Closed
Bug 1189041
Opened 9 years ago
Closed 9 years ago
Add about:config pref to limit ICE discovery to default route
Categories
(Core :: WebRTC: Networking, defect, P1)
Core
WebRTC: Networking
Tracking
()
RESOLVED
FIXED
mozilla43
backlog | webrtc/webaudio+ |
People
(Reporter: jesup, Assigned: jesup)
References
(Blocks 1 open bug)
Details
Attachments
(4 files, 2 obsolete files)
23.93 KB,
patch
|
Details | Diff | Splinter Review | |
40 bytes,
text/x-review-board-request
|
bwc
:
review+
Sylvestre
:
approval-mozilla-aurora+
|
Details |
19.29 KB,
patch
|
Details | Diff | Splinter Review | |
2.71 KB,
patch
|
Details | Diff | Splinter Review |
To improve privacy in the "split-VPN" case, where the real external address is still accessible (bypassing the VPN), we should provide a config pref to limit ICE checks to the default route/routes (IPV6?). Note that there may be issues determining the default route.. This behavior may be the default in private browsing mode; if so we should consider if it should be possible to override this limit in that mode.
Assignee | ||
Updated•9 years ago
|
backlog: --- → webRTC+
Rank: 5
Priority: -- → P1
Assignee | ||
Updated•9 years ago
|
Assignee: nobody → rjesup
Comment 1•9 years ago
|
||
Untested WIP patch for nICEr half of this.
Comment 2•9 years ago
|
||
Comment on attachment 8641710 [details] [diff] [review] WIP patch Review of attachment 8641710 [details] [diff] [review]: ----------------------------------------------------------------- I am on a plane with apparently limited UDP so I am having trouble testing this. Will do it when I get on the ground.
Comment 3•9 years ago
|
||
Byron, Would like to get your opinion about approaches. This patch filters the candidate list against the "default" address, determined by trying to connect to something we know is public. The alternative approach in Jesup's patch is to bind to INADDR_ANY. I had considered and rejected that approach because I know there are places where we compare stuff to the address we bound to, as in: https://dxr.mozilla.org/mozilla-central/source/media/mtransport/third_party/nICEr/src/ice/ice_candidate_pair.c?from=nr_ice_candidate_pair_stun_cb&case=true#262 So I was worried about side effects. What do you think?
Updated•9 years ago
|
Flags: needinfo?(docfaraday)
Comment 4•9 years ago
|
||
One more note: I think it's pretty likely that if you have two nodes behind the same NAT and only one has this policy that the INADDR_ANY version ends up with prflx candidates because the "mapped" address != INADDR_ANY
Comment 5•9 years ago
|
||
(In reply to Eric Rescorla (:ekr) from comment #3) > Byron, > > Would like to get your opinion about approaches. This patch filters the > candidate > list against the "default" address, determined by trying to connect to > something > we know is public. The alternative approach in Jesup's patch is to bind to > INADDR_ANY. I had considered and rejected that approach because I know there > are places where we compare stuff to the address we bound to, as in: > > https://dxr.mozilla.org/mozilla-central/source/media/mtransport/third_party/ > nICEr/src/ice/ice_candidate_pair. > c?from=nr_ice_candidate_pair_stun_cb&case=true#262 > > So I was worried about side effects. What do you think? Binding to INADDR_ANY is definitely going to violate a bunch of assumptions. It is also unclear to me what host candidates we trickle in this case (none? only the host candidates that end up routing to a remote candidate?). If we just pick one as you're proposing, that reduces the risk that the other end could bamboozle us into revealing additional addresses by sending carefully chosen candidates (I don't know how risky this is for those using VPN to anonymize). On the flipside, it would likely yield sub-optimal behavior in cases where someone is using a VPN to connect to a work network (ICE with an agent at work would not use the VPN).
Flags: needinfo?(docfaraday)
Assignee | ||
Comment 6•9 years ago
|
||
Well, I think that any default-route-only approach needs to block HOST entries, right? (And it would be bad to expose any with a real IP, and INADDR_ANY ones would be 0.0.0.0/::0 in any case and so not useful to the far end.) If the other side provides HOST entries, we can try to access them (from INADDR_ANY at our end) which will use default routing. Right now my patch implements roughly something similar to Chrome - instead of getifaddrs(), I instead return an INADDR_ANY IP4 (and maybe an equivalent IPV6) address, and then later I filter out any candidates with an ANY address (to avoid sending HOST 0.0.0.0/etc candidates). The SRFLX will have an raddr of 0.0.0.0 right now (and IIRC I see the same in Chrome).
Comment 7•9 years ago
|
||
raddr isn't used for anything, but I opted to use the same address for raddr and srflx
Assignee | ||
Comment 8•9 years ago
|
||
One minor concern I had with ekr's patch was that 8.8.8.8 *might* (ok, slight stretch) be static-routed to the real external interface and bypass the VPN if they're using it for DNSSEC (and thus think it's safe). I think at minimum we should select something that would never be static-routed for any reason to find the default interface. My patch is likely smaller/simpler, but if it's violating assumptions it may not be better. Worth looking a bit more at though; make sure we find the best solution (and keep maintenance in mind too). Almost makes me with we could do some magic with TTL 1 or 2 packets to probe for a local connection without exposing to the outside world.... Sigh. And probably not possible on Windows IIRC.
Assignee | ||
Comment 9•9 years ago
|
||
Comment 10•9 years ago
|
||
Comment on attachment 8641710 [details] [diff] [review] WIP patch Review of attachment 8641710 [details] [diff] [review]: ----------------------------------------------------------------- I am on a plane with apparently limited UDP so I am having trouble testing this. Will do it when I get on the ground. Note to self: need to also add filtering logic for host in the call to trickle_cb
Comment 11•9 years ago
|
||
Comment on attachment 8641878 [details] [diff] [review] WIP patch for alternative suppression of non-default-routes Review of attachment 8641878 [details] [diff] [review]: ----------------------------------------------------------------- ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c @@ +498,5 @@ > if (cand->state == NR_ICE_CAND_STATE_INITIALIZED) { > int was_pruned = 0; > +#define SUPPRESS_WILDCARD_HOSTS > +#if defined(SUPPRESS_WILDCARD_HOSTS) > +// XXX NOTE: this also *appears* to suppress SRFLX, hmmm You can't remove host candidates from the internal list of candidates because you don't do checks on local srflx and prflx candidates. See: https://dxr.mozilla.org/mozilla-central/source/media/mtransport/third_party/nICEr/src/ice/ice_component.c?from=nr_ice_component_pair_candidate&case=true#975 I believe that the right implementation strategy here is to filter the candidates that you pass to the outside, not to remove them internally.
Comment 12•9 years ago
|
||
Bug 1189041 - Add option to only gather addresses for default route.
Comment 13•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. This is just a WIP and probably is bug-infested, but shows the direction I'm going. Byron PTAL and LMK if you think this is the right idea.
Attachment #8642204 -
Flags: feedback?(docfaraday)
Comment 14•9 years ago
|
||
https://reviewboard.mozilla.org/r/14711/#review13277 I think this is the way to go here. One refinement I can think of is to be willing to gather/trickle additional srflx based on the default route to stuff that is trickled at us, but I suspect this would open up the possibility of someone tricking fake candidates at us in order to learn about other routes (maybe a long shot, but possible). There's a similar refinement where we'd get the route to things like the STUN/TURN server and use that, but again this could be abused I think.
Updated•9 years ago
|
Attachment #8642204 -
Flags: feedback?(docfaraday) → feedback+
Assignee | ||
Comment 15•9 years ago
|
||
https://reviewboard.mozilla.org/r/14709/#review13311 feedback+ ::: media/mtransport/test/ice_unittest.cpp:259 (Diff revision 1) > - enable_tcp)), > + enable_tcp, allow_link_local, hide_non_default)), I take it there was another issue with allow_link_local not getting passed down? ::: media/mtransport/third_party/nICEr/src/ice/ice_candidate.c:944 (Diff revision 1) > + &cand->addr : &cand->base; So question: do "unusual" values here provide a hint to the JS code that the user has set a special privacy mode? Likely so, however, the JS could infer that from no HOST candidates being generated. This ability to notice use of default-host routing makes it hard to use this feature without at least raising a red flag to the JS that the user is trying to hide. While the JS may not be able to break it, it can flag all the fingerprint info for the user for heightened de-anonymization. Possible mitigations (likely imperfect): a) provide a fake HOST entry on a LAN address NOT in the list of routable addresses. Choose an unused 192.168 subnet for example. We'll likely have to remember this address and may need to *appear* to be trying to ICE open the address, depedning on what info is exposed about candidates to the JS. Use this address for raddr as well. Note that with some smart work, this could be sniffed out, but it would not be obvious or trivial. b) ? All that said: this is better than no ability to retrict routing, definitely, but maybe we can improve the mimicry of "normal" mode. ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:574 (Diff revision 1) > + if ((r=nr_str_port_to_transport_addr("8.8.8.8", 53, IPPROTO_UDP, &remote_addr))) Still concerned that 8.8.8.8 *might* be static-routed (pretty unlikely, but maybe possible, or people might be social-engineeered into doing so). Perhaps there's a better never-would-be-static-routed address. ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:580 (Diff revision 1) > + if ((r=nr_str_port_to_transport_addr("2001:4860:4860::8888", 53, IPPROTO_UDP, &remote_addr))) Similar concern ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:563 (Diff revision 1) > +static int nr_ice_get_default_address(nr_ice_ctx *ctx, int ip_version, nr_transport_addr* addrp) The other option here is to do like Chrome and use INADDR_ANY/in6addr_any to find the default interfaces - which per comments from ekr might require some tweaks elsewhere, though it works fine for me in practice.
Assignee | ||
Updated•9 years ago
|
Attachment #8642204 -
Flags: feedback+
Assignee | ||
Comment 16•9 years ago
|
||
Updated to use some bits from ekr's patch to hide HOSTs; works better now (SRFLX is offered with external IP of default route). May be moot, but might as well keep the option up-to-date
Assignee | ||
Updated•9 years ago
|
Attachment #8641878 -
Attachment is obsolete: true
Assignee | ||
Comment 17•9 years ago
|
||
FYI, you may need to tweak gonk_addrs.c as well; that could be a followup bug, if needed
Assignee | ||
Comment 18•9 years ago
|
||
https://reviewboard.mozilla.org/r/14711/#review13521 ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:654 (Diff revision 1) > + addrs = default_addrs; Bug - default_addrs will be out-of-scope a couple of lines below.... so addrs will be pointing at stack which may be overwritten at any point. If a separate array is to be used, it must be global to the function, or copied back over the original (using nr_local_addr_copy, since there are internal pointers)
Assignee | ||
Comment 19•9 years ago
|
||
Note: two full-sized arrays is overkill for this patch, but for my patch for whitelists at least in theory it could have any number (though in practice likely just two). two full-sized seems safer, and it's just stack space
Attachment #8643486 -
Flags: review?(ekr)
Comment 20•9 years ago
|
||
(In reply to Randell Jesup [:jesup] from comment #18) > https://reviewboard.mozilla.org/r/14711/#review13521 > > ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:654 > (Diff revision 1) > > + addrs = default_addrs; > > Bug - default_addrs will be out-of-scope a couple of lines below.... so > addrs will be pointing at stack which may be overwritten at any point. If > a separate array is to be used, it must be global to the function, or copied > back over the original (using nr_local_addr_copy, since there are internal > pointers) Yes, that's a good point. I'd just make it function-global.
Assignee | ||
Comment 21•9 years ago
|
||
Yeah, the patch I attached with r? to you does so. I have a rebase of the force-interface patch on top of that that uses the function-global arrays; we'll want to land in that order (this first, then the force-interface patch).
Updated•9 years ago
|
Attachment #8642204 -
Flags: feedback+
Comment 22•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. Bug 1189041 - Add option to only gather addresses for default route.
Comment 23•9 years ago
|
||
https://reviewboard.mozilla.org/r/14709/#review13809 ::: media/mtransport/nr_socket_prsock.cpp:578 (Diff revision 2) > } > > - if((r=nr_praddr_to_transport_addr(&naddr,&my_addr_,addr->protocol,1))) > + if((r=nr_praddr_to_transport_addr(&naddr,&my_addr_,my_addr_.protocol,1))) > ABORT(r); This is unnecessary. ::: media/mtransport/test/ice_unittest.cpp:2053 (Diff revision 2) > +TEST_F(IceConnectTest, DISABLED_TestConnectDefaultRouteOnly) { > + Init(false, false, false, true); > + AddStream("first", 1); > + ASSERT_TRUE(Gather()); > + SetExpectedTypes(NrIceCandidate::Type::ICE_SERVER_REFLEXIVE, > + NrIceCandidate::Type::ICE_SERVER_REFLEXIVE, kNrIceTransportTcp); > + Connect(); > +} > + Comment that this doesn't always work b/c of hairpinning. ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:556 (Diff revision 2) > > -int nr_ice_gather(nr_ice_ctx *ctx, NR_async_cb done_cb, void *cb_arg) > + IPv4: 8.8.8.8 > + IPv6: 2001:4860:4860::8888 > + > + Then we can do getsockname to get the address. No packets get sent TODO: find a better external address.
Comment 24•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. Bug 1189041 - Add option to only gather addresses for default route.
Comment 25•9 years ago
|
||
Minor tweaks
Comment 26•9 years ago
|
||
This is out to drno for testing. try push at: https://treeherder.mozilla.org/#/jobs?repo=try&revision=825be9b0dd2b
Flags: needinfo?(drno)
Comment 27•9 years ago
|
||
Jesup, you had asked for another external IP. Perhaps one of ours?
Flags: needinfo?(rjesup)
Comment 28•9 years ago
|
||
Seems to work as expected, from what I can tell. With default_address_only set to false my dual homes machine connects to the remote machine over its secondary interface, which is on the same LAN as the remote machine and has not the default route set. And I see the IPs of both interfaces show up in about:webrtc for ICE candidates. If I flip default_address_only to true and make a new call, the traffic gets routed over the primary interface with the default route and I only see ICE candidates with the IP address of the primary, default route interface in about:webrtc. Note: I experienced some crashes with e10s on, but did not check if they are related to this new code, or something else.
Flags: needinfo?(drno)
Comment 29•9 years ago
|
||
Looks like the crashes I saw are in fact related to this code here: #02: nr_socket_local_connect(void*, nr_transport_addr_*)[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13b2057] #03: nr_socket_connect[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47d7018] #04: nr_ice_get_default_address[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47ce894] #05: nr_ice_get_default_local_address[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47ce2b3] #06: nr_ice_get_local_addresses[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47cd785] #07: nr_ice_gather[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47cd4bd] #08: mozilla::NrIceCtx::StartGathering()[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13c07e0] #09: mozilla::PeerConnectionMedia::EnsureIceGathering_s()[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x135b511]
Comment 30•9 years ago
|
||
Previous stack trace was missing crucial information: Assertion failure: false, at /Users/nohlmeier/src/mozilla-central/media/mtransport/nr_socket_prsock.cpp:1301 [Child 69446] WARNING: Transparent content with displayports can be expensive.: file /Users/nohlmeier/src/mozilla-central/layout/base/nsDisplayList.cpp, line 1642 [Child 69446] WARNING: Transparent content with displayports can be expensive.: file /Users/nohlmeier/src/mozilla-central/layout/base/nsDisplayList.cpp, line 1642 #01: mozilla::NrSocketIpc::connect(nr_transport_addr_*)[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13b1a68] #02: nr_socket_local_connect(void*, nr_transport_addr_*)[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13b2057] #03: nr_socket_connect[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47d7018] #04: nr_ice_get_default_address[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47ce894] #05: nr_ice_get_default_local_address[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47ce2b3] #06: nr_ice_get_local_addresses[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47cd785] #07: nr_ice_gather[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x47cd4bd] #08: mozilla::NrIceCtx::StartGathering()[/Users/nohlmeier/src/mozilla-central/obj-x86_64-apple-darwin14.4.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13c07e0]
Comment 31•9 years ago
|
||
https://reviewboard.mozilla.org/r/14709/#review13837 ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:590 (Diff revision 3) > + if ((r=nr_socket_connect(sock, &remote_addr))) connect() is not implemented for NrSocketIpc and therefor results in trouble with e10s.
Assignee | ||
Comment 32•9 years ago
|
||
(In reply to Eric Rescorla (:ekr) from comment #27) > Jesup, you had asked for another external IP. Perhaps one of ours? That could work - though I'd prefer something no one would ever think of static-routing. It's possible there is no 'better' address than 8.8.8.8. (4.2.2.2 is another classic 'DNS' address; not from google)
Flags: needinfo?(rjesup)
Comment 33•9 years ago
|
||
(In reply to Nils Ohlmeier [:drno] from comment #31) > https://reviewboard.mozilla.org/r/14709/#review13837 > > ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:590 > (Diff revision 3) > > + if ((r=nr_socket_connect(sock, &remote_addr))) > > connect() is not implemented for NrSocketIpc and therefor results in trouble > with e10s. OK, I'll take a look tomorrow and see if I can figure out what to do about that.
Comment 34•9 years ago
|
||
Awesome. nsIUDPSocket doesn't implement connect.
Comment 35•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. Byron, I still need to do the E10S side, but since that's a separable piece, I suggest we start the review process on this first.
Attachment #8642204 -
Flags: review?(docfaraday)
Updated•9 years ago
|
Attachment #8642204 -
Flags: review?(docfaraday)
Comment 36•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. https://reviewboard.mozilla.org/r/14711/#review13907 The most serious thing that I see is that some tests in ice_unittests seem to be expecting local host candidates to be exposed by the same code that feeds the stats API. Also, I don't see us doing anything to prevent local host candidates from being exposed by the default candidate stuff (nr_ice_media_stream_get_default_candidate). ::: dom/media/tests/mochitest/test_peerConnection_basicAudioVideoDefaultRoute.html:10 (Diff revision 3) > + bug: "796890", > + title: "Basic audio/video (separate) peer connection" Update this. ::: dom/media/tests/mochitest/test_peerConnection_basicAudioVideoDefaultRoute.html:36 (Diff revision 3) > + ); Fixup ws. ::: media/mtransport/nr_socket_prsock.cpp:737 (Diff revision 3) > - int32_t status; > + int32_t status, status2; If we're going to have more than one of these, let's name them something like connect_status and getsockname_status. ::: media/mtransport/nricectx.h:212 (Diff revision 3) > bool offerer, > bool set_interface_priorities = true, > bool allow_loopback = false, > bool tcp_enabled = true, > - bool allow_link_local = false); > + bool allow_link_local = false, > + bool hide_non_default = false); This arg list of bools is getting pretty long. We should probably put a TODO here for switching this over to using an init struct or flags or something. ::: media/mtransport/test/ice_unittest.cpp:255 (Diff revision 3) > - bool allow_loopback = false, bool enable_tcp = true) : > + bool allow_loopback = false, bool enable_tcp = true, > + bool allow_link_local = false, bool hide_non_default = false) : Same comment regarding length of init list. ::: media/mtransport/test/ice_unittest.cpp:1249 (Diff revision 3) > + void DumpCandidates(unsigned int stream) { I've filed bug 1192867 since you can't make this const correct without modifying a bunch of other stuff. ::: media/mtransport/test/ice_unittest.cpp:1333 (Diff revision 3) > } else { > + if (setupStunServers) { Let's just merge this into an else if. ::: media/mtransport/test/ice_unittest.cpp:1970 (Diff revision 3) > +// apparently NATted. Result should be a srflx candidate This is simulating non-NATed, right? ::: media/mtransport/test/ice_unittest.cpp:1965 (Diff revision 3) > + ASSERT_FALSE(StreamHasMatchingCandidate(0, "host")); > + ASSERT_TRUE(StreamHasMatchingCandidate(0, "srflx")); This does not square with the comment up top. ::: media/mtransport/test/ice_unittest.cpp:2170 (Diff revision 3) > + SetExpectedTypes(NrIceCandidate::Type::ICE_HOST, I would not expect local host candidates to percolate up, since that's the same code-path that the stats API uses. ::: media/mtransport/test/ice_unittest.cpp:1956 (Diff revision 3) > +// apparently non-NATted. Result should be a host candidate We're trying to simulate NATed here, right? Also, shouldn't local host candidates not percolate up? ::: media/mtransport/third_party/nICEr/src/ice/ice_ctx.c:583 (Diff revision 3) > + default: > + assert(0); > + ABORT(R_INTERNAL); Indent.
Comment 37•9 years ago
|
||
https://reviewboard.mozilla.org/r/14711/#review13931 ::: media/mtransport/test/ice_unittest.cpp:1965 (Diff revision 3) > + ASSERT_FALSE(StreamHasMatchingCandidate(0, "host")); > + ASSERT_TRUE(StreamHasMatchingCandidate(0, "srflx")); Yep. Comment is wrong. ::: media/mtransport/test/ice_unittest.cpp:1956 (Diff revision 3) > +// apparently non-NATted. Result should be a host candidate Oh, yeah. Will swap the comments. ::: media/mtransport/test/ice_unittest.cpp:2170 (Diff revision 3) > + SetExpectedTypes(NrIceCandidate::Type::ICE_HOST, The situation here is that always do checks from a HOST candidate, and then you infer from the response whether the HOST or SRFLX succeeded. So, if you aren't NATted, you get success on the HOST.
Comment 38•9 years ago
|
||
https://reviewboard.mozilla.org/r/14711/#review13907 Oh, yeah, good catch about default candidate. I can fix that. Can you explain the first point a bit more. I don't quite follow. > This arg list of bools is getting pretty long. We should probably put a TODO here for switching this over to using an init struct or flags or something. Yeah, I had the same thought as I was working on this.
Comment 39•9 years ago
|
||
https://reviewboard.mozilla.org/r/14711/#review13907 Oh, GetActivePair is used only by ice_unittest, so I guess this doesn't have implications for the stats API. Although this implies that the stats API will likely hand back a list of candidate pairs, none of which are selected, even though ICE succeeded. That might pose problems for the mochitest if/when it is ever enabled. Not sure what is to be done about that.
Comment 40•9 years ago
|
||
Yeah, we may need to clean up the stats API for this....
Comment 41•9 years ago
|
||
[Tracking Requested - why for this release]: Plan is to uplift this into 41 to support an extension that can mitigate these issues ASAP (see mail to drivers)
Comment 43•9 years ago
|
||
https://reviewboard.mozilla.org/r/14711/#review14081 Byron, PTAL at this.
Comment 44•9 years ago
|
||
Gah, I can't seem to get this patch published.
Comment 45•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. Bug 1189041 - Add option to only gather addresses for default route. Minor tweaks Checkpoint: Byron's minor comments Suppress host default candidate
Updated•9 years ago
|
Attachment #8645182 -
Attachment is obsolete: true
Comment 46•9 years ago
|
||
https://reviewboard.mozilla.org/r/14711/#review14083 ::: dom/media/tests/mochitest/test_peerConnection_basicAudioVideoDefaultRoute.html:29 (Diff revisions 2 - 4) > - }, function() { > +,function() { > - var test = new PeerConnectionTest(options); > + var test = new PeerConnectionTest(options); > - test.setMediaConstraints([{audio: true}, {video: true}], > + test.setMediaConstraints([{audio: true}, {video: true}], > - [{audio: true}, {video: true}]); > + [{audio: true}, {video: true}]); > - test.chain.insertAfter("PC_LOCAL_SETUP_ICE_HANDLER", PC_LOCAL_NO_HOST_CANDIDATES); > + test.chain.insertAfter("PC_LOCAL_SETUP_ICE_HANDLER", PC_LOCAL_NO_HOST_CANDIDATES); > - test.run(); > + test.run(); > - } > - ); > -}); > + }); > +}); This doesn't look right to me. It needs to be something like: pushPrefEnv({'set':[["foo", true]]}, function() { ... });
Comment 47•9 years ago
|
||
This test is commented out. let's remove it.
Comment 48•9 years ago
|
||
Ugh. Try push failed.
Comment 49•9 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=e253f729813d contains alleged fix. Will update patch if it works.
Comment 50•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. Bug 1189041 - Add option to only gather addresses for default route. Minor tweaks Checkpoint: Byron's minor comments Suppress host default candidate Fix thread issue Remove non-used mochitest
Comment 51•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. Bug 1189041 - Add option to only gather addresses for default route. Minor tweaks Checkpoint: Byron's minor comments Suppress host default candidate Fix thread issue Remove non-used mochitest
Assignee | ||
Updated•9 years ago
|
Attachment #8643486 -
Flags: review?(ekr)
Updated•9 years ago
|
Attachment #8642204 -
Flags: review?(docfaraday)
Comment 52•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. https://reviewboard.mozilla.org/r/14711/#review14171
Attachment #8642204 -
Flags: review?(docfaraday) → review+
Updated•9 years ago
|
Whiteboard: checkin-needed
Comment 53•9 years ago
|
||
Clearing checkin-needed while I discuss E10S with :drno. :drno, can you advise on how non-debug builds behave on E10S. I would expect that all calls fail because there are no candidates.
Flags: needinfo?(drno)
Whiteboard: checkin-needed
Comment 54•9 years ago
|
||
Confirmed. It works without e10s. With e10s it hits the assertion in connect() on a debug build and on a non-debug build it keeps running but never produces local ICE candidates.
Flags: needinfo?(drno)
Keywords: checkin-needed
Comment 55•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/4f0f45233e6b
Keywords: checkin-needed
Comment 56•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/4f0f45233e6b
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox43:
--- → fixed
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
Tracked as this work is planned to ship in FF41.
Assignee | ||
Comment 58•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. Approval Request Comment [Feature/regressing bug #]: N/A [User impact if declined]: Inability to hide LAN addresses and non-default external addresses (i.e. to limit traffic to a VPN). Important for privacy/user-security for some users, and to limit some forms of tracking. [Describe test coverage new/current, TreeHerder]: C++ unit tests. Note: followon patch will enable this in e10s, but that will ride the train in 43. [Risks and why]: lower risk and only should affect operation if the pref is set (risk would be if the pref is set and there's some problem with interface discovery); but only asking for Aurora/42 uplift. [String/UUID change made/needed]: none
Attachment #8642204 -
Flags: approval-mozilla-aurora?
Comment 59•9 years ago
|
||
Comment on attachment 8642204 [details] MozReview Request: Bug 1189041 - Add option to only gather addresses for default route. Approving now to increase the testing coverage. Thanks
Attachment #8642204 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Assignee | ||
Comment 61•9 years ago
|
||
Per previous discussions, we decided not to try to push this into 41, and hadn't set the tracking flags to match
tracking-firefox41:
+ → ---
You need to log in
before you can comment on or make changes to this bug.
Description
•