tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE
commit 85eb7bd934122345b8271e0c74ac686f24011ed0
parent 9e275bc2ba12cec95899067c9f132bfc6bf385be
Author: Dan Baker <dbaker@mozilla.com>
Date:   Mon, 27 Oct 2025 12:53:26 -0600

Bug 1995393 - Vendor libwebrtc from 4221e1bc2f

We already cherry-picked this when we vendored 36ea4535a5.

Upstream commit: https://webrtc.googlesource.com/src/+/4221e1bc2fc360448c1663f0bbae058ff9f65a48
    DTLS1.3: Fix missing retransmission due to failure to set timer.

    DTLS 1.3 considers itself connected earlier than DTLS 1.2 did - when
    second flight reaches the client. This CL fixes a bug that when
    client is connected (state_ != SSL_CONNECTING), it would not
    continue retransmitting. Continuous retransmission is needed
    when the third flight is lost multiple times. Or really anytime that DTLS request it :)

    This fixes the TODO in dtls_ice_integrationtest.cc in which dtls1.3
    spuriously failed with certain (packet loss intensive) configurations.

    CREDITS: sergeysu@ that found and fixed the problem!

    Bug: chromium:441245658
    Change-Id: I3302f6f384d7e4cda090184094a6fadaf7e4f129
    Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/406320
    Reviewed-by: Tomas Gunnarsson <tommi@webrtc.org>
    Reviewed-by: Harald Alvestrand <hta@webrtc.org>
    Commit-Queue: Jonas Oreland <jonaso@webrtc.org>
    Cr-Commit-Position: refs/heads/main@{#45439}

Diffstat:

Mthird_party/libwebrtc/README.mozilla.last-vendor | 4++--


Dthird_party/libwebrtc/moz-patch-stack/4221e1bc2f.no-op-cherry-pick-msg | 1-


Dthird_party/libwebrtc/moz-patch-stack/p0001.patch | 109-------------------------------------------------------------------------------


3 files changed, 2 insertions(+), 112 deletions(-)

diff --git a/third_party/libwebrtc/README.mozilla.last-vendor b/third_party/libwebrtc/README.mozilla.last-vendor
@@ -1,4 +1,4 @@
 # ./mach python dom/media/webrtc/third_party_build/vendor-libwebrtc.py --from-local /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc --commit mozpatches libwebrtc
-libwebrtc updated from /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc commit mozpatches on 2025-10-27T18:50:25.655029+00:00.
+libwebrtc updated from /Users/danielbaker/elm/.moz-fast-forward/moz-libwebrtc commit mozpatches on 2025-10-27T18:53:10.736509+00:00.
 # base of lastest vendoring
-f9af67ca78
+4221e1bc2f
diff --git a/third_party/libwebrtc/moz-patch-stack/4221e1bc2f.no-op-cherry-pick-msg b/third_party/libwebrtc/moz-patch-stack/4221e1bc2f.no-op-cherry-pick-msg
@@ -1 +0,0 @@
-We already cherry-picked this when we vendored 36ea4535a5.
diff --git a/third_party/libwebrtc/moz-patch-stack/p0001.patch b/third_party/libwebrtc/moz-patch-stack/p0001.patch
@@ -1,109 +0,0 @@
-From: Jonas Oreland <jonaso@webrtc.org>
-Date: Tue, 26 Aug 2025 15:57:29 +0200
-Subject: (cherry-pick-branch-heads/7339) [M140] DTLS1.3: Fix missing
- retransmission due to failure to set timer.
-
-DTLS 1.3 considers itself connected earlier than DTLS 1.2 did - when
-second flight reaches the client. This CL fixes a bug that when
-client is connected (state_ != SSL_CONNECTING), it would not
-continue retransmitting. Continuous retransmission is needed
-when the third flight is lost multiple times. Or really anytime that DTLS request it :)
-
-This fixes the TODO in dtls_ice_integrationtest.cc in which dtls1.3
-spuriously failed with certain (packet loss intensive) configurations.
-
-CREDITS: sergeysu@ that found and fixed the problem!
-
-(cherry picked from commit 4221e1bc2fc360448c1663f0bbae058ff9f65a48)
-
-No-Try: true
-Bug: chromium:441245658, chromium:441486101
-Change-Id: I3302f6f384d7e4cda090184094a6fadaf7e4f129
-Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/406320
-Reviewed-by: Tomas Gunnarsson <tommi@webrtc.org>
-Reviewed-by: Harald Alvestrand <hta@webrtc.org>
-Commit-Queue: Jonas Oreland <jonaso@webrtc.org>
-Cr-Original-Commit-Position: refs/heads/main@{#45439}
-Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/407780
-Commit-Queue: Guido Urdaneta <guidou@webrtc.org>
-Cr-Commit-Position: refs/branch-heads/7339@{#2}
-Cr-Branched-From: 9bd64751d9b3b35a820cb72c9029993e218146a1-refs/heads/main@{#45270}
----
- p2p/dtls/dtls_ice_integrationtest.cc |  6 +-----
- rtc_base/openssl_stream_adapter.cc   | 15 ++++++++++++---
- rtc_base/openssl_stream_adapter.h    |  2 ++
- 3 files changed, 15 insertions(+), 8 deletions(-)
-
-diff --git a/p2p/dtls/dtls_ice_integrationtest.cc b/p2p/dtls/dtls_ice_integrationtest.cc
-index c0011ca677..b6b8d40b5d 100644
---- a/p2p/dtls/dtls_ice_integrationtest.cc
-+++ b/p2p/dtls/dtls_ice_integrationtest.cc
-@@ -127,11 +127,7 @@ class DtlsIceIntegrationTest : public ::testing::TestWithParam<std::tuple<
- 
-     BuiltInNetworkBehaviorConfig networkBehavior;
-     networkBehavior.link_capacity = DataRate::KilobitsPerSec(220);
--    // TODO (webrtc:383141571) : Investigate why this testcase fails for
--    // DTLS 1.3 delay if networkBehavior.queue_delay_ms = 100ms.
--    // - unless both peers support dtls in stun, in which case it passes.
--    // - note: only for dtls1.3, it works for dtls1.2!
--    networkBehavior.queue_delay_ms = 50;
-+    networkBehavior.queue_delay_ms = 100;
-     networkBehavior.queue_length_packets = 30;
-     networkBehavior.loss_percent = 50;
- 
-diff --git a/rtc_base/openssl_stream_adapter.cc b/rtc_base/openssl_stream_adapter.cc
-index 4acbb55890..2b45d37df7 100644
---- a/rtc_base/openssl_stream_adapter.cc
-+++ b/rtc_base/openssl_stream_adapter.cc
-@@ -852,10 +852,15 @@ void OpenSSLStreamAdapter::SetTimeout(int delay_ms) {
-           // We check the timer even after SSL_CONNECTED,
-           // but ContinueSSL() is only needed when SSL_CONNECTING
-           if (state_ == SSL_CONNECTING) {
-+            // Note: timeout is set inside ContinueSSL()
-             ContinueSSL();
-+          } else if (state_ == SSL_CONNECTED) {
-+            MaybeSetTimeout();
-+          } else {
-+            RTC_DCHECK_NOTREACHED() << "state_: " << state_;
-           }
-         } else {
--          RTC_DCHECK_NOTREACHED();
-+          RTC_DCHECK_NOTREACHED() << "flag->alive() == false";
-         }
-         // This callback will never run again (stopped above).
-         return TimeDelta::PlusInfinity();
-@@ -970,6 +975,12 @@ int OpenSSLStreamAdapter::ContinueSSL() {
-     }
-   }
- 
-+  MaybeSetTimeout();
-+
-+  return 0;
-+}
-+
-+void OpenSSLStreamAdapter::MaybeSetTimeout() {
-   if (ssl_ != nullptr) {
-     struct timeval timeout;
-     if (DTLSv1_get_timeout(ssl_, &timeout)) {
-@@ -977,8 +988,6 @@ int OpenSSLStreamAdapter::ContinueSSL() {
-       SetTimeout(delay);
-     }
-   }
--
--  return 0;
- }
- 
- void OpenSSLStreamAdapter::Error(absl::string_view context,
-diff --git a/rtc_base/openssl_stream_adapter.h b/rtc_base/openssl_stream_adapter.h
-index 856d37c156..c10e93e3d4 100644
---- a/rtc_base/openssl_stream_adapter.h
-+++ b/rtc_base/openssl_stream_adapter.h
-@@ -210,6 +210,8 @@ class OpenSSLStreamAdapter final : public SSLStreamAdapter {
-            !peer_certificate_digest_value_.empty();
-   }
- 
-+  void MaybeSetTimeout();
-+
-   const std::unique_ptr<StreamInterface> stream_;
-   absl::AnyInvocable<void(SSLHandshakeError)> handshake_error_;
-