nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity

Bug 1952706: Disable DTLS 1.3 in webrtc a=pascalc

Browse source 
We had a mistake in our key calculation that when fixed renders our DTLS 1.3
implementation non-interoperable with previous versions of Firefox. We need to
disable DTLS 1.3 until the fix is present on all supported versions of Firefox.

The change also broke some glean tests, which are now fixed.

Also, remove a glean test that was trying to set static prefs.

Original Revision: https://phabricator.services.mozilla.com/D240934

Differential Revision: https://phabricator.services.mozilla.com/D241187
This commit is contained in:
Byron Campen [:bwc] 2025-03-13 10:42:45 +00:00
parent a6e538102e
commit 24846b1e35
2 changed files with 26 additions and 43 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

66
dom/media/webrtc/tests/mochitests/test_peerConnection_glean.html
View file

@ -587,7 +587,7 @@
await gleanResetTestValues();
let client_successes = await GleanTest.webrtcdtls.clientHandshakeResult.SUCCESS.testGetValue() || 0;
let server_successes = await GleanTest.webrtcdtls.serverHandshakeResult.SUCCESS.testGetValue() || 0;
let cipher_count = await GleanTest.webrtcdtls.cipher["0x1301"].testGetValue() || 0;
let cipher_count = await GleanTest.webrtcdtls.cipher["0xc02b"].testGetValue() || 0;
let srtp_cipher_count = await GleanTest.webrtcdtls.srtpCipher["0x0007"].testGetValue() || 0;
is(client_successes, 0);
is(server_successes, 0);
@ -601,7 +601,7 @@
client_successes = await GleanTest.webrtcdtls.clientHandshakeResult.SUCCESS.testGetValue() || 0;
server_successes = await GleanTest.webrtcdtls.serverHandshakeResult.SUCCESS.testGetValue() || 0;
cipher_count = await GleanTest.webrtcdtls.cipher["0x1301"].testGetValue() || 0;
cipher_count = await GleanTest.webrtcdtls.cipher["0xc02b"].testGetValue() || 0;
srtp_cipher_count = await GleanTest.webrtcdtls.srtpCipher["0x0007"].testGetValue() || 0;
is(client_successes, 1);
is(server_successes, 1);
@ -609,27 +609,6 @@
is(srtp_cipher_count, 2);
},
async function checkDtlsCipherPrefs() {
await withPrefs([["security.tls13.aes_128_gcm_sha256", false],
["security.tls13.aes_256_gcm_sha384", false],
["security.tls13.chacha20_poly1305_sha256", true]],
async () => {
const pc1 = new RTCPeerConnection();
const pc2 = new RTCPeerConnection();
await gleanResetTestValues();
let cipher_count = await GleanTest.webrtcdtls.cipher["0x1303"].testGetValue() || 0;
is(cipher_count, 0);
const stream = await navigator.mediaDevices.getUserMedia({ video: true });
pc1.addTrack(stream.getTracks()[0]);
await connect(pc1, pc2, 32000, "DTLS connected", true, true);
cipher_count = await GleanTest.webrtcdtls.cipher["0x1303"].testGetValue() || 0;
is(cipher_count, 2);
});
},
async function checkDtlsHandshakeFailure() {
// We don't have many failures we can induce here, but messing up the
// fingerprint is one way.
@ -681,28 +660,31 @@
},
async function checkDtlsVersion1_3() {
// 1.3 should be the default
const pc1 = new RTCPeerConnection();
const pc2 = new RTCPeerConnection();
await gleanResetTestValues();
let count1_0 = await GleanTest.webrtcdtls.protocolVersion["1.0"].testGetValue() || 0;
let count1_2 = await GleanTest.webrtcdtls.protocolVersion["1.2"].testGetValue() || 0;
let count1_3 = await GleanTest.webrtcdtls.protocolVersion["1.3"].testGetValue() || 0;
is(count1_0, 0);
is(count1_2, 0);
is(count1_3, 0);
// Make 1.3 the default
await withPrefs([["media.peerconnection.dtls.version.max", 772]],
async () => {
const pc1 = new RTCPeerConnection();
const pc2 = new RTCPeerConnection();
await gleanResetTestValues();
let count1_0 = await GleanTest.webrtcdtls.protocolVersion["1.0"].testGetValue() || 0;
let count1_2 = await GleanTest.webrtcdtls.protocolVersion["1.2"].testGetValue() || 0;
let count1_3 = await GleanTest.webrtcdtls.protocolVersion["1.3"].testGetValue() || 0;
is(count1_0, 0);
is(count1_2, 0);
is(count1_3, 0);
const stream = await navigator.mediaDevices.getUserMedia({ video: true });
pc1.addTrack(stream.getTracks()[0]);
const stream = await navigator.mediaDevices.getUserMedia({ video: true });
pc1.addTrack(stream.getTracks()[0]);
await connect(pc1, pc2, 32000, "DTLS connected", true, true);
await connect(pc1, pc2, 32000, "DTLS connected", true, true);
count1_0 = await GleanTest.webrtcdtls.protocolVersion["1.0"].testGetValue() || 0;
count1_2 = await GleanTest.webrtcdtls.protocolVersion["1.2"].testGetValue() || 0;
count1_3 = await GleanTest.webrtcdtls.protocolVersion["1.3"].testGetValue() || 0;
is(count1_0, 0);
is(count1_2, 0);
is(count1_3, 2);
count1_0 = await GleanTest.webrtcdtls.protocolVersion["1.0"].testGetValue() || 0;
count1_2 = await GleanTest.webrtcdtls.protocolVersion["1.2"].testGetValue() || 0;
count1_3 = await GleanTest.webrtcdtls.protocolVersion["1.3"].testGetValue() || 0;
is(count1_0, 0);
is(count1_2, 0);
is(count1_3, 2);
});
},
async function checkDtlsVersion1_2() {

3
modules/libpref/init/all.js
View file

@ -350,8 +350,9 @@ pref("media.videocontrols.keyboard-tab-to-all-controls", true);
#endif
// 770 = DTLS 1.0, 771 = DTLS 1.2, 772 = DTLS 1.3
// TODO(bug 1952950) Re-enable this once 1952706 lands everywhere.
pref("media.peerconnection.dtls.version.min", 771);
pref("media.peerconnection.dtls.version.max", 772);
pref("media.peerconnection.dtls.version.max", 771);
#if defined(XP_MACOSX) && defined(NIGHTLY_BUILD)
// Nightly only due to bug 1908539