commit 22a8c5cf42e5f8ed8ba650ad9b2fb13e6f4953c7
author Philipp Hancke <phancke@meta.com> Thu May 22 15:55:02 2025
committer WebRTC LUCI CQ <webrtc-scoped@luci-project-accounts.iam.gserviceaccount.com> Thu May 22 22:04:40 2025
tree 24906c81e8dcdf5caa646789a92168d9f8e0f132
parent 0f1742e458d2b187a6bf4470352acb6d7387274e

Notify dtls-stun-piggyback controller of DTLS failure

which will stop it from embedded further DTLS packets or ACKs.
Manually tested that the log for
  DTLS-STUN piggybacking not supported by peer.
shows up when running
  rtc_p2p_unittests --gtest_filter="*.TestEventOrdering/59"
  TestEventOrdering/59  # GetParam() = ({ 2, 1, 3, 0 }, false, 3, true)

Bug: webrtc:367395350
Change-Id: I2233abe0da2f2d29f5eded726fd614aaa75e3be2
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/391221
Reviewed-by: Jonas Oreland <jonaso@webrtc.org>
Reviewed-by: Elad Alon <eladalon@webrtc.org>
Reviewed-by: Sameer Vijaykar <samvi@google.com>
Commit-Queue: Philipp Hancke <phancke@meta.com>
Cr-Commit-Position: refs/heads/main@{#44734}

p2p/dtls/dtls_stun_piggyback_controller.cc

diff --git a/p2p/dtls/dtls_stun_piggyback_controller.cc b/p2p/dtls/dtls_stun_piggyback_controller.cc
index 5da36d4..4cc5ffc 100644
--- a/p2p/dtls/dtls_stun_piggyback_controller.cc
+++ b/p2p/dtls/dtls_stun_piggyback_controller.cc
@@ -58,6 +58,17 @@
   state_ = State::PENDING;
 }
 
+void DtlsStunPiggybackController::SetDtlsFailed() {
+  RTC_DCHECK_RUN_ON(&sequence_checker_);
+
+  if (state_ == State::TENTATIVE || state_ == State::CONFIRMED ||
+      state_ == State::PENDING) {
+    RTC_LOG(LS_INFO)
+        << "DTLS-STUN piggybacking DTLS failed during negotiation.";
+  }
+  state_ = State::OFF;
+}
+
 void DtlsStunPiggybackController::CapturePacket(ArrayView<const uint8_t> data) {
   RTC_DCHECK_RUN_ON(&sequence_checker_);
   if (!IsDtlsPacket(data)) {

p2p/dtls/dtls_stun_piggyback_controller.h

diff --git a/p2p/dtls/dtls_stun_piggyback_controller.h b/p2p/dtls/dtls_stun_piggyback_controller.h
index 13a422d..9f9c3e9 100644
--- a/p2p/dtls/dtls_stun_piggyback_controller.h
+++ b/p2p/dtls/dtls_stun_piggyback_controller.h
@@ -62,8 +62,10 @@
     return state_;
   }
 
-  // Called by DtlsTransport when handshake is complete.
+  // Called by DtlsTransport when the handshake is complete.
   void SetDtlsHandshakeComplete(bool is_dtls_client, bool is_dtls13);
+  // Called by DtlsTransport when DTLS failed.
+  void SetDtlsFailed();
 
   // Intercepts DTLS packets which should go into the STUN packets during the
   // handshake.

p2p/dtls/dtls_transport.cc

diff --git a/p2p/dtls/dtls_transport.cc b/p2p/dtls/dtls_transport.cc
index 0d8f263..bcbf7ec 100644
--- a/p2p/dtls/dtls_transport.cc
+++ b/p2p/dtls/dtls_transport.cc
@@ -1032,6 +1032,9 @@
                       << static_cast<int>(dtls_state_) << " to "
                       << static_cast<int>(state);
   dtls_state_ = state;
+  if (dtls_state_ == DtlsTransportState::kFailed) {
+    dtls_stun_piggyback_controller_.SetDtlsFailed();
+  }
   SendDtlsState(this, state);
 }
 

p2p/dtls/dtls_transport_unittest.cc

diff --git a/p2p/dtls/dtls_transport_unittest.cc b/p2p/dtls/dtls_transport_unittest.cc
index d7a2f7f..0fc2814 100644
--- a/p2p/dtls/dtls_transport_unittest.cc
+++ b/p2p/dtls/dtls_transport_unittest.cc
@@ -1489,9 +1489,9 @@
             std::vector<DtlsTransportInternalImplEvent>{
                 CALLER_RECEIVES_CLIENTHELLO, CALLER_WRITABLE,
                 HANDSHAKE_FINISHES, CALLER_RECEIVES_FINGERPRINT}),
-        ::testing::Bool(),
+        /*valid_fingerprint=*/::testing::Bool(),
         ::testing::Values(SSL_PROTOCOL_DTLS_12, SSL_PROTOCOL_DTLS_13),
-        ::testing::Bool()));
+        /*pqc=*/::testing::Bool()));
 
 class DtlsTransportInternalImplDtlsInStunTest
     : public DtlsTransportInternalImplVersionTest {