Bug 1554976 - Add plumbing to enable/disable host address obfuscation; r=mjf
☠☠ backed out by 5b1d527eacfc ☠ ☠
authorDan Minor <dminor@mozilla.com>
Wed, 28 Aug 2019 13:11:33 +0000
changeset 554150 b49b4326dcfddfe241ad49a29371367a77113d2a
parent 554149 e2c837d1e0a01f13e29842b9b18b81d32e799809
child 554151 24f146b86cc49fa966ce84fdf2943cdd0b70c79b
push id2165
push userffxbld-merge
push dateMon, 14 Oct 2019 16:30:58 +0000
treeherdermozilla-release@0eae18af659f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmjf
bugs1554976
milestone70.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1554976 - Add plumbing to enable/disable host address obfuscation; r=mjf This only enables mDNS on OS X for now. Some versions of Windows lack mDNS support, there are some oddities with resolving IPv6 addresses on Linux, and Android has not yet been tested. All of these will be addressed in follow on bugs. Differential Revision: https://phabricator.services.mozilla.com/D38496
dom/media/webrtc/MediaTransportParent.h
dom/media/webrtc/PMediaTransport.ipdl
media/mtransport/nricectx.cpp
media/mtransport/nricectx.h
media/mtransport/test/ice_unittest.cpp
media/mtransport/test/transport_unittests.cpp
media/webrtc/signaling/gtest/mediapipeline_unittest.cpp
media/webrtc/signaling/src/peerconnection/MediaTransportHandler.cpp
media/webrtc/signaling/src/peerconnection/MediaTransportHandler.h
media/webrtc/signaling/src/peerconnection/MediaTransportHandlerIPC.cpp
media/webrtc/signaling/src/peerconnection/MediaTransportHandlerIPC.h
media/webrtc/signaling/src/peerconnection/MediaTransportParent.cpp
media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp
media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.h
modules/libpref/init/all.js
--- a/dom/media/webrtc/MediaTransportParent.h
+++ b/dom/media/webrtc/MediaTransportParent.h
@@ -28,17 +28,18 @@ class MediaTransportParent : public dom:
                                              const net::LoadInfoArgs& args,
                                              const nsCString& alpn);
   mozilla::ipc::IPCResult RecvEnsureProvisionalTransport(
       const string& transportId, const string& localUfrag,
       const string& localPwd, const int& componentCount);
   mozilla::ipc::IPCResult RecvSetTargetForDefaultLocalAddressLookup(
       const string& targetIp, uint16_t targetPort);
   mozilla::ipc::IPCResult RecvStartIceGathering(
-      const bool& defaultRouteOnly, const net::NrIceStunAddrArray& stunAddrs);
+      const bool& defaultRouteOnly, const bool& obfuscateAddresses,
+      const net::NrIceStunAddrArray& stunAddrs);
   mozilla::ipc::IPCResult RecvActivateTransport(
       const string& transportId, const string& localUfrag,
       const string& localPwd, const int& componentCount,
       const string& remoteUfrag, const string& remotePwd,
       nsTArray<uint8_t>&& keyDer, nsTArray<uint8_t>&& certDer,
       const int& authType, const bool& dtlsClient,
       const DtlsDigestList& digests, const bool& privacyRequested);
   mozilla::ipc::IPCResult RecvRemoveTransportsExcept(
--- a/dom/media/webrtc/PMediaTransport.ipdl
+++ b/dom/media/webrtc/PMediaTransport.ipdl
@@ -54,16 +54,17 @@ parent:
                                    string localUfrag,
                                    string localPwd,
                                    int componentCount);
 
   async SetTargetForDefaultLocalAddressLookup(string targetIp,
                                               uint16_t targetPort);
 
   async StartIceGathering(bool defaultRouteOnly,
+                          bool obfuscateHostAddresses,
                           NrIceStunAddrArray stunAddrs);
 
   async ActivateTransport(string transportId,
                           string localUfrag,
                           string localPwd,
                           int componentCount,
                           string remoteUfrag,
                           string remotePwd,
--- a/media/mtransport/nricectx.cpp
+++ b/media/mtransport/nricectx.cpp
@@ -271,17 +271,18 @@ NrIceCtx::NrIceCtx(const std::string& na
       ctx_(nullptr),
       peer_(nullptr),
       ice_handler_vtbl_(nullptr),
       ice_handler_(nullptr),
       trickle_(true),
       policy_(policy),
       nat_(nullptr),
       proxy_config_(nullptr),
-      proxy_only_(false) {}
+      proxy_only_(false),
+      obfuscate_host_addresses_(false) {}
 
 /* static */
 RefPtr<NrIceCtx> NrIceCtx::Create(const std::string& name, bool allow_loopback,
                                   bool tcp_enabled, bool allow_link_local,
                                   Policy policy) {
   // InitializeGlobals only executes once
   NrIceCtx::InitializeGlobals(allow_loopback, tcp_enabled, allow_link_local);
 
@@ -858,19 +859,22 @@ void NrIceCtx::SetCtxFlags(bool default_
 
   if (proxy_only) {
     nr_ice_ctx_add_flags(ctx_, NR_ICE_CTX_FLAGS_ONLY_PROXY);
   } else {
     nr_ice_ctx_remove_flags(ctx_, NR_ICE_CTX_FLAGS_ONLY_PROXY);
   }
 }
 
-nsresult NrIceCtx::StartGathering(bool default_route_only, bool proxy_only) {
+nsresult NrIceCtx::StartGathering(bool default_route_only, bool proxy_only,
+                                  bool obfuscate_host_addresses) {
   ASSERT_ON_THREAD(sts_target_);
 
+  obfuscate_host_addresses_ = obfuscate_host_addresses;
+
   SetGatheringState(ICE_CTX_GATHER_STARTED);
 
   SetCtxFlags(default_route_only, proxy_only);
 
   proxy_only_ = proxy_only;
 
   // This might start gathering for the first time, or again after
   // renegotiation, or might do nothing at all if gathering has already
@@ -1037,17 +1041,17 @@ void NrIceCtx::SetGatheringState(Gatheri
   gathering_state_ = state;
 
   SignalGatheringStateChange(this, state);
 }
 
 void NrIceCtx::GenerateObfuscatedAddress(nr_ice_candidate* candidate,
                                          std::string* mdns_address,
                                          std::string* actual_address) {
-  if (candidate->type == HOST) {
+  if (candidate->type == HOST && obfuscate_host_addresses_) {
     int r;
     char addr[64];
     if ((r = nr_transport_addr_get_addrstring(&candidate->addr, addr,
                                               sizeof(addr)))) {
       return;
     }
 
     *actual_address = addr;
--- a/media/mtransport/nricectx.h
+++ b/media/mtransport/nricectx.h
@@ -306,17 +306,18 @@ class NrIceCtx {
     return proxy_config_;
   }
 
   void SetCtxFlags(bool default_route_only, bool proxy_only);
 
   bool proxy_only() const { return proxy_only_; }
 
   // Start ICE gathering
-  nsresult StartGathering(bool default_route_only, bool proxy_only);
+  nsresult StartGathering(bool default_route_only, bool proxy_only,
+                          bool obfuscate_host_addresses);
 
   // Start checking
   nsresult StartChecks();
 
   // Notify that the network has gone online/offline
   void UpdateNetworkState(bool online);
 
   // Finalize the ICE negotiation. I.e., there will be no
@@ -390,13 +391,14 @@ class NrIceCtx {
   nr_ice_handler_vtbl* ice_handler_vtbl_;  // Must be pointer
   nr_ice_handler* ice_handler_;            // Must be pointer
   bool trickle_;
   nsCOMPtr<nsIEventTarget> sts_target_;  // The thread to run on
   Policy policy_;
   RefPtr<TestNat> nat_;
   std::shared_ptr<NrSocketProxyConfig> proxy_config_;
   bool proxy_only_;
+  bool obfuscate_host_addresses_;
   std::map<std::string, std::string> obfuscated_host_addresses_;
 };
 
 }  // namespace mozilla
 #endif
--- a/media/mtransport/test/ice_unittest.cpp
+++ b/media/mtransport/test/ice_unittest.cpp
@@ -532,17 +532,17 @@ class IceTestPeer : public sigslot::has_
         NS_SUCCEEDED(ice_ctx_->SetResolver(dns_resolver_->AllocateResolver())));
   }
 
   void Gather(bool default_route_only = false) {
     nsresult res;
 
     test_utils_->sts_target()->Dispatch(
         WrapRunnableRet(&res, ice_ctx_, &NrIceCtx::StartGathering,
-                        default_route_only, false),
+                        default_route_only, false, false),
         NS_DISPATCH_SYNC);
 
     ASSERT_TRUE(NS_SUCCEEDED(res));
   }
 
   void UseNat() { nat_->enabled_ = true; }
 
   void SetTimerDivider(int div) { ice_ctx_->internal_SetTimerAccelarator(div); }
--- a/media/mtransport/test/transport_unittests.cpp
+++ b/media/mtransport/test/transport_unittests.cpp
@@ -614,17 +614,17 @@ class TransportTestPeer : public sigslot
 
     // Listen for media events
     dtls_->SignalPacketReceived.connect(this,
                                         &TransportTestPeer::PacketReceived);
     dtls_->SignalStateChange.connect(this, &TransportTestPeer::StateChanged);
 
     // Start gathering
     test_utils_->sts_target()->Dispatch(
-        WrapRunnableRet(&res, ice_ctx_, &NrIceCtx::StartGathering, false,
+        WrapRunnableRet(&res, ice_ctx_, &NrIceCtx::StartGathering, false, false,
                         false),
         NS_DISPATCH_SYNC);
     ASSERT_TRUE(NS_SUCCEEDED(res));
   }
 
   void ConnectIce(TransportTestPeer* peer) {
     peer_ = peer;
 
--- a/media/webrtc/signaling/gtest/mediapipeline_unittest.cpp
+++ b/media/webrtc/signaling/gtest/mediapipeline_unittest.cpp
@@ -162,17 +162,17 @@ class LoopbackTransport : public MediaTr
 
   void SetTargetForDefaultLocalAddressLookup(const std::string& aTargetIp,
                                              uint16_t aTargetPort) override {}
 
   // We set default-route-only as late as possible because it depends on what
   // capture permissions have been granted on the window, which could easily
   // change between Init (ie; when the PC is created) and StartIceGathering
   // (ie; when we set the local description).
-  void StartIceGathering(bool aDefaultRouteOnly,
+  void StartIceGathering(bool aDefaultRouteOnly, bool aObfuscateAddresses,
                          // TODO: It probably makes sense to look
                          // this up internally
                          const nsTArray<NrIceStunAddr>& aStunAddrs) override {}
 
   void ActivateTransport(
       const std::string& aTransportId, const std::string& aLocalUfrag,
       const std::string& aLocalPwd, size_t aComponentCount,
       const std::string& aUfrag, const std::string& aPassword,
--- a/media/webrtc/signaling/src/peerconnection/MediaTransportHandler.cpp
+++ b/media/webrtc/signaling/src/peerconnection/MediaTransportHandler.cpp
@@ -81,17 +81,17 @@ class MediaTransportHandlerSTS : public 
 
   void SetTargetForDefaultLocalAddressLookup(const std::string& aTargetIp,
                                              uint16_t aTargetPort) override;
 
   // We set default-route-only as late as possible because it depends on what
   // capture permissions have been granted on the window, which could easily
   // change between Init (ie; when the PC is created) and StartIceGathering
   // (ie; when we set the local description).
-  void StartIceGathering(bool aDefaultRouteOnly,
+  void StartIceGathering(bool aDefaultRouteOnly, bool aObfuscateHostAddresses,
                          // This will go away once mtransport moves to its
                          // own process, because we won't need to get this
                          // via IPC anymore
                          const nsTArray<NrIceStunAddr>& aStunAddrs) override;
 
   void ActivateTransport(
       const std::string& aTransportId, const std::string& aLocalUfrag,
       const std::string& aLocalPwd, size_t aComponentCount,
@@ -652,17 +652,18 @@ void MediaTransportHandlerSTS::SetTarget
       mStsThread, __func__,
       [=, self = RefPtr<MediaTransportHandlerSTS>(this)]() {
         mIceCtx->SetTargetForDefaultLocalAddressLookup(aTargetIp, aTargetPort);
       },
       [](const std::string& aError) {});
 }
 
 void MediaTransportHandlerSTS::StartIceGathering(
-    bool aDefaultRouteOnly, const nsTArray<NrIceStunAddr>& aStunAddrs) {
+    bool aDefaultRouteOnly, bool aObfuscateHostAddresses,
+    const nsTArray<NrIceStunAddr>& aStunAddrs) {
   mInitPromise->Then(
       mStsThread, __func__,
       [=, self = RefPtr<MediaTransportHandlerSTS>(this)]() {
         if (mIceCtx->GetProxyConfig() && mProxyOnlyIfBehindProxy) {
           mProxyOnly = true;
         }
 
         // Belt and suspenders - in e10s mode, the call below to SetStunAddrs
@@ -672,17 +673,18 @@ void MediaTransportHandlerSTS::StartIceG
         mIceCtx->SetCtxFlags(aDefaultRouteOnly, mProxyOnly);
 
         if (aStunAddrs.Length()) {
           mIceCtx->SetStunAddrs(aStunAddrs);
         }
 
         // Start gathering, but only if there are streams
         if (!mIceCtx->GetStreams().empty()) {
-          mIceCtx->StartGathering(aDefaultRouteOnly, mProxyOnly);
+          mIceCtx->StartGathering(aDefaultRouteOnly, mProxyOnly,
+                                  aObfuscateHostAddresses);
           return;
         }
 
         CSFLogWarn(
             LOGTAG,
             "%s: No streams to start gathering on. Can happen with rollback",
             __FUNCTION__);
 
--- a/media/webrtc/signaling/src/peerconnection/MediaTransportHandler.h
+++ b/media/webrtc/signaling/src/peerconnection/MediaTransportHandler.h
@@ -81,16 +81,17 @@ class MediaTransportHandler {
   virtual void SetTargetForDefaultLocalAddressLookup(
       const std::string& aTargetIp, uint16_t aTargetPort) = 0;
 
   // We set default-route-only as late as possible because it depends on what
   // capture permissions have been granted on the window, which could easily
   // change between Init (ie; when the PC is created) and StartIceGathering
   // (ie; when we set the local description).
   virtual void StartIceGathering(bool aDefaultRouteOnly,
+                                 bool aObfuscateHostAddresses,
                                  // TODO: It probably makes sense to look
                                  // this up internally
                                  const nsTArray<NrIceStunAddr>& aStunAddrs) = 0;
 
   virtual void ActivateTransport(
       const std::string& aTransportId, const std::string& aLocalUfrag,
       const std::string& aLocalPwd, size_t aComponentCount,
       const std::string& aUfrag, const std::string& aPassword,
--- a/media/webrtc/signaling/src/peerconnection/MediaTransportHandlerIPC.cpp
+++ b/media/webrtc/signaling/src/peerconnection/MediaTransportHandlerIPC.cpp
@@ -204,24 +204,25 @@ void MediaTransportHandlerIPC::SetTarget
       [](const nsCString& aError) {});
 }
 
 // We set default-route-only as late as possible because it depends on what
 // capture permissions have been granted on the window, which could easily
 // change between Init (ie; when the PC is created) and StartIceGathering
 // (ie; when we set the local description).
 void MediaTransportHandlerIPC::StartIceGathering(
-    bool aDefaultRouteOnly,
+    bool aDefaultRouteOnly, bool aObfuscateHostAddresses,
     // TODO(bug 1522205): It probably makes sense to look this up internally
     const nsTArray<NrIceStunAddr>& aStunAddrs) {
   mInitPromise->Then(
       mCallbackThread, __func__,
       [=, self = RefPtr<MediaTransportHandlerIPC>(this)](bool /*dummy*/) {
         if (mChild) {
-          mChild->SendStartIceGathering(aDefaultRouteOnly, aStunAddrs);
+          mChild->SendStartIceGathering(aDefaultRouteOnly,
+                                        aObfuscateHostAddresses, aStunAddrs);
         }
       },
       [](const nsCString& aError) {});
 }
 
 void MediaTransportHandlerIPC::ActivateTransport(
     const std::string& aTransportId, const std::string& aLocalUfrag,
     const std::string& aLocalPwd, size_t aComponentCount,
--- a/media/webrtc/signaling/src/peerconnection/MediaTransportHandlerIPC.h
+++ b/media/webrtc/signaling/src/peerconnection/MediaTransportHandlerIPC.h
@@ -38,17 +38,17 @@ class MediaTransportHandlerIPC : public 
 
   void SetTargetForDefaultLocalAddressLookup(const std::string& aTargetIp,
                                              uint16_t aTargetPort) override;
 
   // We set default-route-only as late as possible because it depends on what
   // capture permissions have been granted on the window, which could easily
   // change between Init (ie; when the PC is created) and StartIceGathering
   // (ie; when we set the local description).
-  void StartIceGathering(bool aDefaultRouteOnly,
+  void StartIceGathering(bool aDefaultRouteOnly, bool aObfuscateHostAddresses,
                          // TODO: It probably makes sense to look
                          // this up internally
                          const nsTArray<NrIceStunAddr>& aStunAddrs) override;
 
   void ActivateTransport(
       const std::string& aTransportId, const std::string& aLocalUfrag,
       const std::string& aLocalPwd, size_t aComponentCount,
       const std::string& aUfrag, const std::string& aPassword,
--- a/media/webrtc/signaling/src/peerconnection/MediaTransportParent.cpp
+++ b/media/webrtc/signaling/src/peerconnection/MediaTransportParent.cpp
@@ -153,18 +153,20 @@ mozilla::ipc::IPCResult MediaTransportPa
 mozilla::ipc::IPCResult
 MediaTransportParent::RecvSetTargetForDefaultLocalAddressLookup(
     const std::string& targetIp, uint16_t targetPort) {
   mImpl->mHandler->SetTargetForDefaultLocalAddressLookup(targetIp, targetPort);
   return ipc::IPCResult::Ok();
 }
 
 mozilla::ipc::IPCResult MediaTransportParent::RecvStartIceGathering(
-    const bool& defaultRouteOnly, const net::NrIceStunAddrArray& stunAddrs) {
-  mImpl->mHandler->StartIceGathering(defaultRouteOnly, stunAddrs);
+    const bool& defaultRouteOnly, const bool& obfuscateHostAddresses,
+    const net::NrIceStunAddrArray& stunAddrs) {
+  mImpl->mHandler->StartIceGathering(defaultRouteOnly, obfuscateHostAddresses,
+                                     stunAddrs);
   return ipc::IPCResult::Ok();
 }
 
 mozilla::ipc::IPCResult MediaTransportParent::RecvActivateTransport(
     const string& transportId, const string& localUfrag, const string& localPwd,
     const int& componentCount, const string& remoteUfrag,
     const string& remotePwd, nsTArray<uint8_t>&& keyDer,
     nsTArray<uint8_t>&& certDer, const int& authType, const bool& dtlsClient,
--- a/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp
+++ b/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp
@@ -294,16 +294,28 @@ bool PeerConnectionMedia::GetPrefDefault
 
   bool default_address_only = Preferences::GetBool(
       "media.peerconnection.ice.default_address_only", false);
   default_address_only |=
       !MediaManager::Get()->IsActivelyCapturingOrHasAPermission(winId);
   return default_address_only;
 }
 
+bool PeerConnectionMedia::GetPrefObfuscateHostAddresses() const {
+  ASSERT_ON_THREAD(mMainThread);  // will crash on STS thread
+
+  uint64_t winId = mParent->GetWindow()->WindowID();
+
+  bool obfuscate_host_addresses = Preferences::GetBool(
+      "media.peerconnection.ice.obfuscate_host_addresses", false);
+  obfuscate_host_addresses &=
+      !MediaManager::Get()->IsActivelyCapturingOrHasAPermission(winId);
+  return obfuscate_host_addresses;
+}
+
 void PeerConnectionMedia::ConnectSignals() {
   mTransportHandler->SignalGatheringStateChange.connect(
       this, &PeerConnectionMedia::IceGatheringStateChange_s);
   mTransportHandler->SignalConnectionStateChange.connect(
       this, &PeerConnectionMedia::IceConnectionStateChange_s);
   mTransportHandler->SignalCandidate.connect(
       this, &PeerConnectionMedia::OnCandidateFound_s);
   mTransportHandler->SignalAlpnNegotiated.connect(
@@ -345,17 +357,18 @@ void PeerConnectionMedia::PerformOrEnque
 
 void PeerConnectionMedia::GatherIfReady() {
   ASSERT_ON_THREAD(mMainThread);
 
   // If we had previously queued gathering or ICE start, unqueue them
   mQueuedIceCtxOperations.clear();
   nsCOMPtr<nsIRunnable> runnable(WrapRunnable(
       RefPtr<PeerConnectionMedia>(this),
-      &PeerConnectionMedia::EnsureIceGathering, GetPrefDefaultAddressOnly()));
+      &PeerConnectionMedia::EnsureIceGathering, GetPrefDefaultAddressOnly(),
+      GetPrefObfuscateHostAddresses()));
 
   PerformOrEnqueueIceCtxOperation(runnable);
 }
 
 nsresult PeerConnectionMedia::SetTargetForDefaultLocalAddressLookup() {
   Document* doc = mParent->GetWindow()->GetExtantDoc();
   if (!doc) {
     NS_WARNING("Unable to get document from window");
@@ -395,17 +408,18 @@ nsresult PeerConnectionMedia::SetTargetF
 
     mTransportHandler->SetTargetForDefaultLocalAddressLookup(remoteIp.get(),
                                                              remotePort);
   }
 
   return NS_OK;
 }
 
-void PeerConnectionMedia::EnsureIceGathering(bool aDefaultRouteOnly) {
+void PeerConnectionMedia::EnsureIceGathering(bool aDefaultRouteOnly,
+                                             bool aObfuscateHostAddresses) {
   if (mProxyConfig) {
     // Note that this could check if PrivacyRequested() is set on the PC and
     // remove "webrtc" from the ALPN list.  But that would only work if the PC
     // was constructed with a peerIdentity constraint, not when isolated
     // streams are added.  If we ever need to signal to the proxy that the
     // media is isolated, then we would need to restructure this code.
     mTransportHandler->SetProxyServer(std::move(*mProxyConfig));
     mProxyConfig.reset();
@@ -425,17 +439,18 @@ void PeerConnectionMedia::EnsureIceGathe
   // attempt to gather them (as in non-e10s mode), and this will cause a
   // sandboxing exception in e10s mode.
   if (!mStunAddrs.Length() && XRE_IsContentProcess()) {
     CSFLogInfo(LOGTAG, "%s: No STUN addresses returned from parent process",
                __FUNCTION__);
     return;
   }
 
-  mTransportHandler->StartIceGathering(aDefaultRouteOnly, mStunAddrs);
+  mTransportHandler->StartIceGathering(aDefaultRouteOnly,
+                                       aObfuscateHostAddresses, mStunAddrs);
 }
 
 void PeerConnectionMedia::SelfDestruct() {
   ASSERT_ON_THREAD(mMainThread);
 
   CSFLogDebug(LOGTAG, "%s: ", __FUNCTION__);
 
   mDestroyed = true;
--- a/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.h
+++ b/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.h
@@ -162,19 +162,20 @@ class PeerConnectionMedia : public sigsl
 
   // Manage ICE transports.
   void UpdateTransport(const JsepTransceiver& aTransceiver, bool aForceIceTcp);
 
   void GatherIfReady();
   void FlushIceCtxOperationQueueIfReady();
   void PerformOrEnqueueIceCtxOperation(nsIRunnable* runnable);
   nsresult SetTargetForDefaultLocalAddressLookup();
-  void EnsureIceGathering(bool aDefaultRouteOnly);
+  void EnsureIceGathering(bool aDefaultRouteOnly, bool aObfuscateHostAddresses);
 
   bool GetPrefDefaultAddressOnly() const;
+  bool GetPrefObfuscateHostAddresses() const;
 
   void ConnectSignals();
 
   // ICE events
   void IceGatheringStateChange_s(dom::RTCIceGatheringState aState);
   void IceConnectionStateChange_s(dom::RTCIceConnectionState aState);
   void OnCandidateFound_s(const std::string& aTransportId,
                           const CandidateInfo& aCandidateInfo);
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -546,16 +546,17 @@ pref("media.videocontrols.picture-in-pic
   pref("media.peerconnection.ice.relay_only", false); // Limit candidates to TURN
   pref("media.peerconnection.use_document_iceservers", true);
 
   pref("media.peerconnection.identity.timeout", 10000);
   pref("media.peerconnection.ice.stun_client_maximum_transmits", 7);
   pref("media.peerconnection.ice.trickle_grace_period", 5000);
   pref("media.peerconnection.ice.no_host", false);
   pref("media.peerconnection.ice.default_address_only", false);
+  pref("media.peerconnection.ice.obfuscate_host_addresses", false);
   pref("media.peerconnection.ice.proxy_only_if_behind_proxy", false);
   pref("media.peerconnection.ice.proxy_only", false);
   pref("media.peerconnection.turn.disable", false);
 
   // These values (aec, agc, and noise) are from:
   // media/webrtc/trunk/webrtc/modules/audio_processing/include/audio_processing.h
   #if defined(MOZ_WEBRTC_HARDWARE_AEC_NS)
     pref("media.getusermedia.aec_enabled", false);