Open Bug 1952664 Opened 11 days ago Updated 11 days ago

Firefox enforces TURN permissions but Chrome does not

Categories

(Core :: WebRTC, enhancement)

Product:
Core
Component:
WebRTC
Version:
Firefox 138
Type:
enhancement

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: brassevan, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:138.0) Gecko/20100101 Firefox/138.0

Steps to reproduce:

Firefox TURN client code aborts if data is received from a peer without a known permission: https://searchfox.org/mozilla-central/source/dom/media/webrtc/transport/third_party/nICEr/src/stun/turn_client_ctx.c#1098
Chrome TURN client code logs an error but continues: https://webrtc.googlesource.com/src/+/refs/heads/main/p2p/base/turn_port.cc#1085

The TURN RFC says "should" check permissions: https://datatracker.ietf.org/doc/html/rfc8656#name-receiving-a-data-indication
But the ICE RFC says agents "should" by default be prepared to receive on any candidates: https://datatracker.ietf.org/doc/html/rfc8445#section-12.2

Actual results:

What this means is that Firefox is unable to detect incoming peer reflexive candidates over TURN while Chrome is able to do this.

Expected results:

I don't know what's "correct" but I find Chrome's behavior useful for running multiple WebRTC services from behind a single TURN service as a kind of load balancer.

Component: Untriaged → WebRTC
Product: Firefox → Core
You need to log in before you can comment on or make changes to this bug.