Bug 233414

Summary: A server-reflexive candidate is discarded when the host IPv4 address is public and obfuscated
Product: WebKit Reporter: Kyutae Lee <gorisanson>
Component: WebRTCAssignee: youenn fablet <youennf>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: Safari 15   
Hardware: Mac (Intel)   
OS: macOS 12   
Attachments:
Description Flags
Result screenshot of taking the steps to reproduce the bug and corresponding to the Web Inspector Console Logs none

Description Kyutae Lee 2021-11-21 22:28:54 PST
Created attachment 444945 [details]
Result screenshot of taking the steps to reproduce the bug and corresponding to the Web Inspector Console Logs

A server-reflexive (srflx) candidate is discarded when the host IPv4 address is public and obfuscated.

According to https://www.rfc-editor.org/rfc/rfc8445#section-5.1.3, the srflx candidate is considered redundant and eliminated when the host address is public (and not obfuscated). In this case, WebRTC P2P connection can be achieved since the host address is public and the same as the srflx candidate address.

However, when the host address is both public and obfuscated, according to https://datatracker.ietf.org/doc/html/draft-ietf-mmusic-mdns-ice-candidates-02#section-3.1.2.2, a srflx candidate MUST NOT be considered redundant and so must not be eliminated. But, it seems that Safari eliminates the srflx candidate when the host address is both public and obfuscated.

Here are steps to reproduce the bug:
1. Connect to the Internet directly with a public IP (behind no NAT)
2. Open the Trickle ICE sample in Safari: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
3. Click "Gather candidates"

The following is logs of Web Inspector Console when I take the steps above, with setting WebRTC Logging "Verbose" (Web Inspector -> Settings -> Console -> WebRTC Logging).

Safari Web Inspector Console Logs with WebRTC Logging "Verbose":
--------
[Log] Creating new PeerConnection with config={"iceServers":[{"urls":["stun:stun.l.google.com:19302"]}],"iceTransportPolicy":"all","iceCandidatePoolSize":"0"} (main.js, line 157)
[Log] RTCPeerConnection::RTCPeerConnection(6FABB4D9) 
[Info] RTCPeerConnection::initializeConfiguration(6FABB4D9) 
[Info] RTCPeerConnection::addTransceiver(6FABB4D9) 
[Log] MediaStreamTrackPrivate::MediaStreamTrackPrivate(C4B26C3DDFE44905) 
[Log] RealtimeIncomingAudioSource::setLogger(C4B26C3DDFE44905) Audio, remote audio, 
[Log] MediaStreamTrack::MediaStreamTrack(C4B26C3DDFE44905) 
[Log] RTCPeerConnection::createOffer(6FABB4D9) 
[Log] PeerConnectionBackend::createOfferSucceeded(6FABB4D9) Create offer succeeded:
v=0
o=- 3826257032639583107 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE 0
a=extmap-allow-mixed
a=msid-semantic: WMS
m=audio 9 UDP/TLS/RTP/SAVPF 111 103 9 0 8 105 13 110 113 126
c=IN IP4 0.0.0.0
a=rtcp:9 IN IP4 0.0.0.0
a=ice-ufrag:rO9Z
a=ice-pwd:3rHfBci/3naaqdEDIOQPNYD/
a=ice-options:trickle
a=fingerprint:sha-256 13:38:36:50:7C:9D:01:68:CB:FC:91:BE:BD:28:FB:AC:49:67:A9:5E:CD:09:5F:BC:61:D8:8E:AF:2B:85:AA:F1
a=setup:actpass
a=mid:0
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:2 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:3 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid
a=extmap:5 urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id
a=extmap:6 urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-stream-id
a=sendrecv
a=msid:- f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352
a=rtcp-mux
a=rtpmap:111 opus/48000/2
a=rtcp-fb:111 transport-cc
a=fmtp:111 minptime=10;useinbandfec=1
a=rtpmap:103 ISAC/16000
a=rtpmap:9 G722/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:105 CN/16000
a=rtpmap:13 CN/8000
a=rtpmap:110 telephone-event/48000
a=rtpmap:113 telephone-event/16000
a=rtpmap:126 telephone-event/8000
a=ssrc:3914177754 cname:Ed56B/h1MvTWyenf
a=ssrc:3914177754 msid:- f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352
a=ssrc:3914177754 mslabel:-
a=ssrc:3914177754 label:f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352

[Log] RTCPeerConnection::setLocalDescription(6FABB4D9) Setting local description to:
v=0
o=- 3826257032639583107 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE 0
a=extmap-allow-mixed
a=msid-semantic: WMS
m=audio 9 UDP/TLS/RTP/SAVPF 111 103 9 0 8 105 13 110 113 126
c=IN IP4 0.0.0.0
a=rtcp:9 IN IP4 0.0.0.0
a=ice-ufrag:rO9Z
a=ice-pwd:3rHfBci/3naaqdEDIOQPNYD/
a=ice-options:trickle
a=fingerprint:sha-256 13:38:36:50:7C:9D:01:68:CB:FC:91:BE:BD:28:FB:AC:49:67:A9:5E:CD:09:5F:BC:61:D8:8E:AF:2B:85:AA:F1
a=setup:actpass
a=mid:0
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:2 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:3 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid
a=extmap:5 urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id
a=extmap:6 urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-stream-id
a=sendrecv
a=msid:- f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352
a=rtcp-mux
a=rtpmap:111 opus/48000/2
a=rtcp-fb:111 transport-cc
a=fmtp:111 minptime=10;useinbandfec=1
a=rtpmap:103 ISAC/16000
a=rtpmap:9 G722/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:105 CN/16000
a=rtpmap:13 CN/8000
a=rtpmap:110 telephone-event/48000
a=rtpmap:113 telephone-event/16000
a=rtpmap:126 telephone-event/8000
a=ssrc:3914177754 cname:Ed56B/h1MvTWyenf
a=ssrc:3914177754 msid:- f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352
a=ssrc:3914177754 mslabel:-
a=ssrc:3914177754 label:f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352

[Log] RTCPeerConnection::setSignalingState(6FABB4D9) have-local-offer
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'signalingstatechange'
[Log] PeerConnectionBackend::setLocalDescriptionSucceeded(6FABB4D9) 
[Log] RTCPeerConnection::updateIceGatheringState(6FABB4D9) gathering
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icegatheringstatechange'
[Info] RTCPeerConnection::updateConnectionState(6FABB4D9) state changed from: new to connecting
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'connectionstatechange'
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'negotiationneeded'
[Log] PeerConnectionBackend::newICECandidate(6FABB4D9) Gathered ice candidate:candidate:484232637 1 udp 2122260223 175.212.38.195 60853 typ host generation 0 ufrag rO9Z network-id 1 network-cost 50
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icecandidate'
[Log] PeerConnectionBackend::newICECandidate(6FABB4D9) Gathered ice candidate:candidate:1381970253 1 tcp 1518280447 175.212.38.195 9 typ host tcptype active generation 0 ufrag rO9Z network-id 1 network-cost 50
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icecandidate'
[Log] PeerConnectionBackend::doneGatheringCandidates(6FABB4D9) Finished ice candidate gathering
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icecandidate'
[Log] RTCPeerConnection::updateIceGatheringState(6FABB4D9) complete
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icegatheringstatechange'
[Log] MediaStreamTrack::stopTrack(C4B26C3DDFE44905) 1
[Log] MediaStreamTrackPrivate::endTrack(C4B26C3DDFE44905) 
[Log] MediaStreamTrackPrivate::updateReadyState(C4B26C3DDFE44905) Ended
[Log] MediaStreamTrackPrivate::preventSourceFromStopping(C4B26C3DDFE44905) true
[Log] RealtimeIncomingAudioSource::requestToEnd(C4B26C3DDFE44905) 
[Log] RealtimeIncomingAudioSource::end(C4B26C3DDFE44905) 
[Log] MediaStreamTrack::trackEnded(C4B26C3DDFE44905) 
[Log] MediaStreamTrack::trackEnded(C4B26C3DDFE44905) firing 'ended' event
[Log] RTCPeerConnection::setSignalingState(6FABB4D9) stable
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'signalingstatechange'
---------
Comment 1 Kyutae Lee 2021-11-21 23:05:35 PST
I want to clarify that, when I said "the host address is obfuscated", I mean host candidate IP address obfuscation by using mDNS.

And, for your information, here's a link to the related question in Stack Overflow which I posted:
https://stackoverflow.com/q/61629450/8581025
Comment 2 Kyutae Lee 2021-11-22 00:05:22 PST
And it seems that Chromium and Firefox have the same bug now.
For your information, the links of the bug reports are at the following.

Chromium: https://bugs.chromium.org/p/webrtc/issues/detail?id=13426
FireFox: https://bugzilla.mozilla.org/show_bug.cgi?id=1742337
Comment 3 Radar WebKit Bug Importer 2021-11-22 00:45:51 PST
<rdar://problem/85661079>
Comment 4 Kyutae Lee 2022-12-01 22:16:14 PST
This bug is fixed by a patch in upstream (it's my contribution!):
https://webrtc.googlesource.com/src/+/7eea6672285f765599fd883a5737f5cae8d20917

And the patch begins to be applied on Chromium with version 110.0.5452.0 (https://chromium.googlesource.com/chromium/src.git/+/refs/tags/110.0.5452.0%5E%21/).
Comment 5 youenn fablet 2022-12-06 08:16:09 PST
Pull request: https://github.com/WebKit/WebKit/pull/7203
Comment 6 Kyutae Lee 2022-12-07 01:28:38 PST
Oh, I didn't know that a patch, onto a third party package, like this can be pull-requested to the public Webkit repository. Thank you!
Comment 7 EWS 2022-12-07 08:36:05 PST
Committed 257481@main (8d4875ea0114): <https://commits.webkit.org/257481@main>

Reviewed commits have been landed. Closing PR #7203 and removing active labels.