Bug 180842 - srflx and relay ICE candidates lack raddr (rel-addr) and rport (rel-port) attributes if getUserMedia access has not been granted
Summary: srflx and relay ICE candidates lack raddr (rel-addr) and rport (rel-port) att...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebRTC (show other bugs)
Version: Safari 11
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: youenn fablet
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2017-12-14 14:39 PST by Mark Roberts
Modified: 2017-12-14 18:16 PST (History)
6 users (show)

See Also:

Attachments
Patch (1.74 KB, patch)
2017-12-14 15:43 PST, youenn fablet 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Roberts 2017-12-14 14:39:12 PST 
Reproduction Steps:

1. Create an RTCPeerConnection with STUN (and/or TURN) servers
2. Negotiate (doesn't matter if Safari offers or answers first)
3. Wait for ICE candidates

You can execute these steps using the following JSFiddle: https://jsfiddle.net/Lm7Lebz4/

Expected Result:

srflx and relay candidates include the raddr (rel-addr) and rport (rel-port) attributes required by RFC 5245, Section 15.1: https://tools.ietf.org/html/rfc5245#section-15.1

Actual Result:

srflx and relay candidates lack raddr and rport.

***

If you call `getUserMedia` before executing Steps 1–3 above, you will get a different result! raddr and rport will be present. These two cases are represented in the JSFiddle by the two buttons. Note: you may wish to simply copy the JavaScript from the JSFiddle, paste it into the browser console, and invoke `test(true)` or `test(false)` yourself, since calling `getUserMedia` first will trigger

> NotAllowedError (DOM Exception 35): The request is not allowed by the user agent or the platform in the current context, possibly because the user denied permission.

when invoked from JSFiddle.

***

Other notes: I'm investigating ICE failures between Safari and Firefox when Safari is not sharing any media. I'm not sure if this is the cause of the failure or a symptom of some other issue. This issue also resembles this WebRTC Issue 1202: https://bugs.chromium.org/p/webrtc/issues/detail?id=1202
Comment 1 youenn fablet 2017-12-14 14:46:34 PST 
Hi Mark, thanks for the report.
host candidates are filtered out for privacy reasons and so are raddr/rport information on reflexive and relay candidates.

I would be interested to know whether this causes any actual issue.
Comment 2 Mark Roberts 2017-12-14 15:09:59 PST 
Hi Youenn,

Thanks for the quick response.

> host candidates are filtered out for privacy reasons

Yes, this is what I expected. I think I remember you mentioning this at Kranky Geek. IMO, there should be no problem there.

> and so are raddr/rport information on reflexive and relay candidates.

However, this seems to be the source of the interop problem with Firefox. If I write a little function to patch these up before sending them out:

  function patchIceCandidate(candidate) {
    var candidateStr = candidate.candidate;                                          
    var type = candidateStr.match(/typ ([^ ]*)/)[1];                                 
    switch (type) {                                                                  
      case 'srflx':                                                                  
      case 'prflx':                                                                  
      case 'relay':                                                                  
        var raddr = candidateStr.match(/raddr ([^ ]*)/);                             
        var rport = candidateStr.match(/rport ([^ ]*)/);                             
        if (!raddr || !rport) {                                                      
          console.warn(type + ' ICE candidate lacks raddr and/or rport: ' + candidateStr);
          if (!raddr) {                                                              
            candidateStr = candidateStr.replace('generation', 'raddr 0.0.0.0 generation');
          }                                                                          
          if (!rport) {                                                              
            candidateStr = candidateStr.replace('generation', 'rport 0 generation');
          }                                                                          
          candidate = new RTCIceCandidate({                                          
            candidate: candidateStr,                                                 
            sdpMid: candidate.sdpMid,                                                
            sdpMLineIndex: candidate.sdpMLineIndex                                   
          });                                                                        
        }                                                                            
      default:                                                                       
        break;                                                                       
    }
    return candidate;
  }

Then there are no more ICE failures in Firefox.

I can understand filtering the raddr and rport attributes if they include sensitive information; however, I suppose Firefox may be a bit stricter in its parsing of ICE candidates (since technically raddr and rport are required). Strangely, though, it doesn't raise an error. I will probably open an issue with them next.

Also, I can understand filtering the raddr and rport attributes if they includes sensitive information; however, in the test I shared, I see they are just set to 0.0.0.0 and 0 _if `getUserMedia` was previously called_ (note that it doesn't matter if the resulting MediaStreamTracks are added to any RTCPeerConnections or not). So maybe instead of filtering, Safari could use these dummy values?

Thanks!
Mark
Comment 3 Mark Roberts 2017-12-14 15:14:17 PST 
Here is an example error in Firefox's about:webrtc under "Connection Log" when such an ICE candidate is provided by Safari:

> ICE(PC:1513292453729479 (id=2147483657 url=https://simpler-signaling.appspot.com/?iceTransportPolicy=relay)): Error parsing attribute: candidate:1735000762 1 udp 33562623 34.203.251.116 58685 typ relay generation 0 ufrag 4S1R network-cost 50
Comment 4 youenn fablet 2017-12-14 15:43:22 PST 
Created attachment 329409 [details]
Patch
Comment 5 WebKit Commit Bot 2017-12-14 18:14:08 PST 
Comment on attachment 329409 [details]
Patch

Clearing flags on attachment: 329409

Committed r225955: <https://trac.webkit.org/changeset/225955>
Comment 6 WebKit Commit Bot 2017-12-14 18:14:10 PST 
All reviewed patches have been landed.  Closing bug.
Comment 7 Radar WebKit Bug Importer 2017-12-14 18:16:09 PST 
<rdar://problem/36064667>