Support creating TLS tunnel for WebrtcTCPSocket
Categories
(Core :: Networking: HTTP, defect, P2)
Tracking
()
People
(Reporter: kershaw, Assigned: kershaw)
References
Details
(Whiteboard: [necko-triaged][necko-priority-queue])
Attachments
(4 files)
See bug 1885594 #comment 22.
necko needs to make some change in order to support setting TLS tunnel for WebrtcTCPSocket
|
Assignee | |
Updated•1 year ago
|
|
|
Assignee | |
Updated•1 year ago
|
|
|
Assignee | |
Comment 1•1 year ago
|
||
|
||
Comment 2•1 year ago
|
||
What do you think about the possibility of allowing this even for HTTP proxies (see https://bugzilla.mozilla.org/show_bug.cgi?id=1885594#c33)?
|
|
Assignee | |
Comment 3•1 year ago
|
||
(In reply to Byron Campen [:bwc] from comment #2)
What do you think about the possibility of allowing this even for HTTP proxies (see https://bugzilla.mozilla.org/show_bug.cgi?id=1885594#c33)?
I think it'd doable, but we need another flag to let necko know when to setup a tunnel when using HTTP proxy.
If you think we should support it, I can add such a flag.
|
|
||
Comment 4•1 year ago
|
||
Yeah, I think it is reasonable to be able to tunnel TLS through an HTTP proxy, even though it is a bit weird.
|
||
Comment 5•1 year ago
|
||
Let me know if I can help / test / assist / gather logs if needed.
|
|
Assignee | |
Comment 6•1 year ago
|
||
(In reply to brian.m.pettis from comment #5)
Let me know if I can help / test / assist / gather logs if needed.
I've create a try push that ensures a TLS tunnel is always set up when a proxy is used.
Could you test if it works?
You could also find the instructions for downloading a build in bug 1885594 #comment 34.
Thanks.
|
|
Assignee | |
Comment 7•1 year ago
|
||
|
|
Assignee | |
Comment 8•1 year ago
|
||
|
|
||
Comment 9•1 year ago
|
||
I was able to get some testing done today on my macOS and Windows 11.
Looks like Secure TURN (TLS) through an HTTP Proxy works on this try build you provided.
Appreciate all the work on this!
|
|
||
Comment 10•1 year ago
|
||
Would it be possible to get a build that includes this fix for tunneling via HTTP proxy AND the fix in bug 1885594, to test with?
|
|
||
Comment 11•1 year ago
|
||
I just pushed this to try. It should probably work.
|
|
||
Comment 12•1 year ago
|
||
|
||
Comment 13•1 year ago
|
||
|
||
Comment 14•1 year ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/9bce31ff0746
https://hg.mozilla.org/mozilla-central/rev/6acbf1daad22
https://hg.mozilla.org/mozilla-central/rev/693839ae57f9
|
|
||
Comment 15•1 year ago
|
||
What do you think about an ESR 128 uplift for this? Our webex contact says about 10% of Firefox users on webex are running into problems because they don't have this fix.
|
|
Assignee | |
Comment 16•1 year ago
•
|
||
(In reply to Byron Campen [:bwc] from comment #15)
What do you think about an ESR 128 uplift for this? Our webex contact says about 10% of Firefox users on webex are running into problems because they don't have this fix.
I think these are low-risk changes, so yes, let's uplift these patches to esr 128.
I'll create a squashed patch to make uplift easier.
|
|
||
Comment 17•1 year ago
|
||
Thanks!
|
|
Assignee | |
Comment 18•1 year ago
|
||
|
||
Updated•1 year ago
|
|
|
||
Comment 19•1 year ago
|
||
esr128 Uplift Approval Request
- User impact if declined: Webrtc connection fail.
- Code covered by automated testing: yes
- Fix verified in Nightly: yes
- Needs manual QE test: no
- Steps to reproduce for manual QE testing: N/A
- Risk associated with taking this patch: Low
- Explanation of risk level: This patch is verfified.
- String changes made/needed: N/A
- Is Android affected?: yes
|
|
||
Updated•1 year ago
|
|
||
Updated•1 year ago
|
|
|
||
Comment 20•1 year ago
|
||
| uplift | ||
Description
•