233414 – A server-reflexive candidate is discarded when the host IPv4 address is public and obfuscated

Bug 233414 - A server-reflexive candidate is discarded when the host IPv4 address is public and obfuscated

Summary: A server-reflexive candidate is discarded when the host IPv4 address is publi...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebRTC (show other bugs)
Version:	Safari 15
Hardware:	Mac (Intel) macOS 12

Importance:	P2 Normal
Assignee:	youenn fablet

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2021-11-21 22:28 PST by Kyutae Lee
Modified:	2022-12-07 08:36 PST (History)
CC List:	2 users (show)

See Also:

Attachments
Result screenshot of taking the steps to reproduce the bug and corresponding to the Web Inspector Console Logs (177.66 KB, image/png) 2021-11-21 22:28 PST, Kyutae Lee	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kyutae Lee 2021-11-21 22:28:54 PST

Created attachment 444945 [details]
Result screenshot of taking the steps to reproduce the bug and corresponding to the Web Inspector Console Logs

A server-reflexive (srflx) candidate is discarded when the host IPv4 address is public and obfuscated.

According to https://www.rfc-editor.org/rfc/rfc8445#section-5.1.3, the srflx candidate is considered redundant and eliminated when the host address is public (and not obfuscated). In this case, WebRTC P2P connection can be achieved since the host address is public and the same as the srflx candidate address.

However, when the host address is both public and obfuscated, according to https://datatracker.ietf.org/doc/html/draft-ietf-mmusic-mdns-ice-candidates-02#section-3.1.2.2, a srflx candidate MUST NOT be considered redundant and so must not be eliminated. But, it seems that Safari eliminates the srflx candidate when the host address is both public and obfuscated.

Here are steps to reproduce the bug:
1. Connect to the Internet directly with a public IP (behind no NAT)
2. Open the Trickle ICE sample in Safari: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
3. Click "Gather candidates"

The following is logs of Web Inspector Console when I take the steps above, with setting WebRTC Logging "Verbose" (Web Inspector -> Settings -> Console -> WebRTC Logging).

Safari Web Inspector Console Logs with WebRTC Logging "Verbose":
--------
[Log] Creating new PeerConnection with config={"iceServers":[{"urls":["stun:stun.l.google.com:19302"]}],"iceTransportPolicy":"all","iceCandidatePoolSize":"0"} (main.js, line 157)
[Log] RTCPeerConnection::RTCPeerConnection(6FABB4D9) 
[Info] RTCPeerConnection::initializeConfiguration(6FABB4D9) 
[Info] RTCPeerConnection::addTransceiver(6FABB4D9) 
[Log] MediaStreamTrackPrivate::MediaStreamTrackPrivate(C4B26C3DDFE44905) 
[Log] RealtimeIncomingAudioSource::setLogger(C4B26C3DDFE44905) Audio, remote audio, 
[Log] MediaStreamTrack::MediaStreamTrack(C4B26C3DDFE44905) 
[Log] RTCPeerConnection::createOffer(6FABB4D9) 
[Log] PeerConnectionBackend::createOfferSucceeded(6FABB4D9) Create offer succeeded:
v=0
o=- 3826257032639583107 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE 0
a=extmap-allow-mixed
a=msid-semantic: WMS
m=audio 9 UDP/TLS/RTP/SAVPF 111 103 9 0 8 105 13 110 113 126
c=IN IP4 0.0.0.0
a=rtcp:9 IN IP4 0.0.0.0
a=ice-ufrag:rO9Z
a=ice-pwd:3rHfBci/3naaqdEDIOQPNYD/
a=ice-options:trickle
a=fingerprint:sha-256 13:38:36:50:7C:9D:01:68:CB:FC:91:BE:BD:28:FB:AC:49:67:A9:5E:CD:09:5F:BC:61:D8:8E:AF:2B:85:AA:F1
a=setup:actpass
a=mid:0
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:2 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:3 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid
a=extmap:5 urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id
a=extmap:6 urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-stream-id
a=sendrecv
a=msid:- f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352
a=rtcp-mux
a=rtpmap:111 opus/48000/2
a=rtcp-fb:111 transport-cc
a=fmtp:111 minptime=10;useinbandfec=1
a=rtpmap:103 ISAC/16000
a=rtpmap:9 G722/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:105 CN/16000
a=rtpmap:13 CN/8000
a=rtpmap:110 telephone-event/48000
a=rtpmap:113 telephone-event/16000
a=rtpmap:126 telephone-event/8000
a=ssrc:3914177754 cname:Ed56B/h1MvTWyenf
a=ssrc:3914177754 msid:- f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352
a=ssrc:3914177754 mslabel:-
a=ssrc:3914177754 label:f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352

[Log] RTCPeerConnection::setLocalDescription(6FABB4D9) Setting local description to:
v=0
o=- 3826257032639583107 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE 0
a=extmap-allow-mixed
a=msid-semantic: WMS
m=audio 9 UDP/TLS/RTP/SAVPF 111 103 9 0 8 105 13 110 113 126
c=IN IP4 0.0.0.0
a=rtcp:9 IN IP4 0.0.0.0
a=ice-ufrag:rO9Z
a=ice-pwd:3rHfBci/3naaqdEDIOQPNYD/
a=ice-options:trickle
a=fingerprint:sha-256 13:38:36:50:7C:9D:01:68:CB:FC:91:BE:BD:28:FB:AC:49:67:A9:5E:CD:09:5F:BC:61:D8:8E:AF:2B:85:AA:F1
a=setup:actpass
a=mid:0
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:2 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:3 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid
a=extmap:5 urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id
a=extmap:6 urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-stream-id
a=sendrecv
a=msid:- f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352
a=rtcp-mux
a=rtpmap:111 opus/48000/2
a=rtcp-fb:111 transport-cc
a=fmtp:111 minptime=10;useinbandfec=1
a=rtpmap:103 ISAC/16000
a=rtpmap:9 G722/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:105 CN/16000
a=rtpmap:13 CN/8000
a=rtpmap:110 telephone-event/48000
a=rtpmap:113 telephone-event/16000
a=rtpmap:126 telephone-event/8000
a=ssrc:3914177754 cname:Ed56B/h1MvTWyenf
a=ssrc:3914177754 msid:- f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352
a=ssrc:3914177754 mslabel:-
a=ssrc:3914177754 label:f38bcd1c-1d2c-4fe1-8557-3aabe5a2f352

[Log] RTCPeerConnection::setSignalingState(6FABB4D9) have-local-offer
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'signalingstatechange'
[Log] PeerConnectionBackend::setLocalDescriptionSucceeded(6FABB4D9) 
[Log] RTCPeerConnection::updateIceGatheringState(6FABB4D9) gathering
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icegatheringstatechange'
[Info] RTCPeerConnection::updateConnectionState(6FABB4D9) state changed from: new to connecting
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'connectionstatechange'
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'negotiationneeded'
[Log] PeerConnectionBackend::newICECandidate(6FABB4D9) Gathered ice candidate:candidate:484232637 1 udp 2122260223 175.212.38.195 60853 typ host generation 0 ufrag rO9Z network-id 1 network-cost 50
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icecandidate'
[Log] PeerConnectionBackend::newICECandidate(6FABB4D9) Gathered ice candidate:candidate:1381970253 1 tcp 1518280447 175.212.38.195 9 typ host tcptype active generation 0 ufrag rO9Z network-id 1 network-cost 50
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icecandidate'
[Log] PeerConnectionBackend::doneGatheringCandidates(6FABB4D9) Finished ice candidate gathering
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icecandidate'
[Log] RTCPeerConnection::updateIceGatheringState(6FABB4D9) complete
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'icegatheringstatechange'
[Log] MediaStreamTrack::stopTrack(C4B26C3DDFE44905) 1
[Log] MediaStreamTrackPrivate::endTrack(C4B26C3DDFE44905) 
[Log] MediaStreamTrackPrivate::updateReadyState(C4B26C3DDFE44905) Ended
[Log] MediaStreamTrackPrivate::preventSourceFromStopping(C4B26C3DDFE44905) true
[Log] RealtimeIncomingAudioSource::requestToEnd(C4B26C3DDFE44905) 
[Log] RealtimeIncomingAudioSource::end(C4B26C3DDFE44905) 
[Log] MediaStreamTrack::trackEnded(C4B26C3DDFE44905) 
[Log] MediaStreamTrack::trackEnded(C4B26C3DDFE44905) firing 'ended' event
[Log] RTCPeerConnection::setSignalingState(6FABB4D9) stable
[Info] RTCPeerConnection::dispatchEvent(6FABB4D9) dispatching 'signalingstatechange'
---------

Comment 1 Kyutae Lee 2021-11-21 23:05:35 PST

I want to clarify that, when I said "the host address is obfuscated", I mean host candidate IP address obfuscation by using mDNS.

And, for your information, here's a link to the related question in Stack Overflow which I posted:
https://stackoverflow.com/q/61629450/8581025

Comment 2 Kyutae Lee 2021-11-22 00:05:22 PST

And it seems that Chromium and Firefox have the same bug now.
For your information, the links of the bug reports are at the following.

Chromium: https://bugs.chromium.org/p/webrtc/issues/detail?id=13426
FireFox: https://bugzilla.mozilla.org/show_bug.cgi?id=1742337

Comment 3 Radar WebKit Bug Importer 2021-11-22 00:45:51 PST

<rdar://problem/85661079>

Comment 4 Kyutae Lee 2022-12-01 22:16:14 PST

This bug is fixed by a patch in upstream (it's my contribution!):
https://webrtc.googlesource.com/src/+/7eea6672285f765599fd883a5737f5cae8d20917

And the patch begins to be applied on Chromium with version 110.0.5452.0 (https://chromium.googlesource.com/chromium/src.git/+/refs/tags/110.0.5452.0%5E%21/).

Comment 5 youenn fablet 2022-12-06 08:16:09 PST

Pull request: https://github.com/WebKit/WebKit/pull/7203

Comment 6 Kyutae Lee 2022-12-07 01:28:38 PST

Oh, I didn't know that a patch, onto a third party package, like this can be pull-requested to the public Webkit repository. Thank you!

Comment 7 EWS 2022-12-07 08:36:05 PST

Committed 257481@main (8d4875ea0114): <https://commits.webkit.org/257481@main>

Reviewed commits have been landed. Closing PR #7203 and removing active labels.