Re: No DTLS alert on PeerConnection.close()?
Il giorno lunedì 19 settembre 2016 23:00:49 UTC+2, Nils Ohlmeier ha scritto: > Lorenzo I create bug 1303867 to track and discuss this. > Thanks! Let me know if there's anything else you need me to provide. Lorenzo > Nils > > > On Sep 19, 2016, at 12:53, Nils Ohlmeier wrote: > > > > A security bug around this behavior (which is not disclosed to the public > > yet) has been fixed and uplifted to 48, which probably causes this new > > behavior. > > > > Nils > > > >> On Sep 19, 2016, at 02:22, Lorenzo Miniero wrote: > >> > >> Il giorno lunedì 19 settembre 2016 11:18:52 UTC+2, Martin Thomson ha > >> scritto: > >>> No good info on the bug, which seems plausible. I do have an > >>> observation though: > >>> > >>> You can't rely on DTLS alerts arriving, since they are not > >>> retransmitted. You should use signaling for session termination. > >>> > >> > >> > >> Hi Martin, > >> > >> yep, you're right, and in some modules we're already doing this, although > >> it's not happening in this case which is what made the bug pop up. > >> > >> Thanks, > >> Lorenzo > >> > >> > >>> On Mon, Sep 19, 2016 at 6:44 PM, Lorenzo Miniero > >>> wrote: > Hi, > > I've noticed a weird behaviour that seems to have started happening with > Firefox 48, and is apparently happening with the latest Nightly as well. > It looks like Firefox is not sending a DTLS alert anymore when a > PeerConnection is closed. You can test this easily by opening this web > page in a couple of tabs: > > https://janus.conf.meetecho.com/videocalltest.html > > This is a demo of a WebRTC call with media going through my WebRTC > server. To replicate the issue, just choose two different usernames and > have one call the other, and then have one of the two hangup. This will > result, for both users, in a call to the PeerConnection.close(), and > about:webrtc confirms both PCs are indeed closed, but looking at the > traffic via Wireshark/tcpdump no DTLS alert is sent to the server by > either of them. This makes the server actually unaware of the PC being > closed. > > Is this a known issue? > > Thanks! > Lorenzo > ___ > dev-media mailing list > dev-media@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-media > >> > >> ___ > >> dev-media mailing list > >> dev-media@lists.mozilla.org > >> https://lists.mozilla.org/listinfo/dev-media > > ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: No DTLS alert on PeerConnection.close()?
Lorenzo I create bug 1303867 to track and discuss this. Nils > On Sep 19, 2016, at 12:53, Nils Ohlmeier wrote: > > A security bug around this behavior (which is not disclosed to the public > yet) has been fixed and uplifted to 48, which probably causes this new > behavior. > > Nils > >> On Sep 19, 2016, at 02:22, Lorenzo Miniero wrote: >> >> Il giorno lunedì 19 settembre 2016 11:18:52 UTC+2, Martin Thomson ha scritto: >>> No good info on the bug, which seems plausible. I do have an >>> observation though: >>> >>> You can't rely on DTLS alerts arriving, since they are not >>> retransmitted. You should use signaling for session termination. >>> >> >> >> Hi Martin, >> >> yep, you're right, and in some modules we're already doing this, although >> it's not happening in this case which is what made the bug pop up. >> >> Thanks, >> Lorenzo >> >> >>> On Mon, Sep 19, 2016 at 6:44 PM, Lorenzo Miniero wrote: Hi, I've noticed a weird behaviour that seems to have started happening with Firefox 48, and is apparently happening with the latest Nightly as well. It looks like Firefox is not sending a DTLS alert anymore when a PeerConnection is closed. You can test this easily by opening this web page in a couple of tabs: https://janus.conf.meetecho.com/videocalltest.html This is a demo of a WebRTC call with media going through my WebRTC server. To replicate the issue, just choose two different usernames and have one call the other, and then have one of the two hangup. This will result, for both users, in a call to the PeerConnection.close(), and about:webrtc confirms both PCs are indeed closed, but looking at the traffic via Wireshark/tcpdump no DTLS alert is sent to the server by either of them. This makes the server actually unaware of the PC being closed. Is this a known issue? Thanks! Lorenzo ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media >> >> ___ >> dev-media mailing list >> dev-media@lists.mozilla.org >> https://lists.mozilla.org/listinfo/dev-media > signature.asc Description: Message signed with OpenPGP using GPGMail ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: No DTLS alert on PeerConnection.close()?
A security bug around this behavior (which is not disclosed to the public yet) has been fixed and uplifted to 48, which probably causes this new behavior. Nils > On Sep 19, 2016, at 02:22, Lorenzo Miniero wrote: > > Il giorno lunedì 19 settembre 2016 11:18:52 UTC+2, Martin Thomson ha scritto: >> No good info on the bug, which seems plausible. I do have an >> observation though: >> >> You can't rely on DTLS alerts arriving, since they are not >> retransmitted. You should use signaling for session termination. >> > > > Hi Martin, > > yep, you're right, and in some modules we're already doing this, although > it's not happening in this case which is what made the bug pop up. > > Thanks, > Lorenzo > > >> On Mon, Sep 19, 2016 at 6:44 PM, Lorenzo Miniero wrote: >>> Hi, >>> >>> I've noticed a weird behaviour that seems to have started happening with >>> Firefox 48, and is apparently happening with the latest Nightly as well. It >>> looks like Firefox is not sending a DTLS alert anymore when a >>> PeerConnection is closed. You can test this easily by opening this web page >>> in a couple of tabs: >>> >>> https://janus.conf.meetecho.com/videocalltest.html >>> >>> This is a demo of a WebRTC call with media going through my WebRTC server. >>> To replicate the issue, just choose two different usernames and have one >>> call the other, and then have one of the two hangup. This will result, for >>> both users, in a call to the PeerConnection.close(), and about:webrtc >>> confirms both PCs are indeed closed, but looking at the traffic via >>> Wireshark/tcpdump no DTLS alert is sent to the server by either of them. >>> This makes the server actually unaware of the PC being closed. >>> >>> Is this a known issue? >>> >>> Thanks! >>> Lorenzo >>> ___ >>> dev-media mailing list >>> dev-media@lists.mozilla.org >>> https://lists.mozilla.org/listinfo/dev-media > > ___ > dev-media mailing list > dev-media@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-media signature.asc Description: Message signed with OpenPGP using GPGMail ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: No DTLS alert on PeerConnection.close()?
Il giorno lunedì 19 settembre 2016 11:18:52 UTC+2, Martin Thomson ha scritto: > No good info on the bug, which seems plausible. I do have an > observation though: > > You can't rely on DTLS alerts arriving, since they are not > retransmitted. You should use signaling for session termination. > Hi Martin, yep, you're right, and in some modules we're already doing this, although it's not happening in this case which is what made the bug pop up. Thanks, Lorenzo > On Mon, Sep 19, 2016 at 6:44 PM, Lorenzo Miniero wrote: > > Hi, > > > > I've noticed a weird behaviour that seems to have started happening with > > Firefox 48, and is apparently happening with the latest Nightly as well. It > > looks like Firefox is not sending a DTLS alert anymore when a > > PeerConnection is closed. You can test this easily by opening this web page > > in a couple of tabs: > > > > https://janus.conf.meetecho.com/videocalltest.html > > > > This is a demo of a WebRTC call with media going through my WebRTC server. > > To replicate the issue, just choose two different usernames and have one > > call the other, and then have one of the two hangup. This will result, for > > both users, in a call to the PeerConnection.close(), and about:webrtc > > confirms both PCs are indeed closed, but looking at the traffic via > > Wireshark/tcpdump no DTLS alert is sent to the server by either of them. > > This makes the server actually unaware of the PC being closed. > > > > Is this a known issue? > > > > Thanks! > > Lorenzo > > ___ > > dev-media mailing list > > dev-media@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-media ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
Re: No DTLS alert on PeerConnection.close()?
No good info on the bug, which seems plausible. I do have an observation though: You can't rely on DTLS alerts arriving, since they are not retransmitted. You should use signaling for session termination. On Mon, Sep 19, 2016 at 6:44 PM, Lorenzo Miniero wrote: > Hi, > > I've noticed a weird behaviour that seems to have started happening with > Firefox 48, and is apparently happening with the latest Nightly as well. It > looks like Firefox is not sending a DTLS alert anymore when a PeerConnection > is closed. You can test this easily by opening this web page in a couple of > tabs: > > https://janus.conf.meetecho.com/videocalltest.html > > This is a demo of a WebRTC call with media going through my WebRTC server. To > replicate the issue, just choose two different usernames and have one call > the other, and then have one of the two hangup. This will result, for both > users, in a call to the PeerConnection.close(), and about:webrtc confirms > both PCs are indeed closed, but looking at the traffic via Wireshark/tcpdump > no DTLS alert is sent to the server by either of them. This makes the server > actually unaware of the PC being closed. > > Is this a known issue? > > Thanks! > Lorenzo > ___ > dev-media mailing list > dev-media@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-media ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media
No DTLS alert on PeerConnection.close()?
Hi, I've noticed a weird behaviour that seems to have started happening with Firefox 48, and is apparently happening with the latest Nightly as well. It looks like Firefox is not sending a DTLS alert anymore when a PeerConnection is closed. You can test this easily by opening this web page in a couple of tabs: https://janus.conf.meetecho.com/videocalltest.html This is a demo of a WebRTC call with media going through my WebRTC server. To replicate the issue, just choose two different usernames and have one call the other, and then have one of the two hangup. This will result, for both users, in a call to the PeerConnection.close(), and about:webrtc confirms both PCs are indeed closed, but looking at the traffic via Wireshark/tcpdump no DTLS alert is sent to the server by either of them. This makes the server actually unaware of the PC being closed. Is this a known issue? Thanks! Lorenzo ___ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media