_ABORTED                                                NTStatus      = 0xC000020F
+	STATUS_TRANSACTION_TIMED_OUT                                              NTStatus      = 0xC0000210
+	STATUS_TRANSACTION_NO_RELEASE                                             NTStatus      = 0xC0000211
+	STATUS_TRANSACTION_NO_MATCH                                               NTStatus      = 0xC0000212
+	STATUS_TRANSACTION_RESPONDED                                              NTStatus      = 0xC0000213
+	STATUS_TRANSACTION_INVALID_ID                                             NTStatus      = 0xC0000214
+	STATUS_TRANSACTION_INVALID_TYPE                                           NTStatus      = 0xC0000215
+	STATUS_NOT_SERVER_SESSION                                                 NTStatus      = 0xC0000216
+	STATUS_NOT_CLIENT_SESSION                                                 NTStatus      = 0xC0000217
+	STATUS_CANNOT_LOAD_REGISTRY_FILE                                          NTStatus      = 0xC0000218
+	STATUS_DEBUG_ATTACH_FAILED                                                NTStatus      = 0xC0000219
+	STATUS_SYSTEM_PROCESS_TERMINATED                                          NTStatus      = 0xC000021A
+	STATUS_DATA_NOT_ACCEPTED                                                  NTStatus      = 0xC000021B
+	STATUS_NO_BROWSER_SERVERS_FOUND                                           NTStatus      = 0xC000021C
+	STATUS_VDM_HARD_ERROR                                                     NTStatus      = 0xC000021D
+	STATUS_DRIVER_CANCEL_TIMEOUT                                              NTStatus      = 0xC000021E
+	STATUS_REPLY_MESSAGE_MISMATCH                                             NTStatus      = 0xC000021F
+	STATUS_MAPPED_ALIGNMENT                                                   NTStatus      = 0xC0000220
+	STATUS_IMAGE_CHECKSUM_MISMATCH                                            NTStatus      = 0xC0000221
+	STATUS_LOST_WRITEBEHIND_DATA                                              NTStatus      = 0xC0000222
+	STATUS_CLIENT_SERVER_PARAMETERS_INVALID                                   NTStatus      = 0xC0000223
+	STATUS_PASSWORD_MUST_CHANGE                                               NTStatus      = 0xC0000224
+	STATUS_NOT_FOUND                                                          NTStatus      = 0xC0000225
+	STATUS_NOT_TINY_STREAM                                                    NTStatus      = 0xC0000226
+	STATUS_RECOVERY_FAILURE                                                   NTStatus      = 0xC0000227
+	STATUS_STACK_OVERFLOW_READ                                                NTStatus      = 0xC0000228
+	STATUS_FAIL_CHECK                                                         NTStatus      = 0xC0000229
+	STATUS_DUPLICATE_OBJECTID                                                 NTStatus      = 0xC000022A
+	STATUS_OBJECTID_EXISTS                                                    NTStatus      = 0xC000022B
+	STATUS_CONVERT_TO_LARGE                                                   NTStatus      = 0xC000022C
+	STATUS_RETRY                                                              NTStatus      = 0xC000022D
+	STATUS_FOUND_OUT_OF_SCOPE                                                 NTStatus      = 0xC000022E
+	STATUS_ALLOCATE_BUCKET                                                    NTStatus      = 0xC000022F
+	STATUS_PROPSET_NOT_FOUND                                                  NTStatus      = 0xC0000230
+	STATUS_MARSHALL_OVERFLOW                                                  NTStatus      = 0xC0000231
+	STATUS_INVALID_VARIANT                                                    NTStatus      = 0xC0000232
+	STATUS_DOMAIN_CONTROLLER_NOT_FOUND                                        NTStatus      = 0xC0000233
+	STATUS_ACCOUNT_LOCKED_OUT                                                 NTStatus      = 0xC0000234
+	STATUS_HANDLE_NOT_CLOSABLE                                                NTStatus      = 0xC0000235
+	STATUS_CONNECTION_REFUSED                                                 NTStatus      = 0xC0000236
+	STATUS_GRACEFUL_DISCONNECT                                                NTStatus      = 0xC0000237
+	STATUS_ADDRESS_ALREADY_ASSOCIATED                                         NTStatus      = 0xC0000238
+	STATUS_ADDRESS_NOT_ASSOCIATED                                             NTStatus      = 0xC0000239
+	STATUS_CONNECTION_INVALID                                                 NTStatus      = 0xC000023A
+	STATUS_CONNECTION_ACTIVE                                                  NTStatus      = 0xC000023B
+	STATUS_NETWORK_UNREACHABLE                                                NTStatus      = 0xC000023C
+	STATUS_HOST_UNREACHABLE                                                   NTStatus      = 0xC000023D
+	STATUS_PROTOCOL_UNREACHABLE                                               NTStatus      = 0xC000023E
+	STATUS_PORT_UNREACHABLE                                                   NTStatus      = 0xC000023F
+	STATUS_REQUEST_ABORTED                                                    NTStatus      = 0xC0000240
+	STATUS_CONNECTION_ABORTED                                                 NTStatus      = 0xC0000241
+	STATUS_BAD_COMPRESSION_BUFFER                                             NTStatus      = 0xC0000242
+	STATUS_USER_MAPPED_FILE                                                   NTStatus      = 0xC0000243
+	STATUS_AUDIT_FAILED                                                       NTStatus      = 0xC0000244
+	STATUS_TIMER_RESOLUTION_NOT_SET                                           NTStatus      = 0xC0000245
+	STATUS_CONNECTION_COUNT_LIMIT                                             NTStatus      = 0xC0000246
+	STATUS_LOGIN_TIME_RESTRICTION                                             NTStatus      = 0xC0000247
+	STATUS_LOGIN_WKSTA_RESTRICTION                                            NTStatus      = 0xC0000248
+	STATUS_IMAGE_MP_UP_MISMATCH                                               NTStatus      = 0xC0000249
+	STATUS_INSUFFICIENT_LOGON_INFO                                            NTStatus      = 0xC0000250
+	STATUS_BAD_DLL_ENTRYPOINT                                                 NTStatus      = 0xC0000251
+	STATUS_BAD_SERVICE_ENTRYPOINT                                             NTStatus      = 0xC0000252
+	STATUS_LPC_REPLY_LOST                                                     NTStatus      = 0xC0000253
+	STATUS_IP_ADDRESS_CONFLICT1                                               NTStatus      = 0xC0000254
+	STATUS_IP_ADDRESS_CONFLICT2                                               NTStatus      = 0xC0000255
+	STATUS_REGISTRY_QUOTA_LIMIT                                               NTStatus      = 0xC0000256
+	STATUS_PATH_NOT_COVERED                                                   NTStatus      = 0xC0000257
+	STATUS_NO_CALLBACK_ACTIVE                                                 NTStatus      = 0xC0000258
+	STATUS_LICENSE_QUOTA_EXCEEDED                                             NTStatus      = 0xC0000259
+	STATUS_PWD_TOO_SHORT                                                      NTStatus      = 0xC000025A
+	STATUS_PWD_TOO_RECENT                                                     NTStatus      = 0xC000025B
+	STATUS_PWD_HISTORY_CONFLICT                                               NTStatus      = 0xC000025C
+	STATUS_PLUGPLAY_NO_DEVICE                                                 NTStatus      = 0xC000025E
+	STATUS_UNSUPPORTED_COMPRESSION                                            NTStatus      = 0xC000025F
+	STATUS_INVALID_HW_PROFILE                                                 NTStatus      = 0xC0000260
+	STATUS_INVALID_PLUGPLAY_DEVICE_PATH                                       NTStatus      = 0xC0000261
+	STATUS_DRIVER_ORDINAL_NOT_FOUND                                           NTStatus      = 0xC0000262
+	STATUS_DRIVER_ENTRYPOINT_NOT_FOUND                                        NTStatus      = 0xC0000263
+	STATUS_RESOURCE_NOT_OWNED                                                 NTStatus      = 0xC0000264
+	STATUS_TOO_MANY_LINKS                                                     NTStatus      = 0xC0000265
+	STATUS_QUOTA_LIST_INCONSISTENT                                            NTStatus      = 0xC0000266
+	STATUS_FILE_IS_OFFLINE                                                    NTStatus      = 0xC0000267
+	STATUS_EVALUATION_EXPIRATION                                              NTStatus      = 0xC0000268
+	STATUS_ILLEGAL_DLL_RELOCATION                                             NTStatus      = 0xC0000269
+	STATUS_LICENSE_VIOLATION                                                  NTStatus      = 0xC000026A
+	STATUS_DLL_INIT_FAILED_LOGOFF                                             NTStatus      = 0xC000026B
+	STATUS_DRIVER_UNABLE_TO_LOAD                                              NTStatus      = 0xC000026C
+	STATUS_DFS_UNAVAILABLE                                                    NTStatus      = 0xC000026D
+	STATUS_VOLUME_DISMOUNTED                                                  NTStatus      = 0xC000026E
+	STATUS_WX86_INTERNAL_ERROR                                                NTStatus      = 0xC000026F
+	STATUS_WX86_FLOAT_STACK_CHECK                                             NTStatus      = 0xC0000270
+	STATUS_VALIDATE_CONTINUE                                                  NTStatus      = 0xC0000271
+	STATUS_NO_MATCH                                                           NTStatus      = 0xC0000272
+	STATUS_NO_MORE_MATCHES                                                    NTStatus      = 0xC0000273
+	STATUS_NOT_A_REPARSE_POINT                                                NTStatus      = 0xC0000275
+	STATUS_IO_REPARSE_TAG_INVALID                                             NTStatus      = 0xC0000276
+	STATUS_IO_REPARSE_TAG_MISMATCH                                            NTStatus      = 0xC0000277
+	STATUS_IO_REPARSE_DATA_INVALID                                            NTStatus      = 0xC0000278
+	STATUS_IO_REPARSE_TAG_NOT_HANDLED                                         NTStatus      = 0xC0000279
+	STATUS_PWD_TOO_LONG                                                       NTStatus      = 0xC000027A
+	STATUS_STOWED_EXCEPTION                                                   NTStatus      = 0xC000027B
+	STATUS_CONTEXT_STOWED_EXCEPTION                                           NTStatus      = 0xC000027C
+	STATUS_REPARSE_POINT_NOT_RESOLVED                                         NTStatus      = 0xC0000280
+	STATUS_DIRECTORY_IS_A_REPARSE_POINT                                       NTStatus      = 0xC0000281
+	STATUS_RANGE_LIST_CONFLICT                                                NTStatus      = 0xC0000282
+	STATUS_SOURCE_ELEMENT_EMPTY                                               NTStatus      = 0xC0000283
+	STATUS_DESTINATION_ELEMENT_FULL                                           NTStatus      = 0xC0000284
+	STATUS_ILLEGAL_ELEMENT_ADDRESS                                            NTStatus      = 0xC0000285
+	STATUS_MAGAZINE_NOT_PRESENT                                               NTStatus      = 0xC0000286
+	STATUS_REINITIALIZATION_NEEDED                                            NTStatus      = 0xC0000287
+	STATUS_DEVICE_REQUIRES_CLEANING                                           NTStatus      = 0x80000288
+	STATUS_DEVICE_DOOR_OPEN                                                   NTStatus      = 0x80000289
+	STATUS_ENCRYPTION_FAILED                                                  NTStatus      = 0xC000028A
+	STATUS_DECRYPTION_FAILED                                                  NTStatus      = 0xC000028B
+	STATUS_RANGE_NOT_FOUND                                                    NTStatus      = 0xC000028C
+	STATUS_NO_RECOVERY_POLICY                                                 NTStatus      = 0xC000028D
+	STATUS_NO_EFS                                                             NTStatus      = 0xC000028E
+	STATUS_WRONG_EFS                                                          NTStatus      = 0xC000028F
+	STATUS_NO_USER_KEYS                                                       NTStatus      = 0xC0000290
+	STATUS_FILE_NOT_ENCRYPTED                                                 NTStatus      = 0xC0000291
+	STATUS_NOT_EXPORT_FORMAT                                                  NTStatus      = 0xC0000292
+	STATUS_FILE_ENCRYPTED                                                     NTStatus      = 0xC0000293
+	STATUS_WAKE_SYSTEM                                                        NTStatus      = 0x40000294
+	STATUS_WMI_GUID_NOT_FOUND                                                 NTStatus      = 0xC0000295
+	STATUS_WMI_INSTANCE_NOT_FOUND                                             NTStatus      = 0xC0000296
+	STATUS_WMI_ITEMID_NOT_FOUND                                               NTStatus      = 0xC0000297
+	STATUS_WMI_TRY_AGAIN                                                      NTStatus      = 0xC0000298
+	STATUS_SHARED_POLICY                                                      NTStatus      = 0xC0000299
+	STATUS_POLICY_OBJECT_NOT_FOUND                                            NTStatus      = 0xC000029A
+	STATUS_POLICY_ONLY_IN_DS                                                  NTStatus      = 0xC000029B
+	STATUS_VOLUME_NOT_UPGRADED                                                NTStatus      = 0xC000029C
+	STATUS_REMOTE_STORAGE_NOT_ACTIVE                                          NTStatus      = 0xC000029D
+	STATUS_REMOTE_STORAGE_MEDIA_ERROR                                         NTStatus      = 0xC000029E
+	STATUS_NO_TRACKING_SERVICE                                                NTStatus      = 0xC000029F
+	STATUS_SERVER_SID_MISMATCH                                                NTStatus      = 0xC00002A0
+	STATUS_DS_NO_ATTRIBUTE_OR_VALUE                                           NTStatus      = 0xC00002A1
+	STATUS_DS_INVALID_ATTRIBUTE_SYNTAX                                        NTStatus      = 0xC00002A2
+	STATUS_DS_ATTRIBUTE_TYPE_UNDEFINED                                        NTStatus      = 0xC00002A3
+	STATUS_DS_ATTRIBUTE_OR_VALUE_EXISTS                                       NTStatus      = 0xC00002A4
+	STATUS_DS_BUSY                                                            NTStatus      = 0xC00002A5
+	STATUS_DS_UNAVAILABLE                                                     NTStatus      = 0xC00002A6
+	STATUS_DS_NO_RIDS_ALLOCATED                                               NTStatus      = 0xC00002A7
+	STATUS_DS_NO_MORE_RIDS                                                    NTStatus      = 0xC00002A8
+	STATUS_DS_INCORRECT_ROLE_OWNER                                            NTStatus      = 0xC00002A9
+	STATUS_DS_RIDMGR_INIT_ERROR                                               NTStatus      = 0xC00002AA
+	STATUS_DS_OBJ_CLASS_VIOLATION                                             NTStatus      = 0xC00002AB
+	STATUS_DS_CANT_ON_NON_LEAF                                                NTStatus      = 0xC00002AC
+	STATUS_DS_CANT_ON_RDN                                                     NTStatus      = 0xC00002AD
+	STATUS_DS_CANT_MOD_OBJ_CLASS                                              NTStatus      = 0xC00002AE
+	STATUS_DS_CROSS_DOM_MOVE_FAILED                                           NTStatus      = 0xC00002AF
+	STATUS_DS_GC_NOT_AVAILABLE                                                NTStatus      = 0xC00002B0
+	STATUS_DIRECTORY_SERVICE_REQUIRED                                         NTStatus      = 0xC00002B1
+	STATUS_REPARSE_ATTRIBUTE_CONFLICT                                         NTStatus      = 0xC00002B2
+	STATUS_CANT_ENABLE_DENY_ONLY                                              NTStatus      = 0xC00002B3
+	STATUS_FLOAT_MULTIPLE_FAULTS                                              NTStatus      = 0xC00002B4
+	STATUS_FLOAT_MULTIPLE_TRAPS                                               NTStatus      = 0xC00002B5
+	STATUS_DEVICE_REMOVED                                                     NTStatus      = 0xC00002B6
+	STATUS_JOURNAL_DELETE_IN_PROGRESS                                         NTStatus      = 0xC00002B7
+	STATUS_JOURNAL_NOT_ACTIVE                                                 NTStatus      = 0xC00002B8
+	STATUS_NOINTERFACE                                                        NTStatus      = 0xC00002B9
+	STATUS_DS_RIDMGR_DISABLED                                                 NTStatus      = 0xC00002BA
+	STATUS_DS_ADMIN_LIMIT_EXCEEDED                                            NTStatus      = 0xC00002C1
+	STATUS_DRIVER_FAILED_SLEEP                                                NTStatus      = 0xC00002C2
+	STATUS_MUTUAL_AUTHENTICATION_FAILED                                       NTStatus      = 0xC00002C3
+	STATUS_CORRUPT_SYSTEM_FILE                                                NTStatus      = 0xC00002C4
+	STATUS_DATATYPE_MISALIGNMENT_ERROR                                        NTStatus      = 0xC00002C5
+	STATUS_WMI_READ_ONLY                                                      NTStatus      = 0xC00002C6
+	STATUS_WMI_SET_FAILURE                                                    NTStatus      = 0xC00002C7
+	STATUS_COMMITMENT_MINIMUM                                                 NTStatus      = 0xC00002C8
+	STATUS_REG_NAT_CONSUMPTION                                                NTStatus      = 0xC00002C9
+	STATUS_TRANSPORT_FULL                                                     NTStatus      = 0xC00002CA
+	STATUS_DS_SAM_INIT_FAILURE                                                NTStatus      = 0xC00002CB
+	STATUS_ONLY_IF_CONNECTED                                                  NTStatus      = 0xC00002CC
+	STATUS_DS_SENSITIVE_GROUP_VIOLATION                                       NTStatus      = 0xC00002CD
+	STATUS_PNP_RESTART_ENUMERATION                                            NTStatus      = 0xC00002CE
+	STATUS_JOURNAL_ENTRY_DELETED                                              NTStatus      = 0xC00002CF
+	STATUS_DS_CANT_MOD_PRIMARYGROUPID                                         NTStatus      = 0xC00002D0
+	STATUS_SYSTEM_IMAGE_BAD_SIGNATURE                                         NTStatus      = 0xC00002D1
+	STATUS_PNP_REBOOT_REQUIRED                                                NTStatus      = 0xC00002D2
+	STATUS_POWER_STATE_INVALID                                                NTStatus      = 0xC00002D3
+	STATUS_DS_INVALID_GROUP_TYPE                                              NTStatus      = 0xC00002D4
+	STATUS_DS_NO_NEST_GLOBALGROUP_IN_MIXEDDOMAIN                              NTStatus      = 0xC00002D5
+	STATUS_DS_NO_NEST_LOCALGROUP_IN_MIXEDDOMAIN                               NTStatus      = 0xC00002D6
+	STATUS_DS_GLOBAL_CANT_HAVE_LOCAL_MEMBER                                   NTStatus      = 0xC00002D7
+	STATUS_DS_GLOBAL_CANT_HAVE_UNIVERSAL_MEMBER                               NTStatus      = 0xC00002D8
+	STATUS_DS_UNIVERSAL_CANT_HAVE_LOCAL_MEMBER                                NTStatus      = 0xC00002D9
+	STATUS_DS_GLOBAL_CANT_HAVE_CROSSDOMAIN_MEMBER                             NTStatus      = 0xC00002DA
+	STATUS_DS_LOCAL_CANT_HAVE_CROSSDOMAIN_LOCAL_MEMBER                        NTStatus      = 0xC00002DB
+	STATUS_DS_HAVE_PRIMARY_MEMBERS                                            NTStatus      = 0xC00002DC
+	STATUS_WMI_NOT_SUPPORTED                                                  NTStatus      = 0xC00002DD
+	STATUS_INSUFFICIENT_POWER                                                 NTStatus      = 0xC00002DE
+	STATUS_SAM_NEED_BOOTKEY_PASSWORD                                          NTStatus      = 0xC00002DF
+	STATUS_SAM_NEED_BOOTKEY_FLOPPY                                            NTStatus      = 0xC00002E0
+	STATUS_DS_CANT_START                                                      NTStatus      = 0xC00002E1
+	STATUS_DS_INIT_FAILURE                                                    NTStatus      = 0xC00002E2
+	STATUS_SAM_INIT_FAILURE                                                   NTStatus      = 0xC00002E3
+	STATUS_DS_GC_REQUIRED                                                     NTStatus      = 0xC00002E4
+	STATUS_DS_LOCAL_MEMBER_OF_LOCAL_ONLY                                      NTStatus      = 0xC00002E5
+	STATUS_DS_NO_FPO_IN_UNIVERSAL_GROUPS                                      NTStatus      = 0xC00002E6
+	STATUS_DS_MACHINE_ACCOUNT_QUOTA_EXCEEDED                                  NTStatus      = 0xC00002E7
+	STATUS_MULTIPLE_FAULT_VIOLATION                                           NTStatus      = 0xC00002E8
+	STATUS_CURRENT_DOMAIN_NOT_ALLOWED                                         NTStatus      = 0xC00002E9
+	STATUS_CANNOT_MAKE                                                        NTStatus      = 0xC00002EA
+	STATUS_SYSTEM_SHUTDOWN                                                    NTStatus      = 0xC00002EB
+	STATUS_DS_INIT_FAILURE_CONSOLE                                            NTStatus      = 0xC00002EC
+	STATUS_DS_SAM_INIT_FAILURE_CONSOLE                                        NTStatus      = 0xC00002ED
+	STATUS_UNFINISHED_CONTEXT_DELETED                                         NTStatus      = 0xC00002EE
+	STATUS_NO_TGT_REPLY                                                       NTStatus      = 0xC00002EF
+	STATUS_OBJECTID_NOT_FOUND                                                 NTStatus      = 0xC00002F0
+	STATUS_NO_IP_ADDRESSES                                                    NTStatus      = 0xC00002F1
+	STATUS_WRONG_CREDENTIAL_HANDLE                                            NTStatus      = 0xC00002F2
+	STATUS_CRYPTO_SYSTEM_INVALID                                              NTStatus      = 0xC00002F3
+	STATUS_MAX_REFERRALS_EXCEEDED                                             NTStatus      = 0xC00002F4
+	STATUS_MUST_BE_KDC                                                        NTStatus      = 0xC00002F5
+	STATUS_STRONG_CRYPTO_NOT_SUPPORTED                                        NTStatus      = 0xC00002F6
+	STATUS_TOO_MANY_PRINCIPALS                                                NTStatus      = 0xC00002F7
+	STATUS_NO_PA_DATA                                                         NTStatus      = 0xC00002F8
+	STATUS_PKINIT_NAME_MISMATCH                                               NTStatus      = 0xC00002F9
+	STATUS_SMARTCARD_LOGON_REQUIRED                                           NTStatus      = 0xC00002FA
+	STATUS_KDC_INVALID_REQUEST                                                NTStatus      = 0xC00002FB
+	STATUS_KDC_UNABLE_TO_REFER                                                NTStatus      = 0xC00002FC
+	STATUS_KDC_UNKNOWN_ETYPE                                                  NTStatus      = 0xC00002FD
+	STATUS_SHUTDOWN_IN_PROGRESS                                               NTStatus      = 0xC00002FE
+	STATUS_SERVER_SHUTDOWN_IN_PROGRESS                                        NTStatus      = 0xC00002FF
+	STATUS_NOT_SUPPORTED_ON_SBS                                               NTStatus      = 0xC0000300
+	STATUS_WMI_GUID_DISCONNECTED                                              NTStatus      = 0xC0000301
+	STATUS_WMI_ALREADY_DISABLED                                               NTStatus      = 0xC0000302
+	STATUS_WMI_ALREADY_ENABLED                                                NTStatus      = 0xC0000303
+	STATUS_MFT_TOO_FRAGMENTED                                                 NTStatus      = 0xC0000304
+	STATUS_COPY_PROTECTION_FAILURE                                            NTStatus      = 0xC0000305
+	STATUS_CSS_AUTHENTICATION_FAILURE                                         NTStatus      = 0xC0000306
+	STATUS_CSS_KEY_NOT_PRESENT                                                NTStatus      = 0xC0000307
+	STATUS_CSS_KEY_NOT_ESTABLISHED                                            NTStatus      = 0xC0000308
+	STATUS_CSS_SCRAMBLED_SECTOR                                               NTStatus      = 0xC0000309
+	STATUS_CSS_REGION_MISMATCH                                                NTStatus      = 0xC000030A
+	STATUS_CSS_RESETS_EXHAUSTED                                               NTStatus      = 0xC000030B
+	STATUS_PASSWORD_CHANGE_REQUIRED                                           NTStatus      = 0xC000030C
+	STATUS_LOST_MODE_LOGON_RESTRICTION                                        NTStatus      = 0xC000030D
+	STATUS_PKINIT_FAILURE                                                     NTStatus      = 0xC0000320
+	STATUS_SMARTCARD_SUBSYSTEM_FAILURE                                        NTStatus      = 0xC0000321
+	STATUS_NO_KERB_KEY                                                        NTStatus      = 0xC0000322
+	STATUS_HOST_DOWN                                                          NTStatus      = 0xC0000350
+	STATUS_UNSUPPORTED_PREAUTH                                                NTStatus      = 0xC0000351
+	STATUS_EFS_ALG_BLOB_TOO_BIG                                               NTStatus      = 0xC0000352
+	STATUS_PORT_NOT_SET                                                       NTStatus      = 0xC0000353
+	STATUS_DEBUGGER_INACTIVE                                                  NTStatus      = 0xC0000354
+	STATUS_DS_VERSION_CHECK_FAILURE                                           NTStatus      = 0xC0000355
+	STATUS_AUDITING_DISABLED                                                  NTStatus      = 0xC0000356
+	STATUS_PRENT4_MACHINE_ACCOUNT                                             NTStatus      = 0xC0000357
+	STATUS_DS_AG_CANT_HAVE_UNIVERSAL_MEMBER                                   NTStatus      = 0xC0000358
+	STATUS_INVALID_IMAGE_WIN_32                                               NTStatus      = 0xC0000359
+	STATUS_INVALID_IMAGE_WIN_64                                               NTStatus      = 0xC000035A
+	STATUS_BAD_BINDINGS                                                       NTStatus      = 0xC000035B
+	STATUS_NETWORK_SESSION_EXPIRED                                            NTStatus      = 0xC000035C
+	STATUS_APPHELP_BLOCK                                                      NTStatus      = 0xC000035D
+	STATUS_ALL_SIDS_FILTERED                                                  NTStatus      = 0xC000035E
+	STATUS_NOT_SAFE_MODE_DRIVER                                               NTStatus      = 0xC000035F
+	STATUS_ACCESS_DISABLED_BY_POLICY_DEFAULT                                  NTStatus      = 0xC0000361
+	STATUS_ACCESS_DISABLED_BY_POLICY_PATH                                     NTStatus      = 0xC0000362
+	STATUS_ACCESS_DISABLED_BY_POLICY_PUBLISHER                                NTStatus      = 0xC0000363
+	STATUS_ACCESS_DISABLED_BY_POLICY_OTHER                                    NTStatus      = 0xC0000364
+	STATUS_FAILED_DRIVER_ENTRY                                                NTStatus      = 0xC0000365
+	STATUS_DEVICE_ENUMERATION_ERROR                                           NTStatus      = 0xC0000366
+	STATUS_MOUNT_POINT_NOT_RESOLVED                                           NTStatus      = 0xC0000368
+	STATUS_INVALID_DEVICE_OBJECT_PARAMETER                                    NTStatus      = 0xC0000369
+	STATUS_MCA_OCCURED                                                        NTStatus      = 0xC000036A
+	STATUS_DRIVER_BLOCKED_CRITICAL                                            NTStatus      = 0xC000036B
+	STATUS_DRIVER_BLOCKED                                                     NTStatus      = 0xC000036C
+	STATUS_DRIVER_DATABASE_ERROR                                              NTStatus      = 0xC000036D
+	STATUS_SYSTEM_HIVE_TOO_LARGE                                              NTStatus      = 0xC000036E
+	STATUS_INVALID_IMPORT_OF_NON_DLL                                          NTStatus      = 0xC000036F
+	STATUS_DS_SHUTTING_DOWN                                                   NTStatus      = 0x40000370
+	STATUS_NO_SECRETS                                                         NTStatus      = 0xC0000371
+	STATUS_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY                              NTStatus      = 0xC0000372
+	STATUS_FAILED_STACK_SWITCH                                                NTStatus      = 0xC0000373
+	STATUS_HEAP_CORRUPTION                                                    NTStatus      = 0xC0000374
+	STATUS_SMARTCARD_WRONG_PIN                                                NTStatus      = 0xC0000380
+	STATUS_SMARTCARD_CARD_BLOCKED                                             NTStatus      = 0xC0000381
+	STATUS_SMARTCARD_CARD_NOT_AUTHENTICATED                                   NTStatus      = 0xC0000382
+	STATUS_SMARTCARD_NO_CARD                                                  NTStatus      = 0xC0000383
+	STATUS_SMARTCARD_NO_KEY_CONTAINER                                         NTStatus      = 0xC0000384
+	STATUS_SMARTCARD_NO_CERTIFICATE                                           NTStatus      = 0xC0000385
+	STATUS_SMARTCARD_NO_KEYSET                                                NTStatus      = 0xC0000386
+	STATUS_SMARTCARD_IO_ERROR                                                 NTStatus      = 0xC0000387
+	STATUS_DOWNGRADE_DETECTED                                                 NTStatus      = 0xC0000388
+	STATUS_SMARTCARD_CERT_REVOKED                                             NTStatus      = 0xC0000389
+	STATUS_ISSUING_CA_UNTRUSTED                                               NTStatus      = 0xC000038A
+	STATUS_REVOCATION_OFFLINE_C                                               NTStatus      = 0xC000038B
+	STATUS_PKINIT_CLIENT_FAILURE                                              NTStatus      = 0xC000038C
+	STATUS_SMARTCARD_CERT_EXPIRED                                             NTStatus      = 0xC000038D
+	STATUS_DRIVER_FAILED_PRIOR_UNLOAD                                         NTStatus      = 0xC000038E
+	STATUS_SMARTCARD_SILENT_CONTEXT                                           NTStatus      = 0xC000038F
+	STATUS_PER_USER_TRUST_QUOTA_EXCEEDED                                      NTStatus      = 0xC0000401
+	STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED                                      NTStatus      = 0xC0000402
+	STATUS_USER_DELETE_TRUST_QUOTA_EXCEEDED                                   NTStatus      = 0xC0000403
+	STATUS_DS_NAME_NOT_UNIQUE                                                 NTStatus      = 0xC0000404
+	STATUS_DS_DUPLICATE_ID_FOUND                                              NTStatus      = 0xC0000405
+	STATUS_DS_GROUP_CONVERSION_ERROR                                          NTStatus      = 0xC0000406
+	STATUS_VOLSNAP_PREPARE_HIBERNATE                                          NTStatus      = 0xC0000407
+	STATUS_USER2USER_REQUIRED                                                 NTStatus      = 0xC0000408
+	STATUS_STACK_BUFFER_OVERRUN                                               NTStatus      = 0xC0000409
+	STATUS_NO_S4U_PROT_SUPPORT                                                NTStatus      = 0xC000040A
+	STATUS_CROSSREALM_DELEGATION_FAILURE                                      NTStatus      = 0xC000040B
+	STATUS_REVOCATION_OFFLINE_KDC                                             NTStatus      = 0xC000040C
+	STATUS_ISSUING_CA_UNTRUSTED_KDC                                           NTStatus      = 0xC000040D
+	STATUS_KDC_CERT_EXPIRED                                                   NTStatus      = 0xC000040E
+	STATUS_KDC_CERT_REVOKED                                                   NTStatus      = 0xC000040F
+	STATUS_PARAMETER_QUOTA_EXCEEDED                                           NTStatus      = 0xC0000410
+	STATUS_HIBERNATION_FAILURE                                                NTStatus      = 0xC0000411
+	STATUS_DELAY_LOAD_FAILED                                                  NTStatus      = 0xC0000412
+	STATUS_AUTHENTICATION_FIREWALL_FAILED                                     NTStatus      = 0xC0000413
+	STATUS_VDM_DISALLOWED                                                     NTStatus      = 0xC0000414
+	STATUS_HUNG_DISPLAY_DRIVER_THREAD                                         NTStatus      = 0xC0000415
+	STATUS_INSUFFICIENT_RESOURCE_FOR_SPECIFIED_SHARED_SECTION_SIZE            NTStatus      = 0xC0000416
+	STATUS_INVALID_CRUNTIME_PARAMETER                                         NTStatus      = 0xC0000417
+	STATUS_NTLM_BLOCKED                                                       NTStatus      = 0xC0000418
+	STATUS_DS_SRC_SID_EXISTS_IN_FOREST                                        NTStatus      = 0xC0000419
+	STATUS_DS_DOMAIN_NAME_EXISTS_IN_FOREST                                    NTStatus      = 0xC000041A
+	STATUS_DS_FLAT_NAME_EXISTS_IN_FOREST                                      NTStatus      = 0xC000041B
+	STATUS_INVALID_USER_PRINCIPAL_NAME                                        NTStatus      = 0xC000041C
+	STATUS_FATAL_USER_CALLBACK_EXCEPTION                                      NTStatus      = 0xC000041D
+	STATUS_ASSERTION_FAILURE                                                  NTStatus      = 0xC0000420
+	STATUS_VERIFIER_STOP                                                      NTStatus      = 0xC0000421
+	STATUS_CALLBACK_POP_STACK                                                 NTStatus      = 0xC0000423
+	STATUS_INCOMPATIBLE_DRIVER_BLOCKED                                        NTStatus      = 0xC0000424
+	STATUS_HIVE_UNLOADED                                                      NTStatus      = 0xC0000425
+	STATUS_COMPRESSION_DISABLED                                               NTStatus      = 0xC0000426
+	STATUS_FILE_SYSTEM_LIMITATION                                             NTStatus      = 0xC0000427
+	STATUS_INVALID_IMAGE_HASH                                                 NTStatus      = 0xC0000428
+	STATUS_NOT_CAPABLE                                                        NTStatus      = 0xC0000429
+	STATUS_REQUEST_OUT_OF_SEQUENCE                                            NTStatus      = 0xC000042A
+	STATUS_IMPLEMENTATION_LIMIT                                               NTStatus      = 0xC000042B
+	STATUS_ELEVATION_REQUIRED                                                 NTStatus      = 0xC000042C
+	STATUS_NO_SECURITY_CONTEXT                                                NTStatus      = 0xC000042D
+	STATUS_PKU2U_CERT_FAILURE                                                 NTStatus      = 0xC000042F
+	STATUS_BEYOND_VDL                                                         NTStatus      = 0xC0000432
+	STATUS_ENCOUNTERED_WRITE_IN_PROGRESS                                      NTStatus      = 0xC0000433
+	STATUS_PTE_CHANGED                                                        NTStatus      = 0xC0000434
+	STATUS_PURGE_FAILED                                                       NTStatus      = 0xC0000435
+	STATUS_CRED_REQUIRES_CONFIRMATION                                         NTStatus      = 0xC0000440
+	STATUS_CS_ENCRYPTION_INVALID_SERVER_RESPONSE                              NTStatus      = 0xC0000441
+	STATUS_CS_ENCRYPTION_UNSUPPORTED_SERVER                                   NTStatus      = 0xC0000442
+	STATUS_CS_ENCRYPTION_EXISTING_ENCRYPTED_FILE                              NTStatus      = 0xC0000443
+	STATUS_CS_ENCRYPTION_NEW_ENCRYPTED_FILE                                   NTStatus      = 0xC0000444
+	STATUS_CS_ENCRYPTION_FILE_NOT_CSE                                         NTStatus      = 0xC0000445
+	STATUS_INVALID_LABEL                                                      NTStatus      = 0xC0000446
+	STATUS_DRIVER_PROCESS_TERMINATED                                          NTStatus      = 0xC0000450
+	STATUS_AMBIGUOUS_SYSTEM_DEVICE                                            NTStatus      = 0xC0000451
+	STATUS_SYSTEM_DEVICE_NOT_FOUND                                            NTStatus      = 0xC0000452
+	STATUS_RESTART_BOOT_APPLICATION                                           NTStatus      = 0xC0000453
+	STATUS_INSUFFICIENT_NVRAM_RESOURCES                                       NTStatus      = 0xC0000454
+	STATUS_INVALID_SESSION                                                    NTStatus      = 0xC0000455
+	STATUS_THREAD_ALREADY_IN_SESSION                                          NTStatus      = 0xC0000456
+	STATUS_THREAD_NOT_IN_SESSION                                              NTStatus      = 0xC0000457
+	STATUS_INVALID_WEIGHT                                                     NTStatus      = 0xC0000458
+	STATUS_REQUEST_PAUSED                                                     NTStatus      = 0xC0000459
+	STATUS_NO_RANGES_PROCESSED                                                NTStatus      = 0xC0000460
+	STATUS_DISK_RESOURCES_EXHAUSTED                                           NTStatus      = 0xC0000461
+	STATUS_NEEDS_REMEDIATION                                                  NTStatus      = 0xC0000462
+	STATUS_DEVICE_FEATURE_NOT_SUPPORTED                                       NTStatus      = 0xC0000463
+	STATUS_DEVICE_UNREACHABLE                                                 NTStatus      = 0xC0000464
+	STATUS_INVALID_TOKEN                                                      NTStatus      = 0xC0000465
+	STATUS_SERVER_UNAVAILABLE                                                 NTStatus      = 0xC0000466
+	STATUS_FILE_NOT_AVAILABLE                                                 NTStatus      = 0xC0000467
+	STATUS_DEVICE_INSUFFICIENT_RESOURCES                                      NTStatus      = 0xC0000468
+	STATUS_PACKAGE_UPDATING                                                   NTStatus      = 0xC0000469
+	STATUS_NOT_READ_FROM_COPY                                                 NTStatus      = 0xC000046A
+	STATUS_FT_WRITE_FAILURE                                                   NTStatus      = 0xC000046B
+	STATUS_FT_DI_SCAN_REQUIRED                                                NTStatus      = 0xC000046C
+	STATUS_OBJECT_NOT_EXTERNALLY_BACKED                                       NTStatus      = 0xC000046D
+	STATUS_EXTERNAL_BACKING_PROVIDER_UNKNOWN                                  NTStatus      = 0xC000046E
+	STATUS_COMPRESSION_NOT_BENEFICIAL                                         NTStatus      = 0xC000046F
+	STATUS_DATA_CHECKSUM_ERROR                                                NTStatus      = 0xC0000470
+	STATUS_INTERMIXED_KERNEL_EA_OPERATION                                     NTStatus      = 0xC0000471
+	STATUS_TRIM_READ_ZERO_NOT_SUPPORTED                                       NTStatus      = 0xC0000472
+	STATUS_TOO_MANY_SEGMENT_DESCRIPTORS                                       NTStatus      = 0xC0000473
+	STATUS_INVALID_OFFSET_ALIGNMENT                                           NTStatus      = 0xC0000474
+	STATUS_INVALID_FIELD_IN_PARAMETER_LIST                                    NTStatus      = 0xC0000475
+	STATUS_OPERATION_IN_PROGRESS                                              NTStatus      = 0xC0000476
+	STATUS_INVALID_INITIATOR_TARGET_PATH                                      NTStatus      = 0xC0000477
+	STATUS_SCRUB_DATA_DISABLED                                                NTStatus      = 0xC0000478
+	STATUS_NOT_REDUNDANT_STORAGE                                              NTStatus      = 0xC0000479
+	STATUS_RESIDENT_FILE_NOT_SUPPORTED                                        NTStatus      = 0xC000047A
+	STATUS_COMPRESSED_FILE_NOT_SUPPORTED                                      NTStatus      = 0xC000047B
+	STATUS_DIRECTORY_NOT_SUPPORTED                                            NTStatus      = 0xC000047C
+	STATUS_IO_OPERATION_TIMEOUT                                               NTStatus      = 0xC000047D
+	STATUS_SYSTEM_NEEDS_REMEDIATION                                           NTStatus      = 0xC000047E
+	STATUS_APPX_INTEGRITY_FAILURE_CLR_NGEN                                    NTStatus      = 0xC000047F
+	STATUS_SHARE_UNAVAILABLE                                                  NTStatus      = 0xC0000480
+	STATUS_APISET_NOT_HOSTED                                                  NTStatus      = 0xC0000481
+	STATUS_APISET_NOT_PRESENT                                                 NTStatus      = 0xC0000482
+	STATUS_DEVICE_HARDWARE_ERROR                                              NTStatus      = 0xC0000483
+	STATUS_FIRMWARE_SLOT_INVALID                                              NTStatus      = 0xC0000484
+	STATUS_FIRMWARE_IMAGE_INVALID                                             NTStatus      = 0xC0000485
+	STATUS_STORAGE_TOPOLOGY_ID_MISMATCH                                       NTStatus      = 0xC0000486
+	STATUS_WIM_NOT_BOOTABLE                                                   NTStatus      = 0xC0000487
+	STATUS_BLOCKED_BY_PARENTAL_CONTROLS                                       NTStatus      = 0xC0000488
+	STATUS_NEEDS_REGISTRATION                                                 NTStatus      = 0xC0000489
+	STATUS_QUOTA_ACTIVITY                                                     NTStatus      = 0xC000048A
+	STATUS_CALLBACK_INVOKE_INLINE                                             NTStatus      = 0xC000048B
+	STATUS_BLOCK_TOO_MANY_REFERENCES                                          NTStatus      = 0xC000048C
+	STATUS_MARKED_TO_DISALLOW_WRITES                                          NTStatus      = 0xC000048D
+	STATUS_NETWORK_ACCESS_DENIED_EDP                                          NTStatus      = 0xC000048E
+	STATUS_ENCLAVE_FAILURE                                                    NTStatus      = 0xC000048F
+	STATUS_PNP_NO_COMPAT_DRIVERS                                              NTStatus      = 0xC0000490
+	STATUS_PNP_DRIVER_PACKAGE_NOT_FOUND                                       NTStatus      = 0xC0000491
+	STATUS_PNP_DRIVER_CONFIGURATION_NOT_FOUND                                 NTStatus      = 0xC0000492
+	STATUS_PNP_DRIVER_CONFIGURATION_INCOMPLETE                                NTStatus      = 0xC0000493
+	STATUS_PNP_FUNCTION_DRIVER_REQUIRED                                       NTStatus      = 0xC0000494
+	STATUS_PNP_DEVICE_CONFIGURATION_PENDING                                   NTStatus      = 0xC0000495
+	STATUS_DEVICE_HINT_NAME_BUFFER_TOO_SMALL                                  NTStatus      = 0xC0000496
+	STATUS_PACKAGE_NOT_AVAILABLE                                              NTStatus      = 0xC0000497
+	STATUS_DEVICE_IN_MAINTENANCE                                              NTStatus      = 0xC0000499
+	STATUS_NOT_SUPPORTED_ON_DAX                                               NTStatus      = 0xC000049A
+	STATUS_FREE_SPACE_TOO_FRAGMENTED                                          NTStatus      = 0xC000049B
+	STATUS_DAX_MAPPING_EXISTS                                                 NTStatus      = 0xC000049C
+	STATUS_CHILD_PROCESS_BLOCKED                                              NTStatus      = 0xC000049D
+	STATUS_STORAGE_LOST_DATA_PERSISTENCE                                      NTStatus      = 0xC000049E
+	STATUS_VRF_CFG_ENABLED                                                    NTStatus      = 0xC000049F
+	STATUS_PARTITION_TERMINATING                                              NTStatus      = 0xC00004A0
+	STATUS_EXTERNAL_SYSKEY_NOT_SUPPORTED                                      NTStatus      = 0xC00004A1
+	STATUS_ENCLAVE_VIOLATION                                                  NTStatus      = 0xC00004A2
+	STATUS_FILE_PROTECTED_UNDER_DPL                                           NTStatus      = 0xC00004A3
+	STATUS_VOLUME_NOT_CLUSTER_ALIGNED                                         NTStatus      = 0xC00004A4
+	STATUS_NO_PHYSICALLY_ALIGNED_FREE_SPACE_FOUND                             NTStatus      = 0xC00004A5
+	STATUS_APPX_FILE_NOT_ENCRYPTED                                            NTStatus      = 0xC00004A6
+	STATUS_RWRAW_ENCRYPTED_FILE_NOT_ENCRYPTED                                 NTStatus      = 0xC00004A7
+	STATUS_RWRAW_ENCRYPTED_INVALID_EDATAINFO_FILEOFFSET                       NTStatus      = 0xC00004A8
+	STATUS_RWRAW_ENCRYPTED_INVALID_EDATAINFO_FILERANGE                        NTStatus      = 0xC00004A9
+	STATUS_RWRAW_ENCRYPTED_INVALID_EDATAINFO_PARAMETER                        NTStatus      = 0xC00004AA
+	STATUS_FT_READ_FAILURE                                                    NTStatus      = 0xC00004AB
+	STATUS_PATCH_CONFLICT                                                     NTStatus      = 0xC00004AC
+	STATUS_STORAGE_RESERVE_ID_INVALID                                         NTStatus      = 0xC00004AD
+	STATUS_STORAGE_RESERVE_DOES_NOT_EXIST                                     NTStatus      = 0xC00004AE
+	STATUS_STORAGE_RESERVE_ALREADY_EXISTS                                     NTStatus      = 0xC00004AF
+	STATUS_STORAGE_RESERVE_NOT_EMPTY                                          NTStatus      = 0xC00004B0
+	STATUS_NOT_A_DAX_VOLUME                                                   NTStatus      = 0xC00004B1
+	STATUS_NOT_DAX_MAPPABLE                                                   NTStatus      = 0xC00004B2
+	STATUS_CASE_DIFFERING_NAMES_IN_DIR                                        NTStatus      = 0xC00004B3
+	STATUS_FILE_NOT_SUPPORTED                                                 NTStatus      = 0xC00004B4
+	STATUS_NOT_SUPPORTED_WITH_BTT                                             NTStatus      = 0xC00004B5
+	STATUS_ENCRYPTION_DISABLED                                                NTStatus      = 0xC00004B6
+	STATUS_ENCRYPTING_METADATA_DISALLOWED                                     NTStatus      = 0xC00004B7
+	STATUS_CANT_CLEAR_ENCRYPTION_FLAG                                         NTStatus      = 0xC00004B8
+	STATUS_INVALID_TASK_NAME                                                  NTStatus      = 0xC0000500
+	STATUS_INVALID_TASK_INDEX                                                 NTStatus      = 0xC0000501
+	STATUS_THREAD_ALREADY_IN_TASK                                             NTStatus      = 0xC0000502
+	STATUS_CALLBACK_BYPASS                                                    NTStatus      = 0xC0000503
+	STATUS_UNDEFINED_SCOPE                                                    NTStatus      = 0xC0000504
+	STATUS_INVALID_CAP                                                        NTStatus      = 0xC0000505
+	STATUS_NOT_GUI_PROCESS                                                    NTStatus      = 0xC0000506
+	STATUS_DEVICE_HUNG                                                        NTStatus      = 0xC0000507
+	STATUS_CONTAINER_ASSIGNED                                                 NTStatus      = 0xC0000508
+	STATUS_JOB_NO_CONTAINER                                                   NTStatus      = 0xC0000509
+	STATUS_DEVICE_UNRESPONSIVE                                                NTStatus      = 0xC000050A
+	STATUS_REPARSE_POINT_ENCOUNTERED                                          NTStatus      = 0xC000050B
+	STATUS_ATTRIBUTE_NOT_PRESENT                                              NTStatus      = 0xC000050C
+	STATUS_NOT_A_TIERED_VOLUME                                                NTStatus      = 0xC000050D
+	STATUS_ALREADY_HAS_STREAM_ID                                              NTStatus      = 0xC000050E
+	STATUS_JOB_NOT_EMPTY                                                      NTStatus      = 0xC000050F
+	STATUS_ALREADY_INITIALIZED                                                NTStatus      = 0xC0000510
+	STATUS_ENCLAVE_NOT_TERMINATED                                             NTStatus      = 0xC0000511
+	STATUS_ENCLAVE_IS_TERMINATING                                             NTStatus      = 0xC0000512
+	STATUS_SMB1_NOT_AVAILABLE                                                 NTStatus      = 0xC0000513
+	STATUS_SMR_GARBAGE_COLLECTION_REQUIRED                                    NTStatus      = 0xC0000514
+	STATUS_INTERRUPTED                                                        NTStatus      = 0xC0000515
+	STATUS_THREAD_NOT_RUNNING                                                 NTStatus      = 0xC0000516
+	STATUS_FAIL_FAST_EXCEPTION                                                NTStatus      = 0xC0000602
+	STATUS_IMAGE_CERT_REVOKED                                                 NTStatus      = 0xC0000603
+	STATUS_DYNAMIC_CODE_BLOCKED                                               NTStatus      = 0xC0000604
+	STATUS_IMAGE_CERT_EXPIRED                                                 NTStatus      = 0xC0000605
+	STATUS_STRICT_CFG_VIOLATION                                               NTStatus      = 0xC0000606
+	STATUS_SET_CONTEXT_DENIED                                                 NTStatus      = 0xC000060A
+	STATUS_CROSS_PARTITION_VIOLATION                                          NTStatus      = 0xC000060B
+	STATUS_PORT_CLOSED                                                        NTStatus      = 0xC0000700
+	STATUS_MESSAGE_LOST                                                       NTStatus      = 0xC0000701
+	STATUS_INVALID_MESSAGE                                                    NTStatus      = 0xC0000702
+	STATUS_REQUEST_CANCELED                                                   NTStatus      = 0xC0000703
+	STATUS_RECURSIVE_DISPATCH                                                 NTStatus      = 0xC0000704
+	STATUS_LPC_RECEIVE_BUFFER_EXPECTED                                        NTStatus      = 0xC0000705
+	STATUS_LPC_INVALID_CONNECTION_USAGE                                       NTStatus      = 0xC0000706
+	STATUS_LPC_REQUESTS_NOT_ALLOWED                                           NTStatus      = 0xC0000707
+	STATUS_RESOURCE_IN_USE                                                    NTStatus      = 0xC0000708
+	STATUS_HARDWARE_MEMORY_ERROR                                              NTStatus      = 0xC0000709
+	STATUS_THREADPOOL_HANDLE_EXCEPTION                                        NTStatus      = 0xC000070A
+	STATUS_THREADPOOL_SET_EVENT_ON_COMPLETION_FAILED                          NTStatus      = 0xC000070B
+	STATUS_THREADPOOL_RELEASE_SEMAPHORE_ON_COMPLETION_FAILED                  NTStatus      = 0xC000070C
+	STATUS_THREADPOOL_RELEASE_MUTEX_ON_COMPLETION_FAILED                      NTStatus      = 0xC000070D
+	STATUS_THREADPOOL_FREE_LIBRARY_ON_COMPLETION_FAILED                       NTStatus      = 0xC000070E
+	STATUS_THREADPOOL_RELEASED_DURING_OPERATION                               NTStatus      = 0xC000070F
+	STATUS_CALLBACK_RETURNED_WHILE_IMPERSONATING                              NTStatus      = 0xC0000710
+	STATUS_APC_RETURNED_WHILE_IMPERSONATING                                   NTStatus      = 0xC0000711
+	STATUS_PROCESS_IS_PROTECTED                                               NTStatus      = 0xC0000712
+	STATUS_MCA_EXCEPTION                                                      NTStatus      = 0xC0000713
+	STATUS_CERTIFICATE_MAPPING_NOT_UNIQUE                                     NTStatus      = 0xC0000714
+	STATUS_SYMLINK_CLASS_DISABLED                                             NTStatus      = 0xC0000715
+	STATUS_INVALID_IDN_NORMALIZATION                                          NTStatus      = 0xC0000716
+	STATUS_NO_UNICODE_TRANSLATION                                             NTStatus      = 0xC0000717
+	STATUS_ALREADY_REGISTERED                                                 NTStatus      = 0xC0000718
+	STATUS_CONTEXT_MISMATCH                                                   NTStatus      = 0xC0000719
+	STATUS_PORT_ALREADY_HAS_COMPLETION_LIST                                   NTStatus      = 0xC000071A
+	STATUS_CALLBACK_RETURNED_THREAD_PRIORITY                                  NTStatus      = 0xC000071B
+	STATUS_INVALID_THREAD                                                     NTStatus      = 0xC000071C
+	STATUS_CALLBACK_RETURNED_TRANSACTION                                      NTStatus      = 0xC000071D
+	STATUS_CALLBACK_RETURNED_LDR_LOCK                                         NTStatus      = 0xC000071E
+	STATUS_CALLBACK_RETURNED_LANG                                             NTStatus      = 0xC000071F
+	STATUS_CALLBACK_RETURNED_PRI_BACK                                         NTStatus      = 0xC0000720
+	STATUS_CALLBACK_RETURNED_THREAD_AFFINITY                                  NTStatus      = 0xC0000721
+	STATUS_LPC_HANDLE_COUNT_EXCEEDED                                          NTStatus      = 0xC0000722
+	STATUS_EXECUTABLE_MEMORY_WRITE                                            NTStatus      = 0xC0000723
+	STATUS_KERNEL_EXECUTABLE_MEMORY_WRITE                                     NTStatus      = 0xC0000724
+	STATUS_ATTACHED_EXECUTABLE_MEMORY_WRITE                                   NTStatus      = 0xC0000725
+	STATUS_TRIGGERED_EXECUTABLE_MEMORY_WRITE                                  NTStatus      = 0xC0000726
+	STATUS_DISK_REPAIR_DISABLED                                               NTStatus      = 0xC0000800
+	STATUS_DS_DOMAIN_RENAME_IN_PROGRESS                                       NTStatus      = 0xC0000801
+	STATUS_DISK_QUOTA_EXCEEDED                                                NTStatus      = 0xC0000802
+	STATUS_DATA_LOST_REPAIR                                                   NTStatus      = 0x80000803
+	STATUS_CONTENT_BLOCKED                                                    NTStatus      = 0xC0000804
+	STATUS_BAD_CLUSTERS                                                       NTStatus      = 0xC0000805
+	STATUS_VOLUME_DIRTY                                                       NTStatus      = 0xC0000806
+	STATUS_DISK_REPAIR_REDIRECTED                                             NTStatus      = 0x40000807
+	STATUS_DISK_REPAIR_UNSUCCESSFUL                                           NTStatus      = 0xC0000808
+	STATUS_CORRUPT_LOG_OVERFULL                                               NTStatus      = 0xC0000809
+	STATUS_CORRUPT_LOG_CORRUPTED                                              NTStatus      = 0xC000080A
+	STATUS_CORRUPT_LOG_UNAVAILABLE                                            NTStatus      = 0xC000080B
+	STATUS_CORRUPT_LOG_DELETED_FULL                                           NTStatus      = 0xC000080C
+	STATUS_CORRUPT_LOG_CLEARED                                                NTStatus      = 0xC000080D
+	STATUS_ORPHAN_NAME_EXHAUSTED                                              NTStatus      = 0xC000080E
+	STATUS_PROACTIVE_SCAN_IN_PROGRESS                                         NTStatus      = 0xC000080F
+	STATUS_ENCRYPTED_IO_NOT_POSSIBLE                                          NTStatus      = 0xC0000810
+	STATUS_CORRUPT_LOG_UPLEVEL_RECORDS                                        NTStatus      = 0xC0000811
+	STATUS_FILE_CHECKED_OUT                                                   NTStatus      = 0xC0000901
+	STATUS_CHECKOUT_REQUIRED                                                  NTStatus      = 0xC0000902
+	STATUS_BAD_FILE_TYPE                                                      NTStatus      = 0xC0000903
+	STATUS_FILE_TOO_LARGE                                                     NTStatus      = 0xC0000904
+	STATUS_FORMS_AUTH_REQUIRED                                                NTStatus      = 0xC0000905
+	STATUS_VIRUS_INFECTED                                                     NTStatus      = 0xC0000906
+	STATUS_VIRUS_DELETED                                                      NTStatus      = 0xC0000907
+	STATUS_BAD_MCFG_TABLE                                                     NTStatus      = 0xC0000908
+	STATUS_CANNOT_BREAK_OPLOCK                                                NTStatus      = 0xC0000909
+	STATUS_BAD_KEY                                                            NTStatus      = 0xC000090A
+	STATUS_BAD_DATA                                                           NTStatus      = 0xC000090B
+	STATUS_NO_KEY                                                             NTStatus      = 0xC000090C
+	STATUS_FILE_HANDLE_REVOKED                                                NTStatus      = 0xC0000910
+	STATUS_WOW_ASSERTION                                                      NTStatus      = 0xC0009898
+	STATUS_INVALID_SIGNATURE                                                  NTStatus      = 0xC000A000
+	STATUS_HMAC_NOT_SUPPORTED                                                 NTStatus      = 0xC000A001
+	STATUS_AUTH_TAG_MISMATCH                                                  NTStatus      = 0xC000A002
+	STATUS_INVALID_STATE_TRANSITION                                           NTStatus      = 0xC000A003
+	STATUS_INVALID_KERNEL_INFO_VERSION                                        NTStatus      = 0xC000A004
+	STATUS_INVALID_PEP_INFO_VERSION                                           NTStatus      = 0xC000A005
+	STATUS_HANDLE_REVOKED                                                     NTStatus      = 0xC000A006
+	STATUS_EOF_ON_GHOSTED_RANGE                                               NTStatus      = 0xC000A007
+	STATUS_IPSEC_QUEUE_OVERFLOW                                               NTStatus      = 0xC000A010
+	STATUS_ND_QUEUE_OVERFLOW                                                  NTStatus      = 0xC000A011
+	STATUS_HOPLIMIT_EXCEEDED                                                  NTStatus      = 0xC000A012
+	STATUS_PROTOCOL_NOT_SUPPORTED                                             NTStatus      = 0xC000A013
+	STATUS_FASTPATH_REJECTED                                                  NTStatus      = 0xC000A014
+	STATUS_LOST_WRITEBEHIND_DATA_NETWORK_DISCONNECTED                         NTStatus      = 0xC000A080
+	STATUS_LOST_WRITEBEHIND_DATA_NETWORK_SERVER_ERROR                         NTStatus      = 0xC000A081
+	STATUS_LOST_WRITEBEHIND_DATA_LOCAL_DISK_ERROR                             NTStatus      = 0xC000A082
+	STATUS_XML_PARSE_ERROR                                                    NTStatus      = 0xC000A083
+	STATUS_XMLDSIG_ERROR                                                      NTStatus      = 0xC000A084
+	STATUS_WRONG_COMPARTMENT                                                  NTStatus      = 0xC000A085
+	STATUS_AUTHIP_FAILURE                                                     NTStatus      = 0xC000A086
+	STATUS_DS_OID_MAPPED_GROUP_CANT_HAVE_MEMBERS                              NTStatus      = 0xC000A087
+	STATUS_DS_OID_NOT_FOUND                                                   NTStatus      = 0xC000A088
+	STATUS_INCORRECT_ACCOUNT_TYPE                                             NTStatus      = 0xC000A089
+	STATUS_HASH_NOT_SUPPORTED                                                 NTStatus      = 0xC000A100
+	STATUS_HASH_NOT_PRESENT                                                   NTStatus      = 0xC000A101
+	STATUS_SECONDARY_IC_PROVIDER_NOT_REGISTERED                               NTStatus      = 0xC000A121
+	STATUS_GPIO_CLIENT_INFORMATION_INVALID                                    NTStatus      = 0xC000A122
+	STATUS_GPIO_VERSION_NOT_SUPPORTED                                         NTStatus      = 0xC000A123
+	STATUS_GPIO_INVALID_REGISTRATION_PACKET                                   NTStatus      = 0xC000A124
+	STATUS_GPIO_OPERATION_DENIED                                              NTStatus      = 0xC000A125
+	STATUS_GPIO_INCOMPATIBLE_CONNECT_MODE                                     NTStatus      = 0xC000A126
+	STATUS_GPIO_INTERRUPT_ALREADY_UNMASKED                                    NTStatus      = 0x8000A127
+	STATUS_CANNOT_SWITCH_RUNLEVEL                                             NTStatus      = 0xC000A141
+	STATUS_INVALID_RUNLEVEL_SETTING                                           NTStatus      = 0xC000A142
+	STATUS_RUNLEVEL_SWITCH_TIMEOUT                                            NTStatus      = 0xC000A143
+	STATUS_SERVICES_FAILED_AUTOSTART                                          NTStatus      = 0x4000A144
+	STATUS_RUNLEVEL_SWITCH_AGENT_TIMEOUT                                      NTStatus      = 0xC000A145
+	STATUS_RUNLEVEL_SWITCH_IN_PROGRESS                                        NTStatus      = 0xC000A146
+	STATUS_NOT_APPCONTAINER                                                   NTStatus      = 0xC000A200
+	STATUS_NOT_SUPPORTED_IN_APPCONTAINER                                      NTStatus      = 0xC000A201
+	STATUS_INVALID_PACKAGE_SID_LENGTH                                         NTStatus      = 0xC000A202
+	STATUS_LPAC_ACCESS_DENIED                                                 NTStatus      = 0xC000A203
+	STATUS_ADMINLESS_ACCESS_DENIED                                            NTStatus      = 0xC000A204
+	STATUS_APP_DATA_NOT_FOUND                                                 NTStatus      = 0xC000A281
+	STATUS_APP_DATA_EXPIRED                                                   NTStatus      = 0xC000A282
+	STATUS_APP_DATA_CORRUPT                                                   NTStatus      = 0xC000A283
+	STATUS_APP_DATA_LIMIT_EXCEEDED                                            NTStatus      = 0xC000A284
+	STATUS_APP_DATA_REBOOT_REQUIRED                                           NTStatus      = 0xC000A285
+	STATUS_OFFLOAD_READ_FLT_NOT_SUPPORTED                                     NTStatus      = 0xC000A2A1
+	STATUS_OFFLOAD_WRITE_FLT_NOT_SUPPORTED                                    NTStatus      = 0xC000A2A2
+	STATUS_OFFLOAD_READ_FILE_NOT_SUPPORTED                                    NTStatus      = 0xC000A2A3
+	STATUS_OFFLOAD_WRITE_FILE_NOT_SUPPORTED                                   NTStatus      = 0xC000A2A4
+	STATUS_WOF_WIM_HEADER_CORRUPT                                             NTStatus      = 0xC000A2A5
+	STATUS_WOF_WIM_RESOURCE_TABLE_CORRUPT                                     NTStatus      = 0xC000A2A6
+	STATUS_WOF_FILE_RESOURCE_TABLE_CORRUPT                                    NTStatus      = 0xC000A2A7
+	STATUS_FILE_SYSTEM_VIRTUALIZATION_UNAVAILABLE                             NTStatus      = 0xC000CE01
+	STATUS_FILE_SYSTEM_VIRTUALIZATION_METADATA_CORRUPT                        NTStatus      = 0xC000CE02
+	STATUS_FILE_SYSTEM_VIRTUALIZATION_BUSY                                    NTStatus      = 0xC000CE03
+	STATUS_FILE_SYSTEM_VIRTUALIZATION_PROVIDER_UNKNOWN                        NTStatus      = 0xC000CE04
+	STATUS_FILE_SYSTEM_VIRTUALIZATION_INVALID_OPERATION                       NTStatus      = 0xC000CE05
+	STATUS_CLOUD_FILE_SYNC_ROOT_METADATA_CORRUPT                              NTStatus      = 0xC000CF00
+	STATUS_CLOUD_FILE_PROVIDER_NOT_RUNNING                                    NTStatus      = 0xC000CF01
+	STATUS_CLOUD_FILE_METADATA_CORRUPT                                        NTStatus      = 0xC000CF02
+	STATUS_CLOUD_FILE_METADATA_TOO_LARGE                                      NTStatus      = 0xC000CF03
+	STATUS_CLOUD_FILE_PROPERTY_BLOB_TOO_LARGE                                 NTStatus      = 0x8000CF04
+	STATUS_CLOUD_FILE_TOO_MANY_PROPERTY_BLOBS                                 NTStatus      = 0x8000CF05
+	STATUS_CLOUD_FILE_PROPERTY_VERSION_NOT_SUPPORTED                          NTStatus      = 0xC000CF06
+	STATUS_NOT_A_CLOUD_FILE                                                   NTStatus      = 0xC000CF07
+	STATUS_CLOUD_FILE_NOT_IN_SYNC                                             NTStatus      = 0xC000CF08
+	STATUS_CLOUD_FILE_ALREADY_CONNECTED                                       NTStatus      = 0xC000CF09
+	STATUS_CLOUD_FILE_NOT_SUPPORTED                                           NTStatus      = 0xC000CF0A
+	STATUS_CLOUD_FILE_INVALID_REQUEST                                         NTStatus      = 0xC000CF0B
+	STATUS_CLOUD_FILE_READ_ONLY_VOLUME                                        NTStatus      = 0xC000CF0C
+	STATUS_CLOUD_FILE_CONNECTED_PROVIDER_ONLY                                 NTStatus      = 0xC000CF0D
+	STATUS_CLOUD_FILE_VALIDATION_FAILED                                       NTStatus      = 0xC000CF0E
+	STATUS_CLOUD_FILE_AUTHENTICATION_FAILED                                   NTStatus      = 0xC000CF0F
+	STATUS_CLOUD_FILE_INSUFFICIENT_RESOURCES                                  NTStatus      = 0xC000CF10
+	STATUS_CLOUD_FILE_NETWORK_UNAVAILABLE                                     NTStatus      = 0xC000CF11
+	STATUS_CLOUD_FILE_UNSUCCESSFUL                                            NTStatus      = 0xC000CF12
+	STATUS_CLOUD_FILE_NOT_UNDER_SYNC_ROOT                                     NTStatus      = 0xC000CF13
+	STATUS_CLOUD_FILE_IN_USE                                                  NTStatus      = 0xC000CF14
+	STATUS_CLOUD_FILE_PINNED                                                  NTStatus      = 0xC000CF15
+	STATUS_CLOUD_FILE_REQUEST_ABORTED                                         NTStatus      = 0xC000CF16
+	STATUS_CLOUD_FILE_PROPERTY_CORRUPT                                        NTStatus      = 0xC000CF17
+	STATUS_CLOUD_FILE_ACCESS_DENIED                                           NTStatus      = 0xC000CF18
+	STATUS_CLOUD_FILE_INCOMPATIBLE_HARDLINKS                                  NTStatus      = 0xC000CF19
+	STATUS_CLOUD_FILE_PROPERTY_LOCK_CONFLICT                                  NTStatus      = 0xC000CF1A
+	STATUS_CLOUD_FILE_REQUEST_CANCELED                                        NTStatus      = 0xC000CF1B
+	STATUS_CLOUD_FILE_PROVIDER_TERMINATED                                     NTStatus      = 0xC000CF1D
+	STATUS_NOT_A_CLOUD_SYNC_ROOT                                              NTStatus      = 0xC000CF1E
+	STATUS_CLOUD_FILE_REQUEST_TIMEOUT                                         NTStatus      = 0xC000CF1F
+	STATUS_ACPI_INVALID_OPCODE                                                NTStatus      = 0xC0140001
+	STATUS_ACPI_STACK_OVERFLOW                                                NTStatus      = 0xC0140002
+	STATUS_ACPI_ASSERT_FAILED                                                 NTStatus      = 0xC0140003
+	STATUS_ACPI_INVALID_INDEX                                                 NTStatus      = 0xC0140004
+	STATUS_ACPI_INVALID_ARGUMENT                                              NTStatus      = 0xC0140005
+	STATUS_ACPI_FATAL                                                         NTStatus      = 0xC0140006
+	STATUS_ACPI_INVALID_SUPERNAME                                             NTStatus      = 0xC0140007
+	STATUS_ACPI_INVALID_ARGTYPE                                               NTStatus      = 0xC0140008
+	STATUS_ACPI_INVALID_OBJTYPE                                               NTStatus      = 0xC0140009
+	STATUS_ACPI_INVALID_TARGETTYPE                                            NTStatus      = 0xC014000A
+	STATUS_ACPI_INCORRECT_ARGUMENT_COUNT                                      NTStatus      = 0xC014000B
+	STATUS_ACPI_ADDRESS_NOT_MAPPED                                            NTStatus      = 0xC014000C
+	STATUS_ACPI_INVALID_EVENTTYPE                                             NTStatus      = 0xC014000D
+	STATUS_ACPI_HANDLER_COLLISION                                             NTStatus      = 0xC014000E
+	STATUS_ACPI_INVALID_DATA                                                  NTStatus      = 0xC014000F
+	STATUS_ACPI_INVALID_REGION                                                NTStatus      = 0xC0140010
+	STATUS_ACPI_INVALID_ACCESS_SIZE                                           NTStatus      = 0xC0140011
+	STATUS_ACPI_ACQUIRE_GLOBAL_LOCK                                           NTStatus      = 0xC0140012
+	STATUS_ACPI_ALREADY_INITIALIZED                                           NTStatus      = 0xC0140013
+	STATUS_ACPI_NOT_INITIALIZED                                               NTStatus      = 0xC0140014
+	STATUS_ACPI_INVALID_MUTEX_LEVEL                                           NTStatus      = 0xC0140015
+	STATUS_ACPI_MUTEX_NOT_OWNED                                               NTStatus      = 0xC0140016
+	STATUS_ACPI_MUTEX_NOT_OWNER                                               NTStatus      = 0xC0140017
+	STATUS_ACPI_RS_ACCESS                                                     NTStatus      = 0xC0140018
+	STATUS_ACPI_INVALID_TABLE                                                 NTStatus      = 0xC0140019
+	STATUS_ACPI_REG_HANDLER_FAILED                                            NTStatus      = 0xC0140020
+	STATUS_ACPI_POWER_REQUEST_FAILED                                          NTStatus      = 0xC0140021
+	STATUS_CTX_WINSTATION_NAME_INVALID                                        NTStatus      = 0xC00A0001
+	STATUS_CTX_INVALID_PD                                                     NTStatus      = 0xC00A0002
+	STATUS_CTX_PD_NOT_FOUND                                                   NTStatus      = 0xC00A0003
+	STATUS_CTX_CDM_CONNECT                                                    NTStatus      = 0x400A0004
+	STATUS_CTX_CDM_DISCONNECT                                                 NTStatus      = 0x400A0005
+	STATUS_CTX_CLOSE_PENDING                                                  NTStatus      = 0xC00A0006
+	STATUS_CTX_NO_OUTBUF                                                      NTStatus      = 0xC00A0007
+	STATUS_CTX_MODEM_INF_NOT_FOUND                                            NTStatus      = 0xC00A0008
+	STATUS_CTX_INVALID_MODEMNAME                                              NTStatus      = 0xC00A0009
+	STATUS_CTX_RESPONSE_ERROR                                                 NTStatus      = 0xC00A000A
+	STATUS_CTX_MODEM_RESPONSE_TIMEOUT                                         NTStatus      = 0xC00A000B
+	STATUS_CTX_MODEM_RESPONSE_NO_CARRIER                                      NTStatus      = 0xC00A000C
+	STATUS_CTX_MODEM_RESPONSE_NO_DIALTONE                                     NTStatus      = 0xC00A000D
+	STATUS_CTX_MODEM_RESPONSE_BUSY                                            NTStatus      = 0xC00A000E
+	STATUS_CTX_MODEM_RESPONSE_VOICE                                           NTStatus      = 0xC00A000F
+	STATUS_CTX_TD_ERROR                                                       NTStatus      = 0xC00A0010
+	STATUS_CTX_LICENSE_CLIENT_INVALID                                         NTStatus      = 0xC00A0012
+	STATUS_CTX_LICENSE_NOT_AVAILABLE                                          NTStatus      = 0xC00A0013
+	STATUS_CTX_LICENSE_EXPIRED                                                NTStatus      = 0xC00A0014
+	STATUS_CTX_WINSTATION_NOT_FOUND                                           NTStatus      = 0xC00A0015
+	STATUS_CTX_WINSTATION_NAME_COLLISION                                      NTStatus      = 0xC00A0016
+	STATUS_CTX_WINSTATION_BUSY                                                NTStatus      = 0xC00A0017
+	STATUS_CTX_BAD_VIDEO_MODE                                                 NTStatus      = 0xC00A0018
+	STATUS_CTX_GRAPHICS_INVALID                                               NTStatus      = 0xC00A0022
+	STATUS_CTX_NOT_CONSOLE                                                    NTStatus      = 0xC00A0024
+	STATUS_CTX_CLIENT_QUERY_TIMEOUT                                           NTStatus      = 0xC00A0026
+	STATUS_CTX_CONSOLE_DISCONNECT                                             NTStatus      = 0xC00A0027
+	STATUS_CTX_CONSOLE_CONNECT                                                NTStatus      = 0xC00A0028
+	STATUS_CTX_SHADOW_DENIED                                                  NTStatus      = 0xC00A002A
+	STATUS_CTX_WINSTATION_ACCESS_DENIED                                       NTStatus      = 0xC00A002B
+	STATUS_CTX_INVALID_WD                                                     NTStatus      = 0xC00A002E
+	STATUS_CTX_WD_NOT_FOUND                                                   NTStatus      = 0xC00A002F
+	STATUS_CTX_SHADOW_INVALID                                                 NTStatus      = 0xC00A0030
+	STATUS_CTX_SHADOW_DISABLED                                                NTStatus      = 0xC00A0031
+	STATUS_RDP_PROTOCOL_ERROR                                                 NTStatus      = 0xC00A0032
+	STATUS_CTX_CLIENT_LICENSE_NOT_SET                                         NTStatus      = 0xC00A0033
+	STATUS_CTX_CLIENT_LICENSE_IN_USE                                          NTStatus      = 0xC00A0034
+	STATUS_CTX_SHADOW_ENDED_BY_MODE_CHANGE                                    NTStatus      = 0xC00A0035
+	STATUS_CTX_SHADOW_NOT_RUNNING                                             NTStatus      = 0xC00A0036
+	STATUS_CTX_LOGON_DISABLED                                                 NTStatus      = 0xC00A0037
+	STATUS_CTX_SECURITY_LAYER_ERROR                                           NTStatus      = 0xC00A0038
+	STATUS_TS_INCOMPATIBLE_SESSIONS                                           NTStatus      = 0xC00A0039
+	STATUS_TS_VIDEO_SUBSYSTEM_ERROR                                           NTStatus      = 0xC00A003A
+	STATUS_PNP_BAD_MPS_TABLE                                                  NTStatus      = 0xC0040035
+	STATUS_PNP_TRANSLATION_FAILED                                             NTStatus      = 0xC0040036
+	STATUS_PNP_IRQ_TRANSLATION_FAILED                                         NTStatus      = 0xC0040037
+	STATUS_PNP_INVALID_ID                                                     NTStatus      = 0xC0040038
+	STATUS_IO_REISSUE_AS_CACHED                                               NTStatus      = 0xC0040039
+	STATUS_MUI_FILE_NOT_FOUND                                                 NTStatus      = 0xC00B0001
+	STATUS_MUI_INVALID_FILE                                                   NTStatus      = 0xC00B0002
+	STATUS_MUI_INVALID_RC_CONFIG                                              NTStatus      = 0xC00B0003
+	STATUS_MUI_INVALID_LOCALE_NAME                                            NTStatus      = 0xC00B0004
+	STATUS_MUI_INVALID_ULTIMATEFALLBACK_NAME                                  NTStatus      = 0xC00B0005
+	STATUS_MUI_FILE_NOT_LOADED                                                NTStatus      = 0xC00B0006
+	STATUS_RESOURCE_ENUM_USER_STOP                                            NTStatus      = 0xC00B0007
+	STATUS_FLT_NO_HANDLER_DEFINED                                             NTStatus      = 0xC01C0001
+	STATUS_FLT_CONTEXT_ALREADY_DEFINED                                        NTStatus      = 0xC01C0002
+	STATUS_FLT_INVALID_ASYNCHRONOUS_REQUEST                                   NTStatus      = 0xC01C0003
+	STATUS_FLT_DISALLOW_FAST_IO                                               NTStatus      = 0xC01C0004
+	STATUS_FLT_INVALID_NAME_REQUEST                                           NTStatus      = 0xC01C0005
+	STATUS_FLT_NOT_SAFE_TO_POST_OPERATION                                     NTStatus      = 0xC01C0006
+	STATUS_FLT_NOT_INITIALIZED                                                NTStatus      = 0xC01C0007
+	STATUS_FLT_FILTER_NOT_READY                                               NTStatus      = 0xC01C0008
+	STATUS_FLT_POST_OPERATION_CLEANUP                                         NTStatus      = 0xC01C0009
+	STATUS_FLT_INTERNAL_ERROR                                                 NTStatus      = 0xC01C000A
+	STATUS_FLT_DELETING_OBJECT                                                NTStatus      = 0xC01C000B
+	STATUS_FLT_MUST_BE_NONPAGED_POOL                                          NTStatus      = 0xC01C000C
+	STATUS_FLT_DUPLICATE_ENTRY                                                NTStatus      = 0xC01C000D
+	STATUS_FLT_CBDQ_DISABLED                                                  NTStatus      = 0xC01C000E
+	STATUS_FLT_DO_NOT_ATTACH                                                  NTStatus      = 0xC01C000F
+	STATUS_FLT_DO_NOT_DETACH                                                  NTStatus      = 0xC01C0010
+	STATUS_FLT_INSTANCE_ALTITUDE_COLLISION                                    NTStatus      = 0xC01C0011
+	STATUS_FLT_INSTANCE_NAME_COLLISION                                        NTStatus      = 0xC01C0012
+	STATUS_FLT_FILTER_NOT_FOUND                                               NTStatus      = 0xC01C0013
+	STATUS_FLT_VOLUME_NOT_FOUND                                               NTStatus      = 0xC01C0014
+	STATUS_FLT_INSTANCE_NOT_FOUND                                             NTStatus      = 0xC01C0015
+	STATUS_FLT_CONTEXT_ALLOCATION_NOT_FOUND                                   NTStatus      = 0xC01C0016
+	STATUS_FLT_INVALID_CONTEXT_REGISTRATION                                   NTStatus      = 0xC01C0017
+	STATUS_FLT_NAME_CACHE_MISS                                                NTStatus      = 0xC01C0018
+	STATUS_FLT_NO_DEVICE_OBJECT                                               NTStatus      = 0xC01C0019
+	STATUS_FLT_VOLUME_ALREADY_MOUNTED                                         NTStatus      = 0xC01C001A
+	STATUS_FLT_ALREADY_ENLISTED                                               NTStatus      = 0xC01C001B
+	STATUS_FLT_CONTEXT_ALREADY_LINKED                                         NTStatus      = 0xC01C001C
+	STATUS_FLT_NO_WAITER_FOR_REPLY                                            NTStatus      = 0xC01C0020
+	STATUS_FLT_REGISTRATION_BUSY                                              NTStatus      = 0xC01C0023
+	STATUS_SXS_SECTION_NOT_FOUND                                              NTStatus      = 0xC0150001
+	STATUS_SXS_CANT_GEN_ACTCTX                                                NTStatus      = 0xC0150002
+	STATUS_SXS_INVALID_ACTCTXDATA_FORMAT                                      NTStatus      = 0xC0150003
+	STATUS_SXS_ASSEMBLY_NOT_FOUND                                             NTStatus      = 0xC0150004
+	STATUS_SXS_MANIFEST_FORMAT_ERROR                                          NTStatus      = 0xC0150005
+	STATUS_SXS_MANIFEST_PARSE_ERROR                                           NTStatus      = 0xC0150006
+	STATUS_SXS_ACTIVATION_CONTEXT_DISABLED                                    NTStatus      = 0xC0150007
+	STATUS_SXS_KEY_NOT_FOUND                                                  NTStatus      = 0xC0150008
+	STATUS_SXS_VERSION_CONFLICT                                               NTStatus      = 0xC0150009
+	STATUS_SXS_WRONG_SECTION_TYPE                                             NTStatus      = 0xC015000A
+	STATUS_SXS_THREAD_QUERIES_DISABLED                                        NTStatus      = 0xC015000B
+	STATUS_SXS_ASSEMBLY_MISSING                                               NTStatus      = 0xC015000C
+	STATUS_SXS_RELEASE_ACTIVATION_CONTEXT                                     NTStatus      = 0x4015000D
+	STATUS_SXS_PROCESS_DEFAULT_ALREADY_SET                                    NTStatus      = 0xC015000E
+	STATUS_SXS_EARLY_DEACTIVATION                                             NTStatus      = 0xC015000F
+	STATUS_SXS_INVALID_DEACTIVATION                                           NTStatus      = 0xC0150010
+	STATUS_SXS_MULTIPLE_DEACTIVATION                                          NTStatus      = 0xC0150011
+	STATUS_SXS_SYSTEM_DEFAULT_ACTIVATION_CONTEXT_EMPTY                        NTStatus      = 0xC0150012
+	STATUS_SXS_PROCESS_TERMINATION_REQUESTED                                  NTStatus      = 0xC0150013
+	STATUS_SXS_CORRUPT_ACTIVATION_STACK                                       NTStatus      = 0xC0150014
+	STATUS_SXS_CORRUPTION                                                     NTStatus      = 0xC0150015
+	STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE                               NTStatus      = 0xC0150016
+	STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_NAME                                NTStatus      = 0xC0150017
+	STATUS_SXS_IDENTITY_DUPLICATE_ATTRIBUTE                                   NTStatus      = 0xC0150018
+	STATUS_SXS_IDENTITY_PARSE_ERROR                                           NTStatus      = 0xC0150019
+	STATUS_SXS_COMPONENT_STORE_CORRUPT                                        NTStatus      = 0xC015001A
+	STATUS_SXS_FILE_HASH_MISMATCH                                             NTStatus      = 0xC015001B
+	STATUS_SXS_MANIFEST_IDENTITY_SAME_BUT_CONTENTS_DIFFERENT                  NTStatus      = 0xC015001C
+	STATUS_SXS_IDENTITIES_DIFFERENT                                           NTStatus      = 0xC015001D
+	STATUS_SXS_ASSEMBLY_IS_NOT_A_DEPLOYMENT                                   NTStatus      = 0xC015001E
+	STATUS_SXS_FILE_NOT_PART_OF_ASSEMBLY                                      NTStatus      = 0xC015001F
+	STATUS_ADVANCED_INSTALLER_FAILED                                          NTStatus      = 0xC0150020
+	STATUS_XML_ENCODING_MISMATCH                                              NTStatus      = 0xC0150021
+	STATUS_SXS_MANIFEST_TOO_BIG                                               NTStatus      = 0xC0150022
+	STATUS_SXS_SETTING_NOT_REGISTERED                                         NTStatus      = 0xC0150023
+	STATUS_SXS_TRANSACTION_CLOSURE_INCOMPLETE                                 NTStatus      = 0xC0150024
+	STATUS_SMI_PRIMITIVE_INSTALLER_FAILED                                     NTStatus      = 0xC0150025
+	STATUS_GENERIC_COMMAND_FAILED                                             NTStatus      = 0xC0150026
+	STATUS_SXS_FILE_HASH_MISSING                                              NTStatus      = 0xC0150027
+	STATUS_CLUSTER_INVALID_NODE                                               NTStatus      = 0xC0130001
+	STATUS_CLUSTER_NODE_EXISTS                                                NTStatus      = 0xC0130002
+	STATUS_CLUSTER_JOIN_IN_PROGRESS                                           NTStatus      = 0xC0130003
+	STATUS_CLUSTER_NODE_NOT_FOUND                                             NTStatus      = 0xC0130004
+	STATUS_CLUSTER_LOCAL_NODE_NOT_FOUND                                       NTStatus      = 0xC0130005
+	STATUS_CLUSTER_NETWORK_EXISTS                                             NTStatus      = 0xC0130006
+	STATUS_CLUSTER_NETWORK_NOT_FOUND                                          NTStatus      = 0xC0130007
+	STATUS_CLUSTER_NETINTERFACE_EXISTS                                        NTStatus      = 0xC0130008
+	STATUS_CLUSTER_NETINTERFACE_NOT_FOUND                                     NTStatus      = 0xC0130009
+	STATUS_CLUSTER_INVALID_REQUEST                                            NTStatus      = 0xC013000A
+	STATUS_CLUSTER_INVALID_NETWORK_PROVIDER                                   NTStatus      = 0xC013000B
+	STATUS_CLUSTER_NODE_DOWN                                                  NTStatus      = 0xC013000C
+	STATUS_CLUSTER_NODE_UNREACHABLE                                           NTStatus      = 0xC013000D
+	STATUS_CLUSTER_NODE_NOT_MEMBER                                            NTStatus      = 0xC013000E
+	STATUS_CLUSTER_JOIN_NOT_IN_PROGRESS                                       NTStatus      = 0xC013000F
+	STATUS_CLUSTER_INVALID_NETWORK                                            NTStatus      = 0xC0130010
+	STATUS_CLUSTER_NO_NET_ADAPTERS                                            NTStatus      = 0xC0130011
+	STATUS_CLUSTER_NODE_UP                                                    NTStatus      = 0xC0130012
+	STATUS_CLUSTER_NODE_PAUSED                                                NTStatus      = 0xC0130013
+	STATUS_CLUSTER_NODE_NOT_PAUSED                                            NTStatus      = 0xC0130014
+	STATUS_CLUSTER_NO_SECURITY_CONTEXT                                        NTStatus      = 0xC0130015
+	STATUS_CLUSTER_NETWORK_NOT_INTERNAL                                       NTStatus      = 0xC0130016
+	STATUS_CLUSTER_POISONED                                                   NTStatus      = 0xC0130017
+	STATUS_CLUSTER_NON_CSV_PATH                                               NTStatus      = 0xC0130018
+	STATUS_CLUSTER_CSV_VOLUME_NOT_LOCAL                                       NTStatus      = 0xC0130019
+	STATUS_CLUSTER_CSV_READ_OPLOCK_BREAK_IN_PROGRESS                          NTStatus      = 0xC0130020
+	STATUS_CLUSTER_CSV_AUTO_PAUSE_ERROR                                       NTStatus      = 0xC0130021
+	STATUS_CLUSTER_CSV_REDIRECTED                                             NTStatus      = 0xC0130022
+	STATUS_CLUSTER_CSV_NOT_REDIRECTED                                         NTStatus      = 0xC0130023
+	STATUS_CLUSTER_CSV_VOLUME_DRAINING                                        NTStatus      = 0xC0130024
+	STATUS_CLUSTER_CSV_SNAPSHOT_CREATION_IN_PROGRESS                          NTStatus      = 0xC0130025
+	STATUS_CLUSTER_CSV_VOLUME_DRAINING_SUCCEEDED_DOWNLEVEL                    NTStatus      = 0xC0130026
+	STATUS_CLUSTER_CSV_NO_SNAPSHOTS                                           NTStatus      = 0xC0130027
+	STATUS_CSV_IO_PAUSE_TIMEOUT                                               NTStatus      = 0xC0130028
+	STATUS_CLUSTER_CSV_INVALID_HANDLE                                         NTStatus      = 0xC0130029
+	STATUS_CLUSTER_CSV_SUPPORTED_ONLY_ON_COORDINATOR                          NTStatus      = 0xC0130030
+	STATUS_CLUSTER_CAM_TICKET_REPLAY_DETECTED                                 NTStatus      = 0xC0130031
+	STATUS_TRANSACTIONAL_CONFLICT                                             NTStatus      = 0xC0190001
+	STATUS_INVALID_TRANSACTION                                                NTStatus      = 0xC0190002
+	STATUS_TRANSACTION_NOT_ACTIVE                                             NTStatus      = 0xC0190003
+	STATUS_TM_INITIALIZATION_FAILED                                           NTStatus      = 0xC0190004
+	STATUS_RM_NOT_ACTIVE                                                      NTStatus      = 0xC0190005
+	STATUS_RM_METADATA_CORRUPT                                                NTStatus      = 0xC0190006
+	STATUS_TRANSACTION_NOT_JOINED                                             NTStatus      = 0xC0190007
+	STATUS_DIRECTORY_NOT_RM                                                   NTStatus      = 0xC0190008
+	STATUS_COULD_NOT_RESIZE_LOG                                               NTStatus      = 0x80190009
+	STATUS_TRANSACTIONS_UNSUPPORTED_REMOTE                                    NTStatus      = 0xC019000A
+	STATUS_LOG_RESIZE_INVALID_SIZE                                            NTStatus      = 0xC019000B
+	STATUS_REMOTE_FILE_VERSION_MISMATCH                                       NTStatus      = 0xC019000C
+	STATUS_CRM_PROTOCOL_ALREADY_EXISTS                                        NTStatus      = 0xC019000F
+	STATUS_TRANSACTION_PROPAGATION_FAILED                                     NTStatus      = 0xC0190010
+	STATUS_CRM_PROTOCOL_NOT_FOUND                                             NTStatus      = 0xC0190011
+	STATUS_TRANSACTION_SUPERIOR_EXISTS                                        NTStatus      = 0xC0190012
+	STATUS_TRANSACTION_REQUEST_NOT_VALID                                      NTStatus      = 0xC0190013
+	STATUS_TRANSACTION_NOT_REQUESTED                                          NTStatus      = 0xC0190014
+	STATUS_TRANSACTION_ALREADY_ABORTED                                        NTStatus      = 0xC0190015
+	STATUS_TRANSACTION_ALREADY_COMMITTED                                      NTStatus      = 0xC0190016
+	STATUS_TRANSACTION_INVALID_MARSHALL_BUFFER                                NTStatus      = 0xC0190017
+	STATUS_CURRENT_TRANSACTION_NOT_VALID                                      NTStatus      = 0xC0190018
+	STATUS_LOG_GROWTH_FAILED                                                  NTStatus      = 0xC0190019
+	STATUS_OBJECT_NO_LONGER_EXISTS                                            NTStatus      = 0xC0190021
+	STATUS_STREAM_MINIVERSION_NOT_FOUND                                       NTStatus      = 0xC0190022
+	STATUS_STREAM_MINIVERSION_NOT_VALID                                       NTStatus      = 0xC0190023
+	STATUS_MINIVERSION_INACCESSIBLE_FROM_SPECIFIED_TRANSACTION                NTStatus      = 0xC0190024
+	STATUS_CANT_OPEN_MINIVERSION_WITH_MODIFY_INTENT                           NTStatus      = 0xC0190025
+	STATUS_CANT_CREATE_MORE_STREAM_MINIVERSIONS                               NTStatus      = 0xC0190026
+	STATUS_HANDLE_NO_LONGER_VALID                                             NTStatus      = 0xC0190028
+	STATUS_NO_TXF_METADATA                                                    NTStatus      = 0x80190029
+	STATUS_LOG_CORRUPTION_DETECTED                                            NTStatus      = 0xC0190030
+	STATUS_CANT_RECOVER_WITH_HANDLE_OPEN                                      NTStatus      = 0x80190031
+	STATUS_RM_DISCONNECTED                                                    NTStatus      = 0xC0190032
+	STATUS_ENLISTMENT_NOT_SUPERIOR                                            NTStatus      = 0xC0190033
+	STATUS_RECOVERY_NOT_NEEDED                                                NTStatus      = 0x40190034
+	STATUS_RM_ALREADY_STARTED                                                 NTStatus      = 0x40190035
+	STATUS_FILE_IDENTITY_NOT_PERSISTENT                                       NTStatus      = 0xC0190036
+	STATUS_CANT_BREAK_TRANSACTIONAL_DEPENDENCY                                NTStatus      = 0xC0190037
+	STATUS_CANT_CROSS_RM_BOUNDARY                                             NTStatus      = 0xC0190038
+	STATUS_TXF_DIR_NOT_EMPTY                                                  NTStatus      = 0xC0190039
+	STATUS_INDOUBT_TRANSACTIONS_EXIST                                         NTStatus      = 0xC019003A
+	STATUS_TM_VOLATILE                                                        NTStatus      = 0xC019003B
+	STATUS_ROLLBACK_TIMER_EXPIRED                                             NTStatus      = 0xC019003C
+	STATUS_TXF_ATTRIBUTE_CORRUPT                                              NTStatus      = 0xC019003D
+	STATUS_EFS_NOT_ALLOWED_IN_TRANSACTION                                     NTStatus      = 0xC019003E
+	STATUS_TRANSACTIONAL_OPEN_NOT_ALLOWED                                     NTStatus      = 0xC019003F
+	STATUS_TRANSACTED_MAPPING_UNSUPPORTED_REMOTE                              NTStatus      = 0xC0190040
+	STATUS_TXF_METADATA_ALREADY_PRESENT                                       NTStatus      = 0x80190041
+	STATUS_TRANSACTION_SCOPE_CALLBACKS_NOT_SET                                NTStatus      = 0x80190042
+	STATUS_TRANSACTION_REQUIRED_PROMOTION                                     NTStatus      = 0xC0190043
+	STATUS_CANNOT_EXECUTE_FILE_IN_TRANSACTION                                 NTStatus      = 0xC0190044
+	STATUS_TRANSACTIONS_NOT_FROZEN                                            NTStatus      = 0xC0190045
+	STATUS_TRANSACTION_FREEZE_IN_PROGRESS                                     NTStatus      = 0xC0190046
+	STATUS_NOT_SNAPSHOT_VOLUME                                                NTStatus      = 0xC0190047
+	STATUS_NO_SAVEPOINT_WITH_OPEN_FILES                                       NTStatus      = 0xC0190048
+	STATUS_SPARSE_NOT_ALLOWED_IN_TRANSACTION                                  NTStatus      = 0xC0190049
+	STATUS_TM_IDENTITY_MISMATCH                                               NTStatus      = 0xC019004A
+	STATUS_FLOATED_SECTION                                                    NTStatus      = 0xC019004B
+	STATUS_CANNOT_ACCEPT_TRANSACTED_WORK                                      NTStatus      = 0xC019004C
+	STATUS_CANNOT_ABORT_TRANSACTIONS                                          NTStatus      = 0xC019004D
+	STATUS_TRANSACTION_NOT_FOUND                                              NTStatus      = 0xC019004E
+	STATUS_RESOURCEMANAGER_NOT_FOUND                                          NTStatus      = 0xC019004F
+	STATUS_ENLISTMENT_NOT_FOUND                                               NTStatus      = 0xC0190050
+	STATUS_TRANSACTIONMANAGER_NOT_FOUND                                       NTStatus      = 0xC0190051
+	STATUS_TRANSACTIONMANAGER_NOT_ONLINE                                      NTStatus      = 0xC0190052
+	STATUS_TRANSACTIONMANAGER_RECOVERY_NAME_COLLISION                         NTStatus      = 0xC0190053
+	STATUS_TRANSACTION_NOT_ROOT                                               NTStatus      = 0xC0190054
+	STATUS_TRANSACTION_OBJECT_EXPIRED                                         NTStatus      = 0xC0190055
+	STATUS_COMPRESSION_NOT_ALLOWED_IN_TRANSACTION                             NTStatus      = 0xC0190056
+	STATUS_TRANSACTION_RESPONSE_NOT_ENLISTED                                  NTStatus      = 0xC0190057
+	STATUS_TRANSACTION_RECORD_TOO_LONG                                        NTStatus      = 0xC0190058
+	STATUS_NO_LINK_TRACKING_IN_TRANSACTION                                    NTStatus      = 0xC0190059
+	STATUS_OPERATION_NOT_SUPPORTED_IN_TRANSACTION                             NTStatus      = 0xC019005A
+	STATUS_TRANSACTION_INTEGRITY_VIOLATED                                     NTStatus      = 0xC019005B
+	STATUS_TRANSACTIONMANAGER_IDENTITY_MISMATCH                               NTStatus      = 0xC019005C
+	STATUS_RM_CANNOT_BE_FROZEN_FOR_SNAPSHOT                                   NTStatus      = 0xC019005D
+	STATUS_TRANSACTION_MUST_WRITETHROUGH                                      NTStatus      = 0xC019005E
+	STATUS_TRANSACTION_NO_SUPERIOR                                            NTStatus      = 0xC019005F
+	STATUS_EXPIRED_HANDLE                                                     NTStatus      = 0xC0190060
+	STATUS_TRANSACTION_NOT_ENLISTED                                           NTStatus      = 0xC0190061
+	STATUS_LOG_SECTOR_INVALID                                                 NTStatus      = 0xC01A0001
+	STATUS_LOG_SECTOR_PARITY_INVALID                                          NTStatus      = 0xC01A0002
+	STATUS_LOG_SECTOR_REMAPPED                                                NTStatus      = 0xC01A0003
+	STATUS_LOG_BLOCK_INCOMPLETE                                               NTStatus      = 0xC01A0004
+	STATUS_LOG_INVALID_RANGE                                                  NTStatus      = 0xC01A0005
+	STATUS_LOG_BLOCKS_EXHAUSTED                                               NTStatus      = 0xC01A0006
+	STATUS_LOG_READ_CONTEXT_INVALID                                           NTStatus      = 0xC01A0007
+	STATUS_LOG_RESTART_INVALID                                                NTStatus      = 0xC01A0008
+	STATUS_LOG_BLOCK_VERSION                                                  NTStatus      = 0xC01A0009
+	STATUS_LOG_BLOCK_INVALID                                                  NTStatus      = 0xC01A000A
+	STATUS_LOG_READ_MODE_INVALID                                              NTStatus      = 0xC01A000B
+	STATUS_LOG_NO_RESTART                                                     NTStatus      = 0x401A000C
+	STATUS_LOG_METADATA_CORRUPT                                               NTStatus      = 0xC01A000D
+	STATUS_LOG_METADATA_INVALID                                               NTStatus      = 0xC01A000E
+	STATUS_LOG_METADATA_INCONSISTENT                                          NTStatus      = 0xC01A000F
+	STATUS_LOG_RESERVATION_INVALID                                            NTStatus      = 0xC01A0010
+	STATUS_LOG_CANT_DELETE                                                    NTStatus      = 0xC01A0011
+	STATUS_LOG_CONTAINER_LIMIT_EXCEEDED                                       NTStatus      = 0xC01A0012
+	STATUS_LOG_START_OF_LOG                                                   NTStatus      = 0xC01A0013
+	STATUS_LOG_POLICY_ALREADY_INSTALLED                                       NTStatus      = 0xC01A0014
+	STATUS_LOG_POLICY_NOT_INSTALLED                                           NTStatus      = 0xC01A0015
+	STATUS_LOG_POLICY_INVALID                                                 NTStatus      = 0xC01A0016
+	STATUS_LOG_POLICY_CONFLICT                                                NTStatus      = 0xC01A0017
+	STATUS_LOG_PINNED_ARCHIVE_TAIL                                            NTStatus      = 0xC01A0018
+	STATUS_LOG_RECORD_NONEXISTENT                                             NTStatus      = 0xC01A0019
+	STATUS_LOG_RECORDS_RESERVED_INVALID                                       NTStatus      = 0xC01A001A
+	STATUS_LOG_SPACE_RESERVED_INVALID                                         NTStatus      = 0xC01A001B
+	STATUS_LOG_TAIL_INVALID                                                   NTStatus      = 0xC01A001C
+	STATUS_LOG_FULL                                                           NTStatus      = 0xC01A001D
+	STATUS_LOG_MULTIPLEXED                                                    NTStatus      = 0xC01A001E
+	STATUS_LOG_DEDICATED                                                      NTStatus      = 0xC01A001F
+	STATUS_LOG_ARCHIVE_NOT_IN_PROGRESS                                        NTStatus      = 0xC01A0020
+	STATUS_LOG_ARCHIVE_IN_PROGRESS                                            NTStatus      = 0xC01A0021
+	STATUS_LOG_EPHEMERAL                                                      NTStatus      = 0xC01A0022
+	STATUS_LOG_NOT_ENOUGH_CONTAINERS                                          NTStatus      = 0xC01A0023
+	STATUS_LOG_CLIENT_ALREADY_REGISTERED                                      NTStatus      = 0xC01A0024
+	STATUS_LOG_CLIENT_NOT_REGISTERED                                          NTStatus      = 0xC01A0025
+	STATUS_LOG_FULL_HANDLER_IN_PROGRESS                                       NTStatus      = 0xC01A0026
+	STATUS_LOG_CONTAINER_READ_FAILED                                          NTStatus      = 0xC01A0027
+	STATUS_LOG_CONTAINER_WRITE_FAILED                                         NTStatus      = 0xC01A0028
+	STATUS_LOG_CONTAINER_OPEN_FAILED                                          NTStatus      = 0xC01A0029
+	STATUS_LOG_CONTAINER_STATE_INVALID                                        NTStatus      = 0xC01A002A
+	STATUS_LOG_STATE_INVALID                                                  NTStatus      = 0xC01A002B
+	STATUS_LOG_PINNED                                                         NTStatus      = 0xC01A002C
+	STATUS_LOG_METADATA_FLUSH_FAILED                                          NTStatus      = 0xC01A002D
+	STATUS_LOG_INCONSISTENT_SECURITY                                          NTStatus      = 0xC01A002E
+	STATUS_LOG_APPENDED_FLUSH_FAILED                                          NTStatus      = 0xC01A002F
+	STATUS_LOG_PINNED_RESERVATION                                             NTStatus      = 0xC01A0030
+	STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD                                   NTStatus      = 0xC01B00EA
+	STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD_RECOVERED                         NTStatus      = 0x801B00EB
+	STATUS_VIDEO_DRIVER_DEBUG_REPORT_REQUEST                                  NTStatus      = 0x401B00EC
+	STATUS_MONITOR_NO_DESCRIPTOR                                              NTStatus      = 0xC01D0001
+	STATUS_MONITOR_UNKNOWN_DESCRIPTOR_FORMAT                                  NTStatus      = 0xC01D0002
+	STATUS_MONITOR_INVALID_DESCRIPTOR_CHECKSUM                                NTStatus      = 0xC01D0003
+	STATUS_MONITOR_INVALID_STANDARD_TIMING_BLOCK                              NTStatus      = 0xC01D0004
+	STATUS_MONITOR_WMI_DATABLOCK_REGISTRATION_FAILED                          NTStatus      = 0xC01D0005
+	STATUS_MONITOR_INVALID_SERIAL_NUMBER_MONDSC_BLOCK                         NTStatus      = 0xC01D0006
+	STATUS_MONITOR_INVALID_USER_FRIENDLY_MONDSC_BLOCK                         NTStatus      = 0xC01D0007
+	STATUS_MONITOR_NO_MORE_DESCRIPTOR_DATA                                    NTStatus      = 0xC01D0008
+	STATUS_MONITOR_INVALID_DETAILED_TIMING_BLOCK                              NTStatus      = 0xC01D0009
+	STATUS_MONITOR_INVALID_MANUFACTURE_DATE                                   NTStatus      = 0xC01D000A
+	STATUS_GRAPHICS_NOT_EXCLUSIVE_MODE_OWNER                                  NTStatus      = 0xC01E0000
+	STATUS_GRAPHICS_INSUFFICIENT_DMA_BUFFER                                   NTStatus      = 0xC01E0001
+	STATUS_GRAPHICS_INVALID_DISPLAY_ADAPTER                                   NTStatus      = 0xC01E0002
+	STATUS_GRAPHICS_ADAPTER_WAS_RESET                                         NTStatus      = 0xC01E0003
+	STATUS_GRAPHICS_INVALID_DRIVER_MODEL                                      NTStatus      = 0xC01E0004
+	STATUS_GRAPHICS_PRESENT_MODE_CHANGED                                      NTStatus      = 0xC01E0005
+	STATUS_GRAPHICS_PRESENT_OCCLUDED                                          NTStatus      = 0xC01E0006
+	STATUS_GRAPHICS_PRESENT_DENIED                                            NTStatus      = 0xC01E0007
+	STATUS_GRAPHICS_CANNOTCOLORCONVERT                                        NTStatus      = 0xC01E0008
+	STATUS_GRAPHICS_DRIVER_MISMATCH                                           NTStatus      = 0xC01E0009
+	STATUS_GRAPHICS_PARTIAL_DATA_POPULATED                                    NTStatus      = 0x401E000A
+	STATUS_GRAPHICS_PRESENT_REDIRECTION_DISABLED                              NTStatus      = 0xC01E000B
+	STATUS_GRAPHICS_PRESENT_UNOCCLUDED                                        NTStatus      = 0xC01E000C
+	STATUS_GRAPHICS_WINDOWDC_NOT_AVAILABLE                                    NTStatus      = 0xC01E000D
+	STATUS_GRAPHICS_WINDOWLESS_PRESENT_DISABLED                               NTStatus      = 0xC01E000E
+	STATUS_GRAPHICS_PRESENT_INVALID_WINDOW                                    NTStatus      = 0xC01E000F
+	STATUS_GRAPHICS_PRESENT_BUFFER_NOT_BOUND                                  NTStatus      = 0xC01E0010
+	STATUS_GRAPHICS_VAIL_STATE_CHANGED                                        NTStatus      = 0xC01E0011
+	STATUS_GRAPHICS_INDIRECT_DISPLAY_ABANDON_SWAPCHAIN                        NTStatus      = 0xC01E0012
+	STATUS_GRAPHICS_INDIRECT_DISPLAY_DEVICE_STOPPED                           NTStatus      = 0xC01E0013
+	STATUS_GRAPHICS_NO_VIDEO_MEMORY                                           NTStatus      = 0xC01E0100
+	STATUS_GRAPHICS_CANT_LOCK_MEMORY                                          NTStatus      = 0xC01E0101
+	STATUS_GRAPHICS_ALLOCATION_BUSY                                           NTStatus      = 0xC01E0102
+	STATUS_GRAPHICS_TOO_MANY_REFERENCES                                       NTStatus      = 0xC01E0103
+	STATUS_GRAPHICS_TRY_AGAIN_LATER                                           NTStatus      = 0xC01E0104
+	STATUS_GRAPHICS_TRY_AGAIN_NOW                                             NTStatus      = 0xC01E0105
+	STATUS_GRAPHICS_ALLOCATION_INVALID                                        NTStatus      = 0xC01E0106
+	STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNAVAILABLE                          NTStatus      = 0xC01E0107
+	STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNSUPPORTED                          NTStatus      = 0xC01E0108
+	STATUS_GRAPHICS_CANT_EVICT_PINNED_ALLOCATION                              NTStatus      = 0xC01E0109
+	STATUS_GRAPHICS_INVALID_ALLOCATION_USAGE                                  NTStatus      = 0xC01E0110
+	STATUS_GRAPHICS_CANT_RENDER_LOCKED_ALLOCATION                             NTStatus      = 0xC01E0111
+	STATUS_GRAPHICS_ALLOCATION_CLOSED                                         NTStatus      = 0xC01E0112
+	STATUS_GRAPHICS_INVALID_ALLOCATION_INSTANCE                               NTStatus      = 0xC01E0113
+	STATUS_GRAPHICS_INVALID_ALLOCATION_HANDLE                                 NTStatus      = 0xC01E0114
+	STATUS_GRAPHICS_WRONG_ALLOCATION_DEVICE                                   NTStatus      = 0xC01E0115
+	STATUS_GRAPHICS_ALLOCATION_CONTENT_LOST                                   NTStatus      = 0xC01E0116
+	STATUS_GRAPHICS_GPU_EXCEPTION_ON_DEVICE                                   NTStatus      = 0xC01E0200
+	STATUS_GRAPHICS_SKIP_ALLOCATION_PREPARATION                               NTStatus      = 0x401E0201
+	STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY                                    NTStatus      = 0xC01E0300
+	STATUS_GRAPHICS_VIDPN_TOPOLOGY_NOT_SUPPORTED                              NTStatus      = 0xC01E0301
+	STATUS_GRAPHICS_VIDPN_TOPOLOGY_CURRENTLY_NOT_SUPPORTED                    NTStatus      = 0xC01E0302
+	STATUS_GRAPHICS_INVALID_VIDPN                                             NTStatus      = 0xC01E0303
+	STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE                              NTStatus      = 0xC01E0304
+	STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET                              NTStatus      = 0xC01E0305
+	STATUS_GRAPHICS_VIDPN_MODALITY_NOT_SUPPORTED                              NTStatus      = 0xC01E0306
+	STATUS_GRAPHICS_MODE_NOT_PINNED                                           NTStatus      = 0x401E0307
+	STATUS_GRAPHICS_INVALID_VIDPN_SOURCEMODESET                               NTStatus      = 0xC01E0308
+	STATUS_GRAPHICS_INVALID_VIDPN_TARGETMODESET                               NTStatus      = 0xC01E0309
+	STATUS_GRAPHICS_INVALID_FREQUENCY                                         NTStatus      = 0xC01E030A
+	STATUS_GRAPHICS_INVALID_ACTIVE_REGION                                     NTStatus      = 0xC01E030B
+	STATUS_GRAPHICS_INVALID_TOTAL_REGION                                      NTStatus      = 0xC01E030C
+	STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE_MODE                         NTStatus      = 0xC01E0310
+	STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET_MODE                         NTStatus      = 0xC01E0311
+	STATUS_GRAPHICS_PINNED_MODE_MUST_REMAIN_IN_SET                            NTStatus      = 0xC01E0312
+	STATUS_GRAPHICS_PATH_ALREADY_IN_TOPOLOGY                                  NTStatus      = 0xC01E0313
+	STATUS_GRAPHICS_MODE_ALREADY_IN_MODESET                                   NTStatus      = 0xC01E0314
+	STATUS_GRAPHICS_INVALID_VIDEOPRESENTSOURCESET                             NTStatus      = 0xC01E0315
+	STATUS_GRAPHICS_INVALID_VIDEOPRESENTTARGETSET                             NTStatus      = 0xC01E0316
+	STATUS_GRAPHICS_SOURCE_ALREADY_IN_SET                                     NTStatus      = 0xC01E0317
+	STATUS_GRAPHICS_TARGET_ALREADY_IN_SET                                     NTStatus      = 0xC01E0318
+	STATUS_GRAPHICS_INVALID_VIDPN_PRESENT_PATH                                NTStatus      = 0xC01E0319
+	STATUS_GRAPHICS_NO_RECOMMENDED_VIDPN_TOPOLOGY                             NTStatus      = 0xC01E031A
+	STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGESET                         NTStatus      = 0xC01E031B
+	STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE                            NTStatus      = 0xC01E031C
+	STATUS_GRAPHICS_FREQUENCYRANGE_NOT_IN_SET                                 NTStatus      = 0xC01E031D
+	STATUS_GRAPHICS_NO_PREFERRED_MODE                                         NTStatus      = 0x401E031E
+	STATUS_GRAPHICS_FREQUENCYRANGE_ALREADY_IN_SET                             NTStatus      = 0xC01E031F
+	STATUS_GRAPHICS_STALE_MODESET                                             NTStatus      = 0xC01E0320
+	STATUS_GRAPHICS_INVALID_MONITOR_SOURCEMODESET                             NTStatus      = 0xC01E0321
+	STATUS_GRAPHICS_INVALID_MONITOR_SOURCE_MODE                               NTStatus      = 0xC01E0322
+	STATUS_GRAPHICS_NO_RECOMMENDED_FUNCTIONAL_VIDPN                           NTStatus      = 0xC01E0323
+	STATUS_GRAPHICS_MODE_ID_MUST_BE_UNIQUE                                    NTStatus      = 0xC01E0324
+	STATUS_GRAPHICS_EMPTY_ADAPTER_MONITOR_MODE_SUPPORT_INTERSECTION           NTStatus      = 0xC01E0325
+	STATUS_GRAPHICS_VIDEO_PRESENT_TARGETS_LESS_THAN_SOURCES                   NTStatus      = 0xC01E0326
+	STATUS_GRAPHICS_PATH_NOT_IN_TOPOLOGY                                      NTStatus      = 0xC01E0327
+	STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_SOURCE                     NTStatus      = 0xC01E0328
+	STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_TARGET                     NTStatus      = 0xC01E0329
+	STATUS_GRAPHICS_INVALID_MONITORDESCRIPTORSET                              NTStatus      = 0xC01E032A
+	STATUS_GRAPHICS_INVALID_MONITORDESCRIPTOR                                 NTStatus      = 0xC01E032B
+	STATUS_GRAPHICS_MONITORDESCRIPTOR_NOT_IN_SET                              NTStatus      = 0xC01E032C
+	STATUS_GRAPHICS_MONITORDESCRIPTOR_ALREADY_IN_SET                          NTStatus      = 0xC01E032D
+	STATUS_GRAPHICS_MONITORDESCRIPTOR_ID_MUST_BE_UNIQUE                       NTStatus      = 0xC01E032E
+	STATUS_GRAPHICS_INVALID_VIDPN_TARGET_SUBSET_TYPE                          NTStatus      = 0xC01E032F
+	STATUS_GRAPHICS_RESOURCES_NOT_RELATED                                     NTStatus      = 0xC01E0330
+	STATUS_GRAPHICS_SOURCE_ID_MUST_BE_UNIQUE                                  NTStatus      = 0xC01E0331
+	STATUS_GRAPHICS_TARGET_ID_MUST_BE_UNIQUE                                  NTStatus      = 0xC01E0332
+	STATUS_GRAPHICS_NO_AVAILABLE_VIDPN_TARGET                                 NTStatus      = 0xC01E0333
+	STATUS_GRAPHICS_MONITOR_COULD_NOT_BE_ASSOCIATED_WITH_ADAPTER              NTStatus      = 0xC01E0334
+	STATUS_GRAPHICS_NO_VIDPNMGR                                               NTStatus      = 0xC01E0335
+	STATUS_GRAPHICS_NO_ACTIVE_VIDPN                                           NTStatus      = 0xC01E0336
+	STATUS_GRAPHICS_STALE_VIDPN_TOPOLOGY                                      NTStatus      = 0xC01E0337
+	STATUS_GRAPHICS_MONITOR_NOT_CONNECTED                                     NTStatus      = 0xC01E0338
+	STATUS_GRAPHICS_SOURCE_NOT_IN_TOPOLOGY                                    NTStatus      = 0xC01E0339
+	STATUS_GRAPHICS_INVALID_PRIMARYSURFACE_SIZE                               NTStatus      = 0xC01E033A
+	STATUS_GRAPHICS_INVALID_VISIBLEREGION_SIZE                                NTStatus      = 0xC01E033B
+	STATUS_GRAPHICS_INVALID_STRIDE                                            NTStatus      = 0xC01E033C
+	STATUS_GRAPHICS_INVALID_PIXELFORMAT                                       NTStatus      = 0xC01E033D
+	STATUS_GRAPHICS_INVALID_COLORBASIS                                        NTStatus      = 0xC01E033E
+	STATUS_GRAPHICS_INVALID_PIXELVALUEACCESSMODE                              NTStatus      = 0xC01E033F
+	STATUS_GRAPHICS_TARGET_NOT_IN_TOPOLOGY                                    NTStatus      = 0xC01E0340
+	STATUS_GRAPHICS_NO_DISPLAY_MODE_MANAGEMENT_SUPPORT                        NTStatus      = 0xC01E0341
+	STATUS_GRAPHICS_VIDPN_SOURCE_IN_USE                                       NTStatus      = 0xC01E0342
+	STATUS_GRAPHICS_CANT_ACCESS_ACTIVE_VIDPN                                  NTStatus      = 0xC01E0343
+	STATUS_GRAPHICS_INVALID_PATH_IMPORTANCE_ORDINAL                           NTStatus      = 0xC01E0344
+	STATUS_GRAPHICS_INVALID_PATH_CONTENT_GEOMETRY_TRANSFORMATION              NTStatus      = 0xC01E0345
+	STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_SUPPORTED        NTStatus      = 0xC01E0346
+	STATUS_GRAPHICS_INVALID_GAMMA_RAMP                                        NTStatus      = 0xC01E0347
+	STATUS_GRAPHICS_GAMMA_RAMP_NOT_SUPPORTED                                  NTStatus      = 0xC01E0348
+	STATUS_GRAPHICS_MULTISAMPLING_NOT_SUPPORTED                               NTStatus      = 0xC01E0349
+	STATUS_GRAPHICS_MODE_NOT_IN_MODESET                                       NTStatus      = 0xC01E034A
+	STATUS_GRAPHICS_DATASET_IS_EMPTY                                          NTStatus      = 0x401E034B
+	STATUS_GRAPHICS_NO_MORE_ELEMENTS_IN_DATASET                               NTStatus      = 0x401E034C
+	STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY_RECOMMENDATION_REASON              NTStatus      = 0xC01E034D
+	STATUS_GRAPHICS_INVALID_PATH_CONTENT_TYPE                                 NTStatus      = 0xC01E034E
+	STATUS_GRAPHICS_INVALID_COPYPROTECTION_TYPE                               NTStatus      = 0xC01E034F
+	STATUS_GRAPHICS_UNASSIGNED_MODESET_ALREADY_EXISTS                         NTStatus      = 0xC01E0350
+	STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_PINNED           NTStatus      = 0x401E0351
+	STATUS_GRAPHICS_INVALID_SCANLINE_ORDERING                                 NTStatus      = 0xC01E0352
+	STATUS_GRAPHICS_TOPOLOGY_CHANGES_NOT_ALLOWED                              NTStatus      = 0xC01E0353
+	STATUS_GRAPHICS_NO_AVAILABLE_IMPORTANCE_ORDINALS                          NTStatus      = 0xC01E0354
+	STATUS_GRAPHICS_INCOMPATIBLE_PRIVATE_FORMAT                               NTStatus      = 0xC01E0355
+	STATUS_GRAPHICS_INVALID_MODE_PRUNING_ALGORITHM                            NTStatus      = 0xC01E0356
+	STATUS_GRAPHICS_INVALID_MONITOR_CAPABILITY_ORIGIN                         NTStatus      = 0xC01E0357
+	STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE_CONSTRAINT                 NTStatus      = 0xC01E0358
+	STATUS_GRAPHICS_MAX_NUM_PATHS_REACHED                                     NTStatus      = 0xC01E0359
+	STATUS_GRAPHICS_CANCEL_VIDPN_TOPOLOGY_AUGMENTATION                        NTStatus      = 0xC01E035A
+	STATUS_GRAPHICS_INVALID_CLIENT_TYPE                                       NTStatus      = 0xC01E035B
+	STATUS_GRAPHICS_CLIENTVIDPN_NOT_SET                                       NTStatus      = 0xC01E035C
+	STATUS_GRAPHICS_SPECIFIED_CHILD_ALREADY_CONNECTED                         NTStatus      = 0xC01E0400
+	STATUS_GRAPHICS_CHILD_DESCRIPTOR_NOT_SUPPORTED                            NTStatus      = 0xC01E0401
+	STATUS_GRAPHICS_UNKNOWN_CHILD_STATUS                                      NTStatus      = 0x401E042F
+	STATUS_GRAPHICS_NOT_A_LINKED_ADAPTER                                      NTStatus      = 0xC01E0430
+	STATUS_GRAPHICS_LEADLINK_NOT_ENUMERATED                                   NTStatus      = 0xC01E0431
+	STATUS_GRAPHICS_CHAINLINKS_NOT_ENUMERATED                                 NTStatus      = 0xC01E0432
+	STATUS_GRAPHICS_ADAPTER_CHAIN_NOT_READY                                   NTStatus      = 0xC01E0433
+	STATUS_GRAPHICS_CHAINLINKS_NOT_STARTED                                    NTStatus      = 0xC01E0434
+	STATUS_GRAPHICS_CHAINLINKS_NOT_POWERED_ON                                 NTStatus      = 0xC01E0435
+	STATUS_GRAPHICS_INCONSISTENT_DEVICE_LINK_STATE                            NTStatus      = 0xC01E0436
+	STATUS_GRAPHICS_LEADLINK_START_DEFERRED                                   NTStatus      = 0x401E0437
+	STATUS_GRAPHICS_NOT_POST_DEVICE_DRIVER                                    NTStatus      = 0xC01E0438
+	STATUS_GRAPHICS_POLLING_TOO_FREQUENTLY                                    NTStatus      = 0x401E0439
+	STATUS_GRAPHICS_START_DEFERRED                                            NTStatus      = 0x401E043A
+	STATUS_GRAPHICS_ADAPTER_ACCESS_NOT_EXCLUDED                               NTStatus      = 0xC01E043B
+	STATUS_GRAPHICS_DEPENDABLE_CHILD_STATUS                                   NTStatus      = 0x401E043C
+	STATUS_GRAPHICS_OPM_NOT_SUPPORTED                                         NTStatus      = 0xC01E0500
+	STATUS_GRAPHICS_COPP_NOT_SUPPORTED                                        NTStatus      = 0xC01E0501
+	STATUS_GRAPHICS_UAB_NOT_SUPPORTED                                         NTStatus      = 0xC01E0502
+	STATUS_GRAPHICS_OPM_INVALID_ENCRYPTED_PARAMETERS                          NTStatus      = 0xC01E0503
+	STATUS_GRAPHICS_OPM_NO_PROTECTED_OUTPUTS_EXIST                            NTStatus      = 0xC01E0505
+	STATUS_GRAPHICS_OPM_INTERNAL_ERROR                                        NTStatus      = 0xC01E050B
+	STATUS_GRAPHICS_OPM_INVALID_HANDLE                                        NTStatus      = 0xC01E050C
+	STATUS_GRAPHICS_PVP_INVALID_CERTIFICATE_LENGTH                            NTStatus      = 0xC01E050E
+	STATUS_GRAPHICS_OPM_SPANNING_MODE_ENABLED                                 NTStatus      = 0xC01E050F
+	STATUS_GRAPHICS_OPM_THEATER_MODE_ENABLED                                  NTStatus      = 0xC01E0510
+	STATUS_GRAPHICS_PVP_HFS_FAILED                                            NTStatus      = 0xC01E0511
+	STATUS_GRAPHICS_OPM_INVALID_SRM                                           NTStatus      = 0xC01E0512
+	STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_HDCP                          NTStatus      = 0xC01E0513
+	STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_ACP                           NTStatus      = 0xC01E0514
+	STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_CGMSA                         NTStatus      = 0xC01E0515
+	STATUS_GRAPHICS_OPM_HDCP_SRM_NEVER_SET                                    NTStatus      = 0xC01E0516
+	STATUS_GRAPHICS_OPM_RESOLUTION_TOO_HIGH                                   NTStatus      = 0xC01E0517
+	STATUS_GRAPHICS_OPM_ALL_HDCP_HARDWARE_ALREADY_IN_USE                      NTStatus      = 0xC01E0518
+	STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_NO_LONGER_EXISTS                     NTStatus      = 0xC01E051A
+	STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_COPP_SEMANTICS         NTStatus      = 0xC01E051C
+	STATUS_GRAPHICS_OPM_INVALID_INFORMATION_REQUEST                           NTStatus      = 0xC01E051D
+	STATUS_GRAPHICS_OPM_DRIVER_INTERNAL_ERROR                                 NTStatus      = 0xC01E051E
+	STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_OPM_SEMANTICS          NTStatus      = 0xC01E051F
+	STATUS_GRAPHICS_OPM_SIGNALING_NOT_SUPPORTED                               NTStatus      = 0xC01E0520
+	STATUS_GRAPHICS_OPM_INVALID_CONFIGURATION_REQUEST                         NTStatus      = 0xC01E0521
+	STATUS_GRAPHICS_I2C_NOT_SUPPORTED                                         NTStatus      = 0xC01E0580
+	STATUS_GRAPHICS_I2C_DEVICE_DOES_NOT_EXIST                                 NTStatus      = 0xC01E0581
+	STATUS_GRAPHICS_I2C_ERROR_TRANSMITTING_DATA                               NTStatus      = 0xC01E0582
+	STATUS_GRAPHICS_I2C_ERROR_RECEIVING_DATA                                  NTStatus      = 0xC01E0583
+	STATUS_GRAPHICS_DDCCI_VCP_NOT_SUPPORTED                                   NTStatus      = 0xC01E0584
+	STATUS_GRAPHICS_DDCCI_INVALID_DATA                                        NTStatus      = 0xC01E0585
+	STATUS_GRAPHICS_DDCCI_MONITOR_RETURNED_INVALID_TIMING_STATUS_BYTE         NTStatus      = 0xC01E0586
+	STATUS_GRAPHICS_DDCCI_INVALID_CAPABILITIES_STRING                         NTStatus      = 0xC01E0587
+	STATUS_GRAPHICS_MCA_INTERNAL_ERROR                                        NTStatus      = 0xC01E0588
+	STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_COMMAND                             NTStatus      = 0xC01E0589
+	STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_LENGTH                              NTStatus      = 0xC01E058A
+	STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_CHECKSUM                            NTStatus      = 0xC01E058B
+	STATUS_GRAPHICS_INVALID_PHYSICAL_MONITOR_HANDLE                           NTStatus      = 0xC01E058C
+	STATUS_GRAPHICS_MONITOR_NO_LONGER_EXISTS                                  NTStatus      = 0xC01E058D
+	STATUS_GRAPHICS_ONLY_CONSOLE_SESSION_SUPPORTED                            NTStatus      = 0xC01E05E0
+	STATUS_GRAPHICS_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME                     NTStatus      = 0xC01E05E1
+	STATUS_GRAPHICS_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP                    NTStatus      = 0xC01E05E2
+	STATUS_GRAPHICS_MIRRORING_DEVICES_NOT_SUPPORTED                           NTStatus      = 0xC01E05E3
+	STATUS_GRAPHICS_INVALID_POINTER                                           NTStatus      = 0xC01E05E4
+	STATUS_GRAPHICS_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE                  NTStatus      = 0xC01E05E5
+	STATUS_GRAPHICS_PARAMETER_ARRAY_TOO_SMALL                                 NTStatus      = 0xC01E05E6
+	STATUS_GRAPHICS_INTERNAL_ERROR                                            NTStatus      = 0xC01E05E7
+	STATUS_GRAPHICS_SESSION_TYPE_CHANGE_IN_PROGRESS                           NTStatus      = 0xC01E05E8
+	STATUS_FVE_LOCKED_VOLUME                                                  NTStatus      = 0xC0210000
+	STATUS_FVE_NOT_ENCRYPTED                                                  NTStatus      = 0xC0210001
+	STATUS_FVE_BAD_INFORMATION                                                NTStatus      = 0xC0210002
+	STATUS_FVE_TOO_SMALL                                                      NTStatus      = 0xC0210003
+	STATUS_FVE_FAILED_WRONG_FS                                                NTStatus      = 0xC0210004
+	STATUS_FVE_BAD_PARTITION_SIZE                                             NTStatus      = 0xC0210005
+	STATUS_FVE_FS_NOT_EXTENDED                                                NTStatus      = 0xC0210006
+	STATUS_FVE_FS_MOUNTED                                                     NTStatus      = 0xC0210007
+	STATUS_FVE_NO_LICENSE                                                     NTStatus      = 0xC0210008
+	STATUS_FVE_ACTION_NOT_ALLOWED                                             NTStatus      = 0xC0210009
+	STATUS_FVE_BAD_DATA                                                       NTStatus      = 0xC021000A
+	STATUS_FVE_VOLUME_NOT_BOUND                                               NTStatus      = 0xC021000B
+	STATUS_FVE_NOT_DATA_VOLUME                                                NTStatus      = 0xC021000C
+	STATUS_FVE_CONV_READ_ERROR                                                NTStatus      = 0xC021000D
+	STATUS_FVE_CONV_WRITE_ERROR                                               NTStatus      = 0xC021000E
+	STATUS_FVE_OVERLAPPED_UPDATE                                              NTStatus      = 0xC021000F
+	STATUS_FVE_FAILED_SECTOR_SIZE                                             NTStatus      = 0xC0210010
+	STATUS_FVE_FAILED_AUTHENTICATION                                          NTStatus      = 0xC0210011
+	STATUS_FVE_NOT_OS_VOLUME                                                  NTStatus      = 0xC0210012
+	STATUS_FVE_KEYFILE_NOT_FOUND                                              NTStatus      = 0xC0210013
+	STATUS_FVE_KEYFILE_INVALID                                                NTStatus      = 0xC0210014
+	STATUS_FVE_KEYFILE_NO_VMK                                                 NTStatus      = 0xC0210015
+	STATUS_FVE_TPM_DISABLED                                                   NTStatus      = 0xC0210016
+	STATUS_FVE_TPM_SRK_AUTH_NOT_ZERO                                          NTStatus      = 0xC0210017
+	STATUS_FVE_TPM_INVALID_PCR                                                NTStatus      = 0xC0210018
+	STATUS_FVE_TPM_NO_VMK                                                     NTStatus      = 0xC0210019
+	STATUS_FVE_PIN_INVALID                                                    NTStatus      = 0xC021001A
+	STATUS_FVE_AUTH_INVALID_APPLICATION                                       NTStatus      = 0xC021001B
+	STATUS_FVE_AUTH_INVALID_CONFIG                                            NTStatus      = 0xC021001C
+	STATUS_FVE_DEBUGGER_ENABLED                                               NTStatus      = 0xC021001D
+	STATUS_FVE_DRY_RUN_FAILED                                                 NTStatus      = 0xC021001E
+	STATUS_FVE_BAD_METADATA_POINTER                                           NTStatus      = 0xC021001F
+	STATUS_FVE_OLD_METADATA_COPY                                              NTStatus      = 0xC0210020
+	STATUS_FVE_REBOOT_REQUIRED                                                NTStatus      = 0xC0210021
+	STATUS_FVE_RAW_ACCESS                                                     NTStatus      = 0xC0210022
+	STATUS_FVE_RAW_BLOCKED                                                    NTStatus      = 0xC0210023
+	STATUS_FVE_NO_AUTOUNLOCK_MASTER_KEY                                       NTStatus      = 0xC0210024
+	STATUS_FVE_MOR_FAILED                                                     NTStatus      = 0xC0210025
+	STATUS_FVE_NO_FEATURE_LICENSE                                             NTStatus      = 0xC0210026
+	STATUS_FVE_POLICY_USER_DISABLE_RDV_NOT_ALLOWED                            NTStatus      = 0xC0210027
+	STATUS_FVE_CONV_RECOVERY_FAILED                                           NTStatus      = 0xC0210028
+	STATUS_FVE_VIRTUALIZED_SPACE_TOO_BIG                                      NTStatus      = 0xC0210029
+	STATUS_FVE_INVALID_DATUM_TYPE                                             NTStatus      = 0xC021002A
+	STATUS_FVE_VOLUME_TOO_SMALL                                               NTStatus      = 0xC0210030
+	STATUS_FVE_ENH_PIN_INVALID                                                NTStatus      = 0xC0210031
+	STATUS_FVE_FULL_ENCRYPTION_NOT_ALLOWED_ON_TP_STORAGE                      NTStatus      = 0xC0210032
+	STATUS_FVE_WIPE_NOT_ALLOWED_ON_TP_STORAGE                                 NTStatus      = 0xC0210033
+	STATUS_FVE_NOT_ALLOWED_ON_CSV_STACK                                       NTStatus      = 0xC0210034
+	STATUS_FVE_NOT_ALLOWED_ON_CLUSTER                                         NTStatus      = 0xC0210035
+	STATUS_FVE_NOT_ALLOWED_TO_UPGRADE_WHILE_CONVERTING                        NTStatus      = 0xC0210036
+	STATUS_FVE_WIPE_CANCEL_NOT_APPLICABLE                                     NTStatus      = 0xC0210037
+	STATUS_FVE_EDRIVE_DRY_RUN_FAILED                                          NTStatus      = 0xC0210038
+	STATUS_FVE_SECUREBOOT_DISABLED                                            NTStatus      = 0xC0210039
+	STATUS_FVE_SECUREBOOT_CONFIG_CHANGE                                       NTStatus      = 0xC021003A
+	STATUS_FVE_DEVICE_LOCKEDOUT                                               NTStatus      = 0xC021003B
+	STATUS_FVE_VOLUME_EXTEND_PREVENTS_EOW_DECRYPT                             NTStatus      = 0xC021003C
+	STATUS_FVE_NOT_DE_VOLUME                                                  NTStatus      = 0xC021003D
+	STATUS_FVE_PROTECTION_DISABLED                                            NTStatus      = 0xC021003E
+	STATUS_FVE_PROTECTION_CANNOT_BE_DISABLED                                  NTStatus      = 0xC021003F
+	STATUS_FVE_OSV_KSR_NOT_ALLOWED                                            NTStatus      = 0xC0210040
+	STATUS_FWP_CALLOUT_NOT_FOUND                                              NTStatus      = 0xC0220001
+	STATUS_FWP_CONDITION_NOT_FOUND                                            NTStatus      = 0xC0220002
+	STATUS_FWP_FILTER_NOT_FOUND                                               NTStatus      = 0xC0220003
+	STATUS_FWP_LAYER_NOT_FOUND                                                NTStatus      = 0xC0220004
+	STATUS_FWP_PROVIDER_NOT_FOUND                                             NTStatus      = 0xC0220005
+	STATUS_FWP_PROVIDER_CONTEXT_NOT_FOUND                                     NTStatus      = 0xC0220006
+	STATUS_FWP_SUBLAYER_NOT_FOUND                                             NTStatus      = 0xC0220007
+	STATUS_FWP_NOT_FOUND                                                      NTStatus      = 0xC0220008
+	STATUS_FWP_ALREADY_EXISTS                                                 NTStatus      = 0xC0220009
+	STATUS_FWP_IN_USE                                                         NTStatus      = 0xC022000A
+	STATUS_FWP_DYNAMIC_SESSION_IN_PROGRESS                                    NTStatus      = 0xC022000B
+	STATUS_FWP_WRONG_SESSION                                                  NTStatus      = 0xC022000C
+	STATUS_FWP_NO_TXN_IN_PROGRESS                                             NTStatus      = 0xC022000D
+	STATUS_FWP_TXN_IN_PROGRESS                                                NTStatus      = 0xC022000E
+	STATUS_FWP_TXN_ABORTED                                                    NTStatus      = 0xC022000F
+	STATUS_FWP_SESSION_ABORTED                                                NTStatus      = 0xC0220010
+	STATUS_FWP_INCOMPATIBLE_TXN                                               NTStatus      = 0xC0220011
+	STATUS_FWP_TIMEOUT                                                        NTStatus      = 0xC0220012
+	STATUS_FWP_NET_EVENTS_DISABLED                                            NTStatus      = 0xC0220013
+	STATUS_FWP_INCOMPATIBLE_LAYER                                             NTStatus      = 0xC0220014
+	STATUS_FWP_KM_CLIENTS_ONLY                                                NTStatus      = 0xC0220015
+	STATUS_FWP_LIFETIME_MISMATCH                                              NTStatus      = 0xC0220016
+	STATUS_FWP_BUILTIN_OBJECT                                                 NTStatus      = 0xC0220017
+	STATUS_FWP_TOO_MANY_CALLOUTS                                              NTStatus      = 0xC0220018
+	STATUS_FWP_NOTIFICATION_DROPPED                                           NTStatus      = 0xC0220019
+	STATUS_FWP_TRAFFIC_MISMATCH                                               NTStatus      = 0xC022001A
+	STATUS_FWP_INCOMPATIBLE_SA_STATE                                          NTStatus      = 0xC022001B
+	STATUS_FWP_NULL_POINTER                                                   NTStatus      = 0xC022001C
+	STATUS_FWP_INVALID_ENUMERATOR                                             NTStatus      = 0xC022001D
+	STATUS_FWP_INVALID_FLAGS                                                  NTStatus      = 0xC022001E
+	STATUS_FWP_INVALID_NET_MASK                                               NTStatus      = 0xC022001F
+	STATUS_FWP_INVALID_RANGE                                                  NTStatus      = 0xC0220020
+	STATUS_FWP_INVALID_INTERVAL                                               NTStatus      = 0xC0220021
+	STATUS_FWP_ZERO_LENGTH_ARRAY                                              NTStatus      = 0xC0220022
+	STATUS_FWP_NULL_DISPLAY_NAME                                              NTStatus      = 0xC0220023
+	STATUS_FWP_INVALID_ACTION_TYPE                                            NTStatus      = 0xC0220024
+	STATUS_FWP_INVALID_WEIGHT                                                 NTStatus      = 0xC0220025
+	STATUS_FWP_MATCH_TYPE_MISMATCH                                            NTStatus      = 0xC0220026
+	STATUS_FWP_TYPE_MISMATCH                                                  NTStatus      = 0xC0220027
+	STATUS_FWP_OUT_OF_BOUNDS                                                  NTStatus      = 0xC0220028
+	STATUS_FWP_RESERVED                                                       NTStatus      = 0xC0220029
+	STATUS_FWP_DUPLICATE_CONDITION                                            NTStatus      = 0xC022002A
+	STATUS_FWP_DUPLICATE_KEYMOD                                               NTStatus      = 0xC022002B
+	STATUS_FWP_ACTION_INCOMPATIBLE_WITH_LAYER                                 NTStatus      = 0xC022002C
+	STATUS_FWP_ACTION_INCOMPATIBLE_WITH_SUBLAYER                              NTStatus      = 0xC022002D
+	STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_LAYER                                NTStatus      = 0xC022002E
+	STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_CALLOUT                              NTStatus      = 0xC022002F
+	STATUS_FWP_INCOMPATIBLE_AUTH_METHOD                                       NTStatus      = 0xC0220030
+	STATUS_FWP_INCOMPATIBLE_DH_GROUP                                          NTStatus      = 0xC0220031
+	STATUS_FWP_EM_NOT_SUPPORTED                                               NTStatus      = 0xC0220032
+	STATUS_FWP_NEVER_MATCH                                                    NTStatus      = 0xC0220033
+	STATUS_FWP_PROVIDER_CONTEXT_MISMATCH                                      NTStatus      = 0xC0220034
+	STATUS_FWP_INVALID_PARAMETER                                              NTStatus      = 0xC0220035
+	STATUS_FWP_TOO_MANY_SUBLAYERS                                             NTStatus      = 0xC0220036
+	STATUS_FWP_CALLOUT_NOTIFICATION_FAILED                                    NTStatus      = 0xC0220037
+	STATUS_FWP_INVALID_AUTH_TRANSFORM                                         NTStatus      = 0xC0220038
+	STATUS_FWP_INVALID_CIPHER_TRANSFORM                                       NTStatus      = 0xC0220039
+	STATUS_FWP_INCOMPATIBLE_CIPHER_TRANSFORM                                  NTStatus      = 0xC022003A
+	STATUS_FWP_INVALID_TRANSFORM_COMBINATION                                  NTStatus      = 0xC022003B
+	STATUS_FWP_DUPLICATE_AUTH_METHOD                                          NTStatus      = 0xC022003C
+	STATUS_FWP_INVALID_TUNNEL_ENDPOINT                                        NTStatus      = 0xC022003D
+	STATUS_FWP_L2_DRIVER_NOT_READY                                            NTStatus      = 0xC022003E
+	STATUS_FWP_KEY_DICTATOR_ALREADY_REGISTERED                                NTStatus      = 0xC022003F
+	STATUS_FWP_KEY_DICTATION_INVALID_KEYING_MATERIAL                          NTStatus      = 0xC0220040
+	STATUS_FWP_CONNECTIONS_DISABLED                                           NTStatus      = 0xC0220041
+	STATUS_FWP_INVALID_DNS_NAME                                               NTStatus      = 0xC0220042
+	STATUS_FWP_STILL_ON                                                       NTStatus      = 0xC0220043
+	STATUS_FWP_IKEEXT_NOT_RUNNING                                             NTStatus      = 0xC0220044
+	STATUS_FWP_TCPIP_NOT_READY                                                NTStatus      = 0xC0220100
+	STATUS_FWP_INJECT_HANDLE_CLOSING                                          NTStatus      = 0xC0220101
+	STATUS_FWP_INJECT_HANDLE_STALE                                            NTStatus      = 0xC0220102
+	STATUS_FWP_CANNOT_PEND                                                    NTStatus      = 0xC0220103
+	STATUS_FWP_DROP_NOICMP                                                    NTStatus      = 0xC0220104
+	STATUS_NDIS_CLOSING                                                       NTStatus      = 0xC0230002
+	STATUS_NDIS_BAD_VERSION                                                   NTStatus      = 0xC0230004
+	STATUS_NDIS_BAD_CHARACTERISTICS                                           NTStatus      = 0xC0230005
+	STATUS_NDIS_ADAPTER_NOT_FOUND                                             NTStatus      = 0xC0230006
+	STATUS_NDIS_OPEN_FAILED                                                   NTStatus      = 0xC0230007
+	STATUS_NDIS_DEVICE_FAILED                                                 NTStatus      = 0xC0230008
+	STATUS_NDIS_MULTICAST_FULL                                                NTStatus      = 0xC0230009
+	STATUS_NDIS_MULTICAST_EXISTS                                              NTStatus      = 0xC023000A
+	STATUS_NDIS_MULTICAST_NOT_FOUND                                           NTStatus      = 0xC023000B
+	STATUS_NDIS_REQUEST_ABORTED                                               NTStatus      = 0xC023000C
+	STATUS_NDIS_RESET_IN_PROGRESS                                             NTStatus      = 0xC023000D
+	STATUS_NDIS_NOT_SUPPORTED                                                 NTStatus      = 0xC02300BB
+	STATUS_NDIS_INVALID_PACKET                                                NTStatus      = 0xC023000F
+	STATUS_NDIS_ADAPTER_NOT_READY                                             NTStatus      = 0xC0230011
+	STATUS_NDIS_INVALID_LENGTH                                                NTStatus      = 0xC0230014
+	STATUS_NDIS_INVALID_DATA                                                  NTStatus      = 0xC0230015
+	STATUS_NDIS_BUFFER_TOO_SHORT                                              NTStatus      = 0xC0230016
+	STATUS_NDIS_INVALID_OID                                                   NTStatus      = 0xC0230017
+	STATUS_NDIS_ADAPTER_REMOVED                                               NTStatus      = 0xC0230018
+	STATUS_NDIS_UNSUPPORTED_MEDIA                                             NTStatus      = 0xC0230019
+	STATUS_NDIS_GROUP_ADDRESS_IN_USE                                          NTStatus      = 0xC023001A
+	STATUS_NDIS_FILE_NOT_FOUND                                                NTStatus      = 0xC023001B
+	STATUS_NDIS_ERROR_READING_FILE                                            NTStatus      = 0xC023001C
+	STATUS_NDIS_ALREADY_MAPPED                                                NTStatus      = 0xC023001D
+	STATUS_NDIS_RESOURCE_CONFLICT                                             NTStatus      = 0xC023001E
+	STATUS_NDIS_MEDIA_DISCONNECTED                                            NTStatus      = 0xC023001F
+	STATUS_NDIS_INVALID_ADDRESS                                               NTStatus      = 0xC0230022
+	STATUS_NDIS_INVALID_DEVICE_REQUEST                                        NTStatus      = 0xC0230010
+	STATUS_NDIS_PAUSED                                                        NTStatus      = 0xC023002A
+	STATUS_NDIS_INTERFACE_NOT_FOUND                                           NTStatus      = 0xC023002B
+	STATUS_NDIS_UNSUPPORTED_REVISION                                          NTStatus      = 0xC023002C
+	STATUS_NDIS_INVALID_PORT                                                  NTStatus      = 0xC023002D
+	STATUS_NDIS_INVALID_PORT_STATE                                            NTStatus      = 0xC023002E
+	STATUS_NDIS_LOW_POWER_STATE                                               NTStatus      = 0xC023002F
+	STATUS_NDIS_REINIT_REQUIRED                                               NTStatus      = 0xC0230030
+	STATUS_NDIS_NO_QUEUES                                                     NTStatus      = 0xC0230031
+	STATUS_NDIS_DOT11_AUTO_CONFIG_ENABLED                                     NTStatus      = 0xC0232000
+	STATUS_NDIS_DOT11_MEDIA_IN_USE                                            NTStatus      = 0xC0232001
+	STATUS_NDIS_DOT11_POWER_STATE_INVALID                                     NTStatus      = 0xC0232002
+	STATUS_NDIS_PM_WOL_PATTERN_LIST_FULL                                      NTStatus      = 0xC0232003
+	STATUS_NDIS_PM_PROTOCOL_OFFLOAD_LIST_FULL                                 NTStatus      = 0xC0232004
+	STATUS_NDIS_DOT11_AP_CHANNEL_CURRENTLY_NOT_AVAILABLE                      NTStatus      = 0xC0232005
+	STATUS_NDIS_DOT11_AP_BAND_CURRENTLY_NOT_AVAILABLE                         NTStatus      = 0xC0232006
+	STATUS_NDIS_DOT11_AP_CHANNEL_NOT_ALLOWED                                  NTStatus      = 0xC0232007
+	STATUS_NDIS_DOT11_AP_BAND_NOT_ALLOWED                                     NTStatus      = 0xC0232008
+	STATUS_NDIS_INDICATION_REQUIRED                                           NTStatus      = 0x40230001
+	STATUS_NDIS_OFFLOAD_POLICY                                                NTStatus      = 0xC023100F
+	STATUS_NDIS_OFFLOAD_CONNECTION_REJECTED                                   NTStatus      = 0xC0231012
+	STATUS_NDIS_OFFLOAD_PATH_REJECTED                                         NTStatus      = 0xC0231013
+	STATUS_TPM_ERROR_MASK                                                     NTStatus      = 0xC0290000
+	STATUS_TPM_AUTHFAIL                                                       NTStatus      = 0xC0290001
+	STATUS_TPM_BADINDEX                                                       NTStatus      = 0xC0290002
+	STATUS_TPM_BAD_PARAMETER                                                  NTStatus      = 0xC0290003
+	STATUS_TPM_AUDITFAILURE                                                   NTStatus      = 0xC0290004
+	STATUS_TPM_CLEAR_DISABLED                                                 NTStatus      = 0xC0290005
+	STATUS_TPM_DEACTIVATED                                                    NTStatus      = 0xC0290006
+	STATUS_TPM_DISABLED                                                       NTStatus      = 0xC0290007
+	STATUS_TPM_DISABLED_CMD                                                   NTStatus      = 0xC0290008
+	STATUS_TPM_FAIL                                                           NTStatus      = 0xC0290009
+	STATUS_TPM_BAD_ORDINAL                                                    NTStatus      = 0xC029000A
+	STATUS_TPM_INSTALL_DISABLED                                               NTStatus      = 0xC029000B
+	STATUS_TPM_INVALID_KEYHANDLE                                              NTStatus      = 0xC029000C
+	STATUS_TPM_KEYNOTFOUND                                                    NTStatus      = 0xC029000D
+	STATUS_TPM_INAPPROPRIATE_ENC                                              NTStatus      = 0xC029000E
+	STATUS_TPM_MIGRATEFAIL                                                    NTStatus      = 0xC029000F
+	STATUS_TPM_INVALID_PCR_INFO                                               NTStatus      = 0xC0290010
+	STATUS_TPM_NOSPACE                                                        NTStatus      = 0xC0290011
+	STATUS_TPM_NOSRK                                                          NTStatus      = 0xC0290012
+	STATUS_TPM_NOTSEALED_BLOB                                                 NTStatus      = 0xC0290013
+	STATUS_TPM_OWNER_SET                                                      NTStatus      = 0xC0290014
+	STATUS_TPM_RESOURCES                                                      NTStatus      = 0xC0290015
+	STATUS_TPM_SHORTRANDOM                                                    NTStatus      = 0xC0290016
+	STATUS_TPM_SIZE                                                           NTStatus      = 0xC0290017
+	STATUS_TPM_WRONGPCRVAL                                                    NTStatus      = 0xC0290018
+	STATUS_TPM_BAD_PARAM_SIZE                                                 NTStatus      = 0xC0290019
+	STATUS_TPM_SHA_THREAD                                                     NTStatus      = 0xC029001A
+	STATUS_TPM_SHA_ERROR                                                      NTStatus      = 0xC029001B
+	STATUS_TPM_FAILEDSELFTEST                                                 NTStatus      = 0xC029001C
+	STATUS_TPM_AUTH2FAIL                                                      NTStatus      = 0xC029001D
+	STATUS_TPM_BADTAG                                                         NTStatus      = 0xC029001E
+	STATUS_TPM_IOERROR                                                        NTStatus      = 0xC029001F
+	STATUS_TPM_ENCRYPT_ERROR                                                  NTStatus      = 0xC0290020
+	STATUS_TPM_DECRYPT_ERROR                                                  NTStatus      = 0xC0290021
+	STATUS_TPM_INVALID_AUTHHANDLE                                             NTStatus      = 0xC0290022
+	STATUS_TPM_NO_ENDORSEMENT                                                 NTStatus      = 0xC0290023
+	STATUS_TPM_INVALID_KEYUSAGE                                               NTStatus      = 0xC0290024
+	STATUS_TPM_WRONG_ENTITYTYPE                                               NTStatus      = 0xC0290025
+	STATUS_TPM_INVALID_POSTINIT                                               NTStatus      = 0xC0290026
+	STATUS_TPM_INAPPROPRIATE_SIG                                              NTStatus      = 0xC0290027
+	STATUS_TPM_BAD_KEY_PROPERTY                                               NTStatus      = 0xC0290028
+	STATUS_TPM_BAD_MIGRATION                                                  NTStatus      = 0xC0290029
+	STATUS_TPM_BAD_SCHEME                                                     NTStatus      = 0xC029002A
+	STATUS_TPM_BAD_DATASIZE                                                   NTStatus      = 0xC029002B
+	STATUS_TPM_BAD_MODE                                                       NTStatus      = 0xC029002C
+	STATUS_TPM_BAD_PRESENCE                                                   NTStatus      = 0xC029002D
+	STATUS_TPM_BAD_VERSION                                                    NTStatus      = 0xC029002E
+	STATUS_TPM_NO_WRAP_TRANSPORT                                              NTStatus      = 0xC029002F
+	STATUS_TPM_AUDITFAIL_UNSUCCESSFUL                                         NTStatus      = 0xC0290030
+	STATUS_TPM_AUDITFAIL_SUCCESSFUL                                           NTStatus      = 0xC0290031
+	STATUS_TPM_NOTRESETABLE                                                   NTStatus      = 0xC0290032
+	STATUS_TPM_NOTLOCAL                                                       NTStatus      = 0xC0290033
+	STATUS_TPM_BAD_TYPE                                                       NTStatus      = 0xC0290034
+	STATUS_TPM_INVALID_RESOURCE                                               NTStatus      = 0xC0290035
+	STATUS_TPM_NOTFIPS                                                        NTStatus      = 0xC0290036
+	STATUS_TPM_INVALID_FAMILY                                                 NTStatus      = 0xC0290037
+	STATUS_TPM_NO_NV_PERMISSION                                               NTStatus      = 0xC0290038
+	STATUS_TPM_REQUIRES_SIGN                                                  NTStatus      = 0xC0290039
+	STATUS_TPM_KEY_NOTSUPPORTED                                               NTStatus      = 0xC029003A
+	STATUS_TPM_AUTH_CONFLICT                                                  NTStatus      = 0xC029003B
+	STATUS_TPM_AREA_LOCKED                                                    NTStatus      = 0xC029003C
+	STATUS_TPM_BAD_LOCALITY                                                   NTStatus      = 0xC029003D
+	STATUS_TPM_READ_ONLY                                                      NTStatus      = 0xC029003E
+	STATUS_TPM_PER_NOWRITE                                                    NTStatus      = 0xC029003F
+	STATUS_TPM_FAMILYCOUNT                                                    NTStatus      = 0xC0290040
+	STATUS_TPM_WRITE_LOCKED                                                   NTStatus      = 0xC0290041
+	STATUS_TPM_BAD_ATTRIBUTES                                                 NTStatus      = 0xC0290042
+	STATUS_TPM_INVALID_STRUCTURE                                              NTStatus      = 0xC0290043
+	STATUS_TPM_KEY_OWNER_CONTROL                                              NTStatus      = 0xC0290044
+	STATUS_TPM_BAD_COUNTER                                                    NTStatus      = 0xC0290045
+	STATUS_TPM_NOT_FULLWRITE                                                  NTStatus      = 0xC0290046
+	STATUS_TPM_CONTEXT_GAP                                                    NTStatus      = 0xC0290047
+	STATUS_TPM_MAXNVWRITES                                                    NTStatus      = 0xC0290048
+	STATUS_TPM_NOOPERATOR                                                     NTStatus      = 0xC0290049
+	STATUS_TPM_RESOURCEMISSING                                                NTStatus      = 0xC029004A
+	STATUS_TPM_DELEGATE_LOCK                                                  NTStatus      = 0xC029004B
+	STATUS_TPM_DELEGATE_FAMILY                                                NTStatus      = 0xC029004C
+	STATUS_TPM_DELEGATE_ADMIN                                                 NTStatus      = 0xC029004D
+	STATUS_TPM_TRANSPORT_NOTEXCLUSIVE                                         NTStatus      = 0xC029004E
+	STATUS_TPM_OWNER_CONTROL                                                  NTStatus      = 0xC029004F
+	STATUS_TPM_DAA_RESOURCES                                                  NTStatus      = 0xC0290050
+	STATUS_TPM_DAA_INPUT_DATA0                                                NTStatus      = 0xC0290051
+	STATUS_TPM_DAA_INPUT_DATA1                                                NTStatus      = 0xC0290052
+	STATUS_TPM_DAA_ISSUER_SETTINGS                                            NTStatus      = 0xC0290053
+	STATUS_TPM_DAA_TPM_SETTINGS                                               NTStatus      = 0xC0290054
+	STATUS_TPM_DAA_STAGE                                                      NTStatus      = 0xC0290055
+	STATUS_TPM_DAA_ISSUER_VALIDITY                                            NTStatus      = 0xC0290056
+	STATUS_TPM_DAA_WRONG_W                                                    NTStatus      = 0xC0290057
+	STATUS_TPM_BAD_HANDLE                                                     NTStatus      = 0xC0290058
+	STATUS_TPM_BAD_DELEGATE                                                   NTStatus      = 0xC0290059
+	STATUS_TPM_BADCONTEXT                                                     NTStatus      = 0xC029005A
+	STATUS_TPM_TOOMANYCONTEXTS                                                NTStatus      = 0xC029005B
+	STATUS_TPM_MA_TICKET_SIGNATURE                                            NTStatus      = 0xC029005C
+	STATUS_TPM_MA_DESTINATION                                                 NTStatus      = 0xC029005D
+	STATUS_TPM_MA_SOURCE                                                      NTStatus      = 0xC029005E
+	STATUS_TPM_MA_AUTHORITY                                                   NTStatus      = 0xC029005F
+	STATUS_TPM_PERMANENTEK                                                    NTStatus      = 0xC0290061
+	STATUS_TPM_BAD_SIGNATURE                                                  NTStatus      = 0xC0290062
+	STATUS_TPM_NOCONTEXTSPACE                                                 NTStatus      = 0xC0290063
+	STATUS_TPM_20_E_ASYMMETRIC                                                NTStatus      = 0xC0290081
+	STATUS_TPM_20_E_ATTRIBUTES                                                NTStatus      = 0xC0290082
+	STATUS_TPM_20_E_HASH                                                      NTStatus      = 0xC0290083
+	STATUS_TPM_20_E_VALUE                                                     NTStatus      = 0xC0290084
+	STATUS_TPM_20_E_HIERARCHY                                                 NTStatus      = 0xC0290085
+	STATUS_TPM_20_E_KEY_SIZE                                                  NTStatus      = 0xC0290087
+	STATUS_TPM_20_E_MGF                                                       NTStatus      = 0xC0290088
+	STATUS_TPM_20_E_MODE                                                      NTStatus      = 0xC0290089
+	STATUS_TPM_20_E_TYPE                                                      NTStatus      = 0xC029008A
+	STATUS_TPM_20_E_HANDLE                                                    NTStatus      = 0xC029008B
+	STATUS_TPM_20_E_KDF                                                       NTStatus      = 0xC029008C
+	STATUS_TPM_20_E_RANGE                                                     NTStatus      = 0xC029008D
+	STATUS_TPM_20_E_AUTH_FAIL                                                 NTStatus      = 0xC029008E
+	STATUS_TPM_20_E_NONCE                                                     NTStatus      = 0xC029008F
+	STATUS_TPM_20_E_PP                                                        NTStatus      = 0xC0290090
+	STATUS_TPM_20_E_SCHEME                                                    NTStatus      = 0xC0290092
+	STATUS_TPM_20_E_SIZE                                                      NTStatus      = 0xC0290095
+	STATUS_TPM_20_E_SYMMETRIC                                                 NTStatus      = 0xC0290096
+	STATUS_TPM_20_E_TAG                                                       NTStatus      = 0xC0290097
+	STATUS_TPM_20_E_SELECTOR                                                  NTStatus      = 0xC0290098
+	STATUS_TPM_20_E_INSUFFICIENT                                              NTStatus      = 0xC029009A
+	STATUS_TPM_20_E_SIGNATURE                                                 NTStatus      = 0xC029009B
+	STATUS_TPM_20_E_KEY                                                       NTStatus      = 0xC029009C
+	STATUS_TPM_20_E_POLICY_FAIL                                               NTStatus      = 0xC029009D
+	STATUS_TPM_20_E_INTEGRITY                                                 NTStatus      = 0xC029009F
+	STATUS_TPM_20_E_TICKET                                                    NTStatus      = 0xC02900A0
+	STATUS_TPM_20_E_RESERVED_BITS                                             NTStatus      = 0xC02900A1
+	STATUS_TPM_20_E_BAD_AUTH                                                  NTStatus      = 0xC02900A2
+	STATUS_TPM_20_E_EXPIRED                                                   NTStatus      = 0xC02900A3
+	STATUS_TPM_20_E_POLICY_CC                                                 NTStatus      = 0xC02900A4
+	STATUS_TPM_20_E_BINDING                                                   NTStatus      = 0xC02900A5
+	STATUS_TPM_20_E_CURVE                                                     NTStatus      = 0xC02900A6
+	STATUS_TPM_20_E_ECC_POINT                                                 NTStatus      = 0xC02900A7
+	STATUS_TPM_20_E_INITIALIZE                                                NTStatus      = 0xC0290100
+	STATUS_TPM_20_E_FAILURE                                                   NTStatus      = 0xC0290101
+	STATUS_TPM_20_E_SEQUENCE                                                  NTStatus      = 0xC0290103
+	STATUS_TPM_20_E_PRIVATE                                                   NTStatus      = 0xC029010B
+	STATUS_TPM_20_E_HMAC                                                      NTStatus      = 0xC0290119
+	STATUS_TPM_20_E_DISABLED                                                  NTStatus      = 0xC0290120
+	STATUS_TPM_20_E_EXCLUSIVE                                                 NTStatus      = 0xC0290121
+	STATUS_TPM_20_E_ECC_CURVE                                                 NTStatus      = 0xC0290123
+	STATUS_TPM_20_E_AUTH_TYPE                                                 NTStatus      = 0xC0290124
+	STATUS_TPM_20_E_AUTH_MISSING                                              NTStatus      = 0xC0290125
+	STATUS_TPM_20_E_POLICY                                                    NTStatus      = 0xC0290126
+	STATUS_TPM_20_E_PCR                                                       NTStatus      = 0xC0290127
+	STATUS_TPM_20_E_PCR_CHANGED                                               NTStatus      = 0xC0290128
+	STATUS_TPM_20_E_UPGRADE                                                   NTStatus      = 0xC029012D
+	STATUS_TPM_20_E_TOO_MANY_CONTEXTS                                         NTStatus      = 0xC029012E
+	STATUS_TPM_20_E_AUTH_UNAVAILABLE                                          NTStatus      = 0xC029012F
+	STATUS_TPM_20_E_REBOOT                                                    NTStatus      = 0xC0290130
+	STATUS_TPM_20_E_UNBALANCED                                                NTStatus      = 0xC0290131
+	STATUS_TPM_20_E_COMMAND_SIZE                                              NTStatus      = 0xC0290142
+	STATUS_TPM_20_E_COMMAND_CODE                                              NTStatus      = 0xC0290143
+	STATUS_TPM_20_E_AUTHSIZE                                                  NTStatus      = 0xC0290144
+	STATUS_TPM_20_E_AUTH_CONTEXT                                              NTStatus      = 0xC0290145
+	STATUS_TPM_20_E_NV_RANGE                                                  NTStatus      = 0xC0290146
+	STATUS_TPM_20_E_NV_SIZE                                                   NTStatus      = 0xC0290147
+	STATUS_TPM_20_E_NV_LOCKED                                                 NTStatus      = 0xC0290148
+	STATUS_TPM_20_E_NV_AUTHORIZATION                                          NTStatus      = 0xC0290149
+	STATUS_TPM_20_E_NV_UNINITIALIZED                                          NTStatus      = 0xC029014A
+	STATUS_TPM_20_E_NV_SPACE                                                  NTStatus      = 0xC029014B
+	STATUS_TPM_20_E_NV_DEFINED                                                NTStatus      = 0xC029014C
+	STATUS_TPM_20_E_BAD_CONTEXT                                               NTStatus      = 0xC0290150
+	STATUS_TPM_20_E_CPHASH                                                    NTStatus      = 0xC0290151
+	STATUS_TPM_20_E_PARENT                                                    NTStatus      = 0xC0290152
+	STATUS_TPM_20_E_NEEDS_TEST                                                NTStatus      = 0xC0290153
+	STATUS_TPM_20_E_NO_RESULT                                                 NTStatus      = 0xC0290154
+	STATUS_TPM_20_E_SENSITIVE                                                 NTStatus      = 0xC0290155
+	STATUS_TPM_COMMAND_BLOCKED                                                NTStatus      = 0xC0290400
+	STATUS_TPM_INVALID_HANDLE                                                 NTStatus      = 0xC0290401
+	STATUS_TPM_DUPLICATE_VHANDLE                                              NTStatus      = 0xC0290402
+	STATUS_TPM_EMBEDDED_COMMAND_BLOCKED                                       NTStatus      = 0xC0290403
+	STATUS_TPM_EMBEDDED_COMMAND_UNSUPPORTED                                   NTStatus      = 0xC0290404
+	STATUS_TPM_RETRY                                                          NTStatus      = 0xC0290800
+	STATUS_TPM_NEEDS_SELFTEST                                                 NTStatus      = 0xC0290801
+	STATUS_TPM_DOING_SELFTEST                                                 NTStatus      = 0xC0290802
+	STATUS_TPM_DEFEND_LOCK_RUNNING                                            NTStatus      = 0xC0290803
+	STATUS_TPM_COMMAND_CANCELED                                               NTStatus      = 0xC0291001
+	STATUS_TPM_TOO_MANY_CONTEXTS                                              NTStatus      = 0xC0291002
+	STATUS_TPM_NOT_FOUND                                                      NTStatus      = 0xC0291003
+	STATUS_TPM_ACCESS_DENIED                                                  NTStatus      = 0xC0291004
+	STATUS_TPM_INSUFFICIENT_BUFFER                                            NTStatus      = 0xC0291005
+	STATUS_TPM_PPI_FUNCTION_UNSUPPORTED                                       NTStatus      = 0xC0291006
+	STATUS_PCP_ERROR_MASK                                                     NTStatus      = 0xC0292000
+	STATUS_PCP_DEVICE_NOT_READY                                               NTStatus      = 0xC0292001
+	STATUS_PCP_INVALID_HANDLE                                                 NTStatus      = 0xC0292002
+	STATUS_PCP_INVALID_PARAMETER                                              NTStatus      = 0xC0292003
+	STATUS_PCP_FLAG_NOT_SUPPORTED                                             NTStatus      = 0xC0292004
+	STATUS_PCP_NOT_SUPPORTED                                                  NTStatus      = 0xC0292005
+	STATUS_PCP_BUFFER_TOO_SMALL                                               NTStatus      = 0xC0292006
+	STATUS_PCP_INTERNAL_ERROR                                                 NTStatus      = 0xC0292007
+	STATUS_PCP_AUTHENTICATION_FAILED                                          NTStatus      = 0xC0292008
+	STATUS_PCP_AUTHENTICATION_IGNORED                                         NTStatus      = 0xC0292009
+	STATUS_PCP_POLICY_NOT_FOUND                                               NTStatus      = 0xC029200A
+	STATUS_PCP_PROFILE_NOT_FOUND                                              NTStatus      = 0xC029200B
+	STATUS_PCP_VALIDATION_FAILED                                              NTStatus      = 0xC029200C
+	STATUS_PCP_DEVICE_NOT_FOUND                                               NTStatus      = 0xC029200D
+	STATUS_PCP_WRONG_PARENT                                                   NTStatus      = 0xC029200E
+	STATUS_PCP_KEY_NOT_LOADED                                                 NTStatus      = 0xC029200F
+	STATUS_PCP_NO_KEY_CERTIFICATION                                           NTStatus      = 0xC0292010
+	STATUS_PCP_KEY_NOT_FINALIZED                                              NTStatus      = 0xC0292011
+	STATUS_PCP_ATTESTATION_CHALLENGE_NOT_SET                                  NTStatus      = 0xC0292012
+	STATUS_PCP_NOT_PCR_BOUND                                                  NTStatus      = 0xC0292013
+	STATUS_PCP_KEY_ALREADY_FINALIZED                                          NTStatus      = 0xC0292014
+	STATUS_PCP_KEY_USAGE_POLICY_NOT_SUPPORTED                                 NTStatus      = 0xC0292015
+	STATUS_PCP_KEY_USAGE_POLICY_INVALID                                       NTStatus      = 0xC0292016
+	STATUS_PCP_SOFT_KEY_ERROR                                                 NTStatus      = 0xC0292017
+	STATUS_PCP_KEY_NOT_AUTHENTICATED                                          NTStatus      = 0xC0292018
+	STATUS_PCP_KEY_NOT_AIK                                                    NTStatus      = 0xC0292019
+	STATUS_PCP_KEY_NOT_SIGNING_KEY                                            NTStatus      = 0xC029201A
+	STATUS_PCP_LOCKED_OUT                                                     NTStatus      = 0xC029201B
+	STATUS_PCP_CLAIM_TYPE_NOT_SUPPORTED                                       NTStatus      = 0xC029201C
+	STATUS_PCP_TPM_VERSION_NOT_SUPPORTED                                      NTStatus      = 0xC029201D
+	STATUS_PCP_BUFFER_LENGTH_MISMATCH                                         NTStatus      = 0xC029201E
+	STATUS_PCP_IFX_RSA_KEY_CREATION_BLOCKED                                   NTStatus      = 0xC029201F
+	STATUS_PCP_TICKET_MISSING                                                 NTStatus      = 0xC0292020
+	STATUS_PCP_RAW_POLICY_NOT_SUPPORTED                                       NTStatus      = 0xC0292021
+	STATUS_PCP_KEY_HANDLE_INVALIDATED                                         NTStatus      = 0xC0292022
+	STATUS_PCP_UNSUPPORTED_PSS_SALT                                           NTStatus      = 0x40292023
+	STATUS_RTPM_CONTEXT_CONTINUE                                              NTStatus      = 0x00293000
+	STATUS_RTPM_CONTEXT_COMPLETE                                              NTStatus      = 0x00293001
+	STATUS_RTPM_NO_RESULT                                                     NTStatus      = 0xC0293002
+	STATUS_RTPM_PCR_READ_INCOMPLETE                                           NTStatus      = 0xC0293003
+	STATUS_RTPM_INVALID_CONTEXT                                               NTStatus      = 0xC0293004
+	STATUS_RTPM_UNSUPPORTED_CMD                                               NTStatus      = 0xC0293005
+	STATUS_TPM_ZERO_EXHAUST_ENABLED                                           NTStatus      = 0xC0294000
+	STATUS_HV_INVALID_HYPERCALL_CODE                                          NTStatus      = 0xC0350002
+	STATUS_HV_INVALID_HYPERCALL_INPUT                                         NTStatus      = 0xC0350003
+	STATUS_HV_INVALID_ALIGNMENT                                               NTStatus      = 0xC0350004
+	STATUS_HV_INVALID_PARAMETER                                               NTStatus      = 0xC0350005
+	STATUS_HV_ACCESS_DENIED                                                   NTStatus      = 0xC0350006
+	STATUS_HV_INVALID_PARTITION_STATE                                         NTStatus      = 0xC0350007
+	STATUS_HV_OPERATION_DENIED                                                NTStatus      = 0xC0350008
+	STATUS_HV_UNKNOWN_PROPERTY                                                NTStatus      = 0xC0350009
+	STATUS_HV_PROPERTY_VALUE_OUT_OF_RANGE                                     NTStatus      = 0xC035000A
+	STATUS_HV_INSUFFICIENT_MEMORY                                             NTStatus      = 0xC035000B
+	STATUS_HV_PARTITION_TOO_DEEP                                              NTStatus      = 0xC035000C
+	STATUS_HV_INVALID_PARTITION_ID                                            NTStatus      = 0xC035000D
+	STATUS_HV_INVALID_VP_INDEX                                                NTStatus      = 0xC035000E
+	STATUS_HV_INVALID_PORT_ID                                                 NTStatus      = 0xC0350011
+	STATUS_HV_INVALID_CONNECTION_ID                                           NTStatus      = 0xC0350012
+	STATUS_HV_INSUFFICIENT_BUFFERS                                            NTStatus      = 0xC0350013
+	STATUS_HV_NOT_ACKNOWLEDGED                                                NTStatus      = 0xC0350014
+	STATUS_HV_INVALID_VP_STATE                                                NTStatus      = 0xC0350015
+	STATUS_HV_ACKNOWLEDGED                                                    NTStatus      = 0xC0350016
+	STATUS_HV_INVALID_SAVE_RESTORE_STATE                                      NTStatus      = 0xC0350017
+	STATUS_HV_INVALID_SYNIC_STATE                                             NTStatus      = 0xC0350018
+	STATUS_HV_OBJECT_IN_USE                                                   NTStatus      = 0xC0350019
+	STATUS_HV_INVALID_PROXIMITY_DOMAIN_INFO                                   NTStatus      = 0xC035001A
+	STATUS_HV_NO_DATA                                                         NTStatus      = 0xC035001B
+	STATUS_HV_INACTIVE                                                        NTStatus      = 0xC035001C
+	STATUS_HV_NO_RESOURCES                                                    NTStatus      = 0xC035001D
+	STATUS_HV_FEATURE_UNAVAILABLE                                             NTStatus      = 0xC035001E
+	STATUS_HV_INSUFFICIENT_BUFFER                                             NTStatus      = 0xC0350033
+	STATUS_HV_INSUFFICIENT_DEVICE_DOMAINS                                     NTStatus      = 0xC0350038
+	STATUS_HV_CPUID_FEATURE_VALIDATION_ERROR                                  NTStatus      = 0xC035003C
+	STATUS_HV_CPUID_XSAVE_FEATURE_VALIDATION_ERROR                            NTStatus      = 0xC035003D
+	STATUS_HV_PROCESSOR_STARTUP_TIMEOUT                                       NTStatus      = 0xC035003E
+	STATUS_HV_SMX_ENABLED                                                     NTStatus      = 0xC035003F
+	STATUS_HV_INVALID_LP_INDEX                                                NTStatus      = 0xC0350041
+	STATUS_HV_INVALID_REGISTER_VALUE                                          NTStatus      = 0xC0350050
+	STATUS_HV_INVALID_VTL_STATE                                               NTStatus      = 0xC0350051
+	STATUS_HV_NX_NOT_DETECTED                                                 NTStatus      = 0xC0350055
+	STATUS_HV_INVALID_DEVICE_ID                                               NTStatus      = 0xC0350057
+	STATUS_HV_INVALID_DEVICE_STATE                                            NTStatus      = 0xC0350058
+	STATUS_HV_PENDING_PAGE_REQUESTS                                           NTStatus      = 0x00350059
+	STATUS_HV_PAGE_REQUEST_INVALID                                            NTStatus      = 0xC0350060
+	STATUS_HV_INVALID_CPU_GROUP_ID                                            NTStatus      = 0xC035006F
+	STATUS_HV_INVALID_CPU_GROUP_STATE                                         NTStatus      = 0xC0350070
+	STATUS_HV_OPERATION_FAILED                                                NTStatus      = 0xC0350071
+	STATUS_HV_NOT_ALLOWED_WITH_NESTED_VIRT_ACTIVE                             NTStatus      = 0xC0350072
+	STATUS_HV_INSUFFICIENT_ROOT_MEMORY                                        NTStatus      = 0xC0350073
+	STATUS_HV_NOT_PRESENT                                                     NTStatus      = 0xC0351000
+	STATUS_VID_DUPLICATE_HANDLER                                              NTStatus      = 0xC0370001
+	STATUS_VID_TOO_MANY_HANDLERS                                              NTStatus      = 0xC0370002
+	STATUS_VID_QUEUE_FULL                                                     NTStatus      = 0xC0370003
+	STATUS_VID_HANDLER_NOT_PRESENT                                            NTStatus      = 0xC0370004
+	STATUS_VID_INVALID_OBJECT_NAME                                            NTStatus      = 0xC0370005
+	STATUS_VID_PARTITION_NAME_TOO_LONG                                        NTStatus      = 0xC0370006
+	STATUS_VID_MESSAGE_QUEUE_NAME_TOO_LONG                                    NTStatus      = 0xC0370007
+	STATUS_VID_PARTITION_ALREADY_EXISTS                                       NTStatus      = 0xC0370008
+	STATUS_VID_PARTITION_DOES_NOT_EXIST                                       NTStatus      = 0xC0370009
+	STATUS_VID_PARTITION_NAME_NOT_FOUND                                       NTStatus      = 0xC037000A
+	STATUS_VID_MESSAGE_QUEUE_ALREADY_EXISTS                                   NTStatus      = 0xC037000B
+	STATUS_VID_EXCEEDED_MBP_ENTRY_MAP_LIMIT                                   NTStatus      = 0xC037000C
+	STATUS_VID_MB_STILL_REFERENCED                                            NTStatus      = 0xC037000D
+	STATUS_VID_CHILD_GPA_PAGE_SET_CORRUPTED                                   NTStatus      = 0xC037000E
+	STATUS_VID_INVALID_NUMA_SETTINGS                                          NTStatus      = 0xC037000F
+	STATUS_VID_INVALID_NUMA_NODE_INDEX                                        NTStatus      = 0xC0370010
+	STATUS_VID_NOTIFICATION_QUEUE_ALREADY_ASSOCIATED                          NTStatus      = 0xC0370011
+	STATUS_VID_INVALID_MEMORY_BLOCK_HANDLE                                    NTStatus      = 0xC0370012
+	STATUS_VID_PAGE_RANGE_OVERFLOW                                            NTStatus      = 0xC0370013
+	STATUS_VID_INVALID_MESSAGE_QUEUE_HANDLE                                   NTStatus      = 0xC0370014
+	STATUS_VID_INVALID_GPA_RANGE_HANDLE                                       NTStatus      = 0xC0370015
+	STATUS_VID_NO_MEMORY_BLOCK_NOTIFICATION_QUEUE                             NTStatus      = 0xC0370016
+	STATUS_VID_MEMORY_BLOCK_LOCK_COUNT_EXCEEDED                               NTStatus      = 0xC0370017
+	STATUS_VID_INVALID_PPM_HANDLE                                             NTStatus      = 0xC0370018
+	STATUS_VID_MBPS_ARE_LOCKED                                                NTStatus      = 0xC0370019
+	STATUS_VID_MESSAGE_QUEUE_CLOSED                                           NTStatus      = 0xC037001A
+	STATUS_VID_VIRTUAL_PROCESSOR_LIMIT_EXCEEDED                               NTStatus      = 0xC037001B
+	STATUS_VID_STOP_PENDING                                                   NTStatus      = 0xC037001C
+	STATUS_VID_INVALID_PROCESSOR_STATE                                        NTStatus      = 0xC037001D
+	STATUS_VID_EXCEEDED_KM_CONTEXT_COUNT_LIMIT                                NTStatus      = 0xC037001E
+	STATUS_VID_KM_INTERFACE_ALREADY_INITIALIZED                               NTStatus      = 0xC037001F
+	STATUS_VID_MB_PROPERTY_ALREADY_SET_RESET                                  NTStatus      = 0xC0370020
+	STATUS_VID_MMIO_RANGE_DESTROYED                                           NTStatus      = 0xC0370021
+	STATUS_VID_INVALID_CHILD_GPA_PAGE_SET                                     NTStatus      = 0xC0370022
+	STATUS_VID_RESERVE_PAGE_SET_IS_BEING_USED                                 NTStatus      = 0xC0370023
+	STATUS_VID_RESERVE_PAGE_SET_TOO_SMALL                                     NTStatus      = 0xC0370024
+	STATUS_VID_MBP_ALREADY_LOCKED_USING_RESERVED_PAGE                         NTStatus      = 0xC0370025
+	STATUS_VID_MBP_COUNT_EXCEEDED_LIMIT                                       NTStatus      = 0xC0370026
+	STATUS_VID_SAVED_STATE_CORRUPT                                            NTStatus      = 0xC0370027
+	STATUS_VID_SAVED_STATE_UNRECOGNIZED_ITEM                                  NTStatus      = 0xC0370028
+	STATUS_VID_SAVED_STATE_INCOMPATIBLE                                       NTStatus      = 0xC0370029
+	STATUS_VID_VTL_ACCESS_DENIED                                              NTStatus      = 0xC037002A
+	STATUS_VID_REMOTE_NODE_PARENT_GPA_PAGES_USED                              NTStatus      = 0x80370001
+	STATUS_IPSEC_BAD_SPI                                                      NTStatus      = 0xC0360001
+	STATUS_IPSEC_SA_LIFETIME_EXPIRED                                          NTStatus      = 0xC0360002
+	STATUS_IPSEC_WRONG_SA                                                     NTStatus      = 0xC0360003
+	STATUS_IPSEC_REPLAY_CHECK_FAILED                                          NTStatus      = 0xC0360004
+	STATUS_IPSEC_INVALID_PACKET                                               NTStatus      = 0xC0360005
+	STATUS_IPSEC_INTEGRITY_CHECK_FAILED                                       NTStatus      = 0xC0360006
+	STATUS_IPSEC_CLEAR_TEXT_DROP                                              NTStatus      = 0xC0360007
+	STATUS_IPSEC_AUTH_FIREWALL_DROP                                           NTStatus      = 0xC0360008
+	STATUS_IPSEC_THROTTLE_DROP                                                NTStatus      = 0xC0360009
+	STATUS_IPSEC_DOSP_BLOCK                                                   NTStatus      = 0xC0368000
+	STATUS_IPSEC_DOSP_RECEIVED_MULTICAST                                      NTStatus      = 0xC0368001
+	STATUS_IPSEC_DOSP_INVALID_PACKET                                          NTStatus      = 0xC0368002
+	STATUS_IPSEC_DOSP_STATE_LOOKUP_FAILED                                     NTStatus      = 0xC0368003
+	STATUS_IPSEC_DOSP_MAX_ENTRIES                                             NTStatus      = 0xC0368004
+	STATUS_IPSEC_DOSP_KEYMOD_NOT_ALLOWED                                      NTStatus      = 0xC0368005
+	STATUS_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES                             NTStatus      = 0xC0368006
+	STATUS_VOLMGR_INCOMPLETE_REGENERATION                                     NTStatus      = 0x80380001
+	STATUS_VOLMGR_INCOMPLETE_DISK_MIGRATION                                   NTStatus      = 0x80380002
+	STATUS_VOLMGR_DATABASE_FULL                                               NTStatus      = 0xC0380001
+	STATUS_VOLMGR_DISK_CONFIGURATION_CORRUPTED                                NTStatus      = 0xC0380002
+	STATUS_VOLMGR_DISK_CONFIGURATION_NOT_IN_SYNC                              NTStatus      = 0xC0380003
+	STATUS_VOLMGR_PACK_CONFIG_UPDATE_FAILED                                   NTStatus      = 0xC0380004
+	STATUS_VOLMGR_DISK_CONTAINS_NON_SIMPLE_VOLUME                             NTStatus      = 0xC0380005
+	STATUS_VOLMGR_DISK_DUPLICATE                                              NTStatus      = 0xC0380006
+	STATUS_VOLMGR_DISK_DYNAMIC                                                NTStatus      = 0xC0380007
+	STATUS_VOLMGR_DISK_ID_INVALID                                             NTStatus      = 0xC0380008
+	STATUS_VOLMGR_DISK_INVALID                                                NTStatus      = 0xC0380009
+	STATUS_VOLMGR_DISK_LAST_VOTER                                             NTStatus      = 0xC038000A
+	STATUS_VOLMGR_DISK_LAYOUT_INVALID                                         NTStatus      = 0xC038000B
+	STATUS_VOLMGR_DISK_LAYOUT_NON_BASIC_BETWEEN_BASIC_PARTITIONS              NTStatus      = 0xC038000C
+	STATUS_VOLMGR_DISK_LAYOUT_NOT_CYLINDER_ALIGNED                            NTStatus      = 0xC038000D
+	STATUS_VOLMGR_DISK_LAYOUT_PARTITIONS_TOO_SMALL                            NTStatus      = 0xC038000E
+	STATUS_VOLMGR_DISK_LAYOUT_PRIMARY_BETWEEN_LOGICAL_PARTITIONS              NTStatus      = 0xC038000F
+	STATUS_VOLMGR_DISK_LAYOUT_TOO_MANY_PARTITIONS                             NTStatus      = 0xC0380010
+	STATUS_VOLMGR_DISK_MISSING                                                NTStatus      = 0xC0380011
+	STATUS_VOLMGR_DISK_NOT_EMPTY                                              NTStatus      = 0xC0380012
+	STATUS_VOLMGR_DISK_NOT_ENOUGH_SPACE                                       NTStatus      = 0xC0380013
+	STATUS_VOLMGR_DISK_REVECTORING_FAILED                                     NTStatus      = 0xC0380014
+	STATUS_VOLMGR_DISK_SECTOR_SIZE_INVALID                                    NTStatus      = 0xC0380015
+	STATUS_VOLMGR_DISK_SET_NOT_CONTAINED                                      NTStatus      = 0xC0380016
+	STATUS_VOLMGR_DISK_USED_BY_MULTIPLE_MEMBERS                               NTStatus      = 0xC0380017
+	STATUS_VOLMGR_DISK_USED_BY_MULTIPLE_PLEXES                                NTStatus      = 0xC0380018
+	STATUS_VOLMGR_DYNAMIC_DISK_NOT_SUPPORTED                                  NTStatus      = 0xC0380019
+	STATUS_VOLMGR_EXTENT_ALREADY_USED                                         NTStatus      = 0xC038001A
+	STATUS_VOLMGR_EXTENT_NOT_CONTIGUOUS                                       NTStatus      = 0xC038001B
+	STATUS_VOLMGR_EXTENT_NOT_IN_PUBLIC_REGION                                 NTStatus      = 0xC038001C
+	STATUS_VOLMGR_EXTENT_NOT_SECTOR_ALIGNED                                   NTStatus      = 0xC038001D
+	STATUS_VOLMGR_EXTENT_OVERLAPS_EBR_PARTITION                               NTStatus      = 0xC038001E
+	STATUS_VOLMGR_EXTENT_VOLUME_LENGTHS_DO_NOT_MATCH                          NTStatus      = 0xC038001F
+	STATUS_VOLMGR_FAULT_TOLERANT_NOT_SUPPORTED                                NTStatus      = 0xC0380020
+	STATUS_VOLMGR_INTERLEAVE_LENGTH_INVALID                                   NTStatus      = 0xC0380021
+	STATUS_VOLMGR_MAXIMUM_REGISTERED_USERS                                    NTStatus      = 0xC0380022
+	STATUS_VOLMGR_MEMBER_IN_SYNC                                              NTStatus      = 0xC0380023
+	STATUS_VOLMGR_MEMBER_INDEX_DUPLICATE                                      NTStatus      = 0xC0380024
+	STATUS_VOLMGR_MEMBER_INDEX_INVALID                                        NTStatus      = 0xC0380025
+	STATUS_VOLMGR_MEMBER_MISSING                                              NTStatus      = 0xC0380026
+	STATUS_VOLMGR_MEMBER_NOT_DETACHED                                         NTStatus      = 0xC0380027
+	STATUS_VOLMGR_MEMBER_REGENERATING                                         NTStatus      = 0xC0380028
+	STATUS_VOLMGR_ALL_DISKS_FAILED                                            NTStatus      = 0xC0380029
+	STATUS_VOLMGR_NO_REGISTERED_USERS                                         NTStatus      = 0xC038002A
+	STATUS_VOLMGR_NO_SUCH_USER                                                NTStatus      = 0xC038002B
+	STATUS_VOLMGR_NOTIFICATION_RESET                                          NTStatus      = 0xC038002C
+	STATUS_VOLMGR_NUMBER_OF_MEMBERS_INVALID                                   NTStatus      = 0xC038002D
+	STATUS_VOLMGR_NUMBER_OF_PLEXES_INVALID                                    NTStatus      = 0xC038002E
+	STATUS_VOLMGR_PACK_DUPLICATE                                              NTStatus      = 0xC038002F
+	STATUS_VOLMGR_PACK_ID_INVALID                                             NTStatus      = 0xC0380030
+	STATUS_VOLMGR_PACK_INVALID                                                NTStatus      = 0xC0380031
+	STATUS_VOLMGR_PACK_NAME_INVALID                                           NTStatus      = 0xC0380032
+	STATUS_VOLMGR_PACK_OFFLINE                                                NTStatus      = 0xC0380033
+	STATUS_VOLMGR_PACK_HAS_QUORUM                                             NTStatus      = 0xC0380034
+	STATUS_VOLMGR_PACK_WITHOUT_QUORUM                                         NTStatus      = 0xC0380035
+	STATUS_VOLMGR_PARTITION_STYLE_INVALID                                     NTStatus      = 0xC0380036
+	STATUS_VOLMGR_PARTITION_UPDATE_FAILED                                     NTStatus      = 0xC0380037
+	STATUS_VOLMGR_PLEX_IN_SYNC                                                NTStatus      = 0xC0380038
+	STATUS_VOLMGR_PLEX_INDEX_DUPLICATE                                        NTStatus      = 0xC0380039
+	STATUS_VOLMGR_PLEX_INDEX_INVALID                                          NTStatus      = 0xC038003A
+	STATUS_VOLMGR_PLEX_LAST_ACTIVE                                            NTStatus      = 0xC038003B
+	STATUS_VOLMGR_PLEX_MISSING                                                NTStatus      = 0xC038003C
+	STATUS_VOLMGR_PLEX_REGENERATING                                           NTStatus      = 0xC038003D
+	STATUS_VOLMGR_PLEX_TYPE_INVALID                                           NTStatus      = 0xC038003E
+	STATUS_VOLMGR_PLEX_NOT_RAID5                                              NTStatus      = 0xC038003F
+	STATUS_VOLMGR_PLEX_NOT_SIMPLE                                             NTStatus      = 0xC0380040
+	STATUS_VOLMGR_STRUCTURE_SIZE_INVALID                                      NTStatus      = 0xC0380041
+	STATUS_VOLMGR_TOO_MANY_NOTIFICATION_REQUESTS                              NTStatus      = 0xC0380042
+	STATUS_VOLMGR_TRANSACTION_IN_PROGRESS                                     NTStatus      = 0xC0380043
+	STATUS_VOLMGR_UNEXPECTED_DISK_LAYOUT_CHANGE                               NTStatus      = 0xC0380044
+	STATUS_VOLMGR_VOLUME_CONTAINS_MISSING_DISK                                NTStatus      = 0xC0380045
+	STATUS_VOLMGR_VOLUME_ID_INVALID                                           NTStatus      = 0xC0380046
+	STATUS_VOLMGR_VOLUME_LENGTH_INVALID                                       NTStatus      = 0xC0380047
+	STATUS_VOLMGR_VOLUME_LENGTH_NOT_SECTOR_SIZE_MULTIPLE                      NTStatus      = 0xC0380048
+	STATUS_VOLMGR_VOLUME_NOT_MIRRORED                                         NTStatus      = 0xC0380049
+	STATUS_VOLMGR_VOLUME_NOT_RETAINED                                         NTStatus      = 0xC038004A
+	STATUS_VOLMGR_VOLUME_OFFLINE                                              NTStatus      = 0xC038004B
+	STATUS_VOLMGR_VOLUME_RETAINED                                             NTStatus      = 0xC038004C
+	STATUS_VOLMGR_NUMBER_OF_EXTENTS_INVALID                                   NTStatus      = 0xC038004D
+	STATUS_VOLMGR_DIFFERENT_SECTOR_SIZE                                       NTStatus      = 0xC038004E
+	STATUS_VOLMGR_BAD_BOOT_DISK                                               NTStatus      = 0xC038004F
+	STATUS_VOLMGR_PACK_CONFIG_OFFLINE                                         NTStatus      = 0xC0380050
+	STATUS_VOLMGR_PACK_CONFIG_ONLINE                                          NTStatus      = 0xC0380051
+	STATUS_VOLMGR_NOT_PRIMARY_PACK                                            NTStatus      = 0xC0380052
+	STATUS_VOLMGR_PACK_LOG_UPDATE_FAILED                                      NTStatus      = 0xC0380053
+	STATUS_VOLMGR_NUMBER_OF_DISKS_IN_PLEX_INVALID                             NTStatus      = 0xC0380054
+	STATUS_VOLMGR_NUMBER_OF_DISKS_IN_MEMBER_INVALID                           NTStatus      = 0xC0380055
+	STATUS_VOLMGR_VOLUME_MIRRORED                                             NTStatus      = 0xC0380056
+	STATUS_VOLMGR_PLEX_NOT_SIMPLE_SPANNED                                     NTStatus      = 0xC0380057
+	STATUS_VOLMGR_NO_VALID_LOG_COPIES                                         NTStatus      = 0xC0380058
+	STATUS_VOLMGR_PRIMARY_PACK_PRESENT                                        NTStatus      = 0xC0380059
+	STATUS_VOLMGR_NUMBER_OF_DISKS_INVALID                                     NTStatus      = 0xC038005A
+	STATUS_VOLMGR_MIRROR_NOT_SUPPORTED                                        NTStatus      = 0xC038005B
+	STATUS_VOLMGR_RAID5_NOT_SUPPORTED                                         NTStatus      = 0xC038005C
+	STATUS_BCD_NOT_ALL_ENTRIES_IMPORTED                                       NTStatus      = 0x80390001
+	STATUS_BCD_TOO_MANY_ELEMENTS                                              NTStatus      = 0xC0390002
+	STATUS_BCD_NOT_ALL_ENTRIES_SYNCHRONIZED                                   NTStatus      = 0x80390003
+	STATUS_VHD_DRIVE_FOOTER_MISSING                                           NTStatus      = 0xC03A0001
+	STATUS_VHD_DRIVE_FOOTER_CHECKSUM_MISMATCH                                 NTStatus      = 0xC03A0002
+	STATUS_VHD_DRIVE_FOOTER_CORRUPT                                           NTStatus      = 0xC03A0003
+	STATUS_VHD_FORMAT_UNKNOWN                                                 NTStatus      = 0xC03A0004
+	STATUS_VHD_FORMAT_UNSUPPORTED_VERSION                                     NTStatus      = 0xC03A0005
+	STATUS_VHD_SPARSE_HEADER_CHECKSUM_MISMATCH                                NTStatus      = 0xC03A0006
+	STATUS_VHD_SPARSE_HEADER_UNSUPPORTED_VERSION                              NTStatus      = 0xC03A0007
+	STATUS_VHD_SPARSE_HEADER_CORRUPT                                          NTStatus      = 0xC03A0008
+	STATUS_VHD_BLOCK_ALLOCATION_FAILURE                                       NTStatus      = 0xC03A0009
+	STATUS_VHD_BLOCK_ALLOCATION_TABLE_CORRUPT                                 NTStatus      = 0xC03A000A
+	STATUS_VHD_INVALID_BLOCK_SIZE                                             NTStatus      = 0xC03A000B
+	STATUS_VHD_BITMAP_MISMATCH                                                NTStatus      = 0xC03A000C
+	STATUS_VHD_PARENT_VHD_NOT_FOUND                                           NTStatus      = 0xC03A000D
+	STATUS_VHD_CHILD_PARENT_ID_MISMATCH                                       NTStatus      = 0xC03A000E
+	STATUS_VHD_CHILD_PARENT_TIMESTAMP_MISMATCH                                NTStatus      = 0xC03A000F
+	STATUS_VHD_METADATA_READ_FAILURE                                          NTStatus      = 0xC03A0010
+	STATUS_VHD_METADATA_WRITE_FAILURE                                         NTStatus      = 0xC03A0011
+	STATUS_VHD_INVALID_SIZE                                                   NTStatus      = 0xC03A0012
+	STATUS_VHD_INVALID_FILE_SIZE                                              NTStatus      = 0xC03A0013
+	STATUS_VIRTDISK_PROVIDER_NOT_FOUND                                        NTStatus      = 0xC03A0014
+	STATUS_VIRTDISK_NOT_VIRTUAL_DISK                                          NTStatus      = 0xC03A0015
+	STATUS_VHD_PARENT_VHD_ACCESS_DENIED                                       NTStatus      = 0xC03A0016
+	STATUS_VHD_CHILD_PARENT_SIZE_MISMATCH                                     NTStatus      = 0xC03A0017
+	STATUS_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED                              NTStatus      = 0xC03A0018
+	STATUS_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT                             NTStatus      = 0xC03A0019
+	STATUS_VIRTUAL_DISK_LIMITATION                                            NTStatus      = 0xC03A001A
+	STATUS_VHD_INVALID_TYPE                                                   NTStatus      = 0xC03A001B
+	STATUS_VHD_INVALID_STATE                                                  NTStatus      = 0xC03A001C
+	STATUS_VIRTDISK_UNSUPPORTED_DISK_SECTOR_SIZE                              NTStatus      = 0xC03A001D
+	STATUS_VIRTDISK_DISK_ALREADY_OWNED                                        NTStatus      = 0xC03A001E
+	STATUS_VIRTDISK_DISK_ONLINE_AND_WRITABLE                                  NTStatus      = 0xC03A001F
+	STATUS_CTLOG_TRACKING_NOT_INITIALIZED                                     NTStatus      = 0xC03A0020
+	STATUS_CTLOG_LOGFILE_SIZE_EXCEEDED_MAXSIZE                                NTStatus      = 0xC03A0021
+	STATUS_CTLOG_VHD_CHANGED_OFFLINE                                          NTStatus      = 0xC03A0022
+	STATUS_CTLOG_INVALID_TRACKING_STATE                                       NTStatus      = 0xC03A0023
+	STATUS_CTLOG_INCONSISTENT_TRACKING_FILE                                   NTStatus      = 0xC03A0024
+	STATUS_VHD_METADATA_FULL                                                  NTStatus      = 0xC03A0028
+	STATUS_VHD_INVALID_CHANGE_TRACKING_ID                                     NTStatus      = 0xC03A0029
+	STATUS_VHD_CHANGE_TRACKING_DISABLED                                       NTStatus      = 0xC03A002A
+	STATUS_VHD_MISSING_CHANGE_TRACKING_INFORMATION                            NTStatus      = 0xC03A0030
+	STATUS_VHD_RESIZE_WOULD_TRUNCATE_DATA                                     NTStatus      = 0xC03A0031
+	STATUS_VHD_COULD_NOT_COMPUTE_MINIMUM_VIRTUAL_SIZE                         NTStatus      = 0xC03A0032
+	STATUS_VHD_ALREADY_AT_OR_BELOW_MINIMUM_VIRTUAL_SIZE                       NTStatus      = 0xC03A0033
+	STATUS_QUERY_STORAGE_ERROR                                                NTStatus      = 0x803A0001
+	STATUS_GDI_HANDLE_LEAK                                                    NTStatus      = 0x803F0001
+	STATUS_RKF_KEY_NOT_FOUND                                                  NTStatus      = 0xC0400001
+	STATUS_RKF_DUPLICATE_KEY                                                  NTStatus      = 0xC0400002
+	STATUS_RKF_BLOB_FULL                                                      NTStatus      = 0xC0400003
+	STATUS_RKF_STORE_FULL                                                     NTStatus      = 0xC0400004
+	STATUS_RKF_FILE_BLOCKED                                                   NTStatus      = 0xC0400005
+	STATUS_RKF_ACTIVE_KEY                                                     NTStatus      = 0xC0400006
+	STATUS_RDBSS_RESTART_OPERATION                                            NTStatus      = 0xC0410001
+	STATUS_RDBSS_CONTINUE_OPERATION                                           NTStatus      = 0xC0410002
+	STATUS_RDBSS_POST_OPERATION                                               NTStatus      = 0xC0410003
+	STATUS_RDBSS_RETRY_LOOKUP                                                 NTStatus      = 0xC0410004
+	STATUS_BTH_ATT_INVALID_HANDLE                                             NTStatus      = 0xC0420001
+	STATUS_BTH_ATT_READ_NOT_PERMITTED                                         NTStatus      = 0xC0420002
+	STATUS_BTH_ATT_WRITE_NOT_PERMITTED                                        NTStatus      = 0xC0420003
+	STATUS_BTH_ATT_INVALID_PDU                                                NTStatus      = 0xC0420004
+	STATUS_BTH_ATT_INSUFFICIENT_AUTHENTICATION                                NTStatus      = 0xC0420005
+	STATUS_BTH_ATT_REQUEST_NOT_SUPPORTED                                      NTStatus      = 0xC0420006
+	STATUS_BTH_ATT_INVALID_OFFSET                                             NTStatus      = 0xC0420007
+	STATUS_BTH_ATT_INSUFFICIENT_AUTHORIZATION                                 NTStatus      = 0xC0420008
+	STATUS_BTH_ATT_PREPARE_QUEUE_FULL                                         NTStatus      = 0xC0420009
+	STATUS_BTH_ATT_ATTRIBUTE_NOT_FOUND                                        NTStatus      = 0xC042000A
+	STATUS_BTH_ATT_ATTRIBUTE_NOT_LONG                                         NTStatus      = 0xC042000B
+	STATUS_BTH_ATT_INSUFFICIENT_ENCRYPTION_KEY_SIZE                           NTStatus      = 0xC042000C
+	STATUS_BTH_ATT_INVALID_ATTRIBUTE_VALUE_LENGTH                             NTStatus      = 0xC042000D
+	STATUS_BTH_ATT_UNLIKELY                                                   NTStatus      = 0xC042000E
+	STATUS_BTH_ATT_INSUFFICIENT_ENCRYPTION                                    NTStatus      = 0xC042000F
+	STATUS_BTH_ATT_UNSUPPORTED_GROUP_TYPE                                     NTStatus      = 0xC0420010
+	STATUS_BTH_ATT_INSUFFICIENT_RESOURCES                                     NTStatus      = 0xC0420011
+	STATUS_BTH_ATT_UNKNOWN_ERROR                                              NTStatus      = 0xC0421000
+	STATUS_SECUREBOOT_ROLLBACK_DETECTED                                       NTStatus      = 0xC0430001
+	STATUS_SECUREBOOT_POLICY_VIOLATION                                        NTStatus      = 0xC0430002
+	STATUS_SECUREBOOT_INVALID_POLICY                                          NTStatus      = 0xC0430003
+	STATUS_SECUREBOOT_POLICY_PUBLISHER_NOT_FOUND                              NTStatus      = 0xC0430004
+	STATUS_SECUREBOOT_POLICY_NOT_SIGNED                                       NTStatus      = 0xC0430005
+	STATUS_SECUREBOOT_NOT_ENABLED                                             NTStatus      = 0x80430006
+	STATUS_SECUREBOOT_FILE_REPLACED                                           NTStatus      = 0xC0430007
+	STATUS_SECUREBOOT_POLICY_NOT_AUTHORIZED                                   NTStatus      = 0xC0430008
+	STATUS_SECUREBOOT_POLICY_UNKNOWN                                          NTStatus      = 0xC0430009
+	STATUS_SECUREBOOT_POLICY_MISSING_ANTIROLLBACKVERSION                      NTStatus      = 0xC043000A
+	STATUS_SECUREBOOT_PLATFORM_ID_MISMATCH                                    NTStatus      = 0xC043000B
+	STATUS_SECUREBOOT_POLICY_ROLLBACK_DETECTED                                NTStatus      = 0xC043000C
+	STATUS_SECUREBOOT_POLICY_UPGRADE_MISMATCH                                 NTStatus      = 0xC043000D
+	STATUS_SECUREBOOT_REQUIRED_POLICY_FILE_MISSING                            NTStatus      = 0xC043000E
+	STATUS_SECUREBOOT_NOT_BASE_POLICY                                         NTStatus      = 0xC043000F
+	STATUS_SECUREBOOT_NOT_SUPPLEMENTAL_POLICY                                 NTStatus      = 0xC0430010
+	STATUS_PLATFORM_MANIFEST_NOT_AUTHORIZED                                   NTStatus      = 0xC0EB0001
+	STATUS_PLATFORM_MANIFEST_INVALID                                          NTStatus      = 0xC0EB0002
+	STATUS_PLATFORM_MANIFEST_FILE_NOT_AUTHORIZED                              NTStatus      = 0xC0EB0003
+	STATUS_PLATFORM_MANIFEST_CATALOG_NOT_AUTHORIZED                           NTStatus      = 0xC0EB0004
+	STATUS_PLATFORM_MANIFEST_BINARY_ID_NOT_FOUND                              NTStatus      = 0xC0EB0005
+	STATUS_PLATFORM_MANIFEST_NOT_ACTIVE                                       NTStatus      = 0xC0EB0006
+	STATUS_PLATFORM_MANIFEST_NOT_SIGNED                                       NTStatus      = 0xC0EB0007
+	STATUS_SYSTEM_INTEGRITY_ROLLBACK_DETECTED                                 NTStatus      = 0xC0E90001
+	STATUS_SYSTEM_INTEGRITY_POLICY_VIOLATION                                  NTStatus      = 0xC0E90002
+	STATUS_SYSTEM_INTEGRITY_INVALID_POLICY                                    NTStatus      = 0xC0E90003
+	STATUS_SYSTEM_INTEGRITY_POLICY_NOT_SIGNED                                 NTStatus      = 0xC0E90004
+	STATUS_SYSTEM_INTEGRITY_TOO_MANY_POLICIES                                 NTStatus      = 0xC0E90005
+	STATUS_SYSTEM_INTEGRITY_SUPPLEMENTAL_POLICY_NOT_AUTHORIZED                NTStatus      = 0xC0E90006
+	STATUS_NO_APPLICABLE_APP_LICENSES_FOUND                                   NTStatus      = 0xC0EA0001
+	STATUS_CLIP_LICENSE_NOT_FOUND                                             NTStatus      = 0xC0EA0002
+	STATUS_CLIP_DEVICE_LICENSE_MISSING                                        NTStatus      = 0xC0EA0003
+	STATUS_CLIP_LICENSE_INVALID_SIGNATURE                                     NTStatus      = 0xC0EA0004
+	STATUS_CLIP_KEYHOLDER_LICENSE_MISSING_OR_INVALID                          NTStatus      = 0xC0EA0005
+	STATUS_CLIP_LICENSE_EXPIRED                                               NTStatus      = 0xC0EA0006
+	STATUS_CLIP_LICENSE_SIGNED_BY_UNKNOWN_SOURCE                              NTStatus      = 0xC0EA0007
+	STATUS_CLIP_LICENSE_NOT_SIGNED                                            NTStatus      = 0xC0EA0008
+	STATUS_CLIP_LICENSE_HARDWARE_ID_OUT_OF_TOLERANCE                          NTStatus      = 0xC0EA0009
+	STATUS_CLIP_LICENSE_DEVICE_ID_MISMATCH                                    NTStatus      = 0xC0EA000A
+	STATUS_AUDIO_ENGINE_NODE_NOT_FOUND                                        NTStatus      = 0xC0440001
+	STATUS_HDAUDIO_EMPTY_CONNECTION_LIST                                      NTStatus      = 0xC0440002
+	STATUS_HDAUDIO_CONNECTION_LIST_NOT_SUPPORTED                              NTStatus      = 0xC0440003
+	STATUS_HDAUDIO_NO_LOGICAL_DEVICES_CREATED                                 NTStatus      = 0xC0440004
+	STATUS_HDAUDIO_NULL_LINKED_LIST_ENTRY                                     NTStatus      = 0xC0440005
+	STATUS_SPACES_REPAIRED                                                    NTStatus      = 0x00E70000
+	STATUS_SPACES_PAUSE                                                       NTStatus      = 0x00E70001
+	STATUS_SPACES_COMPLETE                                                    NTStatus      = 0x00E70002
+	STATUS_SPACES_REDIRECT                                                    NTStatus      = 0x00E70003
+	STATUS_SPACES_FAULT_DOMAIN_TYPE_INVALID                                   NTStatus      = 0xC0E70001
+	STATUS_SPACES_RESILIENCY_TYPE_INVALID                                     NTStatus      = 0xC0E70003
+	STATUS_SPACES_DRIVE_SECTOR_SIZE_INVALID                                   NTStatus      = 0xC0E70004
+	STATUS_SPACES_DRIVE_REDUNDANCY_INVALID                                    NTStatus      = 0xC0E70006
+	STATUS_SPACES_NUMBER_OF_DATA_COPIES_INVALID                               NTStatus      = 0xC0E70007
+	STATUS_SPACES_INTERLEAVE_LENGTH_INVALID                                   NTStatus      = 0xC0E70009
+	STATUS_SPACES_NUMBER_OF_COLUMNS_INVALID                                   NTStatus      = 0xC0E7000A
+	STATUS_SPACES_NOT_ENOUGH_DRIVES                                           NTStatus      = 0xC0E7000B
+	STATUS_SPACES_EXTENDED_ERROR                                              NTStatus      = 0xC0E7000C
+	STATUS_SPACES_PROVISIONING_TYPE_INVALID                                   NTStatus      = 0xC0E7000D
+	STATUS_SPACES_ALLOCATION_SIZE_INVALID                                     NTStatus      = 0xC0E7000E
+	STATUS_SPACES_ENCLOSURE_AWARE_INVALID                                     NTStatus      = 0xC0E7000F
+	STATUS_SPACES_WRITE_CACHE_SIZE_INVALID                                    NTStatus      = 0xC0E70010
+	STATUS_SPACES_NUMBER_OF_GROUPS_INVALID                                    NTStatus      = 0xC0E70011
+	STATUS_SPACES_DRIVE_OPERATIONAL_STATE_INVALID                             NTStatus      = 0xC0E70012
+	STATUS_SPACES_UPDATE_COLUMN_STATE                                         NTStatus      = 0xC0E70013
+	STATUS_SPACES_MAP_REQUIRED                                                NTStatus      = 0xC0E70014
+	STATUS_SPACES_UNSUPPORTED_VERSION                                         NTStatus      = 0xC0E70015
+	STATUS_SPACES_CORRUPT_METADATA                                            NTStatus      = 0xC0E70016
+	STATUS_SPACES_DRT_FULL                                                    NTStatus      = 0xC0E70017
+	STATUS_SPACES_INCONSISTENCY                                               NTStatus      = 0xC0E70018
+	STATUS_SPACES_LOG_NOT_READY                                               NTStatus      = 0xC0E70019
+	STATUS_SPACES_NO_REDUNDANCY                                               NTStatus      = 0xC0E7001A
+	STATUS_SPACES_DRIVE_NOT_READY                                             NTStatus      = 0xC0E7001B
+	STATUS_SPACES_DRIVE_SPLIT                                                 NTStatus      = 0xC0E7001C
+	STATUS_SPACES_DRIVE_LOST_DATA                                             NTStatus      = 0xC0E7001D
+	STATUS_SPACES_ENTRY_INCOMPLETE                                            NTStatus      = 0xC0E7001E
+	STATUS_SPACES_ENTRY_INVALID                                               NTStatus      = 0xC0E7001F
+	STATUS_SPACES_MARK_DIRTY                                                  NTStatus      = 0xC0E70020
+	STATUS_VOLSNAP_BOOTFILE_NOT_VALID                                         NTStatus      = 0xC0500003
+	STATUS_VOLSNAP_ACTIVATION_TIMEOUT                                         NTStatus      = 0xC0500004
+	STATUS_IO_PREEMPTED                                                       NTStatus      = 0xC0510001
+	STATUS_SVHDX_ERROR_STORED                                                 NTStatus      = 0xC05C0000
+	STATUS_SVHDX_ERROR_NOT_AVAILABLE                                          NTStatus      = 0xC05CFF00
+	STATUS_SVHDX_UNIT_ATTENTION_AVAILABLE                                     NTStatus      = 0xC05CFF01
+	STATUS_SVHDX_UNIT_ATTENTION_CAPACITY_DATA_CHANGED                         NTStatus      = 0xC05CFF02
+	STATUS_SVHDX_UNIT_ATTENTION_RESERVATIONS_PREEMPTED                        NTStatus      = 0xC05CFF03
+	STATUS_SVHDX_UNIT_ATTENTION_RESERVATIONS_RELEASED                         NTStatus      = 0xC05CFF04
+	STATUS_SVHDX_UNIT_ATTENTION_REGISTRATIONS_PREEMPTED                       NTStatus      = 0xC05CFF05
+	STATUS_SVHDX_UNIT_ATTENTION_OPERATING_DEFINITION_CHANGED                  NTStatus      = 0xC05CFF06
+	STATUS_SVHDX_RESERVATION_CONFLICT                                         NTStatus      = 0xC05CFF07
+	STATUS_SVHDX_WRONG_FILE_TYPE                                              NTStatus      = 0xC05CFF08
+	STATUS_SVHDX_VERSION_MISMATCH                                             NTStatus      = 0xC05CFF09
+	STATUS_VHD_SHARED                                                         NTStatus      = 0xC05CFF0A
+	STATUS_SVHDX_NO_INITIATOR                                                 NTStatus      = 0xC05CFF0B
+	STATUS_VHDSET_BACKING_STORAGE_NOT_FOUND                                   NTStatus      = 0xC05CFF0C
+	STATUS_SMB_NO_PREAUTH_INTEGRITY_HASH_OVERLAP                              NTStatus      = 0xC05D0000
+	STATUS_SMB_BAD_CLUSTER_DIALECT                                            NTStatus      = 0xC05D0001
+	STATUS_SMB_GUEST_LOGON_BLOCKED                                            NTStatus      = 0xC05D0002
+	STATUS_SECCORE_INVALID_COMMAND                                            NTStatus      = 0xC0E80000
+	STATUS_VSM_NOT_INITIALIZED                                                NTStatus      = 0xC0450000
+	STATUS_VSM_DMA_PROTECTION_NOT_IN_USE                                      NTStatus      = 0xC0450001
+	STATUS_APPEXEC_CONDITION_NOT_SATISFIED                                    NTStatus      = 0xC0EC0000
+	STATUS_APPEXEC_HANDLE_INVALIDATED                                         NTStatus      = 0xC0EC0001
+	STATUS_APPEXEC_INVALID_HOST_GENERATION                                    NTStatus      = 0xC0EC0002
+	STATUS_APPEXEC_UNEXPECTED_PROCESS_REGISTRATION                            NTStatus      = 0xC0EC0003
+	STATUS_APPEXEC_INVALID_HOST_STATE                                         NTStatus      = 0xC0EC0004
+	STATUS_APPEXEC_NO_DONOR                                                   NTStatus      = 0xC0EC0005
+	STATUS_APPEXEC_HOST_ID_MISMATCH                                           NTStatus      = 0xC0EC0006
+	STATUS_APPEXEC_UNKNOWN_USER                                               NTStatus      = 0xC0EC0007
+)
diff --git a/server/vendor/golang.org/x/sys/windows/zknownfolderids_windows.go b/server/vendor/golang.org/x/sys/windows/zknownfolderids_windows.go
new file mode 100644
index 0000000..6048ac6
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/zknownfolderids_windows.go
@@ -0,0 +1,149 @@
+// Code generated by 'mkknownfolderids.bash'; DO NOT EDIT.
+
+package windows
+
+type KNOWNFOLDERID GUID
+
+var (
+	FOLDERID_NetworkFolder          = &KNOWNFOLDERID{0xd20beec4, 0x5ca8, 0x4905, [8]byte{0xae, 0x3b, 0xbf, 0x25, 0x1e, 0xa0, 0x9b, 0x53}}
+	FOLDERID_ComputerFolder         = &KNOWNFOLDERID{0x0ac0837c, 0xbbf8, 0x452a, [8]byte{0x85, 0x0d, 0x79, 0xd0, 0x8e, 0x66, 0x7c, 0xa7}}
+	FOLDERID_InternetFolder         = &KNOWNFOLDERID{0x4d9f7874, 0x4e0c, 0x4904, [8]byte{0x96, 0x7b, 0x40, 0xb0, 0xd2, 0x0c, 0x3e, 0x4b}}
+	FOLDERID_ControlPanelFolder     = &KNOWNFOLDERID{0x82a74aeb, 0xaeb4, 0x465c, [8]byte{0xa0, 0x14, 0xd0, 0x97, 0xee, 0x34, 0x6d, 0x63}}
+	FOLDERID_PrintersFolder         = &KNOWNFOLDERID{0x76fc4e2d, 0xd6ad, 0x4519, [8]byte{0xa6, 0x63, 0x37, 0xbd, 0x56, 0x06, 0x81, 0x85}}
+	FOLDERID_SyncManagerFolder      = &KNOWNFOLDERID{0x43668bf8, 0xc14e, 0x49b2, [8]byte{0x97, 0xc9, 0x74, 0x77, 0x84, 0xd7, 0x84, 0xb7}}
+	FOLDERID_SyncSetupFolder        = &KNOWNFOLDERID{0x0f214138, 0xb1d3, 0x4a90, [8]byte{0xbb, 0xa9, 0x27, 0xcb, 0xc0, 0xc5, 0x38, 0x9a}}
+	FOLDERID_ConflictFolder         = &KNOWNFOLDERID{0x4bfefb45, 0x347d, 0x4006, [8]byte{0xa5, 0xbe, 0xac, 0x0c, 0xb0, 0x56, 0x71, 0x92}}
+	FOLDERID_SyncResultsFolder      = &KNOWNFOLDERID{0x289a9a43, 0xbe44, 0x4057, [8]byte{0xa4, 0x1b, 0x58, 0x7a, 0x76, 0xd7, 0xe7, 0xf9}}
+	FOLDERID_RecycleBinFolder       = &KNOWNFOLDERID{0xb7534046, 0x3ecb, 0x4c18, [8]byte{0xbe, 0x4e, 0x64, 0xcd, 0x4c, 0xb7, 0xd6, 0xac}}
+	FOLDERID_ConnectionsFolder      = &KNOWNFOLDERID{0x6f0cd92b, 0x2e97, 0x45d1, [8]byte{0x88, 0xff, 0xb0, 0xd1, 0x86, 0xb8, 0xde, 0xdd}}
+	FOLDERID_Fonts                  = &KNOWNFOLDERID{0xfd228cb7, 0xae11, 0x4ae3, [8]byte{0x86, 0x4c, 0x16, 0xf3, 0x91, 0x0a, 0xb8, 0xfe}}
+	FOLDERID_Desktop                = &KNOWNFOLDERID{0xb4bfcc3a, 0xdb2c, 0x424c, [8]byte{0xb0, 0x29, 0x7f, 0xe9, 0x9a, 0x87, 0xc6, 0x41}}
+	FOLDERID_Startup                = &KNOWNFOLDERID{0xb97d20bb, 0xf46a, 0x4c97, [8]byte{0xba, 0x10, 0x5e, 0x36, 0x08, 0x43, 0x08, 0x54}}
+	FOLDERID_Programs               = &KNOWNFOLDERID{0xa77f5d77, 0x2e2b, 0x44c3, [8]byte{0xa6, 0xa2, 0xab, 0xa6, 0x01, 0x05, 0x4a, 0x51}}
+	FOLDERID_StartMenu              = &KNOWNFOLDERID{0x625b53c3, 0xab48, 0x4ec1, [8]byte{0xba, 0x1f, 0xa1, 0xef, 0x41, 0x46, 0xfc, 0x19}}
+	FOLDERID_Recent                 = &KNOWNFOLDERID{0xae50c081, 0xebd2, 0x438a, [8]byte{0x86, 0x55, 0x8a, 0x09, 0x2e, 0x34, 0x98, 0x7a}}
+	FOLDERID_SendTo                 = &KNOWNFOLDERID{0x8983036c, 0x27c0, 0x404b, [8]byte{0x8f, 0x08, 0x10, 0x2d, 0x10, 0xdc, 0xfd, 0x74}}
+	FOLDERID_Documents              = &KNOWNFOLDERID{0xfdd39ad0, 0x238f, 0x46af, [8]byte{0xad, 0xb4, 0x6c, 0x85, 0x48, 0x03, 0x69, 0xc7}}
+	FOLDERID_Favorites              = &KNOWNFOLDERID{0x1777f761, 0x68ad, 0x4d8a, [8]byte{0x87, 0xbd, 0x30, 0xb7, 0x59, 0xfa, 0x33, 0xdd}}
+	FOLDERID_NetHood                = &KNOWNFOLDERID{0xc5abbf53, 0xe17f, 0x4121, [8]byte{0x89, 0x00, 0x86, 0x62, 0x6f, 0xc2, 0xc9, 0x73}}
+	FOLDERID_PrintHood              = &KNOWNFOLDERID{0x9274bd8d, 0xcfd1, 0x41c3, [8]byte{0xb3, 0x5e, 0xb1, 0x3f, 0x55, 0xa7, 0x58, 0xf4}}
+	FOLDERID_Templates              = &KNOWNFOLDERID{0xa63293e8, 0x664e, 0x48db, [8]byte{0xa0, 0x79, 0xdf, 0x75, 0x9e, 0x05, 0x09, 0xf7}}
+	FOLDERID_CommonStartup          = &KNOWNFOLDERID{0x82a5ea35, 0xd9cd, 0x47c5, [8]byte{0x96, 0x29, 0xe1, 0x5d, 0x2f, 0x71, 0x4e, 0x6e}}
+	FOLDERID_CommonPrograms         = &KNOWNFOLDERID{0x0139d44e, 0x6afe, 0x49f2, [8]byte{0x86, 0x90, 0x3d, 0xaf, 0xca, 0xe6, 0xff, 0xb8}}
+	FOLDERID_CommonStartMenu        = &KNOWNFOLDERID{0xa4115719, 0xd62e, 0x491d, [8]byte{0xaa, 0x7c, 0xe7, 0x4b, 0x8b, 0xe3, 0xb0, 0x67}}
+	FOLDERID_PublicDesktop          = &KNOWNFOLDERID{0xc4aa340d, 0xf20f, 0x4863, [8]byte{0xaf, 0xef, 0xf8, 0x7e, 0xf2, 0xe6, 0xba, 0x25}}
+	FOLDERID_ProgramData            = &KNOWNFOLDERID{0x62ab5d82, 0xfdc1, 0x4dc3, [8]byte{0xa9, 0xdd, 0x07, 0x0d, 0x1d, 0x49, 0x5d, 0x97}}
+	FOLDERID_CommonTemplates        = &KNOWNFOLDERID{0xb94237e7, 0x57ac, 0x4347, [8]byte{0x91, 0x51, 0xb0, 0x8c, 0x6c, 0x32, 0xd1, 0xf7}}
+	FOLDERID_PublicDocuments        = &KNOWNFOLDERID{0xed4824af, 0xdce4, 0x45a8, [8]byte{0x81, 0xe2, 0xfc, 0x79, 0x65, 0x08, 0x36, 0x34}}
+	FOLDERID_RoamingAppData         = &KNOWNFOLDERID{0x3eb685db, 0x65f9, 0x4cf6, [8]byte{0xa0, 0x3a, 0xe3, 0xef, 0x65, 0x72, 0x9f, 0x3d}}
+	FOLDERID_LocalAppData           = &KNOWNFOLDERID{0xf1b32785, 0x6fba, 0x4fcf, [8]byte{0x9d, 0x55, 0x7b, 0x8e, 0x7f, 0x15, 0x70, 0x91}}
+	FOLDERID_LocalAppDataLow        = &KNOWNFOLDERID{0xa520a1a4, 0x1780, 0x4ff6, [8]byte{0xbd, 0x18, 0x16, 0x73, 0x43, 0xc5, 0xaf, 0x16}}
+	FOLDERID_InternetCache          = &KNOWNFOLDERID{0x352481e8, 0x33be, 0x4251, [8]byte{0xba, 0x85, 0x60, 0x07, 0xca, 0xed, 0xcf, 0x9d}}
+	FOLDERID_Cookies                = &KNOWNFOLDERID{0x2b0f765d, 0xc0e9, 0x4171, [8]byte{0x90, 0x8e, 0x08, 0xa6, 0x11, 0xb8, 0x4f, 0xf6}}
+	FOLDERID_History                = &KNOWNFOLDERID{0xd9dc8a3b, 0xb784, 0x432e, [8]byte{0xa7, 0x81, 0x5a, 0x11, 0x30, 0xa7, 0x59, 0x63}}
+	FOLDERID_System                 = &KNOWNFOLDERID{0x1ac14e77, 0x02e7, 0x4e5d, [8]byte{0xb7, 0x44, 0x2e, 0xb1, 0xae, 0x51, 0x98, 0xb7}}
+	FOLDERID_SystemX86              = &KNOWNFOLDERID{0xd65231b0, 0xb2f1, 0x4857, [8]byte{0xa4, 0xce, 0xa8, 0xe7, 0xc6, 0xea, 0x7d, 0x27}}
+	FOLDERID_Windows                = &KNOWNFOLDERID{0xf38bf404, 0x1d43, 0x42f2, [8]byte{0x93, 0x05, 0x67, 0xde, 0x0b, 0x28, 0xfc, 0x23}}
+	FOLDERID_Profile                = &KNOWNFOLDERID{0x5e6c858f, 0x0e22, 0x4760, [8]byte{0x9a, 0xfe, 0xea, 0x33, 0x17, 0xb6, 0x71, 0x73}}
+	FOLDERID_Pictures               = &KNOWNFOLDERID{0x33e28130, 0x4e1e, 0x4676, [8]byte{0x83, 0x5a, 0x98, 0x39, 0x5c, 0x3b, 0xc3, 0xbb}}
+	FOLDERID_ProgramFilesX86        = &KNOWNFOLDERID{0x7c5a40ef, 0xa0fb, 0x4bfc, [8]byte{0x87, 0x4a, 0xc0, 0xf2, 0xe0, 0xb9, 0xfa, 0x8e}}
+	FOLDERID_ProgramFilesCommonX86  = &KNOWNFOLDERID{0xde974d24, 0xd9c6, 0x4d3e, [8]byte{0xbf, 0x91, 0xf4, 0x45, 0x51, 0x20, 0xb9, 0x17}}
+	FOLDERID_ProgramFilesX64        = &KNOWNFOLDERID{0x6d809377, 0x6af0, 0x444b, [8]byte{0x89, 0x57, 0xa3, 0x77, 0x3f, 0x02, 0x20, 0x0e}}
+	FOLDERID_ProgramFilesCommonX64  = &KNOWNFOLDERID{0x6365d5a7, 0x0f0d, 0x45e5, [8]byte{0x87, 0xf6, 0x0d, 0xa5, 0x6b, 0x6a, 0x4f, 0x7d}}
+	FOLDERID_ProgramFiles           = &KNOWNFOLDERID{0x905e63b6, 0xc1bf, 0x494e, [8]byte{0xb2, 0x9c, 0x65, 0xb7, 0x32, 0xd3, 0xd2, 0x1a}}
+	FOLDERID_ProgramFilesCommon     = &KNOWNFOLDERID{0xf7f1ed05, 0x9f6d, 0x47a2, [8]byte{0xaa, 0xae, 0x29, 0xd3, 0x17, 0xc6, 0xf0, 0x66}}
+	FOLDERID_UserProgramFiles       = &KNOWNFOLDERID{0x5cd7aee2, 0x2219, 0x4a67, [8]byte{0xb8, 0x5d, 0x6c, 0x9c, 0xe1, 0x56, 0x60, 0xcb}}
+	FOLDERID_UserProgramFilesCommon = &KNOWNFOLDERID{0xbcbd3057, 0xca5c, 0x4622, [8]byte{0xb4, 0x2d, 0xbc, 0x56, 0xdb, 0x0a, 0xe5, 0x16}}
+	FOLDERID_AdminTools             = &KNOWNFOLDERID{0x724ef170, 0xa42d, 0x4fef, [8]byte{0x9f, 0x26, 0xb6, 0x0e, 0x84, 0x6f, 0xba, 0x4f}}
+	FOLDERID_CommonAdminTools       = &KNOWNFOLDERID{0xd0384e7d, 0xbac3, 0x4797, [8]byte{0x8f, 0x14, 0xcb, 0xa2, 0x29, 0xb3, 0x92, 0xb5}}
+	FOLDERID_Music                  = &KNOWNFOLDERID{0x4bd8d571, 0x6d19, 0x48d3, [8]byte{0xbe, 0x97, 0x42, 0x22, 0x20, 0x08, 0x0e, 0x43}}
+	FOLDERID_Videos                 = &KNOWNFOLDERID{0x18989b1d, 0x99b5, 0x455b, [8]byte{0x84, 0x1c, 0xab, 0x7c, 0x74, 0xe4, 0xdd, 0xfc}}
+	FOLDERID_Ringtones              = &KNOWNFOLDERID{0xc870044b, 0xf49e, 0x4126, [8]byte{0xa9, 0xc3, 0xb5, 0x2a, 0x1f, 0xf4, 0x11, 0xe8}}
+	FOLDERID_PublicPictures         = &KNOWNFOLDERID{0xb6ebfb86, 0x6907, 0x413c, [8]byte{0x9a, 0xf7, 0x4f, 0xc2, 0xab, 0xf0, 0x7c, 0xc5}}
+	FOLDERID_PublicMusic            = &KNOWNFOLDERID{0x3214fab5, 0x9757, 0x4298, [8]byte{0xbb, 0x61, 0x92, 0xa9, 0xde, 0xaa, 0x44, 0xff}}
+	FOLDERID_PublicVideos           = &KNOWNFOLDERID{0x2400183a, 0x6185, 0x49fb, [8]byte{0xa2, 0xd8, 0x4a, 0x39, 0x2a, 0x60, 0x2b, 0xa3}}
+	FOLDERID_PublicRingtones        = &KNOWNFOLDERID{0xe555ab60, 0x153b, 0x4d17, [8]byte{0x9f, 0x04, 0xa5, 0xfe, 0x99, 0xfc, 0x15, 0xec}}
+	FOLDERID_ResourceDir            = &KNOWNFOLDERID{0x8ad10c31, 0x2adb, 0x4296, [8]byte{0xa8, 0xf7, 0xe4, 0x70, 0x12, 0x32, 0xc9, 0x72}}
+	FOLDERID_LocalizedResourcesDir  = &KNOWNFOLDERID{0x2a00375e, 0x224c, 0x49de, [8]byte{0xb8, 0xd1, 0x44, 0x0d, 0xf7, 0xef, 0x3d, 0xdc}}
+	FOLDERID_CommonOEMLinks         = &KNOWNFOLDERID{0xc1bae2d0, 0x10df, 0x4334, [8]byte{0xbe, 0xdd, 0x7a, 0xa2, 0x0b, 0x22, 0x7a, 0x9d}}
+	FOLDERID_CDBurning              = &KNOWNFOLDERID{0x9e52ab10, 0xf80d, 0x49df, [8]byte{0xac, 0xb8, 0x43, 0x30, 0xf5, 0x68, 0x78, 0x55}}
+	FOLDERID_UserProfiles           = &KNOWNFOLDERID{0x0762d272, 0xc50a, 0x4bb0, [8]byte{0xa3, 0x82, 0x69, 0x7d, 0xcd, 0x72, 0x9b, 0x80}}
+	FOLDERID_Playlists              = &KNOWNFOLDERID{0xde92c1c7, 0x837f, 0x4f69, [8]byte{0xa3, 0xbb, 0x86, 0xe6, 0x31, 0x20, 0x4a, 0x23}}
+	FOLDERID_SamplePlaylists        = &KNOWNFOLDERID{0x15ca69b3, 0x30ee, 0x49c1, [8]byte{0xac, 0xe1, 0x6b, 0x5e, 0xc3, 0x72, 0xaf, 0xb5}}
+	FOLDERID_SampleMusic            = &KNOWNFOLDERID{0xb250c668, 0xf57d, 0x4ee1, [8]byte{0xa6, 0x3c, 0x29, 0x0e, 0xe7, 0xd1, 0xaa, 0x1f}}
+	FOLDERID_SamplePictures         = &KNOWNFOLDERID{0xc4900540, 0x2379, 0x4c75, [8]byte{0x84, 0x4b, 0x64, 0xe6, 0xfa, 0xf8, 0x71, 0x6b}}
+	FOLDERID_SampleVideos           = &KNOWNFOLDERID{0x859ead94, 0x2e85, 0x48ad, [8]byte{0xa7, 0x1a, 0x09, 0x69, 0xcb, 0x56, 0xa6, 0xcd}}
+	FOLDERID_PhotoAlbums            = &KNOWNFOLDERID{0x69d2cf90, 0xfc33, 0x4fb7, [8]byte{0x9a, 0x0c, 0xeb, 0xb0, 0xf0, 0xfc, 0xb4, 0x3c}}
+	FOLDERID_Public                 = &KNOWNFOLDERID{0xdfdf76a2, 0xc82a, 0x4d63, [8]byte{0x90, 0x6a, 0x56, 0x44, 0xac, 0x45, 0x73, 0x85}}
+	FOLDERID_ChangeRemovePrograms   = &KNOWNFOLDERID{0xdf7266ac, 0x9274, 0x4867, [8]byte{0x8d, 0x55, 0x3b, 0xd6, 0x61, 0xde, 0x87, 0x2d}}
+	FOLDERID_AppUpdates             = &KNOWNFOLDERID{0xa305ce99, 0xf527, 0x492b, [8]byte{0x8b, 0x1a, 0x7e, 0x76, 0xfa, 0x98, 0xd6, 0xe4}}
+	FOLDERID_AddNewPrograms         = &KNOWNFOLDERID{0xde61d971, 0x5ebc, 0x4f02, [8]byte{0xa3, 0xa9, 0x6c, 0x82, 0x89, 0x5e, 0x5c, 0x04}}
+	FOLDERID_Downloads              = &KNOWNFOLDERID{0x374de290, 0x123f, 0x4565, [8]byte{0x91, 0x64, 0x39, 0xc4, 0x92, 0x5e, 0x46, 0x7b}}
+	FOLDERID_PublicDownloads        = &KNOWNFOLDERID{0x3d644c9b, 0x1fb8, 0x4f30, [8]byte{0x9b, 0x45, 0xf6, 0x70, 0x23, 0x5f, 0x79, 0xc0}}
+	FOLDERID_SavedSearches          = &KNOWNFOLDERID{0x7d1d3a04, 0xdebb, 0x4115, [8]byte{0x95, 0xcf, 0x2f, 0x29, 0xda, 0x29, 0x20, 0xda}}
+	FOLDERID_QuickLaunch            = &KNOWNFOLDERID{0x52a4f021, 0x7b75, 0x48a9, [8]byte{0x9f, 0x6b, 0x4b, 0x87, 0xa2, 0x10, 0xbc, 0x8f}}
+	FOLDERID_Contacts               = &KNOWNFOLDERID{0x56784854, 0xc6cb, 0x462b, [8]byte{0x81, 0x69, 0x88, 0xe3, 0x50, 0xac, 0xb8, 0x82}}
+	FOLDERID_SidebarParts           = &KNOWNFOLDERID{0xa75d362e, 0x50fc, 0x4fb7, [8]byte{0xac, 0x2c, 0xa8, 0xbe, 0xaa, 0x31, 0x44, 0x93}}
+	FOLDERID_SidebarDefaultParts    = &KNOWNFOLDERID{0x7b396e54, 0x9ec5, 0x4300, [8]byte{0xbe, 0x0a, 0x24, 0x82, 0xeb, 0xae, 0x1a, 0x26}}
+	FOLDERID_PublicGameTasks        = &KNOWNFOLDERID{0xdebf2536, 0xe1a8, 0x4c59, [8]byte{0xb6, 0xa2, 0x41, 0x45, 0x86, 0x47, 0x6a, 0xea}}
+	FOLDERID_GameTasks              = &KNOWNFOLDERID{0x054fae61, 0x4dd8, 0x4787, [8]byte{0x80, 0xb6, 0x09, 0x02, 0x20, 0xc4, 0xb7, 0x00}}
+	FOLDERID_SavedGames             = &KNOWNFOLDERID{0x4c5c32ff, 0xbb9d, 0x43b0, [8]byte{0xb5, 0xb4, 0x2d, 0x72, 0xe5, 0x4e, 0xaa, 0xa4}}
+	FOLDERID_Games                  = &KNOWNFOLDERID{0xcac52c1a, 0xb53d, 0x4edc, [8]byte{0x92, 0xd7, 0x6b, 0x2e, 0x8a, 0xc1, 0x94, 0x34}}
+	FOLDERID_SEARCH_MAPI            = &KNOWNFOLDERID{0x98ec0e18, 0x2098, 0x4d44, [8]byte{0x86, 0x44, 0x66, 0x97, 0x93, 0x15, 0xa2, 0x81}}
+	FOLDERID_SEARCH_CSC             = &KNOWNFOLDERID{0xee32e446, 0x31ca, 0x4aba, [8]byte{0x81, 0x4f, 0xa5, 0xeb, 0xd2, 0xfd, 0x6d, 0x5e}}
+	FOLDERID_Links                  = &KNOWNFOLDERID{0xbfb9d5e0, 0xc6a9, 0x404c, [8]byte{0xb2, 0xb2, 0xae, 0x6d, 0xb6, 0xaf, 0x49, 0x68}}
+	FOLDERID_UsersFiles             = &KNOWNFOLDERID{0xf3ce0f7c, 0x4901, 0x4acc, [8]byte{0x86, 0x48, 0xd5, 0xd4, 0x4b, 0x04, 0xef, 0x8f}}
+	FOLDERID_UsersLibraries         = &KNOWNFOLDERID{0xa302545d, 0xdeff, 0x464b, [8]byte{0xab, 0xe8, 0x61, 0xc8, 0x64, 0x8d, 0x93, 0x9b}}
+	FOLDERID_SearchHome             = &KNOWNFOLDERID{0x190337d1, 0xb8ca, 0x4121, [8]byte{0xa6, 0x39, 0x6d, 0x47, 0x2d, 0x16, 0x97, 0x2a}}
+	FOLDERID_OriginalImages         = &KNOWNFOLDERID{0x2c36c0aa, 0x5812, 0x4b87, [8]byte{0xbf, 0xd0, 0x4c, 0xd0, 0xdf, 0xb1, 0x9b, 0x39}}
+	FOLDERID_DocumentsLibrary       = &KNOWNFOLDERID{0x7b0db17d, 0x9cd2, 0x4a93, [8]byte{0x97, 0x33, 0x46, 0xcc, 0x89, 0x02, 0x2e, 0x7c}}
+	FOLDERID_MusicLibrary           = &KNOWNFOLDERID{0x2112ab0a, 0xc86a, 0x4ffe, [8]byte{0xa3, 0x68, 0x0d, 0xe9, 0x6e, 0x47, 0x01, 0x2e}}
+	FOLDERID_PicturesLibrary        = &KNOWNFOLDERID{0xa990ae9f, 0xa03b, 0x4e80, [8]byte{0x94, 0xbc, 0x99, 0x12, 0xd7, 0x50, 0x41, 0x04}}
+	FOLDERID_VideosLibrary          = &KNOWNFOLDERID{0x491e922f, 0x5643, 0x4af4, [8]byte{0xa7, 0xeb, 0x4e, 0x7a, 0x13, 0x8d, 0x81, 0x74}}
+	FOLDERID_RecordedTVLibrary      = &KNOWNFOLDERID{0x1a6fdba2, 0xf42d, 0x4358, [8]byte{0xa7, 0x98, 0xb7, 0x4d, 0x74, 0x59, 0x26, 0xc5}}
+	FOLDERID_HomeGroup              = &KNOWNFOLDERID{0x52528a6b, 0xb9e3, 0x4add, [8]byte{0xb6, 0x0d, 0x58, 0x8c, 0x2d, 0xba, 0x84, 0x2d}}
+	FOLDERID_HomeGroupCurrentUser   = &KNOWNFOLDERID{0x9b74b6a3, 0x0dfd, 0x4f11, [8]byte{0x9e, 0x78, 0x5f, 0x78, 0x00, 0xf2, 0xe7, 0x72}}
+	FOLDERID_DeviceMetadataStore    = &KNOWNFOLDERID{0x5ce4a5e9, 0xe4eb, 0x479d, [8]byte{0xb8, 0x9f, 0x13, 0x0c, 0x02, 0x88, 0x61, 0x55}}
+	FOLDERID_Libraries              = &KNOWNFOLDERID{0x1b3ea5dc, 0xb587, 0x4786, [8]byte{0xb4, 0xef, 0xbd, 0x1d, 0xc3, 0x32, 0xae, 0xae}}
+	FOLDERID_PublicLibraries        = &KNOWNFOLDERID{0x48daf80b, 0xe6cf, 0x4f4e, [8]byte{0xb8, 0x00, 0x0e, 0x69, 0xd8, 0x4e, 0xe3, 0x84}}
+	FOLDERID_UserPinned             = &KNOWNFOLDERID{0x9e3995ab, 0x1f9c, 0x4f13, [8]byte{0xb8, 0x27, 0x48, 0xb2, 0x4b, 0x6c, 0x71, 0x74}}
+	FOLDERID_ImplicitAppShortcuts   = &KNOWNFOLDERID{0xbcb5256f, 0x79f6, 0x4cee, [8]byte{0xb7, 0x25, 0xdc, 0x34, 0xe4, 0x02, 0xfd, 0x46}}
+	FOLDERID_AccountPictures        = &KNOWNFOLDERID{0x008ca0b1, 0x55b4, 0x4c56, [8]byte{0xb8, 0xa8, 0x4d, 0xe4, 0xb2, 0x99, 0xd3, 0xbe}}
+	FOLDERID_PublicUserTiles        = &KNOWNFOLDERID{0x0482af6c, 0x08f1, 0x4c34, [8]byte{0x8c, 0x90, 0xe1, 0x7e, 0xc9, 0x8b, 0x1e, 0x17}}
+	FOLDERID_AppsFolder             = &KNOWNFOLDERID{0x1e87508d, 0x89c2, 0x42f0, [8]byte{0x8a, 0x7e, 0x64, 0x5a, 0x0f, 0x50, 0xca, 0x58}}
+	FOLDERID_StartMenuAllPrograms   = &KNOWNFOLDERID{0xf26305ef, 0x6948, 0x40b9, [8]byte{0xb2, 0x55, 0x81, 0x45, 0x3d, 0x09, 0xc7, 0x85}}
+	FOLDERID_CommonStartMenuPlaces  = &KNOWNFOLDERID{0xa440879f, 0x87a0, 0x4f7d, [8]byte{0xb7, 0x00, 0x02, 0x07, 0xb9, 0x66, 0x19, 0x4a}}
+	FOLDERID_ApplicationShortcuts   = &KNOWNFOLDERID{0xa3918781, 0xe5f2, 0x4890, [8]byte{0xb3, 0xd9, 0xa7, 0xe5, 0x43, 0x32, 0x32, 0x8c}}
+	FOLDERID_RoamingTiles           = &KNOWNFOLDERID{0x00bcfc5a, 0xed94, 0x4e48, [8]byte{0x96, 0xa1, 0x3f, 0x62, 0x17, 0xf2, 0x19, 0x90}}
+	FOLDERID_RoamedTileImages       = &KNOWNFOLDERID{0xaaa8d5a5, 0xf1d6, 0x4259, [8]byte{0xba, 0xa8, 0x78, 0xe7, 0xef, 0x60, 0x83, 0x5e}}
+	FOLDERID_Screenshots            = &KNOWNFOLDERID{0xb7bede81, 0xdf94, 0x4682, [8]byte{0xa7, 0xd8, 0x57, 0xa5, 0x26, 0x20, 0xb8, 0x6f}}
+	FOLDERID_CameraRoll             = &KNOWNFOLDERID{0xab5fb87b, 0x7ce2, 0x4f83, [8]byte{0x91, 0x5d, 0x55, 0x08, 0x46, 0xc9, 0x53, 0x7b}}
+	FOLDERID_SkyDrive               = &KNOWNFOLDERID{0xa52bba46, 0xe9e1, 0x435f, [8]byte{0xb3, 0xd9, 0x28, 0xda, 0xa6, 0x48, 0xc0, 0xf6}}
+	FOLDERID_OneDrive               = &KNOWNFOLDERID{0xa52bba46, 0xe9e1, 0x435f, [8]byte{0xb3, 0xd9, 0x28, 0xda, 0xa6, 0x48, 0xc0, 0xf6}}
+	FOLDERID_SkyDriveDocuments      = &KNOWNFOLDERID{0x24d89e24, 0x2f19, 0x4534, [8]byte{0x9d, 0xde, 0x6a, 0x66, 0x71, 0xfb, 0xb8, 0xfe}}
+	FOLDERID_SkyDrivePictures       = &KNOWNFOLDERID{0x339719b5, 0x8c47, 0x4894, [8]byte{0x94, 0xc2, 0xd8, 0xf7, 0x7a, 0xdd, 0x44, 0xa6}}
+	FOLDERID_SkyDriveMusic          = &KNOWNFOLDERID{0xc3f2459e, 0x80d6, 0x45dc, [8]byte{0xbf, 0xef, 0x1f, 0x76, 0x9f, 0x2b, 0xe7, 0x30}}
+	FOLDERID_SkyDriveCameraRoll     = &KNOWNFOLDERID{0x767e6811, 0x49cb, 0x4273, [8]byte{0x87, 0xc2, 0x20, 0xf3, 0x55, 0xe1, 0x08, 0x5b}}
+	FOLDERID_SearchHistory          = &KNOWNFOLDERID{0x0d4c3db6, 0x03a3, 0x462f, [8]byte{0xa0, 0xe6, 0x08, 0x92, 0x4c, 0x41, 0xb5, 0xd4}}
+	FOLDERID_SearchTemplates        = &KNOWNFOLDERID{0x7e636bfe, 0xdfa9, 0x4d5e, [8]byte{0xb4, 0x56, 0xd7, 0xb3, 0x98, 0x51, 0xd8, 0xa9}}
+	FOLDERID_CameraRollLibrary      = &KNOWNFOLDERID{0x2b20df75, 0x1eda, 0x4039, [8]byte{0x80, 0x97, 0x38, 0x79, 0x82, 0x27, 0xd5, 0xb7}}
+	FOLDERID_SavedPictures          = &KNOWNFOLDERID{0x3b193882, 0xd3ad, 0x4eab, [8]byte{0x96, 0x5a, 0x69, 0x82, 0x9d, 0x1f, 0xb5, 0x9f}}
+	FOLDERID_SavedPicturesLibrary   = &KNOWNFOLDERID{0xe25b5812, 0xbe88, 0x4bd9, [8]byte{0x94, 0xb0, 0x29, 0x23, 0x34, 0x77, 0xb6, 0xc3}}
+	FOLDERID_RetailDemo             = &KNOWNFOLDERID{0x12d4c69e, 0x24ad, 0x4923, [8]byte{0xbe, 0x19, 0x31, 0x32, 0x1c, 0x43, 0xa7, 0x67}}
+	FOLDERID_Device                 = &KNOWNFOLDERID{0x1c2ac1dc, 0x4358, 0x4b6c, [8]byte{0x97, 0x33, 0xaf, 0x21, 0x15, 0x65, 0x76, 0xf0}}
+	FOLDERID_DevelopmentFiles       = &KNOWNFOLDERID{0xdbe8e08e, 0x3053, 0x4bbc, [8]byte{0xb1, 0x83, 0x2a, 0x7b, 0x2b, 0x19, 0x1e, 0x59}}
+	FOLDERID_Objects3D              = &KNOWNFOLDERID{0x31c0dd25, 0x9439, 0x4f12, [8]byte{0xbf, 0x41, 0x7f, 0xf4, 0xed, 0xa3, 0x87, 0x22}}
+	FOLDERID_AppCaptures            = &KNOWNFOLDERID{0xedc0fe71, 0x98d8, 0x4f4a, [8]byte{0xb9, 0x20, 0xc8, 0xdc, 0x13, 0x3c, 0xb1, 0x65}}
+	FOLDERID_LocalDocuments         = &KNOWNFOLDERID{0xf42ee2d3, 0x909f, 0x4907, [8]byte{0x88, 0x71, 0x4c, 0x22, 0xfc, 0x0b, 0xf7, 0x56}}
+	FOLDERID_LocalPictures          = &KNOWNFOLDERID{0x0ddd015d, 0xb06c, 0x45d5, [8]byte{0x8c, 0x4c, 0xf5, 0x97, 0x13, 0x85, 0x46, 0x39}}
+	FOLDERID_LocalVideos            = &KNOWNFOLDERID{0x35286a68, 0x3c57, 0x41a1, [8]byte{0xbb, 0xb1, 0x0e, 0xae, 0x73, 0xd7, 0x6c, 0x95}}
+	FOLDERID_LocalMusic             = &KNOWNFOLDERID{0xa0c69a99, 0x21c8, 0x4671, [8]byte{0x87, 0x03, 0x79, 0x34, 0x16, 0x2f, 0xcf, 0x1d}}
+	FOLDERID_LocalDownloads         = &KNOWNFOLDERID{0x7d83ee9b, 0x2244, 0x4e70, [8]byte{0xb1, 0xf5, 0x53, 0x93, 0x04, 0x2a, 0xf1, 0xe4}}
+	FOLDERID_RecordedCalls          = &KNOWNFOLDERID{0x2f8b40c2, 0x83ed, 0x48ee, [8]byte{0xb3, 0x83, 0xa1, 0xf1, 0x57, 0xec, 0x6f, 0x9a}}
+	FOLDERID_AllAppMods             = &KNOWNFOLDERID{0x7ad67899, 0x66af, 0x43ba, [8]byte{0x91, 0x56, 0x6a, 0xad, 0x42, 0xe6, 0xc5, 0x96}}
+	FOLDERID_CurrentAppMods         = &KNOWNFOLDERID{0x3db40b20, 0x2a30, 0x4dbe, [8]byte{0x91, 0x7e, 0x77, 0x1d, 0xd2, 0x1d, 0xd0, 0x99}}
+	FOLDERID_AppDataDesktop         = &KNOWNFOLDERID{0xb2c5e279, 0x7add, 0x439f, [8]byte{0xb2, 0x8c, 0xc4, 0x1f, 0xe1, 0xbb, 0xf6, 0x72}}
+	FOLDERID_AppDataDocuments       = &KNOWNFOLDERID{0x7be16610, 0x1f7f, 0x44ac, [8]byte{0xbf, 0xf0, 0x83, 0xe1, 0x5f, 0x2f, 0xfc, 0xa1}}
+	FOLDERID_AppDataFavorites       = &KNOWNFOLDERID{0x7cfbefbc, 0xde1f, 0x45aa, [8]byte{0xb8, 0x43, 0xa5, 0x42, 0xac, 0x53, 0x6c, 0xc9}}
+	FOLDERID_AppDataProgramData     = &KNOWNFOLDERID{0x559d40a3, 0xa036, 0x40fa, [8]byte{0xaf, 0x61, 0x84, 0xcb, 0x43, 0x0a, 0x4d, 0x34}}
+)
diff --git a/server/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/server/vendor/golang.org/x/sys/windows/zsyscall_windows.go
new file mode 100644
index 0000000..01c0716
--- /dev/null
+++ b/server/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -0,0 +1,4686 @@
+// Code generated by 'go generate'; DO NOT EDIT.
+
+package windows
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+var _ unsafe.Pointer
+
+// Do the interface allocations only once for common
+// Errno values.
+const (
+	errnoERROR_IO_PENDING = 997
+)
+
+var (
+	errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING)
+	errERROR_EINVAL     error = syscall.EINVAL
+)
+
+// errnoErr returns common boxed Errno values, to prevent
+// allocations at runtime.
+func errnoErr(e syscall.Errno) error {
+	switch e {
+	case 0:
+		return errERROR_EINVAL
+	case errnoERROR_IO_PENDING:
+		return errERROR_IO_PENDING
+	}
+	// TODO: add more here, after collecting data on the common
+	// error values see on Windows. (perhaps when running
+	// all.bat?)
+	return e
+}
+
+var (
+	modCfgMgr32 = NewLazySystemDLL("CfgMgr32.dll")
+	modadvapi32 = NewLazySystemDLL("advapi32.dll")
+	modcrypt32  = NewLazySystemDLL("crypt32.dll")
+	moddnsapi   = NewLazySystemDLL("dnsapi.dll")
+	moddwmapi   = NewLazySystemDLL("dwmapi.dll")
+	modiphlpapi = NewLazySystemDLL("iphlpapi.dll")
+	modkernel32 = NewLazySystemDLL("kernel32.dll")
+	modmswsock  = NewLazySystemDLL("mswsock.dll")
+	modnetapi32 = NewLazySystemDLL("netapi32.dll")
+	modntdll    = NewLazySystemDLL("ntdll.dll")
+	modole32    = NewLazySystemDLL("ole32.dll")
+	modpsapi    = NewLazySystemDLL("psapi.dll")
+	modsechost  = NewLazySystemDLL("sechost.dll")
+	modsecur32  = NewLazySystemDLL("secur32.dll")
+	modsetupapi = NewLazySystemDLL("setupapi.dll")
+	modshell32  = NewLazySystemDLL("shell32.dll")
+	moduser32   = NewLazySystemDLL("user32.dll")
+	moduserenv  = NewLazySystemDLL("userenv.dll")
+	modversion  = NewLazySystemDLL("version.dll")
+	modwinmm    = NewLazySystemDLL("winmm.dll")
+	modwintrust = NewLazySystemDLL("wintrust.dll")
+	modws2_32   = NewLazySystemDLL("ws2_32.dll")
+	modwtsapi32 = NewLazySystemDLL("wtsapi32.dll")
+
+	procCM_Get_DevNode_Status                                = modCfgMgr32.NewProc("CM_Get_DevNode_Status")
+	procCM_Get_Device_Interface_ListW                        = modCfgMgr32.NewProc("CM_Get_Device_Interface_ListW")
+	procCM_Get_Device_Interface_List_SizeW                   = modCfgMgr32.NewProc("CM_Get_Device_Interface_List_SizeW")
+	procCM_MapCrToWin32Err                                   = modCfgMgr32.NewProc("CM_MapCrToWin32Err")
+	procAdjustTokenGroups                                    = modadvapi32.NewProc("AdjustTokenGroups")
+	procAdjustTokenPrivileges                                = modadvapi32.NewProc("AdjustTokenPrivileges")
+	procAllocateAndInitializeSid                             = modadvapi32.NewProc("AllocateAndInitializeSid")
+	procBuildSecurityDescriptorW                             = modadvapi32.NewProc("BuildSecurityDescriptorW")
+	procChangeServiceConfig2W                                = modadvapi32.NewProc("ChangeServiceConfig2W")
+	procChangeServiceConfigW                                 = modadvapi32.NewProc("ChangeServiceConfigW")
+	procCheckTokenMembership                                 = modadvapi32.NewProc("CheckTokenMembership")
+	procCloseServiceHandle                                   = modadvapi32.NewProc("CloseServiceHandle")
+	procControlService                                       = modadvapi32.NewProc("ControlService")
+	procConvertSecurityDescriptorToStringSecurityDescriptorW = modadvapi32.NewProc("ConvertSecurityDescriptorToStringSecurityDescriptorW")
+	procConvertSidToStringSidW                               = modadvapi32.NewProc("ConvertSidToStringSidW")
+	procConvertStringSecurityDescriptorToSecurityDescriptorW = modadvapi32.NewProc("ConvertStringSecurityDescriptorToSecurityDescriptorW")
+	procConvertStringSidToSidW                               = modadvapi32.NewProc("ConvertStringSidToSidW")
+	procCopySid                                              = modadvapi32.NewProc("CopySid")
+	procCreateProcessAsUserW                                 = modadvapi32.NewProc("CreateProcessAsUserW")
+	procCreateServiceW                                       = modadvapi32.NewProc("CreateServiceW")
+	procCreateWellKnownSid                                   = modadvapi32.NewProc("CreateWellKnownSid")
+	procCryptAcquireContextW                                 = modadvapi32.NewProc("CryptAcquireContextW")
+	procCryptGenRandom                                       = modadvapi32.NewProc("CryptGenRandom")
+	procCryptReleaseContext                                  = modadvapi32.NewProc("CryptReleaseContext")
+	procDeleteService                                        = modadvapi32.NewProc("DeleteService")
+	procDeregisterEventSource                                = modadvapi32.NewProc("DeregisterEventSource")
+	procDuplicateTokenEx                                     = modadvapi32.NewProc("DuplicateTokenEx")
+	procEnumDependentServicesW                               = modadvapi32.NewProc("EnumDependentServicesW")
+	procEnumServicesStatusExW                                = modadvapi32.NewProc("EnumServicesStatusExW")
+	procEqualSid                                             = modadvapi32.NewProc("EqualSid")
+	procFreeSid                                              = modadvapi32.NewProc("FreeSid")
+	procGetAce                                               = modadvapi32.NewProc("GetAce")
+	procGetLengthSid                                         = modadvapi32.NewProc("GetLengthSid")
+	procGetNamedSecurityInfoW                                = modadvapi32.NewProc("GetNamedSecurityInfoW")
+	procGetSecurityDescriptorControl                         = modadvapi32.NewProc("GetSecurityDescriptorControl")
+	procGetSecurityDescriptorDacl                            = modadvapi32.NewProc("GetSecurityDescriptorDacl")
+	procGetSecurityDescriptorGroup                           = modadvapi32.NewProc("GetSecurityDescriptorGroup")
+	procGetSecurityDescriptorLength                          = modadvapi32.NewProc("GetSecurityDescriptorLength")
+	procGetSecurityDescriptorOwner                           = modadvapi32.NewProc("GetSecurityDescriptorOwner")
+	procGetSecurityDescriptorRMControl                       = modadvapi32.NewProc("GetSecurityDescriptorRMControl")
+	procGetSecurityDescriptorSacl                            = modadvapi32.NewProc("GetSecurityDescriptorSacl")
+	procGetSecurityInfo                                      = modadvapi32.NewProc("GetSecurityInfo")
+	procGetSidIdentifierAuthority                            = modadvapi32.NewProc("GetSidIdentifierAuthority")
+	procGetSidSubAuthority                                   = modadvapi32.NewProc("GetSidSubAuthority")
+	procGetSidSubAuthorityCount                              = modadvapi32.NewProc("GetSidSubAuthorityCount")
+	procGetTokenInformation                                  = modadvapi32.NewProc("GetTokenInformation")
+	procImpersonateSelf                                      = modadvapi32.NewProc("ImpersonateSelf")
+	procInitializeSecurityDescriptor                         = modadvapi32.NewProc("InitializeSecurityDescriptor")
+	procInitiateSystemShutdownExW                            = modadvapi32.NewProc("InitiateSystemShutdownExW")
+	procIsTokenRestricted                                    = modadvapi32.NewProc("IsTokenRestricted")
+	procIsValidSecurityDescriptor                            = modadvapi32.NewProc("IsValidSecurityDescriptor")
+	procIsValidSid                                           = modadvapi32.NewProc("IsValidSid")
+	procIsWellKnownSid                                       = modadvapi32.NewProc("IsWellKnownSid")
+	procLookupAccountNameW                                   = modadvapi32.NewProc("LookupAccountNameW")
+	procLookupAccountSidW                                    = modadvapi32.NewProc("LookupAccountSidW")
+	procLookupPrivilegeValueW                                = modadvapi32.NewProc("LookupPrivilegeValueW")
+	procMakeAbsoluteSD                                       = modadvapi32.NewProc("MakeAbsoluteSD")
+	procMakeSelfRelativeSD                                   = modadvapi32.NewProc("MakeSelfRelativeSD")
+	procNotifyServiceStatusChangeW                           = modadvapi32.NewProc("NotifyServiceStatusChangeW")
+	procOpenProcessToken                                     = modadvapi32.NewProc("OpenProcessToken")
+	procOpenSCManagerW                                       = modadvapi32.NewProc("OpenSCManagerW")
+	procOpenServiceW                                         = modadvapi32.NewProc("OpenServiceW")
+	procOpenThreadToken                                      = modadvapi32.NewProc("OpenThreadToken")
+	procQueryServiceConfig2W                                 = modadvapi32.NewProc("QueryServiceConfig2W")
+	procQueryServiceConfigW                                  = modadvapi32.NewProc("QueryServiceConfigW")
+	procQueryServiceDynamicInformation                       = modadvapi32.NewProc("QueryServiceDynamicInformation")
+	procQueryServiceLockStatusW                              = modadvapi32.NewProc("QueryServiceLockStatusW")
+	procQueryServiceStatus                                   = modadvapi32.NewProc("QueryServiceStatus")
+	procQueryServiceStatusEx                                 = modadvapi32.NewProc("QueryServiceStatusEx")
+	procRegCloseKey                                          = modadvapi32.NewProc("RegCloseKey")
+	procRegEnumKeyExW                                        = modadvapi32.NewProc("RegEnumKeyExW")
+	procRegNotifyChangeKeyValue                              = modadvapi32.NewProc("RegNotifyChangeKeyValue")
+	procRegOpenKeyExW                                        = modadvapi32.NewProc("RegOpenKeyExW")
+	procRegQueryInfoKeyW                                     = modadvapi32.NewProc("RegQueryInfoKeyW")
+	procRegQueryValueExW                                     = modadvapi32.NewProc("RegQueryValueExW")
+	procRegisterEventSourceW                                 = modadvapi32.NewProc("RegisterEventSourceW")
+	procRegisterServiceCtrlHandlerExW                        = modadvapi32.NewProc("RegisterServiceCtrlHandlerExW")
+	procReportEventW                                         = modadvapi32.NewProc("ReportEventW")
+	procRevertToSelf                                         = modadvapi32.NewProc("RevertToSelf")
+	procSetEntriesInAclW                                     = modadvapi32.NewProc("SetEntriesInAclW")
+	procSetKernelObjectSecurity                              = modadvapi32.NewProc("SetKernelObjectSecurity")
+	procSetNamedSecurityInfoW                                = modadvapi32.NewProc("SetNamedSecurityInfoW")
+	procSetSecurityDescriptorControl                         = modadvapi32.NewProc("SetSecurityDescriptorControl")
+	procSetSecurityDescriptorDacl                            = modadvapi32.NewProc("SetSecurityDescriptorDacl")
+	procSetSecurityDescriptorGroup                           = modadvapi32.NewProc("SetSecurityDescriptorGroup")
+	procSetSecurityDescriptorOwner                           = modadvapi32.NewProc("SetSecurityDescriptorOwner")
+	procSetSecurityDescriptorRMControl                       = modadvapi32.NewProc("SetSecurityDescriptorRMControl")
+	procSetSecurityDescriptorSacl                            = modadvapi32.NewProc("SetSecurityDescriptorSacl")
+	procSetSecurityInfo                                      = modadvapi32.NewProc("SetSecurityInfo")
+	procSetServiceStatus                                     = modadvapi32.NewProc("SetServiceStatus")
+	procSetThreadToken                                       = modadvapi32.NewProc("SetThreadToken")
+	procSetTokenInformation                                  = modadvapi32.NewProc("SetTokenInformation")
+	procStartServiceCtrlDispatcherW                          = modadvapi32.NewProc("StartServiceCtrlDispatcherW")
+	procStartServiceW                                        = modadvapi32.NewProc("StartServiceW")
+	procCertAddCertificateContextToStore                     = modcrypt32.NewProc("CertAddCertificateContextToStore")
+	procCertCloseStore                                       = modcrypt32.NewProc("CertCloseStore")
+	procCertCreateCertificateContext                         = modcrypt32.NewProc("CertCreateCertificateContext")
+	procCertDeleteCertificateFromStore                       = modcrypt32.NewProc("CertDeleteCertificateFromStore")
+	procCertDuplicateCertificateContext                      = modcrypt32.NewProc("CertDuplicateCertificateContext")
+	procCertEnumCertificatesInStore                          = modcrypt32.NewProc("CertEnumCertificatesInStore")
+	procCertFindCertificateInStore                           = modcrypt32.NewProc("CertFindCertificateInStore")
+	procCertFindChainInStore                                 = modcrypt32.NewProc("CertFindChainInStore")
+	procCertFindExtension                                    = modcrypt32.NewProc("CertFindExtension")
+	procCertFreeCertificateChain                             = modcrypt32.NewProc("CertFreeCertificateChain")
+	procCertFreeCertificateContext                           = modcrypt32.NewProc("CertFreeCertificateContext")
+	procCertGetCertificateChain                              = modcrypt32.NewProc("CertGetCertificateChain")
+	procCertGetNameStringW                                   = modcrypt32.NewProc("CertGetNameStringW")
+	procCertOpenStore                                        = modcrypt32.NewProc("CertOpenStore")
+	procCertOpenSystemStoreW                                 = modcrypt32.NewProc("CertOpenSystemStoreW")
+	procCertVerifyCertificateChainPolicy                     = modcrypt32.NewProc("CertVerifyCertificateChainPolicy")
+	procCryptAcquireCertificatePrivateKey                    = modcrypt32.NewProc("CryptAcquireCertificatePrivateKey")
+	procCryptDecodeObject                                    = modcrypt32.NewProc("CryptDecodeObject")
+	procCryptProtectData                                     = modcrypt32.NewProc("CryptProtectData")
+	procCryptQueryObject                                     = modcrypt32.NewProc("CryptQueryObject")
+	procCryptUnprotectData                                   = modcrypt32.NewProc("CryptUnprotectData")
+	procPFXImportCertStore                                   = modcrypt32.NewProc("PFXImportCertStore")
+	procDnsNameCompare_W                                     = moddnsapi.NewProc("DnsNameCompare_W")
+	procDnsQuery_W                                           = moddnsapi.NewProc("DnsQuery_W")
+	procDnsRecordListFree                                    = moddnsapi.NewProc("DnsRecordListFree")
+	procDwmGetWindowAttribute                                = moddwmapi.NewProc("DwmGetWindowAttribute")
+	procDwmSetWindowAttribute                                = moddwmapi.NewProc("DwmSetWindowAttribute")
+	procCancelMibChangeNotify2                               = modiphlpapi.NewProc("CancelMibChangeNotify2")
+	procGetAdaptersAddresses                                 = modiphlpapi.NewProc("GetAdaptersAddresses")
+	procGetAdaptersInfo                                      = modiphlpapi.NewProc("GetAdaptersInfo")
+	procGetBestInterfaceEx                                   = modiphlpapi.NewProc("GetBestInterfaceEx")
+	procGetIfEntry                                           = modiphlpapi.NewProc("GetIfEntry")
+	procGetIfEntry2Ex                                        = modiphlpapi.NewProc("GetIfEntry2Ex")
+	procGetUnicastIpAddressEntry                             = modiphlpapi.NewProc("GetUnicastIpAddressEntry")
+	procNotifyIpInterfaceChange                              = modiphlpapi.NewProc("NotifyIpInterfaceChange")
+	procNotifyUnicastIpAddressChange                         = modiphlpapi.NewProc("NotifyUnicastIpAddressChange")
+	procAddDllDirectory                                      = modkernel32.NewProc("AddDllDirectory")
+	procAssignProcessToJobObject                             = modkernel32.NewProc("AssignProcessToJobObject")
+	procCancelIo                                             = modkernel32.NewProc("CancelIo")
+	procCancelIoEx                                           = modkernel32.NewProc("CancelIoEx")
+	procClearCommBreak                                       = modkernel32.NewProc("ClearCommBreak")
+	procClearCommError                                       = modkernel32.NewProc("ClearCommError")
+	procCloseHandle                                          = modkernel32.NewProc("CloseHandle")
+	procClosePseudoConsole                                   = modkernel32.NewProc("ClosePseudoConsole")
+	procConnectNamedPipe                                     = modkernel32.NewProc("ConnectNamedPipe")
+	procCreateDirectoryW                                     = modkernel32.NewProc("CreateDirectoryW")
+	procCreateEventExW                                       = modkernel32.NewProc("CreateEventExW")
+	procCreateEventW                                         = modkernel32.NewProc("CreateEventW")
+	procCreateFileMappingW                                   = modkernel32.NewProc("CreateFileMappingW")
+	procCreateFileW                                          = modkernel32.NewProc("CreateFileW")
+	procCreateHardLinkW                                      = modkernel32.NewProc("CreateHardLinkW")
+	procCreateIoCompletionPort                               = modkernel32.NewProc("CreateIoCompletionPort")
+	procCreateJobObjectW                                     = modkernel32.NewProc("CreateJobObjectW")
+	procCreateMutexExW                                       = modkernel32.NewProc("CreateMutexExW")
+	procCreateMutexW                                         = modkernel32.NewProc("CreateMutexW")
+	procCreateNamedPipeW                                     = modkernel32.NewProc("CreateNamedPipeW")
+	procCreatePipe                                           = modkernel32.NewProc("CreatePipe")
+	procCreateProcessW                                       = modkernel32.NewProc("CreateProcessW")
+	procCreatePseudoConsole                                  = modkernel32.NewProc("CreatePseudoConsole")
+	procCreateSymbolicLinkW                                  = modkernel32.NewProc("CreateSymbolicLinkW")
+	procCreateToolhelp32Snapshot                             = modkernel32.NewProc("CreateToolhelp32Snapshot")
+	procDefineDosDeviceW                                     = modkernel32.NewProc("DefineDosDeviceW")
+	procDeleteFileW                                          = modkernel32.NewProc("DeleteFileW")
+	procDeleteProcThreadAttributeList                        = modkernel32.NewProc("DeleteProcThreadAttributeList")
+	procDeleteVolumeMountPointW                              = modkernel32.NewProc("DeleteVolumeMountPointW")
+	procDeviceIoControl                                      = modkernel32.NewProc("DeviceIoControl")
+	procDisconnectNamedPipe                                  = modkernel32.NewProc("DisconnectNamedPipe")
+	procDuplicateHandle                                      = modkernel32.NewProc("DuplicateHandle")
+	procEscapeCommFunction                                   = modkernel32.NewProc("EscapeCommFunction")
+	procExitProcess                                          = modkernel32.NewProc("ExitProcess")
+	procExpandEnvironmentStringsW                            = modkernel32.NewProc("ExpandEnvironmentStringsW")
+	procFindClose                                            = modkernel32.NewProc("FindClose")
+	procFindCloseChangeNotification                          = modkernel32.NewProc("FindCloseChangeNotification")
+	procFindFirstChangeNotificationW                         = modkernel32.NewProc("FindFirstChangeNotificationW")
+	procFindFirstFileW                                       = modkernel32.NewProc("FindFirstFileW")
+	procFindFirstVolumeMountPointW                           = modkernel32.NewProc("FindFirstVolumeMountPointW")
+	procFindFirstVolumeW                                     = modkernel32.NewProc("FindFirstVolumeW")
+	procFindNextChangeNotification                           = modkernel32.NewProc("FindNextChangeNotification")
+	procFindNextFileW                                        = modkernel32.NewProc("FindNextFileW")
+	procFindNextVolumeMountPointW                            = modkernel32.NewProc("FindNextVolumeMountPointW")
+	procFindNextVolumeW                                      = modkernel32.NewProc("FindNextVolumeW")
+	procFindResourceW                                        = modkernel32.NewProc("FindResourceW")
+	procFindVolumeClose                                      = modkernel32.NewProc("FindVolumeClose")
+	procFindVolumeMountPointClose                            = modkernel32.NewProc("FindVolumeMountPointClose")
+	procFlushFileBuffers                                     = modkernel32.NewProc("FlushFileBuffers")
+	procFlushViewOfFile                                      = modkernel32.NewProc("FlushViewOfFile")
+	procFormatMessageW                                       = modkernel32.NewProc("FormatMessageW")
+	procFreeEnvironmentStringsW                              = modkernel32.NewProc("FreeEnvironmentStringsW")
+	procFreeLibrary                                          = modkernel32.NewProc("FreeLibrary")
+	procGenerateConsoleCtrlEvent                             = modkernel32.NewProc("GenerateConsoleCtrlEvent")
+	procGetACP                                               = modkernel32.NewProc("GetACP")
+	procGetActiveProcessorCount                              = modkernel32.NewProc("GetActiveProcessorCount")
+	procGetCommModemStatus                                   = modkernel32.NewProc("GetCommModemStatus")
+	procGetCommState                                         = modkernel32.NewProc("GetCommState")
+	procGetCommTimeouts                                      = modkernel32.NewProc("GetCommTimeouts")
+	procGetCommandLineW                                      = modkernel32.NewProc("GetCommandLineW")
+	procGetComputerNameExW                                   = modkernel32.NewProc("GetComputerNameExW")
+	procGetComputerNameW                                     = modkernel32.NewProc("GetComputerNameW")
+	procGetConsoleCP                                         = modkernel32.NewProc("GetConsoleCP")
+	procGetConsoleMode                                       = modkernel32.NewProc("GetConsoleMode")
+	procGetConsoleOutputCP                                   = modkernel32.NewProc("GetConsoleOutputCP")
+	procGetConsoleScreenBufferInfo                           = modkernel32.NewProc("GetConsoleScreenBufferInfo")
+	procGetCurrentDirectoryW                                 = modkernel32.NewProc("GetCurrentDirectoryW")
+	procGetCurrentProcessId                                  = modkernel32.NewProc("GetCurrentProcessId")
+	procGetCurrentThreadId                                   = modkernel32.NewProc("GetCurrentThreadId")
+	procGetDiskFreeSpaceExW                                  = modkernel32.NewProc("GetDiskFreeSpaceExW")
+	procGetDriveTypeW                                        = modkernel32.NewProc("GetDriveTypeW")
+	procGetEnvironmentStringsW                               = modkernel32.NewProc("GetEnvironmentStringsW")
+	procGetEnvironmentVariableW                              = modkernel32.NewProc("GetEnvironmentVariableW")
+	procGetExitCodeProcess                                   = modkernel32.NewProc("GetExitCodeProcess")
+	procGetFileAttributesExW                                 = modkernel32.NewProc("GetFileAttributesExW")
+	procGetFileAttributesW                                   = modkernel32.NewProc("GetFileAttributesW")
+	procGetFileInformationByHandle                           = modkernel32.NewProc("GetFileInformationByHandle")
+	procGetFileInformationByHandleEx                         = modkernel32.NewProc("GetFileInformationByHandleEx")
+	procGetFileTime                                          = modkernel32.NewProc("GetFileTime")
+	procGetFileType                                          = modkernel32.NewProc("GetFileType")
+	procGetFinalPathNameByHandleW                            = modkernel32.NewProc("GetFinalPathNameByHandleW")
+	procGetFullPathNameW                                     = modkernel32.NewProc("GetFullPathNameW")
+	procGetLargePageMinimum                                  = modkernel32.NewProc("GetLargePageMinimum")
+	procGetLastError                                         = modkernel32.NewProc("GetLastError")
+	procGetLogicalDriveStringsW                              = modkernel32.NewProc("GetLogicalDriveStringsW")
+	procGetLogicalDrives                                     = modkernel32.NewProc("GetLogicalDrives")
+	procGetLongPathNameW                                     = modkernel32.NewProc("GetLongPathNameW")
+	procGetMaximumProcessorCount                             = modkernel32.NewProc("GetMaximumProcessorCount")
+	procGetModuleFileNameW                                   = modkernel32.NewProc("GetModuleFileNameW")
+	procGetModuleHandleExW                                   = modkernel32.NewProc("GetModuleHandleExW")
+	procGetNamedPipeClientProcessId                          = modkernel32.NewProc("GetNamedPipeClientProcessId")
+	procGetNamedPipeHandleStateW                             = modkernel32.NewProc("GetNamedPipeHandleStateW")
+	procGetNamedPipeInfo                                     = modkernel32.NewProc("GetNamedPipeInfo")
+	procGetNamedPipeServerProcessId                          = modkernel32.NewProc("GetNamedPipeServerProcessId")
+	procGetOverlappedResult                                  = modkernel32.NewProc("GetOverlappedResult")
+	procGetPriorityClass                                     = modkernel32.NewProc("GetPriorityClass")
+	procGetProcAddress                                       = modkernel32.NewProc("GetProcAddress")
+	procGetProcessId                                         = modkernel32.NewProc("GetProcessId")
+	procGetProcessPreferredUILanguages                       = modkernel32.NewProc("GetProcessPreferredUILanguages")
+	procGetProcessShutdownParameters                         = modkernel32.NewProc("GetProcessShutdownParameters")
+	procGetProcessTimes                                      = modkernel32.NewProc("GetProcessTimes")
+	procGetProcessWorkingSetSizeEx                           = modkernel32.NewProc("GetProcessWorkingSetSizeEx")
+	procGetQueuedCompletionStatus                            = modkernel32.NewProc("GetQueuedCompletionStatus")
+	procGetShortPathNameW                                    = modkernel32.NewProc("GetShortPathNameW")
+	procGetStartupInfoW                                      = modkernel32.NewProc("GetStartupInfoW")
+	procGetStdHandle                                         = modkernel32.NewProc("GetStdHandle")
+	procGetSystemDirectoryW                                  = modkernel32.NewProc("GetSystemDirectoryW")
+	procGetSystemPreferredUILanguages                        = modkernel32.NewProc("GetSystemPreferredUILanguages")
+	procGetSystemTimeAsFileTime                              = modkernel32.NewProc("GetSystemTimeAsFileTime")
+	procGetSystemTimePreciseAsFileTime                       = modkernel32.NewProc("GetSystemTimePreciseAsFileTime")
+	procGetSystemWindowsDirectoryW                           = modkernel32.NewProc("GetSystemWindowsDirectoryW")
+	procGetTempPathW                                         = modkernel32.NewProc("GetTempPathW")
+	procGetThreadPreferredUILanguages                        = modkernel32.NewProc("GetThreadPreferredUILanguages")
+	procGetTickCount64                                       = modkernel32.NewProc("GetTickCount64")
+	procGetTimeZoneInformation                               = modkernel32.NewProc("GetTimeZoneInformation")
+	procGetUserPreferredUILanguages                          = modkernel32.NewProc("GetUserPreferredUILanguages")
+	procGetVersion                                           = modkernel32.NewProc("GetVersion")
+	procGetVolumeInformationByHandleW                        = modkernel32.NewProc("GetVolumeInformationByHandleW")
+	procGetVolumeInformationW                                = modkernel32.NewProc("GetVolumeInformationW")
+	procGetVolumeNameForVolumeMountPointW                    = modkernel32.NewProc("GetVolumeNameForVolumeMountPointW")
+	procGetVolumePathNameW                                   = modkernel32.NewProc("GetVolumePathNameW")
+	procGetVolumePathNamesForVolumeNameW                     = modkernel32.NewProc("GetVolumePathNamesForVolumeNameW")
+	procGetWindowsDirectoryW                                 = modkernel32.NewProc("GetWindowsDirectoryW")
+	procInitializeProcThreadAttributeList                    = modkernel32.NewProc("InitializeProcThreadAttributeList")
+	procIsWow64Process                                       = modkernel32.NewProc("IsWow64Process")
+	procIsWow64Process2                                      = modkernel32.NewProc("IsWow64Process2")
+	procLoadLibraryExW                                       = modkernel32.NewProc("LoadLibraryExW")
+	procLoadLibraryW                                         = modkernel32.NewProc("LoadLibraryW")
+	procLoadResource                                         = modkernel32.NewProc("LoadResource")
+	procLocalAlloc                                           = modkernel32.NewProc("LocalAlloc")
+	procLocalFree                                            = modkernel32.NewProc("LocalFree")
+	procLockFileEx                                           = modkernel32.NewProc("LockFileEx")
+	procLockResource                                         = modkernel32.NewProc("LockResource")
+	procMapViewOfFile                                        = modkernel32.NewProc("MapViewOfFile")
+	procModule32FirstW                                       = modkernel32.NewProc("Module32FirstW")
+	procModule32NextW                                        = modkernel32.NewProc("Module32NextW")
+	procMoveFileExW                                          = modkernel32.NewProc("MoveFileExW")
+	procMoveFileW                                            = modkernel32.NewProc("MoveFileW")
+	procMultiByteToWideChar                                  = modkernel32.NewProc("MultiByteToWideChar")
+	procOpenEventW                                           = modkernel32.NewProc("OpenEventW")
+	procOpenMutexW                                           = modkernel32.NewProc("OpenMutexW")
+	procOpenProcess                                          = modkernel32.NewProc("OpenProcess")
+	procOpenThread                                           = modkernel32.NewProc("OpenThread")
+	procPostQueuedCompletionStatus                           = modkernel32.NewProc("PostQueuedCompletionStatus")
+	procProcess32FirstW                                      = modkernel32.NewProc("Process32FirstW")
+	procProcess32NextW                                       = modkernel32.NewProc("Process32NextW")
+	procProcessIdToSessionId                                 = modkernel32.NewProc("ProcessIdToSessionId")
+	procPulseEvent                                           = modkernel32.NewProc("PulseEvent")
+	procPurgeComm                                            = modkernel32.NewProc("PurgeComm")
+	procQueryDosDeviceW                                      = modkernel32.NewProc("QueryDosDeviceW")
+	procQueryFullProcessImageNameW                           = modkernel32.NewProc("QueryFullProcessImageNameW")
+	procQueryInformationJobObject                            = modkernel32.NewProc("QueryInformationJobObject")
+	procReadConsoleW                                         = modkernel32.NewProc("ReadConsoleW")
+	procReadDirectoryChangesW                                = modkernel32.NewProc("ReadDirectoryChangesW")
+	procReadFile                                             = modkernel32.NewProc("ReadFile")
+	procReadProcessMemory                                    = modkernel32.NewProc("ReadProcessMemory")
+	procReleaseMutex                                         = modkernel32.NewProc("ReleaseMutex")
+	procRemoveDirectoryW                                     = modkernel32.NewProc("RemoveDirectoryW")
+	procRemoveDllDirectory                                   = modkernel32.NewProc("RemoveDllDirectory")
+	procResetEvent                                           = modkernel32.NewProc("ResetEvent")
+	procResizePseudoConsole                                  = modkernel32.NewProc("ResizePseudoConsole")
+	procResumeThread                                         = modkernel32.NewProc("ResumeThread")
+	procSetCommBreak                                         = modkernel32.NewProc("SetCommBreak")
+	procSetCommMask                                          = modkernel32.NewProc("SetCommMask")
+	procSetCommState                                         = modkernel32.NewProc("SetCommState")
+	procSetCommTimeouts                                      = modkernel32.NewProc("SetCommTimeouts")
+	procSetConsoleCP                                         = modkernel32.NewProc("SetConsoleCP")
+	procSetConsoleCursorPosition                             = modkernel32.NewProc("SetConsoleCursorPosition")
+	procSetConsoleMode                                       = modkernel32.NewProc("SetConsoleMode")
+	procSetConsoleOutputCP                                   = modkernel32.NewProc("SetConsoleOutputCP")
+	procSetCurrentDirectoryW                                 = modkernel32.NewProc("SetCurrentDirectoryW")
+	procSetDefaultDllDirectories                             = modkernel32.NewProc("SetDefaultDllDirectories")
+	procSetDllDirectoryW                                     = modkernel32.NewProc("SetDllDirectoryW")
+	procSetEndOfFile                                         = modkernel32.NewProc("SetEndOfFile")
+	procSetEnvironmentVariableW                              = modkernel32.NewProc("SetEnvironmentVariableW")
+	procSetErrorMode                                         = modkernel32.NewProc("SetErrorMode")
+	procSetEvent                                             = modkernel32.NewProc("SetEvent")
+	procSetFileAttributesW                                   = modkernel32.NewProc("SetFileAttributesW")
+	procSetFileCompletionNotificationModes                   = modkernel32.NewProc("SetFileCompletionNotificationModes")
+	procSetFileInformationByHandle                           = modkernel32.NewProc("SetFileInformationByHandle")
+	procSetFilePointer                                       = modkernel32.NewProc("SetFilePointer")
+	procSetFileTime                                          = modkernel32.NewProc("SetFileTime")
+	procSetFileValidData                                     = modkernel32.NewProc("SetFileValidData")
+	procSetHandleInformation                                 = modkernel32.NewProc("SetHandleInformation")
+	procSetInformationJobObject                              = modkernel32.NewProc("SetInformationJobObject")
+	procSetNamedPipeHandleState                              = modkernel32.NewProc("SetNamedPipeHandleState")
+	procSetPriorityClass                                     = modkernel32.NewProc("SetPriorityClass")
+	procSetProcessPriorityBoost                              = modkernel32.NewProc("SetProcessPriorityBoost")
+	procSetProcessShutdownParameters                         = modkernel32.NewProc("SetProcessShutdownParameters")
+	procSetProcessWorkingSetSizeEx                           = modkernel32.NewProc("SetProcessWorkingSetSizeEx")
+	procSetStdHandle                                         = modkernel32.NewProc("SetStdHandle")
+	procSetVolumeLabelW                                      = modkernel32.NewProc("SetVolumeLabelW")
+	procSetVolumeMountPointW                                 = modkernel32.NewProc("SetVolumeMountPointW")
+	procSetupComm                                            = modkernel32.NewProc("SetupComm")
+	procSizeofResource                                       = modkernel32.NewProc("SizeofResource")
+	procSleepEx                                              = modkernel32.NewProc("SleepEx")
+	procTerminateJobObject                                   = modkernel32.NewProc("TerminateJobObject")
+	procTerminateProcess                                     = modkernel32.NewProc("TerminateProcess")
+	procThread32First                                        = modkernel32.NewProc("Thread32First")
+	procThread32Next                                         = modkernel32.NewProc("Thread32Next")
+	procUnlockFileEx                                         = modkernel32.NewProc("UnlockFileEx")
+	procUnmapViewOfFile                                      = modkernel32.NewProc("UnmapViewOfFile")
+	procUpdateProcThreadAttribute                            = modkernel32.NewProc("UpdateProcThreadAttribute")
+	procVirtualAlloc                                         = modkernel32.NewProc("VirtualAlloc")
+	procVirtualFree                                          = modkernel32.NewProc("VirtualFree")
+	procVirtualLock                                          = modkernel32.NewProc("VirtualLock")
+	procVirtualProtect                                       = modkernel32.NewProc("VirtualProtect")
+	procVirtualProtectEx                                     = modkernel32.NewProc("VirtualProtectEx")
+	procVirtualQuery                                         = modkernel32.NewProc("VirtualQuery")
+	procVirtualQueryEx                                       = modkernel32.NewProc("VirtualQueryEx")
+	procVirtualUnlock                                        = modkernel32.NewProc("VirtualUnlock")
+	procWTSGetActiveConsoleSessionId                         = modkernel32.NewProc("WTSGetActiveConsoleSessionId")
+	procWaitCommEvent                                        = modkernel32.NewProc("WaitCommEvent")
+	procWaitForMultipleObjects                               = modkernel32.NewProc("WaitForMultipleObjects")
+	procWaitForSingleObject                                  = modkernel32.NewProc("WaitForSingleObject")
+	procWriteConsoleW                                        = modkernel32.NewProc("WriteConsoleW")
+	procWriteFile                                            = modkernel32.NewProc("WriteFile")
+	procWriteProcessMemory                                   = modkernel32.NewProc("WriteProcessMemory")
+	procAcceptEx                                             = modmswsock.NewProc("AcceptEx")
+	procGetAcceptExSockaddrs                                 = modmswsock.NewProc("GetAcceptExSockaddrs")
+	procTransmitFile                                         = modmswsock.NewProc("TransmitFile")
+	procNetApiBufferFree                                     = modnetapi32.NewProc("NetApiBufferFree")
+	procNetGetJoinInformation                                = modnetapi32.NewProc("NetGetJoinInformation")
+	procNetUserEnum                                          = modnetapi32.NewProc("NetUserEnum")
+	procNetUserGetInfo                                       = modnetapi32.NewProc("NetUserGetInfo")
+	procNtCreateFile                                         = modntdll.NewProc("NtCreateFile")
+	procNtCreateNamedPipeFile                                = modntdll.NewProc("NtCreateNamedPipeFile")
+	procNtQueryInformationProcess                            = modntdll.NewProc("NtQueryInformationProcess")
+	procNtQuerySystemInformation                             = modntdll.NewProc("NtQuerySystemInformation")
+	procNtSetInformationFile                                 = modntdll.NewProc("NtSetInformationFile")
+	procNtSetInformationProcess                              = modntdll.NewProc("NtSetInformationProcess")
+	procNtSetSystemInformation                               = modntdll.NewProc("NtSetSystemInformation")
+	procRtlAddFunctionTable                                  = modntdll.NewProc("RtlAddFunctionTable")
+	procRtlDefaultNpAcl                                      = modntdll.NewProc("RtlDefaultNpAcl")
+	procRtlDeleteFunctionTable                               = modntdll.NewProc("RtlDeleteFunctionTable")
+	procRtlDosPathNameToNtPathName_U_WithStatus              = modntdll.NewProc("RtlDosPathNameToNtPathName_U_WithStatus")
+	procRtlDosPathNameToRelativeNtPathName_U_WithStatus      = modntdll.NewProc("RtlDosPathNameToRelativeNtPathName_U_WithStatus")
+	procRtlGetCurrentPeb                                     = modntdll.NewProc("RtlGetCurrentPeb")
+	procRtlGetNtVersionNumbers                               = modntdll.NewProc("RtlGetNtVersionNumbers")
+	procRtlGetVersion                                        = modntdll.NewProc("RtlGetVersion")
+	procRtlInitString                                        = modntdll.NewProc("RtlInitString")
+	procRtlInitUnicodeString                                 = modntdll.NewProc("RtlInitUnicodeString")
+	procRtlNtStatusToDosErrorNoTeb                           = modntdll.NewProc("RtlNtStatusToDosErrorNoTeb")
+	procCLSIDFromString                                      = modole32.NewProc("CLSIDFromString")
+	procCoCreateGuid                                         = modole32.NewProc("CoCreateGuid")
+	procCoGetObject                                          = modole32.NewProc("CoGetObject")
+	procCoInitializeEx                                       = modole32.NewProc("CoInitializeEx")
+	procCoTaskMemFree                                        = modole32.NewProc("CoTaskMemFree")
+	procCoUninitialize                                       = modole32.NewProc("CoUninitialize")
+	procStringFromGUID2                                      = modole32.NewProc("StringFromGUID2")
+	procEnumProcessModules                                   = modpsapi.NewProc("EnumProcessModules")
+	procEnumProcessModulesEx                                 = modpsapi.NewProc("EnumProcessModulesEx")
+	procEnumProcesses                                        = modpsapi.NewProc("EnumProcesses")
+	procGetModuleBaseNameW                                   = modpsapi.NewProc("GetModuleBaseNameW")
+	procGetModuleFileNameExW                                 = modpsapi.NewProc("GetModuleFileNameExW")
+	procGetModuleInformation                                 = modpsapi.NewProc("GetModuleInformation")
+	procQueryWorkingSetEx                                    = modpsapi.NewProc("QueryWorkingSetEx")
+	procSubscribeServiceChangeNotifications                  = modsechost.NewProc("SubscribeServiceChangeNotifications")
+	procUnsubscribeServiceChangeNotifications                = modsechost.NewProc("UnsubscribeServiceChangeNotifications")
+	procGetUserNameExW                                       = modsecur32.NewProc("GetUserNameExW")
+	procTranslateNameW                                       = modsecur32.NewProc("TranslateNameW")
+	procSetupDiBuildDriverInfoList                           = modsetupapi.NewProc("SetupDiBuildDriverInfoList")
+	procSetupDiCallClassInstaller                            = modsetupapi.NewProc("SetupDiCallClassInstaller")
+	procSetupDiCancelDriverInfoSearch                        = modsetupapi.NewProc("SetupDiCancelDriverInfoSearch")
+	procSetupDiClassGuidsFromNameExW                         = modsetupapi.NewProc("SetupDiClassGuidsFromNameExW")
+	procSetupDiClassNameFromGuidExW                          = modsetupapi.NewProc("SetupDiClassNameFromGuidExW")
+	procSetupDiCreateDeviceInfoListExW                       = modsetupapi.NewProc("SetupDiCreateDeviceInfoListExW")
+	procSetupDiCreateDeviceInfoW                             = modsetupapi.NewProc("SetupDiCreateDeviceInfoW")
+	procSetupDiDestroyDeviceInfoList                         = modsetupapi.NewProc("SetupDiDestroyDeviceInfoList")
+	procSetupDiDestroyDriverInfoList                         = modsetupapi.NewProc("SetupDiDestroyDriverInfoList")
+	procSetupDiEnumDeviceInfo                                = modsetupapi.NewProc("SetupDiEnumDeviceInfo")
+	procSetupDiEnumDriverInfoW                               = modsetupapi.NewProc("SetupDiEnumDriverInfoW")
+	procSetupDiGetClassDevsExW                               = modsetupapi.NewProc("SetupDiGetClassDevsExW")
+	procSetupDiGetClassInstallParamsW                        = modsetupapi.NewProc("SetupDiGetClassInstallParamsW")
+	procSetupDiGetDeviceInfoListDetailW                      = modsetupapi.NewProc("SetupDiGetDeviceInfoListDetailW")
+	procSetupDiGetDeviceInstallParamsW                       = modsetupapi.NewProc("SetupDiGetDeviceInstallParamsW")
+	procSetupDiGetDeviceInstanceIdW                          = modsetupapi.NewProc("SetupDiGetDeviceInstanceIdW")
+	procSetupDiGetDevicePropertyW                            = modsetupapi.NewProc("SetupDiGetDevicePropertyW")
+	procSetupDiGetDeviceRegistryPropertyW                    = modsetupapi.NewProc("SetupDiGetDeviceRegistryPropertyW")
+	procSetupDiGetDriverInfoDetailW                          = modsetupapi.NewProc("SetupDiGetDriverInfoDetailW")
+	procSetupDiGetSelectedDevice                             = modsetupapi.NewProc("SetupDiGetSelectedDevice")
+	procSetupDiGetSelectedDriverW                            = modsetupapi.NewProc("SetupDiGetSelectedDriverW")
+	procSetupDiOpenDevRegKey                                 = modsetupapi.NewProc("SetupDiOpenDevRegKey")
+	procSetupDiSetClassInstallParamsW                        = modsetupapi.NewProc("SetupDiSetClassInstallParamsW")
+	procSetupDiSetDeviceInstallParamsW                       = modsetupapi.NewProc("SetupDiSetDeviceInstallParamsW")
+	procSetupDiSetDeviceRegistryPropertyW                    = modsetupapi.NewProc("SetupDiSetDeviceRegistryPropertyW")
+	procSetupDiSetSelectedDevice                             = modsetupapi.NewProc("SetupDiSetSelectedDevice")
+	procSetupDiSetSelectedDriverW                            = modsetupapi.NewProc("SetupDiSetSelectedDriverW")
+	procSetupUninstallOEMInfW                                = modsetupapi.NewProc("SetupUninstallOEMInfW")
+	procCommandLineToArgvW                                   = modshell32.NewProc("CommandLineToArgvW")
+	procSHGetKnownFolderPath                                 = modshell32.NewProc("SHGetKnownFolderPath")
+	procShellExecuteW                                        = modshell32.NewProc("ShellExecuteW")
+	procEnumChildWindows                                     = moduser32.NewProc("EnumChildWindows")
+	procEnumWindows                                          = moduser32.NewProc("EnumWindows")
+	procExitWindowsEx                                        = moduser32.NewProc("ExitWindowsEx")
+	procGetClassNameW                                        = moduser32.NewProc("GetClassNameW")
+	procGetDesktopWindow                                     = moduser32.NewProc("GetDesktopWindow")
+	procGetForegroundWindow                                  = moduser32.NewProc("GetForegroundWindow")
+	procGetGUIThreadInfo                                     = moduser32.NewProc("GetGUIThreadInfo")
+	procGetKeyboardLayout                                    = moduser32.NewProc("GetKeyboardLayout")
+	procGetShellWindow                                       = moduser32.NewProc("GetShellWindow")
+	procGetWindowThreadProcessId                             = moduser32.NewProc("GetWindowThreadProcessId")
+	procIsWindow                                             = moduser32.NewProc("IsWindow")
+	procIsWindowUnicode                                      = moduser32.NewProc("IsWindowUnicode")
+	procIsWindowVisible                                      = moduser32.NewProc("IsWindowVisible")
+	procLoadKeyboardLayoutW                                  = moduser32.NewProc("LoadKeyboardLayoutW")
+	procMessageBoxW                                          = moduser32.NewProc("MessageBoxW")
+	procToUnicodeEx                                          = moduser32.NewProc("ToUnicodeEx")
+	procUnloadKeyboardLayout                                 = moduser32.NewProc("UnloadKeyboardLayout")
+	procCreateEnvironmentBlock                               = moduserenv.NewProc("CreateEnvironmentBlock")
+	procDestroyEnvironmentBlock                              = moduserenv.NewProc("DestroyEnvironmentBlock")
+	procGetUserProfileDirectoryW                             = moduserenv.NewProc("GetUserProfileDirectoryW")
+	procGetFileVersionInfoSizeW                              = modversion.NewProc("GetFileVersionInfoSizeW")
+	procGetFileVersionInfoW                                  = modversion.NewProc("GetFileVersionInfoW")
+	procVerQueryValueW                                       = modversion.NewProc("VerQueryValueW")
+	proctimeBeginPeriod                                      = modwinmm.NewProc("timeBeginPeriod")
+	proctimeEndPeriod                                        = modwinmm.NewProc("timeEndPeriod")
+	procWinVerifyTrustEx                                     = modwintrust.NewProc("WinVerifyTrustEx")
+	procFreeAddrInfoW                                        = modws2_32.NewProc("FreeAddrInfoW")
+	procGetAddrInfoW                                         = modws2_32.NewProc("GetAddrInfoW")
+	procWSACleanup                                           = modws2_32.NewProc("WSACleanup")
+	procWSAEnumProtocolsW                                    = modws2_32.NewProc("WSAEnumProtocolsW")
+	procWSAGetOverlappedResult                               = modws2_32.NewProc("WSAGetOverlappedResult")
+	procWSAIoctl                                             = modws2_32.NewProc("WSAIoctl")
+	procWSALookupServiceBeginW                               = modws2_32.NewProc("WSALookupServiceBeginW")
+	procWSALookupServiceEnd                                  = modws2_32.NewProc("WSALookupServiceEnd")
+	procWSALookupServiceNextW                                = modws2_32.NewProc("WSALookupServiceNextW")
+	procWSARecv                                              = modws2_32.NewProc("WSARecv")
+	procWSARecvFrom                                          = modws2_32.NewProc("WSARecvFrom")
+	procWSASend                                              = modws2_32.NewProc("WSASend")
+	procWSASendTo                                            = modws2_32.NewProc("WSASendTo")
+	procWSASocketW                                           = modws2_32.NewProc("WSASocketW")
+	procWSAStartup                                           = modws2_32.NewProc("WSAStartup")
+	procbind                                                 = modws2_32.NewProc("bind")
+	procclosesocket                                          = modws2_32.NewProc("closesocket")
+	procconnect                                              = modws2_32.NewProc("connect")
+	procgethostbyname                                        = modws2_32.NewProc("gethostbyname")
+	procgetpeername                                          = modws2_32.NewProc("getpeername")
+	procgetprotobyname                                       = modws2_32.NewProc("getprotobyname")
+	procgetservbyname                                        = modws2_32.NewProc("getservbyname")
+	procgetsockname                                          = modws2_32.NewProc("getsockname")
+	procgetsockopt                                           = modws2_32.NewProc("getsockopt")
+	proclisten                                               = modws2_32.NewProc("listen")
+	procntohs                                                = modws2_32.NewProc("ntohs")
+	procrecvfrom                                             = modws2_32.NewProc("recvfrom")
+	procsendto                                               = modws2_32.NewProc("sendto")
+	procsetsockopt                                           = modws2_32.NewProc("setsockopt")
+	procshutdown                                             = modws2_32.NewProc("shutdown")
+	procsocket                                               = modws2_32.NewProc("socket")
+	procWTSEnumerateSessionsW                                = modwtsapi32.NewProc("WTSEnumerateSessionsW")
+	procWTSFreeMemory                                        = modwtsapi32.NewProc("WTSFreeMemory")
+	procWTSQueryUserToken                                    = modwtsapi32.NewProc("WTSQueryUserToken")
+)
+
+func cm_Get_DevNode_Status(status *uint32, problemNumber *uint32, devInst DEVINST, flags uint32) (ret CONFIGRET) {
+	r0, _, _ := syscall.Syscall6(procCM_Get_DevNode_Status.Addr(), 4, uintptr(unsafe.Pointer(status)), uintptr(unsafe.Pointer(problemNumber)), uintptr(devInst), uintptr(flags), 0, 0)
+	ret = CONFIGRET(r0)
+	return
+}
+
+func cm_Get_Device_Interface_List(interfaceClass *GUID, deviceID *uint16, buffer *uint16, bufferLen uint32, flags uint32) (ret CONFIGRET) {
+	r0, _, _ := syscall.Syscall6(procCM_Get_Device_Interface_ListW.Addr(), 5, uintptr(unsafe.Pointer(interfaceClass)), uintptr(unsafe.Pointer(deviceID)), uintptr(unsafe.Pointer(buffer)), uintptr(bufferLen), uintptr(flags), 0)
+	ret = CONFIGRET(r0)
+	return
+}
+
+func cm_Get_Device_Interface_List_Size(len *uint32, interfaceClass *GUID, deviceID *uint16, flags uint32) (ret CONFIGRET) {
+	r0, _, _ := syscall.Syscall6(procCM_Get_Device_Interface_List_SizeW.Addr(), 4, uintptr(unsafe.Pointer(len)), uintptr(unsafe.Pointer(interfaceClass)), uintptr(unsafe.Pointer(deviceID)), uintptr(flags), 0, 0)
+	ret = CONFIGRET(r0)
+	return
+}
+
+func cm_MapCrToWin32Err(configRet CONFIGRET, defaultWin32Error Errno) (ret Errno) {
+	r0, _, _ := syscall.Syscall(procCM_MapCrToWin32Err.Addr(), 2, uintptr(configRet), uintptr(defaultWin32Error), 0)
+	ret = Errno(r0)
+	return
+}
+
+func AdjustTokenGroups(token Token, resetToDefault bool, newstate *Tokengroups, buflen uint32, prevstate *Tokengroups, returnlen *uint32) (err error) {
+	var _p0 uint32
+	if resetToDefault {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procAdjustTokenGroups.Addr(), 6, uintptr(token), uintptr(_p0), uintptr(unsafe.Pointer(newstate)), uintptr(buflen), uintptr(unsafe.Pointer(prevstate)), uintptr(unsafe.Pointer(returnlen)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func AdjustTokenPrivileges(token Token, disableAllPrivileges bool, newstate *Tokenprivileges, buflen uint32, prevstate *Tokenprivileges, returnlen *uint32) (err error) {
+	var _p0 uint32
+	if disableAllPrivileges {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procAdjustTokenPrivileges.Addr(), 6, uintptr(token), uintptr(_p0), uintptr(unsafe.Pointer(newstate)), uintptr(buflen), uintptr(unsafe.Pointer(prevstate)), uintptr(unsafe.Pointer(returnlen)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func AllocateAndInitializeSid(identAuth *SidIdentifierAuthority, subAuth byte, subAuth0 uint32, subAuth1 uint32, subAuth2 uint32, subAuth3 uint32, subAuth4 uint32, subAuth5 uint32, subAuth6 uint32, subAuth7 uint32, sid **SID) (err error) {
+	r1, _, e1 := syscall.Syscall12(procAllocateAndInitializeSid.Addr(), 11, uintptr(unsafe.Pointer(identAuth)), uintptr(subAuth), uintptr(subAuth0), uintptr(subAuth1), uintptr(subAuth2), uintptr(subAuth3), uintptr(subAuth4), uintptr(subAuth5), uintptr(subAuth6), uintptr(subAuth7), uintptr(unsafe.Pointer(sid)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func buildSecurityDescriptor(owner *TRUSTEE, group *TRUSTEE, countAccessEntries uint32, accessEntries *EXPLICIT_ACCESS, countAuditEntries uint32, auditEntries *EXPLICIT_ACCESS, oldSecurityDescriptor *SECURITY_DESCRIPTOR, sizeNewSecurityDescriptor *uint32, newSecurityDescriptor **SECURITY_DESCRIPTOR) (ret error) {
+	r0, _, _ := syscall.Syscall9(procBuildSecurityDescriptorW.Addr(), 9, uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(countAccessEntries), uintptr(unsafe.Pointer(accessEntries)), uintptr(countAuditEntries), uintptr(unsafe.Pointer(auditEntries)), uintptr(unsafe.Pointer(oldSecurityDescriptor)), uintptr(unsafe.Pointer(sizeNewSecurityDescriptor)), uintptr(unsafe.Pointer(newSecurityDescriptor)))
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func ChangeServiceConfig2(service Handle, infoLevel uint32, info *byte) (err error) {
+	r1, _, e1 := syscall.Syscall(procChangeServiceConfig2W.Addr(), 3, uintptr(service), uintptr(infoLevel), uintptr(unsafe.Pointer(info)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ChangeServiceConfig(service Handle, serviceType uint32, startType uint32, errorControl uint32, binaryPathName *uint16, loadOrderGroup *uint16, tagId *uint32, dependencies *uint16, serviceStartName *uint16, password *uint16, displayName *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall12(procChangeServiceConfigW.Addr(), 11, uintptr(service), uintptr(serviceType), uintptr(startType), uintptr(errorControl), uintptr(unsafe.Pointer(binaryPathName)), uintptr(unsafe.Pointer(loadOrderGroup)), uintptr(unsafe.Pointer(tagId)), uintptr(unsafe.Pointer(dependencies)), uintptr(unsafe.Pointer(serviceStartName)), uintptr(unsafe.Pointer(password)), uintptr(unsafe.Pointer(displayName)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func checkTokenMembership(tokenHandle Token, sidToCheck *SID, isMember *int32) (err error) {
+	r1, _, e1 := syscall.Syscall(procCheckTokenMembership.Addr(), 3, uintptr(tokenHandle), uintptr(unsafe.Pointer(sidToCheck)), uintptr(unsafe.Pointer(isMember)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CloseServiceHandle(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procCloseServiceHandle.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ControlService(service Handle, control uint32, status *SERVICE_STATUS) (err error) {
+	r1, _, e1 := syscall.Syscall(procControlService.Addr(), 3, uintptr(service), uintptr(control), uintptr(unsafe.Pointer(status)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func convertSecurityDescriptorToStringSecurityDescriptor(sd *SECURITY_DESCRIPTOR, revision uint32, securityInformation SECURITY_INFORMATION, str **uint16, strLen *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procConvertSecurityDescriptorToStringSecurityDescriptorW.Addr(), 5, uintptr(unsafe.Pointer(sd)), uintptr(revision), uintptr(securityInformation), uintptr(unsafe.Pointer(str)), uintptr(unsafe.Pointer(strLen)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ConvertSidToStringSid(sid *SID, stringSid **uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procConvertSidToStringSidW.Addr(), 2, uintptr(unsafe.Pointer(sid)), uintptr(unsafe.Pointer(stringSid)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func convertStringSecurityDescriptorToSecurityDescriptor(str string, revision uint32, sd **SECURITY_DESCRIPTOR, size *uint32) (err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(str)
+	if err != nil {
+		return
+	}
+	return _convertStringSecurityDescriptorToSecurityDescriptor(_p0, revision, sd, size)
+}
+
+func _convertStringSecurityDescriptorToSecurityDescriptor(str *uint16, revision uint32, sd **SECURITY_DESCRIPTOR, size *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procConvertStringSecurityDescriptorToSecurityDescriptorW.Addr(), 4, uintptr(unsafe.Pointer(str)), uintptr(revision), uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(size)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ConvertStringSidToSid(stringSid *uint16, sid **SID) (err error) {
+	r1, _, e1 := syscall.Syscall(procConvertStringSidToSidW.Addr(), 2, uintptr(unsafe.Pointer(stringSid)), uintptr(unsafe.Pointer(sid)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CopySid(destSidLen uint32, destSid *SID, srcSid *SID) (err error) {
+	r1, _, e1 := syscall.Syscall(procCopySid.Addr(), 3, uintptr(destSidLen), uintptr(unsafe.Pointer(destSid)), uintptr(unsafe.Pointer(srcSid)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateProcessAsUser(token Token, appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) {
+	var _p0 uint32
+	if inheritHandles {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall12(procCreateProcessAsUserW.Addr(), 11, uintptr(token), uintptr(unsafe.Pointer(appName)), uintptr(unsafe.Pointer(commandLine)), uintptr(unsafe.Pointer(procSecurity)), uintptr(unsafe.Pointer(threadSecurity)), uintptr(_p0), uintptr(creationFlags), uintptr(unsafe.Pointer(env)), uintptr(unsafe.Pointer(currentDir)), uintptr(unsafe.Pointer(startupInfo)), uintptr(unsafe.Pointer(outProcInfo)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateService(mgr Handle, serviceName *uint16, displayName *uint16, access uint32, srvType uint32, startType uint32, errCtl uint32, pathName *uint16, loadOrderGroup *uint16, tagId *uint32, dependencies *uint16, serviceStartName *uint16, password *uint16) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall15(procCreateServiceW.Addr(), 13, uintptr(mgr), uintptr(unsafe.Pointer(serviceName)), uintptr(unsafe.Pointer(displayName)), uintptr(access), uintptr(srvType), uintptr(startType), uintptr(errCtl), uintptr(unsafe.Pointer(pathName)), uintptr(unsafe.Pointer(loadOrderGroup)), uintptr(unsafe.Pointer(tagId)), uintptr(unsafe.Pointer(dependencies)), uintptr(unsafe.Pointer(serviceStartName)), uintptr(unsafe.Pointer(password)), 0, 0)
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func createWellKnownSid(sidType WELL_KNOWN_SID_TYPE, domainSid *SID, sid *SID, sizeSid *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procCreateWellKnownSid.Addr(), 4, uintptr(sidType), uintptr(unsafe.Pointer(domainSid)), uintptr(unsafe.Pointer(sid)), uintptr(unsafe.Pointer(sizeSid)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CryptAcquireContext(provhandle *Handle, container *uint16, provider *uint16, provtype uint32, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procCryptAcquireContextW.Addr(), 5, uintptr(unsafe.Pointer(provhandle)), uintptr(unsafe.Pointer(container)), uintptr(unsafe.Pointer(provider)), uintptr(provtype), uintptr(flags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CryptGenRandom(provhandle Handle, buflen uint32, buf *byte) (err error) {
+	r1, _, e1 := syscall.Syscall(procCryptGenRandom.Addr(), 3, uintptr(provhandle), uintptr(buflen), uintptr(unsafe.Pointer(buf)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CryptReleaseContext(provhandle Handle, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procCryptReleaseContext.Addr(), 2, uintptr(provhandle), uintptr(flags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DeleteService(service Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procDeleteService.Addr(), 1, uintptr(service), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DeregisterEventSource(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procDeregisterEventSource.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DuplicateTokenEx(existingToken Token, desiredAccess uint32, tokenAttributes *SecurityAttributes, impersonationLevel uint32, tokenType uint32, newToken *Token) (err error) {
+	r1, _, e1 := syscall.Syscall6(procDuplicateTokenEx.Addr(), 6, uintptr(existingToken), uintptr(desiredAccess), uintptr(unsafe.Pointer(tokenAttributes)), uintptr(impersonationLevel), uintptr(tokenType), uintptr(unsafe.Pointer(newToken)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func EnumDependentServices(service Handle, activityState uint32, services *ENUM_SERVICE_STATUS, buffSize uint32, bytesNeeded *uint32, servicesReturned *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procEnumDependentServicesW.Addr(), 6, uintptr(service), uintptr(activityState), uintptr(unsafe.Pointer(services)), uintptr(buffSize), uintptr(unsafe.Pointer(bytesNeeded)), uintptr(unsafe.Pointer(servicesReturned)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func EnumServicesStatusEx(mgr Handle, infoLevel uint32, serviceType uint32, serviceState uint32, services *byte, bufSize uint32, bytesNeeded *uint32, servicesReturned *uint32, resumeHandle *uint32, groupName *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall12(procEnumServicesStatusExW.Addr(), 10, uintptr(mgr), uintptr(infoLevel), uintptr(serviceType), uintptr(serviceState), uintptr(unsafe.Pointer(services)), uintptr(bufSize), uintptr(unsafe.Pointer(bytesNeeded)), uintptr(unsafe.Pointer(servicesReturned)), uintptr(unsafe.Pointer(resumeHandle)), uintptr(unsafe.Pointer(groupName)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func EqualSid(sid1 *SID, sid2 *SID) (isEqual bool) {
+	r0, _, _ := syscall.Syscall(procEqualSid.Addr(), 2, uintptr(unsafe.Pointer(sid1)), uintptr(unsafe.Pointer(sid2)), 0)
+	isEqual = r0 != 0
+	return
+}
+
+func FreeSid(sid *SID) (err error) {
+	r1, _, e1 := syscall.Syscall(procFreeSid.Addr(), 1, uintptr(unsafe.Pointer(sid)), 0, 0)
+	if r1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetAce(acl *ACL, aceIndex uint32, pAce **ACCESS_ALLOWED_ACE) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetAce.Addr(), 3, uintptr(unsafe.Pointer(acl)), uintptr(aceIndex), uintptr(unsafe.Pointer(pAce)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetLengthSid(sid *SID) (len uint32) {
+	r0, _, _ := syscall.Syscall(procGetLengthSid.Addr(), 1, uintptr(unsafe.Pointer(sid)), 0, 0)
+	len = uint32(r0)
+	return
+}
+
+func getNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) {
+	var _p0 *uint16
+	_p0, ret = syscall.UTF16PtrFromString(objectName)
+	if ret != nil {
+		return
+	}
+	return _getNamedSecurityInfo(_p0, objectType, securityInformation, owner, group, dacl, sacl, sd)
+}
+
+func _getNamedSecurityInfo(objectName *uint16, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) {
+	r0, _, _ := syscall.Syscall9(procGetNamedSecurityInfoW.Addr(), 8, uintptr(unsafe.Pointer(objectName)), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), uintptr(unsafe.Pointer(sd)), 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func getSecurityDescriptorControl(sd *SECURITY_DESCRIPTOR, control *SECURITY_DESCRIPTOR_CONTROL, revision *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetSecurityDescriptorControl.Addr(), 3, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(control)), uintptr(unsafe.Pointer(revision)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getSecurityDescriptorDacl(sd *SECURITY_DESCRIPTOR, daclPresent *bool, dacl **ACL, daclDefaulted *bool) (err error) {
+	var _p0 uint32
+	if *daclPresent {
+		_p0 = 1
+	}
+	var _p1 uint32
+	if *daclDefaulted {
+		_p1 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procGetSecurityDescriptorDacl.Addr(), 4, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(&_p0)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(&_p1)), 0, 0)
+	*daclPresent = _p0 != 0
+	*daclDefaulted = _p1 != 0
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getSecurityDescriptorGroup(sd *SECURITY_DESCRIPTOR, group **SID, groupDefaulted *bool) (err error) {
+	var _p0 uint32
+	if *groupDefaulted {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall(procGetSecurityDescriptorGroup.Addr(), 3, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(&_p0)))
+	*groupDefaulted = _p0 != 0
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getSecurityDescriptorLength(sd *SECURITY_DESCRIPTOR) (len uint32) {
+	r0, _, _ := syscall.Syscall(procGetSecurityDescriptorLength.Addr(), 1, uintptr(unsafe.Pointer(sd)), 0, 0)
+	len = uint32(r0)
+	return
+}
+
+func getSecurityDescriptorOwner(sd *SECURITY_DESCRIPTOR, owner **SID, ownerDefaulted *bool) (err error) {
+	var _p0 uint32
+	if *ownerDefaulted {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall(procGetSecurityDescriptorOwner.Addr(), 3, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(&_p0)))
+	*ownerDefaulted = _p0 != 0
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getSecurityDescriptorRMControl(sd *SECURITY_DESCRIPTOR, rmControl *uint8) (ret error) {
+	r0, _, _ := syscall.Syscall(procGetSecurityDescriptorRMControl.Addr(), 2, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(rmControl)), 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func getSecurityDescriptorSacl(sd *SECURITY_DESCRIPTOR, saclPresent *bool, sacl **ACL, saclDefaulted *bool) (err error) {
+	var _p0 uint32
+	if *saclPresent {
+		_p0 = 1
+	}
+	var _p1 uint32
+	if *saclDefaulted {
+		_p1 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procGetSecurityDescriptorSacl.Addr(), 4, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(&_p0)), uintptr(unsafe.Pointer(sacl)), uintptr(unsafe.Pointer(&_p1)), 0, 0)
+	*saclPresent = _p0 != 0
+	*saclDefaulted = _p1 != 0
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) {
+	r0, _, _ := syscall.Syscall9(procGetSecurityInfo.Addr(), 8, uintptr(handle), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), uintptr(unsafe.Pointer(sd)), 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func getSidIdentifierAuthority(sid *SID) (authority *SidIdentifierAuthority) {
+	r0, _, _ := syscall.Syscall(procGetSidIdentifierAuthority.Addr(), 1, uintptr(unsafe.Pointer(sid)), 0, 0)
+	authority = (*SidIdentifierAuthority)(unsafe.Pointer(r0))
+	return
+}
+
+func getSidSubAuthority(sid *SID, index uint32) (subAuthority *uint32) {
+	r0, _, _ := syscall.Syscall(procGetSidSubAuthority.Addr(), 2, uintptr(unsafe.Pointer(sid)), uintptr(index), 0)
+	subAuthority = (*uint32)(unsafe.Pointer(r0))
+	return
+}
+
+func getSidSubAuthorityCount(sid *SID) (count *uint8) {
+	r0, _, _ := syscall.Syscall(procGetSidSubAuthorityCount.Addr(), 1, uintptr(unsafe.Pointer(sid)), 0, 0)
+	count = (*uint8)(unsafe.Pointer(r0))
+	return
+}
+
+func GetTokenInformation(token Token, infoClass uint32, info *byte, infoLen uint32, returnedLen *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetTokenInformation.Addr(), 5, uintptr(token), uintptr(infoClass), uintptr(unsafe.Pointer(info)), uintptr(infoLen), uintptr(unsafe.Pointer(returnedLen)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ImpersonateSelf(impersonationlevel uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procImpersonateSelf.Addr(), 1, uintptr(impersonationlevel), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func initializeSecurityDescriptor(absoluteSD *SECURITY_DESCRIPTOR, revision uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procInitializeSecurityDescriptor.Addr(), 2, uintptr(unsafe.Pointer(absoluteSD)), uintptr(revision), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func InitiateSystemShutdownEx(machineName *uint16, message *uint16, timeout uint32, forceAppsClosed bool, rebootAfterShutdown bool, reason uint32) (err error) {
+	var _p0 uint32
+	if forceAppsClosed {
+		_p0 = 1
+	}
+	var _p1 uint32
+	if rebootAfterShutdown {
+		_p1 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procInitiateSystemShutdownExW.Addr(), 6, uintptr(unsafe.Pointer(machineName)), uintptr(unsafe.Pointer(message)), uintptr(timeout), uintptr(_p0), uintptr(_p1), uintptr(reason))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func isTokenRestricted(tokenHandle Token) (ret bool, err error) {
+	r0, _, e1 := syscall.Syscall(procIsTokenRestricted.Addr(), 1, uintptr(tokenHandle), 0, 0)
+	ret = r0 != 0
+	if !ret {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func isValidSecurityDescriptor(sd *SECURITY_DESCRIPTOR) (isValid bool) {
+	r0, _, _ := syscall.Syscall(procIsValidSecurityDescriptor.Addr(), 1, uintptr(unsafe.Pointer(sd)), 0, 0)
+	isValid = r0 != 0
+	return
+}
+
+func isValidSid(sid *SID) (isValid bool) {
+	r0, _, _ := syscall.Syscall(procIsValidSid.Addr(), 1, uintptr(unsafe.Pointer(sid)), 0, 0)
+	isValid = r0 != 0
+	return
+}
+
+func isWellKnownSid(sid *SID, sidType WELL_KNOWN_SID_TYPE) (isWellKnown bool) {
+	r0, _, _ := syscall.Syscall(procIsWellKnownSid.Addr(), 2, uintptr(unsafe.Pointer(sid)), uintptr(sidType), 0)
+	isWellKnown = r0 != 0
+	return
+}
+
+func LookupAccountName(systemName *uint16, accountName *uint16, sid *SID, sidLen *uint32, refdDomainName *uint16, refdDomainNameLen *uint32, use *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procLookupAccountNameW.Addr(), 7, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(accountName)), uintptr(unsafe.Pointer(sid)), uintptr(unsafe.Pointer(sidLen)), uintptr(unsafe.Pointer(refdDomainName)), uintptr(unsafe.Pointer(refdDomainNameLen)), uintptr(unsafe.Pointer(use)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LookupAccountSid(systemName *uint16, sid *SID, name *uint16, nameLen *uint32, refdDomainName *uint16, refdDomainNameLen *uint32, use *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procLookupAccountSidW.Addr(), 7, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(sid)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(nameLen)), uintptr(unsafe.Pointer(refdDomainName)), uintptr(unsafe.Pointer(refdDomainNameLen)), uintptr(unsafe.Pointer(use)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LookupPrivilegeValue(systemname *uint16, name *uint16, luid *LUID) (err error) {
+	r1, _, e1 := syscall.Syscall(procLookupPrivilegeValueW.Addr(), 3, uintptr(unsafe.Pointer(systemname)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(luid)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func makeAbsoluteSD(selfRelativeSD *SECURITY_DESCRIPTOR, absoluteSD *SECURITY_DESCRIPTOR, absoluteSDSize *uint32, dacl *ACL, daclSize *uint32, sacl *ACL, saclSize *uint32, owner *SID, ownerSize *uint32, group *SID, groupSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall12(procMakeAbsoluteSD.Addr(), 11, uintptr(unsafe.Pointer(selfRelativeSD)), uintptr(unsafe.Pointer(absoluteSD)), uintptr(unsafe.Pointer(absoluteSDSize)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(daclSize)), uintptr(unsafe.Pointer(sacl)), uintptr(unsafe.Pointer(saclSize)), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(ownerSize)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(groupSize)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func makeSelfRelativeSD(absoluteSD *SECURITY_DESCRIPTOR, selfRelativeSD *SECURITY_DESCRIPTOR, selfRelativeSDSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procMakeSelfRelativeSD.Addr(), 3, uintptr(unsafe.Pointer(absoluteSD)), uintptr(unsafe.Pointer(selfRelativeSD)), uintptr(unsafe.Pointer(selfRelativeSDSize)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func NotifyServiceStatusChange(service Handle, notifyMask uint32, notifier *SERVICE_NOTIFY) (ret error) {
+	r0, _, _ := syscall.Syscall(procNotifyServiceStatusChangeW.Addr(), 3, uintptr(service), uintptr(notifyMask), uintptr(unsafe.Pointer(notifier)))
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func OpenProcessToken(process Handle, access uint32, token *Token) (err error) {
+	r1, _, e1 := syscall.Syscall(procOpenProcessToken.Addr(), 3, uintptr(process), uintptr(access), uintptr(unsafe.Pointer(token)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func OpenSCManager(machineName *uint16, databaseName *uint16, access uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procOpenSCManagerW.Addr(), 3, uintptr(unsafe.Pointer(machineName)), uintptr(unsafe.Pointer(databaseName)), uintptr(access))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func OpenService(mgr Handle, serviceName *uint16, access uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procOpenServiceW.Addr(), 3, uintptr(mgr), uintptr(unsafe.Pointer(serviceName)), uintptr(access))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func OpenThreadToken(thread Handle, access uint32, openAsSelf bool, token *Token) (err error) {
+	var _p0 uint32
+	if openAsSelf {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procOpenThreadToken.Addr(), 4, uintptr(thread), uintptr(access), uintptr(_p0), uintptr(unsafe.Pointer(token)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryServiceConfig2(service Handle, infoLevel uint32, buff *byte, buffSize uint32, bytesNeeded *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procQueryServiceConfig2W.Addr(), 5, uintptr(service), uintptr(infoLevel), uintptr(unsafe.Pointer(buff)), uintptr(buffSize), uintptr(unsafe.Pointer(bytesNeeded)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryServiceConfig(service Handle, serviceConfig *QUERY_SERVICE_CONFIG, bufSize uint32, bytesNeeded *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procQueryServiceConfigW.Addr(), 4, uintptr(service), uintptr(unsafe.Pointer(serviceConfig)), uintptr(bufSize), uintptr(unsafe.Pointer(bytesNeeded)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryServiceDynamicInformation(service Handle, infoLevel uint32, dynamicInfo unsafe.Pointer) (err error) {
+	err = procQueryServiceDynamicInformation.Find()
+	if err != nil {
+		return
+	}
+	r1, _, e1 := syscall.Syscall(procQueryServiceDynamicInformation.Addr(), 3, uintptr(service), uintptr(infoLevel), uintptr(dynamicInfo))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryServiceLockStatus(mgr Handle, lockStatus *QUERY_SERVICE_LOCK_STATUS, bufSize uint32, bytesNeeded *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procQueryServiceLockStatusW.Addr(), 4, uintptr(mgr), uintptr(unsafe.Pointer(lockStatus)), uintptr(bufSize), uintptr(unsafe.Pointer(bytesNeeded)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryServiceStatus(service Handle, status *SERVICE_STATUS) (err error) {
+	r1, _, e1 := syscall.Syscall(procQueryServiceStatus.Addr(), 2, uintptr(service), uintptr(unsafe.Pointer(status)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryServiceStatusEx(service Handle, infoLevel uint32, buff *byte, buffSize uint32, bytesNeeded *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procQueryServiceStatusEx.Addr(), 5, uintptr(service), uintptr(infoLevel), uintptr(unsafe.Pointer(buff)), uintptr(buffSize), uintptr(unsafe.Pointer(bytesNeeded)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func RegCloseKey(key Handle) (regerrno error) {
+	r0, _, _ := syscall.Syscall(procRegCloseKey.Addr(), 1, uintptr(key), 0, 0)
+	if r0 != 0 {
+		regerrno = syscall.Errno(r0)
+	}
+	return
+}
+
+func RegEnumKeyEx(key Handle, index uint32, name *uint16, nameLen *uint32, reserved *uint32, class *uint16, classLen *uint32, lastWriteTime *Filetime) (regerrno error) {
+	r0, _, _ := syscall.Syscall9(procRegEnumKeyExW.Addr(), 8, uintptr(key), uintptr(index), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(nameLen)), uintptr(unsafe.Pointer(reserved)), uintptr(unsafe.Pointer(class)), uintptr(unsafe.Pointer(classLen)), uintptr(unsafe.Pointer(lastWriteTime)), 0)
+	if r0 != 0 {
+		regerrno = syscall.Errno(r0)
+	}
+	return
+}
+
+func RegNotifyChangeKeyValue(key Handle, watchSubtree bool, notifyFilter uint32, event Handle, asynchronous bool) (regerrno error) {
+	var _p0 uint32
+	if watchSubtree {
+		_p0 = 1
+	}
+	var _p1 uint32
+	if asynchronous {
+		_p1 = 1
+	}
+	r0, _, _ := syscall.Syscall6(procRegNotifyChangeKeyValue.Addr(), 5, uintptr(key), uintptr(_p0), uintptr(notifyFilter), uintptr(event), uintptr(_p1), 0)
+	if r0 != 0 {
+		regerrno = syscall.Errno(r0)
+	}
+	return
+}
+
+func RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno error) {
+	r0, _, _ := syscall.Syscall6(procRegOpenKeyExW.Addr(), 5, uintptr(key), uintptr(unsafe.Pointer(subkey)), uintptr(options), uintptr(desiredAccess), uintptr(unsafe.Pointer(result)), 0)
+	if r0 != 0 {
+		regerrno = syscall.Errno(r0)
+	}
+	return
+}
+
+func RegQueryInfoKey(key Handle, class *uint16, classLen *uint32, reserved *uint32, subkeysLen *uint32, maxSubkeyLen *uint32, maxClassLen *uint32, valuesLen *uint32, maxValueNameLen *uint32, maxValueLen *uint32, saLen *uint32, lastWriteTime *Filetime) (regerrno error) {
+	r0, _, _ := syscall.Syscall12(procRegQueryInfoKeyW.Addr(), 12, uintptr(key), uintptr(unsafe.Pointer(class)), uintptr(unsafe.Pointer(classLen)), uintptr(unsafe.Pointer(reserved)), uintptr(unsafe.Pointer(subkeysLen)), uintptr(unsafe.Pointer(maxSubkeyLen)), uintptr(unsafe.Pointer(maxClassLen)), uintptr(unsafe.Pointer(valuesLen)), uintptr(unsafe.Pointer(maxValueNameLen)), uintptr(unsafe.Pointer(maxValueLen)), uintptr(unsafe.Pointer(saLen)), uintptr(unsafe.Pointer(lastWriteTime)))
+	if r0 != 0 {
+		regerrno = syscall.Errno(r0)
+	}
+	return
+}
+
+func RegQueryValueEx(key Handle, name *uint16, reserved *uint32, valtype *uint32, buf *byte, buflen *uint32) (regerrno error) {
+	r0, _, _ := syscall.Syscall6(procRegQueryValueExW.Addr(), 6, uintptr(key), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(reserved)), uintptr(unsafe.Pointer(valtype)), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(buflen)))
+	if r0 != 0 {
+		regerrno = syscall.Errno(r0)
+	}
+	return
+}
+
+func RegisterEventSource(uncServerName *uint16, sourceName *uint16) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procRegisterEventSourceW.Addr(), 2, uintptr(unsafe.Pointer(uncServerName)), uintptr(unsafe.Pointer(sourceName)), 0)
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func RegisterServiceCtrlHandlerEx(serviceName *uint16, handlerProc uintptr, context uintptr) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procRegisterServiceCtrlHandlerExW.Addr(), 3, uintptr(unsafe.Pointer(serviceName)), uintptr(handlerProc), uintptr(context))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ReportEvent(log Handle, etype uint16, category uint16, eventId uint32, usrSId uintptr, numStrings uint16, dataSize uint32, strings **uint16, rawData *byte) (err error) {
+	r1, _, e1 := syscall.Syscall9(procReportEventW.Addr(), 9, uintptr(log), uintptr(etype), uintptr(category), uintptr(eventId), uintptr(usrSId), uintptr(numStrings), uintptr(dataSize), uintptr(unsafe.Pointer(strings)), uintptr(unsafe.Pointer(rawData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func RevertToSelf() (err error) {
+	r1, _, e1 := syscall.Syscall(procRevertToSelf.Addr(), 0, 0, 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setEntriesInAcl(countExplicitEntries uint32, explicitEntries *EXPLICIT_ACCESS, oldACL *ACL, newACL **ACL) (ret error) {
+	r0, _, _ := syscall.Syscall6(procSetEntriesInAclW.Addr(), 4, uintptr(countExplicitEntries), uintptr(unsafe.Pointer(explicitEntries)), uintptr(unsafe.Pointer(oldACL)), uintptr(unsafe.Pointer(newACL)), 0, 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func SetKernelObjectSecurity(handle Handle, securityInformation SECURITY_INFORMATION, securityDescriptor *SECURITY_DESCRIPTOR) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetKernelObjectSecurity.Addr(), 3, uintptr(handle), uintptr(securityInformation), uintptr(unsafe.Pointer(securityDescriptor)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) {
+	var _p0 *uint16
+	_p0, ret = syscall.UTF16PtrFromString(objectName)
+	if ret != nil {
+		return
+	}
+	return _SetNamedSecurityInfo(_p0, objectType, securityInformation, owner, group, dacl, sacl)
+}
+
+func _SetNamedSecurityInfo(objectName *uint16, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) {
+	r0, _, _ := syscall.Syscall9(procSetNamedSecurityInfoW.Addr(), 7, uintptr(unsafe.Pointer(objectName)), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), 0, 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func setSecurityDescriptorControl(sd *SECURITY_DESCRIPTOR, controlBitsOfInterest SECURITY_DESCRIPTOR_CONTROL, controlBitsToSet SECURITY_DESCRIPTOR_CONTROL) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetSecurityDescriptorControl.Addr(), 3, uintptr(unsafe.Pointer(sd)), uintptr(controlBitsOfInterest), uintptr(controlBitsToSet))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setSecurityDescriptorDacl(sd *SECURITY_DESCRIPTOR, daclPresent bool, dacl *ACL, daclDefaulted bool) (err error) {
+	var _p0 uint32
+	if daclPresent {
+		_p0 = 1
+	}
+	var _p1 uint32
+	if daclDefaulted {
+		_p1 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procSetSecurityDescriptorDacl.Addr(), 4, uintptr(unsafe.Pointer(sd)), uintptr(_p0), uintptr(unsafe.Pointer(dacl)), uintptr(_p1), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setSecurityDescriptorGroup(sd *SECURITY_DESCRIPTOR, group *SID, groupDefaulted bool) (err error) {
+	var _p0 uint32
+	if groupDefaulted {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall(procSetSecurityDescriptorGroup.Addr(), 3, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(group)), uintptr(_p0))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setSecurityDescriptorOwner(sd *SECURITY_DESCRIPTOR, owner *SID, ownerDefaulted bool) (err error) {
+	var _p0 uint32
+	if ownerDefaulted {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall(procSetSecurityDescriptorOwner.Addr(), 3, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(owner)), uintptr(_p0))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setSecurityDescriptorRMControl(sd *SECURITY_DESCRIPTOR, rmControl *uint8) {
+	syscall.Syscall(procSetSecurityDescriptorRMControl.Addr(), 2, uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(rmControl)), 0)
+	return
+}
+
+func setSecurityDescriptorSacl(sd *SECURITY_DESCRIPTOR, saclPresent bool, sacl *ACL, saclDefaulted bool) (err error) {
+	var _p0 uint32
+	if saclPresent {
+		_p0 = 1
+	}
+	var _p1 uint32
+	if saclDefaulted {
+		_p1 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procSetSecurityDescriptorSacl.Addr(), 4, uintptr(unsafe.Pointer(sd)), uintptr(_p0), uintptr(unsafe.Pointer(sacl)), uintptr(_p1), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) {
+	r0, _, _ := syscall.Syscall9(procSetSecurityInfo.Addr(), 7, uintptr(handle), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), 0, 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func SetServiceStatus(service Handle, serviceStatus *SERVICE_STATUS) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetServiceStatus.Addr(), 2, uintptr(service), uintptr(unsafe.Pointer(serviceStatus)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetThreadToken(thread *Handle, token Token) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetThreadToken.Addr(), 2, uintptr(unsafe.Pointer(thread)), uintptr(token), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetTokenInformation(token Token, infoClass uint32, info *byte, infoLen uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetTokenInformation.Addr(), 4, uintptr(token), uintptr(infoClass), uintptr(unsafe.Pointer(info)), uintptr(infoLen), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func StartServiceCtrlDispatcher(serviceTable *SERVICE_TABLE_ENTRY) (err error) {
+	r1, _, e1 := syscall.Syscall(procStartServiceCtrlDispatcherW.Addr(), 1, uintptr(unsafe.Pointer(serviceTable)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func StartService(service Handle, numArgs uint32, argVectors **uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procStartServiceW.Addr(), 3, uintptr(service), uintptr(numArgs), uintptr(unsafe.Pointer(argVectors)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertAddCertificateContextToStore(store Handle, certContext *CertContext, addDisposition uint32, storeContext **CertContext) (err error) {
+	r1, _, e1 := syscall.Syscall6(procCertAddCertificateContextToStore.Addr(), 4, uintptr(store), uintptr(unsafe.Pointer(certContext)), uintptr(addDisposition), uintptr(unsafe.Pointer(storeContext)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertCloseStore(store Handle, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procCertCloseStore.Addr(), 2, uintptr(store), uintptr(flags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, encodedLen uint32) (context *CertContext, err error) {
+	r0, _, e1 := syscall.Syscall(procCertCreateCertificateContext.Addr(), 3, uintptr(certEncodingType), uintptr(unsafe.Pointer(certEncoded)), uintptr(encodedLen))
+	context = (*CertContext)(unsafe.Pointer(r0))
+	if context == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertDeleteCertificateFromStore(certContext *CertContext) (err error) {
+	r1, _, e1 := syscall.Syscall(procCertDeleteCertificateFromStore.Addr(), 1, uintptr(unsafe.Pointer(certContext)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertDuplicateCertificateContext(certContext *CertContext) (dupContext *CertContext) {
+	r0, _, _ := syscall.Syscall(procCertDuplicateCertificateContext.Addr(), 1, uintptr(unsafe.Pointer(certContext)), 0, 0)
+	dupContext = (*CertContext)(unsafe.Pointer(r0))
+	return
+}
+
+func CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) {
+	r0, _, e1 := syscall.Syscall(procCertEnumCertificatesInStore.Addr(), 2, uintptr(store), uintptr(unsafe.Pointer(prevContext)), 0)
+	context = (*CertContext)(unsafe.Pointer(r0))
+	if context == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertFindCertificateInStore(store Handle, certEncodingType uint32, findFlags uint32, findType uint32, findPara unsafe.Pointer, prevCertContext *CertContext) (cert *CertContext, err error) {
+	r0, _, e1 := syscall.Syscall6(procCertFindCertificateInStore.Addr(), 6, uintptr(store), uintptr(certEncodingType), uintptr(findFlags), uintptr(findType), uintptr(findPara), uintptr(unsafe.Pointer(prevCertContext)))
+	cert = (*CertContext)(unsafe.Pointer(r0))
+	if cert == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertFindChainInStore(store Handle, certEncodingType uint32, findFlags uint32, findType uint32, findPara unsafe.Pointer, prevChainContext *CertChainContext) (certchain *CertChainContext, err error) {
+	r0, _, e1 := syscall.Syscall6(procCertFindChainInStore.Addr(), 6, uintptr(store), uintptr(certEncodingType), uintptr(findFlags), uintptr(findType), uintptr(findPara), uintptr(unsafe.Pointer(prevChainContext)))
+	certchain = (*CertChainContext)(unsafe.Pointer(r0))
+	if certchain == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertFindExtension(objId *byte, countExtensions uint32, extensions *CertExtension) (ret *CertExtension) {
+	r0, _, _ := syscall.Syscall(procCertFindExtension.Addr(), 3, uintptr(unsafe.Pointer(objId)), uintptr(countExtensions), uintptr(unsafe.Pointer(extensions)))
+	ret = (*CertExtension)(unsafe.Pointer(r0))
+	return
+}
+
+func CertFreeCertificateChain(ctx *CertChainContext) {
+	syscall.Syscall(procCertFreeCertificateChain.Addr(), 1, uintptr(unsafe.Pointer(ctx)), 0, 0)
+	return
+}
+
+func CertFreeCertificateContext(ctx *CertContext) (err error) {
+	r1, _, e1 := syscall.Syscall(procCertFreeCertificateContext.Addr(), 1, uintptr(unsafe.Pointer(ctx)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, additionalStore Handle, para *CertChainPara, flags uint32, reserved uintptr, chainCtx **CertChainContext) (err error) {
+	r1, _, e1 := syscall.Syscall9(procCertGetCertificateChain.Addr(), 8, uintptr(engine), uintptr(unsafe.Pointer(leaf)), uintptr(unsafe.Pointer(time)), uintptr(additionalStore), uintptr(unsafe.Pointer(para)), uintptr(flags), uintptr(reserved), uintptr(unsafe.Pointer(chainCtx)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertGetNameString(certContext *CertContext, nameType uint32, flags uint32, typePara unsafe.Pointer, name *uint16, size uint32) (chars uint32) {
+	r0, _, _ := syscall.Syscall6(procCertGetNameStringW.Addr(), 6, uintptr(unsafe.Pointer(certContext)), uintptr(nameType), uintptr(flags), uintptr(typePara), uintptr(unsafe.Pointer(name)), uintptr(size))
+	chars = uint32(r0)
+	return
+}
+
+func CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procCertOpenStore.Addr(), 5, uintptr(storeProvider), uintptr(msgAndCertEncodingType), uintptr(cryptProv), uintptr(flags), uintptr(para), 0)
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procCertOpenSystemStoreW.Addr(), 2, uintptr(hprov), uintptr(unsafe.Pointer(name)), 0)
+	store = Handle(r0)
+	if store == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CertVerifyCertificateChainPolicy(policyOID uintptr, chain *CertChainContext, para *CertChainPolicyPara, status *CertChainPolicyStatus) (err error) {
+	r1, _, e1 := syscall.Syscall6(procCertVerifyCertificateChainPolicy.Addr(), 4, uintptr(policyOID), uintptr(unsafe.Pointer(chain)), uintptr(unsafe.Pointer(para)), uintptr(unsafe.Pointer(status)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CryptAcquireCertificatePrivateKey(cert *CertContext, flags uint32, parameters unsafe.Pointer, cryptProvOrNCryptKey *Handle, keySpec *uint32, callerFreeProvOrNCryptKey *bool) (err error) {
+	var _p0 uint32
+	if *callerFreeProvOrNCryptKey {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procCryptAcquireCertificatePrivateKey.Addr(), 6, uintptr(unsafe.Pointer(cert)), uintptr(flags), uintptr(parameters), uintptr(unsafe.Pointer(cryptProvOrNCryptKey)), uintptr(unsafe.Pointer(keySpec)), uintptr(unsafe.Pointer(&_p0)))
+	*callerFreeProvOrNCryptKey = _p0 != 0
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CryptDecodeObject(encodingType uint32, structType *byte, encodedBytes *byte, lenEncodedBytes uint32, flags uint32, decoded unsafe.Pointer, decodedLen *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procCryptDecodeObject.Addr(), 7, uintptr(encodingType), uintptr(unsafe.Pointer(structType)), uintptr(unsafe.Pointer(encodedBytes)), uintptr(lenEncodedBytes), uintptr(flags), uintptr(decoded), uintptr(unsafe.Pointer(decodedLen)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CryptProtectData(dataIn *DataBlob, name *uint16, optionalEntropy *DataBlob, reserved uintptr, promptStruct *CryptProtectPromptStruct, flags uint32, dataOut *DataBlob) (err error) {
+	r1, _, e1 := syscall.Syscall9(procCryptProtectData.Addr(), 7, uintptr(unsafe.Pointer(dataIn)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(optionalEntropy)), uintptr(reserved), uintptr(unsafe.Pointer(promptStruct)), uintptr(flags), uintptr(unsafe.Pointer(dataOut)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CryptQueryObject(objectType uint32, object unsafe.Pointer, expectedContentTypeFlags uint32, expectedFormatTypeFlags uint32, flags uint32, msgAndCertEncodingType *uint32, contentType *uint32, formatType *uint32, certStore *Handle, msg *Handle, context *unsafe.Pointer) (err error) {
+	r1, _, e1 := syscall.Syscall12(procCryptQueryObject.Addr(), 11, uintptr(objectType), uintptr(object), uintptr(expectedContentTypeFlags), uintptr(expectedFormatTypeFlags), uintptr(flags), uintptr(unsafe.Pointer(msgAndCertEncodingType)), uintptr(unsafe.Pointer(contentType)), uintptr(unsafe.Pointer(formatType)), uintptr(unsafe.Pointer(certStore)), uintptr(unsafe.Pointer(msg)), uintptr(unsafe.Pointer(context)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CryptUnprotectData(dataIn *DataBlob, name **uint16, optionalEntropy *DataBlob, reserved uintptr, promptStruct *CryptProtectPromptStruct, flags uint32, dataOut *DataBlob) (err error) {
+	r1, _, e1 := syscall.Syscall9(procCryptUnprotectData.Addr(), 7, uintptr(unsafe.Pointer(dataIn)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(optionalEntropy)), uintptr(reserved), uintptr(unsafe.Pointer(promptStruct)), uintptr(flags), uintptr(unsafe.Pointer(dataOut)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procPFXImportCertStore.Addr(), 3, uintptr(unsafe.Pointer(pfx)), uintptr(unsafe.Pointer(password)), uintptr(flags))
+	store = Handle(r0)
+	if store == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DnsNameCompare(name1 *uint16, name2 *uint16) (same bool) {
+	r0, _, _ := syscall.Syscall(procDnsNameCompare_W.Addr(), 2, uintptr(unsafe.Pointer(name1)), uintptr(unsafe.Pointer(name2)), 0)
+	same = r0 != 0
+	return
+}
+
+func DnsQuery(name string, qtype uint16, options uint32, extra *byte, qrs **DNSRecord, pr *byte) (status error) {
+	var _p0 *uint16
+	_p0, status = syscall.UTF16PtrFromString(name)
+	if status != nil {
+		return
+	}
+	return _DnsQuery(_p0, qtype, options, extra, qrs, pr)
+}
+
+func _DnsQuery(name *uint16, qtype uint16, options uint32, extra *byte, qrs **DNSRecord, pr *byte) (status error) {
+	r0, _, _ := syscall.Syscall6(procDnsQuery_W.Addr(), 6, uintptr(unsafe.Pointer(name)), uintptr(qtype), uintptr(options), uintptr(unsafe.Pointer(extra)), uintptr(unsafe.Pointer(qrs)), uintptr(unsafe.Pointer(pr)))
+	if r0 != 0 {
+		status = syscall.Errno(r0)
+	}
+	return
+}
+
+func DnsRecordListFree(rl *DNSRecord, freetype uint32) {
+	syscall.Syscall(procDnsRecordListFree.Addr(), 2, uintptr(unsafe.Pointer(rl)), uintptr(freetype), 0)
+	return
+}
+
+func DwmGetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, size uint32) (ret error) {
+	r0, _, _ := syscall.Syscall6(procDwmGetWindowAttribute.Addr(), 4, uintptr(hwnd), uintptr(attribute), uintptr(value), uintptr(size), 0, 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func DwmSetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, size uint32) (ret error) {
+	r0, _, _ := syscall.Syscall6(procDwmSetWindowAttribute.Addr(), 4, uintptr(hwnd), uintptr(attribute), uintptr(value), uintptr(size), 0, 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func CancelMibChangeNotify2(notificationHandle Handle) (errcode error) {
+	r0, _, _ := syscall.Syscall(procCancelMibChangeNotify2.Addr(), 1, uintptr(notificationHandle), 0, 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizePointer *uint32) (errcode error) {
+	r0, _, _ := syscall.Syscall6(procGetAdaptersAddresses.Addr(), 5, uintptr(family), uintptr(flags), uintptr(reserved), uintptr(unsafe.Pointer(adapterAddresses)), uintptr(unsafe.Pointer(sizePointer)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func GetAdaptersInfo(ai *IpAdapterInfo, ol *uint32) (errcode error) {
+	r0, _, _ := syscall.Syscall(procGetAdaptersInfo.Addr(), 2, uintptr(unsafe.Pointer(ai)), uintptr(unsafe.Pointer(ol)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func getBestInterfaceEx(sockaddr unsafe.Pointer, pdwBestIfIndex *uint32) (errcode error) {
+	r0, _, _ := syscall.Syscall(procGetBestInterfaceEx.Addr(), 2, uintptr(sockaddr), uintptr(unsafe.Pointer(pdwBestIfIndex)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func GetIfEntry(pIfRow *MibIfRow) (errcode error) {
+	r0, _, _ := syscall.Syscall(procGetIfEntry.Addr(), 1, uintptr(unsafe.Pointer(pIfRow)), 0, 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) {
+	r0, _, _ := syscall.Syscall(procGetIfEntry2Ex.Addr(), 2, uintptr(level), uintptr(unsafe.Pointer(row)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) {
+	r0, _, _ := syscall.Syscall(procGetUnicastIpAddressEntry.Addr(), 1, uintptr(unsafe.Pointer(row)), 0, 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
+	var _p0 uint32
+	if initialNotification {
+		_p0 = 1
+	}
+	r0, _, _ := syscall.Syscall6(procNotifyIpInterfaceChange.Addr(), 5, uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
+	var _p0 uint32
+	if initialNotification {
+		_p0 = 1
+	}
+	r0, _, _ := syscall.Syscall6(procNotifyUnicastIpAddressChange.Addr(), 5, uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func AddDllDirectory(path *uint16) (cookie uintptr, err error) {
+	r0, _, e1 := syscall.Syscall(procAddDllDirectory.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
+	cookie = uintptr(r0)
+	if cookie == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func AssignProcessToJobObject(job Handle, process Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procAssignProcessToJobObject.Addr(), 2, uintptr(job), uintptr(process), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CancelIo(s Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procCancelIo.Addr(), 1, uintptr(s), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CancelIoEx(s Handle, o *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall(procCancelIoEx.Addr(), 2, uintptr(s), uintptr(unsafe.Pointer(o)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ClearCommBreak(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procClearCommBreak.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ClearCommError(handle Handle, lpErrors *uint32, lpStat *ComStat) (err error) {
+	r1, _, e1 := syscall.Syscall(procClearCommError.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(lpErrors)), uintptr(unsafe.Pointer(lpStat)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CloseHandle(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procCloseHandle.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ClosePseudoConsole(console Handle) {
+	syscall.Syscall(procClosePseudoConsole.Addr(), 1, uintptr(console), 0, 0)
+	return
+}
+
+func ConnectNamedPipe(pipe Handle, overlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall(procConnectNamedPipe.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(overlapped)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateDirectory(path *uint16, sa *SecurityAttributes) (err error) {
+	r1, _, e1 := syscall.Syscall(procCreateDirectoryW.Addr(), 2, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(sa)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateEventEx(eventAttrs *SecurityAttributes, name *uint16, flags uint32, desiredAccess uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procCreateEventExW.Addr(), 4, uintptr(unsafe.Pointer(eventAttrs)), uintptr(unsafe.Pointer(name)), uintptr(flags), uintptr(desiredAccess), 0, 0)
+	handle = Handle(r0)
+	if handle == 0 || e1 == ERROR_ALREADY_EXISTS {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateEvent(eventAttrs *SecurityAttributes, manualReset uint32, initialState uint32, name *uint16) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procCreateEventW.Addr(), 4, uintptr(unsafe.Pointer(eventAttrs)), uintptr(manualReset), uintptr(initialState), uintptr(unsafe.Pointer(name)), 0, 0)
+	handle = Handle(r0)
+	if handle == 0 || e1 == ERROR_ALREADY_EXISTS {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateFileMapping(fhandle Handle, sa *SecurityAttributes, prot uint32, maxSizeHigh uint32, maxSizeLow uint32, name *uint16) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procCreateFileMappingW.Addr(), 6, uintptr(fhandle), uintptr(unsafe.Pointer(sa)), uintptr(prot), uintptr(maxSizeHigh), uintptr(maxSizeLow), uintptr(unsafe.Pointer(name)))
+	handle = Handle(r0)
+	if handle == 0 || e1 == ERROR_ALREADY_EXISTS {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateFile(name *uint16, access uint32, mode uint32, sa *SecurityAttributes, createmode uint32, attrs uint32, templatefile Handle) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall9(procCreateFileW.Addr(), 7, uintptr(unsafe.Pointer(name)), uintptr(access), uintptr(mode), uintptr(unsafe.Pointer(sa)), uintptr(createmode), uintptr(attrs), uintptr(templatefile), 0, 0)
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateHardLink(filename *uint16, existingfilename *uint16, reserved uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procCreateHardLinkW.Addr(), 3, uintptr(unsafe.Pointer(filename)), uintptr(unsafe.Pointer(existingfilename)), uintptr(reserved))
+	if r1&0xff == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uintptr, threadcnt uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procCreateIoCompletionPort.Addr(), 4, uintptr(filehandle), uintptr(cphandle), uintptr(key), uintptr(threadcnt), 0, 0)
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateJobObject(jobAttr *SecurityAttributes, name *uint16) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procCreateJobObjectW.Addr(), 2, uintptr(unsafe.Pointer(jobAttr)), uintptr(unsafe.Pointer(name)), 0)
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateMutexEx(mutexAttrs *SecurityAttributes, name *uint16, flags uint32, desiredAccess uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procCreateMutexExW.Addr(), 4, uintptr(unsafe.Pointer(mutexAttrs)), uintptr(unsafe.Pointer(name)), uintptr(flags), uintptr(desiredAccess), 0, 0)
+	handle = Handle(r0)
+	if handle == 0 || e1 == ERROR_ALREADY_EXISTS {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateMutex(mutexAttrs *SecurityAttributes, initialOwner bool, name *uint16) (handle Handle, err error) {
+	var _p0 uint32
+	if initialOwner {
+		_p0 = 1
+	}
+	r0, _, e1 := syscall.Syscall(procCreateMutexW.Addr(), 3, uintptr(unsafe.Pointer(mutexAttrs)), uintptr(_p0), uintptr(unsafe.Pointer(name)))
+	handle = Handle(r0)
+	if handle == 0 || e1 == ERROR_ALREADY_EXISTS {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateNamedPipe(name *uint16, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *SecurityAttributes) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall9(procCreateNamedPipeW.Addr(), 8, uintptr(unsafe.Pointer(name)), uintptr(flags), uintptr(pipeMode), uintptr(maxInstances), uintptr(outSize), uintptr(inSize), uintptr(defaultTimeout), uintptr(unsafe.Pointer(sa)), 0)
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreatePipe(readhandle *Handle, writehandle *Handle, sa *SecurityAttributes, size uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procCreatePipe.Addr(), 4, uintptr(unsafe.Pointer(readhandle)), uintptr(unsafe.Pointer(writehandle)), uintptr(unsafe.Pointer(sa)), uintptr(size), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateProcess(appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) {
+	var _p0 uint32
+	if inheritHandles {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall12(procCreateProcessW.Addr(), 10, uintptr(unsafe.Pointer(appName)), uintptr(unsafe.Pointer(commandLine)), uintptr(unsafe.Pointer(procSecurity)), uintptr(unsafe.Pointer(threadSecurity)), uintptr(_p0), uintptr(creationFlags), uintptr(unsafe.Pointer(env)), uintptr(unsafe.Pointer(currentDir)), uintptr(unsafe.Pointer(startupInfo)), uintptr(unsafe.Pointer(outProcInfo)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func createPseudoConsole(size uint32, in Handle, out Handle, flags uint32, pconsole *Handle) (hr error) {
+	r0, _, _ := syscall.Syscall6(procCreatePseudoConsole.Addr(), 5, uintptr(size), uintptr(in), uintptr(out), uintptr(flags), uintptr(unsafe.Pointer(pconsole)), 0)
+	if r0 != 0 {
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func CreateSymbolicLink(symlinkfilename *uint16, targetfilename *uint16, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procCreateSymbolicLinkW.Addr(), 3, uintptr(unsafe.Pointer(symlinkfilename)), uintptr(unsafe.Pointer(targetfilename)), uintptr(flags))
+	if r1&0xff == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateToolhelp32Snapshot(flags uint32, processId uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procCreateToolhelp32Snapshot.Addr(), 2, uintptr(flags), uintptr(processId), 0)
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DefineDosDevice(flags uint32, deviceName *uint16, targetPath *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procDefineDosDeviceW.Addr(), 3, uintptr(flags), uintptr(unsafe.Pointer(deviceName)), uintptr(unsafe.Pointer(targetPath)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DeleteFile(path *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procDeleteFileW.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func deleteProcThreadAttributeList(attrlist *ProcThreadAttributeList) {
+	syscall.Syscall(procDeleteProcThreadAttributeList.Addr(), 1, uintptr(unsafe.Pointer(attrlist)), 0, 0)
+	return
+}
+
+func DeleteVolumeMountPoint(volumeMountPoint *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procDeleteVolumeMountPointW.Addr(), 1, uintptr(unsafe.Pointer(volumeMountPoint)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DeviceIoControl(handle Handle, ioControlCode uint32, inBuffer *byte, inBufferSize uint32, outBuffer *byte, outBufferSize uint32, bytesReturned *uint32, overlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall9(procDeviceIoControl.Addr(), 8, uintptr(handle), uintptr(ioControlCode), uintptr(unsafe.Pointer(inBuffer)), uintptr(inBufferSize), uintptr(unsafe.Pointer(outBuffer)), uintptr(outBufferSize), uintptr(unsafe.Pointer(bytesReturned)), uintptr(unsafe.Pointer(overlapped)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DisconnectNamedPipe(pipe Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procDisconnectNamedPipe.Addr(), 1, uintptr(pipe), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DuplicateHandle(hSourceProcessHandle Handle, hSourceHandle Handle, hTargetProcessHandle Handle, lpTargetHandle *Handle, dwDesiredAccess uint32, bInheritHandle bool, dwOptions uint32) (err error) {
+	var _p0 uint32
+	if bInheritHandle {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall9(procDuplicateHandle.Addr(), 7, uintptr(hSourceProcessHandle), uintptr(hSourceHandle), uintptr(hTargetProcessHandle), uintptr(unsafe.Pointer(lpTargetHandle)), uintptr(dwDesiredAccess), uintptr(_p0), uintptr(dwOptions), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func EscapeCommFunction(handle Handle, dwFunc uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procEscapeCommFunction.Addr(), 2, uintptr(handle), uintptr(dwFunc), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ExitProcess(exitcode uint32) {
+	syscall.Syscall(procExitProcess.Addr(), 1, uintptr(exitcode), 0, 0)
+	return
+}
+
+func ExpandEnvironmentStrings(src *uint16, dst *uint16, size uint32) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procExpandEnvironmentStringsW.Addr(), 3, uintptr(unsafe.Pointer(src)), uintptr(unsafe.Pointer(dst)), uintptr(size))
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindClose(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procFindClose.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindCloseChangeNotification(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procFindCloseChangeNotification.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindFirstChangeNotification(path string, watchSubtree bool, notifyFilter uint32) (handle Handle, err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(path)
+	if err != nil {
+		return
+	}
+	return _FindFirstChangeNotification(_p0, watchSubtree, notifyFilter)
+}
+
+func _FindFirstChangeNotification(path *uint16, watchSubtree bool, notifyFilter uint32) (handle Handle, err error) {
+	var _p1 uint32
+	if watchSubtree {
+		_p1 = 1
+	}
+	r0, _, e1 := syscall.Syscall(procFindFirstChangeNotificationW.Addr(), 3, uintptr(unsafe.Pointer(path)), uintptr(_p1), uintptr(notifyFilter))
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func findFirstFile1(name *uint16, data *win32finddata1) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procFindFirstFileW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(data)), 0)
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindFirstVolumeMountPoint(rootPathName *uint16, volumeMountPoint *uint16, bufferLength uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procFindFirstVolumeMountPointW.Addr(), 3, uintptr(unsafe.Pointer(rootPathName)), uintptr(unsafe.Pointer(volumeMountPoint)), uintptr(bufferLength))
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindFirstVolume(volumeName *uint16, bufferLength uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procFindFirstVolumeW.Addr(), 2, uintptr(unsafe.Pointer(volumeName)), uintptr(bufferLength), 0)
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindNextChangeNotification(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procFindNextChangeNotification.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func findNextFile1(handle Handle, data *win32finddata1) (err error) {
+	r1, _, e1 := syscall.Syscall(procFindNextFileW.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(data)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindNextVolumeMountPoint(findVolumeMountPoint Handle, volumeMountPoint *uint16, bufferLength uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procFindNextVolumeMountPointW.Addr(), 3, uintptr(findVolumeMountPoint), uintptr(unsafe.Pointer(volumeMountPoint)), uintptr(bufferLength))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindNextVolume(findVolume Handle, volumeName *uint16, bufferLength uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procFindNextVolumeW.Addr(), 3, uintptr(findVolume), uintptr(unsafe.Pointer(volumeName)), uintptr(bufferLength))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func findResource(module Handle, name uintptr, resType uintptr) (resInfo Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procFindResourceW.Addr(), 3, uintptr(module), uintptr(name), uintptr(resType))
+	resInfo = Handle(r0)
+	if resInfo == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindVolumeClose(findVolume Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procFindVolumeClose.Addr(), 1, uintptr(findVolume), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FindVolumeMountPointClose(findVolumeMountPoint Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procFindVolumeMountPointClose.Addr(), 1, uintptr(findVolumeMountPoint), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FlushFileBuffers(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procFlushFileBuffers.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FlushViewOfFile(addr uintptr, length uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procFlushViewOfFile.Addr(), 2, uintptr(addr), uintptr(length), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FormatMessage(flags uint32, msgsrc uintptr, msgid uint32, langid uint32, buf []uint16, args *byte) (n uint32, err error) {
+	var _p0 *uint16
+	if len(buf) > 0 {
+		_p0 = &buf[0]
+	}
+	r0, _, e1 := syscall.Syscall9(procFormatMessageW.Addr(), 7, uintptr(flags), uintptr(msgsrc), uintptr(msgid), uintptr(langid), uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), uintptr(unsafe.Pointer(args)), 0, 0)
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FreeEnvironmentStrings(envs *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procFreeEnvironmentStringsW.Addr(), 1, uintptr(unsafe.Pointer(envs)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func FreeLibrary(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procFreeLibrary.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GenerateConsoleCtrlEvent(ctrlEvent uint32, processGroupID uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGenerateConsoleCtrlEvent.Addr(), 2, uintptr(ctrlEvent), uintptr(processGroupID), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetACP() (acp uint32) {
+	r0, _, _ := syscall.Syscall(procGetACP.Addr(), 0, 0, 0, 0)
+	acp = uint32(r0)
+	return
+}
+
+func GetActiveProcessorCount(groupNumber uint16) (ret uint32) {
+	r0, _, _ := syscall.Syscall(procGetActiveProcessorCount.Addr(), 1, uintptr(groupNumber), 0, 0)
+	ret = uint32(r0)
+	return
+}
+
+func GetCommModemStatus(handle Handle, lpModemStat *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetCommModemStatus.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpModemStat)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetCommState(handle Handle, lpDCB *DCB) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetCommState.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpDCB)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetCommTimeouts.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(timeouts)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetCommandLine() (cmd *uint16) {
+	r0, _, _ := syscall.Syscall(procGetCommandLineW.Addr(), 0, 0, 0, 0)
+	cmd = (*uint16)(unsafe.Pointer(r0))
+	return
+}
+
+func GetComputerNameEx(nametype uint32, buf *uint16, n *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetComputerNameExW.Addr(), 3, uintptr(nametype), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(n)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetComputerName(buf *uint16, n *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetComputerNameW.Addr(), 2, uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(n)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetConsoleCP() (cp uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetConsoleCP.Addr(), 0, 0, 0, 0)
+	cp = uint32(r0)
+	if cp == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetConsoleMode(console Handle, mode *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetConsoleMode.Addr(), 2, uintptr(console), uintptr(unsafe.Pointer(mode)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetConsoleOutputCP() (cp uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetConsoleOutputCP.Addr(), 0, 0, 0, 0)
+	cp = uint32(r0)
+	if cp == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetConsoleScreenBufferInfo.Addr(), 2, uintptr(console), uintptr(unsafe.Pointer(info)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetCurrentDirectory(buflen uint32, buf *uint16) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetCurrentDirectoryW.Addr(), 2, uintptr(buflen), uintptr(unsafe.Pointer(buf)), 0)
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetCurrentProcessId() (pid uint32) {
+	r0, _, _ := syscall.Syscall(procGetCurrentProcessId.Addr(), 0, 0, 0, 0)
+	pid = uint32(r0)
+	return
+}
+
+func GetCurrentThreadId() (id uint32) {
+	r0, _, _ := syscall.Syscall(procGetCurrentThreadId.Addr(), 0, 0, 0, 0)
+	id = uint32(r0)
+	return
+}
+
+func GetDiskFreeSpaceEx(directoryName *uint16, freeBytesAvailableToCaller *uint64, totalNumberOfBytes *uint64, totalNumberOfFreeBytes *uint64) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetDiskFreeSpaceExW.Addr(), 4, uintptr(unsafe.Pointer(directoryName)), uintptr(unsafe.Pointer(freeBytesAvailableToCaller)), uintptr(unsafe.Pointer(totalNumberOfBytes)), uintptr(unsafe.Pointer(totalNumberOfFreeBytes)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetDriveType(rootPathName *uint16) (driveType uint32) {
+	r0, _, _ := syscall.Syscall(procGetDriveTypeW.Addr(), 1, uintptr(unsafe.Pointer(rootPathName)), 0, 0)
+	driveType = uint32(r0)
+	return
+}
+
+func GetEnvironmentStrings() (envs *uint16, err error) {
+	r0, _, e1 := syscall.Syscall(procGetEnvironmentStringsW.Addr(), 0, 0, 0, 0)
+	envs = (*uint16)(unsafe.Pointer(r0))
+	if envs == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetEnvironmentVariable(name *uint16, buffer *uint16, size uint32) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetEnvironmentVariableW.Addr(), 3, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(buffer)), uintptr(size))
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetExitCodeProcess(handle Handle, exitcode *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetExitCodeProcess.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(exitcode)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileAttributesEx(name *uint16, level uint32, info *byte) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetFileAttributesExW.Addr(), 3, uintptr(unsafe.Pointer(name)), uintptr(level), uintptr(unsafe.Pointer(info)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileAttributes(name *uint16) (attrs uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetFileAttributesW.Addr(), 1, uintptr(unsafe.Pointer(name)), 0, 0)
+	attrs = uint32(r0)
+	if attrs == INVALID_FILE_ATTRIBUTES {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileInformationByHandle(handle Handle, data *ByHandleFileInformation) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetFileInformationByHandle.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(data)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileInformationByHandleEx(handle Handle, class uint32, outBuffer *byte, outBufferLen uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetFileInformationByHandleEx.Addr(), 4, uintptr(handle), uintptr(class), uintptr(unsafe.Pointer(outBuffer)), uintptr(outBufferLen), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetFileTime.Addr(), 4, uintptr(handle), uintptr(unsafe.Pointer(ctime)), uintptr(unsafe.Pointer(atime)), uintptr(unsafe.Pointer(wtime)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileType(filehandle Handle) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetFileType.Addr(), 1, uintptr(filehandle), 0, 0)
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFinalPathNameByHandle(file Handle, filePath *uint16, filePathSize uint32, flags uint32) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall6(procGetFinalPathNameByHandleW.Addr(), 4, uintptr(file), uintptr(unsafe.Pointer(filePath)), uintptr(filePathSize), uintptr(flags), 0, 0)
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFullPathName(path *uint16, buflen uint32, buf *uint16, fname **uint16) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall6(procGetFullPathNameW.Addr(), 4, uintptr(unsafe.Pointer(path)), uintptr(buflen), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(fname)), 0, 0)
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetLargePageMinimum() (size uintptr) {
+	r0, _, _ := syscall.Syscall(procGetLargePageMinimum.Addr(), 0, 0, 0, 0)
+	size = uintptr(r0)
+	return
+}
+
+func GetLastError() (lasterr error) {
+	r0, _, _ := syscall.Syscall(procGetLastError.Addr(), 0, 0, 0, 0)
+	if r0 != 0 {
+		lasterr = syscall.Errno(r0)
+	}
+	return
+}
+
+func GetLogicalDriveStrings(bufferLength uint32, buffer *uint16) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetLogicalDriveStringsW.Addr(), 2, uintptr(bufferLength), uintptr(unsafe.Pointer(buffer)), 0)
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetLogicalDrives() (drivesBitMask uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetLogicalDrives.Addr(), 0, 0, 0, 0)
+	drivesBitMask = uint32(r0)
+	if drivesBitMask == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetLongPathName(path *uint16, buf *uint16, buflen uint32) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetLongPathNameW.Addr(), 3, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(buf)), uintptr(buflen))
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetMaximumProcessorCount(groupNumber uint16) (ret uint32) {
+	r0, _, _ := syscall.Syscall(procGetMaximumProcessorCount.Addr(), 1, uintptr(groupNumber), 0, 0)
+	ret = uint32(r0)
+	return
+}
+
+func GetModuleFileName(module Handle, filename *uint16, size uint32) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetModuleFileNameW.Addr(), 3, uintptr(module), uintptr(unsafe.Pointer(filename)), uintptr(size))
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetModuleHandleExW.Addr(), 3, uintptr(flags), uintptr(unsafe.Pointer(moduleName)), uintptr(unsafe.Pointer(module)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetNamedPipeClientProcessId(pipe Handle, clientProcessID *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetNamedPipeClientProcessId.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(clientProcessID)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetNamedPipeHandleState(pipe Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procGetNamedPipeHandleStateW.Addr(), 7, uintptr(pipe), uintptr(unsafe.Pointer(state)), uintptr(unsafe.Pointer(curInstances)), uintptr(unsafe.Pointer(maxCollectionCount)), uintptr(unsafe.Pointer(collectDataTimeout)), uintptr(unsafe.Pointer(userName)), uintptr(maxUserNameSize), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetNamedPipeInfo(pipe Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetNamedPipeInfo.Addr(), 5, uintptr(pipe), uintptr(unsafe.Pointer(flags)), uintptr(unsafe.Pointer(outSize)), uintptr(unsafe.Pointer(inSize)), uintptr(unsafe.Pointer(maxInstances)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetNamedPipeServerProcessId(pipe Handle, serverProcessID *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetNamedPipeServerProcessId.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(serverProcessID)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetOverlappedResult(handle Handle, overlapped *Overlapped, done *uint32, wait bool) (err error) {
+	var _p0 uint32
+	if wait {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procGetOverlappedResult.Addr(), 4, uintptr(handle), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(done)), uintptr(_p0), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetPriorityClass(process Handle) (ret uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetPriorityClass.Addr(), 1, uintptr(process), 0, 0)
+	ret = uint32(r0)
+	if ret == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetProcAddress(module Handle, procname string) (proc uintptr, err error) {
+	var _p0 *byte
+	_p0, err = syscall.BytePtrFromString(procname)
+	if err != nil {
+		return
+	}
+	return _GetProcAddress(module, _p0)
+}
+
+func _GetProcAddress(module Handle, procname *byte) (proc uintptr, err error) {
+	r0, _, e1 := syscall.Syscall(procGetProcAddress.Addr(), 2, uintptr(module), uintptr(unsafe.Pointer(procname)), 0)
+	proc = uintptr(r0)
+	if proc == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetProcessId(process Handle) (id uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetProcessId.Addr(), 1, uintptr(process), 0, 0)
+	id = uint32(r0)
+	if id == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getProcessPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetProcessPreferredUILanguages.Addr(), 4, uintptr(flags), uintptr(unsafe.Pointer(numLanguages)), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(bufSize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetProcessShutdownParameters(level *uint32, flags *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetProcessShutdownParameters.Addr(), 2, uintptr(unsafe.Pointer(level)), uintptr(unsafe.Pointer(flags)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetProcessTimes(handle Handle, creationTime *Filetime, exitTime *Filetime, kernelTime *Filetime, userTime *Filetime) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetProcessTimes.Addr(), 5, uintptr(handle), uintptr(unsafe.Pointer(creationTime)), uintptr(unsafe.Pointer(exitTime)), uintptr(unsafe.Pointer(kernelTime)), uintptr(unsafe.Pointer(userTime)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetProcessWorkingSetSizeEx(hProcess Handle, lpMinimumWorkingSetSize *uintptr, lpMaximumWorkingSetSize *uintptr, flags *uint32) {
+	syscall.Syscall6(procGetProcessWorkingSetSizeEx.Addr(), 4, uintptr(hProcess), uintptr(unsafe.Pointer(lpMinimumWorkingSetSize)), uintptr(unsafe.Pointer(lpMaximumWorkingSetSize)), uintptr(unsafe.Pointer(flags)), 0, 0)
+	return
+}
+
+func GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uintptr, overlapped **Overlapped, timeout uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetQueuedCompletionStatus.Addr(), 5, uintptr(cphandle), uintptr(unsafe.Pointer(qty)), uintptr(unsafe.Pointer(key)), uintptr(unsafe.Pointer(overlapped)), uintptr(timeout), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetShortPathName(longpath *uint16, shortpath *uint16, buflen uint32) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetShortPathNameW.Addr(), 3, uintptr(unsafe.Pointer(longpath)), uintptr(unsafe.Pointer(shortpath)), uintptr(buflen))
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getStartupInfo(startupInfo *StartupInfo) {
+	syscall.Syscall(procGetStartupInfoW.Addr(), 1, uintptr(unsafe.Pointer(startupInfo)), 0, 0)
+	return
+}
+
+func GetStdHandle(stdhandle uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procGetStdHandle.Addr(), 1, uintptr(stdhandle), 0, 0)
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getSystemDirectory(dir *uint16, dirLen uint32) (len uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetSystemDirectoryW.Addr(), 2, uintptr(unsafe.Pointer(dir)), uintptr(dirLen), 0)
+	len = uint32(r0)
+	if len == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getSystemPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetSystemPreferredUILanguages.Addr(), 4, uintptr(flags), uintptr(unsafe.Pointer(numLanguages)), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(bufSize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetSystemTimeAsFileTime(time *Filetime) {
+	syscall.Syscall(procGetSystemTimeAsFileTime.Addr(), 1, uintptr(unsafe.Pointer(time)), 0, 0)
+	return
+}
+
+func GetSystemTimePreciseAsFileTime(time *Filetime) {
+	syscall.Syscall(procGetSystemTimePreciseAsFileTime.Addr(), 1, uintptr(unsafe.Pointer(time)), 0, 0)
+	return
+}
+
+func getSystemWindowsDirectory(dir *uint16, dirLen uint32) (len uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetSystemWindowsDirectoryW.Addr(), 2, uintptr(unsafe.Pointer(dir)), uintptr(dirLen), 0)
+	len = uint32(r0)
+	if len == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetTempPath(buflen uint32, buf *uint16) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetTempPathW.Addr(), 2, uintptr(buflen), uintptr(unsafe.Pointer(buf)), 0)
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getThreadPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetThreadPreferredUILanguages.Addr(), 4, uintptr(flags), uintptr(unsafe.Pointer(numLanguages)), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(bufSize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getTickCount64() (ms uint64) {
+	r0, _, _ := syscall.Syscall(procGetTickCount64.Addr(), 0, 0, 0, 0)
+	ms = uint64(r0)
+	return
+}
+
+func GetTimeZoneInformation(tzi *Timezoneinformation) (rc uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetTimeZoneInformation.Addr(), 1, uintptr(unsafe.Pointer(tzi)), 0, 0)
+	rc = uint32(r0)
+	if rc == 0xffffffff {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getUserPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetUserPreferredUILanguages.Addr(), 4, uintptr(flags), uintptr(unsafe.Pointer(numLanguages)), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(bufSize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetVersion() (ver uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetVersion.Addr(), 0, 0, 0, 0)
+	ver = uint32(r0)
+	if ver == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetVolumeInformationByHandle(file Handle, volumeNameBuffer *uint16, volumeNameSize uint32, volumeNameSerialNumber *uint32, maximumComponentLength *uint32, fileSystemFlags *uint32, fileSystemNameBuffer *uint16, fileSystemNameSize uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procGetVolumeInformationByHandleW.Addr(), 8, uintptr(file), uintptr(unsafe.Pointer(volumeNameBuffer)), uintptr(volumeNameSize), uintptr(unsafe.Pointer(volumeNameSerialNumber)), uintptr(unsafe.Pointer(maximumComponentLength)), uintptr(unsafe.Pointer(fileSystemFlags)), uintptr(unsafe.Pointer(fileSystemNameBuffer)), uintptr(fileSystemNameSize), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetVolumeInformation(rootPathName *uint16, volumeNameBuffer *uint16, volumeNameSize uint32, volumeNameSerialNumber *uint32, maximumComponentLength *uint32, fileSystemFlags *uint32, fileSystemNameBuffer *uint16, fileSystemNameSize uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procGetVolumeInformationW.Addr(), 8, uintptr(unsafe.Pointer(rootPathName)), uintptr(unsafe.Pointer(volumeNameBuffer)), uintptr(volumeNameSize), uintptr(unsafe.Pointer(volumeNameSerialNumber)), uintptr(unsafe.Pointer(maximumComponentLength)), uintptr(unsafe.Pointer(fileSystemFlags)), uintptr(unsafe.Pointer(fileSystemNameBuffer)), uintptr(fileSystemNameSize), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetVolumeNameForVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16, bufferlength uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetVolumeNameForVolumeMountPointW.Addr(), 3, uintptr(unsafe.Pointer(volumeMountPoint)), uintptr(unsafe.Pointer(volumeName)), uintptr(bufferlength))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetVolumePathName(fileName *uint16, volumePathName *uint16, bufferLength uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetVolumePathNameW.Addr(), 3, uintptr(unsafe.Pointer(fileName)), uintptr(unsafe.Pointer(volumePathName)), uintptr(bufferLength))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetVolumePathNamesForVolumeName(volumeName *uint16, volumePathNames *uint16, bufferLength uint32, returnLength *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetVolumePathNamesForVolumeNameW.Addr(), 4, uintptr(unsafe.Pointer(volumeName)), uintptr(unsafe.Pointer(volumePathNames)), uintptr(bufferLength), uintptr(unsafe.Pointer(returnLength)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getWindowsDirectory(dir *uint16, dirLen uint32) (len uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetWindowsDirectoryW.Addr(), 2, uintptr(unsafe.Pointer(dir)), uintptr(dirLen), 0)
+	len = uint32(r0)
+	if len == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func initializeProcThreadAttributeList(attrlist *ProcThreadAttributeList, attrcount uint32, flags uint32, size *uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procInitializeProcThreadAttributeList.Addr(), 4, uintptr(unsafe.Pointer(attrlist)), uintptr(attrcount), uintptr(flags), uintptr(unsafe.Pointer(size)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func IsWow64Process(handle Handle, isWow64 *bool) (err error) {
+	var _p0 uint32
+	if *isWow64 {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall(procIsWow64Process.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(&_p0)), 0)
+	*isWow64 = _p0 != 0
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func IsWow64Process2(handle Handle, processMachine *uint16, nativeMachine *uint16) (err error) {
+	err = procIsWow64Process2.Find()
+	if err != nil {
+		return
+	}
+	r1, _, e1 := syscall.Syscall(procIsWow64Process2.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(processMachine)), uintptr(unsafe.Pointer(nativeMachine)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LoadLibraryEx(libname string, zero Handle, flags uintptr) (handle Handle, err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(libname)
+	if err != nil {
+		return
+	}
+	return _LoadLibraryEx(_p0, zero, flags)
+}
+
+func _LoadLibraryEx(libname *uint16, zero Handle, flags uintptr) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procLoadLibraryExW.Addr(), 3, uintptr(unsafe.Pointer(libname)), uintptr(zero), uintptr(flags))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LoadLibrary(libname string) (handle Handle, err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(libname)
+	if err != nil {
+		return
+	}
+	return _LoadLibrary(_p0)
+}
+
+func _LoadLibrary(libname *uint16) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procLoadLibraryW.Addr(), 1, uintptr(unsafe.Pointer(libname)), 0, 0)
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LoadResource(module Handle, resInfo Handle) (resData Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procLoadResource.Addr(), 2, uintptr(module), uintptr(resInfo), 0)
+	resData = Handle(r0)
+	if resData == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LocalAlloc(flags uint32, length uint32) (ptr uintptr, err error) {
+	r0, _, e1 := syscall.Syscall(procLocalAlloc.Addr(), 2, uintptr(flags), uintptr(length), 0)
+	ptr = uintptr(r0)
+	if ptr == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LocalFree(hmem Handle) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procLocalFree.Addr(), 1, uintptr(hmem), 0, 0)
+	handle = Handle(r0)
+	if handle != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LockFileEx(file Handle, flags uint32, reserved uint32, bytesLow uint32, bytesHigh uint32, overlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall6(procLockFileEx.Addr(), 6, uintptr(file), uintptr(flags), uintptr(reserved), uintptr(bytesLow), uintptr(bytesHigh), uintptr(unsafe.Pointer(overlapped)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func LockResource(resData Handle) (addr uintptr, err error) {
+	r0, _, e1 := syscall.Syscall(procLockResource.Addr(), 1, uintptr(resData), 0, 0)
+	addr = uintptr(r0)
+	if addr == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func MapViewOfFile(handle Handle, access uint32, offsetHigh uint32, offsetLow uint32, length uintptr) (addr uintptr, err error) {
+	r0, _, e1 := syscall.Syscall6(procMapViewOfFile.Addr(), 5, uintptr(handle), uintptr(access), uintptr(offsetHigh), uintptr(offsetLow), uintptr(length), 0)
+	addr = uintptr(r0)
+	if addr == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Module32First(snapshot Handle, moduleEntry *ModuleEntry32) (err error) {
+	r1, _, e1 := syscall.Syscall(procModule32FirstW.Addr(), 2, uintptr(snapshot), uintptr(unsafe.Pointer(moduleEntry)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Module32Next(snapshot Handle, moduleEntry *ModuleEntry32) (err error) {
+	r1, _, e1 := syscall.Syscall(procModule32NextW.Addr(), 2, uintptr(snapshot), uintptr(unsafe.Pointer(moduleEntry)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func MoveFileEx(from *uint16, to *uint16, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procMoveFileExW.Addr(), 3, uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(to)), uintptr(flags))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func MoveFile(from *uint16, to *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procMoveFileW.Addr(), 2, uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(to)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func MultiByteToWideChar(codePage uint32, dwFlags uint32, str *byte, nstr int32, wchar *uint16, nwchar int32) (nwrite int32, err error) {
+	r0, _, e1 := syscall.Syscall6(procMultiByteToWideChar.Addr(), 6, uintptr(codePage), uintptr(dwFlags), uintptr(unsafe.Pointer(str)), uintptr(nstr), uintptr(unsafe.Pointer(wchar)), uintptr(nwchar))
+	nwrite = int32(r0)
+	if nwrite == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func OpenEvent(desiredAccess uint32, inheritHandle bool, name *uint16) (handle Handle, err error) {
+	var _p0 uint32
+	if inheritHandle {
+		_p0 = 1
+	}
+	r0, _, e1 := syscall.Syscall(procOpenEventW.Addr(), 3, uintptr(desiredAccess), uintptr(_p0), uintptr(unsafe.Pointer(name)))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func OpenMutex(desiredAccess uint32, inheritHandle bool, name *uint16) (handle Handle, err error) {
+	var _p0 uint32
+	if inheritHandle {
+		_p0 = 1
+	}
+	r0, _, e1 := syscall.Syscall(procOpenMutexW.Addr(), 3, uintptr(desiredAccess), uintptr(_p0), uintptr(unsafe.Pointer(name)))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func OpenProcess(desiredAccess uint32, inheritHandle bool, processId uint32) (handle Handle, err error) {
+	var _p0 uint32
+	if inheritHandle {
+		_p0 = 1
+	}
+	r0, _, e1 := syscall.Syscall(procOpenProcess.Addr(), 3, uintptr(desiredAccess), uintptr(_p0), uintptr(processId))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func OpenThread(desiredAccess uint32, inheritHandle bool, threadId uint32) (handle Handle, err error) {
+	var _p0 uint32
+	if inheritHandle {
+		_p0 = 1
+	}
+	r0, _, e1 := syscall.Syscall(procOpenThread.Addr(), 3, uintptr(desiredAccess), uintptr(_p0), uintptr(threadId))
+	handle = Handle(r0)
+	if handle == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uintptr, overlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall6(procPostQueuedCompletionStatus.Addr(), 4, uintptr(cphandle), uintptr(qty), uintptr(key), uintptr(unsafe.Pointer(overlapped)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Process32First(snapshot Handle, procEntry *ProcessEntry32) (err error) {
+	r1, _, e1 := syscall.Syscall(procProcess32FirstW.Addr(), 2, uintptr(snapshot), uintptr(unsafe.Pointer(procEntry)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Process32Next(snapshot Handle, procEntry *ProcessEntry32) (err error) {
+	r1, _, e1 := syscall.Syscall(procProcess32NextW.Addr(), 2, uintptr(snapshot), uintptr(unsafe.Pointer(procEntry)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ProcessIdToSessionId(pid uint32, sessionid *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procProcessIdToSessionId.Addr(), 2, uintptr(pid), uintptr(unsafe.Pointer(sessionid)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func PulseEvent(event Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procPulseEvent.Addr(), 1, uintptr(event), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func PurgeComm(handle Handle, dwFlags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procPurgeComm.Addr(), 2, uintptr(handle), uintptr(dwFlags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryDosDevice(deviceName *uint16, targetPath *uint16, max uint32) (n uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procQueryDosDeviceW.Addr(), 3, uintptr(unsafe.Pointer(deviceName)), uintptr(unsafe.Pointer(targetPath)), uintptr(max))
+	n = uint32(r0)
+	if n == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryFullProcessImageName(proc Handle, flags uint32, exeName *uint16, size *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procQueryFullProcessImageNameW.Addr(), 4, uintptr(proc), uintptr(flags), uintptr(unsafe.Pointer(exeName)), uintptr(unsafe.Pointer(size)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryInformationJobObject(job Handle, JobObjectInformationClass int32, JobObjectInformation uintptr, JobObjectInformationLength uint32, retlen *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procQueryInformationJobObject.Addr(), 5, uintptr(job), uintptr(JobObjectInformationClass), uintptr(JobObjectInformation), uintptr(JobObjectInformationLength), uintptr(unsafe.Pointer(retlen)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ReadConsole(console Handle, buf *uint16, toread uint32, read *uint32, inputControl *byte) (err error) {
+	r1, _, e1 := syscall.Syscall6(procReadConsoleW.Addr(), 5, uintptr(console), uintptr(unsafe.Pointer(buf)), uintptr(toread), uintptr(unsafe.Pointer(read)), uintptr(unsafe.Pointer(inputControl)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ReadDirectoryChanges(handle Handle, buf *byte, buflen uint32, watchSubTree bool, mask uint32, retlen *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) {
+	var _p0 uint32
+	if watchSubTree {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall9(procReadDirectoryChangesW.Addr(), 8, uintptr(handle), uintptr(unsafe.Pointer(buf)), uintptr(buflen), uintptr(_p0), uintptr(mask), uintptr(unsafe.Pointer(retlen)), uintptr(unsafe.Pointer(overlapped)), uintptr(completionRoutine), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func readFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error) {
+	var _p0 *byte
+	if len(buf) > 0 {
+		_p0 = &buf[0]
+	}
+	r1, _, e1 := syscall.Syscall6(procReadFile.Addr(), 5, uintptr(handle), uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), uintptr(unsafe.Pointer(done)), uintptr(unsafe.Pointer(overlapped)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ReadProcessMemory(process Handle, baseAddress uintptr, buffer *byte, size uintptr, numberOfBytesRead *uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procReadProcessMemory.Addr(), 5, uintptr(process), uintptr(baseAddress), uintptr(unsafe.Pointer(buffer)), uintptr(size), uintptr(unsafe.Pointer(numberOfBytesRead)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ReleaseMutex(mutex Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procReleaseMutex.Addr(), 1, uintptr(mutex), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func RemoveDirectory(path *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procRemoveDirectoryW.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func RemoveDllDirectory(cookie uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procRemoveDllDirectory.Addr(), 1, uintptr(cookie), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ResetEvent(event Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procResetEvent.Addr(), 1, uintptr(event), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func resizePseudoConsole(pconsole Handle, size uint32) (hr error) {
+	r0, _, _ := syscall.Syscall(procResizePseudoConsole.Addr(), 2, uintptr(pconsole), uintptr(size), 0)
+	if r0 != 0 {
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func ResumeThread(thread Handle) (ret uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procResumeThread.Addr(), 1, uintptr(thread), 0, 0)
+	ret = uint32(r0)
+	if ret == 0xffffffff {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetCommBreak(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetCommBreak.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetCommMask(handle Handle, dwEvtMask uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetCommMask.Addr(), 2, uintptr(handle), uintptr(dwEvtMask), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetCommState(handle Handle, lpDCB *DCB) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetCommState.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpDCB)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetCommTimeouts.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(timeouts)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetConsoleCP(cp uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetConsoleCP.Addr(), 1, uintptr(cp), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setConsoleCursorPosition(console Handle, position uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetConsoleCursorPosition.Addr(), 2, uintptr(console), uintptr(position), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetConsoleMode(console Handle, mode uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetConsoleMode.Addr(), 2, uintptr(console), uintptr(mode), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetConsoleOutputCP(cp uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetConsoleOutputCP.Addr(), 1, uintptr(cp), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetCurrentDirectory(path *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetCurrentDirectoryW.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetDefaultDllDirectories(directoryFlags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetDefaultDllDirectories.Addr(), 1, uintptr(directoryFlags), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetDllDirectory(path string) (err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(path)
+	if err != nil {
+		return
+	}
+	return _SetDllDirectory(_p0)
+}
+
+func _SetDllDirectory(path *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetDllDirectoryW.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetEndOfFile(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetEndOfFile.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetEnvironmentVariable(name *uint16, value *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetEnvironmentVariableW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(value)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetErrorMode(mode uint32) (ret uint32) {
+	r0, _, _ := syscall.Syscall(procSetErrorMode.Addr(), 1, uintptr(mode), 0, 0)
+	ret = uint32(r0)
+	return
+}
+
+func SetEvent(event Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetEvent.Addr(), 1, uintptr(event), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetFileAttributes(name *uint16, attrs uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetFileAttributesW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(attrs), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetFileCompletionNotificationModes(handle Handle, flags uint8) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetFileCompletionNotificationModes.Addr(), 2, uintptr(handle), uintptr(flags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetFileInformationByHandle(handle Handle, class uint32, inBuffer *byte, inBufferLen uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetFileInformationByHandle.Addr(), 4, uintptr(handle), uintptr(class), uintptr(unsafe.Pointer(inBuffer)), uintptr(inBufferLen), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetFilePointer(handle Handle, lowoffset int32, highoffsetptr *int32, whence uint32) (newlowoffset uint32, err error) {
+	r0, _, e1 := syscall.Syscall6(procSetFilePointer.Addr(), 4, uintptr(handle), uintptr(lowoffset), uintptr(unsafe.Pointer(highoffsetptr)), uintptr(whence), 0, 0)
+	newlowoffset = uint32(r0)
+	if newlowoffset == 0xffffffff {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetFileTime.Addr(), 4, uintptr(handle), uintptr(unsafe.Pointer(ctime)), uintptr(unsafe.Pointer(atime)), uintptr(unsafe.Pointer(wtime)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetFileValidData(handle Handle, validDataLength int64) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetFileValidData.Addr(), 2, uintptr(handle), uintptr(validDataLength), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetHandleInformation(handle Handle, mask uint32, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetHandleInformation.Addr(), 3, uintptr(handle), uintptr(mask), uintptr(flags))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetInformationJobObject(job Handle, JobObjectInformationClass uint32, JobObjectInformation uintptr, JobObjectInformationLength uint32) (ret int, err error) {
+	r0, _, e1 := syscall.Syscall6(procSetInformationJobObject.Addr(), 4, uintptr(job), uintptr(JobObjectInformationClass), uintptr(JobObjectInformation), uintptr(JobObjectInformationLength), 0, 0)
+	ret = int(r0)
+	if ret == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetNamedPipeHandleState(pipe Handle, state *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetNamedPipeHandleState.Addr(), 4, uintptr(pipe), uintptr(unsafe.Pointer(state)), uintptr(unsafe.Pointer(maxCollectionCount)), uintptr(unsafe.Pointer(collectDataTimeout)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetPriorityClass(process Handle, priorityClass uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetPriorityClass.Addr(), 2, uintptr(process), uintptr(priorityClass), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetProcessPriorityBoost(process Handle, disable bool) (err error) {
+	var _p0 uint32
+	if disable {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall(procSetProcessPriorityBoost.Addr(), 2, uintptr(process), uintptr(_p0), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetProcessShutdownParameters(level uint32, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetProcessShutdownParameters.Addr(), 2, uintptr(level), uintptr(flags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetProcessWorkingSetSizeEx(hProcess Handle, dwMinimumWorkingSetSize uintptr, dwMaximumWorkingSetSize uintptr, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetProcessWorkingSetSizeEx.Addr(), 4, uintptr(hProcess), uintptr(dwMinimumWorkingSetSize), uintptr(dwMaximumWorkingSetSize), uintptr(flags), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetStdHandle(stdhandle uint32, handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetStdHandle.Addr(), 2, uintptr(stdhandle), uintptr(handle), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetVolumeLabel(rootPathName *uint16, volumeName *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetVolumeLabelW.Addr(), 2, uintptr(unsafe.Pointer(rootPathName)), uintptr(unsafe.Pointer(volumeName)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetVolumeMountPointW.Addr(), 2, uintptr(unsafe.Pointer(volumeMountPoint)), uintptr(unsafe.Pointer(volumeName)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupComm(handle Handle, dwInQueue uint32, dwOutQueue uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupComm.Addr(), 3, uintptr(handle), uintptr(dwInQueue), uintptr(dwOutQueue))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SizeofResource(module Handle, resInfo Handle) (size uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procSizeofResource.Addr(), 2, uintptr(module), uintptr(resInfo), 0)
+	size = uint32(r0)
+	if size == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SleepEx(milliseconds uint32, alertable bool) (ret uint32) {
+	var _p0 uint32
+	if alertable {
+		_p0 = 1
+	}
+	r0, _, _ := syscall.Syscall(procSleepEx.Addr(), 2, uintptr(milliseconds), uintptr(_p0), 0)
+	ret = uint32(r0)
+	return
+}
+
+func TerminateJobObject(job Handle, exitCode uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procTerminateJobObject.Addr(), 2, uintptr(job), uintptr(exitCode), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func TerminateProcess(handle Handle, exitcode uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procTerminateProcess.Addr(), 2, uintptr(handle), uintptr(exitcode), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Thread32First(snapshot Handle, threadEntry *ThreadEntry32) (err error) {
+	r1, _, e1 := syscall.Syscall(procThread32First.Addr(), 2, uintptr(snapshot), uintptr(unsafe.Pointer(threadEntry)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Thread32Next(snapshot Handle, threadEntry *ThreadEntry32) (err error) {
+	r1, _, e1 := syscall.Syscall(procThread32Next.Addr(), 2, uintptr(snapshot), uintptr(unsafe.Pointer(threadEntry)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func UnlockFileEx(file Handle, reserved uint32, bytesLow uint32, bytesHigh uint32, overlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall6(procUnlockFileEx.Addr(), 5, uintptr(file), uintptr(reserved), uintptr(bytesLow), uintptr(bytesHigh), uintptr(unsafe.Pointer(overlapped)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func UnmapViewOfFile(addr uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procUnmapViewOfFile.Addr(), 1, uintptr(addr), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func updateProcThreadAttribute(attrlist *ProcThreadAttributeList, flags uint32, attr uintptr, value unsafe.Pointer, size uintptr, prevvalue unsafe.Pointer, returnedsize *uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall9(procUpdateProcThreadAttribute.Addr(), 7, uintptr(unsafe.Pointer(attrlist)), uintptr(flags), uintptr(attr), uintptr(value), uintptr(size), uintptr(prevvalue), uintptr(unsafe.Pointer(returnedsize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VirtualAlloc(address uintptr, size uintptr, alloctype uint32, protect uint32) (value uintptr, err error) {
+	r0, _, e1 := syscall.Syscall6(procVirtualAlloc.Addr(), 4, uintptr(address), uintptr(size), uintptr(alloctype), uintptr(protect), 0, 0)
+	value = uintptr(r0)
+	if value == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VirtualFree(address uintptr, size uintptr, freetype uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procVirtualFree.Addr(), 3, uintptr(address), uintptr(size), uintptr(freetype))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VirtualLock(addr uintptr, length uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procVirtualLock.Addr(), 2, uintptr(addr), uintptr(length), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VirtualProtect(address uintptr, size uintptr, newprotect uint32, oldprotect *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procVirtualProtect.Addr(), 4, uintptr(address), uintptr(size), uintptr(newprotect), uintptr(unsafe.Pointer(oldprotect)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VirtualProtectEx(process Handle, address uintptr, size uintptr, newProtect uint32, oldProtect *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procVirtualProtectEx.Addr(), 5, uintptr(process), uintptr(address), uintptr(size), uintptr(newProtect), uintptr(unsafe.Pointer(oldProtect)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VirtualQuery(address uintptr, buffer *MemoryBasicInformation, length uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procVirtualQuery.Addr(), 3, uintptr(address), uintptr(unsafe.Pointer(buffer)), uintptr(length))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VirtualQueryEx(process Handle, address uintptr, buffer *MemoryBasicInformation, length uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procVirtualQueryEx.Addr(), 4, uintptr(process), uintptr(address), uintptr(unsafe.Pointer(buffer)), uintptr(length), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VirtualUnlock(addr uintptr, length uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procVirtualUnlock.Addr(), 2, uintptr(addr), uintptr(length), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WTSGetActiveConsoleSessionId() (sessionID uint32) {
+	r0, _, _ := syscall.Syscall(procWTSGetActiveConsoleSessionId.Addr(), 0, 0, 0, 0)
+	sessionID = uint32(r0)
+	return
+}
+
+func WaitCommEvent(handle Handle, lpEvtMask *uint32, lpOverlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall(procWaitCommEvent.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(lpEvtMask)), uintptr(unsafe.Pointer(lpOverlapped)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func waitForMultipleObjects(count uint32, handles uintptr, waitAll bool, waitMilliseconds uint32) (event uint32, err error) {
+	var _p0 uint32
+	if waitAll {
+		_p0 = 1
+	}
+	r0, _, e1 := syscall.Syscall6(procWaitForMultipleObjects.Addr(), 4, uintptr(count), uintptr(handles), uintptr(_p0), uintptr(waitMilliseconds), 0, 0)
+	event = uint32(r0)
+	if event == 0xffffffff {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WaitForSingleObject(handle Handle, waitMilliseconds uint32) (event uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procWaitForSingleObject.Addr(), 2, uintptr(handle), uintptr(waitMilliseconds), 0)
+	event = uint32(r0)
+	if event == 0xffffffff {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WriteConsole(console Handle, buf *uint16, towrite uint32, written *uint32, reserved *byte) (err error) {
+	r1, _, e1 := syscall.Syscall6(procWriteConsoleW.Addr(), 5, uintptr(console), uintptr(unsafe.Pointer(buf)), uintptr(towrite), uintptr(unsafe.Pointer(written)), uintptr(unsafe.Pointer(reserved)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func writeFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error) {
+	var _p0 *byte
+	if len(buf) > 0 {
+		_p0 = &buf[0]
+	}
+	r1, _, e1 := syscall.Syscall6(procWriteFile.Addr(), 5, uintptr(handle), uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), uintptr(unsafe.Pointer(done)), uintptr(unsafe.Pointer(overlapped)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WriteProcessMemory(process Handle, baseAddress uintptr, buffer *byte, size uintptr, numberOfBytesWritten *uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procWriteProcessMemory.Addr(), 5, uintptr(process), uintptr(baseAddress), uintptr(unsafe.Pointer(buffer)), uintptr(size), uintptr(unsafe.Pointer(numberOfBytesWritten)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func AcceptEx(ls Handle, as Handle, buf *byte, rxdatalen uint32, laddrlen uint32, raddrlen uint32, recvd *uint32, overlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall9(procAcceptEx.Addr(), 8, uintptr(ls), uintptr(as), uintptr(unsafe.Pointer(buf)), uintptr(rxdatalen), uintptr(laddrlen), uintptr(raddrlen), uintptr(unsafe.Pointer(recvd)), uintptr(unsafe.Pointer(overlapped)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetAcceptExSockaddrs(buf *byte, rxdatalen uint32, laddrlen uint32, raddrlen uint32, lrsa **RawSockaddrAny, lrsalen *int32, rrsa **RawSockaddrAny, rrsalen *int32) {
+	syscall.Syscall9(procGetAcceptExSockaddrs.Addr(), 8, uintptr(unsafe.Pointer(buf)), uintptr(rxdatalen), uintptr(laddrlen), uintptr(raddrlen), uintptr(unsafe.Pointer(lrsa)), uintptr(unsafe.Pointer(lrsalen)), uintptr(unsafe.Pointer(rrsa)), uintptr(unsafe.Pointer(rrsalen)), 0)
+	return
+}
+
+func TransmitFile(s Handle, handle Handle, bytesToWrite uint32, bytsPerSend uint32, overlapped *Overlapped, transmitFileBuf *TransmitFileBuffers, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procTransmitFile.Addr(), 7, uintptr(s), uintptr(handle), uintptr(bytesToWrite), uintptr(bytsPerSend), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(transmitFileBuf)), uintptr(flags), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func NetApiBufferFree(buf *byte) (neterr error) {
+	r0, _, _ := syscall.Syscall(procNetApiBufferFree.Addr(), 1, uintptr(unsafe.Pointer(buf)), 0, 0)
+	if r0 != 0 {
+		neterr = syscall.Errno(r0)
+	}
+	return
+}
+
+func NetGetJoinInformation(server *uint16, name **uint16, bufType *uint32) (neterr error) {
+	r0, _, _ := syscall.Syscall(procNetGetJoinInformation.Addr(), 3, uintptr(unsafe.Pointer(server)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(bufType)))
+	if r0 != 0 {
+		neterr = syscall.Errno(r0)
+	}
+	return
+}
+
+func NetUserEnum(serverName *uint16, level uint32, filter uint32, buf **byte, prefMaxLen uint32, entriesRead *uint32, totalEntries *uint32, resumeHandle *uint32) (neterr error) {
+	r0, _, _ := syscall.Syscall9(procNetUserEnum.Addr(), 8, uintptr(unsafe.Pointer(serverName)), uintptr(level), uintptr(filter), uintptr(unsafe.Pointer(buf)), uintptr(prefMaxLen), uintptr(unsafe.Pointer(entriesRead)), uintptr(unsafe.Pointer(totalEntries)), uintptr(unsafe.Pointer(resumeHandle)), 0)
+	if r0 != 0 {
+		neterr = syscall.Errno(r0)
+	}
+	return
+}
+
+func NetUserGetInfo(serverName *uint16, userName *uint16, level uint32, buf **byte) (neterr error) {
+	r0, _, _ := syscall.Syscall6(procNetUserGetInfo.Addr(), 4, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(userName)), uintptr(level), uintptr(unsafe.Pointer(buf)), 0, 0)
+	if r0 != 0 {
+		neterr = syscall.Errno(r0)
+	}
+	return
+}
+
+func NtCreateFile(handle *Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, allocationSize *int64, attributes uint32, share uint32, disposition uint32, options uint32, eabuffer uintptr, ealength uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall12(procNtCreateFile.Addr(), 11, uintptr(unsafe.Pointer(handle)), uintptr(access), uintptr(unsafe.Pointer(oa)), uintptr(unsafe.Pointer(iosb)), uintptr(unsafe.Pointer(allocationSize)), uintptr(attributes), uintptr(share), uintptr(disposition), uintptr(options), uintptr(eabuffer), uintptr(ealength), 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func NtCreateNamedPipeFile(pipe *Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (ntstatus error) {
+	r0, _, _ := syscall.Syscall15(procNtCreateNamedPipeFile.Addr(), 14, uintptr(unsafe.Pointer(pipe)), uintptr(access), uintptr(unsafe.Pointer(oa)), uintptr(unsafe.Pointer(iosb)), uintptr(share), uintptr(disposition), uintptr(options), uintptr(typ), uintptr(readMode), uintptr(completionMode), uintptr(maxInstances), uintptr(inboundQuota), uintptr(outputQuota), uintptr(unsafe.Pointer(timeout)), 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func NtQueryInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32, retLen *uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall6(procNtQueryInformationProcess.Addr(), 5, uintptr(proc), uintptr(procInfoClass), uintptr(procInfo), uintptr(procInfoLen), uintptr(unsafe.Pointer(retLen)), 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func NtQuerySystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32, retLen *uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall6(procNtQuerySystemInformation.Addr(), 4, uintptr(sysInfoClass), uintptr(sysInfo), uintptr(sysInfoLen), uintptr(unsafe.Pointer(retLen)), 0, 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func NtSetInformationFile(handle Handle, iosb *IO_STATUS_BLOCK, inBuffer *byte, inBufferLen uint32, class uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall6(procNtSetInformationFile.Addr(), 5, uintptr(handle), uintptr(unsafe.Pointer(iosb)), uintptr(unsafe.Pointer(inBuffer)), uintptr(inBufferLen), uintptr(class), 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func NtSetInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall6(procNtSetInformationProcess.Addr(), 4, uintptr(proc), uintptr(procInfoClass), uintptr(procInfo), uintptr(procInfoLen), 0, 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func NtSetSystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32) (ntstatus error) {
+	r0, _, _ := syscall.Syscall(procNtSetSystemInformation.Addr(), 3, uintptr(sysInfoClass), uintptr(sysInfo), uintptr(sysInfoLen))
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func RtlAddFunctionTable(functionTable *RUNTIME_FUNCTION, entryCount uint32, baseAddress uintptr) (ret bool) {
+	r0, _, _ := syscall.Syscall(procRtlAddFunctionTable.Addr(), 3, uintptr(unsafe.Pointer(functionTable)), uintptr(entryCount), uintptr(baseAddress))
+	ret = r0 != 0
+	return
+}
+
+func RtlDefaultNpAcl(acl **ACL) (ntstatus error) {
+	r0, _, _ := syscall.Syscall(procRtlDefaultNpAcl.Addr(), 1, uintptr(unsafe.Pointer(acl)), 0, 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func RtlDeleteFunctionTable(functionTable *RUNTIME_FUNCTION) (ret bool) {
+	r0, _, _ := syscall.Syscall(procRtlDeleteFunctionTable.Addr(), 1, uintptr(unsafe.Pointer(functionTable)), 0, 0)
+	ret = r0 != 0
+	return
+}
+
+func RtlDosPathNameToNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) {
+	r0, _, _ := syscall.Syscall6(procRtlDosPathNameToNtPathName_U_WithStatus.Addr(), 4, uintptr(unsafe.Pointer(dosName)), uintptr(unsafe.Pointer(ntName)), uintptr(unsafe.Pointer(ntFileNamePart)), uintptr(unsafe.Pointer(relativeName)), 0, 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func RtlDosPathNameToRelativeNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) {
+	r0, _, _ := syscall.Syscall6(procRtlDosPathNameToRelativeNtPathName_U_WithStatus.Addr(), 4, uintptr(unsafe.Pointer(dosName)), uintptr(unsafe.Pointer(ntName)), uintptr(unsafe.Pointer(ntFileNamePart)), uintptr(unsafe.Pointer(relativeName)), 0, 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func RtlGetCurrentPeb() (peb *PEB) {
+	r0, _, _ := syscall.Syscall(procRtlGetCurrentPeb.Addr(), 0, 0, 0, 0)
+	peb = (*PEB)(unsafe.Pointer(r0))
+	return
+}
+
+func rtlGetNtVersionNumbers(majorVersion *uint32, minorVersion *uint32, buildNumber *uint32) {
+	syscall.Syscall(procRtlGetNtVersionNumbers.Addr(), 3, uintptr(unsafe.Pointer(majorVersion)), uintptr(unsafe.Pointer(minorVersion)), uintptr(unsafe.Pointer(buildNumber)))
+	return
+}
+
+func rtlGetVersion(info *OsVersionInfoEx) (ntstatus error) {
+	r0, _, _ := syscall.Syscall(procRtlGetVersion.Addr(), 1, uintptr(unsafe.Pointer(info)), 0, 0)
+	if r0 != 0 {
+		ntstatus = NTStatus(r0)
+	}
+	return
+}
+
+func RtlInitString(destinationString *NTString, sourceString *byte) {
+	syscall.Syscall(procRtlInitString.Addr(), 2, uintptr(unsafe.Pointer(destinationString)), uintptr(unsafe.Pointer(sourceString)), 0)
+	return
+}
+
+func RtlInitUnicodeString(destinationString *NTUnicodeString, sourceString *uint16) {
+	syscall.Syscall(procRtlInitUnicodeString.Addr(), 2, uintptr(unsafe.Pointer(destinationString)), uintptr(unsafe.Pointer(sourceString)), 0)
+	return
+}
+
+func rtlNtStatusToDosErrorNoTeb(ntstatus NTStatus) (ret syscall.Errno) {
+	r0, _, _ := syscall.Syscall(procRtlNtStatusToDosErrorNoTeb.Addr(), 1, uintptr(ntstatus), 0, 0)
+	ret = syscall.Errno(r0)
+	return
+}
+
+func clsidFromString(lpsz *uint16, pclsid *GUID) (ret error) {
+	r0, _, _ := syscall.Syscall(procCLSIDFromString.Addr(), 2, uintptr(unsafe.Pointer(lpsz)), uintptr(unsafe.Pointer(pclsid)), 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func coCreateGuid(pguid *GUID) (ret error) {
+	r0, _, _ := syscall.Syscall(procCoCreateGuid.Addr(), 1, uintptr(unsafe.Pointer(pguid)), 0, 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func CoGetObject(name *uint16, bindOpts *BIND_OPTS3, guid *GUID, functionTable **uintptr) (ret error) {
+	r0, _, _ := syscall.Syscall6(procCoGetObject.Addr(), 4, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(bindOpts)), uintptr(unsafe.Pointer(guid)), uintptr(unsafe.Pointer(functionTable)), 0, 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func CoInitializeEx(reserved uintptr, coInit uint32) (ret error) {
+	r0, _, _ := syscall.Syscall(procCoInitializeEx.Addr(), 2, uintptr(reserved), uintptr(coInit), 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func CoTaskMemFree(address unsafe.Pointer) {
+	syscall.Syscall(procCoTaskMemFree.Addr(), 1, uintptr(address), 0, 0)
+	return
+}
+
+func CoUninitialize() {
+	syscall.Syscall(procCoUninitialize.Addr(), 0, 0, 0, 0)
+	return
+}
+
+func stringFromGUID2(rguid *GUID, lpsz *uint16, cchMax int32) (chars int32) {
+	r0, _, _ := syscall.Syscall(procStringFromGUID2.Addr(), 3, uintptr(unsafe.Pointer(rguid)), uintptr(unsafe.Pointer(lpsz)), uintptr(cchMax))
+	chars = int32(r0)
+	return
+}
+
+func EnumProcessModules(process Handle, module *Handle, cb uint32, cbNeeded *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procEnumProcessModules.Addr(), 4, uintptr(process), uintptr(unsafe.Pointer(module)), uintptr(cb), uintptr(unsafe.Pointer(cbNeeded)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func EnumProcessModulesEx(process Handle, module *Handle, cb uint32, cbNeeded *uint32, filterFlag uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procEnumProcessModulesEx.Addr(), 5, uintptr(process), uintptr(unsafe.Pointer(module)), uintptr(cb), uintptr(unsafe.Pointer(cbNeeded)), uintptr(filterFlag), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func enumProcesses(processIds *uint32, nSize uint32, bytesReturned *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procEnumProcesses.Addr(), 3, uintptr(unsafe.Pointer(processIds)), uintptr(nSize), uintptr(unsafe.Pointer(bytesReturned)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetModuleBaseName(process Handle, module Handle, baseName *uint16, size uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetModuleBaseNameW.Addr(), 4, uintptr(process), uintptr(module), uintptr(unsafe.Pointer(baseName)), uintptr(size), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetModuleFileNameEx(process Handle, module Handle, filename *uint16, size uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetModuleFileNameExW.Addr(), 4, uintptr(process), uintptr(module), uintptr(unsafe.Pointer(filename)), uintptr(size), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetModuleInformation(process Handle, module Handle, modinfo *ModuleInfo, cb uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetModuleInformation.Addr(), 4, uintptr(process), uintptr(module), uintptr(unsafe.Pointer(modinfo)), uintptr(cb), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func QueryWorkingSetEx(process Handle, pv uintptr, cb uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procQueryWorkingSetEx.Addr(), 3, uintptr(process), uintptr(pv), uintptr(cb))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SubscribeServiceChangeNotifications(service Handle, eventType uint32, callback uintptr, callbackCtx uintptr, subscription *uintptr) (ret error) {
+	ret = procSubscribeServiceChangeNotifications.Find()
+	if ret != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall6(procSubscribeServiceChangeNotifications.Addr(), 5, uintptr(service), uintptr(eventType), uintptr(callback), uintptr(callbackCtx), uintptr(unsafe.Pointer(subscription)), 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func UnsubscribeServiceChangeNotifications(subscription uintptr) (err error) {
+	err = procUnsubscribeServiceChangeNotifications.Find()
+	if err != nil {
+		return
+	}
+	syscall.Syscall(procUnsubscribeServiceChangeNotifications.Addr(), 1, uintptr(subscription), 0, 0)
+	return
+}
+
+func GetUserNameEx(nameFormat uint32, nameBuffre *uint16, nSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetUserNameExW.Addr(), 3, uintptr(nameFormat), uintptr(unsafe.Pointer(nameBuffre)), uintptr(unsafe.Pointer(nSize)))
+	if r1&0xff == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func TranslateName(accName *uint16, accNameFormat uint32, desiredNameFormat uint32, translatedName *uint16, nSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procTranslateNameW.Addr(), 5, uintptr(unsafe.Pointer(accName)), uintptr(accNameFormat), uintptr(desiredNameFormat), uintptr(unsafe.Pointer(translatedName)), uintptr(unsafe.Pointer(nSize)), 0)
+	if r1&0xff == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiBuildDriverInfoList(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiBuildDriverInfoList.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(driverType))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiCallClassInstaller(installFunction DI_FUNCTION, deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiCallClassInstaller.Addr(), 3, uintptr(installFunction), uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiCancelDriverInfoSearch(deviceInfoSet DevInfo) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiCancelDriverInfoSearch.Addr(), 1, uintptr(deviceInfoSet), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiClassGuidsFromNameEx(className *uint16, classGuidList *GUID, classGuidListSize uint32, requiredSize *uint32, machineName *uint16, reserved uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiClassGuidsFromNameExW.Addr(), 6, uintptr(unsafe.Pointer(className)), uintptr(unsafe.Pointer(classGuidList)), uintptr(classGuidListSize), uintptr(unsafe.Pointer(requiredSize)), uintptr(unsafe.Pointer(machineName)), uintptr(reserved))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiClassNameFromGuidEx(classGUID *GUID, className *uint16, classNameSize uint32, requiredSize *uint32, machineName *uint16, reserved uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiClassNameFromGuidExW.Addr(), 6, uintptr(unsafe.Pointer(classGUID)), uintptr(unsafe.Pointer(className)), uintptr(classNameSize), uintptr(unsafe.Pointer(requiredSize)), uintptr(unsafe.Pointer(machineName)), uintptr(reserved))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiCreateDeviceInfoListEx(classGUID *GUID, hwndParent uintptr, machineName *uint16, reserved uintptr) (handle DevInfo, err error) {
+	r0, _, e1 := syscall.Syscall6(procSetupDiCreateDeviceInfoListExW.Addr(), 4, uintptr(unsafe.Pointer(classGUID)), uintptr(hwndParent), uintptr(unsafe.Pointer(machineName)), uintptr(reserved), 0, 0)
+	handle = DevInfo(r0)
+	if handle == DevInfo(InvalidHandle) {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiCreateDeviceInfo(deviceInfoSet DevInfo, DeviceName *uint16, classGUID *GUID, DeviceDescription *uint16, hwndParent uintptr, CreationFlags DICD, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall9(procSetupDiCreateDeviceInfoW.Addr(), 7, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(DeviceName)), uintptr(unsafe.Pointer(classGUID)), uintptr(unsafe.Pointer(DeviceDescription)), uintptr(hwndParent), uintptr(CreationFlags), uintptr(unsafe.Pointer(deviceInfoData)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiDestroyDeviceInfoList(deviceInfoSet DevInfo) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiDestroyDeviceInfoList.Addr(), 1, uintptr(deviceInfoSet), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiDestroyDriverInfoList(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiDestroyDriverInfoList.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(driverType))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiEnumDeviceInfo(deviceInfoSet DevInfo, memberIndex uint32, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiEnumDeviceInfo.Addr(), 3, uintptr(deviceInfoSet), uintptr(memberIndex), uintptr(unsafe.Pointer(deviceInfoData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiEnumDriverInfo(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverType SPDIT, memberIndex uint32, driverInfoData *DrvInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiEnumDriverInfoW.Addr(), 5, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(driverType), uintptr(memberIndex), uintptr(unsafe.Pointer(driverInfoData)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetClassDevsEx(classGUID *GUID, Enumerator *uint16, hwndParent uintptr, Flags DIGCF, deviceInfoSet DevInfo, machineName *uint16, reserved uintptr) (handle DevInfo, err error) {
+	r0, _, e1 := syscall.Syscall9(procSetupDiGetClassDevsExW.Addr(), 7, uintptr(unsafe.Pointer(classGUID)), uintptr(unsafe.Pointer(Enumerator)), uintptr(hwndParent), uintptr(Flags), uintptr(deviceInfoSet), uintptr(unsafe.Pointer(machineName)), uintptr(reserved), 0, 0)
+	handle = DevInfo(r0)
+	if handle == DevInfo(InvalidHandle) {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiGetClassInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32, requiredSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiGetClassInstallParamsW.Addr(), 5, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(classInstallParams)), uintptr(classInstallParamsSize), uintptr(unsafe.Pointer(requiredSize)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceInfoListDetail(deviceInfoSet DevInfo, deviceInfoSetDetailData *DevInfoListDetailData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiGetDeviceInfoListDetailW.Addr(), 2, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoSetDetailData)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiGetDeviceInstallParamsW.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(deviceInstallParams)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceInstanceId(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, instanceId *uint16, instanceIdSize uint32, instanceIdRequiredSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiGetDeviceInstanceIdW.Addr(), 5, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(instanceId)), uintptr(instanceIdSize), uintptr(unsafe.Pointer(instanceIdRequiredSize)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, propertyKey *DEVPROPKEY, propertyType *DEVPROPTYPE, propertyBuffer *byte, propertyBufferSize uint32, requiredSize *uint32, flags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procSetupDiGetDevicePropertyW.Addr(), 8, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(propertyKey)), uintptr(unsafe.Pointer(propertyType)), uintptr(unsafe.Pointer(propertyBuffer)), uintptr(propertyBufferSize), uintptr(unsafe.Pointer(requiredSize)), uintptr(flags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyRegDataType *uint32, propertyBuffer *byte, propertyBufferSize uint32, requiredSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procSetupDiGetDeviceRegistryPropertyW.Addr(), 7, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(property), uintptr(unsafe.Pointer(propertyRegDataType)), uintptr(unsafe.Pointer(propertyBuffer)), uintptr(propertyBufferSize), uintptr(unsafe.Pointer(requiredSize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetDriverInfoDetail(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData, driverInfoDetailData *DrvInfoDetailData, driverInfoDetailDataSize uint32, requiredSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiGetDriverInfoDetailW.Addr(), 6, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(driverInfoData)), uintptr(unsafe.Pointer(driverInfoDetailData)), uintptr(driverInfoDetailDataSize), uintptr(unsafe.Pointer(requiredSize)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetSelectedDevice(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiGetSelectedDevice.Addr(), 2, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiGetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiGetSelectedDriverW.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(driverInfoData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiOpenDevRegKey(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, Scope DICS_FLAG, HwProfile uint32, KeyType DIREG, samDesired uint32) (key Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procSetupDiOpenDevRegKey.Addr(), 6, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(Scope), uintptr(HwProfile), uintptr(KeyType), uintptr(samDesired))
+	key = Handle(r0)
+	if key == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiSetClassInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, classInstallParams *ClassInstallHeader, classInstallParamsSize uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiSetClassInstallParamsW.Addr(), 4, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(classInstallParams)), uintptr(classInstallParamsSize), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiSetDeviceInstallParams(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, deviceInstallParams *DevInstallParams) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiSetDeviceInstallParamsW.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(deviceInstallParams)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupDiSetDeviceRegistryProperty(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, property SPDRP, propertyBuffer *byte, propertyBufferSize uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procSetupDiSetDeviceRegistryPropertyW.Addr(), 5, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(property), uintptr(unsafe.Pointer(propertyBuffer)), uintptr(propertyBufferSize), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiSetSelectedDevice(deviceInfoSet DevInfo, deviceInfoData *DevInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiSetSelectedDevice.Addr(), 2, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetupDiSetSelectedDriver(deviceInfoSet DevInfo, deviceInfoData *DevInfoData, driverInfoData *DrvInfoData) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupDiSetSelectedDriverW.Addr(), 3, uintptr(deviceInfoSet), uintptr(unsafe.Pointer(deviceInfoData)), uintptr(unsafe.Pointer(driverInfoData)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func setupUninstallOEMInf(infFileName *uint16, flags SUOI, reserved uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupUninstallOEMInfW.Addr(), 3, uintptr(unsafe.Pointer(infFileName)), uintptr(flags), uintptr(reserved))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func commandLineToArgv(cmd *uint16, argc *int32) (argv **uint16, err error) {
+	r0, _, e1 := syscall.Syscall(procCommandLineToArgvW.Addr(), 2, uintptr(unsafe.Pointer(cmd)), uintptr(unsafe.Pointer(argc)), 0)
+	argv = (**uint16)(unsafe.Pointer(r0))
+	if argv == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func shGetKnownFolderPath(id *KNOWNFOLDERID, flags uint32, token Token, path **uint16) (ret error) {
+	r0, _, _ := syscall.Syscall6(procSHGetKnownFolderPath.Addr(), 4, uintptr(unsafe.Pointer(id)), uintptr(flags), uintptr(token), uintptr(unsafe.Pointer(path)), 0, 0)
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func ShellExecute(hwnd Handle, verb *uint16, file *uint16, args *uint16, cwd *uint16, showCmd int32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procShellExecuteW.Addr(), 6, uintptr(hwnd), uintptr(unsafe.Pointer(verb)), uintptr(unsafe.Pointer(file)), uintptr(unsafe.Pointer(args)), uintptr(unsafe.Pointer(cwd)), uintptr(showCmd))
+	if r1 <= 32 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func EnumChildWindows(hwnd HWND, enumFunc uintptr, param unsafe.Pointer) {
+	syscall.Syscall(procEnumChildWindows.Addr(), 3, uintptr(hwnd), uintptr(enumFunc), uintptr(param))
+	return
+}
+
+func EnumWindows(enumFunc uintptr, param unsafe.Pointer) (err error) {
+	r1, _, e1 := syscall.Syscall(procEnumWindows.Addr(), 2, uintptr(enumFunc), uintptr(param), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ExitWindowsEx(flags uint32, reason uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procExitWindowsEx.Addr(), 2, uintptr(flags), uintptr(reason), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetClassName(hwnd HWND, className *uint16, maxCount int32) (copied int32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetClassNameW.Addr(), 3, uintptr(hwnd), uintptr(unsafe.Pointer(className)), uintptr(maxCount))
+	copied = int32(r0)
+	if copied == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetDesktopWindow() (hwnd HWND) {
+	r0, _, _ := syscall.Syscall(procGetDesktopWindow.Addr(), 0, 0, 0, 0)
+	hwnd = HWND(r0)
+	return
+}
+
+func GetForegroundWindow() (hwnd HWND) {
+	r0, _, _ := syscall.Syscall(procGetForegroundWindow.Addr(), 0, 0, 0, 0)
+	hwnd = HWND(r0)
+	return
+}
+
+func GetGUIThreadInfo(thread uint32, info *GUIThreadInfo) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetGUIThreadInfo.Addr(), 2, uintptr(thread), uintptr(unsafe.Pointer(info)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetKeyboardLayout(tid uint32) (hkl Handle) {
+	r0, _, _ := syscall.Syscall(procGetKeyboardLayout.Addr(), 1, uintptr(tid), 0, 0)
+	hkl = Handle(r0)
+	return
+}
+
+func GetShellWindow() (shellWindow HWND) {
+	r0, _, _ := syscall.Syscall(procGetShellWindow.Addr(), 0, 0, 0, 0)
+	shellWindow = HWND(r0)
+	return
+}
+
+func GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetWindowThreadProcessId.Addr(), 2, uintptr(hwnd), uintptr(unsafe.Pointer(pid)), 0)
+	tid = uint32(r0)
+	if tid == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func IsWindow(hwnd HWND) (isWindow bool) {
+	r0, _, _ := syscall.Syscall(procIsWindow.Addr(), 1, uintptr(hwnd), 0, 0)
+	isWindow = r0 != 0
+	return
+}
+
+func IsWindowUnicode(hwnd HWND) (isUnicode bool) {
+	r0, _, _ := syscall.Syscall(procIsWindowUnicode.Addr(), 1, uintptr(hwnd), 0, 0)
+	isUnicode = r0 != 0
+	return
+}
+
+func IsWindowVisible(hwnd HWND) (isVisible bool) {
+	r0, _, _ := syscall.Syscall(procIsWindowVisible.Addr(), 1, uintptr(hwnd), 0, 0)
+	isVisible = r0 != 0
+	return
+}
+
+func LoadKeyboardLayout(name *uint16, flags uint32) (hkl Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procLoadKeyboardLayoutW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(flags), 0)
+	hkl = Handle(r0)
+	if hkl == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) {
+	r0, _, e1 := syscall.Syscall6(procMessageBoxW.Addr(), 4, uintptr(hwnd), uintptr(unsafe.Pointer(text)), uintptr(unsafe.Pointer(caption)), uintptr(boxtype), 0, 0)
+	ret = int32(r0)
+	if ret == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ToUnicodeEx(vkey uint32, scancode uint32, keystate *byte, pwszBuff *uint16, cchBuff int32, flags uint32, hkl Handle) (ret int32) {
+	r0, _, _ := syscall.Syscall9(procToUnicodeEx.Addr(), 7, uintptr(vkey), uintptr(scancode), uintptr(unsafe.Pointer(keystate)), uintptr(unsafe.Pointer(pwszBuff)), uintptr(cchBuff), uintptr(flags), uintptr(hkl), 0, 0)
+	ret = int32(r0)
+	return
+}
+
+func UnloadKeyboardLayout(hkl Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procUnloadKeyboardLayout.Addr(), 1, uintptr(hkl), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func CreateEnvironmentBlock(block **uint16, token Token, inheritExisting bool) (err error) {
+	var _p0 uint32
+	if inheritExisting {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall(procCreateEnvironmentBlock.Addr(), 3, uintptr(unsafe.Pointer(block)), uintptr(token), uintptr(_p0))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func DestroyEnvironmentBlock(block *uint16) (err error) {
+	r1, _, e1 := syscall.Syscall(procDestroyEnvironmentBlock.Addr(), 1, uintptr(unsafe.Pointer(block)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetUserProfileDirectory(t Token, dir *uint16, dirLen *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetUserProfileDirectoryW.Addr(), 3, uintptr(t), uintptr(unsafe.Pointer(dir)), uintptr(unsafe.Pointer(dirLen)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileVersionInfoSize(filename string, zeroHandle *Handle) (bufSize uint32, err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(filename)
+	if err != nil {
+		return
+	}
+	return _GetFileVersionInfoSize(_p0, zeroHandle)
+}
+
+func _GetFileVersionInfoSize(filename *uint16, zeroHandle *Handle) (bufSize uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetFileVersionInfoSizeW.Addr(), 2, uintptr(unsafe.Pointer(filename)), uintptr(unsafe.Pointer(zeroHandle)), 0)
+	bufSize = uint32(r0)
+	if bufSize == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetFileVersionInfo(filename string, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(filename)
+	if err != nil {
+		return
+	}
+	return _GetFileVersionInfo(_p0, handle, bufSize, buffer)
+}
+
+func _GetFileVersionInfo(filename *uint16, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetFileVersionInfoW.Addr(), 4, uintptr(unsafe.Pointer(filename)), uintptr(handle), uintptr(bufSize), uintptr(buffer), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func VerQueryValue(block unsafe.Pointer, subBlock string, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(subBlock)
+	if err != nil {
+		return
+	}
+	return _VerQueryValue(block, _p0, pointerToBufferPointer, bufSize)
+}
+
+func _VerQueryValue(block unsafe.Pointer, subBlock *uint16, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procVerQueryValueW.Addr(), 4, uintptr(block), uintptr(unsafe.Pointer(subBlock)), uintptr(pointerToBufferPointer), uintptr(unsafe.Pointer(bufSize)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func TimeBeginPeriod(period uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(proctimeBeginPeriod.Addr(), 1, uintptr(period), 0, 0)
+	if r1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func TimeEndPeriod(period uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(proctimeEndPeriod.Addr(), 1, uintptr(period), 0, 0)
+	if r1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) {
+	r0, _, _ := syscall.Syscall(procWinVerifyTrustEx.Addr(), 3, uintptr(hwnd), uintptr(unsafe.Pointer(actionId)), uintptr(unsafe.Pointer(data)))
+	if r0 != 0 {
+		ret = syscall.Errno(r0)
+	}
+	return
+}
+
+func FreeAddrInfoW(addrinfo *AddrinfoW) {
+	syscall.Syscall(procFreeAddrInfoW.Addr(), 1, uintptr(unsafe.Pointer(addrinfo)), 0, 0)
+	return
+}
+
+func GetAddrInfoW(nodename *uint16, servicename *uint16, hints *AddrinfoW, result **AddrinfoW) (sockerr error) {
+	r0, _, _ := syscall.Syscall6(procGetAddrInfoW.Addr(), 4, uintptr(unsafe.Pointer(nodename)), uintptr(unsafe.Pointer(servicename)), uintptr(unsafe.Pointer(hints)), uintptr(unsafe.Pointer(result)), 0, 0)
+	if r0 != 0 {
+		sockerr = syscall.Errno(r0)
+	}
+	return
+}
+
+func WSACleanup() (err error) {
+	r1, _, e1 := syscall.Syscall(procWSACleanup.Addr(), 0, 0, 0, 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSAEnumProtocols(protocols *int32, protocolBuffer *WSAProtocolInfo, bufferLength *uint32) (n int32, err error) {
+	r0, _, e1 := syscall.Syscall(procWSAEnumProtocolsW.Addr(), 3, uintptr(unsafe.Pointer(protocols)), uintptr(unsafe.Pointer(protocolBuffer)), uintptr(unsafe.Pointer(bufferLength)))
+	n = int32(r0)
+	if n == -1 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSAGetOverlappedResult(h Handle, o *Overlapped, bytes *uint32, wait bool, flags *uint32) (err error) {
+	var _p0 uint32
+	if wait {
+		_p0 = 1
+	}
+	r1, _, e1 := syscall.Syscall6(procWSAGetOverlappedResult.Addr(), 5, uintptr(h), uintptr(unsafe.Pointer(o)), uintptr(unsafe.Pointer(bytes)), uintptr(_p0), uintptr(unsafe.Pointer(flags)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSAIoctl(s Handle, iocc uint32, inbuf *byte, cbif uint32, outbuf *byte, cbob uint32, cbbr *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall9(procWSAIoctl.Addr(), 9, uintptr(s), uintptr(iocc), uintptr(unsafe.Pointer(inbuf)), uintptr(cbif), uintptr(unsafe.Pointer(outbuf)), uintptr(cbob), uintptr(unsafe.Pointer(cbbr)), uintptr(unsafe.Pointer(overlapped)), uintptr(completionRoutine))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSALookupServiceBegin(querySet *WSAQUERYSET, flags uint32, handle *Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procWSALookupServiceBeginW.Addr(), 3, uintptr(unsafe.Pointer(querySet)), uintptr(flags), uintptr(unsafe.Pointer(handle)))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSALookupServiceEnd(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procWSALookupServiceEnd.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSALookupServiceNext(handle Handle, flags uint32, size *int32, querySet *WSAQUERYSET) (err error) {
+	r1, _, e1 := syscall.Syscall6(procWSALookupServiceNextW.Addr(), 4, uintptr(handle), uintptr(flags), uintptr(unsafe.Pointer(size)), uintptr(unsafe.Pointer(querySet)), 0, 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSARecv(s Handle, bufs *WSABuf, bufcnt uint32, recvd *uint32, flags *uint32, overlapped *Overlapped, croutine *byte) (err error) {
+	r1, _, e1 := syscall.Syscall9(procWSARecv.Addr(), 7, uintptr(s), uintptr(unsafe.Pointer(bufs)), uintptr(bufcnt), uintptr(unsafe.Pointer(recvd)), uintptr(unsafe.Pointer(flags)), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(croutine)), 0, 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSARecvFrom(s Handle, bufs *WSABuf, bufcnt uint32, recvd *uint32, flags *uint32, from *RawSockaddrAny, fromlen *int32, overlapped *Overlapped, croutine *byte) (err error) {
+	r1, _, e1 := syscall.Syscall9(procWSARecvFrom.Addr(), 9, uintptr(s), uintptr(unsafe.Pointer(bufs)), uintptr(bufcnt), uintptr(unsafe.Pointer(recvd)), uintptr(unsafe.Pointer(flags)), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(croutine)))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSASend(s Handle, bufs *WSABuf, bufcnt uint32, sent *uint32, flags uint32, overlapped *Overlapped, croutine *byte) (err error) {
+	r1, _, e1 := syscall.Syscall9(procWSASend.Addr(), 7, uintptr(s), uintptr(unsafe.Pointer(bufs)), uintptr(bufcnt), uintptr(unsafe.Pointer(sent)), uintptr(flags), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(croutine)), 0, 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSASendTo(s Handle, bufs *WSABuf, bufcnt uint32, sent *uint32, flags uint32, to *RawSockaddrAny, tolen int32, overlapped *Overlapped, croutine *byte) (err error) {
+	r1, _, e1 := syscall.Syscall9(procWSASendTo.Addr(), 9, uintptr(s), uintptr(unsafe.Pointer(bufs)), uintptr(bufcnt), uintptr(unsafe.Pointer(sent)), uintptr(flags), uintptr(unsafe.Pointer(to)), uintptr(tolen), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(croutine)))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSASocket(af int32, typ int32, protocol int32, protoInfo *WSAProtocolInfo, group uint32, flags uint32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procWSASocketW.Addr(), 6, uintptr(af), uintptr(typ), uintptr(protocol), uintptr(unsafe.Pointer(protoInfo)), uintptr(group), uintptr(flags))
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WSAStartup(verreq uint32, data *WSAData) (sockerr error) {
+	r0, _, _ := syscall.Syscall(procWSAStartup.Addr(), 2, uintptr(verreq), uintptr(unsafe.Pointer(data)), 0)
+	if r0 != 0 {
+		sockerr = syscall.Errno(r0)
+	}
+	return
+}
+
+func bind(s Handle, name unsafe.Pointer, namelen int32) (err error) {
+	r1, _, e1 := syscall.Syscall(procbind.Addr(), 3, uintptr(s), uintptr(name), uintptr(namelen))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Closesocket(s Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procclosesocket.Addr(), 1, uintptr(s), 0, 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func connect(s Handle, name unsafe.Pointer, namelen int32) (err error) {
+	r1, _, e1 := syscall.Syscall(procconnect.Addr(), 3, uintptr(s), uintptr(name), uintptr(namelen))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetHostByName(name string) (h *Hostent, err error) {
+	var _p0 *byte
+	_p0, err = syscall.BytePtrFromString(name)
+	if err != nil {
+		return
+	}
+	return _GetHostByName(_p0)
+}
+
+func _GetHostByName(name *byte) (h *Hostent, err error) {
+	r0, _, e1 := syscall.Syscall(procgethostbyname.Addr(), 1, uintptr(unsafe.Pointer(name)), 0, 0)
+	h = (*Hostent)(unsafe.Pointer(r0))
+	if h == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getpeername(s Handle, rsa *RawSockaddrAny, addrlen *int32) (err error) {
+	r1, _, e1 := syscall.Syscall(procgetpeername.Addr(), 3, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetProtoByName(name string) (p *Protoent, err error) {
+	var _p0 *byte
+	_p0, err = syscall.BytePtrFromString(name)
+	if err != nil {
+		return
+	}
+	return _GetProtoByName(_p0)
+}
+
+func _GetProtoByName(name *byte) (p *Protoent, err error) {
+	r0, _, e1 := syscall.Syscall(procgetprotobyname.Addr(), 1, uintptr(unsafe.Pointer(name)), 0, 0)
+	p = (*Protoent)(unsafe.Pointer(r0))
+	if p == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetServByName(name string, proto string) (s *Servent, err error) {
+	var _p0 *byte
+	_p0, err = syscall.BytePtrFromString(name)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = syscall.BytePtrFromString(proto)
+	if err != nil {
+		return
+	}
+	return _GetServByName(_p0, _p1)
+}
+
+func _GetServByName(name *byte, proto *byte) (s *Servent, err error) {
+	r0, _, e1 := syscall.Syscall(procgetservbyname.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(proto)), 0)
+	s = (*Servent)(unsafe.Pointer(r0))
+	if s == nil {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func getsockname(s Handle, rsa *RawSockaddrAny, addrlen *int32) (err error) {
+	r1, _, e1 := syscall.Syscall(procgetsockname.Addr(), 3, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Getsockopt(s Handle, level int32, optname int32, optval *byte, optlen *int32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procgetsockopt.Addr(), 5, uintptr(s), uintptr(level), uintptr(optname), uintptr(unsafe.Pointer(optval)), uintptr(unsafe.Pointer(optlen)), 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func listen(s Handle, backlog int32) (err error) {
+	r1, _, e1 := syscall.Syscall(proclisten.Addr(), 2, uintptr(s), uintptr(backlog), 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Ntohs(netshort uint16) (u uint16) {
+	r0, _, _ := syscall.Syscall(procntohs.Addr(), 1, uintptr(netshort), 0, 0)
+	u = uint16(r0)
+	return
+}
+
+func recvfrom(s Handle, buf []byte, flags int32, from *RawSockaddrAny, fromlen *int32) (n int32, err error) {
+	var _p0 *byte
+	if len(buf) > 0 {
+		_p0 = &buf[0]
+	}
+	r0, _, e1 := syscall.Syscall6(procrecvfrom.Addr(), 6, uintptr(s), uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
+	n = int32(r0)
+	if n == -1 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func sendto(s Handle, buf []byte, flags int32, to unsafe.Pointer, tolen int32) (err error) {
+	var _p0 *byte
+	if len(buf) > 0 {
+		_p0 = &buf[0]
+	}
+	r1, _, e1 := syscall.Syscall6(procsendto.Addr(), 6, uintptr(s), uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(tolen))
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func Setsockopt(s Handle, level int32, optname int32, optval *byte, optlen int32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procsetsockopt.Addr(), 5, uintptr(s), uintptr(level), uintptr(optname), uintptr(unsafe.Pointer(optval)), uintptr(optlen), 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func shutdown(s Handle, how int32) (err error) {
+	r1, _, e1 := syscall.Syscall(procshutdown.Addr(), 2, uintptr(s), uintptr(how), 0)
+	if r1 == socket_error {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func socket(af int32, typ int32, protocol int32) (handle Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procsocket.Addr(), 3, uintptr(af), uintptr(typ), uintptr(protocol))
+	handle = Handle(r0)
+	if handle == InvalidHandle {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WTSEnumerateSessions(handle Handle, reserved uint32, version uint32, sessions **WTS_SESSION_INFO, count *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procWTSEnumerateSessionsW.Addr(), 5, uintptr(handle), uintptr(reserved), uintptr(version), uintptr(unsafe.Pointer(sessions)), uintptr(unsafe.Pointer(count)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func WTSFreeMemory(ptr uintptr) {
+	syscall.Syscall(procWTSFreeMemory.Addr(), 1, uintptr(ptr), 0, 0)
+	return
+}
+
+func WTSQueryUserToken(session uint32, token *Token) (err error) {
+	r1, _, e1 := syscall.Syscall(procWTSQueryUserToken.Addr(), 2, uintptr(session), uintptr(unsafe.Pointer(token)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/server/vendor/modules.txt b/server/vendor/modules.txt
index 198adac..8e0a4d2 100644
--- a/server/vendor/modules.txt
+++ b/server/vendor/modules.txt
@@ -24,6 +24,9 @@ github.com/bytedance/sonic/utf8
 # github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311
 ## explicit; go 1.15
 github.com/chenzhuoyu/base64x
+# github.com/davecgh/go-spew v1.1.1
+## explicit
+github.com/davecgh/go-spew/spew
 # github.com/gabriel-vasile/mimetype v1.4.2
 ## explicit; go 1.20
 github.com/gabriel-vasile/mimetype
@@ -64,6 +67,12 @@ github.com/goccy/go-json/internal/runtime
 # github.com/golang-jwt/jwt/v5 v5.3.1
 ## explicit; go 1.21
 github.com/golang-jwt/jwt/v5
+# github.com/google/uuid v1.3.1
+## explicit
+github.com/google/uuid
+# github.com/gorilla/websocket v1.5.3
+## explicit; go 1.12
+github.com/gorilla/websocket
 # github.com/joho/godotenv v1.5.1
 ## explicit; go 1.12
 github.com/joho/godotenv
@@ -104,6 +113,109 @@ github.com/pelletier/go-toml/v2/internal/characters
 github.com/pelletier/go-toml/v2/internal/danger
 github.com/pelletier/go-toml/v2/internal/tracker
 github.com/pelletier/go-toml/v2/unstable
+# github.com/pion/datachannel v1.5.8
+## explicit; go 1.19
+github.com/pion/datachannel
+# github.com/pion/dtls/v2 v2.2.12
+## explicit; go 1.13
+github.com/pion/dtls/v2
+github.com/pion/dtls/v2/internal/ciphersuite
+github.com/pion/dtls/v2/internal/ciphersuite/types
+github.com/pion/dtls/v2/internal/closer
+github.com/pion/dtls/v2/internal/util
+github.com/pion/dtls/v2/pkg/crypto/ccm
+github.com/pion/dtls/v2/pkg/crypto/ciphersuite
+github.com/pion/dtls/v2/pkg/crypto/clientcertificate
+github.com/pion/dtls/v2/pkg/crypto/elliptic
+github.com/pion/dtls/v2/pkg/crypto/fingerprint
+github.com/pion/dtls/v2/pkg/crypto/hash
+github.com/pion/dtls/v2/pkg/crypto/prf
+github.com/pion/dtls/v2/pkg/crypto/signature
+github.com/pion/dtls/v2/pkg/crypto/signaturehash
+github.com/pion/dtls/v2/pkg/protocol
+github.com/pion/dtls/v2/pkg/protocol/alert
+github.com/pion/dtls/v2/pkg/protocol/extension
+github.com/pion/dtls/v2/pkg/protocol/handshake
+github.com/pion/dtls/v2/pkg/protocol/recordlayer
+# github.com/pion/ice/v2 v2.3.36
+## explicit; go 1.13
+github.com/pion/ice/v2
+github.com/pion/ice/v2/internal/atomic
+github.com/pion/ice/v2/internal/fakenet
+github.com/pion/ice/v2/internal/stun
+# github.com/pion/interceptor v0.1.29
+## explicit; go 1.19
+github.com/pion/interceptor
+github.com/pion/interceptor/internal/ntp
+github.com/pion/interceptor/internal/sequencenumber
+github.com/pion/interceptor/pkg/nack
+github.com/pion/interceptor/pkg/report
+github.com/pion/interceptor/pkg/twcc
+# github.com/pion/logging v0.2.2
+## explicit; go 1.12
+github.com/pion/logging
+# github.com/pion/mdns v0.0.12
+## explicit; go 1.19
+github.com/pion/mdns
+# github.com/pion/randutil v0.1.0
+## explicit; go 1.14
+github.com/pion/randutil
+# github.com/pion/rtcp v1.2.14
+## explicit; go 1.13
+github.com/pion/rtcp
+# github.com/pion/rtp v1.8.7
+## explicit; go 1.19
+github.com/pion/rtp
+github.com/pion/rtp/codecs
+github.com/pion/rtp/codecs/av1/obu
+github.com/pion/rtp/codecs/vp9
+# github.com/pion/sctp v1.8.19
+## explicit; go 1.19
+github.com/pion/sctp
+# github.com/pion/sdp/v3 v3.0.9
+## explicit; go 1.13
+github.com/pion/sdp/v3
+# github.com/pion/srtp/v2 v2.0.20
+## explicit; go 1.14
+github.com/pion/srtp/v2
+# github.com/pion/stun v0.6.1
+## explicit; go 1.12
+github.com/pion/stun
+github.com/pion/stun/internal/hmac
+# github.com/pion/transport/v2 v2.2.10
+## explicit; go 1.12
+github.com/pion/transport/v2
+github.com/pion/transport/v2/connctx
+github.com/pion/transport/v2/deadline
+github.com/pion/transport/v2/packetio
+github.com/pion/transport/v2/replaydetector
+github.com/pion/transport/v2/stdnet
+github.com/pion/transport/v2/udp
+github.com/pion/transport/v2/utils/xor
+github.com/pion/transport/v2/vnet
+# github.com/pion/turn/v2 v2.1.6
+## explicit; go 1.13
+github.com/pion/turn/v2
+github.com/pion/turn/v2/internal/allocation
+github.com/pion/turn/v2/internal/client
+github.com/pion/turn/v2/internal/ipnet
+github.com/pion/turn/v2/internal/proto
+github.com/pion/turn/v2/internal/server
+# github.com/pion/webrtc/v3 v3.3.5
+## explicit; go 1.17
+github.com/pion/webrtc/v3
+github.com/pion/webrtc/v3/internal/fmtp
+github.com/pion/webrtc/v3/internal/mux
+github.com/pion/webrtc/v3/internal/util
+github.com/pion/webrtc/v3/pkg/media
+github.com/pion/webrtc/v3/pkg/rtcerr
+# github.com/pmezard/go-difflib v1.0.0
+## explicit
+github.com/pmezard/go-difflib/difflib
+# github.com/stretchr/testify v1.9.0
+## explicit; go 1.17
+github.com/stretchr/testify/assert
+github.com/stretchr/testify/require
 # github.com/twitchyliquid64/golang-asm v0.15.1
 ## explicit; go 1.13
 github.com/twitchyliquid64/golang-asm/asm/arch
@@ -126,6 +238,9 @@ github.com/twitchyliquid64/golang-asm/unsafeheader
 # github.com/ugorji/go/codec v1.2.11
 ## explicit; go 1.11
 github.com/ugorji/go/codec
+# github.com/wlynxg/anet v0.0.3
+## explicit; go 1.20
+github.com/wlynxg/anet
 # github.com/xdg-go/pbkdf2 v1.0.0
 ## explicit; go 1.9
 github.com/xdg-go/pbkdf2
@@ -196,12 +311,17 @@ go.mongodb.org/mongo-driver/v2/x/mongo/driver/wiremessage
 golang.org/x/arch/x86/x86asm
 # golang.org/x/crypto v0.33.0
 ## explicit; go 1.20
+golang.org/x/crypto/cryptobyte
+golang.org/x/crypto/cryptobyte/asn1
+golang.org/x/crypto/curve25519
 golang.org/x/crypto/ocsp
 golang.org/x/crypto/pbkdf2
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/sha3
-# golang.org/x/net v0.21.0
+# golang.org/x/net v0.22.0
 ## explicit; go 1.18
+golang.org/x/net/bpf
+golang.org/x/net/dns/dnsmessage
 golang.org/x/net/html
 golang.org/x/net/html/atom
 golang.org/x/net/http/httpguts
@@ -209,6 +329,12 @@ golang.org/x/net/http2
 golang.org/x/net/http2/h2c
 golang.org/x/net/http2/hpack
 golang.org/x/net/idna
+golang.org/x/net/internal/iana
+golang.org/x/net/internal/socket
+golang.org/x/net/internal/socks
+golang.org/x/net/ipv4
+golang.org/x/net/ipv6
+golang.org/x/net/proxy
 # golang.org/x/sync v0.11.0
 ## explicit; go 1.18
 golang.org/x/sync/errgroup
@@ -217,6 +343,7 @@ golang.org/x/sync/singleflight
 ## explicit; go 1.18
 golang.org/x/sys/cpu
 golang.org/x/sys/unix
+golang.org/x/sys/windows
 # golang.org/x/text v0.22.0
 ## explicit; go 1.18
 golang.org/x/text/internal/language
diff --git a/web/src/App.vue b/web/src/App.vue
index 7f27591..96ff1cd 100644
--- a/web/src/App.vue
+++ b/web/src/App.vue
@@ -1,9 +1,14 @@
 <template>
   <div id="app">
+    <LiveFloatingPlayer />
     <router-view />
   </div>
 </template>
 
+<script setup>
+import LiveFloatingPlayer from './components/LiveFloatingPlayer.vue'
+</script>
+
 <style>
 * {
   margin: 0;
diff --git a/web/src/components/LiveFloatingPlayer.vue b/web/src/components/LiveFloatingPlayer.vue
new file mode 100644
index 0000000..787350d
--- /dev/null
+++ b/web/src/components/LiveFloatingPlayer.vue
@@ -0,0 +1,216 @@
+<template>
+  <!-- 画中画：默认左上角；仅在有直播或轮询等待时占位，最小化后显示小按钮 -->
+  <div v-show="surfaceVisible" class="live-pip-root" :class="{ 'live-pip-root--mini': minimized }">
+    <div v-if="!minimized" class="live-pip">
+      <div class="live-pip-bar">
+        <span class="live-pip-badge">LIVE</span>
+        <span class="live-pip-hint">{{ hint }}</span>
+        <div class="live-pip-bar-actions">
+          <button type="button" class="live-pip-iconbtn" title="小窗收起" @click="minimized = true">─</button>
+          <router-link to="/live" class="live-pip-link" title="全屏页">⛶</router-link>
+          <button type="button" class="live-pip-iconbtn" title="隐藏（本场直播仍可在直播页观看）" @click="hideForVisit">×</button>
+        </div>
+      </div>
+      <video
+        ref="videoRef"
+        class="live-pip-video"
+        playsinline
+        autoplay
+        muted
+      ></video>
+    </div>
+    <button
+      v-else
+      type="button"
+      class="live-pip-fab"
+      title="展开直播小窗"
+      @click="minimized = false"
+    >
+      <span class="live-pip-fab-dot"></span>
+      直播
+    </button>
+  </div>
+</template>
+
+<script setup>
+import { ref, computed, onMounted, onUnmounted, nextTick, watch } from 'vue'
+import { useRoute } from 'vue-router'
+import { startViewing } from '../utils/liveWebRTC'
+
+const route = useRoute()
+const videoRef = ref(null)
+const hint = ref('')
+const minimized = ref(false)
+/** 用户点 × 隐藏画中画，直至本场结束或离开首页 */
+const userHidden = ref(false)
+let session = null
+
+const onLivePage = computed(() => route.path === '/live' || route.path.startsWith('/live/'))
+
+const surfaceVisible = computed(() => {
+  if (onLivePage.value) return false
+  if (userHidden.value) return false
+  return showSurface.value
+})
+
+const showSurface = ref(false)
+
+onMounted(async () => {
+  await nextTick()
+  session = startViewing(videoRef.value, {
+    onStatus: (s) => {
+      hint.value = s
+    },
+    onLive: () => {
+      showSurface.value = true
+      minimized.value = false
+    },
+    onEnded: () => {
+      userHidden.value = false
+      minimized.value = false
+      showSurface.value = false
+    }
+  })
+})
+
+watch(
+  () => route.path,
+  () => {
+    if (!onLivePage.value) return
+    userHidden.value = false
+  }
+)
+
+function hideForVisit() {
+  userHidden.value = true
+  minimized.value = false
+}
+
+onUnmounted(() => {
+  session?.stop()
+})
+</script>
+
+<style scoped>
+.live-pip-root {
+  position: fixed;
+  top: 72px;
+  left: 12px;
+  z-index: 95;
+  max-width: min(240px, 42vw);
+  pointer-events: auto;
+}
+.live-pip-root--mini {
+  max-width: none;
+}
+.live-pip {
+  border-radius: 12px;
+  overflow: hidden;
+  background: rgba(6, 8, 18, 0.92);
+  border: 1px solid rgba(0, 212, 255, 0.35);
+  box-shadow: 0 12px 40px rgba(0, 0, 0, 0.55);
+  backdrop-filter: blur(10px);
+}
+.live-pip-bar {
+  display: flex;
+  align-items: center;
+  gap: 8px;
+  padding: 6px 8px;
+  background: linear-gradient(90deg, rgba(0, 212, 255, 0.12), rgba(255, 45, 149, 0.08));
+  border-bottom: 1px solid rgba(255, 255, 255, 0.06);
+  font-size: 11px;
+}
+.live-pip-badge {
+  flex-shrink: 0;
+  padding: 2px 6px;
+  border-radius: 4px;
+  font-weight: 800;
+  letter-spacing: 0.06em;
+  background: linear-gradient(135deg, #ff2d95, #00d4ff);
+  color: #0a0a12;
+}
+.live-pip-hint {
+  flex: 1;
+  min-width: 0;
+  color: rgba(255, 255, 255, 0.55);
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+}
+.live-pip-bar-actions {
+  display: flex;
+  align-items: center;
+  gap: 4px;
+  flex-shrink: 0;
+}
+.live-pip-iconbtn,
+.live-pip-link {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  width: 26px;
+  height: 26px;
+  padding: 0;
+  border: none;
+  border-radius: 6px;
+  background: rgba(0, 0, 0, 0.35);
+  color: rgba(255, 255, 255, 0.75);
+  cursor: pointer;
+  text-decoration: none;
+  font-size: 13px;
+  line-height: 1;
+}
+.live-pip-iconbtn:hover,
+.live-pip-link:hover {
+  color: #00d4ff;
+  background: rgba(0, 212, 255, 0.12);
+}
+.live-pip-video {
+  display: block;
+  width: 100%;
+  aspect-ratio: 16 / 9;
+  object-fit: cover;
+  vertical-align: top;
+  background: #000;
+}
+.live-pip-fab {
+  display: inline-flex;
+  align-items: center;
+  gap: 6px;
+  padding: 8px 12px;
+  border-radius: 999px;
+  border: 1px solid rgba(0, 212, 255, 0.4);
+  background: rgba(10, 14, 28, 0.95);
+  color: #00d4ff;
+  font-size: 12px;
+  font-weight: 700;
+  letter-spacing: 0.08em;
+  cursor: pointer;
+  box-shadow: 0 8px 24px rgba(0, 0, 0, 0.4);
+}
+.live-pip-fab-dot {
+  width: 8px;
+  height: 8px;
+  border-radius: 50%;
+  background: #ff2d95;
+  animation: live-pip-pulse 1.2s ease-in-out infinite;
+}
+@keyframes live-pip-pulse {
+  0%,
+  100% {
+    opacity: 1;
+    transform: scale(1);
+  }
+  50% {
+    opacity: 0.6;
+    transform: scale(0.85);
+  }
+}
+@media (max-width: 600px) {
+  .live-pip-root {
+    top: 64px;
+    left: 8px;
+    max-width: min(200px, 48vw);
+  }
+}
+</style>
diff --git a/web/src/router/index.js b/web/src/router/index.js
index 20b974d..3024d0e 100644
--- a/web/src/router/index.js
+++ b/web/src/router/index.js
@@ -17,6 +17,12 @@ const routes = [
     component: () => import('../views/BrochurePage.vue'),
     meta: { title: '宣传册' }
   },
+  {
+    path: '/live',
+    name: 'LiveRoom',
+    component: () => import('../views/LiveRoom.vue'),
+    meta: { title: '直播' }
+  },
   {
     path: '/index',
     redirect: '/'
diff --git a/web/src/utils/liveWebRTC.js b/web/src/utils/liveWebRTC.js
new file mode 100644
index 0000000..eb9caa6
--- /dev/null
+++ b/web/src/utils/liveWebRTC.js
@@ -0,0 +1,148 @@
+import { apiBase } from '../config'
+
+/** WebSocket 信令（观众） */
+export function liveWsURLView() {
+  const path = '/api/web/live/ws?role=view'
+  if (apiBase) {
+    const base = apiBase.replace(/\/$/, '')
+    const wsOrigin = base.replace(/^https:/i, 'wss:').replace(/^http:/i, 'ws:')
+    return `${wsOrigin}${path}`
+  }
+  const proto = window.location.protocol === 'https:' ? 'wss:' : 'ws:'
+  return `${proto}//${window.location.host}${path}`
+}
+
+export async function fetchLiveStatus() {
+  const url = apiBase ? `${apiBase}/api/web/live/status` : '/api/web/live/status'
+  const res = await fetch(url)
+  if (!res.ok) return { live: false }
+  const j = await res.json()
+  return { live: Boolean(j.live) }
+}
+
+const defaultIce = [{ urls: 'stun:stun.l.google.com:19302' }]
+
+function newPeer(onTrack) {
+  const pc = new RTCPeerConnection({ iceServers: defaultIce })
+  pc.ontrack = onTrack
+  return pc
+}
+
+/**
+ * 观众端：轮询 live 后拉流；结束后自动恢复轮询以便下一场
+ * @param {HTMLVideoElement | null} videoEl
+ * @param {{ onStatus?: (s: string) => void, onLive?: () => void, onEnded?: () => void, pollMs?: number }} [opts]
+ */
+export function startViewing(videoEl, opts = {}) {
+  const { onStatus = () => {}, onLive = () => {}, onEnded = () => {}, pollMs = 1200 } = opts
+  let pc = newPeer((e) => {
+    if (videoEl && e.streams[0]) {
+      videoEl.srcObject = e.streams[0]
+    }
+  })
+  let ws = null
+  let pollTimer = null
+  let stopped = false
+
+  async function negotiate() {
+    if (stopped) return
+    const icePending = []
+    pc.onicecandidate = (e) => {
+      if (!e.candidate) return
+      const msg = JSON.stringify({ type: 'ice', candidate: e.candidate.toJSON() })
+      if (ws && ws.readyState === WebSocket.OPEN) ws.send(msg)
+      else icePending.push(msg)
+    }
+    pc.addTransceiver('video', { direction: 'recvonly' })
+    const offer = await pc.createOffer()
+    await pc.setLocalDescription(offer)
+    ws = new WebSocket(liveWsURLView())
+    await new Promise((resolve, reject) => {
+      ws.addEventListener('open', () => resolve(), { once: true })
+      ws.addEventListener('error', () => reject(new Error('WebSocket 连接失败')), { once: true })
+    })
+    ws.send(JSON.stringify({ type: 'offer', sdp: offer.sdp }))
+    while (icePending.length) {
+      ws.send(icePending.shift())
+    }
+    ws.onmessage = async (ev) => {
+      let msg
+      try {
+        msg = JSON.parse(ev.data)
+      } catch {
+        return
+      }
+      if (msg.type === 'answer' && msg.sdp) {
+        await pc.setRemoteDescription({ type: 'answer', sdp: msg.sdp })
+        onStatus('正在播放…')
+      }
+      if (msg.type === 'ice' && msg.candidate) {
+        try {
+          await pc.addIceCandidate(msg.candidate)
+        } catch (_) {}
+      }
+      if (msg.type === 'ended') {
+        onStatus(msg.message || '直播已结束')
+        if (videoEl) videoEl.srcObject = null
+        onEnded()
+        try {
+          ws?.close()
+        } catch (_) {}
+        ws = null
+        try {
+          pc.close()
+        } catch (_) {}
+        pc = newPeer((e) => {
+          if (videoEl && e.streams[0]) {
+            videoEl.srcObject = e.streams[0]
+          }
+        })
+        if (!stopped && !pollTimer) {
+          pollTimer = setInterval(poll, pollMs)
+          poll()
+        }
+      }
+      if (msg.type === 'error') {
+        onStatus(msg.message || '错误')
+      }
+    }
+    ws.onclose = () => {
+      if (!stopped) onStatus('连接已断开')
+    }
+  }
+
+  async function poll() {
+    if (stopped) return
+    try {
+      const { live } = await fetchLiveStatus()
+      if (live) {
+        if (pollTimer) {
+          clearInterval(pollTimer)
+          pollTimer = null
+        }
+        onLive()
+        onStatus('检测到直播，正在连接…')
+        await negotiate()
+        return
+      }
+      onStatus('等待主播开播…')
+    } catch {
+      onStatus('无法获取直播状态')
+    }
+  }
+
+  poll()
+  pollTimer = setInterval(poll, pollMs)
+
+  function stop() {
+    stopped = true
+    if (pollTimer) clearInterval(pollTimer)
+    try {
+      ws?.close()
+    } catch (_) {}
+    pc.close()
+    if (videoEl) videoEl.srcObject = null
+  }
+
+  return { stop }
+}
diff --git a/web/src/views/Home.vue b/web/src/views/Home.vue
index 408f329..6dd31b6 100644
--- a/web/src/views/Home.vue
+++ b/web/src/views/Home.vue
@@ -105,6 +105,24 @@
             </div>
           </section>
 
+          <section class="live-cta-section" id="live">
+            <div class="live-cta-card">
+              <div class="live-cta-icon" aria-hidden="true">
+                <svg viewBox="0 0 24 24" width="36" height="36" focusable="false">
+                  <path
+                    fill="currentColor"
+                    d="M17 10.5V7a1 1 0 0 0-1-1H4a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-3.5l4 4v-11l-4 4z"
+                  />
+                </svg>
+              </div>
+              <div class="live-cta-copy">
+                <h2 class="live-cta-title">{{ data.live_room_title || '视频直播' }}</h2>
+                <p class="live-cta-desc">直播由管理后台「视频直播开播」推送；开播后首页左上角自动出现画中画，也可进入全屏直播页。</p>
+              </div>
+              <router-link to="/live" class="live-cta-btn">进入直播页</router-link>
+            </div>
+          </section>
+
           <div class="features-space home-features" id="features">
             <div v-for="(f, i) in data.features" :key="i" class="feature-space">
               <div class="feature-icon"><svg viewBox="0 0 24 24"><path :d="featureIconPath(i)"/></svg></div>
@@ -307,6 +325,7 @@
           <a href="#features" @click.prevent="scrollToSel('#features')">功能特性</a>
           <a href="#scenarios" @click.prevent="scrollToSel('#scenarios')">应用场景</a>
           <router-link to="/brochure/company">宣传册</router-link>
+          <router-link to="/live">直播</router-link>
           <a href="#faq" @click.prevent="scrollToSel('#faq')">常见问题</a>
           <a href="#contact" @click.prevent="scrollToSel('#contact')">联系我们</a>
           <a href="#videos" @click.prevent="scrollToSel('#videos')">产品视频</a>
@@ -447,6 +466,7 @@ const defaultData = () => ({
   nav_links: [
     { label: '产品简介', url: '#intro' },
     { label: '产品视频', url: '#videos' },
+    { label: '直播', url: '/live' },
     { label: '功能特性', url: '#features' },
     { label: '应用场景', url: '#scenarios' },
     { label: '宣传册', url: '/brochure/company' },
@@ -472,7 +492,10 @@ const defaultData = () => ({
     { title: '星际通讯', desc: '智能对话系统，理解上下文，精准回答您的问题' }
   ],
   footer_text: '© 2024 宇恒一号 · 成都宇信达智能科技有限公司',
-  body_builder: ''
+  body_builder: '',
+  /** 直播中转页 /live 「进入直播间」外链；后台「首页编辑」可覆盖 */
+  live_room_url: '',
+  live_room_title: '视频直播'
 })
 
 const data = reactive(defaultData())
@@ -690,6 +713,10 @@ async function fetchHomepage() {
     if (typeof json.download_windows_url === 'string' && json.download_windows_url) data.download_windows_url = json.download_windows_url
     if (typeof json.download_android_url === 'string' && json.download_android_url) data.download_android_url = json.download_android_url
     if (Array.isArray(json.features) && json.features.length) data.features = json.features
+    if (typeof json.live_room_url === 'string') data.live_room_url = json.live_room_url
+    if (typeof json.live_room_title === 'string' && json.live_room_title.trim()) {
+      data.live_room_title = json.live_room_title.trim()
+    }
   } catch (_) {}
 }
 
@@ -898,6 +925,82 @@ onUnmounted(() => {
   border-radius: 20px; color: var(--plasma-cyan); font-size: 11px;
 }
 
+.live-cta-section {
+  margin: 48px 0 8px;
+  padding: 0 4px;
+  position: relative;
+  z-index: 10;
+}
+.live-cta-card {
+  max-width: 900px;
+  margin: 0 auto;
+  display: flex;
+  flex-wrap: wrap;
+  align-items: center;
+  justify-content: center;
+  gap: 22px 28px;
+  padding: 22px 26px;
+  border-radius: 16px;
+  border: 1px solid rgba(0, 212, 255, 0.2);
+  background: rgba(12, 18, 36, 0.45);
+  backdrop-filter: blur(12px);
+  box-shadow: 0 12px 40px rgba(0, 0, 0, 0.25);
+  animation: live-cta-glow 4s ease-in-out infinite;
+}
+@keyframes live-cta-glow {
+  0%, 100% { box-shadow: 0 12px 40px rgba(0, 0, 0, 0.25), 0 0 0 0 rgba(0, 212, 255, 0); }
+  50% { box-shadow: 0 12px 40px rgba(0, 0, 0, 0.25), 0 0 28px rgba(0, 212, 255, 0.12); }
+}
+.live-cta-icon {
+  flex-shrink: 0;
+  width: 56px;
+  height: 56px;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  border-radius: 14px;
+  color: var(--plasma-cyan);
+  background: linear-gradient(145deg, rgba(0, 212, 255, 0.2), rgba(255, 45, 149, 0.12));
+  border: 1px solid rgba(0, 212, 255, 0.3);
+}
+.live-cta-copy {
+  flex: 1 1 220px;
+  min-width: 0;
+  text-align: center;
+}
+.live-cta-title {
+  font-family: 'Noto Sans SC', sans-serif;
+  font-size: clamp(1.1rem, 2.2vw, 1.35rem);
+  letter-spacing: 0.1em;
+  color: var(--star-white);
+  margin: 0 0 8px;
+}
+.live-cta-desc {
+  margin: 0;
+  font-size: 13px;
+  line-height: 1.65;
+  color: rgba(255, 255, 255, 0.5);
+}
+.live-cta-btn {
+  flex-shrink: 0;
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  padding: 12px 26px;
+  border-radius: 10px;
+  font-size: 14px;
+  font-weight: 700;
+  letter-spacing: 0.12em;
+  text-decoration: none;
+  color: var(--space-dark);
+  background: linear-gradient(135deg, var(--plasma-cyan), var(--plasma-pink));
+  transition: transform 0.25s ease, box-shadow 0.25s ease;
+}
+.live-cta-btn:hover {
+  transform: translateY(-2px);
+  box-shadow: 0 8px 28px rgba(0, 212, 255, 0.35);
+}
+
 .features-space {
   display: grid; grid-template-columns: repeat(auto-fit, minmax(260px, 1fr)); gap: 30px;
   max-width: 1200px; margin: 80px auto 0; padding: 0 20px; width: 100%;
diff --git a/web/src/views/LiveRoom.vue b/web/src/views/LiveRoom.vue
new file mode 100644
index 0000000..d644cb2
--- /dev/null
+++ b/web/src/views/LiveRoom.vue
@@ -0,0 +1,228 @@
+<template>
+  <div class="live-room">
+    <header class="live-room-top">
+      <router-link to="/" class="live-room-back">← 返回首页</router-link>
+    </header>
+
+    <main class="live-room-main">
+      <h1 class="live-room-title">{{ pageTitle }}</h1>
+
+      <section class="live-block" aria-label="本站直播">
+        <h2 class="live-block-title">本站直播（WebRTC）</h2>
+        <p class="live-block-desc">
+          仅<strong>管理后台 → 视频直播开播</strong>（需首页编辑权限）可推流；开播后全站左上角画中画自动播放，本页为大屏观看。单房间、进程内转发；公网建议配置服务端
+          <code style="color: #7ee0ff">LIVE_ICE_SERVERS</code>（含 TURN）。
+        </p>
+        <p class="live-watch-status">{{ watchStatus }}</p>
+        <video
+          ref="watchVideoRef"
+          class="live-room-video live-room-video--watch"
+          playsinline
+          autoplay
+          muted
+        ></video>
+      </section>
+
+      <section class="live-block live-block--divider" aria-label="外链直播间">
+        <h2 class="live-block-title">外部直播间</h2>
+        <p class="live-block-desc">
+          跳转至后台配置的第三方直播间（抖音、B 站等）。
+        </p>
+        <div class="live-room-actions">
+          <button
+            type="button"
+            class="live-room-btn live-room-btn--primary"
+            :disabled="!enterUrl"
+            @click="goLiveRoom"
+          >
+            进入外部直播间
+          </button>
+          <p v-if="!enterUrl" class="live-room-hint">未配置外链时，可仅用上方本站直播。若需外链，请到管理后台 → 首页编辑填写「直播间地址」。</p>
+        </div>
+      </section>
+    </main>
+  </div>
+</template>
+
+<script setup>
+import { ref, computed, onMounted, onUnmounted, nextTick } from 'vue'
+import { apiBase } from '../config'
+import { startViewing } from '../utils/liveWebRTC'
+
+const watchVideoRef = ref(null)
+const rawLiveUrl = ref('')
+const pageTitle = ref('视频直播')
+const watchStatus = ref('正在检测本站直播…')
+
+const enterUrl = computed(() => (rawLiveUrl.value || '').trim())
+
+let viewSession = null
+
+function normalizeOutboundUrl(u) {
+  const s = (u || '').trim()
+  if (!s) return ''
+  if (/^https?:\/\//i.test(s)) return s
+  if (s.startsWith('/') && !s.startsWith('//')) {
+    return `${window.location.origin}${s}`
+  }
+  return `https://${s}`
+}
+
+async function loadHomepage() {
+  try {
+    const url = apiBase ? `${apiBase}/api/web/homepage` : '/api/web/homepage'
+    const res = await fetch(url)
+    if (!res.ok) return
+    const json = await res.json()
+    if (typeof json.live_room_url === 'string') rawLiveUrl.value = json.live_room_url
+    if (typeof json.live_room_title === 'string' && json.live_room_title.trim()) {
+      pageTitle.value = json.live_room_title.trim()
+    }
+    document.title = `${pageTitle.value} - 宇恒一号`
+  } catch (_) {}
+}
+
+function goLiveRoom() {
+  const target = normalizeOutboundUrl(enterUrl.value)
+  if (!target) return
+  window.location.href = target
+}
+
+onMounted(async () => {
+  loadHomepage()
+  await nextTick()
+  viewSession = startViewing(watchVideoRef.value, {
+    onStatus: (s) => {
+      watchStatus.value = s
+    }
+  })
+})
+
+onUnmounted(() => {
+  viewSession?.stop()
+})
+</script>
+
+<style scoped>
+.live-room {
+  min-height: 100vh;
+  padding: 24px 20px 48px;
+  background: radial-gradient(ellipse at 30% 20%, rgba(74, 26, 107, 0.25) 0%, transparent 45%),
+    radial-gradient(ellipse at 70% 80%, rgba(30, 58, 95, 0.3) 0%, transparent 50%),
+    #0a0a12;
+  color: #fff;
+  font-family: 'Noto Sans SC', system-ui, sans-serif;
+}
+.live-room-top {
+  max-width: 640px;
+  margin: 0 auto 24px;
+}
+.live-room-back {
+  color: rgba(255, 255, 255, 0.55);
+  text-decoration: none;
+  font-size: 14px;
+  transition: color 0.2s;
+}
+.live-room-back:hover {
+  color: #00d4ff;
+}
+.live-room-main {
+  max-width: 640px;
+  margin: 0 auto;
+  text-align: center;
+}
+.live-room-title {
+  font-size: clamp(1.5rem, 4vw, 2rem);
+  letter-spacing: 0.12em;
+  margin-bottom: 28px;
+  background: linear-gradient(90deg, #fff, #00d4ff, #ff2d95, #fff);
+  background-size: 200% auto;
+  -webkit-background-clip: text;
+  -webkit-text-fill-color: transparent;
+  background-clip: text;
+}
+.live-block {
+  text-align: left;
+  margin-bottom: 36px;
+}
+.live-block--divider {
+  padding-top: 28px;
+  border-top: 1px solid rgba(255, 255, 255, 0.1);
+}
+.live-block-title {
+  font-size: 1rem;
+  letter-spacing: 0.08em;
+  color: rgba(255, 255, 255, 0.92);
+  margin: 0 0 10px;
+}
+.live-block-desc {
+  font-size: 13px;
+  line-height: 1.7;
+  color: rgba(255, 255, 255, 0.52);
+  margin: 0 0 12px;
+}
+.live-inline-link {
+  color: #00d4ff;
+  text-decoration: none;
+  font-weight: 600;
+}
+.live-inline-link:hover {
+  text-decoration: underline;
+}
+.live-watch-status {
+  font-size: 13px;
+  color: #00d4ff;
+  margin: 0 0 14px;
+  min-height: 1.4em;
+}
+.live-room-actions {
+  margin-top: 8px;
+}
+.live-room-hint {
+  margin-top: 14px;
+  font-size: 13px;
+  color: rgba(255, 255, 255, 0.45);
+  line-height: 1.6;
+}
+.live-room-btn {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  padding: 14px 32px;
+  border-radius: 12px;
+  font-size: 15px;
+  font-weight: 700;
+  letter-spacing: 0.08em;
+  cursor: pointer;
+  border: none;
+  transition: transform 0.2s, box-shadow 0.2s, opacity 0.2s;
+}
+.live-room-btn:disabled {
+  opacity: 0.45;
+  cursor: not-allowed;
+  transform: none;
+}
+.live-room-btn--primary {
+  background: linear-gradient(135deg, #00d4ff, #ff2d95);
+  color: #0a0a12;
+  box-shadow: 0 8px 28px rgba(0, 212, 255, 0.25);
+}
+.live-room-btn--primary:not(:disabled):hover {
+  transform: translateY(-2px);
+  box-shadow: 0 12px 36px rgba(0, 212, 255, 0.35);
+}
+.live-room-video {
+  display: block;
+  width: 100%;
+  max-width: 480px;
+  margin: 0 auto;
+  border-radius: 14px;
+  border: 1px solid rgba(0, 212, 255, 0.25);
+  background: #000;
+  aspect-ratio: 4 / 3;
+  object-fit: cover;
+}
+.live-room-video--watch {
+  margin-top: 4px;
+}
+</style>
diff --git a/web/vite.config.js b/web/vite.config.js
index c43c1e2..4613897 100644
--- a/web/vite.config.js
+++ b/web/vite.config.js
@@ -71,7 +71,8 @@ export default defineConfig({
       '/api': {
         target: 'https://yuheng.yuxindazhineng.com',
         changeOrigin: true,
-        secure: true
+        secure: true,
+        ws: true
       }
     }
   }