Bug 1534734: Make jsep-initial-offer.https.html a little less strict on SHOULD-level requirements. r=jib
authorByron Campen [:bwc] <docfaraday@gmail.com>
Fri, 15 Mar 2019 16:19:11 +0000
changeset 522063 72191d86e0be8fdf02e51ff33799d89924ed00bd
parent 522062 4a163024784b60fd4130d8c46e38a35814e4f575
child 522074 3bac6d709aac4105cf228ddd11f9f68711288f1a
push id10871
push usercbrindusan@mozilla.com
push dateMon, 18 Mar 2019 15:49:32 +0000
treeherdermozilla-beta@018abdd16060 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjib
bugs1534734
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1534734: Make jsep-initial-offer.https.html a little less strict on SHOULD-level requirements. r=jib Differential Revision: https://phabricator.services.mozilla.com/D23332
testing/web-platform/meta/webrtc/protocol/jsep-initial-offer.https.html.ini
testing/web-platform/tests/webrtc/protocol/jsep-initial-offer.https.html
deleted file mode 100644
--- a/testing/web-platform/meta/webrtc/protocol/jsep-initial-offer.https.html.ini
+++ /dev/null
@@ -1,5 +0,0 @@
-[jsep-initial-offer.https.html]
-  [Offer conforms to basic SDP requirements]
-    expected: FAIL
-    bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1504477
-
--- a/testing/web-platform/tests/webrtc/protocol/jsep-initial-offer.https.html
+++ b/testing/web-platform/tests/webrtc/protocol/jsep-initial-offer.https.html
@@ -11,25 +11,31 @@
   // draft-ietf-rtcweb-jsep-24 section 5.2.1
   promise_test(async t => {
     const pc = new RTCPeerConnection();
     const offer = await generateVideoReceiveOnlyOffer(pc);
     let offer_lines = offer.sdp.split('\r\n');
     // The first 3 lines are dictated by JSEP.
     assert_equals(offer_lines[0], "v=0");
     assert_equals(offer_lines[1].slice(0, 2), "o=");
-    // JSEP says that the address part SHOULD be a meaningless address
-    // "such as" IN IP4 127.0.0.1. We do strict matching here in order
-    // to detect if anyone ever uses something different.
-    assert_regexp_match(offer_lines[1], /^o=- \d+ \d+ IN IP4 127.0.0.1$/);
-    const fields = RegExp(/^o=- (\d+) (\d+)/).exec(offer_lines[1]);
+
+    assert_regexp_match(offer_lines[1], /^o=\S+ \d+ \d+ IN IP4 \S+$/);
+    const fields = RegExp(/^o=\S+ (\d+) (\d+) IN IP4 (\S+)/).exec(offer_lines[1]);
     // Per RFC 3264, the sess-id should be representable in an uint64
     // Note: JSEP -24 has this wrong - see bug:
     // https://github.com/rtcweb-wg/jsep/issues/855
     assert_less_than(Number(fields[1]), 2**64);
     // Per RFC 3264, the version should be less than 2^62 to avoid overflow
     assert_less_than(Number(fields[2]), 2**62);
-    // Note: using - in s=- is a SHOULD in JSEP, not a MUST.
-    assert_equals(offer_lines[2], "s=-");
+    // JSEP says that the address part SHOULD be a meaningless address
+    // "such as" IN IP4 0.0.0.0. This is to prevent unintentional disclosure
+    // of IP addresses, so this is important enough to verify. Right now we
+    // allow 127.0.0.1 and 0.0.0.0, but there are other things we could allow.
+    // Maybe 0.0.0.0/8, 127.0.0.0/8, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24?
+    // (See RFC 3330, RFC 5737)
+    assert_true(fields[3] == "0.0.0.0" || fields[3] == "127.0.0.1",
+      fields[3] + " must be a meaningless IPV4 address")
+
+    assert_regexp_match(offer_lines[2], /^s=\S+$/);
     // After this, the order is not dictated by JSEP.
     // TODO: Check lines subsequent to the s= line.
   }, 'Offer conforms to basic SDP requirements');
 </script>