-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Skip HelloVerify Verification for WebRTC connections #2407
Skip HelloVerify Verification for WebRTC connections #2407
Conversation
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## master #2407 +/- ##
==========================================
+ Coverage 77.52% 77.63% +0.11%
==========================================
Files 87 87
Lines 9294 9296 +2
==========================================
+ Hits 7205 7217 +12
+ Misses 1654 1647 -7
+ Partials 435 432 -3
Flags with carried forward coverage won't be shown. Click here to find out more.
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
thank you for the PR! Would you mind making this a SettingEngine option? It would be nice to keep the VerifyHello on by default. |
Remove HelloVerify step to increase connection speed, and match behaviour of browsers' implementation.
659e7cd
to
c7b921d
Compare
Re: @Sean-Der I have finished adopting your suggestions. Please let me know if you have any additional questions or suggestions. |
I have fixed the lint by changing to US word spelling and added test case for setting engine (Its effect is not tested). I will |
I have seen the CI failure about commit message. I will fix it on rebase. |
@xiaokangwang thanks for your pion/dtls#513 Also it can be fixed if we send two messages here: Just need to be changed to:
I don't know why, but this dummy fix also works. |
A packet capture is needed to determine what actually happened. A reasonable guess is that it creates a packet that is still accepted by at least some implementation of WebRTC stack but can't be parsed by censor. |
I will I have seen the CI failure about commit message. I will fix it on rebase. |
Merged with 2a47c12 thank you @xiaokangwang ! |
Description
This is a pull request that set
InsecureSkipVerifyHello
option on webrtc's underlying DTLS connection. This allow the current implementation of webrtc to match browser behavior better and reduce the time to establish a connection.It have been observed that snowflake, a crowdsourced censorship resistant proxy has been blocked in some part of Russia by identifying the transmission of HelloVerify packet. This pull request is a series of pull request to remove this distinguisher.
Reference issue